Detecting Sensor Signal Manipulations in Non-Linear Chemical Processes

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Modern process control systems are increasingly vulnerable to subversion. Attacks that directly target production processes are difficult to detect because signature-based approaches are not well-suited to the unique requirements of process control systems. Also, anomaly detection mechanisms have difficulty coping with the non-linearity of industrial processes.
This paper focuses on the problem where attackers gain supervisory control of systems and hide their manipulations in signal noise or conceal computational states. To detect these attacks, we identify suitable proxy measurements for the output of a control system. Utilizing control laws, we compare the estimated system output using real-time numerical simulation along with the actual output to detect attacker manipulations. This approach also helps determine the intervention required to return the process to a safe state.
The approach is demonstrated using a heat exchange process as a case study. By employing an explicit control model rather than a learning system or anomaly detection approach, the minimal requirements on proxy sensors and the need for additional sensors can be characterized. This significantly improves resilience while minimizing cost.
Original languageEnglish
Title of host publicationCritical Infrastructure Protection IV
Subtitle of host publicationFourth Annual IFIP WG 11.10 International Conference on Critical Infrastructure Protection
PublisherSpringer-Verlag
Pages81-94
ISBN (Print)978-3-642-16806-2
DOIs
Publication statusPublished - Mar 2010

Cite this