What question did this study set out to answer?

To enhance cybersecurity in SCADA systems through a framework that models and analyzes cyberattack flows.

April 21, 2026Open Access

DiGraph-Enabled Digital Twin with Label Encoding ML for SCADA Cyberattack Analysis in Industry 5.0

Key Points

To enhance cybersecurity in SCADA systems through a framework that models and analyzes cyberattack flows.
Developed a DiGraph-based digital twin for SCADA network components.
Used XGBoost machine learning technique for attack detection and classification.
Evaluated the model with the MSU–ORNL SCADA dataset.
Achieved high accuracy in detecting and classifying cyberattacks.
Minimal misclassification rates observed during evaluation.
Provided real-time visualization of cyberattack flows.

Abstract

This paper proposes a novel framework, DT-ML-CAFA (Digital Twin and Machine Learning-based Cyber Attack Flow Analysis), for enhancing cybersecurity in SCADA-based Industry 5.0 smart grids. The system integrates a Directed Graph (DiGraph)-based digital twin to model SCADA network components and simulate real-time cyber-attack propagation. Machine learning techniques, particularly XGBoost, are employed to detect and classify critical attack types such as False Data Injection Attacks (FDIA), Remote Tripping Command Injection (RTCI), and System Reconfiguration Attacks (SRA). The model is evaluated using the MSU–ORNL SCADA dataset, achieving high accuracy with minimal misclassification. The proposed framework provides real-time visualization of attack flow, improving situational awareness and enabling proactive defense in smart grid infrastructures.

DiGraph-Enabled Digital Twin with Label Encoding ML for SCADA Cyberattack Analysis in Industry 5.0

Key Points

Abstract

Cite This Study