Abstract
Critical infrastructure asset identification is a core component of the risk management process. Amidst growing concerns of terrorist and natural disaster threats to the critical infrastructure, it is imperative that public and private sector stakeholders understand exactly which assets are critical to national security in order to prioritize risk management efforts. Challenges to accomplishing this task are the difficulty in identifying exactly which assets are critical and comparing the risks to assets across the many critical infrastructure sectors. A proven method for critical infrastructure asset identification that meets these needs does not exist today. This chapter explores the critical infrastructure protection policy frameworks and requirements of the United States, European Union and other countries, and summarizes the key requirements and methodologies. The methodologies are analyzed against the outlined requirements. Based on this analysis, a new approach is presented for critical infrastructure asset identification and additional research using multi-criteria decision theory is proposed to resolve the challenges that have limited progress in this area.
Chapter PDF
Similar content being viewed by others
References
Anderson, D., Kelcher, P., Smith, P.: Towards an assessment tool for the strategic management of asset criticality, in Engineering Asset Management, J. Mathew, J. Kennedy, L. Ma, A. Tan and D. Anderson (Eds.), pp. 1232–1242 (2006)
Australian Government, Critical Infrastructure Reliance Strategy: Policy Statement. Barton, Australia (2015)
Bouchon, S.: The Vulnerability of Interdependent Critical Infrastructure Systems: Epistemological and Conceptual State-of-the-Art, EUR 22205 EN, Institute for the Protection and Security of the Citizen, European Commission Joint Research Centre, Ispra, Italy (2006)
CIPedia, CIPedia Main Page (2016). www.cipedia.eu
Dunning, D., Ross, Q., Merkhofer, M.: Multiattribute utility analysis for addressing Section 316(b) of the Clean Water Act, Environmental Science and Policy, vol.3(S1), 7–14 (2000)
European Commission, Commission Staff Working Document on the Reviewof the European Programme for Critical Infrastructure Protection(EPCIP), SWD(2012) 190 Final, Brussels, Belgium (2012)
European Council, Council Directive 2008/114/EC on the Identificationand Designation of European Critical Infrastructures and the Assessmentof the Need to Improve Their Protection, Brussels, Belgium (2008)
Giannopoulos, G., Filippini, R., Schimmer, M.: Risk AssessmentMethodologiesfor Critical Infrastructure Protection, Part 1: A State of the Art,JRC 70046, European Commission Joint Research Centre, Ispra, Italy (2012)
Government of Canada: National Strategy for Critical Infrastructure. Ottawa, Canada (2009)
Halim, M., Mohammed, A.: Identification of critical level of assets by using analytic hierarchy process for water assets management, International Journal of Technical Research and Applications, vol. 2(S1), pp. 54–58 (2014)
Kabir, G., Sadiq, R., Tesfamariam, S.: A review of multi-criteria decision-making methods for infrastructure management, Structure and Infrastructure Engineering: Maintenance, Management, Life-Cycle Design and Performance, vol. 10(9), pp. 1176–1210 (2014)
Mattioli, R., Levy-Bencheton, C.: Methodologies for the Identification of Critical Infrastructure Assets and Services. Guidelines for Charting Electronic Data Communication Networks, European Union Agency for Network and Information Security, Heraklion, Greece (2014)
Metzger, J.: The concept of critical infrastructure protection, in Business, Security: Public-Private Sector Relationships in a New Security Environment, A. Bailes and I. Frommelt (Eds.), Oxford University Press, NewYork, pp. 197–209 (2004)
Moteff, J.: Critical Infrastructure: The National Asset Database, CRS Report for Congress, RL33648, Congressional Research Service, Washington, DC (2007)
Moteff, J.: Critical Infrastructures: Background, Policy and Implementation, CRS Report for Congress, RL30153, Congressional Research Service, Washington, DC (2015)
Obama, B.: Presidential Policy Directive - Critical Infrastructure Security and Resilience, PPD-21, The White House, Washington, DC (2013)
Stergiopoulos, G., Kotzanikolaou, P., Theocharidou, M., Gritzalis, D.: Risk mitigation strategies for critical infrastructures based on graph centrality analysis, International Journal of Critical Infrastructure Protection, vol. 10, pp. 34–44 (2015)
U.S. Department of Defense, Defense Critical Infrastructure Protection: DoD Mission-Based Critical Asset Identification Process, Department of Defense Manual, No. 3020.45, vol. 1, Washington, DC (2008)
U.S. Department of Homeland Security, National Infrastructure Protection Plan: Partnering to Enhance Protection and Resiliency, Washington, DC,(2009)
U.S. Government, Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT) Act of 2001, Public Law 107–56, Washington, DC (2001)
U.S. Government, Homeland Security Act of 2002, Public Law 107–296, Washington, DC, (2002)
U.S. Government Accountability Office, Defense Critical Infrastructure:Actions Needed to Improve the Consistency, Reliability and Usefulness ofDoD’s Tier 1 Task Critical Asset List, GAO-09-740R, Washington, DC,(2009)
U.S. Government Accountability Office, Critical Infrastructure Protection:DHS List of Priority Assets Needs to Be Validated and Reportedto Congress, Report to Congressional Requesters, GAO-13-296, Washington,DC (2013)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 IFIP International Federation for Information Processing
About this paper
Cite this paper
Izuakor, C., White, R. (2016). Critical Infrastructure Asset Identification: Policy, Methodology and Gap Analysis. In: Rice, M., Shenoi, S. (eds) Critical Infrastructure Protection X. ICCIP 2016. IFIP Advances in Information and Communication Technology, vol 485. Springer, Cham. https://doi.org/10.1007/978-3-319-48737-3_2
Download citation
DOI: https://doi.org/10.1007/978-3-319-48737-3_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-48736-6
Online ISBN: 978-3-319-48737-3
eBook Packages: Computer ScienceComputer Science (R0)