Critical infrastructure: Difference between revisions
imported>Howard C. Berkowitz |
John Leach (talk | contribs) m (Text replacement - "9-11 attacks" to "9-11 Attack") |
||
Line 14: | Line 14: | ||
Often more critical than the human-to-human communications networks for the functions below are the [[System Control And Data Acquisition]] networks that directly control the electrical power grid and similar real-time services. SCADA networks must be completely isolated from the public [[Internet]], but they still may run over physical facilities that are in this functional area. | Often more critical than the human-to-human communications networks for the functions below are the [[System Control And Data Acquisition]] networks that directly control the electrical power grid and similar real-time services. SCADA networks must be completely isolated from the public [[Internet]], but they still may run over physical facilities that are in this functional area. | ||
===Military=== | ===Military=== | ||
Command and control facilities, large bases, and organized and reserve units can be critical both in providing disciplined responses in natural disasters, as well as resources to deal with direct attack. The [[Pentagon Building]] was an example of both a resource and a target in the [[9-11 | Command and control facilities, large bases, and organized and reserve units can be critical both in providing disciplined responses in natural disasters, as well as resources to deal with direct attack. The [[Pentagon Building]] was an example of both a resource and a target in the [[9-11 Attack]]. Military command tends to be the best protected. | ||
===Banking and finance=== | ===Banking and finance=== | ||
In this categories are institutions involved with monetary transactions and of financial instruments equivalent to money, including transfer, storage and saving, investment, exchange and disbursement. | In this categories are institutions involved with monetary transactions and of financial instruments equivalent to money, including transfer, storage and saving, investment, exchange and disbursement. |
Revision as of 04:27, 23 February 2024
If a nation were a living being, critical infrastructure would be the blood vessels, nervous system, immune responses, and other functions necessary for it to function. U.S. policy was first stated by President Bill Clinton in Presidential Decision Directive 63, and most industrialized nations have equivalents:
physical and cyber-based systems essential to the minimum operations of the economy and government. They include, but are not limited to, telecommunications, energy, banking and finance, transportation, water systems and emergency services, both governmental and private. Many of the nation's critical infrastructures have historically been physically and logically separate systems that had little interdependence. As a result of advances in information technology and the necessity of improved efficiency, however, these infrastructures have become increasingly automated and interlinked. These same advances have created new vulnerabilities to equipment failure, human error, weather and other natural causes, and physical and cyber attacks. Addressing these vulnerabilities will necessarily require flexible, evolutionary approaches that span both the public and private sectors, and protect both domestic and international security.[1]
By its very nature, critical infrastructure is a target for terrorism. Certain facilities, such as chemical plants, may not themselves strictly be critical infrastructure, but, if attacked, could have such catastrophic effects that they must be considered in the category. The Chernobyl power plant, of course, was both part of critical electrical infrastructure but also a high-risk target, through human error rather than deliberate attack.
Critical functions
Information and communications
If those trying to repair damaged infrastructure cannot communicate, little will be accomplished. It may not be intuitive, but the communications systems that have the highest priority for repair are not those assigned to top executives, but to network management and repair. Most of the other critical functions also depend on computing and communications, so the core communications systems are the most critical of all.
Often more critical than the human-to-human communications networks for the functions below are the System Control And Data Acquisition networks that directly control the electrical power grid and similar real-time services. SCADA networks must be completely isolated from the public Internet, but they still may run over physical facilities that are in this functional area.
Military
Command and control facilities, large bases, and organized and reserve units can be critical both in providing disciplined responses in natural disasters, as well as resources to deal with direct attack. The Pentagon Building was an example of both a resource and a target in the 9-11 Attack. Military command tends to be the best protected.
Banking and finance
In this categories are institutions involved with monetary transactions and of financial instruments equivalent to money, including transfer, storage and saving, investment, exchange and disbursement.
Water supply
Sources of water, reservoirs and holding tanks, aqueducts and water piping, water purification, and delivery mechanisms fall into this functional area. While potable drinking water is the most obvious critical function, water supplies for electronic and manufacturing cooling, and for firefighting, can be equally critical to the region or nation. Sewage treatment also falls into this category.
Transportation
Transportation includes aviation and its supporting systems, roads and highways, trucking and personal vehicles and their traffic control systems, pipelines, ports and waterways and vessels, mass transit facilities, freight and long-haul passenger rail, and critical package delivery.
Emergency services
Emergency medical services and hospitals, police and other law enforcement, firefighting and rescue services are clearly critical services, along with their command and control systems including organizations managing the Incident Command System. Major disasters will require regional and national coordination. Hospitals are part of this functional area.
Public health services
Prevention, surveillance, public health laboratories, personal health and mass treatment all fall into this category.
Continuity of government services
Just as communications systems are at the heart of critical infrastructure, government emergency operations centers, often hardened against natural disaster and direct attack, are essential. After major catastrophes, it may be necessary to bring in mobile command centers.
Electrical power
Electrical power starts with generation using oil, coal, nuclear, solar, and other power sources, and the transportation needed to bring fuel to the generating plants. It then moves to the transmission and distribution systems, and the SCADA and operations centers controlling them all.
Oil and gas production and storage
Production, processing, storage and delivery of oil and gas are critical to function, as well as needing protection as possible centers of disasters.
Food supply
Agriculture, food processing, storage and distribution.
Example of coordinating government agencies
While the exact agencies and ministries will vary by country, the U.S. assignments are illustrative as the government departments with responsibilities for particular areas. Overall coordination typically would be under the National Incident Management System and National Response Framework under the Department of Homeland Security.
In the U.K., the central coordination organization is the Cabinet Office Briefing Rooms for the most serious situations, and a Lead Government Department for lesser problems.[2]
References
- ↑ Bill Clinton (May 28, 1998), Presidential Decision Directive 63, Critical Infrastructure Protection
- ↑ Central Government Arrangements, UK Cabinet Office, 22 May 2010