Search Results (85)

Modern cybersecurity challenges span multiple layers, from human behavior and identity management to network communication and device security. This paper proposes a unified multi-layered security framework that integrates human-centric, identity-centric, and communication-centric defenses into a coherent architecture. Drawing on insights from diverse domains (industrial control systems, IoT, healthcare, blockchain, and quantum communications), we identify common defense-in-depth principles and interdependencies across layers. The study highlights the persistent gaps in current research, which often focuses on isolated layers or domain-specific models, and addresses these gaps by synthesizing a cross-domain framework. We develop a mixed-method methodology to compare and integrate multi-layer security mechanisms, and we implement a proof-of-concept risk assessment engine to evaluate the framework’s effectiveness. Preliminary results from this implementation demonstrate that combining layers yields significantly improved detection performance and resilience compared to single-layer baselines. The framework’s contributions include a comprehensive literature-driven model, an operational validation in a simulated environment, and guidelines for deploying multi-layer defenses in complex, interconnected infrastructures. Empirical findings confirm that an integrated multi-layer approach can adapt to varied threat scenarios and reduce vulnerabilities, underscoring the value of coordinated controls across technical and human factors. The proposed framework lays a foundation for future work on scalable, cross-layer cybersecurity architectures that better protect contemporary cyber–physical systems. Full article

As Intelligent Transportation Systems (ITS) transition towards automated ecosystems, the deployment of advanced wireless charging technologies becomes a critical infrastructure requirement. Central to the management of these networks is the Open Charge Point Protocol (OCPP), which ensures interoperability across diverse hardware vendors. However, the reliance on digital communication for power transfer introduces significant cybersecurity vulnerabilities. This paper presents a methodology for evaluating the impact of cyber-threats on urban transport services, with a specific focus on the communication layers that support these Advanced Wireless Power Transfer (WPT) environments. Utilising Stochastic Petri net (SPN) ontology, we model the operational states of an Electric Vehicle (EV) service—including the activation and the arrival phases—to quantify how protocol-level vulnerabilities affect service reliability. We introduce an Extended Vulnerability List (EVL) and analyse two distinct scenarios: a public transport service and a weather forecasting integration. Our results demonstrate that as wireless charging moves towards standardization, the security of the OCPP-based backbone is a fundamental necessity for preventing service disruption. The proposed assessment framework provides a roadmap for securing the next generation of dynamic wireless charging infrastructures against evolving cyber-physical threats. Full article

Airports, as Critical National Infrastructure (CNI), operate as tightly coupled socio-technical systems exposed to multifaceted threats, including cyber, physical, social, environmental, and Chemical, Biological and Radiological (CBR) threats. This study presents a structured review of the synthesis of conceptual frameworks, airport structural configurations, sensor networks, and multi-domain threat landscapes, as well as airport security and resilience analysis, while comparatively examining risk assessment approaches. The review shows that existing approaches are effective for threat identification and prioritisation but remain predominantly static, with limitations in scalability, data dependency, and real-time applicability. To address these limitations, Threat-Vulnerability-Risk Assessment (TVRA) is adopted as a structured, reusable approach to support metric allocation, redundancy design, and emergency capability development. It further serves as a bridge between traditional risk assessment and resilience-oriented system design by enabling the transformation of static risk scores into scenario-based inputs, thereby supporting stress-testing and lifecycle-based resilience planning across the prepare, act, and recover phases. However, its inherently static structure limits its ability to capture temporal dynamics and cascading interdependencies, highlighting the need to integrate it with dynamic modelling approaches. Full article

Smart cities increasingly depend on electrical grid infrastructures capable of operating under high levels of digitalization, decentralization, and intelligence while maintaining reliability, security, and governance at the city scale. However, conventional power systems, historically designed for centralized generation and passive operation, are poorly aligned with the operational complexity, multi-actor coordination, and cross-sector integration characteristic of urban energy systems. This review develops an architecture-first perspective on smart-city electrical grids, tracing their evolution from digitalized power networks to decentralized and AI-enabled urban energy ecosystems. Rather than focusing on individual technologies, the study evaluates grid architectures using a multi-layer framework that integrates physical grid infrastructure, distributed energy resources and microgrids, communication and data platforms, intelligence placement, cybersecurity exposure, and governance accountability. Smart-city grid architectures are assessed using deployability beyond pilot projects, auditability, and regulatory alignment as primary evaluation criteria alongside conventional technical considerations. Through this perspective, the review explains a recurring pattern observed in the literature: many technically mature smart-grid solutions fail to scale in real urban deployments due to architectural fragmentation and governance constraints. By synthesizing insights from power systems engineering, information and communication technologies, and smart-city research, the paper highlights architectural trade-offs related to decentralization, interoperability, resilience under compound threats, and assisted autonomy. The resulting framework supports researchers, system designers, and policymakers in the coordinated development of resilient, secure, and governable electrical grids for future smart-city energy systems. Full article

IEC 61850 digital substations depend on communication services whose compromise can affect protection, supervision, and control. Existing work has advanced substation threat modeling, cyber-physical testbeds, and intrusion detection, but the relation between structured threat priority and operational observability remains under-characterized. This article examines that relation in a smart grid simulator (SGSim)-based IEC 61850 digital-substation environment. DFD-guided STRIDE analysis, CVSS v3.1 scoring, likelihood–impact prioritization, and ATT&CK for ICS mapping produce a 47-threat inventory. Three high-priority scenarios are then validated using packet-capture evidence and SCADA/HMI observations: a volumetric denial-of-service (DoS) attack against the IEC 60870-5-104 supervisory path, a TCP SYN flood targeting the same service endpoint, and a GOOSE false data injection (FDI) attack targeting event communication. The analysis distinguishes risk priority, operational observability, and operational consequence, and evaluates each attack across network, service, and operator planes. The results show that, in the studied environment, the validated high-priority attacks do not disclose their severity through a common visibility pattern. The volumetric DoS case is strongly visible and primarily compromises communication availability; the SYN flood weakens control recoverability while remaining weakly visible at the operator plane; and the GOOSE FDI case preserves communication continuity while falsifying the represented operational state. These findings indicate that visible disruption alone is insufficient for interpreting cyber-physical severity in the studied SGSim-based digital substation. Full article

Cyberworthiness extends the concept of cybersecurity by evaluating whether systems and networks can perform their intended functions securely while maintaining protection against cyber threats. In corporate environments, cyberworthiness aims to ensure security, operational resilience, and trustworthiness across interconnected business processes and digital infrastructures. Modern organisations increasingly rely on complex cyber–physical and information systems, where vulnerabilities in software, networks, and devices can introduce significant operational and security risks. Cyberworthiness, therefore, encompasses security controls, risk management practices, and compliance with recognised cybersecurity standards and governance frameworks. It supports the assessment of information technology components and their exposure to both known and emerging cyber attacks, enabling organisations to evaluate system robustness and operational continuity. While cyberworthiness has historical foundations in system assurance and dependability, it also provides a conceptual basis for contemporary cyber resilience strategies. This paper discusses the concept of cyberworthiness in corporate organisations and identifies potential pathways for its practical implementation. It analyses existing cybersecurity standards and governance frameworks to support structured cyberworthiness assessment. This study presents a structured comparative review of fifteen cyberworthiness-relevant standards, supported by a Source Quality Appraisal Framework, a Framework Selection Guide specifying when each standard should be preferred and where conflicts arise, and a five-dimensional Cyberworthiness Assessment Readiness Model (CARM), a directional self-assessment instrument. The Efficient Automatic Safety and Security Assurance (EASSA) concept is proposed as a direction for future research, not a validated deployed system. Ensuring cyberworthiness remains challenging due to automation limitations in all reviewed standards, evolving threat landscapes, and governance complexity, requiring organisations to adopt integrated and measurable approaches to safeguard their digital assets and operational systems. Full article

Illegal drone intrusion near airport runways poses a critical threat to civil aviation safety, creating an urgent need for runway-side vision systems that can detect intruding UAVs early enough for safety warning and collision-risk mitigation. However, the development of such detectors is severely hindered by the scarcity of annotated real-world data in this high-security scenario. To address this bottleneck, we present SynthAirDrone, the first high-fidelity synthetic dataset for UAV intrusion detection in airport runway environments, together with an intelligent data generation framework integrating scene-aware placement and multi-criteria quality assessment. The proposed method uses sky-region segmentation to guide physically plausible drone placement, and combines perspective-aware scaling, Poisson image editing, and a four-dimensional quality scoring system—covering sky overlap, lighting consistency, size plausibility, and edge continuity—to improve visual plausibility and semantic consistency. The resulting dataset comprises 6500 high-quality images, all annotated in YOLO-compatible format. Using the lightweight YOLOv11n model, we show that models trained solely on SynthAirDrone exhibit non-trivial cross-domain transfer to Anti-UAV, while mixed training with limited real data provides the strongest real-world performance under the present setting. Ablation studies further confirm that a quality threshold of $\tau =0.6$ achieves the best trade-off between diversity and fidelity. Overall, this work delivers a reproducible and efficient synthetic data solution for UAV detector development in high-security, data-scarce airport-runway scenarios. Full article

Hyperconnected IoT ecosystems have become crucial for organizational operations; yet, existing governance structures remain fragmented, are technology-centric, and not well-equipped to manage the risks, compliance pressures, and resilience needs of IoT. This paper presents an integrated, theory-based information security governance model that is tailored for IoT-driven organizations. A conceptual synthesis is performed through integrating five theoretical anchors: governance theory, socio-technical systems theory, risk governance theory, institutional/compliance theory, and resilience/adaptive capacity theory. These theoretical lenses are used to derive essential governance constructs and to develop a modular architecture tailored to IoT security needs. The model’s validity is grounded in theoretical integration rather than empirical testing, consistent with the nature of conceptual research. The integrated model provides six interdependent governance dimensions: strategic governance, operational governance, technical oversight, compliance alignment, risk governance, and resilience/adaptation, anchored by an ecosystem coordination layer. It provides structured decision rights, continuous risk monitoring, regulatory legitimacy, and native adaptive capabilities toward dynamic cyber-physical threats. This research addresses a known gap in the literature on IoT governance by providing an integrated, theoretically validated governance model that systematically connects the rationale and operational mechanisms of governance for resilient, future-proof IoT adoption. The model is further operationalized through a five-level maturity structure, enabling organizations to assess and progressively enhance governance capabilities. Full article

As the largest urban agglomeration and a critical grain production base in northern China, the Beijing–Tianjin–Hebei (BTH) region faces a sharp conflict between rapid urbanization and cropland conservation. Urban expansion inevitably leads to the loss of high-quality agricultural land, posing dual threats to food security and the terrestrial carbon cycle. To accurately assess the ecological costs of this process, this study integrates the CASA model with a time-weighted cumulative model to quantify the spatiotemporal impacts of urban expansion on cropland NPP in the BTH region from 2001 to 2020. Furthermore, a Geographically Weighted Regression (GWR) model was employed to examine the spatially varying effects of key driving factors on cropland NPP loss. The results indicate that urban land in the BTH region expanded by 45.2% over the past two decades, with 91.04% originating from cropland. Despite an overall upward trend in regional cropland NPP driven by climate change and agricultural intensification, the time-weighted cumulative cropland NPP loss attributable to urban encroachment over 2001–2020 reached 29.24 Tg C, which is equivalent to 0.751× the annual total cropland NPP in 2020 (used as a reference benchmark). Crucially, this expansion exhibits distinct ecological selectivity toward high-quality cropland, meaning that urban development has disproportionately encroached upon highly productive land with productivity levels exceeding the regional average. This selective occupation has led to a structural decline in the region’s potential agricultural production capacity. Additionally, GWR results reveal significant spatial non-stationarity in the relationships between cropland NPP loss and its drivers, revealing differentiated response patterns between plains and mountainous areas in terms of socio-economic drivers and physical constraints. These findings expose the hidden threats of urban expansion to food security, providing a crucial scientific basis for formulating differentiated land management policies and coordinating regional urbanization with cropland protection. Full article

This paper presents the concept and implementation of the BIM–CARVER tool, which integrates the CARVER matrix (Criticality, Accessibility, Recuperability, Vulnerability, Effect, Recognizability) with an open BIM environment based on the IFC standard. Originally developed by the US military for target analysis, the CARVER matrix has evolved into a defensive tool for protecting critical infrastructure. Traditionally, physical security assessments of buildings are performed manually, separately from the digital model, contradicting the principles of Security by Design, which assume that security aspects should be taken into account at the early stages of design. As part of research conducted in accordance with the Design Science Research methodology, a plugin for the Bonsai platform (BlenderBIM) was developed, enabling the assignment of vulnerability assessments to individual elements of the IFC model according to six CARVER criteria on a scale of 1–10, the visualization of results directly in the modeling environment, and the generation of security reports in HTML format. The tool was validated on a set of ten building models of varying purpose and complexity. The results confirmed the effectiveness of the tool in systematically identifying and classifying building elements into four risk categories: critical, important, significant, and insignificant. The developed semi-automated solution supports designers and security specialists in the proactive identification of threats and enables the comparison of design variants in terms of the aggregated risk level, contributing to the implementation of Security by Design principles in design practice. By reducing the need for costly security retrofits and enabling resource-efficient design decisions, the proposed approach also contributes to the sustainability objectives in the built environment. Full article

This article scientifically addresses the challenges related to data security and stakeholder privacy faced by companies operating in the European Union. These challenges stem largely from the global digital transformation, within which the European Union imposes regulations governing data protection and stakeholder privacy. The digital transformation in the European Union focuses on the integration of people and technology, sustainable development, and the resilience of management systems, which are the pillars of Industry 5.0. From a practical perspective, the paper examines the current level of awareness among employees of the enterprise in Poland regarding data and privacy risk management in today’s economic environment. The paper presents both a theoretical review and, in the empirical section, the results of primary research. The study was conducted in Poland on a sample of 556 enterprises from various economic sectors. The paper begins with Introduction. Background presents a literature review conducted on the conditions for enterprise functioning in the evolving paradigm of Industry 5.0, as well as the fundamental legal requirements regarding data security and stakeholder privacy across business activities. Materials and Methods presents the research methods employed to assess how respondents perceive threats to data security and stakeholder privacy. Results summarizes the research findings. In Discussion, both practical business implications are addressed, and the role of technology and organizational procedures in responsible data and privacy management is highlighted. Furthermore, the importance of creating ethical cyber–physical environments as an element of sustainable enterprise transformation is emphasized. Finally, Conclusions presents the results and key findings regarding the level of awareness among employees of Polish enterprises about data security and stakeholder privacy in the context of digital transformation. Full article

Soil heavy metal (HM) pollution poses a severe threat to ecological security and human health. Selenium (Se) is an essential trace element for the human body and can regulate crop growth and development as well as HM uptake in HM-contaminated soils. The regulatory mechanisms of Se on HMs are mainly reflected in four aspects: Geochemical immobilization promotes the formation of metal selenide precipitates and the adsorption of HMs by soil colloids by regulating the rhizosphere redox potential (Eh) and pH value. Rhizosphere microbial remodeling drives the enrichment of functional microorganisms such as Se redox bacteria, plant growth-promoting rhizobacteria (PGPR), and arbuscular mycorrhizal fungi (AMF) through the dual selective pressure of Se toxicity and root exudates, in order to synergistically realize Se speciation transformation and HM adsorption/chelation. Root barrier reinforcement constructs physical and chemical dual defense barriers by inducing the formation of iron plaques on the root surface, remodeling root morphology and strengthening cell wall components such as lignin and polysaccharides. Intracellular transport regulation down-regulates the genes encoding HM uptake transporters, up-regulates the genes encoding HM efflux proteins, and promotes the synthesis of phytochelatins (PCs) to form HM complexes and lastly realizes vacuolar sequestration. Finally, we summarize current research gaps in the interaction mechanisms of different Se species, precise application strategies, and long-term environmental risk assessment, providing a theoretical basis and technical outlook for the green remediation of HM-contaminated farmlands and Se biofortification of crops. Full article

Modern battlefield operations require wearable technologies to operate reliably under harsh physical, environmental, and security conditions. This review looks at today and tomorrow’s potential for ready field-grade wearables embedded with biometric authentication systems. It details physiological, kinematic, and multimodal sensor platforms built to withstand rugged, high-stress environments, and reviews biometric modalities like ECG, PPG, EEG, gait, and voice for continuous or on-demand identity confirmation. Accuracy, latency, energy efficiency, and tolerance to motion artifacts, environmental extremes, and physiological variability are critical performance drivers. Security threats, such as spoofing and data tapping, and techniques for template protection, liveness assurance, and protected on-device processing also come under review. Emerging trends in low-power edge AI, multimodal integration, adaptive learning from field experience, and privacy-preserving analytics in terms of defense readiness, and ongoing challenges, such as gear interoperability, long-term stability of templates, and common stress-testing protocols, are assessed. In conclusion, an R&D plan to lead the development of rugged, trustworthy, and operationally validated wearable authentication systems for the current and future militaries is proposed. Full article

Optical Wireless Communication (OWC) technologies are emerging as promising complements to radio-frequency systems, offering high bandwidth, spatial confinement, and license-free operation. Within this domain, Visible Light Communication (VLC) and Optical Camera Communication (OCC) represent two distinct paradigms with divergent performance and security profiles. While VLC leverages LED-photodiode links for high-speed data transfer, OCC exploits ubiquitous image sensors to decode modulated light patterns, enabling flexible but lower-rate communication. Despite their potential, both remain vulnerable to various attacks, including eavesdropping, jamming, spoofing, and privacy breaches. This work applies—and extends—the Risk Matrix (RM) methodology to systematically evaluate the security of VLC and OCC across reconnaissance, denial, and exploitation phases. Unlike prior literature, which treats VLC and OCC separately and under incompatible threat definitions, we introduce a unified, domain-specific risk framework that maps empirical channel behavior and attack feasibility into a common set of impact and likelihood indices. A normalized risk rank (NRR) is proposed to enable a direct, quantitative comparison of heterogeneous attacks and technologies under a shared reference scale. By quantifying risks for representative threats—including war driving, Denial of Service (DoS) attacks, preshared key cracking, and Evil Twin attacks—our analysis shows that neither VLC nor OCC is intrinsically more secure; rather, their vulnerabilities are context-dependent, shaped by physical constraints, receiver architectures, and deployment environments. VLC tends to concentrate confidentiality-driven exposure due to optical leakage paths, whereas OCC is more sensitive to availability-related degradation under adversarial load. Overall, the main contribution of this work is the first unified, standards-aligned, and empirically grounded risk-assessment framework capable of comparing VLC and OCC on a common security scale. The findings highlight the need for technology-aware security strategies in future OWC deployments and demonstrate how an adapted RM methodology can identify priority areas for mitigation, design, and resource allocation. Full article

The increasing adoption of electric vehicles (EVs) and the integration of 5G/6G networks are driving the demand for secure, intelligent, and interoperable charging infrastructure within the Internet of Vehicles (IoV) ecosystem. Electric Vehicle Charging Stations (EVCS) face growing cyber–physical threats, including spoofing, data injection, and firmware tampering, risking user privacy, grid stability, and EVCS reliability. While artificial intelligence (AI), blockchain, and cryptography have been applied in cybersecurity, comprehensive solutions tailored to EVCS challenges, such as real-time threat mitigation and scalability, are often lacking. This paper addresses these critical cybersecurity gaps by presenting a comprehensive overview of novel strategies for enhancing EVCS security through the Internet of Digital Twins (IoDT) technology. The primary objective is to evaluate advanced frameworks that synergize digital twins with artificial intelligence, blockchain, and quantum-resistant cryptography. Through systematic literature analysis, global threat assessments, and review of international standards, this study identifies key attack vectors and their impacts on EVCS. Key findings demonstrate that digital twin-driven solutions facilitate real-time monitoring, anomaly detection, predictive threat mitigation, and secure system governance. This review offers actionable insights for researchers, industry stakeholders, and policymakers to strengthen the cybersecurity and resilience of next-generation electric mobility infrastructure, addressing challenges like scalability and implementation barriers. Full article