Critical Infrastructure Protection in Homeland Security

Covers critical infrastructure protection, providing a rigorous treatment of risk, resilience, complex adaptive systems, and sector dependence

Wide in scope, this classroom-tested book is the only one to emphasize a scientific approach to protecting the key infrastructures components of a nation. It analyzes the complex network of entities that make up a nation's infrastructure, and identifies vulnerabilities and risks in various sectors by combining network science, complexity theory, risk analysis, and modeling and simulation. This approach reduces the complex problem of protecting water supplies, energy pipelines, telecommunication stations, power grid, and Internet and Web networks to a much simpler problem of protecting a few critical nodes.

The new third edition of Critical Infrastructure Protection in Homeland Security: Defending a Networked Nation incorporates a broader selection of ideas and sectors than the previous book. Divided into three sections, the first part looks at the historical origins of homeland security and critical infrastructure, and emphasizes current policy. The second examines theory and foundations, highlighting risk and resilience in the context of complexity theory, network science, and the prevailing theories of catastrophe. The last part covers the individual sectors, including communications, internet, cyber threats, information technology, social networks, SCADA, water and water treatment, energy, and more.

• Covers theories of catastrophes, details of how sectors work, and how to deal with the problem of critical infrastructure protection's enormity and complexity

• Places great emphasis on computer security and whole-community response

• Includes PowerPoint slides for use by lecturers, as well as an instructor's guide with answers to exercises

• Offers five robust appendices that augment the non-mathematical chapters with more rigorous explanations and mathematics

Critical Infrastructure Protection in Homeland Security, Third Edition is an important book for upper-division undergraduates and first-year graduate students in political science, history, public administration, and computer technology. It will also be of great interest to professional security experts and policymakers.

Texte du rabat

COVERS CRITICAL INFRASTRUCTURE PROTECTION, PROVIDING A RIGOROUS TREATMENT OF RISK, RESILIENCE, COMPLEX ADAPTIVE SYSTEMS, AND SECTOR DEPENDENCE Wide in scope, this classroom-tested book is the only one to emphasize a scientific approach to protecting the key infrastructures components of a nation. It analyzes the complex network of entities that make up a nation's infrastructure, and identifies vulnerabilities and risks in various sectors by combining network science, complexity theory, risk analysis, and modeling and simulation. This approach reduces the complex problem of protecting water supplies, energy pipelines, telecommunication stations, power grid, and Internet and Web networks to a much simpler problem of protecting a few critical nodes. The new third edition of Critical Infrastructure Protection in Homeland Security: Defending a Networked Nation incorporates a broader selection of ideas and sectors than the previous book. Divided into three sections, the first part looks at the historical origins of homeland security and critical infrastructure, and emphasizes current policy. The second examines theory and foundations, highlighting risk and resilience in the context of complexity theory, network science, and the prevailing theories of catastrophe. The last part covers the individual sectors, including communications, internet, cyber threats, information technology, social networks, SCADA, water and water treatment, energy, and more. This important guide also reviews leadership standards within the organizational structure, warning signs of cultural degradation and remedies, as well as the importance of using diverse methods over time to assess culture. This vital resource:

• Covers theories of catastrophes, details of how sectors work, and how to deal with the problem of critical infrastructure protection's enormity and complexity
• Places great emphasis on computer security and whole-community response
• Includes PowerPoint slides for use by lecturers, as well as an instructor's guide with answers to exercises
• Offers five robust appendices that augment the non-mathematical chapters with more rigorous explanations and mathematics Critical Infrastructure Protection in Homeland Security, Third Edition is an important book for upper-division undergraduates and first-year graduate students in political science, history, public administration, and computer technology. It will also be of great interest to professional security experts and policymakers.

Contenu
Foreword By Sen. Mark Warner xv

Foreword By Prof. Andrew Odlyzko xxi

Preface xxxiii

How to Use this Book xxxvii

About the Companion Website xxxix

1 Origins of Critical Infrastructure Protection 1

1.1 Recognition 3

1.2 Natural Disaster Recovery 4

1.3 Definitional Phase 5

1.4 PublicPrivate Cooperation 8

1.5 Federalism: Whole of Government 8

1.6 Rise of the Framework 10

1.7 Implementing a Risk Strategy 12

1.7.1 RiskInformed DecisionMaking 13

1.7.2 ResilienceInformed DecisionMaking 14

1.7.3 Prevention or Response? 15

1.8 Analysis 16

1.8.1 The PublicPrivate Partnership (PPP) Conundrum 17

1.8.2 The Information Sharing Conundrum 17

1.8.3 Climate Change Conundrum 17

1.8.4 The Funding Conundrum 17

1.8.5 Spend 80% on 20% of the Country 18

1.9 Exercises 18

1.10 Discussions 19

References 20

2 Risk Strategies 21

2.1 Expected Utility Theory 23

2.1.1 ThreatAsset Pairs 24

2.2 PRA and Fault Trees 24

2.2.1 An Example: Your Car 26

2.3 MRBA and Resource Allocation 26

2.3.1 Another Example: Redundant Power 27

2.4 Cyber Kill Chains are Fault Trees 28

2.5 PRA in the Supply Chain 29

2.6 Protection Versus Response 30

2.7 Threat is an Output 32

2.8 Bayesian Belief Networks 33

2.8.1 A Bayesian Network for Threat 33

2.8.2 Predictive Analytics 34

2.9 Risk of a Natural Disaster 35

2.9.1 Exceedence 35

2.9.2 EP vs. PML Risk 35

2.10 Earthquakes 36

2.11 Black Swans and Risk 36

2.12 Black Swan Floods 37

2.13 Are Natural Disasters Getting Worse? 38

2.14 Black Swan Al Qaeda Attacks 38

2.15 Black Swan Pandemic 39

2.16 Risk and Resilience 41

2.17 Exercises 42

2.18 Discussions 43

References 43

3 Theories of Catastrophe 44

3.1 Normal Accident Theory (NAT) 45

3.2 Blocks and Springs 46

3.3 Bak's Punctuated Equilibrium Theory 48

3.4 Tragedy of the Commons (TOC) 51

3.4.1 The State Space Diagram 52

3.5 The US Electric Power Grid 52

3.6 Paradox of Enrichment (POE) 55

3.6.1 The Great Recessions 56

3.6.2 Too Much Money 56

3.7 Competitive Exclusion Principle (CEP) 57

3.7.1 Gause's Law 58

3.7.2 The SelfOrganizing Internet 58

3.7.3 A Monoculture 59

3.8 Paradox of Redundancy (POR) 59

3.9 Resilience of Complex Infrastructure Systems 60

3.9.1 Expected Utility and Risk 60

3.9.2 Countering SOC 60

3.9.3 The TOC Test 61

3.9.4 POE and Nonlinearity 61

3.9.5 CEP and Loss of Redundancy 61

3.9.6 POR and Percolation 62

3.10 Emergence 62

3.10.1 Opposing Forces in Emergent CIKR 62

3.11 Exercises 63

3.12 Discussions 64

References 64

4 Complex CIKR Systems 66

4.1 CIKR as Networks 69

4.1.1 Emergence 72

4.1.2 Classes of CIKR Networks 74

4.1.3 SelfOrganized Networks 75

4.2 Cascading CIKR Systems 76

4.2.1 The Fundamental Resilience Line 80

4.2.2 Critical Factors and Cascades 81

4.2.3 Targeted Attacks 82

4.3 Network Flow Risk and Resilience 85

4.3.1 Braess's Paradox 86

4.3.2 Flow Network Resilience 87

4.4 Paradox of Redundancy 88

4.4.1 Link Percol…