| CPC G06F 21/554 (2013.01) [G05B 15/02 (2013.01); G06F 9/45508 (2013.01); G06N 20/00 (2019.01); G06F 2221/034 (2013.01)] | 19 Claims |
|
1. A method for controlling an industrial asset, the method comprising:
generating, via a controller, a cyber attack model configured to predict a plurality of operational impacts on the industrial asset of a plurality of potential cyber attacks and a corresponding plurality of potential mitigation responses;
training, via the controller, the cyber attack model via a training data set to correlate the plurality of potential mitigation responses to the predicted plurality of operational impacts corresponding to the plurality of potential cyber attacks;
detecting, via a cyber attack neutralization module (neutralization module), a cyber attack impacting at least one component of the industrial asset;
identifying, via the neutralization module, a predicted operational impact of the plurality of operational impacts which corresponds to the detected the cyber attack based on the cyber attack model;
selecting, via the neutralization module, at least one mitigation response of the plurality of potential mitigation responses based on the predicted operational impact of the cyber attack; and
altering an operating state of the industrial asset based on the at least one mitigation response,
wherein identifying the predicted operational impact of the cyber attack further comprises:
correlating, via the neutralization module, the predicted operational impact to an unwarranted shutdown of the industrial asset in response to a shutdown protocol of a safety system in response to the detected cyber attack, wherein the shutdown protocol is unwarranted for the operating state of the industrial asset and
overriding, via the neutralization module, the shutdown protocol to preclude the unwarranted shutdown of the industrial asset.
|