Infrastructure dependability, 2013 Slide 1

Critical National Infrastructure 2:

Infrastructure dependabilityIan Sommerville

Infrastructure dependability, 2013 Slide 2

Influences on dependability

• Infrastructure ownership

• Infrastructure funding

• Infrastructure dependencies

Infrastructure dependability, 2013 Slide 3

Infrastructure ownership

• No single owner or authority

• Mixture of public and private ownership

• Increasing privatisation

Infrastructure dependability, 2013 Slide 4

Infrastructure internationalisation

• Owners may be international companies located in different countries from the infrastructure that they own

Infrastructure dependability, 2013 Slide 5

UK rail privatisation

British rail

Infrastructure dependability, 2013 Slide 6

Regulation

• Government regulators are responsible for safety and have powers to enforce safety-related changes on companies

Infrastructure dependability, 2013 Slide 7

Dependability consequences

• No single organisation is responsible for overall system dependability and for liaison with other infrastructure providers

• Cost and budgets rather than safety are the key drivers as company shareholders have to be satisfied

Infrastructure dependability, 2013 Slide 8

Dependability consequences

• Companies try to avoid responsibility for incidents and accidents as these mean that compensation may have to be paid to other companies or individuals

• There is a tendency to try to blame other companies when things go wrong

Infrastructure dependability, 2013 Slide 9

Infrastructure funding

• Infrastructure replacement is very expensive

• Governments and companies are often reluctant to pay for infrastructure

©Stefan Kuhn (flickr)

© UK Highways Agency (via Jimmy Guano)

Infrastructure dependability, 2013 Slide 10

Infrastructure replacement

• Across the developed world, ageing infrastructure built in the 1950s and 1960s is in need of replacement.

© Dennis Bratland

Infrastructure dependability, 2013 Slide 11

Dependability consequences

• Because of the high costs, there is a tendency to delay infrastructure investment and maintenance but to wait until failures occur and then repair the infrastructure

• This leads to longer periods of unavailability and disruption for users of the infrastructure

Infrastructure dependability, 2013 Slide 12

Infrastructure dependencies

• Infrastructure elements are often dependent on each other so that failure of one element may be caused by failure of some other element elsewhere

Infrastructure dependability, 2013 Slide 13

(Source: US DOE)

Infrastructure dependability, 2013 Slide 14

Types of dependency

• Functional– Use of common functions by different

elements of the infrastructure

• Informational – Decision making may depend on data

from the same source

• Shared Control– Control is from the same

system/location

Infrastructure dependability, 2013 Slide 15

Types of dependency

• Geospatial– Components are located physically close to

each other

• Purpose– Elements of the infrastructure may have a

shared function or purpose so components may be reused

• Policy– Different elements of the infrastructure may

be governed by the same policies

Infrastructure dependability, 2013 Slide 16

Cascade failure

• A failure in one area cascades to another infrastructure sector, causing failures and disruption, sometimes in quite unrelated areas

Infrastructure dependability, 2013 Slide 17

Cascade failure

• Failure of flood defences results in an electricity distribution centre being threatened by flooding

• Shut down for safety reasons

• Leads to a loss of power in the local area

• An ISP in that area goes offline, leading to a loss of internet service to customers who may be anywhere in the country.

Infrastructure dependability, 2013 Slide 18

Mutual dependencies

• Mutual dependencies cause major problems in the event of failure– Communications systems depend on

power

– Power recovery depends on communications

– Power failure that leads to loss of communications is difficult to recover from

Infrastructure dependability, 2013 Slide 19

www.geography.org.uk

Infrastructure dependability, 2013 Slide 20

Single points of failure

• Several services share some facility so that failure at that facility leads to a loss of all of these services.

• Power and communication cables in the same duct

© Martin Pettitt (2006)

Infrastructure dependability, 2013 Slide 21

Single point of failure

• Transport, communication and power cables use the same bridge to cross a river or sea channel

Infrastructure dependability, 2013 Slide 22

Shared system components• Control systems for different

infrastructure elements may be supplied by the same company

• Software components may be reused across systems for different types of infrastructure control

Infrastructure dependability, 2013 Slide 23

Shared components

• Failure of a reused component can lead to failures in apparently unrelated parts of the infrastructure

Infrastructure dependability, 2013 Slide 24

Dependability consequences

• Infrastructure systems are not independent

• Assessment of the dependability of one part of the infrastructure has to consider the dependability of other infrastructure elements

• Dependencies may be unknown

• Contingencies for the failure of these other elements may have to be made

Infrastructure dependability, 2013 Slide 25

Key points

• The fragmented ownership of national infrastructure has overall effects on its dependability

• Infrastructure elements are rarely independent but depend on other elements of the national infrastructure

• When considering the dependability of part of the infrastructure, you have to take into account its possible dependencies with other parts of the infrastructure and their dependability