Search Results (2,942)

Organisations increasingly face complex cybersecurity threats shaped not only by internal capabilities but also by external regulatory, institutional, and environmental conditions. While existing cybersecurity standards and maturity models provide valuable guidance, they often offer limited support for assessing organisational readiness in a manner that is both context-sensitive and diagnostically meaningful. This paper presents a context-aware cybersecurity readiness assessment framework designed to support organisational evaluation of cybersecurity readiness while explicitly accounting for external environmental influences. The framework adopts a two-tier architecture. Tier 1 assesses organisational awareness of and engagement with the external cybersecurity environment, including national regulatory obligations, institutional support mechanisms, and international collaboration. Tier 2 evaluates internal organisational cybersecurity readiness across governance, operational controls, awareness and culture, and external collaboration practices. The two tiers are designed to operate independently, enabling complementary interpretation without assuming deterministic relationships between external context and internal capability. The framework is developed and evaluated using a Design Science Research approach and is operationalised through a structured assessment instrument and an interpretable scoring model. Empirical validation is conducted across multiple organisational contexts operating in developing and emerging environments, with qualitative case study evidence where available. The results demonstrate that the framework differentiates meaningfully across readiness domains, avoids artificial score inflation or compression, and supports interpretable diagnosis of alignment gaps between external expectations and internal practices. The study contributes a validated assessment artefact that extends cybersecurity awareness research into a broader organisational readiness perspective. From a practical standpoint, the framework provides organisations, policymakers, and researchers with a structured tool to support incremental improvement, informed decision-making, and reflective engagement with both internal cybersecurity practices and external environmental conditions. Full article

UK ports handle the vast majority of national trade by volume and constitute Critical National Infrastructure. Since 2004, the SOLAS/ISPS Code and the Port Security Regulations 2009 have established baseline security requirements, recently supplemented by the National Security and Investment Act 2021 and the National Security Act 2023, creating overlapping obligations. This contribution maps the evolving regulatory framework (ISPS/Port Security Regulations, NSI 2021, NSA 2023, and CNI-related guidance). It assesses operational impacts using industry metrics and draws comparative lessons from Singapore and Rotterdam. Empirical research indicates that security regulation is not uniformly detrimental to performance: targeted, intelligence-led, and technology-enabled measures can coincide with productivity gains, whereas fragmented or blanket compliance regimes are more consistently associated with increased dwell times and throughput loss. These delays propagate through supply chains and intensify cost pressures, with proportionally greater impacts on mid-sized ports. Comparative evidence indicates that risk-based screening, integrated cyber–physical platforms, transparent governance, and clear cost-sharing frameworks can maintain security without compromising commercial performance. The contribution recommends (i) tiered, risk-based screening with transparent indicators; (ii) the consolidation of overlapping regulatory obligations; (iii) clearer liability frameworks, including model terms and alternative dispute resolution; and (iv) scheduled review provisions to maintain proportionality over time. Full article

Supply chain cybersecurity is a growing concern for businesses as they utilize increasingly interconnected digital systems. This systematic literature review examines how machine learning (ML) and business intelligence (BI) may be used in conjunctions to improve supply chain cyber security risk management. This review followed PRISMA guidelines. A quality evaluation was performed based on CASP to evaluate 35 peer-reviewed articles published in 2016–2025. The review analysis indicates that although ML has been extensively utilized for threat detection, BI utilization is fragmented. Additionally, there is a lack of integrated ML-BI frameworks, specifically for small–medium enterprises (SMEs) and developing economies. As such, this literature review provides a conceptual four-layer framework of predictive and analytical capabilities for threat detection, risk assessment, and decision-making. It also identifies a structured research agenda with which to advance the field of research. Full article

Benggang (Benggang), a typical landform characterized by severe erosion and a geohazard in the red-soil hilly regions of southern China, is characterized by a fragmented texture, irregular boundaries, and high similarity to background objects such as bare soil and roads, which poses a dual challenge of “multiscale variability + strong noise” for automated identification at regional scales. To address insufficient information from a single modality and the limited representation of cross-scale features, this study proposes a dual-stream feature-fusion network (DF-Net) for multisource data consisting of a digital orthophoto map (DOM) and a digital elevation model (DEM). The method adopts ResNeSt50d as the backbone of the two branches: on the DOM side, a Canny-edge channel is stacked to enhance high-frequency boundary information; on the DEM side, derived terrain factors, including slope, aspect, curvature, and hillshade, are introduced to provide morphological constraints. In the cross-modal fusion stage, a multiscale sparse attention fusion module is designed, which acquires contextual information via multiwindow average pooling and suppresses noise interference through top-K sparsification. In the decision stage, a multibranch ensemble is employed to improve classification stability. Taking Anxi County, Fujian Province, as the study area, a coregistered dataset of GF-2 (1 m) DOM and ALOS (12.5 m) DEMs is constructed, and a zonal partitioning strategy is adopted to evaluate the model’s generalization ability. The experimental results show that DF-Net achieves 97.44% accuracy, 85.71% recall, and an 82.98% F1 score in the independent test zone, outperforming multiple mainstream CNN/transformer classification models. This study indicates that the strategy of “multimodal feature enhancement + sparse attention fusion” tailored to Benggang erosional landforms can significantly improve recognition performance under complex backgrounds, providing technical support for rapid Benggang surveys and governance-effectiveness assessments. Full article

The increasing digitization of manufacturing and the integration of CNC and industrial control systems into the industry 4.0 environment have introduced new cybersecurity risks that directly affect operational reliability. Traditional deterministic risk-assessment methods used for securing ICS—such as SCADA, PLC, and CNC systems—struggle to address uncertainty, dynamic operating conditions, and complex dependencies between technical and organizational factors. To overcome these limitations, this study develops a Bayesian Network (BN) model that captures probabilistic relationships between machine-level configuration parameters, network conditions, and potential security incidents. The model is applied to a CNC machining center (ZPS MCG1000i), where it supports scenario-based prediction of cybersecurity risks and provides interpretable outputs suitable for operator decision-making and human–machine interaction. The results demonstrate that BNs are effective in environments with limited data availability and high uncertainty, offering transparent and quantifiable insights into how specific misconfigurations—such as active remote access or irregular firmware updates—elevate overall system exposure. The proposed approach aligns with current regulatory and standardization requirements, including the NIS2 Directive (EU 2022/2555), ISO/IEC 27001:2022, ISO/IEC 27005:2022, and Regulation (EU) 2024/2847 (Cyber Resilience Act), which define cybersecurity obligations for products with digital elements. The study provides a reproducible and future-oriented methodology for integrating cybersecurity into machinery-safety evaluation in modern industrial environments. Full article

Security organizations increasingly rely on cyber threat intelligence (CTI) sharing to enhance their resilience against cyberattacks. Indicators of Compromise (IoCs) play a critical operational role in CTI by providing malicious artifacts that support threat detection, incident response, and facilitate proactive defense. However, the rapid growth of social media as CTI sources, characterized by short-text content, poses significant challenges to automated IoC extraction, contextual interpretation, operational integration, and reliable verification. To address these challenges, this study proposes a comprehensive framework that integrates Large Language Models (LLMs) across multiple stages of the CTI pipeline. The framework leverages LLM-driven data augmentation, a hybrid classification model, and contextual summarization to enhance short-text understanding while supporting expert-in-the-loop validation for operational reliability. Extensive experimental evaluations demonstrate that LLM-driven data augmentation substantially improves model robustness and generalization while reducing false-positive alerts, achieving a precision of $98.87$%. Quantitative diversity analysis and expert-based human evaluation further confirm the linguistic quality and correctness of the generated augmented samples. In addition, IoC reports are validated using both reference-based and reference-free evaluation metrics that show strong alignment and high semantic adequacy. Moreover, a technology acceptance model was integrated with cybersecurity domain constructs to assess the acceptance factors of the proposed framework. Regression analysis showed that perceived usefulness, behavioral intention, trust in automation, and risk were the strongest predictors of actual use. These predictors are commonly interpreted as indicators of technology acceptance. Full article

Industrial Control Systems (ICSs) are the backbone of modern critical infrastructure, such as electric power, water treatment, oil and gas distribution, and manufacturing operations. While the convergence of IT and OT has greatly increased efficiency and observability, it has also greatly expanded the attack surface of these once-isolated systems. High-profile cyber-physical attacks, including Stuxnet (2010), TRITON (2017), and the Colonial Pipeline ransomware attack (2021), have shown that ICS-targeted cyberattacks can cause physical damage, disrupt economic stability, and put public safety at risk. Despite the growing prevalence and intensity of such threats, ICS-based cybersecurity education remains largely under-resourced and underfunded. Traditional ICS training laboratories require highly specialized hardware, vendor-specific tools, and expensive licensing that significantly raise barriers to entry. Traditional labs typically require on-site participation and pose physical safety concerns when cyber-physical attack scenarios are performed. These barriers leave students unable to get necessary security training for ICSs. Therefore, this paper introduces ${\mathrm{AE}}^3$GIS: Agile Emulated Educational Environment for Guided Industrial Security—a fully virtual, lightweight, open-source platform designed to democratize ICS cybersecurity education. Based on the GNS3 network simulation tool, ${\mathrm{AE}}^3$GIS enables rapid deployment of comprehensive ICS environments containing IT and OT systems, industrial communication protocols, control logic, and diverse security tools. ${\mathrm{AE}}^3$GIS is designed to provide practical training for students using realistic ICS cybersecurity scenarios through a local or remote training platform without the cost, safety, or accessibility limitations of hardware-based labs. Full article

Large-scale Virtual Power Plants (VPPs) are increasingly essential as Distributed Energy Resources (DERs) assume ancillary service duties once supplied by conventional generation, yet scaling a VPP exposes a persistent trilemma among economic efficiency, data privacy, and operational security. Centralized coordination can approach optimal revenue but requires collecting fine-grained DER operational data and creates a single point of compromise. Federated Learning (FL) mitigates raw data centralization by keeping measurements and experience local, but it introduces a fragile trust assumption that the aggregator will correctly and fairly combine model updates. This trust gap is acute in reinforcement learning-based VPP control because aggregation deviations, including selectively dropping updates, manipulating weights, replaying stale models, or injecting a replacement model, can silently bias the learned policy and degrade both profit and compliance. We propose a zero-knowledge federated reinforcement learning framework for trustless VPP coordination in which each DER trains a local deep reinforcement learning agent to solve a multi-objective dispatch problem that balances ancillary service revenue against battery degradation under operational and grid constraints, while the global aggregation step is made externally verifiable. In each round, participants bind membership via signed receipts and commit to their updates, and the aggregator produces a zk-SNARK, proving that the published global parameters equal the agreed aggregation rule applied to the receipt-bound set of committed updates under a fixed-point encoding with range constraints. Verification is lightweight and can be performed independently by each DER, removing the need to trust the aggregator for aggregation integrity without centralizing raw DER operational data or trajectories. The proposed design does not aim to hide model updates from the aggregator. Instead, it provides external verifiability of the aggregation computation while keeping raw measurements and local experience. We formalize the threat model and verifiable security properties for aggregation correctness and update inclusion, present a circuit construction with proof complexity characterized by model dimension and fleet size, and evaluate the approach in power and cyber co-simulation on the IEEE 33 bus feeder with ancillary service signals. Results show near-centralized economic performance under benign conditions and improved robustness to aggregator side deviations compared to standard federated reinforcement learning. Full article

Accurate and non-destructive evaluation of grape quality is crucial for intelligent viticulture, yet most existing approaches address cultivar classification and soluble solid content (SSC) prediction as independent tasks based on single-modality data, limiting robustness and practical applicability. This study proposes DualStream-RTNet, a unified multimodal deep learning framework that simultaneously performs grape cultivar classification and SSC prediction by integrating RGB-HSV fused images and PCA-compressed hyperspectral spectra. The dual-stream architecture enables the complementary learning of external chromatic–textural cues and internal physicochemical information, while a Transformer-enhanced fusion module strengthens global representation and cross-modal correlation. A dataset of 864 berries from five grape cultivars was used to validate the model. DualStream-RTNet achieved 93.64% classification accuracy, outperforming ResNet18 and other CNN baselines, and produced more compact and consistent confusion-matrix patterns. For SSC prediction, it consistently yielded the highest performance across cultivars, with R2p values up to 0.9693 and RMSE as low as 0.2567, surpassing the PLSR, SVR, LSTM, and Transformer regression models. These results demonstrate the superiority of the proposed framework in capturing both visual and spectral characteristics. DualStream-RTNet provides an efficient and scalable solution for comprehensive grape quality assessment, offering strong potential for real-time sorting, precision grading, and smart agricultural applications. Full article

Structural symmetry appears as a natural feature in both optimal solution landscapes and hospital scheduling behaviors, representing an inherent balance that can be deliberately leveraged to improve how quickly algorithms converge and how reliably systems perform in intricate healthcare optimization contexts. Managing hospital resources is a multifaceted challenge that requires simultaneously addressing several competing goals, such as reducing costs, improving patient experiences, making the most of available resources, distributing staff workload fairly, and strengthening readiness for emergencies. Traditional optimization approaches frequently struggle to cope with the complexity and ever-changing nature of modern healthcare environments. To address this gap, this study introduces a novel Multi-Objective Dream Optimization Algorithm (MO-DOA) tailored for smart healthcare resource management, which adapts a biologically inspired optimization framework to meet the specific demands of healthcare settings. The MO-DOA is built around three core mechanisms: a foundational memory component that retains high-quality solutions, a forgetting-supplementation component that maintains a productive balance between exploration and exploitation, and a dream-sharing component that promotes diversity among candidate solutions. Rigorous testing across realistic hospital environments confirms MO-DOA’s outstanding effectiveness, with results showing a 21.86% gain in resource utilization, a 30.95% decrease in patient waiting times, a 19.06% boost in patient satisfaction, and a 29.56% improvement in how evenly staff workloads are distributed. The algorithm’s emergency response capabilities are especially noteworthy, achieving bed assignments within 4.23 min and an equipment deployment success rate of 94.56%. Computationally, the algorithm proves highly efficient, with an average response time of 18.87 s and strong scalability across different operational scales. Collectively, these findings position MO-DOA as a powerful and practical tool for optimizing hospital operations in real time. Full article

Electricity forecasting is one of the most crucial aspects in maintaining stable, reliable, and autonomous power systems. While recently developed forecasting methods based on large language models can make accurate predictions, these models are still struggling due to their computational complexity, which requires more computing power, and their reliance on carefully designed prompts. This makes them complicated and harder to use in practice. To address this, we propose a Single-Attention Large Language Model (SA-LLM) that uses a unified attention mechanism to understand relationships between main and additional variables, without the need for manually created prompts. The proposed framework has been tested on real electricity supply and demand datasets, which are obtained from major U.S. electricity markets, including PJM, MISO, NYISO, ISO New England, ERCOT, SPP, and CAISO. Experimental results demonstrate that the proposed SA-LLM method outperforms the existing counterpart methods in terms of accuracy and associated errors. More specifically, the SA-LLM has also achieved a 22.5% improvement in the mean absolute error compared with traditional LSTM-based models, while reducing memory usage by 52.1% and training time by 38.4% relative to recent LLM-based methods. Furthermore, the SA-LLM demonstrates strong zero-shot generalization, achieving an additional 18.2% improvement in the MAE on previously unseen regions. Full article

With hybrid electric propulsion attracting increasing attention in the maritime sector, quantitative evaluation of fuel consumption benefits associated with energy storage system (ESS) integration remains limited. Through real operational data of 5000 GT class, this study builds a framework to explain the interactions between propulsion configuration, generator load sharing and ESS capacity. This study investigated three generator control strategies and four scenarios for ESS capacity (200–500 kWh) by applying unified FOC procedures. This study reveals that generator control logic can affect more than ESS capacity. Compared with mechanical propulsion (140.72 tons), rule-based control achieved an 11.45% reduction. Equal load sharing scored a 6.27% reduction gap of 5.18%. ESS capacity exhibited a nonlinear effect. FOC exhibited a meaningful threshold at 300 kWh (121.63 tons); beyond this point, additional capacity yielded improvements of less than 0.1 tons. Ironically, a 200 kWh setup resulted in FOC of 126.13 tons—higher than the electric propulsion without battery under rule-based control (124.60 tons). Therefore, ESS capacity and generator control logic should be considered at the same time. These outcomes can provide practical design criteria under realistic operating conditions. Full article

Multimodal named entity recognition (MNER) leverages both textual and visual information to improve entity recognition, particularly in unstructured scenarios such as social media. While existing approaches predominantly rely on raster images (e.g., JPEG, PNG), scalable vector graphics (SVG) offer unique advantages in resolution independence and structured semantic representation—an underexplored potential in multimodal learning. To fill this gap, we propose MNER-SVG, the first framework that incorporates SVG as a visual modality and enhances it with ChatGPT-generated auxiliary knowledge. Specifically, we introduce a Multimodal Similar Instance Perception Module that retrieves semantically relevant examples and prompts ChatGPT to generate contextual explanations. We further construct a Full-Text Graph and a Multimodal Interaction Graph, which are processed via Graph Attention Networks (GATs) to achieve fine-grained cross-modal alignment and feature fusion. Finally, a Conditional Random Field (CRF) layer is employed for structured decoding. To support evaluation, we present SvgNER, the first MNER dataset annotated with SVG-specific visual content. Extensive experiments demonstrate that MNER-SVG achieves state-of-the-art performance with an F1 score of 82.23%, significantly outperforming both text-only and existing multimodal baselines. This work validates the feasibility and potential of integrating vector graphics and large language model-generated knowledge into multimodal NER, opening a new research direction for structured visual semantics in fine-grained multimodal understanding. Full article

Artificial Intelligence (AI) has strong potential in health monitoring systems to support high-quality healthcare while mitigating cybersecurity risks. AI-based solutions for health and wellness applications, particularly for cardiovascular disease monitoring, are being explored to address complex healthcare challenges and improve patient outcomes. The integration of quantum and AI-based techniques is also gaining attention for enhancing future healthcare applications and communication technologies. Purpose: The primary objective is to improve cardiac care by accurately predicting symptoms and mitigating cyber-risks that threaten digital health integrity. By leveraging Integrated Quantum Networks (IQNs) and AI-driven protocols, this research aims to reduce the prevalence/incidence of non-communicable diseases by 50% by 2035 through proactive prevention and superior treatment management. Method: The framework utilizes AI-based techniques and AI-quantum-enhanced sensors and IQN to build a secure, proactive monitoring system. This theoretical framework integrates high-precision data collection with robust risk management systems to protect against vulnerabilities in digital health infrastructure. These components work in tandem to ensure that sensitive medical data remain resilient against emerging cyber threats. Anticipated Results and Conclusions: The system is expected to improve cybersecurity resilience, system performance, and energy efficiency (EE), supporting the development of secure and advanced future healthcare applications. Full article

Few-shot semantic segmentation aims to learn accurate pixel-level classification from limited annotated samples, a critical capability for real-world applications where data acquisition is expensive or impractical. However, existing methods often struggle with fine-grained texture details and complex boundaries under data-scarce conditions, particularly when applied to domains with intricate visual patterns (such as batik patterns). To address this few-shot learning challenge, we constructed a few-shot batik pattern dataset and proposed a novel network architecture centered on attention weighting and hierarchical decoding. Our method leverages a pre-trained ResNet101 backbone for transfer learning to establish a strong feature foundation. It incorporates a dual-attention module that combines spatial and channel attention to dynamically highlight semantically rich regions and intricate texture boundaries specific to batik. For multi-scale context aggregation, a lightweight module utilizing parallel dilated convolutions is introduced to efficiently capture features from varying receptive fields. Finally, a hierarchical decoder progressively integrates these enhanced, multi-scale features with high-resolution shallow features to reconstruct precise segmentation maps. Comprehensive evaluations on a dedicated batik dataset show that our model achieves state-of-the-art performance, with a mean Intersection over Union (mIoU) of 79.22% and a pixel accuracy (PA) of 92.47%. It notably improves over the strong DeepLabV3+ baseline by 3.3% in mIoU and 0.95% in PA, demonstrating its effectiveness for the task of batik pattern segmentation under data-scarce conditions. Full article