Cyber-Physical Systems are complex systems that integrate physical processes and communication networks like critical infrastructures and industrial plants. Unfortunately, the integration of physical and cyber layers causes also possible issues such as the increased surface of cyber-attacks. A possible example of CPS is the industrial world, which is one of the most important targets of cyber-attacks. Applying protecting architecture as the ones developed for the IT world is not possible due to the specific features of the industrial environment. However, the paper exploits the features of the industrial communication networks to develop an industrial intrusion detection system named Smart Security Probe. This solution has been designed to detect possible anomalies in the network traffic and to help to infer possible anomalies in the data related to the physical processes. S2P has been tested and validated in an environment made of two Programmable Logic Controllers and two Supervisory Control and Data Acquisition systems that are controlling four simulated tanks. The anomaly detection is based on a couple of Interlaced Extended Kalman Filters that are distributed among the controllers and exchange data securely through the Smart Security Probe. The results demonstrate the feasibility of the proposed solution. Copyright (c) 2022 The Authors. This is an open access article under the CC BY-NC-ND license (https://creativecommons.org/licenses/by-nc-nd/4.0/)
Bonagura, V., Foglietta, C., Panzieri, S., Pascucci, F. (2022). Advanced Intrusion Detection System for Industrial Cyber-Physical Systems. In IFAC-PAPERSONLINE (pp.265-270). RADARWEG 29, 1043 NX AMSTERDAM, NETHERLANDS : ELSEVIER [10.1016/j.ifacol.2023.01.083].
Advanced Intrusion Detection System for Industrial Cyber-Physical Systems
Bonagura, V;Foglietta, C;Panzieri, S;Pascucci, F
2022-01-01
Abstract
Cyber-Physical Systems are complex systems that integrate physical processes and communication networks like critical infrastructures and industrial plants. Unfortunately, the integration of physical and cyber layers causes also possible issues such as the increased surface of cyber-attacks. A possible example of CPS is the industrial world, which is one of the most important targets of cyber-attacks. Applying protecting architecture as the ones developed for the IT world is not possible due to the specific features of the industrial environment. However, the paper exploits the features of the industrial communication networks to develop an industrial intrusion detection system named Smart Security Probe. This solution has been designed to detect possible anomalies in the network traffic and to help to infer possible anomalies in the data related to the physical processes. S2P has been tested and validated in an environment made of two Programmable Logic Controllers and two Supervisory Control and Data Acquisition systems that are controlling four simulated tanks. The anomaly detection is based on a couple of Interlaced Extended Kalman Filters that are distributed among the controllers and exchange data securely through the Smart Security Probe. The results demonstrate the feasibility of the proposed solution. Copyright (c) 2022 The Authors. This is an open access article under the CC BY-NC-ND license (https://creativecommons.org/licenses/by-nc-nd/4.0/)I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
