Risk mitigation strategies for critical infrastructures based on graph centrality analysis
نویسندگان
چکیده
Dependency Risk Graphs have been proposed as a tool to analyze the cascading failures of Critical Infrastructure (CI) dependency chains. However, dependency chain analysis is not by itself sufficient for developing an efficient risk mitigation strategy, i.e. a strategy that defines which CI nodes should have high priority for the application of mitigation controls, in order to achieve the optimal overall risk reduction. In this paper we extend our previous dependency risk analysis methodology towards efficient risk mitigation, by exploring the relation between dependency risk paths and graph centrality characteristics. We explore how graph centrality metrics can be applied to design and to evaluate the effectiveness of risk mitigation strategies. We examine alternative mitigation strategies and we empirically evaluate them through simulations. Our experiments are based on random graphs that simulate common CI dependency characteristics, as identified by recent empirical studies. Based on our experimental findings, we propose an algorithm that can be used to prioritize CI nodes for the application of mitigation controls, in order to achieve an efficient risk mitigation. ∗Corresponding author Email addresses: [email protected] (George Stergiopoulos), [email protected] (Panayiotis Kotzanikolaou), [email protected] (Marianthi Theocharidou), [email protected] (Dimitris Gritzalis) Preprint submitted to International Journal of Critical Infrastructure Protection May 4, 2015
منابع مشابه
Using Centrality Measures in Dependency Risk Graphs for Efficient Risk Mitigation
Cascading failures of Critical Infrastructures (CIs) can be modeled through Dependency Risk Graphs, in order to assess the expected risk of CI dependency chains. In this paper we extend our previous dependency risk analysis methodology towards risk management. We explore the relation between dependency risk paths and graph centrality measures, in order to identify nodes that significantly affec...
متن کاملCritical Infrastructure Interdependencies Assessment Using Graph Dynamic Agent-based Inoperability Input-output Model
1. INTRODUCTION Infrastructure systems such as electric power, gas and energy, water distribution, wastewater, transportation networks and telecommunications systems are critical to the welfare, economy and security of every developed country. Protecting these critical infrastructures is one of the main challenges for governments and international organizations. In order to develop robust infra...
متن کاملA system dynamics approach for assessing the impact of cyber attacks on critical infrastructures
The massive proliferation of information and communications technologies (hardware and software) into the heart of modern critical infrastructures has given birth to a unique technological ecosystem. Despite the many advantages brought about by modern information and communications technologies, the shift from isolated environments to “systems-of-systems” integrated with massive information and...
متن کاملTopological Security Assessment of Technological Networks_iseee_5
The spreading of dangerous malware or faults in inter-dependent networks of electronics devices has raised deep concern, because from the ICT networks infections may propagate to other Critical Infrastructures producing the well-known domino or cascading effect. Researchers are attempting to develop a high level analysis of malware propagation discarding software details, in order to generalize...
متن کاملTime-based critical infrastructure dependency analysis for large-scale and cross-sectoral failures
Dependency analysis of critical infrastructures is a computationally intensive problem when dealing with large-scale, cross-sectoral, cascading and common-cause failures. The problem intensifies when attempting a dynamic, time-based dependency analysis. This paper extends a previous graph-based risk analysis methodology to dynamically assess the evolution of cascading failures over time. Variou...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IJCIP
دوره 10 شماره
صفحات -
تاریخ انتشار 2015