Modeling the Complexity of Critical Infrastructures

581 views

Published on

by Enrico Zio

Chair on Systems Science and the Energy Challenge – Ecole Centrale Paris and Supelec, European Foundation for New Energy-Electricité de Franc e Energy Department, Politecnico di Milano, Italy

Published in: Technology, Business
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
581
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
17
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Modeling the Complexity of Critical Infrastructures

  1. 1. MODELING THE COMPLEXITY OF CRITICAL INFRASTRUCTURES Enrico Zio Chair on Systems Science and the Energy Challenge – Ecole Centrale Paris and Supelec, European Foundation for New Energy-Electricité de France Energy Department, Politecnico di Milano, Italy
  2. 2. Statement 1: Critical Infrastructures are (Engineered) Complex Systems 2
  3. 3. Complex Systems •Network of many interacting components •Components of heterogeneous type •Hierarchy of subsystems •Interactions across multiple scales of space and/or time Dependences (uni-directional) and interdependences (bi-directional) 3
  4. 4. Critical Infrastructures are Engineered Complex Systems 4
  5. 5. Critical Infrastructures are Engineered Complex Systems: Structural complexity Structural complexity : • heterogeneity of components across different technological domains due to increased integration among systems • dimensionality: large number of nodes highly interconnected also with other systems (dependences and interdependences) • scale of connectivity demands for increased amount and quality of information to describe the state of the system. 5
  6. 6. Critical Infrastructures are Engineered Complex Systems: Dynamic complexity Dynamic complexity : • emergence of system behavior in response to changes in the environmental and operational conditions of parts of the system. 6
  7. 7. Statement 2: To protect Critical Infrastructures, we must model them to know their behavior 7
  8. 8. Modeling Engineered Complex Systems system logic representation system mathematical model system model quantification uncertainty analysis and quantification 8
  9. 9. Modeling Engineered Complex Systems physical attributes {structure, dynamics, dependencies and interdependencies, …} operation and management attributes {communication, control, human and organizational factors, logistics…} performance and safety attributes {reliability, availability, maintainability, risk, vulnerability, …} economic attributes {life-cycle costs, costs-benefits, market drivers…} social attributes {supply-demand, active players, …} environmental attributes {pollution, sustainability, …} 9
  10. 10. Systems of Systems 10
  11. 11. Systems of Systems Power transmission Railway Communication Physical Dependency Physical Dependency Cyber Dependency, pcp Cyber Dependency, pcr 11
  12. 12. Corollary to statement 2: To protect Critical Infrastructures, we must model their response to hazards, failures and threats to analyze their Reliability/Risk/Vulnerability/Resilience/… characteristics 12
  13. 13. Reliability/Risk/Vulnerability/Resilience/… analysis 13
  14. 14. Reliability/Risk/Vulnerability/Resilience/… analysis System analysis: - hazards and threats identification - physical and logical structure identification - dependencies and interdependences identification and modeling - dynamic analysis (cascading failures) Quantification of system indicators Identification of critical elements Application for system improvements (optimization): W. Kroger and E. Zio, “Vulnerable Systems”, Springer, 2011 design - operation - protection 14
  15. 15. Statement 3: To model the (engineered) complex systems (of systems) which make our Critical Infrastructures, there is not one single modeling approach that “captures it all” 15
  16. 16. Modeling the complexity of Critical Infrastructures Modeling Critical Infrastructures APPROACHES Topological Flow Phenomenological Logical OUTPUTS System indicators Critical elements 16
  17. 17. Modeling the complexity of Critical Infrastructures: The Dual Analysis • Critical Infrastructures are engineered complex systems: structure + dynamics+ failure/recovery process Inverse Problem Direct Problem Disaggregation Challenge Aggregation Challenge Identifying Vulnerabilities at the Components Level Evaluating Global Indicators • Critical Infrastructures modeling: topological, flow, phenomenological, logic Detail Computational cost 17
  18. 18. Modeling the complexity of Critical Infrastructures Modeling Critical Infrastructures APPROACHES Topological Flow Phenomenological Logical OUTPUTS System indicators Critical elements 18
  19. 19. Modeling the complexity of Critical Infrastructures Hierarchical network representation framework and vulnerability analysis 34 30 23 59 31 60 40 61 76 62 64 78 71 83 79 86 110 112 111 107 114 109 119 Criticality of the inter-cluster components Multi-level reliability analysis based on the hierarchical network representation Fang Y.-P., Zio E. “Unsupervised spectral clustering for hierarchical modelling and criticality analysis of complex networks,” Reliability Engineering & System Safety, Volume 116, 2013, Pages 64-74. 19
  20. 20. Modeling the complexity of Critical Infrastructures Modeling Critical Infrastructures APPROACHES Topological Flow Phenomenological Logical OUTPUTS System indicators Critical elements 20
  21. 21. Modeling the complexity of Critical Infrastructures Modelling the cascading failure (topological method) Node load: 1 Lk = N N S C n (k ) ij ∑ j ∈V , j ∈V , k ∈V , i ≠ j ≠ k n S C ij Initialize load, capacity Initial failure Node capacity: C k = (1 + α ) L k n ij number of shortest paths between generators and distributors n (k ) number of shortest paths between ij generators and distributors passing load redistribution YES more failures occur? NO cascading end NS, NC through node k number of generator, distributor VS, VC set of generator, distributor loss evaluation α Network tolerance (robustness) betweenness–based cascading failure model 21
  22. 22. Modeling the complexity of Critical Infrastructures Optimal network design against cascading failure S C 0.8 cascading vulnerability Objectives: maximize the resilience of the network in resisting to cascading failures with limited construction cost    min  ∑ ϕX ij  Network cost  i∈V , j∈V    min { (G )} Cascading failure loss Vul   ∑ X ij > 0 ∀j ∈ VC  i∈V s.t.   ∑ X ij > 0 ∀i ∈ VS  j∈V Variables: generator distributor links X ij 0.5 0.4 0.3 0.2 0.1 2000.00 4000.00 6000.00 8000.00 cost 1 0.9 original network Pareto solution 3 Pareto solution 5 0.8 cascading vulnerability Tradeoff between cost and gained network resilience 0.6 0.0 0.00 C Improve network resilience by adding redundant links in a suitable way 0.7 0.7 0.6 1 2 8 34 5 6 46 7 9 11 10 45 14 44 15 13 12 43 87 16 33 8485 86 19 18 42 17 252432 83 88 41 47 23 31 20 21 2630 82 22 27 81 28 80 34 29 92 89 35 52 38 91 54 36 90 37 3940 79 93 94 96 53 70 71 76 63 95 56 77 69 97 55 67 73 68 72 99 6566 74 57 75 100 98 62 78 61 6058 59 128 129 101 102 135 148 104 105 147 130 103 146 132 145 149 106 133138 144 134 131 139 142 109 136 137 143 154 150 140 155 141 152 108 127 157151 107 110 159 156 153 125 126 111 158 160 116 115 112 161 162 171 163 166 117 165 170 164 118 167 169 113 120 121 168 114 122 119 123 50 51 49 48 64 0.5 0.4 124 0.3 0.2 0.1 Fang Y.-P., Zio E., “Optimal Production Facility Allocation for Failure Resilient Critical Infrastructures,” ESREL 2013. 0 0 0.2 0.4 0.6 0.8 1 α 1.2 1.4 1.6 1.8 2 22
  23. 23. Modeling the complexity of Critical Infrastructures Spreading rules: • fixed load (5%) transferred after a failure to neighboring nodes • fixed load, I, (10%) transferred after a failure to interdependent nodes 61% 105% 87% 65% 103% 87% 101% 106% 85% 49% 32% 106% 70% 58% 105% 93% 67% 96% 48% 100% Propagation follows until no more working component can fail 38% 22% 91% 21% 100% = component relative limit capacity Initiating event: uniform disturbance (10%) 23
  24. 24. Modeling the complexity of Critical Infrastructures 25 Average Cascade Size, S 20 15 10 5 0 0.5 Scr = 15% 0.55 0.6 0.65 0.7 0.75 Average initial load, Lcr = 0.7266 0.8 0.85 0.9 0.95 1 L Lcr = 0.8662 E. Zio and G. Sansavini, "Modeling Interdependent Network Systems for Identifying Cascade-Safe Operating Margins", IEEE Transactions on Reliability, 60(1), pp. 94-101, March 2011 24
  25. 25. Modeling the complexity of Critical Infrastructures Modeling Critical Infrastructures APPROACHES Topological Flow Phenomenological Logical OUTPUTS System indicators Critical elements 25
  26. 26. Modeling the complexity of Critical Infrastructures Main inputs: • Main Feedwater system Internal barriers: • Water systems: - High Pressure Coolant Injection (HPCI) System - Low Pressure Coolant Injection (LPCI) System • Depressurization system: - Automatic Depressurization system (ADS) • Power system: - Diesel Generator (DG) External supports: • Water system: - Water from the river • Power system: - Offsite power Recovery supporting elements: • Road transportation system: - Road access (R) 26
  27. 27. Modeling the complexity of Critical Infrastructures system logic representation system mathematical model system model quantification uncertainty analysis and quantification 27
  28. 28. System logic representation: GTST-DMLD 28
  29. 29. Modeling the complexity of Critical Infrastructures system logic representation system mathematical model system model quantification uncertainty analysis and quantification 29
  30. 30. System mathematical model: multistate Function Structure At component level 3: No damages 2: Slight damages Combinations of structural and functional multistates considered 2: Partialy working 1: Strong damages Structure 3: Fully working 1: Not working Function Structure Function 3 3 3 2 2 2 1 1 1 3 2 1 Structural Functional damage[%] output [gpm] 0 5000 0 ÷ 10 (small 4625 /intermediate leaks) > 10 < 4625 3 3 3 1 1 1 e.g., power pole e.g., water pipe State Function Structure State 3 2 1 Structural damage[%] 0 0 ÷ 12 > 10 e.g., automatic depressurization system Functional output [%] State 100 0 3 1 Structural damage[%] 0 >0 Functional output [%] 100 0 At system level State 3 (Healthy): Safety of the Nuclear Power Plant (NPP) given by two water systems: one of them is in state 3 and the other one is at least in state 2. State 2 (Marginal): Safety of the NPP given by one water system that is at least in state 2. State 1 (At Risk): No safety of the NPP: all the water systems are in state 1. 30
  31. 31. Modeling the complexity of Critical Infrastructures system logic representation system mathematical model system model quantification uncertainty analysis and quantification 31
  32. 32. Quantitative evaluation: procedural steps Probabilistic Seismic Hazard Analysis: Ground motion at a site of interest for any magnitude Fragility evaluation: Conditional probability of exceeding a level of damage, given a ground motion level Safety Resilience 1. Evaluate the structural (and corresponding functional) state of each component by MC simulation 2. Compute the functional state of the NPP by GTST – DMLD 1. Sample the recovery time (RT) of the state 2 and/or 3 of each component from the corresponding pdfs 2. Determine the next structural state that will be reached 3. Sort the RT in increasing order and carry out the analysis from the smallest RT 4. Evaluate the occurrence of aftershocks before the restoration of the component with smallest RT 5. If the component with the smallest RT is not affected by aftershocks (i.e., it reaches the next state determined at step 2.), evaluate the functional state of the NPP; otherwise sample a new RT for the components affected by the aftershocks and go to step 3. 6. if the NPP is in state 3, stop the algorithm; else, proceed with the analysis of the component with the next smallest RT Repeat steps 1 – 2 n times Estimated probability of the NPP to be in the functional state 1, 2 or 3 Repeat steps 1 – 6 k times Probability density function of the RT of the safety of the NPP (states 2 and 3) 32
  33. 33. Analyzing Vulnerability and Failures in Systems of Systems: Safety and Resilience Analysis Resilience Probability density functions (PDFs) of the time necessary to restore the marginal (2) and healthy (3) states of the NPP from a risk state (1), after the occurrence of an earthquake and its aftershocks, in the case of multistate and binary state model. • From state 1 to state 2 • From state 1 to state 3 0.3 0.3 0.25 0.25 PDF 0.35 PDF 0.35 0.2 μ = 2.6 d 0.15 μ = 4.3 d 0.2 μ = 72.9 d 0.15 0.1 0.1 Multistate Binary state 0.05 0 Multistate Binary state 0 20 40 60 80 μ = 22.5 d 0.05 100 Recovery time [d] 0 0 20 40 60 80 100 Recovery time [d] Multistate model shows that a faster recovery to a marginal state is possible, but a longer time is needed to reach a healthy state 33
  34. 34. Reliability analysis Modeling Critical Infrastructures APPROACHES Topological Flow Phenomenological Logical OUTPUTS System indicators Critical elements 34
  35. 35. Modeling the complexity of Critical Infrastructures Consider a system of 2 interconnected systems where the system response is described by the switching dynamics: Mode 1: , Mode 2: , Mode 3: , Mode 4: , 35
  36. 36. Modeling the complexity of Critical Infrastructures Steps for describing the resilience region: Find the geometric locus of the equilibrium point ‘ ’. Describe the invariant set which contains the equilibrium point. Find the reachable regions for the invariant set (i.e. the invariant set is a basin of attraction for the resilience region). 36
  37. 37. Conclusions 37
  38. 38. The complexity of analyzing the Reliability/Risk/ Vulnerability/ Resilience/… in Critical Infrastructures Structural complexity: heterogeneity, dimensionality, connectivity Dynamic complexity : emergent behavior Uncertainty: aleatory, epistemic, perfect storms, black swans 38
  39. 39. The complexity of analyzing the Reliability/Risk/ Vulnerability/ Resilience/… in Critical Infrastructures System analysis: - hazards and threats identification - physical and logical structure identification - dependencies and interdependences identification and modeling Modeling Critical Infrastructures - dynamic analysis (cascading failures) APPROACHES Quantification of system safety indicators Identification of critical elements Topological Flow Phenomenological Application for system improvements: - design - OUTPUTS operation - Logical interdiction/protection System indicators Critical elements Systems of systems W. Kroger and E. Zio, “Vulnerable Systems”, Springer, 2011 39
  40. 40. The complexity of analyzing the Reliability/Risk/ Vulnerability/ Resilience/… in Critical Infrastructures Structural Complexity + Dynamic Complexity Modeling, Simulation, Optimization and Computational Challenges Phenomenological Topological Detail Computational cost Detail Computational cost Uncertainty Logic Detail Flow Detail Computational cost Risk + Control Theory Computational cost Integrated Approach 40
  41. 41. Acknowledgments Chair SSDE (ECP+Supelec, EDF): Yiping Fang, Elisa Ferrario, Elizaveta Kuznetzova, Yanfu Li, Rodrigo Mena, Nicola Pedroni Politecnico di Milano (ex): Giovanni Sansavini 41
  42. 42. More info Research www.ssde.fr (Ecole Centrale Paris and Supelec) lasar.cesnef.polimi.it (Politecnico di Milano) Application www.aramis3d.com 42

×