Skip to main content

Research Repository

Advanced Search

Socio‐Technical Security Modelling and Simulations in Cyber‐Physical Systems: Outlook on Knowledge, Perceptions, Practices, Enablers, and Barriers

Ani, Uchenna Daniel; Al‐Mhiqani, Mohammed; Tuptuk, Nilufer; Hailes, Stephen; McKendrick Watson, Jeremy Daniel

Authors

Mohammed Al‐Mhiqani

Nilufer Tuptuk

Stephen Hailes

Jeremy Daniel McKendrick Watson



Abstract

Socio‐Technical Security Modelling and Simulation (STSec‐M&S) is a technique used for reasoning and representing security viewpoints that include both the social and technical aspects of a system. It has shown great potential for improving the cybersecurity and resilience of Critical Infrastructure (CI). This study involved a multi‐methods approach, consisting of a scoping literature review and a focus group workshop, conducted with stakeholder engagement from critical infrastructure stakeholders to explore their perceptions and practices regarding the use of socio‐technical security modelling and simulation. The findings suggest that the current state of knowledge regarding the use and effectiveness of STSec‐M&Ss approaches is limited in CI domains. Consequently, there is little application of it in existing CI systems, regardless of its recognised benefits of enabling a better understanding of CI functionalities, security goals, early and more holistic risk identifications and selection of appropriate countermeasures. The benefits of the STSec‐M&S approach can be better realised by effective cross‐sector communications and collaborations, team partnerships, system and approach sophistication, and better security awareness amongst others. The potential barriers that can impede such benefits include high expense for implementing the technique, low data availability and quality, regulatory compliance, and competency gaps etc. Helpful recommendations include exploring and using realistic data, validating system security models, and exploring new ways of reskilling and upskilling CI stakeholders in socio‐technical security‐thinking and M&S approaches to enhance cybersecurity and resilience of CIs.

Citation

Ani, U. D., Al‐Mhiqani, M., Tuptuk, N., Hailes, S., & McKendrick Watson, J. D. (2025). Socio‐Technical Security Modelling and Simulations in Cyber‐Physical Systems: Outlook on Knowledge, Perceptions, Practices, Enablers, and Barriers. IET Cyber-Physical Systems: Theory & Applications, 10(1), 1-26. https://doi.org/10.1049/cps2.70017

Journal Article Type Article
Acceptance Date Apr 7, 2025
Online Publication Date Apr 30, 2025
Publication Date Apr 30, 2025
Deposit Date May 7, 2025
Journal IET Cyber‐Physical Systems: Theory & Applications
Print ISSN 2398-3396
Electronic ISSN 2398-3396
Publisher Wiley
Peer Reviewed Peer Reviewed
Volume 10
Issue 1
Article Number e70017
Pages 1-26
DOI https://doi.org/10.1049/cps2.70017
Keywords Computer network security, cyber-physical systems, internet of things, risk analysis, security of data
Public URL https://keele-repository.worktribe.com/output/1230714