1 / 14

Risk assessment based on interdependencies

Explore risk assessment methods based on interconnections of technical infrastructures, basic services, and external threats. Understand the importance of identifying and managing complex interdependencies to enhance the security of supply chains and critical functions. Published in Finnish by Hannu Sivonen.

oral
Télécharger la présentation

Risk assessment based on interdependencies

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Risk assessment based on interdependencies Helsinki, Finland Hannu Sivonen, Senior Researcher MANMADE Castellanza 28-29 June 2007 Hannu Sivonen

  2. National Emergency Supply Agency (NESA) • Fund, independent of the state budget • Public Private Partnership coordinator (23 branches, 800 experts) • Government defines objectives for security of supply • NESA finances security of supply when not provided by the market mechanism • Focus areas: • Critical technical infrastructure • Food supply • Energy supply • Logistics • Critical medical substances and supplies • Defence related industries • NESA balance is 1000 million € Hannu Sivonen

  3. Risk assessment based on interdependencies • A method for assessing the risk caused by interdependencies between technical infrastructures, basic services, and threats • Linear mathematical model similar to that used by Google • Simplifying assumptions • Complex interdependencies and accumulating effects and risks handled • Information system failures and weather conditions are major risks in Finland • Published in Finnish • Yhteiskunnan huoltovarmuuden kannalta keskeisten toimintojen riskiarviointi • http://www.huoltovarmuus.fi/julkaisut/esittely/?id=72 Hannu Sivonen

  4. Finnish government decision 305/2002 • Technical infrastructures (14) • energy supply • communications • information systems • Basic services and supplies (29) • food supply • transport logistics • mass media • health care • financial services Hannu Sivonen

  5. Threats from outside the infrastructure and services (17) • economic threats • threats to information systems • crisis in international logistics • weather phenomena • structural damage • strikes • environment and health threats • national security threats Hannu Sivonen

  6. Interdependencies • = reasons • for failures recurrent (ratio 1) expected (ratio 0.1) rare (ratio 0.01) theoretical (ratio 0.001) nonexistent Hannu Sivonen

  7. Input: Interdependencies (sample) Hannu Sivonen

  8. recurrent (< 1 year) expected (1-10 years) rare (10-100 years) theoretical (>100 years) nonexistent Mean time between failures Hannu Sivonen

  9. Input: Duration and mean time between failures Hannu Sivonen

  10. Output: Relative risks pertinent to inter-dependent infrastructures Hannu Sivonen

  11. Output: Relative risks pertinent to outside threats Hannu Sivonen

  12. Relative component risks in food logistics *) operator = processing plant + logistics operator Hannu Sivonen

  13. The model applied to criticality of ICT functions • 72 functions, 6 scenarios (3x2): • Duration of failure • short term (hours) • medium term (days) • long term (months) • Dependency type • cause of failure to others • obstacle to recovery of others • No assessment for MTB, just interdependencies = potential effect, criticality Hannu Sivonen

  14. Top ten critical functions from 6 scenarios Hannu Sivonen

More Related