Abstract
This paper investigates the detection of cyber attacks in a kind of critical infrastructure, the water treatment processes. For this purpose, the real data from the secure water treatment testbed (SWaT) in the iTrust Centre for Research in Cyber Security at the Singapore University of Technology and Design have been used in the investigation. More than 30 different attacks happen on the communication network between the programmable logic controller (PLC) and the sensors/actuators. After understanding the basic working mechanism of the SWaT process, an attack detection system is developed systematically, which consists of a limit value check and safety rule unit, a model-based monitoring unit and a data-driven monitoring unit. To cope with the nonstationary behavior of some water chemical properties such as pH and oxidation reduction potential, the recursive principal component analysis (RPCA) is applied in the data-driven part. It is shown how to divide the SWaT process suitably to integrate the model-based and data-driven monitoring for the SWaT process. The comparison shows that the proposed attack detection system outperforms other existing attack detection systems for the SWaT process.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
