Development of an Edge Resilient ML Ensemble to Tolerate ICS Adversarial Attacks

Likai Yao; Qinxuan Shi; Zhanglong Yang; Sicong Shao; Salim Hariri

doi:10.1007/978-3-031-94895-4_24

Development of an Edge Resilient ML Ensemble to Tolerate ICS Adversarial Attacks

Likai Yao
, Qinxuan Shi
, Zhanglong Yang
, Sicong Shao
, Salim Hariri

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Deploying machine learning (ML) in dynamic data-driven applications systems (DDDAS) can improve the security of industrial control systems (ICS). However, ML-based DDDAS are vulnerable to adversarial attacks because adversaries can alter the input data slightly so that the ML models predict a different result. In this paper, our goal is to build a resilient edge machine learning (reML) architecture that is designed to withstand adversarial attacks by performing Data Air Gap Transformation (DAGT) to anonymize data feature spaces using deep neural networks and randomize the ML models used for predictions. The reML is based on the Resilient DDDAS paradigm, Moving Target Defense (MTD) theory, and TinyML and is applied to combat adversarial attacks on ICS. Furthermore, the proposed approach is power-efficient and privacy-preserving and, therefore, can be deployed on power-constrained devices to enhance ICS security. This approach enables resilient ML inference at the edge by shifting the computation from the computing-intensive platforms to the resource-constrained edge devices. The incorporation of TinyML with TensorFlow Lite ensures efficient resource utilization and, consequently, makes reML suitable for deployment in various industrial control environments. Furthermore, the dynamic nature of reML, facilitated by the resilient DDDAS development environment, allows for continuous adaptation and improvement in response to emerging threats. Lastly, we evaluate our approach on an ICS dataset and demonstrate that reML provides a viable and effective solution for resilient ML inference at the edge devices.

Original language	English (US)
Title of host publication	Dynamic Data Driven Applications Systems - 5th International Conference, DDDAS/Infosymbiotics for Reliable AI 2024, Proceedings
Editors	Erik Blasch, Frederica Darema, Dimitris Metaxas
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	225-234
Number of pages	10
ISBN (Print)	9783031948947
DOIs	https://doi.org/10.1007/978-3-031-94895-4_24
State	Published - 2026
Externally published	Yes
Event	5th International Conference on Dynamic Data Driven Applications Systems, DDDAS/Infosymbiotics for Reliable AI 2024 - New Brunswick, United States Duration: Nov 6 2024 → Nov 8 2024

Publication series

Name	Lecture Notes in Computer Science
Volume	15514 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	5th International Conference on Dynamic Data Driven Applications Systems, DDDAS/Infosymbiotics for Reliable AI 2024
Country/Territory	United States
City	New Brunswick
Period	11/6/24 → 11/8/24

Keywords

Adversarial ML
Cybersecurity
DDDAS
Edge AI

ASJC Scopus subject areas

Theoretical Computer Science
General Computer Science

Access to Document

10.1007/978-3-031-94895-4_24

Cite this

Yao, L., Shi, Q., Yang, Z., Shao, S., & Hariri, S. (2026). Development of an Edge Resilient ML Ensemble to Tolerate ICS Adversarial Attacks. In E. Blasch, F. Darema, & D. Metaxas (Eds.), Dynamic Data Driven Applications Systems - 5th International Conference, DDDAS/Infosymbiotics for Reliable AI 2024, Proceedings (pp. 225-234). (Lecture Notes in Computer Science; Vol. 15514 LNCS). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-031-94895-4_24

Development of an Edge Resilient ML Ensemble to Tolerate ICS Adversarial Attacks. / Yao, Likai; Shi, Qinxuan; Yang, Zhanglong et al.
Dynamic Data Driven Applications Systems - 5th International Conference, DDDAS/Infosymbiotics for Reliable AI 2024, Proceedings. ed. / Erik Blasch; Frederica Darema; Dimitris Metaxas. Springer Science and Business Media Deutschland GmbH, 2026. p. 225-234 (Lecture Notes in Computer Science; Vol. 15514 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Yao, L, Shi, Q, Yang, Z, Shao, S & Hariri, S 2026, Development of an Edge Resilient ML Ensemble to Tolerate ICS Adversarial Attacks. in E Blasch, F Darema & D Metaxas (eds), Dynamic Data Driven Applications Systems - 5th International Conference, DDDAS/Infosymbiotics for Reliable AI 2024, Proceedings. Lecture Notes in Computer Science, vol. 15514 LNCS, Springer Science and Business Media Deutschland GmbH, pp. 225-234, 5th International Conference on Dynamic Data Driven Applications Systems, DDDAS/Infosymbiotics for Reliable AI 2024, New Brunswick, United States, 11/6/24. https://doi.org/10.1007/978-3-031-94895-4_24

Yao L, Shi Q, Yang Z, Shao S, Hariri S. Development of an Edge Resilient ML Ensemble to Tolerate ICS Adversarial Attacks. In Blasch E, Darema F, Metaxas D, editors, Dynamic Data Driven Applications Systems - 5th International Conference, DDDAS/Infosymbiotics for Reliable AI 2024, Proceedings. Springer Science and Business Media Deutschland GmbH. 2026. p. 225-234. (Lecture Notes in Computer Science). doi: 10.1007/978-3-031-94895-4_24

Yao, Likai ; Shi, Qinxuan ; Yang, Zhanglong et al. / Development of an Edge Resilient ML Ensemble to Tolerate ICS Adversarial Attacks. Dynamic Data Driven Applications Systems - 5th International Conference, DDDAS/Infosymbiotics for Reliable AI 2024, Proceedings. editor / Erik Blasch ; Frederica Darema ; Dimitris Metaxas. Springer Science and Business Media Deutschland GmbH, 2026. pp. 225-234 (Lecture Notes in Computer Science).

@inproceedings{f5f9d272c28a41669e4f8bb1a8662156,

title = "Development of an Edge Resilient ML Ensemble to Tolerate ICS Adversarial Attacks",

abstract = "Deploying machine learning (ML) in dynamic data-driven applications systems (DDDAS) can improve the security of industrial control systems (ICS). However, ML-based DDDAS are vulnerable to adversarial attacks because adversaries can alter the input data slightly so that the ML models predict a different result. In this paper, our goal is to build a resilient edge machine learning (reML) architecture that is designed to withstand adversarial attacks by performing Data Air Gap Transformation (DAGT) to anonymize data feature spaces using deep neural networks and randomize the ML models used for predictions. The reML is based on the Resilient DDDAS paradigm, Moving Target Defense (MTD) theory, and TinyML and is applied to combat adversarial attacks on ICS. Furthermore, the proposed approach is power-efficient and privacy-preserving and, therefore, can be deployed on power-constrained devices to enhance ICS security. This approach enables resilient ML inference at the edge by shifting the computation from the computing-intensive platforms to the resource-constrained edge devices. The incorporation of TinyML with TensorFlow Lite ensures efficient resource utilization and, consequently, makes reML suitable for deployment in various industrial control environments. Furthermore, the dynamic nature of reML, facilitated by the resilient DDDAS development environment, allows for continuous adaptation and improvement in response to emerging threats. Lastly, we evaluate our approach on an ICS dataset and demonstrate that reML provides a viable and effective solution for resilient ML inference at the edge devices.",

keywords = "Adversarial ML, Cybersecurity, DDDAS, Edge AI",

author = "Likai Yao and Qinxuan Shi and Zhanglong Yang and Sicong Shao and Salim Hariri",

note = "Publisher Copyright: {\textcopyright} The Author(s), under exclusive license to Springer Nature Switzerland AG 2026.; 5th International Conference on Dynamic Data Driven Applications Systems, DDDAS/Infosymbiotics for Reliable AI 2024 ; Conference date: 06-11-2024 Through 08-11-2024",

year = "2026",

doi = "10.1007/978-3-031-94895-4\_24",

language = "English (US)",

isbn = "9783031948947",

series = "Lecture Notes in Computer Science",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "225--234",

editor = "Erik Blasch and Frederica Darema and Dimitris Metaxas",

booktitle = "Dynamic Data Driven Applications Systems - 5th International Conference, DDDAS/Infosymbiotics for Reliable AI 2024, Proceedings",

address = "Germany",

}

TY - GEN

T1 - Development of an Edge Resilient ML Ensemble to Tolerate ICS Adversarial Attacks

AU - Yao, Likai

AU - Shi, Qinxuan

AU - Yang, Zhanglong

AU - Shao, Sicong

AU - Hariri, Salim

N1 - Publisher Copyright: © The Author(s), under exclusive license to Springer Nature Switzerland AG 2026.

PY - 2026

Y1 - 2026

N2 - Deploying machine learning (ML) in dynamic data-driven applications systems (DDDAS) can improve the security of industrial control systems (ICS). However, ML-based DDDAS are vulnerable to adversarial attacks because adversaries can alter the input data slightly so that the ML models predict a different result. In this paper, our goal is to build a resilient edge machine learning (reML) architecture that is designed to withstand adversarial attacks by performing Data Air Gap Transformation (DAGT) to anonymize data feature spaces using deep neural networks and randomize the ML models used for predictions. The reML is based on the Resilient DDDAS paradigm, Moving Target Defense (MTD) theory, and TinyML and is applied to combat adversarial attacks on ICS. Furthermore, the proposed approach is power-efficient and privacy-preserving and, therefore, can be deployed on power-constrained devices to enhance ICS security. This approach enables resilient ML inference at the edge by shifting the computation from the computing-intensive platforms to the resource-constrained edge devices. The incorporation of TinyML with TensorFlow Lite ensures efficient resource utilization and, consequently, makes reML suitable for deployment in various industrial control environments. Furthermore, the dynamic nature of reML, facilitated by the resilient DDDAS development environment, allows for continuous adaptation and improvement in response to emerging threats. Lastly, we evaluate our approach on an ICS dataset and demonstrate that reML provides a viable and effective solution for resilient ML inference at the edge devices.

AB - Deploying machine learning (ML) in dynamic data-driven applications systems (DDDAS) can improve the security of industrial control systems (ICS). However, ML-based DDDAS are vulnerable to adversarial attacks because adversaries can alter the input data slightly so that the ML models predict a different result. In this paper, our goal is to build a resilient edge machine learning (reML) architecture that is designed to withstand adversarial attacks by performing Data Air Gap Transformation (DAGT) to anonymize data feature spaces using deep neural networks and randomize the ML models used for predictions. The reML is based on the Resilient DDDAS paradigm, Moving Target Defense (MTD) theory, and TinyML and is applied to combat adversarial attacks on ICS. Furthermore, the proposed approach is power-efficient and privacy-preserving and, therefore, can be deployed on power-constrained devices to enhance ICS security. This approach enables resilient ML inference at the edge by shifting the computation from the computing-intensive platforms to the resource-constrained edge devices. The incorporation of TinyML with TensorFlow Lite ensures efficient resource utilization and, consequently, makes reML suitable for deployment in various industrial control environments. Furthermore, the dynamic nature of reML, facilitated by the resilient DDDAS development environment, allows for continuous adaptation and improvement in response to emerging threats. Lastly, we evaluate our approach on an ICS dataset and demonstrate that reML provides a viable and effective solution for resilient ML inference at the edge devices.

KW - Adversarial ML

KW - Cybersecurity

KW - DDDAS

KW - Edge AI

UR - https://www.scopus.com/pages/publications/105015042532

UR - https://www.scopus.com/pages/publications/105015042532#tab=citedBy

U2 - 10.1007/978-3-031-94895-4_24

DO - 10.1007/978-3-031-94895-4_24

M3 - Conference contribution

AN - SCOPUS:105015042532

SN - 9783031948947

T3 - Lecture Notes in Computer Science

SP - 225

EP - 234

BT - Dynamic Data Driven Applications Systems - 5th International Conference, DDDAS/Infosymbiotics for Reliable AI 2024, Proceedings

A2 - Blasch, Erik

A2 - Darema, Frederica

A2 - Metaxas, Dimitris

PB - Springer Science and Business Media Deutschland GmbH

T2 - 5th International Conference on Dynamic Data Driven Applications Systems, DDDAS/Infosymbiotics for Reliable AI 2024

Y2 - 6 November 2024 through 8 November 2024

ER -