CS5032 Lecture 19: Dependable infrastructure
-
Upload
john-rooksby -
Category
Technology
-
view
480 -
download
1
description
Transcript of CS5032 Lecture 19: Dependable infrastructure
CRITICAL INFRASTRUCTURE
DR JOHN ROOKSBY
IN THIS LECTURE
What is infrastructure?
• National infrastructures
• Organisational infrastructures
• Digital infrastructures
What is critical infrastructure?
• How is infrastructure vulnerable?
Understanding infrastructure
• Problems of understanding existing infrastructure
• Interdependencies in infrastructure
“Public” infrastructure
Digital infrastructure
Organisational infrastructure
WHAT IS INFRASTRUCTURE?The installed base upon which operations and systems can run
Public infrastructure
• National and international systems upon which societies operate: transport, energy, communications, etc. (Includes digital infrastructure).
• Used to be publicly owned, but in the UK and many other counties it has been privatised
Organisational infrastructure
• A much newer use of the term
• Physical and digital infrastructure used by an organisation
• Not necessarily owned by the organisation
WHAT IS INFRASTRUCTURE?Sometimes a distinction is made between hard and soft infrastructure.
Hard infrastructure
• Large, physical networks
• Energy networks, Transport, etc.
Soft infrastructure
• Institutions
• Emergency services, financial services, health care, schools, etc.
This is an artificial distinction
Both hard and soft infrastructures are socio-technical
CHARACTERISTICS OF INFRASTRUCTURE
• Large Scale• Spread over large geographic areas• Regional/National/International
• Complex• Many components • Many interdependencies (internal and external)
• Reliance on standards• Heterogeneous parts rely on standards for interoperation• Standards are not always uniformly applied across an
infrastructure• Long term
• Modern and legacy components • Emerges and changes over the long term• We have to live with decisions made a long time ago
ECONOMIC CHARACTERISTICS OF INFRASTRUCTURE
Rarely one single owner and authority
• Sub-systems and components are increasingly privatised
• The theory is that privately operated infrastructure will be more efficient
• However it is difficult to optimise an infrastructure when sections of it are run by self interested parties
• Crosses national and international boundaries
Often challenging to fund
• We are often reluctant to pay for infrastructure
• Where monopolies exist they are able to over-charge. However, competition where operational costs are low can lead to under-charging (and no re-investment).
SOCIAL CHARACTERISTICS OF INFRASTRUCTURELearned as part of membership
• The use, and styles of use, of particular infrastructures signifies and is often an essential marker of membership of a community.
Links with conventions of practice
• Infrastructure both shapes and is shaped by the conventions of a community of practice, e.g. the ways that cycles of day-night work are affected by and affect electrical power rates
Taken for granted
• Does not need to be re-invented every time we do something new
• We often don’t pay much attention to it. The normally invisible quality of working infrastructure becomes visible when it breaks
Infrastructure is “a relation”
• Whether something is infrastructure depends on perspective (particularly for digital infrastructure). A focus for one person can be infrastructure for another.
THE EMERGENCE OF INFRASTRUCTUREInfrastructures are engineered, but not at the system level. They emerge through social and institutional processes
• Begins with a “vision” (or visions). Later reality does not necessarily match this.
• Competing designs emerge.
• One or more local technologies become adopted as standard
• We have to live with decisions made a long time ago
The history of power girds, sewer systems, railways and so on do not portray a rational process in which an ideal system is designed and built, but a chaotic one.
Cloud and grid computing are often likened to power grids
• There is nothing inevitable about these becoming infrastructure, and the meaning of these terms continues to evolve.
WHAT IS CRITICAL INFRASTRUCTURE?
As individuals we often take infrastructure for granted, but organisations and governments cannot.
• Infrastructure needs to be maintained and adapted/modernised
• Strategic decisions must be made about what kind of infrastructure to invest in (and how)
• However, much infrastructure is not under control of a single organisation or authority
• Infrastructure is vulnerable
Many countries now have critical infrastructure programmes
CRITICAL INFRASTRUCTURE PROGRAMMES IN THE UK, EU, USA
UK Government
• Cabinet Office and the CPNI (Centre for the Protection of National Infrastructure)
European Union
• European Programme for Critical Infrastructure Protection
USA
• Department of Homeland Security and the National Programme of Critical Infrastructure Protection
Governments do not have direct control of infrastructure, and so these are governance and advisory programmes.
What counts as critical varies from place to place
VULNERABILITIES
• Insufficient capability • Insufficient capacity • Faults • Decay • Accidents • Physical Attack• Electronic Attack• Natural Disaster • Civil Unrest
PERSPECTIVES
UK EU USA
Communications x x
Food x x x
Emergency Services
x x
Energy x x x
Finance x x x
Government x
Health x x x
Transport x x x
Water x x x
UK EU USA
Nuclear industry x
ICTs x x
Chemical industry
x x
Research facilities
x
Space x
Defence industrial base
x
Postal/shipping x
Monuments and icons
x
UK SUB-CATEGORIESLandline PhonesMobile TelecommunicationsPostal ServicesBroadcast Communications
AmbulanceFire and RescueMarinePolice
Health and Social Care
Communications
Food
Emergency Services
Energy
Finance
Government
Health
Transport
Water
ElectricityGasOilFuel
ProductionProcessingImportDistributionRetail
Payment, Clearing and Settlement SystemsPublic FinancesMarkets and Exchanges
Central GovernmentParliamentDevolved AdministrationsRegional and Local Authorities
Maritime AviationLand (Road and rail)
Potable water supplyDamsWaste Water Services
1983 1988 1996 1998 2001 2002 2003 2003Transportation X X X X X X X
XWater X X X X X X X
XEducation XPublic Health X X X X
XPrisons XIndustrial capacity XWaste Services XTelecommunications X X X X X
XEnergy X X X X X
XBanking and Finance X X X X
XEmergency Services X X X X
XGov. continuity X X X X
Information Systems X X X XX
Nuclear facilities XSpecial events XAgriculture/food X X X
XDefence industrial base X X
XChemical industry X X
XPostal/shipping services X X
XMonuments and icons X
XKey industry/tech sites XLarge gathering sites X
USA – CHANGES OVER TIME
COMPONENTSWe have been looking so far at a high level
• Ultimately, assurance has to be at the component level
Judgements need to be made about whether a technology or component is a critical element of an infrastructure
• Not every bridge or cable is essential to the overall system
• Are VOIP services telecoms services?
Designation carries implications.
• “Critical” bridges get additional funding (so they all want one!)
• Telecoms services need to carry emergency calls
It is very difficult, if not impossible to map every individual component
• Yet many problems occur at the component level
INTERDEPENDENCIES
Functional: Reliance between components.
Informational: Data flow from one node aides decision making elsewhere.
Shared Control: Control is from the same system/location
Geospatial: Physical proximity
Purpose: A shared function or purpose
Policy/procedural: A change in policy or procedure at one place may have effects elsewhere.
Societal Interdependency: Changes to one component may have societal effects which lead to changes to others
http://www.flickr.com/photos/brizo_the_scot/3736542522/
BALTIMORE, HOWARD STREET TUNNEL FIRE
http://www.its.dot.gov/JPODOCS/REPTS_TE/13754.html
ENERGY CRISIS IN CALIFORNIAFirst Order Effects Third Order EffectsSecond Order
Effects
Oil pipelines
Gas supply
Water
Deregulation Policies
New Energy Marketplace Dynamics
Tight, High-Cost Gas Supplies
Utility Financial Crisis
Substantial load growth
Lack of New Generating and Transmission Capacity
Aging fleet of Power Plants
Low Hydro Conditions
Transmission/Environmental Constraints
Cogeneration
Refineries
Storage terminals
Agriculture
Oil Production
Road transportation
Air transportation
Banking and Finance
Electric Power
Reduced Steam Injection for Heavy
Oil Production
Reduced Heavy Oil Production
Curtailed Natural Gas Production
Inventory build-up: Curtailed
Operations
Inventory Drawdown:
Shortages of Gasoline and Jet
Fuel
Crop losses
Shortages of Specially
Formulated Gasoline
Disruption of flight schedules
Financial losses
Disruption of product pipelines
Disruption of irrigation pumps
Supply demand imbalance
PROTECTING AND ASSURING INFRASTRUCTURE
A difficult problem• Infrastructure is rarely under individual control• Infrastructure is large scale
Assurance takes place through governance processes and risk management• Identify key components• Identify vulnerabilities• Identify threats• Construct risk models• Assess possible outcomes from loss• Make/request/lobby for necessary improvements• Make contingency plans
None of these steps are trivial!
KEY POINTS
Infrastructure is critical to business, security, health, society.
• We are increasingly reliant on digital infrastructure.
Infrastructure is large scale, complex, has modern and legacy components, and many interdependencies.
Securing infrastructure is a hard problem
• Hard to know what you have
• Hard to assess vulnerabilities
• Difficult to make improvements because infrastructure is rarely under direct control of those it is critical to
SOURCESP. Pederson, D. Dudenhoeffer, S. Hartley, M. Permann (2006) Critical Infrastructure Interdependency Modeling: A Survey of U.S. and International Research. Idaho National Laboratory
John Moteff and Paul Parfomak (2004) Critical Infrastructure and Key Assets: Definition and Identification. Report for Congress.
Susan Leigh Star, Karen Ruhleder, (1994) Steps Towards an Ecology of Infrastructure: Complex Problems in Design and Access for Large-Scale Collaborative Systems. CSCW 1994. ACM Press.
USA National Infrastructure Protection Plan
• http://www.dhs.gov/files/programs/editorial_0827.shtm
UK Centre For Protection of National Infrastructure
• http://www.cpni.gov.uk/