Concrete Applications of Interdependency Management
Concrete applications of interdependency management
(the cases of INMOTOS and SESMAG projects)
AN ISO 9001 AND ISO 14001 CERTIFIED COMPANY
Interdependencies among Critical Infrastructures, both intra-domain
and inter-domain, are complex to be understood, analysed and
Critical Infrastructures risks always change due to new threats,
interdependencies and possible scenarios.
EU Critical Infrastructures have good contingency plans but they are
not always “well proven and optimised contingency plan”, i.e.
evaluated in complex scenarios and taking into account dependencies
with other Critical Infrastructures contingency plans.
… no standards currently exist at EU level concerning the approach to
define and adopt Contingency…
…interdependencies among Cis are not taken into account…
Background - continued
EU is lacking coordination in the definition of measures to be
It is proven that coordination can compensate investments in security,
by improving the response effectiveness and providing a more effective
means to manage the crisis events.
An improved response, as well as, a more effective response can lead
to a significant reduction in CI harms and a subsequent reduction of
costs to be undertaken to restore the overall system and functions.
Background - continued
To enhance CI security the security approach should follow two main
The first one is identified by the definition of security policies and
guidelines for their implementation.
The second step is identified by the implementation of contingency
plans to be adopted in case of need.
Security Policies and Guidelines Definition
Currently regulations only exist at national level.
The 2008/114/EC directive has been a tentative approach for a EU
wide regulation in terms of policies and guidelines.
Security Policies are used to define the security objectives which a
system should be subject to. Security Policies are custom defined by
each Owner/Operator according to the existing (if any) national
A set of guidelines addressing how to define a security policy and how
to implement it would be effective.
Contingency Plans are used to establish a solid reference of the
actions to be undertaken in case of emergency, to mitigate the disaster
effects or to restore the system functionalities.
Contingency Plans effectiveness and efficiency are difficult to be
measured and sometimes it is really expensive. Propagation of positive
effects is difficult to be assessed.
• On 2007, the Council established the specific Programme
"Prevention, Preparedness and Consequence Management of
Terrorism and other Security related Risks for the Period 20072013”
• On September 2008 the Commission adopted the “2009 Annual
Work Programme”, specifying its specific objectives and thematic
• The Call for Proposals purpose was to award grants to transnational
and/or national projects that contribute to the development of the
"European Programme for Critical Infrastructure Protection"
Definition of a common taxonomy for
interdependencies and contingency plans;
Definition of a methodology for risk assessment of critical
infrastructures interdependencies and contingency plans based on
Design and development of tools for critical infrastructures
interdependencies and contingency plans modelling, simulation and
Analysis and validation of contingency plans in complex scenarios
taking into account both intra-domain and cross-domain
Contingency Plan definition is A MUST for business continuity
assurance and for disaster recovery.
Defining a contingency plan requires:
To have experience
On the CI under analysis
On the measures identified and their effectiveness
Extensive knowledge of historical events
To be maintained and reviewed/improved
It’s difficult to taylor the Contingency Plan in order to make it effective,
especially with regard to the costs.
…in the Oil&Gas Field
Precise formulas exist
Well defined parameters to be
Correct functioning of the system
Service Level Agreement measures
Monitoring to be carried out by
SCADA systems are used to
monitor some parts of the system
P decrease at CS
decrease due to
a normal load
Activities can proceed
Normally without additional
Verify the instruments
functionality in C.R. and on
Repair the instruments.
Activities can proceed normally
Verify the Flowrate at RT
Initialize Emergency Notification
to ERT Coordinator.
Possible Leak in Zone "1", “2” or
Start further verifications and
Activities can proceed normally
if within the operating limits
…in the ICT Field
Main measures are referred to availability and performance of the whole
Monitoring is mostly automatic
Actions to be performed are mostly automatic
Effectiveness is easier to be evaluated
The main focuses for the INMOTOS project are represented by the
interdependencies among infrastructures and the contingency plans
adopted in case of emergency.
Both the Critical Infrastructures and the Contingency Plans are
modeled as Coloured Petri Nets (CPN).
The assessment of CI risks and validation of Contingency Plan is
performed by simulating their behaviour against a likely scenario.
Risk is evaluated at different layers and be seen as an aggregation of
lower risks level (top-down or bottom-up approach).
SESMAG aims at ensuring a low cost and replicable study for the
evaluation and implementation of a minimum set of security requirements
to increase Smart Grids security and resilience.
The study aims at providing a set of guidelines to define how to implement
secure smart grids and, on a scenario basis, a set of
requirements/measures to be implemented by the stakeholders.
Such an approach will allow for a convergent approach across Europe
towards a secure implementation of the Smart Grids and of the energy
infrastructures, ensuring a more reliable energy production and distribution
across the network.
The project outcome will ensure an increased resilience of the energy
networks to cyber attacks and physical outages due to mis-configuration of
the connected producing systems or unbalanced distribution and
• SESMAG Project should:
Analyse the currently deployed situation and the applicable best practices
Define a catalog of current vulnerabilities, threats/hazards and countermeasures
Perform a risk assessment
Define a set of guidelines for Secure and Resilient Smart Grids implementation
An IT support tool will be developed to support
the user in the analysis of the deployed grid.
Via San Nazaro,19
16145 Genova – Italy
Tel. +39 010 3628148 Fax +39 010 3621078
Web site http://www.dappolonia.it