Industrial control systems (ICSs) are a complicated integrated system that provide people with services by coordinating numerous vital infrastructures. ICSs is a system that keeps control and manages the condition of geographically separated remote facilities for significant national infrastructure providers, such as electricity, gas, water, and traffic. Computing and communication elements such as Programming Logic Controls (PLCs) and Supervisor Control and Data Acquisition (SCADA), as well as communications networks are used to achieve this control. Because of its nature, it is usually found in large places and is geographically dispersed. This sort of network connectivity is vulnerable to hacking. To mitigate those attacks from ICSs anomaly detection systems, play an important role as it can help to detect unknown attacks. The state of the art of ICS anomaly detection solutions relies on a single models based on a historical database. In this study, we proposed a hybrid deep learning approach to detect anomaly and we assessed the model's performance using Root Mean Square Error (RMSE), Mean Square Error (MSE), and Mean Absolute Error (MAE) to determine the anomaly threshold points. The result showed that the combined models (LSTM with GRU) and (Bi-LSTM with Bi-GRU) gave low RMSE, MSE, and MAE 0.0727, 0.0053, 0.0053 and 0.0957, 0.0092, 0.090 respectively. The proposed models were tested using Secure Water Treatment (SWaT) dataset which is an operational water treatment testbed operating both normal or attack condition. We used approximately 44K dataset for model development and used 80-20 ratio for dataset spilt. The overall proposed model performance measured based on recall, precision, F1 score and accuracy resulted (77%,88%,82% and 88%) respectively. The above result shows combined model outperformed than single model. Our recommendation for future researcher is to do root cause analysis on identified anomaly points. Keyword: Industry control system, anomaly detection, deep learning, machine learning