Nils Kalstad Svendsen

Connectivity models of interdependency in mixed-type critical infrastructure networks

Determining interdependencies and cascading failure modes in critical infrastructures is a complex problem that is exacerbated further by the diverging characteristics of the interconnected infrastructure types. Services in some types of infrastructure such as telecommunications or the electric grid are provided and consumed instantly. Others, notably oil and gas but also other infrastructures built on physical resources, however, exhibit buffering characteristics. In this paper we describe a model for the abstract representation of both types of infrastructure networks and their interdependencies. The model is then validated and demonstrated using characteristic topologies and interconnections.

Analysis and Statistical Properties of Critical Infrastructure Interdependency Multiflow Models

Critical infrastructures such as the electric grid, oil and gas pipelines, telecommunications, and financial services are characterized by direct and transitive interdependencies which, owing to their complexity and the scale at which these occur, are not readily visible. Moreover, vulnerabilities in elements of the infrastructure can lead to cascading and cyclical failures only after some delay or as a result of feedback cycles in the infrastructure. In this paper we therefore describe several statistical and algorithmic approaches for the analysis of infrastructure interdependencies which can take into account not only abstract interdependencies but also selected properties of infrastructure types such as buffering of resources. Based on a multigraph model we analyze the interactions of random failures and targeted attacks and use graph statistics to identify critical components in infrastructure topologies, thereby providing a mechanism for the development of more robust infrastructures and more effective allocation of defensive capabilities for existing critical infrastructure.

Multigraph Dependency Models for Heterogeneous Infrastructures

The identification and mitigation of interdependencies among critical infrastructure elements such as telecommunications, energy and transportation are important steps in any protection strategy and are applicable in preventive and operative settings. This paper presents a graphtheoretical model and framework for analyzing dependencies based on a multigraph approach and discusses algorithms for automatically identifying critical dependencies. These algorithms are applied to dependency structures that simulate the scale-free structures found in many infrastructure networks as well as to networks augmented by random graphs.

Graph Models of Critical Infrastructure Interdependencies

Critical infrastructures are interconnected on multiple levels, and due to their size models with acceptable computational complexity and adequate modeling capacities must be developed. This paper presents the skeleton of a graph based model and sketches its capabilities.

Using Physical Models for Anomaly Detection in Control Systems

Supervisory control and data acquisition (SCADA) systems are increasingly used to operate critical infrastructure assets. However, the inclusion of advanced information technology and communications components and elaborate control strategies in SCADA systems increase the threat surface for external and subversion-type attacks. The problems are exacerbated by site-specific properties of SCADA environments that make subversion detection impractical; and by sensor noise and feedback characteristics that degrade conventional anomaly detection systems. Moreover, potential attack mechanisms are ill-defined and may include both physical and logical aspects.

Modeling And Detecting Anomalies In Scada Systems

The detection of attacks and intrusions based on anomalies is hampered by the limits of specificity underlying the detection techniques. However, in the case of many critical infrastructure systems, domain-specific knowledge and models can impose constraints that potentially reduce error rates. At the same time, attackers can use their knowledge of system behavior to mask their manipulations, causing adverse effects to observed only after a significant period of time. This paper describes elementary statistical techniques that can be applied to detect anomalies in critical infrastructure networks. A SCADA system employed in liquefied natural gas (LNG) production is used as a case study.

An analysis of cyclical interdependencies in critical infrastructures

In this paper we discuss the properties and algorithmic methods for the identification and classification of cyclical interdependencies in critical infrastructures based on a multigraph model of infrastructure elements with a view to analyze the behavior of interconnected infrastructures under attack. The underlying graph model accommodates distinct types of infrastructures including unbuffered classes such as telecommunications and buffered structures such as oil and gas pipelines. For interdependency analyzes particularly between different infrastructure types, cycles multiple crossing infrastructure sector boundaries are still relatively poorly understood, and their dynamic properties and impact on the availability and survivability of the overall infrastructure is of considerable interest. We therefore propose a number of algorithms for characterizing such cyclical interdependencies and to identify key characteristics of the cycles such as the strength of the dependency or possible feedback loops and nested cycles which can be of particular interest in the development of mitigation mechanisms.

A framework for 3d geospatial buffering of events of interest in critical infrastructures

The interdependencies among critical infrastructures are frequently characterized not only by logical dependencies and resource flows but often also require consideration of geospatial interactions among the infrastructure elements and surroundings such as the terrain, properties of the terrain, and of events involving the infrastructure such as fire and flooding. Modeling such events and interactions also requires the use not only of three-dimensional geospatial models but also a more precise characterization of both events and the interaction of events with the geospatial model to capture e.g. the resistance of different terrain features to blasts. In this paper we therefore present an extension to a graph-based model reported previously which allows the consideration of geospatial interdependencies and interactions in a specific area of interest. The model incorporates physical characteristics of both the infrastructure elements itself and of terrain and environment in a three-dimensional framework allowing for detailed analyses which cannot be captured using simpler spatial buffering techniques as found in many geospatial information systems.

Supporting the Human in Cyber Defence

Incident detection is not merely the result of a technological process, but the output of a socio-technical system where the human has an important part to play. In this paper we focus on the human role within a socio-technically defined incident detection context by discussing the case of the Norwegian Cyber Defence approach. We show that the human has an important part in the process, not only by owning technical skills but also high-level cognitive skills that help critical thinking, decision-making and communication. We further summarize the results of our previous research and discuss how it can be applied, in order to improve educational content of an incident detection team. We strongly believe that the topics discussed in this paper, when implemented and applied, will help transforming the weakest link - the human - to the strongest defence.

INTERACTIVE VISUALIZATION OF INTERDEPENDENCIES AND VULNERABILITIES IN CONSTRAINED ENVIRONMENTS

Many critical infrastructure assets from hospitals to industrial facilities rely on multiple infrastructure services whose close proximity can result in the failure of one component causing cascading failures in other assets. Ths effective analysis and mitigation of risks requires the consideration of numerous scenarios and input from domain experts.