Consistency Analysis in Control Systems During Normal Operation
First Claim
Patent Images
1. An apparatus for detecting subversions of a system under control comprising:
- one or more data communication interfaces wherein at least one interface is configured to receive data from one or more sensors of one or more parameters of the system and at least one interface is configured to transmit control data to one or more effectors of the system;
stored perturbation information specifying how to determine allowable intentional alterations of effector control data and specifying how to determine expected sensor data that would result from the alterations;
one or more logic modules collectively configured to transmit and receive data on one or more data communication interfaces, to use the stored perturbation information, to apply the perturbations, to determine the expected sensor data, and to use the received data to perform one or more consistency checks between expected or predicted sensor data and detected sensor data as a result of alterations;
an output generator of said logic processor producing output identifying one or more of;
presence of, absence of, or details regarding inconsistencies detected.
2 Assignments
0 Petitions
Accused Products
Abstract
A consistency analysis system provides consistency analysis for a control system that includes sensors for monitoring a number of different physical parameters. The analysis system uses a rules set and overlapping or redundant sensor data to determine alterations in system behavior or parameters even in the presence of subversion designed to alter or hide sensor trace data. Specific embodiments deliberate perturb the system or alters sensor data in order to detect whether other system or sensor data responds consistently to the perturbation. Specific embodiments also comprise associated methods performed by logic apparatus.
-
Citations
21 Claims
-
1. An apparatus for detecting subversions of a system under control comprising:
-
one or more data communication interfaces wherein at least one interface is configured to receive data from one or more sensors of one or more parameters of the system and at least one interface is configured to transmit control data to one or more effectors of the system; stored perturbation information specifying how to determine allowable intentional alterations of effector control data and specifying how to determine expected sensor data that would result from the alterations; one or more logic modules collectively configured to transmit and receive data on one or more data communication interfaces, to use the stored perturbation information, to apply the perturbations, to determine the expected sensor data, and to use the received data to perform one or more consistency checks between expected or predicted sensor data and detected sensor data as a result of alterations; an output generator of said logic processor producing output identifying one or more of;
presence of, absence of, or details regarding inconsistencies detected. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A security system for a controlled system comprising:
-
control system data storage storing default and configuration data of the controlled system; perturbations data storage storing data regarding one or more perturbations and expected responses for the perturbations; control system interfaces configured to communicate with a plurality of sensors and effectors operating in a system under control; consistency data storage storing data for consistency analysis of data traces from the plurality of sensors and effectors and other available controlled system data; security system processor or processors comprising one or more processing elements, wherein the security system processor or processors is in communication with the data storage and the control system interfaces and wherein the security system processor is programmed or adapted to perform the steps comprising; receiving control system data from said one or more sensors and effectors; performing a consistency analysis on the control system data; reading one or more perturbations from said perturbation data storage; selecting one or more perturbation routines; causing the selected one or more perturbation routines to be executed, wherein the selected one or more perturbation routines can be executed by the control system, the security system, or by combinations thereof; wherein the selected one or more perturbation routines are expected to cause at least one detectable response in one or more effectors or sensors, without causing operation of said controlled system outside of allowed parameters; receiving control system data from said one or more sensors and effectors under perturbation; performing an expectancy and/or consistency analysis on the control system data under perturbation; reporting results of the expectancy and/or consistency analysis on the control system data under perturbation when any value indicates an unexpected and/or inconsistent result to the perturbation.
-
-
13. Non-transitory machine-accessible and readable media comprising software that, when executed by a control system with logic processing and data interface capabilities and operating on a system under control, configures the control system to:
-
apply one or more deliberate alterations to the system under control; read sensor data from one or more sensors connected to the system under control; use consistency data to determine if the sensor data is consistent with the one or more deliberate alterations; and report one or more of presence of, absence of, or details regarding any inconsistencies detected.
-
-
14. A method for detecting subversions of a system under control comprising:
-
applying one or more deliberate alterations to the system; reading sensor data from one or more sensors connected to the system; using consistency data to determine if the sensor data is consistent with the one or more deliberate alterations; reporting one or more of presence of, absence of, or details regarding any inconsistencies detected. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21)
-
Specification