l17 cs5032 critical infrastructure

Critical infrastructure, 2013 Slide 1

Critical infrastructure


What is infrastructure

• All modern societies and businesses are dependent upon an underlying infrastructure: power, water, waste disposal, the internet, transport networks, financial services, emergency services, hospitals etc.

• This infrastructure is shared by all elements of business and society


Critical systems of systems

• Why is this being covered in a computer science course on critical systems:

– Our infrastructure is controlled and managed by a wide range of interacting, computer-based system

– Businesses and essential services to citizens are completely dependent on our ‘digital infrastructure’

– Therefore, all of the systems involved in infrastructure management are critical systems

• We cannot consider these critical systems in isolation but must also consider their interactions. We are therefore concerned with critical systems of systems


Public infrastructure

• The national infrastructure comprises networks, systems, sites, facilities and businesses that deliver goods and services to citizens, and support our economy, environment and social well-being.

• Includes systems and services such as transport, energy, computing, communications, finance, health care, etc.


Organisational infrastructure

• Supply chain and external information systems on which an organisation depends

• Digital infrastructure within the organisation (servers, networks, etc.)

• Shared business services such as accounting and purchasing


Infrastructure characteristics

Large Scale

• Spread over large geographic areas

• Regional/National/International

– Complex

• Many components

• Many interdependencies (internal and external)

– Reliance on standards

• Heterogeneous parts rely on standards for interoperation

• Standards are not always uniformly applied across an infrastructure

– Long term

• Modern and legacy components

• Emerges and changes over the long term

• We have to live with decisions made a long time ago


Digital infrastructure

• Hardware and software systems and networks on which businesses and society depends

– Fibre communication links

– Mobile phone and data network

– Data centres and servers

– ISPs

• Now, almost universally, other infrastructure components depend on the digital infrastructure to deliver their services


Infrastructure ownership

• Rarely one single owner and authority

• Sub-systems and components are increasingly privatised

– The theory is that privately operated infrastructure will be more efficient

– However it is difficult to optimise an infrastructure when sections of it are run by self interested parties

• Crosses national and international boundaries


Infrastructure funding

• Infrastructure replacement is very expensive

• We (and governments) are often reluctant to pay for infrastructure

• Where monopolies exist they are able to over-charge.

• However, competition where operational costs are low can lead to under-charging (and no re-investment).


Critical infrastructure

• Assets which are part of the national and organisational infrastructure whose availability is essential to the delivery of infrastructure services and whose unavailability has significant human, social and economic consequences.

• Critical infrastructure includes– Structures

– Networks

– Systems

– Organisations


Landline PhonesMobile TelecommunicationsPostal ServicesBroadcast CommunicationsAmbulance

Fire and RescueMarinePolice

Health and Social Care

Communications

Food

Emergency Services

Energy

Finance

Government

Health

Transport

Water

ElectricityGasOilFuel

ProductionProcessingImportDistributionRetail

Payment, Clearing and Settlement SystemsPublic FinancesMarkets and Exchanges

Central GovernmentParliamentDevolved AdministrationsRegional and Local Authorities Maritime

AviationLand (Road and rail)

Potable water supplyDamsWaste Water Services


Critical assets

• Not all components of the national infrastructure are critical

• Does not just depend on the type of facility but also on the number of people affected or other consequences of unavailability

– London Heathrow airport is a critical asset

– Dundee Airport is not a critical asset


Infrastructure dependencies

• Infrastructure elements are often dependent on each other so that failure of one element may be caused by failure of some other element elsewhere

Internet services delivered by an ISP depend on communication services from a telecomms company and power from an electricity company


Understanding dependencies

• Functional: Reliance between components.

• Informational: Data flow from one node aides decision making elsewhere.

• Shared Control: Control is from the same system/location

• Geospatial: Physical proximity

• Purpose: A shared function or purpose

• Policy/procedural: A change in policy or procedure at one place may have effects elsewhere.

• Societal Interdependency: Changes to one component may have societal effects which lead to changes to others


Cascade failure

• A failure in one area cascades to another infrastructure sector, causing failures and disruption, sometimes in quite unrelated areas

• Failure of flood defences results in an electricity sub-station being flooded

• Leads to a loss of power in the local area

• An ISP in that area goes offline, leading to a loss of internet service to customers who may be anywhere in the country.


Mutual dependencies

• Mutual dependencies cause major problems in the event of failure

• Example– Communications

systems depend on power

– Power recovery depends on communications

– Power failure that leads to loss of comms is difficult to recover from


Single point of failure

• Several services share some facility so that failure at that facility leads to a loss of all of these services.

• Examples– Power and

communication cables in the same duct

– Transport, communication, power use the same bridge to cross a river

http://www.flickr.com/photos/brizo_the_scot/3736542522/


Protecting and assuring infrastructure

A difficult problem

– Infrastructure is rarely under individual control

– Infrastructure is large scale

• Assurance takes place through governance processes and risk management

– Identify key components

– Identify vulnerabilities

– Identify threats

– Construct risk models

– Assess possible outcomes from loss

– Make/request/lobby for necessary improvements

– Make contingency plans


Infrastructure threats


Vulnerabilities

• Lack of knowledge of infrastructure state and dependencies

• Old, insecure systems used for infrastructure control

• Capacity planning based on outdated assumptions

• Geographically distributed infrastructure cannot be physically secured

• Lack of coordinated infrastructure management

• Physical location of some facilities (flood plain)


Infrastructure resilience


Resistance

• Provide protection against anticipated events or attacks

• Based on previous experience and assumptions

• Changing world or external circumstances may mean that assumptions are invalid


Reliability

• Infrastructure components should be designed to operate under a range of (anticipated) conditions not just ‘normal’ operating conditions

• Components, as far as possible, should be designed for ‘soft’, incremental rather than catastrophic failure


Redundancy

• The network or system as a whole should be designed so that there are backup installations and spare capacity available.

• Computing support should be provided by different providers in different locations


Response and recovery

• Respond to distruptive events quickly, limiting the damage as far as possible and ensuring public safety

• Plan how to restore services as quickly as possible in the event of a loss of capability


Key points

• Infrastructure is critical to business, security, health, society.

• We are increasingly reliant on digital infrastructure.

• Infrastructure is large scale, complex, has modern and legacy components, and many interdependencies.

• Securing infrastructure is a hard problem

• Hard to know what you have

• Hard to assess vulnerabilities

• Difficult to make improvements because infrastructure is rarely under direct control of those it is critical to

l17 cs5032 critical infrastructure

Documents

acritical infrastructure

underlying infrastructure

infrastructure ownership

public infrastructure

societycritical infrastructure

thecritical infrastructure

operated infrastructure

critical infrastructure