Teaching Cyber Physical Systems to Keep Watch

Have you ever paused to consider what keeps clean water flowing, electricity humming, or chemical reactors safely contained, 24 hours a day? In operational technology (OT) environments, it is the industrial control systems (ICS) that run the world’s plants, pipelines, and power grids, supporting critical functions around the clock. But what happens if a single anomalous data packet could open a valve too far or spin a pump dry? This worst-case scenario plays out where the physical process meets raw sensor values. If an attacker can manipulate the physical process, it’s essentially game over. 

This alarming scenario became the foundation of a research at KPMG’s Offensive Security OT lab. At the heart of the investigation was one compelling question: 

Can just two weeks of sequential data teach an ICS to recognize what ‘business-as-usual’ feels like with such accuracy that any deviation immediately triggers alarm bells? 

Spoiler alert: yes, and the resulting model achieves near-perfect recall. 

Intrusion prevention systems are designed to prevent attackers from breaching network boundaries. But what happens if these initial defenses fail? Recent history, marked by high-profile attacks such as Stuxnet and Triton, has demonstrated vividly that perimeter defenses alone are insufficient. The harsh reality is: when attackers bypass traditional OT security, their goal is to infiltrate OT's level 0, where they can tamper with sensor data, manipulate actuator commands, and disrupt physical operations. At this level, every second counts. The consequence of unnoticed anomalies can mean not just lost productivity, but catastrophic physical outcomes.

Clearly, a more sophisticated defense strategy is needed. One capable of rapidly identifying subtle shifts in data patterns at the most fundamental level of ICS operations.

Long Short-Term Memory (LSTM) models are specialized forms of neural networks uniquely suited for sequential, time-series data. This is the exact type of data generated by ICS sensors and actuators. Unlike traditional neural networks, which treat each input independently, LSTMs excel at identifying patterns that emerge over time, learning from the past to anticipate future states. 

Think of an LSTM as a highly caffeinated spreadsheet that never forgets the last thousand rows of data. Its structure allows it to ‘remember’ relationships and patterns over extended periods, perfect for monitoring the rhythmic heartbeat of industrial control systems, where yesterday's flow rate indicates tomorrow's pressure. 

In order to train an LSTM model to detect anomalies, the Secure Water Treatment (SWaT) dataset was leveraged. It contains two weeks of detailed, realistic data from a water treatment facility and one hour in which six attacks were performed. The dataset captured values from 51 sensors and actuators, complete with labeled attack scenarios.

Each sensor was assigned its own tailored LSTM model, ensuring highly accurate, sensor-specific ‘business-as-usual’ baseline behavior. The training was straightforward: teach each model to predict the next sensor value in the sequence. For anomaly detection, the approach was elegant yet powerful: if the actual sensor value deviated from the prediction beyond an adaptive threshold (calculated using Median Absolute Deviation – MAD), an alarm was triggered.

The performance of these tailored LSTM models was promising. Across the board, the results included:

• 99.978% overall accuracy across sensors, with key metrics like tank level and feed flow achieving near-perfect recall.
• Sub-second detection latency, ensuring anomalies were flagged in less than one second: fast enough to trigger safety protocols before any physical harm occurs.
• Adaptability to unseen threats, with the models detecting subtle value drifts and anomalies that weren't even part of the training scenarios. This demonstrates the LSTM models' capability to adjust to real-life situations, where each scenario is unique and differs from the previous one.

While numerous OT security vendors are touting ‘AI-powered’ solutions, these often remain opaque, black-box products. The lack of transparency generates scepticism and uncertainty, especially for organizations needing verifiable security solutions. 

This research underscores the value of transparency. By providing open, reproducible experiments, stakeholders – from engineers to auditors – can verify the robustness, limitations, and operational characteristics of these advanced models. Moreover, this research demonstrates something crucially important: you don't always need massive datasets spanning months or years. Even two weeks of carefully selected data can be sufficient to build highly effective, robust, and reliable anomaly detection models. 

The key advantage LSTM (and similar Artificial Intelligence/Machine Learning/Deep Learning models) holds over traditional monitoring, is the way it defines ‘normal’. Traditional tools force engineers to hard-code upper and lower limits; anything outside that static band sets off an alarm. An LSTM, by contrast, learns the operating envelope directly from the data and keeps adjusting it as conditions evolve. In the training set that was used, for instance, there was a scheduled maintenance window; the model recognized that slower rhythm as legitimate behavior rather than raising a false flag. Put simply, it automates, and continually refines, the whole notion of ‘normal’.

Understanding that shift, opens the door to a richer defense-in-depth picture. Perimeter controls can still swat away casual probes, signature engines can still detect known malware, but an LSTM-based watcher can sit beside the sensors and actuators, guarding the process itself. Lightweight versions of the model could run on embedded processors inside ICS or even smart transmitters, delivering millisecond-level anomaly detection without leaning on a central server. And in the heat of an incident, analysts could query these memory-driven sentries “What changed first?” and get an instant, trustworthy answer that steers rapid, data-driven action.

This journey shows how powerful, practical, and precise memory-based models like LSTMs can significantly enhance OT security. They represent a crucial opportunity for the OT industry, providing a practical, immediate path toward stronger, smarter defenses.

So next time you walk past a quiet pump, a humming transformer, or a sensor-filled cabinet, ask yourself: Does it remember the rhythm of yesterday, or is it time we taught it?

David Kaldor
Consultant, Offensive Security
KPMG in the Netherlands