Assessing the criticality of interdependent power and gas systems using complex networks and load flow techniques

Gas and electricity transmission systems are increasingly interconnected, and an attack on certain assets can cause serious energy supply disruptions, as stated in recommendation (EU) 2019/553 on cybersecurity in the energy sector, recently approved by the European Commission. This study aims to assess the vulnerability of coupled natural gas and electricity infrastructures and proposes a method based on graph theory that incorporates the effects of interdependencies between networks. This study is built in a joint framework, where two different attack strategies are applied to the integrated systems: (1) disruptions to facilities with most links and (2) disruptions to the most important facilities in terms of flow. The vulnerability is measured after each network attack by quantifying the unmet load (UL) through a power flow analysis and calculating the topological damage of the systems with the geodesic vulnerability (v) index. The proposed simulation framework is applied to a case study that consists of the IEEE 118-bus test system and a 25-node high-pressure natural gas network, where both are coupled through seven gas-fired power plants (GFPPs) and three electric compressors (ECs). The methodology is useful for estimating vulnerability in both systems in a coupled manner, studying the propagation of interdependencies in the two networks and showing the applicability of the v index as a substitute for the UL index

A Spatial Risk Analysis of Oil Refineries within the United States

A risk analysis methodology is necessary to manage the potential effects of oil refinery outages to the increasingly connected, interdependent critical infrastructure of the United States. Following the terrorist attacks of 9/11, the lack of a critical infrastructure risk mitigation strategy was identified as an area for improvement. In both the 9/11 attacks and Hurricane Katrina, cascading failures occurred due to the interdependencies among infrastructures and their spatial relationships. Furthermore, the U.S. military is dependent on oil refining capability and a major shortage could potentially have devastating effects on mission accomplishment. As a result, a need has emerged to better quantify the risks associated with disasters to critical infrastructure within the United States. Currently, the Department of Homeland Security\u27s risk equation only measures the individual risks associated with the individual parts of an infrastructure system; it does not measure impacts to the entire system. The goal of this study is to establish a process and develop techniques to account for risk to both the critical infrastructure system and the critical components of the system. The study proposes a modified risk equation that incorporates the traditional elements of individual risk and the system elements of risk. The modified equation proposes two additional variables: Spatial Relationship and Coupling Effect. Three scholarly articles are presented to describe the development of these variables and to compare the traditional and modified risk equations. The modified equation has three benefits: the system effects are incorporated into the current equation, the equation provides more fidelity and minimizes additional data, and the additional data is easily executed

Infastructure Interdependencies Modeling and Analysis - A Review and Synthesis

The events of 9/11 and the occurrence of major natural disasters in recent years has resulted in increased awareness and renewed desire to protect critical infrastructure that are the pillars to maintaining what has become normal life in our economy. The problem has been compounded because the increased connectedness between the various sectors of the economy has resulted in interdependencies that allow for problems and issues with one infrastructure to affect other infrastructures. This area is now being investigated extensively after the Department of Homeland Security (DHS) prioritized this issue. There is now a vast extant of literature in the area of infrastructure interdependencies and the modeling of it. This paper presents a synthesis and survey of the literature in the area of infrastructure interdependency modeling methods and proposes a framework for classification of these studies. The framework classifies infrastructure interdependency modeling and analysis methods into four quadrants in terms of system complexities and risks. The directions of future research are also discussed in this paper

A survey on multilayer networks modelled to assess robustness in infrastructure systems

The development of modern societies places particular demands on the consistent performance of infrastructure systems. Because multilayer network models are capable of representing the interdependencies between infrastructure components, they have been widely used to analyse the robustness of infrastructure systems. This present study is a systematic review of literature, published since 2010. It aims to investigate how multilayer network models have been used in analysing the robustness of infrastructure systems. According to findings, percolation theory was the most popular method used in about 57% of papers. Regarding the properties, coupling strength and node degree were the most common while directed links and feedback conditions were the least common. The following gaps were identified which provide opportunities for further research. These include the absence of models based on real-world data and the need for models that make fewer simplifying assumptions about complex systems. No papers considered all potential properties, and their effect on boosting or weakening each other’s effect. By considering all properties, the importance of different properties on the robustness of infrastructure systems can be quantified and compared in future studies

An Analysis of Multiple Layered Networks

Current infrastructure network models of single functionality do not typically account for the interdependent nature of infrastructure networks. Infrastructure networks are generally modeled individually, as an isolated network or with minimal recognition of interactions. This research develops a methodology to model the individual infrastructure network types while explicitly modeling their interconnected effects. The result is a formulation built with two sets of variables (the original set to model infrastructure characteristics and an additional set representing cuts of interdependent elements). This formulation is decomposed by variable type using Benders Partitioning and solved to optimality using a Benders Partitioning algorithm. Current infrastructure network models of single functionality do not typically account for the interdependent nature of infrastructure networks, Infrastructure networks are generally modeled individually, as an isolated network or with minimal recognition of interactions, This research develops a methodology to model the individual infrastructure network types while explicitly modeling their interconnected effects, The result is a formulation built with two sets of variables (the original set to model infrastructure characteristics and an additional set representing cuts of interdependent elements) This formulation is decomposed by variable type using Benders\u27 Partitioning and solved to optimality using a Benders\u27 Partitioning algorithm

Critical Infrastructure Protection Approaches: Analytical Outlook on Capacity Responsiveness to Dynamic Trends

Overview: Critical infrastructures (CIs) – any asset with a functionality that is critical to normal societal functions, safety, security, economic or social wellbeing of people, and disruption or destruction of which would have a very significant negative societal impact. CIs are clearly central to the normal functioning of a nation’s economy and require to be protected from both intentional and unintentional sabotages. It is important to correctly discern and aptly manage security risks within CI domains. The protection (security) of CIs and their networks can provide clear benefits to owner organizations and nations including: enabling the attainment of a properly functioning social environment and economic market, improving service security, enabling integration to external markets, and enabling service recipients (consumers, clients, and users) to benefit from new and emerging technological developments. To effectively secure CI system, firstly, it is crucial to understand three things - what can happen, how likely it is to happen, and the consequences of such happenings. One way to achieve this is through modelling and simulations of CI attributes, functionalities, operations, and behaviours to support security analysis perspectives, and especially considering the dynamics in trends and technological adoptions. Despite the availability of several security-related CI modelling approaches (tools and techniques), trends such as inter-networking, internet and IoT integrations raise new issues. Part of the issues relate to how to effectively (more precisely and realistically) model the complex behavior of interconnected CIs and their protection as system of systems (SoS). This report attempts to address the broad goal around this issue by reviewing a sample of critical infrastructure protection approaches; comprising tools, techniques, and frameworks (methodologies). The analysis covers contexts relating to the types of critical infrastructures, applicable modelling techniques, risk management scope covered, considerations for resilience, interdependency, and policy and regulations factors. Key Findings: This research presents the following key findings: 1. There is not a single specific Critical Infrastructure Protection (CIP) approach – tool, technique, methodology or framework – that exists or emerges as a ‘fit-for-all’; to allow the modelling and simulation of cyber security risks, resilience, dependency, and impact attributes in all critical infrastructure set-ups. 2. Typically, two or more modelling techniques can be (need to be) merged to cover a broader scope and context of modelling and simulation applications (areas) to achieve desirable highlevel protection and security for critical infrastructures. 3. Empirical-based, network-based, agent-based, and system dynamics-based modelling techniques are more widely used, and all offer gains for their use. 4. The deciding factors for choosing modelling techniques often rest on; complexity of use, popularity of approach, types and objectives of user Organisation and sector. 5. The scope of modelling functions and operations also help to strike the balance between ‘specificity’ and ‘generality’ of modelling technique and approach for the gains of in-depth analysis and wider coverage respectively. 6. Interdependency and resilience modelling and simulations in critical infrastructure operations, as well as associated security and safety risks; are crucial characteristics that need to be considered and explored in revising existing or developing new CIP modelling approaches. Recommendations: Key recommendations from this research include: 1. Other critical infrastructure sectors such as emergency services, food & agriculture, and dams; need to draw lessons from the energy and transportation sectors for the successive benefits of: i. Amplifying the drive and efforts towards evaluating and understanding security risks to their infrastructure and operations. ii. Support better understanding of any associated dependencies and cascading impacts. iii. Learning how to establish effective security and resilience. iv. Support the decision-making process linked with measuring the effectiveness of preparedness activities and investments. v. Improve the behavioural security-related responses of CI to disturbances or disruptions. 2. Security-related critical infrastructure modelling approaches should be developed or revised to include wider scopes of security risk management – from identification to effectiveness evaluations, to support: i. Appropriate alignment and responsiveness to the dynamic trends introduced by new technologies such as IoT and IIoT. ii. Dynamic security risk management – especially the assessment section needs to be more dynamic than static, to address the recurrent and impactful risks that emerge in critical infrastructures