Infrastructure security

Abstract: The development of a trustworthy smart grid requires a deeper understanding of potential impacts resulting from successful cyber attacks. Estimating feasible attack impact requires an evaluation of the grid's dependency on its cyber infrastructure and its ability to tolerate potential failures. A further exploration of the cyber-physical relationships within the smart grid and a specific review of possible attack vectors is necessary to determine the adequacy of cybersecurity efforts. This paper highlights the significance of cyber infrastructure security in conjunction with power application security to prevent, mitigate, and tolerate cyber attacks. A layered approach is introduced to evaluating risk based on the security of both the physical power applications and the supporting cyber infrastructure. A classification is presented to highlight dependencies between the cyber-physical controls required to support the smart grid and the communication and computations that must be protected from cyber attack. The paper then presents current research efforts aimed at enhancing the smart grid's application and infrastructure security. Finally, current challenges are identified to facilitate future research efforts.

Abstract: Security protections for critical infrastructure nodes are intended to minimize the risks resulting from an initiating event, whether it is an intentional malevolent act or a natural hazard. With an emphasis on protecting an infrastructure's ability to perform its mission or function, Critical Infrastructure System Security and Resiliency presents a practical methodology for developing an effective protection system that can either prevent undesired events or mitigate the consequences of such events. Developed at Sandia National Labs, the authors analytical approach and methodology enables decision-makers and security experts to perform and utilize risk assessments in a manner that extends beyond the theoretical to practical application. These protocols leverage expertise in modeling dependenciesoptimizing system resiliency for effective physical protection system design and consequence mitigation. The book begins by focusing on the design of protection strategies to enhance the robustness of the infrastructure components. The authors present risk assessment tools and necessary metrics to offer guidance to decision-makers in applying sometimes limited resources to reduce risk and ensure operational resiliency. Our critical infrastructure is vast and made up of many component parts. In many cases, it may not be practical or affordable to secure every infrastructure node. For years, expertsas a part of the risk assessment processhave tried to better identify and distinguish higher from lower risks through risk segmentation. In the second section of the book, the authors present examples to distinguish between high and low risks and corresponding protection measures. In some cases, protection measures do not prevent undesired events from occurring. In others, protection of all infrastructure components is not feasible. As such, this section describes how to evaluate and design resilience in these unique scenarios to manage costs while most effectively ensuring infrastructure system protection. With insight from the authors decades of experience, this book provides a high-level, practical analytical framework that public and private sector owners and operators of critical infrastructure can use to better understand and evaluate infrastructure security strategies and policies. Strengthening the entire homeland security enterprise, the book presents a significant contribution to the science of critical infrastructure protection and resilience.

Abstract: Understanding cascading effects among interdependent infrastructure systems can have an important effect on public policies that aim to address vulnerabilities in critical infrastructures, especially those policies pertaining to infrastructure security. Efforts to quantify these cascading effects and illustrative examples of such metrics are presented. The first set of examples is based upon various impacts that the 14th August, 2003 blackout in the USA had on other sectors. A second set of examples is based on various electric power outages and their impact on other infrastructure systems collected from the authors' research. Although efforts to quantify cascading effects are challenging, given the nature of the data and its limited availability, research in this area can provide useful metrics.

Abstract: The recognition that resilience is a critical aspect of infrastructure security has caused the national and homeland security communities to ask “How does one ensure infrastructure resilience?” Previous network resilience analysis methods have generally focused on either pre-disruption prevention investments or post-disruption recovery strategies. This paper expands on those methods by introducing a stochastic optimization model for designing network infrastructure resilience that simultaneously considers pre- and post-disruption activities. The model seeks investment–recovery combinations that minimize the overall cost to a distribution network across a set of disruption scenarios. A set of numerical experiments illustrates how changes to disruption scenarios probabilities affect the optimal resilient design investments.