{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,27]],"date-time":"2025-10-27T16:20:39Z","timestamp":1761582039552,"version":"build-2065373602"},"reference-count":67,"publisher":"MDPI AG","issue":"24","license":[{"start":{"date-parts":[[2020,12,16]],"date-time":"2020-12-16T00:00:00Z","timestamp":1608076800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/100010686","name":"European Institute of Innovation and Technology","doi-asserted-by":"publisher","award":["19036"],"award-info":[{"award-number":["19036"]}],"id":[{"id":"10.13039\/100010686","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"<jats:p>The rising automation level and development of the Industry 4.0 concept in the mining sector increase the risk of cyber-attacks. As a result, this article focuses on developing a risk analysis method that integrates Kaplan\u2019s and Garrick\u2019s approach and fuzzy theory. The proposed approach takes into account the level of automation of the operating mining processes. Moreover, it follows five main steps, including identifying the automation level in a selected mine, definition of cyber-attack targets, identification of cyber-attack techniques, definition of cyber-attack consequences, and risk ratio assessment. The proposed risk assessment procedure was performed according to three cyber-attack targets (databases, internal networks, machinery) and seven selected types of cyber-attack techniques. The fuzzy theory is implemented in risk parameter estimation for cyber-attack scenario occurrence in the mining industry. To illustrate the given method\u2019s applicability, seven scenarios for three levels of mine automation are analyzed. The proposed method may be used to reveal the current cybersecurity status of the mine. Moreover, it will be a valuable guide for mines in which automation is planned in the near future.<\/jats:p>","DOI":"10.3390\/s20247210","type":"journal-article","created":{"date-parts":[[2020,12,16]],"date-time":"2020-12-16T09:21:15Z","timestamp":1608110475000},"page":"7210","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":22,"title":["Cyber-Attacks Risk Analysis Method for Different Levels of Automation of Mining Processes in Mines Based on Fuzzy Theory Use"],"prefix":"10.3390","volume":"20","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-2993-036X","authenticated-orcid":false,"given":"Agnieszka A.","family":"Tubis","sequence":"first","affiliation":[{"name":"Faculty of Mechanical Engineering, Wroclaw University of Science and Technology, Wyspianskiego 27, 50-370 Wroclaw, Poland"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9228-982X","authenticated-orcid":false,"given":"Sylwia","family":"Werbi\u0144ska-Wojciechowska","sequence":"additional","affiliation":[{"name":"Faculty of Mechanical Engineering, Wroclaw University of Science and Technology, Wyspianskiego 27, 50-370 Wroclaw, Poland"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1340-5555","authenticated-orcid":false,"given":"Mateusz","family":"G\u00f3ralczyk","sequence":"additional","affiliation":[{"name":"Faculty of GeoEngineering Mining and Geology, Wroclaw University of Science and Technology, Wyspianskiego 27, 50-370 Wroclaw, Poland"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4548-5043","authenticated-orcid":false,"given":"Adam","family":"Wr\u00f3blewski","sequence":"additional","affiliation":[{"name":"Faculty of GeoEngineering Mining and Geology, Wroclaw University of Science and Technology, Wyspianskiego 27, 50-370 Wroclaw, Poland"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6301-056X","authenticated-orcid":false,"given":"Bart\u0142omiej","family":"Zi\u0119tek","sequence":"additional","affiliation":[{"name":"Faculty of GeoEngineering Mining and Geology, Wroclaw University of Science and Technology, Wyspianskiego 27, 50-370 Wroclaw, Poland"}]}],"member":"1968","published-online":{"date-parts":[[2020,12,16]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","unstructured":"Tubis, A., Werbi\u0144ska-Wojciechowska, S., and Wr\u00f3blewski, A. (2020). Risk Assessment Methods in Mining Industry\u2014A Systematic Review. Appl. Sci., 10.","DOI":"10.3390\/app10155172"},{"key":"ref_2","first-page":"54","article-title":"Industry 4.0\u2014Challenges for mining industry","volume":"20","author":"Wojtas","year":"2018","journal-title":"Nap\u0119dy Sterow."},{"key":"ref_3","unstructured":"Huq, N. (2020, September 07). Cyber Threats to the Mining Industry. A TrendLabs Research Paper. Available online: https:\/\/documents.trendmicro.com\/assets\/wp\/wp-cyber-threats-to-the-mining-industry.pdf."},{"key":"ref_4","doi-asserted-by":"crossref","unstructured":"Kostrzewski, M. (2020). Sensitivity analysis of selected parameters in the order picking process simulation model, with randomly generated orders. Entropy, 22.","DOI":"10.3390\/e22040423"},{"key":"ref_5","doi-asserted-by":"crossref","unstructured":"Kostrzewski, M., Varjan, P., and Gnap, J. (2020). Solutions Dedicated to Internal Logistics 4.0. Sustainable Logistics and Production in Industry 4.0, Springer.","DOI":"10.1007\/978-3-030-33369-0_14"},{"key":"ref_6","unstructured":"Mine 2020 (2020, September 07). Resilient and Resourceful. PwC Report, June 2020. Available online: https:\/\/www.pwc.com\/gx\/en\/industries\/energy-utilities-resources\/publications\/mine.html."},{"key":"ref_7","unstructured":"(2017). Global Risks Report 2017, World Economic Forum. Available online: https:\/\/www.weforum.org\/reports\/the-global-risks-report-2017."},{"key":"ref_8","unstructured":"(2020). Top 10 Business Risks Facing Mining and Metals in 2019\u20132020, Ernst and Young. Available online: https:\/\/www.ey.com\/en_gl\/mining-metals\/10-business-risks-facing-mining-and-metals."},{"key":"ref_9","doi-asserted-by":"crossref","first-page":"11","DOI":"10.1111\/j.1539-6924.1981.tb01350.x","article-title":"On the quantitative definition of risk","volume":"1","author":"Kaplan","year":"1981","journal-title":"Risk Anal."},{"key":"ref_10","doi-asserted-by":"crossref","first-page":"33","DOI":"10.1016\/j.ress.2011.11.006","article-title":"The risk concept\u2014Historical and recent development trends","volume":"99","author":"Aven","year":"2012","journal-title":"Reliab. Eng. Syst. Saf."},{"key":"ref_11","unstructured":"(2020, December 15). PN-ISO 31000:2018-08: Risk Management\u2014Principles and Guidelines; Technical Committee ISO\/TC 262. Available online: https:\/\/www.iso.org\/obp\/ui#iso:std:iso:31000:ed-2:v1:en."},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"115","DOI":"10.1016\/j.ress.2015.01.025","article-title":"Maritime transportation risk analysis: Review and analysis in light of some foundational issues","volume":"138","author":"Goerlandt","year":"2015","journal-title":"Reliab. Eng. Syst. Saf."},{"key":"ref_13","doi-asserted-by":"crossref","first-page":"136","DOI":"10.1016\/j.ress.2013.02.020","article-title":"Practical implications of the new risk perspectives","volume":"115","author":"Aven","year":"2013","journal-title":"Reliab. Eng. Syst. Saf."},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"798","DOI":"10.1016\/j.ssci.2008.10.008","article-title":"Perspectives on risk in a decision-making context\u2013review and discussion","volume":"47","author":"Aven","year":"2009","journal-title":"Saf. Sci."},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1016\/j.ress.2004.10.008","article-title":"Perspectives on risk: Review and discussion of the basis for establishing a unified and holistic approach","volume":"90","author":"Aven","year":"2005","journal-title":"Reliab. Eng. Syst. Saf."},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1016\/j.ress.2013.07.005","article-title":"A new perspective on how to understand, assess and manage risk and the unforeseen","volume":"121","author":"Aven","year":"2014","journal-title":"Reliab. Eng. Syst. Saf."},{"key":"ref_17","unstructured":"Rausand, M. (2013). Risk Assessment: Theory, Methods, and Applications, John Wiley & Sons."},{"key":"ref_18","unstructured":"(2020, September 07). PKN-ISO Guide 73:2012L Risk Management\u2014Terminology; Polish Committee for Standardization. Available online: https:\/\/infostore.saiglobal.com\/en-us\/standards\/pkn-iso-guide-73-2012-948094_saig_pkn_pkn_2229185\/."},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Chockalingam, S., Had\u017eiosmanovic\u2019, D., Pieters, W., Teixeira, A., and van Gelder, P. (2016). Integrated safety and Security risk assessment methods: A survey of key characteristics and applications. International Conference on Critical Information Infrastructures Security, Springer.","DOI":"10.1007\/978-3-319-71368-7_5"},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"275","DOI":"10.1016\/j.jss.2018.06.073","article-title":"Threat analysis of software systems: A systematic literature review","volume":"144","author":"Tuma","year":"2018","journal-title":"J. Syst. Softw."},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"477","DOI":"10.1016\/j.jlp.2011.03.004","article-title":"Risk analysis and assessment methodologies in the work sites: On a review, classification and comparative study of the scientific literature of the period 2000\u20132009","volume":"24","author":"Marhavilas","year":"2011","journal-title":"J. Loss. Prevent. Proc."},{"key":"ref_22","first-page":"19","article-title":"Selected overview of risk assessment techniques","volume":"9","author":"Valis","year":"2009","journal-title":"Maint. Probl."},{"key":"ref_23","unstructured":"(2020, September 20). IOSCO Risk Identification and Assessment Methodologies for Securities Regulators FR02\/14, the Board of the International Organization of Securities Commissions. Available online: https:\/\/www.iosco.org\/library\/pubdocs\/pdf\/IOSCOPD443.pdf."},{"key":"ref_24","unstructured":"Jain, S. (2007). Environmental and Safety Risk Assessment in Mines. [Bachelor\u2019s Thesis, Department Of Mining Engineering, National Institute of Technology]."},{"key":"ref_25","unstructured":"Cyber Risk: Threats and Insurance Protection for the Mining Sector, Marsh. Available online: https:\/\/www.marsh.com\/uk\/insights\/research\/cyber-risk-threats-and-insurance-protection-for-the-mining-sector.html."},{"key":"ref_26","doi-asserted-by":"crossref","first-page":"973","DOI":"10.1016\/j.jcss.2014.02.005","article-title":"A survey of emerging threats in cybersecurity","volume":"80","author":"Nepal","year":"2014","journal-title":"J. Comput. Syst. Sci."},{"key":"ref_27","unstructured":"Ralston, P., Graham, J., and Patel, S. (2006). Literature Review of Security and Risk Assessment of SCADA and DCS Systems, Department of Computer Engineering and Computer Science, University of Louisville. Intelligent Systems Research Laboratory technical report TR-ISRL-06-01."},{"key":"ref_28","doi-asserted-by":"crossref","first-page":"583","DOI":"10.1016\/j.isatra.2007.04.003","article-title":"Cyber security risk assessment for SCADA and DCS networks","volume":"46","author":"Ralston","year":"2007","journal-title":"ISA Trans."},{"key":"ref_29","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1016\/j.cose.2015.09.009","article-title":"A review of cyber security risk assessment methods for SCADA systems","volume":"56","author":"Cherdantseva","year":"2016","journal-title":"Comput. Secur."},{"key":"ref_30","doi-asserted-by":"crossref","first-page":"e12065","DOI":"10.1002\/eng2.12065","article-title":"Probabilistic modeling and analysis of sequential cyber-attacks","volume":"1","author":"Liu","year":"2019","journal-title":"Eng. Rep."},{"key":"ref_31","unstructured":"Depoy, J., Phelan, J., Sholander, P., Smith, B., Varnado, G.B., and Wyss, G. (2005, January 17\u201320). Risk assessment for physical and cyber-attacks on critical infrastructures. Proceedings of the MILCOM 2005\u20132005 IEEE Military Communications Conference, Atlantic City, NJ, USA."},{"key":"ref_32","doi-asserted-by":"crossref","unstructured":"Dagoumas, A. (2019). Assessing the impact of cybersecurity attacks on power systems. Energies, 12.","DOI":"10.3390\/en12040725"},{"key":"ref_33","unstructured":"Karg, C., and H\u00e4nisch, T. (2019, January 20\u201323). Using an Extended Attack Defense Graph Model to Estimate the Risk of a Successful Attack on an IT Infrastructure. Proceedings of the 15th Annual International Conference on Information Technology & Computer Science, Athens, Greece."},{"key":"ref_34","doi-asserted-by":"crossref","first-page":"248","DOI":"10.1016\/j.ijinfomgt.2018.08.008","article-title":"Cybersecurity risk analysis model using fault tree analysis and fuzzy decision theory","volume":"43","author":"Silva","year":"2018","journal-title":"Int. J. Inform. Manag."},{"key":"ref_35","doi-asserted-by":"crossref","first-page":"103","DOI":"10.69554\/FARC5224","article-title":"Cyber security: A critical examination of information sharing versus data sensitivity issues for organizations at risk of cyber-attack","volume":"7","author":"Mallinder","year":"2014","journal-title":"J. Bus. Contin. Emerg. Plan."},{"key":"ref_36","unstructured":"Panjwani, S.A. (2011). Cyber-Security Risk Assessment. [Ph.D. Thesis, the Faculty of the Graduate School of the University of Maryland]."},{"key":"ref_37","doi-asserted-by":"crossref","first-page":"24","DOI":"10.1016\/S2212-5671(15)01077-1","article-title":"Cyber-attacks\u2013trends, patterns and security countermeasures","volume":"28","author":"Bendovschi","year":"2015","journal-title":"Procedia Econ. Financ."},{"key":"ref_38","unstructured":"(2017). Top 10 Business Risks Facing Mining and Metals 2017\u20132018, Ernst and Young. Available online: http:\/\/www.chinagoabroad.com\/en\/guide\/top-10-business-risks-facing-mining-and-metals-2017-2018."},{"key":"ref_39","unstructured":"Verma, S., Deas, A., Douglas, A., and Davidse, A. (2018). An Integrated Approach to Combat Cyber Risk. Securing Industrial Operations in Mining, Deloittle. Available online: https:\/\/www2.deloitte.com\/global\/en\/pages\/energy-and-resources\/articles\/integrated-approach-combat-cyber-risk-energy.html."},{"key":"ref_40","unstructured":"(2018). Does Cyber Risk only Become a Priority Once You\u2019ve been Attacked?, Ernst and Young. Available online: https:\/\/www.ey.com\/en_gl\/mining-metals\/does-cyber-risk-only-become-a-priority-once-you-ve-been-attacked."},{"key":"ref_41","doi-asserted-by":"crossref","first-page":"338","DOI":"10.1016\/S0019-9958(65)90241-X","article-title":"Fuzzy Sets","volume":"8","author":"Zadeh","year":"1965","journal-title":"Inform. Contr."},{"key":"ref_42","doi-asserted-by":"crossref","first-page":"113","DOI":"10.1016\/0165-0114(95)00385-1","article-title":"System failure engineering and fuzzy methodology An introductory overview","volume":"83","author":"Cai","year":"1996","journal-title":"Fuzzy Sets Syst."},{"key":"ref_43","doi-asserted-by":"crossref","unstructured":"Yasli, F., and Bolat, B. (2018). A risk analysis model for mining accidents using a fuzzy approach based on fault tree analysis. J. Enterp. Inf. Manag.","DOI":"10.1108\/JEIM-02-2017-0035"},{"key":"ref_44","unstructured":"Shapiro, A.F., and Koissi, M.C. (2015). Risk Assessment Applications of Fuzzy Logic, Casualty Actuarial Society, Canadian Institute of Actuaries, Society of Actuaries."},{"key":"ref_45","doi-asserted-by":"crossref","unstructured":"Wang, H., Li, J., Wang, D., and Huang, Z. (2017). A novel method of fuzzy fault tree analysis combined with VB program to identify and assess the risk of coal dust explosions. PLoS ONE, 12.","DOI":"10.1371\/journal.pone.0182453"},{"key":"ref_46","doi-asserted-by":"crossref","first-page":"165","DOI":"10.1016\/j.tust.2018.09.029","article-title":"Fuzzy fault tree analysis for coal burst occurrence probability in underground coal mining","volume":"83","author":"Mottahedi","year":"2019","journal-title":"Tunn. Undergr. Space Technol."},{"key":"ref_47","doi-asserted-by":"crossref","first-page":"991","DOI":"10.1016\/j.ijmst.2018.07.007","article-title":"Assessment of gas and dust explosion in coal mines by means of fuzzy fault tree analysis","volume":"28","author":"Shi","year":"2018","journal-title":"Int. J. Min. Sci. Technol."},{"key":"ref_48","doi-asserted-by":"crossref","first-page":"157","DOI":"10.1007\/s40033-018-0154-7","article-title":"Risk assessment in underground coalmines using fuzzy logic in the presence of uncertainty","volume":"99","author":"Tripathy","year":"2018","journal-title":"J. Inst. Eng. Ser. D"},{"key":"ref_49","doi-asserted-by":"crossref","first-page":"256","DOI":"10.1080\/10803548.2018.1426804","article-title":"Fuzzy risk assessment for mechanized underground coal mines in Turkey","volume":"26","author":"Iphar","year":"2020","journal-title":"J. Occup. Saf. Ergon."},{"key":"ref_50","doi-asserted-by":"crossref","first-page":"175","DOI":"10.1016\/j.cose.2017.09.004","article-title":"A safety\/security risk analysis approach of Industrial Control Systems: A cyber bowtie\u2013combining new version of attack tree with bowtie analysis","volume":"72","author":"Abdo","year":"2018","journal-title":"Comput. Secur."},{"key":"ref_51","doi-asserted-by":"crossref","first-page":"135","DOI":"10.1016\/j.jsr.2019.03.005","article-title":"Pythagorean fuzzy VIKOR-based approach for safety risk assessment in mine industry","volume":"69","author":"Gul","year":"2019","journal-title":"J. Saf. Res."},{"key":"ref_52","first-page":"1347","article-title":"Integration of fuzzy reasoning approach (FRA) and fuzzy analytic hierarchy process (FAHP) for risk assessment in mining industry","volume":"7","author":"Verma","year":"2014","journal-title":"J. Ind. Eng. Manag. (JIEM)"},{"key":"ref_53","doi-asserted-by":"crossref","unstructured":"Dong, G., Wei, W., Xia, X., Wo\u017aniak, M., and Dama\u0161evi\u010dius, R. (2020). Safety Risk Assessment of a Pb-Zn Mine Based on Fuzzy-Grey Correlation Analysis. Electronics, 9.","DOI":"10.3390\/electronics9010130"},{"key":"ref_54","doi-asserted-by":"crossref","first-page":"101464","DOI":"10.1016\/j.resourpol.2019.101464","article-title":"Holistic fuzzy evaluation of operational risk in polish mining enterprises in a long-term and sectoral research perspective","volume":"63","author":"Nawrocki","year":"2019","journal-title":"Resour. Policy"},{"key":"ref_55","doi-asserted-by":"crossref","unstructured":"Doynikowa, E., Novikowa, E., and Kotenko, I. (2020). Attacker Behaviour Forecasting Using Methods of Intelligent Data Analysis: A Comparative Review and Prospects. Information, 11.","DOI":"10.3390\/info11030168"},{"key":"ref_56","doi-asserted-by":"crossref","unstructured":"Ablon, L. (2018). Data Thieves. The Motivations of Cyber Threat Actors and Their Use and Monetization of Stolen Data, RAND. Available online: https:\/\/www.rand.org\/content\/dam\/rand\/pubs\/testimonies\/CT400\/CT490\/RAND_CT490.pdf.","DOI":"10.7249\/CT490"},{"key":"ref_57","first-page":"35","article-title":"Towards the mines of the future","volume":"4","author":"Antoniak","year":"2010","journal-title":"Surowce Masz. Bud."},{"key":"ref_58","first-page":"607","article-title":"Automation in the Mining Industry: Review of Technology, Systems, Human Factors, and Political Risk","volume":"36","author":"Rogers","year":"2019","journal-title":"Min. Metall. Explor."},{"key":"ref_59","unstructured":"(2018). Intelligent Mining. Delivering Real Value, Deloittle. Available online: https:\/\/www2.deloitte.com\/content\/dam\/Deloitte\/global\/Documents\/Energy-and-Resources\/gx-intelligent-mining-mar-2018.pdf."},{"key":"ref_60","doi-asserted-by":"crossref","first-page":"382","DOI":"10.1108\/09576050310503367","article-title":"Multi-criteria supplier selection using fuzzy AHP","volume":"16","author":"Kahraman","year":"2003","journal-title":"Logist. Inf. Manag."},{"key":"ref_61","first-page":"164","article-title":"The fuzzy evaluation of e-commerce customer satisfaction","volume":"4","author":"Fasanghari","year":"2008","journal-title":"World Appl. Sci. J."},{"key":"ref_62","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1016\/S0020-7373(75)80002-2","article-title":"An experiment in linguistic synthesis with a fuzzy logic controller","volume":"7","author":"Mamdani","year":"1975","journal-title":"Int. J. Man. Mach. Stud."},{"key":"ref_63","doi-asserted-by":"crossref","first-page":"283","DOI":"10.1016\/j.asoc.2018.03.050","article-title":"Ranking generalized fuzzy numbers based on centroid and rank index","volume":"68","author":"Chi","year":"2018","journal-title":"Appl. Soft Comput."},{"key":"ref_64","doi-asserted-by":"crossref","first-page":"111","DOI":"10.1016\/S0898-1221(01)00277-2","article-title":"Fanking fuzzy numbers with an area between the centroid point and original point","volume":"43","author":"Chu","year":"2002","journal-title":"Comput. Math. Appl."},{"key":"ref_65","first-page":"36","article-title":"A method for defuzzification based on centroid point","volume":"2","author":"Saneifard","year":"2011","journal-title":"Turk. J. Fuzzy Syst."},{"key":"ref_66","unstructured":"Tubis, A. (2018). Operational Risk Management Method in Road Transport, Publ. House of Wroclaw University of Science and Technology. (In Polish)."},{"key":"ref_67","unstructured":"Klahr, R., Shah, J.N., Sheriffs, P., Rossington, T., Pestell, G., Button, M., and Wang, V. (2020, November 12). Cyber Security Breaches Survey, Available online: https:\/\/www.gov.uk\/government\/statistics\/cyber-security-breaches-survey-2017."}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/20\/24\/7210\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T10:45:55Z","timestamp":1760179555000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/20\/24\/7210"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,12,16]]},"references-count":67,"journal-issue":{"issue":"24","published-online":{"date-parts":[[2020,12]]}},"alternative-id":["s20247210"],"URL":"https:\/\/doi.org\/10.3390\/s20247210","relation":{},"ISSN":["1424-8220"],"issn-type":[{"type":"electronic","value":"1424-8220"}],"subject":[],"published":{"date-parts":[[2020,12,16]]}}}