Cyberattack Detection for Cyber Physical Systems Security – A Preliminary Study

Cyber-physical systems (CPS) security has become an increasingly important research topic in recent years. Geared towards more advanced cyberattack detection techniques as part of strategies for enhancing the security of CPS, in this paper we propose a machine learning based cyber-attack detection scheme. The proposed scheme is a physical-domain technique; specifically, it assumes the physical measurements of the system carry sufficient information for capturing the system behavior, thus can be used for differentiating normal operation and attacks. CPS are complex in nature and the number of physical measurements available for CPS is often overwhelmingly high. Thus, accurately modeling CPS’ dynamic behavior, more importantly, distinguishing normal and adversary activities based on the large number of physical measurements, can be challenging. To address the challenge, we have focused our research effort on feature engineering, that is, to intelligently derive a set of salient signatures or features from the noisy measurements. We make sure the derived features are more compact and, more importantly, have more discriminant power than the original physical measurements, thus enabling us to achieve more accurate and robust detection performance. To demonstrate the effectiveness of the proposed scheme, in our experimental study we consider gas turbines of combined cycle power plants as the cyber-physical system. Using the data from the high-fidelity simulation we show that our proposed cyberattack detection scheme is able to achieve high detection performance.