A Survey of Anomaly Detection in Cyber-Physical Systems
Danial Abshari, Meera Sridhar
TL;DR
This survey comprehensively maps anomaly detection in CPS across ML, DL, mathematics, invariants, and hybrids, emphasizing real-time requirements and cyber-physical integration. It catalogues architectures, vulnerabilities, and detection paradigms, including invariant-based and graph-theoretic methods, digital twins, and edge-enabled techniques. The work highlights challenges such as resource constraints, adversarial threats, and regulatory fragmentation, and identifies gaps in scalability, interpretability, and privacy. By detailing a wide array of methodologies and future directions, the paper underlines the need for robust, explainable, domain-informed anomaly detection to improve CPS safety and resilience in increasingly interconnected environments.
Abstract
In our increasingly interconnected world, Cyber-Physical Systems (CPS) play a crucial role in industries like healthcare, transportation, and manufacturing by combining physical processes with computing power. These systems, however, face many challenges, especially regarding security and system faults. Anomalies in CPS may indicate unexpected problems, from sensor malfunctions to cyber-attacks, and must be detected to prevent failures that can cause harm or disrupt services. This paper provides an overview of the different ways researchers have approached anomaly detection in CPS. We categorize and compare methods like machine learning, deep learning, mathematical models, invariant, and hybrid techniques. Our goal is to help readers understand the strengths and weaknesses of these methods and how they can be used to create safer, more reliable CPS. By identifying the gaps in current solutions, we aim to encourage future research that will make CPS more secure and adaptive in our increasingly automated world.