The importance of a nation’s infrastructure is a vital core for economic growth, development, and innovation. Health, wealth, access to education, public safety, and helping prepare for global crises like pandemics a...The importance of a nation’s infrastructure is a vital core for economic growth, development, and innovation. Health, wealth, access to education, public safety, and helping prepare for global crises like pandemics are all dependent on functioning and reliable infrastructures. In decades, the substantial threats affecting infrastructures globally whether in the form of extreme weather, Covid-19 pandemic, or the threats of state and non-state actors’ hackers, demanded urgency in building resilience infrastructures both during crises and in more stable conditions. At the same time, the adoption of emerging and innovative technologies boosts the development of the infrastructures using information, communication, and technology (ICT) platform. This shift accelerated its evolution toward digitization where interdependent and interconnected cyberspace demands collaborative and holistic strategies in protecting critical and high risks infrastructure assets from a growing number of disruptive cyberattacks. These ever-evolving cyber threats are creating increasingly dangerous and targeted cyberattacks to damage or disrupt the critical infrastructures delivering vital services to government, energy, healthcare, transportation, telecommunication, and other critical sectors. The infrastructure’s high risks assets present serious challenges and are crucial to safety, efficiency, and reliability. Any nation must recognize and determine how to cope with any type of threats to their critical infrastructure as well as the strategies to remain resilient. This article first describes the challenges and the need for critical infrastructure protection including the related global risks challenges. It then reviews the United Nations, the European Union, and the United States’ strategies, priorities, and urgencies of critical infrastructure protection. Subsequently, it surveys the critical infrastructure protection resilience strategies including ISO, IEC, ISA, NIST, CAF and CMM frameworks.展开更多
Critical Infrastructures(CIs),which serve as the foundation of our modern society,are facing increasing risks from cyber threats,physical attacks,and natural disasters.Additionally,the interdependencies between CIs th...Critical Infrastructures(CIs),which serve as the foundation of our modern society,are facing increasing risks from cyber threats,physical attacks,and natural disasters.Additionally,the interdependencies between CIs through-out their operational lifespan can also significantly impact their integrity and safety.As a result,enhancing the resilience of CIs has emerged as a top priority for many countries,including the European Union.This involves not only understanding the threats/attacks themselves but also gaining knowledge about the areas and infrastruc-tures that could potentially be affected.A European Union-funded project named PRECINCT(Preparedness and Resilience Enforcement for Critical INfrastructure Cascading Cyber-Physical Threats),under the Horizon 2020 program,tries to connect private and public stakeholders of CIs in a specific geographical area.The key objec-tive of this project is to establish a common cyber-physical security management approach that will ensure the protection of both citizens and infrastructures,creating a secure territory.This paper presents the components of PRECINCT,including a directory of PRECINCT Critical Infrastructure Protection(CIP)blueprints.These blueprints support CI communities in designing integrated ecosystems,operating and replicating PRECINCT components(or toolkits).The integration enables coordinated security and resilience management,incorporating improved’installation-specific’security solutions.Additionally,Serious Games(SG),and Digital Twins(DT)are a significant part of this project,serving as a novel vulnerability evaluation method for analysing complicated multi-system cascading effects in the PRECINCT Living Labs(LLs).The use of SG supports the concentrated advancement of innovative resilience enhancement services.展开更多
Critical infrastructures(CIs)embody cyber-physical-social systems(CPSSs)where physical entities are integrated with cyber components,shaping service delivery through end-user behavior.The seamless operation of CIs is ...Critical infrastructures(CIs)embody cyber-physical-social systems(CPSSs)where physical entities are integrated with cyber components,shaping service delivery through end-user behavior.The seamless operation of CIs is vital for society,and the CPSS resilience relies on interdependencies with AI-integrated technologies.The complexity of the system,and the interconnections with other infrastructures,along with the socio-technical transition towards digitization raised the necessity of implementing Resilience Engineering.This motivates exploration of the scientific literature on resilience key performance indicators(R-KPIs)which support strategies for ensuring service continuity.Therefore,this article aims to identify R-KPIs for AI-integrated CIs and prioritize the extracted R-KPIs using a hybrid Multi-Criteria Decision-Making(MCDM)approach.The results show the importance of employing R-KPIs that measure risk probability,energy self-sufficiency level of the system under study,and performance indicators including functionality loss,recovery time,and minimum performance level after disturbance as the most effective R-KPIs in the domain of this study.After identifying and prioritizing the R-KPIs,a general framework is proposed to employ these R-KPIs in modeling the resilience of a CPS.Finally,a case study demonstrates the implementation of the framework and KPIs in a real-life scenario.展开更多
文摘The importance of a nation’s infrastructure is a vital core for economic growth, development, and innovation. Health, wealth, access to education, public safety, and helping prepare for global crises like pandemics are all dependent on functioning and reliable infrastructures. In decades, the substantial threats affecting infrastructures globally whether in the form of extreme weather, Covid-19 pandemic, or the threats of state and non-state actors’ hackers, demanded urgency in building resilience infrastructures both during crises and in more stable conditions. At the same time, the adoption of emerging and innovative technologies boosts the development of the infrastructures using information, communication, and technology (ICT) platform. This shift accelerated its evolution toward digitization where interdependent and interconnected cyberspace demands collaborative and holistic strategies in protecting critical and high risks infrastructure assets from a growing number of disruptive cyberattacks. These ever-evolving cyber threats are creating increasingly dangerous and targeted cyberattacks to damage or disrupt the critical infrastructures delivering vital services to government, energy, healthcare, transportation, telecommunication, and other critical sectors. The infrastructure’s high risks assets present serious challenges and are crucial to safety, efficiency, and reliability. Any nation must recognize and determine how to cope with any type of threats to their critical infrastructure as well as the strategies to remain resilient. This article first describes the challenges and the need for critical infrastructure protection including the related global risks challenges. It then reviews the United Nations, the European Union, and the United States’ strategies, priorities, and urgencies of critical infrastructure protection. Subsequently, it surveys the critical infrastructure protection resilience strategies including ISO, IEC, ISA, NIST, CAF and CMM frameworks.
基金funded by the European Commission,Horizon 2020 research and innovation programme under grant agreement No.101021668.
文摘Critical Infrastructures(CIs),which serve as the foundation of our modern society,are facing increasing risks from cyber threats,physical attacks,and natural disasters.Additionally,the interdependencies between CIs through-out their operational lifespan can also significantly impact their integrity and safety.As a result,enhancing the resilience of CIs has emerged as a top priority for many countries,including the European Union.This involves not only understanding the threats/attacks themselves but also gaining knowledge about the areas and infrastruc-tures that could potentially be affected.A European Union-funded project named PRECINCT(Preparedness and Resilience Enforcement for Critical INfrastructure Cascading Cyber-Physical Threats),under the Horizon 2020 program,tries to connect private and public stakeholders of CIs in a specific geographical area.The key objec-tive of this project is to establish a common cyber-physical security management approach that will ensure the protection of both citizens and infrastructures,creating a secure territory.This paper presents the components of PRECINCT,including a directory of PRECINCT Critical Infrastructure Protection(CIP)blueprints.These blueprints support CI communities in designing integrated ecosystems,operating and replicating PRECINCT components(or toolkits).The integration enables coordinated security and resilience management,incorporating improved’installation-specific’security solutions.Additionally,Serious Games(SG),and Digital Twins(DT)are a significant part of this project,serving as a novel vulnerability evaluation method for analysing complicated multi-system cascading effects in the PRECINCT Living Labs(LLs).The use of SG supports the concentrated advancement of innovative resilience enhancement services.
文摘Critical infrastructures(CIs)embody cyber-physical-social systems(CPSSs)where physical entities are integrated with cyber components,shaping service delivery through end-user behavior.The seamless operation of CIs is vital for society,and the CPSS resilience relies on interdependencies with AI-integrated technologies.The complexity of the system,and the interconnections with other infrastructures,along with the socio-technical transition towards digitization raised the necessity of implementing Resilience Engineering.This motivates exploration of the scientific literature on resilience key performance indicators(R-KPIs)which support strategies for ensuring service continuity.Therefore,this article aims to identify R-KPIs for AI-integrated CIs and prioritize the extracted R-KPIs using a hybrid Multi-Criteria Decision-Making(MCDM)approach.The results show the importance of employing R-KPIs that measure risk probability,energy self-sufficiency level of the system under study,and performance indicators including functionality loss,recovery time,and minimum performance level after disturbance as the most effective R-KPIs in the domain of this study.After identifying and prioritizing the R-KPIs,a general framework is proposed to employ these R-KPIs in modeling the resilience of a CPS.Finally,a case study demonstrates the implementation of the framework and KPIs in a real-life scenario.
