Ankur Shukla,Basel Katt,Livinus Obiora Nweke,Prosper Kandabongee Yeng,Goitom Kahsay Weldehawaryat

DOI: https://doi.org/10.1016/j.cosrev.2022.100496

2022-07-29

Abstract:System security assurance provides the confidence that security features, practices, procedures, and architecture of software systems mediate and enforce the security policy and are resilient against security failure and attacks. Alongside the significant benefits of security assurance, the evolution of new information and communication technology (ICT) introduces new challenges regarding information protection. Security assurance methods based on the traditional tools, techniques, and procedures may fail to account new challenges due to poor requirement specifications, static nature, and poor development processes. The common criteria (CC) commonly used for security evaluation and certification process also comes with many limitations and challenges. In this paper, extensive efforts have been made to study the state-of-the-art, limitations and future research directions for security assurance of the ICT and cyber-physical systems (CPS) in a wide range of domains. We conducted a systematic review of requirements, processes, and activities involved in system security assurance including security requirements, security metrics, system and environments and assurance methods. We highlighted the challenges and gaps that have been identified by the existing literature related to system security assurance and corresponding solutions. Finally, we discussed the limitations of the present methods and future research directions.

Cryptography and Security,Software Engineering

Hakan Kayan,Matthew Nunes,Omer Rana,Pete Burnap,Charith Perera

DOI: https://doi.org/10.48550/arXiv.2101.03564

2021-01-10

Abstract:Industrial cyber-physical systems (ICPSs) manage critical infrastructures by controlling the processes based on the "physics" data gathered by edge sensor networks. Recent innovations in ubiquitous computing and communication technologies have prompted the rapid integration of highly interconnected systems to ICPSs. Hence, the "security by obscurity" principle provided by air-gapping is no longer followed. As the interconnectivity in ICPSs increases, so does the attack surface. Industrial vulnerability assessment reports have shown that a variety of new vulnerabilities have occurred due to this transition while the most common ones are related to weak boundary protection. Although there are existing surveys in this context, very little is mentioned regarding these reports. This paper bridges this gap by defining and reviewing ICPSs from a cybersecurity perspective. In particular, multi-dimensional adaptive attack taxonomy is presented and utilized for evaluating real-life ICPS cyber incidents. We also identify the general shortcomings and highlight the points that cause a gap in existing literature while defining future research directions.

Cryptography and Security

Muhammad Kashif,Sheraz Arshad Malik,Muhammad Abdullah,Muhammad Umair,Prince Waqas Khan

DOI: https://doi.org/10.14569/ijacsa.2018.090629

2018-01-01

Abstract:Cyber security plays an important role to secure the people who use internet via different electronic devices in their daily life. Some causes occurred all over world that people face problems when they connect their devices and system via internet. There are some highly sensitive data like biotechnology and military assets which are highly threatened by the hackers; cyber security plays a vital role in securing such data. Misusing the internet becomes a current issue in different sectors of life especially in social media, universities and government organizations. Internet is very useful for students in study institutes and employees who work in different organizations. Internet source gives the facility to people to fetch some information via internet. However, they must be protected when use the internet and secure for any unauthorized access. In this paper we have covered the different aspect of cyber security and Network security in the modern era. We have also tried to cover the threats in Intranet of organizations.

Houda Harkat,Luis M. Camarinha-Matos,João Goes,Hasmath F.T. Ahmed

DOI: https://doi.org/10.1016/j.cie.2024.109891

IF: 7.18

2024-02-01

Computers & Industrial Engineering

Abstract:In recent years, cyber-physical systems (CPS) have been to many vital areas, including medical devices, smart cars, industrial systems, energy grid, etc. As these systems increasingly rely on Internet, ensuring their security requirements, which are different from those of ordinary information technology systems, has become an important research topic. However, the area is not yet well structured and, therefore, it is essential to review and analyze recent work in this field to better understand the adopted approaches and also to identify corresponding gaps and future interesting research directions. This article is based on a systematic literature review that addresses core issues in CPS security. Part of the focus is placed on the defense mechanisms introduced to help the system fully recover from attacks. However, the framework devoted to risk/threat assessments has also been highlighted, as there is a substantial need to strengthen the systems architecture to be more proactive. In addition, the ethical and societal impact of CPS is emphasized since it is essential to get a vision of the unintended outcomes of the possible evolution of these systems.

computer science, interdisciplinary applications,engineering, industrial

Shah Khalid Khan,Nirajan Shiwakoti,Peter Stasinopoulos,Yilun Chen

DOI: https://doi.org/10.1016/j.aap.2020.105837

Abstract:Modern-day Connected and Autonomous Vehicles (CAVs) with more than 100 million code lines, running up-to a hundred Electronic Control Units (ECUs) will create and exchange digital information with other vehicles and intelligent transport networks. Consequently, ubiquitous internal and external communication (controls, commands, and data) within all CAV-related nodes is inevitably the gatekeeper for the smooth operation. Therefore, it is a primary vulnerable area for cyber-attacks that entails stringent and efficient measures in the form of "cybersecurity". There is a lack of systematic and comprehensive review of the literature on cyber-attacks on the CAVs, respective mitigation strategies, anticipated readiness, and research directions for the future. This study aims to analyse, synthesise, and interpret critical areas for the roll-out and progression of CAVs in combating cyber-attacks. Specifically, we described in a structured way a holistic view of potentially critical avenues, which lies at the heart of CAV cybersecurity research. We synthesise their scope with a particular focus on ensuring effective CAVs deployment and reducing the probability of cyber-attack failures. We present the CAVs communication framework in an integrated form, i.e., from In-Vehicle (IV) communication to Vehicle-to-Vehicle (V2X) communication with a visual flowchart to provide a transparent picture of all the interfaces for potential cyber-attacks. The vulnerability of CAVs by proximity (or physical) access to cyber-attacks is outlined with future recommendations. There is a detailed description of why the orthodox cybersecurity approaches in Cyber-Physical System (CPS) are not adequate to counter cyber-attacks on the CAVs. Further, we synthesised a table with consolidated details of the cyber-attacks on the CAVs, the respective CAV communication system, its impact, and the corresponding mitigation strategies. It is believed that the literature discussed, and the findings reached in this paper are of great value to CAV researchers, technology developers, and decision-makers in shaping and developing a robust CAV-cybersecurity framework.

Kar Yee Chai,Mohamad Fadli Zolkipli

DOI: https://doi.org/10.37134/jictie.vol8.2.4.2021

2021-07-13

Journal Of ICT In Education

Abstract:Information security is very significant needs to be secured due to people relying on networks and communication. Therefore, protecting information is a major challenge with the number of users increases rapidly in recent years. The aim of this article is to review Confidentiality, Integrity and Availability (CIA) in information security. This article focuses on the issues of information security and the requirements of information security. The articles, journals and conference papers are reviewed by researchers were published in 2016-2021. Security issues are analyzed in the recent methodologies. The result of the relationship between CIA in each information security requirement is at a moderate level. It is suggested cybersecurity risk awareness program for society is needed. Therefore, every user could get full advantages in networks and digital platforms.

Deval Bhamare,Maede Zolanvari,Aiman Erbad,Raj Jain,Khaled Khan,Nader Meskin

DOI: https://doi.org/10.48550/arXiv.2002.04124

2020-02-10

Cryptography and Security

Abstract:Industrial Control System (ICS) is a general term that includes supervisory control & data acquisition (SCADA) systems, distributed control systems (DCS), and other control system configurations such as programmable logic controllers (PLC). ICSs are often found in the industrial sectors and critical infrastructures, such as nuclear and thermal plants, water treatment facilities, power generation, heavy industries, and distribution systems. Though ICSs were kept isolated from the Internet for so long, significant achievable business benefits are driving a convergence between ICSs and the Internet as well as information technology (IT) environments, such as cloud computing. As a result, ICSs have been exposed to the attack vectors used in the majority of cyber-attacks. However, ICS devices are inherently much less secure against such advanced attack scenarios. A compromise to ICS can lead to enormous physical damage and danger to human lives. In this work, we have a close look at the shift of the ICS from stand-alone systems to cloud-based environments. Then we discuss the major works, from industry and academia towards the development of the secure ICSs, especially applicability of the machine learning techniques for the ICS cyber-security. The work may help to address the challenges of securing industrial processes, particularly while migrating them to the cloud environments.

Noor Suhani Sulaiman,Muhammad Ashraf Fauzi,Walton Wider,Jegatheesan Rajadurai,Suhaidah Hussain,Siti Aminah Harun

DOI: https://doi.org/10.3390/socsci11090386

2022-08-30

Social Sciences

Abstract:Cyber and information security (CIS) is an issue of national and international interest. Despite sophisticated security systems and extensive physical countermeasures to combat cyber-attacks, organisations are vulnerable due to the involvement of the human factor. Humans are regarded as the weakest link in cybersecurity systems as development in digital technology advances. The area of cybersecurity is an extension of the previously studied fields of information and internet security. The need to understand the underlying human behavioural factors associated with CIS policy warrants further study, mainly from theoretical perspectives. Based on these underlying theoretical perspectives, this study reviews literature focusing on CIS compliance and violations by personnel within organisations. Sixty studies from the years 2008 to 2020 were reviewed. Findings suggest that several prominent theories were used extensively and integrated with another specific theory. Protection Motivation Theory (PMT), the Theory of Planned Behaviour (TPB), and General Deterrence Theory (GDT) were identified as among the most referred-to theories in this area. The use of current theories is discussed based on their emerging importance and their suitability in future CIS studies. This review lays the foundation for future researchers by determining gaps and areas within the CIS context and encompassing employee compliance and violations within an organisation.

English Else

Edan Habler,Ron Bitton,Asaf Shabtai

DOI: https://doi.org/10.48550/arXiv.2209.04028

2022-09-08

Cryptography and Security

Abstract:The sophistication and complexity of cyber attacks and the variety of targeted platforms have been growing in recent years. Various adversaries are abusing an increasing range of platforms, e.g., enterprise platforms, mobile phones, PCs, transportation systems, and industrial control systems. In recent years, we have witnessed various cyber attacks on transportation systems, including attacks on ports, airports, and trains. It is only a matter of time before transportation systems become a more common target of cyber attackers. Due to the enormous potential damage inherent in attacking vehicles carrying many passengers and the lack of security measures applied in traditional airborne systems, the vulnerability of aircraft systems is one of the most concerning topics in the vehicle security domain. This paper provides a comprehensive review of aircraft systems and components and their various networks, emphasizing the cyber threats they are exposed to and the impact of a cyber attack on these components and networks and the essential capabilities of the aircraft. In addition, we present a comprehensive and in-depth taxonomy that standardizes the knowledge and understanding of cyber security in the avionics field from an adversary's perspective. The taxonomy divides techniques into relevant categories (tactics) reflecting the various phases of the adversarial attack lifecycle and maps existing attacks according to the MITRE ATT&CK methodology. Furthermore, we analyze the security risks among the various systems according to the potential threat actors and categorize the threats based on STRIDE threat model. Future work directions are presented as guidelines for industry and academia.

Yuchong Li,Qinghui Liu

DOI: https://doi.org/10.1016/j.egyr.2021.08.126

IF: 5.2

2021-11-01

Energy Reports

Abstract:At present, most of the economic, commercial, cultural, social and governmental activities and interactions of countries, at all levels, including individuals, non-governmental organizations and government and governmental institutions, are carried out in cyberspace. Recently, many private companies and government organizations around the world are facing the problem of cyber-attacks and the danger of wireless communication technologies. Today’s world is highly dependent on electronic technology, and protecting this data from cyber-attacks is a challenging issue. The purpose of cyber-attacks is to harm companies financially. In some other cases, cyber-attacks can have military or political purposes. Some of these damages are: PC viruses, knowledge breaks, data distribution service (DDS) and other assault vectors. To this end, various organizations use various solutions to prevent damage caused by cyber-attacks. Cyber security follows real-time information on the latest IT data. So far, various methods had been proposed by researchers around the world to prevent cyber-attacks or reduce the damage caused by them. Some of the methods are in the operational phase and others are in the study phase. The aim of this study is to survey and comprehensively review the standard advances presented in the field of cyber security and to investigate the challenges, weaknesses and strengths of the proposed methods. Different types of new descendant attacks are considered in details. Standard security frameworks are discussed with the history and early-generation cyber-security methods. In addition, emerging trends and recent developments of cyber security and security threats and challenges are presented. It is expected that the comprehensive review study presented for IT and cyber security researchers will be useful.

energy & fuels

Manar Alanazi,Abdun Mahmood,Mohammad Jabed Morshed Chowdhury

DOI: https://doi.org/10.1016/j.cose.2022.103028

2022-11-26

Abstract:Supervisory control and data acquisition (SCADA) serves as the backbone of several critical infrastructures, including water supply systems, oil pipelines, transportation and electricity. It accomplishes essential functions, such as monitoring data from pumps, valves and transmitters. Across different generations, SCADA has undergone a significant evolution from a typically isolated environment to a highly interconnected network. Although this conversion has benefits for SCADA, such as enhanced performance efficiency and the cost reduction of heavy equipment, it has made SCADA more vulnerable to various cyber-attacks. Several SCADA security approaches are still provided by IT-based systems that are possibly not efficient enough to deflect the risks and threats originating from SCADA field operations. As a result, it is critically important to analyse cyber risks associated with the industrial SCADA system. The goal of this survey is to explore the security vulnerabilities of SCADA systems and classify the threats accordingly. In this project, we initially reviewed SCADA systems from different scopes, including architecture, vulnerabilities, attacks, intrusion detection techniques (IDS) and testbeds. We proposed taxonomies of vulnerabilities, attacks, IDS and testbeds according to predefined criteria. We concluded the survey by highlighting the research challenges and open issues for future research in the field of SCADA security.

computer science, information systems

Usman Tariq,Irfan Ahmed,Ali Kashif Bashir,Kamran Shaukat

DOI: https://doi.org/10.3390/s23084117

IF: 3.9

2023-04-20

Sensors

Abstract:The emergence of the Internet of Things (IoT) technology has brought about tremendous possibilities, but at the same time, it has opened up new vulnerabilities and attack vectors that could compromise the confidentiality, integrity, and availability of connected systems. Developing a secure IoT ecosystem is a daunting challenge that requires a systematic and holistic approach to identify and mitigate potential security threats. Cybersecurity research considerations play a critical role in this regard, as they provide the foundation for designing and implementing security measures that can address emerging risks. To achieve a secure IoT ecosystem, scientists and engineers must first define rigorous security specifications that serve as the foundation for developing secure devices, chipsets, and networks. Developing such specifications requires an interdisciplinary approach that involves multiple stakeholders, including cybersecurity experts, network architects, system designers, and domain experts. The primary challenge in IoT security is ensuring the system can defend against both known and unknown attacks. To date, the IoT research community has identified several key security concerns related to the architecture of IoT systems. These concerns include issues related to connectivity, communication, and management protocols. This research paper provides an all-inclusive and lucid review of the current state of anomalies and security concepts related to the IoT. We classify and analyze prevalent security distresses regarding IoT's layered architecture, including connectivity, communication, and management protocols. We establish the foundation of IoT security by examining the current attacks, threats, and cutting-edge solutions. Furthermore, we set security goals that will serve as the benchmark for assessing whether a solution satisfies the specific IoT use cases.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Muhammad Rizwan Asghar,Qinwen Hu,Sherali Zeadally

DOI: https://doi.org/10.1016/j.comnet.2019.106946

IF: 5.493

2019-12-01

Computer Networks

Abstract:<p>Industrial Control Systems (ICSs) play an important role in today's industry by providing process automation, distributed control, and process monitoring. ICS was designed to be used in an isolated area or connected to other systems via specialised communication mechanisms or protocols. This setup allows manufacturers to manage their production processes with great flexibility and safety. However, this design does not meet today's business requirements to work with state-of-the-art technologies such as Internet-of-Things (IoT) and big data analytics. In order to fulfil industry requirements, many ICSs have been connected to enterprise networks that allow business users to access real-time data generated by power plants. At the same time, this new design opens up several cybersecurity challenges for ICSs.</p><p>We review possible cyber attacks on ICSs, identify typical threats and vulnerabilities, and we discuss unresolved security issues with existing ICS cybersecurity solutions. Then, we discuss how to secure ICSs (<em>e.g.,</em> using risk assessment methodologies) and other protection measures. We also identify open security research challenges for ICSs, and we present a classification of existing security solutions along with their strengths and weaknesses. Finally, we provide future research directions in ICS security.</p>

computer science, information systems,telecommunications,engineering, electrical & electronic, hardware & architecture

Usman Inayat,Mashaim Farzan,Sajid Mahmood,Muhammad Fahad Zia,Shahid Hussain,Fabiano Pallonetto

DOI: https://doi.org/10.1016/j.asej.2024.103068

IF: 4.79

2024-09-19

Ain Shams Engineering Journal

Abstract:The increasing prevalence of cybercrime necessitates the implementation of robust security measures. The majority of these attacks are initiated by authorized users who possess knowledge of the system vulnerabilities. Thus, insider attack prevention (ITP) strategies need to be explored to ensure the security of organizations. This review comprehensively examines the existing literature on ITP methods, focusing on recent developments and their implementation in various corporations. This review categorizes and classifies different types of insider attacks and their corresponding prevention and detection techniques. This paper also introduces a multi-tiered activity monitoring model that integrates network, system, and physical security measures to provide comprehensive defense against insider threats. This review also provides a detailed taxonomy that classifies insider threats based on insider type, access level, and targeted security objectives. Finally, future directions for ITP are explored, highlighting the open issues and challenges that need to be addressed.

engineering, multidisciplinary

Jagpreet Kaur,K .R. Ramkumar

DOI: https://doi.org/10.1016/j.jksuci.2021.01.018

2021-02-01

Abstract:During recent years, many researchers and professionals have revealed the endangerment of wireless communication technologies and systems from various <em>cyberattacks</em>, these attacks cause detriment and harm not only to private enterprises but to the government organizations as well. The attackers endeavor new techniques to challenge the security frameworks, use powerful tools and tricks to break any sized keys, security of private and sensitive data is in the stale mark. There are many advancements are being developed to mitigate these attacks. In this conjunction, this paper gives a complete account of survey and review of the various exiting advanced cyber security standards along with challenges faced by the cyber security domain. The new generation attacks are discussed and documented in detail, the advanced key management schemes are also depicted. The quantum cryptography is discussed with its merits and future scope of the same. Overall, the paper would be a kind of technical report to the new researchers to get acquainted with the recent advancements in Cyber security domain.

Zubair Saeed,Mubashir Masood,Misha Urooj Khan

DOI: https://doi.org/10.12962/jaree.v7i1.322

2023-01-31

JAREE (Journal on Advanced Research in Electrical Engineering)

Abstract:Connected and Autonomous Vehicles (CAVs) are a crucial breakthrough in the automotive industry and a magnificent step toward a safe, secure, and intelligent transportation system (ITS). CAVs offer tremendous benefits to our society and environment, such as mitigation of traffic accidents, reduction in traffic congestion, fewer emissions of harmful gases, etc. However, emerging automotive technology also has some serious safety concerns. One of them is cyber security. Conventional vehicles are less prone to cyber-attacks, but CAVs are more susceptible to such events as they communicate with the surrounding infrastructure and other vehicles. To gather data for a better perception of their surroundings, CAVs are outfitted with state-of-the-art sensors and modules like LiDAR, GPS, RADAR, onboard computers, cameras, etc. Hackers, terrorist organizations, and vandals can manipulate this sensor data or may access the primary control by cyber-attack, which may result in enormous fatalities. The automotive industry must put up a rigid framework against cyber invasions to make CAVs a more reliable and secure means of transportation. This paper provides an overview of cybersecurity challenges in CAVs at the module and software levels. The sources of active and passive threats are analyzed. Finally, a feasible solution is recommended to cope with such threats

Hussain Ahmad,Faheem Ullah,Rehan Jafri

2024-08-14

Abstract:Cyber situational awareness systems are increasingly used for creating cyber common operating pictures for cybersecurity analysis and education. However, these systems face data occlusion and convolution issues due to the burgeoning complexity, dimensionality, and heterogeneity of cybersecurity data, which damages cyber Situational Awareness (SA) of end-users. Moreover, conventional ways of human-computer interactions, such as mouse and keyboard, increase the mental effort and cognitive load of cybersecurity practitioners, when analyzing cyber situations of large-scale infrastructures. Therefore, immersive technologies, such as virtual reality, augmented reality, and mixed reality, are employed in the cybersecurity realm to create intuitive, engaging, and interactive cyber common operating pictures. The Immersive Cyber Situational Awareness (ICSA) systems provide several unique visualization techniques and interaction features for the perception, comprehension, and projection of cyber SA. However, there has been no attempt to comprehensively investigate and classify the existing state of the art in the use of immersive technologies for cyber SA. Therefore, in this paper, we have gathered, analyzed, and synthesized the existing body of knowledge on ICSA systems. In particular, our survey has identified visualization and interaction techniques, evaluation mechanisms, and different levels of cyber SA (i.e., perception, comprehension, and projection) for ICSA systems. Consequently, our survey has enabled us to propose: (i) a reference framework for designing and analyzing ICSA systems by mapping immersive visualization and interaction techniques to the different levels of ICSA; (ii) future research directions for advancing the state-of-the-art on ICSA systems; and (iii) an in-depth analysis of the industrial implications of ICSA systems to enhance cybersecurity operations.

Cryptography and Security

Nabin Chowdhury,Vasileios Gkioulos

DOI: https://doi.org/10.1108/ics-07-2020-0121

2021-08-24

Information and Computer Security

Abstract:Purpose The purpose of this paper can be encapsulated in the following points: identify the research papers published on the topic: competencies and skills necessary for critical infrastructure (CI) cyber-security (CS) protection; determine main focus areas within the identified literature and evaluate the dependency or lack thereof between them: make recommendations for future research. Design/methodology/approach This study is based on a systematic literature review conducted to identify scientific papers discussing and evaluating competencies, skills and essential attributes needed by the CI workforce for CS and preparedness to attacks and incidents. Findings After a comparative analysis of the articles reviewed in this study, a variety of skills and competencies was found to be necessary for CS assurance in CIs. These skills have been grouped into four categories, namely, technical, managerial, implementation and soft skills. Nonetheless, there is still a lack of agreement on which skills are the most critical and further research should be conducted on the relation between specific soft skills and CS assurance. Research limitations/implications Investigation of which skills are required by industry for specific CS roles, by conducting interviews and sending questionnaire\surveys, would allow consolidating whether literature and industry requirements are equivalent. Practical implications Findings from this literature review suggest that more effort should be taken to conciliate current CS curricula in academia with the skills and competencies required for CS roles in the industry. Originality/value This study provides a previously lacking current mapping and review of literature discussing skills and competencies evidenced as critical for CS assurance for CI. The findings of this research are useful for the development of comprehensive solutions for CS awareness and training.

Bijoy Babu,Thafasal Ijyas,P. Muneer,Justin Varghese,Muneer P.

DOI: https://doi.org/10.1109/anti-cybercrime.2017.7905261

2017-03-01

Abstract:Ongoing research and developments in modern information and communication technologies have revolutionized the design of industrial control systems (ICS). There is a major domain transition from traditional electromechanical systems to network based digital systems, which has indeed created a powerful interface between state-of the-art computing technologies/paradigms and physical processes sought to be controlled. ICS play a critical role in the industrial and manufacturing sector. Major infrastructures like petrochemical industries, waste water treatment facilities, nuclear power plants, pharmaceuticals, food and beverage industries etc. cannot run properly without ICS. Real-time processing, reliability and advanced distributed intelligence are some of the core characteristics of ICS which are incorporated with the help of state-of-the-art internet communication and computing technologies. The complex embedded coupling of hardware and software components such as actuators, sensors and the physical processes are all monitored and manipulated by the communication and network protocol based controllers like supervisory control and data acquisition (SCADA) systems, programmable logic controllers (PLC), distributed control systems (DCS) etc. The integration of these technologies makes the access to ICS from the external world much easier. On the other hand, this has led to many critical cyber-security issues also. These issues are of such a nature that they may sometimes pose a serious threat to the safety of humans and the environment as well. Unless managed properly, these can have adverse implications for the national economy also, in terms of production losses. In this paper, we attempt to give a comprehensive review of the unique aspects of cyber-security issues in ICS. Specifically, we delve upon the issues of security assessment and architectural reviewing of ICS. We also give a brief survey on different threat attacks on ICS.

Dajun Du,Minggao Zhu,Xue Li,Minrui Fei,Siqi Bu,Lei Wu,Kang Li

DOI: https://doi.org/10.35833/mpce.2021.000604

IF: 4.469

2023-01-01

Journal of Modern Power Systems and Clean Energy

Abstract:Potential malicious cyber-attacks to power systems which are connected to a wide range of stakeholders from the top to tail will impose significant societal risks and challenges. The timely detection and defense are of crucial importance for safe and reliable operation of cyber-physical power systems (CPPSs). This paper presents a comprehensive review of some of the latest attack detection and defense strategies. Firstly, the vulnerabilities brought by some new information and communication technologies (ICTs) are analyzed, and their impacts on the security of CPPSs are discussed. Various malicious cyber-attacks on cyber and physical layers are then analyzed within CPPSs framework, and their features and negative impacts are discussed. Secondly, two current mainstream attack detection methods including state estimation based and machine learning based methods are analyzed, and their benefits and drawbacks are discussed. Moreover, two current mainstream attack defense methods including active defense and passive defense methods are comprehensively discussed. Finally, the trends and challenges in attack detection and defense strategies in CPPSs are provided.

engineering, electrical & electronic