Next Article in Journal
Machine Learning-Based Methodologies for Cyber-Attacks and Network Traffic Monitoring: A Review and Insights
Previous Article in Journal
PLC-Fusion: Perspective-Based Hierarchical and Deep LiDAR Camera Fusion for 3D Object Detection in Autonomous Vehicles
Previous Article in Special Issue
Towards Securing Smart Homes: A Systematic Literature Review of Malware Detection Techniques and Recommended Prevention Approach
 
 
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Article

Detecting Adversarial Attacks in IoT-Enabled Predictive Maintenance with Time-Series Data Augmentation

Department of Electrical Engineering and Information Technology (DIETI), University of Naples Federico II, Via Claudio 21, 80125 Naples, Italy
*
Author to whom correspondence should be addressed.
Information 2024, 15(11), 740; https://doi.org/10.3390/info15110740
Submission received: 30 September 2024 / Revised: 15 November 2024 / Accepted: 16 November 2024 / Published: 20 November 2024

Abstract

:
Despite considerable advancements in integrating the Internet of Things (IoT) and artificial intelligence (AI) within the industrial maintenance framework, the increasing reliance on these innovative technologies introduces significant vulnerabilities due to cybersecurity risks, potentially compromising the integrity of decision-making processes. Accordingly, this study aims to offer comprehensive insights into the cybersecurity challenges associated with predictive maintenance, proposing a novel methodology that leverages generative AI for data augmentation, enhancing threat detection capabilities. Experimental evaluations conducted using the NASA Commercial Modular Aero-Propulsion System Simulation (N-CMAPSS) dataset affirm the viability of this approach leveraging the state-of-the-art TimeGAN model for temporal-aware data generation and building a recurrent classifier for attack discrimination in a balanced dataset. The classifier’s results demonstrate the satisfactory and robust performance achieved in terms of accuracy (between 80% and 90%) and how the strategic generation of data can effectively bolster the resilience of intelligent maintenance systems against cyber threats.

1. Introduction

The advent of IoT and AI has markedly transformed maintenance strategies in many industrial sectors, propelled by the combination of advanced networks and predictive modeling, enabling real-time data acquisition and processing from production equipment [1]. This novel maintenance paradigm, staying at the forefront of Industry 4.0 applications, originates from a long evolution through the centuries, as highlighted by Poor et al. [2], moving from visual inspections of trained craftsmen to data-driven condition-based maintenance being largely adopted for diagnosing the health parameters of observed systems [3,4]. The predictive maintenance (PdM) approach, which extends condition-based maintenance (CbM) with prognostic features, requires amalgamating multiple data sources from a network of sensors. This strategy necessitates strategic processing to build a comprehensive data structure that includes operational parameters, machinery settings, and historical data on repair to offer accurate predictions about future health states. The outlined innovative maintenance design finds applications across a diverse array of domains, from smart manufacturing, in which it is integrated to enhance the efficiency and reliability of the processes [5] to the transportation sector, which employs predictive analytics to maintain and improve the safety and reliability of transportation systems [6,7].
From a practical perspective, adopting predictive maintenance aims to enhance overall productivity by minimizing unplanned downtime and ensuring the continuity of production processes without abrupt interruptions. Moreover, from a business standpoint, this practice effectively reduces the total maintenance costs by averting severe machine failures that necessitate costly repairs and eliminating the need for sub-optimal static scheduled interventions [8], aligning the industry with sustainable strategies and digital transformation. At its core, PdM integrates advanced analytics to diagnose fault conditions and predict equipment failures through real-time data acquisition and processing. Specifically, diagnosis involves the identification of anomalies and failures in machinery through continuous monitoring and data analysis, while prognosis entails the prediction of future failures and the estimation of the equipment’s remaining useful life (RUL), facilitating timely maintenance decisions [9].
The concept of the IoT, the driving force of the PdM shift, integrates a plethora of interconnected devices, allowing for sensing and interacting with external environments through decentralized sensors. The IoT enables complex ecosystems of interconnected devices that actively communicate and process data. This technology architecture is practically delineated into five distinct layers, each providing essential functionalities for the operation and management of IoT systems:
  • Sensing layer: Gathers environmental data through sensors and actuators.
  • Network layer: Connects these devices to higher computational platforms such as cloud or fog computing systems.
  • Storage layer: Manages data accumulation and preservation.
  • Learning layer: Employs advanced algorithms for data analysis.
  • Application layer: Uses processed data to improve practical applications and decision support systems.
Set within the context of PdM, with its technologies and challenges [10], this apparatus potentially presents onboard processing capabilities supporting communication with legacy devices by integrating older equipment into contemporary IoT infrastructures and protocols like MQTT [11] or RS-485 [12] and enhancing local data management in terms of data flow and responsiveness through caching, buffering, and preprocessing. Specifically, data management within these distributed systems often presents significant integration challenges due to varied semantics and formats, as depicted by Christou et al. [13], who address these issues by developing a digital platform tailored for PdM, simplifying application deployment, and streamlining data consolidation and analytics.
From an analytical perspective, the implementation of AI algorithms in predictive maintenance (PdM) leverages a broad array of computational methods aimed at interpreting and forecasting complex, dynamic data. Particularly, deep learning algorithms have demonstrated robust effectiveness across a range of critical tasks including fault diagnosis [14], prognostics [15,16], and anomaly detection [17].
Moreover, the current vibrant AI research landscape has led to significant advancements and a shift from model-centric to data-centric approaches [18], amplifying the potential applications of generative artificial intelligence (GAI) [19] in PdM systems. Despite the substantial volume of data available in these complex applications, there is often a paucity of records exhibiting anomalous behavior, especially in critical or cost-sensitive units. From this new perspective, the advancements in GAI have introduced novel context-aware methods for generating synthetic data, particularly in time-series applications, demonstrating the capability to produce realistic synthetic time-series data by capturing the complex temporal dynamics while offering a complementary approach to traditional simulations, enhancing any predictive model performances in real-world applications where data are scarce [20].
Artificial intelligence technology, moreover, is profoundly impacting a wide range of applications across various productive sectors, with cybersecurity being a prominent example [21]. Placed in the context of PdM and broader applications involving Internet of Things (IoT) systems, the adoption of AI models can play a crucial role in safeguarding system functionality against adversarial attacks, which can lead algorithms to make incorrect predictions, resulting in significant operational failures [22].
Specifically, one of the most significant threats to AI models in PdM systems is false data injection attacks, a form of evasion attack where adversaries introduce deceptive data to manipulate the model’s output. This threat can cause AI models to overlook critical equipment failures or generate false alarms, leading to unplanned downtime, increased maintenance costs, and potential safety hazards. For enterprises managing extensive IoT infrastructures with critical assets—such as power grids, manufacturing plants, and transportation networks—the ramifications of false data injection are particularly severe as the expansive and interconnected nature of IoT systems enlarges the attack surface, thereby facilitating easier infiltration by malicious actors who can sniff a sample of the time-series collection related to a certain time window, learn the temporal context, and then inject credible fraudulent data undetected [23]. Moreover, these organizations often possess limited datasets on operational failures or attacks themselves due to the rarity of such events, complicating the training of AI models to be resilient against threats. This gap has also been highlighted by Fink et al. [24] and Tiddens et al. [25], emphasizing the need for future work to refine predictive maintenance technologies and their implementation in practice. From this perspective, one promising approach is the utilization of data augmentation through generative models, specifically time-series generative adversarial networks (TimeGANs), which have demonstrated potential in generating realistic synthetic time-series data [26], augmenting scarce datasets, and simulating a wide range of operational scenarios, including rare failure events and adversarial attacks. By incorporating a generative data augmentation approach, AI tools can be trained on a more diverse dataset that encompasses potential adversarial patterns, thereby enhancing the ability to detect false data injection attempts and fortifying AI models against security threats. In conclusion, this work is structured as follows: A deep evaluation of IoT vulnerabilities is given in Section 2; a description of data in a PdM environment in Section 3; followed by the methodology in Section 4 and results in Section 5. We propose a solution to enhance security within the PdM framework by enabling the detection of false data injection attacks in IoT-enabled systems simulating synthetic data injection with generative algorithms, thus contributing to the broader discourse on the security of AI models in critical infrastructure set “into the wild”.

2. IoT Vulnerabilities and Data Attacks in Predictive Maintenance

The integration of the IoT into predictive maintenance (PdM) systems significantly enhances industrial capabilities to monitor equipment health and predict potential failures. However, this increased connectivity introduces a range of vulnerabilities and potential for attacks, thus monitoring is required for maintaining the integrity, reliability, and security within the PdM applications [27].
  • Physical security deficiencies: IoT devices in industrial environments often lack adequate protection, making them susceptible to tampering, unauthorized access, or physical damage. This exposure potentially allows adversaries to manipulate sensor data, install malicious firmware, or disrupt device functionality, leading to inaccurate maintenance predictions.
  • Inadequate authentication mechanisms: Many IoT devices use simplified authentication protocols due to computational and power limitations, thereby allowing attackers to gain unauthorized access, intercept, and alter data transmissions.
  • Weak encryption practices: Secure data transmission from IoT devices to centralized analytics platforms is crucial for accurate PdM. Weak or improperly implemented encryption protocols leave sensitive data vulnerable to interception and manipulation, undermining the effectiveness of maintenance strategies.
  • Improper patch management: Regular updates and patches are also vital for addressing security vulnerabilities in IoT devices. Neglecting proper patch management can leave devices exposed to unknown exploits, and insecure update mechanisms may be compromised by malicious actors.
  • Exposure through unnecessary open ports: IoT devices may have open network ports that are not essential for their primary functions. These open ports expand the attack surface, providing additional entry points for malicious activities like deploying malware or interfering with communication channels between devices and central systems.
Data attacks, among the different types of adversarial threats, pose significant threats to the integrity and reliability of PdM systems, with the main aim of this threat type being to compromise the availability, confidentiality, and integrity of data within IoT ecosystems, thereby undermining the effectiveness of PdM strategies, affecting safety and productivity in real contexts. The impact of these data attacks on PdM is profound, since AI models depend heavily on the quality and integrity of input data, with any compromise potentially resulting in cascading failures throughout the maintenance decision-making process. Specifically, erroneous data can cause models to generate false positives, leading to unnecessary maintenance interventions that incur additional costs and reduce equipment availability; alternatively, false negatives may prevent the detection of critical equipment faults, resulting in unexpected breakdowns, costly repairs, and safety risks to personnel. A clear overview of data attacks associated with IoT vulnerabilities in PdM systems is presented in Figure 1.
One clear example of this threat type is data tampering, which involves unauthorized alteration of data during transmission between IoT devices and servers, resulting in incorrect maintenance actions or failure to detect equipment faults. Replay attacks capture and transmit valid data packets at a later time, causing AI models to process outdated information, potentially delaying necessary maintenance interventions. Data falsification refers to the deliberate injection of fabricated data into IoT systems, deceiving AI models into making incorrect predictions and potentially causing unnecessary maintenance actions or masking genuine faults. Vulnerabilities in APIs and interfaces can lead to unauthorized access, data breaches, or manipulation, jeopardizing the confidentiality and integrity of maintenance data. Device impersonation, from this perspective, allows attackers to masquerade as legitimate IoT devices [27], undermining trust in the PdM system and leading to flawed predictive insights.

3. Data in Predictive Maintenance

In high-reliability sectors such as aerospace, energy, and healthcare, failures and data attacks on critical units are exceptionally rare, thanks to stringent maintenance standards and proactive management. While this rarity enhances operational safety, it presents a substantial challenge for developing robust security models designed to predict and mitigate potential data breaches or malicious attacks. Traditional predictive maintenance models depend heavily on historical failure data, but the scarcity of such data makes it difficult to achieve the accuracy and reliability required for effective preemptive measures.
A practical solution to the problem of data scarcity is the application of data augmentation techniques tailored to meet specific safety and asset requirements. The illustration in Figure 2 clearly shows a workflow which could address the necessity of data simulation and synthetic data generation in different contexts by taking into account the costs and the risk related to overusage of the machinery.
Simulations, conducted using tools like Matlab and Simulink version R2024b, are essential in modeling and analyzing dynamic systems, facilitating the generation of realistic data that reflect the complexities of real-world operations or potential dangerous scenarios like failures and attacks.
In this context, the CMAPSS dataset, developed by NASA [28,29], has been extensively utilized as a critical benchmark in prognostic health management (PHM) research and predictive maintenance applications [30]. It offers realistic signals related to machinery fleets, facilitating numerous artificial intelligence applications in both industry and academia [31,32,33].
The study by Chao et al. [34,35] introduced the new Commercial Modular Aero-Propulsion Simulation System (N-CMAPSS) dataset, generated using the CMAPSS tool with a specific modular design, presented in Figure 3, integrating engines’ lifecycles under multiple failure modalities with tailored degradation patterns. Particularly, the N-CMAPSS dataset enhances the legacy CMAPSS dataset by incorporating more realistic flight conditions, making it a valuable resource for modeling real-world predictive maintenance scenarios.
Principally, the N-CMAPSS simulation involves simultaneous failures of up to five rotating sub-components: fan, low-pressure compressor (LPC), high-pressure compressor (HPC), low-pressure turbine (LPT), and high-pressure turbine (HPT). In addition to component-level failures, the simulation environment incorporates various flight conditions—such as altitude, Mach number, and throttle resolver angle (TRA)—to realistically model a wide range of operational scenarios, thus facilitating a detailed exploration of engine degradation processes and predictive maintenance scenarios.
The overall N-CMAPSS dataset, featured in the 2021 PHM Data Challenge, represents typical data ensembles for a small fleet of turbofan engines. Its structure comprises four subsets, each simulating a unique combination of fault scenarios and fault conditions, as detailed in Table 1.
The four datasets, indicated as FD001 to FD004, present different levels of noise and increasing pattern complexity, with the aim of rendering the failure prediction and model benchmarking as realistic as possible.
The datasets are described in more detail in Table 2.
These sets can be mainly grouped into two classes based on the operational conditions:
  • Single operational condition: FD001 and FD003 were collected under a single flight condition, indicating that data were captured at specific settings of Mach, TRA, and altitude.
  • Multiple operational conditions: FD002 and FD004 encompass six different flight conditions, capturing data across varying settings to reflect more complex operational scenarios.
Each engine configuration in the dataset includes a record of operational cycles, ranging from a minimum of 128 cycles in FD001 to a maximum of 544 cycles in FD004 for training data, indicating extensive variability in operational durability and conditions, also reflected in the test datasets. Moreover, the increasing complexity is encapsulated by the number of failure modalities, with FD003 and FD004 presenting more complex datasets compared to their single-failure-modality counterparts.
Among the few tools capable of providing reliable and detailed simulation of engine degradation, N-CMAPSS includes realistic operational conditions, making it an invaluable and unique resource for developing and benchmarking predictive maintenance models, especially in addressing the challenges posed by complex, real-world time-series data.

4. Methodology

At its core, this study intersects IoT, security, and AI to present a comprehensive and data-agnostic methodology that enhances the resilience of PdM systems against sophisticated adversarial data attacks. The approach, presented in Figure 4, targets the vulnerabilities exploited by malicious entities that evade detection by injecting highly tailored false data into systems, compromising the accuracy of RUL predictions, crucial for effective industrial prognostics.
The methodology, performed entirely using Python scripting language, with a T4 GPU and leveraging statistical libraries for exploratory analysis and TensorFlow for deep learning models, commences with a rigorous statistical analysis to determine the stationarity of the time-series data, employing formal tests such as the augmented Dickey–Fuller (ADF) to ascertain the presence of unit roots, thus confirming the data’s stationarity or non-stationarity. This step is vital as non-stationary data indicate changing statistical properties over time, typical in sensor data from industrial systems. Following the establishment of non-stationarity, the approach includes a correlation analysis using the variance inflation factor (VIF) to detect redundancies in sensor outputs, refining the predictive model’s accuracy and efficiency.
Subsequently, the methodology leverages synthetic data generation using the TimeGAN, a state-of-the-art model which merges adversarial training with unsupervised and supervised learning objectives to capture the intricate temporal dynamics and distributions inherent in time-series data. The training on the target dataset facilitates the generation of synthetic data that mirror the real data’s statistical properties and temporal patterns. These synthetic data serve a dual purpose: they simulate refined synthetic data attack scenarios that are challenging to distinguish from genuine data and augment the training set for the adversarial detection model, thereby enhancing its generalization capabilities and anomaly detection sensitivity.
The final phase involves training a classification model to differentiate between authentic and synthetic data streams using the balanced dataset, combining original and synthetic data in equal proportions, which is crucial for a fair evaluation. The choice of the model is guided by its proficiency in capturing temporal dependencies and complex patterns, with recurrent neural networks (RNNs) or long short-term memory (LSTM) networks being typical choices due to their effectiveness in sequential data handling.
In the evaluation phase, the model’s performance is validated using a comprehensive suite of metrics, including accuracy, precision, recall, F1-score, and the area under the receiver operating characteristic curve (AUC-ROC). This rigorous assessment ensures the model’s suitability for deployment in PdM systems, aiming to robustly detect real-world adversarial attacks and thereby mitigate potential operational and financial impacts in industrial environments.
By addressing the complex challenges posed by data injection attacks, our methodology contributes significantly to the field of IoT security and predictive maintenance, offering a scalable and adaptable solution that not only meets the current security demands but is also designed to evolve in response to emerging threats, technological advancements, and production shifts, paving the way for safer, more secure industrial operations.

4.1. Time-Series Data Augmentation

Data augmentation techniques can be roughly classified into classic and advanced approaches, as in Figure 5. Classical approaches involves techniques traditionally used in image processing, adapted to enhance the diversity and robustness of models in dealing with sequential data. These techniques include cropping, flipping, and jittering, each contributing uniquely to the model’s ability to generalize from training data to unseen scenarios.
Cropping in time-series data involves extracting a shorter segment from a longer sequence, thus allowing models to learn from various phases and features within the dataset. Mathematically, given a time series T consisting of N observations, a cropped time series T can be defined starting at a random index t with a length L, where L is less than N. The cropped series is represented as
T = { T [ t ] , T [ t + 1 ] , , T [ t + L 1 ] } w h e r e { 0 t N L } .
Flipping is particularly useful in scenarios where the temporal sequence’s direction does not influence the interpretation of the data. This technique reverses the order of the series, thereby augmenting the dataset with a time-reversed sequence. For a time series T = { t 1 , t 2 , , t N } , the flipped series T is given by
T = { t N , t N 1 , , t 1 }
Jittering introduces random noise to each data point in the series, simulating the effect of measurement errors or other external noise factors. This is achieved by adding a noise component ϵ i to each observation t i , where ϵ i follows a Gaussian distribution with mean zero and a predefined standard deviation σ . The jittered series T is expressed as
T [ i ] = T [ i ] + ϵ i f o r i = 1 , 2 , , N a n d ϵ i N ( 0 , σ 2 ) .
Delving deeper into the topic, the domain of time-series data presents unique challenges in data augmentation, primarily due to the importance of preserving temporal integrity and understanding underlying patterns that unfold over time.
Traditional methods like jittering, cropping, and flipping, while effective for introducing simple variations, are insufficient for generating synthetic data with the complex, context-dependent structures inherent in sequential datasets. As machine learning evolved, more advanced techniques like the Synthetic Minority Oversampling Technique (SMOTE) were developed to address data imbalance by creating synthetic samples in feature space [36]. However, SMOTE does not account for temporal correlations, which are crucial in time-series data, potentially leading to the generation of non-plausible data sequences [37]. This limitation spurred the development of time-series-specific augmentation techniques that consider the sequential nature of the data.
In response to these challenges, more sophisticated techniques such as conditional variational autoencoders (CVAEs) and generative adversarial networks (GANs) have been explored for generating new data instances. The conditional GAN (CGAN), for instance, has been effectively used to generate synthetic time-series data under specific conditions, yet often struggles with capturing long-term dependencies [38].
Emerging from this progression, TimeGAN has been introduced as a novel approach to synthesizing time-series data. Its architecture, depicted in Figure 6, integrates an autoencoder for latent space representation, a GAN for adversarial training, and a supervised component to enforce temporal consistency, representing a state-of-the-art method in synthetic data generation [26]. The innovative part of this model lies in maintaining chronological order and temporal correlations in the generation, addressing one of the significant drawbacks of previous methods.
The architecture of TimeGAN is specifically designed to tackle the challenges of temporal data by learning joint distributions of time-series data and their corresponding labels in supervised learning contexts.
  • Preservation of temporal dynamics: Time-series data are inherently sequential, where each data point is dependent on previous points. Classical augmentation methods (such as flipping, scaling, or rotating) do not account for these temporal dependencies, while TimeGAN is designed to learn and preserve temporal dynamics, ensuring that the synthetic data it generates maintain realistic temporal correlations and sequences.
  • Complex pattern learning: TimeGAN utilizes a combination of RNNs, a GAN and an AE architecture to learn complex patterns in time-series data. It captures both the static patterns across different time series and the dynamic patterns within a single series, which is something classical augmentation cannot achieve, as such techniques often apply simple transformations that might disrupt the inherent sequence of time-series data.
In summary, while basic data augmentation techniques laid the foundational groundwork, the evolution towards integrating advanced machine learning and deep learning techniques such as TimeGAN represents a significant leap forward. These advancements not only address the inherent limitations of traditional methods but also pave the way for innovative approaches to handling, analyzing, and predicting time-series data.

4.2. Evasion Detection Modeling

To evaluate the fidelity of the synthetic time-series data, classification experiments were conducted, aiming to distinguish between real and synthetic datasets, which represent possible attacks. This approach provides a quantitative measure of how closely the synthetic data resemble the real data by assessing whether a model can effectively learn to differentiate between the two.
We obtained the real dataset D real and ensured it was aligned in size with the synthetic dataset D synthetic by truncating D real to match the number of samples in D synthetic , with both datasets processed to have a consistent shape suitable for input into the classification model.
The combined dataset was partitioned into training and testing sets using a tailored split, denoting the number of series as n series , with n train = 0.8 × n series for training and n test = n series n train for testing. Importantly, the training dataset was balanced, containing equal numbers of real and synthetic samples, which is crucial as it prevents the classifier from becoming biased toward a particular class, ensuring that any learning is due to inherent differences between the datasets rather than class imbalance.
In the experiments, the label y = 1 is assigned for real data and y = 0 for synthetic data, with the training data D train and labels Y train constructed by vertically stacking the real and synthetic training samples and their corresponding labels. The same process was applied to create the testing data D test and labels Y test .
The classification model employed represents a sequential neural network consisting of six gated recurrent unit (GRU) layers, followed by a dense output layer with a sigmoid activation function. Specifically, the model architecture is defined as follows:
Model = Input layer of shape ( 10 , 3 ) , GRU layer with 6 units , Dense output layer with sigmoid activation .
The model was compiled using binary cross-entropy as the loss function, the Adam optimizer, and was evaluated using the area under the receiver operating characteristic curve (AUC) and accuracy metrics constructed over 250 epochs with a batch size of 128.
The balanced nature of the training data played a significant role in the model’s ability to capture the distinctions between the real and synthetic datasets. By providing an equal number of samples from each class, we ensured an unbiased classifier, allowing the model to focus on learning the underlying features that differentiate the two datasets.

5. Results

In order to pursue the main tasks and generate synthetic data that are able to train a model for evasion detection, we need to ascertain two main conditions about the process: non-stationary and non-multicollinearity. The initial phase of our analysis focused on evaluating the stationarity of each sensor measurement across different units within the FD001 dataset of N-CMAPSS. The accompanying heatmap illustrates the stationarity properties of the data, where each cell represents a combination of a sensor and a unit. In detail, red cells indicate non-stationary behavior, suggesting that the statistical properties of these measurements change over time, which is crucial for identifying which sensors exhibit trends or seasonal variations that must be accounted for in subsequent predictive modeling. In total, the heatmap in Figure 7 presents a clear visualization of non-stationarity distributed across various sensors and units, underscoring the complexity and dynamic nature of the data. Such insights are pivotal for refining our approach to data processing, ensuring that our predictive models can accommodate these non-stationarities effectively, thereby removing unnecessary sensors that present stationary behavior from the generation process.
Following the assessment of stationarity, we conducted a correlation analysis to evaluate the relationships between different relevant sensor measurements, highlighting potential redundancies or interactions that could influence the behavior of the system. The analysis is further enhanced by the VIF, which does not present any kind of relevant multicollinearity phenomena, as presented in Figure 7.
The outcomes of this preliminary step have several implications for our methodology:
  • Enhanced data preprocessing: Non-stationary sensors require specific treatments such as differencing or transformation to ensure that subsequent predictive models are not biased by transient trends in the data.
  • Informed feature engineering: By understanding the correlation structure among sensors, we can engineer more effective features that capture the underlying processes of the system, potentially enhancing the predictive tasks.
The TimeGANmodel architecture was designed to generate 35 batches of synthetic data, each containing 128 samples with dimensions 24 × 6. These samples were then reshaped into a final structure of (20,480; 24; 14), ensuring a consistent format for subsequent analysis through gated recurrent unit (GRU) kernels.
The training process was meticulously recorded, capturing various metrics to monitor the model’s performance and stability over time. These metrics included discriminator loss (d_loss), generator loss on unlabeled data (g_loss_u), generator loss on synthetic data (g_loss_s), generator loss on validity (g_loss_v), and encoder loss at initial time (e_loss_t0). The evolution of these metrics over 10,000 iterations reflects the model’s learning progression and stability adjustments.
Overall, Figure 8 presents a TimeGAN model that, while showing some fluctuations in generator performance (G Loss U), has a generally effective generator (low and stable G Loss S and G Loss V) and a discriminator whose challenge is increasing (indicative of improving generator quality). Moreover, the encoder also shows stability, which is essential for consistent synthetic data generation. The two y-axes of Figure 8, in fact, help to distinguish between higher-range losses (D Loss and G Loss U) and lower-range losses, providing a clear view of all aspects of the model’s training dynamics, allowing for optimizing and troubleshooting the training process by identifying which components might require further tuning. After generation, the synthetic data, along with real data, were visualized using principal component analysis (PCA) and t-distributed stochastic neighbor embedding (t-SNE). These techniques reduced the high-dimensional data space into two dimensions to facilitate a visual comparison of the distribution characteristics between the real and synthetic datasets.
  • PCA result: The PCA plot visually differentiates between real and synthetic data, highlighting the ability of the model to simulate realistic time-series samples.
  • t-SNE result:The t-SNE visualization provides a more nuanced separation of the data points, with the algorithm computing the proximity of 1125 samples and optimizing the layout to minimize the Kullback–Leibler divergence. The final KL divergence value after 1000 iterations stands at 0.458589, indicating effective dimensionality reduction and data clustering.
The training dynamics and visualizations presented in Figure 9 underscore the efficacy of the proposed TimeGAN in generating high-fidelity synthetic time-series data. The losses recorded during training show a stabilization trend, suggesting that the model effectively learned the complex temporal patterns inherent in the dataset. The visual distinction between the real and synthetic data points in the PCA and t-SNE plots, depicted in Figure 9, also validates the synthetic data’s quality and their utility in augmenting the training process for different predictive tasks. By enriching the dataset with high-quality synthetic instances, it is possible to improve model training processes, refine detection accuracy, and prepare more robust systems, capable of handling real-world variability and complexities in IoT environments.
The efficacy of a GRU backbone classifier trained on high-fidelity synthetic data generated through TimeGAN, with the aim of distinguishing between real and synthetic evasion data attacks, was rigorously evaluated. In the aforementioned validation process, presented in Figure 10, two principal metrics were employed, the ROC-AUC curve and accuracy, providing comprehensive insights into the classifier’s capability to differentiate between classes across various thresholds and demonstrating a consistent improvement across training epochs. Notably, the AUC values for both the training and testing phases ascended progressively, achieving high levels above 0.9. This signifies a robust generalization capability, essential for deploying the classifier in real-world scenarios where evasion attempts are likely. In terms of accuracy, defined as the ratio of true results (both true positives and true negatives) to total cases, the classifier exhibited a marked improvement throughout the training period. Specifically, the accuracy curves revealed a steady ascent, reflecting an enhanced proficiency in classifying data points accurately, with the test accuracy stabilizing between 80% and 90%. This level of performance suggests a well-balanced model that effectively learns and generalizes from the training data, yet it also highlights potential areas for further refinement to address more subtle aspects of evasion tactics.

6. Discussion

This study presents a comprehensive methodology to enhance the resilience of PdM systems in IoT environments against sophisticated adversarial data attacks. By integrating rigorous statistical analysis, advanced generative models, and robust classification techniques, the proposed approach addresses the critical challenges posed by data injection attacks that compromise the accuracy of RUL predictions. The data-agnostic nature of this approach ensures its applicability across various industrial domains and datasets, with the integration of advanced generative models like TimeGAN representing a substantial progression from traditional augmentation techniques, offering enhanced preservation of temporal dynamics and complex pattern learning. From this perspective, the high performance of the classifier underscores the solution’s utility in real IoT environments susceptible to evasion attacks, where detecting synthetic data injection is critical for maintaining the integrity of predictive maintenance systems and repair action.
Overall, this study successfully demonstrates the application of a framework that is capable of effectively countering evasion attacks. Future work will focus on extending this framework to accommodate an even broader range of attack vectors and to further refine the detection capabilities under varying operational conditions, thereby contributing to the fortification of cybersecurity in predictive maintenance interconnected systems.

Author Contributions

Conceptualization, A.M., E.C. and F.A.; methodology, A.M. and F.A.; software, A.M. and M.F.; validation, A.M., M.F. and F.A.; formal analysis, E.C. and F.A.; investigation, A.M. and F.A.; resources, A.M. and E.C.; writing—original draft preparation, A.M., M.F. and F.A.; writing—review and editing, A.M., M.F. and F.A.; visualization, A.M. and F.A.; supervision, F.A.; project administration, F.A. All authors have read and agreed to the published version of the manuscript.

Funding

This research received no external funding.

Institutional Review Board Statement

Not applicable.

Informed Consent Statement

Not applicable.

Data Availability Statement

Publicly available datasets were analyzed in this study. This data can be found here: https://data.nasa.gov/Aerospace/CMAPSS-Jet-Engine-Simulated-Data/ff5v-kuh6 (accessed on 16 November 2024).

Conflicts of Interest

The authors declare no conflicts of interest.

Abbreviations

The following abbreviations are used in this manuscript:
ADFAugmented Dickey–Fuller test
AIArtificial intelligence
CbMCondition-based maintenance
CGANConditional generative adversarial network
CVAEConditional variational auto-encoder
GANGenerative adversarial network
GAIGenerative AI
GRUGated recurrent unit
HPCHigh-pressure compressor
IoTInternet of Things
LSTMLong short-term memory
N-CMAPSSNASA Commercial Modular Aero-Propulsion Simulation System
PCAPrincipal component analysis
PdMPredictive maintenance
RNNRecurrent neural network
RULRemaining useful life
t-SNEt-distributed stochastic neighbor embedding
VAEVariational auto-encoder
VIFVariance inflation factor

References

  1. Nagorny, K.; Monteiro, P.; Barata, J.; Colombo, A. Big Data Analysis in Smart Manufacturing: A Review. Int. J. Commun. Netw. Syst. Sci. 2017, 10, 31–58. [Google Scholar] [CrossRef]
  2. Poor, P.; Ženíšek, D.; Basl, J. Historical Overview of Maintenance Management Strategies: Developmentfrom Breakdown Maintenance to Predictive Maintenance in Accordance with FourIndustrial Revolutions. In Proceedings of the International Conference on Industrial Engineering and Operations Management, Pilsen, Czech Republic, 23–26 July 2019. [Google Scholar]
  3. Lee, J.; Kao, H.A.; Yang, S. Service Innovation and Smart Analytics for Industry 4.0 and Big Data Environment. Procedia CIRP 2014, 16, 3–8. [Google Scholar] [CrossRef]
  4. Kang, H.; Lee, J.; Choi, S.; Kim, H.; Park, J.; Son, J.; Kim, B.; Noh, S.D. Smart manufacturing: Past research, present findings, and future directions. Int. J. Precis. Eng. Manuf.-Green Technol. 2016, 3, 111–128. [Google Scholar] [CrossRef]
  5. Cheng, J.; Chen, W.; Chen, K.; Wang, Q. Data-driven predictive maintenance planning framework for MEP components based on BIM and IoT using machine learning algorithms. Autom. Constr. 2020, 112, 103087. [Google Scholar] [CrossRef]
  6. Liu, R.; Yang, B.; Zio, E.; Chen, X. Artificial intelligence for fault diagnosis of rotating machinery: A review. Mech. Syst. Signal Process. 2018, 108, 33–47. [Google Scholar] [CrossRef]
  7. Kaur, M. Future of Industrial Automation with AI and Cloud Robotics; IGI Global Scientific Publishing: New York, NY, USA, 2024; pp. 1–19. [Google Scholar] [CrossRef]
  8. Jimenez, V.J.; Bouhmala, N.; Gausdal, A.H. Developing a predictive maintenance model for vessel machinery. J. Ocean Eng. Sci. 2020, 5, 358–386. [Google Scholar] [CrossRef]
  9. Liu, B.; Gao, Z.; Lu, B.; Dong, H.; An, Z. Deep Learning-Based Remaining Useful Life Estimation of Bearings with Time-Frequency Information. Sensors 2022, 22, 7402. [Google Scholar] [CrossRef]
  10. Ahmed, S.; Alam, M.S.; Hoque, M.; Lameesa, A.; Afrin, S.; Farah, T.; Kabir, M.; Shafiullah, G.; Muyeen, S. Industrial Internet of Things enabled technologies, challenges, and future directions. Comput. Electr. Eng. 2023, 110, 108847. [Google Scholar] [CrossRef]
  11. Masdani, M.; Darlis, D. A comprehensive study on MQTT as a low power protocol for internet of things application. IOP Conf. Ser. Mater. Sci. Eng. 2018, 434, 012274. [Google Scholar] [CrossRef]
  12. Parpala, R.; Iacob, R. Application of IoT concept on predictive maintenance of industrial equipment. In Proceedings of the MATEC Web of Conferences, Sozopol, Bulgaria, 11–13 September 2017; Volume 121, p. 02008. [Google Scholar] [CrossRef]
  13. Christou, I.T.; Kefalakis, N.; Zalonis, A.; Soldatos, J.; Bröchler, R. End-to-End Industrial IoT Platform for Actionable Predictive Maintenance. IFAC-PapersOnLine 2020, 53. [Google Scholar] [CrossRef]
  14. Arellano-Espitia, F.; Delgado-Prieto, M.; Martinez-Viol, V.; Saucedo-Dorantes, J.J.; Osornio-Rios, R.A. Deep-Learning-Based Methodology for Fault Diagnosis in Electromechanical Systems. Sensors 2020, 20, 3949. [Google Scholar] [CrossRef] [PubMed]
  15. Khumprom, P.; Yodo, N. A Data-Driven Predictive Prognostic Model for Lithium-Ion Batteries based on a Deep Learning Algorithm. Energies 2019, 12, 660. [Google Scholar] [CrossRef]
  16. Zhang, X.; Dong, Y.; Wen, L.; Lu, F.; Li, W. Remaining Useful Life Estimation Based on a New Convolutional and Recurrent Neural Network. In Proceedings of the 2019 IEEE 15th International Conference on Automation Science and Engineering (Case), Vancouver, BC, Canada, 22–26 August 2019; pp. 317–322. [Google Scholar] [CrossRef]
  17. Sun, W.; Shao, S.; Zhao, R.; Yan, R.; Zhang, X.; Chen, X. A Sparse Auto-encoder-Based Deep Neural Network Approach for Induction Motor Faults Classification. Measurement 2016, 89, 171–178. [Google Scholar] [CrossRef]
  18. Hamid, O.H. Data-Centric and Model-Centric AI: Twin Drivers of Compact and Robust Industry 4.0 Solutions. Appl. Sci. 2023, 13, 2753. [Google Scholar] [CrossRef]
  19. Feuerriegel, S.; Hartmann, J.; Janiesch, C.; Zschech, P. Generative AI. Bus. Inf. Syst. Eng. 2023, 66, 111–126. [Google Scholar] [CrossRef]
  20. Esteban, C.; Hyland, S.L.; Rätsch, G. Real-valued (Medical) Time Series Generation with Recurrent Conditional GANs. arXiv 2017, arXiv:1706.02633. [Google Scholar]
  21. Sangwan, R.S.; Badr, Y.; Srinivasan, S.M. Cybersecurity for AI Systems: A Survey. J. Cybersecur. Priv. 2023, 3, 166–190. [Google Scholar] [CrossRef]
  22. Biggio, B.; Roli, F. Wild patterns: Ten years after the rise of adversarial machine learning. Pattern Recognit. 2018, 84, 317–331. [Google Scholar] [CrossRef]
  23. Wang, Y.; Attebury, G.; Ramamurthy, B. A Survey of Security Issues in Wireless Sensor Networks. Commun. Surv. Tutorials 2007, 8, 2–23. [Google Scholar] [CrossRef]
  24. Fink, O.; Wang, Q.; Svensén, M.; Dersin, P.; Lee, W.J.; Ducoffe, M. Potential, Challenges and Future Directions for Deep Learning in Prognostics and Health Management Applications. arXiv 2020, arXiv:2005.02144. [Google Scholar] [CrossRef]
  25. Tiddens, W.; Braaksma, A.; Tinga, T. The Adoption of Prognostic Technologies in Maintenance Decision Making: A Multiple Case Study. Procedia CIRP 2015, 38, 171–176. [Google Scholar] [CrossRef]
  26. Yoon, J.; Jarrett, D.; Schaar, M. Time-series Generative Adversarial Networks. Adv. Neural Inf. Process. Syst. 2019, 32, 5508–5518. [Google Scholar]
  27. Sasi, T.; Lashkari, A.H.; Lu, R.; Xiong, P.; Iqbal, S. A comprehensive survey on IoT attacks: Taxonomy, detection mechanisms and challenges. J. Inf. Intell. 2024, 2, 455–513. [Google Scholar] [CrossRef]
  28. Saxena, A.; Goebel, K.; Simon, D.; Eklund, N. Damage propagation modeling for aircraft engine run-to-failure simulation. In Proceedings of the International Conference on Prognostics and Health Management, Denver, CO, USA, 6–9 October 2008. [Google Scholar] [CrossRef]
  29. Saxena, A.; Goebel, K. PHM08 Challenge Data Set. In NASA Prognostics Data Repository; NASA Ames Research Center: Moffett Field, CA, USA, 2008. Available online: https://data.nasa.gov/download/nk8v-ckry/application%2Fzip (accessed on 16 November 2024).
  30. NASA. Commercial Modular Aero-Propulsion System Simulation (CMAPSS); NASA Official: Washington, DC, USA. Available online: https://software.nasa.gov/software/LEW-18315-2 (accessed on 16 November 2024).
  31. Pathan, M. A Comprehensive Survey of Predictive Maintenance Techniques for Aircraft Engines Utilizing the C-MAPSS Dataset. Int. J. Sci. Res. Eng. Manag. 2024, 8, 1–5. [Google Scholar] [CrossRef]
  32. Maulana, F.; Starr, A.; Ompusunggu, A.P. Explainable Data-Driven Method Combined with Bayesian Filtering for Remaining Useful Lifetime Prediction of Aircraft Engines Using NASA CMAPSS Datasets. Machines 2023, 11, 163. [Google Scholar] [CrossRef]
  33. Vollert, S.; Theissler, A. Challenges of machine learning-based RUL prognosis: A review on NASA’s C-MAPSS data set. In Proceedings of the 2021 26th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA), Vasteras, Sweden, 7–10 September 2021; pp. 1–8. [Google Scholar] [CrossRef]
  34. Arias Chao, M.; Kulkarni, C.; Goebel, K.; Fink, O. Aircraft Engine Run-to-Failure Dataset under Real Flight Conditions for Prognostics and Diagnostics. Data 2021, 6, 5. [Google Scholar] [CrossRef]
  35. Chao, M.A.; Kulkarni, C.; Goebel, K.; Fink, O. PHM Society Data Challenge 2021. PHM Soc. 2021, 14, 1–6. [Google Scholar] [CrossRef]
  36. Chawla, N.V.; Bowyer, K.W.; Hall, L.O.; Kegelmeyer, W.P. SMOTE: Synthetic Minority Over-sampling Technique. J. Artif. Intell. Res. 2002, 16, 321–357. [Google Scholar] [CrossRef]
  37. Fernández, A.; Garcia, S.; Herrera, F.; Chawla, N. SMOTE for Learning from Imbalanced Data: Progress and Challenges, Marking the 15-year Anniversary. J. Artif. Intell. Res. 2018, 61, 863–905. [Google Scholar] [CrossRef]
  38. Mirza, M.; Osindero, S. Conditional Generative Adversarial Nets. arXiv 2014, arXiv:1411.1784. [Google Scholar]
Figure 1. Relationship between vulnerabilities and impact of attacks.
Figure 1. Relationship between vulnerabilities and impact of attacks.
Information 15 00740 g001
Figure 2. Failure-data scarcity and augmentation practices in predictive maintenance.
Figure 2. Failure-data scarcity and augmentation practices in predictive maintenance.
Information 15 00740 g002
Figure 3. NASA Commercial Modular Aero-Propulsion Simulation System (N-CMAPSS) [34].
Figure 3. NASA Commercial Modular Aero-Propulsion Simulation System (N-CMAPSS) [34].
Information 15 00740 g003
Figure 4. Compact workflow diagram for IoT system integration.
Figure 4. Compact workflow diagram for IoT system integration.
Information 15 00740 g004
Figure 5. Time-series data augmentation.
Figure 5. Time-series data augmentation.
Information 15 00740 g005
Figure 6. Time GAN architecture, kernels and loss functions.
Figure 6. Time GAN architecture, kernels and loss functions.
Information 15 00740 g006
Figure 7. Exploratory data analysis of FD001 N-CMAPSS dataset.
Figure 7. Exploratory data analysis of FD001 N-CMAPSS dataset.
Information 15 00740 g007
Figure 8. TimeGAN training process.
Figure 8. TimeGAN training process.
Information 15 00740 g008
Figure 9. Visualization of synthetic data and original data with PCA and t-SNE.
Figure 9. Visualization of synthetic data and original data with PCA and t-SNE.
Information 15 00740 g009
Figure 10. Training and validation performance of the classifier over 250 epochs. The left panel shows accuracy, and the right panel shows AUC. Solid lines represent training metrics, and dashed lines represent validation metrics.
Figure 10. Training and validation performance of the classifier over 250 epochs. The left panel shows accuracy, and the right panel shows AUC. Solid lines represent training metrics, and dashed lines represent validation metrics.
Information 15 00740 g010
Table 1. CMAPSS dataset fault scenarios.
Table 1. CMAPSS dataset fault scenarios.
LabelDescription
FD001Simulates a single fault mode in the HPC.
FD002Simulates a single fault mode in the HPC under multiple operating conditions.
FD003Simulates two fault modes (HPC and fan) under a single operating condition.
FD004Simulates two fault modes (HPC and fan) under multiple operating conditions.
Table 2. Comparative overview of datasets FD001, FD002, FD003, and FD004.
Table 2. Comparative overview of datasets FD001, FD002, FD003, and FD004.
MetricFD001FD002FD003FD004
Train units100260100249
Test units100259100248
ConditionsSea LevelSIXSea LevelSIX
Fault modesHPCHPCHPC and FanHPC and Fan
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Share and Cite

MDPI and ACS Style

Amato, F.; Cirillo, E.; Fonisto, M.; Moccardi, A. Detecting Adversarial Attacks in IoT-Enabled Predictive Maintenance with Time-Series Data Augmentation. Information 2024, 15, 740. https://doi.org/10.3390/info15110740

AMA Style

Amato F, Cirillo E, Fonisto M, Moccardi A. Detecting Adversarial Attacks in IoT-Enabled Predictive Maintenance with Time-Series Data Augmentation. Information. 2024; 15(11):740. https://doi.org/10.3390/info15110740

Chicago/Turabian Style

Amato, Flora, Egidia Cirillo, Mattia Fonisto, and Alberto Moccardi. 2024. "Detecting Adversarial Attacks in IoT-Enabled Predictive Maintenance with Time-Series Data Augmentation" Information 15, no. 11: 740. https://doi.org/10.3390/info15110740

APA Style

Amato, F., Cirillo, E., Fonisto, M., & Moccardi, A. (2024). Detecting Adversarial Attacks in IoT-Enabled Predictive Maintenance with Time-Series Data Augmentation. Information, 15(11), 740. https://doi.org/10.3390/info15110740

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop