Automatic Recovery of Run-time Threats in Distributed Industrial Control Systems
Conference
Raptis, GE, Khan, MT, Koulamas, C et al. (2025). Automatic Recovery of Run-time Threats in Distributed Industrial Control Systems
. 10.1109/ETFA65518.2025.11205628
Raptis, GE, Khan, MT, Koulamas, C et al. (2025). Automatic Recovery of Run-time Threats in Distributed Industrial Control Systems
. 10.1109/ETFA65518.2025.11205628
Over the past few years, the transition from centralized to distributed industrial control systems (ICS) has introduced new challenges related to coordination, communication reliability, and cybersecurity. These challenges include conditions such as deadlocks and livelocks, which adversaries can exploit to compromise ICS safety and availability. To ensure secure and resilient operations in distributed ICS, run-time monitoring must go beyond detection to include responsive recovery. In this paper, we extend the ASM2S framework, a model-based inline security monitoring approach, by integrating recovery capabilities directly into the monitoring loop. Our approach uses formal specifications to allow system behavior, threat conditions, and recovery actions to be explicitly defined and evaluated at run-time. We demonstrate the approach using a water distribution system use case. Our work enhances the run-time assurance of distributed ICS by enabling automatic detection and recovery from security violations, offering a robust foundation for self-healing critical infrastructure.
