Snapshot img

Industrial Control Systems Security Market Size 2024-2028

The industrial control systems (ICS) security market size is forecast to increase by USD 12.2 billion at a CAGR of 8.16% between 2023 and 2028. The market is experiencing significant growth due to several key trends and challenges. One major trend is the increasing deployment of smart grids in the power sector, which necessitates advanced security measures to protect against cyber threats. Another trend is the adoption of hybrid security models that combine multiple security technologies to enhance system reliability and production throughput. However, the lack of enforceable security laws poses a significant challenge to market growth. Key industries such as oil and gas, banking and finance, transportation, utilities, electric power grids, and pharmaceutical manufacturing and biotech industries are particularly vulnerable to cyber-attacks. Government agencies like the Department of Energy and the Department of Defense are also increasing their focus on ICS security to safeguard critical infrastructure.

What will be the Size of the Market During the Forecast Period?

Request Free Sample

The market is a significant sector that focuses on safeguarding the digital assets and infrastructure of critical infrastructure organizations. These systems are integral to the smooth operation of various industries, including chemical, public safety, and energy, among others. With the increasing interconnectedness of industrial networks and the proliferation of advanced technologies, securing ICS has become a pivotal concern for stakeholders. Federal laws and cybersecurity standards mandate that organizations implementing ICS adhere to stringent security measures to protect their pivotal assets from network security threats. The IT workforce plays a crucial role in ensuring the effective implementation of these measures.

Moreover, cybersecurity organizations are tasked with providing the necessary training and resources to help IT professionals stay updated on the latest threats and best practices. Critical infrastructure stakeholders recognize the importance of securing their ICS against hacker groups and criminals. Database security is a primary concern, as these systems often store sensitive information. The system type, be it Supervisory Control and Data Acquisition (SCADA) or Distributed Control Systems (DCS), requires specialized security solutions. Connected sensors and controllers are essential components of modern industrial networks. Big data and analytics can help identify potential vulnerabilities and threats in real time. However, these advanced technologies also introduce new risks, making it essential to implement security measures.

Furthermore, the purchasing power of organizations in the US drives the growth of the ICS security market. The market is witnessing a growing demand for solutions that can provide comprehensive protection against network security threats. Hackers continue to target ICS, putting public safety systems and critical infrastructure at risk. Database security is a critical aspect of ICS security. Hackers often target databases to gain unauthorized access to sensitive information. Effective database security solutions can help prevent data breaches and protect against cyber attacks. ICS security solutions must be tailored to the specific needs of different industries. For instance, the chemical industry requires solutions that can protect against threats such as malware and ransomware, while public safety systems need solutions that can ensure system availability and reliability.

In conclusion, the ICS security market is a vital sector that plays a crucial role in protecting critical infrastructure and ensuring public safety. With the increasing interconnectedness of industrial networks and the evolving threat landscape, it is essential to invest in advanced security solutions to safeguard against network security threats.

Market Segmentation

The market research report provides comprehensive data (region-wise segment analysis), with forecasts and estimates in 'USD billion' for the period 2024-2028, as well as historical data from 2018-2022 for the following segments.

Type

  Network security
  Cloud security


End-user

  Oil and gas
  Power
  Chemicals and mining
  Automotive
  Others


Geography

  North America

    US


  APAC

    China
    Japan


  Europe

    Germany
    UK


  South America



  Middle East and Africa

By Type Insights

The network security segment is estimated to witness significant growth during the forecast period. Industrial Control Systems (ICS) security is essential for safeguarding critical infrastructure and ensuring uninterrupted availability of business operations in various sectors such as energy and infrastructure. ICS security focuses on securing the networks and control systems that m

The Industrial Control Systems (ICS) security solution market is experiencing robust growth, driven by the increasing adoption of Industrial Internet of Things (IIoT) devices and the rising frequency of cyberattacks targeting critical infrastructure. The market, estimated at $15 billion in 2025, is projected to grow at a Compound Annual Growth Rate (CAGR) of 12% from 2025 to 2033. This significant expansion is fueled by several key factors. Firstly, the growing interconnectedness of industrial systems creates an expanding attack surface, making robust security solutions a necessity. Secondly, stringent government regulations aimed at protecting critical infrastructure from cyber threats are driving adoption. Thirdly, the increasing awareness among industrial organizations regarding the financial and operational consequences of security breaches is prompting proactive investment in advanced security technologies. The market is segmented by solution type (network security, endpoint security, data security), deployment mode (cloud, on-premises), and industry vertical (energy, manufacturing, transportation). Leading vendors like Kaspersky, Dragos, Claroty, and others are continuously innovating to offer comprehensive and advanced security solutions tailored to the unique needs of industrial environments. The competitive landscape is characterized by a mix of established players and emerging startups, leading to a dynamic market with continuous product development and integration. The growth trajectory is anticipated to remain strong due to the ongoing digital transformation within industrial sectors and the increasing reliance on interconnected systems. However, challenges remain, including the complexity of ICS environments, the shortage of skilled cybersecurity professionals, and the high cost of implementation. Nonetheless, the long-term outlook for the ICS security solution market is positive, with significant opportunities for growth and innovation as industries continue to prioritize cybersecurity resilience.

The industrial control system (ICS) security market, encompassing solutions for overall industrial control safety, is experiencing robust growth, driven by the increasing digitization and automation of industrial processes across sectors like manufacturing, energy, and chemicals. The rising adoption of connected devices and the expanding attack surface create significant vulnerabilities, necessitating robust security measures. This market is segmented by application (manufacturing leading the way, followed by energy and chemicals) and by solution type (network and data security solutions being the most prominent). While precise figures are unavailable, considering a global market size of approximately $15 billion in 2025 and a Compound Annual Growth Rate (CAGR) of 12% – a conservative estimate given industry trends – the market is projected to reach over $25 billion by 2030. This growth is fueled by several factors: increasing regulatory compliance mandates regarding cybersecurity, rising awareness of potential cyber threats and associated financial losses, and the adoption of advanced security technologies like AI-driven threat detection and predictive analytics. Major players like Rockwell Automation, Schneider Electric, and Cisco are heavily invested in this space, fostering innovation and competition. However, challenges persist, including the complexity of integrating security solutions into legacy systems, skills gaps in cybersecurity expertise, and the high initial investment costs associated with implementing comprehensive security measures. Despite these challenges, the long-term outlook remains positive. The expanding Internet of Things (IoT) and Industry 4.0 initiatives are further accelerating the need for robust ICS security. The market's growth will be significantly influenced by the rate of adoption of advanced security technologies, government regulations, and the overall economic climate. Geographic distribution will likely see North America and Europe maintain significant market shares, but emerging economies in Asia-Pacific are expected to demonstrate substantial growth potential in the coming years, driven by industrialization and increasing digital infrastructure investments. The continued evolution of cyber threats will necessitate ongoing innovation in security technologies and strategies, ensuring the long-term health and safety of industrial control systems globally.

According to Cognitive Market Research, the global industrial cybersecurity market size reached USD 23.5 billion in 2024 and will expand at a CAGR of 8.2% from 2024 to 2031. Market Dynamics of Industrial Cybersecurity Market

Key Drivers for Industrial Cybersecurity Market

Emergence of Disruptive Digital Technologies - Government agencies and other organizations are launching measures to accelerate the use of emerging technologies in manufacturing industries. For example, in 2022, the UAE's Ministry of Industry and Advanced Technology (MoIAT) and EDGE Group PJSC (UAE) signed a memorandum of understanding (MoU) to set up the first Industry 4.0 Enablement Centre to promote the robust implementation of Industry 4.0 technologies throughout the manufacturing sector in the country. Digital transformation boosts productivity, improves efficiency, and lowers manufacturing costs. However, it also gives hackers more opportunities to exploit vulnerable networks and systems. As per Trend Micro Incorporated (Japan), 61% of industrial manufacturers reported cybersecurity problems in their smart factories in 2020. These attacks affected manufacturing processes, causing output delays and permanent loss of capital and essential and confidential data. As a result, the heightened risk of cyberattacks associated with the emergence of disruptive digital technologies has increased the demand for access control, real-time security monitoring, and surveillance in manufacturing facilities, propelling the market adoption of cybersecurity solutions in the industrial sector.
Moreover, the constant increase in the utilization of cloud-based solutions by SMEs and industrial cybersecurity-as-a-service are leading trends in this global market expansion.

Key Restraints for Industrial Cybersecurity Market

The higher implementation costs, the complexity of integration across diverse industrial environments, and a shortage of specialized cybersecurity expertise are the primary barriers to the industrial cybersecurity market's growth.
The industry also faces substantial challenges as some firms are hesitant to adopt new technologies due to concerns about operational disruptions during deployment or potential compatibility issues with existing systems.

Introduction of the Industrial Cybersecurity Market

Industrial enterprises face more cybersecurity challenges than ever before. Ransomware and political instability heighten the risk of safety problems and operational disruptions. The industrial cybersecurity market includes technologies, solutions, and services for protecting industrial control systems (ICS), supervisory control & data acquisition (SCADA) systems, and other operational technology (OT) infrastructure against cyber-attacks and vulnerabilities. Malware, phishing attacks, ransomware, insider threats, and other malicious actions are examples of cyber threats that try to disrupt or compromise industrial processes, vital infrastructure, and manufacturing operations. The introduction of AI and IoT-powered industrial robots has raised the market demand for robust industrial cybersecurity services for defense against increased cyber-attacks and data breaches. The combination of AI and industrial robots enabled the automation of complex and repetitive activities, which is expanding industrial productivity and efficiency.

In a 2023 survey, ** percent of respondents worldwide pointed out email (e.g., phishing messages) as the number one attack vector used in control system cybersecurity incidents. However, the result was different in 2020, with ** percent selecting infected removable media as the top attack vector used in control system cybersecurity incidents.

Increasing instances of cyber threats targeting critical infrastructure such as power plants, water treatment facilities, and manufacturing units have propelled the demand for robust security solutions. As these systems become more interconnected and digitized, the vulnerabilities increase, necessitating advanced cybersecurity measures. These factors are driving the growth of market size to surpass USD 15.47 Billion in 2023 to reach a valuation of USD 26.49 Billion by 2031.

Regulatory requirements and compliance standards imposed by governments and industry bodies play a crucial role in driving the ICS Security market. Organizations are compelled to adhere to stringent regulations to protect sensitive operational data and ensure continuous and secure operations enabling the market to grow at a CAGR of 6.96% from 2024 to 2031.

Industrial Control Systems Security Market: Definition/ Overview

Industrial Control Systems (ICS) Security refers to the measures and practices implemented to protect industrial control systems from cyber threats and unauthorized access. These systems are crucial for the operation and management of critical infrastructure such as power plants, water treatment facilities, manufacturing plants, and transportation systems. Unlike traditional IT systems, ICS are designed to monitor and control physical processes, making them susceptible to unique cybersecurity challenges.

The primary goal of ICS Security is to ensure the availability, integrity, and confidentiality of these systems and the data they handle. Availability ensures that the systems operate continuously and reliably without disruption. Integrity guarantees that data and commands transmitted within the systems are accurate and have not been tampered with. Confidentiality protects sensitive information from unauthorized access.

Key components of ICS Security include network security, endpoint security, access control mechanisms, encryption, intrusion detection and prevention systems (IDPS), and security information and event management (SIEM) solutions. These technologies work together to detect, prevent, and respond to cyber threats targeting ICS environments.

The landscape of ICS Security is evolving rapidly due to the increasing interconnectedness of industrial systems with enterprise IT networks and the internet (Industrial Internet of Things or IIoT). This connectivity enhances operational efficiency but also expands the attack surface, requiring advanced security measures. Additionally, regulatory compliance frameworks such as NIST Cybersecurity Framework, IEC 62443, and others mandate organizations to implement robust security controls to safeguard critical infrastructure.

ICS Security is critical for protecting industrial control systems from cyber threats, ensuring operational continuity, safeguarding sensitive data, and complying with regulatory requirements. It encompasses a range of technologies and practices tailored to the unique challenges of industrial environments, aiming to mitigate risks and enhance the resilience of industrial operations against cyber-attacks.

This dataset was generated on a small-scale process automation scenario using MODBUS/TCP equipment, for research on the application of ML techniques to cybersecurity in Industrial Control Systems. The testbed emulates a CPS process controlled by a SCADA system using the MODBUS/TCP protocol. It consists of a liquid pump simulated by an electric motor controlled by a variable frequency drive (allowing for multiple rotor speeds), which in its turn controlled by a Programmable Logic Controller (PLC). The motor speed is determined by a set of predefined liquid temperature thresholds, whose measurement is provided by a MODBUS Remote Terminal Unit (RTU) device providing a temperature gauge, which is simulated by a potentiometer connected to an Arduino. The PLC communicates horizontally with the RTU, providing insightful knowledge of how this type of communications may have an effect on the overall system. The PLC also communicates with the Human-Machine Interface (HMI) controlling the system.

The global market for Industrial Control System (ICS) cybersecurity solutions is experiencing robust growth, driven by the increasing digitization of industrial processes and the rising frequency and severity of cyberattacks targeting critical infrastructure. The market, estimated at $15 billion in 2025, is projected to expand at a Compound Annual Growth Rate (CAGR) of 12% from 2025 to 2033, reaching approximately $45 billion by 2033. This growth is fueled by several key factors: the expanding adoption of Industrial Internet of Things (IIoT) devices, the increasing reliance on cloud-based industrial control systems, and stringent government regulations mandating enhanced cybersecurity measures across various sectors, particularly manufacturing, energy, and chemicals. The manufacturing sector currently dominates the market share, owing to the extensive use of automated systems and the significant financial implications of cyber disruptions within production lines. However, the energy and chemical industries are witnessing rapid growth in adoption rates, driven by concerns over operational safety and the potential for catastrophic consequences from successful cyberattacks. Market segmentation reveals a strong preference for network security solutions, reflecting the importance of protecting industrial control networks from external threats. However, the demand for data security solutions is also increasing significantly, as organizations recognize the need to protect sensitive operational data from unauthorized access and breaches. Key players in this market include established industrial automation companies like Rockwell Automation, Schneider Electric, and Honeywell, alongside leading cybersecurity firms such as Cisco, Fortinet, and Trend Micro. Geographic analysis shows North America and Europe holding the largest market shares currently, though Asia-Pacific is anticipated to exhibit the highest growth rate over the forecast period, driven by rapid industrialization and increasing digital transformation initiatives within developing economies such as China and India. Competitive pressures are intensifying, leading to increased innovation in areas such as artificial intelligence (AI)-powered threat detection and proactive security measures.

Incidents in the control system security field have various impacts. In 2023, around ** percent of respondents worldwide stated that their organization had faced no control system cybersecurity incidents within the past 12 months. That same year, however, around ** percent of respondents reported operational disruption (without financial losses resulting) as a consequence of control system security incidents.

The Manufacturing and Energy Industry Cybersecurity market is experiencing robust growth, driven by increasing digitalization, interconnected systems, and the escalating threat landscape. The market, valued at $47.52 billion in 2025, is projected to exhibit substantial growth over the forecast period (2025-2033). While the exact Compound Annual Growth Rate (CAGR) is unavailable, considering the industry's trends and the increasing adoption of cybersecurity solutions across both manufacturing and energy sectors, a conservative estimate of 12% CAGR is reasonable. This growth is fueled by several factors: the rising adoption of Industrial Internet of Things (IIoT) devices creating expansive attack surfaces, stringent regulatory compliance mandates enforcing robust cybersecurity measures, and the increasing sophistication of cyberattacks targeting critical infrastructure. Both the manufacturing and energy industries are heavily reliant on operational technology (OT) systems, which are often less secure than information technology (IT) systems, creating a significant vulnerability. The increasing frequency and severity of ransomware attacks, data breaches, and system disruptions are further accelerating the demand for advanced cybersecurity solutions. The market segmentation reveals significant opportunities within hardware, software, and service offerings. The hardware segment encompasses network security appliances, endpoint security solutions, and industrial control system (ICS) security devices. The software segment includes security information and event management (SIEM) systems, intrusion detection and prevention systems (IDS/IPS), and vulnerability management tools. The service segment provides managed security services, security consulting, and incident response capabilities. Within application segments, the manufacturing industry's need to protect its supply chains and sensitive production data creates significant demand, paralleled by the energy sector’s critical dependence on secure energy grids and operations. Key players like Palo Alto Networks, Cisco, and IBM are dominating the market, but smaller, specialized companies are emerging to cater to the specific needs of these industries, creating a diverse and dynamic competitive landscape. The regional distribution is expected to see North America and Europe maintain a significant market share initially, while Asia-Pacific is anticipated to experience rapid growth due to increasing industrialization and digital transformation in regions like China and India.

The Cyber Physical Systems (CPS) security market, valued at $93.85 billion in 2025, is projected to experience robust growth, driven by the increasing interconnectedness of physical and digital systems across diverse sectors. The compound annual growth rate (CAGR) of 7.9% from 2025 to 2033 indicates a significant expansion of this market, reaching an estimated $182.3 billion by 2033. This growth is fueled by several key factors. The rising adoption of Industry 4.0 technologies, including IoT devices and advanced automation, creates a larger attack surface, demanding robust security solutions. Furthermore, stringent government regulations regarding data privacy and cybersecurity, particularly in sectors like healthcare and finance, are compelling organizations to invest heavily in CPS security. The increasing sophistication of cyber threats targeting critical infrastructure and industrial control systems also contributes to the market's expansion. The market segmentation reveals significant opportunities across various application areas, with industrial, medical, and business segments demonstrating the highest demand for sophisticated security measures. Software-based solutions currently dominate the market, but the service segment is expected to witness accelerated growth as organizations increasingly seek professional expertise in implementing and managing complex CPS security systems. The competitive landscape is characterized by a mix of established technology giants and specialized cybersecurity firms. Major players like IBM, Microsoft, and VMware leverage their existing infrastructure and expertise to offer comprehensive CPS security solutions. Meanwhile, specialized firms focus on niche areas like industrial control system (ICS) security, providing targeted solutions to address the unique vulnerabilities of these systems. Geographical analysis shows that North America, particularly the United States, holds a significant market share, reflecting the high adoption of advanced technologies and stringent regulatory environments. However, Asia-Pacific is expected to witness the fastest growth due to rapid industrialization and digital transformation initiatives in emerging economies like China and India. The market's future growth hinges on continuous innovation in security technologies, addressing emerging threats, and fostering collaboration between stakeholders to secure the increasingly complex CPS ecosystem.

The industrial control system (ICS) security market, encompassing solutions for safety and overall system protection, is experiencing robust growth, driven by increasing automation, digitalization, and the expanding Internet of Things (IoT) within industrial environments. The market, estimated at $15 billion in 2025, is projected to expand at a Compound Annual Growth Rate (CAGR) of 8% through 2033, reaching approximately $28 billion. Key drivers include stringent government regulations mandating enhanced cybersecurity measures across critical infrastructure sectors like energy, manufacturing, and chemicals. The rising frequency and sophistication of cyberattacks targeting industrial control systems further fuel demand for comprehensive security solutions, encompassing both network and data security. Significant market segmentation exists based on application (manufacturing leading, followed by energy and chemicals) and solution type (network security holding a larger share than data security initially, with both experiencing consistent growth). Major players, including Rockwell Automation, Schneider Electric, Honeywell, ABB, Cisco, Fortinet, and Trend Micro, are investing heavily in R&D and strategic partnerships to consolidate their market positions and capitalize on emerging opportunities. Growth is geographically diverse, with North America and Europe maintaining significant market share due to early adoption and mature industrial infrastructure. However, the Asia-Pacific region is poised for accelerated growth in the coming years, driven by rapid industrialization and increasing digital transformation initiatives in countries like China and India. Market restraints include the high initial investment costs associated with implementing comprehensive security solutions, the complexities of integrating new technologies into legacy systems, and the persistent shortage of skilled cybersecurity professionals capable of managing these complex systems. Nevertheless, the long-term outlook for the industrial control system security market remains exceptionally positive, underpinned by the growing imperative for robust security measures in a progressively interconnected industrial landscape.

As of 2022, 11 threat groups were known to mainly target industrial sectors, such as manufacturing, utilities, government, and educational institutions. The first such groups detected were Xenotime and Kamacite, both operating since 2014. Each threat group impacted the industrial control systems (ICS) of targeted organizations. In 2022, the Chernovite threat group, identified in 2021, developed Pipedream, the seventh known Industrial Control System (ICS) and Operational Technology (OT) capability meant to disrupt and potentially destroy industrial processes.

The Industrial Cybersecurity Market size was valued at USD 15.84 USD billion in 2023 and is projected to reach USD 57.76 USD billion by 2032, exhibiting a CAGR of 20.3 % during the forecast period. Cybersecurity, or protecting systems and data by using certain technological methods and procedures, is the process of preventing attacks on networks from cyber threats. Cybersecurity aims to prevent cyber-attacks and information theft from being carried out by unauthorized users by exploiting the vulnerabilities of the systems, networks, and technology. Industrial security in the context of cyber defence is the concealment of industrial entities from digital as well as physical infrastructure against cyber threats. It protects the ICS. Therefore, the cyberattacks that are likely to occur during the operations and lead to safety hazards or even environmental damage are not possible. ICS is responsible for keeping various vital enterprises like power plants, factories, and water treatment systems operational. AI and Machine learning technology in Cybersecurity will enable to gathering of analytical data about cyber threats that will be used in detecting and predicting, therefore, boosting early detection systems. Key drivers for this market are: Rising Demand from the Automotive and Construction Sectors to Aid Market Growth. Potential restraints include: Lack of Awareness and lack of professionals to Restrain Market Growth. Notable trends are: Technological Advancement in Equipment to Propel Market Growth.

Industrial Control systems (ICS) organizations use different cybersecurity technologies to protect their assets. In a 2024 survey, ** percent of respondents pointed out firewalls as their main security tech. Moreover, NextGen firewalls and passive network anomaly detection (IDS) are also a common choice for ICS firms.

Securing systems of crucial importance ICS are a main component of operational technology (OT) systems, used to monitor, control, and automate physical processes and infrastructure in crucial, asset-intensive industries. ICS thus includes diverse types of devices, controls, and networks that manage a variety of industrial processes, including in the electricity, water treatment, transportation, and telecommunications sectors. Faced with a phenomenal increase in the number and scale of cyberattacks targeting on critical infrastructure, a control system risk management plan constituted the main organizational cybersecurity strategy implemented by companies active in the ICS field in 2024. Insiders represent the biggest threat Considering the importance of industrial process continuity and public safety-related impacts, it comes as no surprise that both organized crime and state-sponsored actors see critical infrastructure as lucrative targets for financial gain, espionage, or cyberwarfare operations. Nevertheless, well-meaning but negligent insiders are considered the biggest threat actors to ICS security, with malicious insiders ranking second. In 2024, most ICS firms had not experienced any ICS cybersecurity incidents, while another ** percent reported incidents that resulted in financial loss due to disrupted operations.

The global market for Industrial Control System (ICS) security solutions is experiencing robust growth, driven by the increasing digitization of industrial processes and the escalating threat landscape. The market, estimated at $15 billion in 2025, is projected to exhibit a Compound Annual Growth Rate (CAGR) of 12% from 2025 to 2033, reaching approximately $45 billion by 2033. This expansion is fueled by several key factors. Firstly, the rising adoption of Industry 4.0 and the Industrial Internet of Things (IIoT) introduces numerous connected devices and systems, expanding the attack surface and necessitating comprehensive security measures. Secondly, stringent government regulations and industry standards mandating cybersecurity for critical infrastructure are driving investment in robust ICS security solutions. Thirdly, the increasing sophistication and frequency of cyberattacks targeting industrial control systems, leading to costly downtime and potential safety hazards, are compelling organizations to prioritize security enhancements. The manufacturing, energy, and chemical industries are major consumers of these solutions, particularly network and data security offerings. Market segmentation reveals a strong preference for network security solutions, reflecting the vulnerability of interconnected industrial systems. However, the demand for data security solutions is also growing rapidly as organizations recognize the importance of protecting sensitive operational data. Geographic analysis indicates North America and Europe currently hold the largest market shares, owing to advanced industrial infrastructure and strong regulatory frameworks. However, rapid industrialization and digital transformation in Asia-Pacific are expected to fuel substantial growth in this region over the forecast period. Despite the significant growth potential, challenges such as high implementation costs, lack of skilled cybersecurity professionals, and integration complexities with legacy systems pose restraints to market expansion. Nevertheless, ongoing technological advancements and increasing awareness of cybersecurity risks are expected to mitigate these challenges and sustain the market's upward trajectory.

HIL-based Augmented ICS (HAI) Security Dataset

The HAI dataset was collected from a realistic industiral control system (ICS) testbed augmented with a Hardware-In-the-Loop (HIL) simulator that emulates steam-turbine power generation and pumped-storage hydropower generation.

Click here to find out more about the HAI dataset.

Please e-mail us here if you have any questions about the dataset.

Background

• In 2017, three laboratory-scale CPS testbeds were initially launched, namely GE’s turbine testbed, Emerson’s boiler testbed, and FESTO’s modular production system (MPS) water-treatment testbed. These testbeds are related to relatively simple processes, and were operated independently of each other.

• In 2018, a complex process system was built to combine the three systems using a HIL simulator, where generation of thermal power and pumped-storage hydropower was simulated. This ensured that the variables were highly coupled and correlated for a richer dataset. In addition, an open platform communications united architecture (OPC-UA) gateway was installed to facilitate data collection from heterogeneous devices.

• The first version of HAI dataset, HAI 1.0, was made available on GitHub and Kaggle in February 2020. This dataset included ICS operational data from normal and anomalous situations for 38 attacks. Subsequently, a debugged version of HAI 1.0, namely HAI 20.07, was released for the HAICon 2020 competition in August 2020.

• HAI 21.03 was released in 2021, and was based on a more tightly coupled HIL simulator to produce clearer attack effects with additional attacks. This version provides more quantitative information and covers a variety of operational situations, and provides better insights into the dynamic changes of the physical system.

• HAI 22.04 contained more sophisticated attacks that are significantly more difficult to detect than those in the previous versions. Comparing only the baseline TaPRs of HAICon 2020 and HAICon 2021, detection difficulty in HAI 22.04 is approximately four times higher than HAI 21.03.

HAI Testbed

The testbed consists of four different processes: boiler process, turbine process, water treatement process and HIL simulation:

• Boiler Process (P1): This includes water-to-water heat trasfer at a low pressure and a moderate temperature. This process is controlled using Emerson Ovation DCS.
• Turbine Process (P2): A rotor kit process that closely simulates the behavior of an actual rotating machine. It is controlled by GE's Mark VIe DCS.

• Water treatment Process (P3): This process includes pumping water to the upper reservoir and releasing it back into the lower reservoir. It is controlled by Siemens's S7-300 PLC.

• HIL Simulation(P4): Both the boiler and turbine processes are interconnected to synchronize with the rotating speed of the virtual steam-turbine power generation model. The pump and value in the water-treatment process are controlled by the pumped-storage hydropower generation model. The dSPACE's SCALEXIO system is used for the HIL simulations and is interconnected with the real-world processes through a Siemens S7-1500 PLC and ET200 remote IO devices for data-acquisition system based on the OPC gateway.

HAI Datasets

Two major versions of HAI datasets have been released thus far. Each dataset consists of several CSV files, and each file satisfies time continuity. The quantitative summary of each version are as follows:

Note: The version numbering follows a date-based scheme, where the version number indicates the released date of the HAI dataset. HAI 20.07 is the bug-fixed version of HAI v1.0 released in February 2020.

|HAI 21.03|78|train1.csv ( 60 hours, 100 MB)
train2.csv ( 63 hours, 116 MB)
train3.csv (229 hours, 246 MB) | test1.csv (12 hours, 22 MB, 05 attacks)
test2.csv (33 hours, 62 MB, 20 attacks)
test3.csv (30 hours, 56 MB, 08 attacks)
test4.csv (11 hours, 20MB, 05 attacks)
test5.csv (26 hours, 48MB, 12 attacks)| |HAI 20.07
(HAI 1.0)| 59| train1.csv (86 hours, 127 MB)
train2.csv (91 hours, 98 MB) | test1.csv (81 hours, 119 MB)
test2.csv (42 hours, 62 MB)|

Data fields

The time-series data in each CSV file satisfies time continuity. The first column represents the observed time as “yyyy-MM-dd hh:mm:ss,” while the rest columns provide the recorded SCADA data points. The last four columns provide data labels for whether an attack occurred or not, where the attack column was applicable to all process and the other three columns were for the corresponding control processes.

Refer to the latest technical manual for the details for each column.

Getting the dataset

Type git clone, and the paste the below URL. $ git clone https://github.com/icsdataset/hai To unzip multiple gzip files, you can use: $ gunzip *.gz

Performance Evaluation

Use of eTaPR (Enhanced Time-series Aware Precision and Recall) metric is strongly recommended to evaluate your anomaly detection model, which provides fairness to performance comparisons with other studies. Got something to suggest? Let us know!

Projects using the dataset

Here are some projects and experiments that are using or featuring the dataset in interesting ways. Got something to add? Let us know!

The related projects so far are as follows.

Anomaly Detection

Year 2022

1. Benchmarking machine learning based detection of cyber attacks for critical infrastructure
2. A Hybrid Algorithm Incorporating Vector Quantization and One-Class Support Vector Machine for industrial Anomaly Detection

3. Variational restricted Boltzmann machines to automated anomaly detection

   Year 2021

4. Research on improvement of anomaly detection performance in industrial control systems

5. E-sfd: Explainable sensor fault detection in the ics anomaly detection system

6. Stacked-autoencoder based anomaly detection with industrial control system

7. Improved mitigation of cyber threats in iiot for smart cities: A new-era approach and scheme

8. Towards building intrusion detection systems for multivariate time-series data

9. Revitalizing self-organizing map: Anomaly detection using forecasting error patterns

10. Cluster-based deep one-class classification model for anomaly detection

11. Measurement data intrusion detection in industrial control systems based on unsupervised learning

12. A machine learning approach for anomaly detection in industrial control systems based on measurement data

Year 2020

1. Anomaly detection in time-series data environment
2. Detecting anomalies in time-series data using unsupervised learning and analysis on infrequent signatures

Testbed/Dataset

Year 2021

1. Probabilistic attack sequence generation and execution based on mitre att&ck for ics datasets

Year 2020

1. [Expansion of ICS testbed for security validation based on MITRE ATT&CK techniques][TB_20_01]
2. [Expanding a programmable cps testbed for network attack analysis][TB_20_02]
3. [Co-occurrence based security event analysis and visualization for cyber physical systems][TB_20_03]

Cyber Physical Systems (CPS) Security Market Outlook

The global market size for Cyber Physical Systems (CPS) Security was valued at approximately USD 5.6 billion in 2023 and is projected to reach USD 14.8 billion by 2032, growing at a compound annual growth rate (CAGR) of 11.3% during the forecast period. This substantial growth is fueled by the increasing adoption of CPS across various industries, alongside the rising threat of cyber-attacks on critical infrastructure.

One of the primary growth factors for the CPS Security Market is the increasing integration of IoT devices and automation technologies across various industries. The expanding digital footprint and interconnected systems necessitate robust security measures to safeguard against potential cyber threats. As more industries, such as healthcare, automotive, and manufacturing, rely heavily on CPS, the demand for enhanced security solutions is expected to surge. The heightened awareness about cyber vulnerabilities and the critical need to protect sensitive data and operational integrity are further propelling market growth.

Another significant driver for the CPS Security Market is the regulatory landscape. Governments and regulatory bodies worldwide are implementing stringent security standards and compliance requirements to protect critical infrastructure. For instance, the European UnionÂ’s General Data Protection Regulation (GDPR) and the United StatesÂ’ National Institute of Standards and Technology (NIST) guidelines mandate stringent security measures for data protection and cyber resilience. These regulatory frameworks compel organizations to adopt advanced CPS security solutions, thereby boosting market growth.

The increasing frequency and sophistication of cyber-attacks are also major growth catalysts. Advanced persistent threats (APTs), ransomware, and other malicious activities targeting CPS are becoming more prevalent. The potential financial, operational, and reputational damage from cyber incidents drives organizations to invest in advanced security measures. As the threat landscape evolves, the need for comprehensive CPS security solutions that offer real-time threat detection, mitigation, and incident response capabilities becomes paramount.

Regionally, North America is expected to hold the largest market share due to the early adoption of CPS technologies and substantial investments in cybersecurity infrastructure. Asia Pacific is anticipated to exhibit the highest growth rate, driven by rapid industrialization, urbanization, and increasing government initiatives to bolster cybersecurity measures. Europe is also a significant market, with strong regulatory frameworks and high awareness levels driving the adoption of CPS security solutions.

The role of Industrial Control Systems Security Software is becoming increasingly significant in the CPS Security Market. As industries become more reliant on interconnected systems and automation, the need for specialized security solutions to protect industrial control systems (ICS) is paramount. These systems are often the backbone of critical infrastructure in sectors such as energy, manufacturing, and utilities, making them prime targets for cyber-attacks. Industrial Control Systems Security Software provides essential protection by offering real-time monitoring, threat detection, and incident response capabilities tailored to the unique requirements of ICS environments. This software ensures the operational integrity and safety of industrial processes, thereby supporting the overall security framework of CPS.

Component Analysis

The CPS Security Market by component is segmented into hardware, software, and services. The hardware segment includes various security devices such as firewalls, intrusion detection systems (IDS), and intrusion prevention systems (IPS). The demand for hardware security solutions is driven by the need to secure the physical components of CPS, which are often targeted by cyber-attacks. Hardware-based security solutions provide a robust defense mechanism, ensuring the integrity and availability of critical systems. The integration of advanced technologies like AI and machine learning in hardware security solutions further enhances their effectiveness, fueling market growth.

The software segment encompasses security software applications designed to protect CPS from cyber threats. This includes antivirus software, security informat

The global Manufacturing and Energy Industry Cybersecurity market is experiencing robust growth, projected to reach $27.76 billion in 2025 and maintain a Compound Annual Growth Rate (CAGR) of 8.0% from 2025 to 2033. This significant expansion is driven by the increasing reliance on interconnected systems and the escalating sophistication of cyber threats targeting critical infrastructure. The manufacturing sector, with its extensive use of Industrial Internet of Things (IIoT) devices and automation technologies, presents a particularly lucrative target for cybercriminals, leading to substantial investments in preventative measures. Similarly, the energy industry, encompassing power generation, transmission, and distribution, faces considerable risks from cyberattacks that can disrupt operations, cause power outages, and compromise sensitive data. Growth is further fueled by stringent regulatory compliance mandates and the rising adoption of advanced cybersecurity solutions like AI-powered threat detection and predictive analytics. The market segmentation reveals a strong demand across hardware, software, and services, with significant opportunities in both the Manufacturing and Energy industry verticals. This expansive market offers substantial potential for established players like Palo Alto Networks, Cisco, and IBM, as well as emerging cybersecurity firms, demonstrating the substantial investment and competition in this critical sector. The market's continued expansion is projected across all geographical regions, though North America and Europe are expected to retain a dominant share due to their advanced technological infrastructure and robust cybersecurity regulations. However, the Asia-Pacific region is predicted to exhibit the fastest growth rate, driven by increasing industrialization and digital transformation initiatives in countries like China and India. Market restraints primarily involve the high cost of implementation and maintenance of comprehensive cybersecurity solutions, along with the ongoing skills shortage in cybersecurity professionals. Despite these challenges, the overwhelming need to protect critical infrastructure and sensitive data in both manufacturing and energy sectors will continue to drive substantial investments and market growth throughout the forecast period.

The Industrial Control Systems (ICS) market is experiencing robust growth, projected to reach a value of $94.19 billion in 2025, exhibiting a Compound Annual Growth Rate (CAGR) of 5.0% from 2025 to 2033. This expansion is fueled by several key drivers. The increasing adoption of automation and digitalization across various industries, such as manufacturing, oil and gas, and water treatment, necessitates sophisticated ICS solutions for enhanced efficiency, productivity, and remote monitoring. Furthermore, the rising demand for improved cybersecurity measures in critical infrastructure sectors is significantly boosting market growth. Governments worldwide are increasingly mandating stringent cybersecurity protocols for ICS, driving investment in advanced security technologies and services. The integration of cloud computing, big data analytics, and the Internet of Things (IoT) into ICS further accelerates market growth, enabling better data analysis, predictive maintenance, and streamlined operations. However, challenges such as the high initial investment costs associated with implementing and maintaining ICS and concerns about data breaches and cyberattacks pose some restraints to market expansion. The market segmentation reveals significant opportunities across various application sectors. Power generation and distribution remain a prominent user of ICS, requiring reliable control systems for grid management and power delivery. The oil and gas industry relies heavily on ICS for process automation, safety, and asset management. The manufacturing sector is rapidly adopting advanced ICS solutions for optimizing production lines and improving overall efficiency. Similarly, the water and wastewater, chemical, automotive, food and beverage, and pharmaceutical sectors are experiencing rising demand for sophisticated ICS, driven by the need for enhanced process control, data analysis, and regulatory compliance. The diverse types of ICS, including Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS), and Programmable Logic Controllers (PLCs), cater to a wide range of industrial needs, contributing to the market’s overall growth. Major players like ABB, Honeywell, and Siemens are actively engaged in innovation and market expansion, further contributing to this dynamic landscape.