Strategies for embedding agile decision making in aviation infrastructure

As highlighted by previous work in Normal Accident Theory1 and High Reliability Organisations, 2 the ability of a system to be flexible is of critical importance to its capability to prepare for, respond to, and recover from disturbance and disasters. This paper proposes that the research into ‘edge organisations’3 and ‘agility’4 is a potential means to operationalise components that embed high reliable traits in the management and oversight of critical infrastructure systems. Much prior work has focused on these concepts in a military frame whereas the study reported on here examines the application of these concepts to aviation infrastructure, specifically, a commercial international airport. As a commercial entity functions in a distinct manner from a military organisation this study aims to better understand the complementary and contradictory components of the application of agility work to a commercial context. Findings highlight the challenges of making commercial operators of infrastructure systems agile as well as embedding traits of High Reliability in such complex infrastructure settings.

Crisis response planning in tunnel and road networks

Critical road infrastructure (such as tunnels and overpasses) is of major significance to society and constitutes major components of interdependent, ‘systems and networks’. Failure in critical components of these wide area infrastructure systems can often result in cascading disturbances with secondary and tertiary impacts - some of which may become initiating sources of failure in their own right, triggering further systems failures across wider networks. Perrow1) considered the impact of our increasing use of technology in high-risk fields, analysing the implications on everyday life and argued that designers of these types of infrastructure systems cannot predict every possible failure scenario nor create perfect contingency plans for operators. Challenges exist for transport system operators in the conceptualisation and implementation of response and subsequent recovery planning for significant events. Disturbances can vary from reduced traffic flow causing traffic congestion throughout the local road network(s) and subsequent possible loss of income to businesses and industry to a major incident causing loss of life or complete loss of an asset. Many organisations and institutions, despite increasing recognition of the effects of crisis events, are not adequately prepared to manage crises2). It is argued that operators of land transport infrastructure are in a similar category of readiness given the recent instances of failures in road tunnels. These unexpected infrastructure failures, and their ultimately identified causes, suggest there is significant room for improvement. As a result, risk profiles for road transport systems are often complex due to the human behaviours and the inter-mix of technical and organisational components and the managerial coverage needed for the socio-technical components and the physical infrastructure. In this sense, the span of managerial oversight may require new approaches to asset management that combines the notion of risk and continuity management. This paper examines challenges in the planning of response and recovery practices of owner/operators of transport systems (above and below ground) in Australia covering: • Ageing or established infrastructure; and • New-build infrastructure. With reference to relevant international contexts this paper seeks to suggest options for enhancing the planning and practice for crisis response in these transport networks and as a result support the resilience of Critical Infrastructure.

Cyber security of networked critical infrastructures [Guest Editorial]

A new era of cyber warfare has appeared on the horizon with the discovery and detection of Stuxnet. Allegedly planned, designed, and created by the United States and Israel, Stuxnet is considered the first known cyber weapon to attack an adversary state. Stuxnet's discovery put a lot of attention on the outdated and obsolete security of critical infrastructure. It became very apparent that electronic devices that are used to control and operate critical infrastructure like programmable logic controllers (PLCs) or supervisory control and data acquisition (SCADA) systems lack very basic security and protection measures. Part of that is due to the fact that when these devices were designed, the idea of exposing them to the Internet was not in mind. However, now with this exposure, these devices and systems are considered easy prey to adversaries.

Resilience of water supply systems in meeting the challenges posed by climate change and population growth

This research project provides a scientifically robust approach for assessing the resilience of water supply systems, which are critical infrastructure, to impacts of climate change and population growth. An approach for the identification of trigger points that allows timely and appropriate management actions to be taken to avoid catastrophic system failure is an important outcome of this project. In the current absence of a formal method to evaluate the resilience of a water supply system, the approach developed in this study was based on the characterisation of resilience of a water supply system to a range of surrogate measures. Accordingly, a set of indicators are proposed to evaluate system behaviour and logistic regression analysis was used to assess system behaviour under predicted rainfall, storage and demand conditions.

SKMA - A Key Management Architecture for SCADA Systems

Supervisory Control And Data Acquisition (SCADA) systems are widely used in the management of critical infrastructure such as electricity and water distrubution systems. Currently there is little understanding of how to best protect SCADA systems from malicious attacks. We review the constraints and requirements for SCADA security and propose a suitable architecture (SKMA) for secure SCADA communications. The architecture includes a proposed key management protocol (SKMP). We compare the architecture with a previous proposal from Sandia Labs.

Trajectories of broadband : the coming, going and return of broadband

As the paper’s subtitle suggests broadband has had a remarkably checkered trajectory in Australia. It was synonymous with the early 1990s information superhighway and seemed to presage a moment in which “content is [to be] king”. It disappeared almost entirely as a public priority in the mid to late 1990s as intrastructure and content were disconnected in services frameworks focused on information and communication technologies. And it came back in the 2000s as a critical infrastructure for innovation and the knowledge economy. But this time content was not king but rather an intermediate input at the service of innovating industries and processes. Broadband was a critical infrastructure for the digitally-based creative industries. Today the quality of the broadband infrastructure in Australia—itself an outcome of these different policy frameworks—is identified as “fraudband” holding back business, creativity and consumer uptake. In this paper I use the checkered trajectory of broadband on Australian political and policy horizons as a stepping off point to reflect on the ideas governing these changing governmental and public settings. This history enables me to explore how content and infrastructure are simultaneously connected and disconnected in our thinking. And, finally, I want to make some remarks about the way communication, particularly media communication, has been marginally positioned after being, initially so apparently central.

Information sharing in the 21st century : progress and challenges

With the increasing threat of cyber and other attacks on critical infrastructure, governments throughout the world have been organizing industry to share information on possible threats. In Australia the Office of the Attorney General has formed Trusted Information Sharing Networks (TISN) for the various critical industries such as banking and electricity. Currently the majority of information for a TISN is shared at physical meetings. To meet cyber threats there are clearly limitations to physical meetings. Many of these limitations can be overcome by the creation of a virtual information sharing network (VISN). However there are many challenges to overcome in the design of a VISN both from a policy and technical viewpoint. We shall discuss some of these challenges in this talk.

A distributed denial of service testbed

The Denial of Service Testing Framework (dosTF) being developed as part of the joint India-Australia research project for ‘Protecting Critical Infrastructure from Denial of Service Attacks’ allows for the construction, monitoring and management of emulated Distributed Denial of Service attacks using modest hardware resources. The purpose of the testbed is to study the effectiveness of different DDoS mitigation strategies and to allow for the testing of defense appliances. Experiments are saved and edited in XML as abstract descriptions of an attack/defense strategy that is only mapped to real resources at run-time. It also provides a web-application portal interface that can start, stop and monitor an attack remotely. Rather than monitoring a service under attack indirectly, by observing traffic and general system parameters, monitoring of the target application is performed directly in real time via a customised SNMP agent.

Smart Grid Test Bed Design and Implementation

Given there is currently a migration trend from traditional electrical supervisory control and data acquisition (SCADA) systems towards a smart grid based approach to critical infrastructure management. This project provides an evaluation of existing and proposed implementations for both traditional electrical SCADA and smart grid based architectures, and proposals a set of reference requirements which test bed implementations should implement. A high-level design for smart grid test beds is proposed and initial implementation performed, based on the proposed design, using open source and freely available software tools. The project examines the move towards smart grid based critical infrastructure management and illustrates the increased security requirements. The implemented test bed provides a basic framework for testing network requirements in a smart grid environment, as well as a platform for further research and development. Particularly to develop, implement and test network security related disturbances such as intrusion detection and network forensics. The project undertaken proposes and develops an architecture of the emulation of some smart grid functionality. The Common Open Research Emulator (CORE) platform was used to emulate the communication network of the smart grid. Specifically CORE was used to virtualise and emulate the TCP/IP networking stack. This is intended to be used for further evaluation and analysis, for example the analysis of application protocol messages, etc. As a proof of concept, software libraries were designed, developed and documented to enable and support the design and development of further smart grid emulated components, such as reclosers, switches, smart meters, etc. As part of the testing and evaluation a Modbus based smart meter emulator was developed to provide basic functionality of a smart meter. Further code was developed to send Modbus request messages to the emulated smart meter and receive Modbus responses from it. Although the functionality of the emulated components were limited, it does provide a starting point for further research and development. The design is extensible to enable the design and implementation of additional SCADA protocols. The project also defines an evaluation criteria for the evaluation of the implemented test bed, and experiments are designed to evaluate the test bed according to the defined criteria. The results of the experiments are collated and presented, and conclusions drawn from the results to facilitate discussion on the test bed implementation. The discussion undertaken also present possible future work.

Teaching and Learning in Maritime Security: A Literature Review

With the rise in attacks and attempted attacks on marine‐based critical infrastructure, maritime security is an issue of increasing importance worldwide. However, there are three significant shortfalls in the efforts to overcome potential threats to maritime security: the need for greater understanding of whether current standards of best practice are truly successful in combating and reducing the risks of terrorism and other security issues, the absence of a collective maritime security best practice framework and the need for improved access to maritime security specific graduate and postgraduate (long) courses. This paper presents an overview of existing international, regional national standards of best practice and shows that literature concerning the measurement and/ or success of standards is virtually non‐existent. In addition, despite the importance of maritime workers to ensuring the safety of marine based critical infrastructure, a similar review of available Australian education courses shows a considerable lack of availability of maritime security‐specific courses other than short courses that cover only basic security matters. We argue that the absence of an Australian best practice framework informed by evaluation of current policy responses – particularly in the post 9/11 environment – leaves Australia vulnerable to maritime security threats. As this paper shows, the reality is that despite the security measures put in place post 9/11, there is still considerable work to be done to ensure Australia is equipped to overcome the threats posed to maritime security.

Modelling resilience in a water supply system : contrasting conditions of drought and flood

This paper presents an approach to modelling the resilience of a generic (potable) water supply system. The system is contextualized as a meta-system consisting of three subsystems to represent the natural catchment, the water treatment plant and the water distribution infrastructure for urban use. An abstract mathematical model of the meta-system is disaggregated progressively to form a cascade of equations forming a relational matrix of models. This allows the investigation of commonly implicit relationships between various operational components within the meta system, the in-depth understanding of specific system components and influential factors and the incorporation of explicit disturbances to explore system behaviour. Consequently, this will facilitate long-term decision making to achieve sustainable solutions for issues such as, meeting a growing demand or managing supply-side influences in the meta-system under diverse water availability regimes. This approach is based on the hypothesis that the means to achieve resilient supply of water may be better managed by modelling the effects of changes at specific levels that have a direct or in some cases indirect impact on higher-order outcomes. Additionally, the proposed strategy allows the definition of approaches to combine disparate data sets to synthesise previously missing or incomplete higher-order information, a scientifically robust means to define and carry out meta-analyses using knowledge from diverse yet relatable disciplines relevant to different levels of the system and for enhancing the understanding of dependencies and inter-dependencies of variable factors at various levels across the meta-system. The proposed concept introduces an approach for modelling a complex infrastructure system as a meta system which consists of a combination of bio-ecological, technical and socio-technical subsystems.

Physical access control administration using building information models

Physical access control systems play a central role in the protection of critical infrastructures, where both the provision of timely access and preserving the security of sensitive areas are paramount. In this paper we discuss the shortcomings of existing approaches to the administration of physical access control in complex environments. At the heart of the problem is the current dependency on human administrators to reason about the implications of the provision or the revocation of staff access to an area within these facilities. We demonstrate how utilising Building Information Models (BIMs) and the capabilities they provide, including 3D representation of a facility and path-finding can reduce possible intentional or accidental errors made by security administrators.

A proposed Australian industrial control system security curriculum

The security of industrial control systems in critical infrastructure is a concern for the Australian government and other nations. There is a need to provide local Australian training and education for both control system engineers and information technology professionals. This paper proposes a postgraduate curriculum of four courses to provide knowledge and skills to protect critical infrastructure industrial control systems. Our curriculum is unique in that it provides security awareness but also the advanced skills required for security specialists in this area. We are aware that in the Australian context there is a cultural gap between the thinking of control system engineers who are responsible for maintaining and designing critical infrastructure and information technology professionals who are responsible for protecting these systems from cyber attacks. Our curriculum aims to bridge this gap by providing theoretical and practical exercises that will raise the awareness and preparedness of both groups of professionals.