HAL will be down for maintenance from Friday, June 10 at 4pm through Monday, June 13 at 9am. More information
Skip to Main content Skip to Navigation
Conference papers

Efficient Mining of Temporal Safety Properties for Intrusion Detection in Industrial Control Systems

Oualid Koucham 1 Stéphane Mocanu 2, 3 Guillaume Hiet 4 Jean-Marc Thiriet 5 Frédéric Majorczyk 6
3 CTRL-A - Control for Autonomic computing systems
Inria Grenoble - Rhône-Alpes, LIG - Laboratoire d'Informatique de Grenoble
4 CIDRE - Confidentialité, Intégrité, Disponibilité et Répartition
CentraleSupélec, Inria Rennes – Bretagne Atlantique , IRISA-D1 - SYSTÈMES LARGE ÉCHELLE
5 GIPSA-SAIGA - GIPSA - Signal et Automatique pour la surveillance, le diagnostic et la biomécanique
GIPSA-DA - Département Automatique, GIPSA-DIS - Département Images et Signal
Abstract : Sophisticated process-aware attacks targeting industrial control systems require adequate detection measures taking into account the physical process. This paper proposes an approach relying on automatically mined process specifications to detect attacks on sequential control systems. The specifications are synthesized as monitors that read the execution traces and report violations to the operator. In contrast to other approaches, a central aspect of our method consists in reducing the number of mined specifications suffering from redundancies. We evaluate our approach on a hardware-in-the-loop testbed with a complex physical process model and discuss our approach's mining efficiency and attack detection capabilities.
Document type :
Conference papers
Complete list of metadata

Cited literature [17 references]  Display  Hide  Download

Contributor : Stéphane Mocanu Connect in order to contact the contributor
Submitted on : Friday, September 21, 2018 - 10:56:20 AM
Last modification on : Monday, April 4, 2022 - 9:28:20 AM
Long-term archiving on: : Saturday, December 22, 2018 - 3:07:33 PM


Files produced by the author(s)


  • HAL Id : hal-01877109, version 1


Oualid Koucham, Stéphane Mocanu, Guillaume Hiet, Jean-Marc Thiriet, Frédéric Majorczyk. Efficient Mining of Temporal Safety Properties for Intrusion Detection in Industrial Control Systems. SAFEPROCESS 2018 - 10th IFAC Symposium on Fault Detection, Supervision and Safety for Technical Processes, Aug 2018, Varsovie, Poland. pp.1-8. ⟨hal-01877109⟩



Record views


Files downloads