Abstract
Critical cyber-physical infrastructure, such as urban water distribution systems, underpins public health, economic stability, and environmental sustainability, yet faces escalating threats from sophisticated cyber-physical attacks that evade traditional defenses. Deep-learning-based reconstruction models offer the adaptability needed to detect unseen anomalies but impose prohibitive computational and environmental costs, creating an unresolved tension between security and sustainability. While PCA-deep-learning hybrids are widely used, their architectural configurations for anomaly detection have remained naive and unquantified in terms of real-world resource demands. This study demonstrates that among five novel PCA-autoencoder configurations evaluated across two challenging water distribution datasets, architectural synthesis dictates both detection robustness and sustainability, with operational efficiency varying by over an order of magnitude. An integrated model (PCA-D) achieves strong anomaly detection at a cost-effectiveness ratio of 2.62 J per true positive-nearly four times better than the most robust hybrid-while naive wrapper hybrids miss over 77% of threats. The proposed framework converts measured computational loads into annual energy, carbon, and water footprints, revealing that the most detection-robust model is not the most sustainable. These results establish a unifying cost-effectiveness metric and a key design principle: integrated statistical-deep-learning architectures enable genuinely green AI that secures critical infrastructure without incurring excessive environmental burden.