Detection of Anomalous Values within TIA Project Data History for Industrial Control Systems
Proceedings of the European Interdisciplinary Cybersecurity Conference - Doctoral Symposium. New York: ACM 2021 S. 1 - 6
Erscheinungsjahr: 2021
Publikationstyp: Buchbeitrag (Konferenzbeitrag)
Sprache: Deutsch
Doi/URN: 10.1145/3487405.3487662
Geprüft | Bibliothek |
Inhaltszusammenfassung
Attacks on industrial control systems (ICS) have been intensively studied during the last decade. Malicious alternations of ICS can appear in several different ways, e.g. in changed network traffic patterns or in the data stored on ICS’ components. While several heuristics and machine learning methods have been proposed to analyze different types of ICS data regarding anomalies, no work is known that uses the data of Totally Integrated Automation (TIA) Portal for anomaly detection. TIA is a p...Attacks on industrial control systems (ICS) have been intensively studied during the last decade. Malicious alternations of ICS can appear in several different ways, e.g. in changed network traffic patterns or in the data stored on ICS’ components. While several heuristics and machine learning methods have been proposed to analyze different types of ICS data regarding anomalies, no work is known that uses the data of Totally Integrated Automation (TIA) Portal for anomaly detection. TIA is a popular software system for organizing the ICS, with which configuration and programming data can be viewed, changed and deleted. By saving the single project datasets historically, old versions of the current system configurations can be restored. In this initial work, we propose heuristics that detect anomalies in the TIA Portal data. In particular do we analyze the history of TIA Portal data by investigating long-term backups. Our approach covers both, changes to the data caused by infiltrated attacks as well as malicious changes made by employees who have direct access to the machines. We therefore started to examine real TIA project data of an automotive manufacturer’s production line, covering a period of about three years of historical data, for various features that may indicate anomalies.» weiterlesen» einklappen
Klassifikation
DFG Fachgebiet:
Informatik
DDC Sachgruppe:
Informatik
Verbundene Forschungsprojekte
Verknüpfte Personen
- Laura Hartmann
- Doktorandin
(Zentrum für Technologie und Transfer | ZTT)
- Steffen Wendzel
- ehemaliger Wissenschaftlicher Leiter
(Zentrum für Technologie und Transfer | ZTT)