Detection of faults and intrusions in cyber-physical systems from physical correlations

Cyber-physical systems are critical infrastructures crucial to the reliable delivery of energy and other resources, and to the stable functioning of automatic and control architectures. These systems are composed of interdependent physical, control and communications networks described by disparate mathematical models creating scientific challenges that go well beyond the modeling and analysis of the individual networks. A key challenge in cyber-physical defense is a fast online detection and localization of faults and intrusions without a prior knowledge of the failure type. We describe a set of techniques for an efficient identification of faults from correlations in physical signals, assuming that the minimal amount of information on the system is available. The performance of detection method is illustrated on data collected from a large building automation system.

[1]  Po-Ling Loh,et al.  Structure estimation for discrete graphical models: Generalized covariance matrices and their inverses , 2012, NIPS.

[2]  Santosh S. Vempala,et al.  Spectral Algorithms , 2009, Found. Trends Theor. Comput. Sci..

[3]  Santo Fortunato,et al.  Community detection in graphs , 2009, ArXiv.

[4]  S. Shankar Sastry,et al.  Understanding the physical and economic consequences of attacks on control systems , 2009, Int. J. Crit. Infrastructure Prot..

[5]  Ing-Ray Chen,et al.  Modeling and Analysis of Attacks and Counter Defense Mechanisms for Cyber Physical Systems , 2016, IEEE Transactions on Reliability.

[6]  Charu C. Aggarwal,et al.  Outlier Detection for Temporal Data: A Survey , 2014, IEEE Transactions on Knowledge and Data Engineering.

[7]  Jiafu Wan,et al.  A survey of Cyber-Physical Systems , 2011, 2011 International Conference on Wireless Communications and Signal Processing (WCSP).

[8]  Scott Backhaus,et al.  Round-trip efficiency of fast demand response in a large commercial air conditioner , 2015 .

[9]  D. Brillinger Time series - data analysis and theory , 1981, Classics in applied mathematics.

[10]  Christos Faloutsos,et al.  RainMon: an integrated approach to mining bursty timeseries monitoring data , 2012, KDD.

[11]  A. Kraskov,et al.  Estimating mutual information. , 2003, Physical review. E, Statistical, nonlinear, and soft matter physics.

[12]  Andrey Y. Lokhov,et al.  Efficient reconstruction of transmission probabilities in a spreading process from partial observations , 2015, ArXiv.

[13]  Dimitris S. Papailiopoulos,et al.  Sparse PCA through Low-rank Approximations , 2013, ICML.

[14]  N. Huang,et al.  The empirical mode decomposition and the Hilbert spectrum for nonlinear and non-stationary time series analysis , 1998, Proceedings of the Royal Society of London. Series A: Mathematical, Physical and Engineering Sciences.

[15]  Raj Rao Nadakuditi,et al.  OptShrink: An Algorithm for Improved Low-Rank Signal Matrix Denoising by Optimal, Data-Driven Singular Value Shrinkage , 2013, IEEE Transactions on Information Theory.

[16]  R. L. Thorndike Who belongs in the family? , 1953 .

[17]  Hongyuan Zha,et al.  Low-Rank Approximations with Sparse Factors I: Basic Algorithms and Error Analysis , 2001, SIAM J. Matrix Anal. Appl..

[18]  S. Shankar Sastry,et al.  Research Challenges for the Security of Control Systems , 2008, HotSec.

[19]  Everette S. Gardner,et al.  Exponential smoothing: The state of the art , 1985 .

[20]  W. Fuller,et al.  LIKELIHOOD RATIO STATISTICS FOR AUTOREGRESSIVE TIME SERIES WITH A UNIT ROOT , 1981 .

[21]  Gwilym M. Jenkins,et al.  Time series analysis, forecasting and control , 1971 .

[22]  Bruce Hajek,et al.  Information limits for recovering a hidden community , 2015, 2016 IEEE International Symposium on Information Theory (ISIT).

[23]  Michael I. Jordan,et al.  A Direct Formulation for Sparse Pca Using Semidefinite Programming , 2004, SIAM Rev..

[24]  P. Young,et al.  Time series analysis, forecasting and control , 1972, IEEE Transactions on Automatic Control.

[25]  Nirvana Meratnia,et al.  Outlier Detection Techniques for Wireless Sensor Networks: A Survey , 2008, IEEE Communications Surveys & Tutorials.

[26]  David Gamarnik,et al.  Finding a large submatrix of a Gaussian random matrix , 2016, The Annals of Statistics.

[27]  Scott Backhaus,et al.  Model Development and Identification for Fast Demand Response in Commercial HVAC Systems , 2014, IEEE Transactions on Smart Grid.

[28]  VARUN CHANDOLA,et al.  Anomaly detection: A survey , 2009, CSUR.

[29]  C. N. Liu,et al.  Approximating discrete probability distributions with dependence trees , 1968, IEEE Trans. Inf. Theory.

[30]  C. Eckart,et al.  The approximation of one matrix by another of lower rank , 1936 .

[31]  Louis L. Scharf,et al.  The SVD and reduced rank signal processing , 1991, Signal Process..

[32]  Rob J Hyndman,et al.  Forecasting with Exponential Smoothing: The State Space Approach , 2008 .

[33]  A. Laub,et al.  The singular value decomposition: Its computation and some applications , 1980 .

[34]  Guofei Jiang,et al.  Modeling and analytics for cyber-physical systems in the age of big data , 2014, PERV.

[35]  Yihong Wu,et al.  Computational Barriers in Minimax Submatrix Detection , 2013, ArXiv.

[36]  Andrea Montanari,et al.  Finding Hidden Cliques of Size $$\sqrt{N/e}$$N/e in Nearly Linear Time , 2013, Found. Comput. Math..

[37]  S. Chatterjee,et al.  Matrix estimation by Universal Singular Value Thresholding , 2012, 1212.1247.

[38]  A. Nobel,et al.  Finding large average submatrices in high dimensional data , 2009, 0905.1682.

[39]  Amin Coja-Oghlan,et al.  Graph Partitioning via Adaptive Spectral Techniques , 2009, Combinatorics, Probability and Computing.

[40]  A. Nobel,et al.  Energy landscape for large average submatrix detection problems in Gaussian random matrices , 2012, 1211.2284.

[41]  Raj Rao Nadakuditi,et al.  The eigenvalues and eigenvectors of finite, low rank perturbations of large random matrices , 2009, 0910.2120.

[42]  Chris Chatfield,et al.  The Holt-Winters Forecasting Procedure , 1978 .

[43]  Lui Sha,et al.  Cyber-Physical Systems: A New Frontier , 2008, 2008 IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (sutc 2008).

[44]  Chris Chatfield,et al.  Holt‐Winters Forecasting: Some Practical Issues , 1988 .