Search Results (745)

Cybersecurity management plays a key role in preserving the operational security of nuclear power plants (NPPs), ensuring service continuity and system resilience. The growing number of sophisticated cyber-attacks against NPPs requires cybersecurity experts to detect, analyze, and defend systems and data from cyber threats in near real time. However, managing a large numbers of attacks in a timely manner is impossible without the support of Artificial Intelligence (AI). This study recognizes the need for a structured and in-depth analysis of the literature in the context of NPPs, referring to the role of AI technology in supporting cyber risk assessment processes. For this reason, a systematic literature review (SLR) is adopted to address the following areas of analysis: (i) critical assets to be preserved from cyber-attacks through AI, (ii) security vulnerabilities and cyber threats managed using AI, (iii) cyber risks and business impacts that can be assessed by AI, and (iv) AI-based security countermeasures to mitigate cyber risks. The SLR procedure follows a macro-step approach that includes review planning, search execution and document selection, and document analysis and results reporting, with the aim of providing an overview of the key dimensions of AI-based cybersecurity in NPPs. The structured analysis of the literature allows for the creation of an original tabular outline of emerging evidence (in the fields of critical assets, security vulnerabilities and cyber threats, cyber risks and business impacts, and AI-based security countermeasures) that can help guide AI-based cybersecurity management in NPPs and future research directions. From an academic perspective, this study lays the foundation for understanding and consciously addressing cybersecurity challenges through the support of AI; from a practical perspective, it aims to assist managers, practitioners, and policymakers in making more informed decisions to improve the resilience of digital infrastructure. Full article

This article proposes a scientifically grounded approach to risk assessment for infrastructural and functional systems that underpin the development of digitally transformed regional territories under conditions of high threat dynamics and sociotechnical instability. The core methodology is based on modeling of multifactorial threats through the application of fuzzy set theory and logic–linguistic analysis, enabling consideration of parameter uncertainty, fragmented expert input, and the lack of a unified risk landscape within complex infrastructure environments. A special emphasis is placed on components of technogenic, informational, and mobile infrastructure that ensure regional viability across planning, response, and recovery phases. The results confirm the relevance of the approach for assessing infrastructure resilience risks in regional spatial–functional systems, which demonstrates the potential integration into sustainable development strategies at the level of regional governance, cross-sectoral planning, and cultural reevaluation of the role of analytics as an ethically grounded practice for cultivating trust, transparency, and professional maturity. Full article

Critical energy infrastructures (CEIs) are fundamental pillars for economic and social development. However, their accelerated digitalization and the convergence between operational technologies (OTs) and information technologies (ITs) have increased their exposure to advanced cyber threats. This study examines the evolution of OT cybersecurity models with artificial intelligence in the energy sector between 2015 and 2024, through a systematic literature review following a four-phase method (planning, development, results, and analysis). To this end, we answer the following questions about the aspects of CEI cybersecurity models: What models exist? What energy services, technical means, and facilities do they encompass? And what algorithms do they include? From an initial set of 1195 articles, 52 studies were selected, which allowed us to identify 49 cybersecurity models classified into seven functional categories: detection, prediction and explanation; risk management; regulatory compliance; collaboration; response and recovery; architecture-based protection; and simulation. These models are related to 10 energy services, 6 technical means, 10 types of critical facilities, and 15 AI algorithms applied transversally. Furthermore, the integrated and systemic relationship of these study aspects has been identified in an IT-OT cybersecurity model for CEIs. The results show a transition from conventional approaches to solutions based on machine learning, deep learning, federated learning, and blockchain. Algorithms such as CNN, RNN, DRL, XAI, and FL are highlighted, which enhance proactive detection and operational resilience. A broader coverage is also observed, ranging from power plants to smart grids. Finally, five key challenges are identified: legacy OT environments, lack of interoperability, advanced threats, emerging IIoT and quantum computing risks, and low adoption of emerging technologies. Full article

Blockchain is an emerging technology that is being used to create innovative solutions in many areas, including healthcare. Nowadays healthcare systems face challenges, especially with security, trust, and remote data access. As patient records are digitized and medical systems become more interconnected, the risk of sensitive data being exposed to cyber threats has grown. In this evolving time for healthcare, it is important to find a balance between the advantages of new technology and the protection of patient information. The combination of blockchain–InterPlanetary File System technology and conventional electronic health record (EHR) management has the potential to transform the healthcare industry by enhancing data security, interoperability, and transparency. However, a major issue that still exists in traditional healthcare systems is the continuous problem of remote data unavailability. This research examines practical methods for safely accessing patient data from any location at any time, with a special focus on IPFS servers and blockchain technology in addition to group signature encryption. Essential processes like maintaining the confidentiality of medical records and safe data transmission could be made easier by these technologies. Our proposed framework enables secure, remote access to patient data while preserving accessibility, integrity, and confidentiality using Ethereum blockchain, IPFS, and group signature encryption, demonstrating hospital-scale scalability and efficiency. Experiments show predictable throughput reduction with file size (200 → 90 tps), controlled latency growth (90 → 200 ms), and moderate gas increase (85k → 98k), confirming scalability and efficiency under varying healthcare workloads. Unlike prior blockchain–IPFS–encryption frameworks, our system demonstrates hospital-scale feasibility through the practical integration of group signatures, hierarchical key management, and off-chain erasure compliance. This design enables scalable anonymous authentication, immediate blocking of compromised credentials, and efficient key rotation without costly re-encryption. Full article

Caring for Alzheimer’s patients presents significant global challenges due to complex symptoms and the constant demand for care, which are further complicated by fragmented information and a lack of explicit integration between physical and computational worlds in existing support systems. This article details the construction and validation of OntoCaimer, an ontology designed to support Alzheimer’s patient care systems by acting as a comprehensive knowledge base that integrates disease recommendations with concepts from the physical world (sensors and actuators). Utilizing METHONTOLOGY and REFSENO formalisms, OntoCaimer was built as a modular ontology. Its validation through the FOCA method demonstrated a high quality score $(\hat{\mu }=0.99)$, confirming its robustness and suitability. Case studies showcased its functionality in automating recommendations, such as managing patient locations or environmental conditions, to provide proactive support. The main contribution of this work is OntoCaimer, a novel ontology that formally integrates clinical recommendations for Alzheimer’s care with concepts from cyber-physical systems (sensors and actuators). Its scientific novelty lies in bridging the gap between virtual knowledge and physical action, enabling direct and automated interventions in the patient’s environment. This approach significantly advances patient care systems beyond traditional monitoring and alerts, offering a tangible path to reducing caregiver burden. Full article

Developing multi-microgrid (MMG) systems provides a new paradigm for power distribution systems with a higher degree of resilience, flexibility, and sustainability. The inclusion of communication networks as part of MMG is critical for coordinating distributed energy resources (DERs) in real time and deploying energy management systems (EMS) efficiently. However, the communication quality of service (QoS) parameters such as latency, jitter, packet loss, and throughput play an essential role in MMG control and stability, especially in highly dynamic and high-traffic situations. This paper presents a focused review of MMG systems from a cyber-physical viewpoint, particularly concerning the challenges and implications of communication network performance of energy management. The literature on MMG systems includes control strategies, models of communication infrastructure, cybersecurity challenges, and co-simulation platforms. We have identified research gaps, including, but not limited to, the need for scalable, real-time cyber-physical systems; limited research examining communication QoS under realistic conditions/traffic; and integrated cybersecurity strategies for MMGs. We suggest future research opportunities considering these research gaps to enhance the resiliency, adaptability, and sustainability of modern cyber-physical MMGs. Full article

Digital transformation embeds smart cities, e-health, and Industry 4.0 into critical infrastructures, thereby increasing reliance on digital systems and exposure to cyber threats and boosting complexity and dependency. Research involving over 200 executives reveals that under rising complexity, only 15% of cyber risk investments are effective, leaving most organizations misaligned or vulnerable. In this context, the role of artificial intelligence (AI) in cybersecurity requires systemic scrutiny. This study analyzes how AI reshapes systemic structures in cyber risk management through a multi-method approach: literature review, expert workshops with practitioners and policymakers, and a structured kill chain analysis of the Colonial Pipeline attack. The findings reveal three new feedback loops: (1) deceptive defense structures that misdirect adversaries while protecting assets, (2) two-step success-to-success attacks that disable defenses before targeting infrastructure, and (3) autonomous proliferation when AI applications go rogue. These dynamics shift cyber risk from linear patterns to adaptive, compounding interactions. The principal conclusion is that AI both amplifies and mitigates systemic risk. The core recommendation is to institutionalize deception in security standards and address drifting AI-powered systems. Deliverables include validated systemic structures, policy options, and a foundation for creating future simulation models to support strategic cyber risk management investment. Full article

Cybersecurity has become a critical concern in the automotive sector, where the increasing connectivity and complexity of modern vehicles—particularly in the context of autonomous driving—have significantly expanded the attack surface. In response to these challenges, this paper presents the Welcome To The Machine (WTTM) framework, developed to support proactive and structured cyber risk management throughout the entire vehicle lifecycle. Specifically tailored to the automotive domain, the framework encompasses four core actions: detection, analysis, response, and remediation. A central element of WTTM is the WTTM Questionnaire, designed to assess the organizational cybersecurity maturity of automotive manufacturers and suppliers. The questionnaire addresses six key areas: Governance, Risk Management, Concept and Design, Security Requirements, Validation and Testing, and Supply Chain. This paper focuses on the development and validation of WTTM-Q. Statistical validation was performed using responses from 43 participants, demonstrating high internal consistency (Cronbach’s alpha > 0.70) and strong construct validity (CFI = 0.94, RMSEA = 0.061). A supervised classifier (XGBoost), trained on 115 hypothetical response configurations, was employed to predict a priori risk classes, achieving 78% accuracy and a ROC AUC of 0.84. The WTTM framework, supported by a Vehicle Security Operations Center, provides a scalable, standards-aligned solution for enhancing cybersecurity in the automotive industry. Full article

This paper presents the design and implementation of a mobile robotic platform modelled as a layered Cyber–Physical System (CPS). Inspired by architectures commonly used in industrial Distributed Control Systems (DCSs) and large-scale scientific infrastructures, the proposed system incorporates modular hardware, distributed embedded control, and multi-level coordination. The robotic platform, named MapBot, is structured according to a five-layer CPS model encompassing component, control, coordination, supervisory, and management layers. This structure facilitates modular development, system scalability, and integration of advanced features such as a digital twin. The platform is implemented using embedded computing elements, diverse sensors, and communication protocols including Ethernet and I2C. The system operates within the ROS2 framework, supporting flexible task distribution across processing nodes. As a use case, two localization techniques—Adaptive Monte Carlo Localization (AMCL) and pose graph SLAM—are deployed and evaluated, highlighting the performance trade-offs in map quality, update frequency, and computational load. The results demonstrate that CPS-based design principles offer clear advantages for robotic platforms in terms of modularity, maintainability, and real-time integration. The proposed approach can be generalised for other robotic or mechatronic systems requiring structured, layered control and embedded intelligence. Full article

As smart cities evolve, the demand for real-time, secure, and adaptive network monitoring, continues to grow. Software-Defined Networking (SDN) offers a centralized approach to managing network flows; However, anomaly detection within SDN environments remains a significant challenge, particularly at the intelligent edge. This paper presents a conceptual Kafka-enabled ML framework for scalable, real-time analytics in SDN environments, supported by offline evaluation and a prototype streaming demonstration. A range of supervised ML models covering traditional methods and ensemble approaches (Random Forest, Linear Regression & XGBoost) were trained and validated using the InSDN intrusion detection dataset. These models were tested against multiple cyber threats, including botnets, dos, ddos, network reconnaissance, brute force, and web attacks, achieving up to 99% accuracy for ensemble classifiers under offline conditions. A Dockerized prototype demonstrates Kafka’s role in offline data ingestion, processing, and visualization through PostgreSQL and Grafana. While full ML pipeline integration into Kafka remains part of future work, the proposed architecture establishes a foundation for secure and intelligent Software-Defined Vehicular Networking (SDVN) infrastructure in smart cities. Full article

The Industrial Internet of Things (IIoT) is transforming industrial operations through connected devices and real-time automation but also introduces significant cybersecurity risks. Cyber threat intelligence (CTI) is critical for detecting and mitigating such threats, yet traditional centralized CTI approaches face limitations in latency, scalability, and data privacy. Federated learning (FL) offers a privacy-preserving alternative by enabling decentralized model training without sharing raw data. This survey explores how FL can enhance CTI in IIoT environments. It reviews FL architectures, orchestration strategies, and aggregation methods, and maps their applications to domains such as intrusion detection, malware analysis, botnet mitigation, anomaly detection, and trust management. Among its contributions is an empirical synthesis comparing FL aggregation strategies—including FedAvg, FedProx, Krum, ClippedAvg, and Multi-Krum—across accuracy, robustness, and efficiency under IIoT constraints. The paper also presents a taxonomy of FL-based CTI approaches and outlines future research directions to support the development of secure, scalable, and decentralized threat intelligence systems for industrial ecosystems. Full article

Electronic health record (EHR) data breaches create severe concerns for patients’ privacy, safety, and risk of loss for healthcare entities responsible for managing patient health records. EHR systems collect a vast amount of user-sensitive data, requiring integration, implementation, and the application of essential security principles, controls, and strategies to safeguard against persistent adversary attacks. This research is an exploratory study into current integrated EHR cybersecurity attacks using United States Health Insurance Portability and Accountability Act (HIPAA) privacy and security breach reported data. This work investigates if current EHR implementation lacks the requisite security control to prevent a cyber breach and protect user privacy. We conduct descriptive and trend analysis to describe, demonstrate, summarize data points, and predict direction based on current and historical data by covered entity, type of breaches, and point of breaches (examine, attack methods, patterns, and location of breach information). An Autoregressive Integrated Moving Average (ARIMA) model is used to provide a detailed analysis of the data demonstrating breaches caused by hacking and IT incidents show a significant trend (coefficient 0.84, p-value < 2.2 × 10⁻¹⁶ ***). The findings reveal a consistent rise in breaches—particularly from hacking and IT incidents—disproportionately affecting healthcare providers. The study highlights that EHR data breaches often follow recurring patterns, indicating common vulnerabilities, and underlines the need for prioritized, data-driven security investments. These findings validate the hypothesis that most EHR cybersecurity attacks are concentrated using similar attack methodologies and face common vulnerabilities and demonstrate the value of targeted mitigation strategies to strengthen healthcare cybersecurity. The findings highlight the urgent need for healthcare organizations and policymakers to prioritize targeted, data-driven security investments and enforce stricter controls to protect EHR systems from increasingly frequent and predictable cyberattacks. Full article

Low-power microcontrollers, wireless sensors, and embedded gateways form the backbone of many Internet of Things (IoT) deployments. However, their limited memory, constrained energy budgets, and lack of standardized firmware make them attractive targets for diverse attacks, including bootloader backdoors, hardcoded keys, unpatched CVE exploits, and code-reuse attacks, while traditional single-layer defenses are insufficient as they often assume abundant resources. This paper presents a Systematic Literature Review (SLR) conducted according to the PRISMA 2020 guidelines, covering 196 peer-reviewed studies on cross-layer security for resource-constrained IoT and Industrial IoT environments, and introduces a four-axis taxonomy—system level, algorithmic paradigm, data granularity, and hardware budget—to structure and compare prior work. At the firmware level, we analyze static analysis, symbolic execution, and machine learning-based binary similarity detection that operate without requiring source code or a full runtime; at the network and behavioral levels, we review lightweight and graph-based intrusion detection systems (IDS), including single-packet authorization, unsupervised anomaly detection, RF spectrum monitoring, and sensor–actuator anomaly analysis bridging cyber-physical security; and at the policy level, we survey identity management, micro-segmentation, and zero-trust enforcement mechanisms supported by blockchain-based authentication and programmable policy enforcement points (PEPs). Our review identifies current strengths, limitations, and open challenges—including scalable firmware reverse engineering, efficient cross-ISA symbolic learning, and practical spectrum anomaly detection under constrained computing environments—and by integrating diverse security layers within a unified taxonomy, this SLR highlights both the state-of-the-art and promising research directions for advancing IoT security. Full article

The Internet of Things (IoT) is widely used across domains such as smart homes, healthcare, and grids. As billions of devices become connected, strong privacy and security measures are essential to protect sensitive information and prevent cyber-attacks. However, IoT devices often have limited computing power and storage, making it difficult to implement robust security and manage large volumes of data. Existing studies have explored integrating blockchain and Deep Neural Networks (DNNs) to address security, storage, and data dissemination in IoT networks, but they often fail to fully leverage the mutual enhancement between them. This paper proposes DeepChainIoT, a blockchain–DNN integrated framework designed to address centralization, latency, throughput, storage, and privacy challenges in generic IoT networks. It integrates smart contracts with a Long Short-Term Memory (LSTM) autoencoder for anomaly detection and secure transaction encoding, along with an optimized Practical Byzantine Fault Tolerance (PBFT) consensus mechanism featuring transaction prioritization and node rating. On a public pump sensor dataset, our LSTM autoencoder achieved 99.6% accuracy, 100% recall, 97.95% precision, and a 98.97% F1-score, demonstrating balanced performance, along with a 23.9× compression ratio. Overall, DeepChainIoT enhances IoT security, reduces latency, improves throughput, and optimizes storage while opening new directions for research in trustworthy computing. Full article

This study presents a novel cyber-resilient, data-driven optimisation framework for real-time energy management in electric vehicle (EV)-integrated smart grids. The proposed framework integrates a hybrid optimisation engine—combining genetic algorithms and reinforcement learning—with a real-time analytics module to enable adaptive scheduling under uncertainty. It accounts for dynamic electricity pricing, EV mobility patterns, and grid load fluctuations, dynamically reallocating charging demand in response to evolving grid conditions. Unlike existing GA/RL schedulers, this framework uniquely integrates adaptive optimisation with resilient forecasting under incomplete data and lightweight blockchain-inspired cyber-defence, thereby addressing efficiency, accuracy, and security simultaneously. To ensure secure and trustworthy EV–grid communication, a lightweight blockchain-inspired protocol is incorporated, supported by an intrusion detection system (IDS) for cyber-attack mitigation. Empirical evaluation using European smart grid datasets demonstrates a daily peak demand reduction of 9.6% (from 33 kWh to 29.8 kWh), with a 27% decrease in energy delivered at the original peak hour and a redistribution of demand that increases delivery at 19:00 h by nearly 25%. Station utilisation became more balanced, with weekly peak normalised utilisation falling from 1.0 to 0.7. The forecasting module achieved a mean absolute error (MAE) of 0.25 kWh and a mean absolute percentage error (MAPE) below 20% even with up to 25% missing data. Among tested models, CatBoost outperformed LightGBM and XGBoost with an RMSE of 0.853 kWh and $R^2$ of 0.416. The IDS achieved 94.1% accuracy, an AUC of 0.97, and detected attacks within 50–300 ms, maintaining over 74% detection accuracy under 50% novel attack scenarios. The optimisation runtime remained below 0.4 s even at five times the nominal dataset scale. Additionally, the study outlines a conceptual extension to support location-based planning of charging infrastructure. This proposes the alignment of infrastructure roll-out with forecasted demand to enhance spatial deployment efficiency. While not implemented in the current framework, this forward-looking integration highlights opportunities for synchronising infrastructure development with dynamic usage patterns. Collectively, the findings confirm that the proposed approach is technically robust, operationally feasible, and adaptable to the evolving demands of intelligent EV–smart grid systems. Full article