Dynamic concurrent learning method to neutralize cyber attacks and faults for industrial asset monitoring nodes

The invention claimed is: 1. A system with dynamic concurrent learning mechanism to protect an industrial asset, comprising: a receiver configured to receive input signals from monitoring nodes of the industrial asset, each input signal comprising continuous time series of data representing a current operation of the industrial asset; a neutralization engine having a hardware processor configured to: transform the input signals into a set feature vectors in a feature dimensional space, each feature vector being associated with one of a plurality of successive overlapping batches of received input signals, wherein the overlapping is created with, at least, new data being added to a leading edge of a batch, detect an abnormal state of the industrial asset based on the set of transformed feature vectors and a predetermined static decision boundary, that separates a normal behavior and abnormal behavior, associated with the industrial asset, automatically and dynamically generate a dynamic decision boundary based on the set of transformed feature vectors, wherein the dynamic decision boundary is updated more frequently than the static decision boundary during a normal operation and is used concurrently with the static decision boundary to cover more restricted normal operating space, calculate an estimated neutralized value for each abnormal feature value based on the dynamic decision boundary and the static decision boundary to arrange and move a future set of feature vectors with respect to the static decision boundary to either a prior location or a safe zone in the feature dimensional space, and perform an inverse transform of each estimated neutralized value to generate neutralized signals comprising the transformed time series of data; and an output configured to output the neutralized signals. 2. The system of claim 1 , wherein the neutralization engine is further to: determine that a number of monitoring nodes currently being attacked does not exceed a threshold value, and responsive to the determination, arrange for the future set of feature vectors to move in the feature space toward a previous location of the dynamic decision boundary within the static decision boundary. 3. The system of claim 1 , wherein neutralization engine is further to: determine that a number of monitoring nodes currently being attacked exceeds a threshold value, and responsive to the determination, arrange for the future set of feature vectors to move toward a predetermined location in the feature space. 4. The system of claim 3 , wherein the predetermined location is within the static decision boundary. 5. The system of claim 4 , wherein the predetermined location is associated with one of a set of predetermined zones within the static decision boundary, and the neutralization engine is further to: select one of the predetermined zones as an appropriate predetermined location. 6. The system of claim 3 , wherein the predetermined location is outside the static decision boundary and represents a shutdown of the industrial asset. 7. The system of claim 1 , wherein the monitoring nodes are associated with at least one of: (i) sensor nodes, (ii) actuator nodes, (iii) reference signal nodes, and (iv) controller nodes. 8. The system of claim 1 , wherein the dynamic decision boundary is updated more frequently as compared to the static decision boundary. 9. The system of claim 1 , wherein the static decision boundary is constructed by a machine learning algorithm. 10. The system of claim 9 , wherein the machine learning algorithm constructs the static decision boundary offline based on data from a high-fidelity model of the industrial asset and simulated conditions including normal operation, attacked operation, and fault operation. 11. The system of claim 9 , wherein the machine learning algorithm constructs the static decision boundary based on a historic data set associated with at least one of: (i) the industrial asset, and (ii) similar industrial assets. 12. The system of claim 1 , wherein the dynamic decision boundary is a trained mathematical function that represents a shell enclosing recent feature vectors. 13. The system of claim 12 , wherein the dynamic decision boundary is generated using a 1-class semi-supervised machine learning algorithm. 14. The system of claim 1 , wherein the industrial asset is associated with at least one of: (i) a turbine, (ii) a gas turbine, (iii) a wind turbine, (iv) an engine, (v) a jet engine, (vi) a locomotive engine, (vii) a refinery, (viii) a power grid, (ix) a dam, and (x) an autonomous vehicle. 15. A computerized method of dynamic concurrent learning techniques to protect an industrial asset, comprising: receiving input signals from monitoring nodes of the industrial asset, each input signal comprising continuous time series of data representing a current operation of the industrial asset; transforming, by a neutralization engine computer hardware processor, the input signals into a set feature vectors in a feature dimensional space, each feature vector being associated with one of a plurality of successive overlapping batches of received input signals, wherein the overlapping is created with, at least, new data being added to a leading edge of a batch; detecting an abnormal state of the industrial asset based on the set of transformed feature vectors and a predetermined static decision boundary, that separates a normal behavior and abnormal behavior, associated with the industrial asset, automatically and dynamically generating a dynamic decision boundary based on the set of transformed feature vectors, wherein the dynamic decision boundary is updated more frequently than the static decision boundary during a normal operation and is used concurrently with the static decision boundary to cover more restricted normal operating space, calculating an estimated neutralized value for each abnormal feature value based on the dynamic decision boundary and the static decision boundary to arrange and move a future set of feature vectors with respect to the static decision boundary to either a prior location or a safe zone in the feature dimensional space; performing an inverse transform of each estimated neutralized value to generate neutralized signals comprising the transformed time series of data; and outputting the neutralized signals. 16. The method of claim 15 , further comprising: determining that a number of monitoring nodes currently being attacked does not exceed a threshold value; and responsive to the determination, arranging for the future set of feature vectors to move in the feature space toward a previous location of the dynamic decision boundary within the static decision boundary. 17. The method of claim 15 , further comprising: determining that a number of monitoring nodes currently being attacked exceeds a threshold value; and responsive to the determination, arranging for the future set of feature vectors to move toward a predetermined location in the feature space. 18. The method of claim 17 , wherein the predetermined location is associated with one of a set of predetermined zones within the static decision boundary, and further comprising: selecting one of the predetermined zones as an appropriate predetermined location. 19. A non-transitory, computer-readable storage medium storing instructions that, when executed by a computer hardware processor, cause the computer hardware processor to perform a method of dynamic concurrent learning techniques to protect an industrial asset