A Digital Twin-Based Approach for Detecting Cyber–Physical Attacks in ICS Using Knowledge Discovery

A Digital Twin-Based Approach for Detecting Cyber–Physical Attacks in ICS Using Knowledge Discovery

The integration and automation of industrial processes has brought significant gains in efficiency and productivity but also elevated cybersecurity risks, especially in the process industry. This paper introduces a methodology utilizing process mining and digital twins to enhance anomaly detection i...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Applied sciences 2024-10, Vol.14 (19), p.8665
Hauptverfasser: Lucchese, Marco, Salerno, Giuseppe, Pugliese, Andrea
Format: Artikel
Sprache:eng
Schlagworte:
Case studies
Control systems
cyber security
Cybersecurity
Cyberterrorism
digital twin
Digital twins
industrial control systems
knowledge discovery
Methods
Physical instruments
process mining
Software
Twins
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The integration and automation of industrial processes has brought significant gains in efficiency and productivity but also elevated cybersecurity risks, especially in the process industry. This paper introduces a methodology utilizing process mining and digital twins to enhance anomaly detection in Industrial Control Systems (ICS). By converting raw device logs into event logs, we uncover patterns and anomalies indicative of cyberattacks even when such attacks are masked by normal operational data. We present a detailed case study replicating an industrial process to demonstrate the practical application of our approach. Experimental results confirm the effectiveness of our method in identifying cyber–physical attacks within a realistic industrial setting.
ISSN:2076-3417
2076-3417
DOI:10.3390/app14198665