International Journal of Critical Infrastructure Protection最新文献_第7页

Ensuring the longevity of WirelessHART devices in industrial automation and control systems using distinct native attribute fingerprinting 使用独特的本地属性指纹，确保工业自动化和控制系统中WirelessHART设备的使用寿命

IF 3.6 3区工程技术

International Journal of Critical Infrastructure Protection Pub Date : 2023-12-01 DOI: 10.1016/j.ijcip.2023.100641

Matthew J. Maier , Hunter S. Hayden , Michael A. Temple , Matthew C. Fickus

{"title":"Ensuring the longevity of WirelessHART devices in industrial automation and control systems using distinct native attribute fingerprinting","authors":"Matthew J. Maier , Hunter S. Hayden , Michael A. Temple , Matthew C. Fickus","doi":"10.1016/j.ijcip.2023.100641","DOIUrl":"https://doi.org/10.1016/j.ijcip.2023.100641","url":null,"abstract":"<div><p><span>Distinct native attribute fingerprinting is considered as a means to ensure the longevity of WirelessHART communication devices used in industrial automation and control systems. The aim is for these devices to reach full life expectancy using a technical cradle-to-grave lifecycle protection strategy. The protection addressed here includes pre-deployment near-cradle counterfeit device detection using active fingerprinting<span> and operational mid-life rogue device detection using passive fingerprinting. The counterfeit and rogue device detection rates are estimated for 56 five-class </span></span>multiple discriminant analysis<span> models. Detection demonstrations include using three non-modeled devices to complete a total of 3 × 5 × 56 = 840 individual rogue and counterfeit device identity (ID) verification demonstrations. The device ID verification process uses binary accept/reject decisions with false positive outcomes used to estimate rogue and counterfeit device detection rates. For device ID verification using active fingerprints, the demonstrated counterfeit detection rate approached 99 % using only 15-of-99 available features—an approximate 85 % dimensional-reduction. Device ID verification using passive fingerprints was more challenging and the rogue detection rate approached 94 % using 120-of-243 available features—an approximate 50 % dimensional-reduction.. Collectively, the dimensionally-reduced implementations support efficiency improvement objectives required for providing near-cradle counterfeit device and mid-life operational rogue device detection in critical industrial automation and control systems.</span></p></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"43 ","pages":"Article 100641"},"PeriodicalIF":3.6,"publicationDate":"2023-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138501770","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Need for intensive care? A socio-technical systems perspective on water supply failure preparedness in German health care facilities 需要重症监护?社会技术系统的角度对供水失败的准备在德国卫生保健设施

IF 3.6 3区工程技术

International Journal of Critical Infrastructure Protection Pub Date : 2023-11-27 DOI: 10.1016/j.ijcip.2023.100644

Christine Heinzel, Sophie van der Heijden, Aljoscha Mayer, Nathalie Sänger, Simone Sandholz

{"title":"Need for intensive care? A socio-technical systems perspective on water supply failure preparedness in German health care facilities","authors":"Christine Heinzel, Sophie van der Heijden, Aljoscha Mayer, Nathalie Sänger, Simone Sandholz","doi":"10.1016/j.ijcip.2023.100644","DOIUrl":"https://doi.org/10.1016/j.ijcip.2023.100644","url":null,"abstract":"<div><p>Health care facilities play a crucial role in the well-being of society. They are heavily dependent on other critical infrastructures including water supply for their daily operations and failure of water supply can have severe consequences. However, health care facilities are often underprepared for this scenario. The study investigates the emergency preparedness of German health care facilities to water supply failures, utilizing a socio-technical system approach. Data from interviews with experts and a survey among German hospitals were evaluated to determine the social and technical preparedness measures, in order to identify barriers and potential approaches for solutions. The findings show that there are still many gaps and needs for improvement. In particular, the social components of emergency preparedness are often given insufficient attention, with a lack of awareness about vulnerabilities to water failures being a shortcoming. The results were used to develop a framework linking social and technical components of critical infrastructure systems. The framework demonstrates that although the technical infrastructure components form the basis of preparedness, preparedness levels depend on the functioning of social infrastructure. The results underline the necessity of understanding the interlinkages between social and technical components, which can help identify potential vulnerabilities to infrastructure failures and risks. The study highlights the urgent need to comprehend health care facilities as socio-technical systems.</p></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"44 ","pages":"Article 100644"},"PeriodicalIF":3.6,"publicationDate":"2023-11-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S1874548223000574/pdfft?md5=2e00abbc51028cb953a39bf3ca556a68&pid=1-s2.0-S1874548223000574-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138484492","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

An exploratory analysis of the last frontier: A systematic literature review of cybersecurity in space 最后前沿的探索性分析:空间网络安全的系统文献综述

IF 3.6 3区工程技术

International Journal of Critical Infrastructure Protection Pub Date : 2023-11-23 DOI: 10.1016/j.ijcip.2023.100640

Georgios Kavallieratos, Sokratis Katsikas

引用次数: 0

A systematic co-engineering of safety and security analysis in requirements engineering process 需求工程过程中安全性与安全性分析的系统协同工程

IF 3.6 3区工程技术

International Journal of Critical Infrastructure Protection Pub Date : 2023-11-18 DOI: 10.1016/j.ijcip.2023.100642

Sejin Jung , Junbeom Yoo , Sam Malek

{"title":"A systematic co-engineering of safety and security analysis in requirements engineering process","authors":"Sejin Jung , Junbeom Yoo , Sam Malek","doi":"10.1016/j.ijcip.2023.100642","DOIUrl":"https://doi.org/10.1016/j.ijcip.2023.100642","url":null,"abstract":"<div><p><span>Co-engineering safety and security is increasingly important in safety-critical systems as more diverse interacting functions are implemented in software. Many studies have tried to perform safety and security analyses in unified or in parallel. While the unified approach requires more complex analysis with new delicate methods, the parallel needs further improvement on additional integration activity for harmonizing safety and security analyses results. This paper tries to improve the harmonization activity seamlessly and systematically in typical requirements engineering<span> process for safety-critical systems. It encompasses both requirements elicitation and analysis as well as safety and security analyses, regardless of which analysis techniques are used. The paper suggests performing an appropriate safety analysis first to derive safety requirements as summary information. It then performs goal-tree analysis to refine the high-level safety requirements into lower-level ones, from which any security analysis can work on to derive security requirements. Another goal-tree analysis then tries to refine the high-level security requirements into specific functional ones too, and it ends the analysis activity in a cycle of requirements engineering process. The sequence of safety analysis, goal-tree refinement, security analysis and another goal-tree refinement is seamlessly iterated in the process of requirements engineering, where any conflict of requirements will have an opportunity to be resolved. Our case study of a simplified </span></span>UAV example uses STPA and STRIDE techniques for safety and security analysis respectively, and shows that the proposed approach is fully applicable up to industrial cases.</p></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"43 ","pages":"Article 100642"},"PeriodicalIF":3.6,"publicationDate":"2023-11-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138413640","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Measurement protection to prevent cyber–physical attacks against power system State Estimation 测量保护，防止网络物理攻击对电力系统的状态估计

IF 3.6 3区工程技术

International Journal of Critical Infrastructure Protection Pub Date : 2023-11-18 DOI: 10.1016/j.ijcip.2023.100643

Harag Margossian, Ronald Kfouri, Rita Saliba

{"title":"Measurement protection to prevent cyber–physical attacks against power system State Estimation","authors":"Harag Margossian, Ronald Kfouri, Rita Saliba","doi":"10.1016/j.ijcip.2023.100643","DOIUrl":"https://doi.org/10.1016/j.ijcip.2023.100643","url":null,"abstract":"<div><p><span><span><span>Smart applications supporting modern power systems<span> are susceptible to cyber–physical attacks, particularly False Data Injection attacks that manipulate the input measurements of State Estimation (SE) compromising its output states. This paper proposes an </span></span>Integer Linear Programming formulation that protects an optimal number </span>of measurement units to prevent cyber–physical attacks, enhancing the robustness of SE. Our approach exhibits low complexity, applies to both linear and nonlinear SE, and converges rapidly toward the optimal solution. The formulation requires information about the </span>grid topology and measurement distribution but does not depend on the power flow equations. Also, the generalized formulation can be customized to consider distinct protection costs for all measurement types, various priorities for different measurements, and a range of measurements and pseudo-measurements. Simulations are performed on the widely used IEEE 14 and 118-bus systems to verify the approach for linear and nonlinear SE and illustrate its practicality.</p></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"43 ","pages":"Article 100643"},"PeriodicalIF":3.6,"publicationDate":"2023-11-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138390757","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Modeling and assessing seismic resilience leveraging systems dynamic approach: A case study of society 5.0 利用系统动态方法建模和评估地震恢复力:社会5.0的案例研究

IF 3.6 3区工程技术

International Journal of Critical Infrastructure Protection Pub Date : 2023-10-30 DOI: 10.1016/j.ijcip.2023.100639

Shohreh Moradi , Md Muzahid Khan , Niamat Ullah Ibne Hossain , Mohammad Shamsuddoha , Alex Gorod

{"title":"Modeling and assessing seismic resilience leveraging systems dynamic approach: A case study of society 5.0","authors":"Shohreh Moradi , Md Muzahid Khan , Niamat Ullah Ibne Hossain , Mohammad Shamsuddoha , Alex Gorod","doi":"10.1016/j.ijcip.2023.100639","DOIUrl":"https://doi.org/10.1016/j.ijcip.2023.100639","url":null,"abstract":"<div><p>Society 5.0 is a transformation strategy centered on integrating digital technologies unveiled by the Japanese government to create a human-centric society for economic development and mitigate sustainability issues. Since societies are constantly exposed to various natural disasters like earthquakes, many precautions must be taken both before and after a disaster to minimize the damage. Seismic resilience is one of the practical assessments that may be taken in this regard. Quantifying the functionality of seismic resilience requires a systematic examination of the relevant components and their functional impact. We present a framework based on fragility, consequence and recoverability stages for evaluating the impact of a component on its functionality for earthquake events. Within this study, we introduce a novel set of indicators, which are derived from the key variables impacted by earthquakes, including hospitals, grids, and infrastructures. To that end, we have developed a system dynamics<span> (SD) model to assess earthquake resilience in the context of Society 5.0, considering three earthquake magnitudes (7, 8, and 9 Mw) to simulate societal seismic resilience. We also perform sensitivity analysis to validate the outcomes of the policy simulations. Our findings affirm that by scrutinizing the seismic resilience of critical infrastructure and proposing relevant policies, it is possible to minimize disaster-related damage. This represents a pragmatic step forward in the field of disaster risk management.</span></p></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"43 ","pages":"Article 100639"},"PeriodicalIF":3.6,"publicationDate":"2023-10-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"91964464","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Dynamic predictive analysis of the consequences of gas pipeline failures using a Bayesian network 天然气管道故障后果的贝叶斯网络动态预测分析

IF 3.6 3区工程技术

International Journal of Critical Infrastructure Protection Pub Date : 2023-10-24 DOI: 10.1016/j.ijcip.2023.100638

Armin Aalirezaei , Dr. Golam Kabir , Md Saiful Arif Khan

{"title":"Dynamic predictive analysis of the consequences of gas pipeline failures using a Bayesian network","authors":"Armin Aalirezaei , Dr. Golam Kabir , Md Saiful Arif Khan","doi":"10.1016/j.ijcip.2023.100638","DOIUrl":"https://doi.org/10.1016/j.ijcip.2023.100638","url":null,"abstract":"<div><p>Modern natural gas pipeline failures constitute devastating disasters, as they can result in cascading secondary crises. Therefore, reduction of buried gas pipeline's reliability, has become a major concern among stakeholders and researchers in recent years. This study employs a dynamic Bayesian network to investigate the consequences of natural gas pipeline failures. We consider seven parent nodes—age, diameter, length, depth, population, time of occurrence, and land use—and twelve consequence factors to analyze the overall losses stemming from pipeline failure. The proposed model can handle both static and dynamic systems using quantitative and/or qualitative data. To demonstrate the applicability and effectiveness of our developed model, we analyze the gas pipeline network of Regina in Saskatchewan, Canada. The results show that age and diameter are the two most important and sensitive parameters. The developed Bayesian network model will aid decision-makers in effectively managing and improving the reliability of their assets.</p></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"43 ","pages":"Article 100638"},"PeriodicalIF":3.6,"publicationDate":"2023-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"91964469","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Russian-Ukraine armed conflict: Lessons learned on the digital ecosystem 俄乌武装冲突:数字生态系统的经验教训

IF 3.6 3区工程技术

International Journal of Critical Infrastructure Protection Pub Date : 2023-10-12 DOI: 10.1016/j.ijcip.2023.100637

Itzhak Aviv , Uri Ferri

{"title":"Russian-Ukraine armed conflict: Lessons learned on the digital ecosystem","authors":"Itzhak Aviv , Uri Ferri","doi":"10.1016/j.ijcip.2023.100637","DOIUrl":"https://doi.org/10.1016/j.ijcip.2023.100637","url":null,"abstract":"<div><p>Since February 2022, the Russian-Ukrainian armed conflict significantly impacted the digital landscape. This study examines the conflict's impacts on the local and global digital ecosystem. Using grey literature, we analyzed English-language data sources primarily published between November 2022 and April 2023, which were based on data sources from the commencement of the conflict to the publication date. The investigation reveals insights into four categories: cyber and kinetic warfare, telecommunications, IT and cloud computing, digital geopolitics and resilience. The main insight in cyber warfare is that cyber attacks on Ukraine's digital infrastructure were only partially effective despite the massive involvement of cybercrime groups implementing adaptive wiping and DDoS attacks on behalf of national interests. The cyber defense success resulted from the allies' support for Ukraine and a well-established and implemented national cybersecurity strategy. Kinetic attacks against data centers have accelerated the migration of data and applications to cloud computing. The most incredible legacy of the current conflict is the positive paradigm shift in the cloud's security and privacy capabilities for sensitive systems' continuous operation as an alternative to system disability in locally destroyed data centers. The third insight reveals Telecom's reliance on satellite network suppliers and mobile power equipment, such as High-Capacity batteries, which are in shortage worldwide. Digital geopolitics alters the paradigms of digital resilience. Global tech companies assume the role of digital nations and superpowers while taking sides. During the conflict, we observe for the first time in practice the digital blockade by global techies of one side of the conflict and the digital support of the other, thereby shaping paradigms regarding digital sovereignty as digital resilience.</p></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"43 ","pages":"Article 100637"},"PeriodicalIF":3.6,"publicationDate":"2023-10-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"91964468","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Protocol study and anomaly detection for server-driven traffic in SCADA networks SCADA网络中服务器驱动流量的协议研究与异常检测

IF 3.6 3区工程技术

International Journal of Critical Infrastructure Protection Pub Date : 2023-09-01 DOI: 10.1016/j.ijcip.2023.100612

Chih-Yuan Lin, S. Nadjm-Tehrani

引用次数: 1

Impacts of 5G on cyber-physical risks for interdependent connected smart critical infrastructure systems 5G对相互关联的智能关键基础设施系统网络物理风险的影响

IF 3.6 3区工程技术

International Journal of Critical Infrastructure Protection Pub Date : 2023-09-01 DOI: 10.1016/j.ijcip.2023.100617

Paola Vargas, I. Tien

引用次数: 0