Industrial assets control systems that operate physical systems (e.g., associated with power turbines, jet engines, locomotives, autonomous vehicles, etc.) are increasingly connected to the Internet. As a result, these control systems may be vulnerable to threats, such as cyber-attacks (e.g., associated with a computer virus, malicious software, etc.), that could disrupt electric power generation and distribution, damage engines, inflict vehicle malfunctions, etc. Current methods primarily consider threat detection in Information Technology (“IT,” such as, computers that store, retrieve, transmit, manipulate data) and Operation Technology (“OT,” such as direct monitoring devices and communication bus interfaces). Cyber-threats can still penetrate through these protection layers and reach the physical “domain” as seen in 2010 with the Stuxnet attack. Such attacks can diminish the performance of an industrial asset and may cause a total shutdown or even catastrophic damage to a plant. Currently, Fault Detection Isolation and Accommodation (“FDIA”) approaches only analyze sensor data, but a threat might occur even in other types of threat monitoring nodes such as actuators, control logical(s), etc. Also, note that FDIA is limited only to naturally occurring faults in one sensor at a time. FDIA systems do not address multiple simultaneously occurring faults, since those abnormalities are normally due to malicious intent. Moreover, in some cases an entire fleet of industrial assets may need to be monitored and/or protected. For example, a fleet of five geographically remote power plants might need to be monitored and, in some cases, information determined with respect to one power plant might be relevant to the protection of another power plant (e.g., the two plants might be undergoing similar attacks). It can be difficult, however, to simultaneously monitor many different industrial assets (e.g., each containing many different sensors and other sources of data) in substantially real time. It would therefore be desirable to facilitate the creation of a suitable threat detection system to protect a fleet of industrial assets from cyber threats in an automatic and accurate manner.