Skip to Main content Skip to Navigation
Conference papers

Efficient Mining of Temporal Safety Properties for Intrusion Detection in Industrial Control Systems

Oualid Koucham 1 Stéphane Mocanu 2, 3 Guillaume Hiet 4 Jean-Marc Thiriet 5 Frédéric Majorczyk 6
3 CTRL-A - Control for Autonomic computing systems
Inria Grenoble - Rhône-Alpes, LIG - Laboratoire d'Informatique de Grenoble
4 CIDRE - Confidentialité, Intégrité, Disponibilité et Répartition
CentraleSupélec, Inria Rennes – Bretagne Atlantique , IRISA-D1 - SYSTÈMES LARGE ÉCHELLE
5 GIPSA-SAIGA - GIPSA - Signal et Automatique pour la surveillance, le diagnostic et la biomécanique
GIPSA-DA - Département Automatique, GIPSA-DIS - Département Images et Signal
Abstract : Sophisticated process-aware attacks targeting industrial control systems require adequate detection measures taking into account the physical process. This paper proposes an approach relying on automatically mined process specifications to detect attacks on sequential control systems. The specifications are synthesized as monitors that read the execution traces and report violations to the operator. In contrast to other approaches, a central aspect of our method consists in reducing the number of mined specifications suffering from redundancies. We evaluate our approach on a hardware-in-the-loop testbed with a complex physical process model and discuss our approach's mining efficiency and attack detection capabilities.
Document type :
Conference papers
Complete list of metadata

Cited literature [17 references]  Display  Hide  Download

https://hal.archives-ouvertes.fr/hal-01877109
Contributor : Stéphane Mocanu Connect in order to contact the contributor
Submitted on : Friday, September 21, 2018 - 10:56:20 AM
Last modification on : Monday, November 29, 2021 - 3:47:10 PM
Long-term archiving on: : Saturday, December 22, 2018 - 3:07:33 PM

File

safeprocess2018_v7.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : hal-01877109, version 1

Citation

Oualid Koucham, Stéphane Mocanu, Guillaume Hiet, Jean-Marc Thiriet, Frédéric Majorczyk. Efficient Mining of Temporal Safety Properties for Intrusion Detection in Industrial Control Systems. SAFEPROCESS 2018 - 10th IFAC Symposium on Fault Detection, Supervision and Safety for Technical Processes, Aug 2018, Varsovie, Poland. pp.1-8. ⟨hal-01877109⟩

Share

Metrics

Record views

1456

Files downloads

642