Using Physical Models for Anomaly Detection in Control Systems

  • Nils Svendsen
  • Stephen Wolthusen
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 311)


Supervisory control and data acquisition (SCADA) systems are increasingly used to operate critical infrastructure assets. However, the inclusion of advanced information technology and communications components and elaborate control strategies in SCADA systems increase the threat surface for external and subversion-type attacks. The problems are exacerbated by site-specific properties of SCADA environments that make subversion detection impractical; and by sensor noise and feedback characteristics that degrade conventional anomaly detection systems. Moreover, potential attack mechanisms are ill-defined and may include both physical and logical aspects.

This paper employs an explicit model of a SCADA system in order to reduce the uncertainty inherent in anomaly detection. Detection is enhanced by incorporating feedback loops in the model. The effectiveness of the approach is demonstrated using a model of a hydroelectric power plant for which several attack vectors are described.


SCADA systems anomaly detection hydroelectric power plant 


  1. 1.
    J. Bigham, D. Gamez and N. Lu, Safeguarding SCADA systems with anomaly detection, Proceedings of the Second International Workshop on Mathematical Methods, Models and Architectures for Computer Network Security, pp. 171–182, 2003.Google Scholar
  2. 2.
    S. Cheung, B. Dutertre, M. Fong, U. Lindqvist, K. Skinner and A. Valdes, Using model-based intrusion detection for SCADA networks, Proceedings of the SCADA Security Scientific Symposium, 2007.Google Scholar
  3. 3.
    E. de Jaeger, N. Janssens, B. Malfliet and B. van de Meulebroeke, Hydro turbine model for system dynamics studies, IEEE Transactions on Power Systems, vol. 9(4), pp. 1709–1715, 1994.CrossRefGoogle Scholar
  4. 4.
    J. Edmonds, M. Papa and S. Shenoi, Security analysis of multilayer SCADA protocols, in Critical Infrastructure Protection, E. Goetz and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 205–221, 2007.CrossRefGoogle Scholar
  5. 5.
    I. Eker, The design of robust multi-loop cascaded hydro governors, Engineering with Computers, vol. 20(1), pp. 45–53, 2004.CrossRefGoogle Scholar
  6. 6.
    C. Gonzalez-Perez and B. Wollenberg, Analysis of massive measurement loss in large-scale power system state estimation, IEEE Transactions on Power Systems, vol. 16(4), pp. 825–832, 2001.CrossRefGoogle Scholar
  7. 7.
    L. Grigsby (Ed.), Electric Power Engineering Handbook, CRC Press, Boca Raton, Florida, 2007.Google Scholar
  8. 8.
    IEEE, IEEE Standard 1249-1996: IEEE Guide for Computer-Based Control for Hydroelectric Power Plant Automation, Piscataway, New Jersey, 1996.Google Scholar
  9. 9.
    IEEE, IEEE Standard 1010-2006: IEEE Guide for Control of Hydroelectric Power Plants, Piscataway, New Jersey, 2006.Google Scholar
  10. 10.
    P. Isasi, J. Molina-Lopez and A. Sanchis de Miguel, Unsupervised neural network for forecasting alarms in a hydroelectric power plant, Proceedings of the International Conference on Artificial and Natural Neural Networks, pp. 1298–1306, 1997.Google Scholar
  11. 11.
    E. Johansson, T. Sommestad and M. Ekstedt, Security issues for SCADA systems within power distribution, Proceedings of the Nordic Distribution and Asset Management Conference, 2008.Google Scholar
  12. 12.
    A. Kjolle, Hydropower in Norway: Mechanical Equipment, Technical Report, Norwegian University of Science and Technology, Trondheim, Norway, 2001.Google Scholar
  13. 13.
    National Security Telecommunications Advisory Committee, Electric Power Risk Assessment, Technical Report, Washington, DC, 1997.Google Scholar
  14. 14.
    C. Nicolet, P. Allenbach, J. Simond and F. Avellan, Modeling and numerical simulation of a complete hydroelectric production site, Proceedings of the IEEE Lausanne Power Tech Conference, pp. 1044–1048, 2007.Google Scholar
  15. 15.
    P. Oman, A. Krings, D. Conte de Leon and J. Alves-Foss, Analyzing the security and survivability of real-time control systems, Proceedings of the Fifth Annual IEEE SMC Information Assurance Workshop, pp. 342–349, 2004.Google Scholar
  16. 16.
    P. Oman and M. Phillips, Intrusion detection and event monitoring in SCADA networks, in Critical Infrastructure Protection, E. Goetz and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 161–173, 2007.CrossRefGoogle Scholar
  17. 17.
    T. Short, Electric Power Distribution Handbook, CRC Press, Boca Raton, Florida, 2004.Google Scholar
  18. 18.
    S. Skogestad and I. Postlethwaite, Multivariable Feedback Control: Analysis and Design, Wiley, Chichester, United Kingdom, 2005.zbMATHGoogle Scholar
  19. 19.
    N. Svendsen and S. Wolthusen, Modeling and detecting anomalies in SCADA systems, in Critical Infrastructure II, M. Papa and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 101–113, 2008.Google Scholar
  20. 20.
    A. Tijsseling, Fluid-structure interaction in liquid-filled pipe systems, Journal of Fluids and Structures, vol. 10(2), pp. 109–146, 1996.CrossRefGoogle Scholar
  21. 21.
    A. Tijsseling, Water hammer with fluid-structure interaction in thick-walled pipes, Computers and Structures, vol. 85 (11-14), pp. 844–851, 2007.CrossRefGoogle Scholar
  22. 22.
    A. Valdes and S. Cheung, Intrusion monitoring in process control systems, Proceedings of the Forty-Second Hawaii International Conference on System Sciences, pp. 1–7, 2009.Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2009

Authors and Affiliations

  • Nils Svendsen
  • Stephen Wolthusen

There are no affiliations available

Personalised recommendations