Thinking in Systems, Sifting Through Simulations: A Way Ahead for Cyber Resilience Assessment

Simone, Francesco; Akel, Antonio Javier Nakhal; Gravio, Giulio Di; Patriarca, Riccardo

doi:10.1109/access.2023.3241552

Cited by 6 publications

(5 citation statements)

References 74 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In this framework, more sophisticated trajectory optimization approaches could also be considered, evolving the simple one presented in this research. Similarly, it may be useful to investigate indirect risks, such as drivers' distractions when flying over motorways, or incidents caused by the drone failure on the ground, as well as the implications of security, and cyber-security, which demand for the integration of systemic approaches [63].…”

Section: Discussionmentioning

confidence: 99%

The Challenges of Blood Sample Delivery via Drones in Urban Environment: A Feasibility Study through Specific Operation Risk Assessment Methodology

Molinari,

Patriarca,

Ducci

2024

Drones

Self Cite

View full text Add to dashboard Cite

In recent years, Unmanned Aircraft System (UAS) usage in the medical sector as an alternative to traditional means of goods transport has grown significantly. Even though the reduced response time achieved with UASs can be lifesaving in critical situations, their usage must comply with technological constraints such as range, speed and capacity, while minimizing potential risks. In this paper, the feasibility of a drone operation dedicated to the transport of blood samples in an urban area is studied through a safety risk analysis. The assessment utilizes the Specific Operation Risk Assessment (SORA) framework, in line with current European regulations, and extends it to define flight trajectories with minimal risk. A case study in the Helsinki urban area is used as a reference, with an exemplary case of commercial drone transportation of blood samples between the Töölö and Malmi Hospitals. By leveraging the drone performance capabilities and minimizing the risk for people on the ground, this approach demonstrates that medical delivery using drones in densely populated urban environments remains challenging. Nonetheless, it argues that the proposed method can enhance risk awareness and support the planning of feasible operations.

show abstract

Section: Discussionmentioning

confidence: 99%

The Challenges of Blood Sample Delivery via Drones in Urban Environment: A Feasibility Study through Specific Operation Risk Assessment Methodology

Molinari,

Patriarca,

Ducci

2024

Drones

Self Cite

View full text Add to dashboard Cite

show abstract

“…Discussed in [44] is the need for advanced techniques in assessing the cybersecurity of cyber-physical systems and introduces the System-Theoretic Process Analysis for Security (STPA-Sec) model, emphasizing its potential for (semi-)quantitative analysis through the newly proposed System-Theoretic Process Analysis for Security with Simulations (STPA-Sec/S) approach, illustrated in a water treatment plant case study.…”

Section: Threat Model and Risk Analysismentioning

confidence: 99%

A Testing and Verification Approach to Tune Control Parameters of Cooperative Driving Automation Under False Data Injection Attacks

Holland,

Javidi-Niroumand,

Alnaser

et al. 2024

IEEE Access

View full text Add to dashboard Cite

Control systems are used in safety-critical applications where tuning the system parameters is required to ensure safe and secure operation. The process of tuning these parameters can be arduous, timeconsuming, and unreliable as they are dependent on the operating environment. In this paper, we discuss a testing and verification approach for tuning the control parameters of a secure cooperative adaptive cruise controller (CACC) while simultaneously testing the safety of the algorithm under false data injection (FDI) attacks. In our approach, we use particle swarm optimization (PSO) to tune the parameters of the controller and observer. The performance of the controller will be evaluated before and after the optimization of control and detection parameters. After employing several swarms, it was noticed that the global optimal solution is reached within 74 iterations, on average. In summary, the configurations found by each swarm ensured that a safe following distance was achieved throughout testing. In terms of FDI estimation, however, the more conservative configuration with the minimum optimal parameter values performed the best.

show abstract

“…A system-theoretic process analysis for security through simulation (STPA-Sec/S) was proposed by Simone et al, marking a methodological bridge between STPA-Sec and quantitative resilience assessment grounded in simulation models. Once the systemstheoretic accident modeling and processes (STAMP) model, which addresses cyber threats and spots insecure controls within cyber-social technology systems, was expanded, it was posited that cyber resilience can be quantitatively determined based on systems-theoretic modeling [13].…”

Section: Cyber Resiliencementioning

confidence: 99%

“…Simone et al [13] Cyber resilience is applied based on cyberattack narratives, without giving precedence to specific scenarios.…”

Section: Babiceanu Et Al [10]mentioning

confidence: 99%

Cyber-Resilience Evaluation Methods Focusing on Response Time to Cyber Infringement

Choi,

Youn,

Kim

et al. 2023

Sustainability

View full text Add to dashboard Cite

Though multilevel, in-depth information protection systems are employed to defend against unknown cyber threats, vulnerabilities in these systems are frequently exploited by cyberattacks. As a result, it becomes challenging to comprehensively counter these attacks within a constrained time frame. When a cyberattack is detected, immediate measures are necessary to prevent widespread damage and maintain the system’s regular functioning. Possessing sustainable cyber-resilience capabilities, which can promptly restore the system to its pre-attack state, is crucial. In this paper, a cyber-defense activity optimization procedure is introduced, drawing on the failure recovery time of the information system, aiming to enhance both the response and recovery phases of cyber resilience. Through training, the response time for various types of cyberattack was determined. Notably, a decrease in response time by 17.8% compared to the baseline was observed. By optimizing response times and integrating them with sustainable cyber-resilience assessment activities, a robust framework is presented for evaluating an organization’s overall cyber-defense stance. Research on the cyber combat capability index, dissecting the response time for each distinct cyber-defense activity, is planned for future endeavors.

show abstract

Thinking in Systems, Sifting Through Simulations: A Way Ahead for Cyber Resilience Assessment

Cited by 6 publications

References 74 publications

The Challenges of Blood Sample Delivery via Drones in Urban Environment: A Feasibility Study through Specific Operation Risk Assessment Methodology

The Challenges of Blood Sample Delivery via Drones in Urban Environment: A Feasibility Study through Specific Operation Risk Assessment Methodology

A Testing and Verification Approach to Tune Control Parameters of Cooperative Driving Automation Under False Data Injection Attacks

Cyber-Resilience Evaluation Methods Focusing on Response Time to Cyber Infringement

Contact Info

Product

Resources

About