Review Article
Towards Large-Scale, Heterogeneous Anomaly Detection Systems in Industrial Networks: A Survey of Current Trends
Table 1
Differences between industrial and IT networks [
21,
22].
| | Industrial networks | IT networks |
| Primary function | Control of physical equipment | Data processing and transfer | Applicable domain | Manufacturing, processing and utility distribution | Corporate and home environments | Hierarchy | Deep, functionally separated hierarchies with many protocols and physical standards | Shallow, integrated hierarchies with uniform protocol and physical standard utilization | Failure severity | High | Low | Reliability required | High | Moderate | Round trip times | 250 s–10 ms | 50+ ms | Determinism | High | Low | Data composition | Small packets of periodic and aperiodic traffic | Large, aperiodic packets | Temporal consistency | Required | Not required | Operating environment | Hostile conditions, often featuring high levels of dust, heat and vibration | Clean environments, often specifically intended for sensitive equipment | System lifetime | Some tens of years | Some years | Average node complexity | Low (simple devices, sensors, actuators) | High (large servers/file systems/databases) | Primary security requirement | Availability | Confidentiality |
|
|