Digital Twins of Cyber-Physical Systems in Smart Manufacturing: Threat Simulation and Detection via Deep Learning for Time Series Classification
Our research aims to overcome the limitations of physical testbeds and challenges of data scarcity for Machine Learning (ML) or Deep Learning (DL) model development.
By leveraging Digital Twins for data-driven analysis, this study proposes the use of supervised DL techniques for accurate threat detection and classification in CPS within smart manufacturing.
This GitHub repository provides a Proof-of-Concept (POC) about the setup of the Digital Twins testbed. The setup guide enables the cybersecurity community to replicate and broaden our methodology, thus enhancing security measures in smart manufacturing ecosystems.
You will need the following hardware and software for setting up the Digital Twins testbed:
-
Factory I/O 3D Simulator (30-day free trial for Ultimate Edition, the monthly licence fee for Ultimate Edition is €28. There are many readily made scene in Factory I/O. This project build a quality checking scene from scratch.)
-
OpenPLC Programmable Logic Controller Simulator (completely free of charge. Thanks Dr. Thiago Alves for providing a low cost industrial PLC for automation and research.)
-
Raspberry Pi for hosting OpenPLC (At the moment, Raspberry Pi 4 is the most stable platform for OpenPLC, it costs around £60. OpenPLC is yet to work on Raspberry Pi 5 due to dependency on WiringPi. If you like, you could also use other microcontrollers such as Arduino to set up the PLC simulator with OpenPLC. Another option is using industrial grade PLC, such as those manufactured by Siemens, Allen-Bradley, to replace OpenPLC but it would be comparatively expensive than using OpenPLC)
- Install and run Raspberry Pi OS (Debian Bullseye with Raspberry Pi Desktop on Raspberry Pi 4
- Install and setup OpenPLC Runtime on Raspberry Pi 4. Refer to installation manual and OpenPLC YouTube videos for explanation. Refer to settings for Slave Device on OpenPLC for more details.
- Unzip FactoryIO_E1.zip to get the Factory I/O runtime file, upload the program named 655575.st onto OpenPLC Runtime.
- Install and run Factory I/O on computer that meets the system requirements
- Download and open the FactoryIOE1_5V.factoryio. It is a quality checking scene that we have created.
- Start the connection and run the file. Refer to the UWECyber YouTube playlist if you want to learn more about how to run your own Factory I/O scenes.
- Turn on Web server in Factory I/O with the app.web_server = True on Factory I/O's console.
The Core Elements of Factory I/O Testbed
- You can manually control the scene or via the OpenPLC Monitoring page.
- During the simulation, run the data collector python script. It will scrape data from Factory I/O's API. Amend the code if you want to collect more or less data. You will get a csv file after 1 minute of simulation.
- After all your simulations, run the combineCSV python script to merge all csv file into 1 file.
- Filter the data with filtering script. The raw data file is named "Raw data.zip" for your reference.
- Check if there are any missing records or errors. If no, the csv file is ready for your threat detection.
- The file ready for you to train your threat detection tool is named factoryiodata.csv.
Automation Task in the Factory I/O Quality Checking Scene
We have used sktime to train and test time series classifers with the csv dataset. Refer to the Google Colab notebooks (.ipynb files) in this GitHub for the details.
Our detection tool is trying to detect the following cases:
- Label #1 - 'Sensors_NormalSpeed': use potentiometer with normal conveyor speed.
- Label #2 - 'Sensors_TooSlowOrStop':use potentiometer with conveyor speed too slow or stopped.
- Label #3 - 'Sensors_Oscillate': use potentiometer with conveyor speed up and down illogically.
- Label #4 - 'Sensors_WrongDirection': use potentiometer with conveyor going the reverse direction.
- Label #5 - 'ForcedActuator_Normal': force actuator value with normal conveyor speed.
- Label #6 - 'ForcedActuator_TooSlowOrStop': force actuator value with conveyor speed too slow or stopped.
- Label #7 - 'ForcedActuator_TooFast': force actuator value with conveyor speed too fast.
- Label #8 - 'ForcedActuator_ExtremelyFast': force actuator value with conveyor speed extremely fast.
- Label #9 - 'ForcedActuator_Oscillate': force actuator value with conveyor speed up and down illogically.
- Label #10 - 'ForcedActuator_WrongDirection': force actuator value with conveyor going the reverse direction.
Refer to Model Pickle.zip for the saved model.
Impact of Manipulating the Conveyor Belt's Speed or Direction
