Search Results (124)

The increasing complexity of manufacturing processes demands accurate defect prediction and interpretable insights into the causes of quality issues. This study proposes a methodology integrating machine learning, clustering, and Explainable Artificial Intelligence (XAI) to support defect analysis and quality control in industrial environments. Using a dataset based on empirical industrial distributions, we train an XGBoost model to classify high- and low-defect scenarios from multidimensional production and quality metrics. The model demonstrates high predictive performance and is analyzed using five XAI techniques (SHAP, LIME, ELI5, PDP, and ICE) to identify the most influential variables linked to defective outcomes. In parallel, we apply Fuzzy C-Means and K-means to segment production data into latent operational profiles, which are also interpreted using XAI to uncover process-level patterns. This approach provides both global and local interpretability, revealing consistent variables across predictive and structural perspectives. After a thorough review, no prior studies have combined supervised learning, unsupervised clustering, and XAI within a unified framework for manufacturing defect analysis. The results demonstrate that this integration enables a transparent, data-driven understanding of production dynamics. The proposed hybrid approach supports the development of intelligent, explainable Industry 4.0 systems. Full article

Traditional security detection methods struggle to identify zero-day attacks in Industrial Control Systems (ICSs), particularly within critical infrastructures (CIs) integrated with the Industrial Internet of Things (IIoT). These attacks exploit unknown vulnerabilities, leveraging the complexity of physical and digital system interconnections, making them difficult to detect. The integration of legacy ICS networks with modern computing and networking technologies has expanded the attack surface, increasing susceptibility to cyber threats. Anomaly detection systems play a crucial role in safeguarding these infrastructures by identifying deviations from normal operations. This study investigates the effectiveness of deep learning-based anomaly detection models in revealing operational anomalies that could indicate potential cyber-attacks. We implemented and evaluated a hybrid deep learning architecture combining Convolutional Neural Networks (CNNs) and Long Short-Term Memory (LSTM) networks to analyze ICS telemetry data. The CNN-LSTM model excels in identifying time-dependent anomalies and enables near real-time detection of cyber-attacks, significantly improving security monitoring capabilities for IIoT-integrated critical infrastructures. Full article

Industrial Control Systems (ICS) are increasingly targeted by sophisticated and evolving cyberattacks, while conventional static defense mechanisms and isolated intrusion detection models often lack the robustness required to cope with such dynamic threats. To overcome these limitations, we propose RHAD (Reinforced Heterogeneous Anomaly Detector), a resilient and adaptive anomaly detection framework specifically designed for ICS environments. RHAD combines a heterogeneous ensemble of detection models with a confidence-aware scheduling mechanism guided by reinforcement learning (RL), alongside a time-decaying sliding window voting strategy to enhance detection accuracy and temporal robustness. The proposed architecture establishes a modular collaborative framework that enables dynamic and fine-grained protection for industrial network traffic. At its core, the RL-based scheduler leverages the Proximal Policy Optimization (PPO) algorithm to dynamically assign model weights and orchestrate container-level executor replacement in real time, driven by network state observations and runtime performance feedback. We evaluate RHAD using two publicly available ICS datasets—SCADA and WDT—achieving 99.19% accuracy with an F1-score of 0.989 on SCADA, and 98.35% accuracy with an F1-score of 0.987 on WDT. These results significantly outperform state-of-the-art deep learning baselines, confirming RHAD’s robustness under class imbalance conditions. Thus, RHAD provides a promising foundation for resilient ICS security and shows strong potential for broader deployment in cyber-physical systems. Full article

The growing demand for natural preservatives in the food industry has highlighted the importance of essential oils (EOs), despite their limitations related to volatility and oxidative instability. This study addresses these challenges by developing pectin-based microcapsules for encapsulating lemon essential oil (LEO) using ultrasound-assisted ionotropic gelation. The EO, extracted from Citrus limon (Eureka variety), exhibited a high limonene content (56.18%) and demonstrated significant antioxidant (DPPH IC50: 28.43 ± 0.14 µg/mL; ABTS IC50: 35.01 ± 0.11 µg/mL) and antifungal activities, particularly against A. niger and Botrytis spp. Encapsulation efficiency improved to 82.3% with ultrasound pretreatment, and SEM imaging confirmed spherical, uniform capsules. When applied to fresh-cut apples, LEO-loaded capsules significantly reduced browning (browning score: 1.2 ± 0.3 vs. 2.8 ± 0.2 in control), microbial load (4.9 ± 0.2 vs. 6.5 ± 0.4 log CFU/g), and weight loss (4.2% vs. 6.4%) after 10 days of storage at 4 °C. These results underscore the potential of ultrasound-enhanced pectin encapsulation for improving EO stability and efficacy in food preservation systems. Full article

The growing digitalization of Industrial Control Systems (ICSs) presents both significant benefits and security challenges, especially for small and medium-sized factories with limited resources. Effective anomaly detection is essential to safeguard these facilities and prevent costly disruptions. Although current research has advanced anomaly detection, it is still challenging for algorithms to be capable of effectively balancing the interplay between training speed, computational cost, and accuracy while simultaneously exhibiting robust stability and adaptability. This gap often leaves small and medium-sized factories without efficient solutions. To address these issues, this work introduces a deep belief network-based boosting adversarial autoencoder termed DBN-BAAE, a novel lightweight anomaly detection mechanism based on boosting adversarial learning. The proposed lightweight mechanism saves computational overhead, enhances autoencoder training stability with an improved deep belief network (DBN) for pre-training, boosts encoder expression through ensemble learning, achieves high detection accuracy via an adversarial decoder, and employs a dynamic threshold to enhance adaptability and reduce the need for retraining. Experiments reveal that the mechanism not only achieves an F1 score of 0.82, surpassing the best baseline by 1%, but also accelerates training speed by 2.2 times, demonstrating its effectiveness and efficiency in ICS environments, particularly for small and medium-sized factories. Full article

Industrial Control Systems (ICS) have become increasingly vulnerable to cyber threats due to the growing interconnectivity with enterprise networks and the Industrial Internet of Things (IIoT). Among these threats, Address Resolution Protocol (ARP) spoofing presents a critical risk to the integrity and reliability of Modbus TCP/IP communications, particularly in environments utilizing Siemens S7 programmable logic controllers (PLCs). Traditional defense methods often rely on host-based software solutions or cryptographic techniques that may not be practical for legacy or resource-constrained industrial environments. This paper proposes a novel, lightweight hardware device designed to detect and mitigate ARP spoofing attacks in Modbus TCP/IP networks without relying on conventional computer-based infrastructure. An experimental testbed using Siemens S7-1500 and S7-1200 PLCs (Siemens, Munich, Germany) was established to validate the proposed approach. The results demonstrate that the toolkit can effectively detect malicious activity and maintain stable industrial communication under normal and adversarial conditions. Full article

With the continuous development of industrial intelligence, the integration of cyber–physical components creates a need for effective attack detection methods to mitigate potential DDoS threats. Although several DDoS attack detection modeling approaches have been proposed, few effectively incorporate the unique characteristics of industrial control system (ICS) architectures and traffic patterns. This paper focuses on DDoS attack detection within cloud–edge collaborative ICSs and proposes a novel detection model called FedDynST. This model combines federated learning and deep learning to construct feature graphs of traffic data. Introducing dynamic and static adjacency matrices, this work reveals the interactions between long-term industrial traffic data and short-term anomalies associated with DDoS attacks. Convolutional neural networks are utilized to capture distinctive temporal features within industrial traffic, thereby improving the detection precision. Moreover, the model enables continuous optimization of the global detection framework through a federated learning-based distributed training and aggregation mechanism, ensuring the privacy and security of industrial client data. The effectiveness of the FedDynST model was validated on the CICDDoS2019 and Edge-IIoTset datasets. The simulation results validated the superiority of the proposed approach, and thus, demonstrated significant improvements in both detection accuracy and convergence. Full article

Industrial control systems (ICSs) are vital to critical infrastructure in energy, manufacturing, and other industries. As ICSs become increasingly interconnected, their complexity grows, making them more vulnerable to cyber attacks and system failures. This growing complexity underscores the critical need for advanced anomaly detection techniques to ensure the safe and reliable operation of ICSs. To address this need, we propose a novel method, the physical process and controller graph attention network (PCGAT), which constructs multi-level graphs based on physical process and controller information. Experiments on two real-world ICS datasets demonstrate that PCGAT achieves superior performance and enables the localization of anomalies within specific physical processes. Moreover, by leveraging graph attention networks (GATs), PCGAT enhances interpretability in anomaly detection. Full article

Industrial control systems (ICSs) are a critical component of key infrastructure. However, as ICSs transition from isolated systems to modern networked environments, they face increasing security risks. Traditional anomaly detection methods struggle with complex ICS traffic due to their failure to fully utilize both low-frequency and high-frequency traffic information, and their poor performance in heterogeneous and non-stationary data environments. Moreover, fixed threshold methods lack adaptability and fail to respond in real time to dynamic changes in traffic, resulting in false positives and false negatives. To address these issues, this paper proposes a deep learning-based traffic anomaly detection algorithm. The algorithm employs the Hilbert–Huang Transform (HHT) to decompose traffic features and extract multi-frequency information. By integrating feature and temporal attention mechanisms, it enhances modeling capabilities and improves prediction accuracy. Additionally, the deep probabilistic estimation approach dynamically adjusts confidence intervals, enabling synchronized prediction and detection, which significantly enhances both real-time performance and accuracy. Experimental results demonstrate that our method outperforms existing baseline models in both prediction and anomaly detection performance on a real-world industrial control traffic dataset collected from an oilfield in China. The dataset consists of approximately 260,000 records covering Transmission Control Protocol/User Datagram Protocol (TCP/UDP) traffic between Remote Terminal Unit (RTU), Programmable Logic Controller (PLC), and Supervisory Control and Data Acquisition (SCADA) devices. This study has practical implications for improving the cybersecurity of ICSs and provides a theoretical foundation for the efficient management of industrial control networks. Full article

Ice-on-coil energy storage technology has been widely used in air conditioning systems and industrial refrigeration as an efficient energy storage technology. This paper reviews the research progress of ice-on-coil energy storage technology, including its working principle, system design, key parameter optimization, and practical application challenges and solutions. Three kinds of ice melting systems are introduced. The internal ice melting system has the largest cold storage density and the slowest rate of ice melting. The external ice melting system has the lowest cold storage density and the fastest rate of ice melting. The combined ice melting system can have the highest density of cold storage density and a high rate of ice melting. By comparing the results of different studies, the influence of fin and thin ring application on the heat transfer enhancements of the ice-on-coil storage system is summarized. It is found that the ice storage time can be reduced by 21% and 34% when the annular fin and thin ring are set. Regarding system control, adopting the ice-melting priority strategy increases operating energy consumption, but the economy improves; using the unit priority strategy lowers operating energy consumption, but the economy suffers slightly. When the cooling demand exceeds the cooling capacity of the chiller, an ice melting priority control strategy is more economical. Some suggestions for future research are presented, such as optimizing the shape and arrangement of coil fins and ice storage systems integrated with renewable energy. It provides guidance for the further development of ice storage air conditioning technology. Full article

Anomaly detection systems are being studied to detect cyberattacks in industrial control systems (ICSs). Existing ICS anomaly detection systems monitor network packets or operational data. However, these anomaly detection systems cannot detect control logic targeted attacks such as Stuxnet. Control logic tampering detection studies also exist, but they detect code modifications rather than determining whether the logic is normal. These tampering detection methods classify control logic as abnormal if any code modifications occur, even if the logic represents normal behavior. For this reason, this paper proposes an anomaly detection method that considers the structure of control logic. The proposed embedding method performs embedding based on control logic Instruction List (IL) code. The opcode and operand of IL code use separate embedding models. The embedded vectors are then sequentially combined to preserve the IL structure. The proposed method was validated using Long Short-Term Memory (LSTM), LSTM-Autoencoder, and Transformer models with a dataset of normal and malicious control logic. All models achieved an anomaly detection performance with an F1 score of at least 0.81. Additionally, models adopting the proposed embedding method outperformed those using conventional embedding methods by 0.088259. The proposed control logic anomaly detection method enables the model to learn the context and structure of control logic and identify code with inherent vulnerabilities. Full article

With the escalating threat posed by network intrusions, the development of efficient intrusion detection systems (IDSs) has become imperative. This study focuses on improving detection performance in programmable logic controller (PLC) network security while addressing challenges related to data imbalance and long-tail distributions. A dataset containing five types of attacks targeting programmable logic controllers (PLCs) in industrial control systems (ICS) was first constructed. To address class imbalance and challenges posed by complex network traffic, Synthetic Minority Oversampling Technique (SMOTE) and Borderline-SMOTE were applied to oversample minority classes, thereby enhancing their diversity. This paper proposes a dual-channel feature extraction model that integrates a multi-scale one-dimensional convolutional neural network (MS1DCNN) and a Weight-Dropped Transformer (WDTransformer) for IDS. The MS1DCNN is designed to extract fine-grained temporal features from packet-level data, whereas the WDTransformer leverages self-attention mechanisms to capture long-range dependencies and incorporates regularization techniques to mitigate overfitting. To further enhance performance on long-tail distributions, a custom combined loss function was developed by integrating cross-entropy loss and focal loss to reduce misclassification in minority classes. Experimental validation on the constructed dataset demonstrated that the proposed model achieved an accuracy of 95.11% and an F1 score of 95.12%, significantly outperforming traditional machine learning and deep learning models. Full article

The Controller Area Network (CAN) has been adopted in various reliability-critical industrial systems. However, intermittent connection (IC) problems of network cables may worsen system performance and even threaten operational safety. Recently, there have been several studies on diagnosing intermittent open circuit faults, but the intermittent short circuit (ISC) fault diagnosis has not been addressed. In this paper, a novel ISC fault location method for CANs is proposed based on two-port network modeling. First, the CAN network is modeled as a switched system that depends on the states of the sending nodes using a two-port network approach. An equivalent circuit model and a voltage transfer difference function (VTDF) group are derived for each state where one particular node is sending. Second, upon each fault, corresponding direction events are defined by comparing the two VTDF values that are calculated from the voltages collected at network ends. Then, the fault and health domains can be determined by integrating these direction events with the network topology information according to their statistical significance. Third, a bidirectional eviction localization algorithm is developed to identify ISC fault locations based on the fault and health domains. A testbed is constructed, and case studies are conducted to demonstrate that the proposed method can correctly locate the ISC faults in various network topological layouts. Full article

Industrial control systems (ICSs), which are fundamental to the operation of critical infrastructure, face increasingly sophisticated security threats due to the integration of information and operational technologies. Conventional anomaly detection techniques often lack the ability to provide clear explanations for their detection, and their inherent complexity can impede practical implementation in the resource-constrained environments typical of ICSs. To address these challenges, this paper proposes a novel approach that leverages swarm intelligence algorithms for the extraction of numerical association rules, specifically designed for anomaly detection in ICS. The proposed approach is designed to effectively identify and precisely localize anomalies by analyzing the states of sensors and actuators. Experimental validation using the Secure Water Treatment (SWaT) dataset demonstrates that the proposed approach can detect over 84% of attack instances, with precise anomaly localization achievable by examining as few as two to six sensor or actuator states. This significantly improves the efficiency and accuracy of anomaly detection. Furthermore, since the method is based on the general control dynamics of ICSs, it demonstrates robust generalization, making it applicable across a wide range of industrial control systems. Full article

In the face of rapidly evolving cyber threats, network-based intrusion detection systems (NIDS) have become critical to the security of industrial and robotic systems. This survey explores the specialized requirements, advancements, and challenges unique to deploying NIDS within these environments, where traditional intrusion detection systems (IDS) often fall short. This paper discusses NIDS methodologies, including machine learning, deep learning, and hybrid systems, which aim to improve detection accuracy, adaptability, and real-time response. Additionally, this paper addresses the complexity of industrial settings, limitations in current datasets, and the cybersecurity needs of cyber–physical Systems (CPS) and Industrial Control Systems (ICS). The survey provides a comprehensive overview of modern approaches and their suitability for industrial applications by reviewing relevant datasets, emerging technologies, and sector-specific challenges. This underscores the importance of innovative solutions, such as federated learning, blockchain, and digital twins, to enhance the security and resilience of NIDS in safeguarding industrial and robotic systems. Full article