Journal Home Online First Current Issue Archive For Authors Journal Information 中文版

Frontiers of Information Technology & Electronic Engineering >> 2022, Volume 23, Issue 4 doi: 10.1631/FITEE.2000546

Detection and localization of cyber attacks on water treatment systems: an entropy-based approach

Affiliation(s): State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450001, China; College of Control Science and Engineering, Zhejiang University, Hangzhou 310027, China; less

Received: 2020-10-13 Accepted: 2022-04-20 Available online: 2022-04-20

Next Previous

Abstract

With the advent of Industry 4.0, s (WTSs) are recognized as typical s (iCPSs) that are connected to the open Internet. Advanced information technology (IT) benefits the WTS in the aspects of reliability, efficiency, and economy. However, the vulnerabilities exposed in the communication and control infrastructure on the cyber side make WTSs prone to cyber attacks. The traditional IT system oriented defense mechanisms cannot be directly applied in safety-critical WTSs because the availability and real-time requirements are of great importance. In this paper, we propose an entropy-based (EBID) method to thwart cyber attacks against widely used controllers (e.g., programmable logic controllers) in WTSs to address this issue. Because of the varied WTS operating conditions, there is a high false-positive rate with a static threshold for detection. Therefore, we propose a dynamic threshold adjustment mechanism to improve the performance of EBID. To validate the performance of the proposed approaches, we built a high-fidelity WTS testbed with more than 50 measurement points. We conducted experiments under two attack scenarios with a total of 36 attacks, showing that the proposed methods achieved a detection rate of 97.22% and a false alarm rate of 1.67%.

Related Research