A novel framework to intercept GPS-denied,bomb-carrying,nonmilitary,kamikaze drones:Towards protecting critical infrastructures

Protection of urban critical infrastructures(CIs)from GPS-denied,bomb-carrying kamikaze drones(G-BKDs)is very challenging.Previous approaches based on drone jamming,spoofing,communication interruption and hijacking cannot be applied in the case under examination,since G-B-KDs are uncontrolled.On the other hand,drone capturing schemes and electromagnetic pulse(EMP)weapons seem to be effective.However,again,existing approaches present various limitations,while most of them do not examine the case of G-B-KDs.This paper,focuses on the aforementioned under-researched field,where the G-B-KD is confronted by two defensive drones.The first neutralizes and captures the kamikaze drone,while the second captures the bomb.Both defensive drones are equipped with a net-gun and an innovative algorithm,which,among others,estimates the locations of interception,using a real-world trajectory model.Additionally,one of the defensive drones is also equipped with an EMP weapon to damage the electronics equipment of the kamikaze drone and reduce the capturing time and the overall risk.Extensive simulated experiments and comparisons to state-of-art methods,reveal the advantages and limitations of the proposed approach.More specifically,compared to state-of-art,the proposed approach improves:(a)time to neutralize the target by at least 6.89%,(b)maximum number of missions by at least 1.27%and(c)total cost by at least 5.15%.

A Blockchain-Based Architecture for Enabling Cybersecurity in the Internet-of-Critical Infrastructures

Due to the drastic increase in the number of critical infrastructures like nuclear plants,industrial control systems(ICS),transportation,it becomes highly vulnerable to several attacks.They become the major targets of cyberattacks due to the increase in number of interconnections with other networks.Several research works have focused on the design of intrusion detection systems(IDS)using machine learning(ML)and deep learning(DL)models.At the same time,Blockchain(BC)technology can be applied to improve the security level.In order to resolve the security issues that exist in the critical infrastructures and ICS,this study designs a novel BC with deep learning empowered cyber-attack detection(BDLE-CAD)in critical infrastructures and ICS.The proposed BDLE-CAD technique aims to identify the existence of intrusions in the network.In addition,the presented enhanced chimp optimization based feature selection(ECOA-FS)technique is applied for the selection of optimal subset of features.Moreover,the optimal deep neural network(DNN)with search and rescue(SAR)optimizer is applied for the detection and classification of intrusions.Furthermore,a BC enabled integrity checking scheme(BEICS)has been presented to defend against the misrouting attacks.The experimental result analysis of the BDLE-CAD technique takes place and the results are inspected under varying aspects.The simulation analysis pointed out the supremacy of the BDLE-CAD technique over the recent state of art techniques with the accuy of 92.63%.

A Web Platform Based on the NIST CSF for Assessing and Monitoring the Cybersecurity of SMEs and Critical Infrastructures

The NIST Cybersecurity Framework (NIST CSF) serves as a voluntary guideline aimed at helping organizations, tiny and medium-sized enterprises (SMEs), and critical infrastructure operators, effectively manage cyber risks. Although comprehensive, the complexity of the NIST CSF can be overwhelming, especially for those lacking extensive cybersecurity resources. Current implementation tools often cater to larger companies, neglecting the specific needs of SMEs, which can be vulnerable to cyber threats. To address this gap, our research proposes a user-friendly, open-source web platform designed to simplify the implementation of the NIST CSF. This platform enables organizations to assess their risk exposure and continuously monitor their cybersecurity maturity through tailored recommendations based on their unique profiles. Our methodology includes a literature review of existing tools and standards, followed by a description of the platform’s design and architecture. Initial tests with SMEs in Burkina Faso reveal a concerning cybersecurity maturity level, indicating the urgent need for improved strategies based on our findings. By offering an intuitive interface and cross-platform accessibility, this solution aims to empower organizations to enhance their cybersecurity resilience in an evolving threat landscape. The article concludes with discussions on the practical implications and future enhancements of the tool.

Protecting critical infrastructure against cascading effects:The PRECINCT approach

Critical Infrastructures(CIs),which serve as the foundation of our modern society,are facing increasing risks from cyber threats,physical attacks,and natural disasters.Additionally,the interdependencies between CIs through-out their operational lifespan can also significantly impact their integrity and safety.As a result,enhancing the resilience of CIs has emerged as a top priority for many countries,including the European Union.This involves not only understanding the threats/attacks themselves but also gaining knowledge about the areas and infrastruc-tures that could potentially be affected.A European Union-funded project named PRECINCT(Preparedness and Resilience Enforcement for Critical INfrastructure Cascading Cyber-Physical Threats),under the Horizon 2020 program,tries to connect private and public stakeholders of CIs in a specific geographical area.The key objec-tive of this project is to establish a common cyber-physical security management approach that will ensure the protection of both citizens and infrastructures,creating a secure territory.This paper presents the components of PRECINCT,including a directory of PRECINCT Critical Infrastructure Protection(CIP)blueprints.These blueprints support CI communities in designing integrated ecosystems,operating and replicating PRECINCT components(or toolkits).The integration enables coordinated security and resilience management,incorporating improved’installation-specific’security solutions.Additionally,Serious Games(SG),and Digital Twins(DT)are a significant part of this project,serving as a novel vulnerability evaluation method for analysing complicated multi-system cascading effects in the PRECINCT Living Labs(LLs).The use of SG supports the concentrated advancement of innovative resilience enhancement services.

Data for critical infrastructure network modelling of natural hazard impacts:Needs and influence on model characteristics

Natural hazards impact interdependent infrastructure networks that keep modern society functional.While a va-riety of modelling approaches are available to represent critical infrastructure networks(CINs)on different scales and analyse the impacts of natural hazards,a recurring challenge for all modelling approaches is the availability and accessibility of sufficiently high-quality input and validation data.The resulting data gaps often require mod-ellers to assume specific technical parameters,functional relationships,and system behaviours.In other cases,expert knowledge from one sector is extrapolated to other sectoral structures or even cross-sectorally applied to fill data gaps.The uncertainties introduced by these assumptions and extrapolations and their influence on the quality of modelling outcomes are often poorly understood and difficult to capture,thereby eroding the reliability of these models to guide resilience enhancements.Additionally,ways of overcoming the data avail-ability challenges in CIN modelling,with respect to each modelling purpose,remain an open question.To address these challenges,a generic modelling workflow is derived from existing modelling approaches to examine model definition and validations,as well as the six CIN modelling stages,including mapping of infrastructure assets,quantification of dependencies,assessment of natural hazard impacts,response&recovery,quantification of CI services,and adaptation measures.The data requirements of each stage were systematically defined,and the literature on potential sources was reviewed to enhance data collection and raise awareness of potential pitfalls.The application of the derived workflow funnels into a framework to assess data availability challenges.This is shown through three case studies,taking into account their different modelling purposes:hazard hotspot assess-ments,hazard risk management,and sectoral adaptation.Based on the three model purpose types provided,a framework is suggested to explore the implications of data scarcity for certain data types,as well as their reasons and consequences for CIN model reliability.Finally,a discussion on overcoming the challenges of data scarcity is presented.

Assessing the effectiveness of disaster risk reduction strategies on the regional recovery of critical infrastructure systems

Communities depend on critical infrastructure systems to support their regular operations and future develop-ment.Destructive events,such as natural disasters,threaten to disrupt service to these systems and the commu-nities they support.Strategies designed to reduce the impacts from disasters and other events are therefore an important consideration for community planning.At a regional level,coordination between communities sup-ports the efficient use of resources for implementing disaster risk reduction(DRR)measures and completing post-disaster repairs to meet the needs of all residents.Coordination is challenging,however,due to the complex-ity of regional systems and competing stakeholder interests.This work presents a case study model of regional water,wastewater,and power systems,and demonstrates the effect of seismic hardening and increased resource availability on post-earthquake repair requirements and critical infrastructure recovery.Model results indicate that implementing DRR strategies can reduce required repair costs by over 40 percent and outage severity by approximately 50 percent for the studied sectors.Not all strategies are effective for all sectors and locations,how-ever,so this work discusses the importance of comprehensive,coordinated,and accessible emergency planning activities to ensure that the needs of all residents are considered.

Development of an Analytical Model of the Process of Cybersecurity Protection of Distributed Information Systems of Critical Infrastructure

This article is dedicated to the creation of the analytical model of quantitative estimation of cybersecurity of Information Systems of Critical Infrastructure (ISCI). The model takes into consideration the existence, in the discussed ISCI, of both the intelligent tools of detection, analysis and identification of threats and vulnerabilities and means for restauration and elimination of their consequences. The development of the model also takes into consideration probabilistic nature of flow of events happening in ISCI and transferring the system between different states of cybersecurity. Among such probabilistic events we mean any operational perturbations (that can cause extreme situations) happening in ISCI under the influence of cyber-threats, as well as events concerning restoration and elimination of consequences of such cyber-threats. In this work, as methods of modelling, there have been used methods of system-oriented analysis based on theory of probability, theory of reliability and theory of queues. These methods enabled to describe analytically dependence of effectiveness indices of ISCI operation on abovementioned probabilistic processes.

Resilience at the Core: Critical Infrastructure Protection Challenges, Priorities and Cybersecurity Assessment Strategies

The importance of a nation’s infrastructure is a vital core for economic growth, development, and innovation. Health, wealth, access to education, public safety, and helping prepare for global crises like pandemics are all dependent on functioning and reliable infrastructures. In decades, the substantial threats affecting infrastructures globally whether in the form of extreme weather, Covid-19 pandemic, or the threats of state and non-state actors’ hackers, demanded urgency in building resilience infrastructures both during crises and in more stable conditions. At the same time, the adoption of emerging and innovative technologies boosts the development of the infrastructures using information, communication, and technology (ICT) platform. This shift accelerated its evolution toward digitization where interdependent and interconnected cyberspace demands collaborative and holistic strategies in protecting critical and high risks infrastructure assets from a growing number of disruptive cyberattacks. These ever-evolving cyber threats are creating increasingly dangerous and targeted cyberattacks to damage or disrupt the critical infrastructures delivering vital services to government, energy, healthcare, transportation, telecommunication, and other critical sectors. The infrastructure’s high risks assets present serious challenges and are crucial to safety, efficiency, and reliability. Any nation must recognize and determine how to cope with any type of threats to their critical infrastructure as well as the strategies to remain resilient. This article first describes the challenges and the need for critical infrastructure protection including the related global risks challenges. It then reviews the United Nations, the European Union, and the United States’ strategies, priorities, and urgencies of critical infrastructure protection. Subsequently, it surveys the critical infrastructure protection resilience strategies including ISO, IEC, ISA, NIST, CAF and CMM frameworks.

Global and International Security Under Spatial Grasp Paradigm

Global and international security cannot be provided from a single point or a set of separate points whatever powerful these might be(even with quantum supercomputers!).It should rather be deeply embedded and integrated with bodies of real systems wherever in physical,virtual,or combined spaces they may exist.So global security capabilities should not only be distributed,but rather be really spatial,self-organized,and dynamic,also exhibiting overall integrity,awareness,and consciousness features.The paper describes applicability of the patented and revealed in 10 books Spatial Grasp Model and Technology(SGT)and its basic Spatial Grasp Language(SGL)which conceptually and functionally match security problems of large distributed and heterogeneous systems.It investigates very practical security solutions for finding and tracing distribution of forbidden items,world roaming criminals,recovery from natural and human-made disasters,tracing and elimination of moving dangerous objects in terrestrial and celestial spaces,as well as analysis and restoration of damaged transport networks.It advises how different security infrastructures can be organized and managed,and how to cooperate and integrate within global security systems with higher awareness and consciousness levels over them.The provided security-oriented version of SGL can be quickly implemented and integrated with existing distributed management and security systems.

Cyber Resilience through Real-Time Threat Analysis in Information Security

This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends that they are not the same. The concept of cyber security is explored, which goes beyond protecting information resources to include a wider variety of assets, including people [1]. Protecting information assets is the main goal of traditional information security, with consideration to the human element and how people fit into the security process. On the other hand, cyber security adds a new level of complexity, as people might unintentionally contribute to or become targets of cyberattacks. This aspect presents moral questions since it is becoming more widely accepted that society has a duty to protect weaker members of society, including children [1]. The study emphasizes how important cyber security is on a larger scale, with many countries creating plans and laws to counteract cyberattacks. Nevertheless, a lot of these sources frequently neglect to define the differences or the relationship between information security and cyber security [1]. The paper focus on differentiating between cybersecurity and information security on a larger scale. The study also highlights other areas of cybersecurity which includes defending people, social norms, and vital infrastructure from threats that arise from online in addition to information and technology protection. It contends that ethical issues and the human factor are becoming more and more important in protecting assets in the digital age, and that cyber security is a paradigm shift in this regard [1].

Water Resources and Water Services Infrastructure and Its Vulnerability to Extreme Events—The Case of Jordan

This study discussed the water sector as a critical infrastructural element in Jordan where the sector is exposed to the extreme events. The exposure of the country to extreme events has initiated this study. Such events are Pollution accidents, flooding, draughts, overexploitation, failure in electricity supply, climate changes, earthquakes, landslides, failure of dams, failure of wastewater treatment plants, failure of desalination plants, sabotage, fire, water theft, migration and demographic changes (immigration and urban migration), relations to neighboring countries, epidemics, and others. These extreme events are discussed in this article and the results show that failures in the water infrastructure and water supply, in Jordan, with its water sector situation have rigorous percussions on the country’s health, food supply, economy, societal stability, the built environment, and on other water-related issues. The study concludes that developing national programs to protect the water infrastructure in the water-fragile country has become very crucial to reach a robust and resilient water sector which not only means providing the inhabitants with quantitatively sufficient and qualitatively healthy water but also aims to incorporate guaranteeing social, economic and political stability.

Optimization Processes of Tangible and Intangible Networks through the Laplace Problems for Regular Lattices with Multiple Obstacles along the Way

A systematic approach is proposed to the theme of safety,reliability and global quality of complex networks(material and immaterial)by means of special mathematical tools that allow an adequate geometric characterization and study of the operation,even in the presence of multiple obstacles along the path.To that end,applying the theory of graphs to the problem under study and using a special mathematical model based on stochastic geometry,in this article we consider some regular lattices in which it is possible to schematize the elements of the network,with the fundamental cell with six,eight or 2(n+2)obstacles,calculating the probability of Laplace.In this way it is possible to measure the“degree of impedance”exerted by the anomalies along the network by the obstacles examined.The method can be extended to other regular and/or irregular geometric figures,whose union together constitutes the examined network,allowing to optimize the functioning of the complex system considered.

Increasing Threats to United States of America Infrastructure Based on Cyber-Attacks

The United States of America faces an increasing number of threats to its critical infrastructure due to cyber-attacks. With the constant advancement of technology and the interconnectedness of various systems, the vulnerabilities in the nation’s infrastructure have become more pronounced. Cyber-attacks on critical infrastructure, such as power grids, transportation networks, and financial systems, pose a significant risk to national security and public safety. These attacks can disrupt essential services, cause economic losses, and potentially have severe consequences for the well-being of individuals and communities. The rise of cyber-terrorism is also a concern. Cyber-terrorists can exploit vulnerabilities in cyberspace to compromise infrastructure systems, causing chaos and panic among the population. The potential for destructive attacks on critical infrastructure is a pressing issue requiring constant attention and proactive measures.

Cascading effects of cyber-attacks on interconnected critical infrastructure

Modern critical infrastructure,such as a water treatment plant,water distribution system,and power grid,are representative of Cyber Physical Systems(CPSs)in which the physical processes are monitored and controlled in real time.One source of complexity in such systems is due to the intra-system interactions and inter-dependencies.Consequently,these systems are a potential target for attackers.When one or more of these infrastructure are attacked,the connected systems may also be affected due to potential cascading effects.In this paper,we report a study to investigate the cascading effects of cyber-attacks on two interdependent critical infrastructure namely,a Secure water treatment plant(SWaT)and a Water Distribution System(WADI).

Flood cascading on critical infrastructure with climate change:A spatial analysis of the extreme weather event in Xinxiang,China

Floods caused by extreme weather events and climate change have increased in occurrence and severity all over the world,resulting in devastation and disruption of activities.Researchers and policy practitioners have increasingly paid attention to the role of critical infrastructure(CI)in disaster risk reduction,flood resilience and climate change adaptation in terms of its backbone functions in maintaining societal services in hazard attacks.The analysed city in this study,Xinxiang(Henan province,China),was affected by an extreme flood event that occurred on 17–23 July 2021,which caused great socio-economic losses.However,few studies have focused on medium-sized cities and the flood cascading effects on CI during this event.Therefore,this study explores the damages caused by this flooding event with links to CI,such as health services,energy supply stations,shelters and transport facilities(HEST infrastructure).To achieve this,the study first combines RGB(red,green blue)composition and supervised classification for flood detection to monitor and map flood inundation areas.Second,it manages a multiscenario simulation and evaluates the cascading effects on HEST infrastructure.Diverse open-source data are employed,including Sentinel-1 synthetic aperture radar(SAR)data and Landsat-8 OIL data,point-of-interest(POI)and OpenStreetMap(OSM)data.The study reveals that this extreme flood event has profoundly affected croplands and villagers.Due to the revisiting period of Sentinel-1 SAR data,four scenarios are simulated to portray the retreated but‘omitted’floodwater:Scenario 0 is the flood inundation area on 27 July,and Scenarios 1,2 and 3 are built based on this information with a buffer of 50,100 and 150 m outwards,respectively.In the four scenarios,as the inundation areas expand,the affected HEST infrastructure becomes more clustered at the centre of the core study area,indicating that those located in the urban centre are more susceptible to flooding.Furthermore,the affected transport facilities assemble in the north and east of the core study area,implying that transport facilities located in the north and east of the core study area are more susceptible to flooding.The verification of the flood inundation maps and affected HEST infrastructure in the scenario simulation support the series method adopted in this study.The findings of this study can be used by flood managers,urban planners and other decision makers to better understand extreme historic weather events in China,improve flood resilience and decrease the negative impacts of such events on HEST infrastructure.

Backdoor Malware Detection in Industrial IoT Using Machine Learning

With the ever-increasing continuous adoption of Industrial Internet of Things(IoT)technologies,security concerns have grown exponentially,especially regarding securing critical infrastructures.This is primarily due to the potential for backdoors to provide unauthorized access,disrupt operations,and compromise sensitive data.Backdoors pose a significant threat to the integrity and security of Industrial IoT setups by exploiting vulnerabilities and bypassing standard authentication processes.Hence its detection becomes of paramount importance.This paper not only investigates the capabilities of Machine Learning(ML)models in identifying backdoor malware but also evaluates the impact of balancing the dataset via resampling techniques,including Synthetic Minority Oversampling Technique(SMOTE),Synthetic Data Vault(SDV),and Conditional Tabular Generative Adversarial Network(CTGAN),and feature reduction such as Pearson correlation coefficient,on the performance of the ML models.Experimental evaluation on the CCCS-CIC-AndMal-2020 dataset demonstrates that the Random Forest(RF)classifier generated an optimal model with 99.98%accuracy when using a balanced dataset created by SMOTE.Additionally,the training and testing time was reduced by approximately 50%when switching from the full feature set to a reduced feature set,without significant performance loss.

Deriving invariant checkers for critical infrastructure using axiomatic design principles

Cyber-physical systems(CPSs)in critical infrastructure face serious threats of attack,motivating research into a wide variety of defence mechanisms such as those that monitor for violations of invariants,i.e.logical properties over sensor and actuator states that should always be true.Many approaches for identifying invariants attempt to do so automatically,typically using data logs,but these can miss valid system properties if relevant behaviours are not well-represented in the data.Furthermore,as the CPS is already built,resolving any design flaws or weak points identified through this process is costly.In this paper,we propose a systematic method for deriving invariants from an analysis of a CPS design,based on principles of the axiomatic design methodology from design science.Our method iteratively decomposes a high-level CPS design to identify sets of dependent design parameters(i.e.sensors and actuators),allowing for invariants and invariant checkers to be derived in parallel to the implementation of the system.We apply our method to the designs of two CPS testbeds,SWaT and WADI,deriving a suite of invariant checkers that are able to detect a variety of single-and multi-stage attacks without any false positives.Finally,we reflect on the strengths and weaknesses of our approach,how it can be complemented by other defence mechanisms,and how it could help engineers to identify and resolve weak points in a design before the controllers of a CPS are implemented.

EPASAD:ellipsoid decision boundary based Process-Aware Stealthy Attack Detector

Due to the importance of Critical Infrastructure(Cl)in a nation's economy,they have been lucrative targets for cyber attackers.These critical infrastructures are usually Cyber-Physical Systems such as power grids,water,and sewage treatment facilities,oil and gas pipelines,etc.In recent times,these systems have suffered from cyber attacks numer-ous times.Researchers have been developing cyber security solutions for Cls to avoid lasting damages.According to standard frameworks,cyber security based on identification,protection,detection,response,and recovery are at the core of these research.Detection of an ongoing attack that escapes standard protection such as firewall,anti-virus,and host/network intrusion detection has gained importance as such attacks eventually affect the physical dynamics of the system.Therefore,anomaly detection in physical dynamics proves an effective means to implement defense-in-depth.PASAD is one example of anomaly detection in the sensor/actuator data,representing such systems physical dynamics.We present EPASAD,which improves the detection technique used in PASAD to detect these micro-stealthy attacks,as our experiments show that PASAD's spherical boundary-based detection fails to detect.Our method EPASAD overcomes this by using Ellipsoid boundaries,thereby tightening the boundaries in various dimen-sions,whereas a spherical boundary treats all dimensions equally.We validate EPASAD using the dataset produced by the TE-process simulator and the C-town datasets.The results show that EPASAD improves PASAD's average recall by 5.8%and 9.5%for the two datasets,respectively.

Cyber-physical System Security for Networked Industrial Processes

Cyber-physical systems(CPSs) are integrations of networks, computation and physical processes, where embedded computing devices continually sense, monitor, and control the physical processes through networks. Networked industrial processes combining internet, real-time computer control systems and industrial processes together are typical CPSs. With the increasingly frequent cyber-attack, security issues have gradually become key problems for CPSs. In this paper, a cyber-physical system security protection approach for networked industrial processes, i.e., industrial CPSs, is proposed. In this approach, attacks are handled layer by layer from general information technology(IT) security protection, to active protection, then to intrusion tolerance and physical security protection. The intrusion tolerance implemented in real-time control systems is the most critical layer because the real time control system directly affects the physical layer. This novel intrusion tolerance scheme with a closed loop defense framework takes into account the special requirements of industrial CPSs. To illustrate the effectiveness of the CPS security protection approach, a networked water level control system is described as a case study in the architecture analysis and design language(AADL) environment. Simulation results show that 3 types of injected attacks can be quickly defended by using the proposed protection approach.

System resilience enhancement: Smart grid and beyond

Boosting the resilience of power systems is a core requirement of smart grids. In fact, resilience enhancement is crucial to all critical infrastructure systems.In this study, we review the current research on system resilience enhancement within and beyond smart grids. In addition, we elaborate on resilience definition and resilience quantification and discuss several challenges and opportunities for system resilience enhancement. This study aims to deepen our understanding of the concept of resilience and develop a wide perspective on enhancing the system resilience for critical infrastructures.