Aller au contenu principal

Estelle HOTELLIER

Tuesday 09 April 2024

Specification-based Intrusion Detection for hybrid Industrial control systems

This presentation tackles the question of cybersecurity through network intrusion detection for Industrial Control Systems (ICSs). Our interest arises from the increasing number of cybersecurity incidents targeting ICSs and the need to detect attacks that manipulate the physical process. Such attacks are called process aware attacks: they are sophisticated cyberattacks aiming at disrupting the physical process and inducing incorrect behaviors of the system. 

In our work, we propose a specification-based, process aware, Intrusion Detection System (IDS) for ICSs. Our approach aims to link safety specifications and security properties. Thus, we use international and industry standards specifications concerning local safety, global safety and networks of the industrial process, in order to systematically obtain security properties. The obtained security properties are cybersecurity related requirements. They are translated into security patterns in order to be runtime monitored by our network IDS. We rely on specification language formalism such as Linear Temporal Logic (LTL), Metric Temporal Logic (MTL) and Signal Temporal Logic (STL) to express temporal properties and tackle the hybrid dynamics of ICSs.

Date and place

Tuesday 09 April 2024, 10:00 am.
Amphithéâtre Bergés-B007" ground floor of Ense3, 21 Av. des Martyrs
Grenoble
And Zoom

Jury members

Valérie VIÊT TRIÊM TÔNG
Professeure, CentraleSupelec (Raporteure et Examinatrice)
Isabelle CHRISMENT
Professeure, TELECOM Nancy (Examinatrice)
Ludovic MÉ
Chercheur Sénior sur une ARP, Inria Rennes (Examinateur)
Marie-Laure POTET
Professeure, Verimag (Examinatrice)
Stéphane MOCANU
Maître de Conférences, Université Grenoble Alpes (Directeur de Thèse)
Julien FRANCQ
Responsable R&I Cyber, Naval Group (Co-encadrant)
Franck SICARD
Spécialiste Cyber, Naval Group (Co-encadrant)

Publié le 22 mars 2024

Mis à jour le 14 mai 2024