Prof. Dr. B. M. Hämmerli, bmhaemmerli@acris.ch

EAPC / PFP Workshop

CIIP: ICT Sectors and Interdependencies

EAPC / PFP Workshop

Zurich, September 23, 2005 Prof. Dr. Bernhard M. Hämmerli Page 2

Some Inputs to stimulate the ICT GroupSector and Interdependency Discussion

Content

From Monopoly to Free Market

Economy of Scale and Decentralization / Centralization

Interconnection of Services and Interdependencies

Domino effect

Example Family Home

Our Task today

Conclusion

EAPC / PFP Workshop

Zurich, September 23, 2005 Prof. Dr. Bernhard M. Hämmerli Page 3

Introduction

Definition Criticality of Services:Services, organizations and institutions, which are(absolutely) essential to the public community such that failure or disruption of whichwill result in long-lasting supply bottlenecks and/or other dramatic consequences for substantial elements of the community are considered as critical

A Sector consists of one or Multiple Services

Later: Definition Vulnerability of Systems / Threat / Asymmetric Threat /Domino or Cascading Effects / Interdependencies

EAPC / PFP Workshop

Zurich, September 23, 2005 Prof. Dr. Bernhard M. Hämmerli Page 4

Situation Analysis and Needs Service Supply of Nations: From Monopoly to Free MarketFrom Monopoly to Free Market

SecurityTask

Security ?

TaskTask

TaskTask

TaskTask

TaskTask

Task

For each Nation

Free Market introduced:• Competition (lowest rate possible)• Many service provider with corporate security• Delegation of the supply task• Overall guarantee of supply and its securing measures skipped• Structure is still centralized, (partly with common nodes and/or Infrastructure (Telco)

CIP is the answer to secure the old fashioned “public service” for (inter) & national purpose

EAPC / PFP Workshop

Zurich, September 23, 2005 Prof. Dr. Bernhard M. Hämmerli Page 5

Situation Analysis and Needs I Why we have this challenge by now?Efficiency vs. Robustness: Processes, Infrastructure Services

Efficiency

today 1980 20XX

Robustness

EAPC / PFP Workshop

Zurich, September 23, 2005 Prof. Dr. Bernhard M. Hämmerli Page 6

Situation Analysis and Needs Economy of Scale / Decentralization 1

Economy of Scale

Production cost in regular situations are often lower with a centralized approach

Security measures are applied, but central vulnerabilities remain

Decentralization as a mean to make infrastructure robust

Management Center

Logical channel for management information

EAPC / PFP Workshop

Zurich, September 23, 2005 Prof. Dr. Bernhard M. Hämmerli Page 7

GeneratorSubstation

Overloaded/CongestedTransmission Lines

DistributionSubstation

Nat. Gas ?%

Hydro ?%

Coal ?%

Petroleum ?%

Nuclear ?%

Industrial

Commercial

Residential

This and the next slides are from Prof. Dr. Saifur Rahman, Director Alexandria Research Institute, VA-Tech USA

Conventional Central Station Based Power Systempartly with Decentralized Generation

EAPC / PFP Workshop

Zurich, September 23, 2005 Prof. Dr. Bernhard M. Hämmerli Page 8

Situation Analysis and Needs Economy of Scale / Decentralization 3 Distributed Generation Technologies

Solar Cells Wind Turbines

Gas Turbines Reciprocating Engines

EAPC / PFP Workshop

Zurich, September 23, 2005 Prof. Dr. Bernhard M. Hämmerli Page 9

Complex: A depends on B, B on C, …, and Y on A and B

A B

M

A

B

C

YN

X

O…

A B

A Bor

Dependency and Interdependency

By Suanne Jantsch

A depends on B

Interdependent or mutual dependent

EAPC / PFP Workshop

Zurich, September 23, 2005 Prof. Dr. Bernhard M. Hämmerli Page 10

Infrastructure Sectors and its Interconnection

EAPC / PFP Workshop

Zurich, September 23, 2005 Prof. Dr. Bernhard M. Hämmerli Page 11

Situation Analysis and Needs: Interconnected CIP

IABG Schmitz (2002)

Kno

wle

dge

Man

agem

ent

Cos

t Ben

efit

Ana

lysi

sC

o-op

erat

ion

& D

ecis

ion

Sup

port

Vul

nera

bili

ty A

naly

sis

Ris

k A

naly

sis

/ Saf

ety

Man

agem

ent

Pol

icie

s / S

trat

egie

sAnalysis CIS Hierarchy Methods

Tec

hnic

al C

ompo

nent

s

Indi

vidu

al S

yste

ms

Sys

tem

Int

erde

pend

enci

es

Sys

tem

of

Sys

tem

s

Compound of Critical Infrastructures

GovernmentEconomySociety

Computer Nav. System Power Lines Switches...

Telecommunication Energy Transportation...

System DynamicsEmpirical Modelingetc.

Socio-economic ModelsGamingScenario Techniques

System Simulation Optim. Algorithms Human Behavior Mod.

Technical Simulation

Technical Experimentationetc.

Green: Basic and Essential Services

View from EU Project ACIP

EAPC / PFP Workshop

Zurich, September 23, 2005 Prof. Dr. Bernhard M. Hämmerli Page 12

Pipelines

Oceanshipping

Inlandnavigation

Air transport

Rail transportRoad transport

Publicadministration

Armed forces

Informationprovision

by thegovernement

Diplomacy

Lawenforcement

Admin. ofjustice anddetention

Maintainingpublicsafety

Maintainingpublicorder

Waterquantity

Waterquality

Financialtransferservices

Financialservices &

infrastructure

Healthcare

Food supply& safety

Drinkingwater

supply

Postal andcourier

services

Internetaccess

Broadcastservices

Satellitecommunication

Radiocommunicationand navigation

Mobiletelecom.services

Fixedtelecom.services

Oil

Naturalgas

Electricity

Den Haag

PrivatePublic

and internationally linked: physically, logically and informationally

31 Interconnected Critical Services in the Netherlands

EAPC / PFP Workshop

Zurich, September 23, 2005 Prof. Dr. Bernhard M. Hämmerli Page 13

Sectors according NISCC UK

Finance £

Energy E

Communications C

Emergency Services 9

Food F

Data Communications

Ambulance

Natural Gas

Markets

Distribute

Fixed Voice communications

Fire & Rescue

Petroleum

Retail banking

Mail

Marine

Asset Management

Public Information

Police

Financial Facilities

Produce

Retail

Wireless communications

Electricity

Investment banking

Process

Import

Water W

Government G

Hazards & Public Safety !

Transport T

Health H

Central government

Regional government

Local government

Parliaments & legislatures

Justice

National Security

CBRN

Crowds & mass events

Environmental

Air

Marine

Road

Rail

Mains water

Sewage

Health Care

Public Health

EAPC / PFP Workshop

Zurich, September 23, 2005 Prof. Dr. Bernhard M. Hämmerli Page 14

Situation Analysis and Needs New Threats : Interdependencies are structured!

The nature of systems implies, that not all dependencies are as important. Basically has energy first priority, followedby telecommunication.

Physical Thread

Electricity

Communication

Operating System / Middleware

Finance Applications

Applications

Transport / Traffic / Postal ServicesRescue / Health Care DisposalGovernment and AdministrationGas / Oil supplyWatera. s. o.

View ofInfoSuranceSwitzerland

EAPC / PFP Workshop

Zurich, September 23, 2005 Prof. Dr. Bernhard M. Hämmerli Page 15

Interfaces and Independencies

Clearingof Risks

Telecomm

unication

Financ

e

Energy

Applic

a-

tion

Secto

rs

Transp

ort

Rescu

e

Adminis

tratio

n

++++

Round Tabel Generic Risks, InfoSurance Spring 2003

2 Types of Risks:

-Core Risks

-Application Risks

Idea: Share Risks identified in other sectors to speed up the risk analysis process

Common Risk or dependability? !

Trends and Good Practice in Getting Started (Example CH) IVInfoSurance Example: Common Generic Risks in CI(I)P

EAPC / PFP Workshop

Zurich, September 23, 2005 Prof. Dr. Bernhard M. Hämmerli Page 16

Domino Effects

EAPC / PFP Workshop

Zurich, September 23, 2005 Prof. Dr. Bernhard M. Hämmerli Page 17

Dependencies from Energy SectorExample: Family Home

No Electrical Energy:

Food: Cooking: Gas or Electricity Deep Freezer: 10 Hour to warm up!

Light: Candles, Camp Ground Solutions

Telephone: Mobile Wired: Cordless, Simple Phones

Heating Oil (not working because of electrical burning system) Open Fire

Computing / Internet Laptop until end of battery Desk Top

EAPC / PFP Workshop

Zurich, September 23, 2005 Prof. Dr. Bernhard M. Hämmerli Page 18

Emergency Communication

EAPC / PFP Workshop

Zurich, September 23, 2005 Prof. Dr. Bernhard M. Hämmerli Page 19

Our Task

Task I

Your and your Country's‘ understanding of a sector

interdependencies, generally and specifically in your country

Task II: ICT / Communication

What does fail, when ICT does not work? Generally in all country Country specific

EAPC / PFP Workshop

Zurich, September 23, 2005 Prof. Dr. Bernhard M. Hämmerli Page 20

Situation Analysis and NeedsConclusions and Strategies

Architecture: Future Infrastructure Design (New Threats, Free Market) Migration towards future Architecture (decentralization, redundancy and

separation of information and steering- & control layer) Making existing infrastructure resilient (multiple simultaneous

attacks) e.g. through decentralization and segregation (Information and Control Level) Granularity of CIP models (long discussion process of experts needed) Decentralize infrastructure and make critical infrastructure (the sectors and the suppliers within the sectors)

as much as possible independent from each other Avoid centralized and common single point of failure (requires extensive analysis (e.g. telco: common

lines)) Centralize the management platform of decentralized systems to gain as much status knowledge as

possible for taking the best decisions in case of failure. Have several back up of the management centers. Lack of models / contracts with international corporation

(are benefit-oriented, no special loyalty to nations, security is a limited issue) Nations should negotiate and clarify these situations (risk assessment)

“CIP Middleware“ is missing (From Monopoly -> Free Market) Top down: Policy approach is brought in to nations thinking Bottom up: Corporation do an enormous effort in BCP, DRP and IT Security In between is the „CIP Middleware“, Information Sharing Centers (ISAC), topic to be defined

(Automatic mutual support, building CI(I)P Communities)There is a enormous effort in corporate and sector’s CI(I)P today.To integrate this complex infrastructure and its interfaces in a national or transnational CI(I)P plan is one of the most challenging CIP Task

EAPC / PFP Workshop

Zurich, September 23, 2005 Prof. Dr. Bernhard M. Hämmerli Page 21

Questions