Critical Infrastructure

From CIPedia
Revision as of 23:18, 14 July 2014 by Eluiijf (talk | contribs)
Jump to navigation Jump to search

While there is not a commonly accepted definition of critical infrastructure (CI), all definitions emphasize the contributing role of a critical infrastructure to the society or the debilitating effect in the case of disruption. Another common characteristic is that they are complex in their structure, which makes the issue of dependencies an important topic.

Definitions

European Definitions

Council Directive 2008/114/EC

An asset, system or part thereof located in Member States which is essential for the maintenance of vital societal functions, health, safety, security, economic or social well-being of people, and the disruption or destruction of which would have a significant impact in a Member State as a result of the failure to maintain those functions [1]

Other International Definitions

UNISDR

UNISDR refers to "Critical facilities" as

the primary physical structures, technical facilities and systems which are socially, economically or operationally essential to the functioning of a society or community, both in routine circumstances and in the extreme circumstances of an emergency [2].

Critical facilities are considered as elements of the infrastructure that support essential services in a society.

National Definitions

Germany

Critical infrastructures are organisations and facilities of major importance for society whose failure or impairment would cause a sustained shortage of supplies, significant disruptions to public order, safety and security or other dramatic consequences [3].

Netherlands

Critical infrastructures (Dutch: Vitale Infrastructuur) refers to products, services and the accompanying processes that, in the event of disruption or failure, could cause major social disturbance.Bijlage bij Kamerstuk 26643 nr. 75 Rapportage Bescherming Vitale Infrastructuur

This could be in the form of tremendous casualties and severe economic damage, or in terms of an extremely lengthy recovery period and a lack of any readily available viable alternatives, while we depend on these products and services. Because the consequences of this critical infrastructure – or parts thereof – could be so dire for large segments of the Dutch population, extra attention must be given to its protection. Accordingly, this protection is designed to prevent disruption and concerns the protection against technical-organisational failings, overloading, and extreme natural phenomena or intentional or unintentional human action.

United Kingdom (UK)

The United Kingdom (UK) defines national infrastructure as:

those facilities, systems, sites and networks necessary for the functioning of the country and the delivery of the essential services upon which daily life in the UK depends [4].

In the approach of the UK, infrastructure is categorised according to its value or “criticality” and the impact of its loss. This categorisation is done using the Government “Criticality Scale”, which assigns categories for different degrees of severity of impact.

Not everything within a national infrastructure sector is “critical”. Within the sectors there are certain “critical” elements of infrastructure, the loss or compromise of which would have a major detrimental impact on the availability or integrity of essential services, leading to severe economic or social consequences or to loss of life. These “critical” assets make up the nation's critical national infrastructure (CNI) and are referred to individually as “infrastructure assets”. Infrastructure assets may be physical (e.g. sites, installations, pieces of equipment) or logical (e.g. information networks, systems).

USA

Systems and assets, whether physical or virtual, so vital services to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters. [5]

Standard Definition

ISO/IEC TR 27019:2013

Organizations and facilities that are essential for the functioning of society and the economy as a whole [6].

The standard notes that a failure or malfunction of such organizations and facilities would result in sustained supply shortfalls, make a significant impact on public security and have other wide ranging impacts.

See also

History

COM(2006)787

Those assets or parts thereof which are essential for the maintenance of critical societal functions, including the supply chain, health, safety, security, economic or social well-being of people. [7]

Notes

  1. Jump up Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
  2. Jump up 2009 UNISDR Terminology on Disaster Risk Reduction, United Nations International Strategy for Disaster Reduction (UNISDR), Geneva, Switzerland, May 2009.
  3. Jump up Unpublished working glossary of UP KRITIS and BSI, 2014
  4. Jump up Centre for the Protection of National Infrastructure (CPNI)
  5. Jump up §1016(e) of the USA Patriot Act of 2001 (42 U.S.C. §5195c(e))
  6. Jump up ISO/IEC TR 27019:2013 Information technology -- Security techniques -- Information security management guidelines based on ISO/IEC 27002 for process control systems specific to the energy utility industry.
  7. Jump up EC COM(2006) 787 final, Directive of the Council on the identification and designation of European Critical Infrastructure and the assessment of the need to improve their protection, EC, Brussels 12.12.2006.
Retrieved from "https://websites.fraunhofer.de/CIPedia/index.php?title=Critical_Infrastructure&oldid=1172"