risk assessment methodologies for critical infrastructures · 1. asset characterisation 2. threat...
TRANSCRIPT
The European Commission’sscience and knowledge service
Joint Research Centre
Marianthi [email protected]
Risk Assessment Methodologies for Critical Infrastructures
• Directorate E: Space, Security and Migration• Technology innovation in Security
The Joint Research Centre at a glance
3000 staffAlmost 75% are scientists and researchers.Headquarters in Brussels and research facilitieslocated in 5 Member States.
Risk
• effect of uncertainty on objectives (ISO 31000)
• often expressed in terms of a combination of: • consequences of an event• associated likelihood of occurrence
Likelihood Consequences
Critical Infrastructure Risk Management at EU level
•National assets•European CI
•Dependencies!
CI Identification
•Organizational level
•Sector level•National level•European level
Risk Assessment (all hazards) •Measures of
protection•Measures of Resilience
Risk Treatment
In the world …
5
World Economic ForumGlobal Risks 2016
11th Edition
NRA guidelines (DG-ECHO)
• Based on ISO31000
Top Hazards in EU
2016 update: Several countries include scenarios on loss of CI, including power outage.
Natural Hazards
• Floods• Severe weather• Wild/Forest fires• Earthquakes• Pandemics/epidemics• Livestock epidemics
Man-made Hazards (Non Malicious)
•Industrial accidents•Nuclear/radiological accidents
•Transport accidents•Loss of critical infrastructure
Man-made Hazards (Malicious)
• Cyber attacks• Terrorist attacks
COMMISSION STAFF WORKING DOCUMENT, Overview of natural and man-made disaster risks in the EU, SWD(2014) 134 final, Brussels, 8.4.2014
Examples of CI-related risks
Country Risk Level Term used
CZ High Critical infrastructure disruption
DE - Outage of critical infrastructure
IE High Loss Critical Infrastructure
PL Medium Disruption of electricity supplies, of fuel supplies, of natural gas supplies
SE Very High Disruption in food supply die to fuel shortages
UK High Attacks on Infrastructure
NL
Very High IP Network failure/ Malicious prolonged electricity failure
High National power failure/ malicious power supply failure
Medium Malicious gas supply failure
Cascading or correlating hazardsHazard Cascade or correlated hazard Country
Severe weather phenomena
Flood DK, NO, RO, HU
Landslides ITForest Fires HU, IE, LT
Pollution, CI loss, Transport accidents DK, LT, SE, NO
EarthquakesLandslides HU, ITTsunamis EL
Landslides, Earthquakes or Volcanos Transport Accidents NO, IT, EL, UK
Nuclear chemical and transport accidents, CI loss
Contamination, Pollution DK, LT, UK, NO
Terrorist & Cyber attacks NO, UK
CI lossFlood, Pollution, CI loss or UK, IE
Pandemics DKPollution Pandemics EE, SE
Likelihood
• Semi-quantitative scales:o ‘very low/very rare (1)’ to ‘very high/very likely (5)’o frequency of one or more incidents in various time scaleso probability of occurrence within 1 yearo motive for intentional events: is a threat perceived as likely
or not?
• Refers to the initial probability of a risk scenario to occur.
• Likelihood that the event will cause damage (a) to specific CI or (b) to dependent CIs is not usually assessed.
Impact
• Quantitative (in no. of affected people)• e.g. number of deaths, number of severely injured or ill people,
number of permanently displaced people
Human impacts
• Quantitative (Sum of the costs in Euros)• e.g. costs of cure or healthcare, immediate or longer-term
emergency measures, restoration, environmental costs, costs of disruption of economic activity, value of insurance pay-outs, indirect costs on the economy, indirect social costs, etc.
Economic and Environmental impacts
• Semi-quantitative (limited/insignificant, minor/substantial, moderate/serious, significant/very serious, catastrophic/disastrous)
• e.g. public outrage and anxiety, encroachment of the territory, infringement of the international position, violation of the democratic system, social psychological impact, impact on public order and safety, political implications, psychological implications, and damage to cultural assets, etc.
Political/social consequences
Complexity of CI Risk Assessment
Risk assessment methodologies for critical infrastructure protection. Part II: A new approach, Marianthi Theocharidou, Georgios Giannopoulos, EUR 27332 EN, 2015
A holistic approach for RA including CIs
Operators
Operators, Public A
uthorities
Public Authorities, C
ivil Protection
Current level of maturity
• Asset level RAs: High level of maturity, operators are doing this on a continuous basis*
• System level RAs: Low level of maturity, more effort is needed both at scientific level as well as governance level
• Models for the assessment of cascading effects still need to be developed – data collection methods are also missing
• Society level RAs: In principle does not include CI risks in a systematic way
*Risk Assessment Methodologies for Critical Infrastructure Protection. Part I: A state of the art, EUR 25286
RA vs. Performance-based RAFocus on the
performance of services, not on the
physical damage of assets…
Disruptive Event
Recovery Action
TimeP
erfo
rman
ce
Recovered State
Disrupted State
OriginalState
Cost
Infrastructure 1
Infrastructure …
Infrastructure 2
“Some elements of critical infrastructure are not assets, but are in fact networks or supply chains”(Australia’s Critical Infrastructure Resilience Strategy, 2010)
Risk (& Resilience) AssessmentMethodologies for Critical Infrastructures
16
Common steps
Risk Scenario Identification
Threat and Hazard
AssessmentVulnerability Assessment
Consequence Assessment
Critical Infrastructure Risk Management Framework
Better Infrastructure Risk and Resilience • Argonne National
Laboratory
• 18 sectors
• Vulnerability Index
• Protective Measures
Index
• Resilience Index
• Relies on operators for
the asset assessment
CA
RV
ER2
20
CIP Decision Support System
• High level systems of infrastructures
• 1-st order of dependencies
• Common metrics for impact
• Alternative risk mitigation options
CIPMA (Australia)
RAMCAP-Plus
1. Asset characterisation
2. Threat characterisation
3. Consequence analysis
4. Vulnerability analysis
5. Threat assessment
6. Risk and Resilience assessment
7. Risk and Resilience Management
• Most critical assets in a facility• Higher level analysis• Cross-Sectoral risk
comparison• Resilience is central
SRA tool
Summary
• Large set of methods and tools
• Cover various stages of the risk management process and various needs
• Resilience is not included in several tools explicitly
• Data input is a challenge
• For consequence analysis: Aggregated impact or Scoring
Operator level Sector level
National level
Cross-border level
Organisations exist within a community/system
Resilience is needed at all levels of this system
CIPedia©A multi-disciplinary glossary
www.cipedia.eu
•EU Science Hub: ec.europa.eu/jrc
•Twitter: @EU_ScienceHub
•Facebook: EU Science Hub - Joint Research Centre
•LinkedIn: Joint Research Centre
•YouTube: EU Science Hub
Stay in touch