5G对相互依存的智能关键基础设施系统的网络物理风险的影响

IF 4.1 3区工程技术 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

International Journal of Critical Infrastructure Protection Pub Date : 2023-09-01 DOI:10.1016/j.ijcip.2023.100617

Paola Vargas, Iris Tien

{"title":"5G对相互依存的智能关键基础设施系统的网络物理风险的影响","authors":"Paola Vargas, Iris Tien","doi":"10.1016/j.ijcip.2023.100617","DOIUrl":null,"url":null,"abstract":"<div><p>5 G technology promises a wide range of benefits for critical infrastructure (CI), including improved reliability, increased efficiency, cost savings, and increased worker safety. However, it also brings many new risks that CI owners and operators must be prepared for to facilitate effective risk mitigation and response. These risks, however, have not been systematically assessed for CI systems. This paper investigates how the cyber-physical risk landscape will be impacted by 5 G for four major CI sectors in detail: smart transportation, smart water, smart power, and smart oil and gas networks. Compared to prior work only examining a single CI network, the authors present a comprehensive assessment of the types of threats that these sectors can expect based on past incidents, the new vulnerabilities introduced by 5 G and existing vulnerabilities exacerbated by the introduction of more connected devices, along with mitigation recommendations for each risk. Risks associated with the rollout of and transition to 5 G, risks from 5 G network disruptions, cyberattack risks, and privacy risks are included. While each of the sectors has a unique risk profile, general themes also emerged across multiple CI networks. Notably, there will be an increased number of threat vectors from smart devices reliant on the telecommunications network to provide monitoring and control of infrastructure services. Because many of these devices are accessible by the public, the risk of social engineering attacks and vulnerability to physical hacking are exacerbated. Successful risk mitigation requires collaboration among CI's many stakeholders to implement security measures at the interfaces between connected devices to limit the access to assets in case one security measure is successfully bypassed. Due to the increased interdependencies between CI networks, operators must create backup plans to keep the most essential services running on a smaller bandwidth in case of a 5 G outage or similar failure. As 5 G capabilities continue to develop and the risk landscape evolves, ongoing research is needed and CI owners and operators should be prepared to update security measures to remain ahead of identified risks and threats.</p></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"42 ","pages":"Article 100617"},"PeriodicalIF":4.1000,"publicationDate":"2023-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Impacts of 5G on cyber-physical risks for interdependent connected smart critical infrastructure systems\",\"authors\":\"Paola Vargas, Iris Tien\",\"doi\":\"10.1016/j.ijcip.2023.100617\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><p>5 G technology promises a wide range of benefits for critical infrastructure (CI), including improved reliability, increased efficiency, cost savings, and increased worker safety. However, it also brings many new risks that CI owners and operators must be prepared for to facilitate effective risk mitigation and response. These risks, however, have not been systematically assessed for CI systems. This paper investigates how the cyber-physical risk landscape will be impacted by 5 G for four major CI sectors in detail: smart transportation, smart water, smart power, and smart oil and gas networks. Compared to prior work only examining a single CI network, the authors present a comprehensive assessment of the types of threats that these sectors can expect based on past incidents, the new vulnerabilities introduced by 5 G and existing vulnerabilities exacerbated by the introduction of more connected devices, along with mitigation recommendations for each risk. Risks associated with the rollout of and transition to 5 G, risks from 5 G network disruptions, cyberattack risks, and privacy risks are included. While each of the sectors has a unique risk profile, general themes also emerged across multiple CI networks. Notably, there will be an increased number of threat vectors from smart devices reliant on the telecommunications network to provide monitoring and control of infrastructure services. Because many of these devices are accessible by the public, the risk of social engineering attacks and vulnerability to physical hacking are exacerbated. Successful risk mitigation requires collaboration among CI's many stakeholders to implement security measures at the interfaces between connected devices to limit the access to assets in case one security measure is successfully bypassed. Due to the increased interdependencies between CI networks, operators must create backup plans to keep the most essential services running on a smaller bandwidth in case of a 5 G outage or similar failure. As 5 G capabilities continue to develop and the risk landscape evolves, ongoing research is needed and CI owners and operators should be prepared to update security measures to remain ahead of identified risks and threats.</p></div>\",\"PeriodicalId\":49057,\"journal\":{\"name\":\"International Journal of Critical Infrastructure Protection\",\"volume\":\"42 \",\"pages\":\"Article 100617\"},\"PeriodicalIF\":4.1000,\"publicationDate\":\"2023-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Journal of Critical Infrastructure Protection\",\"FirstCategoryId\":\"5\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S1874548223000306\",\"RegionNum\":3,\"RegionCategory\":\"工程技术\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Critical Infrastructure Protection","FirstCategoryId":"5","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1874548223000306","RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

5G技术为关键基础设施（CI）带来了广泛的好处，包括提高可靠性、提高效率、节省成本和提高工人安全性。然而，它也带来了许多新的风险，CI所有者和运营商必须做好准备，以促进有效的风险缓解和应对。然而，尚未对CI系统的这些风险进行系统评估。本文详细研究了5G将如何影响四个主要CI部门的网络物理风险格局：智能交通、智能水务、智能电力和智能油气网络。与之前只检查单个CI网络的工作相比，作者根据过去的事件、5G引入的新漏洞和因引入更多连接设备而加剧的现有漏洞，对这些部门可能面临的威胁类型进行了全面评估，并对每种风险提出了缓解建议。包括与5G的推出和过渡相关的风险、5G网络中断的风险、网络攻击风险和隐私风险。虽然每个行业都有独特的风险状况，但多个CI网络也出现了一般性主题。值得注意的是，依赖电信网络提供基础设施服务监控的智能设备的威胁载体数量将增加。由于这些设备中的许多都是公众可以访问的，因此社会工程攻击的风险和物理黑客攻击的脆弱性加剧了。成功的风险缓解需要CI的许多利益相关者之间的合作，在连接设备之间的接口上实施安全措施，以在成功绕过一项安全措施的情况下限制对资产的访问。由于CI网络之间的相互依赖性增加，运营商必须制定备份计划，以在5G中断或类似故障的情况下，保持最重要的服务在较小的带宽上运行。随着5G能力的不断发展和风险格局的演变，需要进行持续的研究，CI所有者和运营商应准备好更新安全措施，以领先于已识别的风险和威胁。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Impacts of 5G on cyber-physical risks for interdependent connected smart critical infrastructure systems

5 G technology promises a wide range of benefits for critical infrastructure (CI), including improved reliability, increased efficiency, cost savings, and increased worker safety. However, it also brings many new risks that CI owners and operators must be prepared for to facilitate effective risk mitigation and response. These risks, however, have not been systematically assessed for CI systems. This paper investigates how the cyber-physical risk landscape will be impacted by 5 G for four major CI sectors in detail: smart transportation, smart water, smart power, and smart oil and gas networks. Compared to prior work only examining a single CI network, the authors present a comprehensive assessment of the types of threats that these sectors can expect based on past incidents, the new vulnerabilities introduced by 5 G and existing vulnerabilities exacerbated by the introduction of more connected devices, along with mitigation recommendations for each risk. Risks associated with the rollout of and transition to 5 G, risks from 5 G network disruptions, cyberattack risks, and privacy risks are included. While each of the sectors has a unique risk profile, general themes also emerged across multiple CI networks. Notably, there will be an increased number of threat vectors from smart devices reliant on the telecommunications network to provide monitoring and control of infrastructure services. Because many of these devices are accessible by the public, the risk of social engineering attacks and vulnerability to physical hacking are exacerbated. Successful risk mitigation requires collaboration among CI's many stakeholders to implement security measures at the interfaces between connected devices to limit the access to assets in case one security measure is successfully bypassed. Due to the increased interdependencies between CI networks, operators must create backup plans to keep the most essential services running on a smaller bandwidth in case of a 5 G outage or similar failure. As 5 G capabilities continue to develop and the risk landscape evolves, ongoing research is needed and CI owners and operators should be prepared to update security measures to remain ahead of identified risks and threats.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

International Journal of Critical Infrastructure Protection COMPUTER SCIENCE, INFORMATION SYSTEMS-ENGINEERING, MULTIDISCIPLINARY

CiteScore

8.90

自引率

5.60%

发文量

审稿时长

>12 weeks

期刊介绍： The International Journal of Critical Infrastructure Protection (IJCIP) was launched in 2008, with the primary aim of publishing scholarly papers of the highest quality in all areas of critical infrastructure protection. Of particular interest are articles that weave science, technology, law and policy to craft sophisticated yet practical solutions for securing assets in the various critical infrastructure sectors. These critical infrastructure sectors include: information technology, telecommunications, energy, banking and finance, transportation systems, chemicals, critical manufacturing, agriculture and food, defense industrial base, public health and health care, national monuments and icons, drinking water and water treatment systems, commercial facilities, dams, emergency services, nuclear reactors, materials and waste, postal and shipping, and government facilities. Protecting and ensuring the continuity of operation of critical infrastructure assets are vital to national security, public health and safety, economic vitality, and societal wellbeing. The scope of the journal includes, but is not limited to: 1. Analysis of security challenges that are unique or common to the various infrastructure sectors. 2. Identification of core security principles and techniques that can be applied to critical infrastructure protection. 3. Elucidation of the dependencies and interdependencies existing between infrastructure sectors and techniques for mitigating the devastating effects of cascading failures. 4. Creation of sophisticated, yet practical, solutions, for critical infrastructure protection that involve mathematical, scientific and engineering techniques, economic and social science methods, and/or legal and public policy constructs.