公开(公告)号：US20200311283A1

公开(公告)日：2020-10-01

申请号：US16754732

申请日：2018-10-23

Applicant: Singapore University of Technology and Design

Inventor： Muhammad Azmi UMER ,  Aditya MATHUR ,  Khurum Nazir JUNEJO ,  Sridhar ADEPU

IPC: G06F21/57 ,  G05B19/045 ,  G05B19/042 ,  G06F21/55

Abstract: A method 300 of generating invariants for distributed attack detection on a cyber-physical system 100 having a number of system components is provided. In a described embodiment, the method 300 includes deriving design invariants at 310 based on system design of the cyber physical system 100 including physical specifications of the system components, obtaining operational data of the cyber physical system at 320 including operational attributes of the system components, generating operational invariants from the obtained operational data at 330, and correlating the operational variants with the design invariants at 340 to generate an integrated set of invariants for detecting distributed cyber attacks of the cyber physical system 100.

公开(公告)号：US20200162482A1

公开(公告)日：2020-05-21

申请号：US16090031

申请日：2017-03-28

Applicant: Singapore University of Technology and Design

Inventor： Aditya MATHUR ,  Sridhar ADEPU

IPC: H04L29/06

Abstract: A method of detecting cyber attacks on a cyber physical system is disclosed, and the system includes at least one computing device coupled to at least one sensor and/or actuator for controlling a physical process. The method comprises: deriving at least one invariant for the computing device, based on a system design of the system or computer code configured to control the system in relation to the physical process or data collected from the system during testing or operation of the system, the invariant defining a set of conditions that enable determination from the sensor and/or actuator regarding process anomalies of the physical process being controlled; configuring the invariant as corresponding computer code; and executing the invariant as the computer code on the computing device to monitor the physical process via the sensor and/or actuator and detect the process anomalies for detecting the cyber attacks.

公开(公告)号：US20240045410A1

公开(公告)日：2024-02-08

申请号：US17761991

申请日：2022-02-04

Applicant: Singapore University of Technology and Design

Inventor： Gauthama Raman MANI IYER RAMANI ,  Aditya MATHUR

IPC: G05B23/02

CPC classification number: G05B23/0221 ,  G05B23/0254 ,  G05B23/0248

Abstract: An anomaly detection method includes determining state variables of an industrial control system based on a system design of the industrial control system; determining invariants governing the state variables based on the system design; receiving historical measurement data of the state variables of each invariant from the industrial control system; constructing a set of behavioural models for each invariant using a set of machine learning algorithms and the historical measurement data of the respective state variables, the behavioural models representing normal behaviour of the respective state variables; predicting measurement data of the state variables of each invariant using the behavioural models and the historical measurement data of the respective state variables; receiving current measurement data of the state variables during operation of the industrial control system; and detecting the anomalies based on deviations between the current measurement data and predicted measurement data of the state variables of each invariant.

公开(公告)号：US20190253440A1

公开(公告)日：2019-08-15

申请号：US16331409

申请日：2017-09-06

Applicant: Singapore University of Technology and Design

Inventor： Aditya MATHUR ,  Sridhar ADEPU ,  Siddhant SHRIVASTAVA ,  Myat Aung KAUNG ,  Nils TIPPENHAUER ,  Giedre SABALIAUSKAITE

IPC: H04L29/06 ,  G05B19/05

CPC classification number: H04L63/1416 ,  G05B19/0428 ,  G05B19/058 ,  G05B19/4184 ,  G05B2219/14006 ,  G05B2219/45103 ,  G06F21/55 ,  G06F21/554 ,  H04L63/1425 ,  H04L63/1441

Abstract: The present disclosure generally relates to a system and method for defending a utilities system against cyber-physical attacks associated with anomalies in a physical process operative in the utilities system. The defense system comprises: a set of sensors for collecting physical data associated with the physical process; a set of controller devices for monitoring process states of the physical process based on the physical data from the sensors; a set of verification devices for monitoring the physical process based on the physical data from the sensors, the physical data enabling the verification devices to detect the anomalies based on a set of invariants predefined for the physical process; and a set of actuators controllable by the controller devices or verification devices to remedy the anomalies and regulate the physical process, thereby defending the utilities system against the cyber-physical attacks.