Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
JCP
Special Issues
Cyber-Physical Security for Critical Infrastructures
share announcement

Cyber-Physical Security for Critical Infrastructures

A special issue of Journal of Cybersecurity and Privacy (ISSN 2624-800X). This special issue belongs to the section "Security Engineering & Applications".

Deadline for manuscript submissions: closed (30 September 2022) | Viewed by 27326

Special Issue Editors

Prof. Dr. Isabel Praça

E-Mail Website
Guest Editor
GECAD—Research Group on Intelligent Engineering and Computing for Advanced Innovation and Development, School of Engineering of the Polytechnic of Porto (ISEP), 4249-015 Porto, Portugal
Interests: cyber security; machine learning; intelligent decision support; intelligent and secure energy systems
Special Issues, Collections and Topics in MDPI journals
Prof. Dr. Silvio Ranise

E-Mail Website1 Website2
Guest Editor
Department of Mathematics, University of Trento and Center for Information and Communication Technology, Fondazione Bruno Kessler, Trento, Italy
Interests: digital identity (identification, authentication, access control); security and quality of virtualized systems (cloud, edge, Internet of Things); risk and privacy assessment; formal methods for security analysis; applied cryptography
Dr. Luca Verderame

E-Mail Website
Guest Editor
Computer Security at CSecLab, DIBRIS, University of Genova, Genoa, Italy
Interests: IoT security; mobile security; OS security
Dr. Habtamu Abie

E-Mail Website
Guest Editor
Norsk Regnesentral (Norwegian Computing Center, NR), 0373 Oslo, Norway
Interests: adaptive security; cybersecurity; Internet of Things; context-awareness; game theory; WBANs
Special Issues, Collections and Topics in MDPI journals

Special Issue Information

Dear Colleagues,

The secure operation of critical infrastructures is essential to the security of a nation, its economy, and the public’s health and safety. Security incidents in critical infrastructures can directly lead to a violation of users’ safety and privacy, physical damages, significant economic impacts for individuals and companies, and threats to human life, while decreasing trust in institutions and bringing their social value into question. Because of the increasing interconnection between the digital and physical worlds, these infrastructures and services are more critical, sophisticated, and interconnected than ever before. This makes them increasingly vulnerable to attacks, as confirmed by the steady rise of cyber-security incidents such as phishing or ransomware, but also cyber-physical incidents, such as the physical violation of devices or facilities in conjunction with malicious cyber activities. To address all these challenges, this Special Issue has the objective of bringing together security researchers and practitioners from the various verticals of critical infrastructures (e.g., the financial, energy, health, air transport, communication, gas and water domains) to rethink cyber-physical security in light of the latest technological developments (e.g., cloud computing, blockchain, big data, AI, internet-of-things (IoT)).

Prof. Dr. Isabel Praça
Prof. Dr. Silvio Ranise
Dr. Luca Verderame
Dr. Habtamu Abie
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Journal of Cybersecurity and Privacy is an international peer-reviewed open access quarterly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1000 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • critical infrastructures
  • cyber-physical security
  • collaborative risk assessment
  • predictive security
  • artificial intelligence for improved security
  • security of IoT
  • secure cloud infrastructures
  • IT/OT integration

Published Papers (5 papers)

Download All Papers
Order results
Result details
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:

Research

38 pages, 1089 KiB  
Article
A Synopsis of “The Impact of Motivation, Price, and Habit on Intention to Use IoT-Enabled Technology: A Correlational Study”
by Christina L. Phibbs and Shawon S. M. Rahman
J. Cybersecur. Priv. 2022, 2(3), 662-699; https://doi.org/10.3390/jcp2030034 - 18 Aug 2022
Cited by 5 | Viewed by 3745
Abstract
Older adults in the U.S. are interested in maintaining independence, aging at home longer, and staying active. Their substantial size, market share, and household wealth sparked the interest of investors and developers in remote monitoring, smart homes, ambient-assisted living, tracking, applications, and sensors [...] Read more.
Older adults in the U.S. are interested in maintaining independence, aging at home longer, and staying active. Their substantial size, market share, and household wealth sparked the interest of investors and developers in remote monitoring, smart homes, ambient-assisted living, tracking, applications, and sensors via the IoT. This study used the unified theory of acceptance and use of technology extended (UTAUT2). The overarching research question was: “To what extent do performance, effort, influence, conditions, motivation, price, and habit affect older adults’ behavioral intent to use IoT technologies in their homes?” The research methodology for this study was a nonexperimental correlation of the variables that affect older adults’ intention to use IoT-enabled technologies in their homes. The population was adults 60 plus years in northern Virginia. The sample consisted of 316 respondents. The seven predictors cumulatively influenced older adults’ behavioral intent to use IoT-enabled technologies, F(7, 308) = 133.50, p < 0.001, R2 = 0.75. The significant predictors of behavioral intention to use IoT technologies were performance expectancy (B = 0.244, t(308) = 4.427, p < 0.001), social influence (B = 0.138, t(308) = 3.4775, p = 0.001), facilitating conditions (B = 0.184, t(308) = 2.999, p = 0.003), hedonic motivation (B = 0.153, t(308) = 2.694, p = 0.007), price value (B = 0.140, t(308) = 3.099, p = 0.002), and habit (B = 0.378, t(308) = 8.696, p < 0.001). Effort expectancy was insignificant (B = −0.026, t(308) = −0.409, p = 0.683). This study filled the gap in research on older adults’ acceptance of IoT by focusing specifically on that population. The findings help reduce the risk of solutions driven by technological and organizational requirements rather than the older adults’ unique needs and requirements. The study revealed that older adults may be susceptible to undue influence to adopt IoT solutions. These socioeconomic dimensions of the UTAUT2 are essential to the information technology field because the actualizing of IoT-enabled technologies in private homes depends on older adults’ participation and adoption. This research is beneficial to IoT developers, implementers, cybersecurity researchers, healthcare providers, caregivers, and managers of in-home care providers regarding adding IoT technologies in their homes. Full article
(This article belongs to the Special Issue Cyber-Physical Security for Critical Infrastructures)
Show Figures

Figure 1

30 pages, 873 KiB  
Article
A Trust-Based Intrusion Detection System for RPL Networks: Detecting a Combination of Rank and Blackhole Attacks
by Philokypros P. Ioulianou, Vassilios G. Vassilakis and Siamak F. Shahandashti
J. Cybersecur. Priv. 2022, 2(1), 124-153; https://doi.org/10.3390/jcp2010009 - 09 Mar 2022
Cited by 14 | Viewed by 4939
Abstract
Routing attacks are a major security issue for Internet of Things (IoT) networks utilising routing protocols, as malicious actors can overwhelm resource-constrained devices with denial-of-service (DoS) attacks, notably rank and blackhole attacks. In this work, we study the impact of the combination of [...] Read more.
Routing attacks are a major security issue for Internet of Things (IoT) networks utilising routing protocols, as malicious actors can overwhelm resource-constrained devices with denial-of-service (DoS) attacks, notably rank and blackhole attacks. In this work, we study the impact of the combination of rank and blackhole attacks in the IPv6 routing protocol for low-power and lossy (RPL) networks, and we propose a new security framework for RPL-based IoT networks (SRF-IoT). The framework includes a trust-based mechanism that detects and isolates malicious attackers with the help of an external intrusion detection system (IDS). Both SRF-IoT and IDS are implemented in the Contiki-NG operating system. Evaluation of the proposed framework is based on simulations using the Whitefield framework that combines both the Contiki-NG and the NS-3 simulator. Analysis of the simulations of the scenarios under active attacks showed the effectiveness of deploying SRF-IoT with 92.8% packet delivery ratio (PDR), a five-fold reduction in the number of packets dropped, and a three-fold decrease in the number of parent switches in comparison with the scenario without SRF-IoT. Moreover, the packet overhead introduced by SRF-IoT in attack scenarios is minimal at less than 2%. Obtained results suggest that the SRF-IoT framework is an efficient and promising solution that combines trust-based and IDS-based approaches to protect IoT networks against routing attacks. In addition, our solution works by deploying a watchdog mechanism on detector nodes only, leaving unaffected the operation of existing smart devices. Full article
(This article belongs to the Special Issue Cyber-Physical Security for Critical Infrastructures)
Show Figures

Figure 1

11 pages, 577 KiB  
Article
Extending the Quality of Secure Service Model to Multi-Hop Networks
by Paul M. Simon and Scott Graham
J. Cybersecur. Priv. 2021, 1(4), 793-803; https://doi.org/10.3390/jcp1040038 - 15 Dec 2021
Cited by 1 | Viewed by 3696
Abstract
Rarely are communications networks point-to-point. In most cases, transceiver relay stations exist between transmitter and receiver end-points. These relay stations, while essential for controlling cost and adding flexibility to network architectures, reduce the overall security of the respective network. In an effort to [...] Read more.
Rarely are communications networks point-to-point. In most cases, transceiver relay stations exist between transmitter and receiver end-points. These relay stations, while essential for controlling cost and adding flexibility to network architectures, reduce the overall security of the respective network. In an effort to quantify that reduction, we extend the Quality of Secure Service (QoSS) model to these complex networks, specifically multi-hop networks. In this approach, the quantification of security is based upon probabilities that adversarial listeners and disruptors gain access to or manipulate transmitted data on one or more of these multi-hop channels. Message fragmentation and duplication across available channels provides a security performance trade-space, with its consequent QoSS. This work explores that trade-space and the corresponding QoSS model to describe it. Full article
(This article belongs to the Special Issue Cyber-Physical Security for Critical Infrastructures)
Show Figures

Figure 1

31 pages, 8479 KiB  
Article
A Methodological Approach to Evaluate Security Requirements Engineering Methodologies: Application to the IREHDO2 Project Context
by Romain Laborde, Sravani Teja Bulusu, Ahmad Samer Wazan, Arnaud Oglaza and Abdelmalek Benzekri
J. Cybersecur. Priv. 2021, 1(3), 422-452; https://doi.org/10.3390/jcp1030022 - 13 Jul 2021
Cited by 6 | Viewed by 5667
Abstract
An effective network security requirement engineering is needed to help organizations in capturing cost-effective security solutions that protect networks against malicious attacks while meeting the business requirements. The diversity of currently available security requirement engineering methodologies leads security requirements engineers to an open [...] Read more.
An effective network security requirement engineering is needed to help organizations in capturing cost-effective security solutions that protect networks against malicious attacks while meeting the business requirements. The diversity of currently available security requirement engineering methodologies leads security requirements engineers to an open question: How to choose one? We present a global evaluation methodology that we applied during the IREHDO2 project to find a requirement engineering method that could improve network security. Our evaluation methodology includes a process to determine pertinent evaluation criteria and a process to evaluate the requirement engineering methodologies. Our main contribution is to involve stakeholders (i.e., security requirements engineers) in the evaluation process by following a requirement engineering approach. We describe our experiments conducted during the project with security experts and the feedback we obtained. Although we applied it to evaluate three requirements engineering methods (KAOS, STS and SEPP) in the context of network security, our evaluation methodology can be instantiated in other contexts and other methods. Full article
(This article belongs to the Special Issue Cyber-Physical Security for Critical Infrastructures)
Show Figures

Figure 1

22 pages, 766 KiB  
Article
CLAP: A Cross-Layer Analytic Platform for the Correlation of Cyber and Physical Security Events Affecting Water Critical Infrastructures
by Gustavo Gonzalez-Granadillo, Rodrigo Diaz, Juan Caubet and Ignasi Garcia-Milà
J. Cybersecur. Priv. 2021, 1(2), 365-386; https://doi.org/10.3390/jcp1020020 - 09 Jun 2021
Cited by 2 | Viewed by 6327
Abstract
Water CIs are exposed to a wide number of IT challenges that go from the cooperation and alignment between physical and cyber security teams to the proliferation of new vulnerabilities and complex cyber-attacks with potential disastrous consequences. Although novel and powerful solutions are [...] Read more.
Water CIs are exposed to a wide number of IT challenges that go from the cooperation and alignment between physical and cyber security teams to the proliferation of new vulnerabilities and complex cyber-attacks with potential disastrous consequences. Although novel and powerful solutions are proposed in the literature, most of them lack appropriate mechanisms to detect cyber and physical attacks in real time. We propose a Cross-Layer Analytic Platform (denoted as CLAP) developed for the correlation of Cyber and Physical security events affecting water CIs. CLAP aims to improve the detection of complex attack scenarios in real time based on the correlation of cyber and physical security events. The platform assigns appropriate severity values to each correlated alarm that will guide security analysts in the decision-making process of prioritizing mitigation actions. A series of passive and active attack scenarios against the target infrastructure are presented at the end of the paper to show the mechanisms used for the detection and correlation of cyber–physical security events. Results show promising benefits in the improvement of response accuracy, false rates reduction and real-time detection of complex attacks based on cross-correlation rules. Full article
(This article belongs to the Special Issue Cyber-Physical Security for Critical Infrastructures)
Show Figures

Figure 1

Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-5
Back to TopTop