Vision and Fusion Laboratory (IES)

Anomaly detection in industrial production systems

Project Description

With the advent of the 21st century, the fourth industrial revolution began, in which industrial OT networks were connected to office IT networks in order to increase production efficiency and thus quality control. This fusion of different communication networks led to cyber attacks on industrial production systems. "Stuxnet", "CRASHOVERRIDE" are some examples of Advanced Persistent Threats (APTs) with the intention of damaging industrial production systems for financial and political reasons. The announced events of industrial cyber attacks emphasized the need for industrial cyber security research to counter these APTs. Within the framework of the Competence Center for Applied Security Technology (KASTEL) at KIT, the project for the detection of anomalies in industrial production systems was started in cooperation with Fraunhofer IOSB. An analysis framework called Anomaly Detection in Industrial Networks (ADIN) for the analysis of communication traffic in industrial networks to detect anomalies is being developed. We use different techniques of machine learning and artificial intelligence for hybrid analysis to detect anomalies. The framework also supports real-time visualization through one of its components.