{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,24]],"date-time":"2026-01-24T19:24:42Z","timestamp":1769282682883,"version":"3.49.0"},"reference-count":25,"publisher":"Walter de Gruyter GmbH","issue":"9","license":[{"start":{"date-parts":[[2023,9,1]],"date-time":"2023-09-01T00:00:00Z","timestamp":1693526400000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023,9,26]]},"abstract":"<jats:title>Abstract<\/jats:title>\n               <jats:p>IT vulnerabilities, cyber threats, and resulting risks significantly impact the stability of current and future power grids. The results of a Risk Assessment process contribute to a better understanding of the causes and nature of the associated risks. The risks assessed by experts are available in both numerical and linguistic representations \u2013 this makes it beneficial to include a combination of linguistic and numerical analyses. In this paper, we propose a new Hybrid Risk Assessment method based on fuzzy logic, leading to more precise results. The presented approach specifies the variables and membership functions of fuzzy logic with reference to Smart Grids. For this propose, a case study with five risk events in a small-scale Smart Grid is carried out as an example. The results can then support decision-makers in ensuring grid stability.<\/jats:p>","DOI":"10.1515\/auto-2023-0089","type":"journal-article","created":{"date-parts":[[2023,9,8]],"date-time":"2023-09-08T10:42:19Z","timestamp":1694169739000},"page":"779-788","source":"Crossref","is-referenced-by-count":14,"title":["A new hybrid risk assessment process for cyber security design of smart grids using fuzzy analytic hierarchy processes"],"prefix":"10.1515","volume":"71","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-7292-7989","authenticated-orcid":false,"given":"Sine","family":"Canbolat","sequence":"first","affiliation":[{"name":"Karlsruhe Institute of Technology (KIT), Institute for Automation and Applied Informatics (IAI), KASTEL Security Research Labs , Hermann-von-Helmholtz-Platz 1, 76344 Eggenstein-Leopoldshafen , Germany"}]},{"given":"Ghada","family":"Elbez","sequence":"additional","affiliation":[{"name":"Karlsruhe Institute of Technology (KIT), Institute for Automation and Applied Informatics (IAI), KASTEL Security Research Labs , Hermann-von-Helmholtz-Platz 1, 76344 Eggenstein-Leopoldshafen , Germany"}]},{"given":"Veit","family":"Hagenmeyer","sequence":"additional","affiliation":[{"name":"Karlsruhe Institute of Technology (KIT), Institute for Automation and Applied Informatics (IAI), KASTEL Security Research Labs , Hermann-von-Helmholtz-Platz 1, 76344 Eggenstein-Leopoldshafen , Germany"}]}],"member":"374","published-online":{"date-parts":[[2023,9,8]]},"reference":[{"key":"2023120702422583997_j_auto-2023-0089_ref_001","doi-asserted-by":"crossref","unstructured":"A. Refsdal, B. Solhaug, K. St\u00f8len, A. Refsdal, B. Solhaug, and K. St\u00f8len, Cyber-Risk Management, Cham, Springer, 2015.","DOI":"10.1007\/978-3-319-23570-7"},{"key":"2023120702422583997_j_auto-2023-0089_ref_002","doi-asserted-by":"crossref","unstructured":"A. Omerovic, H. Vefsnmo, G. Erdogan, O. Gjerde, E. Gramme, and S. Simonsen, \u201cA feasibility study of a method for identification and modelling of cybersecurity risks in the context of smart power grid,\u201d in COMPLEXIS 2019-Proceedings of the 4th International Conference on Complexity, Future Information Systems and Risk 2019, SciTePress, 2019.","DOI":"10.5220\/0007697800390051"},{"key":"2023120702422583997_j_auto-2023-0089_ref_003","doi-asserted-by":"crossref","unstructured":"M. S. Lund, B. Solhaug, and K. St\u00f8len, Model-Driven Risk Analysis: The CORAS Approach, Berlin, Heidelberg, Springer Science & Business Media, 2010.","DOI":"10.1007\/978-3-642-12323-8"},{"key":"2023120702422583997_j_auto-2023-0089_ref_004","doi-asserted-by":"crossref","unstructured":"G. Gonz\u00e1lez-Granadillo, S. Gonz\u00e1lez-Zarzosa, and R. Diaz, \u201cSecurity information and event management (siem): analysis, trends, and usage in critical infrastructures,\u201d Sensors, vol.\u00a021, no.\u00a014, p.\u00a04759, 2021. https:\/\/doi.org\/10.3390\/s21144759.","DOI":"10.3390\/s21144759"},{"key":"2023120702422583997_j_auto-2023-0089_ref_005","doi-asserted-by":"crossref","unstructured":"P. Radoglou-Grammatikis, P. Sarigiannidis, E. Iturbe, et al.., \u201cSpear siem: a security information and event management system for the smart grid,\u201d Comput. Netw., vol.\u00a0193, p.\u00a0108008, 2021. https:\/\/doi.org\/10.1016\/j.comnet.2021.108008.","DOI":"10.1016\/j.comnet.2021.108008"},{"key":"2023120702422583997_j_auto-2023-0089_ref_006","unstructured":"E. J. Byres, M. Franz, and D. Miller, \u201cThe use of attack trees in assessing vulnerabilities in scada systems,\u201d in Proceedings of the International Infrastructure Survivability Workshop, Citeseer, 2004, pp.\u00a03\u201310."},{"key":"2023120702422583997_j_auto-2023-0089_ref_007","doi-asserted-by":"crossref","unstructured":"E. Rios, A. Rego, E. Iturbe, M. Higuero, and X. Larrucea, \u201cContinuous quantitative risk management in smart grids using attack defense trees,\u201d Sensors, vol.\u00a020, no.\u00a016, p.\u00a04404, 2020. https:\/\/doi.org\/10.3390\/s20164404.","DOI":"10.3390\/s20164404"},{"key":"2023120702422583997_j_auto-2023-0089_ref_008","doi-asserted-by":"crossref","unstructured":"N. Poolsappasit, R. Dewri, and I. Ray, \u201cDynamic security risk management using bayesian attack graphs,\u201d IEEE Trans. Dependable Secure Comput., vol.\u00a09, no.\u00a01, pp.\u00a061\u201374, 2011. https:\/\/doi.org\/10.1109\/tdsc.2011.34.","DOI":"10.1109\/TDSC.2011.34"},{"key":"2023120702422583997_j_auto-2023-0089_ref_009","doi-asserted-by":"crossref","unstructured":"D. Lu, C. Xu, L. Zhang, L. Wang, and Y. Sun, \u201cComprehensive risk assessment method of power grid based on grey relational weight game theory,\u201d in IOP Conf. Ser. Earth Environ. Sci., vol.\u00a0453, no.\u00a01, p.\u00a0012068, 2020. https:\/\/doi.org\/10.1088\/1755-1315\/453\/1\/012068.","DOI":"10.1088\/1755-1315\/453\/1\/012068"},{"key":"2023120702422583997_j_auto-2023-0089_ref_010","doi-asserted-by":"crossref","unstructured":"Z. Zeng, S. Yao, and T. Zhang, \u201cRisk assessment method for smart substation secondary system based on deep neural network,\u201d in Proceedings of PURPLE MOUNTAIN FORUM 2019-International Forum on Smart Grid Protection and Control, Springer, 2020, pp.\u00a0443\u2013454.","DOI":"10.1007\/978-981-13-9783-7_35"},{"key":"2023120702422583997_j_auto-2023-0089_ref_011","doi-asserted-by":"crossref","unstructured":"L. A. Zadeh, \u201cFuzzy logic,\u201d Computer, vol.\u00a021, no.\u00a04, pp.\u00a083\u201393, 1988. https:\/\/doi.org\/10.1109\/2.53.","DOI":"10.1109\/2.53"},{"key":"2023120702422583997_j_auto-2023-0089_ref_012","doi-asserted-by":"crossref","unstructured":"Y. Cherdantseva, P. Burnap, A. Blyth, et al.., \u201cA review of cyber security risk assessment methods for scada systems,\u201d Comput. Secur., vol.\u00a056, pp.\u00a01\u201327, 2016. https:\/\/doi.org\/10.1016\/j.cose.2015.09.009.","DOI":"10.1016\/j.cose.2015.09.009"},{"key":"2023120702422583997_j_auto-2023-0089_ref_013","unstructured":"T. Saaty, The Analytic Hierarchy Process: Planning, Priority Setting, Resources Allocation, New York, McGraw-Hill, 1980."},{"key":"2023120702422583997_j_auto-2023-0089_ref_014","doi-asserted-by":"crossref","unstructured":"P. J. Van Laarhoven and W. Pedrycz, \u201cA fuzzy extension of saaty\u2019s priority theory,\u201d Fuzzy Sets Syst., vol.\u00a011, nos 1\u20133, pp.\u00a0229\u2013241, 1983. https:\/\/doi.org\/10.1016\/s0165-0114(83)80082-7.","DOI":"10.1016\/S0165-0114(83)80082-7"},{"key":"2023120702422583997_j_auto-2023-0089_ref_015","doi-asserted-by":"crossref","unstructured":"S. Kubler, J. Robert, W. Derigent, A. Voisin, and Y. Le Traon, \u201cA state-of the-art survey & testbed of fuzzy ahp (fahp) applications,\u201d Expert Syst. Appl., vol.\u00a065, pp.\u00a0398\u2013422, 2016. https:\/\/doi.org\/10.1016\/j.eswa.2016.08.064.","DOI":"10.1016\/j.eswa.2016.08.064"},{"key":"2023120702422583997_j_auto-2023-0089_ref_016","doi-asserted-by":"crossref","unstructured":"M. An, S. Huang, and C. Baker, \u201cRailway risk assessment-the fuzzy reasoning approach and fuzzy analytic hierarchy process approaches: a case study of shunting at waterloo depot,\u201d Proc. Inst. Mech. Eng. F J. Rail Rapid Transit, vol.\u00a0221, no.\u00a03, pp.\u00a0365\u2013383, 2007. https:\/\/doi.org\/10.1243\/09544097jrrt106.","DOI":"10.1243\/09544097JRRT106"},{"key":"2023120702422583997_j_auto-2023-0089_ref_017","doi-asserted-by":"crossref","unstructured":"M. M. Silva, A. P. H. de Gusm\u00e3o, T. Poleto, L. C. e Silva, and A. P. C. S. Costa, \u201cA multidimensional approach to information security risk management using fmea and fuzzy theory,\u201d Int. J. Inf. Manage., vol.\u00a034, no.\u00a06, pp.\u00a0733\u2013740, 2014. https:\/\/doi.org\/10.1016\/j.ijinfomgt.2014.07.005.","DOI":"10.1016\/j.ijinfomgt.2014.07.005"},{"key":"2023120702422583997_j_auto-2023-0089_ref_018","doi-asserted-by":"crossref","unstructured":"K. Bernsmed, M. G. Jaatun, and C. Fr\u00f8ystad, \u201cIs a smarter grid also riskier?\u201d in International Workshop on Security and Trust Management, Springer, 2019, pp.\u00a036\u201352.","DOI":"10.1007\/978-3-030-31511-5_3"},{"key":"2023120702422583997_j_auto-2023-0089_ref_019","doi-asserted-by":"crossref","unstructured":"A. Elgargouri and M. Elmusrati, \u201cAnalysis of cyber-attacks on iec 61850 networks,\u201d in 2017 IEEE 11th International Conference on Application of Information and Communication Technologies (AICT), IEEE, 2017, pp.\u00a01\u20134.","DOI":"10.1109\/ICAICT.2017.8686894"},{"key":"2023120702422583997_j_auto-2023-0089_ref_020","doi-asserted-by":"crossref","unstructured":"J. Hong, C.-C. Liu, and M. Govindarasu, \u201cDetection of cyber intrusions using network-based multicast messages for substation automation,\u201d in ISGT 2014, IEEE, 2014, pp.\u00a01\u20135.","DOI":"10.1109\/ISGT.2014.6816375"},{"key":"2023120702422583997_j_auto-2023-0089_ref_021","unstructured":"MITRE: ICS Matrix, 2022 [Online]. Available at: https:\/\/attack.mitre.org\/matrices\/ics\/ [accessed: Dec. 1, 2022]."},{"key":"2023120702422583997_j_auto-2023-0089_ref_022","unstructured":"National Vulnerability Database, 2022 [Online]. Available at: https:\/\/nvd.nist.gov\/ [accessed: Dec. 1, 2022]."},{"key":"2023120702422583997_j_auto-2023-0089_ref_023","doi-asserted-by":"crossref","unstructured":"N. Abdussamie, M. Daboos, I. Elferjani, C. Shuhong, and A. Alaktiwi, \u201cRisk assessment of lng and flng vessels during manoeuvring in open sea,\u201d J. Ocean Eng. Sci., vol.\u00a03, no.\u00a01, pp.\u00a056\u201366, 2018. https:\/\/doi.org\/10.1016\/j.joes.2017.12.002.","DOI":"10.1016\/j.joes.2017.12.002"},{"key":"2023120702422583997_j_auto-2023-0089_ref_024","unstructured":"R. Babu\u0161ka, Fuzzy Modeling for Control, vol. 12, Dordrecht, Springer, 2012."},{"key":"2023120702422583997_j_auto-2023-0089_ref_025","unstructured":"S. Canbolat, G. Elbez, and V. Hagenmeyer, \u201cHybrid risk assessment process for smart grids,\u201d in Poster pr\u00e4sentiert auf 10th KIT-Zentrum Energie Promovierenden-Symposium\/\/KIT Energy Center Doctoral Symposium (2023), Karlsruhe, Deutschland, 10. Mai 2023, 2023, 46.23.02; LK 01."}],"container-title":["at - Automatisierungstechnik"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.degruyter.com\/document\/doi\/10.1515\/auto-2023-0089\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.degruyter.com\/document\/doi\/10.1515\/auto-2023-0089\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,12,7]],"date-time":"2023-12-07T02:43:43Z","timestamp":1701917023000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.degruyter.com\/document\/doi\/10.1515\/auto-2023-0089\/html"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,9,1]]},"references-count":25,"journal-issue":{"issue":"9","published-online":{"date-parts":[[2023,9,8]]},"published-print":{"date-parts":[[2023,9,26]]}},"alternative-id":["10.1515\/auto-2023-0089"],"URL":"https:\/\/doi.org\/10.1515\/auto-2023-0089","relation":{},"ISSN":["0178-2312","2196-677X"],"issn-type":[{"value":"0178-2312","type":"print"},{"value":"2196-677X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,9,1]]}}}