|
Stefan Schauer, Stefan Rass, Sandra König, Thomas Grafenauer, & Martin Latzenhofer. (2018). Analyzing Cascading Effects among Critical Infrastructures. In Kees Boersma, & Brian Tomaszeski (Eds.), ISCRAM 2018 Conference Proceedings – 15th International Conference on Information Systems for Crisis Response and Management (pp. 428–437). Rochester, NY (USA): Rochester Institute of Technology.
Abstract: In this article, we present a novel approach, which allows not only to identify potential cascading effects within a network of interrelated critical infrastructures but also supports the assessment of these cascading effects. Based on percolation theory and Markov chains, our method models the interdependencies among various infrastructures and evaluates the possible consequences if an infrastructure has to reduce its capacity or is failing completely, by simulating the effects over time. Additionally, our approach is designed to take the intrinsic uncertainty into account, which resides in the description of potential consequences a failing critical infrastructure might cause, by using probabilistic state transitions. In this way, not only the critical infrastructure's risk and security managers are able to evaluate the consequences of an incident anywhere in the network but also the emergency services can use this information to improve their operation in case of a crisis and anticipate potential trouble spots.
|
|
|
Stefan Schauer, Stefan Rass, Sandra König, Klaus Steinnocher, Thomas Schaberreiter, & Gerald Quirchmayr. (2020). Cross-Domain Risk Analysis to Strengthen City Resilience: the ODYSSEUS Approach. In Amanda Hughes, Fiona McNeill, & Christopher W. Zobel (Eds.), ISCRAM 2020 Conference Proceedings – 17th International Conference on Information Systems for Crisis Response and Management (pp. 652–662). Blacksburg, VA (USA): Virginia Tech.
Abstract: In this article, we want to present the concept for a risk management approach to assess the condition of critical infrastructure networks within metropolitan areas, their interdependencies among each other and the potential cascading effects. In contrast to existing solutions, this concept aims at providing a holistic view on the variety of interconnected networks within a city and the complex dependencies among them. Therefore, stochastic models and simulations are integrated into risk management to improve the assessment of cascading effects and support decision makers in crisis situations. This holistic view will allow risk managers at the city administration as well as emergency organizations to understand the full consequences of an incident and plan mitigation actions accordingly. Additionally, the approach will help to further strengthen the resilience of the entire city as well as the individual critical infrastructures in crisis situations.
|
|
|
Stefan Schauer, Stefan Rass, & Sandra König. (2021). Simulation-driven Risk Model for Interdependent Critical Infrastructures. In Anouck Adrot, Rob Grace, Kathleen Moore, & Christopher W. Zobel (Eds.), ISCRAM 2021 Conference Proceedings – 18th International Conference on Information Systems for Crisis Response and Management (pp. 404–415). Blacksburg, VA (USA): Virginia Tech.
Abstract: Critical infrastructures (CIs) in urban areas or municipalities have evolved into strongly interdependent and highly complex networks. To assess risks in this sophisticated environment, classical risk management approaches require extensions to reflect those interdependencies and include the consequences of cascading effects into the assessment. In this paper, we present a concept for a risk model specifically tailored to those requirements of interdependent CIs. We will show how the interdependencies can be reflected in the risk model in a generic way such that the dependencies among CIs on different levels of abstraction can be described. Furthermore, we will highlight how the simulation of cascading effects can be directly integrated to consistently represent the assessment of those effects in the risk model. In this way, the model supports municipalities' decision makers in improving their risk and resilience management of the CIs under their administration.
|
|
|
Sandra König, & Stefan Schauer. (2019). Cascading Threats in Critical Infrastructures with Control Systems. In Z. Franco, J. J. González, & J. H. Canós (Eds.), Proceedings of the 16th International Conference on Information Systems for Crisis Response And Management. Valencia, Spain: Iscram.
Abstract: Critical infrastructures (CIs) increase in complexity due to numerous dependencies on other CIs but also due to the ongoing digitalization in the industry sector. This yields an increased risk of failure of a single CI as the overall systems gets very fragile and sensitive to errors Failure of a single component may affect large parts of an infrastructure due to cascading effects. One way to support functionality of a CI is the use of Industrial Control Systems (ICS) that allow monitoring remote sites and controlling processes. However, this is an additional source for threats as recent cyber-attacks have shown. Further, the additional information for such cyber systems is often not efficiently combined with existing information on the physical infrastructure. We here propose a method to combine these two sources of information in order to estimate the impact of a security incident on CIs, taking into account cascading effects of threats. An implementation of the model allows simulation of the dynamics inside a CI and yields a record of the status of each asset of the CI. The way the assets change their states illustrates the consequences of an incident on the entire CI. Visualization of the results provides an overview on the situation of the entire CI at a certain point of time and a sequence of such visualization over an entire period of time illustrates the changes over time. The results from this analysis may be used to support security officers in analyzing the current (hybrid) state of their CI in case of an incident and thus increase the hybrid situational awareness.
|
|