Critical Energy Infrastructure Protection - Assessment Results Communication

Computer simulation of real systems is most of the time a complex task, both in terms of the analytical models describing the process and the usage of the tools that implement the models themselves. The results of such tools are also mainly professional oriented. However, depending on the addressee and the goal of the assessment, communicating the results in an ¿out-of-the-business¿ manner is sometimes required. This document introduces CEIPSec, a web based GIS centric application developed by IPSC SCNI for results communication and visual assessment of the impact of failures on the European electrical power transport system. CEIPSec was developed within the context of the Administrative Arrangement Critical Energy Infrastructure Protection between DG ENERGY and the JRC.JRC.DG.G.6-Security technology assessmen

Understanding Malicious Attacks Against Infrastructures - Overview on the Assessment and Management of Threats and Attacks to Industrial Control Systems

This report describes approaches to the assessment and management of malicious threats and attacks relating to critical infrastructures in general, and electric power infrastructures in particular. Securing infrastructures implies taking into account both the natural and man-made (intentional) events. While protecting against the natural disruptive events is a feasible (yet not trivial) task, benefiting by well-established practices, dealing with intentional attacks comes up across many difficulties, especially due to the unpredictability of such events. The report outlines the state-of-the-art in dealing with threats and malicious attacks, considering both physical and cyber actions. Several approaches taken at national and international levels towards securing the critical infrastructures are also provided.JRC.G.6-Sensors, radar technologies and cybersecurit

Critical Energy Infrastructure Protection - Assessment Results Communication

Computer simulation of real systems is most of the time a complex task, both in terms of the analytical models describing the process and the usage of the tools that implement the models themselves. The results of such tools are also mainly professional oriented. However, depending on the addressee and the goal of the assessment, communicating the results in an ¿out-of-the-business¿ manner is sometimes required. This document introduces CEIPSec, a web based GIS centric application developed by IPSC SCNI for results communication and visual assessment of the impact of failures on the European electrical power transport system. CEIPSec was developed within the context of the Administrative Arrangement Critical Energy Infrastructure Protection between DG ENERGY and the JRC.JRC.G.6-Security technology assessmen

ICT aspects of power systems and their security

This report provides a deep description of four complex Attack Scenarios that have as final goal to produce damage to the Electric Power Transmission System. The details about protocols used, vulnerabilities, devices etc. have been for obvious reasons hidden, and the ones presented have to be understood as mere (even if realistic) simplified versions of possible power systems.JRC.DG.G.6-Security technology assessmen

Tabletop exercise: Coherent Resilience 2019 (CORE 19)

Coherent Resilience 2019 (CORE 19) was a Tabletop Exercise (TTX) on the Baltic States and hybrid threats related to regional gas supplies and critical energy infrastructure protection. The TTX took place 14-16 May 2019 in Vilnius, Lithuania. The goal of the exercise was to support the national authorities and gas transmission system operators (TSO) of the Baltic States in ensuring supply of gas to consumers and mitigating the disruption over the Baltic region. This three-day regional, multilateral, interagency, and public-private sector event was divided into three phases including an academic seminar, a two-day TTX, and a distinguished visitors’ day that included after-action briefings. This report focuses largely on syndicate responses to the exercise scenario vignettes and injects to include capturing areas of improvement, best practices, and recommendations. The event brought together 108 participants from 14 NATO and European Union countries, who represented 35 different governmental organisations representing gas supply and energy security stakeholders.JRC.C.3-Energy Security, Distribution and Market

Vulnerability of Networked Infrastructures: Anomalies, Errors, Interdependencies

The paper looks at one critical aspect of the vulnerability of networks: the propagation of errors across systems–of–systems. It proposes an original and relatively simple approach for the fast evaluation of complex system vulnerabilities based on the analysis of their structural complexity, the functional interoperability and the interdependencies among the component systems. The paper includes an application of the model to a transmission network structure taken from a real grid. An error is considered to be a disturbance in the operability of a component. When the disturbance affects a component deviating it from its correct functioning, one has a service failure. The interactions among components are considered as dependencies when a failure in a component can spread to the others connected to it. In this case, the failure of one component is the input error to the next connected one. The net consequence is a pathological succession of errors degenerating into failures, triggering off new errors, in interconnected components. The “health” of the infrastructure has a static view, dependent on the status of its components, and one dynamic dependent on the propagation of the failures. Two criticality indexes are introduced: (i) the Incapability Index, related to the status of components, and, (ii) the Infrastructure Failure Index to characterize the overall system health state. To simulate the response of the infrastructure to the stress of errors and failures, two models are proposed: an Error Propagation Model, with the main goal of expressing the operability pattern of the infrastructure, given a distribution of error injection; and an Influence Flow Model, for tracking the failure propagation on a step-by-step basis. The system’s state of ‘health’ is given by the compound contribution of its components’ capability of providing the global service. A system is considered fully functional when all components present no deficiency in providing the service they are designed for. Nevertheless, a system obviously might be able to function even in presence of local failures. The system is analyzed at two levels: first, at the level of components, and second at the level of the overall system functionality. The first level regards the health status of each of the system components, and its analytical expression is the Incapability Index. The second is based on the compound operability status of all the system components, and regards (i) the level of propagation of errors within the system, and (ii) the severity of the errors (how much an error affects the overall operability of the system). The severity of the error is expressed by the Infrastructure Failure Index and the Weighted Infrastructure Failure Index. A case study is presented that applies the proposed concepts to a national electric power grid. The results have been obtained by means of a prototype software (Infrastructure Security in Electricity Markets – InSIEME) specifically developed for testing the proposed models. The results are believed to confirm the potential usefulness of the approach, as it will emerge from the following.JRC.DG.G.6-Security technology assessmen

DISPERSION OF RADIO-ELEMENTS, CONTAMINATION,

EURISOL DS/Task 5/TN-06-0

Critical Infrastructures: Risk and Vulnerability Assessment in Transportation of Dangerous Goods: Transportation by Road and Rail

This book addresses a key issue in today’s society: the safer transport of dangerous goods, taking into account people, the environment and economics. In particular, it offers a potential approach to identifying the issues, developing the models, providing the methods and recommending the tools to address the risks and vulnerabilities involved. We believe this can only be achieved by assessing those risks in a comprehensive, quantifiable and integrated manner. Examining both rail and road transportation, the book is divided into three sections, covering: the mature and accepted (by both academia and practitioners) methodology of risk assessment; the vulnerability assessment – a novel approach proposed as a vital complement to risk; guidance and support to build the tools that make methods and equations to yield: the Decision Support Systems. Throughout the book, the authors do not endeavor to provide THE solution. Instead, the book offers insightful food for thought for students, researchers, practitioners and policymakers alike. [From Amazon.com]https://digitalcommons.odu.edu/emse_books/1000/thumbnail.jp

Lessons Learned From Offshore Oil and Gas Incidents in the Arctic and Other Ice-Prone Seas

Specific risks to offshore oil and gas operations manifest in the Arctic and other harsh environments. Such extreme operating conditions can disrupt the offshore infrastructure and cause major accidents, posing a great challenge to operators. A thorough investigation of past incidents helps to learn lessons to ensure that a recurrence of serious accidents affecting workers and the environment can be prevented. The analysis of past incidents is divided into two parts. First, we offer a statistical analysis of offshore incidents triggered by natural events in the Arctic and in similar harsh environments. The analysis, organised by location, cause, and type of damage, failure mechanisms, and consequences, is based on data from the World Offshore Accident Database (WOAD). Second, we analyse a selection of accidents that occurred in the recent past in ice-prone seas, with particular attention to potential deficiencies in safety measures, design requirements and design methodologies, operations planning and component reliability. Based on the analysis, important lessons were identified which stress the need for further efforts to ensure the safety of workers and of assets and to get all actors involved in offshore operations engaged towards achieving a safer future for the exploitation of oil and gas resources.JRC.E.2-Technology Innovation in Securit