Côme Frappé–Vialatoux

Introducing multi-layer concatenation as a scheme to combine information in water distribution cyber-physical systems

By Côme Frappé–Vialatoux, Pierre Parrend

2024-09-01

In 28th international conference on knowledge-based and intelligent information and engineering systems

Abstract

As Water distribution infrastructures are ageing, their modernization process is leading to an increased incorporation of connected devices into these physical systems. This transition is changing the nature of water distribution control systems from physical systems to cyber-physical systems (CPS). However, this evolution is associated with an increased vulnerability to cyber-attacks. Detecting such attacks in CPS is gaining traction in the scientific community with the recent release of cyber-physical datasets that capture simultaneously the network traffic and the physical state of a water distribution testbed. This novel paradigm of conjoint availability of these two types of data from a common source infrastructure opens a new question on how to combine their information when training machine learning models for attack detection. As an alternative approach to previous models that rely on model aggregation, this paper introduces Multi-Layer Concatenation, a combination scheme to merge the information from the physical and network parts of a CPS from a data perspective, through a time-based join operation coupled with a propagation process to keep the coherence of the global system. The evaluation of its impact assesses its benefits for machine learning-based detection on three cyber-physical datasets, by measuring machine learning models’ performances on physical and network data separately, and then on data combined through the proposed scheme.

Continue reading

Combining physical and network data for attack detection in water distribution networks

By Côme Frappé–Vialatoux, Pierre Parrend

2024-07-01

In Water distribution systems analysis (WDSA)/computing and control water industry (CCWI) joint conference

Abstract

Water distribution infrastructures are increasingly incorporating IoT in the form of sensing and computing power to improve control over the system and achieve a greater adaptability to the water demand. This evolution, from physical towards cyberphysical systems, comes with an attack perimeter extended to the cyberspace. Being able to detect this novel kind of attacks is gaining traction in the scientific community. However, machine learning detection algorithms, which are showing encouraging results in cybersecurity applications, needs training data as close as possible to real world data in order to perform well in production environment. The availability of such data, with complexity levels on par with real world infrastructures, with acquisitions from both from physical and cyber spaces, is a bottleneck for the development of machine learning algorithms. This paper addresses this problem by providing an analysis of the currently available cyberphysical datasets in the water distribution field, together with a multi-layer comparison methodology to assess their complexity. This multi-layer approach to complexity evaluation of datasets is based on three major axes, namely attack scenarios, network topology and network communications, allowing for a precise look at the forces and weaknesses of available datasets across a wide spectrum. The results show that currently available datasets are emphasizing on one aspect of real world complexity but lacks on the others, highlighting the need for a more global approach in further work to propose datasets with an increased complexity on multiple aspects at the same time.

Continue reading