An Extended CIA-Based Multi-Level Model for AHP-Driven Safety and Security Decision-Making in Last-Mile Robotic Systems
DOI:
https://doi.org/10.59490/pss.1.2025.8019Keywords:
Autonomous robots, Multi-level model, Human safety, Safety and security co-engineering, Safety-security-dependability, Sensors, Confidentiality, Integrity, AvailabilityAbstract
The rapid growth of e-commerce and the increasing demand for efficient last-mile logistics have led to the rising use of last-mile robots. While these robots promise faster and cheaper deliveries, their operation in complex and dynamic urban environments introduces significant safety and security challenges. Sensor failures, communication disruptions, and cyber-physical attacks may affect the behaviour of the robots and influence human safety.
This work models and analyses these challenges using the Extended Multi-Level Model to represent the different components of last-mile robotic systems and their influence on the environment. We apply Multi-Criteria Decision Making (MCDM) for parallel safety and security risk assessment, focusing on the confidentiality, integrity, and availability (CIA) of the last-mile systems. Considering these three properties together allows priorities to be set within the CIA triad, which is essential for financial and economic decision-making when only limited resources for countermeasures are available.
We extend the model to an Extended CIA Multi-Level Model that enables detailed evaluation of safety and security risks across all system levels. A case study involving robots transporting critical parcel contents demonstrates how confidentiality, integrity, and availability concerns arise throughout the model and how their violation may affect human safety. The approach supports structured decision-making and contributes to improving the safe and secure deployment of last-mile robots.
One sentence summary: This work models the safety and security challenges in last-mile robotic systems (LMRS) using the Extended Multi-Level Model and a Multi-Criteria Decision Making (MCDM) for risk assessment within the CIA triad.
References
Abdo, H., Kaouk, M., Flaus, J.-M., & Masse, F. (2018). A safety/security risk analysis approach of industrial control systems: A cyber bowtie - combining new version of attack tree with bowtie analysis. Computers & Security, 72, 175–195. https://doi.org/10.1016/j.cose.2017.09.004
Alverhed, E., Hellgren, S., Isaksson, H., Olsson, L., Palmqvist, H., & Flodén, J. (2024). Autonomous last-mile delivery robots: A literature review. European Transport Research Review, 16. https://doi.org/10.1186/s12544-023-00629-7
Anderson, J. P. (1972). Computer security planning study: Technical report ESD-TR-73-51 (Tech. Rep.). Air Force Electronic Systems Division. https://csrc.nist.rip/publications/history/ande72.pdf
Arents, J., Abolins, V., Judvaitis, J., Vismanis, O., Oraby, A., & Ozols, K. (2021). Human–robot collaboration trends and safety aspects: A systematic review. Journal of Sensor and Actuator Networks, 10(3), 48. https://doi.org/10.3390/jsan10030048
Cui, J., Sabaliauskaite, G., Liew, L. S., Zhou, F., & Zhang, B. (2019). Collaborative analysis framework of safety and security for autonomous vehicles. IEEE Access, 7, 148672–148683. https://doi.org/10.1109/ACCESS.2019.2946632
Fosch-Villaronga, E., & Mahler, T. (2021). Cybersecurity, safety and robots: Strengthening the link between cybersecurity and safety in the context of care robots. Computer Law & Security Review, 41, 105528. https://doi.org/10.1016/j.clsr.2021.105528
Kolb, C., & Xie, L. (2024). Security and safety in urban environments: Evaluating threats and risks of autonomous last-mile delivery robots. In A. Ceccarelli, M. Trapp, A. Bondavalli, E. Schoitsch, B. Gallina, & F. Bitsch (Eds.), Computer safety, reliability, and security. SAFECOMP 2024 workshops (pp. 36–49). Springer. https://doi.org/10.1007/978-3-031-68738-9_3
Lacava, G., Marotta, A., Martinelli, F., Saracino, A., La Marra, A., Gil-Uriarte, E., Mayoral-Vilches, V., et al. (2021). Cybersecurity issues in robotics. Journal of Wireless Mobile Networks, Ubiquituous Computing and Dependable Applications, 12(3), 1-28. https://doi.org/10.22667/JOWUA.2021.09.30.001
Lee, H., & Geum, Y. (2017). Development of the scenario-based technology roadmap considering layer heterogeneity: An approach using CIA and AHP. Technological Forecasting and Social Change, 117, 12–24. https://doi.org/10.1016/j.techfore.2017.01.016
Li, B., Liu, S., Tang, J., Gaudiot, J.-L., Zhang, L., & Kong, Q. (2020). Autonomous last-mile delivery vehicles in complex traffic environments. Computer, 53(11), 26–35. https://doi.org/10.1109/mc.2020.2970924
Nicoletti, S., Peppelman, M., Kolb, C., & Stoelinga, M. (2021). Model-based joint analysis of safety and security: Survey and identification of gaps. Computer Science Review, 50. https://doi.org/10.1016/j.cosrev.2023.100597
Pohowalla, F., Collins, T., & Chang, J. (2021). Supply chain technology market update [PowerPoint slides]. Cascadia. https://www.cascadiacapital.com/wp-content/uploads/Supply-Chain-Technology-Winter-Spring-2024.pdf
Quamara, M., Kolb, C., & Lohachab, A. (2024). Where do safety and security mutually reinforce? A multi-level model-based approach for a consistent interplay. In A. Ceccarelli, A. Bondavalli, M. Trapp, E. Schoitsch, B. Gallina, & F. Bitsch (Eds.), Computer Safety, Reliability, and Security. SAFECOMP 2024 Workshops – DECSoS, SASSUR, TOASTS, and WAISE (Lecture Notes in Computer Science, pp. 316–328). Springer. https://doi.org/10.1007/978-3-031-68738-9_25
Saaty, R. W. (1987). The analytic hierarchy process—what it is and how it is used. Mathematical Modelling, 9(3–5), 161–176. https://doi.org/10.1016/0270-0255(87)90473-8
Sahoo, S. K., & Goswami, S. S. (2023). A comprehensive review of multiple criteria decision-making (MCDM) methods: Advancements, applications, and future directions. Decision Making Advances, 1(1), 25–48. https://doi.org/10.31181/dma1120237
Saltzer, J., & Schroeder, M. (1975). The protection of information in computer systems. Proceedings of the IEEE, 63(9), 1278–1308. https://doi.org/10.1109/PROC.1975.9939
Shaklab, E., Karapetyan, A., Sharma, A., Mebrahtu, M., Basri, M., Nagy, M., Khonji, M., & Dias, J. (2023). Towards autonomous and safe last-mile deliveries with AI-augmented self-driving delivery robots [Preprint]. arXiv. https://doi.org/10.48550/arXiv.2305.17705
Syamsuddin, I. (2011). Strategic information security decision making with analytic hierarchy process. International Research Journal of Applied and Basic Sciences, 2(11), 426-432. https://repository.poliupg.ac.id/id/eprint/196/1/J022_ORIGINAL%20PAPER_%20Irfan%20ITPOSMO%20AHP%20Sec.pdf
Syamsuddin, I., & Hwang, J. (2009). The application of AHP model to guide decision makers: A case study of e-banking security. In Proceedings of the 2009 Fourth International Conference on Computer Sciences and Convergence Information Technology (pp. 1469–1473). IEEE. https://doi.org/10.1109/ICCIT.2009.251
Tanimu, J. A., & Abada, W. (2024). Addressing cybersecurity challenges in robotics: A comprehensive overview. Cyber Security and Applications, 3, 100074. https://doi.org/10.1016/j.csa.2024.100074
Triantaphyllou, E. (2000). Multi-criteria decision making methods. In Multi-criteria decision making methods: A comparative study (pp. 21–43). https://doi.org/10.1007/978-1-4757-3157-6_2
Tu, Y.-J., & Piramuthu, S. (2023). Security and privacy risks in drone-based last mile delivery. European Journal of Information Systems, 33(5), 617–630. https://doi.org/10.1080/0960085X.2023.2214744
von Szczepanski, K., Wagener, C., Mooney, T., McDaniel, L., Mathias, O., & Sharp, L. (2021). Only an ecosystem can solve last-mile gridlock in package delivery. Boston Consulting Group. https://www.bcg.com/publications/2021/solving-the-package-delivery-system-problems-with-a-new-ecosystem
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Christina Kolb, Lin Xie
This work is licensed under a Creative Commons Attribution 4.0 International License.
