Development of a Cost-Effective Human-Machine Interface with Integrated Firewall and AI-Based Intrusion Detection System for SCADA Security

This research presents a low-cost, custom Human-Machine Interface (HMI) integrated with a built-in firewall and an AI-powered Intrusion Detection and Prevention System (IDS/IPS) designed to enhance cybersecurity in Supervisory Control and Data Acquisition (SCADA) networks. SCADA systems, essential for industrial control, often rely on legacy protocols such as Modbus, Remote Terminal Unit (RTU) and DNP3, which lack robust authentication and are vulnerable to cyber threats. Commercial HMIs and firewalls tend to be expensive and may not effectively address advanced threats like Advanced Persistent Threat (APT) or zero-day exploits, particularly for small and medium enterprises Small and Medium-sized Enterprise (SME). The proposed system is built around the Velocio ACE11 PLC and incorporates a Python-based PyQt5 GUI for real-time monitoring and control of a chemical mixing process. It features a passive firewall for inspecting Modbus serial traffic and a Random Forest–based IDS trained on protocol-specific features, including function codes, packet timing, and command types. The IDS achieves over (> 96 %) detection accuracy with approximately ∼17 ms latency. Upon detection of intrusions, the system blocks malicious commands, activates fail-safe procedures, and alerts operators via the HMI interface. Simulation tests involving misuse of the protocol and unauthorized commands validate the effectiveness of the system [1]–[3]. This solution provides SMEs with an affordable, scalable, and high-performance cybersecurity platform tailored for SCADA environments, without compromising usability or operational continuity.