Risk and Interdependencies in Critical Infrastructures

This chapter presents methods for analysing interdependencies in critical infrastructures. In general, there are three groups of methods for analysing interdependencies; (1) conceptual, (2) model and simulation and (3) empirical and knowledge-based approaches. Examples of methods belonging to these groups are presented. The latter part of the chapter discusses challenges related to modelling, focusing on how to deal with complexity, trade-offs between abstraction and fidelity, choice of consequence measures and obtaining information.

This chapter defines and discusses important concepts like risk, uncertainty, vulnerability and interdependency. In the literature, these concepts are used in various ways and there exists no common accepted terminology. Therefore, these terms are defined to provide a basis for consistent use throughout this book.

This chapter presents an approach for a cross-sector risk and vulnerability analysis (RVA) of critical infrastructures. The RVA is an extended version of a preliminary hazard analysis (PHA) and can be applied to any complex system with only minor adaptations. The analysis has three phases described below: (1) analysis preparation, (2) preliminary risk analysis and (3) detailed risk analyses. The objective of the RVA is to identify hazardous events related to the activity/system as thorough as reasonably practicable. In phase 2, risk is assessed by the analysis group from direct assessments of probabilities and consequences on a semi-quantitative scale, such as low (L), medium (M) and high (H). This is in line with a standard PHA, which aims to identify and assess all major risks, and provide risk-reducing measures, without including detailed risk calculations or analyses. The preliminary risk analysis is then used for screening, and the most critical events are investigated further for various detailed analyses and quantifications. The RVA described here intends to give a complete overview of all risks elements related to the systems under investigation.

Failures of critical infrastructures can represent a threat both to people, economy and societal functions and to national security. So, thorough risk analyses of infrastructures are required to reduce the probability and mitigate the consequences of failures. The interdependencies between infrastructures can be strong, but are seldom accounted for in current analyses. This chapter presents a method for assessing these interdependencies and also provides an example. The analysis is part of an overall cross-sector risk and vulnerability analysis (RVA), see Chap.​ 3.

In this chapter, a modelling framework for interdependent technical infrastructures is presented. As input to the framework, characteristics of interdependencies and the objectives of the modelling framework are discussed. The overall approach is to divide the modelling of technical infrastructures into two parts, a topological part and a functional part. The topological part describes the structure and how components are connected. The functional part describes the flow of the infrastructure and how the system reacts when strains affect it. This generic approach of how to model individual infrastructures then enables the inclusion of dependencies in and analyses of a “system-of-system” model. Three perspectives of vulnerability analyses are also presented: global vulnerability, critical components and geographical vulnerability. The presented framework is utilized in, but not limited to, the context of vulnerability analyses in Chap.​ 6 for two different types of interdependent technical infrastructures.

In this chapter, the modelling framework presented in Chap.​ 5 will be used to perform vulnerability analyses from three perspectives: global vulnerability, critical components, and geographical vulnerability. Two case studies of two real-world interdependent infrastructure systems are performed; one focusing on an electric distribution system coupled with a water distribution system, and one focusing on a railway system which is composed of seven interdependent systems.

Society is critically dependent on a reliable electricity supply to maintain its functionality. Electricity supply interruptions lead to direct consequences for the electricity users and will in general have an impact on dependent infrastructures and their services. This chapter describes a quantitative analytical approach for risk analysis of electricity supply. In this approach, the consequences of failures in the electricity system are analysed in terms of electricity supply interruptions to delivery points (DPs) serving for instance societal critical functions or other infrastructures. In a cross-sector risk analysis, this approach can be used in a detailed analysis for instance as input to cascade diagrams in the risk analysis of cascading failures and interdependencies with other infrastructures.

This chapter presents three case studies using the models and methods for risk analysis of electricity supply described in Chap.​ 7, as well as the basic concepts and interdependency modelling of Chaps.​ 2 and 4. The case studies comprise analyses of the reliability of supply for delivery points in the transmission and distribution grid, and a risk and vulnerability analysis including extraordinary events in the electricity system.

This chapter presents the challenges faced by the water utilities to provide safe, secure and reliable service to meet the Water Framework Directives 2000/60/EC and the water safety plan (WHO [16]). These directives among others will form framing conditions for the risk and vulnerability analysis to be conducted. The analysis approach follows standard methodology for risk and vulnerability described in Chap. 3 of this book. In order to structure the analysis, it is common to split the system into the various water cycle components. For each of these components, hazards and threats are identified, probability and consequences assessed, and finally, the total risk picture presented. Practical examples from the Oslo case study are presented to support the approach.

Information and communication technology (ICT) is increasingly becoming a part of all critical infrastructures, and thus, there is an increasing need to include ICT in all risk assessments. This chapter explains the dependencies between ICT and other infrastructures and provides an overview of the threats and risks associated with ICT. The chapter also gives an introduction to modelling techniques that is of particular use when performing risk analyses of ICT systems. The chapter ends with recommendations on how to include the ICT aspects in risk assessments of other infrastructures.

This chapter provides an approach to modelling and analysis of supply chain vulnerabilities due to physical and functional interdependencies in maritime transport systems. The results of the analysis are risk of supply breaches of the commodities transported by the system. The risk analysis is set into the context of development of infrastructure for maritime transport systems, where industrial shipping systems are used as an example. The risk analysis is used to balance the scale of the system’s infrastructure against an assessment of the requirements and vulnerabilities of the system’s dependents. The maritime transport system is here regarded as a critical infrastructure for supply of required commodities into a region.

This chapter presents a case study based on the approach described in Chap.​ 11. The case is a maritime transport system for distribution of liquefied natural gas, liquefied natural gas (LNG), from a producer to a set of receiving terminals in different geographical regions. The objective is to provide an example of modelling and analysis of interdependency risk in maritime transport infrastructure and potential-related vulnerabilities, where the transport system is part of a tightly coupled energy supply system. The main focus is given to the interdependency risk assessment of supply breaches of LNG based on detailed inventory routing–based simulations. Interdependency modelling and assessment based on the cascade model presented in Chap.​ 4 is discussed at the end.

This chapter has been written for engineering practitioners, support staff and researchers interested in how to assess and manage risks that arise because critical infrastructures are interconnected, and increasingly so. Infrastructures are large technical systems for water, electricity, transportation, telecommunications and financial services, among others, whose assets and services are considered vital to society. These engineered systems operate under legal, regulatory and mission mandates to be highly reliable, that is, to ensure the safe and continuous provision of the critical service in question, even during (especially during) peak demand or turbulent times. Because they operate under high reliability mandates, their control operators and staff take risk assessment and management seriously. This chapter focuses on what we consider to be neglected but extremely important topics related to the assessment, management and tracking of risks at the interconnected critical infrastructure system (ICIS) level. Special features of infrastructure control rooms are discussed, and an empirical analysis demonstrates conditions under which interconnected infrastructures share risks for joint management purposes.

Understanding the interconnections between critical infrastructures is a demanding task. This is even more the case when one includes their organizational contexts. In this chapter, we discuss some of the organizational challenges that have to be addressed when analysing and managing risks that involve several infrastructure sectors. The infrastructures of today are often run by networks of private and public entities, rather than single utility companies. Consequently, the number of organizations that need to be involved to map, analyse and manage risks that cross-sectors is increasing. The organizational changes also imply that work is managed and coordinated in ways that imply a stricter focus on efficiency and accountability with regard to core tasks and responsibilities. We argue that cross-sectorial safety management requires other organizational qualities as well. We outline a landscape where technologies become increasingly interconnected at the same time that the organizations managing them become increasingly fragmented. Risk identification and management requires increased transparency between companies that have few incentives to share information or cooperate. We present a set of recommendations and suggestions with relevance for public agencies and for infrastructure owners on how to address the organizational and institutional challenges born out of these processes.