The Nuts and Bolts of Deploying Process-Level IDS in Industrial Control Systems
Paper in proceeding, 2018

Much research effort has recently been devoted to securing Industrial Control Systems (ICS) in response to the increasing number of adverse incidents targeting nation-wide critical infrastructures. Leveraging the static and regular nature of the behavior of control systems, various data-driven methods that monitor the process-level network have been proposed as a defensive measure. Although these methods have been evaluated through offline analysis of ICS-related datasets, in absence of documented live experiments in real environments, a complete and global understanding of the applicability and efficiency of process-level monitoring is still lacking.

In this work, we describe our experience of running a fully fledged intrusion detection system in an operational paper factory for 75 days. We discuss the nuts and bolts of running such systems in real environments and underline several practical challenges in meeting ICS-specific requirements. This work essentially aims at bridging the gap between ICS intrusion detection research and practice, and empirically validating the increasingly adopted data-driven approach to process-level monitoring.

Process-Level Analysis

Cyber-Physical Systems

Industrial Control Systems

Intrusion Detection

PASAD

Deployment

Author

Magnus Almgren

Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)

Other publications Research

Wissam Aoudi

Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)

Other publications Research

Robert Gustafsson

Student at Chalmers

Robin Krahl

University of Freiburg

Andreas Lindhe

Combitech

ACM International Conference Proceeding Series

17-24
978-1-4503-6220-7 (ISBN)

Annual Computer Security Applications Conference
San Juan, Puerto Rico,

Resilient Information and Control Systems (RICS)

Swedish Civil Contingencies Agency (2015-828), 2015-09-01 -- 2020-08-31.

Show Project

Integrated cyber-physical solutions for intelligent distribution grid with high penetration of renewables (UNITED-GRID)

European Commission (EC) (EC/H2020/773717), 2017-11-01 -- 2020-04-30.

Show Project

Areas of Advance

Information and Communication Technology

Subject Categories

Embedded Systems

Computer Science

Computer Systems

DOI

10.1145/3295453.3295456

Publication data connected to DOI

More information

Latest update

3/21/2023

Feedback and support

If you have questions, need help, find a bug or just want to give us feedback you may use this form, or contact us per e-mail research.lib@chalmers.se.

About

Research.chalmers.se contains research information from Chalmers University of Technology, Sweden. It includes information on projects, publications, research funders and collaborations.

More about coverage period and what is publicly available

Privacy and cookies

Accessibility

Citation Style Language
citeproc-js (Frank Bennett)

Links

Chalmers Library
Chalmers Research
Chalmers Student Theses

Chalmers University of Technology

SE-412 96 GOTHENBURG, SWEDEN
PHONE: +46 (0)31-772 10 00
WWW.CHALMERS.SE