Deploying machine learning (ML) in dynamic data-driven applications systems (DDDAS) can improve the security of industrial control systems (ICS). However, ML-based DDDAS are vulnerable to adversarial attacks because adversaries can alter the input data slightly so that the ML models predict a different result. In this paper, our goal is to build a resilient edge machine learning (reML) architecture that is designed to withstand adversarial attacks by performing Data Air Gap Transformation (DAGT) to anonymize data feature spaces using deep neural networks and randomize the ML models used for predictions. The reML is based on the Resilient DDDAS paradigm, Moving Target Defense (MTD) theory, and TinyML and is applied to combat adversarial attacks on ICS. Furthermore, the proposed approach is power-efficient and privacy-preserving and, therefore, can be deployed on power-constrained devices to enhance ICS security. This approach enables resilient ML inference at the edge by shifting the computation from the computing-intensive platforms to the resource-constrained edge devices. The incorporation of TinyML with TensorFlow Lite ensures efficient resource utilization and, consequently, makes reML suitable for deployment in various industrial control environments. Furthermore, the dynamic nature of reML, facilitated by the resilient DDDAS development environment, allows for continuous adaptation and improvement in response to emerging threats. Lastly, we evaluate our approach on an ICS dataset and demonstrate that reML provides a viable and effective solution for resilient ML inference at the edge devices.
翻译:在动态数据驱动应用系统(DDDAS)中部署机器学习(ML)能够提升工业控制系统(ICS)的安全性。然而,基于ML的DDDAS易受对抗攻击,因为攻击者可以轻微改变输入数据,导致ML模型预测出不同结果。本文旨在构建一种弹性边缘机器学习(reML)架构,该架构通过执行数据空气间隙变换(DAGT)——利用深度神经网络对数据特征空间进行匿名化处理,并随机化用于预测的ML模型——从而抵御对抗攻击。reML基于弹性DDDAS范式、移动目标防御(MTD)理论以及TinyML构建,并应用于应对ICS的对抗攻击。此外,所提方法具有高能效与隐私保护特性,因此可部署于资源受限设备以增强ICS安全性。该方法通过将计算从计算密集型平台转移至资源受限的边缘设备,实现了边缘端的弹性ML推理。结合TensorFlow Lite的TinyML技术确保了资源的高效利用,使得reML适用于多种工业控制环境的部署。同时,在弹性DDDAS开发环境的支持下,reML的动态特性使其能够针对新兴威胁持续适应与改进。最后,我们在ICS数据集上评估了所提方法,结果表明reML为边缘设备提供了可行且有效的弹性ML推理解决方案。