关键词: 工业控制系统, 异常检测, 数字孪生, 长短期记忆模型, 双容水箱控制系统

Abstract: In recent years, the industrial control system (ICS) has been facing a huge threat of information security. the anomaly detection technology for ICS has become a research focus in this field. Meanwhile, the amount of data collected by ICS has increased sharply. However, the anomaly operation data sample is still missing. The anomaly detection system is difficult to obtain ICS operation data in realtime, which increases the difficulty of ICS anomaly detection. Therefore, based on the digital twin technology, the digital twindriven anomaly detection framework for the industrial control system is proposed. To get the anomaly sample, the digital twin module for anomaly detection is designed using digital twins’ virtual and reality consistency. Then, the anomaly detection module in the attack state is designed to realize online anomaly detecting combined with the realtime interactive data of digital twins. Finally, taking the double tank control system as the experimental object, the feasibility and effectiveness of the proposed method are verified by experiments using WinCC, Unity3D, MySQL, and other development environments.

Key words: industrial control system, anomaly detection, digital twin, long short term memory model, double tank control system