Open shairoMt opened 3 years ago
The Dataset is created to support research by design of secure Cyber Physical Systems (CPS). This dataset is used in order to detect cyber and physical attacks. The collected dataset covers 11 days of operation of SWaT so there will be two behavioural modes:
-normal mode: the first 7 days are without any faults and attacks .
Because CPS are mainly Physical Systems controlled and monitored through network, there will be two separate datasets:
There will be two kind also of attacks:
The processing of Water treatment consists of 6 stages and an attack could be startet at one or many stages of them. A total of 36 attacks were launched during the data collection process. The duration of the attack is varied based on the attack type. A few attacks, each lasting ten minutes, are performed consecutively with a gap of 10 minutes between successive attacks. Some of the attacks are performed by letting the system stabilize before a subsequent attack. The duration of system stabilization varies across attacks.
Attack Category | Number of attacks |
---|---|
SSSP | 26 |
SSMP | 4 |
MSSP | 2 |
MSMP | 4 |
SSSP: Single Stage Single Point SSMP: Single Stage Multi Point MSSP: Multi Stage Single Point MSMP: Multi Stage Multi Point
The following assumptions ere made during the data collection process:
Data recorded in the Historian was obtained from the sensors and actuators of the testbed. In total, 946,722 samples comprising of 51 attributes were collected over 11 days. As the data collection process started from an empty state, it tool about 5 hours for SWaT to stabilise and reach its operational state and then approximately 6 hours the tanks to be filled up.
the data collection for network traffic began the moment the testbed was switched to operational mode.
The are three labels groups of the data:
A summary is created here that covers the most important information about the paper and dataset.