pith. sign in

arxiv: 2605.15874 · v1 · pith:ZXLPK6IZnew · submitted 2026-05-15 · 💻 cs.LG

Ti-iLSTM: A TinyDL Approach for Logic-Level Anomaly Detection in Industrial Water Treatment Systems

Mandar Joshi , Farzana Zahid , Judy Bowen , Matthew M.Y. Kuo , Valeriy Vyatkin , Emil Karlsson This is my paper

Pith reviewed 2026-05-20 20:33 UTC · model grok-4.3

classification 💻 cs.LG
keywords anomaly detectionindustrial control systemsTinyDLLSTMcyber-physical systemslogic-layer attacksSWaT datasetPLC security
0
0 comments X

The pith

A memory-optimized incremental LSTM detects logic-layer anomalies in industrial water treatment by learning sequence patterns in process measurements.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper establishes that a TinyDL-optimized LSTM can identify logic-layer deception attacks in PLC-controlled water systems, where sensor values stay numerically plausible but causal relationships in the control process are broken. These attacks evade threshold checks and demand models too heavy for on-device use. The Ti-iLSTM variant reduces the memory and compute footprint of standard LSTM while retaining sequence-learning capability, yielding an F1-score of 0.983 and ROC-AUC of 0.998 on the SWaT dataset. A second validation pass on the WADI dataset shows the same lightweight framework continues to work without retraining from scratch. If correct, this removes the need for server-scale detectors and places logic-level protection directly inside resource-limited industrial controllers.

Core claim

The central claim is that combining logic-aware supervision with a space- and memory-optimized incremental LSTM produces an accurate anomaly detector that fits inside Programmable Logic Controllers. On the SWaT dataset the model reaches F1-score 0.983 and ROC-AUC 0.998; the same architecture, without major redesign, maintains usable performance on the independent WADI dataset.

What carries the argument

Ti-iLSTM, a TinyDL-based incremental LSTM that shrinks the memory and parameter footprint of standard LSTM so the network can run on-device inside PLCs while still learning temporal cause-and-effect violations from raw process measurements.

If this is right

  • Anomaly detection becomes feasible inside existing PLC hardware without additional servers or specialized chips.
  • Detection no longer requires hand-coded rules for every causal relationship in the process.
  • The same trained model transfers to a second industrial water-treatment testbed with only minor retraining.
  • Real-time response to stealthy attacks becomes possible at the edge rather than after data leaves the plant.
  • Memory and compute savings allow the detector to share the PLC with normal control logic.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • The same optimization pattern could be applied to other sequence models such as GRUs or transformers to further reduce size for even smaller controllers.
  • Adding a small amount of explicit rule information as auxiliary input might raise performance on anomalies that are still missed by pure sequence learning.
  • Deployment on actual PLC firmware would reveal whether the reported memory figures survive compilation and real-time scheduling constraints.
  • The method may generalize to other cyber-physical domains such as power grids or manufacturing lines that use similar PLC architectures.

Load-bearing premise

Logic-layer deception anomalies that keep measurements numerically plausible can still be spotted by sequence learning on those measurements alone, without any explicit model of the control rules.

What would settle it

A new test dataset containing logic anomalies whose measurement sequences closely mimic normal operation; if the model’s F1-score falls below 0.7 on this set while threshold-based detectors also fail, the sequence-only premise does not hold.

Figures

Figures reproduced from arXiv: 2605.15874 by Emil Karlsson, Farzana Zahid, Judy Bowen, Mandar Joshi, Matthew M.Y. Kuo, Valeriy Vyatkin.

Figure 1
Figure 1. Figure 1: Overview of the proposed Ti-iLSTM framework Based on these considerations, the aim of this study is to propose a novel TinyDL-based incremental LSTM (Ti￾iLSTM) framework that uses short time sequences of sensor and actuator data to detect logic-layer anomalies in PLC￾based IWTS. To achieve this, we address the following research questions: • RQ1: Which ML/DL-based anomaly detection ap￾proaches for IWTS are… view at source ↗
Figure 2
Figure 2. Figure 2: Data pre-processing during training phase even when individual values remain numerically plausible, if the joint behaviour violates expected operational depen￾dencies [24]. The primary dataset used in this work for training the model is the Secure Water Treatment (SWaT) testbed (July 2019 release (v2)) [36]. It is a publicly available bench￾mark that captures time-series measurements, logged at one￾second … view at source ↗
Figure 3
Figure 3. Figure 3: shows the incremental training workflow. The workflow consists of four steps: sequence builder, LSTM training, resource logging, and validation. Each of these steps repeat for each chunk until the final optimised model is obtained. In the first step, the processed (after data pre￾processing) data is divided into chunk and each data chunk is passed to the sequence builder. The sequence builder constructs ov… view at source ↗
Figure 4
Figure 4. Figure 4: Experimental evaluation and prediction workflow for Ti-iLSTM 4. Experimental Results and Discussion This section describes the datasets, execution platforms, model configuration, and evaluation metrics used to assess the proposed Ti-iLSTM framework. It aslo presents the detection performance of the proposed Ti-iLSTM frame￾work on the SWaT dataset, the effect of each light-weight design parameter, runtime r… view at source ↗
Figure 5
Figure 5. Figure 5: Features selection based on correlation filtering [PITH_FULL_IMAGE:figures/full_fig_p009_5.png] view at source ↗
Figure 6
Figure 6. Figure 6: E8 threshold experiment (Threshold = 0.5): per￾formance (F1, ROC-AUC) and resource usage (RSS memory) across incremental update chunks on SWaT during training. that most anomalies are successfully detected, but this comes with a drop in precision to 0.9592, leading to more false alarms. On the other hand, a higher threshold of 0.9 improves precision to 0.9940, but recall drops significantly to 0.8910, mean… view at source ↗
Figure 7
Figure 7. Figure 7: Confusion matrix for the incremental LSTM on the SWaT test set [PITH_FULL_IMAGE:figures/full_fig_p012_7.png] view at source ↗
read the original abstract

Industrial Water Treatment Systems (IWTS) are safety critical cyber-physical infrastructures and due to increased connectivity, these systems are exposed to cyber threats that can manipulate process behaviour without creating obvious devices outliers. In particular, logic-layer deception anomalies can preserve numerically plausible measurements while breaking expected cause-and-effect relationships in the control process. These attacks are difficult to detect using threshold-based monitoring or require heavy server-oriented anomaly detection models. This paper explores the potential of Tiny Deep Learning (TinyDL) to provide lightweight on-device logic-level anomaly detection for resource constrained Programmable Logic Controllers (PLCs). We propose a novel framework, TinyDL-based incremental LSTM (Ti-iLSTM) which optimises the memory and space foot print of Long Short-Term Memory (LSTM), to detect logic-layer inconsistencies in Programmable Logic Controller (PLC) based Industrial Water Treatment Systems (IWTS). Experiments on the publicly available SWaT dataset show that the optimised model achieves high detection performance (F1-score=0.983 and ROC-AUC=0.998). A deployment-style validation on the WADI dataset confirms that the proposed light-weight framework remains applicable beyond a single dataset. The research demonstrates that combining logic-aware supervision with Tiny Deep Learning (TinyDL) sequence learning creates an efficient and accurate anomaly detection suitable for resource constrained Programmable Logic Controllers (PLCs) in industrial environments.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

2 major / 2 minor

Summary. The paper proposes Ti-iLSTM, a Tiny Deep Learning optimized incremental LSTM for lightweight on-device detection of logic-layer deception anomalies in Industrial Water Treatment Systems (IWTS). These anomalies preserve numerically plausible sensor values while violating cause-and-effect relationships enforced by PLC control logic. The model is trained on process variable sequences from the SWaT dataset, achieving F1-score 0.983 and ROC-AUC 0.998, with deployment-style validation on the WADI dataset to demonstrate cross-dataset applicability for resource-constrained PLCs.

Significance. If the central claim holds, the work would demonstrate that TinyDL sequence models can perform logic-level anomaly detection without heavy server infrastructure, addressing a practical gap in securing safety-critical cyber-physical systems against deception attacks that evade threshold-based monitoring.

major comments (2)
  1. [Section 3] Section 3 (Ti-iLSTM architecture and training): The manuscript claims 'logic-aware supervision' is combined with TinyDL sequence learning, yet provides no description of how PLC control rules (e.g., interlock logic, actuator-state dependencies, or cause-effect constraints) are encoded, injected, or used as supervision signals. Without this mechanism, it remains unclear whether the reported performance reflects detection of logic violations or simply statistical outlier detection on temporal correlations.
  2. [Experiments] Experimental evaluation (SWaT and WADI results): High F1 and ROC-AUC values are presented, but the paper supplies no ablation studies, baseline comparisons against models that explicitly encode control logic, or error analysis of false positives on deception-style attacks. This leaves open whether the performance is attributable to the claimed logic-level capability or to standard sequence modeling.
minor comments (2)
  1. [Abstract] The abstract and introduction use the term 'logic-aware supervision' without a concise definition or forward reference to the section where the supervision procedure is specified.
  2. [Figures/Tables] Figure captions and table headings should explicitly state whether reported metrics are on the test set, validation set, or cross-dataset transfer to avoid ambiguity in the deployment-style validation claim.

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for their constructive and detailed feedback. The comments identify key areas where additional clarification and experimental support are needed to strengthen the claims regarding logic-aware supervision and the attribution of performance to logic-level detection. We address each major comment below and will revise the manuscript accordingly.

read point-by-point responses

  1. Referee: [Section 3] Section 3 (Ti-iLSTM architecture and training): The manuscript claims 'logic-aware supervision' is combined with TinyDL sequence learning, yet provides no description of how PLC control rules (e.g., interlock logic, actuator-state dependencies, or cause-effect constraints) are encoded, injected, or used as supervision signals. Without this mechanism, it remains unclear whether the reported performance reflects detection of logic violations or simply statistical outlier detection on temporal correlations.

    Authors: We appreciate the referee highlighting this ambiguity. In the submitted manuscript, logic-aware supervision is implemented implicitly by training exclusively on normal operational sequences from SWaT that respect the underlying PLC control logic's cause-and-effect relationships; the incremental LSTM learns to model these expected temporal patterns, and anomalies are detected as deviations. No explicit rule injection into the architecture or loss function is performed. We agree that the current text does not sufficiently describe the data curation process that enforces these constraints. We will revise Section 3 to add a dedicated subsection explaining how interlock logic and actuator dependencies are used during dataset preparation and sequence construction, making clear that the approach relies on data-driven learning of logic-compliant patterns rather than symbolic rule encoding. revision: yes

  2. Referee: [Experiments] Experimental evaluation (SWaT and WADI results): High F1 and ROC-AUC values are presented, but the paper supplies no ablation studies, baseline comparisons against models that explicitly encode control logic, or error analysis of false positives on deception-style attacks. This leaves open whether the performance is attributable to the claimed logic-level capability or to standard sequence modeling.

    Authors: We acknowledge that the experimental section would benefit from stronger controls to isolate the contribution of the logic-aware aspect. The reported F1 and AUC are measured on SWaT deception attacks specifically constructed to violate cause-effect logic while preserving plausible values, with cross-dataset validation on WADI. To address the referee's concern, we will add ablation studies (e.g., non-incremental LSTM and non-TinyDL variants) and a baseline comparison against a lightweight rule-based checker that directly verifies actuator-sensor dependencies extracted from system documentation. We will also include a targeted error analysis of false positives on the deception attacks. These results and the corresponding discussion will be incorporated into the revised manuscript. revision: yes

Circularity Check

0 steps flagged

No significant circularity; results are experimental outcomes on public datasets

full rationale

The paper proposes Ti-iLSTM as an optimized incremental LSTM variant for anomaly detection and reports F1/ROC-AUC metrics from direct experiments on the SWaT and WADI datasets. No equations, derivations, or self-citations appear that reduce the claimed performance to fitted parameters by construction, self-definitional loops, or load-bearing prior work by the same authors. The central claims rest on empirical validation rather than any mathematical reduction to inputs.

Axiom & Free-Parameter Ledger

1 free parameters · 1 axioms · 1 invented entities

Abstract-only review yields very limited visibility into parameters and assumptions; the central claim rests on the unexamined premise that sequence models can capture logic inconsistencies from measurements alone.

free parameters (1)
  • LSTM optimization hyperparameters
    Memory and space footprint optimizations are mentioned but no specific values or selection process are given in the abstract.
axioms (1)
  • domain assumption Logic-layer deception anomalies preserve numerically plausible measurements while breaking expected cause-and-effect relationships
    Directly stated in the abstract as the defining property of the target attacks.
invented entities (1)
  • Ti-iLSTM no independent evidence
    purpose: TinyDL-optimized incremental LSTM for on-device logic anomaly detection
    Introduced as a novel framework without reference to external validation or prior independent evidence.

pith-pipeline@v0.9.0 · 5790 in / 1388 out tokens · 107607 ms · 2026-05-20T20:33:00.411231+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Lean theorems connected to this paper

Citations machine-checked in the Pith Canon. Every link opens the source theorem in the public Lean library.

  • IndisputableMonolith/Cost/FunctionalEquation.lean washburn_uniqueness_aczel unclear
    ?
    unclear

    Relation between the paper passage and the cited Recognition theorem.

    We propose a novel framework, TinyDL-based incremental LSTM (Ti-iLSTM) which optimises the memory and space foot print of Long Short-Term Memory (LSTM), to detect logic-layer inconsistencies in Programmable Logic Controller (PLC) based Industrial Water Treatment Systems (IWTS).

  • IndisputableMonolith/Foundation/ArithmeticFromLogic.lean LogicNat induction and embed unclear
    ?
    unclear

    Relation between the paper passage and the cited Recognition theorem.

    anomaly labels are constructed without relying on dataset-provided attack annotations. The labels in this study are derived from interpretable process rules that capture violations of expected cause-and-effect relationships between sensors and actuators

What do these tags mean?
matches
The paper's claim is directly supported by a theorem in the formal canon.
supports
The theorem supports part of the paper's argument, but the paper may add assumptions or extra steps.
extends
The paper goes beyond the formal theorem; the theorem is a base layer rather than the whole result.
uses
The paper appears to rely on the theorem as machinery.
contradicts
The paper's claim conflicts with a theorem or certificate in the canon.
unclear
Pith found a possible connection, but the passage is too broad, indirect, or ambiguous to say the theorem truly supports the claim.

Reference graph

Works this paper leans on

52 extracted references · 52 canonical work pages · 1 internal anchor

  1. [1]

    To- wardsEnhancedCybersecurityinIndustrialControlSystems:ASys- tematic Review of Context-Based Modeling, Digital Twins, and Ma- chineLearningApproaches

    Abraham, D., Erceylan, G., Gkioulos, V., Houmb, S.H., 2025. To- wardsEnhancedCybersecurityinIndustrialControlSystems:ASys- tematic Review of Context-Based Modeling, Digital Twins, and Ma- chineLearningApproaches. InternationalJournalofInformationSe- curity 24, 243.https://dl.acm.org/doi/10.1007/s10207-025-01158-1

    work page doi:10.1007/s10207-025-01158-1 2025

  2. [2]

    Ahmed, C.M., Palleti, V.R., Mathur, A.P., 2017. Wadi: a water distributiontestbedforresearchinthedesignofsecurecyberphysical systems, in: Proceedings of the 3rd international workshop on cyber- physical systems for smart water networks, pp. 25–28.https://doi. org/10.1145/3055366.3055375

    work page doi:10.1145/3055366.3055375 2017

  3. [3]

    Shap enhanced transformer gwo boosting model for transparent and robust anomaly detection in iiot environments

    Aly, M., Alotaibi, N.M., 2025. Shap enhanced transformer gwo boosting model for transparent and robust anomaly detection in iiot environments. Scientific Reports 15, 41037

    work page 2025

  4. [4]

    Enhancing anomaly detection in iot-driven factories using logistic boosting, random forest, and svm: A comparative machine learning approach

    Aly, M., Behiry, M.H., 2025. Enhancing anomaly detection in iot-driven factories using logistic boosting, random forest, and svm: A comparative machine learning approach. Scientific Re- ports 15. doi:10.1038/s41598-025-08436-x.https://doi.org/10.1038/ s41598-025-08436-x

    work page doi:10.1038/s41598-025-08436-x.https://doi.org/10.1038/ 2025

  5. [5]

    Cybersecurityof waterscadasystems—parti:Analysisandexperimentationofstealthy deception attacks

    Amin,S.,Litrico,X.,Sastry,S.,Bayen,A.M.,2013. Cybersecurityof waterscadasystems—parti:Analysisandexperimentationofstealthy deception attacks. IEEE Transactions on Control Systems Technol- ogy 21, 1963–1970. doi:10.1109/TCST.2012.2211873.https://bayen. berkeley.edu/sites/default/files/cyber_security_of_water_i.pdf

    work page doi:10.1109/tcst.2012.2211873.https://bayen 2013

  6. [6]

    An adaptable and unsupervised tinyml anomaly detection sys- tem for extreme industrial environments

    Antonini, M., Pincheira, M., Vecchio, M., Antonelli, F., 2023. An adaptable and unsupervised tinyml anomaly detection sys- tem for extreme industrial environments. Sensors 23, 2344. Https://www.mdpi.com/1424-8220/23/4/2344

    work page 2023

  7. [7]

    Aslam, M.M., De Silva, L.C., Haji Mohd Apong, R.A.A., Tufail, A.,

    work page

  8. [8]

    Scientific Reports 15

    An optimized anomaly detection framework in industrial con- trolsystemsthroughgreywolfoptimizerandautoencoderintegration. Scientific Reports 15. doi:10.1038/s41598-025-12775-0

    work page doi:10.1038/s41598-025-12775-0

  9. [9]

    Mlino bench: A compre- hensivebenchmarkingtoolforevaluatingmlmodelsonedgedevices

    Baciu, V.E., Stiens, J., da Silva, B., 2024. Mlino bench: A compre- hensivebenchmarkingtoolforevaluatingmlmodelsonedgedevices. Journal of Systems Architecture 155, 103262

    work page 2024

  10. [10]

    A deep multi-modal cyber-attack detection in industrial control systems, in: 2023IEEEInternationalConferenceonIndustrialTechnology(ICIT), IEEE

    Bahadoripour, S., MacDonald, E., Karimipour, H., 2023. A deep multi-modal cyber-attack detection in industrial control systems, in: 2023IEEEInternationalConferenceonIndustrialTechnology(ICIT), IEEE. pp. 1–6

    work page 2023

  11. [11]

    Pearson correlation coefficient, in: Noise reduction in speech processing

    Benesty, J.,Chen, J.,Huang, Y.,Cohen, I.,2009. Pearson correlation coefficient, in: Noise reduction in speech processing. Springer, pp. 1–4

    work page 2009

  12. [12]

    Anomaly Detection for a Water Treatment System Based on One-Class Neural Network

    Boateng, E.A., Bruce, J.W., Talbert, D.A., 2022. Anomaly Detection for a Water Treatment System Based on One-Class Neural Network. IEEE access 10, 115179–115191

    work page 2022

  13. [13]

    Random forests

    Breiman, L., 2001. Random forests. Machine learning 45, 5–32. https://link.springer.com/article/10.1023/A:1010933404324

    work page doi:10.1023/a:1010933404324 2001

  14. [14]

    Smote: synthetic minority over-sampling technique

    Chawla, N.V., Bowyer, K.W., Hall, L.O., Kegelmeyer, W.P., 2002. Smote: synthetic minority over-sampling technique. Journal of arti- ficial intelligence research 16, 321–357.https://dl.acm.org/doi/10. 5555/1622407.1622416

    work page arXiv 2002

  15. [15]

    Precision and recall - wikipedia

    Contributors to Wikimedia projects, 2007. Precision and recall - wikipedia. URL:https://en.wikipedia.org/wiki/Precision_and_ recall

    work page 2007

  16. [16]

    An introduction to ROC analysis

    Fawcett, T., 2006. An introduction to ROC analysis. Pattern recognition letters 27, 861–874

    work page 2006

  17. [17]

    Learning to forget: Continual prediction with lstm

    Gers, F.A., Schmidhuber, J., Cummins, F., 2000. Learning to forget: Continual prediction with lstm. Neural computation 12, 2451–2471. https://dl.acm.org/doi/10.1162/089976600300015015

    work page doi:10.1162/089976600300015015 2000

  18. [18]

    Ananalyticalsurveyofcyber-physical systems in water treatment and distribution: Security challenges, intrusion detection, and future directions

    Gulzar,Q.,Mustafa,K.,2024. Ananalyticalsurveyofcyber-physical systems in water treatment and distribution: Security challenges, intrusion detection, and future directions. Security and Privacy 7, e440

    work page 2024

  19. [19]

    Gene selection for cancer classification using support vector machines

    Guyon, I., Weston, J., Barnhill, S., Vapnik, V., 2002. Gene selection for cancer classification using support vector machines. Machine learning 46, 389–422.https://link.springer.com/article/10.1023/ A:1012487302797

    work page 2002

  20. [20]

    Cybersecurity in water distribution networks: a systematic review of ai-based detection algorithms

    Habib,M.A.,Jurcut,A.D.,Ahmed,H.,Wei,W.,Salauddin,M.,2026. Cybersecurity in water distribution networks: a systematic review of ai-based detection algorithms. Water 18, 519

    work page 2026

  21. [21]

    Improvingsiemforcriticalscadawaterinfrastructuresusingmachine learning,in:InternationalWorkshoponSecurityandPrivacyRequire- ments Engineering, Springer

    Hindy, H., Brosset, D., Bayne, E., Seeam, A., Bellekens, X., 2018. Improvingsiemforcriticalscadawaterinfrastructuresusingmachine learning,in:InternationalWorkshoponSecurityandPrivacyRequire- ments Engineering, Springer. pp. 3–19.https://link.springer.com/ chapter/10.1007/978-3-030-12786-2_1

    work page doi:10.1007/978-3-030-12786-2_1 2018

  22. [22]

    Long short-term memory

    Hochreiter, S., Schmidhuber, J., 1997. Long short-term memory. Neural computation 9, 1735–1780.https://ieeexplore.ieee.org/ abstract/document/6795963

    work page arXiv 1997

  23. [23]

    Causal digital twins for cyber-physical security in water systems: A framework for robust anomaly detection

    Homaei, M., Tarif, M., Rodríguez, P.G., Caro, A., Ávila, M., 2025. Causal digital twins for cyber-physical security in water systems: A framework for robust anomaly detection. Machine Learning with Applications , 100824

    work page 2025

  24. [24]

    De- tecting Stealthy Attacks Against Industrial Control Systems Based on Residual Skewness Analysis

    Hu, Y., Li, H., Yang, H., Sun, Y., Sun, L., Wang, Z., 2019. De- tecting Stealthy Attacks Against Industrial Control Systems Based on Residual Skewness Analysis. EURASIP Journal on Wireless Communications and Networking 2019, 74.https://doi.org/10. 1186/s13638-019-1389-1

    work page 2019

  25. [25]

    Anomaly Detection for a Water Treatment System Using Unsuper- vised Machine Learning, in: 2017 IEEE international conference on data mining workshops (ICDMW), IEEE

    Inoue, J., Yamagata, Y., Chen, Y., Poskitt, C.M., Sun, J., 2017. Anomaly Detection for a Water Treatment System Using Unsuper- vised Machine Learning, in: 2017 IEEE international conference on data mining workshops (ICDMW), IEEE. pp. 1058–1065.https: //ieeexplore.ieee.org/document/8215783

    work page arXiv 2017

  26. [26]

    Feature Selection and Ensemble-Based Intrusion Detection System: An Efficient and Comprehensive Ap- proach

    Jaw, E., Wang, X., 2021. Feature Selection and Ensemble-Based Intrusion Detection System: An Efficient and Comprehensive Ap- proach. Symmetry 13, 1764

    work page 2021

  27. [27]

    Edge conditional node update graph neural network for multivariate time series anomaly detection

    Jo, H., Lee, S.W., 2024. Edge conditional node update graph neural network for multivariate time series anomaly detection. Informa- tion Sciences 679, 121062.https://www.sciencedirect.com/science/ article/pii/S0020025524009769

    work page 2024

  28. [28]

    Model-Based Security Analysis of a Water Treatment System, in: Proceedings of the 2nd International Workshop on Software Engineering for Smart Cyber-Physical Systems, pp

    Kang, E., Adepu, S., Jackson, D., Mathur, A.P., 2016. Model-Based Security Analysis of a Water Treatment System, in: Proceedings of the 2nd International Workshop on Software Engineering for Smart Cyber-Physical Systems, pp. 22–28.https://dl.acm.org/doi/10. 1145/2897035.2897041

    work page arXiv 2016

  29. [29]

    Leak- age in data mining: Formulation, detection, and avoidance

    Kaufman, S., Rosset, S., Perlich, C., Stitelman, O., 2012. Leak- age in data mining: Formulation, detection, and avoidance. ACM Transactions on Knowledge Discovery from Data (TKDD) 6, 1–21. https://dl.acm.org/doi/10.1145/2382577.2382579

    work page doi:10.1145/2382577.2382579 2012

  30. [30]

    Multicollinearity and misleading statistical results

    Kim, J.H., 2019. Multicollinearity and misleading statistical results. Koreanjournalofanesthesiology72,558–569.https://pubmed.ncbi. nlm.nih.gov/31304696/

    work page arXiv 2019

  31. [31]

    A study of cross-validation and boot- strap for accuracy estimation and model selection, in: Ijcai, Mon- treal,Canada.pp.1137–1145

    Kohavi, R., et al., 1995. A study of cross-validation and boot- strap for accuracy estimation and model selection, in: Ijcai, Mon- treal,Canada.pp.1137–1145. Https://www.ijcai.org/Proceedings/95- 2/Papers/016.pdf

    work page 1995

  32. [32]

    Cy- berattack detection on swat plant industrial control systems using machine learning

    Komol, M.M., Dong, N., Jaradat, S., Elhenawy, M., 2024. Cy- berattack detection on swat plant industrial control systems using machine learning. Artificial Intelligence and Autonomous Sys- tems 1. URL:https://doi.org/10.55092/aias20240006, doi:10.55092/ aias20240006,arXiv:https://doi.org/10.55092/aias20240006

    work page doi:10.55092/aias20240006 2024

  33. [33]

    Anomaly Detection Method Considering PLC Control Logic Structure for ICS Cyber Threat Detection

    Lee, J.H., Ji, I.H., Jeon, S.H., Seo, J.T., 2025. Anomaly Detection Method Considering PLC Control Logic Structure for ICS Cyber Threat Detection. Applied Sciences 15, 3507

    work page 2025

  34. [34]

    Anomaly detection method for industrial control system operation data based on time–frequency fusion feature attention encoding

    Liu, J., Sha, Y., Zhang, W., Yan, Y., Liu, X., 2024. Anomaly detection method for industrial control system operation data based on time–frequency fusion feature attention encoding. Sensors 24. doi:10.3390/s24186131.https://www.mdpi.com/1424-8220/24/18/6131

    work page doi:10.3390/s24186131.https://www.mdpi.com/1424-8220/24/18/6131 2024

  35. [35]

    Research on anomaly detection in wastewater treatment systems based on a vae-lstm fusion model

    Liu, X., Gong, Z., Zhang, X., 2025. Research on anomaly detection in wastewater treatment systems based on a vae-lstm fusion model. Water 17, 2842.https://www.mdpi.com/2073-4441/17/19/2842

    work page 2025

  36. [36]

    An unsupervised framework for anomaly detection in a water treatment system, in: 2019 18th IEEE international conference on machine learning and applications (ICMLA), IEEE

    Macas, M., Wu, C., 2019. An unsupervised framework for anomaly detection in a water treatment system, in: 2019 18th IEEE international conference on machine learning and applications (ICMLA), IEEE. pp. 1298–1305.https://ieeexplore.ieee.org/ document/8999210. M. Joshi et al.:Preprint submitted to ElsevierPage 13 of 14 Ti-iLSTM: A TinyDL Approach for Logic-...

    work page arXiv 2019

  37. [37]

    SWaT: A Water Treat- ment Testbed for Research and Training on ICS security, in: 2016 international workshop on cyber-physical systems for smart water networks (CySWater), IEEE

    Mathur, A.P., Tippenhauer, N.O., 2016. SWaT: A Water Treat- ment Testbed for Research and Training on ICS security, in: 2016 international workshop on cyber-physical systems for smart water networks (CySWater), IEEE. pp. 31–36.https://www.computer.org/ csdl/proceedings-article/cyswater/2016/07469060/12OmNAkEU26

    work page 2016

  38. [38]

    The convergence of IT and OT in critical infrastructure, in: 15th Australian Information Security Management Conference, p

    Murray, G., Johnstone, M.N., Valli, C., 2017. The convergence of IT and OT in critical infrastructure, in: 15th Australian Information Security Management Conference, p. 149

    work page 2017

  39. [39]

    Fusing design and machine learning foranomalydetectioninwatertreatmentplants

    Raman, G., Mathur, A., 2024. Fusing design and machine learning foranomalydetectioninwatertreatmentplants. Electronics13,2267. https://www.mdpi.com/2079-9292/13/12/2267

    work page 2024

  40. [40]

    Rüb, M., Tuchel, P., Sikora, A., Mueller-Gritschneder, D.,

    work page

  41. [41]

    A continual and incremental learning approach for tinyml on-device training using dataset distillation and model size adaption, in: 2024 IEEE 7th International Conference on Industrial Cyber-Physical Systems (ICPS), IEEE. pp. 1–8. Https://ieeexplore.ieee.org/document/10639989/

    work page arXiv 2024

  42. [42]

    ACM Computing Surveys 58, 1–33

    Somvanshi, S., Islam, M.M., Chhetri, G., Chakraborty, R., Mimi, M.S.,Shuvo,S.A.,Islam,K.S.,Javed,S.,Rafat,S.A.,Dutta,A.,etal., 2025.FromTinyMachineLearningtoTinyDeepLearning:ASurvey. ACM Computing Surveys 58, 1–33

    work page 2025

  43. [43]

    Characterizingcyber-physicalattacksonwaterdistribution systems

    Taormina, R., Galelli, S., Tippenhauer, N.O., Salomons, E., Ostfeld, A.,2017. Characterizingcyber-physicalattacksonwaterdistribution systems. Journal of Water Resources Planning and Management 143, 04017009. doi:10.1061/(ASCE)WR.1943-5452.0000749.http:// www.eladsalomons.com/wp-content/uploads/Taormina_et_al_2017.pdf

    work page doi:10.1061/(asce)wr.1943-5452.0000749.http:// 2017

  44. [44]

    A systematic review of the state of cyber-security in water systems

    Tuptuk, N., Hazell, P., Watson, J., Hailes, S., 2021. A systematic review of the state of cyber-security in water systems. Water 13, 81. https://www.mdpi.com/2073-4441/13/1/81

    work page 2021

  45. [45]

    Limit- ing the Impact of Stealthy Attacks on Industrial Control Systems, in: Proceedings of the 2016 ACM SIGSAC conference on computer and communications security, pp

    Urbina, D.I., Giraldo, J.A., Cardenas, A.A., Tippenhauer, N.O., Va- lente,J.,Faisal,M.,Ruths,J.,Candell,R.,Sandberg,H.,2016. Limit- ing the Impact of Stealthy Attacks on Industrial Control Systems, in: Proceedings of the 2016 ACM SIGSAC conference on computer and communications security, pp. 1092–1105.https://doi.org/10.1145/ 2976749.2978388

    work page arXiv 2016

  46. [46]

    A Survey on Programmable Logic Controller Vulnerabilities, Attacks, Detections, and Forensics

    Wang,Z.,Zhang,Y.,Chen,Y.,Liu,H.,Wang,B.,Wang,C.,2023. A Survey on Programmable Logic Controller Vulnerabilities, Attacks, Detections, and Forensics. Processes 11, 918.https://www.mdpi.com/ 2227-9717/11/3/918

    work page 2023

  47. [47]

    Masked graph neural networks for unsupervised anomaly detection in multivariate time series

    Xu, K., Li, Y., Li, Y., Xu, L., Li, R., Dong, Z., 2023. Masked graph neural networks for unsupervised anomaly detection in multivariate time series. Sensors 23, 7552.https://www.mdpi.com/1424-8220/23/ 17/7552

    work page 2023

  48. [48]

    Yang, T., Jiang, X., Li, W., Liu, P., Wang, J., Hao, W., Yang, Q.,

    work page

  49. [49]

    PLoS One 20, e0324543.https://journals.plos

    Cloud-edge collaborative data anomaly detection in industrial sensor networks. PLoS One 20, e0324543.https://journals.plos. org/plosone/article?id=10.1371/journal.pone.0324543

    work page doi:10.1371/journal.pone.0324543

  50. [50]

    Light-weight slow-rate attack detection framework for resource-constrained industrial cy- ber–physicalsystems

    Zahid, F., Kuo, M.M., Sinha, R., 2025. Light-weight slow-rate attack detection framework for resource-constrained industrial cy- ber–physicalsystems. Computers&Security156,104508. doi:https: //doi.org/10.1016/j.cose.2025.104508

    work page doi:10.1016/j.cose.2025.104508 2025

  51. [51]

    pCAMP: Performance Comparison of Machine Learning Packages on the Edges

    Zhang, X., Wang, Y., Shi, W., 2018.{pCAMP}: Perfor- mance comparison of machine learning packages on the edges, in: USENIX workshop on hot topics in edge computing (HotEdge 18). Https://arxiv.org/abs/1906.01878

    work page internal anchor Pith review Pith/arXiv arXiv 2018

  52. [52]

    What is a Programmable Logic Controller (PLC)? Definition from TechTarget

    Zola, A., 2024. What is a Programmable Logic Controller (PLC)? Definition from TechTarget. URL:https://www.techtarget. com/whatis/definition/programmed-logic-controller-PLC?. [https://share.google/OPWzkLG5kJjhzN7pt]. M. Joshi et al.:Preprint submitted to ElsevierPage 14 of 14

    work page 2024