Abstract
Critical Infrastructures (CIs) now include complex cyber-physical systems, with communication networks enabling interactions between the cyber and physical systems. Although the digitalization of such critical infrastructures is intended to increase performance and safety, it also subjects them to new forms of attack. Contemporary attacks that combine both cyber and physical elements are often targeting these critical infrastructures. Recent incidents have shown that it is important to have a holistic view of a CI, including the communication networks at its core, in order to understand the potential attacks on it, as well as the consequences. It is therefore imperative to analyze potential cascading effects enabled by dependencies between the various assets in such a Critical Infrastructure. In this chapter, we describe an approach to modelling the dependencies between assets in a CI and analyze the potential for, and the nature of, these cascading effects.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
AIT (2019) SAURON propagation engine editor. https://atlas.ait.ac.at/sauron/
Bateman T (2013) Police warning after drug traffickers’ cyber-attack. www.bbc.com/news/world-europe-24539417
Carreras B, Newman D, Gradney P, Lynch V, Dobson I (2007) Interdependent risk in interacting infrastructure systems. In: 2007 40th Annual Hawaii International Conference on System Sciences (HICSS’07), IEEE, pp 112–112. https://doi.org/10.1109/HICSS.2007.285
Cimpanu C (2017) WannaCry ransomware infects actual medical devices, not just computers. https://www.bleepingcomputer.com/news/security/wannacry-ransomware-infects-actual-medical-devices-not-just-computers/
Condliffe J (2016) Ukraine’s power grid gets hacked again, a worrying sign for infrastructure attacks. https://www.technologyreview.com/s/603262/ukraines-power-grid-gets-hacked-again-a-worrying-sign-for-infrastructure-attacks/
European Parliament, European Council: Directive (EU) 2016/ 1148 of 6 July 2016—concerning measures for a high common level of security of network and information systems across the union (2016)
Gouglidis A, König S, Green B, Rossegger K, Hutchison D (2018) Protecting water utility networks from advanced persistent threats: a case study. Springer International Publishing, Cham, pp 313–333. https://doi.org/10.1007/978-3-319-75268-6_13
Greenerg A (2018) The untold story of NotPetya, the most devastating cyberattck in history. https://www.wired.com/story/notpetya-cyberattack-ukraine-russia-code-crashed-the-world/
Guo H, Zheng C, Iu HHC, Fernando T (2017) A critical review of cascading failure analysis and modeling of power system. Renew Sustain Energy Rev 80:9–22. https://doi.org/10.1016/j.rser.2017.05.206
ICS-CERT (2016) Cyber-attack against Ukrainian critical infrastructure. https://ics-cert.us-cert.gov/alerts/IR-ALERT-H-16-056-01
ISO International Organization for Standardization (2018) ISO 31000:2018 risk management—guidelines. ISO International Organization for Standardization, Geneva, Switzerland
König S, Gouglidis A (2018) Random damage in interconnected networks. In: Game Theory for Security and Risk Management. Springer International Publishing, pp 185–201. https://doi.org/10.1007/978-3-319-75268-6_8
König S, Gouglidis A, Green B, Solar A (2018) Assessing the impact of malware attacks in utility networks. In: Game Theory for Security and Risk Management. Springer, pp 335–351
König S, Grafenauer T, Rass S, Schauer S (2018) Practical risk analysis in interdependent critical infrastructures—a How-To. In: Proceedings of the Twelfth International Conference on Emerging Security Information, Systems and Technologies, pp 150–157
König S, Rass S (2018) Investigating stochastic dependencies between critical infrastructures. Int J Adv Syst Meas 11(3&4):250–258
König S, Rass S, Rainer B, Schauer S (2019) Hybrid dependencies between cyber and physical systems. In: Advances in Intelligent Systems and Computing. Springer International Publishing, pp 550–565. https://doi.org/10.1007/978-3-030-22868-2_40
König S, Rass S, Schauer S (2019) Cyber-attack impact estimation for a port. In: Proceedings of the Hamburg International Conference of Logistics (HICL). epubli. https://doi.org/10.15480/882.2496
Ouyang M (2014) Review on modeling and simulation of interdependent critical infrastructure systems. Reliab Eng Syst Saf 121:43–60. https://doi.org/10.1016/j.ress.2013.06.040
Pagani GA, Aiello M (2013) The power grid as a complex network: a survey. Phys A Stat Mech Appl 392(11):2688–2700. https://doi.org/10.1016/j.physa.2013.01.023
Rahnamay-Naeini M, Wang Z, Ghani N, Mammoli A, Hayat MM (2014) Stochastic analysis of cascading-failure dynamics in power grids. IEEE Trans Power Syst 29(4):1767–1779. https://doi.org/10.1109/TPWRS.2013.2297276
Rass S (2019) Report about methods for a semi-automated parameterization of (percolation-based) simulation models. Tech rep, Internal Report of the SAURON Project (2019). V3.2
SAURON Consortium: Sauron: Scalable multidimensionAl sitUation awaReness sOlution for protectiNg european ports (2019)
Starmer C (2000) Developments in non-expected utility theory: the hunt for a descriptive theory of choice under risk. J Econ Lit 38(2):332–382 (2000). http://www.jstor.org/stable/2565292
Wang Z, Scaglione A, Thomas RJ (2012) A Markov-transition model for cascading failures in power grids. In: 2012 45th Hawaii International Conference on System Sciences. IEEE, pp 2115–2124. https://doi.org/10.1109/HICSS.2012.63
Wu SJ, Chu MT (2017) Markov chains with memory, tensor formulation, and the dynamics of power iteration. Appl Math Comput 303:226–239. https://doi.org/10.1016/j.amc.2017.01.030
Zetter K (2016) Everything we know about Ukraine’s power plant hack | WIRED. https://www.wired.com/2016/01/everything-we-know-about-ukraines-power-plant-hack/
Acknowledgements
This chapter is based on work from COST Action CA15127 (“Resilient communication services protecting end-user applications from disaster-based failures – RECODIS”) supported by COST (European Cooperation in Science and Technology), and the European Commission’s Project SAURON (Scalable multidimensional situation awareness solution for protecting European ports) under the HORIZON 2020 Framework (Grant No. 740477).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this chapter
Cite this chapter
König, S., Gouglidis, A., Rass, S., Adams, N., Smith, P., Hutchison, D. (2020). Analyzing Disaster-Induced Cascading Effects in Hybrid Critical Infrastructures: A Practical Approach. In: Rak, J., Hutchison, D. (eds) Guide to Disaster-Resilient Communication Networks. Computer Communications and Networks. Springer, Cham. https://doi.org/10.1007/978-3-030-44685-7_31
Download citation
DOI: https://doi.org/10.1007/978-3-030-44685-7_31
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-44684-0
Online ISBN: 978-3-030-44685-7
eBook Packages: Computer ScienceComputer Science (R0)