Risk assessment of multi-order dependencies between critical information and communication infrastructures

Critical Information Infrastructure Protection and Resilience in the ICT Sector

Volumn , Issue , 2013, Pages 153-172

  Panayiotis, Kotzanikolaou ^a   Marianthi, Theoharidou ^b   Dimitris, Gritzalis ^b  

^a UNIVERSITY OF PIRAEUS   (Greece)

^b ATHENS UNIVERSITY OF ECONOMICS AND BUSINESS   (Greece)

Author keywords

[No Author keywords available]

Indexed keywords

EID: 84898122057     PISSN: None     EISSN: None     Source Type: Book    
DOI: 10.4018/978-1-4666-2964-6.ch008     Document Type: Chapter

References (29)

1. Andersson, G., Donalek, P., Farmer, R., Hatziargyriou, N., Kamwa, I., & Kundur, P. (2005). Causes of the 2003 major grid blackouts in North America and Europe, and recommended means to improve system dynamic performance. IEEE Transactions on Power Systems, 20(4), 1922-1928. doi:10.1109/TPWRS.2005.857942
2. Aung, Z., & Watanabe, K. (2009). A framework for modeling dependencies in Japan's critical infrastructures. In C. Palmer & S. Shenoi (Eds.), 3rd IFIP International Conference on Critical Infrastructure Protection (CIP-2009) (pp. 243-257). Springer, USA.
3. Bialas, A. (2006). Information security systems vs. critical information infrastructure protection systems - Similarities and differences. In Proceedings of the International Conference on Dependability of Computer Systems (pp. 60-67).
4. Crowther, K. G. (2008). Decentralized risk management for strategic preparedness of critical infrastructure through decomposition of the inoperability input-output model. International Journal of Critical Infrastructure Protection, 1, 53-67. doi:10.1016/j.ijcip.2008.08.009
5. De Porcellinis, S., Oliva, G., Panzieri, S., & Setola, R. (2009). A holistic-reductionistic approach for modeling dependencies. In C. Palmer & S. Shenoi (Eds.), Proceedings of the 3rd IFIP International Conference on Critical Infrastructure Protection (CIP-2009) (pp. 215-227). Springer, USA.
6. Dept. of Homeland Security (2009). National infrastructure protection plan. USA.
7. European Council. (2008). Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection. Official Journal L 345, 0075-0082.
8. Haimes, Y., Santos, J., Crowther, K., Henry, M., Lian, C., & Yan, Z. (2007). Risk analysis in dependent infrastructures. In Goetz, E., & Sheno, S. (Eds.), Critical infrastructure protection (Vol. 253, pp. 297-310). Boston, MA: Springer. doi:10.1007/978-0-387-75462-8_21
9. ISO/IEC. (2008). International standard 27005: Information technology - Security techniques -Information security risk management, 1st ed. Ref. No. ISO/IEC, 27005:2008.
10. Kotzanikolaou, P., Theoharidou, M., & Gritzalis, D. (2011). Dependencies between critical infrastructures: Analyzing the risk of cascading effects. In S. Wolthusen, et al., (Eds.), Proceedings of the 6th International Conference on Critical Infrastructure Security (CRITIS-2011) (pp. 107-118). Springer.
11. Kröger, W. (2008). Critical infrastructures at risk: A need for a new conceptual approach and extended analytical tools. Reliability Engineering & System Safety, 93(12), 1781-1787. doi:10.1016/j.ress.2008.03.005
12. Kröger, W., & Zio, E. (2011). Vulnerable systems. Springer. doi:10.1007/978-0-85729-655-9
13. Min, O., Liu, H., Zi-Jun, M., Ming-Hui, Y., & Fei, Q. (2009). A methodological approach to analyze vulnerability of dependent infrastructures. Simulation Modelling Practice and Theory, 17, 817-828. doi:10.1016/j.simpat.2009.02.001
14. National Institute for Standards and Technology. (2008). Managing risk from information systems - An organizational perspective. NIST Special Publication 800-39, 2nd Public Draft, USA.
15. Nieuwenhuijs, A., Luiijf, E., & Klaver, M. (2008). Modeling dependencies in critical infrastructures. In E. Goetz & S. Sheno (Eds.), Critical infrastructure protection, Vol. 253 (pp. 205-214. Springer Boston, USA.
16. North American Electric Reliability Corporation (2009). Standard CIP-002-3, cyber security-critical asset identification. December 16, 2009.
17. Pederson, P., Dudenhoeffer, D., Hartley, S., & Permann, M. (2006). Critical infrastructure interdependency modeling: A survey of U.S. and international research. INL/EXT-06-11464. USA: Idaho National Laboratory.
18. Rinaldi, S. (2004). Modeling and simulating critical infrastructures and their interdependencies. In 37th Hawaii International Conference on System Sciences, Vol. 2. IEEE, USA.
19. Rinaldi, S., Peerenboom, J., & Kelly, T. (2001). Identifying, understanding and analyzing critical infrastructure dependencies. IEEE Control Systems Magazine, 21(6), 11-25. doi:10.1109/37.969131
20. Rosato, V., Issacharoff, L., Tiriticco, F., Meloni, S., De Porcellinis, S., & Setola, S. (2008). Modeling dependent infrastructures using interacting dynamical models. International Journal on Critical Infrastructures, 4(1/2), 63-79. doi:10.1504/IJCIS.2008.016092
21. Santos, J., & Haimes, Y. (2004). Modeling the demand reduction input-output inoperability due to terrorism of interconnected infrastructures. Risk Analysis, 24(6), 1437-1451. doi:10.1111/j.0272-4332.2004.00540.x
22. Setola, R., De Porcellinis, S., & Sforna, M. (2009). Critical infrastructure dependency assessment using the input-output inoperability model. International Journal of Critical Infrastructure Protection, 2(4), 170-178. doi:10.1016/j.ijcip.2009.09.002
23. Svedsen, N., & Wolthunsen, S. (2007). Connectivity models of dependency in mixed-type critical infrastructure networks. Information Security Technical Report, 1, 44-55. doi:10.1016/j.istr.2007.02.005
24. Theoharidou, M., Kotzanikolaou, P., & Gritzalis, D. (2009). Risk-based criticality analysis. In C. Palmer & S. Shenoi (Eds.), Proceedings of the 3rd IFIP International Conference on Critical Infrastructure Protection (CIP-2009) (pp. 35-49). Springer.
25. Theoharidou, M., Kotzanikolaou, P., & Gritzalis, D. (2010). A multi-layer criticality assessment methodology based on dependencies. Computers & Security, 29(6), 643-658. doi:10.1016/j.cose.2010.02.003
26. Theoharidou, M., Kotzanikolaou, P., & Gritzalis, D. (2011). Risk assessment methodology for dependent critical infrastructures. International Journal of Risk Assessment and Management, 15(2/3), 128-148. doi:10.1504/IJRAM.2011.042113
27. Utne, I. B., Hokstad, P., & Vatn J. (2011). A method for risk modeling of interdependencies in critical infrastructures. Reliability Engineering & System Safety, ESREL 2009 Special Issue, 96 (6), 671-678.
28. Van Eeten, M., Nieuwenhuijs, A., Luiijf, E., Klaver, M., & Cruz, E. (2011). The state and the threat of cascading failure across critical infrastructures: The implications of empirical evidence from media incident reports. Public Administration, 89, 381-400. doi:10.1111/j.1467-9299.2011.01926.x
29. Zio, E., & Sansavini, G. (2011). Modeling interdependent network systems for identifying cascade-safe operating margins. Transactions on Reliability, 60(1), 94-101. doi:10.1109/TR.2010.2104211