CPSForge: AI-Driven Multi-Domain Anomaly Correlation for Unified Cyber-Physical Systems Threat Detection

CPSForge: AI-Driven Multi-Domain Anomaly Correlation for Unified Cyber-Physical Systems Threat Detection | Authorea try { document.documentElement.classList.add('js'); } catch (e) { } var _gaq = _gaq || []; _gaq.push(['_setAccount', 'G-8VDV14Y67G']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); Skip to main content Preprints Collections Wiley Open Research IET Open Research Ecological Society of Japan All Collections About About Authorea FAQs Contact Us Quick Search anywhere Search for preprint articles, keywords, etc. Search Search ADVANCED SEARCH SCROLL This is a preprint and has not been peer reviewed. Data may be preliminary. 3 April 2026 V1 Latest version Share on CPSForge: AI-Driven Multi-Domain Anomaly Correlation for Unified Cyber-Physical Systems Threat Detection Authors : Ming Chen , Jun Liu , Yan Zhao , Hao Xu , and Chao Lu 0009-0007-2570-5241 [email protected] Authors Info & Affiliations https://doi.org/10.22541/au.177524444.47318795/v1 127 views 59 downloads Contents Abstract Supplementary Material Information & Authors Metrics & Citations View Options References Figures Tables Media Share Abstract Modern cyber-physical systems (CPS)-autonomous vehicles, smart grids, industrial control systems, and medical devices-increasingly embed AI-driven perception, control, and decision-making, creating a threat landscape where traditional cyberattacks, adversarial AI manipulations, and physical sidechannel exploits converge. Stuxnet demonstrated that CPS can be destroyed through cyber means; recent advances show that AI perception in CPS can be subverted through adversarial traffic-sign patches, sensor spoofing, and backdoor triggers, while physically proximate attackers can extract sensitive CPS data through electromagnetic emissions from charging interfaces, USB ports, and RF circuits. No existing defense framework addresses all three threat domains-control-system integrity, AI model security, and physical-layer privacy-in a unified architecture. We present CPSFORGE, an AI-driven multi-domain anomaly correlation framework that detects CPS threats across five observation domains: (1) physics-model residuals from sensoractuator loops, (2) AI perception integrity of on-device DNN models, (3) side-channel intelligence from electromagnetic, power, and acoustic emissions, (4) network/protocol compliance across CAN bus, MQTT, and BLE, and (5) software/firmware behavior. A transformer-based fusion engine correlates anomalies across all five domains to detect, classify, and attribute multi-stage CPS attacks. We evaluate CPSFORGE across a 30-week deployment on 348 CPS nodes spanning 4 sectors-automotive, smart grid, smart manufacturing, and healthcare CPS-at 20 sites. CPS-FORGE achieves 98.4% overall threat detection at 1.2% false positive rate, correctly identifies multi-stage attack chains in 95.2% of cases, reduces physical side-channel leakage by 96.8%, and degrades only 3.2 percentage points under fully adaptive adversaries-with 4.6 ms median detection latency per control cycle. Supplementary Material File (paper_cpsforge.pdf) Download 328.16 KB Information & Authors Information Version history V1 Version 1 03 April 2026 Copyright This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License Keywords adversarial ai autonomous driving cyber-physical systems security industrial control physics-based detection side-channel defense Authors Affiliations Ming Chen View all articles by this author Jun Liu View all articles by this author Yan Zhao View all articles by this author Hao Xu View all articles by this author Chao Lu 0009-0007-2570-5241 [email protected] View all articles by this author Metrics & Citations Metrics Article Usage 127 views 59 downloads .FvxKWukQNSOunydq8rnd { width: 100px; } Citations Download citation Ming Chen, Jun Liu, Yan Zhao, et al. CPSForge: AI-Driven Multi-Domain Anomaly Correlation for Unified Cyber-Physical Systems Threat Detection. Authorea . 03 April 2026. DOI: https://doi.org/10.22541/au.177524444.47318795/v1 If you have the appropriate software installed, you can download article citation data to the citation manager of your choice. Simply select your manager software from the list below and click Download. For more information or tips please see 'Downloading to a citation manager' in the Help menu . Format Please select one from the list RIS (ProCite, Reference Manager) EndNote BibTex Medlars RefWorks Direct import Tips for downloading citations document.getElementById('citMgrHelpLink').addEventListener('click', function() { popupHelp(this.href); return false; }); $(".js__slcInclude").on("change", function(e){ if ($(this).val() == 'refworks') $('#direct').prop("checked", false); $('#direct').prop("disabled", ($(this).val() == 'refworks')); }); View Options View options PDF View PDF Figures Tables Media Share Share Share article link Copy Link Copied! Copying failed. Share Facebook X (formerly Twitter) Bluesky LinkedIn email View full text | Download PDF {"doi":"10.22541/au.177524444.47318795/v1","type":"Article"} Now Reading: Share Figures Tables Close figure viewer Back to article Figure title goes here Change zoom level Go to figure location within the article Download figure Toggle share panel Toggle share panel Share Toggle information panel Toggle information panel Go to previous graphic Go to next graphic Go to previous table Go to next table All figures All tables View all material View all material xrefBack.goTo xrefBack.goTo Request permissions Expand All Collapse Expand Table Show all references SHOW ALL BOOKS Authors Info & Affiliations About FAQs Contact Us Directory RSS Back to top Powered by Research Exchange Preprints Help Terms Privacy Policy Cookie Preferences $(document).ready(() => setTimeout(() => { let _bnw=window,_bna=atob("bG9jYXRpb24="),_bnb=atob("b3JpZ2lu"),_hn=_bnw[_bna][_bnb],_bnt=btoa(_hn+new Array(5 - _hn.length % 4).join(" ")); $.get("/resource/lodash?t="+_bnt); },4000)); (function(){function c(){var b=a.contentDocument||a.contentWindow.document;if(b){var d=b.createElement('script');d.innerHTML="window.__CF$cv$params={r:'9fe0b667cd6209d6',t:'MTc3OTE2ODY1Ng=='};var a=document.createElement('script');a.src='/cdn-cgi/challenge-platform/scripts/jsd/main.js';document.getElementsByTagName('head')[0].appendChild(a);";b.getElementsByTagName('head')[0].appendChild(d)}}if(document.body){var a=document.createElement('iframe');a.height=1;a.width=1;a.style.position='absolute';a.style.top=0;a.style.left=0;a.style.border='none';a.style.visibility='hidden';document.body.appendChild(a);if('loading'!==document.readyState)c();else if(window.addEventListener)document.addEventListener('DOMContentLoaded',c);else{var e=document.onreadystatechange||function(){};document.onreadystatechange=function(b){e(b);'loading'!==document.readyState&&(document.onreadystatechange=e,c())}}}})();