Operational Technology (OT) includes computer systems and equipment that make changes to the physical world. Sensors, actuators, and computer control systems are critical to safe operation and are increasingly under threat of attack. Industrial sectors include transportation, manufacturing, energy production, power generation, grid networks, and pipelines. A self-driving car has actuators such as steering direction, motor torque, and brake action. Airplane actuators include engine thrust, aileron angle, and flap position. Industrial chemical process actuators include valves and pumps. It is imperative that the commanded actuator is implemented as requested. There may be a difference between the commanded and actual state of the actuator if there is a cyberattack or equipment malfunction. Cyberattacks may be stealth changes to a process that go undetected but that cause equipment failure, lost economic potential, or HSE (Health, Safety, Environmental) incidents.This is a case study with a microcontroller with sensors and actuators (TCLab) where the heater (actuator) is monitored to determine if it is on or off. The predicted and commanded heater states are compared to determine if there is an equipment failure or external actor that has taken control of the actuator. A TCLab digital twin is included if the hardware is not connected.Develop a classifier to predict when the TCLab heater is on and when it is off. Generate labeled data where the heater is either on at 100% output or at 0% output for periods between 10 and 25 seconds. The data set is split into a training and test set. The data is generated from a TCLab or sample data.The features of the data are selected and scaled (0-1) such as temperature, and temperature derivatives. The measured temperature and derivatives and heater value labels are used to create a classifier that predicts when the heater is on or off. The classifier is validated with new data that was not used for training.Simulate intermittent heater failure by turning down the heater power for periods of 30 seconds. The heater power is set with lab.P1. The heater power can be set from 0 to 255 and is set to 200 by default. The simulated cyber-attack turns off the heater by setting lab.P1=0 so that no energy is applied even though the heater is requested to a level of 100% on with lab.Q1(100).Use the classifier to detect when the heater has malfunctioned or is the target of a simulated cyberattack (the power is set to zero or the heater power supply is unplugged).

0:00 IOT/OT Cybersecurity
1:53 Case Study Overview
4:31 Source Code
5:03 Google Colab
6:00 Code Preview
6:41 Generate Test Data with Digital Twin
9:47 Create Plot of Test Data
10:54 Generate Training Data
13:03 Create Plot of Training Data
15:33 Train 11 Classifiers
28:13 Simulate Failures / Attacks
30:32 Detect Cyber Attacks
37:20 Plot Detection Results
40:37 Summary

Machine Learning Course: [ Ссылка ]
Case Study on IOT/OT Cybersecurity: [ Ссылка ]

свернуть