ICSML: Industrial Control Systems ML Framework for native inference using IEC 61131-3 code

Constantine Doumanidis, Prashant Hari Narayan Rajput, Michail Maniatakos

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Industrial Control Systems (ICS) have played a catalytic role in enabling the 4th Industrial Revolution. ICS devices like Programmable Logic Controllers (PLCs), automate, monitor, and control critical processes in industrial, energy, and commercial environments. The convergence of traditional Operational Technology (OT) with Information Technology (IT) has opened a new and unique threat landscape. This has inspired defense research that focuses heavily on Machine Learning (ML) based anomaly detection methods that run on external IT hardware, which means an increase in costs and the further expansion of the threat landscape. To remove this requirement, we introduce the ICS machine learning inference framework (ICSML) which enables executing ML model inference natively on the PLC. ICSML is implemented in IEC 61131-3 code and provides several optimizations to bypass the limitations imposed by the domain-specific languages. Therefore, it works on every PLC without the need for vendor support. ICSML provides a complete set of components for creating full ML models similarly to established ML frameworks. We run a series of benchmarks studying memory and performance, and compare our solution to the TFLite inference framework. At the same time, we develop domain-specific model optimizations to improve the efficiency of ICSML. To demonstrate the abilities of ICSML, we evaluate a case study of a real defense for process-aware attacks targeting a desalination plant.

Original languageEnglish (US)
Title of host publicationCPSS 2023 - Proceedings of the 9th ACM ASIA Conference on Cyber-Physical System Security Workshop
PublisherAssociation for Computing Machinery, Inc
Pages60-71
Number of pages12
ISBN (Electronic)9798400700903
DOIs
StatePublished - Jul 10 2023
Event9th ACM ASIA Conference on Cyber-Physical System Security Workshop, CPSS 2023 - Melbourne, Australia
Duration: Jul 10 2023 → …

Publication series

NameCPSS 2023 - Proceedings of the 9th ACM ASIA Conference on Cyber-Physical System Security Workshop

Conference

Conference9th ACM ASIA Conference on Cyber-Physical System Security Workshop, CPSS 2023
Country/TerritoryAustralia
CityMelbourne
Period7/10/23 → …

Keywords

  • anomaly detection
  • framework
  • industrial control systems
  • machine learning

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Computer Science Applications
  • Information Systems
  • Software

Fingerprint

Dive into the research topics of 'ICSML: Industrial Control Systems ML Framework for native inference using IEC 61131-3 code'. Together they form a unique fingerprint.

Cite this