Consequence-, time- and interdependency-based risk assessment in the field of critical infrastructure

Abstract

The disruption of any critical infrastructural sector has the potential to create significant direct consequences and cross-sectoral effects in a short period of time. In this article, we suggest a consequence-, time- and interdependency-based risk assessment approach that seeks to identify which direct consequences and intersectoral effects are likely to emerge in what time frame. We argue that critical infrastructures with the capacity to cause the greatest societal consequences and strongest intersectoral negative effects in the shortest time represent the most risky infrastructures. Such a direct risk assessment was further improved by a network-based risk calculation that takes not only first-order effects into account, but also the n-order intersectoral cascading effects. Applying this model to 17 infrastructural subsectors in Slovenia shows that the network transfer of effects among critical infrastructures can considerably and unpredictably change their initially calculated risk. The riskiest subsectors at the maximal level of network effects turned out to be those on which other subsectors heavily directly and indirectly depend: electricity, ICT, road transport and financial instruments. Risk management in the critical infrastructure protection field and related defence in depth should focus its limited resources on those infrastructures with the biggest network-based risk.

This is a preview of subscription content, access via your institution.

Figure 1
Figure 2
Figure 3
Figure 4

Notes

  1. 1.

    In the case of Italy, the whole country was affected except for the islands. In the other case, Ohio, Michigan, Pennsylvania, New York, Vermont, Massachusetts, Connecticut, New Jersey and even Ontario were affected by the massive blackout.

  2. 2.

    A normalized dependency matrix is obtained by dividing all values by 4 to obtain a scale from 0 to 1.

  3. 3.

    α can at most be 1/λ, where λ is the highest eigenvalue of the N matrix. Higher values could lead to negative risks.

  4. 4.

    The process of designing the questionnaire was based on preliminary theoretical studies of critical infrastructure, case studies of other countries, and EU policy in this field. The first version of the questionnaire was tested by our academic colleagues for its clarity and methodological consistency and also commented on by the (subsectoral) experts from practice. These comments confirmed the empirical usability of the questionnaire and led us to adapt some questions. The three questions on consequences, time effects and interdependency were closed and quantitative, whereas the remaining questions (not part of this article) were predominantly qualitative and open (see Prezelj et al, 2012).

  5. 5.

    Larger values would result in negative risk values.

References

  1. Anderson, C.W., Santos, J.R. and Haimes, Y.Y. (2007) A risk-based input-output methodology for measuring the effects of the August 2003 Northeast blackout. Economic Systems Research 19 (2): 183–204.

    Article  Google Scholar 

  2. Ashmore, W.C. (2009) Impact of alleged Russian cyber attacks. Baltic Security & Defence Review 11: 4–40.

    Google Scholar 

  3. Aven, T. (2011a) Quantitative Risk Assessment. Cambridge, UK: Cambridge University Press.

    Google Scholar 

  4. Aven, T. (2011b) A risk concept applicable for both probabilistic and non-probabilistic perspectives. Safety Science 49 (8–9): 1080–1086.

    Article  Google Scholar 

  5. Barker, K. and Santos, J.R. (2010) A risk-based approach for identifying key economic and infrastructure systems. Risk Analysis 30 (6): 962–974.

    Article  Google Scholar 

  6. Batagelj, V. and Mrvar, A. (2011) Pajek 2.03, http://pajek.imfm.si/doku.php?id=download, accessed 11 April 2011.

  7. Ben-Ari, A. and Or-Chen, K. (2009) Integrating competing conceptions of risk: A call for future direction of research. Journal of Risk Research 12 (6): 865–877.

    Article  Google Scholar 

  8. Biedleman, S.W. (2011) Defining and deterring cyber war. Military Technology 35 (11): 57–62.

    Google Scholar 

  9. Bier, V.M., Haimes, Y.Y., Lambert, J.H., Matalas, N.C. and Zimmerman, R. (1999) A survey of approaches for assessing and managing the risk of extremes. Risk Analysis 19 (1): 83–94.

    Google Scholar 

  10. Boin, A., Lagadec, P., Michel-Kerjan, E. and Overdijk, W. (2003) Critical infrastructures under threat: Learning from the anthrax scare. Journal of Contingencies and Crisis Management 11 (3): 99–104.

    Article  Google Scholar 

  11. Bonacich, P. (1972) Factoring and weighting approaches to status scores and clique identification. Journal of Mathematical Sociology 2 (1): 113–120.

    Article  Google Scholar 

  12. Bonacich, P. (1987) Power and centrality: A family of measures. American Journal of Sociology 92 (5): 1170–1182.

    Article  Google Scholar 

  13. Bonacich, P. and Lloyd, P. (2001) Eigenvector-like measures of centrality for asymmetric relations. Social Networks 23 (3): 191–201.

    Article  Google Scholar 

  14. Borgatti, S.P. (2005) Centrality and network flow. Social Networks 27 (1): 55–71.

    Article  Google Scholar 

  15. Borgatti, S.P. and Everett, M.G. (1999) Models of core/periphery structures. Social Networks 21 (4): 375–395.

    Article  Google Scholar 

  16. Borgatti, S.P. and Everett, M.G. (2006) A graph-theoretic perspective on centrality. Social Networks 28 (4): 466–484.

    Article  Google Scholar 

  17. Borgatti, S.P., Mehra, A., Brass, D.J. and Labianca, G. (2009) Network analysis in the social sciences. Science 323 (5916): 892–895.

    Article  Google Scholar 

  18. Bradley, J. (2007) Time period and risk measures in the general risk equation. Journal of Risk Research 10 (3): 355–369.

    Article  Google Scholar 

  19. Buldyrev, S.V., Parshani, R., Paul, G., Stanley, H.E. and Havlin, S. (2010) Catastrophic cascade of failures in interdependent networks. Nature 464 (7291): 1025–1028.

    Article  Google Scholar 

  20. Bundesamt für Sicherheit in der Informationstechnik. (2008) Analyse Kritischer Infrastrukturen: Die Methode AKIS, https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Kritis/AKIS_2008_pdf.pdf?__blob=publicationFile, accessed 21 December 2011.

  21. Copas, J. (1999) Statistical modelling for risk assessment. Risk Management 1 (1): 35–49.

    Article  Google Scholar 

  22. CSIS Conference. (1998) The Y2 K crisis: A global ticking time bomb? The Washington Quarterly 21 (4): 147–166.

  23. Di Mauro, C., Bouchon, S., Logtmeijer, C., Pride, R.D., Hartung, T. and Nordvik, J.P. (2010) A structured approach to identifying European critical infrastructures. International Journal of Critical Infrastructures 6 (3): 277–292.

    Article  Google Scholar 

  24. Dunn, M. (2004) Analysis of methods and models for CII assessment. In: M. Dunn and I. Wiegert (eds.) International CIIP Handbook 2004: An Inventory and Analysis of Protection Policies in Fourteen Countries. Zurich, Switzerland: ETH – Swiss Federal Institute of Technology, pp. 219–297.

    Google Scholar 

  25. Dunn, M. (2005) The socio-political dimensions of critical information infrastructure protection. International Journal of Critical Infrastructures 1 (2/3): 258–268.

    Article  Google Scholar 

  26. Dunn, M. and Mauer, V. (eds.) (2006) Introduction. In:International CIIP Handbook 2006 – Vol II: Analyzing Issues, Challenges and Prospects. Zurich, Switzerland: Center for Security Studies.

    Google Scholar 

  27. Dunjo, J., Fthenakis, V., Vilchez, J. and Arnaldos, J. (2010) Hazard and operability (HAZOP) analysis: A literature review. Journal of Hazardous Materials 173 (1–3): 19–32.

    Article  Google Scholar 

  28. European Commission. (2006) Proposal for a Directive of the Council on the Identification and Designation of European Critical Infrastructures, 16933/06, 2006/0276(CNS), 18 December, Brussels.

  29. Freeman, L.C. (1979) Centrality in social networks conceptual clarification. Social Networks 1 (3): 215–239.

    Article  Google Scholar 

  30. Fischer, F. (2010) Kritische Infrastrukturen Denkweisen, Zusammenhänge, Visualisierungen, Karlsruher Institut für Technologie (K.I.T.), Institut für Kern- und Energietechnik (IKET), Karlsruhe.

  31. Gorman, S.P. (2005) Networks, Security and Complexity: The Role of Public Policy in Critical Infrastructure Protection. Cheltenham, UK: Edward Elgar.

    Google Scholar 

  32. Haimes, Y.Y. (2004) Risk Modeling, Assessment, and Management. Hoboken, NJ: John Wiley & Sons.

    Google Scholar 

  33. Haimes, Y.Y. (2009) On the complex definition of risk: A systems-based approach. Risk Analysis 29 (11): 1647–1654.

    Article  Google Scholar 

  34. Hansen, M. (1999) Y2 K the year 2000: Apocalypse soon. Professional Safety 44 (2): 37–42.

    Google Scholar 

  35. Hansson, S.O. (2010) Risk: Objective or subjective, facts or values. Journal of Risk Research 13 (2): 231–238.

    Article  Google Scholar 

  36. International Risk Governance Council. (2006) White Paper on Risk Governance: Towards an Integrative Approach, Geneva, http://www.irgc.org/IMG/pdf/IRGC_WP_No_1_Risk_Governance__reprinted_version_.pdf, accessed 20 December 2011.

  37. Kaplan, S. (1997) The words of risk analysis. Risk Analysis 17 (4): 407–417.

    Article  Google Scholar 

  38. Kletz, A.T. (1997) Hazop – Past and future. Reliability Engineering and System Safety 55 (3): 263–266.

    Article  Google Scholar 

  39. Koubatis, A. and Schonberger, J.Y. (2005) Risk management of complex critical systems. International Journal of Critical Infrastructures 1 (2/3): 195–215.

    Article  Google Scholar 

  40. Le Grand, G., Springinsfeld, F. and Riguidel, M. (2003) Policy Based Management for Critical Infrastructure Protection: ACIP Project. Paper presented at the Annual Meeting ‘Informatik 2003’ of the German Informatics Society, Johann Wolfgang Goethe-Universitä’, Frankfurt am Main.

  41. Leontief, W.W. (1951) Input–output economics. Scientific American 185 (4): 15–21.

    Article  Google Scholar 

  42. Lewis, T. (2006) Critical Infrastructure Protection in Homeland Security: Defending a Networked Nation. New Jersey: Wiley Interscience.

    Google Scholar 

  43. Lian, C. and Haimes, Y.Y. (2006) Managing the risk of terrorism to interdependent infrastructure systems through the dynamic inoperability input–output model. Systems Engineering 9 (3): 241–258.

    Article  Google Scholar 

  44. Lowrance, W. (1976) Of acceptable Risk: Science and the Determination of Safety. Los Altos, CA: William Kaufmann.

    Google Scholar 

  45. Luiijf, E., Burger, H. and Klaver, M. (2003) Critical infrastructure protection in the Netherlands: A quick scan. Paper presented at the ECAIR Conference on Best Paper Proceedings in Copenhagen, http://www.crypto.rub.de/imperia/md/content/lectures/kritis/bpp_13_cip_luiijf_burger_klaver.pdf.

  46. Lyall, C. and Tait, J. (eds.) (2005) Shifting policy debates and the implications for governance. In: New Modes of Governance: Developing an Integrated Policy Approach to Science, Technology, Risk and the Environment. Aldershot, UK: Ashgate, pp.1–17.

    Google Scholar 

  47. North American Electric Reliability Council. (2004) Technical Analysis of the August 14, 2003, Blackout: What Happened, Why, and What Did We Learn? (2004), Report to the NERC Board of Trustees by the NERC Steering Group, July 13, http://www.nerc.com/docs/docs/blackout/NERC_Final_Blackout_Report_07_13_04.pdf, accessed 9 May 2012.

  48. Mandel, R. (1999) Deadly Transfers and the Global Playground: Transnational Security Threats in a Disorderly World. Westport, CT: Praeger.

    Google Scholar 

  49. Perrow, C. (1999) Normal Accidents: Living with the High-Risk Technologies. Princeton, NJ: Princeton University Press.

    Google Scholar 

  50. Prezelj, I., Kopač, E., Svete, U. and Žiberna, A. (2012) Cross-sectoral scanning of critical infrastructures: From functional differences to policy-relevant similarities. Journal of Homeland Security and Emergency Management 9 (1): 1–29.

    Article  Google Scholar 

  51. Quiggin, J. (2005) The Y2 K scare: Causes, costs and cures. Australian Journal of Public Administration 64 (3): 46–55.

    Article  Google Scholar 

  52. Quirk, M.D. and Fernandez, S.J. (2005) Infrastructure robustness for multiscale critical missions. Journal of Homeland Security and Emergency Management 2 (2), Article 2. doi: 10.2202/1547-7355.1092.

  53. Reeve, S. and McGhee, C. (1996) The Millennium Bomb: Countdown to a £400 Billion Catastrophe. London: Vision Paperbacks.

    Google Scholar 

  54. Rinaldi, S.M., Peerenboom, J.P. and Kelly, T.K. (2001) Identifying, understanding, and analyzing critical infrastructure interdependencies. IEEE Control Systems Magazine 21 (6): 11–25.

    Article  Google Scholar 

  55. Rosenthal, U., Charles, M. and T'hart, P. (1989) The world of crisis and crisis management. In: U. Rosenthal and P. T'hart (eds.) Coping with Crises: The Management of Disaster, Riots and Terrorism. Springfield, MA: Charles Thomas.

    Google Scholar 

  56. Santos, J.R. and Haimes, Y.Y. (2004) Modeling the demand reduction input-output (i-o) inoperability due to terrorism of interconnected infrastructures. Risk Analysis 24 (6): 1437–1451.

    Article  Google Scholar 

  57. Shackelford, S.J. (2009) From nuclear war to net war: Analogizing cyber attacks in international law. Berkeley Journal of International Law 27 (1): 192–251.

    Google Scholar 

  58. Smith, D. and Fischbacher, M. (2009) The changing nature of risk and risk management: The challenge of borders, uncertainty and resilience. Risk Management 11 (1): 1–12.

    Article  Google Scholar 

  59. Sophie, A. (2003) Blackout in Italy underlines need for new power plants. Christian Science Monitor 95 (213): 7.

    Google Scholar 

  60. Standards Australia & New Zealand. (2009) Risk Management – Principles and Guidelines, AS/NZS ISO 31000:2009, Council of Standards Australia and Council of Standards New Zealand: Sydney and Wellington.

  61. The Council of The European Union. (2008) Council Directive 2008/114/EC of 8 December 2008 on the Identification and Designation of European Critical Infrastructures and the Assessment of the Need to Improve their Protection. 2008/114/EC.Sect. L 345: 75–82.

  62. U.S.–Canada Power System Outage Task Force. (2004) Final Report on the August 14, 2003 Blackout in the United States and Canada: Causes and Recommendations. April, https://reports.energy.gov/BlackoutFinal-Web.pdf, accessed 9 May 2012.

  63. Van Asselt, M.B.A. and Renn, O. (2011) Risk governance. Journal of Risk Research 14 (4): 431–449.

    Article  Google Scholar 

  64. Willis, H.H. (2007) Guiding resource allocations based on terrorism risk. Risk Analysis 27 (3): 597–606.

    Article  Google Scholar 

  65. Willis, H.H., Morral, A.R., Kelly, T.K. and Medby, J. (2005) Estimating Terrorism Risk. Santa Monica, CA: RAND Corporation.

    Google Scholar 

  66. Zimmerman, R. (2004) Decision-making and the vulnerability of interdependent critical infrastructure. Systems, Man and Cybernetics, 2004 IEEE International Conference 5 (213): 4059–4063.

    Article  Google Scholar 

Download references

Acknowledgements

The empirical part of this article was made possible by a grant from the Slovenian Research Agency and the Ministry of Defense (project title: Definition and Protection of Critical Infrastructures, CRP M5-0159). We are grateful for the comments on early drafts provided by Rae Zimmerman, Andrej Blejec, Alain de Beuckelaer and the two anonymous reviewers.

Author information

Affiliations

Authors

Corresponding author

Correspondence to Iztok Prezelj.

Additional information

The article was presented in 2011 at the twentieth SRA-Europe Meeting in Stuttgart.

Appendices

Appendix A

Table A1

Table A1 Categories and scales for assessing the direct consequences of a subsectoral malfunction (European Commission, 2006; The Council Of The European Union, 2008, p. 78)

Appendix B

Table B1

Table B1 Workshops and participating experts

Appendix C

Figure C1

Figure C1
figure5

Direct risk in relation to estimated consequences, time and cross-sectoral influences.

Appendix D

Table D1

Table D1 Network-based risks at different α's (with ranks in brackets)

Rights and permissions

Reprints and Permissions

About this article

Cite this article

Prezelj, I., Žiberna, A. Consequence-, time- and interdependency-based risk assessment in the field of critical infrastructure. Risk Manag 15, 100–131 (2013). https://doi.org/10.1057/rm.2013.1

Download citation

Keywords

  • critical infrastructure
  • risk
  • risk assessment
  • network
  • interdependency