Development of an Edge Resilient ML Ensemble to Tolerate ICS Adversarial Attacks

TL;DR

This paper presents a novel edge-resilient machine learning architecture for industrial control systems that employs data anonymization, model randomization, and TinyML to withstand adversarial attacks while being power-efficient and adaptable.

Contribution

The paper introduces a resilient ML architecture combining Data Air Gap Transformation, model randomization, and TinyML for secure, power-efficient edge deployment in ICS environments.

Findings

reML effectively resists adversarial attacks on ICS data

It is suitable for deployment on power-constrained edge devices

The approach demonstrates improved security and adaptability in ICS scenarios

Abstract

Deploying machine learning (ML) in dynamic data-driven applications systems (DDDAS) can improve the security of industrial control systems (ICS). However, ML-based DDDAS are vulnerable to adversarial attacks because adversaries can alter the input data slightly so that the ML models predict a different result. In this paper, our goal is to build a resilient edge machine learning (reML) architecture that is designed to withstand adversarial attacks by performing Data Air Gap Transformation (DAGT) to anonymize data feature spaces using deep neural networks and randomize the ML models used for predictions. The reML is based on the Resilient DDDAS paradigm, Moving Target Defense (MTD) theory, and TinyML and is applied to combat adversarial attacks on ICS. Furthermore, the proposed approach is power-efficient and privacy-preserving and, therefore, can be deployed on power-constrained devices to enhance ICS security. This approach enables resilient ML inference at the edge by shifting the computation from the computing-intensive platforms to the resource-constrained edge devices. The incorporation of TinyML with TensorFlow Lite ensures efficient resource utilization and, consequently, makes reML suitable for deployment in various industrial control environments. Furthermore, the dynamic nature of reML, facilitated by the resilient DDDAS development environment, allows for continuous adaptation and improvement in response to emerging threats. Lastly, we evaluate our approach on an ICS dataset and demonstrate that reML provides a viable and effective solution for resilient ML inference at the edge devices.