Research Assistant Professor Fan Zhang has been awarded a UT Research Foundation (UTRF) Technology Maturation Grant for her research “A Compact and Non-Intrusive Anomaly Detection Device for Digital Industrial Assets.” The 2021 grant is for improving the technology used in the patent and making a minimum viable product.
The controllers used in industrial infrastructure—such as Programmable Logic Controllers that are used to control actuators like pumps in industrial processes—are commonly left undefended within the innermost layers of an industrial plant’s operational control network.
These controllers commonly operate in a trust-based ecosystem, where it is assumed that other equipment communicating on the network is trustworthy. However, historical cyber-attacks towards these assets have shown how vulnerable industrial processes are.
“During the COVID-19 pandemic, remote work has shown the importance of ensuring that industrial infrastructure remains resilient,” said Zhang. “Industrial cybersecurity still has many challenges that make public-facing common defensive tools unusable or even harmful. I hope that my research and technology will be useful in further protecting the infrastructure we all rely upon. Winning this award definitely accelerates that.”
The proposed device can be attached to the controller to monitor the process and detect anomalies using machine learning algorithms based on data. Currently, all other cyber-attack detection technology focuses on using network data or host system data, which is not effective when the cyber-attack leaves no trace, such as an attack done by an insider.
These existing solutions monitor the whole system and run the machine learning algorithms on a centralized platform, which increases the attack surface and is subject to data availability and high computing cost. Therefore, the proposed localized technology provides a minimum attack surface and is not subject to data availability.
Zhang’s technology can be widely used in industrial control systems used in power plants, oil and gas production, water treatment facilities, and raw material processes such as steel production. The technology is currently under a patent filing process with UTRF.
A Knoxville start-up company, Sentinel Devices LLC, which develops edge-based industrial internet-of-things cybersecurity systems, has a research license agreement with UTRF for the technology.