Data trustworthiness signatures for nuclear reactor dynamics simulation

With the increased reliance on digitization in industrial control systems, the need for effective monitoring techniques has risen dramatically. Specifically, there is now a growing concern about the so-called false data injection (FDI) attacks. These attacks aim to alter the raw sensors’ data to cause malicious outcomes. Any serious FDI algorithm is based on an intimate knowledge of the system and its associated physics models, which renders conventional outlier/anomaly detection techniques almost obsolete in the face of such attacks. Thus, a critical need has emerged to develop a new class of defense methods that are capable of detecting FDI attacks under the assumption that the attacker has a strong familiarity with the system and its physics modeling. This class of defense methods are denoted by model-based defenses which are premised on the assumption that the attacker, while having a good understanding of the system, does not have full privileged access to all proprietary data and historical records of operation. However, (s)he is assumed to be capable of learning system behavior using self-learning techniques during an initial lie-in-wait period. To defend against this scenario, we propose a new model-based randomized window algorithm that searches time-series data for signatures that can serve as classifiers between normal and FDI scenarios. The classifiers are based on the correlations between the dominant degrees of freedom (DOFs) and the less-dominant DOFs (expected to be very sensitive to the system details that are unknown to the attacker). For demonstration, RELAP5 models are employed to calculate representative nuclear reactor behavior during a number of transient scenarios. Falsified data are injected into the RELAP5-simulated behavior, and the proposed signature-identification algorithm is employed to detect the injected data. •Signature-based classifier is effective for the detection of stealthy FDI attacks.•Use both of dominant degrees of freedom (DOFs) and less dominant DOFs to construct signatures.•Randomized window placements on the temporal profile to identify the dominant degrees of freedom.