{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,26]],"date-time":"2026-02-26T15:24:18Z","timestamp":1772119458584,"version":"3.50.1"},"reference-count":45,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2026,1,7]],"date-time":"2026-01-07T00:00:00Z","timestamp":1767744000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2026,1,7]],"date-time":"2026-01-07T00:00:00Z","timestamp":1767744000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Int. J. Inf. Secur."],"published-print":{"date-parts":[[2026,2]]},"abstract":"<jats:title>Abstract<\/jats:title>\n                  <jats:p>\n                    Critical Infrastructures (CI) are increasingly interdependent, forming complex dependency networks where disruptions can propagate across sectors and amplify systemic risk. Conventional risk assessment methods are limited by evaluating components in isolation and neglecting how interdependencies shape cascading exposure. This paper introduces the Risk Impact Pathway Analysis (RIPA) framework\u2013a dynamic, dependency-aware risk assessment model that explicitly traces and quantifies risk propagation pathways within interdependent CI systems. RIPA incorporates three key propagation factors: Linkage Intensity (LI), measuring dependency strength; Resilience (RE), acting as a risk shield; and Criticality, functioning as a risk amplifier. Unlike traditional methods focused solely on initial risk (R\n                    <jats:sub>0<\/jats:sub>\n                    ), RIPA calculates Total Systemic Risk, revealing hidden high-risk nodes and propagation routes. The framework is validated through a multi-sector case study of the LAMAD-LLC integrated infrastructure system, demonstrating its applicability and effectiveness. Results demonstrate that incorporating interdependency criteria into risk assessment reveals significant hidden vulnerabilities, with certain infrastructure components exhibiting risk increases compared to traditional single-point assessments. This amplification effect illustrates how failures or vulnerabilities propagate through interconnected systems, creating compound risks not captured by conventional methods. Sensitivity analysis reveals that resilience enhancement interventions achieve approximately twice the risk reduction compared to equivalent modifications in either criticality scores or linkage intensity parameters. These findings validate RIPA\u2019s capacity to provide a pathway-centric, topology-aware understanding of systemic exposure, enabling more targeted and effective infrastructure risk management strategies than traditional approaches.\n                  <\/jats:p>","DOI":"10.1007\/s10207-025-01201-1","type":"journal-article","created":{"date-parts":[[2026,1,7]],"date-time":"2026-01-07T07:41:36Z","timestamp":1767771696000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Risk impact pathway analysis (RIPA): A dynamic risk assessment framework for interdependent critical infrastructures"],"prefix":"10.1007","volume":"25","author":[{"given":"Fatimah","family":"Faraji","sequence":"first","affiliation":[]},{"given":"Haralambos","family":"Mouratidis","sequence":"additional","affiliation":[]},{"given":"Abdullah","family":"Al Zakwani","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2026,1,7]]},"reference":[{"issue":"11","key":"1201_CR1","doi-asserted-by":"publisher","first-page":"2441","DOI":"10.1111\/risa.13166","volume":"38","author":"C Curt","year":"2018","unstructured":"Curt, C., Tacnet, J.: Resilience of critical infrastructures: Review and analysis of current approaches. Risk Anal. 38(11), 2441 (2018)","journal-title":"Risk Anal."},{"key":"1201_CR2","unstructured":"Cybersecurity, C. I.: Framework for improving critical infrastructure cybersecurity, 4162018(7) (2018). https:\/\/nvlpubs.nist.gov\/nistpubs\/CSWP\/NIST.CSWP"},{"key":"1201_CR3","unstructured":"Mouratidis, H., Santos-Olmo, A., Islam, S., Grosado, D., Fern, E.: Towards Resilience by Design: Systematic Review of Critical Infrastructure Protection Against Systemic Risks, Komunik\u00e1cie 20(2) (2025)"},{"key":"1201_CR4","volume-title":"Towards Resilience by Design: Systematic Review of Critical Infrastructure Protection Against Systemic Risks","author":"H Mouratidis","year":"2025","unstructured":"Mouratidis, H., Santos-Olmo, A., Islam, S., Grosado, D., Fern, E.: Towards Resilience by Design: Systematic Review of Critical Infrastructure Protection Against Systemic Risks. Springer, Vienna (2025)"},{"issue":"4","key":"1201_CR5","doi-asserted-by":"publisher","first-page":"291","DOI":"10.1080\/23789689.2020.1795571","volume":"7","author":"M Haggag","year":"2022","unstructured":"Haggag, M., Ezzeldin, M., El-Dakhakhni, W., Hassini, E.: Resilient cities critical infrastructure interdependence: a meta-research. Sustain. Resilient Infrastruct. 7(4), 291 (2022)","journal-title":"Sustain. Resilient Infrastruct."},{"issue":"7","key":"1201_CR6","doi-asserted-by":"publisher","first-page":"2107","DOI":"10.1007\/s00607-023-01199-1","volume":"106","author":"F Faraji","year":"2024","unstructured":"Faraji, F., Javadpour, A., Sangaiah, A.K., Zavieh, H.: A solution for resource allocation through complex systems in fog computing for the internet of things. Computing 106(7), 2107 (2024)","journal-title":"Computing"},{"issue":"8","key":"1201_CR7","doi-asserted-by":"publisher","first-page":"1606","DOI":"10.1111\/risa.13715","volume":"42","author":"JW Welburn","year":"2022","unstructured":"Welburn, J.W., Strong, A.M.: Systemic cyber risk and aggregate impacts. Risk Anal. 42(8), 1606 (2022)","journal-title":"Risk Anal."},{"issue":"2","key":"1201_CR8","doi-asserted-by":"publisher","first-page":"239","DOI":"10.1080\/03085147.2020.1718912","volume":"49","author":"D Curran","year":"2020","unstructured":"Curran, D.: Connecting risk: Systemic risk from finance to the digital. Econ. Soc. 49(2), 239 (2020)","journal-title":"Econ. Soc."},{"issue":"2","key":"1201_CR9","doi-asserted-by":"publisher","DOI":"10.1115\/1.4035728","volume":"3","author":"X Liu","year":"2017","unstructured":"Liu, X., Ferrario, E., Zio, E.: Resilience analysis framework for interconnected critical infrastructures. ASCE-ASME J. Risk Uncertain. Eng. Syst. B: Mech. Eng. 3(2), 021001 (2017)","journal-title":"ASCE-ASME J. Risk Uncertain. Eng. Syst. B: Mech. Eng."},{"issue":"2","key":"1201_CR10","doi-asserted-by":"publisher","first-page":"128","DOI":"10.1080\/17477778.2017.1418640","volume":"12","author":"M Iturriza","year":"2018","unstructured":"Iturriza, M., Labaka, L., Sarriegi, J.M., Hernantes, J.: Modelling methodologies for analysing critical infrastructures. J. Simul. 12(2), 128 (2018)","journal-title":"J. Simul."},{"key":"1201_CR11","unstructured":"Grafenauer, T., K\u00f6nig, S., Rass, S., Schauer, S.: In: Proceedings of the 13th International Conference on availability, reliability and security, pp. 1\u20138 (2021)"},{"key":"1201_CR12","doi-asserted-by":"crossref","unstructured":"Gueye, A., Mbaye, B., Fall, D., Diop, A., Kashihara, S.: Innovations and Interdisciplinary Solutions for Underserved Areas: 4th EAI International Conference, InterSol 2020, Nairobi, Kenya, March 8-9, 2020, Proceedings 4 (Springer, 2021), pp. 211\u2013223","DOI":"10.1007\/978-3-030-51051-0_15"},{"key":"1201_CR13","doi-asserted-by":"publisher","DOI":"10.1016\/j.ijdrr.2023.103862","volume":"95","author":"S Gong","year":"2023","unstructured":"Gong, S., Ye, Y., Gao, X., Chen, L., Wang, T.: Empirical patterns of interdependencies among critical infrastructures in cascading disasters: Evidence from a comprehensive multi-case analysis. Int. J. Disaster Risk Reduct. 95, 103862 (2023)","journal-title":"Int. J. Disaster Risk Reduct."},{"key":"1201_CR14","doi-asserted-by":"publisher","first-page":"199","DOI":"10.1016\/j.ijdrr.2018.04.019","volume":"30","author":"G Zuccaro","year":"2018","unstructured":"Zuccaro, G., De Gregorio, D., Leone, M.F.: Theoretical model for cascading effects analyses. Int. J. Disaster Risk Reduct. 30, 199 (2018)","journal-title":"Int. J. Disaster Risk Reduct."},{"key":"1201_CR15","doi-asserted-by":"publisher","first-page":"164","DOI":"10.1016\/j.physa.2018.06.129","volume":"510","author":"W Wang","year":"2018","unstructured":"Wang, W., Yang, S., Hu, F., Stanley, H.E., He, S., Shi, M.: An approach for cascading effects within critical infrastructure systems. Physica A 510, 164 (2018)","journal-title":"Physica A"},{"key":"1201_CR16","doi-asserted-by":"publisher","first-page":"125","DOI":"10.1016\/j.ijcip.2018.06.004","volume":"22","author":"D Rehak","year":"2018","unstructured":"Rehak, D., Senovsky, P., Hromada, M., Lovecek, T., Novotny, P.: Cascading impact assessment in a critical infrastructure system. Int. J. Crit. Infrastruct. Prot. 22, 125 (2018)","journal-title":"Int. J. Crit. Infrastruct. Prot."},{"key":"1201_CR17","unstructured":"Helminen, A., Hakkarainen, T.: Book of Abstracts, p. 10 (2021)"},{"key":"1201_CR18","doi-asserted-by":"crossref","unstructured":"Brabcova, V., Slivkova, S., Rehak, D., Toseroni, F., Havko, J.: ASSESSING THE CASCADING EFFECT OF ENERGY AND TRANSPORT CRITICAL INFRASTRUCTURE ELEMENTS: CASE STUDY. Komunik\u00e1cie 20(2), (2018)","DOI":"10.26552\/com.C.2018.2.8-15"},{"issue":"4","key":"1201_CR19","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3579847","volume":"23","author":"X Fu","year":"2023","unstructured":"Fu, X., Pace, P., Aloi, G., Guerrieri, A., Li, W., Fortino, G.: Tolerance analysis of cyber-manufacturing systems to cascading failures. ACM Trans. Internet Technol. 23(4), 1 (2023)","journal-title":"ACM Trans. Internet Technol."},{"issue":"1","key":"1201_CR20","doi-asserted-by":"publisher","first-page":"8","DOI":"10.1186\/s42400-021-00071-z","volume":"4","author":"VR Palleti","year":"2021","unstructured":"Palleti, V.R., Adepu, S., Mishra, V.K., Mathur, A.: Cascading effects of cyber-attacks on interconnected critical infrastructure. Cybersecurity 4(1), 8 (2021)","journal-title":"Cybersecurity"},{"key":"1201_CR21","doi-asserted-by":"publisher","DOI":"10.1016\/j.ress.2021.107958","volume":"216","author":"F Chaoqi","year":"2021","unstructured":"Chaoqi, F., Yangjun, G., Jilong, Z., Yun, S., Pengtao, Z., Tao, W.: Attack-defense game for critical infrastructure considering the cascade effect. Reliab. Eng. Syst. Saf. 216, 107958 (2021)","journal-title":"Reliab. Eng. Syst. Saf."},{"issue":"3","key":"1201_CR22","doi-asserted-by":"publisher","first-page":"12","DOI":"10.1007\/s40860-025-00253-3","volume":"11","author":"S Islam","year":"2025","unstructured":"Islam, S., Basheer, N., Papastergiou, S., Ciampi, M., Silvestri, S.: Intelligent dynamic cybersecurity risk management framework with explainability and interpretability of AI models for enhancing security and resilience of digital infrastructure. J. Reliab. Intell. Environ. 11(3), 12 (2025)","journal-title":"J. Reliab. Intell. Environ."},{"key":"1201_CR23","unstructured":"I.O.f. Standardization, ISO 31000: 2018, Risk Management-Guidelines (International Organization for Standardization, 2018)"},{"issue":"5","key":"1201_CR24","doi-asserted-by":"publisher","first-page":"218","DOI":"10.3390\/systems11050218","volume":"11","author":"JV Barraza de la Paz","year":"2023","unstructured":"Barraza de la Paz, J.V., Rodr\u00edguez-Pic\u00f3n, L.A., Morales-Rocha, V., Torres-Arg\u00fcelles, S.V.: A systematic review of risk management methodologies for complex organizations in industry 4.0 and 5.0. Systems 11(5), 218 (2023)","journal-title":"Systems"},{"key":"1201_CR25","doi-asserted-by":"crossref","unstructured":"Mahfud, A.Z., Hikmah, I.R., Sunaringtyas, S.U., Yulita, T.: In: 2024 4th International Conference on Electronic and Electrical Engineering and Intelligent System (ICE3IS), pp. 181\u2013186, IEEE (2024)","DOI":"10.1109\/ICE3IS62977.2024.10775428"},{"issue":"5","key":"1201_CR26","doi-asserted-by":"publisher","first-page":"218","DOI":"10.3390\/systems11050218","volume":"11","author":"JV Barraza de la Paz","year":"2023","unstructured":"Barraza de la Paz, J.V., Rodr\u00edguez-Pic\u00f3n, L.A., Morales-Rocha, V., Torres-Arg\u00fcelles, S.V.: A systematic review of risk management methodologies for complex organizations in industry 4.0 and 5.0. Systems 11(5), 218 (2023)","journal-title":"Systems"},{"key":"1201_CR27","doi-asserted-by":"crossref","unstructured":"Mahfud, A.Z., Hikmah, I.R., Sunaringtyas, S.U., Yulita, T.: In: 2024 4th International Conference on Electronic and Electrical Engineering and Intelligent System (ICE3IS), pp. 181\u2013186, IEEE (2024)","DOI":"10.1109\/ICE3IS62977.2024.10775428"},{"issue":"18","key":"1201_CR28","doi-asserted-by":"publisher","first-page":"15241","DOI":"10.1007\/s00521-022-06959-2","volume":"34","author":"HI Kure","year":"2022","unstructured":"Kure, H.I., Islam, S., Mouratidis, H.: An integrated cyber security risk management framework and risk predication for the critical infrastructure protection. Neural Comput. Appl. 34(18), 15241 (2022)","journal-title":"Neural Comput. Appl."},{"key":"1201_CR29","unstructured":"Iso, I.: Risk management\u2013Principles and guidelines, International Organization for Standardization, Geneva, Switzerland (2009)"},{"key":"1201_CR30","doi-asserted-by":"publisher","first-page":"257","DOI":"10.1016\/j.ijdrr.2018.04.011","volume":"30","author":"L Hempel","year":"2018","unstructured":"Hempel, L., Kraff, B.D., Pelzer, R.: Dynamic interdependencies: problematising criticality assessment in the light of cascading effects. Int. J. Disaster Risk Reduct. 30, 257 (2018)","journal-title":"Int. J. Disaster Risk Reduct."},{"key":"1201_CR31","doi-asserted-by":"crossref","unstructured":"Pescaroli, G., Nones, M., Galbusera, L., Alexander, D.: Understanding and mitigating cascading crises in the global interconnected system (2018)","DOI":"10.1016\/j.ijdrr.2018.07.004"},{"issue":"3","key":"1201_CR32","doi-asserted-by":"publisher","first-page":"838","DOI":"10.3390\/su11030838","volume":"11","author":"O Heino","year":"2019","unstructured":"Heino, O., Takala, A., Jukarainen, P., Kalalahti, J., Kekki, T., Verho, P.: Critical infrastructures: The operational environment in cases of severe disruption. Sustainability 11(3), 838 (2019)","journal-title":"Sustainability"},{"issue":"7","key":"1201_CR33","doi-asserted-by":"publisher","first-page":"2107","DOI":"10.1007\/s00607-023-01199-1","volume":"106","author":"F Faraji","year":"2024","unstructured":"Faraji, F., Javadpour, A., Sangaiah, A.K., Zavieh, H.: A solution for resource allocation through complex systems in fog computing for the internet of things. Computing 106(7), 2107 (2024)","journal-title":"Computing"},{"key":"1201_CR34","doi-asserted-by":"crossref","unstructured":"Cheikes, B.A., Waltermire, D., Scarfone, K.: Common platform enumeration: Naming specification version 2.3. NIST Interagency Report 7695(8), (2011)","DOI":"10.6028\/NIST.IR.7695"},{"issue":"2","key":"1201_CR35","doi-asserted-by":"publisher","first-page":"9","DOI":"10.1145\/3375408.3375410","volume":"38","author":"B Martin","year":"2019","unstructured":"Martin, B.: Common vulnerabilities enumeration (cve), common weakness enumeration (cwe), and common quality enumeration (cqe) attempting to systematically catalog the safety and security challenges for modern, networked, software-intensive systems. ACM SIGAda Ada Lett. 38(2), 9 (2019)","journal-title":"ACM SIGAda Ada Lett."},{"key":"1201_CR36","unstructured":"Vulnerabilities, C.: Common vulnerabilities and exposures, Published CVE Records.[Online] Available: https:\/\/www.cve.org\/About\/Metrics (2005)"},{"key":"1201_CR37","unstructured":"Theoharidou, M., Kotzanikolaou, P., Gritzalis, D.: Critical Infrastructure Protection III: Third Annual IFIP WG 11.10 International Conference on Critical Infrastructure Protection, Hanover, New Hampshire, USA, March 23-25, 2009, Revised Selected Papers 3 (Springer, 2018), pp. 35\u201349"},{"issue":"1","key":"1201_CR38","first-page":"7729456","volume":"2022","author":"J Yan","year":"2022","unstructured":"Yan, J., Du, Z., Li, J., Yang, S., Li, J., Li, J.: A Threat Intelligence Analysis Method Based on Feature Weighting and BERT-BiGRU for Industrial Internet of Things. Sec. Commun. Netw. 2022(1), 7729456 (2022)","journal-title":"Sec. Commun. Netw."},{"key":"1201_CR39","doi-asserted-by":"publisher","DOI":"10.1016\/j.ijdrr.2024.104997","volume":"114","author":"AM Weir","year":"2024","unstructured":"Weir, A.M., Wilson, T.M., Bebbington, M.S., Campbell-Smart, C., Williams, J.H., Fairclough, R.: Quantifying systemic vulnerability of interdependent critical infrastructure networks: A case study for volcanic hazards. Int. J. Disaster Risk Reduct. 114, 104997 (2024)","journal-title":"Int. J. Disaster Risk Reduct."},{"key":"1201_CR40","doi-asserted-by":"crossref","unstructured":"Cui, Z., Pang, J., Shen, X.: IOP Conference Series: Materials Science and Engineering, vol. 231, p. 012040, (IOP Publishing, 2005)","DOI":"10.1088\/1757-899X\/231\/1\/012040"},{"key":"1201_CR41","first-page":"1595","volume":"95","author":"KS Wan","year":"2020","unstructured":"Wan, K.S.: NotPetya, not warfare: rethinking the insurance war exclusion in the context of international cyberattacks. Wash. L. Rev. 95, 1595 (2020)","journal-title":"Wash. L. Rev."},{"issue":"2","key":"1201_CR42","doi-asserted-by":"publisher","first-page":"432","DOI":"10.1016\/j.jfineco.2022.12.002","volume":"147","author":"M Crosignani","year":"2023","unstructured":"Crosignani, M., Macchiavelli, M., Silva, A.F.: Pirates without borders: The propagation of cyberattacks through firms\u2019 supply chains. J. Financ. Econ. 147(2), 432 (2023)","journal-title":"J. Financ. Econ."},{"key":"1201_CR43","unstructured":"Easterly, J., Fanning, T.: The attack on colonial pipeline: What we\u2019ve learned & what we\u2019ve done over the past two years, Department of Homeland Security, Cybersecurity and Infrastructure Security Agency, 7 (2023)"},{"key":"1201_CR44","doi-asserted-by":"publisher","DOI":"10.1016\/j.econlet.2021.110122","volume":"209","author":"T Tsvetanov","year":"2021","unstructured":"Tsvetanov, T., Slaria, S.: The effect of the Colonial Pipeline shutdown on gasoline prices. Econ. Lett. 209, 110122 (2021)","journal-title":"Econ. Lett."},{"issue":"1\u201329","key":"1201_CR45","first-page":"3","volume":"388","author":"DU Case","year":"2016","unstructured":"Case, D.U.: Analysis of the cyber attack on the Ukrainian power grid. Electricity information sharing and analysis center (E-ISAC) 388(1\u201329), 3 (2016)","journal-title":"Electricity information sharing and analysis center (E-ISAC)"}],"container-title":["International Journal of Information Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-025-01201-1.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10207-025-01201-1","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-025-01201-1.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,1,31]],"date-time":"2026-01-31T16:08:25Z","timestamp":1769875705000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10207-025-01201-1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,1,7]]},"references-count":45,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2026,2]]}},"alternative-id":["1201"],"URL":"https:\/\/doi.org\/10.1007\/s10207-025-01201-1","relation":{"has-preprint":[{"id-type":"doi","id":"10.21203\/rs.3.rs-8001498\/v1","asserted-by":"object"}]},"ISSN":["1615-5262","1615-5270"],"issn-type":[{"value":"1615-5262","type":"print"},{"value":"1615-5270","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026,1,7]]},"assertion":[{"value":"31 October 2025","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"22 December 2025","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"7 January 2026","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare no competing interests.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing Interests"}}],"article-number":"26"}}