Hybrid Modelling for Anomaly Detection in Industrial Control Systems

Authors

  • Vincent Boerjan Open University, Heerlen, The Netherlands
  • Stefano Schivo Open University, Heerlen, The Netherlands
  • Clara Maathuis Open University, Heerlen, The Netherlands

DOI:

https://doi.org/10.34190/eccws.24.1.3502

Keywords:

Industrial Control Systems, Safety, Security, Attack Trees, Anomaly Detection, Machine Learning

Abstract

This research addresses the challenge of anomaly detection in Industrial Control Systems (ICS), recognizing the increasing importance of cyber security in these environments due to recent incidents and evolving technical and regulatory frameworks and mechanisms introduced. It does that by proposing a comprehensive hybrid modelling approach to anomaly detection that bridges the gap between theoretical research and practical applications in real-world industrial settings. Specifically, this methodology focuses on generating a custom dataset for anomaly detection, avoiding the limitations associated with artificial datasets. It does that by merging expert-based formal modelling with Machine Learning (ML) modelling in a Model-Driven Engineering approach aiming at assuring the security and reliability of critical control systems from the transportation and logistics domains. This research contributes to these fields by offering a logical, traceable, and adaptable framework for anomaly detection in ICS, addressing the current challenges identified in literature and regulatory requirements.

Author Biographies

Vincent Boerjan, Open University, Heerlen, The Netherlands

Ir. Vincent Boerjan is a railway safety engineer and information security professional. He holds a Master's in Electronics and IT from UHasselt and a Master's in Computer Science from the Open University. His work focusses on advancements in cybersecurity and AI applications for security.

Stefano Schivo, Open University, Heerlen, The Netherlands

Dr. Stefano Schivo is an Assistant Professor at the Open University (The Netherlands). With a PhD on Distributed Systems from the University of Trento (Italy), he has been involved in a number of projects ranging from bioinformatics to security, all with the common aspect of applying the strengths of formal methods to other research fields.

Clara Maathuis, Open University, Heerlen, The Netherlands

Dr.Ir. Clara Maathuis is Assistant Professor in AI and Cyber Security at Open University in the Netherlands. With a PhD in AI and Military Cyber Operations from Delft University of Technology, she is involved in teaching different AI and cyber security courses and conducts research in AI, cyber/information operations, military technologies, and social manipulation.

Downloads

Published

2025-06-25

Issue

Vol. 24 No. 1 (2025): Proceedings of the 24th European Conference on Cyber Warfare and Security

Section

Academic Papers

License

Copyright (c) 2025 European Conference on Cyber Warfare and Security

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.