A developing trend of traditional industrial systems is the integration of the cyber and physical domain to improve flexibility and the efficiency of supervision, management, and control. But, the deep integration of these industrial cyber-physical systems (ICPSs), increases the potential for security threats. Attack detection, which forms initial protective barrier, plays an important role in overall security protection. However, most traditional methods focused on cyber information and ignored any limitations that might arise from the characteristics of the physical domain. In this paper, an anomaly detection approach based on zone partition is designed for ICPSs. In detail, initially an automated zone partition method, ensuring crucial system states can be observed in more than one zone, is designed. Then, methods of building zone function model, which do not require any prior knowledge of the physical system are presented before analyzing the anomaly based on zone information. Finally, an experimental rig is constructed to verify the effectiveness of the proposed approach. The results demonstrate that the approach presents a high-accuracy solution, which also performs effectively in real time.

• 出版日期2018-5
• 单位华中科技大学