Combined Anomaly Detection Framework for Digital Twins of Water Treatment Facilities

Digital twins of cyber-physical systems with automated process control using programmable logic controllers (PLCs) are increasingly popular nowadays. At the same time, security is also a growing concern system connectivity. This study develops combined anomaly detection framework (CADF) against various types attacks on digital twin in water treatment facilities. CADF utilizes PLC-based whitelist to detect anomalies that target actuators and deep learning approach natural gradient boosting (NGBoost) probabilistic assessment sensors. The effectiveness verified physical facility for membrane processes called Secure Water Treatment (SWaT) Singapore University Technology Design. Various attack scenarios tested SWaT by falsifying reported values sensors process. These include both trivial attacks, which commonly studied, as well non-trivial (i.e., sophisticated) rarely reported. results show performs very good accuracy all scenarios, particularly, it able sophisticated while ongoing before they can induce damage facility. be further extended other future.