International Journal of Critical Infrastructures (15 papers in press)
Security Evaluation Management over LTE Critical Infrastructures Networks: IMS Case Study
by Ouafae Kasmi, Amine Baina, Mostafa Bellafkih
Abstract: Critical infrastructures (CIs) are fundamental systems for the prosperity of society and economy, which ensure the availability of crucial goods and services And whose failures could have severe consequences on the economy. The protection of these CIs is required. The security of telecommunications infrastructures is a major issue for satisfied it in terms of confidentiality, integrity, availability and in terms of quality of services (QoS) and it is difficult to guarantee the availability of these CIs 24 hours a day. They present the vulnerabilities, such as a security breach, default conception or configuration and a failure in one CI can impact to another dependent or interdependent CI to cause service disruptions. However, these systems break down, suffer in use from errors and attack from outside or inside by pirates and cybercriminals. The global approach of security in systems is essential for privacy protection, to defend the patrimony from the company or reduce vulnerabilities of large information systems. In this purpose, we propose a new approach of multi-level criticality to better assess and monitor CIs and their interdependencies in order to predict possible risks for increasing both security of CI and customers loyalty. This paper proposes CI security modeling for trust components and interdependencies based on the multi-level of criticality are added to the security of IP Multimedia Subsystem (IMS) components to reduce its impacts and improve its resilience in order to prioritize risks according to several levels of criticality. The proposed approach is based on Totel model and Implicative Interdependency Model (IIM).
Keywords: Multi-level criticality; IIM; Totel; IMS.
Urban Infrastructure Financing in India: A Proposed Framework for ULBs
by RAJNI KANT RAJHANS, Aritra Halder
Abstract: Infrastructure has been identified as the backbone of any economy as it provides channels of economic growth. For emerging economies like India, with 31% current urban population and contribution of 63% of GDP; the pie is expected to increase to approximately 40 percentages by 2031 with a GDP contribution of 70-75%. This creates a need of rapid development as well as strengthening of existing urban infrastructural to accommodate growing demand and to exploit its economic contribution. The extent of urban infrastructure development is delivered at three levels of governance; center, state and Urban Local Bodies (ULB). ULBs being the last level of governance for infrastructure development in urban India, they are grossly under-equipped to effectively generate revenues and raise capital. The present study has identified issues in the existing financing and assessment framework of ULBs and suggests a framework to rationalize their funding patterns and to bring competitiveness. The paper stresses on the need of the proposed framework to bring SMART CITY SPV and other ULBs at equal platform.
Keywords: Infrastructure; Urban Local Bodies; Financing; Smart City.
Method for Remote Rapid Response to Transportation Security Threats on High Speed Rail Systems
by Boris A. Lyovin, Alexey V. Shvetsov, Roberto Setola, Svetlana V. Shvetsova
Abstract: Present day high speed rail systems (HSRS) operate under permanent risk of criminal and terrorist attacks. HSRS security threats require special attention and immediate responses. The purpose of this research is to develop a method for remote rapid response to HSRS transportation security threats. The method is based on the employment of automated drone stations that ensure the arrival of an unmanned aerial vehicle (drone) at the place of incident within 13 minutes of the alarm signal i.e., when there is an intrusion on the railroad track. Detailed inspection of the incident location allows the dispatcher to make a rapid decision about actions that follow the signal: whether there is a need to send a rapid response team to the place of incident and/or to interrupt the train operation on the involved track section. In our research the method was designed based on the Moscow
Keywords: transport security of the high speed rail systems; unmanned aerial vehicle; UAVs; drone; drone station; statistics of terrorist attacks on high speed rail systems.
A study on local residents perception in communication process for LNG terminal risks
by Serdar Korkmaz, Dal Jae Park
Abstract: Since the last 20 years, establishing liquefied natural gas (LNG) terminals near residential areas has been an issue in South Korea. Communicating the facility risks is one of the ways to reduce locals concerns. The objective of this paper is to explore the locals perception on risk communication process between LNG organizations and local residents. 431 residents living near LNG facilities in South Korea were surveyed. Using a traditional communication model based on the sourcemessagechannelreceivereffect (SMCRE), the factors of the risk communication process were measured to determine the residents perception of the facility risks. The individual factors that influenced each element of the SMCRE were grouped and analyzed by factor analysis. Also, multiple regression analysis were conducted between the grouped factors to examine the effect of the latter element on the former element: the order of elements was S→M, M→C, C→R, and R→E. In terms of the models final process, an effective pathway had two cases. The first case was the relieving of social conflicts and anxieties through mutual understanding. The second case was the promotion of trust. This study can assist LNG organizations with providing better risk communication to residents and enhance the acceptance of LNG facilities.
Keywords: Local residents; Risk communication; LNG; LNG infrastructure.
Modeling the Recovery of Critical Commercial Services and their Interdependencies on Civil Infrastructures
by Ni Ni, Richard Little, Thomas Sharkey, William Wallace
Abstract: When an extreme event occurs in a specific area, the mere recovery of civil infrastructures is not enough to help recover local communities due to the cascading disruptions that can occur to supply chains of critical commercial services, whose operation and restoration is highly dependent on infrastructures. We build single-period, multi-commodity disruption models to examine the interdependencies between infrastructures and critical commercial services and predict the outages experienced by local communities after extreme events. We further build multi-period restoration models to select and schedule the restoration tasks after disruptive events with an objective to maximize the aggregated flows of utilities and commodities. We simulate scenarios of Category 2, 3, 4 hurricanes and apply the models to a dataset of an artificial county with a population of half a million. We find that coordinated infrastructure restoration decisions with critical commercial services help improve community resilience, especially under relatively severe extreme events.
Keywords: Infrastructure Restoration; Interdependencies; Critical Commercial Services; Community Resilience; Cascading Failures; Supply Chain Disruption.
An Integrated System Approach to Characterize a Drinking Water Infrastructure System
by Ritsche Anne Kloosterman, Jan Peter Van Der Hoek
Abstract: The object of this article is the drinking water infrastructure (DWI), a critical societal infrastructure. To make effective decisions it is important to characterize and understand the complexity of DWI systems. DWI systems can be seen as a System of Systems, consisting of the social-ecological system and the social-technical system. The social-ecological system determines the location and seize of the water resources, while the social-technical system is about the technical infrastructure. The two systems with different characteristics must align to work effective together in the DWI system. The tension between different lifecycles of the assets and dynamic changes in both systems, the time of change, is important to take into account. The SoPhyTech infra framework was developed based on the two systems and time of change. The advantages of applying the SoPhyTech infra framework is studied in a case comparing two very different DWI systems: Indonesia (Semarang) and the Netherlands (Vitens). The SoPhyTech infra framework was shown to be effective for characterizing a DWI system with different interacting lifecycles in different systems and it is expected that it also can be used to characterize other infrastructure systems.
Keywords: Integrated system approach; drinking water; critical infrastructure; water resources; social-ecological system; social-technical system; technical infrastructure; long life time assets ; long term decisions making.
Risk analysis and Allocation in Public Private Partnership Power transmission line Projects
by Ganesh Kate
Abstract: The aim of this paper is risk analysis for the delivery of Public-Private Partnership (PPP) Power transmission line projects in India and to address their proper risk allocation between the different stakeholders involved. Total of 112 risks was identified based on experts opinion and various literature. An empirical questionnaire survey was designed which divided into five phases over the project life cycle to examine the relative importance of different phases to analyze and allocate risk to different phases and different stakeholders involved in the project. A total of 250 questionnaires were sent out, and a total of 45 valid responses were obtained for data analysis. The expected monetary value method (EVM) is employed for risk analysis. From analysis probability and severity of each risk calculated. For risk analysis risk divided into five categories namely low, minor, moderate, major and high. It is found that 65 risks were moderate, 35 were major, 9 were a minor risk, 2 were low risk and 1 was high risk. Then risk allocation is done both phase wise and stakeholder wise. In initial phase risk is 11%, in execution phase risk is 64% in operation and maintenance phase risk is 11% in transfer phase risk is 8% and in ongoing phase, the risk is 6%. In stakeholder wise risk allocation it is found that Government is taking 13% risk, project company is taking 53% risk, lenders are taking 2% risk, Contractors are taking 24% risk, operators are taking 5% risk and other parties like suppliers etc. are taking 3% risk. A key finding from this research is the execution phase of the power transmission line project involve huge risk .i.e 64% and the project company takes maximum risk .i.e 53%. Hence project company should give more focus on critical risk factors of execution phase like Right of Way, Statutory clearances, Land clearance and Forest clearance which carry high risk as we found from the analysis. This research study enables private players in power sectors to better understand how risks should be assessed and allocated for PPP power projects in India. It also assists in risk response planning and control for future PPP power transmission projects in India.
Keywords: Keywords: Public-private partnerships (PPP); Risk analysis; Risk allocation.
RISK ASSESSMENT OF COMMONLY TRANSPORTED CHEMICALS IN THE PORT OF HOUSTON
by Ayberk Karakavuz, Berna Eren Tokgoz, Victor Zaloom, Alberto Marquez
Abstract: Handling a wide variety of chemicals in ports increases public safety and environmental concerns. This requires successful risk management to prevent harm to the public and the environment from chemical-related incidents. Minimizing risk in port environments is imperative for authorities to ensure continuous and safe port operations. In this study, commonly transported chemicals have been identified in the Port of Houston, and each chemical has been assessed to establish an overall risk score based on its public safety and environmental health effects in case of exposure. Subsequently, a risk score has been determined using toxicity, behavior and transportation amounts of chemicals, and congestion and visibility in the port at the time of an incident. A practical risk assessment framework has been presented to evaluate and prioritize chemicals based on their risk scores to assist government authorities, first responders, port workers, and emergency planners in their decision-making processes.
Keywords: ports; chemical transportation; risk assessment; port accidents.
Developing Community Disaster Resilience through Preparedness
by Malik Khalfan, Sam Whittaker, Ifran Ulhaq
Abstract: Disasters have the potential to cause great devastation, such as significant human, material and environmental loss. The frequency and magnitude of natural disasters have increased over time, which has resulted in an increase in damages and fatalities. Due to the increase in disaster frequency and impacts, there has been a shift in focus from disaster recovery and response to disaster prevention. Disaster management provides a systematic framework that aims to reduce disaster impacts and provide prompt and effective recovery, assistance and guidelines. Preventative disaster management is essential in reducing and eliminating community disaster risk exposure. This paper conducts a comparative analysis of three past events including the 2011 Queensland Floods, the Harrietville Community Emergency Management Plan and the Christchurch and Japan Earthquakes. By combining the existing literature, secondary qualitative data analysis, a conceptual model of disaster management has been developed. This model aims to present new ideas and concepts to improve the community resilience capabilities. The main findings of this research include; the development of a revised conceptual model; identification of effective methodologies for developing community resilience; the potential implementation of social media as a preparedness strategy; discussion on need to create community empowerment and a shared responsibility amongst all agencies regarding disaster preparedness.
Keywords: Disaster Resilience; Disaster Preparedness.
A case study of Elphinstone Road Foot-Over-Bridge (FOB) Stampede in Mumbai
by Sanjeev Kadam, Prabir Kumar Bandyopadhyay
Abstract: Planning or implementation delays of critical infrastructure (CI) projects resulted in misfortunes such as accidents, stampedes or deaths. In this descriptive case study, an incidence of the stampede at the suburban train station in Mumbai has discussed. An endeavour has been made to examine underlying causes which instigate direct causes reinforced by contributing causes. Indian Army was being roped in for constructing additional foot-over-bridge (FOB) after the stampede. This case features the earnestness of appropriate and timely development of associated infrastructure in and around suburban stations in Mumbai proportionate to abundant passengers commuting. Post stampede reports from newspapers, televisions channels and the internet have largely used to build this case. Pre and post cause analysis discussion on Elphinstone Road FOB stampede case is an eye-opener to justify sustainable emergency management and associated infrastructure development in Mumbai.
Keywords: Associated infrastructure; Critical infrastructure; Elphinstone Road; Emergency; Evacuation; FOB; Mumbai; Railway; Stampede; Suburban train;.
Assessing the Cyber-Security of The IEC 60870-5-104 Protocol in SCADA System
by Qais Qassim
Abstract: Supervisory Control and Data Acquisition (SCADA) system is the heart of almost every critical infrastructure system, whereby SCADAis generally employed in order to control and to monitor both the physical and industrial processes within these systems. It is, thus, of vital importance that any vulnerabilities of SCADA system to be identified and mitigated so as to prevent unplanned incidents, malicious activities, and cyber-attacks. The IEC 60870-5-104 refers to an international standard applied for tele-control in electrical engineering and power SCADA systems, which appears to be a major principal protocol in electrical power system automation. In fact, major industrial control vendors employ this protocol to monitor and to manage power utility devices. Nonetheless, IEC 60870-5-104suffers from a number of design and implementation weaknesses in terms of security aspects. As such, this study briefly presents this protocol and summarizes its security vulnerabilities. Furthermore, it highlights the potential cyber-attacks based on the identified vulnerabilities. Additionally, the paper depicts several possible countermeasures to tighten the security of the SCADA systems.
Keywords: SCADA; Power System; IEC 60870; Cyber Attack; Security Vulnerabilities; Encryption; Authentication.
Failure modes and effects analysis for an engineering design modification in the US nuclear power industry
by Pamela M. Torres-Jiménez
Abstract: Engineering design modifications for nuclear power plants can be extensive and complex projects involving numerous activities and multi-discipline resources. Failure modes, or risks, involved with these activities can impact project cost, schedule, or even introduce safety hazards. The identification of risks and the establishment of detection and mitigation strategies early on the project development stage can prevent future adverse effects on project cost and schedule. This paper focuses on the evaluation of risks that can arise during the development of a conceptual design modification project at a US nuclear power plant using the failure modes and effects analysis tool. The analysis evaluates a list of activities to be completed as part of a conceptual design package. Failure modes are identified for each activity and ranked for severity, the likelihood of failure, and opportunity for detection. These ranks are later used to calculate a risk priority number for each activity. This number is used to identify the activities with higher risk to assist engineers in the development of person-hour estimates for projects. The results presented in this paper are expected to support the US nuclear industry in the identification and mitigation of risks beyond what is already addressed in plant-specific procedures.
Keywords: failure mode and effects analysis; FMEA; engineering; design modification; US; nuclear.
Are security standards for electricity infrastructure a good choice for Europe? Evidence on cost and benefits from two case studies
by Elena Ragazzi, Alberto Stefanini
Abstract: Power system controls are vulnerable to cyber-attacks that can seriously affect and even inhibit their operation. Such attacks may affect large portions of the power system, make repair difficult and cause huge societal impact, so pressure to ensure cyber-security of control and communication systems is now strong worldwide. Several cyber-security frameworks were developed, but it is rather difficult to anticipate adoption costs and benefits, and this hampers their generalised adoption. This paper focuses on the outcome of two case studies (concerning the Italian power generation and the Polish transmission systems. The socio-economic impact of failures and the costs of standard adoption are estimated on an objective basis. It is up to public authorities to decide whether to require the adoption of security standards to operators in the electric system. The nature of public good of security underlines the necessity of public support for this operation, but we discuss the extent and the management of this support.
Keywords: security standards; electricity systems; cybersecurity; cost-benefit analysis; impact evaluation; network security plans; security policies; regulations; power system controls; countermeasures.
A systemic approach for disruption risk assessment in oil and gas supply chains
by Abdulrahman Alfaqiri, Niamat Ullah Ibne Hossain, Raed Jaradat, Sawsan Abutabenjeh, Charles B. Keating, Mahmoud T. Khasawneh, C. Ariel Pinto
Abstract: Twenty-first century systems are characterised by rapid changes and constantly evolving dynamics. Therefore, supply chains have become more globalised and complex than ever before. Global supply chains are often accompanied by serious threats and significant additional risks to industries that rely heavily on them. The oil and gas industry encounter significant supply chain risks throughout all stages. The objective of this paper is to provide a holistic complex system governance (CSG) perspective to investigate disruption risks in oil and gas supply chains. As a case study, the piracy problem in Africa is used to demonstrate the efficacy and extensibility of the CSG perspective to a wider array of potential supply chain disruptions. Unlike ready-made solutions or 'off-the-shelf' strategies that may actually undermine the establishment of a resilient global oil and gas supply chain, this paper examines associated risks as a complex system, or a system of systems problem.
Keywords: supply chain risks; oil and gas industry; risk management.
Powering West Africa: modelling sustainable long-term electricity planning
by Mamadou Seck, Ange-Lionel Toba
Abstract: This paper presents a tree-like exploration method to analyse strategies for the development of grids of the future in West Africa. The approach helps generate plausible future grids, based on demand requirements and resource availability, by either building power plants or transmission lines. These grids are generated via a modelling framework, Spark!, which captures key components of the power system, as well as relationships between them. Spark! analyses financial, environmental and reliability performances, and also addresses concerns caused by high renewable penetration in large-scale power grids. Contrary to other models used to address long-term planning in African countries, Spark! performs long-term planning of energy resource use to satisfy the demands, but also simulates grid operations in real-time. It enables decision makers to examine long-term effects of decisions made, but also observe how the system responds to these decisions.
Keywords: energy; system modelling; electricity; grid simulation; power grid; African power sector; energy planning; sustainable development; energy planning model; Africa; West Africa.