Monitoring and Diagnosing SCADA Systems

Project Summary

In the control of infrastructure systems, an automation system, often referred to as a process control system (PCS) or supervisory control and data acquisition (SCADA) system, is critical to the safe, reliable, and efficient operation of many physical processes. PCS and SCADA are used extensively in such infrastructures as electric power, water, petroleum and natural gas, as well as in various manufacturing operations, and its use is growing in these sectors. The typical interpretation of the term "SCADA" includes the overall collection of control systems that measure, report, and change the processes. Essentially, any subsystem that electronically measures state, alters process control parameters, presents/stores/communicates data, or the management thereof, is subsumed in this projects concept of SCADA.

Monitoring and diagnosing normal and faulty behaviors in large-scale distributed infrastructures is a difficult technical problem. Among the difficulties are the facts that events are asynchronous and ambiguous with respect to causes and the behaviors, as describable by process models, are difficult to catalogue, represent and detect in realtime on a large scale. Researchers at the Thayer School of Engineering at Dartmouth have developed a powerful event correlation engine that can aggregate reports and event data from multiple heterogeneous distributed sensors, associate those events with dynamic process models and determine which combination of behaviors are most likely generating the observed event stream. This technology, called "Process Query Systems", has been implemented in software and demonstrated on network security, vehicle tracking and airborne plume detection (by a distributed sensor network) applications already. Dartmouth researchers will apply the Process Query System technology to the problem of monitoring and fault detection and diagnosis in large-scale distributed SCADA systems.

• Principal Investigator: George Cybenko