Biblio

In recent years, the design of anomaly detectors has attracted a tremendous surge of interest due to security issues in industrial control systems (ICS). Restricted by hardware resources, most anomaly detectors can only be deployed at the remote monitoring ends, far away from the control sites, which brings potential threats to anomaly detection. In this paper, we propose an active real-time anomaly detection framework deployed in the controller of OpenPLC, which is a standardized open-source PLC and has high scalability. Specifically, we add adaptive active noises to control signals, and then identify a linear dynamic system model of the plant offline and implement it in the controller. Finally, we design two filters to process the estimated residuals based on the obtained model and use χ2 detector for anomaly detection. Extensive experiments are conducted on an industrial control virtual platform to show the effectiveness of the proposed detection framework.

In view of the security threats caused by the code execution vulnerability of the industrial control system, design the trusted security architecture of the industrial control system based on the embedded system. From the trusted startup of industrial control equipment, the safety protection for industrial control system is completed. The scheme is based on TPM and Xilinx Zynq-7030 to build an industrial trusted computing environment and complete the trusted startup process. Experiment shows that this method can effectively prevent the destruction of malicious code during the startup process of embedded system and provide technical support for the construction of trusted computing environment of industrial control system.