International Journal of Critical Infrastructure Protection最新文献_第2页

Operational technologies is the blend spot of the critical Infrastrutcturte 运营技术是关键基础设施的融合点

IF 5.3 3区工程技术 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

International Journal of Critical Infrastructure Protection

Pub Date : 2025-12-01 Epub Date: 2025-12-11 DOI: 10.1016/S1874-5482(25)00082-4

Roberto Setola

引用次数: 0

How interdependent coupling affects the resilience of urban critical infrastructure(UCI) 相互依赖耦合如何影响城市关键基础设施的弹性

IF 5.3 3区工程技术 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

International Journal of Critical Infrastructure Protection

Pub Date : 2025-12-01 Epub Date: 2025-08-05 DOI: 10.1016/j.ijcip.2025.100790

Li Guo , Jianing Hu , Mengjuan Luo , Shihao Ren , Xiaobin Dong , Pengcheng Li

Urban critical infrastructure systems do not exist in isolation. They are interdependent and interact with each other, constructing a multilayer network model can effectively and accurately simulate the relationship between these systems, to better understand and analyze their interactions and impact on the overall resilience of the system. This study constructs eight different coupling-type multilayer cascading failure models to explore the robustness patterns of interdependent coupling networks under two different coupling patterns (chain and triangle) and different coupling ratios. The research results indicate that (1) both chain and triangle coupling networks exhibit optimal adjustable capacity parameter values, but the optimal adjustable capacity values for these two coupling patterns are not the same; (2) the robustness of the triangle coupling network is superior to that of the chain coupling network, although, under degree-matching coupling types, the robustness of the two coupling patterns is similar; (3) under the same coupling pattern, different coupling types of multilayer networks exhibit differences in robustness, and the optimal inter-layer coupling types vary within different coupling ratio ranges; (4) under different coupling patterns, for the same coupling ratio range, the optimal inter-layer coupling types also differ. These findings provide a foundation for more precise modeling, thereby enabling the development of more effective strategies to enhance the resilience and reliability of interdependent urban critical infrastructure systems under varying coupling conditions.

城市关键基础设施系统不是孤立存在的。它们相互依存、相互作用，构建多层网络模型可以有效、准确地模拟这些系统之间的关系，更好地理解和分析它们之间的相互作用以及对系统整体弹性的影响。本文构建了8种不同耦合类型的多层级联失效模型，探讨了两种不同耦合模式（链式和三角式）和不同耦合比下相互依赖耦合网络的鲁棒性规律。研究结果表明：(1)链式和三角形耦合网络均具有最优可调容量参数值，但两种耦合模式的最优可调容量值不同；(2)三角耦合网络的鲁棒性优于链式耦合网络，但在度匹配耦合类型下，两种耦合模式的鲁棒性相似；(3)在相同耦合模式下，不同耦合类型的多层网络鲁棒性存在差异，在不同耦合比范围内，最优层间耦合类型存在差异；(4)在不同耦合方式下，对于相同的耦合比范围，层间最优耦合方式也不同。这些发现为更精确的建模奠定了基础，从而能够制定更有效的策略，以增强相互依赖的城市关键基础设施系统在不同耦合条件下的弹性和可靠性。

{"title":"How interdependent coupling affects the resilience of urban critical infrastructure(UCI)","authors":"Li Guo , Jianing Hu , Mengjuan Luo , Shihao Ren , Xiaobin Dong , Pengcheng Li","doi":"10.1016/j.ijcip.2025.100790","DOIUrl":"10.1016/j.ijcip.2025.100790","url":null,"abstract":"<div><div>Urban critical infrastructure systems do not exist in isolation. They are interdependent and interact with each other, constructing a multilayer network model can effectively and accurately simulate the relationship between these systems, to better understand and analyze their interactions and impact on the overall resilience of the system. This study constructs eight different coupling-type multilayer cascading failure models to explore the robustness patterns of interdependent coupling networks under two different coupling patterns (chain and triangle) and different coupling ratios. The research results indicate that (1) both chain and triangle coupling networks exhibit optimal adjustable capacity parameter values, but the optimal adjustable capacity values for these two coupling patterns are not the same; (2) the robustness of the triangle coupling network is superior to that of the chain coupling network, although, under degree-matching coupling types, the robustness of the two coupling patterns is similar; (3) under the same coupling pattern, different coupling types of multilayer networks exhibit differences in robustness, and the optimal inter-layer coupling types vary within different coupling ratio ranges; (4) under different coupling patterns, for the same coupling ratio range, the optimal inter-layer coupling types also differ. These findings provide a foundation for more precise modeling, thereby enabling the development of more effective strategies to enhance the resilience and reliability of interdependent urban critical infrastructure systems under varying coupling conditions.</div></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"51 ","pages":"Article 100790"},"PeriodicalIF":5.3,"publicationDate":"2025-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144912267","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Feature extraction and selection for flooding-based multi-class DDoS attacks detection in IoT network 物联网网络中基于洪水的多类DDoS攻击检测特征提取与选择

IF 5.3 3区工程技术 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

International Journal of Critical Infrastructure Protection

Pub Date : 2025-12-01 DOI: 10.1016/j.ijcip.2025.100815

Hayelom Gebrye , Yong Wang , Fagen Li , Birhanu Kahsay

In the realm of IoT network security, feature selection and machine learning driven DDoS detection acquired appeal due to their capacity for tracking traffic and recognize threats. Nevertheless, recent studies have demonstrated that these attacks can be identified using outdated datasets, which could not appropriately reflect modern network threats and degrade the accuracy of detection. Few ML applications employed over 40 features in the past; today, there are tens or even hundreds of features available. This makes processing the information complex and requires more resources and time. In order to facilitate the multi-class detection of DDoS flooding attacks, we made available the PCAP extractor, which allows for the extraction and processing of raw network data into a ML suitable format. Next, we generated flooding-based DDoS attack dataset specifically intended for classification into multiple classes, and we assessed the efficacy of adaptable ML models. We conducted three systematic experimental analysis. The flooding-based DDoS multi-class dataset that was produced for the study was used in the preliminary experiment. To evaluate the effectiveness of our efforts, we conducted the second and third experiments using the IoTID20 and CIC-IoT23, which are the most modern, up-to-date and incorporates variety DDoS attack datasets. Finally, Boruta outperforms RFE in terms of choosing important features and time to complete the task in all datasets. We showed that across all experiment groups, the random forest model exhibited an accuracy of greater than 90%.

在物联网网络安全领域，特征选择和机器学习驱动的DDoS检测因其跟踪流量和识别威胁的能力而获得了吸引力。然而，最近的研究表明，这些攻击可以使用过时的数据集来识别，这些数据集不能适当地反映现代网络威胁，并降低了检测的准确性。过去很少有机器学习应用程序使用超过40个功能；今天，有数十甚至数百个可用的功能。这使得处理信息变得复杂，需要更多的资源和时间。为了方便对DDoS洪水攻击的多类检测，我们提供了PCAP提取器，它允许将原始网络数据提取和处理为ML合适的格式。接下来，我们生成了基于洪水的DDoS攻击数据集，专门用于分类为多个类别，并评估了适应性机器学习模型的有效性。我们进行了三次系统的实验分析。为本研究生成的基于洪水的DDoS多类数据集用于初步实验。为了评估我们努力的有效性，我们使用最现代、最新并包含各种DDoS攻击数据集的IoTID20和CIC-IoT23进行了第二次和第三次实验。最后，Boruta在所有数据集中选择重要特征和完成任务的时间方面优于RFE。我们发现，在所有的实验组中，随机森林模型的准确率都大于90%。

{"title":"Feature extraction and selection for flooding-based multi-class DDoS attacks detection in IoT network","authors":"Hayelom Gebrye , Yong Wang , Fagen Li , Birhanu Kahsay","doi":"10.1016/j.ijcip.2025.100815","DOIUrl":"10.1016/j.ijcip.2025.100815","url":null,"abstract":"<div><div>In the realm of IoT network security, feature selection and machine learning driven DDoS detection acquired appeal due to their capacity for tracking traffic and recognize threats. Nevertheless, recent studies have demonstrated that these attacks can be identified using outdated datasets, which could not appropriately reflect modern network threats and degrade the accuracy of detection. Few ML applications employed over 40 features in the past; today, there are tens or even hundreds of features available. This makes processing the information complex and requires more resources and time. In order to facilitate the multi-class detection of DDoS flooding attacks, we made available the PCAP extractor, which allows for the extraction and processing of raw network data into a ML suitable format. Next, we generated flooding-based DDoS attack dataset specifically intended for classification into multiple classes, and we assessed the efficacy of adaptable ML models. We conducted three systematic experimental analysis. The flooding-based DDoS multi-class dataset that was produced for the study was used in the preliminary experiment. To evaluate the effectiveness of our efforts, we conducted the second and third experiments using the IoTID20 and CIC-IoT23, which are the most modern, up-to-date and incorporates variety DDoS attack datasets. Finally, Boruta outperforms RFE in terms of choosing important features and time to complete the task in all datasets. We showed that across all experiment groups, the random forest model exhibited an accuracy of greater than 90%.</div></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"51 ","pages":"Article 100815"},"PeriodicalIF":5.3,"publicationDate":"2025-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145693246","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Dynamic optimization of multi-layered defenses inspired by Chakravyuh 受Chakravyuh启发的多层防御的动态优化

IF 5.3 3区工程技术 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

International Journal of Critical Infrastructure Protection

Pub Date : 2025-12-01 Epub Date: 2025-08-30 DOI: 10.1016/j.ijcip.2025.100794

Kishore Dutta

As adversaries grow more sophisticated, critical infrastructure demands defense systems that not only react but also learn and adapt dynamically. This work introduces a novel reinforcement learning framework inspired by the ancient Indian Chakravyuh formation, integrating Q-learning, Markov decision processes, and network optimization to model multi-layered security under uncertainty. The system enables attackers to attempt sequential node breaches while defenders deploy adaptive traps and allocate resources through quantifiable metrics including ROI-driven investment and critical node vulnerability analysis. Results demonstrate both vulnerabilities and strengths: universal Layer 0 breaches occur (Mean Time to Breach = 52 episodes) due to uneven resource allocation quantified by a high Gini coefficient of 0.712. Despite this vulnerability, deeper layers remain highly resilient — with over 90% of attacks halted by Layer 1 and fewer than 5% of episodes resulting in breaches beyond Layer 2. Trap deployment achieves high efficiency, with approximately 82% of traps being triggered, especially during early episodes. However, efficiency declines over time as attackers adapt and avoid traps. Resource allocation patterns scale linearly, ensuring sustainable defense operations. These findings validate how the fusion of Chakravyuh strategy with modern reinforcement learning creates an adaptive defense system, simultaneously exposing perimeter vulnerabilities for targeted reinforcement and demonstrating effective deeper-layer security through optimized stochastic policies.

随着对手变得越来越复杂，关键基础设施要求防御系统不仅要做出反应，还要动态学习和适应。这项工作引入了一种受古印度Chakravyuh构造启发的新型强化学习框架，将q学习、马尔可夫决策过程和网络优化集成到不确定性下的多层安全模型中。该系统允许攻击者尝试连续节点入侵，而防御者则部署自适应陷阱，并通过可量化的指标（包括roi驱动的投资和关键节点漏洞分析）分配资源。结果显示了漏洞和优势：普遍的第0层违规行为发生（平均违规时间= 52次），由于高基尼系数（0.712）量化的资源分配不均衡。尽管存在这些漏洞，但更深的层仍然具有很高的弹性——超过90%的攻击被第1层阻止，只有不到5%的事件导致第2层之外的漏洞。陷阱的部署效率很高，大约82%的陷阱被触发，尤其是在早期。然而，随着攻击者适应和避免陷阱，效率会随着时间的推移而下降。资源分配模式线性扩展，确保可持续的国防行动。这些发现验证了Chakravyuh策略与现代强化学习的融合如何创建一个自适应防御系统，同时暴露了针对性强化的外围漏洞，并通过优化的随机策略展示了有效的深层安全性。

{"title":"Dynamic optimization of multi-layered defenses inspired by Chakravyuh","authors":"Kishore Dutta","doi":"10.1016/j.ijcip.2025.100794","DOIUrl":"10.1016/j.ijcip.2025.100794","url":null,"abstract":"<div><div>As adversaries grow more sophisticated, critical infrastructure demands defense systems that not only react but also learn and adapt dynamically. This work introduces a novel reinforcement learning framework inspired by the ancient Indian <em>Chakravyuh</em> formation, integrating Q-learning, Markov decision processes, and network optimization to model multi-layered security under uncertainty. The system enables attackers to attempt sequential node breaches while defenders deploy adaptive traps and allocate resources through quantifiable metrics including ROI-driven investment and critical node vulnerability analysis. Results demonstrate both vulnerabilities and strengths: universal Layer 0 breaches occur (Mean Time to Breach = 52 episodes) due to uneven resource allocation quantified by a high Gini coefficient of 0.712. Despite this vulnerability, deeper layers remain highly resilient — with over 90% of attacks halted by Layer 1 and fewer than 5% of episodes resulting in breaches beyond Layer 2. Trap deployment achieves high efficiency, with approximately 82% of traps being triggered, especially during early episodes. However, efficiency declines over time as attackers adapt and avoid traps. Resource allocation patterns scale linearly, ensuring sustainable defense operations. These findings validate how the fusion of <em>Chakravyuh</em> strategy with modern reinforcement learning creates an adaptive defense system, simultaneously exposing perimeter vulnerabilities for targeted reinforcement and demonstrating effective deeper-layer security through optimized stochastic policies.</div></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"51 ","pages":"Article 100794"},"PeriodicalIF":5.3,"publicationDate":"2025-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144919755","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Vulnerability assessment of interdependent road-power networks with probability-based coupling strategies 基于概率耦合策略的道路电力网络脆弱性评估

IF 5.3 3区工程技术 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

International Journal of Critical Infrastructure Protection

Pub Date : 2025-12-01 Epub Date: 2025-08-12 DOI: 10.1016/j.ijcip.2025.100792

Qiaojun Guo , Xin Gao , Damin Dong , Guangtai Zhang

The road network and power grid are vital components of urban infrastructures, but their interdependence significantly amplifies vulnerability. Thus, this paper studies the vulnerability of the interdependent road-power network constructed by a probability-based coupling strategies. First, the road network and the power grid are abstracted as two single networks, respectively, where user equilibrium and the Kirchhoff’s law are used to construct the cascading failure model. Then, to establish an effective interdependent relationship between them, we propose ranking proportion reflecting the ranking of a node in the single network and construct the interdependent link between networks through the probability determined by the difference of ranking proportion, thereby developing a probability-based framework for generating coupling strategies. This can produce coupling strategies with a specific assortativity coefficient based on various kinds of metrics. Finally, we use the real-world Shanghai road network and the IEEE 118-node power grid to conduct a case study on the vulnerability of the interdependent network with sixteen assortative and disassortative coupling strategies obtained by the proposed framework with four topological and functional metrics. Experimental results show that under intentional attacks, the interdependent network with disassortative coupling strategies regarding fluctuations of power loads exhibits slight vulnerability; under random failures, disassortative coupling strategies regarding the power load mitigate its vulnerability. In addition, there is little difference in the vulnerability of the interdependent network with assortative coupling strategies regardless of attack strategies. Besides, its vulnerability is more significant while adopting coupling strategies regarding classic topological metrics.

道路网络和电网是城市基础设施的重要组成部分，但它们之间的相互依赖性大大增加了脆弱性。因此，本文研究了基于概率耦合策略构建的相互依赖道路-电力网络的脆弱性。首先，将路网和电网分别抽象为两个单独的网络，利用用户均衡和基尔霍夫定律构建级联故障模型；然后，为了建立它们之间有效的相互依赖关系，我们提出了反映单个网络中节点排名的排名比例，并通过排名比例差异决定的概率来构建网络之间的相互依赖联系，从而开发了基于概率的耦合策略生成框架。这可以产生基于各种度量的具有特定选型系数的耦合策略。最后，以现实世界的上海道路网络和IEEE 118节点电网为例，对基于4个拓扑和功能指标的框架所获得的16种分类和非分类耦合策略进行了脆弱性分析。实验结果表明，在故意攻击下，基于电力负荷波动的非分类耦合策略的相互依赖网络表现出轻微的脆弱性；在随机故障情况下，针对电力负荷的非分类耦合策略可以降低其脆弱性。此外，无论攻击策略如何，分类耦合策略下的相互依赖网络的脆弱性差异不大。此外，针对经典拓扑指标采用耦合策略时，其脆弱性更为显著。

{"title":"Vulnerability assessment of interdependent road-power networks with probability-based coupling strategies","authors":"Qiaojun Guo , Xin Gao , Damin Dong , Guangtai Zhang","doi":"10.1016/j.ijcip.2025.100792","DOIUrl":"10.1016/j.ijcip.2025.100792","url":null,"abstract":"<div><div>The road network and power grid are vital components of urban infrastructures, but their interdependence significantly amplifies vulnerability. Thus, this paper studies the vulnerability of the interdependent road-power network constructed by a probability-based coupling strategies. First, the road network and the power grid are abstracted as two single networks, respectively, where user equilibrium and the Kirchhoff’s law are used to construct the cascading failure model. Then, to establish an effective interdependent relationship between them, we propose ranking proportion reflecting the ranking of a node in the single network and construct the interdependent link between networks through the probability determined by the difference of ranking proportion, thereby developing a probability-based framework for generating coupling strategies. This can produce coupling strategies with a specific assortativity coefficient based on various kinds of metrics. Finally, we use the real-world Shanghai road network and the IEEE 118-node power grid to conduct a case study on the vulnerability of the interdependent network with sixteen assortative and disassortative coupling strategies obtained by the proposed framework with four topological and functional metrics. Experimental results show that under intentional attacks, the interdependent network with disassortative coupling strategies regarding fluctuations of power loads exhibits slight vulnerability; under random failures, disassortative coupling strategies regarding the power load mitigate its vulnerability. In addition, there is little difference in the vulnerability of the interdependent network with assortative coupling strategies regardless of attack strategies. Besides, its vulnerability is more significant while adopting coupling strategies regarding classic topological metrics.</div></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"51 ","pages":"Article 100792"},"PeriodicalIF":5.3,"publicationDate":"2025-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144887265","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Bridging technical and social dimensions in critical infrastructure accessibility assessment: A case study from Chile 关键基础设施可达性评估中的技术和社会层面的桥梁：来自智利的案例研究

IF 5.3 3区工程技术 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

International Journal of Critical Infrastructure Protection

Pub Date : 2025-12-01 Epub Date: 2025-11-06 DOI: 10.1016/j.ijcip.2025.100811

Marta Contreras , Alondra Chamorro , Trinidad Gómez , Tomás Echaveguren , María Molinos-Senante

Assessing accessibility to critical infrastructure (CI), e.g., drinking water supply and transportation network, during extreme natural events is fundamental for improving the resilience of urban and rural systems. This study introduces a novel methodology to evaluate the criticality of road network links for accessing CI, integrating both technical assessments and societal preferences. A Critical Accessibility Index (CAI) was developed and applied to a case study in the Metropolitan Region of Chile, using a goal programming framework to quantify the relative importance of seven CI types as perceived by 750 survey respondents. Drinking water supply was assigned the highest weight (59.7 %), followed by healthcare (15.9 %) and electricity (8.5 %), reflecting priorities during an earthquake scenario. The CAI was estimated under two scenarios: one assuming equal CI importance and another incorporating community preferences. Results showed that in scenario (a), 69.3 % of links had very low criticality, while in scenario (b), this decreased to 47.5 %, with a notable increase in medium and high criticality links. Spatial analysis underscored the heightened criticality of drinking water access, especially in rural areas with low redundancy. Policy implications emphasize the need for dual-focused investment planning that balances technical criticality with social priorities. This approach supports inclusive and robust disaster risk management, offering a replicable framework for diverse regional applications.

在极端自然事件期间，评估关键基础设施（如饮用水供应和运输网络）的可及性对于提高城乡系统的复原力至关重要。本研究引入了一种新的方法来评估道路网络连接对访问CI的重要性，整合了技术评估和社会偏好。开发了关键可达性指数（CAI），并将其应用于智利大都市区的案例研究，使用目标规划框架量化750名调查受访者认为的七种CI类型的相对重要性。饮用水供应的权重最高（59.7%），其次是医疗保健（15.9%）和电力（8.5%），反映了地震情景下的优先事项。CAI是在两种情况下估计的：一种假设CI同等重要，另一种考虑社区偏好。结果表明，在场景(a)中，69.3%的链接具有非常低的临界性，而在场景(b)中，这一比例降至47.5%，中临界和高临界链接显著增加。空间分析强调了饮用水获取的重要性，特别是在冗余度低的农村地区。政策影响强调需要有双重重点的投资规划，平衡技术关键性和社会优先事项。这种方法支持包容性和强大的灾害风险管理，为不同的区域应用提供了可复制的框架。

{"title":"Bridging technical and social dimensions in critical infrastructure accessibility assessment: A case study from Chile","authors":"Marta Contreras , Alondra Chamorro , Trinidad Gómez , Tomás Echaveguren , María Molinos-Senante","doi":"10.1016/j.ijcip.2025.100811","DOIUrl":"10.1016/j.ijcip.2025.100811","url":null,"abstract":"<div><div>Assessing accessibility to critical infrastructure (CI), e.g., drinking water supply and transportation network, during extreme natural events is fundamental for improving the resilience of urban and rural systems. This study introduces a novel methodology to evaluate the criticality of road network links for accessing CI, integrating both technical assessments and societal preferences. A Critical Accessibility Index (CAI) was developed and applied to a case study in the Metropolitan Region of Chile, using a goal programming framework to quantify the relative importance of seven CI types as perceived by 750 survey respondents. Drinking water supply was assigned the highest weight (59.7 %), followed by healthcare (15.9 %) and electricity (8.5 %), reflecting priorities during an earthquake scenario. The CAI was estimated under two scenarios: one assuming equal CI importance and another incorporating community preferences. Results showed that in scenario (a), 69.3 % of links had very low criticality, while in scenario (b), this decreased to 47.5 %, with a notable increase in medium and high criticality links. Spatial analysis underscored the heightened criticality of drinking water access, especially in rural areas with low redundancy. Policy implications emphasize the need for dual-focused investment planning that balances technical criticality with social priorities. This approach supports inclusive and robust disaster risk management, offering a replicable framework for diverse regional applications.</div></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"51 ","pages":"Article 100811"},"PeriodicalIF":5.3,"publicationDate":"2025-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145528333","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Securing the future: Integrating quantum computing and digital twin technologies into modern power & transportation systems for resilient smart cities against false data injection cyberattacks 保护未来：将量子计算和数字孪生技术集成到现代电力和交通系统中，以实现弹性智能城市抵御虚假数据注入网络攻击

IF 5.3 3区工程技术 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

International Journal of Critical Infrastructure Protection

Pub Date : 2025-12-01 Epub Date: 2025-10-12 DOI: 10.1016/j.ijcip.2025.100807

Ehsan Naderi

The rapid evolution of smart cities relies on the integration of advanced technologies to enhance urban infrastructure, ensure system resilience, and address growing cybersecurity challenges. Toward that end, this paper scrutinizes the convergence of quantum computing (QC) and digital twin (DT) technologies as a novel solution to mitigate false data injection (FDI) cyberattacks, an escalating threat to the integrity of data-driven power and transportation systems. By combining the computational advantages of quantum algorithms with the real-time monitoring and simulation capabilities of DTs, this paper proposes an integrated framework along with a novel optimization algorithm for early detection, prevention, and mitigation of FDI attacks. The effectiveness of the proposed approach is demonstrated through a modified IEEE 39-bus power system coupled with an urban transportation network, highlighting improved system security, operational efficiency, and sustainability. This work contributes a forward-looking pathway for securing interconnected smart city infrastructures against evolving cyber threats.

智慧城市的快速发展依赖于先进技术的整合，以增强城市基础设施，确保系统弹性，并应对日益增长的网络安全挑战。为此，本文仔细研究了量子计算（QC）和数字孪生（DT）技术的融合，作为减轻虚假数据注入（FDI）网络攻击的新解决方案，虚假数据注入（FDI）网络攻击是对数据驱动的电力和运输系统完整性的不断升级的威胁。通过将量子算法的计算优势与dt的实时监控和模拟能力相结合，本文提出了一个集成框架以及一种新的优化算法，用于早期检测、预防和减轻FDI攻击。通过改进的IEEE 39总线电力系统与城市交通网络相结合，证明了所提出方法的有效性，突出了系统安全性、运行效率和可持续性的提高。这项工作为保护互联的智慧城市基础设施免受不断变化的网络威胁提供了前瞻性途径。

{"title":"Securing the future: Integrating quantum computing and digital twin technologies into modern power & transportation systems for resilient smart cities against false data injection cyberattacks","authors":"Ehsan Naderi","doi":"10.1016/j.ijcip.2025.100807","DOIUrl":"10.1016/j.ijcip.2025.100807","url":null,"abstract":"<div><div>The rapid evolution of smart cities relies on the integration of advanced technologies to enhance urban infrastructure, ensure system resilience, and address growing cybersecurity challenges. Toward that end, this paper scrutinizes the convergence of quantum computing (QC) and digital twin (DT) technologies as a novel solution to mitigate false data injection (FDI) cyberattacks, an escalating threat to the integrity of data-driven power and transportation systems. By combining the computational advantages of quantum algorithms with the real-time monitoring and simulation capabilities of DTs, this paper proposes an integrated framework along with a novel optimization algorithm for early detection, prevention, and mitigation of FDI attacks. The effectiveness of the proposed approach is demonstrated through a modified IEEE 39-bus power system coupled with an urban transportation network, highlighting improved system security, operational efficiency, and sustainability. This work contributes a forward-looking pathway for securing interconnected smart city infrastructures against evolving cyber threats.</div></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"51 ","pages":"Article 100807"},"PeriodicalIF":5.3,"publicationDate":"2025-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145319495","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

From antagonisms to synergies: A systematic review of safety-security interrelations 从对抗到协同：安全相互关系的系统回顾

IF 5.3 3区工程技术 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

International Journal of Critical Infrastructure Protection

Pub Date : 2025-12-01 Epub Date: 2025-10-30 DOI: 10.1016/j.ijcip.2025.100808

Verena Zimmermann , Linda Fanconi , Hannah Sievers , Yanis Isenring , Lisa Zankel , Marita Unden

As today’s critical infrastructures become increasingly digitalized and interconnected, the previously separated concepts of safety and security become increasingly intertwined. Researchers across domains thus call for joint consideration, e.g., in risk models and related standards. While this research field is emerging, the interrelations between safety and security are not yet well understood. However, a better understanding is highly relevant for anticipating, preventing, and handling incidents resulting from them. To shine light on these interrelations and their implications, we conducted a systematic literature review with a final data set of 213 publications. We not only systematized and quantified uncovered types of safety-security interrelations but also explored how different interrelations and related models impact on what is analyzed. From the systematization, we outline current trends and research gaps. Among others, we find a growing interest in safety-security interrelations as attested by sharp rise of publications and a growing diversification of models for co-analysis and co-engineering in the last years. The influence of security on safety is studied much more frequently as compared to an influence of safety aspects on security. Furthermore, we reveal an emphasis on studying the ”negative” types of interrelations, i.e., impairment and antagonism whereas potential synergies are scarcely analyzed. The findings can inform the more holistic development of truly combined as compared to previous sequential models for co-analysis and the design of processes and standards to support safety- and security-related stakeholders to anticipate and jointly cope with safety-security interrelations.

随着当今关键基础设施日益数字化和互联化，以前分离的安全和安保概念日益交织在一起。因此，跨领域的研究人员呼吁共同考虑，例如在风险模型和相关标准中。虽然这一研究领域正在兴起，但安全与保障之间的相互关系尚未得到很好的理解。然而，更好的理解与预测、预防和处理由此引起的事件高度相关。为了阐明这些相互关系及其含义，我们对213份出版物的最终数据集进行了系统的文献综述。我们不仅系统化和量化了未发现的安全相互关系类型，而且还探讨了不同的相互关系和相关模型如何影响所分析的内容。从系统的角度，我们概述了当前的趋势和研究差距。在其他方面，我们发现对安全-安全相互关系的兴趣日益增长，这一点在过去几年中得到了出版物急剧增加和共同分析和共同工程模型日益多样化的证明。与安全方面对安全的影响相比，安全对安全的影响的研究要频繁得多。此外，我们强调研究“消极”类型的相互关系，即损害和对抗，而潜在的协同效应很少分析。与之前的协同分析顺序模型相比，研究结果可以为真正的综合发展提供更全面的信息，并设计过程和标准，以支持安全和安保相关利益相关者预测和共同应对安全-安保相互关系。

{"title":"From antagonisms to synergies: A systematic review of safety-security interrelations","authors":"Verena Zimmermann , Linda Fanconi , Hannah Sievers , Yanis Isenring , Lisa Zankel , Marita Unden","doi":"10.1016/j.ijcip.2025.100808","DOIUrl":"10.1016/j.ijcip.2025.100808","url":null,"abstract":"<div><div>As today’s critical infrastructures become increasingly digitalized and interconnected, the previously separated concepts of safety and security become increasingly intertwined. Researchers across domains thus call for joint consideration, e.g., in risk models and related standards. While this research field is emerging, the interrelations between safety and security are not yet well understood. However, a better understanding is highly relevant for anticipating, preventing, and handling incidents resulting from them. To shine light on these interrelations and their implications, we conducted a systematic literature review with a final data set of 213 publications. We not only systematized and quantified uncovered types of safety-security interrelations but also explored how different interrelations and related models impact on what is analyzed. From the systematization, we outline current trends and research gaps. Among others, we find a growing interest in safety-security interrelations as attested by sharp rise of publications and a growing diversification of models for co-analysis and co-engineering in the last years. The influence of security on safety is studied much more frequently as compared to an influence of safety aspects on security. Furthermore, we reveal an emphasis on studying the ”negative” types of interrelations, i.e., impairment and antagonism whereas potential synergies are scarcely analyzed. The findings can inform the more holistic development of truly combined as compared to previous sequential models for co-analysis and the design of processes and standards to support safety- and security-related stakeholders to anticipate and jointly cope with safety-security interrelations.</div></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"51 ","pages":"Article 100808"},"PeriodicalIF":5.3,"publicationDate":"2025-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145465191","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Threat model for IEC 61850 based substation automation system 基于IEC 61850的变电站自动化系统的威胁模型

IF 5.3 3区工程技术 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

International Journal of Critical Infrastructure Protection

Pub Date : 2025-12-01 Epub Date: 2025-08-23 DOI: 10.1016/j.ijcip.2025.100789

Mihael Marović , Ante Đerek , Stjepan Groš , Ivan Kovačević

Threat models have major importance in the area of computer systems security, as they can help identify oversights in the security requirements of a system and influence the design of protection mechanisms. The objective of this paper is to improve the understanding of threats specific to the substation automation system based on the IEC 61850 standard. This would make the discussion and understanding of the protection mechanisms for IEC 61850 more fruitful. So, in this paper, we have developed a detailed threat model for a substation automation system based on the IEC 61850 standard. The developed threat model is based on attack trees and provides a visual and comprehensive overview of potential attack scenarios. The construction of the attack tree follows a top-down approach, starting with the attacker’s goal and encompassing all potential sequences of steps to achieve this goal. When considering possible ways to achieve a goal, we utilise the MITRE ATT&CK framework and take the specifics of the IEC 61850 substation automation system model into account. We used the threat model to discuss the effect of applying communication protection mechanisms to protect IEC 61850 substation automation system (SAS). While a few other threat models exist for IEC 61850 substation automation system, the model we presented here is significantly more comprehensive, it is adaptable and based on a novel threat modelling method that incorporates the MITRE attack pattern in the process of constructing an attack tree. One of the key findings of this article is the identification of the four fundamentally different ways to sabotage an IEC 61850 SAS. Other findings are related to the adaptivity of the attack tree, limitations of the attack tree, and mapping of known attacks on IEC 61850 SAS onto the attack tree.

威胁模型在计算机系统安全领域具有重要意义，因为它们可以帮助识别系统安全需求中的疏忽，并影响保护机制的设计。本文的目的是提高对基于IEC 61850标准的变电站自动化系统特定威胁的理解。这将使对IEC 61850保护机制的讨论和理解更加富有成果。因此，本文基于IEC 61850标准，建立了变电站自动化系统的详细威胁模型。开发的威胁模型基于攻击树，提供了对潜在攻击场景的可视化和全面概述。攻击树的构造遵循自顶向下的方法，从攻击者的目标开始，并包含实现该目标的所有潜在步骤序列。在考虑实现目标的可能方法时，我们使用MITRE ATT&；CK框架，并考虑到IEC 61850变电站自动化系统模型的具体情况。利用威胁模型讨论了应用通信保护机制保护IEC 61850变电站自动化系统（SAS）的效果。虽然IEC 61850变电站自动化系统存在一些其他的威胁模型，但我们在这里提出的模型更加全面，适应性强，并且基于一种新的威胁建模方法，该方法在构建攻击树的过程中结合了MITRE攻击模式。本文的主要发现之一是确定了破坏IEC 61850 SAS的四种根本不同的方法。其他发现与攻击树的适应性、攻击树的局限性以及将针对IEC 61850 SAS的已知攻击映射到攻击树有关。

{"title":"Threat model for IEC 61850 based substation automation system","authors":"Mihael Marović , Ante Đerek , Stjepan Groš , Ivan Kovačević","doi":"10.1016/j.ijcip.2025.100789","DOIUrl":"10.1016/j.ijcip.2025.100789","url":null,"abstract":"<div><div>Threat models have major importance in the area of computer systems security, as they can help identify oversights in the security requirements of a system and influence the design of protection mechanisms. The objective of this paper is to improve the understanding of threats specific to the substation automation system based on the IEC 61850 standard. This would make the discussion and understanding of the protection mechanisms for IEC 61850 more fruitful. So, in this paper, we have developed a detailed threat model for a substation automation system based on the IEC 61850 standard. The developed threat model is based on attack trees and provides a visual and comprehensive overview of potential attack scenarios. The construction of the attack tree follows a top-down approach, starting with the attacker’s goal and encompassing all potential sequences of steps to achieve this goal. When considering possible ways to achieve a goal, we utilise the MITRE ATT&CK framework and take the specifics of the IEC 61850 substation automation system model into account. We used the threat model to discuss the effect of applying communication protection mechanisms to protect IEC 61850 substation automation system (SAS). While a few other threat models exist for IEC 61850 substation automation system, the model we presented here is significantly more comprehensive, it is adaptable and based on a novel threat modelling method that incorporates the MITRE attack pattern in the process of constructing an attack tree. One of the key findings of this article is the identification of the four fundamentally different ways to sabotage an IEC 61850 SAS. Other findings are related to the adaptivity of the attack tree, limitations of the attack tree, and mapping of known attacks on IEC 61850 SAS onto the attack tree.</div></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"51 ","pages":"Article 100789"},"PeriodicalIF":5.3,"publicationDate":"2025-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144922855","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Robust trust management in Intelligent Transportation System: A machine learning approach 智能交通系统中的稳健信任管理：一种机器学习方法

IF 5.3 3区工程技术 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

International Journal of Critical Infrastructure Protection

Pub Date : 2025-12-01 Epub Date: 2025-11-25 DOI: 10.1016/j.ijcip.2025.100812

Ahmed Danladi Abdullahi , Erfan Bahrami , Tooska Dargahi , Mohammed Al-Khalidi , Mohammad Hammoudeh

Intelligent Transportation Systems (ITS) are revolutionising modern mobility by leveraging advancements in 5G technology, smart sensors, and sophisticated data analytics. These advancements facilitate the exchange and decision making of information in real time, improving safety and efficiency. However, the heterogeneous and loosely connected nature of the ITS components presents significant challenges in evaluating and managing trust within the ecosystem. Traditional approaches, such as blockchain-based consensus mechanisms, peer-to-peer voting systems, and static rule-based trust models, struggle to evaluate trust uniformly across diverse components and data types in real time, leaving the system vulnerable to various threats. Recent studies explored Machine Learning (ML) techniques to address trust management in ITS. These advanced approaches offer promising solutions for processing large volumes of heterogeneous data, identifying complex patterns, and adapting to dynamic environments. However, most existing ML-based solutions focus on assessing trust for particular components, such as vehicles and roadside units (RSUs), rather than addressing the collective trust of the entire ITS ecosystem.

This paper proposes a novel ML-based dynamic trust management system termed MLT. It employs a feedforward neural network and the Levenberg–Marquardt Algorithm to dynamically assess the trustworthiness of ITS components. The system incorporates a dynamic time decay factor and continuously updates the trust scores, allowing effective identification and isolation of malicious actors. Through extensive simulations, MLT outperforms baseline models by up to 10% in precision and 9% in F-measure across various attack scenarios. These results highlight the superior performance of MLT in accuracy and robustness compared to existing trust management models.

智能交通系统（ITS）通过利用5G技术、智能传感器和复杂的数据分析技术，正在彻底改变现代交通。这些进步促进了信息的实时交换和决策，提高了安全性和效率。然而，ITS组件的异构和松散连接的性质在评估和管理生态系统中的信任方面提出了重大挑战。传统的方法，如基于区块链的共识机制、点对点投票系统和基于静态规则的信任模型，很难实时地统一评估不同组件和数据类型的信任，这使得系统容易受到各种威胁。最近的研究探索了机器学习（ML）技术来解决ITS中的信任管理问题。这些高级方法为处理大量异构数据、识别复杂模式和适应动态环境提供了有前途的解决方案。然而，大多数现有的基于机器学习的解决方案侧重于评估特定组件（如车辆和路边单元（rsu））的信任，而不是解决整个ITS生态系统的集体信任问题。本文提出了一种基于机器学习的动态信任管理系统MLT。采用前馈神经网络和Levenberg-Marquardt算法对ITS组件的可信度进行动态评估。该系统采用动态时间衰减因子，并不断更新信任分数，从而有效识别和隔离恶意行为者。通过广泛的模拟，MLT在各种攻击场景中的精度和F-measure分别比基线模型高出10%和9%。这些结果突出了与现有信任管理模型相比，MLT在准确性和鲁棒性方面的优越性能。

{"title":"Robust trust management in Intelligent Transportation System: A machine learning approach","authors":"Ahmed Danladi Abdullahi , Erfan Bahrami , Tooska Dargahi , Mohammed Al-Khalidi , Mohammad Hammoudeh","doi":"10.1016/j.ijcip.2025.100812","DOIUrl":"10.1016/j.ijcip.2025.100812","url":null,"abstract":"<div><div>Intelligent Transportation Systems (ITS) are revolutionising modern mobility by leveraging advancements in 5G technology, smart sensors, and sophisticated data analytics. These advancements facilitate the exchange and decision making of information in real time, improving safety and efficiency. However, the heterogeneous and loosely connected nature of the ITS components presents significant challenges in evaluating and managing trust within the ecosystem. Traditional approaches, such as blockchain-based consensus mechanisms, peer-to-peer voting systems, and static rule-based trust models, struggle to evaluate trust uniformly across diverse components and data types in real time, leaving the system vulnerable to various threats. Recent studies explored Machine Learning (ML) techniques to address trust management in ITS. These advanced approaches offer promising solutions for processing large volumes of heterogeneous data, identifying complex patterns, and adapting to dynamic environments. However, most existing ML-based solutions focus on assessing trust for particular components, such as vehicles and roadside units (RSUs), rather than addressing the collective trust of the entire ITS ecosystem.</div><div>This paper proposes a novel ML-based dynamic trust management system termed MLT. It employs a feedforward neural network and the Levenberg–Marquardt Algorithm to dynamically assess the trustworthiness of ITS components. The system incorporates a dynamic time decay factor and continuously updates the trust scores, allowing effective identification and isolation of malicious actors. Through extensive simulations, MLT outperforms baseline models by up to 10% in precision and 9% in F-measure across various attack scenarios. These results highlight the superior performance of MLT in accuracy and robustness compared to existing trust management models.</div></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"51 ","pages":"Article 100812"},"PeriodicalIF":5.3,"publicationDate":"2025-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145623564","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0