The degree of sophistication of modern cyber-attacks has increased in recent years – in the future, these attacks will increasingly target CPS. Unfortunately, today’s security solutions that are used for enterprise IT infrastructures are not sufficient to protect CPS, which have largely different properties, involve heterogeneous technologies, and have an architecture that is very much shaped to specific physical processes.
The objective of synERGY is to develop new methods, tools and processes for cross-layer Anomaly Detection (AD) to enable the early discovery of both cyber- and physical-attacks with impact on CPS. To achieve this, synERGY will develop novel machine learning approaches to understand a system’s normal behaviour and detect consequences of security issues as deviations from the norm.
The solution proposed by synERGY will flexibly adapt itself to specific CPS layers, thus improving its detection capabilities. Moreover, synERGY will interface with various organizational data sources, such as asset databases, configuration management, and risk data to facilitate the semi-automatic interpretation of detected anomalies. The synERGY approach will be evaluated in real smart grid vendor environments – a societally important CPS. We propose, because of the approach taken in the project, the synERGY results will be readily applicable to a wide range of CPS in value networks, and will thus result in broader impact on future CPS security solutions.