Guest editorial: Machine learning for secure cyber-physical industrial control systems

Information and communication technologies have increasingly been used to support the exchange of measurements and control signals in industrial control systems, making them important applications of cyber-physical industrial control systems (CPICSs) such as electrical power systems and intelligent transportation systems. While the communication infrastructure significantly facilitates the transmission of vast amounts of data over wide geographical areas, it makes CPICSs vulnerable to cyber-attacks; protecting CPICSs of critical infrastructures from cyber-attacks is crucial and challenging. In order to secure CPICSs, a variety of open challenges need to be tackled, including cyber-physical system modelling approaches, advanced intrusion detection systems, and resilient estimation and control methods. Machine learning (ML) and its emerging algorithms offer the potential of dealing with large-scale data analysis, data processing and decision-making in the security of CPICSs.

This special issue publishes state-of-the-art ML-based solutions for the open challenges in securing CPICSs of critical infrastructures.

When modelling cyber-attacks in CPICSs, most of existing works consider using external disturbances, which follow certain assumptions. While it is not sufficient to model cyber-attacks simply as disturbances, the paper ‘Game theoretic vulnerability management for secondary frequency control of islanded microgrids against false data injection (FDI) attacks’ by S. Liu et al. considers the dynamic interaction between the smart attacker (the spoofer) and the defender the microgrid control centre (MGCC). The authors propose a stochastic game between the MGCC and the attacker for enhancing the vulnerability of the MGCC to FDI attack (wireless spoof attack).

As communication networks are implemented for information exchange between the master and slave sides of bilateral teleoperation systems, they are also exposed to cyber-attack threats. The paper ‘Mode-dependent switching control of bilateral teleoperation against random denial-of-service attacks’ by L. Hu et al. analyses the performance of bilateral teleoperation systems in the presence of random denial-of-service (DoS) attacks and constant transmission delays and proposes a mode-dependent switching controller to mitigate the influence of DoS attacks.

While machine-learning algorithms are helpful in identifying cyber-attacks such as network intrusion, common network intrusion datasets are negatively affected by class imbalance; the normal traffic behaviour constitutes most of the dataset, whereas intrusion traffic behaviour forms a significantly smaller portion. The paper ‘Network intrusion detection using ML approaches: Addressing data imbalance’ by R. Ahsan et al. conducts a comparative evaluation on the impact of data imbalance of various ML algorithms and presents a hybrid voting classifier to improve the results.

To improve the anomaly detection performance when imbalanced datasets are used, the paper ‘A comparative analysis of CGAN-based oversampling for anomaly detection’ by R. Ahsan et al. proposes a CGAN-based anomaly detection solution by taking both data-level and algorithm-level structures into considerations.

The papers selected for this Special Issue cover a diversity of ML-based solutions for securing CPICSs, such as cyber-physical energy systems and tele-robotic systems. Furthermore, novel solutions for the data imbalance challenge in cyber-layer intrusion detection systems are highlighted in this issue. In future, ML and reinforcement learning algorithms may attract significant interests in tackling challenges in large-scale data analysis, data processing and decision-making involved in the security of CPICSs.