critical infrastructure protection and interdependency issues
DESCRIPTION
(industry vision within the EC framework approach) by Fabio Bagnoli Division Manager of the Electronics Division at D’Appolonia S.p.A.TRANSCRIPT
D’Appolonia S.p.A.
AN ISO 9001 AND ISO 14001 CERTIFIED COMPANY
www.dappolonia.it
Critical Infrastructure Protection and interdependency issues:
industry vision within the EC framework approach
Fabio Bagnoli
D’Appolonia S.p.A.
D’Appolonia is a major Italy-based engineering company that provides multidisciplinary
engineering consulting and design services to a great variety of public and private clients
The Company has been established by Dr. Elio D’Appolonia in 1956 in Pittsburgh
(Pennsylvania), and is present in Italy since 1981
In 1983 the Italian office, headquartered in Genoa, became the independent company
D’Appolonia S.p.A.
The company since December 2011 is part of the RINA Group
Engineering Services
D’Appolonia provides engineering and management services during the whole project
life cycle:
Feasibility studies and research
Conceptual design and project specifications
Preliminary and detailed design
Physical and virtual validation
Management of suppliers and system integration
Construction management and supervision
Commissioning and support to homologation and certification
Maintenance and operation
Company Offices
The “Origins”
The European Council of June 2004 asked the Commission to prepare an
overall strategy to protect critical infrastructure. In response, the Commission
adopted on 20 October 2004 a Communication “Critical Infrastructure
Protection in the Fight Against Terrorism” putting forward clear suggestions on
what would enhance European prevention, preparedness and response to
terrorist attacks involving critical infrastructures.
The Council conclusions on “Prevention, Preparedness and Response to
Terrorist Attacks” and the “EU Solidarity Programme on the Consequences of
Terrorist Threats and Attacks” adopted by Council in December 2004 endorsed
the intention of the Commission to propose a European Programme for Critical
Infrastructure Protection (EPCIP)
The “Pillars”
European Programme for Critical Infrastructure Protection
Adoption of Directive 2008/114/EC
Financial measures to support the strategy
Critical Infrastrucutre Protection CIP
CIP requires the active participation of the owners and operators of
infrastructure, regulators, professional bodies and industry associations in
cooperation with all levels of government, and the public.
CIP is focused on the need to minimise risks to public health, safety and
confidence, ensure our economic security.
The objectives of CIP are to identify critical infrastructure, analyse
vulnerability and interdependence, and protect from, and prepare for, all
hazards.
As not all critical infrastructure can be protected from all threats,
appropriate risk management techniques should be used to determine
relative criticality, the level of protective security,
The sharing of information relating to threats and vulnerabilities will assist
governments, and owners and operators of critical infrastructure to better
manage risk.
Support to Security Projects
The Commission provides two types of funding for security-related
projects:
Operational, highly specific and policy-oriented activities are supported
by the Framework Programme on Security and Safeguarding Liberties,
which is composed of two specific programmes: Prevention,
Preparedness and Consequence Management of Terrorism and
Prevention of and Fight against Crime.
Longer-term research is supported by the Security theme, under the 7th
Framework Programme (FP7), with a budget of EUR 1.4 billion for
2007-13.
The CIPS Programme
The Prevention, Preparedness and Consequence Management of
Terrorism and other Security-related Risks (CIPS) programme is
designed to protect citizens and critical infrastructures from terrorist
attacks and other security incidents.
The EU has allocated EUR 140 million for the period 2007–13 for
operational cooperation and coordination actions (strengthening
networking, mutual confidence and understanding, developing
contingency plans, exchanging and disseminating information,
experiences and best practices
Main Areas
Prevention and Preparedness refers to measures aimed at
preventing and/or reducing risks linked to terrorism and other
security related risks.
Consequence Management refers to the coordination of measures
taken in order to react to and to reduce the impact of the effects of a
security related incident, in particular resulting from terrorist attacks
in order to ensure a smooth coordination of crisis management and
security actions.
Expected Outcome
Development of Instruments
Common Framework
Methods and techniques
Exchange and Dissemination
Main Areas
Prevention and Preparedness refers to measures aimed at
preventing and/or reducing risks linked to terrorism and other
security related risks.
Consequence Management refers to the coordination of measures
taken in order to react to and to reduce the impact of the effects of a
security related incident, in particular resulting from terrorist attacks
in order to ensure a smooth coordination of crisis management and
security actions.
Our Vision
Close cooperation with end users, public bodies and other
operators of Critical Infrastructures
Strong synergies with industries providing technologies
Definition and validation of new comprehensive methodologies for
all the analyses to be undertaken to assess threats, vulnerabilities
and risks, that could be offered to Critical Infrastructures operators
and other end users
Interdependency issues needs a consolidated security culture and a
strong multidisciplinary approach
Combination with deep competences in the involved domains
Security Culture
SECURITY APPROACH
INFORMATION
SECURITY
SECURITY RISK
MANAGEMENT
TOOLS AND
FACILITIES
PHYSICAL
SECURITY
Interdependency issue
Interdependencies among Critical Infrastructures are complex and
need to be understood since disruptions in one infrastructure can
propagate into other infrastructures.
Interdependencies between infrastructures, in fact, imply that an
impact on one infrastructure is also an impact on one or more other
interconnected infrastructures.
Focus on impact analysis within a
“multidomain” approach
Our involvement in CIPS projects
Involvement in projects in different domains
Cross fertilization among the different involved areas and their relevant
approaches
Development of new harmonised methodologies and implementation of
supporting tools to propose to our customers
Transportation sector - EUMASS Project
The EUMASS objective was the delivery of a unified and flexible solution
for risk assessment methodology to be applied by all European Mass
Transit operators.
Main goal was to achieve an integrated process composed by the audit and
risk assessment methodologies supported by a software tool.
An audit method was prepared to translate empirical evaluations into
objective inputs for the risk analysis models and to monitor them during the
system lifecycle.
A semi-quantitative risk assessment methodology was developed to
continuously evaluate the risks associated to a system and to evaluate the
effectiveness of the implemented countermeasures.
A software tool was developed to support the user along the whole
process.
Tools for operators - COBALT Project
Main aim of the COBALT is to provide CI operators and owners with an instrument which will help in defining the risk their infrastructures are subject to.
COBALT aims at providing end-users with an instrument that will help them evaluating which countermeasures are the most effective to reduce the risks a CI is subject to, from an implementation and maintenance costs point of view.
Finally COBALT aims at developing and instrument to evaluate the CI security generating a report showing the evaluated risks and the countermeasures implemented.
Urban Security – MAPEX Project
To develop a probabilistic mapping damage methodology for the assessment,
analysis and optimization of the security level of urban critical infrastructure
against external blast effects
Simplified methodologies for analyzing 3D complex urban scenarios taking into
account urban layout, building characteristics and the existing interaction against
blast.
To harmonized the outputs of the tools according to the key agents (Structural
engineers/architects/urban authorities/Security staff).
D’Appolonia S.p.A.
Headquarters:
Via San Nazaro,19
16145 Genova – Italy
Tel. +39 010 3628148 Fax +39 010 3621078
E-mail: [email protected]
Web site http://www.dappolonia.it
Rome
Milan
Viareggio
Naples
Brindisi
Palermo
Brussels
Podgorica
Beijing
Seoul
Cairo
Istanbul
St. Petersburg
Abu Dhabi