Search results
1 – 5 of 5Eylem Thron, Shamal Faily, Huseyin Dogan and Martin Freer
Railways are a well-known example of complex critical infrastructure, incorporating socio-technical systems with humans such as drivers, signallers, maintainers and passengers at…
Abstract
Purpose
Railways are a well-known example of complex critical infrastructure, incorporating socio-technical systems with humans such as drivers, signallers, maintainers and passengers at the core. The technological evolution including interconnectedness and new ways of interaction lead to new security and safety risks that can be realised, both in terms of human error, and malicious and non-malicious behaviour. This study aims to identify the human factors (HF) and cyber-security risks relating to the role of signallers on the railways and explores strategies for the improvement of “Digital Resilience” – for the concept of a resilient railway.
Design/methodology/approach
Overall, 26 interviews were conducted with 21 participants from industry and academia.
Findings
The results showed that due to increased automation, both cyber-related threats and human error can impact signallers’ day-to-day operations – directly or indirectly (e.g. workload and safety-critical communications) – which could disrupt the railway services and potentially lead to safety-related catastrophic consequences. This study identifies cyber-related problems, including external threats; engineers not considering the human element in designs when specifying security controls; lack of security awareness among the rail industry; training gaps; organisational issues; and many unknown “unknowns”.
Originality/value
The authors discuss socio-technical principles through a hexagonal socio-technical framework and training needs analysis to mitigate against cyber-security issues and identify the predictive training needs of the signallers. This is supported by a systematic approach which considers both, safety and security factors, rather than waiting to learn from a cyber-attack retrospectively.
Details
Keywords
Sophie van Roosmale, Amaryllis Audenaert and Jasmine Meysman
This paper aims to highlight the expanding link between facility management (FM) and building automation and control systems (BACS) through a review of literature. It examines the…
Abstract
Purpose
This paper aims to highlight the expanding link between facility management (FM) and building automation and control systems (BACS) through a review of literature. It examines the opportunities and challenges of BACS for facility managers and proposes solutions for mitigating the risks associated with BACS implementation.
Design/methodology/approach
This paper reviews various research papers to explore the positive influences of BACS on FM, such as support with strategic decision-making, predictive maintenance, energy efficiency and comfort improvement. It also discusses the challenges of BACS, including obsolescence, interoperability, vendor lock-in, reliability and security risks and suggests potential solutions based on existing literature.
Findings
BACS offers numerous opportunities for facility managers, such as improved decision-making, energy efficiency and comfort levels in office buildings. However, there are also risks associated with BACS implementation, including obsolescence, interoperability, vendor lock-in, reliability and security risks. These risks can be mitigated through measures such as hardware and software obsolescence management plans, functional requirement lists, wireless communication protocols, advanced feedback systems and increased awareness about BACS security.
Originality/value
To the best of the authors’ knowledge, no prior academic research has been conducted on the expanding link between FM and BACS. Although some papers have touched upon the opportunities and challenges of BACS for FM, this paper aims to provide a comprehensive overview of these findings by consolidating existing literature.
Details
Keywords
Lida Haghnegahdar, Sameehan S. Joshi, Rohith Yanambaka Venkata, Daniel A. Riley and Narendra B. Dahotre
Additive manufacturing also known as 3D printing is an evolving advanced manufacturing technology critical for the new era of complex machinery and operating systems…
Abstract
Purpose
Additive manufacturing also known as 3D printing is an evolving advanced manufacturing technology critical for the new era of complex machinery and operating systems. Manufacturing systems are increasingly faced with risk of attacks not only by traditional malicious actors such as hackers and cyber-criminals but also by some competitors and organizations engaged in corporate espionage. This paper aims to elaborate a plausible risk practice of designing and demonstrate a case study for the compromised-based malicious for polymer 3D printing system.
Design/methodology/approach
This study assumes conditions when a machine was compromised and evaluates the effect of post compromised attack by studying its effects on tensile dog bone specimens as the printed object. The designed algorithm removed predetermined specific number of layers from the tensile samples. The samples were visually identical in terms of external physical dimensions even after removal of the layers. Samples were examined nondestructively for density. Additionally, destructive uniaxial tensile tests were carried out on the modified samples and compared to the unmodified sample as a control for various mechanical properties. It is worth noting that the current approach was adapted for illustrating the impact of cyber altercations on properties of additively produced parts in a quantitative manner. It concurrently pointed towards the vulnerabilities of advanced manufacturing systems and a need for designing robust mitigation/defense mechanism against the cyber altercations.
Findings
Density, Young’s modulus and maximum strength steadily decreased with an increase in the number of missing layers, whereas a no clear trend was observed in the case of % elongation. Post tensile test observations of the sample cross-sections confirmed the successful removal of the layers from the samples by the designed method. As a result, the current work presented a cyber-attack model and its quantitative implications on the mechanical properties of 3D printed objects.
Originality/value
To the best of the authors’ knowledge, this is the original work from the team. It is currently not under consideration for publication in any other avenue. The paper provides quantitative approach of realizing impact of cyber intrusions on deteriorated performance of additively manufactured products. It also enlists important intrusion mechanisms relevant to additive manufacturing.
Details
Keywords
Miguel Calvo and Marta Beltrán
This paper aims to propose a new method to derive custom dynamic cyber risk metrics based on the well-known Goal, Question, Metric (GQM) approach. A framework that complements it…
Abstract
Purpose
This paper aims to propose a new method to derive custom dynamic cyber risk metrics based on the well-known Goal, Question, Metric (GQM) approach. A framework that complements it and makes it much easier to use has been proposed too. Both, the method and the framework, have been validated within two challenging application domains: continuous risk assessment within a smart farm and risk-based adaptive security to reconfigure a Web application firewall.
Design/methodology/approach
The authors have identified a problem and provided motivation. They have developed their theory and engineered a new method and a framework to complement it. They have demonstrated the proposed method and framework work, validating them in two real use cases.
Findings
The GQM method, often applied within the software quality field, is a good basis for proposing a method to define new tailored cyber risk metrics that meet the requirements of current application domains. A comprehensive framework that formalises possible goals and questions translated to potential measurements can greatly facilitate the use of this method.
Originality/value
The proposed method enables the application of the GQM approach to cyber risk measurement. The proposed framework allows new cyber risk metrics to be inferred by choosing between suggested goals and questions and measuring the relevant elements of probability and impact. The authors’ approach demonstrates to be generic and flexible enough to allow very different organisations with heterogeneous requirements to derive tailored metrics useful for their particular risk management processes.
Details
Keywords
Atul Kumar Singh and V.R.Prasath Kumar
Implementing blockchain in sustainable development goals (SDGs) and environmental, social and governance (ESG)-aligned infrastructure development involves intricate strategic…
Abstract
Purpose
Implementing blockchain in sustainable development goals (SDGs) and environmental, social and governance (ESG)-aligned infrastructure development involves intricate strategic factors. Despite technological advancements, a significant research gap persists, particularly in emerging economies. This study aims to address the challenges related to SDGs and ESG objectives during infrastructure delivery remain problematic, identifying and evaluating critical strategic factors for successful blockchain implementation.
Design/methodology/approach
This study employs a three-stage methodology. Initially, 13 strategic factors are identified through a literature review and validated by conducting semi-structured interviews with six experts. In the second stage, the data were collected from nine additional experts. In the final stage, the collected data undergoes analysis using interpretive structural modeling (ISM)–cross-impact matrix multiplication applied to classification (MICMAC), aiming to identify and evaluate the independent and dependent powers of strategic factors driving blockchain implementation in infrastructure development for SDGs and ESG objectives.
Findings
The study’s findings highlight three significant independent factors crucial for successfully integrating blockchain technology (BT) into infrastructure development for SDGs and ESG goals: data security (F4), identity management (F8) and supply chain management (F7). The study unravels these factors, hierarchical relationships and dependencies by applying the MICMAC and ISM techniques, emphasizing their interconnectedness.
Originality/value
This study highlights critical strategic factors for successful blockchain integration in SDG and ESG-aligned infrastructure development, offering insights for policymakers and practitioners while emphasizing the importance of training and infrastructure support in advancing sustainable practices.
Details