Abstract
This paper presents an ontological framework that permits formal representations of process control systems, including elements of the process being controlled and the control system itself. A fault diagnosis algorithm based on the ontological model is also presented. The algorithm can identify traditional process elements as well as control system elements (e.g., IP network and SCADA protocol) as fault sources. When these elements are identified as a likely fault source, the possibility exists that the process fault is induced by a cyber intrusion. A laboratory-scale distillation column is used to illustrate the model and the algorithm. Coupled with a well-defined statistical process model, this fault diagnosis approach provides cyber security enhanced fault diagnosis information to plant operators and can help identify that a cyber attack is underway before a major process failure is experienced.
Chapter PDF
Similar content being viewed by others
References
M. Brandle and M. Naedele, Security for process control systems: An overview, IEEE Security and Privacy, vol. 6(6), pp. 24–29, 2008.
M. Bunge, Ontology I: The Furniture of the World; Treatise on Basic Philosophy (Volume 3), Reidel, Boston, Massachusetts, 1977.
A. Burton-Jones and P. Meso, Conceptualizing systems for understanding: An empirical test of decomposition principles in object-oriented analysis, Information Systems Research, vol. 17(1), pp. 38–60, 2006.
R. Esposito, Hackers penetrate water system computers, ABC News, New York (blogs.abcnews.com/theblotter/2006/10/hackers_penetra.html), October 30, 2006.
J. Evermann and Y. Wand, Toward formalizing domain modeling semantics in language syntax, IEEE Transactions on Software Engineering, vol. 31(1), pp. 21–37, 2005.
M. Fickes, Cyber terror, Government Security, July 1, 2008.
J. Graham and P. Ralston, Intelligent computer-based monitoring and fault isolation for industrial processes, International Journal of Computers and Their Applications, vol. 9(3), pp. 147–157, 2002.
T. Gruber, A translation approach to portable ontology specifications, Knowledge Acquisition, vol. 5(2), pp. 199–220, 1993.
J. Guan and J. Graham, Diagnostic reasoning with fault propagation digraph and sequential testing, IEEE Transactions on Systems, Man and Cybernetics, vol. 24(10), pp. 1552–1558, 1994.
V. Igure, S. Laughter and R. Williams, Security issues in SCADA networks, Computers and Security, vol. 25(7), pp. 498–506, 2006.
R. Isermann, Supervision, fault-detection and fault-diagnosis methods – An introduction, Control Engineering Practice, vol. 5(5), pp. 639–652, 1997.
M. Naedele and O. Biderbost, Human-assisted intrusion detection for process control systems, Proceedings of the Second International Conference on Applied Cryptography and Network Security, pp. 216–225, 2004.
N. Narayanan and N. Viswanadham, A methodology for knowledge acquisition and reasoning in failure analysis of systems, IEEE Transactions on Systems, Man and Cybernetics, vol. 17(2), pp. 274–288, 1987.
A. Opdahl and B. Henderson-Sellers, Ontological evaluation of the UML using the Bunge-Wand-Weber model, Software and Systems Modeling, vol. 1(1), pp. 43–67, 2002.
Y. Wand and R. Weber, An ontological model of an information system, IEEE Transactions on Software Engineering, vol. 16(11), pp. 1282–1292, 1990.
Y. Wand and R. Weber, Research commentary: Information systems and conceptual modeling – A research agenda, Information Systems Research, vol. 13(4), pp. 363–376, 2002.
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 IFIP International Federation for Information Processing
About this paper
Cite this paper
Hieb, J., Graham, J., Guan, J. (2009). An Ontology for Identifying Cyber Intrusion Induced Faults in Process Control Systems. In: Palmer, C., Shenoi, S. (eds) Critical Infrastructure Protection III. ICCIP 2009. IFIP Advances in Information and Communication Technology, vol 311. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04798-5_9
Download citation
DOI: https://doi.org/10.1007/978-3-642-04798-5_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-04797-8
Online ISBN: 978-3-642-04798-5
eBook Packages: Computer ScienceComputer Science (R0)