A probe into process-level attack detection in industrial environments from a side-channel perspective
Paper in proceedings, 2019

Process-level detection of cyberattacks on industrial control systems pertain to observing the physical process to detect implausible behavior. State-of-the-art techniques identify a baseline of the normal process behavior from historical measurements and then monitor the system operation in real time to detect deviations from the baseline. Evidently, these techniques are intended to be connected to the control flow to be able to acquire and analyze the necessary measurement data, which makes them susceptible to compromise by the attacker. In this paper, we approach process-level attack detection from a side-channel perspective, where we investigate the feasibility and efficacy of monitoring industrial machines through external sensors. The sensors measure physical properties of the process that are bound to change during a cyberattack. We demonstrate the viability of our approach through simulations and experiments on real industrial machines.

Industrial Control System

Anomaly Detection

Embedded System

Industrial Environment

PASAD

Author

Wissam Aoudi

Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)

Albin Hellqvist

Student at Chalmers

Albert Overland

Student at Chalmers

Magnus Almgren

Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)

ACM International Conference Proceeding Series

1-10

5th Annual Industrial Control System Security Workshop, ICSS 2019
San Juan, USA,

RIOT: Resilient Internet of Things

Swedish Civil Contingencies Agency, 2019-01-01 -- 2023-12-31.

Resilient Information and Control Systems (RICS)

Swedish Civil Contingencies Agency, 2015-09-01 -- 2020-08-31.

Subject Categories

Production Engineering, Human Work Science and Ergonomics

Other Engineering and Technologies not elsewhere specified

Other Electrical Engineering, Electronic Engineering, Information Engineering

DOI

10.1145/3372318.3372320

More information

Latest update

2/12/2020