A probabilistic approach to the evaluation of seismic resilience in road asset management

Road networks are classified as critical infrastructure systems. Their loss of functionality not only hinders residential and commercial activities, but also compromises evacuation and rescue after disasters. Dealing with risks to key strategic objectives is not new to asset management, and risk management is considered one of the core elements of asset management. Risk analysis has recently focused on understanding and designing strategies for resilience, especially in the case of seismic events that present a significant hazard to highway transportation networks. Following a review of risk and resilience concepts and metrics, an innovative methodology to stochastically assess the economic resources needed to restore damaged infrastructures, one that is a relevant and complementary element within a wider resilience-based framework, is proposed. The original methodology is based on collecting and analyzing ex post reconstruction and hazard data and was calibrated on data measured during the earthquake that struck central Italy in 2016 and collected in the following recovery phase. Although further improvements are needed, the proposed approach can be used effectively by road managers to provide useful information in developing seismic retrofitting plans

A Review of Critical Infrastructure Protection Approaches: Improving Security through Responsiveness to the Dynamic Modelling Landscape

As new technologies such as the Internet of Things (IoT) are integrated into Critical National Infrastructures (CNI), new cybersecurity threats emerge that require specific security solutions. Approaches used for analysis include the modelling and simulation of critical infrastructure systems using attributes, functionalities, operations, and behaviours to support various security analysis viewpoints, recognising and appropriately managing associated security risks. With several critical infrastructure protection approaches available, the question of how to effectively model the complex behaviour of interconnected CNI elements and to configure their protection as a system-of-systems remains a challenge. Using a systematic review approach, existing critical infrastructure protection approaches (tools and techniques) are examined to determine their suitability given trends like IoT, and effective security modelling and analysis issues. It is found that empirical-based, agent-based, system dynamics-based, and network-based modelling are more commonly applied than economic-based and equation-based techniques, and empirical-based modelling is the most widely used. The energy and transportation critical infrastructure sectors reflect the most responsive sectors, and no one Critical Infrastructure Protection (CIP) approach – tool, technique, methodology or framework – provides a ‘fit-for-all’ capacity for all-round attribute modelling and simulation of security risks. Typically, deciding factors for CIP choices to adopt are often dominated by trade-offs between ‘complexity of use’ and ‘popularity of approach’, as well as between ‘specificity’ and ‘generality’ of application in sectors. Improved security modelling is feasible via; appropriate tweaking of CIP approaches to include a wider scope of security risk management, functional responsiveness to interdependency, resilience and policy formulation requirements, and collaborative information sharing between public and private sectors

Report : review of the literature : maintenance and rehabilitation costs for roads (Risk-based Analysis)

Realistic estimates of short- and long-term (strategic) budgets for maintenance and rehabilitation of road assessment management should consider the stochastic characteristics of asset conditions of the road networks so that the overall variability of road asset data conditions is taken into account. The probability theory has been used for assessing life-cycle costs for bridge infrastructures by Kong and Frangopol (2003), Zayed et.al. (2002), Kong and Frangopol (2003), Liu and Frangopol (2004), Noortwijk and Frangopol (2004), Novick (1993). Salem 2003 cited the importance of the collection and analysis of existing data on total costs for all life-cycle phases of existing infrastructure, including bridges, road etc., and the use of realistic methods for calculating the probable useful life of these infrastructures (Salem et. al. 2003). Zayed et. al. (2002) reported conflicting results in life-cycle cost analysis using deterministic and stochastic methods. Frangopol et. al. 2001 suggested that additional research was required to develop better life-cycle models and tools to quantify risks, and benefits associated with infrastructures. It is evident from the review of the literature that there is very limited information on the methodology that uses the stochastic characteristics of asset condition data for assessing budgets/costs for road maintenance and rehabilitation (Abaza 2002, Salem et. al. 2003, Zhao, et. al. 2004). Due to this limited information in the research literature, this report will describe and summarise the methodologies presented by each publication and also suggest a methodology for the current research project funded under the Cooperative Research Centre for Construction Innovation CRC CI project no 2003-029-C

STOP-IT: strategic, tactical, operational protection of water infrastructure against cyberphysical threats

Water supply and sanitation infrastructures are essential for our welfare, but vulnerable to several attack types facilitated by the ever-changing landscapes of the digital world. A cyber-attack on critical infrastructures could for example evolve along these threat vectors: chemical/biological contamination, physical or communications disruption between the network and the supervisory SCADA. Although conceptual and technological solutions to security and resilience are available, further work is required to bring them together in a risk management framework, strengthen the capacities of water utilities to systematically protect their systems, determine gaps in security technologies and improve risk management approaches. In particular, robust adaptable/flexible solutions for prevention, detection and mitigation of consequences in case of failure due to physical and cyber threats, their combination and cascading effects (from attacks to other critical infrastructure, i.e. energy) are still missing. There is (i) an urgent need to efficiently tackle cyber-physical security threats, (ii) an existing risk management gap in utilities’ practices and (iii) an un-tapped technology market potential for strategic, tactical and operational protection solutions for water infrastructure: how the H2020 STOP-IT project aims to bridge these gaps is presented in this paper.Postprint (published version

Dynamic real-time risk analytics of uncontrollable states in complex internet of things systems, cyber risk at the edge

The Internet of Things (IoT) triggers new types of cyber risks. Therefore, the integration of new IoT devices and services requires a self-assessment of IoT cyber security posture. By security posture this article refers to the cybersecurity strength of an organisation to predict, prevent and respond to cyberthreats. At present, there is a gap in the state of the art, because there are no self-assessment methods for quantifying IoT cyber risk posture. To address this gap, an empirical analysis is performed of 12 cyber risk assessment approaches. The results and the main findings from the analysis is presented as the current and a target risk state for IoT systems, followed by conclusions and recommendations on a transformation roadmap, describing how IoT systems can achieve the target state with a new goal-oriented dependency model. By target state, we refer to the cyber security target that matches the generic security requirements of an organisation. The research paper studies and adapts four alternatives for IoT risk assessment and identifies the goal-oriented dependency modelling as a dominant approach among the risk assessment models studied. The new goal-oriented dependency model in this article enables the assessment of uncontrollable risk states in complex IoT systems and can be used for a quantitative self-assessment of IoT cyber risk posture

Risk Adjustment and Reinsurance: A Work Plan for State Officials

Outlines the decisions and actions states need to take to implement the risk adjustment and reinsurance provisions of the 2010 health reform law, including risk adjustment model, reinsurance parameters, stakeholder engagement, and program administration

Assessing and strengthening organisational resilience in a critical infrastructure system: Case study of the Slovak Republic

Critical infrastructure is a system that consists of civil infrastructures in which disruption or failure would have a serious impact on the lives and health of the population. It includes, for example, electricity, oil and gas, water supplies, communications and emergency or healthcare services. It is therefore important that technical resilience and organisational resilience is provided continuously and at a high level by the owners and operators of these civil infrastructures. Organisational resilience management mainly consists of continuously assessing determinants in order to identify weak points early so that adequate security measures can be taken to strengthen them. In the context of the above, the article presents a method for Assessing and Strengthening Organisational Resilience (ASOR Method) in a critical infrastructure system. The essence of this method lies in defining the factors that determine organisational resilience and the process of assessing and strengthening organisational resilience. The method thus allows weaknesses to be identified and the subsequent quantification of positive impacts that strengthen individual factors in organisational resilience. A benefit from applying this method is minimizing the risk and subsequent adverse impact on society of critical infrastructure system disruption or failure. The article also contributes to achieving the UN Sustainable Development Goal 9, namely Building Resilient Infrastructure. The ASOR method namely contributes to the development of quality, reliable, sustainable and resilient infrastructure, including regional and trans-border infrastructure. Finally, the article presents the results of this method's practical application on a selected electricity critical infrastructure entity in the Slovak Republic.Web of Science123art. no. UNSP 10457

Using Space Syntax For Estimation Of Potential Disaster Indirect Economic Losses

The study of applicable network measures shows that Normalised Angular Choice can be used as criteria for selecting alternatives for minimizing indirect costs caused by road network damages. At the same time, this methodology cannot be used for monetizing indirect costs or identifying losses in different economic sectors. The study approach does not contradict the main theoretical approaches and it gives new opportunities for research on disasters recovery