Chun-Fai Chan scite author profile

Supervisory control and data acquisition systems have been employed for decades to communicate with and coordinate industrial processes. These systems incorporate numerous programmable logic controllers that manage the operations of industrial equipment based on sensor information. Due to the important roles that programmable logic controllers play in industrial facilities, these microprocessor-based systems are exposed to serious cyber threats.This chapter describes an innovative methodology that leverages unsupervised machine learning to monitor the states of programmable logic controllers to uncover latent defects and anomalies. The methodology, which employs a one-class support vector machine, is able to detect anomalies without being bound to specific scenarios or requiring detailed knowledge about the control logic. A case study involving a traffic light simulation demonstrates that anomalies are detected with high accuracy, enabling the prompt mitigation of the underlying problems.

show abstract

Enhancing the Security and Forensic Capabilities of Programmable Logic Controllers

Chan

Chow

Yiu

et al. 2018

View full text Add to dashboard Cite

Industrial control systems are used to monitor and operate critical infrastructures. For decades, the security of industrial control systems was preserved by their use of proprietary hardware and software, and their physical separation from other networks. However, to reduce costs and enhance interconnectivity, modern industrial control systems increasingly use commodity hardware and software, and are connected to vendor and corporate networks, and even the Internet. These trends expose industrial control systems to risks that they were not designed to handle.This chapter describes a novel approach for enhancing industrial control system security and forensics by adding monitoring and logging mechanisms to programmable logic controllers, key components of industrial control systems. A proof-of-concept implementation is presented using a popular Siemens programmable logic controller. Experiments were conducted to compare the accuracy and performance impact of the proposed method versus the conventional programmable logic controller polling method. The experimental results demonstrate that the new method yields increased anomaly detection coverage and accuracy with only a small performance impact. Additionally, the new method increases the speed of anomaly detection and reduces network overhead, enabling forensic investigations of programmable logic controllers to be conducted more efficiently and effectively.

show abstract

Defining Attack Patterns for Industrial Control Systems

Chan

Chow

Chan

2019

View full text Add to dashboard Cite

Attack patterns have been used to specify security test cases for traditional information technology systems in order to mitigate cyber attacks. However, the attack patterns for traditional information technology systems are not directly applicable to industrial control systems. This chapter considers the differences between traditional information technology systems and industrial control systems, discusses why attack patterns for traditional information technology systems are inadequate for industrial control systems, and specifies attack patterns for industrial control systems. The attack patterns are useful for creating security test cases for assessing the security levels of industrial control systems. An elevator system case study is used to demonstrate the utility of industrial control system attack patterns in specifying security test cases.

show abstract

Security Analysis of Software Updates for Industrial Robots

Chan

Chow

Tang

2022

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Chun-Fai Chan

Detecting anomalous behavior of PLC using semi-supervised machine learning

Detecting Anomalies in Programmable Logic Controllers Using Unsupervised Machine Learning

Enhancing the Security and Forensic Capabilities of Programmable Logic Controllers

Defining Attack Patterns for Industrial Control Systems

Security Analysis of Software Updates for Industrial Robots

Contact Info

Product

Resources

About