{"title":"Sarima-Based Cyber-Risk Assessment and Mitigation Model for A Smart City’s Traffic Management Systems (Scram)","authors":"Kalpit Sharma, Arunabha Mukhopadhyay","doi":"10.1080/10919392.2022.2054259","DOIUrl":null,"url":null,"abstract":"ABSTRACT A malicious hacker can compromise the integrated traffic management systems (ITMS) speed sensors in a smart city, causing a vehicle to misread the speed and result in collision or congestion on the pathways. Based on protection-motivation theory (PMT), we propose a Time series-based Cyber-risk Assessment and Mitigation for smart cities (SCRAM) model comprising three modules for the smart city administrator. In line with the threat appraisal component of PMT, our cyber-risk assessment (CRA) module uses a Seasonal time series forecasting method, takes ITMS average speed as an input, and outputs the probability of anomalies in the average speed of vehicles. Subsequently, based on the concepts of risk theory, the cyber-risk quantification (CRQ) module calculates the expected loss for a smart city due to collision or congestion on the pathways. In line with the coping appraisal component of PMT, our cyber-risk mitigation (CRM) module proposes strategies for the smart-city administrator to reduce cyber-risk using technological means and pass the residual risk to third-party cyber-insurer.","PeriodicalId":54777,"journal":{"name":"Journal of Organizational Computing and Electronic Commerce","volume":"32 1","pages":"1 - 20"},"PeriodicalIF":2.0000,"publicationDate":"2022-01-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Organizational Computing and Electronic Commerce","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1080/10919392.2022.2054259","RegionNum":4,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 6
Abstract
ABSTRACT A malicious hacker can compromise the integrated traffic management systems (ITMS) speed sensors in a smart city, causing a vehicle to misread the speed and result in collision or congestion on the pathways. Based on protection-motivation theory (PMT), we propose a Time series-based Cyber-risk Assessment and Mitigation for smart cities (SCRAM) model comprising three modules for the smart city administrator. In line with the threat appraisal component of PMT, our cyber-risk assessment (CRA) module uses a Seasonal time series forecasting method, takes ITMS average speed as an input, and outputs the probability of anomalies in the average speed of vehicles. Subsequently, based on the concepts of risk theory, the cyber-risk quantification (CRQ) module calculates the expected loss for a smart city due to collision or congestion on the pathways. In line with the coping appraisal component of PMT, our cyber-risk mitigation (CRM) module proposes strategies for the smart-city administrator to reduce cyber-risk using technological means and pass the residual risk to third-party cyber-insurer.
期刊介绍:
The aim of the Journal of Organizational Computing and Electronic Commerce (JOCEC) is to publish quality, fresh, and innovative work that will make a difference for future research and practice rather than focusing on well-established research areas.
JOCEC publishes original research that explores the relationships between computer/communication technology and the design, operations, and performance of organizations. This includes implications of the technologies for organizational structure and dynamics, technological advances to keep pace with changes of organizations and their environments, emerging technological possibilities for improving organizational performance, and the many facets of electronic business.
Theoretical, experimental, survey, and design science research are all welcome and might look at:
• E-commerce
• Collaborative commerce
• Interorganizational systems
• Enterprise systems
• Supply chain technologies
• Computer-supported cooperative work
• Computer-aided coordination
• Economics of organizational computing
• Technologies for organizational learning
• Behavioral aspects of organizational computing.