Enabling data-driven anomaly detection by design in cyber-physical production systems
2022 (English)In: Cybersecurity, E-ISSN 2523-3246, Vol. 5, article id 9Article in journal (Refereed) Published
Abstract [en]
Designing and developing distributed cyber-physical production systems (CPPS) is a time-consuming, complex, and error-prone process. These systems are typically heterogeneous, i.e., they consist of multiple components implemented with different languages and development tools. One of the main problems nowadays in CPPS implementation is enabling security mechanisms by design while reducing the complexity and increasing the system’s maintainability. Adopting the IEC 61499 standard is an excellent approach to tackle these challenges by enabling the design, deployment, and management of CPPS in a model-based engineering methodology. We propose a method for CPPS design based on the IEC 61499 standard. The method allows designers to embed a bio-inspired anomaly-based host intrusion detection system (A-HIDS) in Edge devices. This A-HIDS is based on the incremental Dendritic Cell Algorithm (iDCA) and can analyze OPC UA network data exchanged between the Edge devices and detect attacks that target the CPPS’ Edge layer. This study’s findings have practical implications on the industrial security community by making novel contributions to the intrusion detection problem in CPPS considering immune-inspired solutions, and cost-effective security by design system implementation. According to the experimental data, the proposed solution can dramatically reduce design and code complexity while improving application maintainability and successfully detecting network attacks without negatively impacting the performance of the CPPS Edge devices.
Place, publisher, year, edition, pages
Springer Nature, 2022. Vol. 5, article id 9
Keywords [en]
Artificial immune systems, Cyber-physical production systems, IEC 61499, Function blocks, Industrial Internet of Things, Anomaly-based host intrusion detection system, Model-based engineering
National Category
Telecommunications Software Engineering
Research subject
Cyber-Physical Systems
Identifiers
URN: urn:nbn:se:ltu:diva-90709DOI: 10.1186/s42400-022-00114-zISI: 000790876400001Scopus ID: 2-s2.0-85129153861OAI: oai:DiVA.org:ltu-90709DiVA, id: diva2:1663243
Note
Validerad;2022;Nivå 2;2022-06-02 (hanlid)
2022-06-022022-06-022022-06-02Bibliographically approved