Critical Infrastructures (CI) are sensible targets. They could be physically damaged by natural or human actions causing service disruptions, economic losses, and, in some extreme cases, harm to people. They, therefore, need a high level of protection against possible unintentional and intentional events. In this paper, we show a logical architecture that exploits information from both physical and cyber security systems to improve the overall security in a power plant scenario. We propose a Machine Learning (ML)-based anomaly detection approach to detect possible anomaly events by jointly correlating data related to both physical and cyber domains. The performance evaluation shows encouraging results - obtained by different ML algorithms -, which highlights how our proposed approach is able to detect possible abnormal situations that could not have been detected by using only information from either the physical or cyber domain.

Toward the Integration of Cyber and Physical Security Monitoring Systems for Critical Infrastructures

Fausto, Alessandro;Gaggero, Giovanni Battista;Patrone, Fabio;Girdinio, Paola;Marchese, Mario
2021-01-01

Abstract

Critical Infrastructures (CI) are sensible targets. They could be physically damaged by natural or human actions causing service disruptions, economic losses, and, in some extreme cases, harm to people. They, therefore, need a high level of protection against possible unintentional and intentional events. In this paper, we show a logical architecture that exploits information from both physical and cyber security systems to improve the overall security in a power plant scenario. We propose a Machine Learning (ML)-based anomaly detection approach to detect possible anomaly events by jointly correlating data related to both physical and cyber domains. The performance evaluation shows encouraging results - obtained by different ML algorithms -, which highlights how our proposed approach is able to detect possible abnormal situations that could not have been detected by using only information from either the physical or cyber domain.
File in questo prodotto:
File Dimensione Formato  
sensors-21-06970-v2.pdf

accesso aperto

Descrizione: Articolo su rivista
Tipologia: Documento in versione editoriale
Dimensione 438.09 kB
Formato Adobe PDF
438.09 kB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11567/1060276
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 22
  • ???jsp.display-item.citation.isi??? 18
social impact