Document Type



Cyberattacks on control systems in the chemical process industries cause concern regarding how they can impact finances, safety, and production levels of companies. A key practical challenge for cyberattack detection and handling using process information is that process behavior evolves over time. Conceivably, changes in process dynamics might cause some detection strategies to flag a change in the dynamics as an attack due to the new data appearing abnormal compared to data from before the dynamics changed. In this work, we utilize several case studies to probe the question of what might be the impacts, benefits, and limitations of cyberattack detection and handling policies when the process dynamics change over time. The goal of this work is to characterize, through simulation studies, characteristics, which might be desirable and undesirable in cyberattack detection and handling procedures when process evolution is inevitable. We demonstrate challenges with cyberattack detection when process dynamics change and subsequently, discuss two concepts for handling attacks—one which utilizes a two-tier detection strategy in which model reidentification is triggered when it is not clear whether an attack or a change in the process dynamics has occurred, and one in which control signals are injected at intervals by the actuators. We utilize simulations to elucidate characteristics of these strategies and demonstrate that verifiability of attack-handling methods is key to their implementation (i.e., ad hoc tuning has potential to leave vulnerabilities which an attacker might locate and exploit).


Manufacturing | Systems Engineering


This is the peer reviewed version of the following article: H. Oyama, K. K. Rangan, H. Durand, J Adv Manuf Process 2021, 3(3), e10099, which has been published in final form at This article may be used for non-commercial purposes in accordance with Wiley Terms and Conditions for Use of Self-Archived Versions. This article may not be enhanced, enriched or otherwise transformed into a derivative work, without express permission from Wiley or by statutory rights under applicable legislation. Copyright notices must not be removed, obscured or modified. The article must be linked to Wiley’s version of record on Wiley Online Library and any embedding, framing or otherwise making available the article or pages thereof by third parties from platforms, services and websites other than Wiley Online Library must be prohibited.