Using datasets from industrial control systems for cyber security research and education

Qin Lin, Sicco Verwer, Robert Kooij*, Aditya Mathur

*Corresponding author for this work

Research output: Chapter in Book/Conference proceedings/Edited volumeConference contributionScientificpeer-review

2 Citations (Scopus)
7 Downloads (Pure)


The availability of high-quality benchmark datasets is an important prerequisite for research and education in the cyber security domain. Datasets from realistic systems offer a platform for researchers to develop and test novel models and algorithms. Such datasets also offer students opportunities for active and project-centric learning. In this paper, we describe six publicly available datasets from the domain of Industrial Control Systems (ICS). Five of these datasets are obtained through experiments conducted in the context of operational ICS while the sixth is obtained from a widely used simulation tool, namely EPANET, for large scale water distribution networks. This paper presents two studies on the use of the datasets. The first study uses the dataset from a live water treatment plant. This study leads to a novel and explainable anomaly detection method based upon Timed Automata and Bayesian Networks. The study conducted in the context of education made use of the water distribution network dataset in a graduate course on cyber data analytics. Through an assignment, students explored the effectiveness of various methods for anomaly detection. Research outcomes and the success of the course indicate an appreciation in the research community and positive learning experience in education.

Original languageEnglish
Title of host publicationCritical Information Infrastructures Security - 14th International Conference, CRITIS 2019, Revised Selected Papers
EditorsSimin Nadjm-Tehrani
Number of pages12
ISBN (Print)9783030376697
Publication statusPublished - 2020
Event14th International Conference on Critical Information Infrastructures Security, CRITIS 2019 - Linköping, Sweden
Duration: 23 Sep 201925 Sep 2019

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume11777 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Conference14th International Conference on Critical Information Infrastructures Security, CRITIS 2019

Bibliographical note

Green Open Access added to TU Delft Institutional Repository ‘You share, we take care!’ – Taverne project
Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public.


  • Anomaly detection
  • Cyber Data Analytics
  • Cyber security
  • Cyber-physical systems
  • Industrial Control Systems
  • Research and education


Dive into the research topics of 'Using datasets from industrial control systems for cyber security research and education'. Together they form a unique fingerprint.

Cite this