Dynamic robustness modelling of electricity critical infrastructure elements as a part of energy security
The key components of an Electricity Critical Infrastructure (ECI) are the elements of system required to permanently provide services with a certain performance level. In the case of disruptive events effects on these elements, the key security factor is their robustness, which is an important determinant of element resilience. Current methods can already assess the static level of element resilience but are as yet unable to creating dynamic models of resilience decrease due to disruptive events. In this context, dynamic security assessment is an important area for determining energy supply security. Based on this observation, the authors of the article created a method for Dynamic Robustness Modelling (DRM) which allows ECI element robustness dynamic modelling which can be clearly considered as a new concept of robust, secure and resilient of ECI. This stochastic method uses integral calculus and analysis of dynamic robustness in elements in the context of a predicted disruptive event scenario. The method quantifies the negative effect of predicted disruptive events and the subsequent decrease in the level of robustness due to this effect at the expected time of exposure. Practical use of the method is illustrated through a case study that models a decrease in the level of robustness of an electricity transformer station during an intentional man-made attack.
Critical infrastructure (CI) is an irreplaceable source of vital services in large urban agglomerations. The Council of the European Union defines critical infrastructure as “an asset, system or part thereof located in Member States which is essential for the maintenance of vital societal functions, health, safety, security, economic or social well-being of people, and the disruption or destruction of which would have a significant impact in a Member State as a result of the failure to maintain those functions”. A similar understanding of critical infrastructure is also given in the National Infrastructure Protection Plan of 2013 by the U.S. Department of Homeland Security, which defines critical infrastructure as “systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters”.
The hierarchy of critical infrastructure consists of three levels that form the vertical structure of the system: system level, sector level, and elementary level. Critical infrastructure is classified into the system level according to functional specifics. The system level covers two areas, namely technical infrastructure (e.g. energy, transport) and socio-economic infrastructure (e.g. health, emergency services). The sectoral level consists of individual sectors (e.g. energy) and subsectors (e.g. electricity) of critical infrastructure. The elementary level consists of individual elements (e.g. power plants, transformers) that form the basic building blocks of the system hierarchy in those sectors. The overview of specific critical entities in the field of electricity is given in the Proposal for a Directive of the European Parliament and of the Council on the resilience of critical entities.
The most important technical sector of the critical infrastructure system, which is called uniquely critical on the basis of Presidential Policy Directive / PPD-21 and Proposal for a Directive of the European Parliament and of the Council on the resilience of critical entities, is energy. This unique criticality is especially evident in the electricity sub-sector, on the supply of which all other critical infrastructure sectors are depend. The importance of the energy sector is also evident in critical infrastructure systems on other continents, such as Asia or Australia. For this reason, it is necessary to pay attention not only to the development of energy technologies, but also to energy security.
In the context of pervasive security issues, electricity critical infrastructure (ECI) elements are continuously exposed to the adverse effects of naturogenic and anthropogenic threats. Ensuring a high level of robustness in these elements against the adverse effects of disruptive events is therefore essential. Robustness is an important determining factor in resilience, which in the context of critical infrastructure, resilience is defined as “the ability to reduce the magnitude and/or duration of disruptive events; the effectiveness of a resilient infrastructure or enterprise depends upon its ability to anticipate, absorb, adapt to, and/or rapidly recover from a potentially disruptive event”. The European Commission has recently proposed a new directive to enhance the resilience of critical infrastructure and create an all-hazards framework to support Member States in ensuring that critical entities are able to prevent, resist, absorb and recover from disruptive incidents, both natural and man-made. Critical entities would be required to carry out risk assessments of their own, take appropriate technical and organisational measures in order to boost resilience, and report disruptive incidents to national authorities.
At present, resilience in critical infrastructure elements can be measured statically. This method provides information about the level of resilience in an element at the time before a disruptive event occurs. However, when a disruptive event affects a critical infrastructure element, the informative value of resilience is lost since its resilience level has already started declining. Static resilience, therefore, does not let us analyse dynamic resilience at the time of a disruptive event and predict the critical point of failure in critical infrastructure element performance. The starting point for this statement is the Critical Infrastructure Resilience Final Report and Recommendations which works with the term Absorptive Capacity that is defined as “the ability of the system to endure and disruption without significant deviation from normal operating performance”. The absorption process is dynamic (takes place over time), as a result of which the absorption capacity of the element is gradually depleted. In contrast, at a time when there is no absorption capacity, the level of resilience is constant or static. Based on this, the terms static and dynamic resilience are used only in relation to the method of assessing resilience.
Static resilience in a critical infrastructure system can be assessed using a number of specific methods. The most suitable of these methods are especially: Resilience Assessment in Electricity Critical Infrastructure from the Point of View of Converged Security, A Performance-based Tabular Approach for Joint Systematic Improvement of Risk Control and Resilience Applied to Telecommunication Grid, Gas Network, and Ultrasound Localization System, Assessing and Strengthening Organisational Resilience – ASOR Method, Critical Infrastructure Elements Resilience Assessment – CIERA Method, Availability-based Engineering Resilience Metrics and Corresponding Evaluation Methodology, Resilience Capacities Assessment for Critical Infrastructure Disruption: The READ Framework, A Quantitative Method for Assessing Resilience of Interdependent Infrastructures, Guidelines for Critical Infrastructure Resilience Evaluation, Measuring Critical Infrastructure Resilience: Possible Indicators, and Resilience Measurement Index – RMI.
Some publications have investigated dynamic modelling in critical infrastructure systems in a different context. For example, Dynamic Functional Modelling of Vulnerability and Interoperability of Critical Infrastructures, Review on Modelling and Simulation of Interdependent Critical Infrastructure Systems, A System Dynamics Framework for Modelling Critical Infrastructure Resilience, Dynamic Interdependency Models for Cybersecurity of Critical Infrastructures, Resilience Assessment for Interdependent Urban Infrastructure Systems Using Dynamic Network Flow Models, and A Functional Index Model for Dynamically Evaluating China’s Energy Security. None of these studies, however, explored methods to
predict the decline in resilience in critical infrastructure elements due to the effects of a disruptive event.
Based on the above, no suitable method for dynamic modelling of resilience, respectively robustness, in critical infrastructure elements is currently described. The authors of the article therefore created Dynamic Robustness Modelling (DRM) method, which is presented in more detail in the following sections. This stochastic method applies mathematical methods, specifically integral calculus, and analysis of dynamic robustness in elements in the context of a predicted disruptive event scenario.
The ambition of the author’s team is to expand the perception and understanding of the basic philosophical level of resilience and include the aspect of time-changing attributes entering the process of assessing (modelling) robustness. Another aspect of novelty is to some extent the elementary level of robustness assessment resulting from the bottom-up approach, where robustness is tied to a specific element of critical infrastructure and is not limited by the perspective of cross-sectoral failure, within which it is fundamentally impossible to distinguish between static and dynamic resilience.
The mentioned statement is primarily reflected by the orientation of the case study to the application of the DRM method on the transformer station, which pragmatically expresses and can be considered as an elementary approach and level of assessment. However, the DRM method presented in the next part of the text can be used as a starting point and basis for higher levels of assessment, and thus for critical infrastructure subsector or sector robustness assessment, assuming the use of another mathematical superstructure. This fact can therefore be accepted as a bottom-up approach, as evidenced, inter alia, by the document Analysis of Critical Infrastructure Dependencies and Interdependencies, which deals with the definition of Bottom-up and Top-down Approaches. For better comprehensibility, the application of the DRM method was demonstrated only at the elementary level of a selected critical infrastructure element.
by David Rehak, Martin Hromada, Vendula Onderkova, Neil Walker, Clemente Fuggini