Critical Infrastructures Risk Manager – The Basic Requirements Elaboration

Bialas, Andrzej

doi:10.1007/978-3-319-19216-1_2

Critical Infrastructures Risk Manager – The Basic Requirements Elaboration

Andrzej Bialas⁷

Conference paper

1550 Accesses
2 Citations

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 365))

Abstract

The paper concerns the risk assessment and management methodology in critical infrastructures. At the beginning a review is performed of the state of the art, regulations, best practices, EU projects, and other relevant documents. On this basis a set of the most preferable features of a CI risk management tool is identified. These features allow to specify basic requirements for the risk management tool. As the core of the solution is the bow-tie model. A risk register is proposed as an inventory of the hazardous events, along with other data structures for hazards/threats, vulnerabilities, consequences, and barriers. Risk factors and results measures, i.e. likelihood and consequences measures as well as a risk matrix are discussed. Next, a new concept is proposed how to integrate different bow-tie models through internal and external dependencies. These requirements can be implemented on the available software platform for further experiments and validation.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 129.00; Price excludes VAT (USA)

Softcover Book: USD 169.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Council Directive 2008/114/EC on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection (2008)
Google Scholar
Commission Staff Working Document on a new approach to the European Programme for Critical Infrastructure Protection Making European Critical Infrastructures more secure. European Commission. Brussels, SWD, 318 final (August 28, 2013)
Google Scholar
Giannopoulos, G., Filippini, R., Schimmer, M.: Risk assessment methodologies for Critical Infrastructure Protection. Part I: A state of the art. European Union (2012)
Google Scholar
Rinaldi, S.M., Peerenboom, J.P., Kelly, T.K.: Identifying, Understanding and Analyzing Critical Infrastructure Interdependencies. IEEE Control Systems Magazine, 11–25 (2001)
Google Scholar
Hokstad, P., Utne, I.B., Vatn, J. (eds.): Risk and Interdependencies in Critical Infrastructures: A Guideline for Analysis, Reliability Engineering. Springer-Verlag London (2012)
Google Scholar
Rausand, M.: Risk Assessment: Theory, Methods, and Applications. Series: Statistics in Practice (Book 86). Wiley (2011)
Google Scholar
Deliverable D2.1: Common areas of Risk Assessment Methodologies. Euracom (2007)
Google Scholar
ENISA: http://rm-inv.enisa.europa.eu/methods (access date: January 2015)
ISO/IEC 31010:2009 - Risk Management - Risk Assessment Techniques
Google Scholar
Utne, I.B., Hokstad, P., Kjolle, G., Vatn, J., et al.: Risk and vulnerability analysis of critical infrastructures – the DECRIS approach. SAMRISK, Oslo (2008)
Google Scholar
RAMCAP^TM Executive Summary. ASME Innovative Technologies Institute, LLC (2005)
Google Scholar
All-Hazards Risk and Resilience: Prioritizing Critical Infrastructures Using the RAMCAP Plus Approach. ASME Innovative Technologies Institute, LLC (2009)
Google Scholar
EURACOM Deliverable D20: Final Publishable Summary, Version: D20.1 (March 2011), http://cordis.europa.eu/result/rcn/57042_en.html (access date: January 2015)
EN 61025 Fault tree analysis (FTA) (IEC 61025:2006), CENELEC (2007)
Google Scholar
EN 62502 Event tree analysis (ETA) (IEC 62502:2010), CENELEC (2010)
Google Scholar
ValueSec FP7: http://www.valuesec.eu (access date: January 2015)
OSCAD project: http://www.oscad.eu/index.php/en/ (access date: January 2015)
CIRAS project: http://cirasproject.eu/content/project-topic (access date: January 2015)

Download references

Author information

Authors and Affiliations

Institute of Innovative Technologies EMAG, 40-189, Katowice, Leopolda 31, Poland
Andrzej Bialas

Authors

Andrzej Bialas
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Andrzej Bialas .

Editor information

Editors and Affiliations

Department of Computer Engineering, Wrocław University of Technology, Wrocław, Poland
Wojciech Zamojski
Department of Computer Engineering, Wrocław University of Technology, Wrocław, Poland
Jacek Mazurkiewicz
Department of Computer Engineering, Wrocław University of Technology, Wrocław, Poland
Jarosław Sugier
Department of Computer Engineering, Wrocław University of Technology, Wrocław, Poland
Tomasz Walkowiak
Systems Research Institute, Polish Academy of Sciences, Warsaw, Poland
Janusz Kacprzyk

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Bialas, A. (2015). Critical Infrastructures Risk Manager – The Basic Requirements Elaboration. In: Zamojski, W., Mazurkiewicz, J., Sugier, J., Walkowiak, T., Kacprzyk, J. (eds) Theory and Engineering of Complex Systems and Dependability. DepCoS-RELCOMEX 2015. Advances in Intelligent Systems and Computing, vol 365. Springer, Cham. https://doi.org/10.1007/978-3-319-19216-1_2

Download citation

DOI: https://doi.org/10.1007/978-3-319-19216-1_2
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-19215-4
Online ISBN: 978-3-319-19216-1
eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics