Skip to content

Home

Jump to bottom
Abdul Rahman ArM edited this page Aug 10, 2022 · 3 revisions

Welcome to the AI4OT wiki!

#THEME BACKGROUND:

In addition to size and scope, OT networks involve myriad types of devices connecting to their networks. Signature-based cybersecurity solutions are unlikely to deliver the requisite performance to detect new attack vectors (zero-day exploits). Artificial Intelligence can help discover devices and hidden patterns while processing large amounts of data. Machine Learning can help monitor incoming and outgoing traffic for any deviations in behavior in the OT ecosystem. If a threat or anomaly is detected, alarms are to be sent to security admins warning them about the suspicious traffic. AI and ML can be used to build lightweight endpoint detection technologies. This can be an indispensable solution, especially in situations where OT devices lack the processing power and need behavior-based detection capabilities that aren't as resource intensive.

Problem Statement ÔÇ£Build AI-based tool to help discover devices and hidden patterns while processing large amounts of real-time pipeline operational data (Industrial protocols such as DNP 3.0, Modbus, IEC 101). The tool should help in monitoring incoming and outgoing traffic for any deviations in behavior in the OT ecosystem. If a threat or anomaly is detected, alarms should be sent to the security admin warning them about the suspicious traffic. The tool should also suggest corrective actions/steps be taken in order to thwart or minimize the attackÔÇÖs intensity and damage to the OT systems. Further, the tool should have an in-built dashboard facility to display logs/reports to help the admin in carrying out the diagnosis.

Protocol is a language in which computer systems talk with each other. types of protocols given to us -> Modbus, IEC101,DNP3

we are using Modbus port as its a newer protocol compared to DNP3 and its easier to use compared to DNP3

so where are these protocols used in the industry? Anywhere where we have to read and write data to and from the devices to control and monitor their activities

for example: an industrial system using pumps to control the water level in their plant, uses different sensors to monitor the level of water so in this case, the water pump and the sensor can be connected to systems different systems which are connected to a common center(say Master station). The master station controls the water pump and the sensor readings, these i/o signals are sent on protocols like Modbus, IEC101, and DNP3.

Master stations are a key component of the OT system. As Master stations are able to pull information from other devices and put it is on a screen for managing Operations.

Previous OT attacks:

Ignalina nuclear power plant (1992): image image

Clone this wiki locally