[go: up one dir, main page]

IN2014CH01209A - - Google Patents

Download PDF

Info

Publication number
IN2014CH01209A
IN2014CH01209A IN1209CH2014A IN2014CH01209A IN 2014CH01209 A IN2014CH01209 A IN 2014CH01209A IN 1209CH2014 A IN1209CH2014 A IN 1209CH2014A IN 2014CH01209 A IN2014CH01209 A IN 2014CH01209A
Authority
IN
India
Prior art keywords
intrusion
device monitoring
monitoring component
control system
prevention
Prior art date
Application number
Inventor
Paritosh Dixit
Daniel Thanos
Original Assignee
Gen Electric
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Gen Electric filed Critical Gen Electric
Publication of IN2014CH01209A publication Critical patent/IN2014CH01209A/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02BCLIMATE CHANGE MITIGATION TECHNOLOGIES RELATED TO BUILDINGS, e.g. HOUSING, HOUSE APPLIANCES OR RELATED END-USER APPLICATIONS
    • Y02B70/00Technologies for an efficient end-user side electric power management and consumption
    • Y02B70/30Systems integrating technologies related to power network operation and communication or information technologies for improving the carbon footprint of the management of residential or tertiary loads, i.e. smart grids as climate change mitigation technology in the buildings sector, including also the last stages of power distribution and the control, monitoring or operating management systems at local level
    • Y02B70/34Smart metering supporting the carbon neutral operation of end-user applications in buildings
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S20/00Management or operation of end-user stationary applications or the last stages of power distribution; Controlling, monitoring or operating thereof
    • Y04S20/30Smart metering, e.g. specially adapted for remote reading
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S40/00Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
    • Y04S40/20Information technology specific aspects, e.g. CAD, simulation, modelling, system security

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computing Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Testing And Monitoring For Control Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Alarm Systems (AREA)

Abstract

INTELLIGENT CYBERPHYSICAL INTRUSION DETECTION AND PREVENTION SYSTEMS AND METHODS FOR INDUSTRIAL CONTROL SYSTEMS The embodiments described herein include a system and a method. In one embodiment, a system includes a device monitoring component configured to measure control system behavior and an intrusion prevention system communicatively coupled to the device monitoring component and a communications network. The intrusion prevention system includes a control system analysis component configured to analyze the control system behavior measured by the device monitoring component against a first rule set to determine whether an anomaly, an intrusion, or both are present. FIG.l
IN1209CH2014 2013-03-13 2014-03-10 IN2014CH01209A (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US13/801,496 US9405900B2 (en) 2013-03-13 2013-03-13 Intelligent cyberphysical intrusion detection and prevention systems and methods for industrial control systems

Publications (1)

Publication Number Publication Date
IN2014CH01209A true IN2014CH01209A (en) 2015-05-29

Family

ID=50336076

Family Applications (1)

Application Number Title Priority Date Filing Date
IN1209CH2014 IN2014CH01209A (en) 2013-03-13 2014-03-10

Country Status (8)

Country Link
US (1) US9405900B2 (en)
EP (1) EP2779569A1 (en)
JP (1) JP6302283B2 (en)
CN (1) CN104052730B (en)
BR (1) BR102014004682A8 (en)
CA (1) CA2844225C (en)
IN (1) IN2014CH01209A (en)
MX (1) MX2014003067A (en)

Families Citing this family (70)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9734450B2 (en) * 2014-06-05 2017-08-15 Lenovo Enterprise Solutions (Singapore) Pte. Ltd. Data loss prevention to remove false positives
US9660994B2 (en) * 2014-09-30 2017-05-23 Schneider Electric USA, Inc. SCADA intrusion detection systems
PE20170720A1 (en) * 2014-10-14 2017-07-04 Sicpa Holding Sa INTERFACE WITH SECURE INTERMEDIATE PLATFORM TO GENERATE DATA COMPATIBLE WITH AN EXTERNAL SYSTEM IN A SUPPLY CHAIN OF CRUDE AND GAS RESOURCES
CN104392172B (en) * 2014-10-30 2017-07-04 北京科技大学 A kind of safety detection method and system based on Embedded industrial system
JP6322590B2 (en) * 2015-02-05 2018-05-09 日本電信電話株式会社 Terminal detection system and method
US10051059B2 (en) * 2015-06-05 2018-08-14 Fisher-Rosemount Systems, Inc. Methods and apparatus to control communications of endpoints in an industrial enterprise system based on integrity
CN105404607B (en) * 2015-11-20 2018-02-13 英业达科技有限公司 The data transmission method of general serial input and output
JP6693114B2 (en) * 2015-12-15 2020-05-13 横河電機株式会社 Controller and integrated production system
JP2017129894A (en) * 2016-01-18 2017-07-27 三菱電機株式会社 Cyberattack detection system
US9979675B2 (en) * 2016-02-26 2018-05-22 Microsoft Technology Licensing, Llc Anomaly detection and classification using telemetry data
US10027699B2 (en) * 2016-03-10 2018-07-17 Siemens Aktiengesellschaft Production process knowledge-based intrusion detection for industrial control systems
CN105812371B (en) * 2016-03-17 2019-01-25 电子科技大学 DNP communication access control method based on neural network
US10623437B2 (en) 2016-04-01 2020-04-14 Doble Engineering Company Secured method for testing and maintenance of bulk electrical systems (BES) assets
KR20180117204A (en) 2016-04-26 2018-10-26 미쓰비시덴키 가부시키가이샤 An intrusion detection device, an intrusion detection method, and an intrusion detection program stored in a storage medium
JP6650343B2 (en) 2016-05-16 2020-02-19 株式会社日立製作所 Illegal communication detection system and unauthorized communication detection method
US11005863B2 (en) * 2016-06-10 2021-05-11 General Electric Company Threat detection and localization for monitoring nodes of an industrial asset control system
US10417425B2 (en) 2016-06-13 2019-09-17 The Trustees Of Columbia University In The City Of New York Secured cyber-physical systems
CN109313686A (en) * 2016-06-23 2019-02-05 三菱电机株式会社 Invasion detecting device and intrusion detection program
SG10201912502QA (en) * 2016-09-07 2020-02-27 Univ Singapore Technology & Design Defense system and method against cyber-physical attacks
US10262143B2 (en) 2016-09-13 2019-04-16 The Mitre Corporation System and method for modeling and analyzing the impact of cyber-security events on cyber-physical systems
WO2018055748A1 (en) 2016-09-26 2018-03-29 三菱電機株式会社 Signal processing device, signal processing method, and signal processing program
US10819719B2 (en) * 2016-10-11 2020-10-27 General Electric Company Systems and methods for protecting a physical asset against a threat
US9961089B1 (en) * 2016-10-20 2018-05-01 Mitsubishi Electric Research Laboratories, Inc. Distributed estimation and detection of anomalies in control systems
CN106506486A (en) * 2016-11-03 2017-03-15 上海三零卫士信息安全有限公司 A kind of intelligent industrial-control network information security monitoring method based on white list matrix
US10678912B2 (en) 2016-11-15 2020-06-09 General Electric Company Dynamic normalization of monitoring node data for threat detection in industrial asset control system
US10417415B2 (en) * 2016-12-06 2019-09-17 General Electric Company Automated attack localization and detection
US10204226B2 (en) 2016-12-07 2019-02-12 General Electric Company Feature and boundary tuning for threat detection in industrial asset control system
US10397257B2 (en) 2016-12-07 2019-08-27 General Electric Company Multi-mode boundary selection for threat detection in industrial asset control system
CN106773719A (en) * 2017-01-25 2017-05-31 上海云剑信息技术有限公司 A kind of industrial control system leak automatic mining method based on BP neural network
US10728264B2 (en) * 2017-02-15 2020-07-28 Micro Focus Llc Characterizing behavior anomaly analysis performance based on threat intelligence
CN107067619B (en) * 2017-03-21 2020-02-11 上海斐讯数据通信技术有限公司 Anti-theft method and system based on network
US10476902B2 (en) * 2017-04-26 2019-11-12 General Electric Company Threat detection for a fleet of industrial assets
JP2018185712A (en) * 2017-04-27 2018-11-22 株式会社日立製作所 Security monitoring system and security monitoring method
JP2019030218A (en) * 2017-08-01 2019-02-21 国立大学法人電気通信大学 Physical function exception processing method in cyber physical system such as humanoid robot
DE102017214203A1 (en) * 2017-08-15 2019-02-21 KSB SE & Co. KGaA Cyber attack cavitation protection method and apparatus for performing the method
CN111052116B (en) * 2017-08-18 2023-11-03 日本电信电话株式会社 Illegal intrusion prevention device, illegal intrusion prevention method, and recording medium
US10686806B2 (en) * 2017-08-21 2020-06-16 General Electric Company Multi-class decision system for categorizing industrial asset attack and fault types
US10505955B2 (en) 2017-08-22 2019-12-10 General Electric Company Using virtual sensors to accommodate industrial asset control systems during cyber attacks
US10831890B2 (en) * 2017-09-19 2020-11-10 Palo Alto Research Center Incorporated Method and system for detecting attacks on cyber-physical systems using redundant devices and smart contracts
ES2928107T3 (en) * 2017-11-15 2022-11-15 Ksb Se & Co Kgaa Procedure and device for protection against cyber-attacks from motor-pump groups
CN107798390B (en) 2017-11-22 2023-03-21 创新先进技术有限公司 Training method and device of machine learning model and electronic equipment
CN108055282A (en) * 2017-12-28 2018-05-18 国网浙江省电力有限公司电力科学研究院 Industry control abnormal behaviour analysis method and system based on self study white list
US10785237B2 (en) * 2018-01-19 2020-09-22 General Electric Company Learning method and system for separating independent and dependent attacks
GB2578268B (en) * 2018-01-29 2021-12-29 Ge Aviat Systems Ltd Configurable network switch for industrial control systems including deterministic networks
US10623416B2 (en) 2018-01-31 2020-04-14 International Business Machines Corporation Torrent attack detection
CN110224970B (en) * 2018-03-01 2021-11-23 西门子公司 Safety monitoring method and device for industrial control system
CN110224969A (en) * 2018-03-01 2019-09-10 中兴通讯股份有限公司 The processing method and processing device of data
JP7200496B2 (en) * 2018-03-30 2023-01-10 日本電気株式会社 Information processing device, control method, and program
JP7071876B2 (en) * 2018-05-25 2022-05-19 株式会社東芝 Control system and error factor determination method
EP3611587A1 (en) * 2018-08-16 2020-02-19 Siemens Aktiengesellschaft System for controlling and monitoring of adaptive cyber physical systems
US11297082B2 (en) * 2018-08-17 2022-04-05 Nec Corporation Protocol-independent anomaly detection
US10990668B2 (en) 2018-09-17 2021-04-27 General Electric Company Local and global decision fusion for cyber-physical system abnormality detection
US11171976B2 (en) 2018-10-03 2021-11-09 Raytheon Technologies Corporation Cyber monitor segmented processing for control systems
US10956578B2 (en) 2018-10-05 2021-03-23 General Electric Company Framework for determining resilient manifolds
RU2724075C1 (en) 2018-12-28 2020-06-19 Акционерное общество "Лаборатория Касперского" System and method for determining anomaly source in cyber-physical system having certain characteristics
CN109766694B (en) * 2018-12-29 2021-09-03 北京威努特技术有限公司 Program protocol white list linkage method and device of industrial control host
WO2020209837A1 (en) * 2019-04-09 2020-10-15 Siemens Aktiengesellschaft Industrial process system threat detection
US11343266B2 (en) 2019-06-10 2022-05-24 General Electric Company Self-certified security for assured cyber-physical systems
EP3751813B1 (en) * 2019-06-13 2023-03-22 ABB Schweiz AG Device and method for performing threat detection and/or mitigation
CN113958377B (en) * 2020-07-03 2023-04-07 东方电气股份有限公司 Real-time online monitoring system and method for network security of steam turbine
DE112021005121T5 (en) * 2020-09-29 2023-09-07 Fanuc Corporation Network relay device
JP7438915B2 (en) * 2020-11-05 2024-02-27 株式会社東芝 Information processing equipment, programs and information processing systems
WO2022177991A1 (en) * 2021-02-16 2022-08-25 Ap Cyber Llc Firewall gateway device and related methods for protecting distributed energy resources and other operational technologies against cyberattacks
US11790081B2 (en) 2021-04-14 2023-10-17 General Electric Company Systems and methods for controlling an industrial asset in the presence of a cyber-attack
US12034741B2 (en) 2021-04-21 2024-07-09 Ge Infrastructure Technology Llc System and method for cyberattack detection in a wind turbine control system
EP4120110A1 (en) * 2021-07-12 2023-01-18 Abb Schweiz Ag Opc ua-based anomaly detection and recovery system and method
CN114137934A (en) * 2021-11-23 2022-03-04 国网江西省电力有限公司电力科学研究院 Industrial control system with intrusion detection function and detection method
US12238137B2 (en) 2022-03-16 2025-02-25 Ge Infrastructure Technology Llc Systems and methods for power system switching element anomaly detection
US12058157B1 (en) * 2022-06-03 2024-08-06 Amazon Technologies, Inc. Anomalous computer activity detection and prevention
CN114884754B (en) * 2022-07-11 2022-09-23 深圳特科动力技术有限公司 A Network Security System Based on Intelligent Analysis to Realize Fault Prediction

Family Cites Families (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
IL106617A (en) 1993-08-08 1995-06-29 Israel State Intrusion detector
US6980927B2 (en) 2002-11-27 2005-12-27 Telos Corporation Enhanced system, method and medium for certifying and accrediting requirements compliance utilizing continuous risk assessment
US7657939B2 (en) 2005-03-14 2010-02-02 International Business Machines Corporation Computer security intrusion detection system for remote, on-demand users
EP1902401B1 (en) 2005-05-13 2017-03-29 CryptoMill Inc. Content cryptographic firewall system
EP1897019A4 (en) 2005-05-13 2011-10-05 Cryptomill Technologies Ltd Cryptographic control for mobile storage means
US7966659B1 (en) * 2006-04-18 2011-06-21 Rockwell Automation Technologies, Inc. Distributed learn mode for configuring a firewall, security authority, intrusion detection/prevention devices, and the like
CN101610587B (en) * 2009-07-13 2011-12-07 中兴通讯股份有限公司 Data transmission method based on TDD standard and device thereof
US8112521B2 (en) 2010-02-25 2012-02-07 General Electric Company Method and system for security maintenance in a network
US8712596B2 (en) * 2010-05-20 2014-04-29 Accenture Global Services Limited Malicious attack detection and analysis
US8656492B2 (en) 2011-05-16 2014-02-18 General Electric Company Systems, methods, and apparatus for network intrusion detection
US8949668B2 (en) * 2011-05-23 2015-02-03 The Boeing Company Methods and systems for use in identifying abnormal behavior in a control system including independent comparisons to user policies and an event correlation model
US20130086680A1 (en) 2011-09-30 2013-04-04 General Electric Company System and method for communication in a network
US20130086635A1 (en) 2011-09-30 2013-04-04 General Electric Company System and method for communication in a network

Also Published As

Publication number Publication date
CN104052730B (en) 2019-07-02
CA2844225A1 (en) 2014-09-13
JP2014179074A (en) 2014-09-25
MX2014003067A (en) 2014-09-16
CA2844225C (en) 2020-12-29
US20140283047A1 (en) 2014-09-18
JP6302283B2 (en) 2018-03-28
CN104052730A (en) 2014-09-17
BR102014004682A2 (en) 2016-02-02
BR102014004682A8 (en) 2016-06-21
EP2779569A1 (en) 2014-09-17
US9405900B2 (en) 2016-08-02

Similar Documents

Publication Publication Date Title
IN2014CH01209A (en)
EP3398088A4 (en) Dark web monitoring, analysis and alert system and method
EP4307192A3 (en) System and method for monitoring manufacturing
EP3403308C0 (en) NETWORK MONITORING, DETECTION AND ANALYSIS SYSTEM
GB201708089D0 (en) A Method and system for network access control based on traffic monitoring and vulnerability detection using process related information
EP2943843A4 (en) Method, device and computer program for monitoring an industrial control system
WO2015104691A3 (en) Systems, methods, and devices for detecting anomalies in an industrial control system
PL3001884T3 (en) Method, device and system for monitoring a security gateway
WO2014107468A3 (en) Mobile device speaker control
MX337951B (en) Time-stamped emissions data collection for process control devices.
GB2560477B (en) Unattended object monitoring device, unattended object monitoring system equipped with same, and unattended object monitoring method
WO2015100177A3 (en) Neural watchdog
WO2015083153A3 (en) System and method of monitoring condition of equines
GB2524437A (en) Systems and methods for telematics control and communications
MX2015016699A (en) System and method for controlling and monitoring a field device.
EP2899839A4 (en) BATTERY MANAGEMENT DEVICE, ITS METHOD AND CONTROL PROGRAM, AND BATTERY MONITORING SYSTEM HAVING THE SAME
NZ591390A (en) Method and system for security maintenance in a network
MX374098B (en) BICYCLE STABILITY CONTROL SYSTEMS AND METHODS.
MX2016002634A (en) Method and apparatus for determining maintenance needs and validating the installation of an alarm system.
IN2013MU02326A (en)
DK3151152T3 (en) Non-intrusive software agent for monitoring and detection of cyber security events and cyber-attacks in an industrial control system
WO2014066166A3 (en) Method and apparatus for monitoring network traffic
GB2542535A (en) NOx sensor diagnosis system and method
EP3507665A4 (en) Systems and methods for modeling, analyzing, detecting, and monitoring fluid networks
EP2993818A4 (en) METHOD, SYSTEM AND DEVICE FOR DETERMINING THE TRANSMISSION LINK TYPE