Analysis of Cyber Risk Calculation, Risk Parameters and Risk Level in IoT-Based Water ATM
摘要
The rapid integration of Internet of Things (IoT) technologies into critical infrastructure systems has considerably expanded the cyber risk landscape, particularly in Internet of Water ATM (IoWT) environments. These systems are composed of distributed, resource-constrained, and heterogeneous devices, making them highly susceptible to cyber threats that traditional IT-centric and qualitative risk assessment models fail to adequately address. Motivated by this limitation, this study presents a computational cyber risk assessment framework specifically designed for IoT-based Water ATM systems. The proposed approach quantitatively evaluates cyber risk by jointly analysing IoT-specific risk impact and risk likelihood parameters, enabling structured risk ranking at the device level. Unlike existing frameworks, the model captures dynamic threat behaviour and device-centric vulnerabilities inherent to IoT deployments. A comparative analysis further highlights the inability of conventional risk models to represent cyber–physical dependencies in such systems. The effectiveness and practical relevance of the framework are demonstrated through a real-world IoWT use case, where risk scores support proactive mitigation strategies and security prioritisation. Overall, the proposed model offers a scalable and systematic solution for cyber risk evaluation, contributing to improved resilience, informed security planning, and sustainable operation of IoT-driven critical infrastructure.