Advertisement

Resilient Critical Infrastructures

  • Matthias HollickEmail author
  • Stefan Katzenbeisser
Chapter

Abstract

Critical infrastructures, such as the electric grid or transportation systems, empower our modern society. Their disruption can seriously impair the daily lives of millions of people. Due to this fact, they are attractive targets in cyber war or in large-scale sophisticated attacks. Moreover, in disasters or crises, critical infrastructures might face severe perturbations or even a breakdown, thus affecting the population at large. This chapter begins by summarising the different critical infrastructure sectors and gives examples of previous incidents affecting the service offered by these infrastructures. It then goes on to introduce the concept of resiliency: resilient critical infrastructures are designed to withstand disasters, crises, and adversarial influence. They are able to maintain their core functionalities even under attack. The chapter subsequently discusses how critical infrastructures can be made resilient. This requires adopting a “defence in depth” concept, i.e., deploying multiple layers of security controls, but we also provide further recommendations to this end.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

Recommended Reading

  1. Engels, Jens Ivo (Editor) (2018): Key Concepts for Critical Infrastructure Research. Springer, Germany, ISBN 978-3-658-22919-1.Google Scholar

Bibliography

  1. Alsberg, P.A./ Day J.D. (1976): A Principle for Resilient Sharing of Distributed Resources, Proc. 2nd Int. Conf. on Software Engineering, San Francisco, Oct. 1976, pp. 562-570.Google Scholar
  2. Block, J (1950): An Experimental Investigation of the Construct of Egocontrol. Department of Psychology, Stanford University.Google Scholar
  3. CYSIS Working group (2017): Resilient Architectures in Railway Signalling, White paper, 2017. Available online http://www.cipsec.eu/sites/default/files/cipsec/public/content-files/blog/CYSIS_RA_Whitepaper_v2.2_EN.pdf.
  4. Duerr, Roxana Isabel (2014): Tacloban’s Arduous Recovery After ‘Haiyan’. Deutsche Welle. February 2014. Available online: https://www.dw.com/en/taclobans-arduous-recovery-after-haiyan/a-17463609.
  5. Elsner, Ivonne/ Huck, Andreas/ Marathe, Manas (2018): Resilience. In: Engels J. (Eds.). Key Concepts for Critical Infrastructure Research. Wiesbaden: Springer. ISBN 978-3-658-22919-1. pp. 31-38.Google Scholar
  6. Engels, Jens Ivo (Editor) (2018): Key Concepts for Critical Infrastructure Research. Wiesbaden: Springer. ISBN 978-3-658-22919-1.Google Scholar
  7. Geppert, Linda (2004): Lost Radio Contact Leaves Pilots On Their Own - Communications Error Wreaks Havoc in the Los Angeles Air Control System. In IEEE Spectrum, November 2004. Available online https://spectrum.ieee.org/aerospace/aviation/lost-radio-contact-leaves-pilots-on-theirown.
  8. German Federal Ministry of the Interior (2009): National Strategy for the Protection of Critical Infrastructures (KRITIS-Strategie). June 2009. Available online https://www.bmi.bund.de/SharedDocs/downloads/EN/publikationen/2009/kritis_englisch.html.
  9. Greenberg, Andy (2017): ‘Crash Override’: The Malware That Took Down a Power Grid. June 2017. Available online: https://www.wired.com/story/crash-override-malware/.
  10. Holling, Crawford S. (1973): Resilience and Stability of Ecological Systems; in: Annual Review of Ecology and Systematics 4 (1973), P. 1–23.Google Scholar
  11. Laprie, Jean-Claude (2008): From Dependability to Resilience. In Proceedings of 38th IEEE/IFIP Int. Conf. On Dependable Systems and Networks.Google Scholar
  12. North American Electric Reliability Council (2003): Technical Analysis of the August 14, 2003, Blackout: What Happened, Why, and What Did We Learn? Available online: https://www.nerc.com/docs/docs/blackout/NERC_Final_Blackout_Report_07_13_04.pdf.
  13. Oxford Dictionary of English. Oxford University Press. ISBN: 978-0-199-57112-3.Google Scholar
  14. Presidential Policy Directive 21 (PPD-21) (2015): Critical Infrastructure Security and Resilience Advances a National Policy to Strengthen and Maintain Secure, Functioning, and Resilient Critical Infrastructure. February 2015. Available online https://www.dhs.gov/sites/default/files/publications/ISC-PPD-21-Implementation-White-Paper-2015-508.pdf.
  15. Reliefweb (2013): Typhoon Haiyan - Nov 2013. Available online: https://reliefweb.int/disaster/tc-2013-000139-phl.
  16. Schlehuber, Christian/ Heinrich, Markus/ Vateva-Gurova, Tsvetoslava/ Katzenbeisser, Stefan / Suri, Neeraj (2017): A Security Architecture for Railway Signalling, In Proceedings of SAFECOMP 2017: 320-328.Google Scholar
  17. Shehod, Abir (2016): Ukraine Power Grid Cyberattack and US Susceptibility: Cybersecurity Implications of Smart Grid Advancements in the US. December 2016. Available online http://web.mit.edu/smadnick/www/wp/2016-22.pdf.
  18. TU-T Study Group 15 (2017): ITU-T L Suppl. 35 (06/2017). Available online http://handle.itu.int/11.1002/1000/13344.
  19. United Nations Office for Disaster Risk Reduction (UNISDR) (2009): UNISDR Terminology on Disaster Risk Reduction, 2009. Available online http://www.unisdr.org/files/7817_UNISDRTerminologyEnglish.pdf.

Copyright information

© Springer Fachmedien Wiesbaden GmbH, ein Teil von Springer Nature 2019

Authors and Affiliations

  1. 1.TU Darmstadt, Secure Mobile NetworksDarmstadtGermany
  2. 2.TU Darmstadt, Security EngineeringDarmstadtGermany

Personalised recommendations