Optimization Approaches for Improving Mitigation and Response Operations in Disaster Management

Disasters are calamitous events that severely affect the life conditions of an entire community, being the disasters either nature-based (e.g., earthquake) or man-made (e.g., terroristic attack). Disaster-related issues are usually dealt with according to the Disaster Operations Management (DOM) framework, which is composed of four phases: mitigation and preparedness, which address pre-disaster issues, and response and recovery, which tackle problems arising after the occurrence of a disaster. The ultimate scope of this dissertation is to present novel optimization models and algorithms aimed at improving operations belonging to the mitigation and response phases of the DOM. On the mitigation side, this thesis focuses on the protection of Critical Information Infrastructures (CII), which are commonly deemed to include communication and information networks. The majority of all the other Critical Infrastructures (CI), such as electricity, fuel and water supply as well as transportation systems, are crucially dependent on CII. Therefore, problems associated with CII that disrupt the services they are able to provide (whether to a single end-user or to another CI) are of increasing interest. This dissertation reviews several issues emerging in the Critical Information Infrastructures Protection (CIIP), field such as: how to identify the most critical components of a communication network whose disruption would affect the overall system functioning; how to mitigate the consequences of such calamitous events through protection strategies; and how to design a system which is intrinsically able to hedge against disruptions. To this end, this thesis provides a description of the seminal optimization models that have been developed to address the aforementioned issues in the general field of Critical Infrastructures Protection (CIP). Models are grouped in three categories which address the aforementioned issues: survivability-oriented interdiction, resource allocation strategy, and survivable design models; existing models are reviewed and possible extensions are proposed. In fact, some models have already been developed for CII (i.e., survivability-interdiction and design models), while others have been adapted from the literature on other CI (i.e., resource allocation strategy models). The main gap emerging in the CII field is that CII protection has been quite overlooked which has led to review optimization models that have been developed for the protection of other CI. Hence, this dissertation contributes to the literature in the field by also providing a survey of the multi-level programs that have been developed for protecting supply chains, transportation systems (e.g., railway infrastructures), and utility networks (e.g., power and water supply systems), in order to adapt them for CII protection. Based on the review outcomes, this thesis proposes a novel linear bi-level program for CIIP to mitigate worst-case disruptions through protection investments entailing network design operations, namely the Critical Node Detection Problem with Fortification (CNDPF), which integrates network survivability assessment, resource allocation strategies and design operations. To the best of my knowledge, this is the first bi-level program developed for CIIP. The model is solved through a Super Valid Inequalities (SVI) decomposition approach and a Greedy Constructive and Local Search (GCLS) heuristic. Computational results are reported for real communication networks and for different levels of both disaster magnitude and protection resources. On the response side, this thesis identifies the current challenges in devising realistic and applicable optimization models in the shelter location and evacuation routing context and outlines a roadmap for future research in this topical area. A shelter is a facility where people belonging to a community hit by a disaster are provided with different kinds of services (e.g., medical assistance, food). The role of a shelter is fundamental for two categories of people: those who are unable to make arrangements to other safe places (e.g., family or friends are too far), and those who belong to special-needs populations (e.g., disabled, elderly). People move towards shelter sites, or alternative safe destinations, when they either face or are going to face perilous circumstances. The process of leaving their own houses to seek refuge in safe zones goes under the name of evacuation. Two main types of evacuation can be identified: self-evacuation (or car-based evacuation) where individuals move towards safe sites autonomously, without receiving any kind of assistance from the responder community, and supported evacuation where special-needs populations (e.g., disabled, elderly) require support from emergency services and public authorities to reach some shelter facilities. This dissertation aims at identifying the central issues that should be addressed in a comprehensive shelter location/evacuation routing model. This is achieved by a novel meta-analysis that entail: (1) analysing existing disaster management surveys, (2) reviewing optimization models tackling shelter location and evacuation routing operations, either separately or in an integrated manner, (3) performing a critical analysis of existing papers combining shelter location and evacuation routing, concurrently with the responses of their authors, and (4) comparing the findings of the analysis of the papers with the findings of the existing disaster management surveys. The thesis also provides a discussion on the emergent challenges of shelter location and evacuation routing in optimization such as the need for future optimization models to involve stakeholders, include evacuee as well as system behaviour, be application-oriented rather than theoretical or model-driven, and interdisciplinary and, eventually, outlines a roadmap for future research. Based on the identified challenges, this thesis presents a novel scenario-based mixed-integer program which integrates shelter location, self-evacuation and supported-evacuation decisions, namely the Scenario-Indexed Shelter Location and Evacuation Routing (SISLER) problem. To the best of my knowledges, this is the second model including shelter location, self-evacuation and supported-evacuation however, SISLER deals with them based on the provided meta-analysis. The model is solved through a Branch-and-Cut algorithm of an off-the-shelf software, enriched with valid inequalities adapted from the literature. Computational results are reported for both testbed instances and a realistic case study

A two-fold Perspective on Enterprise Security in the Digital Twin Context

Digital twins represent and can manage an enterprise asset virtually along its lifecycle. The vital technologies the twin relies upon (e.g., Internet of Things) have only recently matured. Since then, literature has taken up on digital twins. The digital twin therefore constitutes a very young concept, where security is currently neglected. This dissertation aims at closing this research gap, and further contributes to the body of knowledge concerning digital twin security. To study digital twin security, a two-fold approach is necessary. On the one hand, digital twins are at risk for being attacked (security for digital twins). However, on the other hand, they can also be leveraged to gain novel security opportunities (digital twins for security). This dissertation lays the general foundations of the digital twin concept in enterprises and studies these two security perspectives hereinafter. It shows that the digital twin’s security can be fostered utilizing the blockchain technology. Furthermore, it proposes digital twins to be of use in corporate security: It is shown that digital twins can collaborate with traditional security tools like Security Information and Event Management (SIEM) systems and organizational structures like the Security Operations Center (SOC). In this regard, the use of digital twins is further proven to be beneficial for digital forensics as well as Cyber Threat Intelligence (CTI)

Secure Information Sharing with Distributed Ledgers

In 2009, blockchain technology was first introduced as the supporting database technology for digital currencies. Since then, more advanced derivations of the technology have been developed under the broader term Distributed Ledgers, with improved scalability and support for general-purpose application logic. As a distributed database, they are able to support interorganizational information sharing while assuring desirable information security attributes like non-repudiation, auditability and transparency. Based on these characteristics, researchers and practitioners alike have begun to identify a plethora of disruptive use cases for Distributed Ledgers in existing application domains. While these use cases are promising significant efficiency improvements and cost reductions, practical adoption has been slow in the past years. This dissertation focuses on improving three aspects contributing to slow adoption. First, it attempts to identify application areas and substantiated use cases where Distributed Ledgers can considerably advance the security of information sharing. Second, it considers the security aspects of the technology itself, identifying threats to practical applications and detection approaches for these threats. And third, it investigates success factors for successful interorganizational collaborations using Distributed Ledgers