Abstract
The paper concerns the risk assessment and management methodology in critical infrastructures. At the beginning a review is performed of the state of the art, regulations, best practices, EU projects, and other relevant documents. On this basis a set of the most preferable features of a CI risk management tool is identified. These features allow to specify basic requirements for the risk management tool. As the core of the solution is the bow-tie model. A risk register is proposed as an inventory of the hazardous events, along with other data structures for hazards/threats, vulnerabilities, consequences, and barriers. Risk factors and results measures, i.e. likelihood and consequences measures as well as a risk matrix are discussed. Next, a new concept is proposed how to integrate different bow-tie models through internal and external dependencies. These requirements can be implemented on the available software platform for further experiments and validation.
Keywords
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Council Directive 2008/114/EC on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection (2008)
Commission Staff Working Document on a new approach to the European Programme for Critical Infrastructure Protection Making European Critical Infrastructures more secure. European Commission. Brussels, SWD, 318 final (August 28, 2013)
Giannopoulos, G., Filippini, R., Schimmer, M.: Risk assessment methodologies for Critical Infrastructure Protection. Part I: A state of the art. European Union (2012)
Rinaldi, S.M., Peerenboom, J.P., Kelly, T.K.: Identifying, Understanding and Analyzing Critical Infrastructure Interdependencies. IEEE Control Systems Magazine, 11–25 (2001)
Hokstad, P., Utne, I.B., Vatn, J. (eds.): Risk and Interdependencies in Critical Infrastructures: A Guideline for Analysis, Reliability Engineering. Springer-Verlag London (2012)
Rausand, M.: Risk Assessment: Theory, Methods, and Applications. Series: Statistics in Practice (Book 86). Wiley (2011)
Deliverable D2.1: Common areas of Risk Assessment Methodologies. Euracom (2007)
ENISA: http://rm-inv.enisa.europa.eu/methods (access date: January 2015)
ISO/IEC 31010:2009 - Risk Management - Risk Assessment Techniques
Utne, I.B., Hokstad, P., Kjolle, G., Vatn, J., et al.: Risk and vulnerability analysis of critical infrastructures – the DECRIS approach. SAMRISK, Oslo (2008)
RAMCAPTM Executive Summary. ASME Innovative Technologies Institute, LLC (2005)
All-Hazards Risk and Resilience: Prioritizing Critical Infrastructures Using the RAMCAP Plus Approach. ASME Innovative Technologies Institute, LLC (2009)
EURACOM Deliverable D20: Final Publishable Summary, Version: D20.1 (March 2011), http://cordis.europa.eu/result/rcn/57042_en.html (access date: January 2015)
EN 61025 Fault tree analysis (FTA) (IEC 61025:2006), CENELEC (2007)
EN 62502 Event tree analysis (ETA) (IEC 62502:2010), CENELEC (2010)
ValueSec FP7: http://www.valuesec.eu (access date: January 2015)
OSCAD project: http://www.oscad.eu/index.php/en/ (access date: January 2015)
CIRAS project: http://cirasproject.eu/content/project-topic (access date: January 2015)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Bialas, A. (2015). Critical Infrastructures Risk Manager – The Basic Requirements Elaboration. In: Zamojski, W., Mazurkiewicz, J., Sugier, J., Walkowiak, T., Kacprzyk, J. (eds) Theory and Engineering of Complex Systems and Dependability. DepCoS-RELCOMEX 2015. Advances in Intelligent Systems and Computing, vol 365. Springer, Cham. https://doi.org/10.1007/978-3-319-19216-1_2
Download citation
DOI: https://doi.org/10.1007/978-3-319-19216-1_2
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-19215-4
Online ISBN: 978-3-319-19216-1
eBook Packages: EngineeringEngineering (R0)