Challenges in the vulnerability and risk analysis of critical infrastructures
Introduction
In this paper, we consider critical infrastructures (CI) like the energy transmission and distribution networks, the telecommunication networks, the transportation systems, the water and gas distribution systems. These are complex systems made by many interacting components assembled by design to provide optimal performance, reliable operation and functional safety [109], [130].
CI are designed to function for long periods of time (several tens of years), through maintenance, updating and integration of new technologies. Extensions of capacity are also often required to meet changing and growing service demands. This leads to the need of injecting flexibility and adaptability to the system engineering design, to respond to the ever-changing domains of technology, society, economy, legislation and politics, which determine the profiles of service demand and the corresponding expected performance.
In this scenario of technologically and structurally evolving (and more and more interdependent) CI, understandable concerns are arising on their vulnerability and risk of failure, i.e. on the danger that:
- •
The allocated system capacities may not be adequate to support the growing demands in scenarios of greater CI integration and market deregulation;
- •
The safety margins preventively designed may not be sufficient to cope with the expected and, most of all, unexpected stresses arriving onto the systems.
These issues are difficult to analyze as, due to the complexity of CI, emergent behaviors may arise at system level from the collective response of the elementary components, in ways difficult to predict and manage. As a result, large uncertainties exist in the characterization of scenarios of CI failure [160].
On the practical side of the issue, the matter of fact is that CI are witnessing more and more system-level breakdowns, which emerge from small perturbations that cascade to large-scale consequences. Then, it is not surprising that CI protection and resilience have become a national and international priority, which calls for the analysis of CI vulnerability and the evaluation of their resilient properties, for ensuring their protection and resilience [124].
Here, the problem is that the classical methods of system vulnerability and risk analysis cannot capture the (structural and dynamic), complexities of CI; the analysis of these systems cannot be carried out with classical methods of system decomposition and logic modeling. A framework is needed for the integration of methods capable of viewing the problem from different perspectives (topological and functional, static and dynamic), suitable for coping with the high complexity of the system and the related uncertainties [84].
Several researchers have addressed this problem, introducing new perspectives and methods of analysis and applying them for the protection and resilience of CI (see for example [151], [110], for some reviews of methods). In this paper, the complexity of CI is presented as a challenging characteristic, which calls for an integrated framework of different types of analyses and methods of vulnerability and risk assessment, for application to CI protection and resilience. The concepts of vulnerability, risk and resilience are discussed in details and analyzed with respect to their characterization in CI, and the challenges therein. Recent new perspectives on these concepts and their applications are also discussed in relation to their applicability for analyzing CI vulnerability and risk in view of decision making for protection and resilience.
The paper is organized as follows:
- •
In Section 2, we introduce the concept of critical infrastructures and specify them as engineered complex systems;
- •
In Section 3, vulnerability and risk concepts are introduced and discussed with reference to critical infrastructures design and operation. Three statements are proposed to advocate the need for extended modeling as a way to understanding system behavior and capturing the related risk and vulnerability factors;
- •
In Section 4, some perspectives are offered on approaches for looking into the complexity characteristics of CI, for analyzing their vulnerability and risk.
Section snippets
Critical infrastructures
Infrastructures are large scale, man-made systems that function interdependently to produce and distribute essential goods (such as energy, water and data) and services (such as transportation, banking and health care). An infrastructure is termed critical if its incapacity or destruction has a significant impact on health, safety, security, economics and social well-being (Council Directive 2008/114/EC). A failure in such an infrastructure, or the loss of its service, can be damaging to a
Vulnerability and risk analysis
CI are exposed to many types of hazards, such as natural hazards, component aging and failure, sharp load demand increase, climatic changes, intentional attacks. For this reason, Critical Infrastructure Protection (CIP) has gained great importance in all nations, with particular focus being placed traditionally on physical protection and asset hardening [25], [26], [38], [90]. To protect CI, it requires modeling their component fragilities under different hazards and, then, analyzing their
Conclusion
The social and economic stability of the World has become strongly dependent on the reliable supply of essential goods and services that are transported and distributed across large technological networked infrastructure systems. These critical infrastructures are challenged by potential disruptive factors coming from the hazardous, natural and man-made, environments they are operated in, e.g. global warming, disease outbreaks, food (distribution) shortages, financial crashes, heavy solar
Acknowledgments:
The author thanks the eleven anonymous referees and the handling editors for their critical comments that have helped improve the paper in the different stages of its development, through six detailed revisions. Especially the criticisms by one patient referee have been instrumental for resiliently revising the work, helping to finally shape it in a much improved form. The author also acknowledges the contribution of Dr. Elisa FERRARIO in the constructive and expert check of the paper.
References (164)
- et al.
Reliability and validity of risk analysis
Reliab Eng Syst Saf
(2009) - et al.
A new perspective on how to understand, assess and manage risk and the unforeseen
Reliab Eng Syst Saf
(2014) - et al.
Scale-free characteristics of random networks: the topology of the World-Wide Web
Phys A
(2000) - et al.
Unavailability of critical SCADA communication links interconnecting a power grid and a Telco network
Reliab Eng Syst Saf
(2010) - et al.
Complex networks: structure and dynamics
Phys Rep-Rev Sect Phys Lett
(2006) - et al.
Controlling chaos in Internet congestion control model
Chaos Solitons Fractals
(2004) - et al.
Framework for analytical quantification of disaster resilience
Eng Struct
(2010) - et al.
Grid vulnerability analysis based on scale-free graphs versus power flow models
Electr Power Syst Res
(2013) - et al.
Comparing dynamics of cascading failures between network-centric and power flow models
Int J Electr Power Energy Syst
(2013) - et al.
Efficiency of scale-free networks: error and attack tolerance
Phys a-Stat Mech Appl
(2003)
A research on subway physical vulnerability based on network theory and FMECA
Safety Science
"System-of-systems" approach for interdependent critical infrastructures
Reliab Eng Syst Saf
Assessing nuclear power plant safety and recovery from earthquakes using a system-of-systems approach
Reliab Eng Syst Saf
On the assessment of uncertainty in risk diagrams
Saf Sci
The self-organization of the internet and changing modes of thought
New Ideas Psychol
Generic metrics and quantitative approaches for system resilience as a function of time
Reliab Eng Syst Saf
Vulnerability assessment and mitigation for the Chinese railway system under floods
Reliab Eng Syst Saf
Enhancing metro network resilience via localized integration with bus services
Transp Res Part E: Logist Transp Rev
An approach for modelling interdependent infrastructures in the context of vulnerability analysis
Reliab Eng Syst Saf
Application of dynamic Bayesian network to risk analysis of domino effects in chemical infrastructures
Reliab Eng Syst Saf
Using graph theory to analyze the vulnerability of process plants in the context of cascading effects
Reliab Eng Syst Saf
Critical infrastructures at risk: a need for a new conceptual approach and extended analytical tools
Reliab Eng Syst Saf
A new accident model for engineering safer systems
Saf Sci
Three explanatory instruments in biology
Commun Integr Biol
Evaluation of resilience of interconnected systems based on stability analysis
Comparing topological and reliability-based vulnerability analysis of Iran power transmission network
Proc Inst Mech Eng Part O-J Risk Reliab
Resilience to contagion in financial networks
Math Financ
A screening methodology for the identification and ranking of infrastructure vulnerabilities due to terrorism
Risk Anal
Formulation of resilience index of urban infrastructure using belief functions
Syst J, IEEE
On some recent definitions and analysis frameworks for risk, vulnerability, and resilience response
Risk Anal
Initial review of methods for cascading failure analysis in electric power transmission systems IEEE PES CAMS task force on understanding, prediction, mitigation and restoration of cascading failures
Power Energy Soc General Meet - Convers Deliv Electr Energy 21st Century, 2008 IEEE
Inherent costs and interdependent impacts of infrastructure network resilience
Risk Anal
Spatial networks
Phys Rep
Conceptualistic pragmatism: a framework for Bayesian analysis?
IIE Trans
Localized attacks on spatially embedded networks with dependencies
Sci Rep
Infrastructure interdependency analysis: introductory research review
What predicts psychological resilience after disaster? The role of demographics, resources, and life stress
J Consult Clin Psychol
The vulnerability of interdependent critical infrastructures systems: epistemological and conceptual state-of-the-art
Assessing infrastructure interdependencies: the challenge of risk analysis for complex adaptive systems
Int J Crit Infrastruct
A framework to quantitatively assess and enhance the seismic resilience of communities
Earthq Spectra
Using formal MS/OR modeling to support disaster recovery planning
Eur J Oper Res
Homeland Secur Pres Dir-3 (HSPD-3)
Homeland Secur Pres Dir-7 (HSPD-7)
Efficient response to cascading disaster spreading
Phys Rev E
Post-earthquake restoration planning for Los Angeles electric power
Earthq Spectra
From metaphor to measurement: resilience of what to what?
Ecosystems
Evidence for self-organized criticality in a time series of electric power system blackouts
Circuits Syst I: Regul Pap, IEEE Trans
Inter-dependency assessment in the ICT-PS network: the MIA project results
Sequencing lifeline repairs after an earthquake: an economic approach
Journal Regul Econ
Cited by (312)
Identifying critical weak points of power-gas integrated energy system based on complex network theory
2024, Reliability Engineering and System SafetyAccident spread and risk propagation mechanism in complex industrial system network
2024, Reliability Engineering and System SafetyMachine learning applications in the resilience of interdependent critical infrastructure systems—A systematic literature review
2024, International Journal of Critical Infrastructure ProtectionSimulation-based dynamic risk analysis of urban buried gas pipeline network
2023, Journal of Loss Prevention in the Process Industries