Integration of Cybersecurity, Usability, and Human-Computer Interaction for Securing Energy Management Systems

Abstract

The energy sector is a critical contributor to the growth and development of any country’s economy. However, ensuring robust cybersecurity within the context of smart energy services presents persistent usability challenges in an increasingly digital environment. This study explores the intersection of human-computer interaction (HCI), cybersecurity, and usability to identify and address issues that impact the overall security of smart energy management systems. By analyzing the complex relationships between users and security protocols, this research aims to enhance the security framework, promote better user adherence, and improve system usability. The study focuses on three primary objectives: (1) identifying the most prevalent usability issues in current cybersecurity practices; (2) examining the relationship between HCI and user compliance with security measures; and (3) proposing strategies to improve cybersecurity usability by leveraging HCI principles. Hybrid approaches utilizing artificial intelligence facilitate empirical analysis and framework evaluation. Additionally, a comparative study with six existing models has been conducted. By envisioning a future where security measures not only ensure enhanced protection but also integrate seamlessly into user experiences, this approach seeks to provide valuable insights into ongoing cybersecurity discussions and contribute to a more resilient security landscape against evolving digital threats.

1. Introduction

In our modern digital landscape, the reliance on interconnected energy management systems and digital technologies has reached unprecedented levels, underscoring the paramount importance of cybersecurity. According to a report by the International Energy Agency (IEA), global investment in smart energy infrastructure is expected to surpass $400 billion by 2025, driven by the increasing adoption of renewable energy sources and the digitization of energy management systems [1]. However, alongside this growth comes an escalation in cybersecurity risks. The World Economic Forum’s Global Risks Report identifies cyber-attacks as one of the top ten global risks in terms of likelihood and impact, with the potential to disrupt critical infrastructure and undermine trust in digital technologies.

The Energy Management Systems Market is on a robust growth trajectory, poised to expand from an estimated value of USD 55.03 billion in 2024 to a projected USD 113.85 billion by 2029, representing a remarkable CAGR of 15.65% during 2024–2029 [2]. This surge is primarily driven by escalating demand for smart meter applications among end users and substantial investments in intelligent electric and building technologies. Noteworthy is the USD 10.5 billion allocation by the US Department of Energy in September 2022, aimed at fortifying the nation’s energy grid through initiatives such as smart grids and upgrades, with USD 2.5 billion dedicated to grid resilience, USD 3 billion to smart grids, and USD 5 billion to grid innovation under the Grid Resilience and Innovation Partnership program. Concurrently, the global energy management system (EMS) market has witnessed significant growth, expanding from USD 29.58 billion in 2022 to an anticipated USD 101.36 billion by 2032, boasting a compound annual growth rate (CAGR) of 14.70% during the forecast period [3]. EMS has emerged as indispensable for promoting sustainability and optimizing resource utilization as various sectors, including industries, businesses, and governments, confront energy consumption challenges.

As individuals, businesses, and governments increasingly migrate their operations to digital platforms, the protection of sensitive information and digital assets becomes not just a priority but a necessity. However, despite the continuous evolution of cybersecurity measures, a persistent challenge persists—the delicate balance between security effectiveness and user-friendliness. Research indicates that while cybersecurity measures are essential for safeguarding digitalized energy management systems, overly complex security protocols can lead to user frustration and non-compliance, potentially weakening overall security defenses [4,5,6]. The limits of cyber security as we know it today were precisely established by the bounds of cyber security as it pertains to certain uses. However, perception of cyber security has changed once again due to the development of the Internet and related technological advances, as well as ever-changing technology usage habits. A paradigm shift from cyber security for securing energy management systems that is functional and usage-based to one that is user-centric is required as a result of security issues, which in turn calls for immersive security and a greater emphasis on human-centric cyber security for smart energy sectors.

This research paper embarks on a journey into the complex intersection of cybersecurity and HCI to unravel the usability challenges that hinder the seamless functionality of security measures within smart energy services. This exploration seeks to decode the nuanced interactions between humans and cybersecurity protocols, shedding light on potential obstacles that compromise the overall security posture of digitalized energy management systems in this sector. By examining existing literature on cybersecurity, usability, and HCI, the author aims to build upon established frameworks and theories to develop a comprehensive understanding of the challenges and opportunities at the nexus of these domains.

By dissecting the intricate dynamics between users and security interfaces, this work aims not only to identify prevalent challenges but also to pave the way for innovative strategies that bolster the usability of cybersecurity measures. This paper’s overarching goal is to foster improved user compliance, ultimately contributing to a fortified security landscape in our increasingly digitized world.

The primary objectives guiding this research endeavor are threefold:

Identification of Common Usability Challenges: This research seeks to pinpoint prevalent usability challenges embedded in existing cybersecurity practices within smart energy services. By analyzing user feedback, system logs, and expert opinions, work aims to identify pain points and areas for improvement in current security protocols.

Exploration of HCI Impact: Delving into the impact of HCI on user compliance with security protocols is a critical facet of this study. By conducting user studies, surveys, and experiments, work aims to uncover the behavioral and cognitive aspects that influence user interactions with cybersecurity measures.

Proposal of Strategies for Improvement: Armed with insights into usability challenges and HCI dynamics, this research endeavors to propose pragmatic strategies for enhancing the usability of cybersecurity measures within smart energy services. Drawing upon best practices from both cybersecurity and HCI fields, this work aims to develop actionable recommendations for improving the design and implementation of security protocols.

Through this comprehensive exploration, the author aims to contribute to the ongoing discourse on cybersecurity, emphasizing the imperative of addressing usability challenges to fortify the overall security landscape. By embracing a multidisciplinary approach that integrates the realms of cybersecurity, usability, and HCI, the author envisions a future where smart energy management systems not only boast heightened security measures but are also inherently user-friendly, fostering collective resilience against emerging cyber threats.

The significance of this research extends beyond academic curiosity, permeating into the realms of industry, policy-making, and technology development within smart energy services [7,8]. A deeper understanding of HCI implications in cybersecurity, specifically tailored for smart energy services, can inform the creation of user-centric security solutions, cultivate a culture of cyber awareness, and ultimately fortify the digital infrastructure against emerging threats within this specialized domain. As the author embarks on this investigation, this work anticipates that the findings will pave the way for practical and actionable strategies to improve usable cybersecurity within smart energy services, ensuring a safer and more resilient digital future for individuals and organizations alike.

2. Materials and Methods

2.1. Principles of Effective Human-Computer Interaction in Energy Services

In the domain of energy services, unlike in fields such as computing, where centralized committees like those for ethics in the Association for Computing Machinery (ACM) establish universally applicable standards, there exists a notable absence of a standardized set of principles in HCI [9,10]. This absence has led to a diverse array of HCI implementation approaches, often more akin to abstract guidelines than rigid rules. Despite this diversity, numerous HCI professionals have formulated their own unique sets of principles, laying the groundwork for identifying commonalities among them [11,12].

Within this context, it becomes imperative to distill these diverse principles into a coherent framework that encapsulates the overarching HCI principles pertinent to energy services. Through a systematic approach, this section endeavors to categorize the multitude of principles into five essential components (Figure 1) [13,14,15]. These components serve as pillars, each representing a fundamental aspect of HCI within the realm of energy services. By synthesizing these components, this research aims to establish a foundation for understanding and applying HCI principles in the design and implementation of energy management systems.

2.1.1. Affordance

The principle of affordance is fundamental to ensuring user-friendly interfaces that intuitively convey the functionality of various components [16,17]. Affordance dictates that design elements should naturally express their purpose to users, facilitating seamless interaction with energy management systems. Clear indications of functionality, such as visible connections between different features, are crucial for enhancing the user experience. For instance, incorporating recognizable symbols or phrases, such as energy efficiency icons or intuitive navigation labels, helps users easily identify and utilize relevant tools or resources. Similarly, integrating familiar symbols, such as energy-saving badges or renewable energy logos, in relevant sections enhances user understanding and engagement with energy-related content. By leveraging affordance principles in interface design, energy service providers can empower users to make informed decisions and effectively manage their energy consumption.

2.1.2. User Feedback and Interaction

In the realm of energy services, the significance of providing feedback to users tailored to their activities is accentuated. Effective engagement hinges on timely feedback, irrespective of whether users’ actions are correct or erroneous [18,19,20]. It is vital to keep users informed about the ongoing operations within the energy system. For instance, notifying users about invalid inputs through error messages and employing visual cues such as hourglass symbols during loading periods are essential strategies. By offering pertinent feedback, energy service providers can enhance user understanding and interaction with the system, ultimately improving user experience and satisfaction.

2.1.3. Setting Constraints

Establishing clear guidelines and limitations plays a crucial role in educating users, averting security breaches, and guaranteeing the proper utilization of software and online platforms [21,22,23,24,25]. Implementing restrictions is essential for thwarting potential hacking attempts and safeguarding sensitive energy-related data. For instance, setting constraints on password strength and limiting the number of failed login attempts serve as proactive measures to mitigate security risks. By imposing these limitations, energy service providers can effectively enhance the overall security posture, thereby minimizing the likelihood of unauthorized access and ensuring the integrity of critical energy infrastructure.

2.1.4. User Control and Flexibility

In the realm of energy services, it is imperative that users maintain control and flexibility in navigating their experience, even within necessary limits [26,27,28,29]. While security measures are essential, it is crucial that users can manage their accounts comfortably once these measures are in place. Excessively restrictive measures, such as antivirus software that overly limits user actions, can lead to consumer dissatisfaction and disengagement. Therefore, striking a balance between security and user freedom is essential for ensuring a positive user experience within energy service platforms.

• Feature Customization: Empowering users to customize their experience by adjusting settings, preferences, and features enhances their satisfaction and ensures the product meets their specific needs. By allowing users to tailor their experience to their preferences, energy service platforms can increase user enjoyment and engagement.
• Accessibility Options: Implementing inclusive design principles is essential in enabling users to modify the interface to accommodate various abilities and preferences. By providing accessibility options, energy service platforms can create a more user-friendly experience for a diverse audience, fostering inclusivity and enhancing user satisfaction across the board.

2.1.5. Consistency

In the context of energy services, maintaining consistency is paramount for ensuring a seamless user experience across the entire product ecosystem. Consistency entails the steadfast application of guidelines and principles, thereby instilling confidence in users as they interact with various functionalities. Disruptions to consistency can lead to confusion and hinder user engagement. Therefore, it is crucial to uphold consistency to provide users with a stable and predictable environment.

• Design Language Consistency: Consistency in design language, encompassing elements such as color schemes, fonts, and iconography, fosters coherence and ease of navigation within the user interface. By employing a unified design language, energy service providers can enhance user understanding and streamline interaction pathways, ultimately improving the overall user experience.
• Interaction Patterns: Consistent interaction patterns, including the placement of buttons and navigation flow, contribute to a seamless user experience. Predictable interactions reduce cognitive load and enhance usability, enabling users to navigate energy service platforms with ease and efficiency.

Moreover, these principles collectively contribute to an enhanced HCI framework tailored to energy services, thereby reinforcing usability and augmenting cybersecurity measures.

Table 1. Summary of the principles of effective HCI.

S. No.	Principle	Description	Examples
1	Affordance	Components or designs of an interface should express their purpose naturally, providing clear indications of functionality and visible connections between features.	Use of social network logos in relevant sections; recognizable symbols or phrasing for navigation.
2	User Feedback and Interaction	Delivering feedback to users based on their activities is crucial for effective engagement, whether they make correct choices or errors.	Error notifications for invalid inputs; visual indicators during loading periods (e.g., hourglass symbols).
3	Setting Constraints	Imposing limitations is essential for instructing users, preventing security breaches, and ensuring appropriate usage.	Limiting password strength; restricting the number of erroneous password attempts to prevent hacking.
4	User Control and Flexibility	Users should maintain control and flexibility in navigating their experience, even with necessary limitations.	Feature customization, allowing users to adjust settings and preferences; providing accessibility options for diverse users.
5	Consistency	Consistent application of guidelines and principles throughout the product enhances user confidence and prevents disruption in the user experience.	Design language consistency (consistent use of color schemes, fonts, and iconography); consistent interaction patterns.

and

Table 2. Summary of the sub-attributes of effective HCI.

S. No.	Principle	Description	Examples
1	Feature Customization	Users can tailor their experience by adjusting settings, preferences, and features.	Allowing customization of interface settings, preferences, and features.
2	Accessibility Options	Implementation of inclusive design principles for users with diverse abilities.	Providing options for users to modify the interface based on their abilities.
3	Design Language Consistency	Use of consistent design elements for a coherent and easily navigable UI.	Maintaining uniformity in color schemes, fonts, and iconography across the product.
4	Interaction Patterns	Consistent placement of buttons and navigation flow for a seamless user experience.	Ensuring predictable interactions by maintaining consistency in button placement.

provide a comprehensive summary of these principles and their respective sub-attributes, facilitating a deeper understanding of effective HCI practices within the energy services domain.

This structured approach not only facilitates comprehension but also provides a roadmap for practitioners and researchers to navigate the complexities of HCI in the context of energy services. By identifying the core components that underpin HCI principles in this domain, the author paves the way for the development of more effective and user-centric energy service solutions. Ultimately, this endeavor contributes to the advancement of HCI within the energy sector, fostering innovation and enhancing the usability and accessibility of energy service technologies for stakeholders across various domains.

2.2. HCI Implications

The significance of cybersecurity transcends mere technical measures and encompasses the human element, emphasizing the pivotal role of education and training [30,31,32,33,34]. Just as illustrated in Figure 2, the principles of HCI employ considerable influence in crafting robust cybersecurity education and training initiatives for smart energy services. These principles underscore the importance of designing user-centric programs that resonate with energy service professionals, enhancing their understanding of cybersecurity best practices and fostering a culture of cyber awareness and preparedness within the sector.

2.2.1. User-Centric Design

As this work navigates the realm of HCI within the energy services sector, the significance of user-centric design emerges as a crucial element in enhancing the usability of security interfaces [35,36,37,38,39].

• Tailoring Security Interfaces to User Preferences: User-centric design in this context involves customizing security interfaces to suit individual preferences, recognizing that users have distinct needs, habits, and expectations. By integrating customizable features, intuitive navigation, and personalized settings, security interfaces can cater to a diverse range of user preferences, resulting in a more engaging and user-friendly interaction. This approach not only improves the overall user experience but also fosters greater user compliance with security protocols, as users are more likely to adhere to measures that align with their preferences and habits.
• Considering Cognitive Abilities in Design: Another vital aspect of user-centric design within HCI for energy services is the consideration of diverse cognitive abilities. Designing security interfaces with cognitive diversity in mind ensures that individuals with varying levels of technical expertise, attention spans, and cognitive processing capabilities can effectively engage with and understand security measures. This inclusive approach entails simplifying complex security concepts, offering clear and concise instructions, and incorporating visual elements to aid comprehension. By factoring in cognitive abilities during the design phase, security interfaces become more accessible and accommodating, leading to enhanced user understanding and, consequently, improved cybersecurity practices.

2.2.2. Education and Training

• Integrating HCI Principles in Cybersecurity Education: Integrating HCI principles into cybersecurity education is essential for fostering a comprehensive understanding of security measures among users [40,41,42,43,44,45]. By infusing educational modules with user-centric design, cognitive ergonomics, and usability considerations, individuals within the energy sector can develop enhanced capabilities to interact with and adhere to security protocols. This integration not only enriches the learning experience but also ensures that cybersecurity practices resonate with human behaviors and cognitive processes, thereby facilitating improved user compliance with security measures.
• Practical Implementation of Security Protocols: Beyond theoretical knowledge, effective cybersecurity education within energy services must equip individuals with practical skills for implementing security protocols in real-world scenarios [46,47,48,49,50]. This facet of education entails hands-on training sessions, simulations, and practical exercises tailored to the energy sector’s unique requirements. Bridging the divide between theory and application, individuals acquire a deeper understanding of the usability aspects of security measures, enabling them to navigate and adhere to protocols seamlessly in their day-to-day activities. This practical implementation aspect ensures that cybersecurity education translates into tangible skills and behaviors, thereby fostering a more secure digital environment within the energy services domain.

2.3. Usability Challenges in Cybersecurity

2.3.1. Password Policies

Within the domain of energy services, password policies stand as a cornerstone of cybersecurity, serving to safeguard crucial digital assets. However, this aspect presents two significant usability challenges demanding focused attention [50,51,52,53,54,55]:

• Complexity vs. Memorability: The delicate balance between crafting intricate passwords for heightened security and ensuring user memorability poses a significant challenge. Current password policies often lean towards complexity to deter unauthorized access, inadvertently prompting users to adopt insecure practices. This subsection explores the intricate trade-off between password complexity and user memorability, seeking to strike an optimal equilibrium that fortifies security without compromising user convenience.
• User-Friendly Authentication Solutions: The effectiveness of password policies hinges on the user’s ability to navigate authentication processes seamlessly. Cumbersome or unintuitive authentication procedures can hinder user compliance, leading to risky practices for the sake of convenience. This section delves into the landscape of user-friendly authentication solutions, aiming to propose strategies that enhance the usability of password policies. By considering human-centric design principles, innovative authentication methods can be developed to ensure both robust security and a positive user experience.

2.3.2. Security Alerts and Warnings

Effective communication of security alerts and warnings is paramount in energy services cybersecurity, yet it poses substantial usability challenges [56,57,58]:

• Clarity and Conciseness: The clarity and conciseness of security alerts play a pivotal role in user comprehension and response. Often, verbose or convoluted messages can lead to user confusion, hindering prompt and appropriate actions. Striking the right balance between comprehensive information and briefness is crucial, calling for a user-centric design approach to tailor alerts that convey essential information clearly.
• Emotional Impact of Alerts: The emotional impact of security alerts significantly influences user reactions and decisions. Alerts designed to evoke fear or panic may lead to hasty and potentially erroneous responses, while overly mild alerts may fail to convey the severity of the situation. Achieving an optimal emotional impact requires interfaces that deliver alerts that are both informative and emotionally resonant without inducing undue stress.

2.3.3. Two-Factor Authentication

Two-Factor Authentication (2FA) is pivotal in bolstering digital security within energy services, yet its implementation encounters usability challenges [41,42,59]:

• Streamlining the Authentication Process: 2FA authentication often encounters usability challenges, primarily related to the intricacies of the authentication process. Streamlining this process is crucial to enhance usability, as cumbersome steps can lead to user frustration and resistance. This section investigates strategies to simplify the 2FA authentication journey, emphasizing user-centric design principles for a seamless and efficient experience.
• Balancing Security and User Convenience: Striking a delicate balance between stringent security measures and user convenience is crucial for 2FA adoption. While stringent security is necessary, it can sometimes result in a cumbersome experience for users, potentially leading to non-compliance or insecure workarounds. This subsection delves into finding the equilibrium between robust security protocols and user-friendly experiences, proposing strategies that prioritize both security and user convenience. Further,

  Table 3. Usability challenges in cybersecurity.

  S. No.	Usability Challenges in Cybersecurity	Examples	Strategies for Improvement
  Password Policies
  1	Complexity vs. Memorability	Crafting intricate passwords for security vs. user memorability challenges. Users are adopting insecure practices due to complex passwords.	Implementing passphrase options that balance complexity and memorability. Educating users on creating strong yet memorable passwords. Utilizing biometric authentication as an alternative.
  2	User-Friendly Authentication Solutions	Cumbersome or unintuitive authentication procedures hinder compliance.	Implementing intuitive graphical interfaces for authentication. Exploring passwordless authentication methods. Conducting user testing to refine authentication processes.
  Security Alerts and Warnings
  3	Clarity and Conciseness	Verbose or convoluted security alerts leading to user confusion.	Implementing clear and concise language in security alerts. Providing actionable steps for users to follow in response to alerts. Regularly testing and refining alert messaging through user feedback.
  4	Emotional Impact of Alerts	Alerts inducing fear or being too mild affecting user reactions.	Tailoring alerts to convey severity without inducing panic. Considering user psychology in alert design. Providing context and guidance within the alert itself.
  Two-Factor Authentication
  5	Streamlining the Authentication Process	Cumbersome or confusing 2FA steps leading to user frustration.	Simplifying 2FA steps through intuitive design. Offering user-friendly 2FA mobile apps. Providing clear instructions and guidance during the authentication process.
  6	Balancing Security and User Convenience	Stringent security measures vs. user-friendly experiences in 2FA.	Offering flexible 2FA options to cater to user preferences. Implementing adaptive 2FA based on user context. Educating users on the importance of 2FA while emphasizing ease of use.

  shows the usability challenges in cybersecurity, along with examples and possible strategies for improvement.

2.4. Enhancing Usable Cybersecurity in Energy Services

2.4.1. Adaptive Interfaces

In the pursuit of bolstering usable cybersecurity within the energy services sector, the implementation of adaptive interfaces emerges as a pivotal strategy [43,44,45]. These interfaces are tailored to personalize the user experience based on individual behavior, preferences, and historical interactions. By understanding and accommodating the unique patterns of user behavior, adaptive interfaces offer a more personalized and intuitive cybersecurity experience. This approach not only enhances user satisfaction but also mitigates the risk of non-compliance due to friction associated with rigid security measures.

• Personalization for User Behavior: Personalizing cybersecurity interfaces to align with individual user behavior is a cornerstone of enhancing usability within energy services. Leveraging data analytics and machine learning algorithms, adaptive interfaces can discern patterns in user interactions, enabling the system to anticipate and adapt to user preferences. Whether it involves adjusting authentication mechanisms or customizing security alerts, personalization enhances user engagement and promotes a more intuitive and user-friendly cybersecurity environment.
• Dynamic Security Measures: The dynamic nature of cybersecurity threats requires a proactive response, and adaptive interfaces play a crucial role in implementing dynamic security measures within energy services. These measures involve real-time adjustments to security protocols based on the evolving threat landscape and user activities. For instance, the system might escalate security measures in response to detected anomalies or relax them during periods of routine user behavior. This dynamic adaptability ensures that security remains robust without unduly burdening users, striking a balance between protection and usability.

2.4.2. Continuous User Feedback

• Importance of User Input: User input is an invaluable asset in the quest for usable cybersecurity within the energy services sector [46,47]. Understanding the perspectives, experiences, and challenges faced by end-users is crucial in identifying usability issues and refining security protocols. Through surveys, usability testing, and direct user engagement, organizations can gain insights into user behaviors, preferences, and concerns, empowering them to make informed decisions in fortifying cybersecurity measures.
• Implementing Iterative Improvements: Implementing iterative improvements based on continuous user feedback is a cornerstone of enhancing usable cybersecurity within energy services [47,48]. By establishing a feedback loop that incorporates user suggestions and experiences, organizations can adapt and refine security measures in real-time. This iterative process ensures that cybersecurity protocols remain effective and user-friendly in the face of evolving threats. It fosters a culture of responsiveness, where cybersecurity measures are not static but evolve in tandem with user needs and emerging cyber risks, ultimately contributing to a more resilient and adaptable cybersecurity framework within the energy services sector. Further,

  Table 4. Mapping between aspects, adoptive interfaces, and continuous user feedback.

  S. No.	Aspect	Adaptive Interfaces	Continuous User Feedback
  1	Objective	Tailor cybersecurity to user behavior	Gather insights and improve based on feedback
  2	Personalization	Customizes based on behavior and preferences	Utilizes user input to enhance usability
  3	Data Utilization	Leverages analytics and ML algorithms	Involves surveys, usability testing, and engagement
  4	User Satisfaction	Enhances satisfaction through personalization	Builds collaboration and trust through feedback
  5	Risk Mitigation	Reduces non-compliance risks with personalized experience	Identifies and addresses usability issues for better security
  6	Dynamic Adaptability	Adjusts in real-time to evolving threats	Adapts security measures in response to user input
  7	Balancing Act	Balances protection and usability	Fosters a culture of responsiveness and improvement
  8	Proactive Response	Proactively addresses emerging threats	Responds to evolving user needs and cyber risks
  9	Resilience	Contributes to a more resilient cybersecurity ecosystem	Establishes an adaptable and effective security framework
  10	User-Centric Approach	Prioritizes individual user preferences	Incorporates user perspectives for informed decisions
  11	Collaboration	Enhances engagement and collaboration	Fosters a sense of collaboration and trust
  12	Iterative Improvements	Enhances usability through continuous refinement	Adapts and refines security measures in real-time
  13	Cultural Impact	Promotes a user-friendly cybersecurity culture	Instills a culture of responsiveness and improvement

  shows the mapping between aspects, adoptive interfaces, and continuous user feedback.

2.5. Case Studies

This research article delves into the pivotal intersection of cybersecurity and HCI, examining how these disciplines converge to enhance the usability and effectiveness of cybersecurity measures in the smart energy sector.

2.5.1. Case Study 1: Biometric Authentication in Corporate Environments

• Scenario: A multinational energy corporation integrates biometric authentication into its cybersecurity strategy [5,7,10,14,27,37,49]. However, employees express concerns regarding usability and privacy implications. This case study evaluates how HCI influences user acceptance, efficiency, and the organization’s overall security posture.
• Findings: The research uncovers challenges including resistance to change, privacy concerns, and the importance of transparent communication. Recommendations include incorporating user feedback into system design, implementing comprehensive training programs, and developing clear privacy policies to address employee apprehensions.

2.5.2. Case Study 2: Phishing Awareness Training for Small Businesses

• Scenario: A small energy business experiences a data breach due to a phishing attack [8,12,16,30]. This study examines HCI aspects of phishing awareness training programs, aiming to optimize user interfaces and training materials for better comprehension and effectiveness.
• Findings: Challenges identified include information overload, lack of engaging content, and the need for personalized learning experiences. Suggestions include incorporating interactive elements, simulations, and regular updates to training materials, emphasizing a user-centric approach to enhance cybersecurity awareness among small business employees.

2.5.3. Case Study 3: Usability of Mobile Security Apps for Personal Devices

• Scenario: With the growing reliance on mobile devices in the energy sector, individuals use various security apps to safeguard personal information [15,30,31,32,43,48]. This study explores HCI implications of mobile security apps, aiming to identify usability issues and propose enhancements.
• Findings: Challenges such as confusing interfaces, intrusive notifications, and the balance between security and usability are highlighted. Recommendations include simplified interfaces, customizable settings, and clear communication of security features to improve the user experience and encourage consistent use.

These case studies underscore the critical role of HCI in shaping usable cybersecurity solutions within the energy sector. By understanding and addressing HCI implications, energy organizations can develop more effective and user-friendly cybersecurity measures, contributing to a safer and more secure digital landscape tailored to the unique needs of the energy industry.

2.6. Research Gaps

The intricate interplay between HCI, cybersecurity, and usability is equally relevant and compelling within the energy sector. Recognizing the multifaceted challenges and opportunities inherent in this relationship, this research endeavors to delve deeply into this relationship. By shedding light on the intricate dynamics at play, the author aims to identify and address critical research gaps that demand thorough investigation.

2.6.1. Understanding Human Behavior in Cybersecurity Contexts

• Behavioral Psychology and Decision-Making: It is clear from the preceding sections on different case studies that, in the realm of energy, insights from behavioral psychology and decision-making studies hold immense significance [5,10,18,27]. Conducting in-depth investigations utilizing methodologies rooted in behavioral psychology becomes essential. By delving into how energy consumers make decisions when presented with cybersecurity prompts, analyzing their perceptions of risks, and observing their responses to various security measures, this research can gain valuable insights. These insights will not only enhance understanding of users’ behaviors but also inform the design of interventions that resonate with users’ mental models. In turn, this knowledge can help refine the implementation of cybersecurity protocols within energy systems, ensuring they are not only effective but also aligned with the cognitive processes and decision-making tendencies of energy consumers.
• Cognitive Science Approaches: As demonstrated in the preceding sections, the necessity of conducting thorough and comprehensive investigations cannot be overstated. To gain a deeper understanding of the complexities involved, it becomes essential to employ methodologies grounded in cognitive science, particularly those rooted in behavioral psychology. These approaches allow for a more nuanced exploration of how individuals perceive, process, and respond to various stimuli. By leveraging cognitive science frameworks, researchers can uncover the underlying mechanisms that drive human behavior, leading to more informed and effective solutions.

2.6.2. Adaptive Cybersecurity Interfaces

• Machine Learning in Interface Design: In the realm of energy, research should delve into the application of machine learning algorithms for adaptive interfaces [30,31,32,33,34]. By harnessing the power of user profiling and real-time adaptation strategies, these interfaces can evolve dynamically, catering to the unique needs and preferences of energy consumers. Such adaptive interfaces hold the potential to ensure a seamless and secure user experience across diverse demographics and proficiency levels within the energy sector. Through continuous learning and adaptation, these interfaces can enhance user engagement and satisfaction, ultimately contributing to a more efficient and user-centric energy ecosystem.
• Contextual Adaptation Strategies: Recognizing the contextual nuances inherent in energy-related interactions is imperative [35,36,37,38,39]. Investigations should delve into methodologies that empower interfaces to dynamically adjust, considering users’ cognitive capabilities, prevailing environmental conditions, and the unique tasks at hand.

2.6.3. Usability Metrics for Cybersecurity

• Holistic Evaluation Framework: Establishing standardized usability metrics necessitates a comprehensive evaluation framework [40,41,42,43] for the security of smart energy services. These metrics must go beyond mere usability to encompass the effectiveness of security measures, reflecting the unique challenges and priorities within the energy sector. To achieve this, exploration of innovative methodologies becomes essential. Techniques such as eye-tracking studies can offer insights into user interactions with energy management interfaces, identifying areas for improvement in both usability and security. Similarly, usability testing in simulated threat scenarios allows for the evaluation of system responses under pressure, ensuring resilience against potential cyber-attacks. Post-implementation assessments further provide valuable feedback on the real-world performance of security measures, facilitating continuous refinement and optimization. By embracing these novel methodologies, energy service providers can enhance both the usability and security of their systems, ultimately improving the reliability and trustworthiness of energy services for consumers and stakeholders alike.
• User-Centric Evaluation: In the context of energy services, integrating user-centric evaluation approaches is paramount. It is imperative that research delves into comprehending users’ viewpoints on the usability of cybersecurity measures, ensuring that metrics not only gauge technical effectiveness but also resonate with user expectations and preferences [44,45,46]. By incorporating user-centric evaluation methodologies, this work can tailor cybersecurity protocols to align seamlessly with the needs and behaviors of energy service stakeholders.

2.6.4. Human-Centric Threat Intelligence Integration

• Interdisciplinary Collaboration: In the realm of smart energy security, effective integration of human-centric threat intelligence necessitates interdisciplinary collaboration [47]. Cybersecurity specialists, behavioral psychologists, and human factors researchers must join forces to craft systems that deliver actionable insights while resonating with users’ cognitive frameworks and decision-making paradigms. By merging expertise from these diverse fields, energy security measures can be tailored not only to thwart cyber threats but also to harmonize seamlessly with the intuitive understanding and behaviors of energy industry professionals and stakeholders.
• User-Driven Threat Analysis: Research should delve into methodologies that empower users to engage in user-driven threat analysis, allowing them to play an active role in identifying and mitigating cybersecurity threats [48]. This user-centric approach ensures that security measures align with the needs and perspectives of end-users, enhancing their effectiveness and promoting greater user acceptance. Ultimately, a collaborative approach fosters a stronger sense of ownership and accountability among users, contributing to a safer and more resilient energy infrastructure.

2.6.5. Cultural and Socio-Economic Impacts on Cybersecurity Adoption

• Cross-Cultural Studies: To gain a holistic insight into the cultural and socio-economic implications within the energy sector, it is imperative to undertake thorough cross-cultural studies [5,6,7,8]. These studies should delve into the intricate ways in which cultural norms and economic conditions shape user perceptions and actions concerning cybersecurity in the energy domain. By unraveling these influences, researchers can lay the foundation for developing culturally sensitive and inclusive cybersecurity solutions tailored to the diverse needs and contexts of energy users worldwide. Such an approach not only enhances the effectiveness of cybersecurity measures but also fosters greater engagement and cooperation among communities, ultimately contributing to a more resilient and sustainable energy ecosystem.
• Inclusive Design Strategies: Crafting inclusive cybersecurity solutions entails delving into design strategies that cater to a wide array of cultural and socio-economic contexts for smart energy security services [10,11,12,13]. It is imperative that research in this domain prioritizes the development of adaptable interfaces and educational resources that effectively engage users from diverse backgrounds. By understanding the unique perspectives and needs of various energy stakeholders, including consumers, suppliers, and regulators, this work can tailor cybersecurity measures to be accessible and relevant to all, thereby fostering a more resilient and inclusive energy ecosystem.

2.6.6. User Education and Awareness Strategies

• Pedagogical Approaches: Effectively empowering users requires a sophisticated grasp of pedagogical approaches [16,17,18,19,20]. It is imperative that research delves into the effectiveness of different educational methodologies, such as gamification, immersive simulations, and personalized learning modules designed to cater to diverse learning styles and preferences. By investigating the efficacy of these strategies, energy educators can better tailor their approaches to engage and inform users, ultimately fostering a more informed and empowered energy-conscious population.
• Socio-Cultural Context of Education: Understanding the socio-cultural context is essential when devising educational initiatives [27,28,29]. Research should delve into how cultural factors influence the acceptance and efficacy of cybersecurity education within energy systems, guiding the creation of educational materials tailored to resonate with diverse communities. By recognizing and addressing cultural nuances, the author can ensure that cybersecurity education initiatives are not only relevant but also effective in promoting secure practices across different cultural backgrounds within the energy sector.

2.6.7. Privacy-Preserving HCI in Cybersecurity

• Cryptographic Techniques: Achieving a harmonious equilibrium between robust cybersecurity and safeguarding user privacy necessitates a deep dive into cryptographic techniques for smart energy services [31,32,33]. It is imperative for research efforts to prioritize the development of encryption methods and privacy-preserving algorithms tailored to the energy sector’s unique challenges and requirements. These techniques should be designed to strengthen the security of user data within energy systems while simultaneously upholding the fundamental right to privacy. By delving into cryptographic innovations, this research can pave the way for energy services that prioritize both security and privacy, thereby fostering trust and confidence among users in the digital energy ecosystem.
• Ethical Dimensions: Research endeavors must extend to encompass ethical considerations, ensuring that privacy-preserving HCI strategies adhere meticulously to legal and ethical standards [34,35,36,37]. This entails a thorough exploration of the ethical implications surrounding data collection, storage, and processing within the domain of cybersecurity. As smart energy systems become increasingly interconnected and reliant on digital technologies, the ethical handling of sensitive energy consumption data and user information is paramount. Researchers must scrutinize the ethical dimensions of data privacy and protection, aiming to strike a delicate balance between the imperative of cybersecurity and the rights of energy consumers. By addressing these ethical considerations head-on, research in the energy sector can pave the way for the development of robust yet ethically sound cybersecurity practices, ultimately fostering trust and transparency within smart energy services.

Addressing these research gaps is crucial for advancing the fields of HCI, cybersecurity, and usability within the context of smart energy security management systems. The comprehensive exploration of each subheading offers valuable insights and a clear roadmap for researchers and practitioners to collaboratively navigate the intricate challenges within the energy sector. By fostering interdisciplinary efforts, the author has the opportunity to cultivate innovative solutions that not only improve the usability of cybersecurity measures but also contribute to building a resilient and user-centric digital infrastructure tailored specifically for energy services. Furthermore,

Table 5. Summary of the research openings.

S. No.	Research Area	Key Focus	Recommended Research Strategies and Approaches
1	Understanding Human Behavior in Cybersecurity	Behavioral Psychology and Decision-Making	Conduct in-depth studies using behavioral psychology methodologies. Understand how users make decisions in cybersecurity contexts, their risk perceptions, and responses to security prompts. Design interventions aligned with users’ mental models.
		Cognitive Science Approaches	Incorporate cognitive science perspectives. Explore cognitive processes in users’ interactions with cybersecurity systems. Investigate cognitive load, attention allocation, and memory retention for designing user-friendly interfaces.
2	Adaptive Cybersecurity Interfaces	Machine Learning in Interface Design	Research machine learning algorithms for adaptive interfaces. Leverage user profiling and real-time adaptation strategies. Ensure seamless and secure user experiences across demographics and proficiency levels.
		Contextual Adaptation Strategies	Understand contextual factors influencing user interactions. Research strategies enabling interfaces to adapt based on cognitive abilities, environmental conditions, and specific tasks.
3	Usability Metrics for Cybersecurity	Holistic Evaluation Framework	Establish standardized usability metrics. Develop a holistic evaluation framework incorporating usability and security effectiveness. Explore methodologies such as eye-tracking studies, usability testing in simulated threat scenarios, and post-implementation assessments.
		User-Centric Evaluation	Incorporate user-centric evaluation approaches. Focus on understanding users’ perspectives on cybersecurity usability. Ensure metrics reflect technical effectiveness and align with user expectations and preferences.
4	Human-Centric Threat Intelligence Integration	Interdisciplinary Collaboration	Facilitate interdisciplinary collaboration. Engage cybersecurity experts, psychologists, and human factors researchers. Design systems providing actionable intelligence aligned with users’ mental models and decision-making processes.
		User-Driven Threat Analysis	Research methodologies for user-driven threat analysis. Enable users to actively participate in identification and mitigation of cybersecurity threats. Ensure security measures are not only effective but also resonate with end-users.
5	Cultural and Socio-Economic Impacts	Cross-Cultural Studies	Conduct cross-cultural studies. Explore how cultural norms and economic factors influence user attitudes and behaviors towards cybersecurity. Develop culturally sensitive and inclusive solutions.
		Inclusive Design Strategies	Develop inclusive cybersecurity solutions. Explore design strategies accommodating diverse cultural and socio-economic contexts. Focus on creating adaptable interfaces and educational materials for users from different backgrounds.
6	User Education and Awareness Strategies	Pedagogical Approaches	Explore the efficacy of various educational strategies. Use gamification, immersive simulations, and personalized learning modules. Tailor educational approaches to diverse learning preferences.
		Socio-Cultural Context of Education	Consider socio-cultural context in designing educational programs. Investigate how cultural nuances impact the reception of cybersecurity education. Develop culturally sensitive materials that resonate with diverse audiences.
7	Privacy-Preserving HCI in Cybersecurity	Cryptographic Techniques	Strike a balance between robust cybersecurity and user privacy. Research cryptographic techniques for encryption and privacy-preserving algorithms. Ensure user data security without compromising privacy rights.
		Ethical Dimensions	Encompass ethical considerations in privacy-preserving HCI strategies. Adhere to legal and ethical standards in data collection, storage, and processing. Explore ethical implications of cybersecurity practices.

provides a concise summary of the main research areas, key focuses, and recommended research strategies, serving as a valuable reference for future studies in this domain.

2.7. Proposed Framework

The proposed framework for enhancing usable cybersecurity within the energy sector by assessing HCI implications follows a systematic and multidisciplinary approach tailored to the unique challenges and requirements of smart energy services. By integrating insights from cybersecurity, usability, and HCI research, the framework aims to address the complex interplay between security measures and user experience, ultimately fostering improved usability and compliance with security protocols. Additionally, Figure 3 provides a graphical representation of the framework, illustrating the interconnected components and processes involved in enhancing cybersecurity within the smart energy domain. Figure 3 serves to elucidate the key concepts and relationships outlined in the framework, facilitating a clearer understanding of its implementation and potential impact on smart energy services.

• Needs Assessment and User Profiling

  ➢

  Identify user groups and their specific needs in the context of cybersecurity.

  ➢

  Conduct user profiling to understand diverse user characteristics, behaviors, and preferences.

• Usability Analysis of Existing Cybersecurity Measures

  ➢

  Evaluate current cybersecurity practices through usability testing and heuristic evaluations.

  ➢

  Identify common usability challenges in password policies, security alerts, two-factor authentication, and other relevant areas.

• Human-Computer Interaction Integration

  ➢

  Establish a multidisciplinary team comprising cybersecurity experts and HCI professionals.

  ➢

  Incorporate HCI principles into the design and development of cybersecurity interfaces.

• User-Centric Design

  ➢

  Develop user personas based on the identified user groups.

  ➢

  Design cybersecurity interfaces that align with user preferences, cognitive abilities, and expectations.

• Education and Training Programs

  ➢

  Design and implement HCI-informed cybersecurity education and training programs.

  ➢

  Ensure that training materials and sessions are accessible, engaging, and tailored to diverse user needs.

• Adaptive Interfaces

  ➢

  Implement adaptive interfaces that adjust to user behavior and preferences.

  ➢

  Use machine learning and user profiling to create personalized cybersecurity experiences.

• Security Alerts and Warnings Optimization

  ➢

  Improve the clarity and conciseness of security alerts.

  ➢

  Integrate emotional design principles to enhance the impact of alerts without causing user frustration.

• Continuous User Feedback Mechanism

  ➢

  Establish a systematic process for gathering user feedback through surveys, interviews, and usability testing.

  ➢

  Leverage feedback to identify emerging usability issues and user concerns.

• Iterative Improvements

  ➢

  Implement regular updates and iterative improvements based on user feedback.

  ➢

  Maintain a flexible development cycle that allows for quick adjustments to address evolving user needs and emerging cyber threats.

• User Compliance Analysis

  ➢

  Conduct research to explore the impact of HCI on user compliance with security protocols.

  ➢

  Analyze user behavior to understand the factors influencing compliance and identify areas for improvement.

• Proposal of Strategies for Usability Enhancement

  ➢

  Develop strategies for improving the usability of cybersecurity measures based on the HCI analysis and user feedback.

  ➢

  Prioritize strategies that address common usability challenges and contribute to a seamless user experience.

• Usability Metrics and Key Performance Indicators (KPIs)

  ➢

  Define measurable usability metrics and KPIs aligned with HCI principles.

  ➢

  Regularly assess and track usability improvements using established metrics.

• Training and Support Resources

  ➢

  Provide accessible and user-friendly training resources to assist users in understanding and implementing cybersecurity protocols.

  ➢

  Ensure that support resources are available for users encountering issues or requiring assistance.

• Integration with Organizational Policies

  ➢

  Align HCI-informed cybersecurity measures with existing organizational policies and procedures.

  ➢

  Foster a culture of cybersecurity awareness and compliance within the organization.

• Monitoring and Evaluation

  ➢

  Establish a continuous monitoring and evaluation process for the usability of cybersecurity measures.

  ➢

  Periodically assess the effectiveness of implemented improvements and make adjustments as needed.

By adopting this comprehensive framework, organizations can effectively integrate smart energy solutions with HCI principles, leading to enhanced usability, improved user compliance, and a more efficient and sustainable energy management system.

2.8. Comparison of the Framework with Other Models

The integration of HCI principles within the energy sector’s cybersecurity landscape is a multifaceted endeavor, crucial for addressing the intricate challenges posed by smart energy services. Drawing insights from a spectrum of disciplines including cybersecurity, usability, and HCI, this approach aims to harmonize security measures with user experience, thereby enhancing usability and compliance with stringent security protocols.

Initially, an understanding of the energy sector’s specific cybersecurity needs is imperative. Adepoju et al. (2023) [44] shed light on Nigeria’s energy sector, emphasizing the potential of HCI in adopting Industry 4.0 technologies. This underscores the importance of bridging the gap between technological advancement and user-centric design, especially in regions such as Nigeria facing infrastructural deficits.

Olivares-Rojas et al. (2020) [45] emphasized the role of HCI in improving user experience within smart metering systems. By incorporating HCI techniques, user acceptance and satisfaction can be heightened, addressing potential reluctances towards adopting such systems. However, ensuring the usability of these systems goes hand in hand with maintaining robust cybersecurity measures.

Sani et al. (2019) [46] highlight the criticality of cybersecurity within the context of the Energy Internet (EI), where the integration of IoT technologies introduces new security vulnerabilities. While their framework focuses primarily on security mechanisms, the proposed framework extends this by integrating HCI principles to ensure that cybersecurity measures are not only robust but also user-friendly and compliant.

Qi et al. (2022) [47] introduce an intelligent retrieval method for assessing power system service user satisfaction, emphasizing the importance of HCI in designing adaptive interfaces. By leveraging techniques such as genetic algorithms, interfaces can be tailored to meet user needs effectively, thereby enhancing user satisfaction and usability.

Furthermore, Braz et al. (2007) [48] propose a model that strikes a balance between usability and security, acknowledging the inherent trade-offs between the two. While their model offers insights into finding an equilibrium, the proposed framework builds upon this by providing a structured approach to integrating HCI with cybersecurity, ensuring that usability is not compromised in the pursuit of heightened security.

Lastly, Usmani et al. (2023) [49] delve into the secure integration of IoT-enabled sensors, stressing the significance of robust security measures to protect sensitive data. By addressing security concerns alongside usability considerations, the proposed framework endeavors to develop user-centric cybersecurity measures that are both secure and user-friendly, fostering widespread adoption and compliance.

Different frameworks discussed above offer usability, cyber security, and HCI in different scenarios for enhancing the overall security of smart energy services. No single framework discusses about three different scenarios under one issue, which is securing smart energy services. The proposed framework in this work offers a comprehensive approach to enhancing the usability and compliance of cybersecurity measures within smart energy services. By amalgamating insights from diverse disciplines and leveraging HCI principles, organizations can cultivate more efficient and sustainable energy management systems while safeguarding against emerging cyber threats and ensuring user satisfaction and compliance. Further,

Table 6. Existing model analysis.

S. No.	Features of Existing Model (EM)	EM#1 [44]	EM#2 [45]	EM#3 [46]	EM#4 [47]	EM#5 [48]	EM#6 [49]
1	Primarily system- or technology-centric	✓		✓	✓		✓
2	Limited consideration of human aspects		✓	✓			✓
3	Limited emphasis on visualizing automated decisions				✓	✓
4	Limited consensus and attention on learnability	✓		✓	✓		✓
5	Usability evaluation typically occurs post-implementation		✓	✓			✓
6	Technology-centric, little consideration for users	✓		✓	✓		✓
7	Limited integration of human expertise in ML		✓	✓			✓
8	Varies in terms of comprehensiveness and coverage				✓	✓
9	Varies, but often less focus on user experience	✓		✓	✓		✓
10	Limited emphasis on personalized cybersecurity		✓	✓			✓
11	Varies, not always explicit on metrics and monitoring		✓	✓			✓
12	Diverse, including cybersecurity and HCI studies				✓	✓
13	Varies, depending on the specific model or study	✓		✓	✓		✓

and

Table 7. Comparative analysis between proposed framework and existing models.

S. No.	Aspect	Proposed Framework	Existing Models	Advantages	Limitations	Other Considerations
1	Focus	Human-centric cybersecurity with a focus on usability	Primarily system- or technology-centric	Provides a more user-friendly and adaptable cybersecurity experience	May overlook nuanced human factors impacting security	Diverse perspectives contribute to a comprehensive understanding of the field
2	Components Considered	User, usage, and usability (3U’s)	Limited consideration of human aspects	Emphasizes holistic consideration of user experience	Potential neglect of human-centric vulnerabilities	Interdisciplinary collaboration is crucial for a holistic approach
3	Visualizing Dynamic Risk Assessment	Emphasizes user-centric process for visualization	Limited emphasis on visualizing automated decisions	Enhances user understanding of cybersecurity measures	May not fully address user comprehension challenges	The dynamic nature of risks requires ongoing adaptation in visualization
4	Learnability in HCI	Recognizes learnability as crucial, provides overview	Limited consensus and attention on learnability	Reduces training time and effort for users	Challenges in defining and evaluating learnability	Learnability is crucial for long-term usability
5	Early Usability Evaluation	Highlights importance of pre-implementation usability	Usability evaluation typically occurs post-implementation	Identifies and addresses issues before implementation	Limited real-world application before implementation	Timely feedback can significantly improve the final product
6	Human Factors Integration in Cybersecurity	Adopts holistic/human factors (HF) approach	Technology-centric, little consideration for users	Enhances cybersecurity culture and user compliance	Potential conflicts between rules and human vulnerabilities	Recognizing human factors as strengths, not just weaknesses, is vital
7	Interactive Machine Learning in Cybersecurity	Advocates for the integration of human expertise	Limited integration of human expertise in ML	Combines human intuition with algorithmic expertise	Difficulty in predicting evolving cybersecurity threats	Human expertise remains critical in uncertain domains
8	Comprehensive Approach	Multidisciplinary approach for systematic assessment	Varies in terms of comprehensiveness and coverage	Addresses the intersection of HCI and cybersecurity	May lack a holistic view of the cybersecurity landscape	Continuous evolution and adaptation are essential
9	User-Centric Design	Strong emphasis on user-centric design	Varies, but often less focus on user experience	Increases user satisfaction and engagement	May require additional resources for user-centric design	User feedback loops are integral for ongoing improvements
10	Personalization and Adaptation	Integrates adaptive interfaces, optimized alerts	Limited emphasis on personalized cybersecurity	Enhances effectiveness through tailored experiences	Implementation challenges in achieving personalization	Continuous monitoring is crucial for adapting to user needs
11	Usability Metrics and Continuous Monitoring	Defines usability metrics, continuous monitoring	Varies, not always explicit on metrics and monitoring	Facilitates ongoing improvement and adaptation	Resource-intensive for continuous monitoring	Aligning with industry standards enhances comparability
12	Application Area	Enhancing usable cybersecurity	Diverse, including cybersecurity and HCI studies	Improves overall security resilience and user compliance	May have narrower or broader applicability	Addressing specific cybersecurity challenges is vital
13	Methodological Approach	Multidisciplinary, systematic assessment	Varies, depending on the specific model or study	Offers a structured and comprehensive methodology	May lack a standardized approach	Collaboration across disciplines is essential

illustrate the comparative analysis between the proposed framework and existing models.

Table 6 and Table 7 analyze the proposed framework theoretically and with comparison with other existing models. However, for the successful implication of the proposed framework in the real world, there is a need for empirical assessment, which is shown in the next section.

3. Empirical Analysis

This section focuses on evaluating cybersecurity usability to ensure satisfaction and ease of use from a human-centric perspective. It is crucial to thoroughly analyze the results of usable cybersecurity to enhance the usability of security services with respect to human-centric elements. Different methodologies for decision-making are distinguished by their approaches for determining objectives and alternative weights [39,40]. The prioritization analysis of six existing models related to usable cybersecurity, along with the proposed model, is conducted using a Multi-Criteria Decision Making (MCDM) method [39]. While the Analytic Hierarchy Process (AHP) is commonly considered effective for group decision-making, some researchers have found Fuzzy AHP to provide more precise decisions, including their associated weights [42,43,44,45,46]. AHP is a significant tool widely used by decision-makers and researchers for priority analysis. To address the uncertainties and ambiguities inherent in human judgment, the authors propose a modified version of AHP known as Fuzzy AHP, which integrates Fuzzy Set Theory with the AHP methodology [39]. This study contributes to evaluating the impact of seven models on improving cybersecurity usability through HCI considerations, utilizing Fuzzy AHP and expert input to determine weights and rankings. Specifically, six existing models related to usable cybersecurity in addition to the proposed model discussed above are considered.

The Delphi technique was employed in this research as a core survey method to facilitate the application of the Fuzzy AHP [40,41,42]. This technique involves a systematic, itera-tive process of gathering and refining expert judgments to develop reliable input data for the decision-making framework. A panel of experts selected based on their domain knowledge and experience in fuzzy systems and multi-criteria decision-making, participated in several rounds of surveys. During each round, the experts provided pairwise comparisons of the identified criteria and sub-criteria using a predefined linguistic scale. The responses were then converted into fuzzy numbers to accommodate the uncertainty and imprecision inherent in human judgment.

After each round, the collected data was analyzed, and the results were shared anonymously with the experts to allow them to refine their judgments in subsequent rounds. This iterative feedback process continued until a consensus was reached, minimizing bias and improving the consistency of the assessments. The final aggregated ex-pert opinions were used to construct a fuzzy comparison matrix, from which fuzzy weights were derived using the analysis method. This approach ensured that the input for the Fuzzy AHP model was robust, reliable, and representative of collective expert knowledge, ultimately strengthening the validity and accuracy of the decision-making process.

The current contribution aims to assess the impact of seven models (six existing and one proposed) on enhancing cybersecurity usability through HCI considerations. To achieve this, a questionnaire is prepared, necessitating the participation of experienced experts in usability and security. Fuzzy AHP is selected for evaluating the significance of models due to its ability to manage vague judgmental inputs provided by participants [39]. Moreover, it can transform qualitative inputs into quantitative results, yielding weights and rankings that offer a more comprehensive assessment of the models [39]. The matrix of pairwise comparison is constructed using the opinions collected for the Fuzzy Analytic Hierarchy Process technique. To assess the quantitative weight of all seven models, collected expert views are translated into numeric values using Equations (1)–(3). These numeric values are then converted into Triangular Fuzzy Numbers (TFN) [40], represented as (l_ij, m_ij, h_ij), where l_ij represents the least possible, m_ij the most likely, and h_ij the extreme possible events. Additionally, TFN [ɳ_ij] is established according to the following equation:

$${\mathrm{ɳ}}_{\mathrm{i}\mathrm{j}}=\left({\mathrm{l}}_{\mathrm{i}\mathrm{j}},{\mathrm{m}}_{\mathrm{i}\mathrm{j}},{\mathrm{h}}_{\mathrm{i}\mathrm{j}}\right)\mathrm{where}{\mathrm{l}}_{\mathrm{i}\mathrm{j}}\le {\mathrm{m}}_{\mathrm{i}\mathrm{j}}\le {\mathrm{h}}_{\mathrm{i}\mathrm{j}}$$

(1)

$${\mathrm{l}}_{\mathrm{i}\mathrm{j}}=\mathrm{m}\mathrm{i}\mathrm{n}\left({\mathrm{J}}_{\mathrm{i}\mathrm{j}\mathrm{k}}\right)$$

(2)

$${\mathrm{m}}_{\mathrm{i}\mathrm{j}}=\left({\mathrm{J}}_{\mathrm{i}\mathrm{j}1},{\mathrm{J}}_{\mathrm{i}\mathrm{j}2},\dots \dots \dots {\mathrm{J}}_{\mathrm{i}\mathrm{j}\mathrm{k}}\right)1/\mathrm{k}$$

$${\mathrm{h}}_{\mathrm{i}\mathrm{j}}=\mathrm{m}\mathrm{a}\mathrm{x}\left({\mathrm{J}}_{\mathrm{i}\mathrm{j}\mathrm{k}}\right)$$

(3)

The aforementioned equations depict the J_ijk calculation, which signifies the comparative significance of values between two criteria as evaluated by expert k. i and j represent a set of criteria that are being assessed by the participants. Deriving the value η_ij requires the geometric mean of the scores provided by stakeholders for a given comparison. The application of the geometric mean is beneficial due to its ability to precisely capture and mirror the consensus view of stakeholders [40]. The minimum and maximum scores indicate the degree of relative significance that is least and greatest, respectively, between the two criteria.

Following the determination of the membership function Triangular Fuzzy Number (TFN) for each couple of comparisons, a Fuzzy Pair-wise Comparison Matrix is constructed, taking the form of an n × n matrix. In this instance, the size of the comparison matrix is 9 × 9, meeting the group size threshold of twenty-five participants required to attain an acceptable level of consistency. The participants involved in this evaluation encompass academicians and developers experienced in both usability and security domains. A questionnaire related to different characteristics of HCI, usability, and cyber-security in the field of smart energy systems was prepared and distributed to hundred different researchers and academicians of related fields. Valid responses of twenty-five participants were used in this study. This selection ensures the reliability and uniformity of the AHP analysis. After doing a qualitative assessment, TFN membership functions and pair-wise comparisons are used to create the Fuzzy Judgment Matrix. The matrix, compiled by researchers following the evaluation of judgments from twenty participants, is presented in

Table 8. Development of a Fuzzy pairwise comparison matrix derived from expert input.

	EM#1	EM#2	EM#3	EM#4	EM#5	EM#6	Proposed Model
EM#1	1, 1, 1	1.0000, 1.5157, 1.9331	0.4896, 0.6372, 1.0000	0.4152, 0.5743, 1.0000	0.5743, 0.6657, 0.8022	0.3009, 0.4352, 0.8027	0.3146, 0.4610, 0.8705
EM#2	-	1, 1, 1	0.5743, 0.6657, 0.8022	0.3039, 0.3936, 0.5661	0.4152, 0.5743, 1.0000	0.2215, 0.2871, 0.4152	0.1663, 0.1969, 0.2531
EM#3	-	-	1, 1, 1	1.0000, 1.3195, 1.5518	0.3039, 0.3936, 0.5661	0.2679, 0.3521, 0.5176	0.8027, 0.8705, 1.0000
EM#4	-	-	-	1, 1, 1	1.0000, 1.3195, 1.5518	0.3009, 0.4352, 0.8027	0.6083, 1.0592, 1.6829
EM#5	-	-	-	-	1, 1, 1	0.5386, 0.9143, 1.5836	0.4152, 0.6372, 1.1791
EM#6	-	-	-	-	-	1, 1, 1	0.8027, 0.8705, 1.0000
Proposed Model	-	-	-	-	-	-	1, 1, 1

.

Defuzzification is performed once the comparison matrix is built to produce a measurable value based on the calculated TFN values. Known as the alpha cut approach, the defuzzification technique used in this work is derived from [39] and is shown in Equations (4)–(6). The alpha cut method chooses an alpha threshold value, α, from a range of 0 to 1. This work adopts an alpha threshold value of 0.5. This threshold determines the membership of elements in the Fuzzy set; elements with membership values greater than or equal to α belong to the set. Alpha cut facilitates the representation of a Fuzzy set as a combination of crisp sets. Crisp sets µα, β(ɳij) indicate whether an element is a member of the set or not. The algorithm for the alpha cut method is presented in Equations (4)–(6).

$$\mathrm{\mu }\mathsf{\alpha },\mathsf{\beta }\left(\mathrm{ɳ}\mathrm{i}\mathrm{j}\right)=[\mathsf{\beta }·\mathrm{ɳ}\mathsf{\alpha }(\mathrm{l}\mathrm{i}\mathrm{j})+(1-\mathsf{\beta })·\mathrm{ɳ}\mathsf{\alpha }(\mathrm{h}\mathrm{i}\mathrm{j}\left)\right]$$

(4)

where 0 ≤ α ≤ 1 and 0 ≤ β ≤ 1

Such that,

$$\mathrm{ɳ}\mathsf{\alpha }\left(\mathrm{l}\mathrm{i}\mathrm{j}\right)=(\mathrm{m}\mathrm{i}\mathrm{j}-\mathrm{l}\mathrm{i}\mathrm{j})·\mathsf{\alpha }+\mathrm{l}\mathrm{i}\mathrm{j}$$

(5)

$$\mathrm{ɳ}\mathsf{\alpha }\left(\mathrm{h}\mathrm{i}\mathrm{j}\right)=\mathrm{h}\mathrm{i}\mathrm{j}-(\mathrm{h}\mathrm{i}\mathrm{j}-\mathrm{m}\mathrm{i}\mathrm{j})·\mathsf{\alpha }$$

(6)

The symbols α and β in these equations represent the preferences of experts, with values ranging from 0 to 1. Applying Equations (4)–(6) with α and β set to 0.5 yields the results reported in

Table 9. Final Fuzzy pairwise comparison matrix after defuzzification.

	EM#1	EM#2	EM#3	EM#4	EM#5	EM#6	Proposed Model
EM#1	1.0000	1.4912	0.6910	0.6410	0.4143	0.3724	0.8520
EM#2	0.6706	1.0000	0.6770	0.4143	0.6410	0.3027	0.5268
EM#3	1.4472	1.4771	1.0000	1.2977	0.4143	0.4143	0.2033
EM#4	1.5601	2.4137	0.7706	1.0000	1.2977	0.4935	0.8520
EM#5	2.4137	1.5601	2.4137	0.7706	1.0000	0.9636	1.1024
EM#6	2.6853	3.3036	2.4137	2.0263	1.0378	1.0000	0.7172
Proposed Model	1.1737	1.8983	4.9188	1.1737	0.9071	1.3943	1.0000
C.R. = 0.03564

.

In Table 9, it is observed that the Consistency Ratio (CR) is below 0.1, indicating the validity of the AHP analysis. The subsequent phase involves computing the eigenvalue and eigenvector of the Fuzzy Pairwise Comparison Matrix. This computation serves the purpose of ascertaining the aggregated weight associated with each criterion. Let us denote the eigenvector as µ and the eigenvalue as λ for the Fuzzy pairwise comparison matrix denoted as ɳ_ij.

$$[\mathrm{\mu }\mathsf{\alpha },\mathsf{\beta }(\mathrm{ɳ}\mathrm{i}\mathrm{j})-\mathsf{\lambda }\mathrm{I}]·\mathrm{\mu }=0$$

(7)

Equation (7) utilizes vector linear transformation principles, with ‘I’ representing the unitary matrix. One can find the weights of the criteria with respect to all other possible criteria by using Equations (1)–(7) in their computation. The rankings and weights given to the framework of HCI-based usability and security qualities are shown in

Table 10. Considering the significance of models’ weight and priority.

S. No.	Models	Weights	Percentages	Ranks
1	EM#1	0.0931	9.31%	6
2	EM#2	0.0737	7.37%	7
3	EM#3	0.0979	9.79%	5
4	EM#4	0.1413	14.13%	4
5	EM#5	0.1742	17.42%	3
6	EM#6	0.2099	20.99%	1
7	Proposed Model	0.2099	20.99%	2

.

The weighted results are summarized in Table 10, presenting the rankings as follows: Existing Model (EM#1) (0.0931), Existing Model (EM#2) (0.0737), Existing Model (EM#3) (0.0979), Existing Model (EM#4) (0.1413), Existing Model (EM#5) (0.1742), Existing Model (EM#6) (0.2099), and Proposed Model (0.2099). Notably, EM#6 and Proposed Model emerge as the top priorities with equal weights based on these rankings. While numerous models exist in the literature pertaining to security development [39,40] for smart energy services, this study specifically focuses on seven identified and prioritized models. To validate the accuracy of the findings, an alternative method, AHP, is employed.

Table 11. Variations in results of Fuzzy AHP and AHP.

S. No.	Models	Fuzzy AHP		AHP
		Weights	Percentages	Weights	Percentages
1	EM#1	0.0931	9.31%	0.0925	9.25%
2	EM#2	0.0737	7.37%	0.0724	7.24%
3	EM#3	0.0979	9.79%	0.0965	9.65%
4	EM#4	0.1413	14.13%	0.1421	14.21%
5	EM#5	0.1742	17.42%	0.1722	17.22%
6	EM#6	0.2099	20.99%	0.2085	20.85%
7	Proposed Model	0.2099	20.99%	0.2081	20.81%

illustrates the comparison between Fuzzy AHP and AHP approaches.

To ensure the precision of calculations, this research compared the outcomes with those derived from the AHP method, as illustrated in Table 11. Distinguishing Fuzzy AHP from AHP involves recognizing their unique characteristics and methodologies. While both methods are rooted in AHP principles, they differ in their treatment of uncertainty and imprecision.

The main distinction between Fuzzy AHP and AHP lies in their treatment of uncertainty and imprecision. While AHP operates under crisp, deterministic assumptions, Fuzzy AHP embraces fuzziness and allows decision-makers to express preferences in a more flexible and nuanced manner. According to Table 11, the comparison unveiled a negligible variance between the two approaches, evidenced by a Pearson correlation coefficient of 0.9785. This prioritization process significantly aids in the identification of suitable models for enhancing cybersecurity usability through HCI considerations. The visual depiction of this comparative analysis is presented in Figure 4.

4. Discussion

The integration of Human-Computer Interaction (HCI) principles within the cybersecurity landscape of the energy sector is an intricate and crucial undertaking. This approach seeks to address the multifaceted challenges posed by smart energy services by aligning security measures with user experience.

This paper makes several significant contributions to the field. Firstly, it proposes a novel framework that integrates HCI principles with cybersecurity measures specifically tailored for smart energy systems. By aligning user experience with security protocols, the framework aims to enhance both usability and compliance. Secondly, the study employs a Fuzzy Analytic Hierarchy Process (Fuzzy AHP) technique for the empirical evaluation of existing models, providing a comprehensive assessment that addresses the inherent uncertainties and ambiguities in human judgment. This methodological approach offers a refined evaluation of cybersecurity models, highlighting the practical implications of integrating HCI considerations.

Furthermore, the paper demonstrates the effectiveness of interdisciplinary collaboration in developing solutions that balance usability and security. By comparing various frameworks and validating the proposed model through empirical analysis, the study provides actionable insights for future research and practical applications in smart energy systems. The findings contribute to a deeper understanding of how HCI principles can be effectively applied to enhance cybersecurity measures, offering a valuable reference for researchers and practitioners in the field.

Despite its contributions, the paper has some limitations. The scope of the evaluation is confined to a specific set of existing models, which may not encompass all possible approaches to integrate HCI and cybersecurity. The study’s focus on smart energy systems means that the findings may not be directly applicable to other domains or sectors with different user needs and security requirements. Additionally, the reliance on expert judgments for the Fuzzy AHP evaluation introduces a level of subjectivity that may influence the results. The paper also does not address the implementation challenges or practical constraints that may arise when applying the proposed framework in real-world settings. Future research could expand the evaluation to include a broader range of models and consider the practical implications of implementing HCI-integrated cybersecurity measures across various contexts.

The proposed framework presents a comprehensive approach to understanding the intersection of cybersecurity, usability, and HCI. The use of Artificial Intelligence technology in this work gives rise to ethical concerns around decision-making and the attribution of responsibility. Smart energy management systems utilize AI algorithms to autonomously make decisions based on data analysis. Nevertheless, it is of utmost importance to guarantee the ethical and transparent functioning of these algorithms. Developers are required to create AI systems that prioritize equity, eliminate prejudice, and prevent discriminatory results. Establishing ethical norms and frameworks is crucial for governing the use of AI in energy management. This ensures that AI complies with society’s values and safeguards vulnerable areas.

Furthermore, the process of making decisions powered by AI should be able to be elucidated and comprehensible to anybody with an interest or concern in the matter. Opaque algorithms, characterized by a lack of openness in their decision-making processes, can engender mistrust and suspicion. Through the advancement of AI models that can be easily understood and the promotion of openness in algorithms, authors can guarantee that the decisions made by AI systems are both responsible and unbiased. Integrating ethical issues into the development, implementation, and regulation of AI is crucial in order to avoid unanticipated adverse effects.

While offering valuable insights into the current landscape, there are several promising avenues for future research and development in this dynamic field. One promising direction involves the establishment of user-centric design principles tailored specifically for cybersecurity interfaces. These principles could serve as guiding frameworks for the development of intuitive and user-friendly security solutions, prioritizing both effectiveness and user experience. Another area for exploration is the integration of behavioral analytics into cybersecurity interfaces. By leveraging machine learning algorithms to adapt to user behavior, interfaces could enhance threat detection capabilities while minimizing user intervention. However, ethical considerations regarding user privacy, consent, and data protection must be carefully addressed in this context.

Dynamic threat communication represents another crucial aspect of future work. Developing and testing communication strategies that dynamically adapt to the severity and context of cybersecurity threats could significantly improve users’ understanding of risks and necessary actions. Striking the right balance between providing comprehensive threat information and avoiding information overload is essential to ensuring effective communication without overwhelming the user.

Sustaining long-term user engagement with cybersecurity practices is also a key challenge. Exploring strategies such as continuous education, gamification, and personalized feedback mechanisms could foster ongoing user involvement. Understanding the role of habit formation in cybersecurity behaviors and developing interventions that leverage positive reinforcement could further encourage users to adopt and maintain secure practices over time.

Additionally, the usability of cybersecurity solutions across multiple platforms requires attention. Examining how users interact with security measures in various contexts and environments, including desktops, mobile devices, and emerging technologies such as augmented reality, is essential. Developing guidelines and best practices for creating cohesive and consistent user experiences across diverse platforms would ensure accessibility and effectiveness in the field of smart energy services.

Finally, the development of comprehensive evaluation frameworks is essential for assessing the usability of cybersecurity measures in the field of smart energy services. These frameworks should consider both technical efficacy and user-centered factors to guide rigorous assessments of new and existing security solutions. Encouraging the adoption of standardized usability metrics within the cybersecurity community would enable consistent and comparable evaluations across different tools and platforms.

By addressing these future research directions, the field of usable cybersecurity and HCI can evolve to ensure that security measures remain effective, accessible, and user-friendly in the face of evolving cyber threats in smart energy services.

The quest for enhancing usable cybersecurity through the assessment of HCI implications in the field of smart energy services opens up exciting avenues for future research and development.

5. Conclusions

It is widely regarded that the most efficient and expedient method to launch a direct assault on a nation’s determination is by “weakening its economic framework and instilling fear in its very survival” through targeted strikes [50,51]. The synthesis of cybersecurity and HCI principles in this quest for improved usability has revealed a crucial nexus between user-centric design, adaptive interfaces, and continuous feedback mechanisms. The identified usability challenges, ranging from complex password policies to security alerts, underscore the imperative of tailoring security interfaces to align with user behaviors and preferences. The implementation of adaptive interfaces, guided by machine learning and behavioral analysis, emerges as a promising strategy to strike a balance between heightened security measures and user-friendly interactions. The iterative improvement process facilitated by continuous user feedback mechanisms positions users as active contributors to refining cybersecurity interfaces in real-time, ensuring adaptability to emerging challenges and evolving user needs.

Ultimately, this research has offered valuable insights into utilizing a decision-making approach to empirically validate the proposed framework for securing smart energy services. The findings suggest that the proposed framework for integrating usability, HCI, and cyber security for smart energy services stands out and outperforms other existing models. These findings not only contribute to the knowledge of, but also emphasize the significance of usability in the context of HCI for the protection of smart energy services.

Although this research has made valuable contributions, it is important to recognize its limitations. Some characteristics of the proposed framework may have been overlooked in the study. These characteristics could have influenced or enhanced the outcomes. Consistent changes in usability and HCI factors can have a significant impact on the results of this work. Exploring these limitations in future research could lead to a more thorough grasp of the cyber security of smart energy services and contribute to the improvement of the proposed framework.

Ultimately, this research highlights the significance of various aspects of HCI, usability, and cyber security when it comes to ensuring the overall security of smart energy services. It establishes the foundation for future security models in the rapidly expanding energy services sector.

Looking forward, the delineated future work outlines exciting avenues for exploration, such as advanced adaptive interfaces, cognitive load analysis, and the incorporation of behavioral and psychological factors influencing user compliance. The envisioned integration of context-aware security measures, blockchain technology, and ethical considerations promises innovative solutions to fortify the usability of cybersecurity. As the digital landscape evolves and cyber threats become more sophisticated, the commitment to enhancing cybersecurity’s usability remains resolute. By marrying technical acumen with human-centric design, this journey contributes to a safer, more user-friendly digital future.