Abstract
Globalization, Digitalization, Forth industry revolution (interconnected cyber-physical systems), Internet of ‘Everything’ all require new method, concepts, and solutions to document, understand, analyze, operate, control, and transform critical infrastructure as a whole or in parts. It is not new that critical infrastructures are highly interconnected and collaborative and therefore susceptible to domino effects supported by their systemic dependencies. Yet, it is still often a surprise when something does not work. The reason for this is deeply embedded in the very issue governance: the often-unknown system purpose of parts of a comprehensive system of systems landscape, the dynamic driven by a volatile environment, the ongoing change, cyber events, and the impact of politic or social media. A matter of fact is in-transparency and a missing or not properly maintained dependency does not help to manage a normal as well as a complex situation—a system of system landscape under special circumstances.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
In an economy, there are many ‘System of systems’ including individual enterprise, financial service organization, nuclear plant, public service, political system, and cross-boarder telecommunication provider.
- 2.
Performability, conformability, changeability, and riskability are an evidence, entrepreneurial and economically driven approach (concept and pattern) to document and represent generic required capabilities to manage system of systems traceable and sustainable. Performability focuses on product, market, revenue, cost, profit, and solvability. Conformability covers how all legal requirements, commitments, and liabilities can be met, how promises are managed and agreed contracts and SLAs fulfilled. Changeability manages all change requests, internal and external demands, lifecycle and innovation GAPs, incidents and maintains issues. Riskability is the balance or the intersection between the four topics with a special focus. This capability is difficult to manage, prevent, forecast, and predict because it is fuzzy and often depends on people’s behavior, attitudes, and current circumstances.
- 3.
System resilience governance profile is a comprehensive representation of a specified, validated, and assessed certain amount, part or entire system of systems landscape.
- 4.
The artifact capability in a specific system of system context (e.g., enterprise) collects and covers dependencies, and shows what is used to offer a product (what) at a specific location (where) under the valid regulations (what has to be done). The process indicates how a capability is performed, while the organization (who) performs a capability. The value chain (why) offers the value (asset, product, and service) at a place under local conditions. The application with the applied infrastructure (whereby) supports the capability. The information shows which data is used or required to perform consistently and at high quality, with maturity and trusted capability.
- 5.
Capabilities can be documented and visualized in different ways (e.g., capability risk matrix, capability visualization (i.e., heat map, sensitivity, benchmark, quality–maturity–trust, and time series), and capability control matrix) as a check to ensure that everything running as required.
- 6.
A common known complex situation is 9/11. The terror attack was unknown, unexpected before time of the event. The involved and concerned system of systems where unknown, had a complex governance, information where not available about a certain time and consequences where not all seen and managed over a period of time.
- 7.
Consequences characterized as impact or risk shift are on all systemic-related (dependent) risks. A risk shift on a systemic related risk is visible shift depends on dependency strength, -impact {vector shift} or attribute modification.
- 8.
To differentiate between a ‘normal’ and a ‘complex’ situation, think in terms of ‘time.’ In complex situations, time for actions is short and the rate of change of the environment in which the system is embedded is dynamic. Thus, there is no enough time to collect additional data or to start talking, actions are required.
- 9.
Vulnerability analyses of a living system of systems landscape can be distinguished in bright-field, dark-field or gray-field analyses. In case of all required information to support a comprehensive vulnerability analyses (attributes, function, rules, relations) are available in detail a bright-field analyses can be supported. If Information is only available on meta- or principle level or just structure are known a dark-field analyses can be developed. For all analyses where not enough or only partially information is available a grey-field can be done or is suggested.
References
Dickstein, D. (2008). No excuses: A business process approach to managing operational risk. New York, NY: Wiley.
Meredith, J. R., Mantel, S. J., & Shafer, S. M. (2016). Project panagement, Binder ready version: A managerial approach (9th ed.). Hoboken, N.J.: Wiley.
Rosato, V., Issacharoff, L., Tiriticco, F., Meloni, S., De Porcellinis, S., & Setola, R. (2008). Modelling interdependent infrastructures using interacting dynamical models. International Journal of Critical Infrastructures, 4(1), 63–79.
Smith, M. L., & Erwin, J. (2005). Role and responsibility charting (RACI). Project Management Institute, Inc. Retrieved from https://www.projectmanagement.com/deliverables/234137/RACI-Matrix.
Taleb, N. N. (2010). The black swan: The impact of the highly improbable. New York, NY: Random House Trade Paperbacks Edition.
Vamanu, B. I., Gheorghe, A. V., & Katina, P. F. (2016). Critical infrastructures: Risk and vulnerability assessment in transportation of dangerous goods—Transportation by road and rail (Vol. 31). Cham, Switzerland: Springer International Publishing.
World Economic Forum. (2012). Partnering for Cyber Resilience: Risk and responsibility in a hyperconnected world—Principles and guidelines (No. REF 270912). Geneva, Switzerland: World Economic Forum. Retrieved from http://www3.weforum.org/docs/WEF_IT_PartneringCyberResilience_Guidelines_2012.pdf.
World Economic Forum. (2016). The global risks report 2016, 11th Edition (No. REF 080116). Geneva, Switzerland: World Economic Forum. Retrieved from http://www3.weforum.org/docs/GRR/WEF_GRR16.pdf.
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this chapter
Cite this chapter
Gheorghe, A.V., Vamanu, D.V., Katina, P.F., Pulfer, R. (2018). System Resilience Governance. In: Critical Infrastructures, Key Resources, Key Assets. Topics in Safety, Risk, Reliability and Quality, vol 34. Springer, Cham. https://doi.org/10.1007/978-3-319-69224-1_10
Download citation
DOI: https://doi.org/10.1007/978-3-319-69224-1_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-69223-4
Online ISBN: 978-3-319-69224-1
eBook Packages: EngineeringEngineering (R0)