AASU Security Layers and Threats Management for ITS Essay

User Generated

nfugrra

Writing

Armstrong Atlantic State University

Description

Unformatted Attachment Preview

Risk Assessment Model for Oil and Gas Sensitive infrastructure Rachid Zagrouba1, Fatimah H. Alsinan2, Raneem S. Alghamdi3 1 rmzagrouba@iau.edu.sa, 22170004120@iau.edu.sa, 32170000573@iau.edu.sa Abstract — The need to keep the critical assets safe, to sustain and strengthen capabilities, particularly established many methods dedicated for risk when threatened by disruptions and evolutionary identification and assessment to quantify the risk modifications. It implies that a scheme is much more level posed by any dangerous factor. A very responsive, less perspective, and more powerful than important factor that is missed widely is the a conventional defect tolerant model. In this project, consequences analysis and should be considered. various models of risk assessment in gas and oil This paper sheds light on the importance of oil and sector have been represented. Each of which gas infrastructures security and highlights various employed different technique or technology. Some risk assessment models that contribute to an of them relied on machine learning technology, enhanced level of critical infrastructures security. whereas others used diverse analysis and assessment As a contribution, a Risk-Based Inspection (RBI) techniques. The report is organized as follows: screening evaluation has been utilized to recognize Section II illustrates a background about oil and gas equipment that contributes substantially to the industry, system's overall Risk of Failure (RoF). Hence, section IV compares and analyze literature reviews, integrating the RBI comprehensive assessment section V concludes the paper, and VII section helps in concentrating more on the analysis provides the references used throughout the project. section III discusses literature review, of higher-risk equipment. Additionally, an Expert System has been incorporated to enhance the efficiency of decisions made and provide guidance for non-expert users. II. Background Oil and gas have been used in lamps or construction material for a decades before the modern era, with the earliest drilled oil well in China Keywords— Risk Assessment, Security, Oil and in 347 AD. In 1847 the modern history of industry Gas, Risk-Based Inspection, Risk of Failure. has been started, by the discovery of Scottish I. Introduction chemist James Young. He observed in Riddings coal mine a natural seepage of petrol, and from this In order to meet the goals and priorities of gas seepage a light oil for lamps and a thick one for and oil industry, the industrial cyber-infrastructure is lubrication have been distilled. Following these being extremely necessary as a result of disturbance successful distillations, he experimented further caused by external or internal defects. Therefore, experiments that resulted in patent. In 1850 and later there is a necessity to focus on providing a resilient Young formed a partnership with geologist Edward infrastructure. A resilient structure has the potential William Binney, and later the partners formed the first oil refinery in the world for oil-works. Oil and 5. Specify the object’s Grey category. gas industry still blooming today despite the competition from renewable sources. Authors in [6] presented a strategy for risk However, industries engage a board of activities, assessment of pipeline faults depending on machine drilling, oil and gas production, processing, storage, learning approaches and decision-making operations and distribution. Those activities include a board of using multi-criteria in order to facilitate decision- risks such as, toxic products leakage, accidents, makers in judging the priority of risk reduction explosions, fires, and health risks. To avoid and practices. The proposed solution relies on machine mitigate such events every organization has learning algorithms and walks through five main developed stages: principles energy applicable within the organization regard the protection of people, assets, properties, and environment. [3][4] 1. Attribute selection: smart pig Inspection data is presented in an Excel document with various criteria that are chosen based on the III. Literature Review III.I Machine learning-based relationship with defects. 2. Pretreatment: it facilitates the restoration of Oil and gas pipelines are expected to be harmed large volumes of data regarding faults and due to a variety of purposes [5]. A pipeline crash can abnormalities discovered by smart pigs. It inflict substantial socioeconomic and pollution even recovers equipment data. damages. A pipeline crash can inflict substantial socioeconomic and pollution damages. Thus, it is 3. Transformation: by converting the Excel sheet into CSV, then into an ARFF format. necessary to determine the threat of oil and gas 4. Datamining: two classification strategies are pipelines. Concerning the challenge of complete implemented to the compartmentalized data vision and gauging all susceptibility details of the oil to produce an assumption and classification and gas pipeline, this article utilizes the Gray Cluster model of risk faults in a three-tier pipe: low, approach to demonstrate a way of assessing oil and medium, and high based on their skepticism. gas pipelines. Gray clustering depends on the weight 4.1 Segmentation (unsupervised): of whitening functionality. It is an approach that may Utilizing be utilized to split the observation indices or segment inspection details in such observation artifacts in a variety of groups as per the cluster segments where each of which gray quantity of the weight whitening functionality. includes every fault (metal losses) Gray Cluster evaluation process works as follows: found upon this pipelines that are K-means in order to 1. Specify the amount of the gray group as well identical within the same segment as the weight whitening functionality for and which are similar inside that every risk index. particular segment and which are 2. Identify every risk index's weight. distinct to each other when compared 3. Calculate the object's grey clustering factor with other segment’s faults. upon its grey category. 4. Establish the object's clustering factor vector. 4.2 Classification(supervised): Neural Networks and Decision Trees are used to develop tendencies or A component is a fully accessible system that frameworks for the classification of accepts data input from an environment, conducts an metal loss pipelines. action, and produces a corresponding result to the 5. Validation: results have been validated via a environment. Such component architecture model cross-validation test. The template is built mainly consists of four components, as mentioned based on n-1 segments and assessed on a below: single segment, such method is reconducted 1. Interface: specifies the input/output data n times, each partition is utilized once during streams of the component. Data is ingested the testing phase.[6] by the entry interface interpreted via the element, and results are generated. III.II Conventional-based 2. Behaviors: It is possible to define a In alignment with Industry 4.0 goals, the industrial cyberinfrastructure is becoming component using several behaviors. A QoS is correlated with every behavior. The progressively necessary as a result of disturbance resilience manager picks the action at caused by inner defects [7]. Therefore, there is a runtime. demand to focus on providing robust infrastructure. 3. Contracts: The contract sets out expectations This study introduces a contract-based approach, in concerning environmental which lightweight and contract managers are assurances regarding correlated throughout behavior. The resilience manager shifts cyberinfrastructure tiers. A dispersed control of between contracts at runtime to respond to resilience at the component tier and across tiers has the system's fluctuations. with modules been proposed in this study, as the below Figure.1 shows. [7] the actions and component's 4. Manager of Resilience: Senses defects (through observers) and defines the (control logic) the highest quality of behavior’s course (response strategy). Manager of Resilience: Senses defects (through observers). It also reacts to the defects from various components. The below Figure.2 shows the overall structure of the layers: Figure 1 Resilient cyber-infrastructure structure [7] Such an approach is triggered by element innovations that have been satisfactorily utilized by a wide range of application models including the utilization of specifically contract-based designs for identifying a component's roles and expectations [7]. 1. Choose the study object: identify the degree of the analysis, specify the targeted level, then separate the units. 2. Construct the table of FMECA: Decide every subsystem's function, incident's state, severity, reason, and frequency by the expert. 3. Measure the weights by utilizing Analytic Hierarchy Process (AHP)expert measurement system in order to assess the Figure 2 demonstration of the Resilience Manager component [7] weights. AHP splits the different variables involved in a complicated issue into similar Authors in [8] discuss the FMECA method. The orderly tiers to render it coordinated. FMECA approach is a technique of analytical 4. Ascertain the “Risk Priority Number (RPN): investigation of consistency. It provides thorough RPN = ESR × OPR”; then split the RPN rate. explanations of the functions, incident forms, 5. A thorough Fuzzy Assessment is employed reasons subsystem's variety, the degree of harm, to conduct a risk assessment in every however, the results of its assessment are presented subsystem, then the risk importance of the in a qualitative manner. FMECA is an abbreviation targeted layer is eventually calculated.[8] for (Failure Mode, Effects, and Criticality Analysis) which refers to the malfunction state, influence, and With the aim of safety operation of polyethylene risk assessment. The fuzzy, which is a thorough gas pipelines of the city, a semi quantitative risk assessment interpret assessment technique is proposed in [9] to limit and quantitative explanations in such a quantitative control the risk failure possibility and consequence manner that helps help compensate FMECA's severity of polyethylene gas pipelines. Over the deficiencies. The assessment outcome of a fuzzy, proposed risk assessment, risks pipelines can be systematic research approach is ambiguous and sorted, arbitrary, therefore the FMECA approach takes management, and decrease management of low-risk place to address ambiguousness and vagueness pipelines problems in the assessment. The implementation of pipelines safety and minimize economically losses. the FMECA-Fuzzy Systematic Approach can Pipelines divided in a principle that studied the address such issues and boost the structural risk density of population, conditions of environment and evaluation's objectivity, rendering the assessment the specifications of the pipelines. The pipeline results more rational. division results shown in Table.1. approach which could The assessment mechanism of the FMECA-Fuzzy Thorough Evaluation System is as shown in the following steps: as to emphasis investments. high-risk Furthermore, pipelines improve risk assessment consist of four stages; sample the Table 1 Pipeline division results. [9] state, analysis of the state, correct the state and indexes statistics. In phase one the state of components represented, and the fluctuation of gas source outputted and sampled from the normal distribution. In stage two the CGPS state is identified whether it is operating in a normal state or in a state of contingency. Phase three is meant to reduce cost produced due to the state of contingence by dispatch the CGPS. Last stage is meant to assess the CGPS The methodology taken for scoring the failure probability consist of three parts: Quality and safety essentials of pipelines, personnel and equipment risk level quantitatively by the evaluation indexes shown in Table.3 and variables illustrated in Table.4. Table 3 Risk Calculation equations. [10] training and damage of third party, and every part includes numerous scoring objects. The score of every scoring object in all parts are added up to attain the personnel and equipment training of damage of third party S-31, score of personnel and equipment training S-32, and score of quality and safety essentials of pipelines S-33. The score of failure possibility (S) calculated by The values of risk calculated rendering to the formula (S) shown in Table.2. Table 4 Variable’s illustration. [10] Table 2 Risk calculation and classification. [9] There are dangerous factors such as outages, The approach taken for electromagnetic risk contingencies and failures that poses a real threat to identification in [11] is to go first with documents the combined natural gas system and power system review, measure electromagnetic site, simulate (CGPS). According to that, authors in [10] proposes electromagnetic a risk assessment model in which pipeline linepack identification of electromagnetic field. The study and tank of gas are considered. The model utilizes conducted on 8 plants across Malaysia. One of the Monte Carlo method in which calculates the load measurements is low and medium frequency ranged loss of gas and electricity. The procedure of CGPS from 1 Hz to 100 MHz and uses the analyser of field, and computerize the spectrum HF and NF. The other measurement is the medium frequency that ranged from 1 MHz to 9 GHz and uses HF, antenna of hyper log and antenna of bionical log. The measured density values of electric 1. Approach used: the method utilized by a study. 2. Tool: supporting tool to perform risk assessment. field are categorized to fall under four categories 3. Reliability: how reliable the proposed very safe, safe, warning, and danger. The most model is, quantitatively or qualitatively. dominant field of electric is at 8 GHz to 9 GHz 4. Security aspect: the side such approach frequency. provides, either confidentiality, integrity, or availability. Throughout high throughput, the cooling process 5. Complexity: refers to the complexity of is a must. A cooler is used for cooling to avoid the approach dangerous conditions and situations that lead to algorithm, decrease the performance. Authors in [12] presented features, etc. used, either computational in its power, the risk assessment method Failure Mode and 6. Assessment range: the range of area that Effects Analysis (FMEA) is discussed to identify the such model could assess the risk of. critical cooler units. FMEA helps to recognize the 7. Limitation: the restrain or restriction cooler critical components, take correction actions that result in a state of being limited. and state safety guidelines. The iterative procedure of FMEA affects the operation and design of the equipment by the identification of failure modes, the assessment of their effects, the isolation of their prioritization and causes, and the determination of the corrective actions. FMEA quantifies the risk of the cooler by the evaluation of Risk Priority Number (RPN) for its several components. The evaluation of RPN is based on engineering decision and earlier experience to rate every potential problem giving to three ratings that are detection (D), severity (S) and occurrence (O) values taken from the rating scale. RPN is calculated by the multiplication of the ratings D, S and O in a result ranging from 1 as the absolute best to 1000 as the absolute worse. IV. Comparison and Analysis In this section, different proposed risk assessment models are compared and analyzed based on some features, namely: Table 5 Analysis and Comparison No [5] Reliability Complexity - Grey Clustering Approach used - Entropy calculation Tool/Technique - High due to its decisionmaking capability - Low due to the feasibility of mathematical equations - Global coverage - Extremely high extremely low [6] - Machine Learning and Analytical Hierarchy Process - Multi-Criteria Decision Methods (MCDM) - - High due to the infeasible interpretation of results - Medium capability of distance coverage - NA [7] - Contract-Based - Observer - - Medium - Global coverage - NA - The amount of network traffic which must be renegotiated [8] - FMECA-Fuzzy Comprehensive Analysis - A multi-level risk assessment Expert scoring based on AHP - - Medium - Global coverage - Very safe to dangerous risks very - The unavailability of suitable fault data renders predictive analysis more challenging. [9] - Semi quantitative risk assessment - No software tool - - Low since it relays on the measurements only. - Global coverage - From low to high risk level - Not easy to combine probability scores [10] - Monte Carlo simulation method - Natural gas system and power system - - Medium - Global coverage - From low to high - There should be a considerable body of empirical information to have a reliable result. [11] - Spectrum analyzer. - Spectrum analyzer bionical log antenna, and hyper log antenna - High due to rate of correctly classified instances when conducting the experiment and algorithms used Medium since it precisely detects faults but requires a lot of time to monitor timing constraint High since the drawbacks formed by particular person's subjective determinations are reduced High due to the ability of limiting and controlling the risk failure possibilities. High due to the quantitative calculations of the loss of electricity and gas using Monte Carlo simulation method. High due to the use of analyzer thet gives a high accuracy in a short time. - Constrained by the existence of instruments and the technological expertise of measuring instruments. More information is necessary for the risk assessment of pipeline defects to improve quality of the models - Low since it relays on the measurements only. - Global coverage - - Only for electromagnetic. [12] - Failure Mode and Effects Analysis (FMEA) - Cooler - High due to the recognition of the critical components before the risk quantification. - Medium due to the iterative procedure. - Global coverage - Risks caused by electromagnetic induction, electrostatic adiation or conduction or coupling. Absolute best to absolute worse. - Limited systems. - Assessment range Risk level it detects Limitation to to cooling Analysis: and eliminate equipment deficiencies. The RBI The proposed model in [5] proposed a grey system offers various benefits to both the gas and clustering approach for evaluating risk among an oil. Although not the primary objective, RBI lowers extremely long distance. Such study was conducted repair costs by allocating inspection services using the weighted entropy of every index. Authors efficiently on highly risky assets, in [5] used 17 criteria for the indexes for the entropy protection by providing industries with a clearer calculations. The decision-making capability of this view approaches helps in having an in advance organization precautions, resulting in decreased risk threats. Also, concentrating on risks that influences sensitive the ability to assess risks from long distance assists operations. in minimizing the risks since individuals will be been constructed as a reaction to adjustments in informed and thus prepared before the potential risk safety-related before reaches them out. However, the lack of refinement of individual performance assessment instruments and expertise knowledge of such aspect was driven by a growing concentration on the effects renders the grey clustering somehow challenging. of operator involvement. The model proposed in [9] reflects a high of their potential activities Risk threats, functioning evaluation infrastructure improves and keeps properly by approaches demands. have The A. RBI Process reliability by first studying the population density, Currently, RBI innovation is most often environment conditions, and pipelines specifications employed in gas and oil industries. The data are to reduce the economic losses. The process of having primarily derived from refinery historical data an overview over the pipelines then divide them and API standard. To conduct a risk assessment of based on a test results, then assign a failure gas stations using RBI systems, it is crucial to probability score that includes quality and safety enhance the assessment approach, incorporate key essentials of pipelines, personnel and equipment information, review repair history and threat training and damage of third party. Next is to assign analysis, and create the RBI database for the stations. a failure consequence score to every failure probability The data deemed necessary by RBI involves the to calculate the risk and classify the pipelines risk. architecture The methodology focuses on managing the high-risk processing, data inspection, data management, and pipelines to reduce risk causes and management financial data. The below Figure.3 shows the flow costs. work of such process. V. and Contribution In the oil and gas refining industry, a pressure vessel is a vital component of machinery. It requires a system to resist pressure vessel malfunction. The Risk-Based Inspection comprehensive inspection (RBI) approach supervision that process for is a infrastructure works based on risk degree that exists on a system. RBI is anticipated to offer a reasonably reliable guidance to mitigate Figure 3 RBI workflow [13] equipment execution, data 1. The architecture and equipment execution inconsistencies in process safety management when involve the setup, pipes as well as valves, calculating standardized failure rates. The aspect is overall design, pipeline model, finalization, extracted from the outcome of an assessment of the and approval information. management systems that impact plant risk at an 2. Data processing contains the atmospheric operating unit or a facility. EF is indeed an adjusting temperature and pressure, the process stream variable which is introduced to the generic failure graph, the moderate speed of both the inlet frequency in order to compensate for active and outlet, as well as the material inspection equipment status in such an element. analysis of the test point. C. Equipment Factor: 3. Data inspection contains the inspection work plan inspection document, and historical document. data covers operational processes and history. data environmental damage cost as the well cost of plant infrastructure. mechanical fatigue damage, or high-temperature hydrogen damage. Stress corrosion cracking and factors also influence the equipment factor's Risk Based Inspection (RBI) is a strategy that combines online detection and equipment risk in order to evaluate risk and control equipment depending on the analyzed risk. Failure is described as lack of containment in API RBI terminology, and the Probability of Failure (POF) is calculated utilizing a formula (1), and COF stands for Consequence of Failure. worth.[13] D. Consequence’s calculations: The consequences of failure are quantified using (RBI) technology in two ways: the consequences of failure region and the consequences of economic losses. There are three types of failure area analysis effects: explosion, harmful consequences, and leakage of non-toxic and non-combustible medium. (1) Not only can the consequences of failure be used to The likelihood is computed using Formula (2): (2) GFF is an abbreviation for "Generic Failure is corrosion cracking, external damage, brittle fracture, external harm factors can be classified further. Other B. RBI Quantification which be referred to the equipment's failure mode, which may be one of six: thinning corrosion, stress encompasses as business disruption, and also the average Frequency", different modifiable factors. The Equipment Factor is influenced by the Damage Factor (DF). DF should 4. Management 5. Financial The equipment factor is made up of a number of a failure probability established for particular element kinds on the basis of a large community of element data which excludes the consequences of particular harm mechanisms. FMS is a dimension that accounts for reflect economic losses directly, but so can the consequences of economic losses. The risk is the result of the product of the probability of failure and the consequence of failure (R = Failure Probability x Failure consequence). By calculating risk, we can assess the risk level and sort out the different types of damage to the oil and gas infrastructure, allowing us to refine the setup. The risk matrix is the most straightforward way to display the risk distribution of various pieces of equipment. The following Table.6 shows the values for the probability level and consequences categories that are recommended.[13] Table 6 Matrix of quantitative risk [13]. Figure 4 Assessment of risk The Probability of Failure is evaluated in terms of the oil and gas infrastructure, the degree of damage, the area in which it is situated, and inspectability. The Consequence of Failure is calculated based on the following factors: due to damage level the potential loss of bearing capacity, potential threat to infrastructure Table.7 illustrates the risk levels along with their safety; potential growth of maintenance expenses. color indication. E. Proposed Scheme Table 7 Risk ranks As mentioned previously, RBI can significantly increase the availability of a plant, reduce unplanned downtime and costs, provide a better insight into the status of the most important assets, improve the equipment's reliability, provide the opportunity to It is essential to analyze the data after an inspection in order to recommend the next inspection interval. It is critical to classify the type, level, cause, and plan maintenance tasks, and ensure that current safety regulations are followed. In the context of developing the most appropriate risk assessment consequences of damage to the entire oil and gas methodology for oil and gas infrastructure, the infrastructure and/or model shown in the below Figure.5. the environment when assessing damage. Then, in order to recommend the appropriate level of action, a priority number is determined via the following equation (3). (3) In fact, the higher priority number, the more likely an immediate response or action is needed. The below diagram Figure.4 depicts the considerations that must be made when determining the likelihood of oil and gas infrastructure failure. which the inspection criteria are defined. If the risk remains high or continues to grow, a full analysis is conducted in the level of parts. As it is a detailed analysis, it requires each part data and may require producing detailed inspection plans. The Table.8 below demonstrate the extent of inspection that should be taken foe each identified level of risk. Table 8 Risk inspection levels [14]. Advice Non-expert user Figure 5 Proposed architecture. A screening analysis starts at the system level by collecting the relevant data. The initial data collected can be re-used, and for the next evaluation, the data collection process is kept to a bare minimum, allowing the focus to be on the changed data, which results in a significant reduction in the number of hours spent on it. Screening analysis is the process in which hazard is evaluated and risk is analyzed upon input information. If the risk is low then no need for a further analysis, it moves to general inspection and correction maintenance. Such maintenance is done regularly based on the nature of the risk and equipment. Whereas if the risk is medium or high risk, further screening attempts are made on the level of circuit of corrosion. The corrosion circuit reflects a typical corrosion environment and construction materials, and it involves all equipment inside the loop that is susceptible to the same corrosion/damage mechanisms and degradation rates. Within this level of inspection, medium risk threats and acceptable ones can be proceeded to an inspection planning in In traditional RBI programs, the evaluations are kept to the staff judgments only. In order to enhance the risk assessment and decision-making processes, Expert System is proposed to be integrated with the RBI. Expert system stimulates the expert’s behavior and judgments. It gathers relevant information from its knowledge base and interprets it in context of the posed problem. The knowledge base data is added essentially by experts in the oil and gas domain, and thus, it aspires to preserve human expert expertise. However, it is used by non-experts to expand their knowledge and get advice. Expert systems record a high-performance level, high responsiveness, as well as high reliability. Expert systems capable to contribute to advising, assistance in decision making processes, instructions, demonstrations, driving additional necessary data for the risk assessment of solutions, and proposing alternatives whenever pipeline deficiencies, such as: geometric flaws data needed. The recommended strategy to be used with like coating, recesses, RBI is the forward chaining strategy, in which it safety data, which will help in having more clear follows a chain of conditions and derivations, and vision of risks, resulting in better security controls. the result is then deduced after all facts and rules have been considered. Then, it sorts them before concluding about the best solution. Forward chaining strategy is illustrated in the following diagram Figure.6. VII. ecological, and catholic References [1] G. Stergiopoulos, D. A. Gritzalis and E. Limnaios, "Cyber-Attacks on the Oil & Gas Sector: A Survey on Incident Assessment and Attack Patterns," in IEEE Access, vol. 8, pp. 128440128475, 2020, doi: 10.1109/ACCESS.2020.3007960. [2] M. M. Asad, R. Bin Hassan, F. Sherwani, Q. M. Soomro, S. Sohu and M. T. Lakhiar, "Oil and Gas Disasters and Industrial Hazards Associated with Figure 6 Forward Chaining Drilling Operation: An Extensive Literature Review," 2019 2nd International Conference on VI. Conclusion and Future Work Computing, Mathematics and Engineering From the various discussed models of risk Technologies (iCoMET), Sukkur, Pakistan, 2019, assessment, it can be seen that the assessment of risk pp. 1-6, doi: 10.1109/ICOMET.2019.8673516. in gas and oil sector plays a crucial role in safety [3] E. van der Bijl, "THE IMPORTANCE OF management, environment, and financial aspects STANDARDIZATION AND RECOMMENDED especially, since it helps in eliminating the risk If PRACTICES FOR E&I EQUIPMENT IN THE possible, or otherwise taking proper future security OIL&GAS INDUSTRY," 2018 Petroleum and controls in case gas and oil has been threatened by Chemical Industry Conference Europe (PCIC such risk. All models discussed in this project aim to Europe), Antwerp, Belgium, 2018, pp. 1-5, doi: reduce the damage by proposing several ways that 10.23919/PCICEurope.2018.8491412. assist in deciding the measures that when effectively [4] C. F. Moreno-Garcia and E. Elyan, "Digitisation implemented, risk is eliminated if possible, or of Assets from the Oil & Gas Industry: Challenges mitigated if not. The outcomes of such new RBI and Opportunities," 2019 International Conference approach could be interpreted in any framework on Document Analysis and Recognition Workshops preferred by explorers. As a result, maps of any (ICDARW), Sydney, NSW, Australia, 2019, pp. 2- simulated property. The technique can also be 5, doi: 10.1109/ICDARW.2019.60122. employed to predict pore pressure by logs leveraging [5] Y. Hu, K. Liu, D. Xu, Z. Zhai and H. Liu, "Risk pressure calculations at the expected location of a Assessment of Long Distance Oil and Gas Pipeline well. In future, we seek to significantly boost the Based on Grey Clustering," 2017 IEEE International consistency of these models through incorporating Conference on Big Knowledge (ICBK), Hefei, 2017, Policies in Electric Power & Energy, Yogyakarta, pp. 198-201, doi: 10.1109/ICBK.2017.2. Indonesia, [6] A. Ouadah, "Pipeline Defects Risk Assessment 10.1109/IEEECONF48524.2019.9102512. Using Machine Learning and Analytical Hierarchy [12] M. K. Loganathan, S. S. Neog and S. Rai, Process," 2018 International Conference on Applied "Process Safety and Performance Improvement in Smart Systems (ICASS), Medea, Algeria, 2018, pp. Oil Refineries Through Active Redundancy and Risk 1-6, doi: 10.1109/ICASS.2018.8651970. Assessment Method - A Case Study," 2018 IEEE [7] S. Andalam, D. J. X. Ng, A. Easwaran and K. International Conference on Industrial Engineering Thangamariappan, "Contract-Based Methodology and Engineering Management (IEEM), Bangkok, for Developing Resilient Cyber-Infrastructure in the 2018, Industry 4.0 Era," in IEEE Embedded Systems 10.1109/IEEM.2018.8607630. Letters, vol. 11, no. 1, pp. 5-8, March 2019, doi: [13] M. Zhang, W. Liang, Z. Qiu and Y. Lin, 10.1109/LES.2018.2801360. "Application of Risk-Based Inspection method for [8] Z. Yuhui, L. Shiyu, Z. Lijing and T. Gang, gas "Natural Gas Pipeline Network Risk Assessment Conference Series, vol. 842, p. 012064, 2017. Based on FMECA-Fuzzy Comprehensive Analysis," Available: 10.1088/1742-6596/842/1/012064. 2018 IEEE International Conference of Safety [14] S. N. Singh and J. H. C. Pretorius, Produce "Development of a Sem-Quantitative Approach for China, Informatization (IICSPI), 2018, pp. Chongqing, 11-15, doi: 2019, pp. compressor pp. 1-4, doi: 98-102, station", Journal doi: of Physics: Risk Based Inspection and Maintenance of Thermal 10.1109/IICSPI.2018.8690464. Power Plant Components," in SAIEE Africa [9] M. Tao, L. Xiaolong, L. Changchun and W. Research Journal, vol. 108, no. 3, pp. 128-138, Sept. Xinhua, "pplication of risk assessment technology 2017, doi: 10.23919/SAIEE.2017.8531524. on PE Gas Pipeline System of the Residential Area," 2020 3rd International Conference on Electron Device and Mechanical Engineering (ICEDME), Suzhou, China, 2020, pp. 687-690, doi: 10.1109/ICEDME50972.2020.00162. [10] Y. Hu, W. chunxiao, X. Song, Z. Bie, Y. Chao and C. Liang, "Risk Assessment on Combined Natural Gas System and power System with Storage Device," 2019 IEEE 8th International Conference on Advanced Power System Automation and Protection (APAP), Xi'an, China, 2019, pp. 1-5, doi: 10.1109/APAP47170.2019.9224722. [11] H. I. Hussien, M. Akmal Ayob, I. F. Warsito, E. Supriyanto and I. Reihannisha, "Electromagnetic Risk Identification in Oil and Gas Industry," 2019 International Conference on Technologies and
Purchase answer to see full attachment
Explanation & Answer:
3000 Words
User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

View attached explanation and answer. Let me know if you have any questions.
You can take a look at this one too buddy. Slight changes, but if you need anything else just send me a message and I will make eveything right.Thanks.

Security layers and threats management for ITS
Student’s Name
Email

filter, blockchain, artificial intelligence,
Abstract:

ontologies, and game theory. The study

Intelligent Transportation Systems (ITS) is

correlates

a relatively new field characterized by

identified security measures, and the

compound data model, dynamics and

architectural layers where the threats and

stringent time requirements. Therefore,

measure applies.

ensuring security in ITS is also a significant
process that the efficiency and safety of

the

threats

available,

the

Keywords: ITS; VANET; cybersecurity;
IoT;

transportation depends on. The process
must involve establishing useful standards

I. Introduction

for an extensive architecture and specific
Internet of things (IoT) resulted from

security standards. On that note, this paper
focuses on examining the overall outlines of
the ITS security issues and architecture.
The main aim of security approaches, which
has not been thoroughly examined in many
studies in the field, are examined. Also, the
article highlights both conventional and
innovative methods of cryptography and
network segmentation that, if adapted, can
help manage cybersecurity threats in ITS.
Conventional
highlighted;

measures
hence

the

are
focus

only
is

on

innovative measures that have recently been
gaining

popularity

management.

These

in

ITS

main

threat
measures

included here are fog computing, bloom

converging several technologies such as realtime analytics, embedded systems, machine
learning, wireless networks, and control
systems. However, from the consumer
perspective, IoT is the same as products
concerned with the concept of intelligent
healthcare, intelligent home, intelligent city,
among other things that utilize Artificial
Intelligence (AI) and related technologies [7].
Many

of

these

characteristics

and

fields
often

have

similar

face

similar

problems. Therefore, sharing technologies
between IoT sub-areas has become standard
but needs to be analyzed thoroughly and
explored practically. Despite the similarities,
even in the same fields, the requirements for

real-time operation, communication range,

the environment and vehicles, such as

bit rate, reliability and, most importantly,

direction,

security, vary.

conditions,

speed,
and

acceleration,
weather

road

conditions.

Connecting vehicles in a single wireless hop
As a sub-area of IoT, specifically
intelligent city, ITS is characterized by
various features of IoT [7]. The distinctive
features include strict time requirements,
huge volumes of data, and dynamics and are

communication creates many tasks such as
interruptions,

authentication

of

joined

vehicles, and the need to protect user
identities [14]. However, network security is
the main focus.

greatly impacted by security concerns. One
of the key characteristic properties of the ITS

II Background

is its high demand for cybersecurity, which
ITS is a relatively new filed but has

necessitates threat management measures
[10]. ITS applications can generally be

classified

as

road

traffic

efficiency,

infotainment, and transport safety. The road
safety applications involved have extremely
high cybersecurity needs combined with
strict real time constrains. Even though road
infotainment

applications

and

traffic

efficiency are not directly concerned with the
physical safety on roads, cybersecurity needs
remain high [13]. This is because any breach
in any of these applications can have a major
impact on efficiency of an entire ITS.

serious

security

needs.

Even

though

VANETs are critical in all the developments
of ITS, they are not the only the vulnerable
components. ITS is extremely complicated,
with a lot of effort being placed to ensure AI,
Fog and Cloud computing, and machine
learning are all integrated in the system [15].
Therefore, security must be considered on all
levels. With the need for robust security and
implantation of different applications, the
actual application of fully automated vehicles
can be very challenging. In this case, the nontechnological side of ITS security must be

Vehicular ad-hoc networks (VANET)

considered thoroughly. It can be expressed by

is a critical element of all contemporary

carefully considering authorization policy,

developments for ITS. Nodes (or vehicles) in

regulation, governance, development of

VANET interchange short messages, known

standards, policy, education, and awareness.

as beacons, during specified periods. The
beacons contain essential information about

III. Literature Review

disrupt ITS. Therefore, ITS security is
important to prevent or manage threats.

Different

modes

of

traffic

management and transportation use ITS’s

Many of the current studies generally

innovative systems to make transportation

focus on the applications of ITS and leave out

networks smarter. Generally, ITS is crucial to

the significant area of cybersecurity. As such,

developing smart cities and are also essential

there exists limited surveys that address

in improving luxury and safety of people’s...


Anonymous
Just what I was looking for! Super helpful.

Studypool
4.7
Indeed
4.5
Sitejabber
4.4

Related Tags