Managing and reducing social vulnerabilities from coupled critical infrastructures
Critical infrastructures are the systems and facilities by which essential services are supplied, such as food, water, public health services, energy, transport, information and communication, and waste removal and disposal.
In 2005, IRGC began an examination of five critical infrastructures: electric power supply, gas supply, urban water supply and waste water treatment, rail transportation network and Information and Communication Technology System (ICT). They share a number of similarities regarding their complexity, organization, and operating strategies, as well as high levels of integration and interdependence.
In particular, IRGC explored four issues:
- What are the factors which have promoted and caused tighter integration and greater interdependency among critical infrastructures?
- What are the vulnerabilities and main drivers behind this tighter integration? What are the political and institutional short-comings?
- What technical, management and organisational strategies are needed to reduce social vulnerabilities to disruption of these systems?
- What policy options could be used to promote the adoption of such socially desirable technical, management and organisational strategies?
The project was led by Wolfgang Kröger and Granger Morgan on behalf of the Scientific and Technical Council (S&TC). Thoughout the project, IRGC enormously benefitted from contributions by staff at the Swiss Federal Institute of Technology (ETH) Zurich, the European Commission’s Joint Research Centre’s (EC JRC) Institute for the Protection and Security of the Citizen based in Ispra, Italy, Delft University of Technology, Ernst Basler and Partners, Zurich, as well as individual contributions by many S&TC members. We also thank staff at Oliver Wyman’s London office for their assistance in the drafting of the Policy Brief.
Critical Infrastructures – Policy Recommendations
IRGC’s general recommendations as a result of this project include:
• A legal mandate for specific system structures and capabilities, and independent monitoring of compliance with these requirements
• Provision of institutions, involving all relevant players, to supervise infrastructures
• Encouragement of methods that can lead to the growth of effective standards without the need for regulation
• Mandating of levels of investment in R&D that will help infrastructure providers address issues of security and reliability.
The IRGC risk governance framework was used to identify, assess and describe the management of risks related to critical infrastructure in the “Study on Risk Governance of European Critical Infrastructures in the ICT and Energy Sector”, prepared for the European Commission, Directorate-General Justice, Freedom and Security (2009), available here.