A Plant-Wide Industrial Process Control Security Problem
Industrial control systems are a vital part of the critical infrastructure. The potentially large impact of a failure makes them attractive targets for adversaries. Unfortunately, simplistic approaches to intrusion detection using protocol analysis or naïve statistical estimation techniques are inadequate in the face of skilled adversaries who can hide their presence with the appearance of legitimate actions.
This paper describes an approach for identifying malicious activity that involves the use of a path authentication mechanism in combination with state estimation for anomaly detection. The approach provides the ability to reason conjointly over computational structures, and operations and physical states. The well-known Tennessee Eastman reference problem is used to illustrate the efficacy of the approach.
KeywordsIndustrial control systems subversion detection
- 2.M. Coutinho, G. Lambert-Torres, L. da Silva, J. da Silva, J. Neto, E. da Costa Bortoni and H. Lazarek, Attack and fault identification in electric power control systems: An approach to improve security, Proceedings of the Power Tech Conference, pp. 103–107, 2007.Google Scholar
- 6.D. Gamez, S. Nadjm-Tehrani, J. Bigham, C. Balducelli, K. Burbeck and T. Chyssler, Safeguarding critical infrastructures, in Dependable Computing Systems: Paradigms, Performance Issues and Applications, H. Diab and A. Zomaya (Eds.), John Wiley, Hoboken, New Jersey, pp. 479–499, 2005.Google Scholar
- 7.T. Kraus, P. Kuhl, L. Wirsching, H. Bock and M. Diehl, A moving horizon state estimation algorithm applied to the Tennessee Eastman benchmark process, Proceedings of the IEEE International Conference on Multisensor Fusion and Integration for Intelligent Systems, pp. 377–382, 2006.CrossRefGoogle Scholar
- 9.T. McEvoy and S. Wolthusen, A formal adversary capability model for SCADA environments, presented at the Fifth International Workshop on Critical Information Infrastructure Security, 2010.Google Scholar