Based on the information on critical infrastructure objects collected by the public agencies, the security relevant data is structurally prepared and imported in a developed data model in the course of the CERBERUS project. This enables to logically represent the interdependencies and cascading effects in an interdependency model. This interdependency model is further used to identify and assess cascading effects, applying new assessment methods based on mathematical models. Additionally, a risk type model tries to harmonize the subjective judgements of the risk managers resulting in a more objectify risk assessment. The gathered information is extended by resilience indicators deriving a statement on the robustness of specific critical infrastructures. These resilience indicators are summarized in a respective resilience model.
The described and derived information are summarized in a novel risk model. This model consistently holds static data about critical infrastructure objects as well as uses the dynamic data for simulations and analysis. Additionally, the risk model provides functionality to conflate the results of multiple critical infrastructure objects, realizing in a cross-sectoral representation of the risks. Therefore, the rather new technology of graph databases is connected with a state of the art risk platform. A software demonstrator verifies the basic feasibility of this approach.
This new perspective on critical infrastructure objects enables the public agencies a holistic view, in particular on the inherent interdependencies of the critical infrastructure objects. This gives the public agencies the possibility to effectively focus on new challenges and support the critical infrastructure operators. From a methodological point of view, the focus lies on the novel approaches towards modeling, the identification of interdependencies by analyzing specific interrelationships as well as the processing and representation of relevant data supported by graph databases.
An ulterior goal of this research project is the creation of new perspectives for the public agencies along their federal duty to establish an appropriate protection level for critical infrastructures. The application of novel theoretical models for the risk management of real-world critical infrastructure objects shall support the preservation of these infrastructure objects’ security. The project results can be exploited by the involved project partners and stakeholders and be transferred in their own organizational tasks.
Dipl.-Ing. Dr. Stefan Schauer
avedos business solutions GmbH
Bundesministerium für Inneres
Bundesministerium für Landesverteidigung und Sport
IFES Institut für empirische Sozialforschung GmbH
KontaktDipl.-Ing. Dr. Stefan Schauer
AIT Austrian Institute of Technology GmbH
Security & Communication Technologies
Center for Digital Safety & Security