Cross Sectoral Risk Management for Object Protection of Critical Infrastructures
The main goal of this project is the structured collection and representation of security-relevant information regarding facility protection. As a core aspect, the interdependencies among the critical infrastructures are observed to analyze the propagation of threats as well as their cascading effects. In this context, the underlying assessment models are discussed in detail, focusing in particular on balancing the assessment patterns of different risk types. The resulting analyses are conflated across several infrastructures, resulting in a cross sectoral (up to a national) representation of the risks. Furthermore, a reference guideline for critical infrastructures is compiled, which is based on international standards and guidelines and can be used to identify specific security measures for the infrastructures.
Based on the information on critical infrastructure objects collected by the public agencies, the security relevant data is structurally prepared and imported in a developed data model in the course of the CERBERUS project.
The rather new technology of graph databases is connected with a state of the art risk platform. A software demonstrator verifies the basic feasibility of this approach. This new perspective on critical infrastructure objects enables the public agencies a holistic view, in particular on the inherent interdependencies of the critical infrastructure objects. This gives the public agencies the possibility to effectively focus on new challenges and support the critical infrastructure operators. From a methodological point of view, the focus lies on the novel approaches towards modeling, the identification of interdependencies by analyzing specific interrelationships as well as the processing and representation of relevant data supported by graph databases.
An ulterior goal of this research project is the creation of new perspectives for the public agencies along their federal duty to establish an appropriate protection level for critical infrastructures. The application of novel theoretical models for the risk management of real-world critical infrastructure objects shall support the preservation of these infrastructure objects’ security. The project results can be exploited by the involved project partners and stakeholders and be transferred in their own organizational tasks.