Review Article

Towards Large-Scale, Heterogeneous Anomaly Detection Systems in Industrial Networks: A Survey of Current Trends

Table 1

Differences between industrial and IT networks [21, 22].

Industrial networks IT networks

Primary functionControl of physical equipmentData processing and transfer
Applicable domainManufacturing, processing and utility distributionCorporate and home environments
HierarchyDeep, functionally separated hierarchies with many protocols and physical standardsShallow, integrated hierarchies with uniform protocol and physical standard utilization
Failure severityHighLow
Reliability requiredHighModerate
Round trip times250 s–10 ms50+ ms
Data compositionSmall packets of periodic and aperiodic trafficLarge, aperiodic packets
Temporal consistencyRequiredNot required
Operating environmentHostile conditions, often featuring high levels of dust, heat and vibrationClean environments, often specifically intended for sensitive equipment
System lifetimeSome tens of yearsSome years
Average node complexityLow (simple devices, sensors, actuators)High (large servers/file systems/databases)
Primary security requirementAvailabilityConfidentiality