Analytical modelling of cyber-physical systems
In connection with anomaly detection in cyber-physical systems, we suggest in this paper a new way of modelling large systems consisting of a huge number of sensors, actuators and controllers. We base the approach on analytical methods usually used in kinetic gas theory, where one tries to describe the overall behavior of a gas without looking at each molecule separately. We model the system as a multi-agent network and derive predictions on the behavior of the network as a whole. These predictions can then be used to monitor the operation of the system. If the deviation between the predictions and the measured attributes of the operational cyber-physical system is sufficiently large, the monitoring system can raise an alarm. This way of modelling the normal behavior of a cyber-physical system has the advantage over machine learning methods mainly used for this purpose, that it is not based on the effective operation of the system during a training phase, but rather on the specification of the system and its intended use. It will detect anomalies in the system’s operation independent of their source—may it be an attack, a malfunction or a faulty implementation.
Top- Tavolato, Paul
- Schölnast, Hubert
- Tavolato-Wötzl, Christina
Category |
Journal Paper |
Divisions |
Security and Privacy |
Subjects |
Computersicherheit Angewandte Informatik |
Journal or Publication Title |
Journal of Computer Virology and Hacking Techniques |
ISSN |
1772-9890 |
Date |
24 February 2020 |
Export |