5
Abstract—As infrastructures play an key role in the normal operation of economy and society, more and more concerns are given to all aspects of the infrastructures, including construction processes, investment and fund-raising affairs, protection issues and so on. Nevertheless, critical infrastructure is of the first rank, it comprises of some fundamental infrastructures for daily production and living, so the vulnerability and interdependency of critical infrastructure systems (CIS) is a hot issue for exploration. This paper presents a comprehensive review of research literature on vulnerabilities and interdependencies of CISs from two aspects: (1) Interdependency identification and modeling; (2) Vulnerability identification and assessment. And the further research opportunities are considered. I. INTRODUCTION HE American Presidential directive PDD-63 was issued in May 1998 on the subject of Critical infrastructure protection, which is a pioneering step to consider the matter from the national point of view. Then it made an adjustment in 2003 as broadening the definition of infrastructure, so did the European in 2006[1]. Since then, the controversies have been focused on the definition and range of the critical infrastructures. But among the controversies, there is a consensus that the critical infrastructures mainly include PowerStation, water supply, telecommunication, energy supply, municipal services, transportation and so on, which can pose profound effect on the national economic development and social stability. Furthermore, while we live in a more complicated and changeable world than before, interconnections and vulnerabilities of critical infrastructure have become more important than ever. Especially, 9/11 attacks happened in America in 2001 not only evokes all the countries in the world to introduce anti-terrorism legislation and put more effort to prevent terrorism attacks, but also rouses more countries and experts to concern critical infrastructure protection from attacks and other disasters for the CIS’ s vital function to the society and economy. From then on, more and more researchers treat the critical infrastructures as one of the most important subjects for Manuscript received July 6, 2010. This work was supported in part by the Research Grants Council of Ministry of Education of the People’s Republic of China [Project no. 20093514120010], and the Natural Science Research Grants council of Department of Science and Technology in Fujian Province, China [Project no. 2009J05158]. LI Xiao-Juan. Author is with the Department of Management Science and Engineering, Fuzhou University, Fuzhou, China (e-mail: lxjhoo@ yahoo.com.cn). Huang Li-Zhen. Author is with the Department of Management Science and Engineering, Fuzhou University, Fuzhou, China (e-mail: lzshfz@ 126.com) studies. In August 2003, the people in Northeastern United States and Southern Canada suffered an extensive power outage for up to 29 hours, and so did the people in central Switzerland in June 2005 as a result of the short circuit of power transmission network[2][3], which led to severe economic losses and disrupted the normal functioning of society and even induced a series of potential pitfalls. This attracts great attention from domestic and foreign scholars. As to China, we are in a stage of rapid development, supposing we are faced with a similar situation, our economy is likely to be paralyzed. As is well known, China’s electricity consumption increases sharply year by year, along with the overload risk to power facilities. And in July 2007, North China Power Grid, Northwest Power Grid having been through the Henan Power Grid associated with Central China Power Grid as one synchronous AC power network for better power service, which make large-scale blackouts possible, not to mention other critical infrastructures. For this reason, some of China’s researchers also commit themselves to study the field, like how to represent the vulnerability quantitatively and qualitatively, and how to measure and assess the interdependency between subsystems of critical infrastructures and their elements as a way to protect the CIS, but mainly on power infrastructures. II. CONCEPT OF VULNERABILITY AND INTERDEPENDENCY Interdependency is a word to describe the interconnections or interrelations between subsystems or CISs. From a systematic view, critical infrastructures are becoming more and more complicated due to technological innovation and high-tech network evolution, in order to satisfy high living standard and more functional requirements, which brings about higher interdependencies than ever within a system and between systems. Those interconnections exist not only among the internal components of a CIS but also among CISs from different perspectives. Rinaldi et al. (2001)[4] classified the interdepency between CISs into four categories: (1)physical, (2)cyber, (3)geographic, (4)logical. And Dudenhoeffer et al. (2006)[5] adopted the similar classification as: (1)physical, (2)informational, (3)geospatial, (4)policy/procedural, (5)social as a totally new one. Then De Procellinis et al. (2009)[6] employed the Rinaldi’s assortment with the social interrelation as the fifth category. As to a critical infrastructure, its components are physically linked with each other for integrated function, and the CISs are physically interrelated when one’s operation or production Vulnerability and Interdependency of Critical Infrastructure: A Review LI Xiao-Juan, Huang Li-Zhen, Department of Management Science and Engineering, Fuzhou University T

[IEEE 2010 Third International Conference on Infrastructure Systems and Services: Next Generation Infrastructure Systems for Eco-Cities (INFRA) - Shenzhen, China (2010.11.11-2010.11.13)]

Embed Size (px)

Citation preview

Page 1: [IEEE 2010 Third International Conference on Infrastructure Systems and Services: Next Generation Infrastructure Systems for Eco-Cities (INFRA) - Shenzhen, China (2010.11.11-2010.11.13)]

Abstract—As infrastructures play an key role in the normal operation of economy and society, more and more concerns are given to all aspects of the infrastructures, including construction processes, investment and fund-raising affairs, protection issues and so on. Nevertheless, critical infrastructure is of the first rank, it comprises of some fundamental infrastructures for daily production and living, so the vulnerability and interdependency of critical infrastructure systems (CIS) is a hot issue for exploration. This paper presents a comprehensive review of research literature on vulnerabilities and interdependencies of CISs from two aspects: (1) Interdependency identification and modeling; (2) Vulnerability identification and assessment. And the further research opportunities are considered.

I. INTRODUCTION HE American Presidential directive PDD-63 was

issued in May 1998 on the subject of Critical infrastructure protection, which is a pioneering step to consider the matter from the national point of view. Then it made an adjustment in 2003 as broadening the definition of infrastructure, so did the European in 2006[1]. Since then, the controversies have been focused on the definition and range of the critical infrastructures. But among the controversies, there is a consensus that the critical infrastructures mainly include PowerStation, water supply, telecommunication, energy supply, municipal services, transportation and so on, which can pose profound effect on the national economic development and social stability. Furthermore, while we live in a more complicated and changeable world than before, interconnections and vulnerabilities of critical infrastructure have become more important than ever. Especially, 9/11 attacks happened in America in 2001 not only evokes all the countries in the world to introduce anti-terrorism legislation and put more effort to prevent terrorism attacks, but also rouses more countries and experts to concern critical infrastructure protection from attacks and other disasters for the CIS’ s vital function to the society and economy.

From then on, more and more researchers treat the critical infrastructures as one of the most important subjects for

Manuscript received July 6, 2010. This work was supported in part by the Research Grants Council of Ministry of Education of the People’s Republic of China [Project no. 20093514120010], and the Natural Science Research Grants council of Department of Science and Technology in Fujian Province, China [Project no. 2009J05158].

LI Xiao-Juan. Author is with the Department of Management Science and Engineering, Fuzhou University, Fuzhou, China (e-mail: lxjhoo@ yahoo.com.cn).

Huang Li-Zhen. Author is with the Department of Management Science and Engineering, Fuzhou University, Fuzhou, China (e-mail: lzshfz@ 126.com)

studies. In August 2003, the people in Northeastern United States and Southern Canada suffered an extensive power outage for up to 29 hours, and so did the people in central Switzerland in June 2005 as a result of the short circuit of power transmission network[2][3], which led to severe economic losses and disrupted the normal functioning of society and even induced a series of potential pitfalls. This attracts great attention from domestic and foreign scholars. As to China, we are in a stage of rapid development, supposing we are faced with a similar situation, our economy is likely to be paralyzed. As is well known, China’s electricity consumption increases sharply year by year, along with the overload risk to power facilities. And in July 2007, North China Power Grid, Northwest Power Grid having been through the Henan Power Grid associated with Central China Power Grid as one synchronous AC power network for better power service, which make large-scale blackouts possible, not to mention other critical infrastructures. For this reason, some of China’s researchers also commit themselves to study the field, like how to represent the vulnerability quantitatively and qualitatively, and how to measure and assess the interdependency between subsystems of critical infrastructures and their elements as a way to protect the CIS, but mainly on power infrastructures.

II. CONCEPT OF VULNERABILITY AND INTERDEPENDENCY Interdependency is a word to describe the interconnections

or interrelations between subsystems or CISs. From a systematic view, critical infrastructures are becoming more and more complicated due to technological innovation and high-tech network evolution, in order to satisfy high living standard and more functional requirements, which brings about higher interdependencies than ever within a system and between systems. Those interconnections exist not only among the internal components of a CIS but also among CISs from different perspectives. Rinaldi et al. (2001)[4] classified the interdepency between CISs into four categories: (1)physical, (2)cyber, (3)geographic, (4)logical. And Dudenhoeffer et al. (2006)[5] adopted the similar classification as: (1)physical, (2)informational, (3)geospatial, (4)policy/procedural, (5)social as a totally new one. Then De Procellinis et al. (2009)[6] employed the Rinaldi’s assortment with the social interrelation as the fifth category. As to a critical infrastructure, its components are physically linked with each other for integrated function, and the CISs are physically interrelated when one’s operation or production

Vulnerability and Interdependency of Critical Infrastructure: A Review

LI Xiao-Juan, Huang Li-Zhen, Department of Management Science and Engineering, Fuzhou University

T

Page 2: [IEEE 2010 Third International Conference on Infrastructure Systems and Services: Next Generation Infrastructure Systems for Eco-Cities (INFRA) - Shenzhen, China (2010.11.11-2010.11.13)]

process depends on other’s material outputs. Cyber interdependency exists if the CISs have the demond of information transmission, information sharing or other forms of internet connection. The computerization and automation of critical infrastructures have led to pervasive cyber interdependencies. If the CISs are in geographic proximity and suffered from the same disasters or other social events simultaneously, they are geographically interdependent which sometimes also implies that they are physically interconnected. If the CISs are affected by policies, social culture, terrorist attacks or so, they are logical or social interrelated. Among the five kinds of interdependencies, physical and cyber interdependencies are two major interconnections among CISs.

Vulnerability is generated by the emergent complexity and connectivity of multi-component systems[7]. Studies have also proved that interdependency and vulnerability is closed interrelated. The higher interdependent between the CI systems it is, the more vulnerable as the CI systems are. Vulnerability is widely applied to environmental, ecological, systems engineering, disaster fields, it describes their vulnerability to impact and damage, and the lack of resistance to disturbances and the ability to return to their initial state. Blaikie (1994), Buckle (2000), Gheorghe (2001), Nilsson (2002) had the similar definitions too, all of them emphasized susceptivity and recovery to a degree after damage as two characteristics of vulnerability[8]. And Ding Daoqi (2004)[9], Xiao Zhenyu ( 2008)[10] particularly defined vulnerabilities in power and financial industries from systematic point, Ding Daoqi stressed the vulnerabilities are the inherent weaknesses or defects within a system, and their sensitivity to particular threat or danger incident, while Xiao Zhenyu pointed out that a small disturbance may make a system a sudden collapse as to its increasing scale and more complex relationships between subsystems, like “Butterfly Effect”. On the other hand, a large number of originally decentralized systems are linked through the network, resulting in higher vulnerability of these systems. Therefore, identifying and modeling the interdependencies and measuring the vulnerabilities of CISs are very important.

III. INTERDEPENDENCY IDENTIFICATION AND MODELING Vulnerability is caused by interdependencies, for better

understanding and analyzing vulnerabilities, we need to identify the interdependencies between CISs. In recent years, a great effort has been committed to study the above mentioned interdependencies. Yong Ge et al. (2010)[11] developed the GeoPetri Net system by incorporating the Petri net in a geographical information system to reveal the geographical interconnections between CI systems, but its feasibility might be limited some degree when other forms of interdependencies are considered. McNally et al. (2007)[12] proposed a way to learn the functional and geographic interdependencies diagrammatically and geographically through the loosely coupled system of GIS and an ontology-based information system, both intr-domain and

cross-domain interdependencies within CIs. It throws light on visualizing the interdependencies technologically, and GIS is a more general method for studying geographical interdependencies. Jonas Johansson and Henrik Hassel (2010)[13] also put forward a model by combining functional model into network theory, aimed to capture both functional and geographic interdependencies as McNally et al. did, and tested in a fictional electrified railway network. All of them only took functional and geographical interdependencies into account without considering social or cyber interrelations. Chang et al. (2007)[14] taking social impact into cinsideration, analyzed the interdependencies when investigating infrastructure failures caused by disasters. Still none of them study the interdependencies comprehensively. In virtue of the advent of computerization and network era, more and more CISs are closely interrelated nowadays, which increases the probability of cyber interdependencies, making the CISs more susceptible to disasters, attacks or defects within the CIS or between CISs. H.M. et al. (2005)[15] mainly focused on the cyber interdependencies between infrastructures, and researched to model and simulate it, then designed information sharing mechanism to keep their cyber interdependencies from being threatened, however, no specific framework model had been proprosed. In addition, some researchers take effort to explore ways for better describing interdependencies. The main interdependency models are as follows: (1) Dynamic Simulations-Bassiouni et al. (2002)[16] from a different point of view, adopted advanced temporal database management systems to model and analyze the temporal failure and degradation behavior of CISs; And Chakrabarty M. et al. (2004)[17] developed a visual and mathematical model in order to monitor and manage the interdependent critical infrastructures; S. Sultana and Z. Chen (2009)[18] presented a kind of integrated model for simulating the vulnerability of a network of hydroelectricity generating infrastructures based on the fragility curves development, flood frequency analysis, petri net development with extended stochastic analysis and Markov Chain generation and its extended analysis, when the hydroelectricity generating infrastructures are subjected to floods, it specially models the flood induced infrastructure interdependency and can be applied to other disasters induced interdependencies’ modeling. (2) Economic Input-Output Models-Ping Chen (2006)[19] proposed methods to assess the critical infrastructure system interdependency based on the economic input-output model and its extension. (3) CN and OOM model-Ouyang et al. (2009)[20] brought forward a Complex Network theory based topology-driven method to comprehensively analyze the vulnerability between interdependent infrastructures, and Complex Network theory (CN) is one of the best known approaches for performing interdependency analysis. Nevertheless, the approach can only model the certain topology structure of interdependencies, while it can do nothing on uncertain characteristics and behaviors of studied CISs like social or human factors. Hence, Object-Oriented Modeling (OOM) has

Page 3: [IEEE 2010 Third International Conference on Infrastructure Systems and Services: Next Generation Infrastructure Systems for Eco-Cities (INFRA) - Shenzhen, China (2010.11.11-2010.11.13)]

emerged as a method to make up for CN’s defects. But OOM is based on obtaining thorough knowledge of studied systems and model development is difficult and time-consuming[3]. So, hierarchical models and decomposition are another two new methods under study. Baiardi et al (2009)[21] presented a sequence of hierarchical models in risk management to detail the components in the CI system. And Cen Nan and Irene Eusgeld (2010)[3] considered to adopt High Level Architecture (HLA) standard to study interdependencies by decomposing the type of all-inclusive simulator into multiple domain-specific simulators and combining them in a distributed simulation environment, and communicating through network connection. But the communication infrastructure itself is still vulnerable when completely interconnected.

IV. VULNERABILITY IDENTIFICATION AND ASSESSMENT learning various interdependencies within or between CISs,

an help to understand vulnerabilities and build up a number of models or simulations to identify, measure them. Apostolakis and Lemon (2005)[22] used Multi-Attribute Utility (MAUT) for identification and Prioritization of vulnerabilities within a CIS, and Ezell (2007)[23] employed the same method to study the vulnerability of a medium-sized clean water system. Gerald Brown et al. (2006)[24] from the perspective of counter-terrorism, adopted new bi-level and tri-level optimization models to identify vulnerabilities in order to implement an optimal defense, while Tomas Hellstrom (2006)[25] showed an analytical planning framework for learning vulnerability in multi-aspect points as taking the technological change into account, and Cao et al. (2006)[26] partly analyzed the vulnerability when the CI sectors transform their traditional phone systems into VOIP system.

The vulnerability identification is a way to improve the critical infrastructures’ security, yet evaluating the vulnerabilities between the CISs is another research domain, and diverse approaches have been employed. Some of them try to study ways to quantify vulnerabilities while others attempt to set up a criteria or evaluation system to measure vulnerabilities. LI Jianfeng et al. (2006)[27] adopted quantitative risk analysis to evaluate the risks and learned the vulnerability by analysis. Theoharidou M et al. (2006)[28] firstly defined the inter-dependent infrastructures, then integrated the existing security plans and risk assessments to set three different layers of security assessments as to apply it in the critical infrastructures protection. They all try to measure vulnerabilities from the point of risk management. But there are also some special assessment models developed. Barry Charles Ezell (2007)[23] used the Infrastructure Vulnerability Assessment Model (I-VAM) which is an approach requiring the subject matter experts (SMEs) to establish value functions and weights to quantify the vulnerability. and Ilker Akgun (2010)[29] proposed fuzzy integrated vulnerability assessment model (FIVAM) to determine the vulnerability of such s system defending against the terrorist attack, and also provided a framework to

identify the hidden vulnerability caused by the functional interdependencies within the system. But as we know, as long as they are scored by specialists, the objectivity of the assessment methods is questionable, which enlighten us on developing methods to eliminate subjectivity or other more objective assessment models.

Literature with regard to the vulnerability and interdependency of critical infrastructure based on Chinese situation are just emerging, most of the domestic scholars majorly explore the relationship between the critical infrastructure and the national or local economy development[30]-[32]. And Ding Daoqi (2004)[9] discussed the vulnerability of the electric power and communication systems for establishing the strategic power infrastructure defense system and infrastrusture WAMS, which just gives us an inspiration to do the empirical study. However, more experts primarily focus on vulnerability evaluation. Wang Zhen et al. (2006)[2] used quantitative risk analysis to evaluate the terrorist attack risks in the critical infrastructure-the electric power system. The vulnerability in banking is also being concerned. Xiao Zhenyu (2008)[10] used the method of entropy to analyze china’s banking system vulnerability, this approach overcomes the bias brought by the subjective evaluation as traditional method does. As we know, each critical infrastructure has its own special features and techniques in construction and operation. Therefore, we cannot directly apply the research results to the specific critical infrastructures like water plant, transportation and so forth, but can make some amendments according to the types of critical infrastructures.

What’s more, the studies on the network vulnerability evaluation is a hot topic at home and abroad. Glantz et al. (2003)[33] raised a kind of approach as cyber security self-assessment to identify the cyber vulnerabilities for critical infrastructures protection, particularly in electric power industries. Feglar. T. et al. (2004)[34] concentrated on cyber critical infrastructures through the integration of information systems risk management and environmental risk management to protect the critical infrastructure. Li Ming et al. (2007)[35] presented the PKI (public key infrastructure) system, its vulnerability as well as the measure implemented to resolve its vulnerability. Chen Sisi et al. (2008)[36] used the bayesian networks to quantify the assessment of the network vulnerability. According to the above analysis, the study of the vulnerabilities and dependencies within and with the CISs is mainly the extension and application of the risk management methodology to the field, but ways are varied.

There are also some scholars paying their attentions to the network and dynamics between the critical infrastructures. Bayrak et al. (2006)[37] designed a model which is taking human and technical performance measures into cinsideration for the critical network infrastructure assessment. Bush et al. (2005)[38] and Dauelsberg et al. (2005)[39] adopted the critical infrastructure protection Decision Support System to trace the dynamics in critical infrastructure system and among the critical infrastructure systems according to their

Page 4: [IEEE 2010 Third International Conference on Infrastructure Systems and Services: Next Generation Infrastructure Systems for Eco-Cities (INFRA) - Shenzhen, China (2010.11.11-2010.11.13)]

interdependencies. While Liu et al. (2009)[40] proposed a framework for the CI vulnerability analysis in term of network theory and object-oriented modeling to capture the dynamics of CI systems. But all of them just analyze the network or the dynamics of the CI systems separately, so there is a need to combine these two aspects together to make a comprehensive and further research.

V. CONCLUSION In brief, literature on critical infrastructure vulnerability

and interdependency can be categorized into two assortments: (1) interdependency identification and modeling; (2) vulnerability identification and measurement. Through many studies are only applied the risk management and its relevant evaluation methods th the studies of critical infrastructure vulnerability and interdependency, but some other new approaches are also employed , like the input-output modeling, entropy theory, fuzzy interated assessment method, HLA standard, information technology and so on. We can find out that the approaches used are diverse, but they can be summarized into one pattern, that is, firstly, we need to find out the vulnerability and interdependency of CIS, then use a kind of mehthods to quantify them ,thirdly assess them or implement correspondent measures for our further research. However, each step is still a massive program for other researchers costing a lot of time and effort to improve and optimize it. For future research, there would be four aspects: (1) models or simulations for gaining comprehensive knowledge of interdependencies, including dynamics among the CISs; (2) setting up a standard assessment system for better evaluating the vulnerability; (3) cyber interdependency identification and vulnerability evaluation; (4) the ways or measures to avoid vulnerabilities induced disasters.

ACKNOWLEDGMENT LI Xiao-Juan Author thanks Huang Li-Zhen for advices

and revises. Authors also acknowledge the anonymous referee for the constructive suggestions.

REFERENCES [1] Critical Infrastructure Protection from Wikipedia [Online]. Available:

http://en.wikipedia.Org/wiki/ Critical_Infrastructure_Protection. [2] Wang Zhen, Liu Mao, “Questitative analysis on the risk terrorist attack

in electri power system:”, China Public Security·Academy Edition., No.3, pp.37-41, 2006.

[3] Cen Nan, Irene Eusgeld, “Adopting HLA standard for interdependency study”, Reliability Engineering and System Safety., 2010, doi:10.1016/j.ress.2010.08.002.

[4] Rinaldi S, P Peerenboom J, Kelly T., “Identifying, understanding and analyzing critical infrastructure interdependencies”, IEEE Control Systems Magazine, vol.21, no.6, pp.11-25, 2001.

[5] Dudenhoeffer DD, Permann MR, Manic M, “CIMS: a framework for infrastructure interdependency modeling and analysis”., In Proceedings of the 38th conference, Monterey, California, 2006, pp.478-485.

[6] De Porcellinis, Oliva G, Panzieri S, Setola R, “A holistic -reductionistic approach for modeling interdependencies”, In: Palmer C, Shenoi S, editors., Proceedings of the third IFIP international conference on critical infrastructure protection (CIP-2009), USA: Springer, 2009.

[7] Gheorghe, A. V., Vamanu, D. V., “Complexity induced vulnerability”, International Journal of Critical Infrastructures, no.1, pp.76-84, 2004.

[8] Shao Chuanqing, Yi Lixin, “vulnerability assessment model for critical infrastructure and its application”, China Safety Science Journal, vol..18, no.11, pp.153-158, 2008.

[9] Ding Daoqi, “Electric power and communications system vulnerability and basic concept of strategic power infrastructure defense (SPID) system”, Electric Power, vol.37, no.8, pp.1-6, 2004.

[10] Xiao Zhenyu, “Study on evaluation of banking fragility in china-empirical based on the entropy method”, East China Economic Management, vol.22, no.11, pp.78-84, 2008.

[11] Yong Ge, Xiaotao Xing, Qiuming Cheng, “Simulation and analysis of infrastructure interdependencies using a petri net simulation in a geographical information system”, International Journal of Applied Earth Observation and Geoinformation, pp. 319-430, 2010.

[12] Robert K. McNally, Seok-Wonlee, Deepak Yavagal, Wei-Ning Xiang, “Learning the critical infrastructure interdependencies through an ontology-based information system”, Environment and Planning B. (EPB), vol.34, no.6, pp.1103-1124, 2007.

[13] Jonas Johansson, Henrik Hassel, “An approach for modeling interdependent infrastructures in the context of vulnerability analysis”, Reliability Engineering and System Safety, pp.1335-1344, 2010.

[14] Stephanie E. Chang, Timothy L. McDaniels, Joey Mikawoz, Krista Peterson., “Infrastructure failure interdependencies in extreme events: power outage consequences in the 1998 Ice Storm”, Natural Hazards, vol.41, no.2, pp.337-358, 2007.

[15] Kim, H.M., Biehl, M., Buzacott, J.A., “M-CI/sup2/: modeling cyber interdependencies between critical infrastructures”, Industrial Informatics, 2005. INDIN 05. 2005 3rd IEEE International Conference on, pp.644-648.

[16] Mostafa Bassiouni, Ratan Guha, “Modeling and Analysis of Temporal Failure and Degradation Behavior of Critical Infrastructure Systems”, 35th Annual Hawaii International Conference on System Sciences (HICSS-35), Big Island, Hawaii, USA, 7-10 January 2002. 6pp.

[17] Chakrabarty, M., Mendonca, D., “Integrating visual and mathematical models for the management of interdependent critical infrastructures”, Systems, Man and Cybernetics, 2004 IEEE International Conference on. no.2, pp.1179-1184.

[18] S. Sultana, Z. Chen, “Modeling flood induced interdependencies among hydroelectricity generating infrastructures”, Journal of Environmental Management, vol.90, no.11, pp.3272-3282, 2009.

[19] Ping Chen, “Extension and Combination of Economic Input-Ouput Models for Assessing Critical Infrastructure System Interdependencies”, PhD Thesis, Carnegie Mellon University, 2006.

[20] Ouyang M, Hong L, Mao Z-J, Yu M-H, Qi F, “A methodological approach to analyze vulnerability of interdependent infrastructures”, Simulation Modeling Practice and Theory, vol.17, no.5, pp.817-828, 2009.

[21] F. Baiardi, C. Telmon, D.Sgandurra, “Hierarchical model-based risk management of critical infrastructures”, Reliability Engineering&System Safety, vol.94, no.9, pp.1403-1415, 2009.

[22] Apostolakis, G. E., & Lemon, D. M., “A screening methodology for the identification and ranking of infrastructure vulnerabilities due to terrorism”, Risk Analysis, no.25, pp.361-376, 2005.

[23] Ezell, B. C., “Infrastructure vulnerability assessment model (I-VAM)”, Risk Analysis, vol.27, no.3, pp.571-583, 2007.

[24] Gerald Brown, Matthew Carlyle, Javier Salmeron, “Defending Critical Infrastructure”, Interfaces, vol.36, no.6, pp.530-544, 2006.

[25] Tomas Hellstrom, “Critical infrastructure and systemic vulnerability: Towards a planning framework”, Safety Science, vol.45, no.3, pp.415-430, 2006.

[26] Feng Cao, Malik, S, “Vulnerability analysis ans best practices for adopting IP telephony in critical infrastructure sectors”, IEEE Communications Magazine, vol.44, no.4, pp.138-145, 2006.

[27] LI Jianfeng, Liu Mao, Wang Weina, “Quantitative Risk Analysis on Electric Power System Suffering From Terrorism Attack”, Progress in safety science and technology, pp.439-444, 2006.

[28] Marianthi Theoharidou, Panayiotis Kotzanikolaou, Dimitris Gritzalis, “A multi-layer Criticality Assessment methodology based on interdependencies”, Computers&Security, vol.29, no.6, pp.643-658, 2010.

[29] Ilker Akgun, Ahmet Kandakoglu, Ahmet Fahri Ozok, “Fuzzy integrated vulnerability assessment model for critical facilities in combating the terrorism”, Expert Systems with Applications, vol.37, no.5, pp.3561-3573, 2010.

Page 5: [IEEE 2010 Third International Conference on Infrastructure Systems and Services: Next Generation Infrastructure Systems for Eco-Cities (INFRA) - Shenzhen, China (2010.11.11-2010.11.13)]

[30] SHEN Jin-shan, SONG Jian-min, Guan Ke, “Quantitative evaluation method and its application for infrastructure and social economy coordinated development”, Urban Environment&Urban Ecology, vol.13, no.5, pp.10-12, 2000.

[31] YOU Li-xia, LIAN Jun, WU Yu-hua, “On the investment in city infrastructure and sustainable development”, Journal of Tianjin University(Social Sciences), vol.3, no.4, pp.339-342, 2001.

[32] YI Hong-mei, ZHANG Liu-xiu, Denise Hare, LIU Cheng-fang, “The provision of infrastructure and farmers’ demand-evidence from 5 province”, China Soft Science Magazine, no.11, pp.106-115, 148, 2008.

[33] Clifford S. Glantz, Robert B. Bass, Hanes R. Cash, “A Cyber Security Self-Assessment Method for Critical Infrastructure Protection”, Engineering/Technology management, pp.195-198, 2003.

[34] Feglar, T., Levy, J.k., “Protecting cyber critical infrastructure (CCI): integrating information security analysis and environmental vulnerability analysis”, Engineering Management Conference, 2004, Proceedings. 2004 IEEE International, no. 2, pp.888-892.

[35] Li Ming, Hao Xiaoling, Zhang Song, “Vulnerability and comuntermeasure analysis of the public key infrastructure”, Journal of Harbin Institute of Technology, vol.39, no.4, pp.665-668, 2007.

[36] Chen Sisi, Lian Yifeng, Jia Wei, “A network vulnerability evaluation method based on Bayesian network”, Journal of The Graduate School of The Chinese Academy of Sciences, vol.25, no.5, pp.639-648, 2008.

[37] Tuncay Bayrak, Martha R. Brabowski, “Critical Infrastructure Network Evaluation”, Journal of computer Information Systems, XLVI (3), pp.67-86, 2006.

[38] B.Bush, L. Dauelsberg, et al., “Critical Infrastructure Protection Decision Support System (CIP/ DSS) Project Overview”, 23rd International conference of the System Dynamics Society, pp. 2703-2714, 2005.

[39] Lori Dauelsberg, Alexander V. Outkin, “Modeling Economic Impacts to Critical Infrastructures in a System Dynamics Framework”, 23rd International conference of the System Dynamics Society, pp. 964-977, 2005.

[40] Irene Eusgeld, Wolfgang Kroger, Giovanni Sansavini, Markus Schlapfer, Enrico Zio, “The role of network theory and object-oriented modeling within a framework for the vulnerability analysis of critical infrastructures”, Reliability Engineering & System Safety, vol.94, no.5, pp.954-963, 2009.