Next Article in Journal
Understanding Antecedents of Learning Management System Usage among University Lecturers Using an Integrated TAM-TOE Model
Previous Article in Journal
Use of Shredded Recycled Plastic as Filter Bed Packing in a Vertical Flow Filter for Onsite Wastewater Treatment Plants: Preliminary Findings
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Sustainability
Volume 15
Issue 3
10.3390/su15031884
Review Report
sustainability-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
Article
Peer-Review Record

SCKPISec: A KPI-Guided Model-Based Approach to Realize Security by Design for Smart City Systems

Sustainability 2023, 15(3), 1884; https://doi.org/10.3390/su15031884
by Tong Ye, Yi Zhuang * and Gongzhe Qiao
Reviewer 1:
Mohamad Kashef
Reviewer 2:
Mohammad Qatawneh
Sustainability 2023, 15(3), 1884; https://doi.org/10.3390/su15031884
Submission received: 7 December 2022 / Revised: 13 January 2023 / Accepted: 16 January 2023 / Published: 18 January 2023

Round 1

Reviewer 1 Report

This is a very well-written and researched paper that examines smart city security threats challenging the integrity and reliability of smart city systems. It adopts UML to advance a KPI-guided security protocol that embeds the ‘Security by Design’ approach in developing smart city architecture and management systems. I would advise the authors to remove the abstract statement of “To the best of our knowledge…..” and replace it with literature-based statements that either reference other security model-based approaches and/or highlight existing shortcomings.

 

The authors note regarding the vulnerability of smart city systems is under-researched (Lines 47-52) as recent configurations of smart city management systems rely on the redundancy and ability of wireless mesh-based networks to split and/or exclude infected components without substantially affecting the reliability and streaming connectivity. This discussion needs some development and a nuanced presentation of the literature references.

The research moves smoothly from identifying the research gap, contribution, structure, and model development. This applies as well to UML modeling, SCKPISec profile, verification, analysis, and proposed protocol architecture. The authors provide a thorough consideration of the feasibility and applicability of SCKPISec (RQ1, RQ2). The authors have also provided effective discussions for research results, analysis, concluding remarks, and future research. Applying machine learning and realizing automatic modeling of attacks (zero-day attack detection) is a reasonable proposal for future research.

 

 

Author Response

Please see the attachment.

Author Response File: Author Response.pdf

Reviewer 2 Report

Overall the paper is good and addresses a timely topic. I have a number of comments:

Abstract: The abstract needs a rewrite, currently it is doesn’t offer why and how from the below questions, or highlight the gap in the literature, etc. It needs to be more about ‘what I found and concluded’ and less about ‘what topics I am going to talk about’.  Usually, a good abstract cover these questions:

What is your paper about?

Why is it important?

How did you do it? 

What did you find?

Why are your findings important?

 

Section 2 introduces the background. In this section you need to articulate how previous literature understands the security concepts and why they are helpful or not in this research.

- It would be great to show a threat model that can benefit from the proposed approach by applying ML.

Author Response

Please see the attachment.

Author Response File: Author Response.pdf

Back to TopTop