Negotiating the 'trading zone'. Creating a shared information infrastructure in the Dutch public safety sector

Our main concern in this article is whether nation-wide information technology (IT) infrastructures or systems in emergency response and disaster management are the solution to the communication problems the safety sector suffers from. It has been argued that implementing nation-wide IT systems will help to create shared cognition and situational awareness among relief workers. We put this claim to the test by presenting a case study on the introduction of ‘netcentric work’, an IT system-based platform aiming at the creation of situational awareness for professionals in the safety sector in the Netherlands. The outcome of our research is that the negotiation with relevant stakeholders by the Dutch government has lead to the emergence of several fragmented IT systems. It becomes clear that a top-down implementation strategy for a single nation-wide information system will fail because of the fragmentation of the Dutch safety sector it is supposed to be a solution to. As the US safety sector is at least as fragmented as its Dutch counterpart, this may serve as a caveat for the introduction of similar IT systems in the US

Cyber Situational Awareness in Critical Infrastructure Protection

The European Union promotes collaboration between authorities and the private sector, and the providers of the most critical services to society face security related obligations. In this paper, critical infrastructure is seen as a system of systems that can be subject to cyber-attacks and&nbsp; other disturbances. Situational awareness (SA) enhances preparations for and decision-making during assessed and unforeseen disruptive incidents, and promoting Cyber effective situational&nbsp; awareness (CSA) requires information sharing between the different interest groups. This research is constructive in nature, where innovative constructions developed as solutions&nbsp; for domain-specific real world problems, while the research question is: “How can cyber&nbsp; situational awareness protect critical infrastructures?” The Observe – Orient – Decide – Act (OODA) loop is examined as a way to promote&nbsp; collaboration towards a shared situational picture, awareness and understanding to meet challenges of forming CSA in relation to risk assessment (RA) and improving resilience. Three levels of organizational decision-making are examined in relation a five-layer cyber structure of an organization to provide a more comprehensive systems view of organizational cyber security. Successful, crisis-management efforts enable organizations to sustain and resume operations, minimize losses, and adapt to manage future incidents, as many critical&nbsp;infrastructures typically lack resilience and may easily lose essential functionality when hit by&nbsp;an adverse event. Situation awareness is the main prerequisite towards cyber security. Without situation awareness, it is impossible to systematically prevent, identify, and protect the system from cyber incidents.</p

Threat awareness for critical infrastructures resilience

Utility networks are part of every nation’s critical infrastructure, and their protection is now seen as a high priority objective. In this paper, we propose a threat awareness architecture for critical infrastructures, which we believe will raise security awareness and increase resilience in utility networks. We first describe an investigation of trends and threats that may impose security risks in utility networks. This was performed on the basis of a viewpoint approach that is capable of identifying technical and non-technical issues (e.g., behaviour of humans). The result of our analysis indicated that utility networks are affected strongly by technological trends, but that humans comprise an important threat to them. This provided evidence and confirmed that the protection of utility networks is a multi-variable problem, and thus, requires the examination of information stemming from various viewpoints of a network. In order to accomplish our objective, we propose a systematic threat awareness architecture in the context of a resilience strategy, which ultimately aims at providing and maintaining an acceptable level of security and safety in critical infrastructures. As a proof of concept, we demonstrate partially via a case study the application of the proposed threat awareness architecture, where we examine the potential impact of attacks in the context of social engineering in a European utility company

ATM automation: guidance on human technology integration

© Civil Aviation Authority 2016Human interaction with technology and automation is a key area of interest to industry and safety regulators alike. In February 2014, a joint CAA/industry workshop considered perspectives on present and future implementation of advanced automated systems. The conclusion was that whilst no additional regulation was necessary, guidance material for industry and regulators was required. Development of this guidance document was completed in 2015 by a working group consisting of CAA, UK industry, academia and industry associations (see Appendix B). This enabled a collaborative approach to be taken, and for regulatory, industry, and workforce perspectives to be collectively considered and addressed. The processes used in developing this guidance included: review of the themes identified from the February 2014 CAA/industry workshop1; review of academic papers, textbooks on automation, incidents and accidents involving automation; identification of key safety issues associated with automated systems; analysis of current and emerging ATM regulatory requirements and guidance material; presentation of emerging findings for critical review at UK and European aviation safety conferences. In December 2015, a workshop of senior management from project partner organisations reviewed the findings and proposals. EASA were briefed on the project before its commencement, and Eurocontrol contributed through membership of the Working Group.Final Published versio

Accounting for health in climate change policies: a case study of Fiji

BACKGROUND Climate change is expected to affect the health of most populations in the coming decades, having the greatest impact on the poorest and most disadvantaged people in the world. The Pacific islands, including Fiji, are particularly vulnerable to the effects of climate change. OBJECTIVE The three major health impacts of climate change in Fiji explored in this study were dengue fever, diarrhoeal disease, and malnutrition, as they each pose a significant threat to human health. The aim of this study was to investigate to what extent the Fiji National Climate Change Policy, and a selection of relevant sectoral policies, account for these human health effects of climate change. DESIGN The study employed a three-pronged policy analysis to evaluate: 1) the content of the Fijian National Climate Change Policy and to what extent health was incorporated within this; 2) the context within which the policy was developed; 3) the relevant processes; and 4) the actors involved. A selection of relevant sectoral policies were also analysed to assess the extent to which these included climate change and health considerations. RESULTS The policy analysis showed that these three health impacts of climate change were only considered to a minor extent, and often indirectly, in both the Fiji National Climate Change Policy and the corresponding National Climate Change Adaptation Strategy, as well as the Public Health Act. Furthermore, supporting documents in relevant sectors including water and agriculture made no mention of climate change and health impacts. CONCLUSIONS The projected health impacts of climate change should be considered as part of reviewing the Fiji National Climate Change Policy and National Climate Change Adaptation Strategy, and the Public Health Act. In the interest of public health, this should include strategies for combating dengue fever, malnutrition, and water-borne disease. Related sectoral policies in water and agriculture should also be revised to consider climate change and its impact on human health. Approaches to include health aspects of climate change within sectoral and climate change specific policies should be encouraged, via a number of mechanisms, such as the Health in All Policies approach. Future research could support the Fiji health sector in developing climate change and health programmes.This study was partly funded by Rotary International through an Ambassadorial Scholarship awarded to Georgina Morrow

Resilient Critical Infrastructure Management using Service Oriented Architecture

Abstract—The SERSCIS project aims to support the use of interconnected systems of services in Critical Infrastructure (CI) applications. The problem of system interconnectedness is aptly demonstrated by ‘Airport Collaborative Decision Making’ (ACDM). Failure or underperformance of any of the interlinked ICT systems may compromise the ability of airports to plan their use of resources to sustain high levels of air traffic, or to provide accurate aircraft movement forecasts to the wider European air traffic management systems. The proposed solution is to introduce further SERSCIS ICT components to manage dependability and interdependency. These use semantic models of the critical infrastructure, including its ICT services, to identify faults and potential risks and to increase human awareness of them. Semantics allows information and services to be described in such a way that makes them understandable to computers. Thus when a failure (or a threat of failure) is detected, SERSCIS components can take action to manage the consequences, including changing the interdependency relationships between services. In some cases, the components will be able to take action autonomously — e.g. to manage ‘local’ issues such as the allocation of CPU time to maintain service performance, or the selection of services where there are redundant sources available. In other cases the components will alert human operators so they can take action instead. The goal of this paper is to describe a Service Oriented Architecture (SOA) that can be used to address the management of ICT components and interdependencies in critical infrastructure systems. Index Terms—resilience; QoS; SOA; critical infrastructure, SLA

Toward a Theory of Practical Drift in Teams

Practical drift is defined as the unintentional adaptation of routine behaviors from written procedure. The occurrence of practical drift can result in catastrophic disaster in high-reliability organizations (e.g. the military, emergency medicine, space exploration). Given the lack of empirical research on practical drift, this research sought to develop a better understanding by investigating ways to assess and stop the process in high-reliability organizations. An introductory literature review was conducted to investigate the variables that play a role in the occurrence of practical drift in teams. Research was guided by the input-throughput-output model of team adaptation posed by Burke, Stagl, Salas, Pierce, and Kendall (2006). It demonstrates relationships supported by the results of the literature review and the Burke and colleagues (2006) model denoting potential indicators of practical drift in teams. Research centralized on the core processes and emergent states of the adaptive cycle; namely, shared mental models, team situation awareness, and coordination. The resulting model shows the relationship of procedure—practice coupling demands misfit and maladaptive violations of procedure being mediated by shared mental models, team situation awareness, and coordination. Shared mental models also lead to team situation awareness, and both depict a mutual, positive relationship with coordination. The cycle restarts when an error caused by maladaptive violations of procedure creates a greater misfit between procedural demands and practical demands. This movement toward a theory of practical drift in teams provides a conceptual framework and testable propositions for future research to build from, giving practical avenues to predict and prevent accidents resulting from drift in high-reliability organizations. Suggestions for future research are also discussed, including possible directions to explore. By examining the relationships reflected in the new model, steps can be taken to counteract organizational failures in the process of practical drift in teams

Context-awareness for mobile sensing: a survey and future directions

The evolution of smartphones together with increasing computational power have empowered developers to create innovative context-aware applications for recognizing user related social and cognitive activities in any situation and at any location. The existence and awareness of the context provides the capability of being conscious of physical environments or situations around mobile device users. This allows network services to respond proactively and intelligently based on such awareness. The key idea behind context-aware applications is to encourage users to collect, analyze and share local sensory knowledge in the purpose for a large scale community use by creating a smart network. The desired network is capable of making autonomous logical decisions to actuate environmental objects, and also assist individuals. However, many open challenges remain, which are mostly arisen due to the middleware services provided in mobile devices have limited resources in terms of power, memory and bandwidth. Thus, it becomes critically important to study how the drawbacks can be elaborated and resolved, and at the same time better understand the opportunities for the research community to contribute to the context-awareness. To this end, this paper surveys the literature over the period of 1991-2014 from the emerging concepts to applications of context-awareness in mobile platforms by providing up-to-date research and future research directions. Moreover, it points out the challenges faced in this regard and enlighten them by proposing possible solutions