Fictitious Crisis Scenario Development Related to a Bank Following a Breakdown in the Communication Network to Show Critical Infrastructure Digitization

International Journal of Future Computer and Communication ◽

10.18178/ijfcc.2021.10.2.574 ◽

2021 ◽

pp. 18-22

Author(s):

J. J. Kohler ◽

◽

E. Fragnière ◽

D. Konstantas ◽

E. Viganò

Keyword(s):

Communication Network ◽

Critical Incident ◽

Critical Infrastructure ◽

Counterfactual Thinking ◽

Business Continuity ◽

Critical Infrastructures ◽

Scenario Development ◽

Society Business ◽

Crisis Scenarios ◽

Simulation Exercises

The notion of critical infrastructure represents for states a vital asset for the functioning of society and the economy. These critical infrastructures cover many areas such as transportation, electricity, hospitals, and recently telecommunications which are taking more and more place in our economies due to the digitalization of our society. Business Continuity Plans (BCP) are often an obligation here to ensure the fastest possible recovery of these critical infrastructures in the event of a crisis. However, the scenarios that allow simulation exercises to be carried out remain very "logistically" oriented, while critical infrastructures linked in general to the digitization of the economy are poorly prepared for a major critical incident. To compensate for these weaknesses in the development of crisis scenarios linked to digitalization, we take the case of critical digital banking infrastructures and use counterfactual thinking to develop a crisis scenario that takes better account of the entire dematerialization dimension inherent in them.

Download Full-text

National Security and Critical Infrastructure Protection

International conference KNOWLEDGE-BASED ORGANIZATION ◽

10.2478/kbo-2019-0001 ◽

2019 ◽

Vol 25 (1) ◽

pp. 8-13

Author(s):

Adriana Alexandru ◽

Victor Vevera ◽

Ella Magdalena Ciupercă

Keyword(s):

United States ◽

National Security ◽

Critical Infrastructure ◽

The United States ◽

Critical Infrastructures ◽

Technological Advancement ◽

Critical Infrastructure Protection ◽

Normal Functioning ◽

Infrastructure Protection ◽

Crisis Scenarios

Abstract The link between national security and the protection of critical infrastructure is vital to the progress of any society and its proper social functioning. The term critical infrastructure was developed by the United States in the 1990s and it has evolved in time; nowadays, most of the current definitions include the security dimension in their content. Along with its many benefits, the technological advancement has brought with it the diversification of threats that could lead to the malfunctioning of critical infrastructures. The new weapons of the 21st century and the new asymmetric threats constitute real dangers to the good functioning of every critical infrastructure. Once they may be interrupted, the normal functioning of the whole society would be endangered because of the domino effects it causes. In this article we will look at how the link between critical infrastructure and national security is reflected in national regulations and crisis scenarios, highlighting the main strengths and the existing legislative gaps along with discussing their applicability.

Download Full-text

Business Continuity for Critical Infrastructure Operators

Annals of Disaster Risk Sciences ◽

10.51381/adrs.v3i1.46 ◽

2020 ◽

Vol 3 (1) ◽

Author(s):

Harri Ruoslahti

Keyword(s):

Adverse Events ◽

Critical Infrastructure ◽

Research Question ◽

Management Strategies ◽

Case Study Research ◽

Business Continuity ◽

Critical Infrastructures ◽

Open Communication ◽

Infrastructure Resilience

Critical infrastructures often lack resilience and easily lose critical functionalities if hit by adverse events. Continuity management strategies for critical infrastructure operators and the networks that they form, rely also on the functionality of other interrelated networks. Disruptions in operations may affect society and for this reason, securing the operations of critical infrastructure operators is important. The technological impacts of CPS become evident to the resilience of all fields of critical infrastructure, but there is also human elements to take into account. The research question of this study is: How to enhance business continuity of critical infrastructure? This case study research uses qualitative methods collected by conducting interviews of resilience and continuity professionals who work with Finnish critical infrastructure. Resilience and continuity management are key for critical infrastructure operators. Important factors identified were identifying risks, critical activities, key personnel, creating guidelines and procedures, and open communication, which themes were recognised as important to improve resilience and manage continuity.

Download Full-text

Attack Categorisation for IoT Applications in Critical Infrastructures, a Survey

Applied Sciences ◽

10.3390/app11167228 ◽

2021 ◽

Vol 11 (16) ◽

pp. 7228

Author(s):

Edward Staddon ◽

Valeria Loscri ◽

Nathalie Mitton

Keyword(s):

Critical Infrastructure ◽

Attack Detection ◽

Critical Infrastructures ◽

Cyber Attack ◽

Specific System ◽

Iot Applications ◽

War Zone ◽

Clear Vision ◽

The Internet Of Things ◽

Do So

With the ever advancing expansion of the Internet of Things (IoT) into our everyday lives, the number of attack possibilities increases. Furthermore, with the incorporation of the IoT into Critical Infrastructure (CI) hardware and applications, the protection of not only the systems but the citizens themselves has become paramount. To do so, specialists must be able to gain a foothold in the ongoing cyber attack war-zone. By organising the various attacks against their systems, these specialists can not only gain a quick overview of what they might expect but also gain knowledge into the specifications of the attacks based on the categorisation method used. This paper presents a glimpse into the area of IoT Critical Infrastructure security as well as an overview and analysis of attack categorisation methodologies in the context of wireless IoT-based Critical Infrastructure applications. We believe this can be a guide to aid further researchers in their choice of adapted categorisation approaches. Indeed, adapting appropriated categorisation leads to a quicker attack detection, identification, and recovery. It is, thus, paramount to have a clear vision of the threat landscapes of a specific system.

Download Full-text

Synthetic Environments for Investigating Collaborative Information Seeking: An Application in Emergency Restoration of Critical Infrastructures

Journal of Homeland Security and Emergency Management ◽

10.1515/jhsem-2014-0083 ◽

2015 ◽

Vol 12 (3) ◽

Cited By ~ 1

Author(s):

David Mendonça ◽

William A. Wallace ◽

Barbara Cutler ◽

James Brooks

Keyword(s):

Information Seeking ◽

Large Scale ◽

Critical Infrastructure ◽

Future Research ◽

Critical Infrastructures ◽

Close Collaboration ◽

Number Of Factors ◽

Computer Based ◽

Collaborative Information Seeking ◽

Post Disaster

AbstractLarge-scale disasters can produce profound disruptions in the fabric of interdependent critical infrastructure systems such as water, telecommunications and electric power. The work of post-disaster infrastructure restoration typically requires information sharing and close collaboration across these sectors; yet – due to a number of factors – the means to investigate decision making phenomena associated with these activities are limited. This paper motivates and describes the design and implementation of a computer-based synthetic environment for investigating collaborative information seeking in the performance of a (simulated) infrastructure restoration task. The main contributions of this work are twofold. First, it develops a set of theoretically grounded measures of collaborative information seeking processes and embeds them within a computer-based system. Second, it suggests how these data may be organized and modeled to yield insights into information seeking processes in the performance of a complex, collaborative task. The paper concludes with a discussion of implications of this work for practice and for future research.

Download Full-text

Impact of cyber dependencies in critical infrastructures: The reliability of grid splitting in power systems

Proceedings of the Institution of Mechanical Engineers Part O Journal of Risk and Reliability ◽

10.1177/1748006x17736165 ◽

2018 ◽

Vol 232 (5) ◽

pp. 491-504 ◽

Cited By ~ 1

Author(s):

Di-An Tian ◽

Giovanni Sansavini

Keyword(s):

Communication Network ◽

Power System ◽

Test System ◽

System Stability ◽

Critical Infrastructures ◽

Delay Model ◽

Critical Transition ◽

Open Communication ◽

Transition Range ◽

Traffic Uncertainty

The growing presence of cyber interdependencies in critical infrastructures can be exemplified by grid splitting, which is an application in power system stability and control dependent on communication services. It involves the controlled separation of a power system into islands in reaction to an imminent instability. Communication is necessary for gathering system-wide synchronized measurements for state estimation as well as for the dispatch of line switch-opening signals. However, grid splitting may become ineffective due to a degradation in communication, which is accrued by the use of non-dedicated, open communication networks. To address this issue, this article aims to quantify the reliability of grid splitting under degraded communication conditions. A simulation framework is developed that allows the integration of a transient electrical model and a stochastic communication delay model that captures the effects of congestion and traffic uncertainty. The application to the IEEE 39-Bus Test System shows that the reliability of grid splitting is reduced under the influence of degraded communication leading to increased time delays. Furthermore, the results identify a critical transition range in the grid splitting reliability for a very narrow range of external interfering traffic and network data rate. Finally, the interdependency of the electric and the communication network is quantified by the expected efficiency of the communication network subject to degraded communication following the grid splitting action. The decrease in the expected communication efficiency under degraded communication is driven by increased congestion levels and by failures of electrical and co-located communication nodes and is related to the critical transition range for reliability. The developed methodology allows identifying the communication requirements for a reliable grid splitting execution under traffic uncertainty and congestion.

Download Full-text

MANAGING THE RISKS OF INFORMATION AND COMMUNICATION NETWORK IN THE CONTEXT OF PLANNING THE SECURITY OF CRITICAL INFRASTRUCTURE SYSTEMS

Bulletin of NTU KhPI Series Strategic Management Portfolio Program and Project Management ◽

10.20998/125213 ◽

2018 ◽

Vol 0 (2(1278)) ◽

pp. 22-30

Author(s):

Roman Artiukh ◽

Viktor Kosenko ◽

Olga Malyeyeva ◽

Eduard Lysenko

Keyword(s):

Communication Network ◽

Critical Infrastructure ◽

Infrastructure Systems ◽

Information And Communication ◽

Critical Infrastructure Systems

Download Full-text

Conceptualization of a Critical Infrastructure Network – Model for Flood Risk Assessments

10.5194/egusphere-egu21-922 ◽

2021 ◽

Author(s):

Roman Schotten ◽

Daniel Bachmann

Keyword(s):

Risk Analysis ◽

Flood Risk ◽

Critical Infrastructure ◽

Risk Mitigation ◽

Mitigation Measures ◽

Critical Infrastructures ◽

Flood Exposure ◽

Infrastructure Network ◽

Flood Risk Analysis ◽

De Bruijn

In flood risk analysis it is a key principle to predetermine consequences of flooding to assets, people and infrastructures. Damages to critical infrastructures are not restricted to the flooded area. The effects of directly affected objects cascades to other infrastructures, which are not directly affected by a flood. Modelling critical infrastructure networks is one possible answer to the question &#8216;how to include indirect and direct impacts to critical infrastructures?&#8217;.Critical infrastructures are connected in very complex networks. The modelling of those networks has been a basis for different purposes (Ouyang, 2014). Thus, it is a challenge to determine the right method to model a critical infrastructure network. For this example, a network-based and topology-based method will be applied (Pant et al., 2018). The basic model elements are points, connectors and polygons which are utilized to resemble the critical infrastructure network characteristics.The objective of this model is to complement the state-of-the-art flood risk analysis with a quantitative analysis of critical infrastructure damages and disruptions for people and infrastructures. These results deliver an extended basis to differentiate the flood risk assessment and to derive measures for flood risk mitigation strategies. From a technical point of view, a critical infrastructure damage analysis will be integrated into the tool ProMaIDes (Bachmann, 2020), a free software for a risk-based evaluation of flood risk mitigation measures.The data on critical infrastructure cascades and their potential linkages is scars but necessary for an actionable modelling. The CIrcle method from Deltares delivers a method for a workshop that has proven to deliver applicable datasets for identifying and connecting infrastructures on basis of cascading effects (de Bruijn et al., 2019). The data gained from CIrcle workshops will be one compound for the critical infrastructure network model.Acknowledgment: This work is part of the BMBF-IKARIM funded project PARADes (Participatory assessment of flood related disaster prevention and development of an adapted coping system in Ghana).Bachmann, D. (2020). ProMaIDeS - Knowledge Base. https://promaides.myjetbrains.comde Bruijn, K. M., Maran, C., Zygnerski, M., Jurado, J., Burzel, A., Jeuken, C., & Obeysekera, J. (2019). Flood resilience of critical infrastructure: Approach and method applied to Fort Lauderdale, Florida. Water (Switzerland), 11(3). https://doi.org/10.3390/w11030517Ouyang, M. (2014). Review on modeling and simulation of interdependent critical infrastructure systems. Reliability Engineering and System Safety, 121, 43&#8211;60. https://doi.org/10.1016/j.ress.2013.06.040Pant, R., Thacker, S., Hall, J. W., Alderson, D., & Barr, S. (2018). Critical infrastructure impact assessment due to flood exposure. Journal of Flood Risk Management, 11(1), 22&#8211;33. https://doi.org/10.1111/jfr3.12288

Download Full-text

A comparative literature review of the methodologies to evaluate risk of NaTech disasters and Critical Infrastructure affected by natural hazard

10.5194/egusphere-egu21-14793 ◽

2021 ◽

Author(s):

Margherita D'Ayala ◽

Riccardo Giusti ◽

Marcello Arosio ◽

Mario Martina

Keyword(s):

Natural Hazards ◽

Natural Hazard ◽

Critical Infrastructure ◽

Critical Infrastructures ◽

Industrial Accident ◽

Technological Disasters ◽

Natural Event ◽

Similarities And Differences ◽

Change Framework ◽

Oil Gas

In a climate change framework extreme natural events are going to occur more frequently and intensively as a result of global warming. Therefore, the effects and consequences of climate-related natural hazards, such as flooding, heatwaves, drought, landslides and others, have the potential to become more disastrous and extensive. Consequences of such events are of particular concern considering that today&#8217;s societies are interconnected in complex and dynamic socio-technological networks and, hence, dependent more than before on Critical Infrastructures (CI) systems (such as transport, energy, water, ICT systems, etc.). Furthermore, there are also events of Natural Hazards Trigger Technological Disasters (also known as NaTech events), whereby an industrial accident caused by a natural event could affect people, the environment, and other facilities and systems. This work reviews studies in the fields of risk assessment of CI systems affected by natural hazards and NaTech events.This study identifies and classifies: the methodologies applied (qualitative or quantitative), the type of infrastructures exposed (transport, electricity, oil, gas, water and waste water and telecommunications systems, industrial or nuclear plant) and hazard considered (flood, earthquake, lighting, landslide, avalanche, storm surge, heat and cold waves, wind), the scale of application and the level of spatial resolution.The work provides a comparison of the scientific studies, the objectives and analysis methods to assess risk employed in the fields of CI systems and NaTech events in order to highlight similarities and differences and to guide the most suitable approach for each application case.

Download Full-text

Modelling Economic Consequences of ICT Infrastructure Failure in Support of Critical Infrastructure Protection Policies

Critical Information Infrastructure Protection and Resilience in the ICT Sector ◽

10.4018/978-1-4666-2964-6.ch006 ◽

2013 ◽

pp. 115-138

Author(s):

Olaf Jonkeren ◽

David Ward

Keyword(s):

Critical Infrastructure ◽

Large Body ◽

Economic Consequences ◽

Critical Infrastructures ◽

Critical Infrastructure Protection ◽

Infrastructure Protection ◽

Modelling Methodology ◽

Infrastructure Failure ◽

Ict Infrastructure ◽

Made In

There is a large body of work and effort been made in the modelling of critical infrastructures (CI’s) by academia, enterprises, stakeholders, operators, etc.; however, their endeavours have received mixed success so far. This can be traced back to several difficult and historical hurdles in CI modeling such as the chronic unavailability of reliable and recognised data, the specificity of the resulting model, and therefore, its application, the underlying mathematics, narrow-mindedness and lack of awareness of the consequences of infrastructure failure, the recognition and dissemination of the modelling methodology-knowledge, etc. Consequently, bridging theory and application and providing tools for analysing CI’s is key to ensuring that such modelling delivers the benefits voiced and satisfies the needs raised. This chapter sets out to tackle several of these issues.

Download Full-text

Economic Impact of Cyber Attacks on Critical Infrastructures

Advances in Digital Crime, Forensics, and Cyber Terrorism - Applying Methods of Scientific Inquiry Into Intelligence, Security, and Counterterrorism ◽

10.4018/978-1-5225-8976-1.ch012 ◽

2019 ◽

pp. 291-314

Author(s):

Merve Şener

Keyword(s):

Economic Impact ◽

Critical Infrastructure ◽

Cyber Attacks ◽

Economic Losses ◽

Critical Infrastructures ◽

Cyber Attack ◽

Network Systems ◽

Financial Losses

Critical infrastructures ensure that activities that are vital and important for individuals can be safely delivered to the society uninterruptedly. The damage on these critical infrastructures caused by cyber-attacks whose control is carried out through computers and network systems is very large. Cyber-attacks directly or indirectly affect companies, institutions, and organizations economically and cause great financial losses. In this chapter, two different categories, energy and finance sector, which are described as critical infrastructure, are discussed; cyber-attacks carried out on these sectors, cyber-attack weapons, and economic losses caused by these attacks are examined.

Download Full-text