ABSTRACT
Researchers implemented algorithms and attack techniques in programmable logic controllers of cyber physical systems like water treatment testbeds and power testbeds. However, in a reallife water plant such methods are almost impossible to be realised because the public utility company will not risk the damages may cause to the existing system by the software changes as the plant is actively producing water for the consumers. A reduction or stoppage of water due to system modifications will affect the daily life of many people.
Thus, this paper focuses on the architecture framework to generate, run, and test research techniques particularly machine learning invariants in Secure Water Treatment (SWaT) that can be used in a real-life water treatment plant through a non-intrusive method. This framework has been thoroughly tested in SWaT using single or multiple invariants. The software in this framework allows substantial code reuse of data structures and algorithms. The programs to generate, run, and test the invariants are written in Python. The supervised machine learning invariants can detect anomalies without any false alarms for continuous systems in SWaT through physical device attacks and software generated attacks. This framework is also applicable to other cyber physical systems like power and gas testbeds with certain modifications such as the access interfaces and invariant designs. The future direction of this research is to provide a wider coverage protection solution framework to detect anomalies for discrete and continuous systems in cyber physical systems.
- A. Hanif, M. A. Choudhry, T. Mehmood (2005), A Systematic Approach to Develop PLC Program for Automation of a Backwash Water Treatment Plant, Pakistan Section Multitopic Conference, Karachi, Pakistan.Google ScholarCross Ref
- A. B. Sharma, H. Chen, M. Ding, K. Yoshihira and G. Jiang (2013), Fault Detection and Localization in Distributed using Invariant Relationships, 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), Budapest, Hungary, 2013.Google ScholarDigital Library
- D. Hendricks (2015), The Trouble with the Internet of Things, London Datastore, Greater London Authority.Google Scholar
- D. Shalyga, P. Filonov, and A. Lavrentyev (2018), Anomaly Detection for Water Treatment System based on Neural Network with Automatic Architecture Optimization, https://arxiv.org/pdf/1807.07282, 19 July 2018.Google Scholar
- E. Brown (2016), Who Needs the Internet of Things?, Linux.com, 13 September 2016.Google Scholar
- F. Cheng, T. Li, and D. Chana (2017), Bloom Filters and LSTM Networks for Anomaly Detection in Industrial Control Systems, 7th IEEE/IFIP International Conference on Dependable Systems and Networks, pp 1--12, Washington, USA, 2017.Google Scholar
- iTrust datasets at http://itrust.sutd.edu.sg/dataset/Google Scholar
- J. Goh, S. Adepu, M. Tan and Z. S. Lee (2017), Anomaly Detection in Cyber Physical Systems Using Recurrent Neural Networks, 2017 IEEE 18th International Symposium on High Assurance Systems Engineering (HASE), Singapore, Singapore, 2017, pp. 140--145.Google ScholarCross Ref
- J. Heng and C.H. Yoong (2019), Machine Learning Invariants to Detect Anomalies in Secure Water Treatment, International Conference on Machine Learning and Communications Systems (ICMLCS), January, 2019.Google Scholar
- Jun Inoue, Yoriyuki Yamagata, Yuqi Chen, Christopher M. Poskitt and Jun Sun (2017), Anomaly Detection for a water treatment system using unsupervised machine learning, IEEE International Conference on Data Mining, 2017.Google Scholar
- K. Pal, S. Adepu, and J. Goh (2017), Effectiveness of Association Rules Mining for Invariants Generatio in Cyber Physical Systems, 18th IEEE Symposium on High Assurance Systems Engineering, pp 124--127, Singapore, 2017.Google Scholar
- K. Stouffer, V. Pillitteri, S. Lightman, M. Abrams, and A. Hahn (2015), Guide to Industrial Control System (ICS) Security, National Institute of Standards and Technology, May 2015.Google ScholarCross Ref
- R. Mitchell and IR. Chen (2014), A Survey of Intrusion Detection Techniques for Cyber-Physical Systems, ACM Computing Surveys, Vol. 46, No. 4, March 2014.Google ScholarDigital Library
- S. Adepu and A. Mathur (2016), Generalized attacker and attack modes for Cyber Physical System, IEEE 40th Annual Computer Software and Applications Conference (COMPSAC), June 2016.Google ScholarCross Ref
- S. Adepu and A. Mathur (2018), Distributed Attack Detection in a Water Treatment Plant: Method and Case Study, IEEE Transactions on Dependable and Secure Computing, September 2018.Google ScholarDigital Library
- S. Adepu and A. Mathur (2016), Distributed Detection of a Single-stage Multipoint Cyber Attacks in a Water Treatment Plant, Asia CCS '16, 11th ACM on Asia Conference on Computer and Communications Security, June 2016.Google ScholarDigital Library
Index Terms
- Framework for Continuous System Security Protection in SWaT
Recommendations
Comprehensive simulation of salinity transport in irrigated watersheds using an updated version of SWAT-MODFLOW
AbstractSalinity can have major detrimental impacts on soil health, crop yield, and environmental ecosystem services. In this paper we introduce SWAT-MODFLOW-Salt, a version of SWAT-MODFLOW that simulates the fate and transport of major salt ...
Highlights- We provide a new version of SWAT-MODFLOW that simulates salt ion transport in watershed systems
An enhanced SWAT wetland module to quantify hydraulic interactions between riparian depressional wetlands, rivers and aquifers
This study develops a modified version of the Soil and Water Assessment Tool (SWAT) designed to better represent riparian depressional wetlands (SWATrw). It replaces existing unidirectional hydrological interactions between a wetland and a river/aquifer ...
Assessing SWAT model performance in the evaluation of management actions for the implementation of the Water Framework Directive in a Finnish catchment
The ecological status of Lake Pyhajarvi may be classified as moderate due to its elevated nutrient concentrations and algal biomass production. Therefore, the Eurajoki river basin, including Lake Pyhajarvi, has been chosen as the Finnish test catchment ...
Comments