Infrastructure Protection Research Articles

Validation of Sensor Data Integrity in OT Environments Through Multisource Data Sensors

This research paper focuses on detecting cyber threats from the OT environment by combining data from multiple sources. Monitoring cyber security or hybrid threats in an industrial OT environment is difficult due to different equipment, protocols, environments, personnel management and training, etc. However, the OT environment can also be observed with a multisource sensor system, which can be used to collect data. By combining IT and OT data, additional cyber threats can be found. Especially concerning the integrity of OT command-and-control data. We deal with the key concepts and differences of the industrial operating environment, which create challenges compared to the traditional IT environment. This is important because the policies defined at the European level for the NIS2 regulation are coming to touch all member countries, regardless of what the national implementation schedule is. The increased standards for OT environment cyber security implementation and development will also have an impact on the personnel management and training to support the onboarding of the standards in practice. Critical infrastructure protection is important because, without the protection of critical infrastructure, vital functions cease to function. Hostile actors cause security challenges among Western actors. In this study, we delve into whether it is possible to find threats concerning OT command-and-control process. The increased data surface collected from the IT/OT environment improves the capabilities for the system to detect malicious attacks towards the OT system. With the help of test equipment, the goal is to demonstrate that it is possible to find threats by combining data from multiple sources. With the help of test equipment, we find out IT and OT capabilities, which we load with various attacks and anomalies. We produce added value compared to traditional monitoring method test cases by comparing data obtained from different sources. The research paper shows the importance of detecting OT threats. By monitoring IT and OT environments and combining their data, we can find hidden threats. Only one test equipment configuration has been used in the study, but the results can be generalized and classified. The study also provides guidelines for how the detection of cyber threat capabilities should be developed.

Trustworthy cyber-physical power systems using AI: dueling algorithms for PMU anomaly detection and cybersecurity

Energy systems require radical changes due to the conflicting needs of combating climate change and meeting rising energy demands. These revolutionary decentralization, decarbonization, and digitalization techniques have ushered in a new global energy paradigm. Waves of disruption have been felt across the electricity industry as the digitalization journey in this sector has converged with advances in artificial intelligence (AI). However, there are risks involved. As AI becomes more established, new security threats have emerged. Among the most important is the cyber-physical protection of critical infrastructure, such as the power grid. This article focuses on dueling AI algorithms designed to investigate the trustworthiness of power systems’ cyber-physical security under various scenarios using the phasor measurement units (PMU) use case. Particularly in PMU operations, the focus is on areas that manage sensitive data vital to power system operators’ activities. The initial stage deals with anomaly detection applied to energy systems and PMUs, while the subsequent stage examines adversarial attacks targeting AI models. At this stage, evaluations of the Madry attack, basic iterative method (BIM), momentum iterative method (MIM), and projected gradient descend (PGD) are carried out, which are all powerful adversarial techniques that may compromise anomaly detection methods. The final stage addresses mitigation methods for AI-based cyberattacks. All these three stages represent various uses of AI and constitute the dueling AI algorithm convention that is conceptualised and demonstrated in this work. According to the findings of this study, it is essential to investigate the trade-off between the accuracy of AI-based anomaly detection models and their digital immutability against potential cyberphysical attacks in terms of trustworthiness for the critical infrastructure under consideration.

Improving Detection Capabilities in OT Environments Through Multisource Data Sensors

This research focuses on implementing cyber threat detection in OT environments by combining data from IT and OT sensors and logs to enhance SOC's situational awareness. OT environment is challenging to monitor and includes various sensors. We deal with the key concepts and differences of the industrial operating environment, which create challenges compared to the traditional IT environment. This is important because the policies defined at the European level for the NIS2 regulation will affect all member countries. Hostile actors cause security challenges highlighting the importance of critical infrastructure protection. Cyber security solutions have often solely focused on IT threats, but similar investments have yet to be made in response to the challenges of the OT environment. The security solutions of OT operators rely heavily on solutions from the IT side. Here, we delve into whether it is possible to find threats in the IT/OT ecosystem by combining data from the IT and OT sides. All threats are not found by monitoring data separately from IT or OT sources but we identified hidden threats by monitoring and comparing IT and OT data. This paper shows the importance of detecting OT threats. The study proposes how the detection of cyber threat capabilities should be developed.

Unmasking the Subconscious Fallacies Within Critical Infrastructure Protection

Cybersecurity, a vital challenge in today’s ever-changing digital world, it has gained prominence with the global shift towards cyber-enabled critical infrastructures. Critical infrastructure protection efforts are fundamental for the continuation of essential services. Traditionally constituted as separate sectors, these infrastructures are increasingly interconnected, leading to potential domino effects during security breaches. For instance, failures within the power grid could have cascading effects on multiple sectors that depend on electricity for their operations, creating large-scale failures that affect functions on which society depends. The multidimensional nature of the infrastructures presents complex challenges for solutions, given their status as long-established legacy systems needing further development and enhancements to withstand the digital world. The lack of a concerted and focused infrastructure enhancement strategy has led to incremental approaches versus a comprehensive revamp to ensure a holistic cyber protection program. A lack of national focus has created inconsistencies that can lead to potentially catastrophic consequences. Understanding the decision-making processes within a complex environment is critical to the mission success. One significant risk is the cognitive roadblocks that have the potential to influence one’s judgements as this often outweighs balanced decisions. This study aims to investigate the subconscious biases that arise from a perceived resolution of the problem which can lead to de-prioritization within the decision-making processes. The study employs a convergent parallel mixed methods design to collect and analyse the data. The study then will compare the results allowing for the exploration of various aspects of the research. This approach is aligned to provide a thorough understanding of the challenges associated with protecting the infrastructures and the underlying subconscious fallacies in the digital age, thereby devising effective mitigation strategies, and fostering a more sustainable and resilient critical infrastructure that is useful for a variety of stakeholders, including policymakers, infrastructure owners and operators, cybersecurity professionals, and researchers

Cyber Game-Based Learning for DoD CEs

Cyber competition and conflict remain an enduring concern for the Department of Defense (DoD). Positive control of cyberspace is crucial across the vast diversity of military operations and supporting activities. People play an important role in cyber prevention, detection, and remediation, but they receive relatively little training outside of the annual Cyber Awareness Challenge. While this gamified training is a reasonable baseline, it primarily addresses cybersecurity from the office worker's perspective. Other career fields within the DoD may benefit from specialized training in cybersecurity, in particular the civil engineering (CE) community supporting critical infrastructure protection. This paper surveys a range of contemporary cyber serious games and assesses each for potential inclusion into CE training. Furthermore, it suggests game elements and characteristics that are likely to benefit the CE community.

РОЗВИТОК СУЧАСНИХ ТЕХНОЛОГІЙ: ВИКЛИКИ ДЛЯ НАЦІОНАЛЬНОЇ БЕЗПЕКИ ПОЛЬЩІ

The main purpose of the article is to analyze national security challenges related to the development of modern technologies. The impact of this phenomenon on many aspects of safety in cyberspace is presented. The relationship between modern technologies with the military security of the state is also presented. There is also a cross-discussion of the struggle of state entities with terrorist threats directly related to dynamic technological progress. The possibilities of cybersecurity education at universities, within the framework of postgraduate education, courses and trainings are analyzed. The study shows that modern technologies have a significant impact on Poland's national security. Rapid technological development poses a serious threat to national security for any country, including Poland. They directly influence national security aspects as the fight against terrorism, ensuring the security of state institutions in cyberspace and guaranteeing permanent military development necessary to counteract both common and hybrid threats. The functioning of state entities and their citizens requires constant adaptation to an environment that changes dynamically in the international arena. Poland, like any other country, should be in constant readiness to resist the above mentioned challenges to defend their own national interests. To do this, you need to use the opportunities and soften the threats associated with the constant inter -sectoral development of technology. Modern information technologies offer advanced means and capabilities of cybersecurity. However, it also increases the potential for cyberattacks, which requires constant improvement and adaptation of cybersecurity policy. The development of military technologies, including artificial intelligence, nanotechnology, or cybercribe, changes the face of national defense. Poland needs to be effectively investing in modern defense technologies in order to maintain their defense capability at a proper level. Modern technologies influence the protection of critical infrastructure from potential terrorist attacks. Integrated IT systems can increase efficiency, but at the same time increase the risk of cyberattacks that can have serious consequences for the country's functioning. It is also necessary to strengthen international cooperation to exchange advanced experiences and work together to protect against modern technological threats. Key words: technology, military safety, terrorism, cyberspace, cybersecurity, higher education, Poland.

Enhancing cybersecurity in Edge IIoT networks: An asynchronous federated learning approach with a deep hybrid detection model

In the rapidly evolving field of the Industrial Internet of Things (IIoT), advancements in wireless technology have resulted in significant cybersecurity vulnerabilities. These weaknesses pose serious risks such as damage to manufacturing systems, theft of intellectual property, and substantial financial losses. This study introduces an advanced deep hybrid learning model in an asynchronous federated learning setup, aimed at improving the detection of cyberattacks and ensuring robust data privacy. The combination of Convolutional Neural Networks (CNN), Gated Recurrent Units (GRU), and Long Short-Term Memory (LSTM) networks provides an effective solution for quickly identifying anomalies in IIoT sensor traffic. Our model operates asynchronously, ensuring data remains localised to improve security while avoiding the need for complete node synchronisation. Demonstrating outstanding effectiveness, the model achieves an accuracy of 1.00%, precision of 1.00%, recall of 1.00%, and an F1 score of 1.00% across a variety of IIoT environments. These results highlight the model’s exceptional adaptability and its capability to rapidly respond to emergent threats, marking a significant step forward in the protection of IIoT infrastructures and the rigorous maintenance of data privacy.

Defending seabed lines of communication

ABSTRACT Australia is yet to adequately grapple with the unique challenges that critical seabed infrastructure protection poses to its defence and national security. While the paramount importance of Australia's sea lines of communication are widely understood, Australia's seabed lines of communication are understudied and underappreciated. This article lays the foundation for an Australian strategy to protect critical seabed infrastructure that constitutes seabed lines of communications. The article first overviews critical seabed infrastructure in Australia's immediate region. Second, it examines various suspected cases of seabed warfare in Europe and the Indo-Pacific which targeted critical seabed infrastructure. Third, the article analyses Australia's response to date, before, fourth and finally, outlining how Australia, and in particular the Royal Australian Navy (RAN), ought to respond to the growing threat to seabed lines of communication. By systematically analysing seabed warfare trends since 2021 using reputable journalism, think tank reports and fresh regional responses, this article demonstrates Australia's seabed vulnerabilities, and novel resiliency strategies.

Objects of specially protected natural areas as a specific architectural and typological group

The directions for the development and improvement of the architecture of tourist infrastructure facilities in specially protected natural areas (SPNA) are considered. Today there is no comprehensive system of requirements for their architectural solutions. In this work, based on an analysis of current practical experience, an attempt was made to identify the specific features of the main types of objects for protected areas. In particular, it was emphasized that the composition of protected area infrastructure facilities should be formed taking into account the entire range of tasks assigned to them, and above all, nature conservation. In this regard, urban planning, architectural, structural and engineering solutions should help minimize the anthropogenic impact on the environment. Examples of various types of buildings implemented according to projects of architectural bureaus from different countries are given.

Does digital-industrial technology integration reduce corporate carbon emissions?

The integration of digital technology and industrial technology emerges as a pivotal avenue for enterprises to attain Sustainable Development Goals (SDGs), promoting the transition towards a sustainable and green trajectory of development. The panel data utilized in this paper encompasses financial, operational, and carbon emission metrics of publicly listed companies in China from 2008 to 2019. This longitudinal dataset enables us to perform robust statistical analyses to evaluate the impacts of Digital-Industrial technology integration on carbon emission intensity over time. The results indicate that: (i) Digital-Industrial technology integration significantly reduces the carbon emission intensity of enterprises, the conclusion remains robust when subjected to endogeneity and sensitivity analyses. (ii) Digital-Industrial technology integration mainly reduces the marginal cost of production and enhances the accumulation of knowledge to reduce the carbon emission intensity of enterprises. (iii) Digital-Industrial Technology Integration manifests more pronounced effects in curbing carbon emissions in regions characterized by robust property rights protection and well-developed digital infrastructure. (iv) Further research finds that Digital-Industrial technology integration increases the green technology innovation and ESG (Environmental, Social, and Governance) performance of enterprises. The results of this study provide empirical evidence for the carbon emission reduction function of the Digital-Industrial technology integration, and also verify the positive externality impact of the Digital-Industrial technology integration on the enterprise green innovation and SDGs.

Building a Legislative Framework for Securing Georgia’s Strategic Assets

Abstract The article discusses the importance of modernizing and securing critical infrastructure in Georgia, particularly within the context of its geopolitical position and evolving economic landscape, by building an appropriate legal framework. The article outlines the signifi cant impact of cyberspace on traditional sectors such as energy, transportation, and telecommunications, necessitating a re-evaluation of critical infrastructure in the digital age. Highlighting Georgia’s aspirations to align with European and Euro-Atlantic structures for enhanced national security and democratization, the study emphasizes the need for regulatory and legislative frameworks that would be compatible with EU standards. Drawing on a comparative analysis between Estonia and Georgia, the research identifies gaps and areas for improvement in Georgia’s critical infrastructure protection (CIP) system. Through the examination of Estonia’s successful transformation from a Soviet-era environment to a robust EU-compatible CIP system, the study offers recommendations tailored to Georgia’s context.

Mapping Regional Security Dynamics: Traditional and Non-Traditional Perspectives on the Belt and Road Initiative (BRI)

The research article delves into the multifaceted security dimensions of China's Belt and Road Initiative (BRI) and its domain allegations. Securitization Theory and Non-Traditional Security Cooperation Theory, find out about scrutinizes traditional challenges like geopolitical rivalries and military engagements, revealing their intertwined nature with financial development. Non-traditional security concerns, along with terrorism threats and cybersecurity issues, add in addition complexity to the BRI. The research emphasizes China's proactive policies, analysing security cooperation, threat valuation, prison frameworks, and infrastructure protection measures. It underscores China's dedication to safeguarding investments distant places whilst merchandising stability. The research about additionally explores regional safety cooperation, highlighting the interconnectedness of traditional and non-traditional security dynamics. Overall, the findings illuminate the refined stability wanted in decision-making for sustainable improvement inside the BRI, showcasing the nuanced interaction between China's monetary ambitions, security considerations, and evolving geopolitical dynamics, offering each possibilities and challenges for China and its associate states concerned in the initiative.

Advancing coordination in critical maritime infrastructure protection: Lessons from maritime piracy and cybersecurity

Critical maritime infrastructure protection has become a priority in ocean governance, particularly in Europe. Increased geopolitical tensions, regional conflicts, and the Nord Stream pipeline attacks in the Baltic Sea of September 2022 have been the main catalysts for this development. Calls for enhancing critical maritime infrastructure protection have multiplied, yet, what this implies in practice is less clear. This is partially a question of engineering and risk analysis. It also concerns how the multitude of actors involved can act concertedly. Dialogue, information sharing, and coordination are required, but there is a lack of discussion about which institutional set ups would lend themselves. In this article, we argue that the maritime counter-piracy operations off Somalia, as well as maritime cybersecurity governance hold valuable lessons to provide new answers for the institutional question in the critical maritime infrastructure protection agenda. We start by clarifying what is at stake in the CMIP agenda and why it is a major contemporary governance challenge. We then examine and assess the instruments found in maritime counter-piracy and maritime cybersecurity governance, including why and how they provide effective solutions for enhancing critical maritime infrastructure protection. Finally, we assess the ongoing institution building for CMIP in Europe. While we focus on the European experience, our discussion on designing institutions carries forward lessons for CMIP in other regions, too.

The heterogeneity of human flood adaptation characteristics in Central Asia based on human-flood distance

The Central Asian region is subject to frequent seasonal floods, resulting in substantial losses. These recurrent floods have induced certain changes in human flood adaptation characteristics in Central Asia, an area that is currently under-researched. This study, grounded in meticulously simulated flood inundation outcomes, multisource population distribution data, and flood protection infrastructure data, introduces an improved approach to calculating the distance between human and flood (HFD) and investigates human flood adaptation characteristics in Central Asia. Our findings indicate that residents in Central Asia get close to flood-prone areas from 1970 to 2007, with the exceptions of Turkmenistan (TKM) and Kyrgyzstan (KGZ). Notably, this trend is particularly pronounced in regions such as Xinjiang, China, and Tajikistan (TJK). An intricate exponential increase is observed in the population exposed to floods as the HFD decreases. Under future scenarios, KGZ exhibits the most significant trend of staying away from flood-prone areas, while TJK presents the opposite trend, and TKM experiences minimal changes. Additionally, compared with urban areas, rural areas of Central Asia exhibit a trend towards approaching floods. This study underscores the optimum nature of human flood adaptation when the HFD reaches 4.23 km, showing the potential for substantial benefits by implementing population evacuation within this threshold buffer zone. These insights highlight the complex interplay between human behaviours and floods and can inform the formulation of effective flood risk mitigation strategies.

A New Strategy is Needed to Solve the 50-Year-Old Problem - EMP Protection of Critical Civilian Infrastructure

The problem of the destructive effects of High-Altitude Electromagnetic Pulse (HEMP or EMP) on electronic and electrical equipment has been well known for more than 50 years. All military equipment and critical equipment of special governmental services are reliably protected from such influences. There are many companies on the market that manufactures numerous EMP protection means that meet the requirements of military standards. It would seem that in such a situation, critical civilian infrastructure facilities (electrical power systems, water supply systems, communications, large medical centers, banks, etc.) should also be protected against EMP. But it turns out that this is not the case! Nowhere in the world are critical civilian infrastructure still protected from such impacts! Why? The main reason is an attempt to use well-known military strategies, methods and protection means for protecting civilian infrastructure. This article proposes new protection strategies and methods for the civilian sector.

Automatic Detection and Analysis of the Shoreline Change Rate at Maravanthe Coast, India

Maravanthe Beach has been witnessing erosion due to waves caused by tidal forces, destroying vegetation, and causing enormous damage to people’s lives, livestock, and property. Hence, an attempt has been made to understand the shoreline change analysis using the automatic shoreline extraction method and determine the rate of change in terms of erosion and accretion rate before and after the construction of coastal structures during the period from 2014 to 2023. The SWAT model was applied to analyze the influence of surface runoff on shoreline changes near Maravanthe Beach for the periods 2004–2014 and 2012–2023. Also, runoff was chosen as one of the parameters for validation of the analysis. It was noticed that the shoreline stretch had experienced significant erosion prior to the construction of shore protection infrastructure. Soon after the deployment of certain shore structures, the shoreline progressed from a high erosion stretch to a low erosion stretch. This study reveals that Maravanthe Beach witnessed greater erosion during the period 2014–2018 than it did from 2019–2023 and also observed a decrease in erosion from 11% to 3% and an increase in the accretion zones from 2 to 9%.

Local community participation in Tanzania's natural gas sector: A dissection of policies and the regulatory frameworks

The discovery of significant natural gas reserves in Tanzania prompted the government to develop policies and regulatory frameworks for better management of this sector. Nevertheless, knowledge of how these policies and regulatory frameworks facilitate local community participation in the sector is scant and attention to these issues is limited. We use qualitative data and the Context Interaction Theory (CIT) as our lens to analyse the sectoral policies and regulatory frameworks to understand whether and how they facilitate local community participation. Our analysis revealed that the natural gas policies and frameworks have to some extent facilitated local community participation through provision of employment opportunities, participation in the implementation of Corporate Social Responsibility projects and protection of the gas infrastructures. However, meaningful local community participation is constrained by various factors including inadequate qualified and skilled individuals among the locals; misinformation to local community members; and insufficient awareness on the natural gas policies and regulatory frameworks. We recommend policies and regulatory frameworks that support local capacity development and empower local government authorities to develop their capacity for translating policies into practice on local community participation. These measures should involve ‘policy learning” from countries that have been successful in developing inclusive participation policies and responsive institutions.

Trellising is advantageous over ground culture for out-of-season, protected production and storage of sweet acorn squash

Acorn squash (Cucurbita pepo) have been a familiar item at produce stands for decades in the United States and Canada, but little known or appreciated elsewhere. Following the breeding and development of sweet-fleshed acorn squash in Israel and its commercial introduction in 2007, acorn squash became a high-priced, popular produce item there. Scarcity of supply in winter has led to attempts to fill the consumer demand by using available protected cultivation infrastructure in the relatively mild area of southwestern Israel for production. Such production has proven feasible but it was not determined whether it would be preferable to allow the plants to simply grow sprawling on the ground or vertically, using trellises to train the plants to grow erect. Two sweet acorn squash hybrid cultivars differing in fruit size were compared, growing on the ground or on trellises, for yield, quality, and storability of the fruits. The hybrids bore fully ripe fruits from December through February, producing 56% higher yields when trellised rather than when allowed to grow on the ground. The fruits of trellised plants of both hybrids were more uniformly black-green and firmer than those of ground-grown plants. Their dry matter content at harvest and after 78 days of storage was very high, averaging 28% and 25%, respectively. Total soluble solids content of the fruit flesh from trellised plants was 19% at harvest and an extraordinary 20% after storage at 10°C, 70% RH. The fruit flesh of trellised plants was also more highly colored and had higher carotenoid, ascorbate, and anti-oxidant contents. Overall, trellising of sweet acorn squash during the winter under protected cultivation resulted in significantly higher yields and the finest fruit quality.

Cloud service models, business continuity and disaster recovery plans, and responsibilities

Purpose The purpose of this article is to identify the role of cloud computing services in business continuity and disaster recovery plans and delineate responsibilities for their execution. In recent times, there has been a huge upsurge in the usage of cloud service models such as infrastructure-as-a-service, platform-as-a-service, software-as-a-service and disaster recovery-as-a-service. However, in case of an emergency event or during contract negotiations, a question might arise as to who should be accountable and responsible for the content and execution of recovery plans. The main stakeholders in this scenario are cloud service providers and cloud consumers. Design/methodology/approach After a review of academic articles, standards, guidelines and vendor documentation, a proposal for assigning accountability and responsibility for business continuity and disaster recovery plans is presented, based on the RACI (responsible, accountable, consulted and informed) matrix. In this regard, a critical information infrastructure protection plan, a disaster recovery plan, an information systems contingency plan and a business continuity plan have been elaborated on in the article. Findings RACI matrices are presented for three general cloud service models and for three DRaaS models (managed, assisted and self-service). Accountability and responsibilities depend on the deployed cloud service model and the roles of cloud service providers and cloud consumers. Originality/value The proposed model for accountability and responsibility assignment provides a guideline for the allocation of responsibilities to roles not only during recovery but also during contract negotiations between cloud service providers and cloud consumers. By delving into business continuity and disaster recovery processes and activities, similar yet nuanced RACI matrices should be developed, as presented in this paper. They need to be customised for the specific context.

Protecting critical infrastructure against cascading effects: The PRECINCT approach

Critical Infrastructures (CIs), which serve as the foundation of our modern society, are facing increasing risks from cyber threats, physical attacks, and natural disasters. Additionally, the interdependencies between CIs throughout their operational lifespan can also significantly impact their integrity and safety. As a result, enhancing the resilience of CIs has emerged as a top priority for many countries, including the European Union. This involves not only understanding the threats/attacks themselves but also gaining knowledge about the areas and infrastructures that could potentially be affected. A European Union-funded project named PRECINCT (Preparedness and Resilience Enforcement for Critical INfrastructure Cascading Cyber-Physical Threats), under the Horizon 2020 program, tries to connect private and public stakeholders of CIs in a specific geographical area. The key objective of this project is to establish a common cyber-physical security management approach that will ensure the protection of both citizens and infrastructures, creating a secure territory. This paper presents the components of PRECINCT, including a directory of PRECINCT Critical Infrastructure Protection (CIP) blueprints. These blueprints support CI communities in designing integrated ecosystems, operating and replicating PRECINCT components (or toolkits). The integration enables coordinated security and resilience management, incorporating improved 'installation-specific' security solutions. Additionally, Serious Games (SG), and Digital Twins (DT) are a significant part of this project, serving as a novel vulnerability evaluation method for analysing complicated multi-system cascading effects in the PRECINCT Living Labs (LLs). The use of SG supports the concentrated advancement of innovative resilience enhancement services.