MetaRisk - Meta Risk Model for Critical Infrastructures

The goal of the project is the design of a sensor-driven risk assessment and risk management system, building upon knowledge management as well as risk analysis and risk management disciplines. The result will be an integration of the scientific disciplines as well as the involved persons and their individual activities into a workflow-supported, operative situation report system and a decision support system.

A comprehensive risk management is the foundation of all management, core and support processes in an organisation and represents the background of all measures regarding the feature-based organisational development, governance and controlling based on a knowledge management system in an organisation. In particular, in the security-relevant area a special emphasis is put on risk management on a strategic and operative level due to the sensitive tasks and challenges in this area.

Hence, the project at hand concentrates on the development of a sensor-based risk analysis and risk management system. This system is not only modelled and designed based on a generic approach but also is implemented in a software demonstrator. In the course of this, results from previous research as well as methodologies, techniques and technologies and already acquired processes, control logic, risk models, etc. are integrated into a meta risk model and represented in the system. Expert knowledge, which defines the correlations between the key performance indicators (KPI) and key risk indicators (KRI) is discussed, formalised and integrated into a web-based demonstrator. Basic sensors and the respective interfaces of analytical instruments (e.g. SNA, KIRAS-MDL, etc.) enhance and complete the system. These factors can either be formulated in terms of “risk balance vs. knowledge balance” or in relation to knowledge and risk mapping or knowledge and risk controlling, respectively.

The meta risk model is going to be developed using a generic and comprehensive approach and based on yet to be defined heuristics. The main focus is on the applicability in a strategic and operative context of ICT and critical infrastructures as well as the integration of the involved persons and their individual activities into a workflow-supported operative situation report system and a decision support system. Deriving from the meta risk model risk metrics are identified representing the conceptual framework for a web-based demonstrator platform for modelling and visualising correlations as well as collaboration on an operative level with the major goal to support decision making.

Facts:

  • Coordination: AIT Austrian Institute of Technology GmbH
  • Partner: Universität Wien, SiteXs Databusiness IT-Solutions GmbH, IFES – Institut für empirische Sozialforschung GmbH, Bundeministerium für Inneres (BM.I), Bundesministerium für Landesverteidigung und Sport (BMLVS)