A tale of two testbeds: a comparative study of attack detection techniques in CPS

Surabhi Athalye, Chuadhry Mujeeb Ahmed, Jianying Zhou

Research output: Chapter in Book/Report/Conference proceedingConference contribution book

3 Citations (Scopus)


Attack detection in cyber-physical systems (CPS) has been approached in several ways due to the complex interactions among the physical and cyber components. A comprehensive study is presented in this paper to compare different attack detection techniques and evaluate them based on a defined set of metrics. This work investigates model-based attack detectors that use mathematical system models with the sensor/actuator set as the input/output of the underlying physical processes. The detection mechanisms include statistical change monitoring (CUSUM and Bad-Data detectors) and a machine learning based-method that analyses the residual signal. This is a tale of two testbeds, a secure water treatment plant (SWaT) and a water distribution plant (WADI), which serve as case studies for the diverse range of CPS infrastructures found in cities today. The performance of the detection methods is experimentally studied by executing various types of attacks on the plants.
Original languageEnglish
Title of host publicationCritical Information Infrastructures Security
Subtitle of host publication15th International Conference, CRITIS 2020, Proceedings
EditorsAwais Rashid, Peter Popov
Place of PublicationCham, Switzerland
Number of pages14
ISBN (Print)9783030582951
Publication statusPublished - 26 Aug 2020
Event15th International Conference on Critical Information Infrastructures Security - Bristol, United Kingdom
Duration: 2 Sep 20203 Sep 2020

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume12332 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Conference15th International Conference on Critical Information Infrastructures Security
Abbreviated titleCRITIS 2020
Country/TerritoryUnited Kingdom


  • cyber-physical systems
  • model-based attack detection
  • water distribution systems
  • water treatment systems


Dive into the research topics of 'A tale of two testbeds: a comparative study of attack detection techniques in CPS'. Together they form a unique fingerprint.

Cite this