Critical infrastructure resilience

  • 1,950 views
Uploaded on

This briefing discusses the challenge of infrastructure resilience. Security threats to modern societies are significant. How to organizations and societies respond to collapse?

This briefing discusses the challenge of infrastructure resilience. Security threats to modern societies are significant. How to organizations and societies respond to collapse?

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
1,950
On Slideshare
0
From Embeds
0
Number of Embeds
2

Actions

Shares
Downloads
55
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Seven findings on Critical Infrastructures Resilience CRITIS 2011 – Luzern – 09/09/2011 – Paul ThéronThales Security Solutions & Services
  • 2. 2 / The context Informations confidentielles / propriété de Thales. Tous droits réservés. / Thales confidential / proprietary information. All rights reserved Very general, and diverse, definitions of resilience Confusion between dependability, BCM, …, and resilience Burgeoning standardisation initiatives in relation to resilience The idea of extreme shocks is now fully accepted : «A recent OECD study* analysed whether cyber-incidents could lead to a ‘global shock’ as devastating as e.g. large-scale pandemics. They concluded that there are a very few cyberevents with the capacity to provoke a global shock. Although they state that there are many examples where cyber-incidents have caused a great deal of harm and financial loss, they conclude that the greatest concern for policy makers are large scale events caused by two different cyber-incidents taking place at the same time or a cyber-event taking place during another form of disaster or attack. »P Théron / CRITIS 2011 / Luzern 09-09-2011 In European Parliament (2011) Study Report on “The role of ENISA in contributing to a coherent and enhanced structure of network and information security in the EU and internationally”. Directorate General for Internal Policies ; Policy Department A: Economic and Scientific Policy ; Industry, Research and Energy, p21 * OECD (2011) Reducing Systemic Cybersecurity Risk. P. Sommer, I. Brown, IFP/WKP/FGS(2011) So, the question is : Can we better define the notion of resilience ? Thales Security Solutions & Services
  • 3. 3 / REST : The REsilience Studies Team Informations confidentielles / propriété de Thales. Tous droits réservés. / Thales confidential / proprietary information. All rights reservedP Théron / CRITIS 2011 / Luzern 09-09-2011 REsilience Studies Team (REST) Cyber REsilience Studies Team (CREST) Goals : To elicit the theoretical underpinnings of resilience in order to build resilient socio-technical systems Approach : Phenomena dynamics, Social-Ecological Systems, Organisation, Computing Science, Cognition/Psychology Scope : National, Societal / Territorial, Business, and Critical Infrastructure Resilience Methods : Literature review, Case studies, Action research, EU & Collaborative projects, Dual experiments, Workshops Fields : Telecommunications, Energy, Communities, Business, Political regimes, Work collectives, Fire-fighters Thales Security Solutions & Services
  • 4. 4 / Katrina (August 2005, New Orleans) Informations confidentielles / propriété de Thales. Tous droits réservés. / Thales confidential / proprietary information. All rights reserved Alerte Après coup Evacuation Sécurisation Refuge Déploiement Incidents Dernières précautions Préparation des secoursP Théron / CRITIS 2011 / Luzern 09-09-2011 Choc Survie Dévastation Paul Théron 2007 Thales Security Solutions & Services
  • 5. 5 / Mann Gulch (August 1949, USA, Montana) Informations confidentielles / propriété de Thales. Tous droits réservés. / Thales confidential / proprietary information. All rights reserved Le feu est à 150/200 yards Récupération Incident Le feu rattrape les hommes Défense échec Dodge ordonne de Le feu va « exploser » remonter le canyon Manoeuvre échec Dodge ordonne de jeter les outils Dodge, Sallee et Rumsey ont survécu Dodge “invente” le “contre-feu” ; Survie échec Sallee et Rumsey se sont réfugiés dans une crevasse EffondrementP Théron / CRITIS 2011 / Luzern 09-09-2011 D’autres Smokejumpers sont très grièvement blessés Sauvetage échec On tente de les secourir… Destruction Mais les 12 Smokejumpers ont succombé Thales Security Solutions & Services
  • 6. Our findings…Thales Security Solutions & Services
  • 7. P Théron / CRITIS 2011 / Luzern 09-09-2011 7 /Thales Security Solutions & Services FEAR TRAUMA STRESS Informations confidentielles / propriété de Thales. Tous droits réservés. / Thales confidential / proprietary information. All rights reserved First finding on resiliency : what it has to do with
  • 8. 8 / Second finding on resiliency : what it is Informations confidentielles / propriété de Thales. Tous droits réservés. / Thales confidential / proprietary information. All rights reserved Fragile pressure more pressure pressure RobustP Théron / CRITIS 2011 / Luzern 09-09-2011 more Resilient pressure pressure surprise Thales Security Solutions & Services Yushi Fujita - Resilience Engineering Symposium, October 25-29, 2004, Soderkoping Brunn, Sweden
  • 9. 9 / Third finding on resiliency : why it is needed Informations confidentielles / propriété de Thales. Tous droits réservés. / Thales confidential / proprietary information. All rights reserved A crisis-prone society Davos report 2011P Théron / CRITIS 2011 / Luzern 09-09-2011 Rinaldi IEEE Control System Magazine 2001 Complexity from interdependencies Thales Security Solutions & Services
  • 10. 10 / Fourth finding on resiliency : how it works Informations confidentielles / propriété de Thales. Tous droits réservés. / Thales confidential / proprietary information. All rights reserved Prev / Prot* Preparation fails Learning Recovery Incident Destabilising circumstances Planned fails response Overwhelming circumstances Post-traumatic Navigation fails RESILIENCE Crushing circumstances Vulnerability Survival failsP Théron / CRITIS 2011 / Luzern 09-09-2011 Peritraumatic Collapse RESILIENCE Fate Rescue fails Surprise Destruction CRISIS P Théron (2007-2011) Resilience V-Model Thales Security Solutions & Services * Prevention / Protection
  • 11. 11 / Fifth finding on resiliency : How it can be defined Informations confidentielles / propriété de Thales. Tous droits réservés. / Thales confidential / proprietary information. All rights reserved « A crisis is an experience of collapse » Of a socio-technical system’s pillars Skills & Knowledge # Crisis What gives it its capacity to deliver Range of Control Modes Management Capabilities Shift in the Commandment paradigm Under the effect of a major shock Creative adaptation to 1 4 5 Minor Severe Extreme Tactical Incident Shock Shock Surprise reasoning Procedured 0 2 3 Defences Minor Major Severe EMERGENCY : situation in Defencelessness to Incident Management Event Incident Incident which a socio-technical Negligible Tolerable Untolerable Impacts system has to cope with a Consciousness of a fatal issue situation ranging from a major incident up to an Incident Response Business / System extreme shock (2 5) Procedures Continuity Plans Domain of Business a Usual Emergencies « Resilience is the aptitude of a socio-technical system toP Théron / CRITIS 2011 / Luzern 09-09-2011 surmount a crisis » Getting-by “The ability of a system to provide & maintain an acceptable level of service, in “The ability of a system to provide & maintain an acceptable level of service, in face of faults (unintentional, intentional, or naturally caused) affecting normal face of faults (unintentional, intentional, or naturally caused) affecting normal Resisting operation” operation” http://www.enisa.europa.eu/act/res/files/glossary http://www.enisa.europa.eu/act/res/files/glossary Resuming “the ability of a system to recover from adversity, either back to its original “the ability of a system to recover from adversity, either back to its original state or an adjusted state based on new requirements. Building resilience state or an adjusted state based on new requirements. Building resilience Rebounding requires a long-term effort involving reengineering fundamental processes, requires a long-term effort involving reengineering fundamental processes, both technical and social.” EC COM(2009)149 both technical and social.” EC COM(2009)149 Thales Security Solutions & Services # EC - JLS/2008/D1/018 : A study on measures to analyse and improve European emergency preparedness in the field of fixed and mobile telecommunications and Internet
  • 12. 12 / Sixth finding on resiliency : How it is obtained Awareness Informations confidentielles / propriété de Thales. Tous droits réservés. / Thales confidential / proprietary information. All rights reserved Action TR Resilience requires Decision Rules & Resource : -O1: Intelligence See what’s Manage -O2: Surveillance going on Understand & Anticipate Trust & Risk on situation -O3: Reconnaissance Rules & Resource : Observation Rules & Resource : -C1: Pre-Crisis Com -I1: Interpretation -C2: Influence Network -I2: Reckoning & Anticipation Theory of resilience based on a -C3: CrisCom Design Com&Legal Interpretation -I3: Options Analysis -C4: MediaCom & HRCom -C5: Legal Action & Advice TR Rules & Resource : Model of incidents dynamics Rules & Resource : -M1: Time Margins -F1: Urgentists Forces Margins -M2: Reserve Infrastructures -F2: Evacuation & Victims -M3: Reserve Logistics Model of resilience production -F3: Clearing & Reconstruction -F4: Emergency Fund Direction -M4: Support Social Networks -M5: Intrinsic Robustness Rules & Resource : -M6: Creativity & Know-How Act upon -D1: Alarm & Mobilisation -M7: Publics’ Sensitivity & Tolerance Situation -D2: Strategies & Plans -M8: Publics’ Trust & Liking -D3: Decision-Making Procedures -M9: Financial & Legal Freedom -D4: Chain of Command Pilot Emergency Preparation Process TR : Tactical Reasoning Action -D5: Chain of Control -D6: Communications & Interoperability Manoeuvre to regain Initiative Collaborative GOVERNM ENT SERVICES # Continuous Improvement Loop 1 IncidentP Théron / CRITIS 2011 / Luzern 09-09-2011 infos STKs coordination 8 infos Alarm 4 Emergency Response Organisation NSIE 5 RAS / TERC 6 Alarm 5 CIWIN Tactical Decision Making Alarm infos Report Alarm NSM DB Co-operative Processes 2 IRM 3 3 EP 7 CERTs / TIERSs 11 NFEP Measures 9 Resilience Capabilities infos REGULATOR 10 Report 12 ENISA Thales Security Solutions & Services # EC - JLS/2008/D1/018 : A study on measures to analyse and improve European emergency preparedness in the field of fixed and mobile telecommunications and Internet
  • 13. 13 / Seventh finding on resiliency : frameworks that could yield it Informations confidentielles / propriété de Thales. Tous droits réservés. / Thales confidential / proprietary information. All rights reserved DIRECTIONS EPGM Requirements Needs RESPONSE ERFW EEPC GUIDANCE & SUPPORT Strategic collaboration Lessons Guidelines level EPFW STANDARDISATION PREPARATION Emergency Preparation GOVERNMENTS Guidelines Activities (re-)Assessment Lesson Learning CertificationP Théron / CRITIS 2011 / Luzern 09-09-2011 and sharing & AS Policy Making & Monitoring Strategy LL PO Exercising PG & Programme Elaboration Programme Management of Testing EX Management EL level Measures STAKEHOLDERS ED EC - JLS/2008/D1/018 : A study on measures to analyse Education & and improve European emergency preparedness in the Dissemination of good practices field of fixed and mobile telecommunications and Internet Governance : Emergency Preparedness Governance Model (EPGM) Achievement targets : Emergency Response Framework (ERFW) Process : Emergency Preparation Framework (EPFW) Thales Security Solutions & Services
  • 14. ConclusionsThales Security Solutions & Services
  • 15. 15 / Conclusions of the time… Informations confidentielles / propriété de Thales. Tous droits réservés. / Thales confidential / proprietary information. All rights reserved Progress in the industry is currently led by a deficit of knowledge A burgeoning field of research but… A new, still ill-understood, topic in a complex context A silo mentality not helped by… A fundamental institutional inertia A window of opportunity for the most active lobbies leading to… A burst of standardisation initiatives despite… A fundamental lack of proper underlying models of resilience This may lead authorities and the industry to take inappropriate decisions We need more inter-disciplinary, cross-industry, researchP Théron / CRITIS 2011 / Luzern 09-09-2011 Analysis of major incidents and lesson learning in relation to resilient responses Characterisation of major cyber shocks Resilience Management Frameworks Synergies between RM disciplines : safety, security, BCM, crisis management More real-world studies based on new models (ex for modelling interdependencies : new factors, real-life / real-size systems, real-life incident fine grained data)… Thales Security Solutions & Services
  • 16. Thank you for your attention ! paul.theron@thalesgroup.comThales Security Solutions & Services
  • 17. 17 / Recent Bibliography Informations confidentielles / propriété de Thales. Tous droits réservés. / Thales confidential / proprietary information. All rights reserved Theron P. (2009c) Resilience, Incident Reporting and Exercises. Measuring Resilience – the Next Challenge. ENISA Quarterly Review Vol. 5, No. 4, December 2009 European Commission - DG JLS (2011) Study EC JLS/2008/D1/018: A study on measures to analyse and improve European emergency preparedness in the field of fixed and mobile telecommunications and Internet. http://ec.europa.eu/information_society/policy/nis/strategy/prep_study/index_en.htm ENISA (2011) Enabling and managing end-to-end resilience. ENISAs website ENISA (2011) National Risk Management Preparedness. http://www.enisa.europa.eu/act/rm/working- group/WG%20NRPM%202010 Théron P (2011) Un nouveau paradigme pour l’étude des crises et de la résilience sociétale. Cahiers de la sécurité – n°15 – janvier - mars 2011P Théron / CRITIS 2011 / Luzern 09-09-2011 Thales Security Solutions & Services