Skip to main content

Towards Safer Industrial Serial Networks: An Expert System Framework for Anomaly Detection

Moura, Ralf Luis de, Franqueira, Virginia N. L., Pessin, Gustavo (2021) Towards Safer Industrial Serial Networks: An Expert System Framework for Anomaly Detection. In: Proceedings: 2021 IEEE 33rd International Conference on Tools with Artificial Intelligence ICTAI 2021. . IEEE (doi:10.1109/ICTAI52525.2021.00189) (KAR id:90285)

PDF Author's Accepted Manuscript
Language: English
Download (1MB) Preview
[thumbnail of IEEE_ICTAI-2021_paper_243.pdf]
This file may not be suitable for users of assistive technology.
Request an accessible format
Official URL


Cyber security is a topic of increasing relevance in relation to industrial networks. The higher intensity and intelligent use of data pushed by smart technology (Industry 4.0) together with an augmented integration between the operational technology (production) and the information technology (business) parts of the network have considerably raised the level of vulnerabilities. On the other hand, many industrial facilities still use serial networks as underlying communication system, and they are notoriously limited from a cyber security perspective since protection mechanisms available for TCP/IP communication do not apply. Therefore, an attacker gaining access to a serial network can easily control the industrial components, potentially causing catastrophic incidents, jeopardizing assets and human lives. This study proposes a framework to act as an anomaly detection system (ADS) for industrial serial networks. It has three ingredients: an unsupervised K-means component to analyse message content, a knowledge-based expert system component to analyse message metadata, and a voting process to generate alerts for security incidents, anomalous states, and faults. The framework was evaluated using the Profibus-DP, a network simulator which implements a serial bus system. Results for the simulated traffic were promising: 99.90% for accuracy, 99,64% for precision, and 99.28% for F1-Score. They indicate feasibility of the framework applied to serial-based industrial networks.

Item Type: Conference or workshop item (Proceeding)
DOI/Identification number: 10.1109/ICTAI52525.2021.00189
Additional information: Conference: Item has to be updated when publication details become available.
Uncontrolled keywords: Cyber security, Anomaly Detection Systems, Industrial Serial-based networks, Expert Systems, Profibus-DP
Subjects: Q Science > QA Mathematics (inc Computing science)
Divisions: Divisions > Division of Computing, Engineering and Mathematical Sciences > School of Computing
Depositing User: Virginia Franqueira
Date Deposited: 21 Sep 2021 07:37 UTC
Last Modified: 09 Feb 2022 16:12 UTC
Resource URI: (The current URI for this page, for reference purposes)
Moura, Ralf Luis de:
Franqueira, Virginia N. L.:
  • Depositors only (login required):


Downloads per month over past year