WaXAI: Explainable Anomaly Detection in Industrial Control Systems and Water Systems

An Industrial Control System (ICS) plays a vital role in controlling and managing industrial processes. ICS predominantly operates without human supervision. This (mostly) autonomous role makes them an attractive target for adversaries. In recent years, machine learning (ML) algorithms have demonstrated their feasibility in detecting anomalies in sensor and actuator data, in an ICS. However, the ML algorithms demand extensive training time and lacks the ability to pinpoint the component(s) that are in an anomalous state. In this work, we employed two of the latest anomaly detection algorithms (ECOD and DeepSVDD) with a shorter training time, faster anomaly detection time, and a comparable efficiency rate in detecting anomalies. The algorithms were trained and tested using a dataset generated from the SWaT water treatment testbed. With the ubiquity of ML algorithms in decision making and forecasting, it is important for humans to perceive and understand its output decisions instead of viewing it as a black box oracle. In subsequent experiments, we employed eXplainable ML/AI (XML/XAI) models to explain the model's output decision, thus, increasing model transparency and trust. We also measure the effectiveness of the XAI models deployed thereby providing an indicator to which XAI models worked better in our experiments.