DeepPR: Progressive Recovery for Interdependent VNFs with Deep Reinforcement Learning

The increasing reliance upon cloud services entails more flexible networks that are realized by virtualized network equipment and functions. When such advanced network systems face a massive failure by natural disasters or attacks, the recovery of the entire system may be conducted in a progressive way due to limited repair resources. The prioritization of network equipment in the recovery phase influences the interim computation and communication capability of systems, since the systems are operated under partial functionality. Hence, finding the best recovery order is a critical problem, which is further complicated by virtualization due to dependency among network nodes and layers. This paper deals with a progressive recovery problem under limited resources in networks with VNFs, where some dependent network layers exist. We prove the NP-hardness of the progressive recovery problem and approach the optimum solution by introducing DeepPR, a progressive recovery technique based on Deep Reinforcement Learning (Deep RL). Our simulation results indicate that DeepPR can achieve the near-optimal solutions in certain networks and is more robust to adversarial failures, compared to a baseline heuristic algorithm.Comment: Technical Report, 12 page

Network Interdependency Modeling for Risk Assessment on Built Infrastructure Systems

As modern infrastructures become more interconnected, the decision-making process becomes more difficult because of the increased complexity resulting from infrastructure interdependencies. Simulation and network modeling provide a way to understand system behavior as a result of interdependencies. One area within the asset management literature that is not well covered is infrastructure system decay and risks associated with that decay. This research presents an enhanced version of Haimes\u27 input-output inoperability model (IIM) in the analysis of built infrastructure systems. Previous applications of the IIM characterized infrastructure at the national level utilizing large economic databases. This study develops a three-phased approach that takes component level data stored within geographic information systems (GIS) to provide a metric for network interdependency across a municipal level infrastructure. A multi-layered approach is proposed which leverages the layered data structure of GIS. Furthermore, Monte Carlo simulation using stochastic decay estimates shows how infrastructure risk as a result of interdependency effects changes over time. Such an analysis provides insight to infrastructure asset managers on the impact of policy and strategy decision-making regarding the maintenance and management of their infrastructure systems

Integrated platform to assess seismic resilience at the community level

Due to the increasing frequency of disastrous events, the challenge of creating large-scale simulation models has become of major significance. Indeed, several simulation strategies and methodologies have been recently developed to explore the response of communities to natural disasters. Such models can support decision-makers during emergency operations allowing to create a global view of the emergency identifying consequences. An integrated platform that implements a community hybrid model with real-time simulation capabilities is presented in this paper. The platform's goal is to assess seismic resilience and vulnerability of critical infrastructures (e.g., built environment, power grid, socio-technical network) at the urban level, taking into account their interdependencies. Finally, different seismic scenarios have been applied to a large-scale virtual city model. The platform proved to be effective to analyze the emergency and could be used to implement countermeasures that improve community response and overall resilience

Critical Infrastructure Protection Approaches: Analytical Outlook on Capacity Responsiveness to Dynamic Trends

Overview: Critical infrastructures (CIs) – any asset with a functionality that is critical to normal societal functions, safety, security, economic or social wellbeing of people, and disruption or destruction of which would have a very significant negative societal impact. CIs are clearly central to the normal functioning of a nation’s economy and require to be protected from both intentional and unintentional sabotages. It is important to correctly discern and aptly manage security risks within CI domains. The protection (security) of CIs and their networks can provide clear benefits to owner organizations and nations including: enabling the attainment of a properly functioning social environment and economic market, improving service security, enabling integration to external markets, and enabling service recipients (consumers, clients, and users) to benefit from new and emerging technological developments. To effectively secure CI system, firstly, it is crucial to understand three things - what can happen, how likely it is to happen, and the consequences of such happenings. One way to achieve this is through modelling and simulations of CI attributes, functionalities, operations, and behaviours to support security analysis perspectives, and especially considering the dynamics in trends and technological adoptions. Despite the availability of several security-related CI modelling approaches (tools and techniques), trends such as inter-networking, internet and IoT integrations raise new issues. Part of the issues relate to how to effectively (more precisely and realistically) model the complex behavior of interconnected CIs and their protection as system of systems (SoS). This report attempts to address the broad goal around this issue by reviewing a sample of critical infrastructure protection approaches; comprising tools, techniques, and frameworks (methodologies). The analysis covers contexts relating to the types of critical infrastructures, applicable modelling techniques, risk management scope covered, considerations for resilience, interdependency, and policy and regulations factors. Key Findings: This research presents the following key findings: 1. There is not a single specific Critical Infrastructure Protection (CIP) approach – tool, technique, methodology or framework – that exists or emerges as a ‘fit-for-all’; to allow the modelling and simulation of cyber security risks, resilience, dependency, and impact attributes in all critical infrastructure set-ups. 2. Typically, two or more modelling techniques can be (need to be) merged to cover a broader scope and context of modelling and simulation applications (areas) to achieve desirable highlevel protection and security for critical infrastructures. 3. Empirical-based, network-based, agent-based, and system dynamics-based modelling techniques are more widely used, and all offer gains for their use. 4. The deciding factors for choosing modelling techniques often rest on; complexity of use, popularity of approach, types and objectives of user Organisation and sector. 5. The scope of modelling functions and operations also help to strike the balance between ‘specificity’ and ‘generality’ of modelling technique and approach for the gains of in-depth analysis and wider coverage respectively. 6. Interdependency and resilience modelling and simulations in critical infrastructure operations, as well as associated security and safety risks; are crucial characteristics that need to be considered and explored in revising existing or developing new CIP modelling approaches. Recommendations: Key recommendations from this research include: 1. Other critical infrastructure sectors such as emergency services, food & agriculture, and dams; need to draw lessons from the energy and transportation sectors for the successive benefits of: i. Amplifying the drive and efforts towards evaluating and understanding security risks to their infrastructure and operations. ii. Support better understanding of any associated dependencies and cascading impacts. iii. Learning how to establish effective security and resilience. iv. Support the decision-making process linked with measuring the effectiveness of preparedness activities and investments. v. Improve the behavioural security-related responses of CI to disturbances or disruptions. 2. Security-related critical infrastructure modelling approaches should be developed or revised to include wider scopes of security risk management – from identification to effectiveness evaluations, to support: i. Appropriate alignment and responsiveness to the dynamic trends introduced by new technologies such as IoT and IIoT. ii. Dynamic security risk management – especially the assessment section needs to be more dynamic than static, to address the recurrent and impactful risks that emerge in critical infrastructures

Development of a decision support system through modelling of critical infrastructure interdependencies : a thesis presented in partial fulfilment of the requirements for the degree of Doctor of Philosophy in Emergency Management at Massey University, Wellington, New Zealand

Critical Infrastructure (CI) networks provide functional services to support the wellbeing of a community. Although it is possible to obtain detailed information about individual CI and their components, the interdependencies between different CI networks are often implicit, hidden or not well understood by experts. In the event of a hazard, failures of one or more CI networks and their components can disrupt the functionality and consequently affect the supply of services. Understanding the extent of disruption and quantification of the resulting consequences is important to assist various stakeholders' decision-making processes to complete their tasks successfully. A comprehensive review of the literature shows that a Decision Support System (DSS) integrated with appropriate modelling and simulation techniques is a useful tool for CI network providers and relevant emergency management personnel to understand the network recovery process of a region following a hazard event. However, the majority of existing DSSs focus on risk assessment or stakeholders' involvement without addressing the overall CI interdependency modelling process. Furthermore, these DSSs are primarily developed for data visualization or CI representation but not specifically to help decision-makers by providing them with a variety of customizable decision options that are practically viable. To address these limitations, a Knowledge-centred Decision Support System (KCDSS) has been developed in this study with the following aims: 1) To develop a computer-based DSS using efficient CI network recovery modelling algorithms, 2) To create a knowledge-base of various recovery options relevant to specific CI damage scenarios so that the decision-makers can test and verify several ‘what-if’ scenarios using a variety of control variables, and 3) To bridge the gap between hazard and socio-economic modelling tools through a multidisciplinary and integrated natural hazard impact assessment. Driven by the design science research strategy, this study proposes an integrated impact assessment framework using an iterative design process as its first research outcome. This framework has been developed as a conceptual artefact using a topology network-based approach by adopting the shortest path tree method. The second research outcome, a computer-based KCDSS, provides a convenient and efficient platform for enhanced decision making through a knowledge-base consisting of real-life recovery strategies. These strategies have been identified from the respective decision-makers of the CI network providers through the Critical Decision Method (CDM), a Cognitive Task Analysis (CTA) method for requirement elicitation. The capabilities of the KCDSS are demonstrated through electricity, potable water, and road networks in the Wellington region of Aotearoa New Zealand. The network performance has been analysed independently and with interdependencies to generate outage of services spatially and temporally. The outcomes of this study provide a range of theoretical and practical contributions. Firstly, the topology network-based analysis of CI interdependencies will allow a group of users to build different models, make and test assumptions, and try out different damage scenarios for CI network components. Secondly, the step-by-step process of knowledge elicitation, knowledge representation and knowledge modelling of CI network recovery tasks will provide a guideline for improved interactions between researchers and decision-makers in this field. Thirdly, the KCDSS can be used to test the variations in outage and restoration time estimates of CI networks due to the potential uncertainty related to the damage modelling of CI network components. The outcomes of this study also have significant practical implications by utilizing the KCDSS as an interface to integrate and add additional capabilities to the hazard and socio-economic modelling tools. Finally, the variety of ‘what-if’ scenarios embedded in the KCDSS would allow the CI network providers to identify vulnerabilities in their networks and to examine various post-disaster recovery options for CI reinstatement projects

Methodologies synthesis

This deliverable deals with the modelling and analysis of interdependencies between critical infrastructures, focussing attention on two interdependent infrastructures studied in the context of CRUTIAL: the electric power infrastructure and the information infrastructures supporting management, control and maintenance functionality. The main objectives are: 1) investigate the main challenges to be addressed for the analysis and modelling of interdependencies, 2) review the modelling methodologies and tools that can be used to address these challenges and support the evaluation of the impact of interdependencies on the dependability and resilience of the service delivered to the users, and 3) present the preliminary directions investigated so far by the CRUTIAL consortium for describing and modelling interdependencies

The International Business Risk of Terrorism: A Pragmatic Framework for Assessing its Impact on the U.S.-Based, Small- to Medium-Sized Enterprise’s Supply Chain Operations

Purpose - Subject paper examines the international business risk of terrorism’s impact on the focal firm’s supply chain operations, as proliferated by the acceleration of globalization, via a fundamental review of pertinent country- and firm-level considerations shaped by global environmental factors. Subsequently, a managerial risk assessment and mitigation planning framework is presented for the supply chain executive’s pragmatic use. Design/methodology/approach – Broad evaluation of contemporary viewpoints precedes a risk assessment and mitigation planning framework from the supply chain executive’s point-of-view. Findings – While observed research found the probability of the risk of terrorism to be low, the severity (impact) of such a risk is quite substantial. By and large, contemporaries suggest a combination of public-private partnerships to proactively lessen its likelihood and the implementation of operational redundancies (assets and infrastructure) to minimize its impact to ongoing business operations. Yet, supply chain executives need a pragmatic framework to adequately assess its individual situation in order to develop an appropriate risk mitigation plan. Originality/value – Provides an essential supplementary framework for inclusion in a firm’s broad supply chain risk assessment and management strategy. Although the paper is focused on the U.S., it has global implications. Series Virtual Image Empt