Your search keyword '"critical infrastructures"' showing total 67 results

1. Enhancing Critical Infrastructure Security: Unsupervised Learning Approaches for Anomaly Detection

Author

Andrea Pinto, Luis-Carlos Herrera, Yezid Donoso, and Jairo A. Gutierrez

Subjects

Unsupervised learning, IIoT, Cybersecurity, Critical infrastructures, Anomaly detection, Electronic computers. Computer science, QA75.5-76.95

Abstract

Abstract Traditional security detection methods face challenges in identifying zero-day attacks in critical infrastructures (CIs) integrated with the industrial internet of things (IIoT). These attacks exploit unknown vulnerabilities and are difficult to detect due to their connection to physical systems. The integration of legacy ICS networks with modern computing and networking technologies has significantly expanded the attack surface, making these systems more susceptible to cyber-attacks. Despite existing security measures, attackers continually find ways to breach these operating networks. Anomaly detection systems are critical in protecting these CIs from current cyber threats. This study investigates the effectiveness of unsupervised anomaly detection models in detecting operational anomalies that could lead to cyber-attacks, thereby disrupting and negatively impacting quality of life. We preprocess the data with a focus on cybersecurity and chose the SWAT dataset because it accurately represents the types of attack vectors that critical infrastructures commonly encounter. We evaluated the performance of isolation forest (IF), local outlier factor (LOF), one-class SVM (OCSVM), and Autoencoder algorithms—trained exclusively on normal data—in enhancing cybersecurity within IIoT environments. Our comprehensive analysis includes an assessment of each model’s detection capabilities. The findings highlight the VAE-LSTM model’s potential to identify cyber-attacks within seconds in a high-frequency dataset, suggesting near real-time detection capability. The final model combines the reconstruction ability of the variational autoencoder (VAE) with regularization using the Kullback–Leibler divergence, reflecting the non-Gaussian nature of industrial system data. Our model successfully detected 23 out of 26 attack scenarios in the SWAT dataset, demonstrating its effectiveness in improving the security of IIoT-based CIs.

Published

2024

2. Determining critical nodes in optimal cost attacks on networked infrastructures

Author

Ishfaq Ahmad, Addison Clark, Muhammad Ali, Hansheng Lei, David Ferris, and Alex Aved

Subjects

Security, Critical Infrastructures, Optimization, Graph Analysis, Computer engineering. Computer hardware, TK7885-7895, Computer software, QA76.75-76.765

Abstract

Abstract A wide range of critical infrastructures are connected via wide area networks as well as the Internet-of-Thing (IoT). Apart from natural disasters, these infrastructures, providing services such as electricity, water, gas, and Internet, are vulnerable to terrorist attacks. Clearly, damages to these infrastructures can have dire consequences on economics, health services, security and safety, and various business sectors. An infrastructure network can be represented as a directed graph in which nodes and edges denote operation entities and dependencies between entities, respectively. A knowledgeable attacker who plans to harm the system would aim to use the minimum amount of effort, cost, or resources to yield the maximum amount of damage. Their best strategy would be to attack the most critical nodes of the infrastructure. From the defender’s side, the strategy would be to minimize the potential damage by investing resources in bolstering the security of the critical nodes. Thus, in the struggle between the attacker and defender, it becomes important for both the attacker and defender to identify which nodes are most critically significant to the system. Identifying critical nodes is a complex optimization problem. In this paper, we first present the problem model and then propose a solution for computing the optimal cost attack while considering the failure propagation. The proposed model represents one or multiple interconnected infrastructures. While considering the attack cost of each node, the proposed method computes the optimal attack that a rational attacker would make. Our problem model simulates one of two goals: maximizing the damage for a given attack budget or minimizing the cost for a given amount of damage. Our technique obtains solutions to optimize the objective functions by utilizing integer-linear programming while observing the constraints for each of the specified goals. The paper reports an extensive set of experiments using various graphs. The results show the efficacy of our technique in terms of its ability to obtain solutions with fast turnaround times.

Published

2024

3. Using Artificial Intelligence in the Security of Cyber Physical Systems

Author

Zeynep Gürkaş Aydın and Murat Kazanç

Subjects

critical infrastructures, cyber physical system, cyber security, deep learning, machine learning, Industrial engineering. Management engineering, T55.4-60.8, Business, HF5001-6182

Abstract

The prominence of cyber security continues to increase on a daily basis. Following the cyber-attacks in recent years, governments have implemented a range of regulations. The advancement of technology and digitalization has led to the creation of new vulnerabilities that cyber attackers can exploit. The digitalization of facilities such as energy distribution networks and water infrastructures has enhanced their efficiency, thereby benefiting states and society. The modern sensors, controllers, and networks of these new generation facilities have made them susceptible to cyber attackers. While all forms of cyber-attacks are detrimental, targeting critical cyber-physical systems presents a heightened level of peril. These assaults have the potential to disrupt the social structure and pose a threat to human lives. Various techniques are employed to guarantee the security of these facilities, which is of utmost importance. This study examined the applications of machine learning and deep learning methods, which are sub-branches of artificial intelligence that have recently undergone a period of significant advancement. Intrusion detection systems are being created for the networks that facilitate communication among the hardware components of the cyber-physical system. Another potential application area involves the development of models capable of detecting anomalies and attacks in the data generated by sensors and controllers. Cyber physical systems exhibit a wide range of diversity. Due to the wide range of variations, it is necessary to utilize specific datasets for training the model. Generating a dataset through attacks on a functional cyber-physical system is unattainable. The study also analyzed the solutions to this problem. Based on the analyzed studies, it has been observed that the utilization of artificial intelligence enhances the security of cyber physical systems.

Published

2023

4. A review: Monitoring situational awareness of smart grid cyber‐physical systems and critical asset identification

Author

Yazeed Alrowaili, Neetesh Saxena, Anurag Srivastava, Mauro Conti, and Pete Burnap

Subjects

critical infrastructures, cyber‐physical systems, Computer engineering. Computer hardware, TK7885-7895, Electronic computers. Computer science, QA75.5-76.95

Abstract

Abstract Cyber‐Physical Systems (CPSs) are becoming more automated and aimed to be as efficient as possible by enabling integration between their operations and Information Technology (IT) resources. In combination with production automation, these systems need to identify their assets and the correlation between them; any potential threats or failures alert the relevant user/department and suggest the appropriate remediation plan. Moreover, identifying critical assets in these systems is essential. With numerous research and technologies available, assessing IT assets nowadays can be straightforward to implement. However, there is one significant issue of evaluating operational technology critical assets since they have different characteristics, and traditional solutions cannot work efficiently. This study presents the necessary background to attain the appropriate approach for monitoring critical assets in CPSs' Situational Awareness (SA). Additionally, the study presents a broad survey supported by an in‐depth review of previous works in three important aspects. First, it reviews the applicability of possible techniques, tools and solutions that can be used to collect detailed information from such systems. Secondly, it covers studies that were implemented to evaluate the criticality of assets in CPSs, demonstrates requirements for critical asset identification, explores different risks and failure techniques utilised in these systems and delves into approaches to evaluate such methods in energy systems. Finally, this paper highlights and analyses SA gaps based on existing solutions, provides future directions and discusses open research issues.

Published

2023

5. Design and Development Considerations of a Cyber Physical Testbed for Operational Technology Research and Education

Author

Salaheddin Hosseinzadeh, Dionysios Voutos, Darren Barrie, Nsikak Owoh, Moses Ashawa, and Alireza Shahrabi

Subjects

cyber-physical systems, industrial control systems, critical infrastructures, testbed, cybersecurity education, IT/OT convergence, Chemical technology, TP1-1185

Abstract

Cyber-physical systems (CPS) are vital in automating complex tasks across various sectors, yet they face significant vulnerabilities due to the rising threats of cybersecurity attacks. The recent surge in cyber-attacks on critical infrastructure (CI) and industrial control systems (ICSs), with a 150% increase in 2022 affecting over 150 industrial operations, underscores the urgent need for advanced cybersecurity strategies and education. To meet this requirement, we develop a specialised cyber-physical testbed (CPT) tailored for transportation CI, featuring a simplified yet effective automated level-crossing system. This hybrid CPT serves as a cost-effective, high-fidelity, and safe platform to facilitate cybersecurity education and research. High-fidelity networking and low-cost development are achieved by emulating the essential ICS components using single-board computers (SBC) and open-source solutions. The physical implementation of an automated level-crossing visualised the tangible consequences on real-world systems while emphasising their potential impact. The meticulous selection of sensors enhances the CPT, allowing for the demonstration of analogue transduction attacks on this physical implementation. Incorporating wireless access points into the CPT facilitates multi-user engagement and an infrared remote control streamlines the reinitialization effort and time after an attack. The SBCs overwhelm as traffic surges to 12 Mbps, demonstrating the consequences of denial-of-service attacks. Overall, the design offers a cost-effective, open-source, and modular solution that is simple to maintain, provides ample challenges for users, and supports future expansion.

Published

2024

6. Emergency Communication System Based on Wireless LPWAN and SD-WAN Technologies: A Hybrid Approach

Author

Vasileios Cheimaras, Nikolaos Peladarinos, Nikolaos Monios, Spyridon Daousis, Spyridon Papagiakoumos, Panagiotis Papageorgas, and Dimitrios Piromalis

Subjects

emergency communication systems, off-grid areas, critical infrastructures, LPWAN, SD-WAN, IoT platform, Applied mathematics. Quantitative methods, T57-57.97

Abstract

Emergency Communication Systems (ECS) are network-based systems that may enable people to exchange information during crises and physical disasters when basic communication options have collapsed. They may be used to restore communication in off-grid areas or even when normal telecommunication networks have failed. These systems may use technologies such as Low-Power Wide-Area(LPWAN) and Software-Defined Wide Area Networks (SD-WAN), which can be specialized as software applications and Internet of Things (IoT) platforms. In this article, we present a comprehensive discussion of the existing ECS use cases and current research directions regarding the use of unconventional and hybrid methods for establishing communication between a specific site and the outside world. The ECS system proposed and simulated in this article consists of an autonomous wireless 4G/LTE base station and a LoRa network utilizing a hybrid IoT communication platform combining LPWAN and SD-WAN technologies. The LoRa-based wireless network was simulated using Network Simulator 3 (NS3), referring basically to firm and sufficient data transfer between an appropriate gateway and LP-WAN sensor nodes to provide trustworthy communications. The proposed scheme provided efficient data transfer posing low data losses by optimizing the installation of the gateway within the premises, while the SD-WAN scheme that was simulated using the MATLAB simulator and LTE Toolbox in conjunction with an ADALM PLUTO SDR device proved to be an outstanding alternative communication solution as well. Its performance was measured after recombining all received data blocks, leading to a beneficial proposal to researchers and practitioners regarding the benefits of using an on-premises IoT communication platform.

Published

2023

7. Seismic Resilience in Critical Infrastructures: A Power Station Preparedness Case Study

Author

Gili Lifshitz Sherzer, Alon Urlainis, Shani Moyal, and Igal M. Shohet

Subjects

critical infrastructures, fragility curves, probabilistic risk analysis, benefit-to-cost analysis, mitigation strategies, Technology, Engineering (General). Civil engineering (General), TA1-2040, Biology (General), QH301-705.5, Physics, QC1-999, Chemistry, QD1-999

Abstract

The role of critical infrastructures in maintaining the functioning of the economy and society and ensuring national security, particularly their durability in delivering essential services during crises, including natural disasters such as earthquakes, is critical. This work introduces an analytical methodology to quantify potential earthquake damage to power stations and evaluate the cost-effectiveness of measures to enhance their seismic resistance. By employing fragility curves and probabilistic risk analyses, this approach provides a structured framework for the comprehensive assessment of risks and the identification of economically practical mitigation strategies. A detailed examination of strategies to protect critical power station components against seismic activity is presented, revealing that a minor investment relative to the overall project budget for earthquake-proofing measures is economically effective. This investment, representing a marginal fraction of 0.5% of the total project expenditure significantly reduces the seismic risk of power station failure by 36%. Reinforcing essential elements, including switching stations, water treatment facilities, and water tanks, is emphasized to ensure their continued operation during and after an earthquake. This research highlights the critical significance of integrating risk assessment with benefit-to-cost analysis in strategic decision-making processes, supporting the prioritization of investments in infrastructure enhancements. These enhancements promise substantial reductions of risks at minimal costs, thus protecting essential services against the impacts of natural disasters. This research contributes to state-of-the-art research in critical infrastructures resilience.

Published

2024

8. A Systematic Approach of Global Sensitivity Analysis and Its Application to a Model for the Quantification of Resilience of Interconnected Critical Infrastructures

Author

Xing Liu, Enrico Zio, Emanuele Borgonovo, and Elmar Plischke

Subjects

critical infrastructures, resilience, dynamic model, global sensitivity analysis, importance measure, Technology

Abstract

We consider a model for the resilience analysis of interconnected critical infrastructures (ICIs) that describes the dependencies among the subsystems within the ICIs and their time-varying behavior. The model response is a function of uncertain inputs comprising ICIs design parameters and failure magnitudes of vulnerable elements in the system, etc. In this methodological paper, we present a systematic approach based on an innovative blend of methods to perform a sensitivity analysis for identifying the most relevant variables affecting the system resilience at different stages, during a disruptive event. The methods considered include the following: the use of the graphical representation of Cusunoro curves for a visualization of the impact of an input on the resilience metric and an understanding of whether the associated dependence is monotonic, increasing, or decreasing; the introduction of an ensemble of indicators related to different properties of the resilience metric to allow the prioritization of variable importance and avoid false negatives, meaning to regard a variable as non-influential when, instead, it plays a relevant role in the determination of the model response; the calculation of first-order variance-based sensitivity indices to have an appreciation on the relevance of interactions when inputs are independent; and a data approach to visually identify relevant second-order interactions. All the sensitivity methods considered are performed on a provided sample, and do not require additional model evaluations. They allow the analyst to post-process the data to extract, simultaneously, several desirable insights. The systematic approach proposed to apply these methods allows us to identify the model input variables and parameters that are not very relevant, while it enables the identification of the relevant ones which allows prioritizing interventions on the vulnerable elements of the system for its resilience at different stages during a disruptive event. Given the methodological nature of the work, a simplified infrastructure model describing an interconnected gas network and electric power grid is taken as case study: this allows us to show that the approach is straightforward to understand and implement, and the results obtained show the usefulness of the approach in providing meaningful insights that can be used by stakeholders and decision makers to inform strategies for the improvement of system resilience. By the application of the simplified ICIs model to the case study, it is shown that the approach can be straightforwardly implemented to identify the most relevant variables on system resilience and obtain the most important subsystems. The key factors which affect system resilience in multiple initial failures scenarios are found; this allows us to identify the key resilience improvement measurements, and their priorities.

Published

2024

9. Infrastructure Impact Assessment through Multi-Hazard Analysis at Different Scales: The 26 November 2022 Flood Event on the Island of Ischia and Debris Management

Author

Sergio Cappucci, Maurizio Pollino, Maria Giuseppina Farrace, Lorenzo Della Morte, and Valerio Baiocchi

Subjects

hazard mapping, multi-hazard analysis, critical Infrastructures, debris management, Casamicciola landslide, Agriculture

Abstract

A multi-hazard analysis (seismic, landslide, flood) is conducted to verify the impact on the road network. The ENEA CIPCast platform is an innovative Decision Support System (DSS) that is used to implement the analyses using GIS. Using analytical and geoprocessing tools, the hazards were assessed and mapped. The overlapping of different geospatial layers allowed the implementation of a specific hazard map for the road network. Multi-hazard values were obtained using an appropriate matrix of single values, which were classified, and then summarized into four classes of values. The analyses were conducted at the regional (Campania region), provincial (Metropolitan City of Naples), and local scales (island of Ischia and municipality of Casamicciola Terme). In particular, the landslide event that struck Ischia island on 26 November 2022 and the municipality of Casamicciola Terme was considered as a case study to determine the impact on the road network, infrastructures, buildings, and jeopardizing inter-municipal connections. The results are mainly visualized through map processing and statistical summaries of the data. The management of the landslide debris, which can contain a multitude of fractions (waste, biomass and vegetation, sludge, soil, and rocks transported downstream by water), was also explored. This is a frontier issue for which international manuals and guidelines, as well as national and emergency acts, have been examined. A specific protocol for the sustainable management of the debris generated by floods and landslides is needed, and discussed in the present paper, to overcome emergencies after catastrophic events.

Published

2024

10. Workforce Management during the Time of COVID-19—Lessons Learned and Future Measures

Author

Rupkatha Bardhan, Traci Byrd, and Julie Boyd

Subjects

industries, essential businesses, critical infrastructures, COVID-19, challenges, best practices, Specialties of internal medicine, RC581-951

Abstract

Industries worldwide have faced continuous burdens since the beginning of the COVID-19 pandemic, while adjusting to rapidly changing rules and regulations. Industries need to be prepared to remain operational and productive in the face of current and emergent pathogens. While several businesses could remain functional through remote work, critical industries faced closings, worker shortages, and loss of productivity. Pharmaceutical industries were blessed with an increase in the stock market and creation of new jobs, but faced serious severe challenges due to shortage of medicines and drugs. Critical infrastructures such as healthcare, food and agriculture, manufacturing, construction, transportation, retail, waterworks, and waste management took a significant hit during the pandemic, and are still suffering from worker shortages to function optimally. Above all odds, companies were able to maintain the necessities by implementing strict safety protocols such as thorough and repeated cleaning, use of hand sanitizer/disinfectants, wearing face masks and personal protective equipment, and maintaining social distancing. This article addresses how COVID-19 disrupted normal operations on a large scale, and how essential businesses have learned to assess the impact, handle situations effectively, and become resilient for future crises. Best practices were tailored to each industry sector to prepare for and address the pandemic.

Published

2022

11. Multi-Agent Based Stochastic Dynamical Model to Measure Community Resilience

Author

Jaber Valinejad, Lamine Mili, and C. Natalie Van Der Wal

Subjects

community resilience, collective behavior, emergency services, power systems, critical infrastructures, artificial society, overview, design concepts, details, and decision (odd+d), cyber-physical-social system, Electronic computers. Computer science, QA75.5-76.95, Social sciences (General), H1-99

Abstract

Emergency services and utilities need appropriate planning tools to analyze and improve infrastructure and community resilience to disasters. Recognized as a key metric of community resilience is the social well-being of a community during a disaster, which is made up of mental and physical social health. Other factors influencing community resilience directly or indirectly are emotional health, emergency services, and the availability of critical infrastructures services, such as food, agriculture, water, transportation, electric power, and communications system. It turns out that in computational social science literature dealing with community resilience, the role of these critical infrastructures along with some important social characteristics is not considered. To address these weaknesses, we develop a new multi-agent based stochastic dynamical model, standardized by overview, design concepts, details, and decision (ODD+D) protocol and derived from neuro-science, psychological and social sciences, to measure community resilience in terms of mental and physical well-being. Using this model, we analyze the micro-macro level dependence between the emergency services and power systems and social characteristics such as fear, risk perception, information-seeking behaviour, cooperation, flexibility, empathy, and experience, in an artificial society. Furthermore, we simulate this model in two case studies and show that a high level of flexibility, experience, and cooperation enhances community resilience. Implications for both theory and practice are discussed.

Published

2022

12. Threats, Attacks, and Cryptography Frameworks of Cybersecurity in Critical Infrastructures

Author

Kyriaki Tsantikidou and Nicolas Sklavos

Subjects

Critical Infrastructures, cybersecurity, cryptography, threats and attacks, mitigation, smart health, Technology

Abstract

Critical Infrastructures (CIs), such as healthcare facilities, power grids, transportation systems, and financial institutions, are vital components of a functioning society, with the economy and safety being dependent on them. Nevertheless, they have become increasingly vulnerable to cyber threats and attacks in recent years. The main reason is their inability to quickly adapt to technological changes, employ updated cryptographic frameworks, and implement a thoroughly secure architecture based on their characteristics. In this study, the unique complexities of these systems are highlighted. Various verified cyberattacks that were executed against CIs in recent years are analyzed. Moreover, the general framework of CIs is demonstrated together with the employed technologies and cryptographic primitives. A thorough architecture of said technologies is developed to better understand the targeted components and easily identify potentially hidden threats. Afterwards, threat, adversary, and attack models that target critical systems and services are designed. The purpose is a better comprehension of the systems’ vulnerabilities, attack structures, motives, and targets for assisting CIs’ designers in creating secure frameworks and mechanisms, with the ability to mitigate such threats. Lastly, security controls and cryptography frameworks are demonstrated together with efficient mitigation architectures and implementations from the research community.

Published

2024

13. Safeguarding Critical Infrastructures: Machine Learning in Cybersecurity

Author

Kalnawat Aarti, Dhabliya Dharmesh, Vydehi Kasichainula, Dhablia Anishkumar, and Kumar Santosh D.

Subjects

machine learning, cybersecurity, critical infrastructures, cnn, lstm, Environmental sciences, GE1-350

Abstract

It has become essential to protect vital infrastructures from cyber threats in an age where technology permeates every aspect of our lives. This article examines how machine learning and cybersecurity interact, providing a thorough overview of how this dynamic synergy might strengthen the defence of critical systems and services. The hazards to public safety and national security from cyberattacks on vital infrastructures including electricity grids, transportation networks, and healthcare systems are significant. Traditional security methods have failed to keep up with the increasingly sophisticated cyber threats. Machine learning offers a game-changing answer because of its ability to analyse big datasets and spot anomalies in real time. The goal of this study is to strengthen the defences of key infrastructures by applying machine learning algorithms, such as CNN, LSTM, and deep reinforcement learning for anomaly algorithm. These algorithms can anticipate weaknesses and reduce possible breaches by using historical data and continuously adapting to new threats. The research also looks at issues with data privacy, algorithm transparency, and adversarial threats that arise when applying machine learning to cybersecurity. For machine learning technologies to be deployed successfully, these obstacles must be removed. Protecting vital infrastructures is essential as we approach a day where connectivity is pervasive. This study provides a road map for utilising machine learning to safeguard the foundation of our contemporary society and make sure that our vital infrastructures are robust in the face of changing cyberthreats. The secret to a safer and more secure future is the marriage of cutting-edge technology with cybersecurity knowledge.

Published

2024

14. Overview of Protocols and Standards for Wireless Sensor Networks in Critical Infrastructures

Author

Spyridon Daousis, Nikolaos Peladarinos, Vasileios Cheimaras, Panagiotis Papageorgas, Dimitrios D. Piromalis, and Radu Adrian Munteanu

Subjects

critical infrastructures, wireless sensor networks, protocols, standards, Information technology, T58.5-58.64

Abstract

This paper highlights the crucial role of wireless sensor networks (WSNs) in the surveillance and administration of critical infrastructures (CIs), contributing to their reliability, security, and operational efficiency. It starts by detailing the international significance and structural aspects of these infrastructures, mentions the market tension in recent years in the gradual development of wireless networks for industrial applications, and proceeds to categorize WSNs and examine the protocols and standards of WSNs in demanding environments like critical infrastructures, drawing on the recent literature. This review concentrates on the protocols and standards utilized in WSNs for critical infrastructures, and it concludes by identifying a notable gap in the literature concerning quality standards for equipment used in such infrastructures.

Published

2024

15. Sustainability and Resilience of Engineering Assets

Author

Nuno Marques de Almeida and Adolfo Crespo

Subjects

engineering asset management, sustainable development, resilience, life cycle management, decision making, critical infrastructures, Technology, Engineering (General). Civil engineering (General), TA1-2040, Biology (General), QH301-705.5, Physics, QC1-999, Chemistry, QD1-999

Abstract

The frequency and severity of natural or human-induced disaster events, such as floods, earthquakes, hurricanes, fires, pandemics, hazardous material spills, groundwater contamination, structural failures, explosions, etc., as well as their impacts, have greatly increased in recent decades due to population growth and extensive urbanization, among other factors. The World Bank estimates that the total cost of cities’ and communities’ vulnerability to these types of disasters could reach more than USD 300 billion per year by 2030. However, it has been argued that investment to improve the quality and resilience of engineered physical assets that are the backbone of modern societies, such as critical infrastructure, industrial facilities, and buildings, could significantly contribute to more sustainable and prosperous societies. Engineered assets are key to the delivery of essential services, such as transport, food, water, electricity supply, health and safety, etc. Some of these physical assets are integrated into asset systems and national or regional networks, with life cycles of several decades or even centuries. It is, therefore, of great importance that strategies and life cycle decisions, such as those related to short- and long-term capital investment planning, maintenance strategies, operational plans, and asset disposal, lead to the maximization of the value derived from these assets. Moreover, it is essential that the achievement of these goals is sustainable over time. Organizations dealing with engineering assets, both public and private, must, therefore, integrate sustainability and resilience concerns into everyday operations, using budgets that are often restricted, while also meeting demanding performance requirements in risky and uncertain environments. This Special Issue collates a selection of papers reporting the latest research and case studies regarding the trends and emerging strategies used to address these challenges, with contributions discussing how asset management principles and techniques can help to push the boundaries of sophistication and innovation to improve the life cycle management of engineered assets to ensure more sustainable and resilient cities and societies.

Published

2023

16. Colonial Railways of Mozambique: Critical and Vulnerable Infrastructure, 1880s-1930s

Author

Pereira Hugo Silveira

Subjects

critical infrastructures, colonialism, imperialism, scramble for africa, history of technology, History (General), D1-2009

Abstract

In the early 1880s, Portugal began the construction of railways in its colonies. The main goals were to reinforce Portuguese presence and increase colonial revenue. This paper aims to analyse the transnational railways built in Mozambique, between the 1880s and the 1930s, as critical infrastructure (or critical systems). I argue that the lack of railways in Mozambique was the cause for deep concern and fostered a “sense of urgency” among the Portuguese authorities, as this could potentially jeopardise the Portuguese imperial project. Railways were considered critical to bolstering Portugal’s sovereignty, as well as to exploit local resources and attract traffic from neighbouring territories. Once built, the railways revealed two major vulnerabilities: competition from South African ports and dependence on British capital. A few episodes involving Portuguese and British agents highlighted these vulnerabilities and motivated Portuguese policymakers to find solutions. This paper explores these topics based on a comprehensive literature review and the use of primary sources, intended to provide a novel approach to Portuguese colonial railways.

Published

2022

17. Towards Integration of Security and Safety Measures for Critical Infrastructures Based on Bayesian Networks and Graph Theory: A Systematic Literature Review

Author

Sandeep Pirbhulal, Vasileios Gkioulos, and Sokratis Katsikas

Subjects

graph theory, Bayesian networks, safety, security, critical infrastructures, literature review, Applied mathematics. Quantitative methods, T57-57.97

Abstract

In recent times, security and safety are, at least, conducted in safety-sensitive or critical sectors. Nevertheless, both processes do not commonly analyze the impact of security risks on safety. Several scholars are focused on integrating safety and security risk assessments, using different methodologies and tools in critical infrastructures (CIs). Bayesian networks (BN) and graph theory (GT) have received much attention from academia and industries to incorporate security and safety features for different CI applications. Hence, this study aims to conduct a systematic literature review (SLR) for co-engineering safety and security using BN or GT. In this SLR, the preferred reporting items for systematic reviews and meta-analyses recommendations (PRISMA) are followed. Initially, 2295 records (acquired between 2011 and 2020) were identified for screening purposes. Later on, 240 articles were processed to check eligibility criteria. Overall, this study includes 64 papers, after examining the pre-defined criteria and guidelines. Further, the included studies were compared, regarding the number of required nodes for system development, applied data sources, research outcomes, threat actors, performance verification mechanisms, implementation scenarios, applicability and functionality, application sectors, advantages, and disadvantages for combining safety, and security measures, based on GT and BN. The findings of this SLR suggest that BN and GT are used widely for risk and failure management in several domains. The highly focused sectors include studies of the maritime industry (14%), vehicle transportation (13%), railway (13%), nuclear (6%), chemical industry (6%), gas and pipelines (5%), smart grid (5%), network security (5%), air transportation (3%), public sector (3%), and cyber-physical systems (3%). It is also observed that 80% of the included studies use BN models to incorporate safety and security concerns, whereas 15% and 5% for GT approaches and joint GT and BN methodologies, respectively. Additionally, 31% of identified studies verified that the developed approaches used real-time implementation, whereas simulation or preliminary analysis were presented for the remaining methods. Finally, the main research limitations, concluding remarks and future research directions, are presented

Published

2021

18. Intrusion Detection in Critical Infrastructures: A Literature Review

Author

Fountas Panagiotis, Kouskouras Taxiarxchis, Kranas Georgios, Leandros Maglaras, and Mohamed Amine Ferrag

Subjects

critical infrastructures, intrusion detection systems, digitization, Engineering (General). Civil engineering (General), TA1-2040

Abstract

Over the years, the digitization of all aspects of life in modern societies is considered an acquired advantage. However, like the terrestrial world, the digital world is not perfect and many dangers and threats are present. In the present work, we conduct a systematic review on the methods of network detection and cyber attacks that can take place in a critical infrastructure. As is shown, the implementation of a system that learns from the system behavior (machine learning), on multiple levels and spots any diversity, is one of the most effective solutions.

Published

2021

19. Towards attaining the recommended Humanitarian Sphere Standards of sanitation in Bidibidi refugee camp found in Yumbe District, Uganda

Author

Zaitun Bako, Alex Barakagira, and Ameria Nabukonde

Subjects

Critical infrastructures, Humanitarian Sphere Standards, Refugees, Bidibidi, Uganda, Anthropology, GN1-890, International relations, JZ2-6530

Abstract

Abstract Adequate sanitation is one of the most important aspects of community well-being. It reduces the rates of morbidity and severity of various diseases like diarrhea, dysentery, and typhoid among others. A study about toward the attainment of the recommended Humanitarian Sphere Standards on sanitation in Bidibidi refugee camp, Yumbe District, was initiated. A total of 210 households distributed in Bidibidi refugee camp were randomly selected and one adult person interviewed to assess the accessibility of different sanitation facilities, and to explore the sanitation standards of the sanitation facilities in relation to the recommended Humanitarian Sphere Standards in the area. Pit latrines, hand washing facilities, and solid waste disposal areas as reported by 81.4%, 86.7%, and 51.9% of the respondents respectively, are the main sanitation facilities accessed in the refugee camp. Despite their accessibility, the standards of the pit latrines, hand washing, and solid waste disposal facilities are below the recommended standards, which might have contributed to the outbreak of sanitation related diseases (χ2 = 19.66, df = 1, P = 0.05) in Bidibidi refugee camp. The respondents in the study area were aware that the presence of the sanitation-related diseases was because of the low-level sanitation practices in place (χ2 = 4.54, df = 1, P = 0.05). The inaccessibility to some sanitation facilities by some respondents was found to be related to their low level of education (χ2 = 130.37, df = 1, P = 0.05). This implies that the sanitation facilities in Bidibidi refugee camp need to be redesigned and improved especially the pit latrines and the solid waste disposal facilities in order to meet the minimum Humanitarian Sphere Standards. Also, there should be more provision of taps with flowing water in the camp for effective washing practices to minimize the spread of sanitation-related diseases.

Published

2021

20. Disaster Management in Smart Cities

Author

Luís B. Elvas, Bruno Miguel Mataloto, Ana Lúcia Martins, and João C. Ferreira

Subjects

risk assessment, security, emergency systems, smart cities, disaster management, critical infrastructures, Engineering (General). Civil engineering (General), TA1-2040

Abstract

The smart city concept, in which data from different systems are available, contains a multitude of critical infrastructures. This data availability opens new research opportunities in the study of the interdependency between those critical infrastructures and cascading effects solutions and focuses on the smart city as a network of critical infrastructures. This paper proposes an integrated resilience system linking interconnected critical infrastructures in a smart city to improve disaster resilience. A data-driven approach is considered, using artificial intelligence and methods to minimize cascading effects and the destruction of failing critical infrastructures and their components (at a city level). The proposed approach allows rapid recovery of infrastructures’ service performance levels after disasters while keeping the coverage of the assessment of risks, prevention, detection, response, and mitigation of consequences. The proposed approach has the originality and the practical implication of providing a decision support system that handles the infrastructures that will support the city disaster management system—make the city prepare, adapt, absorb, respond, and recover from disasters by taking advantage of the interconnections between its various critical infrastructures to increase the overall resilience capacity. The city of Lisbon (Portugal) is used as a case to show the practical application of the approach.

Published

2021

21. Cloning and training collective intelligence with generative adversarial networks

Author

Vagan Terziyan, Mariia Gavriushenko, Anastasiia Girka, Andrii Gontarenko, and Olena Kaikova

Subjects

decision making, learning (artificial intelligence), critical infrastructures, Manufactures, TS1-2301, Technological innovations. Automation, HD45-45.2

Abstract

Abstract Industry 4.0 and highly automated critical infrastructure can be seen as cyber‐physical‐social systems controlled by the Collective Intelligence. Such systems are essential for the functioning of the society and economy. On one hand, they have flexible infrastructure of heterogeneous systems and assets. On the other hand, they are social systems, which include collaborating humans and artificial decision makers. Such (human plus machine) resources must be pre‐trained to perform their mission with high efficiency. Both human and machine learning approaches must be bridged to enable such training. The importance of these systems requires the anticipation of the potential and previously unknown worst‐case scenarios during training. In this paper, we provide an adversarial training framework for the collective intelligence. We show how cognitive capabilities can be copied (“cloned”) from humans and trained as a (responsible) collective intelligence. We made some modifications to the Generative Adversarial Networks architectures and adapted them for the cloning and training tasks. We modified the Discriminator component to a so‐called “Turing Discriminator”, which includes one or several human and artificial discriminators working together. We also discussed the concept of cellular intelligence, where a person can act and collaborate in a group together with their own cognitive clones.

Published

2021

22. Developing Resilient Cyber-Physical Systems: A Review of State-of-the-Art Malware Detection Approaches, Gaps, and Future Directions

Author

M. Imran Malik, Ahmed Ibrahim, Peter Hannay, and Leslie F. Sikos

Subjects

critical infrastructures, cyber-physical systems, malware, metaheuristics, nature-inspired algorithms, optimization, Electronic computers. Computer science, QA75.5-76.95

Abstract

Cyber-physical systems (CPSes) are rapidly evolving in critical infrastructure (CI) domains such as smart grid, healthcare, the military, and telecommunication. These systems are continually threatened by malicious software (malware) attacks by adversaries due to their improvised tactics and attack methods. A minor configuration change in a CPS through malware has devastating effects, which the world has seen in Stuxnet, BlackEnergy, Industroyer, and Triton. This paper is a comprehensive review of malware analysis practices currently being used and their limitations and efficacy in securing CPSes. Using well-known real-world incidents, we have covered the significant impacts when a CPS is compromised. In particular, we have prepared exhaustive hypothetical scenarios to discuss the implications of false positives on CPSes. To improve the security of critical systems, we believe that nature-inspired metaheuristic algorithms can effectively counter the overwhelming malware threats geared toward CPSes. However, our detailed review shows that these algorithms have not been adapted to their full potential to counter malicious software. Finally, the gaps identified through this research have led us to propose future research directions using nature-inspired algorithms that would help in bringing optimization by reducing false positives, thereby increasing the security of such systems.

Published

2023

23. Evaluarea multidimensională a riscurilor infrastructurilor critice spațiale: factorul uman

Author

Marius Eugen OPRAN, Olga BUCOVEȚCHI, Ulpia Elena BOTEZATU, and Radu D. STANCIU

Subjects

risk assessment, critical infrastructures, space systems, multidimensional analysis, Automation, T59.5, Information technology, T58.5-58.64

Abstract

The paper presents some risks from outer space, elaborating on a risk profile for critical space infrastructure by presenting, in short, the problem of space weather phenomena, space debris and near-Earth objects. At the same time, the analysis also takes into account the development of anti-satellite weapons and other forms of space warfare. The main novelty of the scientific approach is the attempt to introduce a new paradigm in the field of critical space infrastructure, i.e. the human factor as a component that is currently missing from the literature. The analysis proves that the risk profile of the physical component is similar to the risk profile generated by the same spectrum of threats to the human component.

Published

2020

24. Seismic Risk Mitigation and Management for Critical Infrastructures Using an RMIR Indicator

Author

Alon Urlainis and Igal M. Shohet

Subjects

critical infrastructures, earthquake, risk mitigation, risk management, Building construction, TH1-9745

Abstract

Recent earthquake events have highlighted the importance of critical infrastructure (CI) resilience, as a strong correlation was found between economic loss and severity of CI damage. CIs are characterized by a complex structure composed of sub-components that are essential for the continuous performance of the system. CI owners and governments allocate ample resources to retrofitting and upgrading CI systems and components to increase the resilience of CIs and reduce risk in case of seismic events. Governments and decision makers must manage and optimize the retrofitting efforts to meet budget and time constraints. This research presents a probabilistic methodology for CI seismic risk mitigation and management. The risk expectancy is appraised according to an FTA-based stochastic simulation. The simulation includes the development of exclusive fragility curves for the CI and an examination of the expected damage distribution as a function of earthquake intensity and fragility uncertainty of the components. Furthermore, this research proposes a novel RMIR (risk mitigation to investment ratio) indicator for the priority setting of seismic mitigation alternatives. The RMIR is a quantitative indicator that evaluates each alternative’s cost-effectiveness in terms of risk expectancy mitigation. Following the alternative’s RMIR value, it is possible to prioritize the alternatives meeting budget and time constraints. This paper presents the implementation of the proposed methodology through a case study of a generic oil pumping station. The case study includes twelve mitigation alternatives examined and evaluated according to the RMIR indicator.

Published

2022

25. An Interdisciplinary Approach to Machine Learning for Critical Infrastructure Protection

Author

Mario La Manna

Subjects

network security, environment monitoring, situational awareness, machine learning, critical infrastructures, Information technology, T58.5-58.64, Communication. Mass media, P87-96

Abstract

Critical infrastructure protection faces increasing challenges, both in quality and in quantity. Most of the present security systems fully rely on automated mechanisms, which replace human operators, in order to perform computation intensive tasks and/or to work in extreme conditions. However, this solution presents some drawbacks with respect to the system performance. In order to provide effective measures against the pressure of new and sophisticated threats, an interdisciplinary approach, based on suitably coupling machine learning with human judgment, results as the right choice. In fact, this solution is particularly helpful for implementing efficient solutions capable of controlling critical scenarios and reacting effectively towards sophisticated threats. This paper discusses the proposed approach and demonstrates that this approach is the best choice for the effective protection of critical infrastructures.

Published

2019

26. On the Generation of Anomaly Detection Datasets in Industrial Control Systems

Author

Angel Luis Perales Gomez, Lorenzo Fernandez Maimo, Alberto Huertas Celdran, Felix J. Garcia Clemente, Cristian Cadenas Sarmiento, Carlos Javier Del Canto Masa, and Ruben Mendez Nistal

Subjects

Anomaly detection, critical infrastructures, industrial control, industrial control systems, industry applications, machine learning, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

In recent decades, Industrial Control Systems (ICS) have been affected by heterogeneous cyberattacks that have a huge impact on the physical world and the people's safety. Nowadays, the techniques achieving the best performance in the detection of cyber anomalies are based on Machine Learning and, more recently, Deep Learning. Due to the incipient stage of cybersecurity research in ICS, the availability of datasets enabling the evaluation of anomaly detection techniques is insufficient. In this paper, we propose a methodology to generate reliable anomaly detection datasets in ICS that consists of four steps: attacks selection, attacks deployment, traffic capture and features computation. The proposed methodology has been used to generate the Electra Dataset, whose main goal is the evaluation of cybersecurity techniques in an electric traction substation used in the railway industry. Using the Electra dataset, we train several Machine Learning and Deep Learning models to detect anomalies in ICS and the performed experiments show that the models have high precision and, therefore, demonstrate the suitability of our dataset for use in production systems.

Published

2019

27. A Synthetic Case Study for Analysis of the Rising Interdependency Between the Power Grid and E-Mobility

Author

Hmed Ali A. Moham

Subjects

Benchmark problem, critical infrastructures, e-mobility, power grid, urban areas, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Critical infrastructures are interdependent systems that are continuously evolving. Their evolution is, oftentimes, in a way that tightens, or creates new, interdependences. As urban areas continue to develop, the philosophy of officials and policy makers to meet growth in the energy demand tends to prioritize sustainable planning by deferring infrastructural upgrades and relying instead on the smart operation. Relying on information and communication technology (ICT) network is a prerequisite to achieving smart operation. With the anticipated high penetration of distributed energy resources (DERs) and electric vehicles (EVs), increased reliance on real-time monitoring and control is a must for the power grid to handle such unprecedented levels of load/generation uncertainties. This paper sheds light on how the power grid, the ICT network, and the transportation network are interrelated and interdependent. This paper also presents a benchmark problem for this type of research and a case study. Initial results of the case study show that the impact of these rising interdependences may be significant and must be fully understood and taken into consideration.

Published

2019

28. Development of Exclusive Seismic Fragility Curves for Critical Infrastructure: An Oil Pumping Station Case Study

Author

Alon Urlainis and Igal M. Shohet

Subjects

critical infrastructures, damage assessment, risk, seismic fragility, vulnerability, Building construction, TH1-9745

Abstract

Fragility curves are a common tool to appraise the expected damage to critical infrastructure (CI) after an earthquake event. Previous studies offer fragility curve parameters for CI that are suitable for a vast range of systems, without an in-depth examination of the system architecture and subcomponents. These curves are applicable in cases where a thorough analysis is not required or when the information related to a single system is poor. This paper proposes an original approach and presents a comprehensive methodology for developing exclusive fragility curves for critical infrastructure systems. In the proposed methodology, the fragility curves are developed by a decomposition of the system into its main subcomponents and determination of the failure mechanisms. The derivation of the fragility parameters includes failure analysis for each damage state by a Fault Tree Analysis and approximation of the fragility parameters in accordance with the rate of exceedance. The implementation of the methodology is demonstrated by a case study with three alternatives of an oil pumping plant configuration. It was found that a change of a subcomponent has an effect on the derived values of the fragility parameters. Moreover, the variances in the fragility parameters have implications for the effectiveness of each alternative to resist different levels of severity.

Published

2022

29. Preventing and Managing Risks Induced by Natural Hazards to Critical Infrastructures

Author

Giacomo Buffarini, Paolo Clemente, Sonia Giovinazzi, Chiara Ormando, Maurizio Pollino, and Vittorio Rosato

Subjects

critical infrastructures, natural risk prevention, managing of natural risks, structural health monitoring, Technology

Abstract

A procedure for assessing and monitoring the response of critical infrastructures when subjected to natural hazards is proposed in this paper, with a particular focus on bridges and viaducts, which are very peculiar and strategic assets of transport networks. The proposed procedure is characterized by three levels of analysis (L1–L3) with increasing reliability and complexity. The first level of analysis (L1) is carried out by evaluating a Class of Attention in line with the approach that is proposed by the Italian Guidelines for the safety assessment of bridges. The second level (L2) of analysis requires the definition of a numerical model of the bridge. The third level (L3) of analysis relies on the seismic response data from a seismic monitoring network. For all the three levels of the proposed procedure, data are collected in the CIPCast Decision Support System (CIPCast-DSS), a WebGIS platform developed by ENEA to support the decision-making process related to risk prevention and the management of impacts induced by natural hazards on critical infrastructures. The real-time analysis of the data collected and processed in the CIPcast-DSS in post-disaster circumstances provides a quasi-real-time prediction of the impacted infrastructures, and the extent of damages they could have suffered before a local inspection and analysis could take place. The continuous static and dynamic monitoring in periods without seismic events enables the planning of preventive and effective maintenance interventions.

Published

2022

30. Federated Learning for Intrusion Detection in the Critical Infrastructures: Vertically Partitioned Data Use Case

Author

Evgenia Novikova, Elena Doynikova, and Sergey Golubev

Subjects

intrusion detection, critical infrastructures, confidential data, federated learning, vertically partitioned data, gradient boosting decision trees, Industrial engineering. Management engineering, T55.4-60.8, Electronic computers. Computer science, QA75.5-76.95

Abstract

One of the challenges in the Internet of Things systems is the security of the critical data, for example, data used for intrusion detection. The paper research construction of an intrusion detection system that ensures the confidentiality of critical data at a given level of intrusion detection accuracy. For this goal, federated learning is used to train an intrusion detection model. Federated learning is a computational model for distributed machine learning that allows different collaborating entities to train one global model without sharing data. This paper considers the case when entities have data that are different in attributes. Authors believe that it is a common situation for the critical systems constructed using Internet of Things (IoT) technology, when industrial objects are monitored by different sets of sensors. To evaluate the applicability of the federated learning for this case, the authors developed an approach and an architecture of the intrusion detection system for vertically partitioned data that consider the principles of federated learning and conducted the series of experiments. To model vertically partitioned data, the authors used the Secure Water Treatment (SWaT) data set that describes the functioning of the water treatment facility. The conducted experiments demonstrate that the accuracy of the intrusion detection model trained using federated learning is compared with the accuracy of the intrusion detection model trained using the centralized machine learning model. However, the computational efficiency of the learning and inference process is currently extremely low. It is explained by the application of homomorphic encryption for input data protection from different data owners or data sources. This defines the necessity to elaborate techniques for generating attributes that could model horizontally partitioned data even for the cases when the collaborating entities share datasets that differ in their attributes.

Published

2022

31. Cybersicherheit

Author

Karsten Weber, Markus Christen, and Dominik Herrmann

Subjects

cybersecurity, cyberattacks, critical infrastructures, resilience, Social sciences (General), H1-99, Technology (General), T1-995

Abstract

Die monetären Kosten, die jährlich weltweit durch Cyberattacken entstehen, wachsen stetig und bewegen sich in Dimensionen, die mit öffentlichen Haushalten ganzer Staaten verglichen werden können. Cyberattacken treffen Individuen, Unternehmen, öffentliche Einrichtungen, Behörden und Regierungen; sie treffen eine Infrastruktur, ohne die moderne Gesellschaften kaum mehr funktionieren. Doch die Gewährleistung von Cybersicherheit kann zu Zielkonflikten führen. Die Technologien zur Herstellung von Sicherheit und Resilienz dieser Infrastruktur sollten daher Gegenstand der Technikfolgenabschätzung sein.

Published

2020

32. Bedrohung, Verwundbarkeit, Werte und Schaden

Author

Karsten Weber, Markus Christen, and Dominik Herrmann

Subjects

cybersecurity, cyberattacks, critical infrastructures, resilience, Social sciences (General), H1-99, Technology (General), T1-995

Abstract

Die monetären Kosten, die jährlich weltweit durch Cyberattacken entstehen, wachsen stetig und bewegen sich in Dimensionen, die mit öffentlichen Haushalten ganzer Staaten verglichen werden können. Cyberattacken treffen Individuen, Unternehmen, öffentliche Einrichtungen, Behörden und Regierungen; sie treffen eine Infrastruktur, ohne die moderne Gesellschaften kaum mehr funktionieren. Doch die Gewährleistung von Cybersicherheit kann zu Zielkonflikten führen. Die Technologien zur Herstellung von Sicherheit und Resilienz dieser Infrastruktur sollten daher Gegenstand der Technikfolgenabschätzung sein.

Published

2020

33. A critical space infrastructure perspective on Romanian national security

Author

Olga BUCOVEȚCHI, Alexandru GEORGESCU, Marilena LAZĂR, and Carmen CÎRNU

Subjects

space systems, critical infrastructures, resilience, national security, Automation, T59.5, Information technology, T58.5-58.64

Abstract

Critical infrastructures are vital sociotechnical systems whose destruction or disruption would have a significant impact on the functioning of society on multiple levels. There is a growing body of literature which argues that space systems are a new category of critical infrastructures, with their own specific traits and exposure to a challenging security environment. This article presents the case for space systems as critical infrastructure and presents the relevance of these concepts to Romanian national security.

Published

2018

34. Resilience of the electric distribution systems: concepts, classification, assessment, challenges, and research needs

Author

Gowtham Kandaperumal and Anurag K. Srivastava

Subjects

critical infrastructures, security of data, risk management, power grids, power distribution, power engineering computing, electric distribution systems, power system research community, multitemporal resilience assessment framework, distribution system cyber-physical resilience, power grid, ukraine cyber-attack, hurricane maria cyber-attack, multidimensional resilience assessment framework, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Distribution system resilience is an emerging topic of interest given an increasing number of extreme events and adverse impacts on the power grid (e.g. Hurricane Maria and Ukraine cyber-attack). The concept of resilience poses serious challenges to the power system research community given varied definitions and multivariate factors affecting resilience. The ability of nature or malicious actors to disrupt critical services is a real threat to the life of our citizens, national assets and the security of a nation. Many examples of such events have been documented over the years. Promising research in this area has been in progress focused on the quantification and in enabling resilience of the distribution system. The objective of this study is to provide a detailed overview of distribution system resilience, the classification, assessment, metrics for measuring resilience, possible methods for enabling resilience, and the associated challenges. A new multi-dimensional and multi-temporal resilience assessment framework is introduced along with a research roadmap outlining the future of resilience to help the reader conceptualise the theories and research gaps in the area of distribution system cyber-physical resilience.

Published

2019

35. Generalised resilience models for power systems and dependent infrastructure during extreme events

Author

Vaidyanathan Krishnamurthy, Bing Huang, Alexis Kwasinski, Evan Pierce, and Ross Baldick

Subjects

critical infrastructures, substations, power grids, graph theory, power engineering computing, communication systems, power systems, dependent infrastructure, generalised critical infrastructures resilience model, geometric graphs, service buffers, power infrastructure, public communication infrastructures, multitime scale power system operation, public communication system, derives physical domain representation, electric systems, substation data, cell tower, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

This study presents a generalised critical infrastructures resilience model for extreme events with a focus on power grids. Infrastructures are modelled as three domains – physical, cyber, and human. Each domain is described with respect to the services it provides. Each domain is represented by geometric graphs for each service it provides. The resilience models use geometric graphs with each graph's nodes and edges characterised based on relevant attributes. This study also discusses various applied aspects related to resilience models including the impact of changing operating environment, human-driven processes, such as logistics, and service buffers. Due to their stated particular importance in the U.S. Presidential Policy Directive 21, particular attention is placed on the power infrastructure and its impact on the public communication infrastructures as a main critical load. This study focuses on the multi-time scale power system operation to capture cascading outages within, and subsequently to its dependent infrastructure – the public communication system (e.g. wireless or ‘cellular’ communication networks) as a main critical load. This study illustrates the merits of the proposed models in calculating resilience in extreme events and derives physical domain representation for electric and communication systems using cell tower and substation data from the USA.

Published

2019

36. The Notion of Global Data Fusion and its Application to Cyber Security

Author

Mario Lamanna

Subjects

cyber security, network security, environment monitoring, situational awareness, data fusion, critical infrastructures, Information technology, T58.5-58.64, Communication. Mass media, P87-96

Abstract

Global Data Fusion is one of the main technologies used in complex systems. While the application of data fusion has already been proposed for the implementation of specific tools, its extension to the overall design process of a complex system is far from a desired target. The development of advanced architectures based on an interdisciplinary design approach makes this extension possible, especially at the higher levels of the architecture, involving situation assessment, impact assessment and process refinement. This paper analyses one of the advanced cyber security architectures and explores the capability of this architecture to include data fusion tools at the top level of the architecture. The effects of the generalisation of data fusion techniques are then analysed and the consequent improvements in the network security of critical infrastructures are described and quantified.

Published

2018

37. Global Cybersecurity: New Directions in Theory and Methods

Author

Tim Stevens

Subjects

assemblage, critical infrastructures, critical theory, cybersecurity, ethnography, power, science and technology studies, security, security politics, sociotechnical systems, Political science (General), JA1-92

Abstract

This thematic issue advocates a range of novel theoretical and methodological directions applicable to cybersecurity studies. Drawing on critical International Relations theory, Science and Technology Studies, participant observation, quantitative political science, and other social science methods and theory, the contributors advance modes of invigorating the exploration of cybersecurity as an assemblage of sociotechnical practices. In so doing, this issue seeks to enhance understanding of the politics and strategies of cybersecurity, one of the most complex and diverse technical and political challenges of our contemporary world.

Published

2018

38. On the Development of Intelligent Railway Information and Safety Systems: An Overview of Current Research

Author

Dániel Tokody, Mária Tor, Endre Szűcs, Francesco Flammini, and Laszlo Barna Iantovics

Subjects

railways, R&D, intelligent systems, critical infrastructures, safety and security, Social sciences (General), H1-99

Abstract

The present article focuses on the research and development planning for innovative railway systems. Within such a general framework, the specific objectives of the research have been defined within the framework of a large Intelligent Railway System project in Hungary. Our theoretical research work at the university is combined with practical experience gained at the Hungarian State Railways. In the course of this research work, the development of an intelligent railway system has been investigated by leveraging on the fruitful cooperation between academic and industrial partners, in order to promote the application and integration possibilities of the development results, as well as the introduction of innovative components in the railway system. In such a context, this article discusses the research plan, preliminary and long-term expected results, sharing objectives and experiences with the aim of providing novel views in an extremely current and challenging field of research.

Published

2018

39. Which Targets to Protect in Critical Infrastructures - A Game-Theoretic Solution From a Network Science Perspective

Author

Yapeng Li, Yu Xiao, Yong Li, and Jun Wu

Subjects

Critical infrastructures, complex network, game theory, Nash equilibrium, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Modern society is highly dependent on its critical infrastructures. These infrastructures usually suffer intentional attacks, which is a serious threat to social wellbeing, making the protection of them to be a great challenge for the security agencies. Many game models have been proposed to tackle this problem. However, little of them consider the interrelationship of different targets within the infrastructures. In this paper, the protection of critical infrastructures against a malicious attacker is modeled as a simultaneous game, where the payoffs of the players are evaluated on the basis of the topology structure of the infrastructure system. An efficient algorithm is adopted to obtain the Nash equilibrium solution. The experimental results reveal that in the equilibriums, the defender distributes higher probabilities on protecting the targets who are more important, for example, those with large degrees or betweenness, while the attacker prefers attacking targets with medium degrees or betweenness. The effectiveness of the game-theoretic solution is validated, and the experimental results in a real-world network provide us a clear insight on which targets to protect.

Published

2018

40. Readiness of the Polish Crisis Management System to Respond to Long-Term, Large-Scale Power Shortages and Failures (Blackouts)

Author

Dariusz Majchrzak, Krzysztof Michalski, and Jacek Reginia-Zacharski

Subjects

energy safety and security, homeland security, crisis-management, critical infrastructures, civil defence/protection, disaster resilience, Technology

Abstract

Large-scale failures of electric power systems (blackouts) have been the subject of intensive research in most countries for several years. This research aims primarily at seeking solutions to improve the reliability of the operation of power systems and the development of effective strategies to protect critical infrastructure from the effects of energy shortages and power cuts. In contrast, systematic research on crisis management and civil protection under conditions of prolonged blackout has been undertaken in Europe only recently, and these extremely important aspects of energy security have been delayed by the COVID-19 crisis. The ability of the Polish crisis management system to cope with the consequences of long-term, large-scale shortages and interruptions in the supply of electricity, as well as the consequences of possible failures in this field, has not been systematically examined to date. This issue is of growing strategic importance, not only from the point of view of security and defence policy, but also economic cooperation in Central and Eastern Europe. Poland’s infrastructural security must be considered in a broad regional and supra-regional context. A long-term lack of electricity in a large area of Poland would undermine the stability of the entire national security system, destabilising the region and supranational security systems. Apart from objective reasons, intentional attacks on the links of such a chain cannot be ruled out. Poland is the leader of this region, a frontline country in the NATO-Russia conflict, as well as a liaison state that provides the Baltic states—being EU and NATO members—with a land connection to Western Europe. In view of the growing risk of blackout, the importance of the problem and the existence of a cognitive gap in this field, we evaluated the Polish crisis management system in terms of its ability to respond to the effects of a sudden, long-term, large-scale blackout. Methodologically, we adopted a systems approach to security management. In order to estimate the consequences of a blackout, we used analogue forecasting tools and scenario analysis. By analysing previous crisis situations caused by blackouts and local conditions of vulnerability to such events, we formulated basic preparedness requirements that a modern crisis management system should meet in the face of the growing risk of blackouts. A review of strategic documents and crisis planning processes in public administration allowed us to identify deficits and weaknesses in the Polish crisis management system. On this basis we formulated recommendations whose implementation shall improve the ability of the national security system to face such challenges in the future.

Published

2021

41. Attack Categorisation for IoT Applications in Critical Infrastructures, a Survey

Author

Edward Staddon, Valeria Loscri, and Nathalie Mitton

Subjects

cyber attack, attack categorisation, cyber security, IoT, critical infrastructures, challenges, Technology, Engineering (General). Civil engineering (General), TA1-2040, Biology (General), QH301-705.5, Physics, QC1-999, Chemistry, QD1-999

Abstract

With the ever advancing expansion of the Internet of Things (IoT) into our everyday lives, the number of attack possibilities increases. Furthermore, with the incorporation of the IoT into Critical Infrastructure (CI) hardware and applications, the protection of not only the systems but the citizens themselves has become paramount. To do so, specialists must be able to gain a foothold in the ongoing cyber attack war-zone. By organising the various attacks against their systems, these specialists can not only gain a quick overview of what they might expect but also gain knowledge into the specifications of the attacks based on the categorisation method used. This paper presents a glimpse into the area of IoT Critical Infrastructure security as well as an overview and analysis of attack categorisation methodologies in the context of wireless IoT-based Critical Infrastructure applications. We believe this can be a guide to aid further researchers in their choice of adapted categorisation approaches. Indeed, adapting appropriated categorisation leads to a quicker attack detection, identification, and recovery. It is, thus, paramount to have a clear vision of the threat landscapes of a specific system.

Published

2021

42. Security Information and Event Management (SIEM): Analysis, Trends, and Usage in Critical Infrastructures

Author

Gustavo González-Granadillo, Susana González-Zarzosa, and Rodrigo Diaz

Subjects

evolution of SIEMs, SIEM enhancement, SIEM trends, critical infrastructures, Chemical technology, TP1-1185

Abstract

Security Information and Event Management (SIEM) systems have been widely deployed as a powerful tool to prevent, detect, and react against cyber-attacks. SIEM solutions have evolved to become comprehensive systems that provide a wide visibility to identify areas of high risks and proactively focus on mitigation strategies aiming at reducing costs and time for incident response. Currently, SIEM systems and related solutions are slowly converging with big data analytics tools. We survey the most widely used SIEMs regarding their critical functionality and provide an analysis of external factors affecting the SIEM landscape in mid and long-term. A list of potential enhancements for the next generation of SIEMs is provided as part of the review of existing solutions as well as an analysis on their benefits and usage in critical infrastructures.

Published

2021

43. On the use of watermark-based schemes to detect cyber-physical attacks

Author

Jose Rubio-Hernan, Luca De Cicco, and Joaquin Garcia-Alfaro

Subjects

Cyber-physical security, Control theory, Network security, Networked-control system, Critical infrastructures, Attack detection, Computer engineering. Computer hardware, TK7885-7895, Electronic computers. Computer science, QA75.5-76.95

Abstract

Abstract We address security issues in cyber-physical systems (CPSs). We focus on the detection of attacks against cyber-physical systems. Attacks against these systems shall be handled both in terms of safety and security. Networked-control technologies imposed by industrial standards already cover the safety dimension. However, from a security standpoint, using only cyber information to analyze the security of a cyber-physical system is not enough, since the physical malicious actions that can threaten the correct behavior of the systems are ignored. For this reason, the systems have to be protected from threats to their cyber and physical layers. Some authors have handled replay and integrity attacks using, for example, physical attestation to validate the cyber process and to detect the attacks, or watermark-based detectors which uses also physical parameters to ensure the cyber layers. We reexamine the effectiveness of a stationary watermark-based detector. We show that this approach only detects adversaries that do not attempt to get any knowledge about the system dynamics. We analyze the detection ratio of the original design under the presence of new adversaries that are able to infer the system dynamics and are able to evade the detector with high frequency. We propose a new detection scheme which employs several non-stationary watermarks. We validate the detection efficiency of the new strategy via numeric simulations and via running experiments on a laboratory testbed. Results show that the proposed strategy is able to detect adversaries using non-parametric methods, but it is not equally effective against adversaries using parametric identification methods.

Published

2017

44. Modelling cascading failure of a CPS for topological resilience enhancement

Author

Zejun Yang, Ying Chen, and Jose Marti

Subjects

telecommunication network reliability, graph theory, critical infrastructures, emergency management, distributed power generation, ieee standards, distribution networks, telecommunication network topology, percolation, optimisation, network theory (graphs), tr enhancement, cyber-physical system, cps, interdependent electrical distribution, communication networks, power system, failure mechanism, recovery abilities, coupled system, standard ieee 33-bus system, 33-node communication system, modelling cascading failure, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

This study focuses on the cyber-physical system (CPS) consisting of interdependent electrical distribution and communication networks, where the two networks are mutually dependent. A small disturbance in either of them can trigger a cascade of faults within the entire network. To investigate the failure mechanism, first, two features that affect topological resilience (TR) are defined in this study: adaptation and recovery abilities. Second, the authors model the process of cascading failures that occur in this coupled system by introducing and developing the infrastructure interdependencies simulator. The process of cascading failures is based on percolation theory, and they present a detailed analysis of cascading failure in a standard IEEE 33-bus system coupled with the 33-node communication system. This study proves that the adaptation ability of a coupled system is even lower than a single system. This is due to the interdependencies between systems, and the study of the failure mechanisms helps planers to make a better decision in the recovery process. Finally, the modified shortest path search is used to optimise the repair sequence. Their numerical results validate that the recovery ability of the coupled system is increased through the optimisation, which contributes to the TR enhancement.

Published

2019

45. Assets focus risk management framework for critical infrastructure cybersecurity risk management

Author

Halima Ibrahim Kure and Shareeful Islam

Subjects

business continuity, critical infrastructures, security of data, risk management, critical infrastructure cybersecurity risk management, ci, asset focus risk management approach, critical assets, threats, critical infrastructure, power grid system, Computer engineering. Computer hardware, TK7885-7895, Electronic computers. Computer science, QA75.5-76.95

Abstract

Critical infrastructure (CI) is vital for the overall economic growth and its reliable and safe operation is essential for a nation's stability and people's safety. Proper operation of the assets is essential for such a system and any threats that could negatively impact the asset could have a severe disruption. Risk management is an important aspect of the protection of CI. There are several frameworks and methodologies for identifying assets, quantifying and analysing vulnerabilities. However, there is a lack of focus on the interdependencies among the assets and cascading effect of the inherent vulnerabilities on the asset. This study attempts to bridge that gap by presenting a novel asset focus risk management approach for the CI. It presents a systematic methodology for identifying and analysing critical assets, their potential vulnerabilities, threats and risks facing CI. This work taking into account cascading vulnerability impacts on assets leading to threats and causing risk. The authors use a running example from a smart grid system to demonstrate the usability of the approach. The result shows that some assets are prioritised and more vulnerable than other assets for the power grid system and it can severely impact on the overall business continuity.

Published

2019

46. Forget the Myth of the Air Gap: Machine Learning for Reliable Intrusion Detection in SCADA Systems

Author

Rocio Lopez Perez, Florian Adamsky, Ridha Soua, and Thomas Engel

Subjects

Critical Infrastructures, SCADA, Anomaly detection, Machine Learning, SVM, Random Forest, BLSTM, Technology

Abstract

Since Critical Infrastructures (CIs) use systems and equipment that are separated by long distances, Supervisory Control And Data Acquisition (SCADA) systems are used to monitor their behaviour and to send commands remotely. For a long time, operator of CIs applied the air gap principle, a security strategy that physically isolates the control network from other communication channels. True isolation, however, is difficult nowadays due to the massive spread ofconnectivity: using open protocols and more connectivity opens new network attacks against CIs. To cope with this dilemma, sophisticated security measures are needed to address malicious intrusions, which are steadily increasing in number andvariety. However, traditional Intrusion Detection Systems (IDSs) cannot detect attacks that are not already present in their databases. To this end, we assess in this paper Machine Learning (ML) techniques for anomaly detection in SCADA systemsusing a real data set collected from a gas pipeline system and provided by the Mississippi State University (MSU). The contribution of this paper is two-fold: 1) The evaluation of four techniques for missing data estimation and two techniques for data normalization, 2) The performances of Support Vector Machine (SVM), Random Forest (RF), Bidirectional LongShort Term Memory (BLSTM) are assessed in terms of accuracy, precision, recall and F1 score for intrusion detection. Two cases are differentiated: binary and categorical classifications. Our experiments reveal that RF and BLSTM detect intrusions effectively, with an F1 score of respectively > 99% and > 96%.

Published

2019

47. Threats, Countermeasures and Attribution of Cyber Attacks on Critical Infrastructures

Author

Leandros Maglaras, Mohamed Amine Ferrag, Abdelouahid Derhab, Mithun Mukherjee, Helge Janicke, and Stylianos Rallis

Subjects

Critical Infrastructures, Regulations, Cyber Security, Technology

Abstract

As Critical National Infrastructures are becoming more vulnerable to cyber attacks, their protection becomes a significant issue for any organization as well as a nation. Moreover, the ability to attribute is a vital element of avoiding impunity in cyberspace. In this article, we present main threats to critical infrastructures along with protective measures that one nation can take, and which are classified according to legal, technical, organizational, capacity building, and cooperation aspects. Finally we provide an overview of current methods and practices regarding cyber attribution and cyber peace keeping.

Published

2018

48. Implementation and Evaluation of Physical, Hybrid, and Virtual Testbeds for Cybersecurity Analysis of Industrial Control Systems

Author

Andres Robles-Durazno, Naghmeh Moradpoor, James McWhinnie, Gordon Russell, and Jorge Porcel-Bustamante

Subjects

clean water supply system, critical infrastructures, SCADA, Mathematics, QA1-939

Abstract

Industrial Control Systems are an essential part of our daily lives and can be found in industries such as oil, utilities, and manufacturing. Rapid growth in technology has introduced industrial components with network capabilities that allow them to communicate with traditional computer networks, thus increasing their exposure to cyber-attacks. Current research on Industrial Control Systems suffer from lack of technical information as these systems are part of critical infrastructures. To overcome this, researchers have employed different types of testbeds to develop their mechanisms of cyber-attack detection and prevention. This manuscript describes, implements, and evaluates physical, hybrid, and virtual application of a clean water supply system developed for cybersecurity research. The results show that physical testbeds allow an understanding of the behaviour and dynamics of control components like sensors and actuators, which might be affected by external influences such as noise, vibration, temperature, and non-ideal device behaviour. Although, hybrid testbeds reduce the cost of implementation, they ignore the physical dynamics of the system as explained above. Virtual testbeds are the cheapest option in comparison with physical and hybrid testbeds; however, they provide a limited view of the control system operation that could have negative consequences when developing a detection/prevention system.

Published

2021

49. Data-Driven Approach for Incident Management in a Smart City

Author

Luís B. Elvas, Carolina F. Marreiros, João M. Dinis, Maria C. Pereira, Ana L. Martins, and João C. Ferreira

Subjects

buildings, incident management, knowledge extraction, smart cities, critical infrastructures, CRISP-DM, Technology, Engineering (General). Civil engineering (General), TA1-2040, Biology (General), QH301-705.5, Physics, QC1-999, Chemistry, QD1-999

Abstract

Buildings in Lisbon are often the victim of several types of events (such as accidents, fires, collapses, etc.). This study aims to apply a data-driven approach towards knowledge extraction from past incident data, nowadays available in the context of a Smart City. We apply a Cross Industry Standard Process for Data Mining (CRISP-DM) approach to perform incident management of the city of Lisbon. From this data-driven process, a descriptive and predictive analysis of an events dataset provided by the Lisbon Municipality was possible, together with other data obtained from the public domain, such as the temperature and humidity on the day of the events. The dataset provided contains events from 2011 to 2018 for the municipality of Lisbon. This data mining approach over past data identified patterns that provide useful knowledge for city incident managers. Additionally, the forecasts can be used for better city planning, and data correlations of variables can provide information about the most important variables towards those incidents. This approach is fundamental in the context of smart cities, where sensors and data can be used to improve citizens’ quality of life. Smart Cities allow the collecting of data from different systems, and for the case of disruptive events, these data allow us to understand them and their cascading effects better.

Published

2020

50. MADICS: A Methodology for Anomaly Detection in Industrial Control Systems

Author

Ángel Luis Perales Gómez, Lorenzo Fernández Maimó, Alberto Huertas Celdrán, and Félix J. García Clemente

Subjects

anomaly detection, artificial intelligence, critical infrastructures, deep learning, industrial control systems, industry applications, Mathematics, QA1-939

Abstract

Industrial Control Systems (ICSs) are widely used in critical infrastructures to support the essential services of society. Therefore, their protection against terrorist activities, natural disasters, and cyber threats is critical. Diverse cyber attack detection systems have been proposed over the years, in which each proposal has applied different steps and methods. However, there is a significant gap in the literature regarding methodologies to detect cyber attacks in ICS scenarios. The lack of such methodologies prevents researchers from being able to accurately compare proposals and results. In this work, we present a Methodology for Anomaly Detection in Industrial Control Systems (MADICS) to detect cyber attacks in ICS scenarios, which is intended to provide a guideline for future works in the field. MADICS is based on a semi-supervised anomaly detection paradigm and makes use of deep learning algorithms to model ICS behaviors. It consists of five main steps, focused on pre-processing the dataset to be used with the machine learning and deep learning algorithms; performing feature filtering to remove those features that do not meet the requirements; feature extraction processes to obtain higher order features; selecting, fine-tuning, and training the most appropriate model; and validating the model performance. In order to validate MADICS, we used the popular Secure Water Treatment (SWaT) dataset, which was collected from a fully operational water treatment plant. The experiments demonstrate that, using MADICS, we can achieve a state-of-the-art precision of 0.984 (as well as a recall of 0.750 and F1-score of 0.851), which is above the average of other works, proving that the proposed methodology is suitable for use in real ICS scenarios.

Published

2020