International Journal of Critical Infrastructures (15 papers in press)
Failure Modes and Effects Analysis for an Engineering Design Modification in the U.S. Nuclear Power Industry
by Pamela Torres-Jimenez
Abstract: Engineering design modifications for nuclear power plants can be extensive and complex projects involving numerous activities and multi-discipline resources. Failure modes, or risks, involved with these activities can impact project cost, schedule, or even introduce safety hazards. The identification of risks and the establishment of detection and mitigation strategies early on the project development stage can prevent future adverse effects on project cost and schedule. This paper focuses on the evaluation of risks that can arise during the development of a conceptual design modification project at a U.S. nuclear power plant using the Failure Modes and Effects Analysis tool. The analysis evaluates a list of activities to be completed as part of a conceptual design package. Failure modes are identified for each activity and ranked for severity, the likelihood of failure, and opportunity for detection. These ranks are later used to calculate a risk priority number for each activity. This number is used to identify the activities with higher risk to assist engineers in the development of person-hour estimates for projects. The results presented in this paper are expected to support the U.S. nuclear industry in the identification and mitigation of risks beyond what is already addressed in plant-specific procedures.
Keywords: FMEA; engineering; design modification; U.S.; nuclear.
Are security standards for electricity infrastructure a good choice for Europe? Evidence on cost and benefits from two case studies
by Elena Ragazzi, Alberto Stefanini
Abstract: The widespread use of Internet for communication within online decision support, monitoring and control for industrial and business systems and processes - included key infrastructures such as electricity, oil, gas and water networks and the financial and banking networks and systems - made those systems vulnerable to computer viruses and hacking. Cyber-attacks may affect large portions of the power system, make repair difficult and cause huge societal impact, so that pressure to ensure cyber-security of control and communication systems is now strong worldwide. Several cyber-security frameworks have been developed, but it is rather difficult to anticipate costs and benefits of their adoption, and this hampers their generalized adoption.
This paper focuses on the conclusions emerging from the outcome of two case studies, concerning a broad portion of the Italian power generation capability and the Polish Transmission System, performed in order to evaluate these costs and benefits on a rational base. The likely socio-economic impact of failures due to faults and attacks exploiting those vulnerabilities, and the costs of standard adoption are estimated on an objective basis.
Standards are globally adopted and applied in many markets, as they help achieving compatibility and interoperability and simplify product development, thus speeding time-to-market. They also make it easier to understand and compare competing products. This helps understanding why, when trying to establish a shared approach to cyber security on a rational base, one may only resort to the existing and incoming standards having relevance to control systems security. Based on several current and prospected security standards, the project identified the key organizational and technical countermeasures needed to increase the security level of the involved infrastructures so as to neutralize possible attacks. In particular for the protection of power generation plants the analysis concerned one framework specific for the electricity systems (the NERC CIP standards), two standards concerning industrial controls - ISA 99-03-02 and NIST 800-82 - and two standards specific for information systems, ISO/IEC 27001 and NIST 800-53. NIST 800-53 was surveyed also for the case-study concerning the protection of the grid, together with ISO 27002 and IEC 62351 (Information Security for Power System Control Operations, a very specific standard for Remote Terminal Units).
Starting from the output of the case studies, which are based on the costs that should be borne by a specific company, the analysis calculated the cost that a country should deal with in the adoption of security standards in the transmission and generation of electricity. In both cases two situations have been considered: costs that should be borne in a hypothetical scenario where no security standards had been implemented yet and costs that should be borne starting from the current situation in order to manage a higher supplementary security.
The assessment is made rather complex because, whereas security costs are incurred in any case, security benefits emerge only in case of an attack whose consequences the countermeasures were designed to nullify or mitigate. The case studies have shown that some of the countermeasures necessary to block cyber-attacks and to comply with security standards have already been adopted, so reducing sharply the cost of standard compliance for the two operators concerned. Therefore it is up to public authorities to decide whether to require the overall adoption of current security standards and countermeasures to the companies operating in the electric system. The nature of public good of security underlines the necessity of public support for this operation, but the extent of this support and the way this will be managed are being discussed.
Keywords: Security standards; electricity systems; cyber-security; cost-benefit analysis; security policies.
A Systemic Approach for Disruption Risk Assessment in Oil and Gas Supply Chains
by Abdulrahman Alfaqiri, Niamat Ullah Ibne Hossain, Raed Jaradat, Sawsan Abutabenjeh, Charles B. Keating, Mahmoud T. Khasawneh, C. Ariel Pinto
Abstract: Twenty-first century systems are characterized by rapid changes and constantly evolving dynamics. Therefore, supply chains have become more globalized and complex than ever before. Several industries have taken advantage of globalization by outsourcing and off-shoring much of their manufacturing operations to countries characterized by low labour costs. However, the advantages of global supply chains are often accompanied by serious threats and significant additional risks to industries that rely heavily on them. The oil and gas industry encounter significant supply chain risks throughout all stages, ranging from the refining process to storage, transportation, and distribution. The objective of this paper is to provide a holistic Complex System Governance (CSG) perspective to investigate disruption risks in oil and gas supply chains. As a case study, the piracy problem in Africa is used to demonstrate the efficacy and extensibility of the CSG perspective to a wider array of potential supply chain disruptions. Unlike ready-made solutions or off-the-shelf strategies that may actually undermine the establishment of a resilient global oil and gas supply chain, this paper examines associated risks as a complex system, or a system of systems problem. This research recognizes that each disruption risk is unique in terms of its causes, behaviour, context, and consequences. However, irrespective of the uniqueness present in specific supply chain disruptions, the CSG-based approach proposed in this research can offer sustainable solutions that are generalizable.
Keywords: Supply chain risks; oil and gas industry; risk management.
Powering West Africa: Modeling Sustainable Long-Term Electricity Planning
by Mamadou Seck, Ange-Lionel Toba
Abstract: This paper presents a tree-like exploration method to analyze strategies for the development of grids of the future in West Africa. The approach helps generate plausible future grids, based on demand requirements and resource availability, by either building power plants or transmission lines. These grids are generated via a modeling framework, Spark!, which captures key components of the power system, as well as relationships between them. Spark! analyzes financial, environmental and reliability performances, and also addresses concerns caused by high renewable penetration in large-scale power grids. Contrary to other models used to address long term planning in African countries, Spark! performs long term planning of energy resource use to satisfy the demands, but also simulates grid operations in real time. It enables decision makers to examine long term effects of decisions made, but also observe how the system responds to these decisions.
Keywords: Energy; System modeling; Electricity; Grid simulation; Power grid; African power sector; Energy planning; Sustainable development; Africa; West Africa.
Security Evaluation Management over LTE Critical Infrastructures Networks: IMS Case Study
by Ouafae Kasmi, Amine Baina, Mostafa Bellafkih
Abstract: Critical infrastructures (CIs) are fundamental systems for the prosperity of society and economy, which ensure the availability of crucial goods and services And whose failures could have severe consequences on the economy. The protection of these CIs is required. The security of telecommunications infrastructures is a major issue for satisfied it in terms of confidentiality, integrity, availability and in terms of quality of services (QoS) and it is difficult to guarantee the availability of these CIs 24 hours a day. They present the vulnerabilities, such as a security breach, default conception or configuration and a failure in one CI can impact to another dependent or interdependent CI to cause service disruptions. However, these systems break down, suffer in use from errors and attack from outside or inside by pirates and cybercriminals. The global approach of security in systems is essential for privacy protection, to defend the patrimony from the company or reduce vulnerabilities of large information systems. In this purpose, we propose a new approach of multi-level criticality to better assess and monitor CIs and their interdependencies in order to predict possible risks for increasing both security of CI and customers loyalty. This paper proposes CI security modeling for trust components and interdependencies based on the multi-level of criticality are added to the security of IP Multimedia Subsystem (IMS) components to reduce its impacts and improve its resilience in order to prioritize risks according to several levels of criticality. The proposed approach is based on Totel model and Implicative Interdependency Model (IIM).
Keywords: Multi-level criticality; IIM; Totel; IMS.
Urban Infrastructure Financing in India: A Proposed Framework for ULBs
by RAJNI KANT RAJHANS, Aritra Halder
Abstract: Infrastructure has been identified as the backbone of any economy as it provides channels of economic growth. For emerging economies like India, with 31% current urban population and contribution of 63% of GDP; the pie is expected to increase to approximately 40 percentages by 2031 with a GDP contribution of 70-75%. This creates a need of rapid development as well as strengthening of existing urban infrastructural to accommodate growing demand and to exploit its economic contribution. The extent of urban infrastructure development is delivered at three levels of governance; center, state and Urban Local Bodies (ULB). ULBs being the last level of governance for infrastructure development in urban India, they are grossly under-equipped to effectively generate revenues and raise capital. The present study has identified issues in the existing financing and assessment framework of ULBs and suggests a framework to rationalize their funding patterns and to bring competitiveness. The paper stresses on the need of the proposed framework to bring SMART CITY SPV and other ULBs at equal platform.
Keywords: Infrastructure; Urban Local Bodies; Financing; Smart City.
Method for Remote Rapid Response to Transportation Security Threats on High Speed Rail Systems
by Boris A. Lyovin, Alexey V. Shvetsov, Roberto Setola, Svetlana V. Shvetsova
Abstract: Present day high speed rail systems (HSRS) operate under permanent risk of criminal and terrorist attacks. HSRS security threats require special attention and immediate responses. The purpose of this research is to develop a method for remote rapid response to HSRS transportation security threats. The method is based on the employment of automated drone stations that ensure the arrival of an unmanned aerial vehicle (drone) at the place of incident within 13 minutes of the alarm signal i.e., when there is an intrusion on the railroad track. Detailed inspection of the incident location allows the dispatcher to make a rapid decision about actions that follow the signal: whether there is a need to send a rapid response team to the place of incident and/or to interrupt the train operation on the involved track section. In our research the method was designed based on the Moscow
Keywords: transport security of the high speed rail systems; unmanned aerial vehicle; UAVs; drone; drone station; statistics of terrorist attacks on high speed rail systems.
A study on local residents perception in communication process for LNG terminal risks
by Serdar Korkmaz, Dal Jae Park
Abstract: Since the last 20 years, establishing liquefied natural gas (LNG) terminals near residential areas has been an issue in South Korea. Communicating the facility risks is one of the ways to reduce locals concerns. The objective of this paper is to explore the locals perception on risk communication process between LNG organizations and local residents. 431 residents living near LNG facilities in South Korea were surveyed. Using a traditional communication model based on the sourcemessagechannelreceivereffect (SMCRE), the factors of the risk communication process were measured to determine the residents perception of the facility risks. The individual factors that influenced each element of the SMCRE were grouped and analyzed by factor analysis. Also, multiple regression analysis were conducted between the grouped factors to examine the effect of the latter element on the former element: the order of elements was S→M, M→C, C→R, and R→E. In terms of the models final process, an effective pathway had two cases. The first case was the relieving of social conflicts and anxieties through mutual understanding. The second case was the promotion of trust. This study can assist LNG organizations with providing better risk communication to residents and enhance the acceptance of LNG facilities.
Keywords: Local residents; Risk communication; LNG; LNG infrastructure.
Modeling the Recovery of Critical Commercial Services and their Interdependencies on Civil Infrastructures
by Ni Ni, Richard Little, Thomas Sharkey, William Wallace
Abstract: When an extreme event occurs in a specific area, the mere recovery of civil infrastructures is not enough to help recover local communities due to the cascading disruptions that can occur to supply chains of critical commercial services, whose operation and restoration is highly dependent on infrastructures. We build single-period, multi-commodity disruption models to examine the interdependencies between infrastructures and critical commercial services and predict the outages experienced by local communities after extreme events. We further build multi-period restoration models to select and schedule the restoration tasks after disruptive events with an objective to maximize the aggregated flows of utilities and commodities. We simulate scenarios of Category 2, 3, 4 hurricanes and apply the models to a dataset of an artificial county with a population of half a million. We find that coordinated infrastructure restoration decisions with critical commercial services help improve community resilience, especially under relatively severe extreme events.
Keywords: Infrastructure Restoration; Interdependencies; Critical Commercial Services; Community Resilience; Cascading Failures; Supply Chain Disruption.
An Integrated System Approach to Characterize a Drinking Water Infrastructure System
by Ritsche Anne Kloosterman, Jan Peter Van Der Hoek
Abstract: The object of this article is the drinking water infrastructure (DWI), a critical societal infrastructure. To make effective decisions it is important to characterize and understand the complexity of DWI systems. DWI systems can be seen as a System of Systems, consisting of the social-ecological system and the social-technical system. The social-ecological system determines the location and seize of the water resources, while the social-technical system is about the technical infrastructure. The two systems with different characteristics must align to work effective together in the DWI system. The tension between different lifecycles of the assets and dynamic changes in both systems, the time of change, is important to take into account. The SoPhyTech infra framework was developed based on the two systems and time of change. The advantages of applying the SoPhyTech infra framework is studied in a case comparing two very different DWI systems: Indonesia (Semarang) and the Netherlands (Vitens). The SoPhyTech infra framework was shown to be effective for characterizing a DWI system with different interacting lifecycles in different systems and it is expected that it also can be used to characterize other infrastructure systems.
Keywords: Integrated system approach; drinking water; critical infrastructure; water resources; social-ecological system; social-technical system; technical infrastructure; long life time assets ; long term decisions making.
Risk analysis and Allocation in Public Private Partnership Power transmission line Projects
by Ganesh Kate
Abstract: The aim of this paper is risk analysis for the delivery of Public-Private Partnership (PPP) Power transmission line projects in India and to address their proper risk allocation between the different stakeholders involved. Total of 112 risks was identified based on experts opinion and various literature. An empirical questionnaire survey was designed which divided into five phases over the project life cycle to examine the relative importance of different phases to analyze and allocate risk to different phases and different stakeholders involved in the project. A total of 250 questionnaires were sent out, and a total of 45 valid responses were obtained for data analysis. The expected monetary value method (EVM) is employed for risk analysis. From analysis probability and severity of each risk calculated. For risk analysis risk divided into five categories namely low, minor, moderate, major and high. It is found that 65 risks were moderate, 35 were major, 9 were a minor risk, 2 were low risk and 1 was high risk. Then risk allocation is done both phase wise and stakeholder wise. In initial phase risk is 11%, in execution phase risk is 64% in operation and maintenance phase risk is 11% in transfer phase risk is 8% and in ongoing phase, the risk is 6%. In stakeholder wise risk allocation it is found that Government is taking 13% risk, project company is taking 53% risk, lenders are taking 2% risk, Contractors are taking 24% risk, operators are taking 5% risk and other parties like suppliers etc. are taking 3% risk. A key finding from this research is the execution phase of the power transmission line project involve huge risk .i.e 64% and the project company takes maximum risk .i.e 53%. Hence project company should give more focus on critical risk factors of execution phase like Right of Way, Statutory clearances, Land clearance and Forest clearance which carry high risk as we found from the analysis. This research study enables private players in power sectors to better understand how risks should be assessed and allocated for PPP power projects in India. It also assists in risk response planning and control for future PPP power transmission projects in India.
Keywords: Keywords: Public-private partnerships (PPP); Risk analysis; Risk allocation.
Towards implementing scalable and reconfigurable SCADA security testbed in power system environment
by Qais Saif Qassim, Norziana Jamil, Maslina Daud, Hafizah Che Hasan
Abstract: The Stuxnet appears to be the very first cyber-attack upon industrial control systems. It has forced cybersecurity providers to put a lot of attention on outdated and obsolete security countermeasures of existing critical infrastructure systems due to the poor protection and security. Investigation of the effect of an attack upon the actual system is neither recommended due to the unintended consequences nor feasible on a replicated system, mainly due to the cost and the effort involved. Therefore, the SCADA cybersecurity researchers mostly rely on developing realistic SCADA testbeds for cybersecurity exercises. With that, this paper serves three goals; first, to present an overview of the electrical power grid SCADA system, as well as to describe the potential vulnerabilities and threats. Second, this paper pinpoints varied testbed research application areas, implementation requirements, and design approaches. Lastly, a scalable and reconfigurable SCADA testbed is proposed for cybersecurity practices.
Keywords: SCADA; cybersecurity; testbed.
by Polinpapilinho F. Katina, Charles B. Keating, Joseph A. Sisti, Adrian V. Gheorghe
Abstract: Blockchain is probably best known as a technology that underpins bitcoin cryptocurrency, taking records (e.g., confirmed financial transactions) and placing them into 'blocks', which are linked to prior blocks - forming a chronological 'chain' of blocks. However, bitcoin blockchain is only one instantiation of blockchain technology and there exist a few qualitative analyses addressing instantiations of blockchain technology. The aim of this study was two-fold: 1) to understand the difference between bitcoin and blockchain; 2) to delineate the need (and role) of governance in blockchain technology. First, fundamental relationships (and differences) between bitcoin and blockchain are presented. Second, drawing on societal blockchain technology concerns, a key element (i.e., governance) and its role in shaping blockchain technology is suggested. This research concludes with possible areas of research (and research questions) that can enable realisation of blockchain governance along the areas philosophical, theoretical, axiological, methodological, axiomatic, method and application dimensions.
Keywords: bitcoin; blockchain; blockchain governance; critical infrastructure; research questions; vulnerability.
Optimisation models for critical infrastructure protection, rebuilding, and interdependency in the event of mass destruction
by Seongwon Hwang, Namsuk Cho
Abstract: All critical infrastructures (CIs) are already very complex and it is getting more complicated as different systems are integrated with each other. For this reason, implementing a mathematical model for critical infrastructure is a rarely researched topic. In this study, we investigate an optimisation model for critical infrastructure protection, rebuilding, and damage assessment. In particular, our model can be usefully applied to a case of which critical infrastructure is widely damaged by a weapon of mass destruction or by a disaster. Moreover, we introduce a novel idea regarding the implementation of interdependency as a mathematical formulation. In order to validate our model, we test our model in the water system of Seoul, South Korea. We describe computational results and insights from various experiments as well.
Keywords: critical infrastructure protection; rebuilding strategy; mathematical model for critical infrastructures; mass destruction; interdependency modelling.
Vulnerability analysis of Manhattan's motor fuel supply chain network
by Arash Beheshtian, Kieran Donaghy, Xue Zhang, Rick Geddes
Abstract: We extend the concept of a critical infrastructure (CI) network's vulnerability and advance a methodological approach for identifying the vulnerability of a CI extended over a large expanse of space - Manhattan's motor fuel supply chain - in the face of extreme weather events. In the methodological approach, we search for the network's disrupted component(s) having the maximum impact on the spatially extensive network's operability if maintained or repaired. To do so, we developed a bi-stage mixed integer stochastic mathematical program to rank disrupted elements that are the best candidates for fortifying investments. Simulation experiments with the model reveal that its solution identifies a different set of vulnerable components than are identified through the most commonly employed approach. Model results also indicate that a CI network's vulnerability in the face of extreme weather events is highly responsive to network topology in time of disaster and the objective function defined by the modeller.
Keywords: disaster; hurricane; Manhattan flooding; fuel supply chain; vulnerability analysis; climate change; resilience; gas station.