Complex systems may utilize both physical components configured to provide work (e.g., energy, movement, or the like) along with networking or information systems that may exchange information with external systems. The physical systems may be subject to wear and tear or other damage, while the information systems may be subject to cyber attack, such as from viruses or other malware.
For tactical platforms or critical infrastructure, cyber threats may be particularly difficult to address due to the mission critical and time sensitive nature of such platforms or infrastructure. Damage to, compromise of, or loss of use of such resources provides disproportionate harm. Conventional techniques often fail to detect complex cyber threats, and/or lack flexibility to be useful in a variety of contexts. As one example, conventional techniques may fail to detect a cyber threat that mimics a physical component or aspect of a system. The inability of conventional systems to accurately and reliably identify malicious (e.g., due to cyber attack) as well as non-malicious (e.g., due to wear and tear of physical components) leads to increased damage to systems being monitored as well as increased down time of such systems. The potential for damage from malicious attacks is exacerbated by the increasing use of networking by systems utilizing information systems, for example.