1983 and 1988 concerned with adequacy. 1996 onward, concerned with terrorism. (Oklahoma bombing 1995), List of 1700 assets
From CPNI. Not sure…
CS5032 Lecture 19: Dependable infrastructure
CRITICALINFRASTRUCTUREDR JOHN ROOKSBY
IN THIS LECTUREWhat is infrastructure?• National infrastructures• Organisational infrastructures• Digital infrastructuresWhat is critical infrastructure?• How is infrastructure vulnerable?Understanding infrastructure• Problems of understanding existing infrastructure• Interdependencies in infrastructure
WHAT IS INFRASTRUCTURE?The installed base upon which operations and systems can runPublic infrastructure• National and international systems upon which societies operate: transport, energy, communications, etc. (Includes digital infrastructure).• Used to be publicly owned, but in the UK and many other counties it has been privatisedOrganisational infrastructure• A much newer use of the term• Physical and digital infrastructure used by an organisation• Not necessarily owned by the organisation
WHAT IS INFRASTRUCTURE?Sometimes a distinction is made between hard and soft infrastructure.Hard infrastructure• Large, physical networks • Energy networks, Transport, etc.Soft infrastructure• Institutions • Emergency services, financial services, health care, schools, etc.This is an artificial distinction Both hard and soft infrastructures are socio-technical
CHARACTERISTICS OFINFRASTRUCTURE• Large Scale • Spread over large geographic areas • Regional/National/International• Complex • Many components • Many interdependencies (internal and external)• Reliance on standards • Heterogeneous parts rely on standards for interoperation • Standards are not always uniformly applied across an infrastructure• Long term • Modern and legacy components • Emerges and changes over the long term • We have to live with decisions made a long time ago
ECONOMIC CHARACTERISTICS OF INFRASTRUCTURERarely one single owner and authority• Sub-systems and components are increasingly privatised • The theory is that privately operated infrastructure will be more efficient • However it is difficult to optimise an infrastructure when sections of it are run by self interested parties• Crosses national and international boundariesOften challenging to fund• We are often reluctant to pay for infrastructure• Where monopolies exist they are able to over-charge. However, competition where operational costs are low can lead to under- charging (and no re-investment).
SOCIAL CHARACTERISTICSOF INFRASTRUCTURELearned as part of membership• The use, and styles of use, of particular infrastructures signifies and is often an essential marker of membership of a community.Links with conventions of practice• Infrastructure both shapes and is shaped by the conventions of a community of practice, e.g. the ways that cycles of day-night work are affected by and affect electrical power ratesTaken for granted• Does not need to be re-invented every time we do something new• We often don’t pay much attention to it. The normally invisible quality of working infrastructure becomes visible when it breaksInfrastructure is “a relation”• Whether something is infrastructure depends on perspective (particularly for digital infrastructure). A focus for one person can be infrastructure for another.
THE EMERGENCE OFINFRASTRUCTUREInfrastructures are engineered, but not at the system level. Theyemerge through social and institutional processes• Begins with a “vision” (or visions). Later reality does not necessarily match this.• Competing designs emerge.• One or more local technologies become adopted as standard• We have to live with decisions made a long time agoThe history of power girds, sewer systems, railways and so on do notportray a rational process in which an ideal system is designed andbuilt, but a chaotic one.Cloud and grid computing are often likened to power grids• There is nothing inevitable about these becoming infrastructure, and the meaning of these terms continues to evolve.
WHAT IS CRITICALINFRASTRUCTURE?As individuals we often take infrastructure for granted, butorganisations and governments cannot.• Infrastructure needs to be maintained and adapted/modernised• Strategic decisions must be made about what kind of infrastructure to invest in (and how)• However, much infrastructure is not under control of a single organisation or authority• Infrastructure is vulnerableMany countries now have critical infrastructure programmes
CRITICAL INFRASTRUCTUREPROGRAMMES IN THE UK, EU, USAUK Government • Cabinet Office and the CPNI (Centre for the Protection of National Infrastructure)European Union • European Programme for Critical Infrastructure ProtectionUSA • Department of Homeland Security and the National Programme of Critical Infrastructure ProtectionGovernments do not have direct control of infrastructure, and sothese are governance and advisory programmes.What counts as critical varies from place to place
PERSPECTIVES UK EU USA UK EU USACommunications x x Nuclear industry xFood x x x ICTs x xEmergency x x Chemical x xServices industryEnergy x x x Research xFinance x x x facilitiesGovernment x Space xHealth x x x Defence x industrial baseTransport x x x Postal/shipping xWater x x x Monuments and x icons
UK SUB-CATEGORIES Landline Phones Mobile Telecommunications Production Postal Services ProcessingCommunications Import Broadcast Communications DistributionFood Retail Ambulance Fire and Rescue ElectricityEmergency Services Marine Gas Payment, Clearing Police Oil and SettlementEnergy Fuel Systems Public FinancesFinance Markets and Central Government Exchanges ParliamentGovernment Devolved Administrations Regional and Local AuthoritiesHealth Maritime Health and Social Care AviationTransport Land (Road and rail) Potable water supplyWater Dams Waste Water Services
USA – CHANGES OVER TIME 1983 1988 1996 1998 2001 2002 2003 2003Transportation X X X X X X X XWater X X X X X X X XEducation XPublic Health X X X X XPrisons XIndustrial capacity XWaste Services XTelecommunications X X X X X XEnergy X X X X X XBanking and Finance X X X X XEmergency Services X X X X XGov. continuity X X X XInformation Systems X X X X XNuclear facilities XSpecial events XAgriculture/food X X X XDefence industrial base X X XChemical industry X X XPostal/shipping services X X XMonuments and icons X XKey industry/tech sites XLarge gathering sites X
COMPONENTSWe have been looking so far at a high level• Ultimately, assurance has to be at the component levelJudgements need to be made about whether a technology orcomponent is a critical element of an infrastructure• Not every bridge or cable is essential to the overall system• Are VOIP services telecoms services?Designation carries implications.• “Critical” bridges get additional funding (so they all want one!)• Telecoms services need to carry emergency callsIt is very difficult, if not impossible to map every individual component• Yet many problems occur at the component level
INTERDEPENDENCIESFunctional: Reliance between components.Informational: Data flow from one node aides decision makingelsewhere.Shared Control: Control is from the same system/locationGeospatial: Physical proximityPurpose: A shared function or purposePolicy/procedural: A change in policy or procedure at one place mayhave effects elsewhere.Societal Interdependency: Changes to one component may havesocietal effects which lead to changes to others
BALTIMORE, HOWARDSTREET TUNNEL FIRE http://www.its.dot.gov/JPODOCS/REPTS_TE/13754.h tml
ENERGY CRISIS IN CALIFORNIADeregulationPolicies First Order Effects Second Order Third Order EffectsNew Energy EffectsMarketplaceDynamics Gas supply Cogeneration Oil ProductionTight, High-Cost Gas Curtailed Natural Reduced Steam Reduced Heavy OilSupplies Gas Production Injection for Heavy Production Oil ProductionUtility FinancialCrisis Refineries Road transportationSubstantialload growth Inventory build-up: Shortages of Electric Power Oil pipelines Curtailed Specially Operations Formulated Disruption of GasolineLack of New Supply demand imbalance product pipelines Storage terminals Air transportationGenerating andTransmissionCapacity Inventory Disruption of flight Drawdown: schedulesAging fleet of Shortages ofPower Plants Gasoline and Jet FuelLow HydroConditions Water Agriculture Banking and FinanceTransmission/E Disruption of Crop losses Financial lossesnvironmental irrigation pumpsConstraints
PROTECTING AND ASSURINGINFRASTRUCTUREA difficult problem• Infrastructure is rarely under individual control• Infrastructure is large scaleAssurance takes place through governance processes and riskmanagement• Identify key components• Identify vulnerabilities• Identify threats• Construct risk models• Assess possible outcomes from loss• Make/request/lobby for necessary improvements• Make contingency plansNone of these steps are trivial!
KEY POINTSInfrastructure is critical to business, security, health, society.• We are increasingly reliant on digital infrastructure.Infrastructure is large scale, complex, has modern and legacycomponents, and many interdependencies.Securing infrastructure is a hard problem• Hard to know what you have• Hard to assess vulnerabilities• Difficult to make improvements because infrastructure is rarely under direct control of those it is critical to
SOURCESP. Pederson, D. Dudenhoeffer, S. Hartley, M. Permann (2006) CriticalInfrastructure Interdependency Modeling: A Survey of U.S. and InternationalResearch. Idaho National LaboratoryJohn Moteff and Paul Parfomak (2004) Critical Infrastructure and Key Assets:Definition and Identification. Report for Congress.Susan Leigh Star, Karen Ruhleder, (1994) Steps Towards an Ecology ofInfrastructure: Complex Problems in Design and Access for Large-ScaleCollaborative Systems. CSCW 1994. ACM Press.USA National Infrastructure Protection Plan • http://www.dhs.gov/files/programs/editorial_0827.shtmUK Centre For Protection of National Infrastructure • http://www.cpni.gov.uk/