Abstract
Critical Infrastructures (CIs) are sensible targets. They could be physically damaged by natural or human actions, causing service disruptions, economic losses, and, in some extreme cases, harm to people. They, therefore, need a high level of protection against possible unintentional and intentional events. In this paper, we show a logical architecture that exploits information from both physical and cybersecurity systems to improve the overall security in a power plant scenario. We propose a Machine Learning (ML)-based anomaly detection approach to detect possible anomaly events by jointly correlating data related to both the physical and cyber domains. The performance evaluation showed encouraging results—obtained by different ML algorithms—which highlights how our proposed approach is able to detect possible abnormal situations that could not have been detected by using only information from either the physical or cyber domain.
Highlights
Physical Security MonitoringCritical Infrastructures (CIs) are “systems that are so vital to a nation that their incapacity or destruction would have a debilitating effect on national security, the economy, or public health and safety” [1]
We considered two parallel Machine Learning (ML) algorithms: the first one focuses on the possible anomalies related to the TLC room access, while the second one centers on possible anomalies related to the power plant access
We found out that higher sensitivity could have been obtained by using different parameter configurations for both isolation forest and One-Class Support Vector Machine (OCSVM), but with a consequent lower specificity and vice versa, so without improving the overall performance
Summary
Physical Security MonitoringCritical Infrastructures (CIs) are “systems that are so vital to a nation that their incapacity or destruction would have a debilitating effect on national security, the economy, or public health and safety” [1]. CI protection has focused on threats coming from the physical world, either environmental phenomena or intentional human actions. This discipline is usually referred to as physical security, which involves the application of resources to the task of protecting physical, human, and intellectual property assets from events such as plunder, theft, or exploitation [2]. Industrial Control Systems (ICSs) play a key role in managing CIs. Some of the most common in use are the Supervisory Control And Data Acquisition (SCADA) systems and the Distributed Control Systems (DCSs), which measure physical quantities such as pressure, current, voltage, and temperature, to monitor CIs within the physical domain.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
