EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

A Roadmap for Quantifying the Efficacy of Risk Management of Information Security and Interdependent SCADA Systems

Haimes Yacov Y. and Chittester Clyde G
Additional contact information
Haimes Yacov Y.: University of Virginia
Chittester Clyde G: Carnegy Mellon Univ.

Journal of Homeland Security and Emergency Management, 2005, vol. 2, issue 2, 23

Abstract: Many sectors of the economy and other critical infrastructures are highly coupled and their interdependencies render them at risk to cyber terrorist attacks. This fact is further exacerbated because they are often remotely controlled and managed through supervisory control and data acquisition (SCADA) systems, which are vulnerable to such cyber intrusion. The myriad sources of risk to SCADA systems identified through hierarchical holographic modeling (HHM)serve as the impetus to the roadmap for quantifying the efficacy of risk management of interdependent SCADA systems presented in this paper. Central to this quantification metric is the deployment of the inoperability input-output model (IIM). This is a Leontief-based model that enables accounting for both the intra-and interconnectedness within each economic sector and infrastructure. At the core of the IIM is the notion of risk of inoperability, which describes a critical infrastructure's expected level of dysfunction. The input to the system is an initial perturbation triggered by an attack of terrorism, an accidental event, or a natural disaster. The outputs of the system are the resulting risks of inoperability of different infrastructures due to their connections to one another. These outputs are presented in two different metrics: (1) economic inoperability measured in dollars lost for each interdependent sector of the economy, and (2) functional inoperability measured in each sector's percentage of dysfunctionality. This model addresses the equilibrium state of the system in the event of an attack, provided that the interdependency matrix is known. The national interdependency database provided by the Bureau of Economic Analysis (BEA), US Department of Commerce, constitutes the core database for the IIM interdependency matrix. The national database consists of 483 sectors and the regional of 37 sectors. The metric used for quantifying the efficacy of risk management of interdependent SCADA systems builds on the economic losses generated by the IIM resulting from a cyber attack with and then without risk management, and considering as well the cost of risk management. A scenario of a cyber attack on telecommunications and electric power infrastructures is discussed, using national BEA data. The results are analyzed, followed by a summary and conclusions.

Keywords: SCADA; IIM; HHM (search for similar items in EconPapers)
Date: 2005
References: Add references at CitEc
Citations:

Downloads: (external link)
https://doi.org/10.2202/1547-7355.1117 (text/html)
For access to full text, subscription to the journal or payment for the individual article is required.

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:bpj:johsem:v:2:y:2005:i:2:p:23:n:3

Ordering information: This journal article can be ordered from
https://www.degruyter.com/journal/key/jhsem/html

DOI: 10.2202/1547-7355.1117

Access Statistics for this article

Journal of Homeland Security and Emergency Management is currently edited by Irmak Renda-Tanali

More articles in Journal of Homeland Security and Emergency Management from De Gruyter
Bibliographic data for series maintained by Peter Golla ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-19
Handle: RePEc:bpj:johsem:v:2:y:2005:i:2:p:23:n:3