سامانه مدیریت نشریات علمی دانشگاه قم

معمارپور غیاثی, علی, قیدرخلجانی, جعفر. (1402). یک مدل ترکیبی FMEA توسعه یافته مبتنی بر روش های F-PIPRECIA و Z-EDAS با روش Bow Tie جهت ارزیابی ریسک امنیت سایبری در انقلاب صنعتی چهارم. پژوهش‌های فلسفی -کلامی, 9(2), 149-176. doi: 10.22091/jemsc.2024.9642.1175
علی معمارپور غیاثی; جعفر قیدرخلجانی. "یک مدل ترکیبی FMEA توسعه یافته مبتنی بر روش های F-PIPRECIA و Z-EDAS با روش Bow Tie جهت ارزیابی ریسک امنیت سایبری در انقلاب صنعتی چهارم". پژوهش‌های فلسفی -کلامی, 9, 2, 1402, 149-176. doi: 10.22091/jemsc.2024.9642.1175
معمارپور غیاثی, علی, قیدرخلجانی, جعفر. (1402). 'یک مدل ترکیبی FMEA توسعه یافته مبتنی بر روش های F-PIPRECIA و Z-EDAS با روش Bow Tie جهت ارزیابی ریسک امنیت سایبری در انقلاب صنعتی چهارم', پژوهش‌های فلسفی -کلامی, 9(2), pp. 149-176. doi: 10.22091/jemsc.2024.9642.1175
معمارپور غیاثی, علی, قیدرخلجانی, جعفر. یک مدل ترکیبی FMEA توسعه یافته مبتنی بر روش های F-PIPRECIA و Z-EDAS با روش Bow Tie جهت ارزیابی ریسک امنیت سایبری در انقلاب صنعتی چهارم. پژوهش‌های فلسفی -کلامی, 1402; 9(2): 149-176. doi: 10.22091/jemsc.2024.9642.1175

یک مدل ترکیبی FMEA توسعه یافته مبتنی بر روش های F-PIPRECIA و Z-EDAS با روش Bow Tie جهت ارزیابی ریسک امنیت سایبری در انقلاب صنعتی چهارم

مدیریت مهندسی و رایانش نرم
مقاله 10، دوره 9، شماره 2 - شماره پیاپی 17، مهر 1402، صفحه 149-176    اصل مقاله (2.32 M)
نوع مقاله: مقاله پژوهشی
شناسه دیجیتال (DOI): 10.22091/jemsc.2024.9642.1175
نویسندگان
علی معمارپور غیاثی؛ جعفر قیدرخلجانی*
مجتمع دانشگاهی مدیریت و مهندسی صنایع، دانشگاه صنعتی مالک اشتر، تهران، ایران
چکیده
مسائل امنیت سایبری به چالشی پیچیده برای شرکت هایی که به پارادایم انقلاب صنعتی چهارم پایبند هستند، تبدیل شده است. از سوی دیگر، مفهوم امنیت سایبری در زمینه‌های انقلاب صنعتی چهارم موضوعی نوظهور در ادبیات اخیر است. از این رو در مطالعه حاضر، برای اولین بار جهت ارزیابی ریسک های امنیت سایبری در انقلاب صنعتی چهارم از یک مدل ترکیبی FMEA توسعه یافته مبتنی بر روش های تصمیم گیری چند معیاره در شرایط عدم قطعیت با روش Bow Tie در چهار فاز استفاده شده است. ابتدا بر اساس ادبیات، 16 ریسک امنیت سایبری در انقلاب صنعتی چهارم بر اساس مدل FMEA شناسایی شده و عوامل تعیین کننده RPN مقدار دهی می شوند. سپس از روش PIPRECIA Fuzzy برای وزندهی به عوامل و روش Z-EDAS جهت اولویت بندی و شناسایی ریسک های بحرانی استفاده شده است. در آخر، از تحلیل Bow Tie برای تحلیل این ریسک ها استفاده شده است. نتایج حاصل از پیاده سازی رویکرد پیشنهادی نشانگر قابلیت و برتری آن در مقایسه با سایر روش های سنتی نظیر FMEA و Fuzzy EDAS بوده است.
کلیدواژه‌ها
امنیت سایبری؛ انقلاب صنعتی چهارم؛ PIPRECIA؛ EDAS؛ تئوری اعداد Z
عنوان مقاله [English]
A hybrid model of extended FMEA model based on F-PIPRECIA and Z-EDAS methods with Bow Tie to evaluate cybersecurity risks in Industry 4.0
نویسندگان [English]
Ali Memarpour Ghiaci؛ Jafar Gheidar-Kheljani
Industrial Engineering Department, Malek Ashtar University of Technology, Tehran, 15875-1774, Iran
چکیده [English]
Cyber security issues have become a complex challenge for companies that obligating to Industry 4.0 paradigm. On the other hand, the concept of cybersecurity in the context of Industry 4.0 proved to be an emerging topic in recent literature. Therefore, in the present study, for the first time, a hybrid FMEA model developed based on multi-criteria decision-making methods in uncertain environments with the Bowtie method in four phases has been used to evaluate cyber security in Industry 4.0. First, based on the literature, 16 cybersecurity risks in the fourth industrial revolution are identified based on the FMEA model and the determinants of RPN are quantified. Then PIPRECIA Fuzzy method was used for weighting the factors and Z-EDAS method for prioritization and critical identification. Finally, Bowtie analysis has been used to analyze these analyses. The result of the proposed implementation has shown its capability and superiority compared to other methods of traditional results such as FMEA and Fuzzy EDAS.
کلیدواژه‌ها [English]
Cybersecurity, EDAS, Industry 4.0, PIPRECIA, Z-number theory
مراجع

Aguirre, P. A. G., Pérez-Domínguez, L., Luviano-Cruz, D., Solano-Noriega, J., & Cordero-Díaz, M. C. (2023). AHP-FMEA-DA multi-criteria method for NPD project launch analysis. International Journal of Innovation and Sustainable Development, 17(1-2), 138-151. - doi.org/10.1016/j.ejor.2369.05.967

Al-Fuqaha, A., Guizani, M., Mohammadi, M., Aledhari, M., & Ayyash, M. (2015). Internet of things: A survey on enabling technologies, protocols, and applications. IEEE communications surveys & tutorials, 17(4), 2347-2376.  doi.org/10.1016/j.ejor.4157.05.638

Ambarwati, R., Yuliastri, D.,  &  Sulistiyowati, W. (2022). Human resource risk control through COVID-19 risk assessment in Indonesian manufacturing. Journal of Loss Prevention in the Process Industries, 74, 104665.  doi.org/10.1016/j.ejor.6375.05.967

Ardanza, A., Moreno, A., Segura, Á., de la Cruz, M., & Aguinaga, D. (2019). Sustainable and flexible industrial human machine interfaces to support adaptable applications in the Industry 4.0 paradigm. International Journal of Production Research, 57(12), 4045-4059.  doi.org/10.1016/j.ejor.1389.05.967

Bahrin, M. A. K., Othman, M. F., Azli, N. H. N., & Talib, M. F. (2016). Industry 4.0: A review on industrial automation and robotic. Jurnal teknologi, 78(6-13).  doi.org/10.1016/j.ejor.3178.05.635

Balda, J. C., Mantooth, A., Blum, R., & Tenti, P. (2017). Cybersecurity and power electronics: Addressing the security vulnerabilities of the internet of things. IEEE Power Electronics Magazine, 4(4), 37-43.  doi.org/10.1016/j.ejor.6359.05.617

Barlette, Y., Gundolf, K., & Jaouen, A. (2017). CEOs’ information security behavior in SMEs: Does ownership matter? Systèmes d’information et management, 22(3), 7-45.  doi.org/10.1016/j.ejor.2369.05.319

Bayazit, O., & Kaptan, M. (2023). Evaluation of the risk of pollution caused by ship operations through bow-tie-based fuzzy Bayesian network. Journal of cleaner production, 382, 135386.  doi.org/10.1016/j.ejor.2169.05.007

Benias, N., & Markopoulos, A. P. (2017). A review on the readiness level and cyber-security challenges in Industry 4.0. Paper presented at the 2017 South Eastern European Design Automation, Computer Engineering, Computer Networks and Social Media Conference (SEEDA-CECNSM). doi.org/10.1016/j.ejor.2008.05.027

Berry, C. T., & Berry, R. L. (2018). An initial assessment of small business risk management approaches for cyber security threats. International Journal of Business Continuity and Risk Management, 8(1), 1-10.  doi.org/10.1016/j.ejor.2008.05.027

Bitton, R., Maman, N., Singh, I., Momiyama, S., Elovici, Y., & Shabtai, A. (2023). Evaluating the Cybersecurity Risk of Real-world, Machine Learning Production Systems. ACM Computing Surveys, 55(9), 1-36.  doi.org/10.1016/j.ejor.2008.05.027

Cheminod, M., Durante, L., Seno, L., Valenza, F., Valenzano, A., & Zunino, C. (2017). Leveraging SDN to improve security in industrial networks. Paper presented at the 2017 IEEE 13th International Workshop on Factory Communication Systems (WFCS). doi.org/10.1016/j.ejor.2008.05.027

Cisco. (2018). Cisco 2018 Annual Cybersecurity Report. In: Cisco Technology News Site San Jose, CA, USA. doi.org/10.1016/j.ejor.2008.05.027

Corallo, A., Lazoi, M., & Lezzi, M. (2020). Cybersecurity in the context of industry 4.0: A structured classification of critical assets and business impacts. Computers in Industry, 114, 103165.  doi.org/10.1016/j.ejor.2008.05.027

Corbò, G., Foglietta, C., Palazzo, C., & Panzieri, S. (2018). Smart behavioural filter for industrial internet of things: A security extension for plc. Mobile Networks and Applications, 23, 809-816.  doi.org/10.1016/j.ejor.2008.05.027

Dieber, B., Breiling, B., Taurer, S., Kacianka, S., Rass, S., & Schartner, P. (2017). Security for the robot operating system. Robotics and Autonomous Systems, 98, 192-203.  doi.org/10.1016/j.ejor.2008.05.027

Flatt, H., Schriegel, S., Jasperneite, J., Trsek, H., & Adamczyk, H. (2016). Analysis of the Cyber-Security of industry 4.0 technologies based on RAMI 4.0 and identification of requirements. Paper presented at the 2016 IEEE 21st International Conference on Emerging Technologies and Factory Automation (ETFA). doi.org/10.1016/j.ejor.2008.05.027

Ghadge, A., Er Kara, M., Moradlou, H., & Goswami, M. (2020). The impact of Industry 4.0 implementation on supply chains. Journal of Manufacturing Technology Management, 31(4), 669-686.  doi.org/10.1016/j.ejor.2008.05.027

Ghiaci, A. M., & Ghoushchi, S. J. (2023). Assessment of barriers to IoT-enabled circular economy using an extended decision-making-based FMEA model under uncertain environment. Internet of Things, 100719.  doi.org/10.1016/j.ejor.2008.05.027

Ghoushchi, S. J., Jalalat, S. M., Bonab, S. R., Ghiaci, A. M., Haseli, G.,  &  Tomaskova, H. (2022). Evaluation of wind turbine failure modes using the developed SWARA-CoCoSo methods based on the spherical fuzzy environment. IEEE Access, 10, 86750-86764.  doi.org/10.1016/j.ejor.2008.05.027

Ghoushchi, S. J., Yousefi, S., & Khazaeili, M. (2019). An extended FMEA approach based on the Z-MOORA and fuzzy BWM for prioritization of failures. Applied Soft Computing, 81, 105505.  doi.org/10.1016/j.ejor.2008.05.027

Gul, M., & Ak, M. F. (2021). A modified failure modes and effects analysis using interval-valued spherical fuzzy extension of TOPSIS method: case study in a marble manufacturing facility. Soft Computing, 25(8), 6157-6178.  doi.org/10.1016/j.ejor.2008.05.027

Habibor Rahman, M., Son, Y.-J., & Shafae, M. (2023). Graph-Theoretic Approach for Manufacturing Cybersecurity Risk Modeling and Assessment. arXiv e-prints, arXiv: 2301.07305.  doi.org/10.1016/j.ejor.2008.05.027

Hassanzadeh, A., Modi, S., & Mulchandani, S. (2015). Towards effective security control assignment in the Industrial Internet of Things. Paper presented at the 2015 IEEE 2nd World Forum on Internet of Things (WF-IoT). doi.org/10.1016/j.ejor.2008.05.027

Jafarzadeh Ghoushchi, S., Memarpour Ghiaci, A., Rahnamay Bonab, S., & Ranjbarzadeh, R. (2022). Barriers to circular economy implementation in designing of sustainable medical waste management systems using a new extended decision-making and FMEA models. Environmental Science and Pollution Research, 1-19.  doi.org/10.1016/j.ejor.137.05.975

Jafarzadeh Ghoushchi, S., Shaffiee Haghshenas, S., Memarpour Ghiaci, A., Guido, G., & Vitale, A. (2022). Road safety assessment and risks prioritization using an integrated SWARA and MARCOS approach under spherical fuzzy environment. Neural Computing and Applications, 1-19.  doi.org/10.1016/j.ejor.2369.05.627

James, A. T., Kumar, G., Tayal, P., Chauhan, A., Wadhawa, C., & Panchal, J. (2022). Analysis of human resource management challenges in implementation of industry 4.0 in Indian automobile industry. Technological Forecasting and Social Change, 176, 121483.  vdoi.org/10.1016/j.ejor.2084.05.317

Januário, F., Carvalho, C., Cardoso, A., & Gil, P. (2016). Security challenges in SCADA systems over Wireless Sensor and Actuator Networks. Paper presented at the 2016 8th International Congress on Ultra Modern Telecommunications and Control Systems and Workshops (ICUMT). doi.org/10.1016/j.ejor.2008.05.4196

Jin, G., Meng, Q., & Feng, W. (2022). Optimization of Logistics System with Fuzzy FMEA-AHP Methodology. Processes, 10(10), 1973.  doi.org/10.1016/j.ejor.2008.05.1962

Kazemi, M., Abbasi, A., Kazemi, M., Jamshidzadeh, N., & Rashidi, M. A. (2021). Identification of Hazards and Risk Assessment among Various Units of Ilam Gas Refinery using the Integrated Approach of Bow-tie and FMEA Methods. Journal of Ilam University of Medical Sciences, 29(2), 1-12.  doi.org/10.1016/j.ejor.2008.05.927

Keshavarz Ghorabaee, M., Zavadskas, E. K., Olfat, L., & Turskis, Z. (2015). Multi-criteria inventory classification using a new method of evaluation based on distance from average solution (EDAS). Informatica, 26(3), 435-451.  doi.org/10.1016/j.ejor.2015.05.418

Khalid, A., Kirisci, P., Khan, Z. H., Ghrairi, Z., Thoben, K.-D.,  & Pannek, J. (2018). Security framework for industrial collaborative robotic cyber-physical systems. Computers in Industry, 97, 132-145.

Kobara, K. (2016). Cyber physical security for industrial control systems and IoT. IEICE TRANSACTIONS on Information and Systems, 99(4), 787-795.  doi.org/10.1016/j.ejor.2016.05.418

Kumari, S., Ahmad, K., Khan, Z. A., & Ahmad, S. (2023). Failure mode and effects analysis of common effluent treatment plants of humid sub-tropical regions using fuzzy based MCDM methods. Engineering Failure Analysis, 145, 107010.  doi.org/10.1016/j.ejor.2023.05.964

Lee, S., Lee, S., Yoo, H., Kwon, S., & Shon, T. (2018). Design and implementation of cybersecurity testbed for industrial IoT systems. The Journal of Supercomputing, 74, 4506-4520.  doi.org/10.1016/j.ejor.2018.05.630

Lezzi, M., Lazoi, M., & Corallo, A. (2018). Cybersecurity for Industry 4.0 in the current literature: A reference framework. Computers in Industry, 103, 97-110.  doi.org/10.1016/j.ejor.2018.05.361

Mulcahy, M. B., Boylan, C., Sigmann, S., & Stuart, R. (2017). Using bowtie methodology to support laboratory hazard identification, risk management, and incident analysis. Journal of Chemical Health & Safety, 24(3), 14-20.  doi.org/10.1016/j.ejor.2017.05.369

Nwakanma, C. I., Islam, F. B., Maharani, M. P., Lee, J.-M., & Kim, D.-S. (2021). Detection and classification of human activity for emergency response in smart factory shop floor. Applied Sciences, 11(8), 3662.  doi.org/10.1016/j.ejor.2021.05.084

Polat, G., & Bayhan, H. G. (2022). Selection of HVAC-AHU system supplier with environmental considerations using Fuzzy EDAS method. International  journal of construction management, 22(10), 1863-1871.  doi.org/10.1016/j.ejor.2022.05.362

Preuveneers, D., Joosen, W., & Ilie-Zudor, E. (2017a). Identity management for cyber-physical production workflows and individualized manufacturing in industry 4.0. Paper presented at the Proceedings of the Symposium on Applied Computing. doi.org/10.1016/j.ejor.2008.05.382

Preuveneers, D., Joosen, W., & Ilie-Zudor, E. (2017b). Trustworthy data-driven networked production for customer-centric plants. Industrial Management & Data Systems.

Ren, A., Wu, D., Zhang, W., Terpenny, J., & Liu, P. (2017). Cyber security in smart manufacturing: Survey and challenges. Paper presented at the IIE Annual Conference. Proceedings. doi.org/10.1016/j.ejor.2008.05.418

Renaud, K., & Weir, G. R. (2016). Cybersecurity and the unbearability of uncertainty. Paper presented at the 2016 Cybersecurity and Cyberforensics Conference (CCC). doi.org/10.1016/j.ejor.2008.05.047

Söner, Ö., Kayisoglu, G., Bolat, P., & Tam, K. (2023). Cybersecurity risk assessment of VDR. The Journal of Navigation, 1-18.  vdoi.org/10.1016/j.ejor.2008.05.086

Stanujkic, D., Zavadskas, E. K., Karabasevic, D., Smarandache, F., & Turskis, Z. (2017). The use of the pivot pairwise relative criteria importance assessment method for determining the weights of criteria: Infinite Study. doi.org/10.1016/j.ejor.2008.05.087

Sukumar, A., Mahdiraji, H. A., & Jafari‐Sadeghi, V. (2023). Cyber risk assessment in small and medium‐sized enterprises: A multilevel decision‐making approach for small e‐tailors. Risk Analysis.  doi.org/10.1016/j.ejor.2008.05.415

Urquhart, L., & McAuley, D. (2018). Avoiding the internet of insecure industrial things. Computer law & security review, 34(3), 450-466.  doi.org/10.1016/j.ejor.2008.05.369

van Lier, B. (2017). The industrial internet of things and cyber security: An ecological and systemic perspective on security in digital industrial ecosystems. Paper presented at the 2017 21st International Conference on System Theory, Control and Computing (ICSTCC). doi.org/10.1016/j.ejor.1998.05.301

Voicu, I., Panaitescu, F., Panaitescu, M., Dumitrescu, L., & Turof, M. (2018). Risk management with Bowtie diagrams. Paper presented at the IOP Conference Series: Materials Science and Engineering. doi.org/10.1016/j.ejor.2012.05.065

Xu, P., He, S., Wang, W., Susilo, W., & Jin, H. (2017). Lightweight searchable public-key encryption for cloud-assisted wireless sensor networks. IEEE Transactions on industrial informatics, 14(8), 3712-3723. doi.org/10.1016/j.ejor.2009.05.036

 

آمار
تعداد مشاهده مقاله: 1,361
تعداد دریافت فایل اصل مقاله: 465