Controller Cyber-Attack Detection and Isolation
This article deals with the cyber security of industrial control systems. Methods for detecting and isolating process faults and cyber-attacks, consisting of elementary actions named “cybernetic faults” that penetrate the control system and destructively affect its operation, are analysed. FDI fault...
Main Authors: | , , , |
---|---|
Format: | Article |
Language: | English |
Published: |
MDPI AG
2023-03-01
|
Series: | Sensors |
Subjects: | |
Online Access: | https://www.mdpi.com/1424-8220/23/5/2778 |
_version_ | 1797614307021684736 |
---|---|
author | Anna Sztyber-Betley Michał Syfert Jan Maciej Kościelny Zuzanna Górecka |
author_facet | Anna Sztyber-Betley Michał Syfert Jan Maciej Kościelny Zuzanna Górecka |
author_sort | Anna Sztyber-Betley |
collection | DOAJ |
description | This article deals with the cyber security of industrial control systems. Methods for detecting and isolating process faults and cyber-attacks, consisting of elementary actions named “cybernetic faults” that penetrate the control system and destructively affect its operation, are analysed. FDI fault detection and isolation methods and the assessment of control loop performance methods developed in the automation community are used to diagnose these anomalies. An integration of both approaches is proposed, which consists of checking the correct functioning of the control algorithm based on its model and tracking changes in the values of selected control loop performance indicators to supervise the control circuit. A binary diagnostic matrix was used to isolate anomalies. The presented approach requires only standard operating data (process variable (<inline-formula><math xmlns="http://www.w3.org/1998/Math/MathML" display="inline"><semantics><mrow><mi>P</mi><mi>V</mi></mrow></semantics></math></inline-formula>), setpoint (<inline-formula><math xmlns="http://www.w3.org/1998/Math/MathML" display="inline"><semantics><mrow><mi>S</mi><mi>P</mi></mrow></semantics></math></inline-formula>), and control signal (<inline-formula><math xmlns="http://www.w3.org/1998/Math/MathML" display="inline"><semantics><mrow><mi>C</mi><mi>V</mi></mrow></semantics></math></inline-formula>). The proposed concept was tested using the example of a control system for superheaters in a steam line of a power unit boiler. Cyber-attacks targeting other parts of the process were also included in the study to test the proposed approach’s applicability, effectiveness, and limitations and identify further research directions. |
first_indexed | 2024-03-11T07:09:35Z |
format | Article |
id | doaj.art-7d30d8f742564d7bbc3ee2056c1bca72 |
institution | Directory Open Access Journal |
issn | 1424-8220 |
language | English |
last_indexed | 2024-03-11T07:09:35Z |
publishDate | 2023-03-01 |
publisher | MDPI AG |
record_format | Article |
series | Sensors |
spelling | doaj.art-7d30d8f742564d7bbc3ee2056c1bca722023-11-17T08:39:34ZengMDPI AGSensors1424-82202023-03-01235277810.3390/s23052778Controller Cyber-Attack Detection and IsolationAnna Sztyber-Betley0Michał Syfert1Jan Maciej Kościelny2Zuzanna Górecka3Faculty of Mechatronics, Warsaw University of Technology, 00-661 Warsaw, PolandFaculty of Mechatronics, Warsaw University of Technology, 00-661 Warsaw, PolandFaculty of Mechatronics, Warsaw University of Technology, 00-661 Warsaw, PolandFaculty of Mechatronics, Warsaw University of Technology, 00-661 Warsaw, PolandThis article deals with the cyber security of industrial control systems. Methods for detecting and isolating process faults and cyber-attacks, consisting of elementary actions named “cybernetic faults” that penetrate the control system and destructively affect its operation, are analysed. FDI fault detection and isolation methods and the assessment of control loop performance methods developed in the automation community are used to diagnose these anomalies. An integration of both approaches is proposed, which consists of checking the correct functioning of the control algorithm based on its model and tracking changes in the values of selected control loop performance indicators to supervise the control circuit. A binary diagnostic matrix was used to isolate anomalies. The presented approach requires only standard operating data (process variable (<inline-formula><math xmlns="http://www.w3.org/1998/Math/MathML" display="inline"><semantics><mrow><mi>P</mi><mi>V</mi></mrow></semantics></math></inline-formula>), setpoint (<inline-formula><math xmlns="http://www.w3.org/1998/Math/MathML" display="inline"><semantics><mrow><mi>S</mi><mi>P</mi></mrow></semantics></math></inline-formula>), and control signal (<inline-formula><math xmlns="http://www.w3.org/1998/Math/MathML" display="inline"><semantics><mrow><mi>C</mi><mi>V</mi></mrow></semantics></math></inline-formula>). The proposed concept was tested using the example of a control system for superheaters in a steam line of a power unit boiler. Cyber-attacks targeting other parts of the process were also included in the study to test the proposed approach’s applicability, effectiveness, and limitations and identify further research directions.https://www.mdpi.com/1424-8220/23/5/2778cybersecuritycyber-attackfault detectionfault isolationcontrol loop performanceneural networks |
spellingShingle | Anna Sztyber-Betley Michał Syfert Jan Maciej Kościelny Zuzanna Górecka Controller Cyber-Attack Detection and Isolation Sensors cybersecurity cyber-attack fault detection fault isolation control loop performance neural networks |
title | Controller Cyber-Attack Detection and Isolation |
title_full | Controller Cyber-Attack Detection and Isolation |
title_fullStr | Controller Cyber-Attack Detection and Isolation |
title_full_unstemmed | Controller Cyber-Attack Detection and Isolation |
title_short | Controller Cyber-Attack Detection and Isolation |
title_sort | controller cyber attack detection and isolation |
topic | cybersecurity cyber-attack fault detection fault isolation control loop performance neural networks |
url | https://www.mdpi.com/1424-8220/23/5/2778 |
work_keys_str_mv | AT annasztyberbetley controllercyberattackdetectionandisolation AT michałsyfert controllercyberattackdetectionandisolation AT janmaciejkoscielny controllercyberattackdetectionandisolation AT zuzannagorecka controllercyberattackdetectionandisolation |