skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Forecasting and Early Warning for Adversarial Targeting in Industrial Control Systems

Conference · · 2018 IEEE Conference on Decision and Control (CDC)
; ;

A new feature-based forecasting framework of abnormalities is presented for early warning for cyber-physical control systems. The abnormalities may refer to intelligent cyber-attacks or naturally occurring faults and failures. Techniques presented here are aimed at protecting against unauthorized intrusions as well as fault prevention. Time series signals from system monitoring nodes are converted to features using feature discovery techniques. The feature behavior for each monitoring node is characterized in the form of decision boundaries, separating normal and abnormal space with operating data collected from the plant or by running virtual models of the plant. A set of ensemble state-space models are constructed for representing feature evolution in time-domain, where the ensembles are selected using Gaussian Mixture Model (GMM) clustering. The forecasted outputs are anticipated time-evolution of features, computed by applying an adaptive Kalman predictor to each ensemble model. The overall features forecast is then obtained through dynamic ensemble averaging. This is done by projecting evolution of feature vector to future times in a receding horizon fashion. The features forecast are compared to the decision boundary to estimate if/when the feature vectors will cross the boundary. Simulation results in a high fidelity GE gas turbine platform, show the effectiveness of our approach for forecasting abnormalities.

Research Organization:
GE Research
Sponsoring Organization:
USDOE Office of Cybersecurity, Energy Security, and Emergency Response (CESER)
DOE Contract Number:
OE0000833
OSTI ID:
1905843
Journal Information:
2018 IEEE Conference on Decision and Control (CDC), Conference: 2018 IEEE Conference on Decision and Control (CDC), Miami, FL, USA, 17-19 December 2018
Country of Publication:
United States
Language:
English

References (25)

Online wind turbine fault detection through automated SCADA data analysis journal September 2009
Parametric model-based anomaly detection for locomotive subsystems conference August 2007
Robust H observer design for sampled-data Lipschitz nonlinear systems with exact and Euler approximate models journal March 2008
LMI optimization approach to robustHobserver design and static output feedback stabilization for discrete-time nonlinear uncertain systems journal February 2009
Robust State Observation for Sampled-Data Nonlinear Systems with Exact and Euler Approximate Models conference July 2007
Cyber-attack detection and accommodation algorithm for energy delivery systems conference August 2017
Establishing national cyber situational awareness through incident information clustering conference June 2015
Model for sharing the information of cyber security situation awareness between organizations conference May 2016
ATMOSPHERIC SCIENCE: Weather Forecasting with Ensemble Methods journal October 2005
Statistics notes: Transformations, means, and confidence intervals journal April 1996
Liver tumor detection and segmentation using kernel-based extreme learning machine conference July 2013
Model-Based Attack Detection and Mitigation for Automatic Generation Control journal March 2014
A review of novelty detection journal June 2014
Anomaly detection: A survey journal July 2009
Probabilistic Novelty Detection With Support Vector Machines journal June 2014
A survey on unsupervised outlier detection in high-dimensional numerical data journal August 2012
A neural network based technique for short-term forecasting of anomalous load periods journal January 1996
Fault detection and isolation in aircraft gas turbine engines. Part 1: Underlying concept journal March 2008
Self-adaptive software system monitoring for performance anomaly localization conference January 2011
Forecasting Inflation Using Dynamic Model Averaging* journal July 2012
Online Prediction Under Model Uncertainty via Dynamic Model Averaging: Application to a Cold Rolling Mill journal February 2010
Dynamic Logistic Regression and Dynamic Model Averaging for Binary Classification journal August 2011
Extreme Learning Machine for Regression and Multiclass Classification journal April 2012
Improving Adaptive Kalman Estimation in GPS/INS Integration journal August 2007
Adaptive Kalman Filtering journal November 1991

Similar Records

Related Subjects

42 ENGINEERING
97 MATHEMATICS AND COMPUTING
cybersecurity