- Email: [email protected]
Engineering sustainable critical infrastructures
international journal of critical infrastructure protection ] (] ] ]]) ] ] ]–] ]]
Available online at www.sciencedirect.com
www.elsevier.com/locate/ijcip
Engineering sustainable critical infrastructures Daniel J. Ryan Esq. Attorney at Law, Box 1466, Pasadena, MD 21123-1466, USA
Critical infrastructure protection requires the practical application of systems engineering and engineering management at massive scales and levels of complexity. The challenge of interconnected systems within vastly different infrastructures complicates the problem tremendously. President Bill Clinton's Executive Order 13010 of July 15, 1996 defined the critical infrastructure as “the framework of interdependent networks and systems comprising identifiable industries, institutions (including people and procedures), and distribution capabilities that provide a reliable flow of goods and services essential to the defense and economic security of the United States, the smooth functioning of government at all levels, and society as a whole.” The USA PATRIOT Act of October 26, 2001 stated that the U.S. critical infrastructure comprises “systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.” If critical infrastructures fail, the consequences would be enormous in scale, potentially affecting world climate, the global economy, and the economic and national security of nations. This is not just dystopian musing. There are, in fact, infrastructures whose collapse can have profoundly deleterious effects for an economy, a government and a way of life. We have already had a taste of what could happen. One example is the catastrophic failure of the power grid in the northeastern United States and Canada on August 14, 2003. Another is the impact of the August 2016 bankruptcy of Hanjin Shipping Company on the global supply chain. These experiences were trivial in light of what could occur. Areas of concern include the electric power infrastructure, transportation infrastructure, food and water infrastructures, financial infrastructure, and information and telecomm-
unications infrastructure. These and other critical infrastructures are not necessarily physically and logically separate systems with limited interdependence. Rather, their interdependencies are real and significant, serving to spread the destruction attendant upon the collapse of one critical infrastructure across the panoply of interconnected infrastructures on which modern society depends. Even if the failure of one infrastructure were survivable, the added pressures on the other infrastructures would create cascading effects that amplify the destruction and its consequences. If critical infrastructures are to satisfy the ever-increasing demands for the goods and services they provide, they must be failureresistant and sustainable despite their interdependencies with other fragile infrastructures. In its 1987 report titled Our Common Future, the Bruntland Commission defined “sustainable engineering” as engineering for human development that meets the needs of the present without compromising the ability of future generations to meet their own needs. Sustainable engineering thus requires the creation of infrastructures and their components that use processes that are non-polluting, conserve energy and natural resources, are economically sound, that can be depended on for the safety of employees, communities and consumers, and that preserve the economic and national security of a country. Sustainability is an essential part of the design, development, implementation, operation and maintenance of critical infrastructures. Sustainability assures that infrastructure operations do not create conditions that would negatively impact future operations by, for example, exhausting the resources on which their operations depend or degrading the environment in which they operate to a point that inhibits future operations. For critical infrastructures, the scale of operations and the time scale on which effects are created must be considered; typically, these greatly exceed those of
E-mail address: [email protected] http://dx.doi.org/10.1016/j.ijcip.2016.11.003 1874-5482/& 2016 Elsevier B.V. All rights reserved.
Please cite this article as: D.J. Ryan, Engineering sustainable critical infrastructures, International Journal of Critical Infrastructure Protection (2016), http://dx.doi.org/10.1016/j.ijcip.2016.11.003
2
international journal of critical infrastructure protection ] (] ] ] ]) ] ] ] –] ] ]
ordinary engineering projects. Understanding the relationships between the opposing characteristics – sustainable critical infrastructures and fragile critical infrastructures subject to cascading effects – is fundamentally a systems engineering problem. Sound engineering management is essential if catastrophic collapses and cascading effects are to be avoided and sustainability is to be enhanced. Given the reality of critical infrastructures, several questions arise that can be used to create a research agenda. How do integrated infrastructures develop? When do they become critical? What are the enabling technologies? What are the public and private sector roles in their evolution and governance? How does each critical infrastructure interact with and depend on other infrastructures, especially the information and telecommunications infrastructure? What policy or engineering management issues are presented by critical infrastructures and their interdependencies? How are sustainability and fragility to be measured across critical infrastructures? What are the engineering processes and engineering management approaches that foster sustainability in critical infrastructures? Informative historical examples range from the complete collapse of the Rapa Nui civilization of Easter Island in the mid-1800s as a result of population pressures on nonsustainable “natural critical infrastructures” to Hurricane Katrina of 2005 that demonstrated the disastrous interactions between a natural disaster and engineering failures of human-made infrastructures. Currently, the global financial crisis and the refugee flow within and out of the Middle East are each providing new understandings of the scope and tempo of crises and the fragility of interdependent critical infrastructures. Positive examples include Iceland and the Dominican Republic, each of which managed to avoid a collapse despite pressures on their critical infrastructures. The oil industry, mining industry, logging industry and seafood industry all offer important lessons. SCADA-based infrastructures are providing useful data and examples of the successes and failures of critical infrastructure protection and sustainable engineering. Research must also take into account the fact that the pressures on critical infrastructures may be deliberate. In April-May 2007, the Government of Estonia and Estonia's private sector, especially its banking system, came under distributed-denial-of-service attacks widely believed to be of Russian origin. The attacks resulted in the loss of services and direct economic effects. Estonia is a highly connected society, with widespread Internet access and a government policy of providing online services. The overload of web
servers and network devices seriously impaired businesses and government institutions. Although the effects were not long-lasting, they served as a wake-up call about the vulnerability of the critical information and telecommunications infrastructure to deliberate degradation by technicallysophisticated adversaries. The message has not been lost on criminals, terrorists and governments. According to the U.S. Director of National Intelligence, the Chinese People's Liberation Army has hacked American companies, resulting in the indictment of five Chinese officers; and an Iranian organization has targeted critical infrastructure networks. The North Korean government is believed to have engaged in information operations against private sector targets in support of economic and foreign policy objectives. And, just before the 2016 U.S. general election, the Russians were suspected to be behind intrusions into Democratic National Committee computer systems, and operations against presidential candidates Clinton and Trump, political action committees and even voting registration systems. In 2009, recognizing the strategic need for cyber operations and defenses, the United States created Cyber Command (USCYBERCOM) subordinate to the U.S. Strategic Command. More than twenty countries now have cyber units within their armed forces. Critical infrastructures are natural targets for these cyber units. Minimizing the risk of critical infrastructure collapse, mitigating the impact and facilitating recovery after natural and human-initiated incidents constitute the mother of all systems engineering problems. The challenges are enormous, but addressing them are essential to avoid the economic dislocation and societal implications of critical infrastructure degradation and destruction. It is imperative to do all we can to escape the sad fate of the Rapa Nui.
Daniel J. Ryan is an attorney in private practice. He has served as a professor at the National Defense University in Washington, DC and as Corporate VicePresident at SAIC in McLean, Virginia. In the public sector, Mr. Ryan served as Executive Assistant to the Director of Central Intelligence and as Director of Information Security at the U.S. Department of Defense. Mr. Ryan holds advanced degrees in mathematics, business and law, and is certified as a cryptologic mathematician, data systems analyst and cyber forensics professional.
Please cite this article as: D.J. Ryan, Engineering sustainable critical infrastructures, International Journal of Critical Infrastructure Protection (2016), http://dx.doi.org/10.1016/j.ijcip.2016.11.003
Available online at www.sciencedirect.com
www.elsevier.com/locate/ijcip
Engineering sustainable critical infrastructures Daniel J. Ryan Esq. Attorney at Law, Box 1466, Pasadena, MD 21123-1466, USA
Critical infrastructure protection requires the practical application of systems engineering and engineering management at massive scales and levels of complexity. The challenge of interconnected systems within vastly different infrastructures complicates the problem tremendously. President Bill Clinton's Executive Order 13010 of July 15, 1996 defined the critical infrastructure as “the framework of interdependent networks and systems comprising identifiable industries, institutions (including people and procedures), and distribution capabilities that provide a reliable flow of goods and services essential to the defense and economic security of the United States, the smooth functioning of government at all levels, and society as a whole.” The USA PATRIOT Act of October 26, 2001 stated that the U.S. critical infrastructure comprises “systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.” If critical infrastructures fail, the consequences would be enormous in scale, potentially affecting world climate, the global economy, and the economic and national security of nations. This is not just dystopian musing. There are, in fact, infrastructures whose collapse can have profoundly deleterious effects for an economy, a government and a way of life. We have already had a taste of what could happen. One example is the catastrophic failure of the power grid in the northeastern United States and Canada on August 14, 2003. Another is the impact of the August 2016 bankruptcy of Hanjin Shipping Company on the global supply chain. These experiences were trivial in light of what could occur. Areas of concern include the electric power infrastructure, transportation infrastructure, food and water infrastructures, financial infrastructure, and information and telecomm-
unications infrastructure. These and other critical infrastructures are not necessarily physically and logically separate systems with limited interdependence. Rather, their interdependencies are real and significant, serving to spread the destruction attendant upon the collapse of one critical infrastructure across the panoply of interconnected infrastructures on which modern society depends. Even if the failure of one infrastructure were survivable, the added pressures on the other infrastructures would create cascading effects that amplify the destruction and its consequences. If critical infrastructures are to satisfy the ever-increasing demands for the goods and services they provide, they must be failureresistant and sustainable despite their interdependencies with other fragile infrastructures. In its 1987 report titled Our Common Future, the Bruntland Commission defined “sustainable engineering” as engineering for human development that meets the needs of the present without compromising the ability of future generations to meet their own needs. Sustainable engineering thus requires the creation of infrastructures and their components that use processes that are non-polluting, conserve energy and natural resources, are economically sound, that can be depended on for the safety of employees, communities and consumers, and that preserve the economic and national security of a country. Sustainability is an essential part of the design, development, implementation, operation and maintenance of critical infrastructures. Sustainability assures that infrastructure operations do not create conditions that would negatively impact future operations by, for example, exhausting the resources on which their operations depend or degrading the environment in which they operate to a point that inhibits future operations. For critical infrastructures, the scale of operations and the time scale on which effects are created must be considered; typically, these greatly exceed those of
E-mail address: [email protected] http://dx.doi.org/10.1016/j.ijcip.2016.11.003 1874-5482/& 2016 Elsevier B.V. All rights reserved.
Please cite this article as: D.J. Ryan, Engineering sustainable critical infrastructures, International Journal of Critical Infrastructure Protection (2016), http://dx.doi.org/10.1016/j.ijcip.2016.11.003
2
international journal of critical infrastructure protection ] (] ] ] ]) ] ] ] –] ] ]
ordinary engineering projects. Understanding the relationships between the opposing characteristics – sustainable critical infrastructures and fragile critical infrastructures subject to cascading effects – is fundamentally a systems engineering problem. Sound engineering management is essential if catastrophic collapses and cascading effects are to be avoided and sustainability is to be enhanced. Given the reality of critical infrastructures, several questions arise that can be used to create a research agenda. How do integrated infrastructures develop? When do they become critical? What are the enabling technologies? What are the public and private sector roles in their evolution and governance? How does each critical infrastructure interact with and depend on other infrastructures, especially the information and telecommunications infrastructure? What policy or engineering management issues are presented by critical infrastructures and their interdependencies? How are sustainability and fragility to be measured across critical infrastructures? What are the engineering processes and engineering management approaches that foster sustainability in critical infrastructures? Informative historical examples range from the complete collapse of the Rapa Nui civilization of Easter Island in the mid-1800s as a result of population pressures on nonsustainable “natural critical infrastructures” to Hurricane Katrina of 2005 that demonstrated the disastrous interactions between a natural disaster and engineering failures of human-made infrastructures. Currently, the global financial crisis and the refugee flow within and out of the Middle East are each providing new understandings of the scope and tempo of crises and the fragility of interdependent critical infrastructures. Positive examples include Iceland and the Dominican Republic, each of which managed to avoid a collapse despite pressures on their critical infrastructures. The oil industry, mining industry, logging industry and seafood industry all offer important lessons. SCADA-based infrastructures are providing useful data and examples of the successes and failures of critical infrastructure protection and sustainable engineering. Research must also take into account the fact that the pressures on critical infrastructures may be deliberate. In April-May 2007, the Government of Estonia and Estonia's private sector, especially its banking system, came under distributed-denial-of-service attacks widely believed to be of Russian origin. The attacks resulted in the loss of services and direct economic effects. Estonia is a highly connected society, with widespread Internet access and a government policy of providing online services. The overload of web
servers and network devices seriously impaired businesses and government institutions. Although the effects were not long-lasting, they served as a wake-up call about the vulnerability of the critical information and telecommunications infrastructure to deliberate degradation by technicallysophisticated adversaries. The message has not been lost on criminals, terrorists and governments. According to the U.S. Director of National Intelligence, the Chinese People's Liberation Army has hacked American companies, resulting in the indictment of five Chinese officers; and an Iranian organization has targeted critical infrastructure networks. The North Korean government is believed to have engaged in information operations against private sector targets in support of economic and foreign policy objectives. And, just before the 2016 U.S. general election, the Russians were suspected to be behind intrusions into Democratic National Committee computer systems, and operations against presidential candidates Clinton and Trump, political action committees and even voting registration systems. In 2009, recognizing the strategic need for cyber operations and defenses, the United States created Cyber Command (USCYBERCOM) subordinate to the U.S. Strategic Command. More than twenty countries now have cyber units within their armed forces. Critical infrastructures are natural targets for these cyber units. Minimizing the risk of critical infrastructure collapse, mitigating the impact and facilitating recovery after natural and human-initiated incidents constitute the mother of all systems engineering problems. The challenges are enormous, but addressing them are essential to avoid the economic dislocation and societal implications of critical infrastructure degradation and destruction. It is imperative to do all we can to escape the sad fate of the Rapa Nui.
Daniel J. Ryan is an attorney in private practice. He has served as a professor at the National Defense University in Washington, DC and as Corporate VicePresident at SAIC in McLean, Virginia. In the public sector, Mr. Ryan served as Executive Assistant to the Director of Central Intelligence and as Director of Information Security at the U.S. Department of Defense. Mr. Ryan holds advanced degrees in mathematics, business and law, and is certified as a cryptologic mathematician, data systems analyst and cyber forensics professional.
Please cite this article as: D.J. Ryan, Engineering sustainable critical infrastructures, International Journal of Critical Infrastructure Protection (2016), http://dx.doi.org/10.1016/j.ijcip.2016.11.003