IDS for ICS
- PLC - contains PLC scripts
- ML - contains IDS Machine Learning scripts
Industrial Control Systems (ICSs) have recently been embedding common IT solutions for cost-performance reasons. This made them more accessible for the outside world, and more prone to its problems. As malware becomes more advanced and selective, this research proposes anomaly detection at the direct data going into- and coming from the process devices. This results in an Intrusion Detection System (IDS) which monitors independent, raw and integer data. This IDS contains unsupervised machine learning in order to inspect different types of data and is implemented on a relatively cheap Raspberry Pi 3. Therefore, it creates the possibility to implement this in front of every process device in an ICS and achieving overall anomaly detection. The advantages of this IDS are examined through a literature study and answer the research question: "What are the advantages of anomaly detection between the controlling unit and its process devices?". Thereafter, the feasibility of the IDS is tested in the proof of concept and proven by the results. Further research should be conducted to transform this suggested IDS into a business case. Hence, the IDS can be a positive addition to the currently available security solutions.