DRS-14-2015 - Critical Infrastructure Protection topic 3: Critical Infrastructure resilience indicator - analysis and development of methods for assessing resilience
A better understanding of critical infrastructure architecture is necessary for defining measures to achieve a better resilience against threats in an integrated manner including natural and human threats/events (e.g. due to human errors or terrorist/criminal attacks).
A holistic approach to the resilience of critical infrastructure should be followed, addressing a broad variety of issues including: human factors (i.e. safety issues radicalization), security, geo-politics, sociology, economy, etc. and increased vulnerability due to changing threats.
Critical Infrastructure resilience is the ability to reduce the impact of disruptive events and the recovery time. The analysis of resilience should therefore not only focus on potential threats caused by attacks or accidents (human error or terrorist/criminal attacks), but also on the expected developments in these areas and the impacts and potential challenges of new technologies. Proposals should also address the need for a paradigm shift in the area of design for safety and resilience.
The proposal shall demonstrate that a set of common and thoroughly validated indicators, including economic indicators, could be applied to critical infrastructures in order to assess its level of “resilience”, moreover a scale approach of “resilience” level should be proposed across critical infrastructures (energy grids, transportation, government, nuclear research infrastructures, water, etc.). The developed methodology shall be based on at least four types of critical infrastructure as test cases. Specific models and modeling approaches will be proposed and developed that facilitates the understanding and modeling of security risks and the related impact. Moreover, security metrics and indicators will be proposed that could be used in the developed models to quantify to the possible extent the considered risk and impact as well as give guidance to the possible mitigation techniques – approaches.
New methods and solutions of assessing resilience based upon comprehensive threat, criticality, and vulnerability assessments are of outmost importance. Proposals should follow a uniformed, comprehensive, and holistic approach at all levels (e.g. EU, country, local) including private organizations charged with protecting citizens, facilities, and infrastructure in order to anticipate current and emerging threats and security challenges.
Integrated concepts of resilience in interconnected infrastructures and cascading effects that have a devastating impact on the functioning of society should also be included.
The Commission considers that proposals requesting a contribution from the EU of between €3m and €5m would allow this specific challenge to be addressed appropriately (similar to the FP7 Capability Projects described in the general introduction). Nonetheless, this does not preclude submission and selection of proposals requesting other amounts.
Better risk assessment of different areas of critical infrastructures (energy grid, water supply, transport, communication, etc.) by taking into account interdependencies. More effective and comprehensive methodology using uniform and consistent data from known Critical Infrastructure Protection threats in an integrated manner to develop a resilience level based on summations of various “indicators” (technical and non-technical, i.e. human factors).
The action is expected to proactively target the needs and requirements of public bodies.
The outcome of the proposal is expected to lead to development up to Technology Readiness Level (TRL) 4; please see part G of the General Annexes.
Type of action: Research & Innovation Actions