Abstract
A fundamental problem in the realm of cyber-physical security of smart water networks is attack detection, a key step towards designing adequate countermeasures. This task is typically carried out by algorithms that analyze time series of process data. However, the nature of the data available to develop these algorithms limits their capabilities: by relying on process data only, one cannot distinguish a cyber-attack from the failure of a system’s component or identify the root cause of an attack. Here, we show that these limitations can be addressed through the joint analysis of process and network data—with the latter representing the information exchanged between the components constituting the Industrial Control System, such as sensors and Programmable Logic Controllers (PLCs). For this purpose, we utilize a dataset generated by digital hydraulic simulator (DHALSIM)—a numerical modelling platform built on a two-way interaction between EPANET version 2.2 and a network emulation tool—which is extended here to include a framework for launching cyber-physical attacks. This paper presents a dataset with realistic network information of a smart water network under cyber-physical attacks and presents an analysis of how that information can enable the development of better intrusion detection systems that can localize and identify attacks. Through this analysis, the dataset provided here, and the open-source availability of DHALSIM, our work paves the way to a novel class of analytics for actionable detection.
Original language | English |
---|---|
Article number | 04023010 |
Number of pages | 11 |
Journal | Journal of Water Resources Planning and Management |
Volume | 149 |
Issue number | 5 |
DOIs | |
Publication status | Published - 2023 |
Bibliographical note
Green Open Access added to TU Delft Institutional Repository ‘You share, we take care!’ – Taverne project https://www.openaccess.nl/en/you-share-we-take-careOtherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public.
Keywords
- Cyber security
- Cyber-physical attacks
- EPANET
- Smart urban water networks
- Water distribution systems