Journal ArticleOPEN ACCESS

A log mining approach for process monitoring in SCADA

International Journal of Information Security (2012) 11(4) 231-251
DOI: 10.1007/s10207-012-0163-8
59Citations
Citations of this article
97Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

SCADA (supervisory control and data acquisition) systems are used for controlling and monitoring industrial processes. We propose a methodology to systematically identify potential process-related threats in SCADA. Process-related threats take place when an attacker gains user access rights and performs actions, which look legitimate, but which are intended to disrupt the SCADA process. To detect such threats, we propose a semi-automated approach of log processing. We conduct experiments on a real-life water treatment facility. A preliminary case study suggests that our approach is effective in detecting anomalous events that might alter the regular process workflow. © 2012 The Author(s).

Author supplied keywords

Cite

CITATION STYLE

APA

Hadžiosmanović, D., Bolzoni, D., & Hartel, P. H. (2012). A log mining approach for process monitoring in SCADA. International Journal of Information Security, 11(4), 231–251. https://doi.org/10.1007/s10207-012-0163-8

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free