Taiyi Zhao , Yuchun Tang , Qiming Li , Jingquan Wang
{"title":"Enhancing urban system resilience to earthquake disasters: Impact of interdependence and resource allocation","authors":"Taiyi Zhao , Yuchun Tang , Qiming Li , Jingquan Wang","doi":"10.1016/j.ijcip.2024.100673","DOIUrl":"10.1016/j.ijcip.2024.100673","url":null,"abstract":"<div><p>During the post-disaster recovery process of the urban system (US), it is critical to understand the interdependencies of critical infrastructure systems (CISs) and strategically allocate resources among them. However, due to the complexity of the problem and the limitations of the perspective, the existing research usually ignores the implicit impact of interdependence and resource allocation on urban resilience. To bridge this gap, this study establishes a multilayer network-based methodological framework to characterize various types of interdependencies between different CISs and integrate the US as a complex “system of systems”. Then, the system functionality of the US under different resource allocation strategies is quantified and optimized by resilience metrics. This proposed framework was demonstrated in a virtual US including a transportation subsystem (TS), an electric power supply subsystem (EPSS), and a community subsystem (CS) under catastrophic earthquakes. The sensitivity of urban resilience to interdependencies is investigated, and the corresponding results reveal that urban resilience is most sensitive to the interdependence between TS and EPSS. In particular, when there exists strong interdependence between the TS and EPSS, the optimal resource allocation strategy to maximize urban resilience is assigning resource allocation coefficients of 0.1, 0.8, and 0.1 for the TS, EPSS, and CS, respectively. These results can be effectively applied in future planning and investment in urban resilience.</p></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"45 ","pages":"Article 100673"},"PeriodicalIF":3.6,"publicationDate":"2024-03-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140072274","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Poornachandratejasvi Laxman Bhattar , Naran M Pindoriya , Anurag Sharma
{"title":"False data injection in distribution system: Attacker's perspective","authors":"Poornachandratejasvi Laxman Bhattar , Naran M Pindoriya , Anurag Sharma","doi":"10.1016/j.ijcip.2024.100672","DOIUrl":"10.1016/j.ijcip.2024.100672","url":null,"abstract":"<div><p>The distribution system is digitizing and occupying cyberspace with the help of information and communication technologies (ICTs). It is vulnerable to cyber-attacks like false data injection (FDI) and denial-of-services (DoS). However, limited research on cyber-attacks in the distribution system is reported in the literature, and these attacks are of serious concern to distribution system operators (DSOs). The DSO's primary challenge is to understand the attacker's perspective for FDI attack construction. Thus, the work presented in this paper aims to provide an in-depth insight for DSO to apprehend the attacker's perspective, attack flow, and the nature of the FDI attack vector. The prior knowledge of attack flow to DSO can help to protect critical infrastructures from cyber-attacks. Thus, this work comprehends the attacker's behaviour for deploying the optimal budget to disrupt the distribution system operation therein by injecting a stealthy FDI vector. The attacker is resource-constrained in terms of budget and network information. Therefore, the optimal budget for attack initiation is proposed and formulated as a multi-objective optimization problem to minimize the investment and maximize the economic loss for the DSO. Constructing the attack vectors for the attacker is challenging in the limited network information. It is complex because of network characteristics such as multi-phase configurations & an unbalanced nature, and higher resistance to reactance (<span><math><mrow><mi>r</mi><mo>/</mo><mi>x</mi></mrow></math></span>) ratio. Thus, the FDI attack vector construction is proposed based on non-linear programming optimization and sensitivity analysis considering partial information from the distribution system. The simulation results are presented and compared with available methods in the literature to validate the efficacy of the proposed methods.</p></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"45 ","pages":"Article 100672"},"PeriodicalIF":3.6,"publicationDate":"2024-03-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140083874","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"DSACR: A defense-based system with adaptive cyber resilience for industrial control systems","authors":"Yi-Wei Ma, Yi-Hao Tu, Chih-Ting Shen","doi":"10.1016/j.ijcip.2024.100662","DOIUrl":"10.1016/j.ijcip.2024.100662","url":null,"abstract":"<div><p>Industrial Control Systems (ICS) security happens often, which makes it hard for many organizations to keep a balance between operational efficiency, system efficiency, and security. A major concern is how to protect information security and make sure that ICS keep working. This study thus presents a defense-based system with adaptive cyber resilience (DSACR). DSACR will optimize the configuration with respect to the three indices of operational efficiency, performance, and security. Whenever an assault event happens, DSACR offers protective solutions depending on the threat level to optimize the security and running costs of recovering ICS. In terms of safety and operation, DSACR is superior to other approaches by 3 % and 11 %, respectively, as shown by the results of the experiments.</p></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"45 ","pages":"Article 100662"},"PeriodicalIF":3.6,"publicationDate":"2024-02-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139826085","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Hussam Tarazi, Sara Sutton, John Olinjyk, Benjamin Bond, Julian Rrushi
{"title":"A watchdog model for physics-based anomaly detection in digital substations","authors":"Hussam Tarazi, Sara Sutton, John Olinjyk, Benjamin Bond, Julian Rrushi","doi":"10.1016/j.ijcip.2024.100660","DOIUrl":"10.1016/j.ijcip.2024.100660","url":null,"abstract":"<div><p><span>The security of cyber–physical systems (CPS) presents new challenges stemming from computations that work primarily with live physics data. Although there is a body of previous research on detection of malware on CPS, more effective designs are needed to address limitations such mimicry attacks and other forms of evasive techniques. Relay algorithms in particular, such as differential and harmonic protection algorithms, are essential to protecting physical equipment such as </span>power transformers from faults. Relay algorithms, though, are often disabled, altered, or otherwise suppressed by malware.</p><p>In this paper, we first provide background on the main types of failures that may occur in an electrical power substation<span> after relay algorithms are disabled by malware. We also provide some initial insights into malware methods that involve physics-informed data manipulations, which in turn may lead to power outages and physical damage to power transformers. We then describe the design of a watchdog algorithm that is continuously on the look out for anomalies in the execution time of relay algorithms along with their associated performance counters. We implemented the watchdog approach in Python, and evaluated it empirically on emulations of differential and harmonic protection algorithms on a computing machine.</span></p></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"44 ","pages":"Article 100660"},"PeriodicalIF":3.6,"publicationDate":"2024-01-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139481770","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Jian Chen , Fei Lu , Yuanzhe Liu , Sheng Peng , Zhiming Cai , Fu Mo
{"title":"Cross trust: A decentralized MA-ABE mechanism for cross-border identity authentication","authors":"Jian Chen , Fei Lu , Yuanzhe Liu , Sheng Peng , Zhiming Cai , Fu Mo","doi":"10.1016/j.ijcip.2024.100661","DOIUrl":"10.1016/j.ijcip.2024.100661","url":null,"abstract":"<div><p>With an increasing demand for authenticated data exchange between jurisdictions, ensuring the privacy and security of data interactions is crucial for national security, public health, and economic vitality, becoming a fundamental national infrastructure. Current solutions can be categorized into two types: fully decentralized autonomous systems based on blockchains or centralized solutions that rely on authoritative centers such as certification authorities (CAs). In reality, a balance needs to be struck between guaranteed authority and privacy independence. A certain authority is needed as an authorization guarantee, and decentralization is required to ensure privacy and the independence of the authority. This paper proposes a novel scheme, CT-MA-ABE (Cross-Trust Multiple Authorization Attribute-Based Encryption), to address these issues by implementing MA-ABE for cross-border institutional authorization interactions, utilize blockchain certification authority (BCA) for credibility and encryption-based authorization to protect attribute data privacy. This solution integrates the role of 'notary' in cross-border interactions, addressing the supervision problem in fully decentralized approaches while also considering the trust issue in centralized systems. This paper also introduces the Universal Certificate Authority Pool (UCAP), an innovative hybrid federated authorization method, creatively utilizing the implied authorization conditions of attributes to create a flexible and transitive authorization mechanism based on attribute relationships and extensions, enhancing privacy protection and improving the speed of authorization matrix calculation. The successful deployment of the system between the legal jurisdictions in South China, Zhuhai and Macau as a critical infrastructure component for securing data interactions further demonstrates its effectiveness as a reliable and secure solution.</p></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"44 ","pages":"Article 100661"},"PeriodicalIF":3.6,"publicationDate":"2024-01-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139481710","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Morteza Haghshenas, Rahmat-Allah Hooshmand, Mehdi Gholipour
{"title":"A novel cost-based optimization model for electric power distribution systems resilience improvement under dust storms","authors":"Morteza Haghshenas, Rahmat-Allah Hooshmand, Mehdi Gholipour","doi":"10.1016/j.ijcip.2023.100659","DOIUrl":"10.1016/j.ijcip.2023.100659","url":null,"abstract":"<div><p>In the recent years, dust storms (DSs) pose a serious threat to critical infrastructure such as power distribution networks (PDNs). During DSs, the contamination of insulators, increases the possibility of damage to the PDNs insulation system and flashover induced power outage may occur. Power outages disrupt the performance of other urban infrastructures and, in addition to heavy financial losses, cause public dissatisfaction. Although this issue is of particular importance in areas with humid climate, a few studies have been reported on PDNs resilience improvement against DSs. This paper proposes a novel cost-based optimization model to make PDNs more resilient to DSs considering uncertainties. The proposed model is based on the two-stage stochastic mixed-integer programming (SMIP). In the first stage, decisions are made to equip repair crews (RCs) with insulator washing machines, hardening distribution lines with silicone-rubber insulators (SIs), and deploy backup distributed generators (DGs). Decisions in the second stage include network reconfiguration, RCs routing, DGs power dispatch, and load shedding as the critical options for PDN outage management during/after DSs. Case studies are evaluated in the IEEE 69-bus test system and a real 209-bus PDN in Khuzestan province, a coastal province in southwestern Iran. The simulation results at different budget levels have confirmed the efficiency of the proposed model for cost-optimal resilience enhancement planning of PDNs against DSs.</p></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"44 ","pages":"Article 100659"},"PeriodicalIF":3.6,"publicationDate":"2023-12-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139068225","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Yan Zhang, Degang Zhu, Menglin Wang, Junhan Li, Jie Zhang
{"title":"A comparative study of cyber security intrusion detection in healthcare systems","authors":"Yan Zhang, Degang Zhu, Menglin Wang, Junhan Li, Jie Zhang","doi":"10.1016/j.ijcip.2023.100658","DOIUrl":"10.1016/j.ijcip.2023.100658","url":null,"abstract":"<div><p><span><span>Due to the proliferation of network devices and the presence of sensitive information, healthcare systems have become prime targets for cyber attackers. Therefore, it is crucial to design an efficient and accurate </span>intrusion detection system<span><span> (IDS) specifically tailored for healthcare systems. In this regard, we conducted a comprehensive comparative study<span><span> on network security intrusion detection in healthcare systems. In order to tackle the challenges arising from </span>information redundancy<span> and noise in feature selection, we developed the Maximum Information Coefficient (MIC) method to effectively analyse the nonlinear relationships among traffic features. This method was utilized in a comparative analysis involving ten models on three datasets. The experiments demonstrated that the detection models using MIC-based feature selection outperformed other feature selection approaches, especially when applied to the WUSTL-EHMS-2020 dataset, which includes patients' biometric features. The MIC-enhanced </span></span></span>Extreme Gradient Boosting<span> detection model achieved remarkable results, attaining an accuracy of 95.01%, precision of 94.94%, and recall of 95.01%. These findings underscore the efficacy of our comparative study in safeguarding healthcare systems against cyber attacks<span>. Furthermore, our study highlights the importance of feature selection and the incorporation of patient biometric features in healthcare IDS. It is imperative for medical managers to consider these factors when making informed decisions regarding </span></span></span></span>cyber security measures.</p></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"44 ","pages":"Article 100658"},"PeriodicalIF":3.6,"publicationDate":"2023-12-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139027911","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Lazaros Papadopoulos , Konstantinos Demestichas , Eva Muñoz-Navarro , Juan José Hernández-Montesinos , Stephane Paul , Nicolas Museux , Sandra König , Stefan Schauer , Alfonso Climente Alarcón , Israel Perez Llopis , Tim Stelkens-Kobsch , Tamara Hadjina , Jelena Levak
{"title":"Protection of critical infrastructures from advanced combined cyber and physical threats: The PRAETORIAN approach","authors":"Lazaros Papadopoulos , Konstantinos Demestichas , Eva Muñoz-Navarro , Juan José Hernández-Montesinos , Stephane Paul , Nicolas Museux , Sandra König , Stefan Schauer , Alfonso Climente Alarcón , Israel Perez Llopis , Tim Stelkens-Kobsch , Tamara Hadjina , Jelena Levak","doi":"10.1016/j.ijcip.2023.100657","DOIUrl":"10.1016/j.ijcip.2023.100657","url":null,"abstract":"<div><p><span>This work describes the PRAETORIAN system, an advanced framework for the protection of critical infrastructures from combined physical and cyber threats. It integrates components for detecting threats and generating alerts related with the physical and the cyber domains of Critical Infrastructures (CIs). These alerts are correlated by a hybrid situation awareness system that calculates the cascading effects<span> of the attacks. Finally, a response coordination system manages notifications and assists decision making by providing mitigation actions and sharing information with the public and relevant authorities. The PRAETORIAN system was extensively validated by a large number of end users and was demonstrated in real-world environments in terms of providing support for the detection and mitigation of physical and/or </span></span>cyber attacks in CIs.</p></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"44 ","pages":"Article 100657"},"PeriodicalIF":3.6,"publicationDate":"2023-12-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139027747","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"A survey on safeguarding critical infrastructures: Attacks, AI security, and future directions","authors":"Khushi Jatinkumar Raval , Nilesh Kumar Jadav , Tejal Rathod , Sudeep Tanwar , Vrince Vimal , Nagendar Yamsani","doi":"10.1016/j.ijcip.2023.100647","DOIUrl":"10.1016/j.ijcip.2023.100647","url":null,"abstract":"<div><p><span><span>Technologies such as artificial intelligence<span><span> (AI), blockchain, and the </span>Internet of Things (IoT) have converged in driving the next wave of digital revolution. Amalgamating the aforementioned advancements with critical infrastructure (CI) can significantly help society by offering a quality of life and boosting the nation’s economy and productivity. However, the lack of cybersecurity in CI gave rise to advanced threats and vulnerabilities that hindered the aforementioned societal benefits. In this vein, the paper provides an in-depth analysis of cyber threats and risks associated with different critical infrastructures, such as the financial, agriculture, energy, and </span></span>healthcare sectors. Further, we thoroughly investigate the staggering benefits of AI and, based on it, present an exhaustive solution taxonomy to showcase the competency of AI mechanisms in confronting cyberattacks on CI. The taxonomy specifically addresses issues like data privacy, algorithmic bias, and human-AI collaboration for CI. Further, we proposed an AI-based secure data exchange framework for smart grid CI, where we attempt to secure the sensor’s data (i.e., </span>power consumption<span>, energy readings, and network data) from malicious adversaries<span>. The proposed framework is evaluated using statistical measures, such as accuracy, training time, and receiver operating characteristic (ROC) curve, and anomaly detection. Further, the paper examines the research challenges that still adhere to the critical systems and require stringent AI-based mechanisms to tackle them.</span></span></p></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"44 ","pages":"Article 100647"},"PeriodicalIF":3.6,"publicationDate":"2023-12-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138575674","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Chance-constrained vulnerability assessment of smart water distribution systems against stealthy false data injection attacks","authors":"Nazia Raza, Faegheh Moazeni","doi":"10.1016/j.ijcip.2023.100645","DOIUrl":"10.1016/j.ijcip.2023.100645","url":null,"abstract":"<div><p><span>Smart water distribution systems (SWDSs) have not only enhanced the monitoring and control of the entire water infrastructure but have also jeopardized its security and resilience. The state-of-the-art examined the uncertainties in the water supply network to obtain optimal design parameters to ensure hydraulic integrity. However, the investigations of uncertainties in SWDSs from the cybersecurity perspective remain unexplored. To address this limitation, this paper utilizes a robust chance-constrained optimization strategy to scrutinize the vulnerable location of SWDSs against False Data Injection (FDI) attacks. This is achieved by factoring in the probabilistic behavior of water demand at junctions that can potentially facilitate stealthy FDI attacks on the hourly measurements of the pump’s flow rate. The </span>proposed nonlinear model<span> is validated with several case studies reflecting the real-world cyberattack consequences including cutoff water supply of the network, enhanced power consumption<span> of the pump, and the undesirable pressure surge in the system at strategic locations of SWDSs. As a result of the studied cases, the cyberattack consequences on the entire water supply network are obtained while highlighting the threat-prone regions of the network. This paper contributes to embedding additional security layers to the existing water infrastructure at the vulnerable links and junctions.</span></span></p></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"44 ","pages":"Article 100645"},"PeriodicalIF":3.6,"publicationDate":"2023-12-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138493157","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}