Skip to main content


Tuesday 09 April 2024

Specification-based Intrusion Detection for hybrid Industrial control systems

This presentation tackles the question of cybersecurity through network intrusion detection for Industrial Control Systems (ICSs). Our interest arises from the increasing number of cybersecurity incidents targeting ICSs and the need to detect attacks that manipulate the physical process. Such attacks are called process aware attacks: they are sophisticated cyberattacks aiming at disrupting the physical process and inducing incorrect behaviors of the system. 

In our work, we propose a specification-based, process aware, Intrusion Detection System (IDS) for ICSs. Our approach aims to link safety specifications and security properties. Thus, we use international and industry standards specifications concerning local safety, global safety and networks of the industrial process, in order to systematically obtain security properties. The obtained security properties are cybersecurity related requirements. They are translated into security patterns in order to be runtime monitored by our network IDS. We rely on specification language formalism such as Linear Temporal Logic (LTL), Metric Temporal Logic (MTL) and Signal Temporal Logic (STL) to express temporal properties and tackle the hybrid dynamics of ICSs.

Date and place

Tuesday 09 April 2024, 10:00 am.
Amphithéâtre Bergés-B007" ground floor of Ense3, 21 Av. des Martyrs
And Zoom

Jury members

Professeure, CentraleSupelec (Raporteure et Examinatrice)
Professeure, TELECOM Nancy (Examinatrice)
Ludovic MÉ
Chercheur Sénior sur une ARP, Inria Rennes (Examinateur)
Marie-Laure POTET
Professeure, Verimag (Examinatrice)
Stéphane MOCANU
Maître de Conférences, Université Grenoble Alpes (Directeur de Thèse)
Responsable R&I Cyber, Naval Group (Co-encadrant)
Spécialiste Cyber, Naval Group (Co-encadrant)

Submitted on March 22, 2024

Updated on March 22, 2024