Special Issue "Cyber-Physical Security for Critical Infrastructures"

A special issue of Journal of Cybersecurity and Privacy (ISSN 2624-800X). This special issue belongs to the section "Security Engineering & Applications".

Deadline for manuscript submissions: 30 September 2022 | Viewed by 5204

Special Issue Editors

Prof. Dr. Isabel Praça
E-Mail Website
Guest Editor
School of Engineering (ISEP) / Polytechnic Institute of Porto (IPP), Porto, Portugal
Interests: cyber security; machine learning; intelligent decision support; intelligent and secure energy systems
Special Issues, Collections and Topics in MDPI journals
Prof. Dr. Silvio Ranise
E-Mail Website1 Website2
Guest Editor
Department of Mathematics, University of Trento and Center for Information and Communication Technology, Fondazione Bruno Kessler, Trento, Italy
Interests: digital identity (identification, authentication, access control); security and quality of virtualized systems (cloud, edge, Internet of Things); risk and privacy assessment; formal methods for security analysis; applied cryptography
Dr. Luca Verderame
E-Mail Website
Guest Editor
Computer Security at CSecLab, DIBRIS, University of Genova, Genoa, Italy
Interests: IoT security; mobile security; OS security
Dr. Habtamu Abie
E-Mail Website
Guest Editor
Norsk Regnesentral (Norwegian Computing Center, NR), 0373 Oslo, Norway
Interests: adaptive security; cybersecurity; Internet of Things; context-awareness; game theory; WBANs
Special Issues, Collections and Topics in MDPI journals

Special Issue Information

Dear Colleagues,

The secure operation of critical infrastructures is essential to the security of a nation, its economy, and the public’s health and safety. Security incidents in critical infrastructures can directly lead to a violation of users’ safety and privacy, physical damages, significant economic impacts for individuals and companies, and threats to human life, while decreasing trust in institutions and bringing their social value into question. Because of the increasing interconnection between the digital and physical worlds, these infrastructures and services are more critical, sophisticated, and interconnected than ever before. This makes them increasingly vulnerable to attacks, as confirmed by the steady rise of cyber-security incidents such as phishing or ransomware, but also cyber-physical incidents, such as the physical violation of devices or facilities in conjunction with malicious cyber activities. To address all these challenges, this Special Issue has the objective of bringing together security researchers and practitioners from the various verticals of critical infrastructures (e.g., the financial, energy, health, air transport, communication, gas and water domains) to rethink cyber-physical security in light of the latest technological developments (e.g., cloud computing, blockchain, big data, AI, internet-of-things (IoT)).

Prof. Dr. Isabel Praça
Dr. Luca Verderame
Dr. Habtamu Abie
Prof. Dr. Silvio Ranise
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Journal of Cybersecurity and Privacy is an international peer-reviewed open access quarterly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1000 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • critical infrastructures
  • cyber-physical security
  • collaborative risk assessment
  • predictive security

Published Papers (4 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

Article
A Trust-Based Intrusion Detection System for RPL Networks: Detecting a Combination of Rank and Blackhole Attacks
J. Cybersecur. Priv. 2022, 2(1), 124-153; https://doi.org/10.3390/jcp2010009 - 09 Mar 2022
Viewed by 490
Abstract
Routing attacks are a major security issue for Internet of Things (IoT) networks utilising routing protocols, as malicious actors can overwhelm resource-constrained devices with denial-of-service (DoS) attacks, notably rank and blackhole attacks. In this work, we study the impact of the combination of [...] Read more.
Routing attacks are a major security issue for Internet of Things (IoT) networks utilising routing protocols, as malicious actors can overwhelm resource-constrained devices with denial-of-service (DoS) attacks, notably rank and blackhole attacks. In this work, we study the impact of the combination of rank and blackhole attacks in the IPv6 routing protocol for low-power and lossy (RPL) networks, and we propose a new security framework for RPL-based IoT networks (SRF-IoT). The framework includes a trust-based mechanism that detects and isolates malicious attackers with the help of an external intrusion detection system (IDS). Both SRF-IoT and IDS are implemented in the Contiki-NG operating system. Evaluation of the proposed framework is based on simulations using the Whitefield framework that combines both the Contiki-NG and the NS-3 simulator. Analysis of the simulations of the scenarios under active attacks showed the effectiveness of deploying SRF-IoT with 92.8% packet delivery ratio (PDR), a five-fold reduction in the number of packets dropped, and a three-fold decrease in the number of parent switches in comparison with the scenario without SRF-IoT. Moreover, the packet overhead introduced by SRF-IoT in attack scenarios is minimal at less than 2%. Obtained results suggest that the SRF-IoT framework is an efficient and promising solution that combines trust-based and IDS-based approaches to protect IoT networks against routing attacks. In addition, our solution works by deploying a watchdog mechanism on detector nodes only, leaving unaffected the operation of existing smart devices. Full article
(This article belongs to the Special Issue Cyber-Physical Security for Critical Infrastructures)
Show Figures

Figure 1

Article
Extending the Quality of Secure Service Model to Multi-Hop Networks
J. Cybersecur. Priv. 2021, 1(4), 793-803; https://doi.org/10.3390/jcp1040038 - 15 Dec 2021
Viewed by 562
Abstract
Rarely are communications networks point-to-point. In most cases, transceiver relay stations exist between transmitter and receiver end-points. These relay stations, while essential for controlling cost and adding flexibility to network architectures, reduce the overall security of the respective network. In an effort to [...] Read more.
Rarely are communications networks point-to-point. In most cases, transceiver relay stations exist between transmitter and receiver end-points. These relay stations, while essential for controlling cost and adding flexibility to network architectures, reduce the overall security of the respective network. In an effort to quantify that reduction, we extend the Quality of Secure Service (QoSS) model to these complex networks, specifically multi-hop networks. In this approach, the quantification of security is based upon probabilities that adversarial listeners and disruptors gain access to or manipulate transmitted data on one or more of these multi-hop channels. Message fragmentation and duplication across available channels provides a security performance trade-space, with its consequent QoSS. This work explores that trade-space and the corresponding QoSS model to describe it. Full article
(This article belongs to the Special Issue Cyber-Physical Security for Critical Infrastructures)
Show Figures

Figure 1

Article
A Methodological Approach to Evaluate Security Requirements Engineering Methodologies: Application to the IREHDO2 Project Context
J. Cybersecur. Priv. 2021, 1(3), 422-452; https://doi.org/10.3390/jcp1030022 - 13 Jul 2021
Cited by 1 | Viewed by 1178
Abstract
An effective network security requirement engineering is needed to help organizations in capturing cost-effective security solutions that protect networks against malicious attacks while meeting the business requirements. The diversity of currently available security requirement engineering methodologies leads security requirements engineers to an open [...] Read more.
An effective network security requirement engineering is needed to help organizations in capturing cost-effective security solutions that protect networks against malicious attacks while meeting the business requirements. The diversity of currently available security requirement engineering methodologies leads security requirements engineers to an open question: How to choose one? We present a global evaluation methodology that we applied during the IREHDO2 project to find a requirement engineering method that could improve network security. Our evaluation methodology includes a process to determine pertinent evaluation criteria and a process to evaluate the requirement engineering methodologies. Our main contribution is to involve stakeholders (i.e., security requirements engineers) in the evaluation process by following a requirement engineering approach. We describe our experiments conducted during the project with security experts and the feedback we obtained. Although we applied it to evaluate three requirements engineering methods (KAOS, STS and SEPP) in the context of network security, our evaluation methodology can be instantiated in other contexts and other methods. Full article
(This article belongs to the Special Issue Cyber-Physical Security for Critical Infrastructures)
Show Figures

Figure 1

Article
CLAP: A Cross-Layer Analytic Platform for the Correlation of Cyber and Physical Security Events Affecting Water Critical Infrastructures
J. Cybersecur. Priv. 2021, 1(2), 365-386; https://doi.org/10.3390/jcp1020020 - 09 Jun 2021
Viewed by 1434
Abstract
Water CIs are exposed to a wide number of IT challenges that go from the cooperation and alignment between physical and cyber security teams to the proliferation of new vulnerabilities and complex cyber-attacks with potential disastrous consequences. Although novel and powerful solutions are [...] Read more.
Water CIs are exposed to a wide number of IT challenges that go from the cooperation and alignment between physical and cyber security teams to the proliferation of new vulnerabilities and complex cyber-attacks with potential disastrous consequences. Although novel and powerful solutions are proposed in the literature, most of them lack appropriate mechanisms to detect cyber and physical attacks in real time. We propose a Cross-Layer Analytic Platform (denoted as CLAP) developed for the correlation of Cyber and Physical security events affecting water CIs. CLAP aims to improve the detection of complex attack scenarios in real time based on the correlation of cyber and physical security events. The platform assigns appropriate severity values to each correlated alarm that will guide security analysts in the decision-making process of prioritizing mitigation actions. A series of passive and active attack scenarios against the target infrastructure are presented at the end of the paper to show the mechanisms used for the detection and correlation of cyber–physical security events. Results show promising benefits in the improvement of response accuracy, false rates reduction and real-time detection of complex attacks based on cross-correlation rules. Full article
(This article belongs to the Special Issue Cyber-Physical Security for Critical Infrastructures)
Show Figures

Figure 1

Back to TopTop