Title: Critical Infrastructure Protection and Policy
1Critical Infrastructure Protection (and Policy)
- H. Scott Matthews
- March 25 2004
2HW 3 Review (Mean35)
3Threat
- Any circumstance or event with the potential to
cause harm to a system in the form of
destruction disclosure adverse modification
and/or the denial of service. - Examples Hackers electrical storms
- Need to know likelihood of threats
- Sources National Information Systems Security
(INFOSEC) Glossary NSTISSI No. 4009 Aug. 1997)
- generalized form of it
4Vulnerability
- Weakness in a systemor its components (e.g.
system security procedures design controls)
that could be exploited by a threat - Examples Software bugs structural design
5Risk
- The likelihood that a particular threat using a
specific attack will exploit a particular
vulnerability of a system that results in an
undesirable consequence - Risk Assessment
- Process of analyzing threats toand
vulnerabilities of a system and the potential
impact the loss of system would have. - Resulting analysis is used as a basis for
identifying appropriate and cost-effective
counter-measures. - Computing expected loss functions
6Risk Management
- The process concerned with identification
measurement control and minimization of
security risks in systems to a level commensurate
with the value of the assets protected.
7Classic Warden Defense Model
Leaders
Organic Essentials
Infrastructure
Population
Military
8New Defense Model
Military
Phys. Infrastructure
Leaders
Population
Econo-Tech. Infrastructure
9Strategic Objectives of Plan
- Identify and protect infrastructures and assets
most critical to society - Provide warnings for specific imminent threats
- Over time protect other assets through federal
state local govt and private sector
collaboration - Homeland Security a Shared Responsibility
- Source The National Strategy for the Physical
Protection of Critical Infrastructures and Key
Assets White House Feb 2003.
10To Achieve Strategic Vision
- Understand motivation of enemies
- Understand preferred tactics
- Comprehensive assessment of
- Assets and vulnerabilities
- Challenges of mitigating risk
- Key assets may not be part of critical
infrastructure but affect prestige morale
confidence (e.g. WTC Golden Gate Bridge)
11Effects of Attacks
- Direct - loss of service
- Attack on a critical node system function
- E.g. bridge
- Indirect
- Attack leads to behavioral/psychological
- Exploitation
- Using one to destroy another
- May involve interdependencies
12Guiding Principles
- Assure safety confidence service
- Responsibility accountability
- Collaborative partnerships govt/industry
- Market Solutions where possible
- Information sharing
- International cooperation
- Development of technology and expertise
- Safeguard privacy and freedoms
13Responsibility Chain
- Federal Govt - oversee coordinate set
policies ensure 3 strategic objs - State and Local - identify and secure their
assets emergency response act as central points
for requesting help coordinate information flows - Private Sector - owns most of CI
- Continue to perform RA/RM reassess
- Help identify vulnerabilities of national concern
14Whats Missing
- Anything non-terrorist
- Natural disasters
- Accidents
- Focus on terrorist-based attacks while timely
is short-sighted given the range of threats and
vulnerabilities to CI
15Interdependencies
- A new emphasis on critical infrastructures
- PDD-63 in 1998 after Oklahoma City
- Generally worried about hackers interfering with
operation of physical infrastructures - Use of digital to disrupt physical suggests
interdependency - There are many non-hacking interdependencies
- Natural events can exploit them too
- Perhaps can be better understood and managed with
information systems
16Key Questions
- What tools can be used to predict
- How can everyday operation be balanced with
security concerns - What are performance measures
- Who are stakeholders
- How to deal with risk and uncertainty
17Complex Adaptive Systems (CAS)
- Collective systemic behavior emergent
- I.e. follows patterns that result from but not
predictable from nonlinear interactions with a
large number of subsystems - Capabilities change over time
- Greater than sum of its parts
- May be possible to model/ manage/ understand via
agent-based systems - Software systems where simple decision rules are
followed and tracked via information given to them
18Six Dimensions of Infras. Interdependencies
(Rinaldi)
- Infrastructure environment
- Coupling
- Response behavior
- Failure types
- Infrastructure characteristics
- State of Operation
