Tuptuk, Nilufer;
Hailes, Stephen;
(2024)
Identifying vulnerabilities of industrial control systems using evolutionary multiobjective optimisation.
Computers & Security
, 137
, Article 103593. 10.1016/j.cose.2023.103593.
Preview |
Text
1-s2.0-S0167404823005035-main.pdf - Published Version Download (2MB) | Preview |
Abstract
In this paper, we propose a novel methodology to assist in identifying vulnerabilities in real-world complex heterogeneous industrial control systems (ICS) using two Evolutionary Multiobjective Optimisation (EMO) algorithms, NSGA-II and SPEA2. Our approach is evaluated on a well-known benchmark chemical plant simulator, the Tennessee Eastman (TE) process model. We identified vulnerabilities in individual components of the TE model and then made use of these vulnerabilities to generate combinatorial attacks. The generated attacks were aimed at compromising the safety of the system and inflicting economic loss. Results were compared against random attacks, and the performance of the EMO algorithms was evaluated using hypervolume, spread, and inverted generational distance (IGD) metrics. A defence against these attacks in the form of a novel intrusion detection system was developed, using machine learning algorithms. The designed approach was further tested against the developed detection methods. The obtained results demonstrate that the developed EMO approach is a promising tool in the identification of the vulnerable components of ICS, and weaknesses of any existing detection systems in place to protect the system. The proposed approach can serve as a proactive defense tool for control and security engineers to identify and prioritise vulnerabilities in the system. The approach can be employed to design resilient control strategies and test the effectiveness of security mechanisms, both in the design stage and during the operational phase of the system.
| Type: | Article |
|---|---|
| Title: | Identifying vulnerabilities of industrial control systems using evolutionary multiobjective optimisation |
| Open access status: | An open access version is available from UCL Discovery |
| DOI: | 10.1016/j.cose.2023.103593 |
| Publisher version: | https://doi.org/10.1016/j.cose.2023.103593 |
| Language: | English |
| Additional information: | Copyright © 2023 The Author(s). Published by Elsevier Ltd. This is an open access article under the CC BY license (http://creativecommons.org/licenses/by/4.0/). |
| Keywords: | Cybersecurity; Vulnerabilities; Adversarial attacks; Evolutionary multiobjective optimisation; Industrial control systems |
| UCL classification: | UCL UCL > Provost and Vice Provost Offices > UCL BEAMS UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Security and Crime Science |
| URI: | https://discovery.ucl.ac.uk/id/eprint/10183247 |
Archive Staff Only
 |
View Item |
