Categorization of Anomalies in Smart Manufacturing Systems to Support the Selection of Detection Mechanisms

An important issue in anomaly detection in smart manufacturing systems is the lack of consistency in the formal definitions of anomalies, faults, and attacks. The term anomaly is used to cover a wide range of situations that are addressed by different types of solutions. In this letter, we categorize anomalies in machines, controllers, and networks along with their detection mechanisms, and unify them under a common framework to aid in the identification of potential solutions. The main contribution of the proposed categorization is that it allows the identification of gaps in anomaly detection in smart manufacturing systems.

[1]  R. K. Mehra,et al.  Correspondence item: An innovations approach to fault detection and diagnosis in dynamic systems , 1971 .

[2]  B. Abraham,et al.  Outlier detection and time series modeling , 1989 .

[3]  Teresa F. Lunt,et al.  Knowledge-based intrusion detection , 1989, [1989] Proceedings. The Annual AI Systems in Government Conference.

[4]  Paul M. Frank,et al.  Fault diagnosis in dynamic systems using analytical and knowledge-based redundancy: A survey and some new results , 1990, Autom..

[5]  M. Diaz,et al.  Modeling and Verification of Time Dependent Systems Using Time Petri Nets , 1991, IEEE Trans. Software Eng..

[6]  Rüdiger Wirth,et al.  Knowledge-based support of system analysis for the analysis of Failure modes and effects , 1996 .

[7]  H. Schneider Failure mode and effect analysis : FMEA from theory to execution , 1996 .

[8]  Wil M. P. van der Aalst,et al.  The Application of Petri Nets to Workflow Management , 1998, J. Circuits Syst. Comput..

[9]  Peter Twigg,et al.  Statistical process control based fault detection of CHP units , 2000 .

[10]  Klaus Obermayer,et al.  Gaussian Process Regression: Active Data Selection and Test Point Rejection , 2000, DAGM-Symposium.

[11]  Leonid Portnoy,et al.  Intrusion detection with unlabeled data using clustering , 2000 .

[12]  Sushil Jajodia,et al.  ADAM: a testbed for exploring the use of data mining in intrusion detection , 2001, SGMD.

[13]  V. Alarcón-Aquino,et al.  Anomaly detection in communication networks using wavelets , 2001 .

[14]  Daniel P. Siewiorek,et al.  Generalized feature extraction for structural pattern recognition in time-series data , 2001 .

[15]  J. Brian Gray,et al.  Introduction to Linear Regression Analysis , 2002, Technometrics.

[16]  Symeon Papavassiliou,et al.  Network intrusion and fault detection: a statistical anomaly approach , 2002, IEEE Commun. Mag..

[17]  R. Sekar,et al.  Specification-based anomaly detection: a new approach for detecting network intrusions , 2002, CCS '02.

[18]  Asok Ray,et al.  Anomaly prediction in mechanical systems using symbolic dynamics , 2003, Proceedings of the 2003 American Control Conference, 2003..

[19]  Juan E. Tapiador,et al.  Stochastic protocol modeling for anomaly based network intrusion detection , 2003, First IEEE International Workshop on Information Assurance, 2003. IWIAS 2003. Proceedings..

[20]  Asok Ray,et al.  Symbolic dynamic analysis of complex systems for anomaly detection , 2004, Signal Process..

[21]  M. Farid Golnaraghi,et al.  Prognosis of machine health condition using neuro-fuzzy systems , 2004 .

[22]  Fulei Chu,et al.  Application of the wavelet transform in machine condition monitoring and fault diagnostics: a review with bibliography , 2004 .

[23]  Victoria J. Hodge,et al.  A Survey of Outlier Detection Methodologies , 2004, Artificial Intelligence Review.

[24]  Clifton A. Ericson,et al.  Fault Tree Analysis , 2005 .

[25]  Colin Fyfe Artificial Neural Networks , 2005 .

[26]  Alessandro Giua,et al.  Fault detection for discrete event systems using Petri nets with unobservable transitions , 2005, Proceedings of the 44th IEEE Conference on Decision and Control.

[27]  I. Helland Partial Least Squares Regression , 2006 .

[28]  Daming Lin,et al.  A review on machinery diagnostics and prognostics implementing condition-based maintenance , 2006 .

[29]  Samuel H. Huang,et al.  System health monitoring and prognostics — a review of current paradigms and practices , 2006 .

[30]  D. Basak,et al.  Support Vector Regression , 2008 .

[31]  VARUN CHANDOLA,et al.  Anomaly detection: A survey , 2009, CSUR.

[32]  Gabriel Maciá-Fernández,et al.  Anomaly-based network intrusion detection: Techniques, systems and challenges , 2009, Comput. Secur..

[33]  Maria Papadaki,et al.  A preliminary two-stage alarm correlation and filtering system using SOM neural network and K-means algorithm , 2010, Comput. Secur..

[34]  Stefan Biffl,et al.  Knowledge-based Runtime Failure Detection for Industrial Automation Systems , 2010, Models@run.time.

[35]  Ralph Langner,et al.  Stuxnet: Dissecting a Cyberwarfare Weapon , 2011, IEEE Security & Privacy.

[36]  C. McCulloch,et al.  Generalized linear models , 2011 .

[37]  Thomas F. Edgar,et al.  Smart manufacturing, manufacturing intelligence and demand-dynamic performance , 2012, Comput. Chem. Eng..

[38]  Scott D. Applegate The dawn of Kinetic Cyber , 2013, 2013 5th International Conference on Cyber Conflict (CYCON 2013).

[39]  Oliver Niggemann,et al.  AutomationML as a Shared Model for Offline- and Realtime-Simulation of Production Plants and for Anomaly Detection , 2013 .

[40]  Gisung Kim,et al.  A novel hybrid intrusion detection method integrating anomaly detection with misuse detection , 2014, Expert Syst. Appl..

[41]  Jules White,et al.  Cyber-physical security challenges in manufacturing systems , 2014 .

[42]  Jugal K. Kalita,et al.  Network Anomaly Detection: Methods, Systems and Tools , 2014, IEEE Communications Surveys & Tutorials.

[43]  Joan Pellegrino,et al.  Measurement Science for Prognostics and Health Management for Smart Manufacturing Systems: Key Findings from a Roadmapping Workshop , 2015, Proceedings of the Annual Conference of the Prognostics and Health Management Society. Prognostics and Health Management Society. Conference.

[44]  Oliver Niggemann,et al.  Efficient fault detection for industrial automation processes with observable process variables , 2015, 2015 IEEE 13th International Conference on Industrial Informatics (INDIN).

[45]  M. A. Donmez,et al.  A defect-driven diagnostic method for machine tool spindles. , 2015, CIRP annals ... manufacturing technology.

[46]  Seiichi Uchida,et al.  A Comparative Evaluation of Unsupervised Anomaly Detection Algorithms for Multivariate Data , 2016, PloS one.

[47]  Guigang Zhang,et al.  Deep Learning , 2016, Int. J. Semantic Comput..

[48]  Jaime A. Camelio,et al.  Cyber-physical Vulnerability Assessment in Manufacturing Systems , 2016 .

[49]  Mohammad Abdullah Al Faruque,et al.  Cross-domain security of cyber-physical systems , 2017, 2017 22nd Asia and South Pacific Design Automation Conference (ASP-DAC).

[50]  Zheng Wang,et al.  Improved sensor fault detection, isolation, and mitigation using multiple observers approach , 2017, International journal of systems science.

[51]  Douglas C. Schmidt,et al.  Taxonomies for Reasoning About Cyber-physical Attacks in IoT-based Manufacturing Systems , 2017, Int. J. Interact. Multim. Artif. Intell..

[52]  Jaime A. Camelio,et al.  An approach to cyber-physical vulnerability assessment for intelligent manufacturing systems , 2017 .