Security-Informed Safety

Society relies on the safe functioning of computer based networks and systems whether it is in transportation, in energy production, banking or in medical devices. In some sectors, notably high hazard ones, achieving and assuring safety is a relatively mature undertaking - although of course we must not be complacent [20,21]. The advent of cyber issues brings enormous challenges and changes to the traditional engineering tempo and approach. This is exacerbated by the increasing sophistication of attackers, the commoditisation of low-end attacks, the increasing vulnerabilities of digital systems as well as their connectivity - both designed and inadvertent. In our research and practice we have been considering the impact of cyber issues on safety critical and safety related computer systems1. This article shares some of the issues and lessons learned

Creating an Inter-hospital Resilient Network for Pandemic Response Based on Blockchain and Dynamic Digital Twins

This study proposes to develop new knowledge about how to configure digital information for pandemic rapid response, which can use blockchain and digital-driven approaches to facilitate analyses and develop a total solution. Developing and using the rich data implied by dynamic digital twins and blockchain is relevant to manage both patients and medical resources (e.g., doctors/nurses, PPE, beds and ventilators etc.) at the COVID-19 and post COVID period. This paper learns from the experiences of resources deployment/redeployment and pandemic response from UK Hospitals to explore the blockchain solutions for preparing healthcare systems ready for both efficient operation daily and in pandemic thorough (1) information integration of patient (privacy protected) flow and medical resource flow from healthcare and medical records; (2) optimizing the deployment of such resources based on hospitals, regions and local pandemic levels switching from normal to the outbreak. The main idea is to develop the novel framework for creating an inter-hospital resilient network for pandemic response based on blockchain and dynamic digital twin, which will set up innovative ways to best care for patients, protect NHS staff, and support government scientific decisions to beat COVID-19 now and manage the crisis in the future

Methodology of identifying critical objects of infrastructure

This work is aimed at creating of methodology of identifying critical objects of infrastructure. Various infrastructure - a guarantee a successful existence of any state. The main vulnerability of infrastructures - are critical elements within their structure. Failure of critical element leads to a significant drop in efficiency of functioning of infrastructure. Therefore, security of critical infrastructure elements is the basis for the security of infrastructure. Infrastructure have been considered as non-deterministic complex systems that enter interaction with their environment and consist of a large number of objects and relations between them. Methods of system analysis and system engineering were the main instruments of research infrastructures in this paper. The developed methodology involves three major stages: decomposition, analysis and synthesis. All necessary information about the infrastructure will be obtained by performing these stages. Methodology allows us to study any infrastructure from side of its functions and from side of its structure. The result of research of infrastructure by this method should be full infrastructure model that accurately represents structure and functioning of infrastructure. This model is sufficiently complete for using by specialists in the development of recommendations for improvements in the safety of critical objects of infrastructure. The methodology is simple and not labor that allows verifying vulnerability of infrastructure in the shortest time

Automated Integration of Infrastructure Component Status for Real-Time Restoration Progress Control: Case Study of Highway System in Hurricane Harvey

Following extreme events, efficient restoration of infrastructure systems is critical to sustaining community lifelines. During the process, effective monitoring and control of the infrastructure restoration progress is critical. This research proposes a systematic approach that automatically integrates component-level restoration status to achieve real-time forecasting of overall infrastructure restoration progress. In this research, the approach is mainly designed for transportation infrastructure restoration following Hurricane Harvey. In detail, the component-level restoration status is linked to the restoration progress forecasting through network modeling and earned value method. Once the new component restoration status is collected, the information is automatically integrated to update the overall restoration progress forecasting. Academically, an approach is proposed to automatically transform the component-level restoration information to overall restoration progress. In practice, the approach expects to ease the communication and coordination efforts between emergency managers, thereby facilitating timely identification and resolution of issues for rapid infrastructure restoration

AI GOVERNANCE: ARE CHIEF AI OFFICERS AND AI RISK OFFICERS NEEDED?

While AI provides many business opportunities across industries, the organizational implications of AI are still largely unclear. We investigate governance roles related to AI use in practice, and undertake first steps to define the role profiles of a Chief AI Officer (CAIO) and an AI Risk Officer (AIRO). We base our inquiry on two sources: a literature review and evaluative interviews with nine AI professionals from small- and medium-sized companies. We find that, whereas the roles and activities associated with the CAIO and AIRO are commonly deemed relevant for such companies in the long run, today only a few companies have implemented them. Especially the creation of the CAIO position seems justified, due to the complexity of AI and the need for extensive interaction and coordination related to AI governance

Economic Risk Potential of Infrastructure Failure Considering In-Land Waterways

Purpose—Unreliable transport infrastructure can cause negative externalities for industries. In this article, we analyze how the private sector is affected by infrastructure failure of public transport infrastructure, using waterways as an example. Methodology—To investigate the affectedness of riparian industries, we chose two complementary parallel approaches: A proximity analysis via GIS, and a concluding survey among the identified waterway-dependent industries. An exemplary application is validated by stakeholders. Findings—We identify a predominance of location preferences in dependence on waterways for mining, chemical, and metal industries. Their risk tolerance exhibits potentially severe impacts on industries if reliable transport cannot be ensured via waterways, as our paper provides essential insights into the relationship between infrastructure failure and company decisions. Most importantly, we reveal that a lack of alternatives due to missing capacities of other transport modes causes realistic threats to business locations. Practical implications—include that a regional focus is crucial for the empirical risk assessment of transport infrastructure. Hence, the data collection should relate to the regional focus groups, particularly the directly affected industries. In addition, infrastructure maintenance should integrate a risk focus and consider the short and long-run impacts on industries

Preliminary Interdependency Analysis: An Approach to Support Critical Infrastructure Risk Assessment

We present a methodology, Preliminary Interdependency Analysis (PIA), for analysing interdependencies between critical infrastructure (CI). Consisting of two phases – qualitative analysis followed by quantitative analysis – an application of PIA progresses from a relatively quick elicitation of CI-interdependencies to the building of representative CI models, and the subsequent estimation of any resilience, risk or criticality measures an assessor might be interested in. By design, stages in the methodology are both flexible and iterative, resulting in interacting CI models that are scalable and may vary significantly in complexity and fidelity, depending on the needs and requirements of an assessor. For model parameterisation, one relies on a combination of field data, sensitivity analysis and expert judgement. Facilitated by dedicated software tool support, we illustrate PIA by applying it to a complex case-study of interacting Power (distribution and transmission) and Telecommunications networks in the Rome area. A number of studies are carried out, including: 1) an investigation of how “strength of dependence” between the CIs’ components affects various measures of risk and uncertainty, 2) for resource allocation, an exploration of different, but related, notions of CI component importance, and 3) highlighting the impact of model fidelity on the estimated risk of cascades