As attack techniques evolve and data volumes increase,the integration of artificial intelligence-based security solutions into industrial control systems has become increasingly essential.Artificial intelligence holds...As attack techniques evolve and data volumes increase,the integration of artificial intelligence-based security solutions into industrial control systems has become increasingly essential.Artificial intelligence holds significant potential to improve the operational efficiency and cybersecurity of these systems.However,its dependence on cyber-based infrastructures expands the attack surface and introduces the risk that adversarial manipulations of artificial intelligence models may cause physical harm.To address these concerns,this study presents a comprehensive review of artificial intelligence-driven threat detection methods and adversarial attacks targeting artificial intelligence within industrial control environments,examining both their benefits and associated risks.A systematic literature review was conducted across major scientific databases,including IEEE,Elsevier,Springer Nature,ACM,MDPI,and Wiley,covering peer-reviewed journal and conference papers published between 2017 and 2026.Studies were selected based on predefined inclusion and exclusion criteria following a structured screening process.Based on an analysis of 101 selected studies,this survey categorizes artificial intelligence-based threat detection approaches across the physical,control,and application layers of industrial control systems and examines poisoning,evasion,and extraction attacks targeting industrial artificial intelligence.The findings identify key research trends,highlight unresolved security challenges,and discuss implications for the secure deployment of artificial intelligence-enabled cybersecurity solutions in industrial control systems.展开更多
The increasing number of interconnected devices and the incorporation of smart technology into contemporary healthcare systems have significantly raised the attack surface of cyber threats.The early detection of threa...The increasing number of interconnected devices and the incorporation of smart technology into contemporary healthcare systems have significantly raised the attack surface of cyber threats.The early detection of threats is both necessary and complex,yet these interconnected healthcare settings generate enormous amounts of heterogeneous data.Traditional Intrusion Detection Systems(IDS),which are generally centralized and machine learning-based,often fail to address the rapidly changing nature of cyberattacks and are challenged by ethical concerns related to patient data privacy.Moreover,traditional AI-driven IDS usually face challenges in handling large-scale,heterogeneous healthcare data while ensuring data privacy and operational efficiency.To address these issues,emerging technologies such as Big Data Analytics(BDA)and Federated Learning(FL)provide a hybrid framework for scalable,adaptive intrusion detection in IoT-driven healthcare systems.Big data techniques enable processing large-scale,highdimensional healthcare data,and FL can be used to train a model in a decentralized manner without transferring raw data,thereby maintaining privacy between institutions.This research proposes a privacy-preserving Federated Learning–based model that efficiently detects cyber threats in connected healthcare systems while ensuring distributed big data processing,privacy,and compliance with ethical regulations.To strengthen the reliability of the reported findings,the resultswere validated using cross-dataset testing and 95%confidence intervals derived frombootstrap analysis,confirming consistent performance across heterogeneous healthcare data distributions.This solution takes a significant step toward securing next-generation healthcare infrastructure by combining scalability,privacy,adaptability,and earlydetection capabilities.The proposed global model achieves a test accuracy of 99.93%±0.03(95%CI)and amiss-rate of only 0.07%±0.02,representing state-of-the-art performance in privacy-preserving intrusion detection.The proposed FL-driven IDS framework offers an efficient,privacy-preserving,and scalable solution for securing next-generation healthcare infrastructures by combining adaptability,early detection,and ethical data management.展开更多
This review examines human vulnerabilities in cybersecurity within Microfinance Institutions, analyzing their impact on organizational resilience. Focusing on social engineering, inadequate security training, and weak...This review examines human vulnerabilities in cybersecurity within Microfinance Institutions, analyzing their impact on organizational resilience. Focusing on social engineering, inadequate security training, and weak internal protocols, the study identifies key vulnerabilities exacerbating cyber threats to MFIs. A literature review using databases like IEEE Xplore and Google Scholar focused on studies from 2019 to 2023 addressing human factors in cybersecurity specific to MFIs. Analysis of 57 studies reveals that phishing and insider threats are predominant, with a 20% annual increase in phishing attempts. Employee susceptibility to these attacks is heightened by insufficient training, with entry-level employees showing the highest vulnerability rates. Further, only 35% of MFIs offer regular cybersecurity training, significantly impacting incident reduction. This paper recommends enhanced training frequency, robust internal controls, and a cybersecurity-aware culture to mitigate human-induced cyber risks in MFIs.展开更多
This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends t...This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends that they are not the same. The concept of cyber security is explored, which goes beyond protecting information resources to include a wider variety of assets, including people [1]. Protecting information assets is the main goal of traditional information security, with consideration to the human element and how people fit into the security process. On the other hand, cyber security adds a new level of complexity, as people might unintentionally contribute to or become targets of cyberattacks. This aspect presents moral questions since it is becoming more widely accepted that society has a duty to protect weaker members of society, including children [1]. The study emphasizes how important cyber security is on a larger scale, with many countries creating plans and laws to counteract cyberattacks. Nevertheless, a lot of these sources frequently neglect to define the differences or the relationship between information security and cyber security [1]. The paper focus on differentiating between cybersecurity and information security on a larger scale. The study also highlights other areas of cybersecurity which includes defending people, social norms, and vital infrastructure from threats that arise from online in addition to information and technology protection. It contends that ethical issues and the human factor are becoming more and more important in protecting assets in the digital age, and that cyber security is a paradigm shift in this regard [1].展开更多
Cyber-Physical Systems integrated with information technologies introduce vulnerabilities that extend beyond traditional cyber threats.Attackers can non-invasively manipulate sensors and spoof controllers,which in tur...Cyber-Physical Systems integrated with information technologies introduce vulnerabilities that extend beyond traditional cyber threats.Attackers can non-invasively manipulate sensors and spoof controllers,which in turn increases the autonomy of the system.Even though the focus on protecting against sensor attacks increases,there is still uncertainty about the optimal timing for attack detection.Existing systems often struggle to manage the trade-off between latency and false alarm rate,leading to inefficiencies in real-time anomaly detection.This paper presents a framework designed to monitor,predict,and control dynamic systems with a particular emphasis on detecting and adapting to changes,including anomalies such as“drift”and“attack”.The proposed algorithm integrates a Transformer-based Attention Generative Adversarial Residual model,which combines the strengths of generative adversarial networks,residual networks,and attention algorithms.The system operates in two phases:offline and online.During the offline phase,the proposed model is trained to learn complex patterns,enabling robust anomaly detection.The online phase applies a trained model,where the drift adapter adjusts the model to handle data changes,and the attack detector identifies deviations by comparing predicted and actual values.Based on the output of the attack detector,the controller makes decisions then the actuator executes suitable actions.Finally,the experimental findings show that the proposed model balances detection accuracy of 99.25%,precision of 98.84%,sensitivity of 99.10%,specificity of 98.81%,and an F1-score of 98.96%,thus provides an effective solution for dynamic and safety-critical environments.展开更多
This paper introduces the Integrated Security Embedded Resilience Architecture (ISERA) as an advanced resilience mechanism for Industrial Control Systems (ICS) and Operational Technology (OT) environments. The ISERA f...This paper introduces the Integrated Security Embedded Resilience Architecture (ISERA) as an advanced resilience mechanism for Industrial Control Systems (ICS) and Operational Technology (OT) environments. The ISERA framework integrates security by design principles, micro-segmentation, and Island Mode Operation (IMO) to enhance cyber resilience and ensure continuous, secure operations. The methodology deploys a Forward-Thinking Architecture Strategy (FTAS) algorithm, which utilises an industrial Intrusion Detection System (IDS) implemented with Python’s Network Intrusion Detection System (NIDS) library. The FTAS algorithm successfully identified and responded to cyber-attacks, ensuring minimal system disruption. ISERA has been validated through comprehensive testing scenarios simulating Denial of Service (DoS) attacks and malware intrusions, at both the IT and OT layers where it successfully mitigates the impact of malicious activity. Results demonstrate ISERA’s efficacy in real-time threat detection, containment, and incident response, thus ensuring the integrity and reliability of critical infrastructure systems. ISERA’s decentralised approach contributes to global net zero goals by optimising resource use and minimising environmental impact. By adopting a decentralised control architecture and leveraging virtualisation, ISERA significantly enhances the cyber resilience and sustainability of critical infrastructure systems. This approach not only strengthens defences against evolving cyber threats but also optimises resource allocation, reducing the system’s carbon footprint. As a result, ISERA ensures the uninterrupted operation of essential services while contributing to broader net zero goals.展开更多
Cyber Defense is becoming a major issue for every organization to keep business continuity intact.The presented paper explores the effectiveness of a meta-heuristic optimization algorithm-Artificial Bees Colony Algori...Cyber Defense is becoming a major issue for every organization to keep business continuity intact.The presented paper explores the effectiveness of a meta-heuristic optimization algorithm-Artificial Bees Colony Algorithm(ABC)as an Nature Inspired Cyber Security mechanism to achieve adaptive defense.It experiments on the Denial-Of-Service attack scenarios which involves limiting the traffic flow for each node.Businesses today have adapted their service distribution models to include the use of the Internet,allowing them to effectively manage and interact with their customer data.This shift has created an increased reliance on online services to store vast amounts of confidential customer data,meaning any disruption or outage of these services could be disastrous for the business,leaving them without the knowledge to serve their customers.Adversaries can exploit such an event to gain unauthorized access to the confidential data of the customers.The proposed algorithm utilizes an Adaptive Defense approach to continuously select nodes that could present characteristics of a probable malicious entity.For any changes in network parameters,the cluster of nodes is selected in the prepared solution set as a probable malicious node and the traffic rate with the ratio of packet delivery is managed with respect to the properties of normal nodes to deliver a disaster recovery plan for potential businesses.展开更多
The current global cybersecurity landscape, characterized by the increasing scale and sophistication of cyberattacks, underscores the importance of integrating Cyber Threat Intelligence (CTI) into Land Administration ...The current global cybersecurity landscape, characterized by the increasing scale and sophistication of cyberattacks, underscores the importance of integrating Cyber Threat Intelligence (CTI) into Land Administration Systems (LAS). LAS services involve requests and responses concerning public and private cadastral data, including credentials of parties, ownership, and spatial parcels. This study explores the integration of CTI in LAS to enhance cyber resilience, focusing on the unique vulnerabilities of LAS, such as sensitive data management and interconnection with other critical systems related to spatial data uses and changes. The approach employs a case study of a typical country-specific LAS to analyse structured vulnerabilities and their attributes to determine the degree of vulnerability of LAS through a quantitative inductive approach. The analysis results indicate significant improvements in identifying and mitigating potential threats through CTI integration, thus enhancing cyber resilience. These findings are crucial for policymakers and practitioners to develop robust cybersecurity strategies for LAS.展开更多
Given the unique challenges facing the railway industry, cybersecurity is a crucial issue that must be addressed proactively. This paper aims to provide a systematic review of cybersecurity threats that could impact t...Given the unique challenges facing the railway industry, cybersecurity is a crucial issue that must be addressed proactively. This paper aims to provide a systematic review of cybersecurity threats that could impact the safety and operations of rolling stock, the privacy and security of passengers and employees, and the public in general. The systematic literature review revealed that cyber threats to the railway industry can take many forms, including attacks on operational technology systems, data breaches, theft of sensitive information, and disruptions to train services. The consequences of these threats can be severe, leading to operational disruptions, financial losses, and loss of public trust in the railway system. To address these threats, railway organizations must adopt a proactive approach to security and implement robust cybersecurity measures tailored to the industry’s specific needs and challenges. This includes regular testing of systems for vulnerabilities, incident response plans, and employee training to identify and respond to cyber threats. Ensuring the system remains available, reliable, and maintainable is fundamental given the importance of railways as critical infrastructure and the potential harm that can be caused by cyber threats.展开更多
Cyber-Physical Systems(CPS)represent an integration of computational and physical elements,revolutionizing industries by enabling real-time monitoring,control,and optimization.A complementary technology,Digital Twin(D...Cyber-Physical Systems(CPS)represent an integration of computational and physical elements,revolutionizing industries by enabling real-time monitoring,control,and optimization.A complementary technology,Digital Twin(DT),acts as a virtual replica of physical assets or processes,facilitating better decision making through simulations and predictive analytics.CPS and DT underpin the evolution of Industry 4.0 by bridging the physical and digital domains.This survey explores their synergy,highlighting how DT enriches CPS with dynamic modeling,realtime data integration,and advanced simulation capabilities.The layered architecture of DTs within CPS is examined,showcasing the enabling technologies and tools vital for seamless integration.The study addresses key challenges in CPS modeling,such as concurrency and communication,and underscores the importance of DT in overcoming these obstacles.Applications in various sectors are analyzed,including smart manufacturing,healthcare,and urban planning,emphasizing the transformative potential of CPS-DT integration.In addition,the review identifies gaps in existing methodologies and proposes future research directions to develop comprehensive,scalable,and secure CPSDT systems.By synthesizing insights fromthe current literature and presenting a taxonomy of CPS and DT,this survey serves as a foundational reference for academics and practitioners.The findings stress the need for unified frameworks that align CPS and DT with emerging technologies,fostering innovation and efficiency in the digital transformation era.展开更多
With the integration of informatization and intelligence into the Communication-Based Train Control(CBTC)systems,the system is facing an increasing number of information security threats.As an important method of char...With the integration of informatization and intelligence into the Communication-Based Train Control(CBTC)systems,the system is facing an increasing number of information security threats.As an important method of characterizing the system security status,the security situation assessment is used to analyze the system security situation.However,existing situation assessment methods fail to integrate the coupling relationship between the physical layer and the information layer of the CBTC systems,and cannot dynamically characterize the real-time security situation changes under cyber attacks.In this paper,a hierarchical security situation assessment approach is proposed to address the security challenges of CBTC systems,which can perceive cyber attacks,quantify the security situation,and characterize the security situation changes under cyber attacks.Specifically,for the physical layer ofCBTC systems,the impact of cyber attacks is evaluated with the train punctuality rate and train departure interval indicators.For the information layer of CBTC systems,the system vulnerabilities and system threats are selected as static level indicators,and the critical network characteristics are selected as dynamic level indicators to quantify the real-time security situation.Finally,the comprehensive security situation assessment value of the CBTC systems is obtained by integrating the physical and information layer indicators.Simulation results illustrate that the proposed approach can dynamically characterize the real-time security situation of CBTC systems,enhancing the ability to perceive and assess information security risks.展开更多
Dear Editor,The letter deals with the distributed state and fault estimation of the whole physical layer for cyber-physical systems(CPSs) when the cyber layer suffers from DoS attacks. With the advancement of embedded...Dear Editor,The letter deals with the distributed state and fault estimation of the whole physical layer for cyber-physical systems(CPSs) when the cyber layer suffers from DoS attacks. With the advancement of embedded computing, communication and related hardware technologies, CPSs have attracted extensive attention and have been widely used in power system, traffic network, refrigeration system and other fields.展开更多
This paper provides a systematic review on the resilience analysis of active distribution networks(ADNs)against hazardous weather events,considering the underlying cyber-physical interdependencies.As cyber-physical sy...This paper provides a systematic review on the resilience analysis of active distribution networks(ADNs)against hazardous weather events,considering the underlying cyber-physical interdependencies.As cyber-physical systems,ADNs are characterized by widespread structural and functional interdependen-cies between cyber(communication,computing,and control)and physical(electric power)subsystems and thus present complex hazardous-weather-related resilience issues.To bridge current research gaps,this paper first classifies diverse hazardous weather events for ADNs according to different time spans and degrees of hazard,with model-based and data-driven methods being utilized to characterize weather evolutions.Then,the adverse impacts of hazardous weather on all aspects of ADNs’sources,physical/cyber networks,and loads are analyzed.This paper further emphasizes the importance of situational awareness and cyber-physical collaboration throughout hazardous weather events,as these enhance the implementation of preventive dispatches,corrective actions,and coordinated restorations.In addition,a generalized quantitative resilience evaluation process is proposed regarding additional considerations about cyber subsystems and cyber-physical connections.Finally,potential hazardous-weather-related resilience challenges for both physical and cyber subsystems are discussed.展开更多
Dear Editor,With the advances in computing and communication technologies,the cyber-physical system(CPS),has been used in lots of industrial fields,such as the urban water cycle,internet of things,and human-cyber syst...Dear Editor,With the advances in computing and communication technologies,the cyber-physical system(CPS),has been used in lots of industrial fields,such as the urban water cycle,internet of things,and human-cyber systems[1],[2],which has to face up to malicious cyber-attacks towards cyber communication of control commands.Specifically,jamming attack is regarded as one of the most common attacks of decreasing network performance.Game theory is widely regarded as a method of accurately describing the interaction between jamming attacker and legitimate user[3].In the cyber layer,the signal game model has been utilized to describe the transmission between the attacker and defender[4].However,most previous game theoretical researches are not feasible to meet the demands of industrial CPSs mainly due to the shared communication network nature.Specifically,it leads to incomplete information for players of game owing to various network-induced phenomena and employed communication protocols.In the physical layer,the secure control[5]and estimation[6]under attack detection have been studied for CPSs.However,these methods not only rely heavily on signals injection detection,but also have no access to smart attackers who launch covert attacks so that data receivers cannot observe the attack behaviour[7].Accordingly,the motivation arising here is to tackle the nested game problem for CPSs subject to jamming attack.展开更多
Dear Editor,This letter studies the stabilization control issue of cyber-physical systems with time-varying delays and aperiodic denial-of-service(DoS)attacks.To address the calculation overload issue caused by networ...Dear Editor,This letter studies the stabilization control issue of cyber-physical systems with time-varying delays and aperiodic denial-of-service(DoS)attacks.To address the calculation overload issue caused by networked predictive control(NPC)approach,an event-based NPC method is proposed.Within the proposed method,the negative effects of time-varying delays and DoS attacks on system performance are compensated.Then,sufficient and necessary conditions are derived to ensure the stability of the closed-loop system.In the end,simulation results are provided to demonstrate the validity of presented method.展开更多
基金supported by the National Research Foundation of Korea(NRF)grant funded by the Korea government(MSIT)(RS-2023-00242528,50%)supported by the Korea Internet&Security Agency(KISA)through the Information Security Specialized University Support Project(50%).
文摘As attack techniques evolve and data volumes increase,the integration of artificial intelligence-based security solutions into industrial control systems has become increasingly essential.Artificial intelligence holds significant potential to improve the operational efficiency and cybersecurity of these systems.However,its dependence on cyber-based infrastructures expands the attack surface and introduces the risk that adversarial manipulations of artificial intelligence models may cause physical harm.To address these concerns,this study presents a comprehensive review of artificial intelligence-driven threat detection methods and adversarial attacks targeting artificial intelligence within industrial control environments,examining both their benefits and associated risks.A systematic literature review was conducted across major scientific databases,including IEEE,Elsevier,Springer Nature,ACM,MDPI,and Wiley,covering peer-reviewed journal and conference papers published between 2017 and 2026.Studies were selected based on predefined inclusion and exclusion criteria following a structured screening process.Based on an analysis of 101 selected studies,this survey categorizes artificial intelligence-based threat detection approaches across the physical,control,and application layers of industrial control systems and examines poisoning,evasion,and extraction attacks targeting industrial artificial intelligence.The findings identify key research trends,highlight unresolved security challenges,and discuss implications for the secure deployment of artificial intelligence-enabled cybersecurity solutions in industrial control systems.
文摘The increasing number of interconnected devices and the incorporation of smart technology into contemporary healthcare systems have significantly raised the attack surface of cyber threats.The early detection of threats is both necessary and complex,yet these interconnected healthcare settings generate enormous amounts of heterogeneous data.Traditional Intrusion Detection Systems(IDS),which are generally centralized and machine learning-based,often fail to address the rapidly changing nature of cyberattacks and are challenged by ethical concerns related to patient data privacy.Moreover,traditional AI-driven IDS usually face challenges in handling large-scale,heterogeneous healthcare data while ensuring data privacy and operational efficiency.To address these issues,emerging technologies such as Big Data Analytics(BDA)and Federated Learning(FL)provide a hybrid framework for scalable,adaptive intrusion detection in IoT-driven healthcare systems.Big data techniques enable processing large-scale,highdimensional healthcare data,and FL can be used to train a model in a decentralized manner without transferring raw data,thereby maintaining privacy between institutions.This research proposes a privacy-preserving Federated Learning–based model that efficiently detects cyber threats in connected healthcare systems while ensuring distributed big data processing,privacy,and compliance with ethical regulations.To strengthen the reliability of the reported findings,the resultswere validated using cross-dataset testing and 95%confidence intervals derived frombootstrap analysis,confirming consistent performance across heterogeneous healthcare data distributions.This solution takes a significant step toward securing next-generation healthcare infrastructure by combining scalability,privacy,adaptability,and earlydetection capabilities.The proposed global model achieves a test accuracy of 99.93%±0.03(95%CI)and amiss-rate of only 0.07%±0.02,representing state-of-the-art performance in privacy-preserving intrusion detection.The proposed FL-driven IDS framework offers an efficient,privacy-preserving,and scalable solution for securing next-generation healthcare infrastructures by combining adaptability,early detection,and ethical data management.
文摘This review examines human vulnerabilities in cybersecurity within Microfinance Institutions, analyzing their impact on organizational resilience. Focusing on social engineering, inadequate security training, and weak internal protocols, the study identifies key vulnerabilities exacerbating cyber threats to MFIs. A literature review using databases like IEEE Xplore and Google Scholar focused on studies from 2019 to 2023 addressing human factors in cybersecurity specific to MFIs. Analysis of 57 studies reveals that phishing and insider threats are predominant, with a 20% annual increase in phishing attempts. Employee susceptibility to these attacks is heightened by insufficient training, with entry-level employees showing the highest vulnerability rates. Further, only 35% of MFIs offer regular cybersecurity training, significantly impacting incident reduction. This paper recommends enhanced training frequency, robust internal controls, and a cybersecurity-aware culture to mitigate human-induced cyber risks in MFIs.
文摘This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends that they are not the same. The concept of cyber security is explored, which goes beyond protecting information resources to include a wider variety of assets, including people [1]. Protecting information assets is the main goal of traditional information security, with consideration to the human element and how people fit into the security process. On the other hand, cyber security adds a new level of complexity, as people might unintentionally contribute to or become targets of cyberattacks. This aspect presents moral questions since it is becoming more widely accepted that society has a duty to protect weaker members of society, including children [1]. The study emphasizes how important cyber security is on a larger scale, with many countries creating plans and laws to counteract cyberattacks. Nevertheless, a lot of these sources frequently neglect to define the differences or the relationship between information security and cyber security [1]. The paper focus on differentiating between cybersecurity and information security on a larger scale. The study also highlights other areas of cybersecurity which includes defending people, social norms, and vital infrastructure from threats that arise from online in addition to information and technology protection. It contends that ethical issues and the human factor are becoming more and more important in protecting assets in the digital age, and that cyber security is a paradigm shift in this regard [1].
文摘Cyber-Physical Systems integrated with information technologies introduce vulnerabilities that extend beyond traditional cyber threats.Attackers can non-invasively manipulate sensors and spoof controllers,which in turn increases the autonomy of the system.Even though the focus on protecting against sensor attacks increases,there is still uncertainty about the optimal timing for attack detection.Existing systems often struggle to manage the trade-off between latency and false alarm rate,leading to inefficiencies in real-time anomaly detection.This paper presents a framework designed to monitor,predict,and control dynamic systems with a particular emphasis on detecting and adapting to changes,including anomalies such as“drift”and“attack”.The proposed algorithm integrates a Transformer-based Attention Generative Adversarial Residual model,which combines the strengths of generative adversarial networks,residual networks,and attention algorithms.The system operates in two phases:offline and online.During the offline phase,the proposed model is trained to learn complex patterns,enabling robust anomaly detection.The online phase applies a trained model,where the drift adapter adjusts the model to handle data changes,and the attack detector identifies deviations by comparing predicted and actual values.Based on the output of the attack detector,the controller makes decisions then the actuator executes suitable actions.Finally,the experimental findings show that the proposed model balances detection accuracy of 99.25%,precision of 98.84%,sensitivity of 99.10%,specificity of 98.81%,and an F1-score of 98.96%,thus provides an effective solution for dynamic and safety-critical environments.
基金funded by the Office of Gas and Electricity Markets(Ofgem)and supported by De Montfort University(DMU)and Nottingham Trent University(NTU),UK.
文摘This paper introduces the Integrated Security Embedded Resilience Architecture (ISERA) as an advanced resilience mechanism for Industrial Control Systems (ICS) and Operational Technology (OT) environments. The ISERA framework integrates security by design principles, micro-segmentation, and Island Mode Operation (IMO) to enhance cyber resilience and ensure continuous, secure operations. The methodology deploys a Forward-Thinking Architecture Strategy (FTAS) algorithm, which utilises an industrial Intrusion Detection System (IDS) implemented with Python’s Network Intrusion Detection System (NIDS) library. The FTAS algorithm successfully identified and responded to cyber-attacks, ensuring minimal system disruption. ISERA has been validated through comprehensive testing scenarios simulating Denial of Service (DoS) attacks and malware intrusions, at both the IT and OT layers where it successfully mitigates the impact of malicious activity. Results demonstrate ISERA’s efficacy in real-time threat detection, containment, and incident response, thus ensuring the integrity and reliability of critical infrastructure systems. ISERA’s decentralised approach contributes to global net zero goals by optimising resource use and minimising environmental impact. By adopting a decentralised control architecture and leveraging virtualisation, ISERA significantly enhances the cyber resilience and sustainability of critical infrastructure systems. This approach not only strengthens defences against evolving cyber threats but also optimises resource allocation, reducing the system’s carbon footprint. As a result, ISERA ensures the uninterrupted operation of essential services while contributing to broader net zero goals.
文摘Cyber Defense is becoming a major issue for every organization to keep business continuity intact.The presented paper explores the effectiveness of a meta-heuristic optimization algorithm-Artificial Bees Colony Algorithm(ABC)as an Nature Inspired Cyber Security mechanism to achieve adaptive defense.It experiments on the Denial-Of-Service attack scenarios which involves limiting the traffic flow for each node.Businesses today have adapted their service distribution models to include the use of the Internet,allowing them to effectively manage and interact with their customer data.This shift has created an increased reliance on online services to store vast amounts of confidential customer data,meaning any disruption or outage of these services could be disastrous for the business,leaving them without the knowledge to serve their customers.Adversaries can exploit such an event to gain unauthorized access to the confidential data of the customers.The proposed algorithm utilizes an Adaptive Defense approach to continuously select nodes that could present characteristics of a probable malicious entity.For any changes in network parameters,the cluster of nodes is selected in the prepared solution set as a probable malicious node and the traffic rate with the ratio of packet delivery is managed with respect to the properties of normal nodes to deliver a disaster recovery plan for potential businesses.
文摘The current global cybersecurity landscape, characterized by the increasing scale and sophistication of cyberattacks, underscores the importance of integrating Cyber Threat Intelligence (CTI) into Land Administration Systems (LAS). LAS services involve requests and responses concerning public and private cadastral data, including credentials of parties, ownership, and spatial parcels. This study explores the integration of CTI in LAS to enhance cyber resilience, focusing on the unique vulnerabilities of LAS, such as sensitive data management and interconnection with other critical systems related to spatial data uses and changes. The approach employs a case study of a typical country-specific LAS to analyse structured vulnerabilities and their attributes to determine the degree of vulnerability of LAS through a quantitative inductive approach. The analysis results indicate significant improvements in identifying and mitigating potential threats through CTI integration, thus enhancing cyber resilience. These findings are crucial for policymakers and practitioners to develop robust cybersecurity strategies for LAS.
文摘Given the unique challenges facing the railway industry, cybersecurity is a crucial issue that must be addressed proactively. This paper aims to provide a systematic review of cybersecurity threats that could impact the safety and operations of rolling stock, the privacy and security of passengers and employees, and the public in general. The systematic literature review revealed that cyber threats to the railway industry can take many forms, including attacks on operational technology systems, data breaches, theft of sensitive information, and disruptions to train services. The consequences of these threats can be severe, leading to operational disruptions, financial losses, and loss of public trust in the railway system. To address these threats, railway organizations must adopt a proactive approach to security and implement robust cybersecurity measures tailored to the industry’s specific needs and challenges. This includes regular testing of systems for vulnerabilities, incident response plans, and employee training to identify and respond to cyber threats. Ensuring the system remains available, reliable, and maintainable is fundamental given the importance of railways as critical infrastructure and the potential harm that can be caused by cyber threats.
文摘Cyber-Physical Systems(CPS)represent an integration of computational and physical elements,revolutionizing industries by enabling real-time monitoring,control,and optimization.A complementary technology,Digital Twin(DT),acts as a virtual replica of physical assets or processes,facilitating better decision making through simulations and predictive analytics.CPS and DT underpin the evolution of Industry 4.0 by bridging the physical and digital domains.This survey explores their synergy,highlighting how DT enriches CPS with dynamic modeling,realtime data integration,and advanced simulation capabilities.The layered architecture of DTs within CPS is examined,showcasing the enabling technologies and tools vital for seamless integration.The study addresses key challenges in CPS modeling,such as concurrency and communication,and underscores the importance of DT in overcoming these obstacles.Applications in various sectors are analyzed,including smart manufacturing,healthcare,and urban planning,emphasizing the transformative potential of CPS-DT integration.In addition,the review identifies gaps in existing methodologies and proposes future research directions to develop comprehensive,scalable,and secure CPSDT systems.By synthesizing insights fromthe current literature and presenting a taxonomy of CPS and DT,this survey serves as a foundational reference for academics and practitioners.The findings stress the need for unified frameworks that align CPS and DT with emerging technologies,fostering innovation and efficiency in the digital transformation era.
基金supported in part by the project of the State Key Laboratory of Advanced Rail Autonomous Operation(RAO2023ZZ004)in part by the Beijing Natural Science Foundation-Fengtai Rail Transit Frontier Research Joint Fund(L211002)+2 种基金in part by the Foundation of China State Railway Group Corporation Limited under Grant L2021G003in part by the Scientific and Technical Research Fund of China Academy of Railway Sciences Corporation Limited under Grant 2021YJ094in part by the Project I23L00200 and Project I24F00010.
文摘With the integration of informatization and intelligence into the Communication-Based Train Control(CBTC)systems,the system is facing an increasing number of information security threats.As an important method of characterizing the system security status,the security situation assessment is used to analyze the system security situation.However,existing situation assessment methods fail to integrate the coupling relationship between the physical layer and the information layer of the CBTC systems,and cannot dynamically characterize the real-time security situation changes under cyber attacks.In this paper,a hierarchical security situation assessment approach is proposed to address the security challenges of CBTC systems,which can perceive cyber attacks,quantify the security situation,and characterize the security situation changes under cyber attacks.Specifically,for the physical layer ofCBTC systems,the impact of cyber attacks is evaluated with the train punctuality rate and train departure interval indicators.For the information layer of CBTC systems,the system vulnerabilities and system threats are selected as static level indicators,and the critical network characteristics are selected as dynamic level indicators to quantify the real-time security situation.Finally,the comprehensive security situation assessment value of the CBTC systems is obtained by integrating the physical and information layer indicators.Simulation results illustrate that the proposed approach can dynamically characterize the real-time security situation of CBTC systems,enhancing the ability to perceive and assess information security risks.
基金supported by the National Natural Science Foundation of China(62303273,62373226)the National Research Foundation,Singapore through the Medium Sized Center for Advanced Robotics Technology Innovation(WP2.7)
文摘Dear Editor,The letter deals with the distributed state and fault estimation of the whole physical layer for cyber-physical systems(CPSs) when the cyber layer suffers from DoS attacks. With the advancement of embedded computing, communication and related hardware technologies, CPSs have attracted extensive attention and have been widely used in power system, traffic network, refrigeration system and other fields.
基金supported by the National Natural Science Foundation of China(52477132 and U2066601).
文摘This paper provides a systematic review on the resilience analysis of active distribution networks(ADNs)against hazardous weather events,considering the underlying cyber-physical interdependencies.As cyber-physical systems,ADNs are characterized by widespread structural and functional interdependen-cies between cyber(communication,computing,and control)and physical(electric power)subsystems and thus present complex hazardous-weather-related resilience issues.To bridge current research gaps,this paper first classifies diverse hazardous weather events for ADNs according to different time spans and degrees of hazard,with model-based and data-driven methods being utilized to characterize weather evolutions.Then,the adverse impacts of hazardous weather on all aspects of ADNs’sources,physical/cyber networks,and loads are analyzed.This paper further emphasizes the importance of situational awareness and cyber-physical collaboration throughout hazardous weather events,as these enhance the implementation of preventive dispatches,corrective actions,and coordinated restorations.In addition,a generalized quantitative resilience evaluation process is proposed regarding additional considerations about cyber subsystems and cyber-physical connections.Finally,potential hazardous-weather-related resilience challenges for both physical and cyber subsystems are discussed.
基金supported by the National Natural Science Foundation of China(62173136)the Natural Science Foundation of Hunan Province(2020JJ2013,2021JJ50047).
文摘Dear Editor,With the advances in computing and communication technologies,the cyber-physical system(CPS),has been used in lots of industrial fields,such as the urban water cycle,internet of things,and human-cyber systems[1],[2],which has to face up to malicious cyber-attacks towards cyber communication of control commands.Specifically,jamming attack is regarded as one of the most common attacks of decreasing network performance.Game theory is widely regarded as a method of accurately describing the interaction between jamming attacker and legitimate user[3].In the cyber layer,the signal game model has been utilized to describe the transmission between the attacker and defender[4].However,most previous game theoretical researches are not feasible to meet the demands of industrial CPSs mainly due to the shared communication network nature.Specifically,it leads to incomplete information for players of game owing to various network-induced phenomena and employed communication protocols.In the physical layer,the secure control[5]and estimation[6]under attack detection have been studied for CPSs.However,these methods not only rely heavily on signals injection detection,but also have no access to smart attackers who launch covert attacks so that data receivers cannot observe the attack behaviour[7].Accordingly,the motivation arising here is to tackle the nested game problem for CPSs subject to jamming attack.
基金supported by the National Natural Science Foundation of China(61433003,60904003,11602019).
文摘Dear Editor,This letter studies the stabilization control issue of cyber-physical systems with time-varying delays and aperiodic denial-of-service(DoS)attacks.To address the calculation overload issue caused by networked predictive control(NPC)approach,an event-based NPC method is proposed.Within the proposed method,the negative effects of time-varying delays and DoS attacks on system performance are compensated.Then,sufficient and necessary conditions are derived to ensure the stability of the closed-loop system.In the end,simulation results are provided to demonstrate the validity of presented method.
