{"title":"Cyber attacks on critical infrastructures and satellite communications","authors":"Dr. Antonio Carlo , Dr. Kim Obergfaell","doi":"10.1016/j.ijcip.2024.100701","DOIUrl":"10.1016/j.ijcip.2024.100701","url":null,"abstract":"<div><p>The cyber-attack on the Ukrainian positioning network at the beginning of the ongoing Russia-Ukraine war demonstrated how the branching of satellite connections can have severe repercussions for communication systems. While ground-based networks are changing, the vulnerability of critical infrastructure to cyber-attacks and technical failures has become a serious concern. As cyber attackers are increasingly targeting industrial control systems rather than stealing data, attacks have become more sophisticated and significant. Future connectivity to 5 G networks, the entry of new private players in this sector, and the economic growth of emerging countries will further increase the attack surface of the space sector. A risk-based approach is therefore needed to increase protection and resilience against cyber-attacks. This requires a comprehensive understanding of the technologies and their vulnerabilities, as well as the ability to quickly develop solutions to counter attacks. Responding effectively with legal and policy means is essential to adapting to changes and to providing continuity and security of services. This paper highlights the main qualities of communication technology, its vulnerabilities, and the critical challenges to achieving cyber resilience. It identifies significant assets, defence solutions, and legal and policy aspects that should be further researched to enhance the cyber resilience of European assets.</p></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"46 ","pages":"Article 100701"},"PeriodicalIF":4.1,"publicationDate":"2024-08-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141939996","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Tingrui Pei , Zhiwen Hou , Jun Zhou , Chixin Xiao , Juan Zou
{"title":"Blockchain-based anonymous authentication and data aggregation for advanced metering infrastructure in smart grid","authors":"Tingrui Pei , Zhiwen Hou , Jun Zhou , Chixin Xiao , Juan Zou","doi":"10.1016/j.ijcip.2024.100702","DOIUrl":"10.1016/j.ijcip.2024.100702","url":null,"abstract":"<div><p>This paper proposes a blockchain-based scheme, focusing on anonymous identity authentication and data aggregation, for safer and more reliable bidirectional communication between the utility company and power consumers based on Advanced Metering Infrastructure (AMI). Firstly, to cope with the mutual identity authentication between resource-constrained Smart Meters, a lightweight anonymous authentication strategy is designed using Elliptic Curve Cryptography. Meanwhile, a reputation-based consensus protocol is developed to accomplish data aggregation in AMI by using decentralization and non-tampering features of the blockchain. During the communication, in each time slot, the proposed scheme only needs to select a trusted user randomly to undertake the mining node rather than to introduce a third-party in a centralized manner to summarize and record the user-side data into the blockchain. Such scheme can effectively prevent data tampering and also be effective to decrease the processing complexity. The AVISPA tool is adopted to formally evaluate its security. The simulation results show promising performance. The proposed scheme not only can guarantee secure communication but also effectively decrease the computational cost in AMI.</p></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"46 ","pages":"Article 100702"},"PeriodicalIF":4.1,"publicationDate":"2024-08-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141939995","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Probabilistic dynamic resilience quantification for infrastructure systems in multi-hazard environments","authors":"Ahmed Badr , Zoe Li , Wael El-Dakhakhni","doi":"10.1016/j.ijcip.2024.100698","DOIUrl":"10.1016/j.ijcip.2024.100698","url":null,"abstract":"<div><p>Resilience has been evolving as a key criterion for infrastructure systems as it ensures the system's dynamic performance pre-, during, and post-hazard disruptions. However, estimating these performances is challenging due to system and operation complexities, and the probabilistic dynamic nature of infrastructure system. Moreover, infrastructure systems are usually exposed to multi-hazard environments, with their own probabilistic behavior, leading to additional complexity in terms of estimating the system response and, subsequently, the overall system resilience. As such, this study develops a probabilistic resilience-centric system dynamics modeling approach to quantify infrastructure dynamic resilience based on a holistic representation of infrastructure systems under multi-hazard scenarios, whereby the probabilistic natures of both the hazards and system are incorporated. Unlike the traditional resilience quantification approaches that represent system resilience by a single value calculated after the system's full recovery, the developed model focuses on tracking the temporal evolution of system resilience along the entire period of system performance deterioration and recovery. A real-world hydropower dam, as an example for infrastructure systems, in British Columbia, Canada is used as a demonstration application to show model utility in developing resilience-guided assessment plans for infrastructure systems. Overall, the developed approach empowers the decision-makers with insights into critical operational periods, the required time to reach specified resilience targets, and the efficiency of risk mitigation measures in <em>real-time</em>.</p></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"46 ","pages":"Article 100698"},"PeriodicalIF":4.1,"publicationDate":"2024-07-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S1874548224000398/pdfft?md5=cf0b554879a85aad377f598558d3e1ea&pid=1-s2.0-S1874548224000398-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141867424","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Yuning Jiang , Manfred A. Jeusfeld , Michael Mosaad , Nay Oo
{"title":"Enterprise architecture modeling for cybersecurity analysis in critical infrastructures — A systematic literature review","authors":"Yuning Jiang , Manfred A. Jeusfeld , Michael Mosaad , Nay Oo","doi":"10.1016/j.ijcip.2024.100700","DOIUrl":"10.1016/j.ijcip.2024.100700","url":null,"abstract":"<div><p>As digital landscapes become increasingly complex, safeguarding sensitive information and systems against cyber threats has become a paramount concern for organizations. This paper provides a comprehensive review of how enterprise architecture modeling is used in the context of cybersecurity assessment, particularly focusing on critical infrastructures. The use of enterprise architecture models for cybersecurity is motivated by the main purpose of enterprise architecture, namely to represent and manage business and IT assets and their interdependence. While enterprise architecture modeling originally served to assess Business/IT alignment, they are increasingly used to assess the cybersecurity of the enterprise. The research questions explored include the types of enterprise architecture models used for cybersecurity assessment, how security aspects are incorporated into these models, the theoretical frameworks and reference theories applied, the research methods used for evaluation, and the strengths and limitations of these models in supporting cybersecurity assessment. This review encompasses research papers published before 2024, focusing on high-quality research from peer-reviewed journals and reputable conferences, thereby providing a structured and comprehensive overview of the current state of research in this domain.</p></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"46 ","pages":"Article 100700"},"PeriodicalIF":4.1,"publicationDate":"2024-07-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141698603","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Robustness evaluation method and defense strategy of electricity-heat integrated energy system","authors":"Funian Hu, Chenhui Peng, Jun Chen","doi":"10.1016/j.ijcip.2024.100699","DOIUrl":"https://doi.org/10.1016/j.ijcip.2024.100699","url":null,"abstract":"<div><p>Even though electricity-heat integrated energy systems (IESs) can improve energy utilization, the faults generated by extreme events can induce more complex and wider impacts. Therefore, it is urgent to study the effective defense strategies associated with electricity-heat IES. Considering the theory of complex networks, a dynamic model was established in this paper which comprehensively considered the actual operating characteristics and cascading failure process of the electricity-heat IES. The structural and functional robustness of the electricity-heat IES after failure was evaluated by link survivability, capacity survivability and power survivability. According to the post-disaster system robustness evaluation results and system characteristics without adopting the defense strategy, the critical links of the system were identified. Also, seven defense strategies were formulated based on the cascading failure mechanism of the electricity-heat IES. The testing network coupled with an improved IEEE118-node power grid and 23-node heat supply network was used to verify the effectiveness of the proposed defense strategy and to provide a theoretical basis for the resilience enhancement strategy and defense resource allocation of the electricity-heat IES.</p></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"46 ","pages":"Article 100699"},"PeriodicalIF":4.1,"publicationDate":"2024-07-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141606269","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Tianci Zhu , Jun Wang , Yonghai Zhu , Haoran Chen , Hang Zhang , Shanshan Yin
{"title":"Power grid network security: A lightweight detection model for composite false data injection attacks using spatiotemporal features","authors":"Tianci Zhu , Jun Wang , Yonghai Zhu , Haoran Chen , Hang Zhang , Shanshan Yin","doi":"10.1016/j.ijcip.2024.100697","DOIUrl":"https://doi.org/10.1016/j.ijcip.2024.100697","url":null,"abstract":"<div><p>The stability of power systems is paramount to industrial operations. The deleterious inherent characteristics of false data injection attacks (FDIA) have drawn substantial interest due to their severe threats to power grids. Contemporary detection systems face numerous challenges as attackers employ various tactics, such as injecting complex elements into measurement data and formulating quick attack strategies against critical nodes and transmission lines in the power grid network topology. Conventional models often fail to adapt to the intricacies of practical situations because they focus predominantly on detecting individual components. To overcome the above predicaments, this paper proposes a lightweight detection model integrating deep separable convolutional layers, squeeze neural networks, and a bidirectional long short-term memory architecture named DSE-BiLSTM. The acquisition process of network topological characteristics is accomplished through variable graph attention autoencoder (VGAAE). This approach leverages the effectiveness of the graph convolution (GCN) layer to acquire each node’s topological feature and the graph attention (GAT) module to identify and extract the topological features of critical nodes. Furthermore, the topology information obtained by the both techniques is embedded in one-dimensional vector space in the same form as measurement data. By combining the output of VGAAE with meter measurements, the feature fusion of temporal and spatial modalities is realized. DSE-BiLSTM with optimal hyperparameters achieves an F1-score of 99.56% and a row accuracy (RACC) of 93.10% on the conventional dataset. The experimental results of FDIA detection with composite datasets of IEEE 14-bus and IEEE 118-bus systems show that the F1-score and RACC of DSE-BiLSTM remain above 84.51% and 83.56% under various attack strengths and noise levels. In addition, as the power grid network scales up, noise level’s effect on detection performance decreases, while attack strength’s effect on recognition capability increases. DSE-BiLSTM can effectively process the composite data of spatiotemporal multimodes and provides a feasible solution for the localization and detection of FDIA in realistic scenes.</p></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"46 ","pages":"Article 100697"},"PeriodicalIF":4.1,"publicationDate":"2024-06-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141596863","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Divyanshi Dwivedi , Sagar Babu Mitikiri , K. Victor Sam Moses Babu , Pradeep Kumar Yemula , Vedantham Lakshmi Srinivas , Pratyush Chakraborty , Mayukha Pal
{"title":"Technological advancements and innovations in enhancing resilience of electrical distribution systems","authors":"Divyanshi Dwivedi , Sagar Babu Mitikiri , K. Victor Sam Moses Babu , Pradeep Kumar Yemula , Vedantham Lakshmi Srinivas , Pratyush Chakraborty , Mayukha Pal","doi":"10.1016/j.ijcip.2024.100696","DOIUrl":"https://doi.org/10.1016/j.ijcip.2024.100696","url":null,"abstract":"<div><p>This comprehensive review paper explores power system resilience, emphasizing its evolution and comparison with reliability. It conducts a thorough analysis of the definition and characteristics of resilience and presents quantitative metrics to assess and quantify power system resilience. Additionally, the paper investigates the relevance of complex network theory in the context of power system resilience. An integral part of this review involves examining the incorporation of data-driven techniques to enhance power system resilience, including the role of predictive analytics. Furthermore, the paper explores recent techniques for resilience enhancement, encompassing both planning and operational methods. Technological innovations such as microgrid deployment, renewable energy integration, peer-to-peer energy trading, automated switches, and mobile energy storage systems are detailed in their role in enhancing power systems against disruptions. The paper also analyzes existing research gaps and challenges, providing future directions for improvements in power system resilience. Thus, it offers a comprehensive understanding that helps improve the ability of distribution systems to withstand and recover from extreme events and disruptions.</p></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"46 ","pages":"Article 100696"},"PeriodicalIF":4.1,"publicationDate":"2024-06-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141540410","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Asma Farooq , Kamal Shahid , Rasmus Løvenstein Olsen
{"title":"Securing the green grid: A data anomaly detection method for mitigating cyberattacks on smart meter measurements","authors":"Asma Farooq , Kamal Shahid , Rasmus Løvenstein Olsen","doi":"10.1016/j.ijcip.2024.100694","DOIUrl":"10.1016/j.ijcip.2024.100694","url":null,"abstract":"<div><p>Smart meters, being a vital component in the advanced metering infrastructure (AMI), provide an opportunity to remotely monitor and control power usage and act like a bridge between customers and utilities. The installation of millions of smart meters in the power grid is a step forward towards a green transition. However, it also constitutes a massive cybersecurity vulnerability. Cyberattacks on AMI can result in inaccurate billing, energy theft, service disruptions, privacy breaches, network vulnerabilities, and malware distribution. Thus, utility companies should implement robust cyber-security measures to mitigate such risks. In order to assess the impact of cybersecurity breaches on AMI, this paper presents a cyber-attack scenario on grid measurements obtained via smart meters and assesses the stochastic grid estimations under attack. This paper also presents an efficient method for the detection and identification of anomalous data within the power grid by leveraging the distance between measurements and the confidence ellipse centered around the estimated value. To assess the proposed method, a comparative analysis is done against the chi-square test for detection and the largest normalized distribution test for the identification of bad data. Furthermore, by using a Danish low-voltage grid as a base case, this paper introduces two test cases to evaluate the performance of the proposed method under single and multiple-node cyber-attacks on the grid state estimation. Results show a notable improvement in accuracy when using the proposed method. Additionally, based on these numerical results, protective countermeasures are presented for the grid.</p></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"46 ","pages":"Article 100694"},"PeriodicalIF":4.1,"publicationDate":"2024-06-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S1874548224000350/pdfft?md5=01d3394f250cb1b8e954cf085c10ccec&pid=1-s2.0-S1874548224000350-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141390691","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Awais Yousaf , Ahmed Amro , Philip Teow Huat Kwa , Meixuan Li , Jianying Zhou
{"title":"Cyber risk assessment of cyber-enabled autonomous cargo vessel","authors":"Awais Yousaf , Ahmed Amro , Philip Teow Huat Kwa , Meixuan Li , Jianying Zhou","doi":"10.1016/j.ijcip.2024.100695","DOIUrl":"10.1016/j.ijcip.2024.100695","url":null,"abstract":"<div><p>The increasing interest in autonomous ships within the maritime industry is driven by the pursuit of revenue optimization, operational efficiency, safety improvement and going greener. However, the industry’s increasing reliance on emerging technologies for the development of autonomous ships extends the attack surface, leaving the underlying ship systems vulnerable to potential exploitation by malicious actors. In response to these emerging challenges, this research extends an existing cyber risk assessment approach called FMECA-ATT&CK based on failure modes, effects and criticality analysis (FMECA), and the MITRE ATT&CK framework. As a part of our work, we have expanded the FMECA-ATT&CK approach to assessing cyber risks related to systems with artificial intelligence components in cyber-enabled autonomous ships (e.g. autonomous engine monitoring and control). This new capability was developed using the information and semantics encoded in the MITRE ATLAS framework. FMECA-ATT&CK has been adopted due to its comprehensive and adaptable nature and its promising venue for supporting continuous cyber risk assessment. It helps evaluate the cyber risks associated with the complex and state-of-the-art operational technologies on board autonomous ships. The cyber risk assessment approach assists cybersecurity experts in aligning mitigation strategies for the cyber defence of autonomous ships. It also contributes towards advancing overall cybersecurity in the maritime industry and ensures the safe and secure sailing of autonomous ships. Our key findings after applying the proposed approach against a model of an autonomous cargo ship is the identification of the Navigation Situation Awareness System (NSAS) of the ship as being at the highest risk followed by the Autonomous Engine Monitoring and Control (AEMC) system. Additionally, we identified 3 high, 48 medium, and 5776 low risks across 29 components.</p></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"46 ","pages":"Article 100695"},"PeriodicalIF":4.1,"publicationDate":"2024-06-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141395307","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Demonstration of denial of charging attack on electric vehicle charging infrastructure and its consequences","authors":"Kirti Gupta , Bijaya Ketan Panigrahi , Anupam Joshi , Kolin Paul","doi":"10.1016/j.ijcip.2024.100693","DOIUrl":"10.1016/j.ijcip.2024.100693","url":null,"abstract":"<div><p>The recent upsurge in electric vehicle (EV) adoption has led to greener mobility but has also broadened the attack surface due to the increased interconnection between the entities like EV, EV charger, grid etc. We show in this paper that among these entities, the EV charger provides a possible attack surface through the available communication network. Adversaries at a minimum can disrupt the vehicular charging process known as denial of charging (DoC) attack. This attack is demonstrated on the real hardware setup of an EV charging, where we have considered the Bharat EV DC charging standard (BEVC-DC001) adopted by India which uses the controller area network (CAN) bus to communicate between EV charger and EV. The DoC attack can have significant consequences both on the electrical grid as well as individuals. The EV chargers (with connected EV) collectively serve as a large load demand, whose sudden inaccessibility would disrupt the supply–demand balance, triggering over frequency relays to either cause local or national blackout. Such a scenario is presented in this work on a microgrid (MG), in a real-time OPAL-RT environment. Not only can this attack lead to major transportation related problems but would also disrupt medical and emergency services.</p></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"46 ","pages":"Article 100693"},"PeriodicalIF":3.6,"publicationDate":"2024-06-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141415503","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}