IEEE Access (Jan 2021)

Data-Driven Correlation of Cyber and Physical Anomalies for Holistic System Health Monitoring

  • Daniel L. Marino,
  • Chathurika S. Wickramasinghe,
  • Billy Tsouvalas,
  • Craig Rieger,
  • Milos Manic

DOI
https://doi.org/10.1109/ACCESS.2021.3131274
Journal volume & issue
Vol. 9
pp. 163138 – 163150

Abstract

Read online

Concerns of cyber-security threats are increasingly becoming a part of everyday operations of cyber-physical systems, especially in the context of critical infrastructures. However, despite the tight integration of cyber and physical components in modern critical infrastructures, the monitoring of cyber and physical subsystems is still done separately. For successful health monitoring of such systems, a holistic approach is needed. This paper presents an approach for holistic health monitoring of cyber-physical systems based on cyber and physical anomaly detection and correlation. We provide a data-driven approach for the detection of cyber and physical anomalies based on machine learning. The benefits of the presented approach are: 1) integrated architecture that supports the acquisition and real-time analysis of both cyber and physical data; 2) a metric for holistic health monitoring that allows for differentiation between physical faults, cyber intrusion, and cyber-physical attacks. We present experimental analysis on a power-grid use case using the IEEE-33 bus model. The system was tested on several types of attacks such as network scan, Denial of Service (DOS), and malicious command injections.

Keywords