Infrastructure resilience


Published on

Slides to accompany video on infrastructure resilience.

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • Maybe I need a slide on each of these.
  • Infrastructure resilience

    1. 1. <Infrastructure resilience, 2013 Slide 1 Infrastructure resilience Ian Sommerville
    2. 2. <Infrastructure resilience, 2013 Slide 2 Resilience • Resilience is the ability of assets, networks and systems to anticipate, absorb, adapt to, and recover from a disruptive event or series of events. • Resilience is about maintaining the continuity of a service in the presence of disruptive events
    3. 3. <Infrastructure resilience, 2013 Slide 3
    4. 4. <Infrastructure resilience, 2013 Slide 4 Pandemic disease • Pandemic disease is the highest impact risk because it potentially affects the whole of a national infrastructure as people become ill
    5. 5. <Infrastructure resilience, 2013 Slide 5 Cyber attacks • Cyber attacks that compromise confidentiality are not likely to have a major impact on the availability of a national infrastructure • But cyber attacks that affect the control systems are more serious
    6. 6. <Infrastructure resilience, 2013 Slide 6 Risk impact • Risk impact is related to the extent of the damage to infrastructure assets
    7. 7. <Infrastructure resilience, 2013 Slide 7 Impact depends on locality • Local incidents, such as a terrorist attack on physical infrastructure, have limited impact because they only affect a small part of that infrastructure
    8. 8. <Infrastructure resilience, 2013 Slide 8 Organisational infrastructure • Organisations may be more vulnerable than physical infrastructure • Incidents that affect the organisational infrastructure can have more significant impact – Organisations are less likely to be distributed
    9. 9. <Infrastructure resilience, 2013 Slide 9 Risk impact • Because physical infrastructure is distributed, failures in one part of a physical network are localised – A crack is discovered in one bridge but this does not affect other bridges in the network
    10. 10. <Infrastructure resilience, 2013 Slide 10 Software vulnerability • However, software control changes this – If common elements of an infrastructure are networked and controlled by the same software, a failure in one element (especially a malicious attack) can propagate throughout the network – Large-scale failures and unavailability therefore become possible
    11. 11. <Infrastructure resilience, 2013 Slide 11 Infrastructure dependencies • All infrastructure elements now depend on power and communications • Failure and unavailable of these infrastructures has the most impact Photo: creative commons/flickr/anemoneprojectors
    12. 12. <Infrastructure resilience, 2013 Slide 12 Infrastructure vulnerabilities • Limited physical protectio n
    13. 13. <Infrastructure resilience, 2013 Slide 13 Infrastructure vulnerabilities • Old/insecure software control systems Image:
    14. 14. <Infrastructure resilience, 2013 Slide 14 Infrastructure vulnerabilities • Lack of monitoring systems • Lack of coordination across infrastructure elements
    15. 15. <Infrastructure resilience, 2013 Slide 15 Infrastructure vulnerabilities • Lack of knowledge of infrastructure state or dependencies • Lack of knowledge of infrastructure demand
    16. 16. <Infrastructure resilience, 2013 Slide 16 Achieving resilience
    17. 17. <Infrastructure resilience, 2013 Slide 17 Resistance Provide protection against anticipated events or attacks – Flood defences – Cybersecurity awareness© Adrian Pingstone 2005
    18. 18. <Infrastructure resilience, 2013 Slide 18 Resistance • Based on previous experience and assumptions • Changing world or external circumstances may mean that assumptions are invalid
    19. 19. <Infrastructure resilience, 2013 Slide 19 Reliability • Infrastructure components should be designed to operate under a range of (anticipated) conditions not just ‘normal’ operating conditions
    20. 20. <Infrastructure resilience, 2013 Slide 20 Reliability • Components, as far as possible, should be designed for ‘soft’, incremental rather than catastrophic failure
    21. 21. <Infrastructure resilience, 2013 Slide 21 Digital and analog systems • Digital systems are more brittle than analog systems • Analog systems often fail gradually; computer-based systems often simply crash
    22. 22. <Infrastructure resilience, 2013 Slide 22 Redundancy • The network or system as a whole should be designed so that there are backup installations and spare capacity available.
    23. 23. <Infrastructure resilience, 2013 Slide 23 Redundancy • Examples – Computing support should be provided by different providers in different locations – Diverse generation capacity for electricity – Multiple locations for command and control
    24. 24. <Infrastructure resilience, 2013 Slide 24 Response and recovery • Respond to distruptive events quickly, limiting the damage as far as possible and ensuring public safety
    25. 25. <Infrastructure resilience, 2013 Slide 25 Response and recovery • Plan how to restore services as quickly as possible in the event of a loss of capability • Business continuity planning • Disaster recovery
    26. 26. <Infrastructure resilience, 2013 Slide 26 Achieving resilience • Advance planning to draw up contingency plans to cover anticipated problems • (a) good design of the network and systems to ensure it has the necessary resistance, reliability and redundancy (spare capacity), and • (b) by establishing good organisational resilience to provide the ability, capacity and capability to respond and recover from disruptive events.
    27. 27. <Infrastructure resilience, 2013 Slide 27 Key points • Critical infrastructure resilience is the ability of the infrastructure to continue to deliver essential services during and after a hazardous event • Infrastructure resilience depends on planning for contingencies and effective infrastructure design
    28. 28. <Infrastructure resilience, 2013 Slide 28 Key points • Software control of infrastructure systems potentially increases vulnerability because the effects of an event may not be localised • Resilient infrastructure design is based on 4 R’s – resistance, reliability, redundancy, and recovery