Title: Assessing n-order dependencies between critical infrastructures

Authors: Panayiotis Kotzanikolaou; Marianthi Theoharidou; Dimitris Gritzalis

Addresses: Department of Informatics, University of Piraeus, 85 Karaoli and Dimitriou, GR-18534, Piraeus, Greece ' Department of Informatics, Athens University of Economics and Business, 76 Patission Ave., GR-10434, Athens, Greece ' Department of Informatics, Athens University of Economics and Business, 76 Patission Ave., GR-10434, Athens, Greece

Abstract: The protection of critical infrastructures (CI) is a complex task, since it involves the assessment of both internal and external security risk. In the recent literature, methodologies have been proposed that can be used to identify organisation-wise security threats, or even first-order dependency risk (i.e., risk deriving from direct dependencies). However, there is a lack of work in the area of multi-order dependencies, i.e., assessing the cumulative effects of a single incident, on infrastructures that are connected indirectly. In this paper, we propose a method to identify and assess multi-order dependencies. Based on previous work, we utilise existing first-order dependency graphs, in order to assess the effect of a disruption to consequent infrastructures. In this way, it may be possible to identify and prevent security threats of very high impact from a macroscopic view, which would be hard to identify if we only examine first-order dependencies. We also present a scenario, which provides some evidence on the applicability of the proposed approach.

Keywords: critical infrastructure protection; risk assessment; criticality; multi-order dependencies; critical infrastructures; security risks; dependency graphs; security threats.

DOI: 10.1504/IJCIS.2013.051606

International Journal of Critical Infrastructures, 2013 Vol.9 No.1/2, pp.93 - 110

Published online: 28 Apr 2014 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article