Designing an Intrusion Detection for an Adjustable Speed Drive System Controlling a Critical Process

Abstract

In this article, we address the cyber-security problem of industrial control systems (ICSs) when their sensor measurements may be compromised due to an attacker who has intercepted those measurements via a network. We introduce a general-purpose method 'Dynamic Watermarking (DW)' to detect potential cyber-intrusions on speed sensor measurements within industrial control systems, which deploy an adjustable speed drive (ASD) to control a critical process. The DW method is injecting a random private low-amplitude signal with a zero mean Gaussian distribution, 'watermark', into one of the input phase voltages powering the ASD system. The watermark signal propagates through the system including pulse width modulation (PWM) power conversion stage and motor, then ultimately appears in the speed sensor measurements. By deploying two statistical DW tests with two proper thresholds, the system can detect potential cyber-intrusions or unobservable cyber-attacks such as replay attacks and false data injection attacks (FDIA). The DW method tested on a laboratory-scale ASD system experimentally to protect the system against cyber-intrusions. This system, powered by a commercial PWM drive operating at 208 V, 3-phase, and 3.7 kW, served as our experimental platform.