Unlock instant, AI-driven research and patent intelligence for your innovation.

Safety monitoring method and device for industrial control system

An industrial control system and safety monitoring technology, applied in the field of industrial safety, to achieve high efficiency, accurate analysis results, and reduce the amount of data processing

Active Publication Date: 2019-09-10
SIEMENS AG
View PDF10 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Because the technology analyzes a large amount of network traffic, by the time anomalous behavior that deviates from the baseline behavior is detected, the anomalous behavior has existed for a long time, and a network attack may have already occurred

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Safety monitoring method and device for industrial control system
  • Safety monitoring method and device for industrial control system
  • Safety monitoring method and device for industrial control system

Examples

Experimental program
Comparison scheme
Effect test

example 1

[0082] Example 1. No security incident occurred

[0083] According to the result 401 of the first statistics, in the target time period 601 (1:30-1:45 on January 20, 2018), the flow rate of the network protocol P2 is low, and the user operates on the result 401 of the first statistics, select The target time period 601 and the network protocol P2 are specified. The security monitoring device 20 further collects statistics on at least one second feature (C21 retransmission rate, C22 packet loss rate, and C23 ratio of sensitive operations in industrial control). In the target time period 601, the values ​​of the three features (which may be the statistical average value of the time period) are respectively:

[0084] C21=5%;

[0085] C22 = 1%;

[0086] C23 = 1.5%.

[0087] At 1:30-1:45 on January 19, 2018 corresponding to the target time period 601, the values ​​of the three features are:

[0088] C21'=0.1%;

[0089] C22' = 0.1%;

[0090] C23' = 1%.

[0091] The degrees...

example 2

[0102] Example 2. A security incident occurs

[0103] For example: according to the result 401 of the first statistics, in the target time period 601 (2:30-2:45 on January 20, 2018), the flow rate of the network protocol P2 is relatively high, and the user operates on the result 401 of the first statistics , the target time period 601 and the network protocol P2 are selected. The security monitoring device 20 further collects statistics on at least one second feature (C21 retransmission rate, C22 packet loss rate, and C23 ratio of sensitive operations in industrial control). In the target time period 601, the values ​​of the three features (which may be the statistical average value of the time period) are respectively:

[0104] C21 = 0.15%;

[0105] C22 = 0.08%;

[0106] C23 = 10%.

[0107] At 2:30-2:45 on January 19, 2018 corresponding to the target time period 601, the values ​​of the three features are:

[0108] C21'=0.12%;

[0109] C22' = 0.1%;

[0110] C23' = 1%...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to the technical field of industrial safety, in particular to a safety monitoring method and device for an industrial control system, and has the advantage of quickly and accurately detecting abnormal behaviors of the industrial control system. The method provided by the embodiment of the invention comprises the steps that the method is adopted. First data (301) generated bythe industrial control system (10) in the operation process is subjected to first statistics. A result (401) of the first statistics is provided to a user. An operation (501) of the user on the result(401) of the first statistics is acquired. A target time period (601) involved in the first statistics and second data (302) satisfying a preset condition (502) in the first data (301) is determinedaccording to the operation (501). A second statistical result of the target time period (601) is acquired and safety analysis is carried out by the industrial control system (10) according to the second statistical result.

Description

technical field [0001] The invention relates to the technical field of industrial safety, in particular to a safety monitoring method and device for an industrial control system. Background technique [0002] During the security monitoring of an industrial control system, network traffic and device logs can be collected from the industrial control system, and the abnormal behavior of the industrial control system can be analyzed using a rule-based automatic analysis engine. Among them, the rules are usually pre-set, so only known attacks and abnormal behaviors can be identified, but unknown attacks and abnormal behaviors cannot be identified. [0003] Some techniques propose to analyze based on the characteristics of network traffic. Analyze anomalous behavior of industrial control systems by monitoring network traffic. Because the technology analyzes large volumes of network traffic, by the time anomalous behavior that deviates from baseline behavior is detected, the anom...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1425H04L63/1416G05B23/0216G05B23/0221G06F3/0488
Inventor 郭代飞
Owner SIEMENS AG