|
Abdelgawad, A. A. (2023). An Updated System Dynamics Model for Analysing the Cascading Effects of Critical Infrastructure Failures. In Jaziar Radianti, Ioannis Dokas, Nicolas Lalone, & Deepak Khazanchi (Eds.), Proceedings of the 20th International ISCRAM Conference (pp. 595–608). Omaha, USA: University of Nebraska at Omaha.
Abstract: Aiming at examining the cascading effects of the failure of Critical Infrastructure (CI), this work-in-progress research introduces an improved System Dynamics model. We represent an improvement over the previous models aimed at studying CIs interdependencies and their cascading effects. Our model builds on earlier models and corrects their flaws. In addition to introducing structural enhancements, the improvements include using unpublished data, a fresh look at a previously collected dataset and employing a new data processing to address and resolve some longstanding issues. The dataset was fed to an optimisation model to produce a new dataset used in our model. The structure of our SD model, its dataset and the data processing techniques we employed to create this dataset are all described in the study. Although the model has passed the fundamental validation criteria, more validation testing and scenario exploration are yet to be conducted.
|
|
|
Sandra König, & Stefan Schauer. (2019). Cascading Threats in Critical Infrastructures with Control Systems. In Z. Franco, J. J. González, & J. H. Canós (Eds.), Proceedings of the 16th International Conference on Information Systems for Crisis Response And Management. Valencia, Spain: Iscram.
Abstract: Critical infrastructures (CIs) increase in complexity due to numerous dependencies on other CIs but also due to the ongoing digitalization in the industry sector. This yields an increased risk of failure of a single CI as the overall systems gets very fragile and sensitive to errors Failure of a single component may affect large parts of an infrastructure due to cascading effects. One way to support functionality of a CI is the use of Industrial Control Systems (ICS) that allow monitoring remote sites and controlling processes. However, this is an additional source for threats as recent cyber-attacks have shown. Further, the additional information for such cyber systems is often not efficiently combined with existing information on the physical infrastructure. We here propose a method to combine these two sources of information in order to estimate the impact of a security incident on CIs, taking into account cascading effects of threats. An implementation of the model allows simulation of the dynamics inside a CI and yields a record of the status of each asset of the CI. The way the assets change their states illustrates the consequences of an incident on the entire CI. Visualization of the results provides an overview on the situation of the entire CI at a certain point of time and a sequence of such visualization over an entire period of time illustrates the changes over time. The results from this analysis may be used to support security officers in analyzing the current (hybrid) state of their CI in case of an incident and thus increase the hybrid situational awareness.
|
|