Enhancing Cybersecurity in Water Plant Infrastructure with SecureAI

Abstract

Water plant industries are a critical infrastructure that relies on legacy Supervisory Control and Data Acquisition (SCADA) systems, which were not designed to address modern cyber threats. Attackers utilise these vulnerabilities to create significant risks to the industries. As an example, recent incidents such as the attack on the Demin water plant and the Oldsmar water facility, where attackers gained unauthorised remote access to these water plants' systems. This emphasises the urgency of strengthening cybersecurity in this sector. This study investigates SecureAI, an AI-driven cybersecurity tool developed through the Dynamo project. SecureAI provides real-time anomaly detection, recommends isolating protocols to contain threats early, and generates post-incident training materials to improve operator readiness. To ensure that SecureAI implemented into critical infrastructure cannot become autonomous, the EU AI Act requires mandatory human oversight for all high-risk systems. The study includes an evaluation of SecureAI’s strengths, weaknesses, and ethical safeguards that align with the EU AI Act, the NIS2 Directive, and the NIST Cybersecurity Framework. Mock-up data on attack scenarios, best practices for the deployment of SecureAI, and an incident response script designed for operator use based on SecureAI alerts. This study bridges the gap between technical detection and regulatory compliance and extends the body of knowledge on AI-enabled cybersecurity measures in water plants. Moreover, SecureAI offers a scalable, operator-centric solution that strengthens resilience while ensuring transparency, compliance and human accountability.