Alexander Gabriel, Florian Brauner, Andreas Lotter, Frank Fiedrich, & Ompe Aimé Mudimu. (2018). The determination of critical components of European Rail Traffic Management systems towards cyber-attacks. In Kees Boersma, & Brian Tomaszeski (Eds.), ISCRAM 2018 Conference Proceedings – 15th International Conference on Information Systems for Crisis Response and Management (pp. 291–303). Rochester, NY (USA): Rochester Institute of Technology.
Abstract: “Recent events have shown the vulnerability of IT systems of companies, organizations or even governments to hacker attacks. At the same time, information technologies are becoming increasingly established and important in various industries (digitalization). With a view to the modern development of terrorism, cyber-attacks can be used to physically damage critical infrastructures (CI). This leads to a new dimension of cyber-attacks, which are called terrorist cyber-attacks. The following research contributes to the identification of weak information technology components of railway operating systems and thus improves the safety of public transportation in the context of the European railway traffic management system (ERTMS). The core of this paper is an extended literature research on security flaws in the ERTMS. The future introduction of a methodology for evaluating the criticality of information technology system components will build on this using cyber threats and public transportation as examples.”
|
Alexander Gabriel, Simon Schleiner, Florian Brauner, Florian Steyer, Verena Gellenbeck, & Ompe Aimé Mudimu. (2017). Process modelling of physical and cyber terrorist attacks on networks of public transportation infrastructure. In eds Aurélie Montarnal Matthieu Lauras Chihab Hanachi F. B. Tina Comes (Ed.), Proceedings of the 14th International Conference on Information Systems for Crisis Response And Management (pp. 390–399). Albi, France: Iscram.
Abstract: Recent events have demonstrated the vulnerability of IT-systems of different companies, organisations or even governments to hacker attacks. Simultaneously, information technologies have become increasingly established and important for institutions of various branches. With respect to modern terrorism developments, cyber-attacks may be used to physically harm critical infrastructures. This leads to a new dimension of cyber-attacks called “terrorist cyber-attacks”. This research-in-progress paper aims to develop a process model for data acquisition and support of decision making that seeks to enhance the security of public transportation in the context of counterterrorism. Therefore, a generic process model for terrorist cyber-attacks – produced in the research project RE(H)STRAIN1 – is intro-duced as a basis for a decision support system (DSS). In the future, such models could improve the decision process by comparing the effectiveness of different security measures.
|
Andreas Lotter, Florian Brauner, Alexander Gabriel, Frank Fiedrich, & Stefan Martini. (2017). New Decision-Support Framework for Strengthening Disaster Resilience in Cross-Border Areas. In eds Aurélie Montarnal Matthieu Lauras Chihab Hanachi F. B. Tina Comes (Ed.), Proceedings of the 14th International Conference on Information Systems for Crisis Response And Management (pp. 412–419). Albi, France: Iscram.
Abstract: The improvement of disaster resilience in cross-border areas causes special challenges. Involved countries use different structures in their civil protection systems and have to work together facing more difficult conditions than in local incidents. Furthermore, in the past involved countries mainly worked individually and focused on the concerned areas in their territories regardless transnational activities. The project INCA will develop a resilience framework to support decision-makers. The framework will focus on information management, the implementation of volunteers and the needs of citizens who are receiving medical care. Therefore, a case study region on the German-French border was defined and a scenario-based approach will be used to investigate resilience opportunities through disaster collaboration. The tested scenario is a transnational long-lasting power-outage in the German-French region.
|
Andreas Lotter, Philipp John, Patricia Schütte, Florian Brauner, & Frank Fiedrich. (2020). Field Observation of Parallel Working Coordination Groups and Command and Control Centres to Understand and Improve Inter-organizational Information Management – A Methodical Approach. In Amanda Hughes, Fiona McNeill, & Christopher W. Zobel (Eds.), ISCRAM 2020 Conference Proceedings – 17th International Conference on Information Systems for Crisis Response and Management (pp. 303–314). Blacksburg, VA (USA): Virginia Tech.
Abstract: In emergency response, parallel working coordination groups and command and control centres are responsible to deal with complex events. A well-functioning exchange of information between organizations, officials and these coordination groups is the basis for an efficient risk management. This paper describes a methodical ap-proach for field observation to understand and improve the inter-organizational information management be-tween the involved partners. The method was tested within a practical approach and possible occurring problems during the observation were identified and solutions for these problems are provided.
|
Florian Brauner, Julia Maertens, Holger Bracker, Ompe Aimé Mudimu, & Alex Lechleuthner. (2015). Determination of the effectiveness of security measures for low probability but high consequence events: A comparison of multi-agent-simulation & process modelling by experts (L. Palen, M. Buscher, T. Comes, & A. Hughes, Eds.). Kristiansand, Norway: University of Agder (UiA).
Abstract: Due to the increasing danger of terrorist attacks, it is necessary to determine the preventive effects of security measures installed in e.g. public transportation systems. Since, there is no common practice to determine the preventive effects; we developed two different methodologies to analyse those effects, both are suitable for the assessment of security measures. The first method is a semi-quantitative method based on expert-estimations combined with a modelled process of an attack.The second method models the scenarios using a multi-agent-based simulation framework. Simulating a large number of runs, it is possible to derive values for indicators of interest on statistical basis. We show the suitability of both methods by applying them on a practical example of a public transportation system. In this paper we introduce both methodologies, show an exemplary application and present the strengths and weaknesses and how they can be linked to get an increased benefit.
|
Florian Brauner, Thomas Münzberg, Marcus Wiens, Frank Fiedrich, Alex Lechleuthner, & Frank Schultmann. (2015). Critical Infrastructure Resilience: A Framework for Considering Micro and Macro Observation Levels. In L. Palen, M. Buscher, T. Comes, & A. Hughes (Eds.), ISCRAM 2015 Conference Proceedings ? 12th International Conference on Information Systems for Crisis Response and Management. Kristiansand, Norway: University of Agder (UiA).
Abstract: The resilience mechanisms of Critical Infrastructures (CIs) are often hard to understand due to system complexity. With rising research interest, models are developed to reduce this complexity. However, these models imply reductions and limitations. According to the level of observation, models either focus on effects in a CI system or on effects in a single CI. In cases of limited resources, such limitations exclude some considerations of crisis interventions, which could be identified in combining both observation levels. To overcome these restrictions, we propose a two-step framework which enables to analyze the vulnerability of a CI and as well in comparison to other CIs. This enhances the understanding of temporal crisis impacts on the overall performance of the supply, and the crisis preparations in each CI can be assessed. The framework is applied to the demonstrating example of the functionalities of hospitals that are potentially suffering from a power outage.
|