Plán na znovuobnovení kritické infrastruktury na místní úrovni / Planning of restoring Critical Infrastructure on local level

LÁCHOVÁ, Veronika

January 2008

Critical infrastructure (CI) is one of the most important branches in crisis man-agement. In recent years, CI demonstrated its importance on many occasions. My work is focused on the analysis of risks which can be a possible threat to CI. This is because the most important part of securing CI is the prevention of, and prepara-tion for, interruptions or damage. The risks in this part were specified using a FRAP analysis. I also identify the main reciprocal dependencies of all CI sectors to demonstrate which sector is the most important one. Finally, I specify the process of recovering or restoring these CI sectors. A new method was intentionally used for analytical-synthetic models. This method, in conjunction with the use of a FRAP analysis, is new to the branch of crisis management and was used for first time. The main aim of my work is to improve knowledge about CI at a regional level {--} city of České Budějovice. I submit new ways of identifying risks and resolv-ing problems during the recovery phase {--} specialized in CI.

Strategic Objectives in Complex Planning Environments : Insights from a Swedish Case for Critical Infrastructure Protection

Große, Christine

January 2018

Large-scale and long-term planning imposes extensive requirements on governance efforts regardless of whether it involves public organisations, private organisations, or both. The proportions of such planning entangle many actors and stakeholders as system components within and around a complex system. These system components and conditions in a complex planning environment introduce a diverse variety of strategic objectives into the planning. This study investigates how strategic objectives can affect the governance of complex planning systems, particularly in the context of national critical infrastructure protection. For this purpose, this thesis concentrates on a national planning procedure, STYREL, which Sweden has recently implemented for the case of power shortages. This case involves various actors from the national, regional and local levels who act on behalf of both public and private organisations in a planning process with four-year intervals, and it thus constitutes a relevant subject for this study. The investigation entailed the collection of evidence from documents and interviews. First, publicly available Swedish documents regarding the case provided an understanding of the planning. Second, interviews with decision-makers who are entrusted with this planning at municipalities and county administrative boards as well as with a few planners from power grid providers offered a deeper comprehension of both the proceedings in practice and the strategic objectives involved in this complex system for planning of critical infrastructure protection. Particularly, the findings resulted in several conceptual models that demonstrate these understandings in more detail. A soft system model visualises the problem situation and contains several elements, such as the system components, interrelations and conditions. Moreover, a multi-level planning model specifies sources of uncertainty in the planning and decision-making process that are associated with an insufficient alignment of strategic objectives in the STYREL case. These decompositions of the Swedish planning environment – both horizontal and vertical – further enabled this study to identify significant parameters of the systemic conditions and strategic objectives involved in such complex planning environments that challenge their governance. The findings of this study suggest that the Swedish process is not yet fully developed. The investigation particularly indicates that a better alignment of strategic objectives is necessary to ensure a selection of adequate goals and means that advances the future usability of the produced plan, which in turn would legitimate and strengthen this complex planning process for critical infrastructure protection. / Storskalig och långvarig planering ställer höga krav på styrning. Detta gäller oavsett om offentliga eller privata organisationer, eller båda, är involverade. Omfattningen av en sådan planering engagerar många aktörer och intressenter som komponenter inom och omkring ett komplext system. Dessa komponenter samt deras villkor inbäddade i en komplex planeringsmiljö skapar en mångfald av strategiska målbilder som följer med in till planeringen. Denna studie undersöker därför hur strategiska målbilder kan påverka styrningen av komplexa planeringssystem, särskilt i kontexten av skyddet av kritisk infrastruktur i samhället. Undersökningen fokuserar på en nationell planeringsprocess, kallad STYREL, som avser beredskapsplanering för elbristsituationer och som implementerats i Sverige. Planeringsmiljön omkring STYREL är ett relevant studieobjekt eftersom den involverar många aktörer från nationell, regional och lokal nivå. Dessa aktörer representerar offentliga och privata organisationer i den planeringsprocess som genomförs med fyraårsintervaller. Under undersökningens gång har bevis samlats in från dokument och intervjustudier. Först har offentlig tillgängliga dokument om fallet skapat en förståelse om planeringen. Intervjuer med beslutsfattare som är ansvariga för STYREL-planeringen hos länsstyrelser, kommuner samt elnätsbolag har sedan genererat en ännu djupare förståelse. Detta gällande både förfaringssättet i praktiken och de strategiska målbilder som är involverade i detta komplexa system för planering av kritisk infrastruktur-skydd. Resultaten ledde i synnerhet till några konceptuella modeller vilka demonstrerar förståelserna på ett detaljerat sätt. En systemmodell visualiserar problemsituationen och innehåller flera element såsom systemkomponenter, relationer och villkor. En multinivå-planeringsmodell specificerar källor av osäkerhet i planerings- och beslutsprocessen vilka är associerade med en otillräcklig harmonisering av strategiska målbilder i STYREL fallet. Dekompositionerna av den svenska planeringsmiljön – både horisontellt och vertikalt – gjorde det möjligt att identifiera signifikanta parametrar av de systemiska villkor och strategiska målbilder som är involverade i dessa komplexa planeringsmiljöer och utmanar deras styrning. Resultaten av studien indikerar att den svenska processen inte är fullt utvecklat. Undersökningen visar att en bättre harmonisering av strategiska målbilder är nödvändig för att säkerställa ett urval av adekvata mål och medel som skulle utveckla den framtida användbarheten av den producerade planen. Denna skulle i sin tur legitimera och stärka den komplexa planeringsprocessen för skyddet av kritisk infrastruktur. Därtill kunde detta främja en målgruppsorienterad kommunikation om risker och relevanta åtgärder. / <p>Vid tidpunkten för framläggningen av avhandlingen var följande delarbeten opublicerade: delarbete 1 under granskning, delarbete 3 under granskning.</p><p>At the time of the defence the following papers were unpublished: paper 1 under review, paper 3 under review.</p>

Systemic Thinking

Soft Operations Research

Governance

Complex Systems

Critical Infrastructure Protection

Largescale Planning

Multi-level Planning

Strategic Management

Information Systems, Social aspects

ALGORITHM TO DEVELOP A MODEL PROVIDING SECURITY AND SUSTAINABILITY FOR THE U.S. INFRASTRUCTURE BY PROVIDING INCREMENTAL ELECTRICAL RESTORATION AFTER BLACKOUT

Casey Allen Shull (7039955)

15 August 2019

<p>Is North America vulnerable to widespread electrical blackout from natural or man-made disasters? Yes. Are electric utilities and critical infrastructure (CI) operators prepared to maintain CI operations such as, hospitals, sewage lift stations, food, water, police stations etc., after electrical blackout to maintain National security and sustainability? No. Why? Requirements to prioritize electrical restoration to CI do not exist as a requirement or regulation for electrical distribution operators. Thus, the CI operators cannot maintain services to the public without electricity that provides power for the critical services to function. The problem is that electric utilities are not required to develop or deploy a prioritized systematic plan or procedure to decrease the duration of electrical outage, commonly referred to as blackout. The consequence of local blackout to CI can be multi-billion-dollar financial losses and loss of life for a single outage event attributed to the duration of blackout. This study utilized the review of authoritative literature to answer the question: “Can a plan be developed to decrease the duration of electrical outage to critical infrastructure”. The literature revealed that electric utilities are not required to prioritize electrical restoration efforts and do not have plans available to deploy minimizing the duration of blackout to CI. Thus, this study developed a plan and subsequent model using Model Based System Engineering (MBSE) to decrease the duration of blackout by providing incremental electrical service to CI.</p>

security

sustainability

mbse

model

algorithm approach

logic

blackout

Crisis

resiliency

reliability

infrastructure systems

Infrastructure design decisions

utility company

utility decision maker

critical infrastructure protection

Critical Infrastructure Resilience

National Security

disaster relief applications

terrorist attacks

MBSE

SysML

electric utility

resilient hospitals

網路恐怖主義與美國防治政策 / Cyberterrorism and the U.S. Prevention Policies

黃書賢, Huang, Shu Hsien

Unknown Date

網路恐怖主義（Cyberterrorism）為「網際網路」（Internet）與「恐怖主義」（terrorism）相互結合之產物，指恐怖份子為求引發嚴重破壞，並造成平民死傷，透過網際網路入侵國家關鍵基礎設施（critical infrastructures），並以之要脅政府或人民完成其政治性、宗教性或社會性目標。至2012年7月為止，對於網路恐怖主義相關議題之討論雖已持續約30年之久，然而各界對於網路恐怖主義之「定義」及「威脅性」兩項基本問題，仍然眾說紛紜，無法取得一致共識，而全球各地缺乏網路恐怖攻擊之實際案例之情況，亦使爭辯益加激烈。 　　在美國政府方面，經過2001年911事件的重大衝擊，其對於恐怖主義相關議題之敏感程度已大幅提高，並陸續制定多項反恐政策。美國是當前國際反恐行動的領導者，既為軍事與科技大國，同時也是諸多國際恐怖組織策劃攻擊之主要目標，有鑑於此，美國政府致力於防治網路恐怖主義，保護國內關鍵基礎設施不受侵襲，以維持社會安定及國家安全，其因應方式足以成為世界各國制定類似政策之重要參考對象。 　　本論文經由探討網路恐怖主義之基本意涵，比較「網路恐怖主義」、「網路犯罪」及「網路戰爭」三個概念之間的差異，嘗試針對網路恐怖主義形成明確之界定；接著綜整各界針對網路恐怖主義威脅性之爭論，以了解網路恐怖主義之真實威脅程度；最後觀察美國自柯林頓（Clinton）政府至今，有關防治網路恐怖主義政策之一系列發展、美國政府如何評估網路恐怖主義之威脅，以及在當前的政策架構之下，為保護國內關鍵基礎設施，其相對應之具體措施為何，試圖對於其整體政策建立客觀評價。 / Cyberterrorism, the convergence of “Internet” and “terrorism,” refers to the specific terrorist activities that were intended to cause massive destruction and casualties, proceeded by intruding the supervisory control and data acquisition (SCADA) systems of national critical infrastructures via the Internet. Even though the discussion of the related issues of Cyberterrorism has continued for nearly 30 years now, neither the definition nor the evaluation of potential threat concerning Cyberterrorism has been settled. No consensus has been achieved. Furthermore, the lack of actual cases of Cyberterrorism attack around the world makes the debates even more intense. After the significant impact of September 11, 2001, the U.S. government has substantially raised the degree of sensitivity of the issues related to terrorism and developed a number of counter-terrorism policies. As the leader of the Global War on Terror and the greatest Power in the world, the U.S. is also the main target of many terrorist groups. With its military and scientific capabilities, the practices of the U.S. government on preventing Cyberterrorism, protecting its domestic critical infrastructures from intrusion, and maintaining social stability and national security would be excellent examples to other nations for the development of their own policies. To clarify the explicit definition of Cyberterrorism, this research refined the basic meaning of Cyberterrorism and distinguished differences among three related concepts: Cyberterrorism, Cybercrime, and Cyberwar. Moreover, this research sought to induct major arguments brought up by scholars in many intense debates on the extent of Cyberterrorism threat. Last but not least, by observing development of the U.S. related policy frameworks, how the U.S. government evaluates the extent of Cyberterrorism threat, and the corresponding measures for protecting the U.S. domestic critical infrastructures, this research presented an objective assessment on the U.S. overall counter-Cyberterrorism policies.

網路恐怖主義

美國反恐政策

網路犯罪

網路戰爭

保護關鍵基礎設施

國土安全部

網路空間安全國家戰略

Cyberterrorism

U.S. Counter-Cyberterrorism Policies

Cybercrime

Cyberwar

Critical Infrastructure Protection