SlideShare una empresa de Scribd logo

European critical infrastructures: which analysis framework for supporting effective decision making?

Global Risk Forum GRFDavos
Global Risk Forum GRFDavos

Georgios GIANNOPOULOS, Roberto FILIPPINI Joint Research Centre, European Commission

EducaciónTecnología
1 de 19
European Critical Infrastructures: Which analysis framework for supporting effective decision making? Sala Flüela, Wednesday 28/08, 8:30-10:00 • A resilience based analysis framework for critical infrastructures protection, Georgios Giannopoulos, EU-JRC, Ispra, Italy • Critical infrastructure disruptions: a generic system dynamic approach for decision support, Thomas Münzberg, KIT, Institute for Nuclear and Power Technology, Karlsruhe, Germany • Security and safety of cross border infrastructure, Sergio Olivero, SiTI, Instituto Superiore sui Sistemi Territoriali per l’innovazione, Torino, Italy • Decision making for resilience in critical infrastructure governance, Center for Security Studies, ETH, Zurich, Switzerland
A resilience based analysis framework for critical infrastructures protection Georgios Giannopoulos – Roberto Filippini European Commission Joint Research Centre Institute for the Protection and Security of the Citizen Security Technology Assessment Unit ISPRA, Italy Serving society Stimulating innovation www.jrc.ec.europa.eu Supporting legislation
Directive 2008/114/EC Council Directive of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection European Critical Infrastructure (ECI) ….means critical infrastructure located in Member States the destruction or disruption of which would have a significant impact on at least two Member States ECI must satisfy both: Cross-cutting criteria: casualties, economic effects, public effects Sectoral Criteria have been established for Transport and Energy sectors
From policy to research • Scope • Interconnected systems => large-scale engineering, socio-technical systems => modern infrastructures (ICT, power grids, transport, etc…) • Features  Geographically distributed, cross-borders  Multi sectors, heterogeneous  Aggregated rather than designed on purpose  Evolving/adjusting to demand  … => from complex systems to… systems of systems
High level requirements of analysis framework • Which user?  Operators and decision makers • Which system analysis?  comprehensive, overcoming sector specific boundaries, at affordable computation overhead • Which outcome?  Criticalities and vulnerabilities  System response and resilience  Trade-off local versus global risks  Synergies with other analysis tools
A resilience based analysis framework: Why? Resilience is the ability of a system of • Resilience Vs. reliability preventing, withstanding, reacting and Broader scope => the recovering from failures. system may fail and then recover Prevention => state awareness + preparedness • Resilience Vs. control Reaction => activate defenses and resources More encompassing => Recovery => restore back to initial conditions Controls are also of non- functional nature • Resilience Vs. risk Failure assessment Complementary => resilience may (or not) Prevent React Recover Time meet risk requirements
5 6 4 3 5 6 4 3 2 2 1 1 System architecture The dependency graph Gas + PS + Controls + TX + Functional dependencies Distribution + Communication
Why functional dependencies • Account for general relationships  Producer/consumer, provider/user, controller/controlled • Overcome specific sector diversities  A functional dependency is a-dimensional • Capture essential network semantic  Representing nominal operation set-up  Support failure analysis => provide directions of failures
Structural analysis • Structural properties => Criticalities and vulnerabilities  How to identify most critical nodes?  How to identify most vulnerable nodes?  How many interdependencies are established for a given node? • Structural metrics => Coupling factors  How strict a node is coupled to the others (average distance)?  …
Structural properties 5 6 5 6 5 6 4 3 4 3 4 3 2 2 2 1 1 1 Criticality Vulnerability Interdependency Node 2 is critical Node 2 is Loop 3,4,5,6 to 3,4 directly vulnerable from 1 5,6 indirectly
Resilience analysis • Qualitative analysis => model checking  Do they exist failure scenarios that cannot be recovered? • Quantitative analysis => deterministic or probabilistic  Is a system resilient to disturbance?  Is a network resilient to disturbance?  Are the measures in place sufficient to resist/recover?  …
Qualitative Resilience Analysis • Concurrent event sequence diagram 1. Initiating event -> the node failure 2. Next event within the set of failure (F) and recovery (R) enabled events 3. Scenario building up to the end state Recoverable scenarios Recoverable/time bounded Non recoverable scenarios Transient behavior
Concurrency and indeterminism 5 6 4 3 2 1 5 6 Example of concurrent event diagram 4 3 Concurrency among events and indeterminism 2 Two possible scenarios are identified 1
Quantitative Resilience Analysis 1. Deterministic  System response to a given disturbance profile 2. Stochastic  Distribution of system response for a given disturbance profile => Sensitivity analysis to 1 and 2  Sensitivity to a single node failure  Sensitivity to model parameters  Sensitivity to more node failures => attack scenarios!
Quantitative Resilience Analysis (2) • The model => discrete event system  Every node is given a binary state variable X = [0,1] • Model parameters  Operation drift  Service thresholds  Buffering and time to recovery  Disturbance profile => which node and duration
Failure 4 and recovery 6 are r = x1 + x2 + x3 + x4 concurrent Simulation of scenarios (deterministic) Resilience is the sum of the node’s states (1 is functioning) in the loop 3, 4, 5 and 6. Timing of concurrent events matters! Is this matter of design, or coordination (control)
Resilience and Risk assessment • Estimate of consequences • Evaluation of the likelihood Transient behavior Estimate costs for the duration of the service disruption, for each node affected
System of systems 5 6 1 Modeling language 4 3 2 2 Dependency network 1 3 Structural analysis 4 Resilience analysis Risk assessment Deterministic Stochastic 5 Resilience informed design 6 Integrate… Other analyses
Conclusions • The basic ideas  Develop a methodology in which all relevant players in a interconnected infrastructure are included within the same analysis framework  Focus on functional dependencies -> dependency network  Define simple mechanisms of failure/recovery  Analysis of structural properties and resilience • The way forward => Resilience informed design  Reduce/control system variability  Resilience control paradigm, cross-sector and intra-dependencies  Decision making at high level through resilience scenarios prioritization

Recomendados

02. Fault Tolerance Pattern 위한 mindset
02. Fault Tolerance Pattern 위한 mindset02. Fault Tolerance Pattern 위한 mindset
02. Fault Tolerance Pattern 위한 mindset
eva
 
Assessing Software Reliability Using SPC – An Order Statistics Approach
Assessing Software Reliability Using SPC – An Order Statistics ApproachAssessing Software Reliability Using SPC – An Order Statistics Approach
Assessing Software Reliability Using SPC – An Order Statistics Approach
IJCSEA Journal
 
Reliability and Safety
Reliability and SafetyReliability and Safety
Reliability and Safety
Thapa Prakash (TA-1)
 
Draft comparison of electronic reliability prediction methodologies
Draft comparison of electronic reliability prediction methodologiesDraft comparison of electronic reliability prediction methodologies
Draft comparison of electronic reliability prediction methodologies
Accendo Reliability
 
Sub-method Structural and Behavioral Reflection
Sub-method Structural and Behavioral ReflectionSub-method Structural and Behavioral Reflection
Sub-method Structural and Behavioral Reflection
Marcus Denker
 
Emerging Threats to Infrastructure
Emerging Threats to InfrastructureEmerging Threats to Infrastructure
Emerging Threats to Infrastructure
Jorge Orchilles
 
Enhancing Resilience 2
Enhancing Resilience 2Enhancing Resilience 2
Enhancing Resilience 2
Prof. David E. Alexander (UCL)
 
Et student survey results spring 2011 sfs all schools
Et student survey results spring 2011 sfs all schoolsEt student survey results spring 2011 sfs all schools
Et student survey results spring 2011 sfs all schools
Ross
 

Recomendados

02. Fault Tolerance Pattern 위한 mindset
02. Fault Tolerance Pattern 위한 mindset02. Fault Tolerance Pattern 위한 mindset
02. Fault Tolerance Pattern 위한 mindset
eva
 
Assessing Software Reliability Using SPC – An Order Statistics Approach
Assessing Software Reliability Using SPC – An Order Statistics ApproachAssessing Software Reliability Using SPC – An Order Statistics Approach
Assessing Software Reliability Using SPC – An Order Statistics Approach
IJCSEA Journal
 
Reliability and Safety
Reliability and SafetyReliability and Safety
Reliability and Safety
Thapa Prakash (TA-1)
 
Draft comparison of electronic reliability prediction methodologies
Draft comparison of electronic reliability prediction methodologiesDraft comparison of electronic reliability prediction methodologies
Draft comparison of electronic reliability prediction methodologies
Accendo Reliability
 
Sub-method Structural and Behavioral Reflection
Sub-method Structural and Behavioral ReflectionSub-method Structural and Behavioral Reflection
Sub-method Structural and Behavioral Reflection
Marcus Denker
 
Emerging Threats to Infrastructure
Emerging Threats to InfrastructureEmerging Threats to Infrastructure
Emerging Threats to Infrastructure
Jorge Orchilles
 
Enhancing Resilience 2
Enhancing Resilience 2Enhancing Resilience 2
Enhancing Resilience 2
Prof. David E. Alexander (UCL)
 
Et student survey results spring 2011 sfs all schools
Et student survey results spring 2011 sfs all schoolsEt student survey results spring 2011 sfs all schools
Et student survey results spring 2011 sfs all schools
Ross
 
Software archiecture lecture05
Software archiecture lecture05Software archiecture lecture05
Software archiecture lecture05
Luktalja
 
Dynamic vs. Traditional Probabilistic Risk Assessment Methodologies - by Huai...
Dynamic vs. Traditional Probabilistic Risk Assessment Methodologies - by Huai...Dynamic vs. Traditional Probabilistic Risk Assessment Methodologies - by Huai...
Dynamic vs. Traditional Probabilistic Risk Assessment Methodologies - by Huai...
ASQ Reliability Division
 
Ph.D. Dissertation
Ph.D. DissertationPh.D. Dissertation
Ph.D. Dissertation
Sumant Tambe
 
State model based
State model basedState model based
State model based
Rafael Roque
 
Semantic Modeling & Monitoring for Real Time Decision Making: Results and Nex...
Semantic Modeling & Monitoring for Real Time Decision Making: Results and Nex...Semantic Modeling & Monitoring for Real Time Decision Making: Results and Nex...
Semantic Modeling & Monitoring for Real Time Decision Making: Results and Nex...
Drogkaris Prokopios
 
Maintenance types
Maintenance typesMaintenance types
Maintenance types
Motasem Ash
 
Ali Mousavi -- Event modeling
Ali Mousavi -- Event modeling Ali Mousavi -- Event modeling
Ali Mousavi -- Event modeling
Anatoly Levenchuk
 
Proposed Algorithm for Surveillance Applications
Proposed Algorithm for Surveillance ApplicationsProposed Algorithm for Surveillance Applications
Proposed Algorithm for Surveillance Applications
Editor IJCATR
 
Efficient combinatorial models for reliability analysis of complex dynamic sy...
Efficient combinatorial models for reliability analysis of complex dynamic sy...Efficient combinatorial models for reliability analysis of complex dynamic sy...
Efficient combinatorial models for reliability analysis of complex dynamic sy...
ASQ Reliability Division
 
Fault tolerance
Fault toleranceFault tolerance
Fault tolerance
Gaurav Rawat
 
Sayon MS Thesis Presentation Draft-4
Sayon MS Thesis Presentation Draft-4Sayon MS Thesis Presentation Draft-4
Sayon MS Thesis Presentation Draft-4
Sayonsom Chanda
 
High dependability of the automated systems
High dependability of the automated systemsHigh dependability of the automated systems
High dependability of the automated systems
Alan Tatourian
 
Mutual Exclusion in Distributed Memory Systems
Mutual Exclusion in Distributed Memory SystemsMutual Exclusion in Distributed Memory Systems
Mutual Exclusion in Distributed Memory Systems
Dilum Bandara
 
The International Journal of Engineering and Science (The IJES)
The International Journal of Engineering and Science (The IJES)The International Journal of Engineering and Science (The IJES)
The International Journal of Engineering and Science (The IJES)
theijes
 
Integrated Process to Manage Disruptions in Supply Chains
Integrated Process to Manage Disruptions in Supply ChainsIntegrated Process to Manage Disruptions in Supply Chains
Integrated Process to Manage Disruptions in Supply Chains
Behzad Behdani
 
Resilient systems - predicatbility ane evolution
Resilient systems - predicatbility ane evolutionResilient systems - predicatbility ane evolution
Resilient systems - predicatbility ane evolution
Ivica Crnkovic
 
Model Risk Management : Best Practices
Model Risk Management : Best PracticesModel Risk Management : Best Practices
Model Risk Management : Best Practices
QuantUniversity
 
Resilience reloaded - more resilience patterns
Resilience reloaded - more resilience patternsResilience reloaded - more resilience patterns
Resilience reloaded - more resilience patterns
Uwe Friedrichsen
 
Preparing for a Black Swan: Planning and Programming for Risk Mitigation in E...
Preparing for a Black Swan: Planning and Programming for Risk Mitigation in E...Preparing for a Black Swan: Planning and Programming for Risk Mitigation in E...
Preparing for a Black Swan: Planning and Programming for Risk Mitigation in E...
juliekannai
 
Critical systems specification
Critical systems specificationCritical systems specification
Critical systems specification
Aryan Ajmer
 
Disaster Risk Management Knowledge Centre, Brian Doherty
Disaster Risk Management Knowledge Centre, Brian DohertyDisaster Risk Management Knowledge Centre, Brian Doherty
Disaster Risk Management Knowledge Centre, Brian Doherty
Global Risk Forum GRFDavos
 
Disaster risk reduction and nursing - human science research the view of surv...
Disaster risk reduction and nursing - human science research the view of surv...Disaster risk reduction and nursing - human science research the view of surv...
Disaster risk reduction and nursing - human science research the view of surv...
Global Risk Forum GRFDavos
 

Más contenido relacionado

Similar a European critical infrastructures: which analysis framework for supporting effective decision making?

Software archiecture lecture05
Software archiecture lecture05Software archiecture lecture05
Software archiecture lecture05
Luktalja
 
Dynamic vs. Traditional Probabilistic Risk Assessment Methodologies - by Huai...
Dynamic vs. Traditional Probabilistic Risk Assessment Methodologies - by Huai...Dynamic vs. Traditional Probabilistic Risk Assessment Methodologies - by Huai...
Dynamic vs. Traditional Probabilistic Risk Assessment Methodologies - by Huai...
ASQ Reliability Division
 
Maintenance types
Maintenance typesMaintenance types
Maintenance types
Motasem Ash
 
Proposed Algorithm for Surveillance Applications
Proposed Algorithm for Surveillance ApplicationsProposed Algorithm for Surveillance Applications
Proposed Algorithm for Surveillance Applications
Editor IJCATR
 
Efficient combinatorial models for reliability analysis of complex dynamic sy...
Efficient combinatorial models for reliability analysis of complex dynamic sy...Efficient combinatorial models for reliability analysis of complex dynamic sy...
Efficient combinatorial models for reliability analysis of complex dynamic sy...
ASQ Reliability Division
 
Sayon MS Thesis Presentation Draft-4
Sayon MS Thesis Presentation Draft-4Sayon MS Thesis Presentation Draft-4
Sayon MS Thesis Presentation Draft-4
Sayonsom Chanda
 
The International Journal of Engineering and Science (The IJES)
The International Journal of Engineering and Science (The IJES)The International Journal of Engineering and Science (The IJES)
The International Journal of Engineering and Science (The IJES)
theijes
 
Integrated Process to Manage Disruptions in Supply Chains
Integrated Process to Manage Disruptions in Supply ChainsIntegrated Process to Manage Disruptions in Supply Chains
Integrated Process to Manage Disruptions in Supply Chains
Behzad Behdani
 
Resilient systems - predicatbility ane evolution
Resilient systems - predicatbility ane evolutionResilient systems - predicatbility ane evolution
Resilient systems - predicatbility ane evolution
Ivica Crnkovic
 
Model Risk Management : Best Practices
Model Risk Management : Best PracticesModel Risk Management : Best Practices
Model Risk Management : Best Practices
QuantUniversity
 
Resilience reloaded - more resilience patterns
Resilience reloaded - more resilience patternsResilience reloaded - more resilience patterns
Resilience reloaded - more resilience patterns
Uwe Friedrichsen
 
Preparing for a Black Swan: Planning and Programming for Risk Mitigation in E...
Preparing for a Black Swan: Planning and Programming for Risk Mitigation in E...Preparing for a Black Swan: Planning and Programming for Risk Mitigation in E...
Preparing for a Black Swan: Planning and Programming for Risk Mitigation in E...
juliekannai
 
Critical systems specification
Critical systems specificationCritical systems specification
Critical systems specification
Aryan Ajmer
 

Similar a European critical infrastructures: which analysis framework for supporting effective decision making? (20)

Software archiecture lecture05
Software archiecture lecture05Software archiecture lecture05
Software archiecture lecture05
 
Dynamic vs. Traditional Probabilistic Risk Assessment Methodologies - by Huai...
Dynamic vs. Traditional Probabilistic Risk Assessment Methodologies - by Huai...Dynamic vs. Traditional Probabilistic Risk Assessment Methodologies - by Huai...
Dynamic vs. Traditional Probabilistic Risk Assessment Methodologies - by Huai...
 
Ph.D. Dissertation
Ph.D. DissertationPh.D. Dissertation
Ph.D. Dissertation
 
State model based
State model basedState model based
State model based
 
Semantic Modeling & Monitoring for Real Time Decision Making: Results and Nex...
Semantic Modeling & Monitoring for Real Time Decision Making: Results and Nex...Semantic Modeling & Monitoring for Real Time Decision Making: Results and Nex...
Semantic Modeling & Monitoring for Real Time Decision Making: Results and Nex...
 
Maintenance types
Maintenance typesMaintenance types
Maintenance types
 
Ali Mousavi -- Event modeling
Ali Mousavi -- Event modeling Ali Mousavi -- Event modeling
Ali Mousavi -- Event modeling
 
Proposed Algorithm for Surveillance Applications
Proposed Algorithm for Surveillance ApplicationsProposed Algorithm for Surveillance Applications
Proposed Algorithm for Surveillance Applications
 
Efficient combinatorial models for reliability analysis of complex dynamic sy...
Efficient combinatorial models for reliability analysis of complex dynamic sy...Efficient combinatorial models for reliability analysis of complex dynamic sy...
Efficient combinatorial models for reliability analysis of complex dynamic sy...
 
Fault tolerance
Fault toleranceFault tolerance
Fault tolerance
 
Sayon MS Thesis Presentation Draft-4
Sayon MS Thesis Presentation Draft-4Sayon MS Thesis Presentation Draft-4
Sayon MS Thesis Presentation Draft-4
 
High dependability of the automated systems
High dependability of the automated systemsHigh dependability of the automated systems
High dependability of the automated systems
 
Mutual Exclusion in Distributed Memory Systems
Mutual Exclusion in Distributed Memory SystemsMutual Exclusion in Distributed Memory Systems
Mutual Exclusion in Distributed Memory Systems
 
The International Journal of Engineering and Science (The IJES)
The International Journal of Engineering and Science (The IJES)The International Journal of Engineering and Science (The IJES)
The International Journal of Engineering and Science (The IJES)
 
Integrated Process to Manage Disruptions in Supply Chains
Integrated Process to Manage Disruptions in Supply ChainsIntegrated Process to Manage Disruptions in Supply Chains
Integrated Process to Manage Disruptions in Supply Chains
 
Resilient systems - predicatbility ane evolution
Resilient systems - predicatbility ane evolutionResilient systems - predicatbility ane evolution
Resilient systems - predicatbility ane evolution
 
Model Risk Management : Best Practices
Model Risk Management : Best PracticesModel Risk Management : Best Practices
Model Risk Management : Best Practices
 
Resilience reloaded - more resilience patterns
Resilience reloaded - more resilience patternsResilience reloaded - more resilience patterns
Resilience reloaded - more resilience patterns
 
Preparing for a Black Swan: Planning and Programming for Risk Mitigation in E...
Preparing for a Black Swan: Planning and Programming for Risk Mitigation in E...Preparing for a Black Swan: Planning and Programming for Risk Mitigation in E...
Preparing for a Black Swan: Planning and Programming for Risk Mitigation in E...
 
Critical systems specification
Critical systems specificationCritical systems specification
Critical systems specification
 

Más de Global Risk Forum GRFDavos

Más de Global Risk Forum GRFDavos (20)

Disaster Risk Management Knowledge Centre, Brian Doherty
Disaster Risk Management Knowledge Centre, Brian DohertyDisaster Risk Management Knowledge Centre, Brian Doherty
Disaster Risk Management Knowledge Centre, Brian Doherty
 
Disaster risk reduction and nursing - human science research the view of surv...
Disaster risk reduction and nursing - human science research the view of surv...Disaster risk reduction and nursing - human science research the view of surv...
Disaster risk reduction and nursing - human science research the view of surv...
 
Global alliance of disaster research institutes (GADRI) discussion session, A...
Global alliance of disaster research institutes (GADRI) discussion session, A...Global alliance of disaster research institutes (GADRI) discussion session, A...
Global alliance of disaster research institutes (GADRI) discussion session, A...
 
Towards a safe, secure and sustainable energy supply the role of resilience i...
Towards a safe, secure and sustainable energy supply the role of resilience i...Towards a safe, secure and sustainable energy supply the role of resilience i...
Towards a safe, secure and sustainable energy supply the role of resilience i...
 
Making Hard Choices An Analysis of Settlement Choices and Willingness to Retu...
Making Hard Choices An Analysis of Settlement Choices and Willingness to Retu...Making Hard Choices An Analysis of Settlement Choices and Willingness to Retu...
Making Hard Choices An Analysis of Settlement Choices and Willingness to Retu...
 
The Relocation Challenges in Coastal Urban Centers Options and Limitations, A...
The Relocation Challenges in Coastal Urban Centers Options and Limitations, A...The Relocation Challenges in Coastal Urban Centers Options and Limitations, A...
The Relocation Challenges in Coastal Urban Centers Options and Limitations, A...
 
C&A Save the Children Urban DRR Project, Ray KANCHARLA
C&A Save the Children Urban DRR Project, Ray KANCHARLAC&A Save the Children Urban DRR Project, Ray KANCHARLA
C&A Save the Children Urban DRR Project, Ray KANCHARLA
 
Involving the Mining Sector in Achieving Land Degradation Neutrality, Simone ...
Involving the Mining Sector in Achieving Land Degradation Neutrality, Simone ...Involving the Mining Sector in Achieving Land Degradation Neutrality, Simone ...
Involving the Mining Sector in Achieving Land Degradation Neutrality, Simone ...
 
Disaster Risk Reduction and Nursing - Human Science research the view of surv...
Disaster Risk Reduction and Nursing - Human Science research the view of surv...Disaster Risk Reduction and Nursing - Human Science research the view of surv...
Disaster Risk Reduction and Nursing - Human Science research the view of surv...
 
Training and awareness raising in Critical Infrastructure Protection & Resili...
Training and awareness raising in Critical Infrastructure Protection & Resili...Training and awareness raising in Critical Infrastructure Protection & Resili...
Training and awareness raising in Critical Infrastructure Protection & Resili...
 
IDRC Davos 2016 - Workshop Awareness Raising, Education and Training - Capaci...
IDRC Davos 2016 - Workshop Awareness Raising, Education and Training - Capaci...IDRC Davos 2016 - Workshop Awareness Raising, Education and Training - Capaci...
IDRC Davos 2016 - Workshop Awareness Raising, Education and Training - Capaci...
 
Global Alliance of Disaster Research Institutes - Hirokazu TATANO
Global Alliance of Disaster Research Institutes - Hirokazu TATANOGlobal Alliance of Disaster Research Institutes - Hirokazu TATANO
Global Alliance of Disaster Research Institutes - Hirokazu TATANO
 
Capacity Development for DRR, Beatrice PROGIDA
Capacity Development for DRR, Beatrice PROGIDACapacity Development for DRR, Beatrice PROGIDA
Capacity Development for DRR, Beatrice PROGIDA
 
Dynamic factors influencing the post-disaster resettlement success Lessons fr...
Dynamic factors influencing the post-disaster resettlement success Lessons fr...Dynamic factors influencing the post-disaster resettlement success Lessons fr...
Dynamic factors influencing the post-disaster resettlement success Lessons fr...
 
Consequences of the Armed Conflict as a Stressor of Climate Change in Colombi...
Consequences of the Armed Conflict as a Stressor of Climate Change in Colombi...Consequences of the Armed Conflict as a Stressor of Climate Change in Colombi...
Consequences of the Armed Conflict as a Stressor of Climate Change in Colombi...
 
Disaster Risk Perception in Cameroon and its Implications for the Rehabilitat...
Disaster Risk Perception in Cameroon and its Implications for the Rehabilitat...Disaster Risk Perception in Cameroon and its Implications for the Rehabilitat...
Disaster Risk Perception in Cameroon and its Implications for the Rehabilitat...
 
Systematic Knowledge Sharing of Natural Hazard Damages in Public-private Part...
Systematic Knowledge Sharing of Natural Hazard Damages in Public-private Part...Systematic Knowledge Sharing of Natural Hazard Damages in Public-private Part...
Systematic Knowledge Sharing of Natural Hazard Damages in Public-private Part...
 
Exploring the Effectiveness of Humanitarian NGO-Private Sector Collaborations...
Exploring the Effectiveness of Humanitarian NGO-Private Sector Collaborations...Exploring the Effectiveness of Humanitarian NGO-Private Sector Collaborations...
Exploring the Effectiveness of Humanitarian NGO-Private Sector Collaborations...
 
Can UK Water Service Providers Manage Risk and Resilience as Part of a Multi-...
Can UK Water Service Providers Manage Risk and Resilience as Part of a Multi-...Can UK Water Service Providers Manage Risk and Resilience as Part of a Multi-...
Can UK Water Service Providers Manage Risk and Resilience as Part of a Multi-...
 
A Holistic Approach Towards International Disaster Resilient Architecture by ...
A Holistic Approach Towards International Disaster Resilient Architecture by ...A Holistic Approach Towards International Disaster Resilient Architecture by ...
A Holistic Approach Towards International Disaster Resilient Architecture by ...
 

Último

Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functions
KarakKing
 

Último (20)

Understanding Accommodations and Modifications
Understanding Accommodations and ModificationsUnderstanding Accommodations and Modifications
Understanding Accommodations and Modifications
 
Single or Multiple melodic lines structure
Single or Multiple melodic lines structureSingle or Multiple melodic lines structure
Single or Multiple melodic lines structure
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
 
How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docx
 
Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functions
 
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdfUnit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
 
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
Graduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - EnglishGraduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - English
 
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptxHMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
 
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
 
How to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSHow to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POS
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...
 
Plant propagation: Sexual and Asexual propapagation.pptx
Plant propagation: Sexual and Asexual propapagation.pptxPlant propagation: Sexual and Asexual propapagation.pptx
Plant propagation: Sexual and Asexual propapagation.pptx
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 

European critical infrastructures: which analysis framework for supporting effective decision making?

  • 1. European Critical Infrastructures: Which analysis framework for supporting effective decision making? Sala Flüela, Wednesday 28/08, 8:30-10:00 • A resilience based analysis framework for critical infrastructures protection, Georgios Giannopoulos, EU-JRC, Ispra, Italy • Critical infrastructure disruptions: a generic system dynamic approach for decision support, Thomas Münzberg, KIT, Institute for Nuclear and Power Technology, Karlsruhe, Germany • Security and safety of cross border infrastructure, Sergio Olivero, SiTI, Instituto Superiore sui Sistemi Territoriali per l’innovazione, Torino, Italy • Decision making for resilience in critical infrastructure governance, Center for Security Studies, ETH, Zurich, Switzerland
  • 2. A resilience based analysis framework for critical infrastructures protection Georgios Giannopoulos – Roberto Filippini European Commission Joint Research Centre Institute for the Protection and Security of the Citizen Security Technology Assessment Unit ISPRA, Italy Serving society Stimulating innovation www.jrc.ec.europa.eu Supporting legislation
  • 3. Directive 2008/114/EC Council Directive of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection European Critical Infrastructure (ECI) ….means critical infrastructure located in Member States the destruction or disruption of which would have a significant impact on at least two Member States ECI must satisfy both: Cross-cutting criteria: casualties, economic effects, public effects Sectoral Criteria have been established for Transport and Energy sectors
  • 4. From policy to research • Scope • Interconnected systems => large-scale engineering, socio-technical systems => modern infrastructures (ICT, power grids, transport, etc…) • Features  Geographically distributed, cross-borders  Multi sectors, heterogeneous  Aggregated rather than designed on purpose  Evolving/adjusting to demand  … => from complex systems to… systems of systems
  • 5. High level requirements of analysis framework • Which user?  Operators and decision makers • Which system analysis?  comprehensive, overcoming sector specific boundaries, at affordable computation overhead • Which outcome?  Criticalities and vulnerabilities  System response and resilience  Trade-off local versus global risks  Synergies with other analysis tools
  • 6. A resilience based analysis framework: Why? Resilience is the ability of a system of • Resilience Vs. reliability preventing, withstanding, reacting and Broader scope => the recovering from failures. system may fail and then recover Prevention => state awareness + preparedness • Resilience Vs. control Reaction => activate defenses and resources More encompassing => Recovery => restore back to initial conditions Controls are also of non- functional nature • Resilience Vs. risk Failure assessment Complementary => resilience may (or not) Prevent React Recover Time meet risk requirements
  • 7. 5 6 4 3 5 6 4 3 2 2 1 1 System architecture The dependency graph Gas + PS + Controls + TX + Functional dependencies Distribution + Communication
  • 8. Why functional dependencies • Account for general relationships  Producer/consumer, provider/user, controller/controlled • Overcome specific sector diversities  A functional dependency is a-dimensional • Capture essential network semantic  Representing nominal operation set-up  Support failure analysis => provide directions of failures
  • 9. Structural analysis • Structural properties => Criticalities and vulnerabilities  How to identify most critical nodes?  How to identify most vulnerable nodes?  How many interdependencies are established for a given node? • Structural metrics => Coupling factors  How strict a node is coupled to the others (average distance)?  …
  • 10. Structural properties 5 6 5 6 5 6 4 3 4 3 4 3 2 2 2 1 1 1 Criticality Vulnerability Interdependency Node 2 is critical Node 2 is Loop 3,4,5,6 to 3,4 directly vulnerable from 1 5,6 indirectly
  • 11. Resilience analysis • Qualitative analysis => model checking  Do they exist failure scenarios that cannot be recovered? • Quantitative analysis => deterministic or probabilistic  Is a system resilient to disturbance?  Is a network resilient to disturbance?  Are the measures in place sufficient to resist/recover?  …
  • 12. Qualitative Resilience Analysis • Concurrent event sequence diagram 1. Initiating event -> the node failure 2. Next event within the set of failure (F) and recovery (R) enabled events 3. Scenario building up to the end state Recoverable scenarios Recoverable/time bounded Non recoverable scenarios Transient behavior
  • 13. Concurrency and indeterminism 5 6 4 3 2 1 5 6 Example of concurrent event diagram 4 3 Concurrency among events and indeterminism 2 Two possible scenarios are identified 1
  • 14. Quantitative Resilience Analysis 1. Deterministic  System response to a given disturbance profile 2. Stochastic  Distribution of system response for a given disturbance profile => Sensitivity analysis to 1 and 2  Sensitivity to a single node failure  Sensitivity to model parameters  Sensitivity to more node failures => attack scenarios!
  • 15. Quantitative Resilience Analysis (2) • The model => discrete event system  Every node is given a binary state variable X = [0,1] • Model parameters  Operation drift  Service thresholds  Buffering and time to recovery  Disturbance profile => which node and duration
  • 16. Failure 4 and recovery 6 are r = x1 + x2 + x3 + x4 concurrent Simulation of scenarios (deterministic) Resilience is the sum of the node’s states (1 is functioning) in the loop 3, 4, 5 and 6. Timing of concurrent events matters! Is this matter of design, or coordination (control)
  • 17. Resilience and Risk assessment • Estimate of consequences • Evaluation of the likelihood Transient behavior Estimate costs for the duration of the service disruption, for each node affected
  • 18. System of systems 5 6 1 Modeling language 4 3 2 2 Dependency network 1 3 Structural analysis 4 Resilience analysis Risk assessment Deterministic Stochastic 5 Resilience informed design 6 Integrate… Other analyses
  • 19. Conclusions • The basic ideas  Develop a methodology in which all relevant players in a interconnected infrastructure are included within the same analysis framework  Focus on functional dependencies -> dependency network  Define simple mechanisms of failure/recovery  Analysis of structural properties and resilience • The way forward => Resilience informed design  Reduce/control system variability  Resilience control paradigm, cross-sector and intra-dependencies  Decision making at high level through resilience scenarios prioritization