Anomaly behavior detection and reliability assessment of control systems based on association rules

Because of the high integration of control, communication, computer and network technology, how to deal with various anomaly behaviors of control systems is a problem that should be solved by researchers. Especially some activities such as data injections, DoS attacks and device failure must be considered. Based on the analysis of dynamic behaviors of industrial process control systems with varying process state variables, a data mining method is proposed on summarizing normal behavior features of the control systems. Depending on association rules, a similarity factor is formulated using a real-time data mining method for describing the likeness between real-time frequent itemsets and normal frequent item-sets. Representative values of change behaviors for process variables and the corresponding generation method are illustrated in detail. On the basis of comparison between several real-time frequent itemsets and the normal frequent itemsets, a reliability parameter is given to describe the abnormal status of a control system within a certain time. Simulation results show that the proposed method can detect anomaly behaviors of a process control system in time, which has practical significance in industrial applications. (C) 2018 Published by Elsevier B.V.