Sensors (Jun 2024)

Efficient Cyberattack Detection Methods in Industrial Control Systems

  • Piotr Marusak,
  • Robert Nebeluk,
  • Andrzej Wojtulewicz,
  • Krzysztof Cabaj,
  • Patryk Chaber,
  • Maciej Ławryńczuk,
  • Sebastian Plamowski,
  • Krzysztof Zarzycki

DOI
https://doi.org/10.3390/s24123860
Journal volume & issue
Vol. 24, no. 12
p. 3860

Abstract

Read online

The article deals with the issue of detecting cyberattacks on control algorithms running in a real Programmable Logic Controller (PLC) and controlling a real laboratory control plant. The vulnerability of the widely used Proportional–Integral–Derivative (PID) controller is investigated. Four effective, easy-to-implement, and relatively robust methods for detecting attacks on the control signal, output variable, and parameters of the PID controller are researched. The first method verifies whether the value of the control signal sent to the control plant in the previous step is the actual value generated by the controller. The second method relies on detecting sudden, unusual changes in output variables, taking into account the inertial nature of dynamic plants. In the third method, a copy of the controller parameters is used to detect an attack on the controller’s parameters implemented in the PLC. The fourth method uses the golden run in attack detection.

Keywords