WEBVTT

1
00:00:13.316 --> 00:00:14.776
My name is Erik Ferragut.

2
00:00:14.836 --> 00:00:16.766
I'm an applied research mathematician

3
00:00:16.766 --> 00:00:18.326
at Oak Ridge National Laboratory.

4
00:00:18.816 --> 00:00:20.896
CPAD is a technology

5
00:00:20.896 --> 00:00:23.636
for detecting real-time cyber-physical

6
00:00:23.636 --> 00:00:24.526
integrity attacks

7
00:00:24.606 --> 00:00:26.396
in your system using data

8
00:00:26.396 --> 00:00:27.646
that you are already collecting.

9
00:00:27.846 --> 00:00:29.326
The problem of data integrity is

10
00:00:29.326 --> 00:00:31.236
something that you see across lots

11
00:00:31.236 --> 00:00:33.276
of cyber-physical systems.

12
00:00:33.276 --> 00:00:34.956
Our technology uses machine learning

13
00:00:35.256 --> 00:00:37.416
to look across the variety of sensors

14
00:00:37.416 --> 00:00:38.846
in a cyber-physical system.

15
00:00:39.016 --> 00:00:41.166
We then learn the relationships among

16
00:00:41.166 --> 00:00:42.636
those sensors, the correlations

17
00:00:42.636 --> 00:00:44.136
and constraints that have to hold.

18
00:00:44.866 --> 00:00:46.966
And using that model that we build,

19
00:00:46.966 --> 00:00:48.916
we can apply it to real streaming data

20
00:00:49.366 --> 00:00:52.096
to alert whenever there's a deviation

21
00:00:52.146 --> 00:00:53.116
from what has to hold

22
00:00:53.116 --> 00:00:54.876
in the physically realizable state.

23
00:00:55.166 --> 00:00:58.116
Our approach to detecting integrity

24
00:00:58.116 --> 00:00:59.466
attacks is different because we look

25
00:00:59.466 --> 00:01:02.726
across all of the sensors and are able

26
00:01:02.726 --> 00:01:04.546
to use those correlations to identify

27
00:01:05.196 --> 00:01:07.396
when there's a deviation from normal.

28
00:01:07.666 --> 00:01:08.726
Compared to other methods,

29
00:01:08.726 --> 00:01:12.626
we found we can get 30 plus times

30
00:01:12.626 --> 00:01:15.426
as accurate in identifying whether there

31
00:01:15.526 --> 00:01:17.946
was an attack and where in your system

32
00:01:17.946 --> 00:01:18.846
that attack occurred.

33
00:01:19.066 --> 00:01:22.506
We've tested this on both simulated

34
00:01:22.506 --> 00:01:25.326
and real data and found 99 percent

35
00:01:25.326 --> 00:01:26.996
accuracy in the simulated data,

36
00:01:26.996 --> 00:01:29.056
87 percent accuracy in the real data,

37
00:01:29.436 --> 00:01:31.016
and we're still working on ways

38
00:01:31.016 --> 00:01:31.866
of improving that.

39
00:01:32.596 --> 00:01:33.666
CPAD allows you

40
00:01:33.666 --> 00:01:36.446
to do real-time data integrity attack

41
00:01:36.586 --> 00:01:38.756
detection on your cyber-physical system.

42
00:01:39.016 --> 00:01:39.796
And you can do it

43
00:01:39.796 --> 00:01:41.196
with data you're already collecting.