CI-3 Dependency and Interdependency Considerations for Critical Infrastructure

Similar documents
Energy Assurance Plans

Building A Disaster Resilient Quebec

Emergency Support Function #12 Energy Annex. ESF Coordinator: Support Agencies:

The Federal Council s Basic Strategy. for Critical Infrastructure Protection

CIPMA CRITICAL INFRASTRUCTURE PROTECTION MODELLING & ANALYSIS. Overview of CIP in Australia

Alternative Fuel Vehicles in State Energy Assurance Planning

Energy Assurance State Examples and Regional Markets Jeffrey R. Pillon, Director of Energy Assurance National Association of State Energy Officials

Introduction to Homeland Security

National Cyber Incident Response - Architectural Concepts

National Policy and Guiding Principles

Critical Infrastructure

The Geospatial Dimensions of Critical Infrastructure and Emergency Response. White Paper Series. No. 1 - Infrastructure Interdependencies

Appendix M. Lifeline Sector Coordination

Critical Information Infrastructure Protection Law

Homeland Security and Geographic Information Systems

Cybersecurity Presidential Policy Directive Frequently Asked Questions. kpmg.com

PD 7: Homeland Security Presidential Directive 7: Critical Infrastructure Identification, Prioritization, and Protection

Energy Assurance Energy Assurance and Interdependency Workshop Fairmont Hotel, Washington D.C. December 2 3, 2013

The Australian Government s Approach to Critical Infrastructure Resilience

Principles for a National Space Industry Policy

CRITICAL INFRASTRUCTURE INTERDEPENDENCIES

Resilient Energy Solutions for Community Needs

cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

EPRO. Electric Infrastructure Protection Initiative EPRO BLACK SKY SYSTEMS ENGINEERING PROCESS

HITRAC Hurricane Sandy Support

FLOOD VULNERABILITY ASSESSMENT FOR CRITICAL FACILITIES

BCP At Bangkok Bank, Thailand

Critical Infrastructure Protection (CIP) as example of a multi-stakeholder approach.

Resilience at JRC. Naouma Kourti. Dep. Head of Unit. Technology Innovation in security Security, Space and Migration Directorate

An Operational Cyber Security Perspective on Emerging Challenges. Michael Misumi CIO Johns Hopkins University Applied Physics Lab (JHU/APL)

Drinking Water Emergency Management Ministry of the Environment 2012 Drinking Water Leadership Summit October 25, 2012

South East Region THIRA

DISASTER RISK MANAGEMENT (DRM/DRR) TEAM

Critical Resilient Interdependent Infrastructure Systems and Processes

Communications and Electric Power Sectors:

Doug Couto Texas A&M Transportation Technology Conference 2017 College Station, Texas May 4, 2017

November 14, Emergency Management and Hurricane Irma. Florida Human Resources People and Strategy (FLHRPS)

Why you should adopt the NIST Cybersecurity Framework

Building Resilience to Disasters for Sustainable Development: Visakhapatnam Declaration and Plan of Action

Using Operations Dashboard for ArcGIS: An Introduction

THE WHITE HOUSE. Office of the Press Secretary. EMBARGOED UNTIL DELIVERY OF THE PRESIDENT'S February 12, 2013 STATE OF THE UNION ADDRESS

It s all about Trust! Public-Private Shared Cyber Threat Situational Capability National Pilot in Hawaii

RESILIENCE AND CRITICAL INFRASTRUCTURE

Public and Private Interdependencies Filling a Gap in Most Continuity Plans

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013

Cybersecurity Overview

Critical Infrastructure Resilience

Professional in Critical Infrastructure Protection

Executive Order on Coordinating National Resilience to Electromagnetic Pulses

Understanding Holistic Effects of Cyber Events on Critical Infrastructure

Smart Cities and Security. Security - 1

Strategic Investment Prioritization for Management of Risk of Land Development Adjacent to Critical Private Infrastructure Networks

STRATEGY ATIONAL. National Strategy. for Critical Infrastructure. Government

BUSINESS CONTINUITY MANAGEMENT PROGRAM OVERVIEW

The NIS Directive and Cybersecurity in

The Confluence of Physical and Cyber Security Management

GIS Projects at the National Incident Management Systems and Advanced Technologies (NIMSAT) Institute

Gas Infrastructure Europe. Security Risk Assessment Methodology

Decision Support for Extreme Weather Impacts on Critical Infrastructure

Annual Training plan 2018

Critical Infrastructure Assessment

WELCOME TO A SILVER JACKETS WEBINAR ON:

Critical Infrastructure Security Vulnerability Assessment. A New Approach. Norman Bird - Senior Technical Lead - Nuclear Security

Demand for sustainable power is growing worldwide. Energy producers are broadening their offerings for a quickly evolving marketplace.

cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

Today s cyber threat landscape is evolving at a rate that is extremely aggressive,

PERSPECTIVES ON A J100 VULNERABILITY ASSESSMENT OUTCOMES AND LESSONS LEARNED BY MINNEAPOLIS WATER AUGUST 2016

ational Lifeline Utilities Coordination

Santa Clara County. San Francisco City and County. Marin County. Napa County. Solano County. Contra Costa County. San Mateo County

Infrastructure Resilience in Northland. Northland Lifelines Group October 2008

Vulnerability of Energy and Telecom Infrastructures to Extreme Weather Events A Risk Assessment Tool

EARTH Ex 2017 Middle Planning Conference

Presentation on the Community Resilience Program

Executive summary. Natural disasters including bushfires, floods, storms and cyclones have destructive and devastating consequences for Australia

Bradford J. Willke. 19 September 2007

Regional Resilience: Prerequisite for Defense Industry Base Resilience

Future Grid Initiative Technology Challenges in Designing the Future Grid to Enable Sustainable Energy Systems

The Geospatial Dimensions of Critical Infrastructure and Emergency Response. White Paper Series. Electric Sector Infrastructure Interdependencies

Critical Information Infrastructure Protection. Role of CIRTs and Cooperation at National Level

Energy Security: A Global Challenge

Resilience of Infrastructure Networks

Top 10 ICS Cybersecurity Problems Observed in Critical Infrastructure

Improving Resilience and Acceptance of Large

Colocation in the City of Angels

Minutes to Meltdown: EMP and the Threat to Nuclear Power

Introduction brief to the ISCe Satellite and Communications Conference

PIPELINE SECURITY An Overview of TSA Programs

Statement for the Record

2 1 S T C E NTURY INFRASTRUCTURE C OMMI S SION EXECUTIVE SUMMARY

How to Conduct a Business Impact Analysis and Risk Assessment

RELIABILITY OF THE BULK POWER SYSTEM

Hazard Management Cayman Islands

Business Continuity Planning

Mississippi Emergency Support Function #12 Energy Annex

Grid Modernization at the Department of Energy

Directive on Security of Network and Information Systems

GE Enterprise Solutions. Digital Energy

Secure Societies Work Programme Call

Securing strategic advantage

Requirements and Benefits of Programmatic vs. Project Driven Approach to New Build. Jay Brister, Vice President, Business Development, Power

Transcription:

CI-3 Dependency and Interdependency Considerations for Critical Infrastructure Prepared for: GovSec West 2011 Critical Infrastructure and Key Assets Protection & Response November 15, 2011 Lori Eaton Infrastructure Analyst Associate Infrastructure Assurance Center Argonne National Laboratory Argonne, IL

Argonne National Laboratory Multi program science and research center managed by The University of Chicago for the U.S. Department of Energy Located 25 miles southwest of Chicago Staff of about 4,000 (1,800 scientists and engineers) Active infrastructure assurance programs for 15 years Infrastructure Assurance Center helps to protect and assure critical infrastructures and key resources Go to Insert (View) Header and Footer" to add your organization, sponsor, meeting name here; then, click "Apply to All" 2

Argonne Infrastructure Assurance Center (IAC) Goal to provide methodologies, information, analyses, tools, and technologies to inform decisions about infrastructure protection and resilience Capabilities built on 20+ years of critical infrastructure protection support to DOE, DoD, President s Commission on Critical Infrastructure Protection (PCCIP), EMP Commission, DHS, and other organizations Part of Transition Team to standup DHS Large interdisciplinary staff to support infrastructure assurance work Engineers Methodologies Computer scientists Analyses Infrastructure Protection and Resilience Technologies Information and cyber security specialists Geospatial analysts Economists Social scientists Information Tools Argonne Staff, Other National Labs, Academia, Research Centers, Private Sector, Lawyers Regulatory analysts and public policy experts Risk management professionals Decision analysts Educators Go to Insert (View) Header and Footer" to add your organization, sponsor, meeting name here; then, click "Apply to All" 3

COLERAIN-SWITCH-STN.-230 KINGSLAND-230/115 Substation 230-kV Transmission Line 115-kV Tranmission Line FLORIDA CROOKED-RIVER-115 GEORGIA US-NAVAL-SUB-SUPPLY-#2-230 US-NAVAL-SUB-SUPPLY-#1-230 ST.-MARYS-115 Core Capabilities and Expertise Applied to Infrastructure Protection Risk and resilience methodology development and assessment National Regional Local Metrics development and analysis Infrastructure and interdependencies modeling & analysis LEGEND NAVAL SUBMARINE BASE KINGS BAY GIS/visualization tools Decision support systems Training (e.g., risk analysis) Go to Insert (View) Header and Footer" to add your organization, sponsor, meeting name here; then, click "Apply to All" 4

Presentation Outline Definition of Dependencies and Interdependencies Importance to Risk Interdependencies are Complex Types of Interdependencies Effects of Interdependencies Illustrative Infrastructure Interdependencies Interdependencies Lessons Learned Current Interdependencies Research GIS demo Go to Insert (View) Header and Footer" to add your organization, sponsor, meeting name here; then, click "Apply to All" 5

Infrastructure Outages Have Caused Interdependence Problems

The Interdependencies Concern Interdependencies lead to the possibility that our infrastructures may be vulnerable in ways they never have been before Physical Cyber Threats Complexity Interdependencies A series of incidents could interact (cascade) across critical infrastructures to degrade the service upon which all depend Intentional exploitation of these new vulnerabilities could have severe consequences for our economy, security, and way of life

Infrastructure Interdependencies Dependency and Interdependency are related Dependency refer to the a linkage or connection between two infrastructures through which the state of one influences the state of the other Interdependencies refers to a bidirectional relationship between infrastructures dependent on the other creating a systems of systems Infrastructure linkages vary significantly in scale and complexity The new economy (Internet, e commerce) has important interdependence implications Understanding interdependencies requires identifying how each infrastructure depends on, or is supported by, each of the other infrastructures

Definition of Interdependencies The multi or bi directional reliance of an asset, system, network, or collection thereof, within or across sectors, on input, interaction, or other requirement from other sources in order to function properly* Goods/Services Infrastructure j Infrastructure k Goods/Services *United States Department of Homeland Security National Infrastructure Protection Plan

Dependencies vs. Interdependencies Interdependencies Bidirectional Dependencies Unidirectional

Interdependencies Are Complex Synergies emerge when large sets of components interact with one another Complexity makes prediction of what will happen difficult to predict

Dimensions of Interdependencies State of Operation Normal Coupling and Response Behavior Type of Failure Repair/ Restoration Stressed/ Disrupted Business Security Legal/ Regulatory Technical Health/ Safety Environment Infrastructure Characteristics Organizational Operational Cascading Linear/ Complex Loose/ Tight Temporal Escalating Common Cause Spatial Physical Adaptive Inflexible Cyber Public Policy Logical Economic Geographic Types of Interdependencies Social/ Political

Types of Infrastructure Interdependencies Physical (e.g., output of one infrastructure used by another) Cyber (e.g., electronic, informational linkages) Geographic (e.g., common corridor) Logical (e.g., dependency through financial markets)

Physical Interdependencies Railroads Electricity signals, switches, control centers Locomotives (electrified rail) Physical Linkage Coal for fuel Delivers repair parts Coal Power Plant 14

Cyber Interdependency Monitors Controls Collects Data SCADA Supervisory Control And Data Acquisition system Computerized Systems

Close spatial proximity Geographic Interdependency (Common Corridor) Pipeline & Electric Transmission Lines Airport Tank Farms Rail & Transmission Lines Pipeline & Highway Telecom & Sewer 16

Logical Interdependency No direct physical, cyber or geographic connection Seasonal weather conditions Human decisions/habitual behaviors Public Policy (i.e. environmental regulations) Economic Impacts: Government Regulations consumer prices utility companies External market prices Lack of investments to meet growing demand (i.e. 2001 California Energy Crisis) 17

Illustrative Petroleum Dependencies

Three Effects of Interdependency Failures Common cause failure A disruption of two or more infrastructures at the same time because of a common cause Cascading failure A disruption in one infrastructure causes a disruption in a second infrastructure Escalating failure A disruption in one infrastructure exacerbates a disruption of a second infrastructure

Disruptions Could CASCADE Through the Electric Infrastructure 1 Control Center 2 Private Microwave Network 3 Generating Plant Transmission Substation Public Networks Distribution Substation Transportation Loads Commercial Loads Industrial Loads

Disruptions Could ESCALATE (Increase) Repair and Restoration Times 2 1 1 Control Center Private Microwave Network Distribution Substation 3 Generating Plant Transmission Substation Public Networks DELAY Repair Crews Transportation Loads Commercial Loads Industrial Loads

Multiple Infrastructures Need to be Considered* Critical Infrastructure Sectors Energy Transportation Systems Banking and Finance Chemical Postal and Shipping National Monuments and Icons Agriculture/Food Water Public Health Emergency Services Defence Industrial Base Information Technology Telecommunications Key Resources Commercial Nuclear Reactors Dams Government Facilities Commercial Facilities *Homeland Security Presidential Directive 7

Significant Electric Power Interdependencies Nuclear Power Plants Cooling Water controlled shutdown within one day Transmission sudden loss of transmission capacity can cause plant shutdown Process Control will shut down (if possible) Fossil Fuel Power Stations Fuel Supply may reduce or shut down power plant Cooling Water, Transmission, Process Control as above Transmission Telecommunication important for substation and dispatch center operations Distribution Similar to Transmission

Significant Commercial Building Interdependencies Utilities Electric Power most large commercial buildings have single distribution circuit from single utility substation Potable Water many buildings have only one source of potable water, typically supplied by municipality, inadequate onsite water storage Sewer may require building evacuation if shut down Telecommunications only if no redundant external sources are unavailable Check for redundancy and emergency backup capability

Interdependencies Can be Considered at Multiple Levels Facilities/Assets End to End Systems Networks Regions Communities 25

A Systems Representation is Used to Understand Interdependencies 26

Interdependencies Change during Events Pre Event Trans Event Post Event Projected Storm Track New Orleans Flooding Damaged Storage Facility Projected Impacts Natural Gas Oil Refinery Impacts Natural Gas Production Days After Landfall 27

A Defendable Process is Essential for Making Infrastructure Decisions Entering HILLSVILLE FOUNDED 1802 ALTITUDE 620 POPULATION 3700 TOTAL 6122

Modeling/Visualization Tools Improve Understanding of Interdependencies CAS Visualization

Service Restoration Is an Important Aspect of Interdependencies Analysis Tool developed: Restore * Purpose: estimate service restoration time (i.e., the amount of time required to restore a system to an operational state) Motivation: Impacts of disruptions vary as a function of the outage duration Duration of outages is uncertain Estimates of outage duration are important in making decisions about system operations and strategies for mitigating vulnerabilities

Restore Provides a Framework for Examining Interdependencies and Restoration Uncertainty 0.06 0.05 Range and Likelihood of Outage Time (Probability Density) Critical Critical Outage Outage Time Time Probability Density 0.04 0.03 0.02 0.01 0 0 12 24 36 48 Total Outage Time (hr)

0.10 0.08 0.06 0.04 0.02 0.00 0 10 20 30 40 Restore Example: Repair and Restoration of a Ruptured Natural Gas Pipe Probability Density Time Until Area Is Safe Probability Density 0 5 t 1 (hrs) 0 5 t 2 (hrs) Blowdown of pipe contents Replacement of Damaged Pipeline new pipeline segment Initiating Event Occurs Additional Accessibility Time for Crew Probability Density 0 3 t 3 (hrs) Repeat repair if test fails. Location (urban, rural, remote) affects access time. Hydrostatic Testing Probability Distribution over Restoration Time Probability Density Hours Service Restored Natural Gas Probability Density 0 10 t 6 (hrs) Purging of Pipeline Inert gas & air Inert gas Inert gas Probability Density 0 30 t + t (hrs) 5 5+

Repair and Restoration of a Ruptured Gas Pipe A Restore Transition Diagram (portion) Dependence on Transportation (Road) Dependence on Telecommunications

Results for Repair and Restoration of a Damaged NG Pipeline Telecom Operational This graph tells us that: Outage duration range is about 60 140 hrs Most likely value is about 90 hrs Probability that duration > 115 hours is ~5%

Results for Repair and Restoration of a Damaged NG Pipeline Telecom Disrupted Previous graph said: Outage duration range is about 60 140 hrs Most likely value is about 90 hrs Probability that duration > 115 hours is ~5% This graph tells us that: Outage duration range is about 90 240 hrs Most likely value is about 150 hrs Probability that duration > 200 hours is ~5%

Over the Past Several Years, Argonne Staff Have Developed the Following Restore Models Natural Gas Gas Pipelines Diameters: Diameters: 12, 12, 16, 16, 36 36 Pressures: Pressures: 250 250 psig, psig, >250 >250 psig psig Variable Variable repair repair lengths lengths Fail Fail & foul foul weather weather Time Time of of day, day, day day of of week week Type Type of of terrain terrain Location: Location: urban, urban, suburban, suburban, rural rural City City Gate Gate POL POL Pumping Station Compressor Station Propane Air Air Peaking Station NG NG Separator Underground Storage Facility Large substation transformer

GIS Demo Julie Muzzareli s GIS piece Go to Insert (View) Header and Footer" to add your organization, sponsor, meeting name here; then, click "Apply to All" 37

Benefits of Interdependencies Analysis Tools Facilitate understanding of how disruptions: - Propagate (cascade) among infrastructures - Exacerbate repair and restoration problems Identify critical components and vulnerabilities from interdependencies perspective (transcends single infrastructure perspective of asset criticality) Determine consequences of disruptions (e.g., economic impacts) Allow what if analyses Support exercises, training, and education

Infrastructure Interdependencies Present Challenges for Security and Reliability Need to identify infrastructure assets that, if lost or degraded, could adversely affect the performance of other infrastructures Normal and stressed operations Disruptions (including coincident events) Repair and restoration Need to identify how interdependencies change as a function of outage duration, frequency, and other factors Need to identify how backup systems or other mitigation mechanisms can reduce interdependence problems

Interdependencies-related Lessons Learned Vulnerabilities resulting from infrastructure interdependencies are generally not as well understood as other vulnerabilities Single point failures (due to interdependencies) can lead to multiple infrastructure disruptions Interdependencies can exacerbate repair and restoration problems Facilities that have experience with natural disasters typically have a better understanding of infrastructure interdependencies more likely to have contingency plans to deal with outages You are only as secure as your suppliers and distributors

Moving Toward Cascading Failure Solutions Identify internal and external infrastructure assets, systems, and networks that, if lost or degraded, could adversely affect performance Study natural disasters and incidents to gain insight into interdependencies problems and solutions Develop contingency plans to deal with cascading outages Identify how backup systems and other mitigation mechanisms can reduce interdependencies problems implement as appropriate Address security in contractual arrangements Collaborate, cooperate, participate Avoid failure of imagination

Interdependencies Influence all Components of Risk Risk = f(threat, Vulnerability, Consequence) T = f(capability, Intent) Innovative Targeting to Exploit Interdependencies V = f(physical, Cyber, Human) Expanded Set of Vulnerabilities Due to Interdependencies Vulnerabilities Threats Risk Consequences C = f(deaths, Economic Losses, Strategic Mission Impacts, Psychological Impacts, ) Cascading and Escalating Interdependent Consequences Interdependencies: Risk Multiplier 42

Summary Interdependencies are complex and multi dimensional There is no one solution to analyzing interdependencies Infrastructure dependencies and interdependencies should be factored into risk decisions Interdependencies is a growing research area with great need for enhanced capability and innovation

Go to Insert (View) Header and Footer" to add your organization, sponsor, meeting name here; then, click "Apply to All" 44

Lori Eaton Infrastructure Analyst Associate Infrastructure Assurance Center Argonne National Laboratory leaton@anl.gov Go to Insert (View) Header and Footer" to add your organization, sponsor, meeting name here; then, click "Apply to All" 45

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback