Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operations

5/19/2021
10:10 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

New Kaspersky Machine Learning for Anomaly Detection Predicts Breakdown of Production Processes

Woburn, MA – May 18, 2021 — Today Kaspersky announces that Kaspersky Machine Learning for Anomaly Detection (MLAD), designed to reveal deviations in production processes at the earliest stage, is now generally available as a commercial product. The detector is empowered with ML algorithms that analyze telemetry from machinery sensors. It warns of machine malfunctions by raising alerts as soon as manufacturing process parameters (tags) begin to behave in an unexpected way. Kaspersky MLAD provides a feature-rich graphical interface for detailed analysis of anomalies as well as tools that can integrate the product with existing systems to deliver alerts to operators’ dashboards.

In industrial settings, it is critical to keep technological processes on an optimal path and avoid interruptions such as equipment malfunctions, operator errors, or cyberattacks on industrial control systems. If something goes wrong, early detection can prevent disruption and therefore reduce the cost of downtime, the waste of raw materials and the impact of other serious consequences. According to Kaspersky estimates, a 50% reduction in downtime enables annual savings of up to $1 million for a large power plant or $2.5 million for an oil refinery.1

Kaspersky Machine Learning for Anomaly Detection’s neural network analyzes telemetry in real-time from various sensors used in the production process. It detects minor deviations such as a change in signals’ dynamics or correlations, and gives alerts before the values reach their thresholds and impact performance allowing plant operators to take preventive actions. To be able to detect anomalies, the neural network learns the normal behavior of the machine from historical telemetry data. If a parameter of the production process changes (for example, a new type of raw material is introduced) or a part of the machine is replaced, an operator can re-run the ML trainer to update the neural network. In addition to an ML-based detector, customized diagnostic rules for specific cases can be added at the customer’s request.

Kaspersky MLAD works in the existing plant’s infrastructure and does not require the installation of additional sensors. To obtain data and report the anomalies, Kaspersky MLAD connects to industrial control systems such as SCADA. Alternatively, it can be integrated with Kaspersky Industrial CyberSecurity for Networks. The product natively supports popular protocols including OPC UA, MQTT, AMQP, as well as REST, which makes it applicable to systems with diverse equipment.

Kaspersky MLAD provides a graphical interface for the analysis of detected anomalies. Thanks to the visualized time plots of all monitored processes, an expert can see what went wrong, when, and in what part of the system.

Advanced ML algorithms and the ability to adapt to particular industrial processes make Kaspersky Machine Learning for Anomaly Detection an essential tool to ensure smooth production,” comments Andrey Lavrentyev, head of technology research department at Kaspersky. “It complements monitoring systems and machine operators’ expertise with the ability to detect anomalies in a complex environment. No matter what causes the deviations, the downtime, equipment breakdowns and disasters can be prevented thanks to early alerts. We have been developing the technology for several years and today we’re happy to announce the general availability of the fully-fledged product to help customers achieve these benefits.”

For more information about Kaspersky Machine Learning for Anomaly Detection, please visit https://mlad.kaspersky.com/.

1 The estimation is based on Kaspersky analysis of different parameters such as duration of downtimes, parameters of economic activity of organizations, and modeling.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
What the FedEx Logo Taught Me About Cybersecurity
Matt Shea, Head of Federal @ MixMode,  6/4/2021
Edge-DRsplash-10-edge-articles
A View From Inside a Deception
Sara Peters, Senior Editor at Dark Reading,  6/2/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-34682
PUBLISHED: 2021-06-12
Receita Federal IRPF 2021 1.7 allows a man-in-the-middle attack against the update feature.
CVE-2021-31811
PUBLISHED: 2021-06-12
In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
CVE-2021-31812
PUBLISHED: 2021-06-12
In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
CVE-2021-32552
PUBLISHED: 2021-06-12
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-16 package apport hooks, it could expose private data to other local users.
CVE-2021-32553
PUBLISHED: 2021-06-12
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-17 package apport hooks, it could expose private data to other local users.