This article argues that the Iranian destruction of Amazon Web Services (AWS) data centers in the UAE and Bahrain on 1 March 2026 represents a major shift in modern warfare. Unlike traditional cyberattacks focused on espionage, data theft, or service disruption, the incident allegedly involved the physical targeting of cloud infrastructure that supports advanced military artificial intelligence (AI) systems. This demonstrates the growing convergence between physical and digital domains, where attacks on technological infrastructure can directly undermine military capabilities and national security.

The study emphasizes that commercial cloud infrastructure has become deeply integrated into defense operations. By targeting AWS facilities, Iran allegedly sought not only to disrupt economic activity but also to weaken the computational backbone supporting AI-enabled military systems. The attack, therefore, highlights how civilian digital infrastructure increasingly functions as strategic military infrastructure.

A central argument of this article is that existing cybersecurity frameworks, which focus primarily on software intrusions and network-based attacks, are no longer sufficient to address emerging threats. The incident demonstrates that adversaries may bypass cyber defenses entirely by physically attacking the infrastructure supporting digital systems. As a result, the article calls for a broader and more integrated security approach that combines cybersecurity with physical protection of critical infrastructure, including data centers and industrial control systems.

The article also discusses the strategic risks associated with centralized cloud computing. Heavy reliance on major providers such as AWS creates significant vulnerabilities and potential single points of failure. If centralized cloud facilities are physically targeted, entire military AI ecosystems and essential services could be disrupted simultaneously.

Another major theme is the dual-use nature of AI technologies. While AI enhances cybersecurity through improved threat detection, monitoring, and analysis, it also enables more advanced offensive capabilities. AI-driven malware, autonomous cyber operations, and sophisticated social engineering attacks are becoming increasingly difficult to counter.

The study further explores the ethical implications of AI in warfare. The reported use of the Israeli “Where’s Daddy” AI surveillance system illustrates how AI can process large amounts of data to identify and target individuals with unprecedented precision. Although such technologies improve military effectiveness, they also raise concerns about civilian casualties, algorithmic bias, privacy violations, and reduced human oversight in lethal operations. Consequently, the article calls for stronger international governance and ethical regulation of military AI technologies.

Finally, the article situates the attack within the broader evolution of cyber-physical warfare. Whereas earlier operations such as Stuxnet used cyber tools to produce physical destruction, this incident allegedly reversed the pattern by using physical force to disable digital systems. To address these emerging threats, the study advocates comprehensive defense strategies that integrate cybersecurity, physical infrastructure protection, AI governance, international cooperation, and resilient digital architectures.

The attack on AWS data centers

On 1 March 2026, Iranian military drones struck Amazon Web Services data centers (AWS) in the United Arab Emirates and Bahrain. Not a cyber-attack, not a hack, physical drones, physical destruction, two entire cloud availability zones went offline. Simultaneously, banks froze, payment systems collapsed, supply chains stalled, and millions of users disconnected in seconds, but this was not about disrupting your online shopping. Instead, this operation represented a deliberate strategic move to degrade the operational capabilities of AI-driven military systems by targeting their underlying computational infrastructure.[1] AWS does not just run consumer apps; it runs Pentagon workloads, CIA cloud infrastructure, U.S. military logistics systems, and critically, it provides the compute backbone for Israel’s most advanced AI-powered military platforms. When those two data centers went dark, Iran was not just hitting Amazon; it was reaching for the kill switch on the digital brain of its adversary’s war machine.

In the UAE’s Amazon operation, 200,000 devices were wiped in one night, 2 AWS data centers were destroyed, 29 tech companies were officially declared war targets. This is not a cyber-attack; this is a new kind of war. What if the server keeping your bank alive is the same server deciding who gets bombed tonight? What if taking it down is not just economic sabotage, but the only way to blind the most advanced military AI on the planet? That is exactly what Iran calculated, and that changes everything. The meticulous planning and execution of such an operation, targeting the computational infrastructure underpinning advanced military AI, indicates a sophisticated understanding of contemporary warfare dynamics and the critical vulnerabilities introduced by extensive reliance on dual-use cloud services for national security. This incident highlights a significant shift from data theft or exposure, which characterized most previous cyberattacks, to the direct physical destruction of infrastructure, leading to immediate concerns for safety and stability.

When the two data centers in the UAE and Bahrain went dark, Iran was not just hitting Amazon; it was reaching for the kill switch on the digital brain of its adversary’s war machine. To understand why Iran targeted this infrastructure specifically, we need to understand what that infrastructure actually does. The Israeli Defense Forces (IDF) operate some of the most sophisticated AI-powered military systems in the world, exemplified by “The Gospel”, an AI targeting system that processes satellite imagery, surveillance data, and signal intelligence to autonomously generate airstrike target recommendations. Another such system is “Lavender”, an AI platform that cross-references thousands of data points, phone records, movement patterns, and social connections to identify and rank human targets for elimination.

“Where’s Daddy” is a tracking system that monitors when a target enters a residential address and flags it as the optimal strike window. These systems do not run on local laptops; they run on cloud infrastructure, massive continuous compute power, real-time data ingestion, and constant satellite uplinks. AWS and Microsoft Azure provide significant portions of that computer capacity under classified government contracts. The compromise of such C3I systems, whether through cyber-attacks or physical destruction, can lead to mission failures and significant military defeats.[2] Iran comprehends this. Every airstrike decision the IDF makes runs through servers. Take down the servers; you do not just cause an outage. You blind the targeting system; you slow the kill chain.

That is why the data centers were not random targets. They were chosen with surgical strategic logic. Now, ask the question nobody wants to answer publicly: What happens if that infrastructure goes down permanently? First, military blindness. Without access to the vast computational resources provided by these cloud infrastructures, AI systems like “The Gospel” and “Lavender” would be severely hampered, rendering them incapable of processing the immense datasets required for real-time target identification and recommendation.

IDF’s AI targeting systems lose their real-time data feeds, satellite imagery processing degrades, and target identification slows by days, not hours. Autonomous recommendations go offline. Commanders revert to Cold War-era manual intelligence methods. This would entail a substantial increase in human cognitive load and decision-making latency, directly impacting the operational efficiency and precision of military engagements, fundamentally altering the informational dimension of warfare.[3] Such a reversion could expose critical vulnerabilities in military operations, as the speed and scale of modern conflict necessitate rapid, data-driven responses that manual processes simply cannot achieve.

In a fast-moving conflict, that gap costs lives on both sides. Second, intelligence collapse. U.S. and Israeli signals intelligence depend on continuous cloud processing to filter millions of data intercepts per hour. Disrupting this processing capability would effectively create an intelligence black hole, severely impairing situational awareness and the ability to detect and analyze emergent threats. Without that computing power, the noise-to-signal ratio explodes. Critical communications are missed. Threat warnings arrive late. This disruption would propagate through the entire intelligence cycle, delaying analysis and rendering actionable insights obsolete before they can be effectively utilized.

The economic cascade

AWS alone powers over 40% of the global Internet’s infrastructure. Financial markets, healthcare systems, logistics networks, and government services. A sustained destruction of even two availability zones does not just hurt the region. It sends shockwaves through every economy connected to the cloud. India’s UPI payment backbone is partially exposed. This highlights the profound interconnectedness of global digital infrastructure and the potential for localized attacks to trigger widespread economic disruption,[4] which has been identified since the March 2026 attacks on AWS data centers.

America’s financial clearing systems slowed. European digital government services were disrupted. Such widespread disruption underscores the critical fragility of modern interconnected digital economies, where a single point of failure can cascade into systemic global instability.[5]

The precedent

The intentional destruction of critical digital infrastructure sets a new, perilous precedent for kinetic warfare, expanding the battlefield beyond traditional military targets to encompass the foundational elements of global commerce and communication. This new form of strategic targeting acknowledges the hyper-interconnectedness of contemporary economic and military systems, where the incapacitation of critical digital nodes can yield cascading effects far beyond their immediate geographic proximity. This shift redefines the concept of critical infrastructure, extending it to privately owned and operated cloud computing facilities that underpin both civilian and military functions, thereby increasing the risk of widespread economic disruption and supply chain fragmentation.[6]

This is the one that keeps cybersecurity strategists awake at night. If Iran successfully degrades AI-powered military infrastructure through targeted strikes, every adversary of every Western power just received a blueprint. China files it away for Taiwan. Russia applies it to NATO’s eastern flank. Non-state actors study the model. The lesson is simple and devastating. The implications extend beyond military strategy, fundamentally reshaping doctrines of deterrence and offensive capabilities in an era where digital infrastructure is intrinsically linked to national security and economic stability.

You do not need to beat the army. You need to beat the algorithm running it. Parallel to the drone strikes, Iran’s cyber unit, “Handala”, went deeper. Their advanced persistent threat capabilities were deployed to exploit zero-day vulnerabilities within the core operational software of these AI systems, aiming for data exfiltration and further systemic disruption beyond the kinetic damage inflicted on the physical infrastructure. This multi-pronged attack strategy, combining kinetic strikes with sophisticated cyber operations, illustrates a novel approach to disabling advanced military AI, challenging conventional notions of warfare and national defense in the digital age.

Iran’s precise action towards Amazon’s data center in the UAE unveiled the profound vulnerability of hyper-converged digital infrastructure, demonstrating how the intricate dependencies between civilian cloud services and military AI platforms create novel strategic targets that yield significant cascading effects across economic and national security domains. This strategic targeting underscores a critical shift in geopolitical conflict, where the digital commons, once perceived as immune to traditional warfare, now represent a primary battleground for state-sponsored actors.

Implications of the attack on AWS data centers in the Gulf

The kinetic strike on AWS data centers in the UAE and Bahrain demonstrably impacted the operational efficacy of Israeli AI-powered military platforms, including “The Gospel” and “Lavender”, which rely heavily on such cloud infrastructure for real-time data processing and decision-making.[7] This disruption highlights the critical vulnerability introduced by relying on commercial, internationally located cloud services for sensitive national security operations, underscoring a significant shift in the landscape of modern warfare where non-state actors or hostile nations can target civilian infrastructure to neutralize military capabilities.[8] This incident urges a reassessment of cloud adoption strategies within defense sectors, particularly concerning the inherent security risks and benefits of utilizing external cloud services, as well as the broader implications for national cybersecurity frameworks.

The incident also underscores the imperative for robust resilience frameworks within enterprise cloud environments to mitigate single points of failure and ensure the continuous operation of critical services.[9] This necessity is further amplified by the escalating sophistication of cyberattacks, including ransomware, which can severely disrupt industrial control systems and telecommunications infrastructure, underscoring the interconnectedness of digital and physical security.[10]

This event exemplifies how attacks targeting cloud providers can cascade into substantial financial and operational losses, reminiscent of past outages where even brief downtimes incurred significant economic impact.[11] Consequently, it necessitates a comprehensive re-evaluation of risk assessment models for critical infrastructure, extending beyond traditional cyber threats to incorporate kinetic vulnerabilities within globally distributed cloud architectures. Such an analysis should encompass the often-overlooked non-kinetic elements of targeting, acknowledging that modern warfare encompasses a spectrum of capabilities beyond direct physical force.[12] This includes an assessment of the escalating threat posed by sophisticated cyber-physical attacks to Command, Control, Communications, and Intelligence (C3I) systems, which increasingly leverage advanced technologies like cloud computing to meet stringent operational demands.[13] The widespread adoption of cloud infrastructures for hosting critical governmental and military services inherently introduces systemic vulnerabilities, where disruptions in these foundational cloud layers can cascade into significant impacts on national security, economic stability, and public welfare.

This interconnectedness necessitates a re-evaluation of cyber resilience strategies, moving beyond traditional cybersecurity measures to encompass the ability of an organization to “prepare for, absorb, recover from, and adapt to adverse effects typically caused by cyber-attacks that affect business operations”.[14] This holistic perspective is crucial for developing robust strategies that ensure the continuous operation of essential services, even in the face of sophisticated and multi-modal threats.[15] This understanding extends to the recognition that even a relatively minor malfunction in a single component of a critical infrastructure system can precipitate broad and long-lasting cascading impacts across interdependent sectors.[16] In highly digital enterprises, the loss of IT infrastructure, such as that caused by a kinetic strike on data centers, can lead to the complete cessation of services and activities, unlike traditional enterprises, where some non-IT-dependent operations might persist.[17]

This distinction highlights the increased vulnerability of modern, digitally-dependent systems to both cyber and kinetic attacks, emphasizing the critical need for advanced risk assessment methodologies that consider the complex interdependencies within cyber-physical and social systems.[18] This incident thus serves as a salient case study, illustrating the critical necessity for comprehensive cyber-physical interdependency modelling and the development of resilient architectures that can withstand both digital intrusions and kinetic assaults. This event underscores the importance of a holistic framework for analyzing the resilience of interdependent civil infrastructure systems, particularly those intertwined with critical military and governmental functions.[19]

Iran’s military intervention was predicated on disrupting Israel’s AI capabilities, which had become highly dependent on AWS infrastructure. This targeting strategy implicitly acknowledges the profound integration of commercial cloud services into contemporary defense mechanisms and highlights a novel asymmetric warfare tactic, where physical attacks on civilian technological infrastructure are leveraged to neutralize sophisticated military AI systems.[20] Iran’s attack in the UAE has opened the door for AI’s role in modern conflict to be seen not merely as a force multiplier, but as a potential critical vulnerability that can be exploited through strategic targeting of its underlying compute infrastructure.

This shift mandates an urgent re-evaluation of military doctrine and infrastructure protection strategies, focusing on the decentralization and hardening of critical AI compute resources against both cyber and kinetic threats to preserve strategic military advantage.[21] This review warrants a comprehensive approach to critical infrastructure protection, integrating sophisticated threat intelligence with robust cyber-physical security measures to pre-emptively identify and mitigate vulnerabilities.[22]

This approach inherently demands consideration of multiplex networks to model the intricate interdependencies within critical infrastructure systems, particularly when assessing their resilience against extreme events.[23] The complexity of these interdependencies often involves heterogeneous functional graphs where nodes represent processes and edges denote various dependencies, requiring advanced computational models for accurate vulnerability assessment.[24] We must robustly investigate how much control AI has in military strategic decision-making and the extent to which these AI systems operate autonomously or with human-in-the-loop oversight. This examination is crucial for understanding the potential for adversarial manipulation of AI-driven systems within critical infrastructure, especially given their increasing integration into smart grids and other vital cyber-physical networks.[25]

Furthermore, the integration of AI and ML in enhancing grid security is pivotal, offering innovative solutions to challenges posed by cyber threats in smart grids by leveraging adaptive baseline behavior models to detect new, unknown attacks.[26] This is further complemented by AI-based hybrid models that improve real-time grid control and fault detection, alongside advanced AI-based fault detection mechanisms that strengthen resilience and cybersecurity.[27] We must differentiate what humans can do and what AI on its own is capable of and identify where human oversight remains indispensable to prevent unintended consequences or adversarial exploitation of autonomous systems, especially within critical infrastructure like smart grids.[28]

This decentralization would inherently reduce single points of failure, distribute the attack surface and thereby enhance the system’s overall robustness against targeted kinetic or cyber offensives. Furthermore, advancements in AI and computing technologies have also introduced unforeseen vulnerabilities in critical infrastructures like smart grids, making them susceptible to complex adversarial and cyber-physical attacks.[29] Thus, the development of robust datasets and explainable AI models is crucial to improving the reliability and effectiveness of AI-driven cybersecurity solutions in these critical domains.[30] The increasing complexity of these systems, often characterized by distributed and heterogeneous components, necessitates a deeper understanding of adversarial ML techniques to develop resilient countermeasures.

Moreover, ongoing research is exploring dueling AI/ML algorithms to conceptualize and demonstrate the trustworthiness of cyber-physical system security under diverse scenarios, particularly in anomaly detection for energy systems. This research is vital for advancing the trustworthiness of AI-integrated grid systems, especially as AI is increasingly applied to monitor, control, and optimize energy infrastructures.[31] This includes exploring the potential of emerging technologies, assessing the cybersecurity implications of integrating renewable energy sources, and fostering a culture of cybersecurity awareness among all stakeholders.

Considering the multifaceted nature of threats to critical infrastructure, it is imperative to investigate the potential for blockchain technology and other distributed ledger technologies to enhance data integrity and operational resilience within these complex systems.[32] The inherent immutability and distributed consensus mechanisms of blockchain could provide a robust framework for securing C3I systems, mitigating single points of failure and enhancing data provenance within military and critical civilian infrastructure.

Such technologies, alongside AI and edge computing, offer significant potential for improving threat detection and prevention while simultaneously bolstering the resilience of critical energy infrastructure against sophisticated attacks. These innovations contribute to creating models more resistant to adversarial perturbations and enhancing the overall security of smart grids.[33] The integration of AI into these systems, however, introduces additional vulnerabilities, as AI algorithms themselves can be manipulated through adversarial attacks designed to deceive or compromise their functionality.

Therefore, ensuring the resilience of ML models against adversarial tampering, especially in the context of networked cyber-physical systems, is a paramount concern for maintaining system integrity and preventing cascading failures.[34]^{, [35]} This necessitates the development of sophisticated defense mechanisms that can identify and neutralize adversarial inputs in real-time, thereby safeguarding critical infrastructure from both cyber and kinetic threats.[36] This proactive approach aligns with the need for innovative cybersecurity protocols to mitigate threats and ensure the resilience of smart renewable energy systems, as well as the need for comprehensive cybersecurity standards tailored to smart grid technologies.

Conclusion

This convergence of kinetic and cyber warfare tactics necessitates a re-evaluation of established cybersecurity paradigms, moving beyond conventional perimeter defenses to incorporate adaptive, AI-driven protective measures capable of detecting and neutralizing zero-day exploits and sophisticated persistent threats. Furthermore, understanding how AI and algorithms contribute to radicalization and political instability is crucial for developing robust countermeasures that address both technical vulnerabilities and the broader societal impacts of such technologies. This re-evaluation must also consider how AI itself can be weaponized in various forms, from drone swarming to algorithmic extremism, thereby necessitating a comprehensive security framework that integrates both cyber and kinetic defense strategies.

This evolving threat landscape, characterized by AI-driven cyber capabilities and the potential for AI to act as a force multiplier for malicious actors, presents a complex and multifaceted challenge for global cybersecurity. Traditional signature-based threat detection mechanisms are increasingly inadequate against these advanced persistent threats and zero-day attacks, highlighting the urgent need for next-generation AI and ML solutions to enhance cybersecurity capabilities. The strategic integration of AI and ML into cybersecurity frameworks, including adaptive learning and anomaly detection systems, is essential for developing resilient defenses against increasingly sophisticated AI-powered cyberattacks.

Should we, in fact, be thanking Iran for the exposure of such profound vulnerabilities in the global digital infrastructure, thereby catalyzing a more immediate and robust response to these emerging threats?

[1] Horowitz, M. C. 2018. “Artificial Intelligence, International Competition, and the Balance of Power.” Texas Scholar Works (Texas Digital Library). https://doi.org/10.15781/t2639kp49.

[2] Ahmad, H., et al. 2022. “A Review on C3I Systems’ Security: Vulnerabilities, Attacks, and Countermeasures.” ACM Computing Surveys 55(9). Association for Computing Machinery. https://doi.org/10.1145/3558001.

[3] Ducheine, P. A. L. 2015. “Non-kinetic Capabilities: Complementing the Kinetic Prevalence to Targeting.” In T.M.C. Asser Press eBooks, 201. https://doi.org/10.1007/978-94-6265-072-5_10.

[4] Magoni, D. 2003. “Tearing Down the Internet.” IEEE Journal on Selected Areas in Communications 21(6): 949. https://doi.org/10.1109/jsac.2003.814364.

[5] Nafees, M. N., et al. 2022. “Smart Grid Cyber-Physical Situational Awareness of Complex Operational Technology Attacks: A Review.” ACM Computing Surveys 55(10). https://doi.org/10.1145/3565570.

[6] Srai, J. S., et al. 2023. “Impact Pathways: Unhooking Supply Chains from Conflict Zones—Reconfiguration and Fragmentation Lessons from the Ukraine–Russia War.” International Journal of Operations & Production Management 43(13): 289. https://doi.org/10.1108/ijopm-08-2022-0529.

[7] Aslam, M., et al. 2025. “Artificial Intelligence for Secure and Sustainable Industrial Control Systems: A Survey of Challenges and Solutions.” Artificial Intelligence Review 58(11). https://doi.org/10.1007/s10462-025-11320-9.

[8] Alassafi, M. O., et al. 2017. “A Framework for Critical Security Factors That Influence the Decision of Cloud Adoption by Saudi Government Agencies.” Telematics and Informatics 34(7): 996. https://doi.org/10.1016/j.tele.2017.04.010.

[9] Chang, V., et al. 2015. “A Resiliency Framework for an Enterprise Cloud.” International Journal of Information Management 36(1): 155. https://doi.org/10.1016/j.ijinfomgt.2015.09.008.

[10] Elete, T. Y. 2024. “Impact of Ransomware on Industrial Control Systems in the Oil and Gas Sector: Security Challenges and Strategic Mitigations.” Computer Science & IT Research Journal 5(12): 2664. https://doi.org/10.51594/csitrj.v5i12.1759; Folorunsho, S. O. et al. 2024. “Ensuring Cybersecurity in Telecommunications: Strategies to protect digital infrastructure and sensitive data.” Computer Science & IT Research Journal, 5(8), 1855. https://doi.org/10.51594/csitrj.v5i8.1448.

[11] Shirazi, S. N., et al. 2017. “The Extended Cloud: Review and Analysis of Mobile Edge Computing and Fog from a Security and Resilience Perspective.” IEEE Journal on Selected Areas in Communications 35(11): 2586. https://doi.org/10.1109/jsac.2017.2760478.

[12] Ducheine, P. A. L. 2015a. Non-kinetic Capabilities: Complementing the Kinetic Prevalence to Targeting. In T.M.C. Asser Press eBooks (p. 201). https://doi.org/10.1007/978-94-6265-072-5_10

[13] Ahmad, H. et al. 2022a. A Review on C3I Systems’ Security: Vulnerabilities, Attacks, and Countermeasures. [Review of A Review on C3I Systems’ Security: Vulnerabilities, Attacks, and Countermeasures]. ACM Computing Surveys, 55(9), 1. Association for Computing Machinery. https://doi.org/10.1145/3558001

[14] AlHidaifi, S. M., et al. 2024. “A Survey on Cyber Resilience: Key Strategies, Research Challenges, and Future Directions.” ACM Computing Surveys 56(8). https://doi.org/10.1145/3649218.

[15] Pedroso, C., and A. Santos. 2025. “A Survey on Faults and Vulnerabilities in Network Topological Connectivity: Logical and Physical Perspectives.” ACM Computing Surveys. https://doi.org/10.1145/3769668.

[16] Galbusera, L., et al. 2020. “Modeling Interdependencies in Multi-Sectoral Critical Infrastructure Systems: Evolving the DMCI Approach.” Reliability Engineering & System Safety 203: 107072. https://doi.org/10.1016/j.ress.2020.107072.

[17] Nateghi, A., and M. Mosharrat. 2023. “Architecting the Future: A Model for Enterprise Integration in the Metaverse.” Journal of Metaverse 3(2): 190. https://doi.org/10.57019/jmv.1355500.

[18] Zio, E. 2018. “The Future of Risk Assessment.” Reliability Engineering & System Safety 177: 176. https://doi.org/10.1016/j.ress.2018.04.020.

[19] Yang, Y., et al. 2019. “A Physics-Based Framework for Analyzing the Resilience of Interdependent Civil Infrastructure Systems: A Climatic Extreme Event Case in Hong Kong.” Sustainable Cities and Society 47: 101485. https://doi.org/10.1016/j.scs.2019.101485.

[20] Dobson, S., et al. 2019. “Self-Organization and Resilience for Networked Systems: Design Principles and Open Research Issues.” Proceedings of the IEEE 107(4): 819. https://doi.org/10.1109/jproc.2019.2894512.

[21] Bitarafan, M., et al. 2023. “Identification and Assessment of Man-Made Threats to Cities Using Integrated Grey BWM-Grey MARCOS Method.” Decision Making Applications in Management and Engineering 6(2): 581. https://doi.org/10.31181/dmame622023747; Šarūnienė, I., et al. 2023. “Risk Assessment of Critical Infrastructures: A Methodology Based on Criticality of Infrastructure Elements.” Reliability Engineering & System Safety 243: 109797. https://doi.org/10.1016/j.ress.2023.109797.

[22] Neshenko, N., et al. 2025. “A Deep Learning-Based Adaptive Cyber Disaster Management Framework.” Journal of Big Data 12(1). https://doi.org/10.1186/s40537-025-01241-3.

[23] Wang, Y., et al. 2024. “Multiplex Networks in Resilience Modeling of Critical Infrastructure Systems: A Systematic Review.” Reliability Engineering & System Safety 250: 110300. https://doi.org/10.1016/j.ress.2024.110300.

[24] Munikoti, S., K. Lai, and B. Natarajan. 2021. “Robustness Assessment of Hetero-Functional Graph Theory-Based Model of Interdependent Urban Utility Networks.” Reliability Engineering & System Safety 212: 107627. https://doi.org/10.1016/j.ress.2021.107627.

[25] Cali, Ü., F. Ö. Çatak, and U. Halden. 2024. “Trustworthy Cyber-Physical Power Systems Using AI: Dueling Algorithms for PMU Anomaly Detection and Cybersecurity.” Artificial Intelligence Review 57(7). https://doi.org/10.1007/s10462-024-10827-x; Pelekis, S., et al. 2025. “Adversarial Machine Learning: A Review of Methods, Tools, and Critical Industry Sectors.” Artificial Intelligence Review 58(8). https://doi.org/10.1007/s10462-025-11147-4.

[26] Naiho, H. N. N., et al. 2024. “Addressing Cybersecurity Challenges in Smart Grid Technologies: Implications for Sustainable Energy Infrastructure.” Engineering Science & Technology Journal 5(6): 1995. https://doi.org/10.51594/estj.v5i6.1218.

[27] Ahmadi, M., H. H. Aly, and J. Gu. 2025. “A Comprehensive Review of AI-Driven Approaches for Smart Grid Stability and Reliability.” Renewable and Sustainable Energy Reviews 226: 116424. https://doi.org/10.1016/j.rser.2025.116424.

[28] Çatak & Halden, “Trustworthy cyber-physical power.”

[29] Vigneshwaran, P., et al. 2026. “Cyber-Attack Detection in Smart Grids: A Survey of Methods, Challenges and Future Directions.” Computer Science Review 60: 100915. https://doi.org/10.1016/j.cosrev.2026.100915.

[30] Ekechukwu, D. E., and P. Simpa. 2024. “The Future of Cybersecurity in Renewable Energy Systems: A Review.” Computer Science & IT Research Journal 5(6): 1265. https://doi.org/10.51594/csitrj.v5i6.1197.

[31] Alam, M. M., et al. 2025. “Artificial Intelligence Integrated Grid Systems: Technologies, Potential Frameworks, Challenges, and Research Directions.” Renewable and Sustainable Energy Reviews 211: 115251. https://doi.org/10.1016/j.rser.2024.115251.

[32] El-Afifi, M. I., et al. 2024. “A Review of IoT-Enabled Smart Energy Hub Systems: Rising Applications, Challenges, and Future Prospects.” Renewable Energy Focus 51: 100634. https://doi.org/10.1016/j.ref.2024.100634.

[33] Hassine, L., et al. 2025. “Enhancing Smart Grid Security in Smart Cities: A Review of Traditional Approaches and Emerging Technologies.” Applied Energy 398: 126430. https://doi.org/10.1016/j.apenergy.2025.126430.

[34] Diaba, S., et al. 2024. “Cyber-Physical Attack and the Future Energy Systems: A Review.” Energy Reports 12: 2914. https://doi.org/10.1016/j.egyr.2024.08.060.

[35] Himeur, Y., et al. 2023. “Edge AI for Internet of Energy: Challenges and Perspectives.” Internet of Things 25: 101035. https://doi.org/10.1016/j.iot.2023.101035.

[36] Tooki, O. O., and O. Popoola. 2024. “A Critical Review on Intelligent-Based Techniques for Detection and Mitigation of Cyberthreats and Cascaded Failures in Cyber-Physical Power Systems.” Renewable Energy Focus 51: 100628. https://doi.org/10.1016/j.ref.2024.100628.