Discrete event system framework for fault diagnosis with measurement inconsistency: Case study of rogue DHCP attack

Fault detection and diagnosis x0028 FDD x0029 facilitates reliable operation of systems. Various approaches have been proposed for FDD like Analytical redundancy x0028 AR x0029, Principal component analysis x0028 PCA x0029, Discrete event system x0028 DES x0029 model etc., in the literature. Performance of FDD schemes greatly depends on accuracy of the sensors which measure the system parameters. Due to various reasons like faults, communication errors etc., sensors may occasionally miss or report erroneous values of some system parameters to FDD engine, resulting in measurement inconsistency of these parameters. Schemes like AR, PCA etc., have mechanisms to handle measurement inconsistency, however, they are computationally heavy. DES based FDD techniques are widely used because of computational simplicity, but they cannot handle measurement inconsistency efficiently. Existing DES based schemes do not use Measurement inconsistent x0028 MI x0029 parameters for FDD. These parameters are not permanently unmeasurable or erroneous, so ignoring them may lead to weak diagnosis. To address this issue, we propose a Measurement inconsistent discrete event system x0028 MIDES x0029 framework, which uses MI parameters for FDD at the instances they are measured by the sensors. Otherwise, when they are unmeasurable or erroneously reported, the MIDES invokes an estimator diagnoser that predicts the statex0028 s x0029 the system is expected to be in, using the subsequent parameters measured by the other sensors. The efficacy of the proposed method is illustrated using a pump-valve system. In addition, an MIDES based intrusion detection system has been developed for detection of rogue dynamic host configuration protocol x0028 DHCPx0029 server attack by mapping the attack to a fault in the DES framework.