Article
A Survey of Anomaly Detection in Industrial Wireless
Sensor Networks with Critical Water System
Infrastructure as a Case Study
Daniel Ramotsoela
1,
* , Adnan Abu-Mahfouz
1,2
and Gerhard Hancke
1,3
1
Department of Electrical, Electronic and Computer Engineering, University of Pretoria, Pretoria 0002,
South Africa; a.abumahfouz@ieee.org (A.A.-M.); ghancke@ieee.org (G.H.)
2
Council for Scientific and Industrial Research (CSIR), Pretoria 0184, South Africa
3
Department of Computer Science, City University of Hong Kong, Hong Kong, China
* Correspondence: Daniel.Ramotsoela@up.ac.za; Tel.: +27-12-420-3738
Received: 6 June 2018; Accepted: 17 July 2018; Published: 1 August 2018
Abstract:
The increased use of Industrial Wireless Sensor Networks (IWSN) in a variety of different
applications, including those that involve critical infrastructure, has meant that adequately protecting
these systems has become a necessity. These cyber-physical systems improve the monitoring and
control features of these systems but also introduce several security challenges. Intrusion detection
is a convenient second line of defence in case of the failure of normal network security protocols.
Anomaly detection is a branch of intrusion detection that is resource friendly and provides broader
detection generality making it ideal for IWSN applications. These schemes can be used to detect
abnormal changes in the environment where IWSNs are deployed. This paper presents a literature
survey of the work done in the field in recent years focusing primarily on machine learning techniques.
Major research gaps regarding the practical feasibility of these schemes are also identified from
surveyed work and critical water infrastructure is discussed as a use case.
Keywords:
industrial informatics; industrial sensor network; cyber-physical systems; critical
infrastructure; water monitoring
1. Introduction
Industrial wireless sensor networks (IWSN) have gained popularity in recent years and are being
used in a variety of different applications [
1
–
5
]. One of their most important applications involves
critical infrastructure, where they form part of supervisory control and data acquisition (SCADA)
systems [
6
]. They are popular in these systems because they provided the same control features as
their wired counterparts but have a much lower deployment and maintenance cost. These systems
also introduce the potential for intelligent monitoring and control within the Internet of Things
(IoT) application environment. The rapid rise of IoT technologies has meant that in the future
these devices are going to be an integral part of smart city applications. A recent study has shown
that by 2020 there could be over 100 billion IoT applications in existence and the market value
for these projects is currently over 11 billion Euro in Europe alone [
7
]. The complex nature of the
application environment also means that IWSNs require a multidisciplinary team of experts for both
development and application [
8
]. In the application domain these networks are usually deployed
in hostile environments and their resource constraints introduce several security challenges [
9
–
12
].
This is particularly problematic in these critical infrastructure applications because compromised
systems can lead to disastrous consequences for the underlying infrastructure. In this scenario control
theory and network security are combined to protect the system and this is collectively referred to as
cyber-physical security.
Sensors 2018, 18, 2491; doi:10.3390/s18082491 www.mdpi.com/journal/sensors
