一种基于可达集的检测动态过程中虚假数据注入网络攻击的方案

IF 3 Q2 ENGINEERING, CHEMICAL Digital Chemical Engineering Pub Date : 2023-06-01 DOI:10.1016/j.dche.2023.100100
Shilpa Narasimhan, Nael H. El-Farra, Matthew J. Ellis
{"title":"一种基于可达集的检测动态过程中虚假数据注入网络攻击的方案","authors":"Shilpa Narasimhan,&nbsp;Nael H. El-Farra,&nbsp;Matthew J. Ellis","doi":"10.1016/j.dche.2023.100100","DOIUrl":null,"url":null,"abstract":"<div><p>Recent cyberattacks targeting process control systems have demonstrated that reliance on information technology-based approaches alone to address cybersecurity needs is insufficient and that operational technology-based solutions are needed. An attack detection scheme that monitors process operation and determines the presence of an attack represents an operational technology-based approach. Attack detection schemes may be designed to monitor a process operated at or near its steady–state to account for the typical operation of chemical processes. However, transient operation may occur; for example, during process start-up and set–point changes. Detection schemes designed or tuned for steady-state operation may raise false alarms during transient process operation. In this work, we present a reachable set-based cyberattack detection scheme for monitoring processes during transient operation. Both additive and multiplicative false data injection attacks (FDIAs) that alter data communicated over the sensor–controller and controller–actuator communication links are considered. For the class of attacks considered, the detection scheme does not raise false alarms during transient operations. Conditions for classifying attacks based on the ability of the detection scheme to detect the attacks are presented. The application of the reachable set-based detection scheme is demonstrated using two illustrative processes under different FDIAs. For the FDIAs considered, their detectability with respect to the reachable set-based detection scheme is analyzed.</p></div>","PeriodicalId":72815,"journal":{"name":"Digital Chemical Engineering","volume":"7 ","pages":"Article 100100"},"PeriodicalIF":3.0000,"publicationDate":"2023-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"A reachable set-based scheme for the detection of false data injection cyberattacks on dynamic processes\",\"authors\":\"Shilpa Narasimhan,&nbsp;Nael H. El-Farra,&nbsp;Matthew J. Ellis\",\"doi\":\"10.1016/j.dche.2023.100100\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><p>Recent cyberattacks targeting process control systems have demonstrated that reliance on information technology-based approaches alone to address cybersecurity needs is insufficient and that operational technology-based solutions are needed. An attack detection scheme that monitors process operation and determines the presence of an attack represents an operational technology-based approach. Attack detection schemes may be designed to monitor a process operated at or near its steady–state to account for the typical operation of chemical processes. However, transient operation may occur; for example, during process start-up and set–point changes. Detection schemes designed or tuned for steady-state operation may raise false alarms during transient process operation. In this work, we present a reachable set-based cyberattack detection scheme for monitoring processes during transient operation. Both additive and multiplicative false data injection attacks (FDIAs) that alter data communicated over the sensor–controller and controller–actuator communication links are considered. For the class of attacks considered, the detection scheme does not raise false alarms during transient operations. Conditions for classifying attacks based on the ability of the detection scheme to detect the attacks are presented. The application of the reachable set-based detection scheme is demonstrated using two illustrative processes under different FDIAs. For the FDIAs considered, their detectability with respect to the reachable set-based detection scheme is analyzed.</p></div>\",\"PeriodicalId\":72815,\"journal\":{\"name\":\"Digital Chemical Engineering\",\"volume\":\"7 \",\"pages\":\"Article 100100\"},\"PeriodicalIF\":3.0000,\"publicationDate\":\"2023-06-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Digital Chemical Engineering\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S2772508123000182\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"ENGINEERING, CHEMICAL\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Digital Chemical Engineering","FirstCategoryId":"1085","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2772508123000182","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"ENGINEERING, CHEMICAL","Score":null,"Total":0}
引用次数: 3

摘要

最近针对过程控制系统的网络攻击表明,仅依靠基于信息技术的方法来满足网络安全需求是不够的,需要基于操作技术的解决方案。监视流程操作并确定是否存在攻击的攻击检测方案代表了一种基于操作技术的方法。攻击检测方案可被设计用于监视处于或接近其稳态的过程,以解释化学过程的典型操作。但是,可能会发生瞬态操作;例如,在工艺启动和设定值更改期间。为稳态运行而设计或调整的检测方案可能会在瞬态过程运行期间产生假警报。在这项工作中,我们提出了一种基于可达集的网络攻击检测方案,用于监控瞬态运行过程。考虑了通过传感器-控制器和控制器-执行器通信链路改变通信数据的加性和乘性虚假数据注入攻击(FDIAs)。对于所考虑的攻击类别,检测方案不会在瞬态操作期间产生假警报。提出了基于检测方案检测攻击的能力对攻击进行分类的条件。通过两个实例说明了可达集检测方案在不同fdi下的应用。对于所考虑的fdi,分析了基于可达集的检测方案的可检测性。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
A reachable set-based scheme for the detection of false data injection cyberattacks on dynamic processes

Recent cyberattacks targeting process control systems have demonstrated that reliance on information technology-based approaches alone to address cybersecurity needs is insufficient and that operational technology-based solutions are needed. An attack detection scheme that monitors process operation and determines the presence of an attack represents an operational technology-based approach. Attack detection schemes may be designed to monitor a process operated at or near its steady–state to account for the typical operation of chemical processes. However, transient operation may occur; for example, during process start-up and set–point changes. Detection schemes designed or tuned for steady-state operation may raise false alarms during transient process operation. In this work, we present a reachable set-based cyberattack detection scheme for monitoring processes during transient operation. Both additive and multiplicative false data injection attacks (FDIAs) that alter data communicated over the sensor–controller and controller–actuator communication links are considered. For the class of attacks considered, the detection scheme does not raise false alarms during transient operations. Conditions for classifying attacks based on the ability of the detection scheme to detect the attacks are presented. The application of the reachable set-based detection scheme is demonstrated using two illustrative processes under different FDIAs. For the FDIAs considered, their detectability with respect to the reachable set-based detection scheme is analyzed.

求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
CiteScore
3.10
自引率
0.00%
发文量
0
期刊最新文献
The trust region filter strategy: Survey of a rigorous approach for optimization with surrogate models Multi-agent distributed control of integrated process networks using an adaptive community detection approach Industrial data-driven machine learning soft sensing for optimal operation of etching tools Process integration technique for targeting carbon credit price subsidy Robust simulation and technical evaluation of large-scale gas oil hydrocracking process via extended water-energy-product (E-WEP) analysis
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1