Risk assessment based on interdependencies - PowerPoint PPT Presentation
Title:
Risk assessment based on interdependencies
Description:
Title: Infrastruktuurin riskien arviointi keskin isriippuvuuksien pohjalta Author: hansivon Last modified by: hansivon Created Date: 1/31/2005 7:15:10 AM – PowerPoint PPT presentation
Number of Views:103
Avg rating:3.0/5.0
Title: Risk assessment based on interdependencies
1
Risk assessment based on interdependencies
- Helsinki, Finland
- Hannu Sivonen, Senior Researcher
- MANMADE Castellanza 28-29 June 2007
2
National Emergency Supply Agency (NESA)
- Fund, independent of the state budget
- Public Private Partnership coordinator (23
branches, 800 experts) - Government defines objectives for security of
supply - NESA finances security of supply when not
provided by the market mechanism - Focus areas
- Critical technical infrastructure
- Food supply
- Energy supply
- Logistics
- Critical medical substances and supplies
- Defence related industries
- NESA balance is 1000 million
3
Risk assessment based on interdependencies
- A method for assessing the risk caused by
interdependencies between technical
infrastructures, basic services, and threats - Linear mathematical model similar to that used by
Google - Simplifying assumptions
- Complex interdependencies and accumulating
effects and risks handled - Information system failures and weather
conditions are major risks in Finland - Published in Finnish
- Yhteiskunnan huoltovarmuuden kannalta keskeisten
toimintojen riskiarviointi - http//www.huoltovarmuus.fi/julkaisut/esittely/?id
72
4
Finnish government decision 305/2002
- Technical infrastructures (14)
- energy supply
- communications
- information systems
- Basic services and supplies (29)
- food supply
- transport logistics
- mass media
- health care
- financial services
5
Threats from outside the infrastructure and
services (17)
- economic threats
- threats to information systems
- crisis in international logistics
- weather phenomena
- structural damage
- strikes
- environment and health threats
- national security threats
6
Interdependencies
- reasons
- for failures
recurrent (ratio 1)
expected (ratio 0.1)
rare (ratio 0.01)
theoretical (ratio 0.001)
nonexistent
7
Input Interdependencies (sample)
8
Mean time between failures
9
Input Duration and mean time between failures
10
Output Relative risks pertinent to
inter-dependent infrastructures
11
Output Relative risks pertinent to outside
threats
12
Relative component risks in food logistics
) operator processing plant logistics
operator
13
The model applied to criticality of ICT functions
- 72 functions, 6 scenarios (3x2)
- Duration of failure
- short term (hours)
- medium term (days)
- long term (months)
- Dependency type
- cause of failure to others
- obstacle to recovery of others
- No assessment for MTB, just interdependencies
potential effect, criticality
14
Top ten critical functions from 6 scenarios
