NCCoE Releases Draft Guide on Securing the Industrial Internet of Things

Example Solution Addresses Cybersecurity Challenges for Distributed Energy Resources
The National Institute of Standards and Technology’s (NIST) National Cybersecurity Center of Excellence (NCCoE) has published for comment a preliminary draft of NIST SP 1800-32, Securing the Industrial Internet of Things: Cybersecurity for Distributed Energy Resources.
In this practice guide, the NCCoE applies standards, best practices, and commercially available technology to protect the digital communication, data, and control of cyber-physical grid-edge devices. The guide demonstrates an example solution for monitoring and detecting anomalous behavior of connected industrial internet of things (IIoT) devices and building a comprehensive audit trail of trusted IIoT data flows.
By releasing Volumes A and B as a preliminary draft, we are sharing our progress made to date, using the feedback received to shape future drafts of the practice guide, and featuring technologies and practices that organizations can use to monitor, trust, and protect information exchanges between commercial- and utility-scale distributed energy resources (DERs).
Addressing Emerging Cybersecurity Concerns of DERs
The use of small-scale DERs, such as wind and solar photovoltaics, are growing rapidly and transforming the power grid. In fact, a distribution utility may need to remotely communicate with thousands of DERs and other grid-edge devices—many of which are not owned by them. Any attack that can deny, disrupt, or tamper with DER communications could prevent a utility from performing necessary control actions and could diminish grid resiliency—a concern that was highlighted in a recent United States General Accounting Office report, Electricity Grid Cybersecurity.
This NCCoE practice guide aims to help companies provide secure access to DERs and monitor and trust the ever-growing amount of data coming from them.

IACIPP Concerned at Increasing Ransomware Attacks Against Critical Infrastructure

The International Association of CIP Professionals (IACIPP) is concerned about the increasing threat and ransomware attacks against critical infrastructure and in particular the energy sector.
As has been demonstrated by the recent ransomware attack on Colonial Pipeline in North America, and the impact this has had across other infrastructure services, and the wider economic impact on, for example, the price of petrol and oil, such attacks should be a concern to us all.
"The attack on the Colonial Pipeline Industrial Control System was not a total surprise. For years, our pipeline infrastructure and other critical infrastructures have experienced an ever-increasing level of probes and attacks.  The ICS owners and operators must be vigilant and assure their systems are continuously monitored and armed with the latest cyber protection tools." Commented Dr. Ron Martin, CPP,  Professor of Practice: Critical Infrastructure, Industrial Control System Security, and Access and Identity Management at Capitol Technology University.
Although the FBI and other federal and private cybersecurity entities are working to mitigate the effects of the attack on Colonial Pipeline, there needs to be the wider discussion and collaboration across industry sectors to prepare for future attacks to mitigate future economic impact such attacks cause.
“Our critical infrastructure sectors are the modern day battlefield and cyber space is the great equalizer. Hacker groups can essentially attack with little individual attribution and virtually no consequence. With over 85% of all infrastructure owned and operated by the private sector, significant investment and attention must be placed on hardening key critical systems. I anticipate more attacks like this happening in the future. A key lesson here is that while technology and automation is good, we must also have the ability to efficiently operate manually as well. Attacks will happen, but how quick can you recover and restore critical services?” commented Brian Harrell, Strategic Adviser to IACIPP and Former Assistant Secretary for Infrastructure Protection.
CISA and the Federal Bureau of Investigation (FBI) have recently released a Joint Cybersecurity Advisory (CSA) on a ransomware-as-a-service (RaaS) variant—referred to as DarkSide—recently used in a ransomware attack against Colonial Pipeline.
Chuck Brooks, President of Brooks Consulting International and cyber expert, commented, “Protecting critical infrastructure needs to be a shared responsibility of both the public and private sectors. The energy sector become a preferred target of sophisticated hackers often in collusion with nation state actors. The cost of breach as evidenced in the Colonial pipeline ransomware attack can be disruptive to commerce and impact many industry verticals. “
“Critical infrastructure needs to be fortified from cyberattacks and physical attacks in a joint government/industry collaboration. Resources need to be invested in emerging automation technologies and training. IT and OT systems need to be monitored at the sensor level for anomalies. Sensitive operations need to be segmented and air gapped. Back up of data is an imperative and resiliency a requirement for all critical infrastructure operations. It may take new laws and regulations, but it needs to be done.” Concluded Mr Brooks.
The cyberattack against Colonial Pipeline that was discovered on May 7 underscores the growing impact of cyberthreats on industrial sectors. While the investigation is ongoing and important lessons from this attack will be extracted in the next few weeks, the fact that Colonial Pipeline had to pro-actively take their OT systems offline after starting to learn about which IT systems were impacted by the ransomware is significant.
John Donlon QPM the Chairman of IACIPP stated - ‘This type of attack comes as no real surprise. It is consistent with recent trends and what is really quite concerning is the fact that the scale and impact of such events continue to escalate. We have seen recent Government activity across the Western world seeking to put in place support to Infrastructure Owners and Operators but the speed of new attack methodologies, either through nation-state actors or criminal groups, means it is not always easy to keep ahead of the curve. Unfortunately, I believe we will continue to see even greater escalation in the power of attacks being executed and therefore the breadth and depth of collaboration between governments and the private sector has to develop at pace’.
This will also be subject to a case study panel discussion at Critical Infrastructure Protection and Resilience North America (www.ciprna-expo.com) in New Orleans LA on 19th - 21st of October 2021.

CISA-FBI Cybersecurity Advisory on DarkSide Ransomware following Colonial Pipeline cyberattack

CISA and the Federal Bureau of Investigation (FBI) have released a Joint Cybersecurity Advisory (CSA) on a ransomware-as-a-service (RaaS) variant—referred to as DarkSide—recently used in a ransomware attack against a critical infrastructure (CI) company.
The cyberattack against Colonial Pipeline that was discovered on May 7 underscores the growing impact of cyberthreats on industrial sectors. While the investigation is ongoing and important lessons from this attack will be extracted in the next few weeks, the fact that Colonial Pipeline had to pro-actively take their OT systems offline after starting to learn about which IT systems were impacted by the ransomware is significant.
Latest Update:
May 11: The FBI confirms that the Darkside ransomware is responsible for the compromise of the Colonial Pipeline networks
May 10: Colonial Pipeline restarted some systems with the goal of substantially restoring operational service by the end of the week
May 9: Colonial Pipeline is is developing a system restart plan
May 7: A ransomware attack against the corporate systems (IT) of Colonial Pipeline led the organization on Friday May 7 to proactively take certain operational systems (OT) offline to contain the threat, which has temporarily halted all pipeline operations. Details on the attack mechanism and the attack scope are under active investigation by the FBI and the private security firm Mandiant (a division of FireEye).
Cybercriminal groups use DarkSide to gain access to a victim’s network to encrypt and exfiltrate data. These groups then threaten to expose data if the victim does not pay the ransom. Groups leveraging DarkSide have recently been targeting organizations across various CI sectors including manufacturing, legal, insurance, healthcare, and energy.
Prevention is the most effective defense against ransomware. It is critical to follow best practices to protect against ransomware attacks, which can be devastating to an individual or organization and recovery may be a difficult process. In addition to the Joint CSA, CISA and FBI urge CI asset owners and operators to review the following resources for best practices on strengthening cybersecurity posture:
CISA and Multi-State Information Sharing and Analysis Center: Joint Ransomware Guide <https://www.cisa.gov/publication/ransomware-guide>

Natural hazard triggered industrial accidents: Are they Black Swans?

A recently published JRC study examines whether technological accidents caused by natural hazards (Natech accidents) are real “Blacks Swans” (unpredictable and hence unpreventable events), identifies their possible causes and discusses effective strategies to manage extreme risks.
The study concludes that the Black Swan metaphor is overused for technological accidents in general and Natech accidents in particular, whose recurrence raises questions about the effectiveness of corporate oversight and the application of state-of-the-art knowledge in managing risks.
What are Natech accidents?
Natech accidents occur when the natural and technological worlds collide, wherever hazardous industry is located in areas prone to natural hazards. Past Natech accidents have often had significant impacts on public health, the natural and built environment, and the local, national or even global economy.
Major technological accidents considered unpreventable are occasionally called Black Swan events. Three features characterize a Black Swan:
- it must be an outlier with respect to normal expectations, making it unpredictable;
- it has to have a major impact;
- it can be explained in hindsight, making it appear predictable.
Inadequate risk management and organisational risk blindness
A closer look at past Natech accidents shows that the vast majority of these events, if not all, could have been foreseen and prevented using available information and knowledge prior to the disaster. They can therefore not be considered inevitable or Black Swans.
The JRC study provides a detailed analysis of the reasons for why Natech risks are often underestimated:
- Risk management traditions and the Act-of-God mindset - The focus for managing natural risks has traditionally been on the response side and hence on disaster management, rather than on prevention and risk management, whereas the technological-risk community has always focused on risk- rather than disaster management. Natech risk is sandwiched between these two worlds, and neither community feels very much at ease with taking ownership of the risk;
- Complexity of Natech risk scenarios - Natech risk analysis would need extensions to traditional risk-analysis methodologies in order to cover the multi-hazard nature of the risk and the multitude of possible simultaneous scenarios;
- Risk governance and risk management problems due to the multi-stakeholder and multi-hazard nature of Natech risks, and the multitude of possibly conflicting issues that are usually on a manager’s radar screen;
- Socio-economic context, including group interests and power, economic pressure, and public or media indifference; and
- Human fallacies and cognitive biases that can corrupt the experiences we draw on for estimating risks.
Managing extreme risks
Building organisational resilience is key to managing risks effectively, in particular in high-risk industry. The JRC study discusses possible strategies to reduce extreme risks, prepare better for their consequences, and make Black Swans more accessible:
- Risk-based versus precaution-based strategies
- Disaster incubation theory and warning signals
- Mindfulness
- Resilience engineering
- Scenario planning
- Red teaming
While the JRC study is centered on Natech risks, it is generally applicable to managing also other types of extreme or low-probability risks.

NSA releases Cybersecurity Advisory on Ensuring Security of Operational Technology

The National Security Agency (NSA) released the Cybersecurity Advisory, “Stop Malicious Cyber Activity Against Connected Operational Technology” today, for National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) operational technology (OT) owners and operators. The CSA details how to evaluate risks to systems and improve the security of connections between OT and enterprise networks. Information technology (IT) exploitation can serve as a pivot point for OT exploitation, so carefully evaluating the risk of connectivity between IT and OT systems is necessary to ensure unique cybersecurity requirements are met.
Each IT-OT connection increases the potential attack surface. To prevent dangerous results from OT exploitation, OT operators and IT system administrators should ensure only the most imperative IT-OT connections are allowed, and that these are hardened to the greatest extent possible. An example of this type of threat includes recent adversarial exploitation of IT management software and its supply chain in the SolarWinds compromise with publicly documented impacts to OT, including U.S. critical infrastructure.
This guidance provides a pragmatic evaluation methodology to assess how to best improve OT and control system cybersecurity for mission success, to include understanding necessary resources for secure systems:
- First, NSA encourages NSS, DoD, and DIB system owners, operators, and administrators to evaluate the value against risk and costs for enterprise IT to OT connectivity. While the safest OT system is one that is not connected to an IT network, mission critical connectivity may be required at times. Review the connections and disconnect those that are not truly needed to reduce the risk to OT systems and functions.
- Next, NSA recommends taking steps to improve cybersecurity for OT networks when IT-OT connectivity is mission critical, as appropriate to their unique needs. For IT-OT connections deemed necessary, steps should be taken to mitigate risks of IT-OT exploitation pathways. These mitigations include fully managing all IT-OT connections, limiting access, actively monitoring and logging all access attempts, and cryptographically protecting remote access vectors.
Operational technology includes hardware and software that drives the operations of a given infrastructure environment, from an engine control unit in a modern vehicle to nationwide train transportation networks.
Every IT-OT connection creates an additional vector for potential OT exploitation that could impact and compromise mission and/or production. Performing a comprehensive risk analysis for all IT-OT interconnections and only allowing mission critical interconnections when they are properly protected will create an improved cybersecurity posture. By employing an appropriate risk analysis strategy, leadership and system owners and operators can make informed decisions to better manage OT networks while reducing the threats from and impact of exploitation and destructive cyber effects.

Exploring Research Directions in Cybersecurity

ENISA, the European Union Agency for Cybersecurity, has identified key research directions and innovation topics in cybersecurity to support the efforts of the EU towards a Digital Strategic Autonomy.
Resilience, technological sovereignty and leadership are essential for the EU and as such, they are addressed by the new EU Cybersecurity Strategy. In an effort to support this cybersecurity strategy, the European Union Agency for Cybersecurity releases today a report intended to look into digital strategic autonomy in the EU and suggests future research directions.
What is Digital Strategic Autonomy?
Digital strategic autonomy can be defined as the ability of Europe to source products and services designed to meet the EU’s specific needs and values, while avoiding being subject to the influence of the outside world. In the digital world, such needs may encompass hardware, software or algorithms, manufactured as products and/or services, which should comply with the EU values, and thus preserve a fair digital ecosystem while respecting privacy and digital rights.
To ensure the sourcing of such products and/or services complies with the EU’s needs and values, the EU has the option to self-produce them autonomously, or in the case where products and services are acquired from third countries, to certify them and validate their compliance.
However, in cases where there is a high dependence on sourcing, the EU should still be capable of operating its digital infrastructures without giving rise to any possible detrimental influence. Hence, Europe needs to maintain the capability to produce its critical products and services independently.
In short, digital strategic autonomy means the capacity for the EU to remain autonomous in specific areas of society where digital technologies are used.
Why such a move?
The new challenges brought about by the digitalisation of our environment raise questions on our capacity to retain ownership and control of our personal data, of our technological assets and of our political stand. Such are the main dimensions to be considered under the idea of digital strategic autonomy.
Furthermore, the COVID-19 pandemic highlighted the importance of cybersecurity and the need for the EU to continue to invest in research & development in the digital sector. Within this context, ENISA’s report sets and prioritises the key research and innovation directions in cybersecurity.
Key Research Directions: which are they?
The report identifies the following seven key research areas:
- Data security;
- Trustworthy software platforms;
- Cyber threat management and response;
- Trustworthy hardware platforms;
- Cryptography;
- User-centric security practices and tools;
- Digital communication security.
For each of these areas, the report introduces the current state-of-play in the EU, includes an assessment of current and expected issues. The analyses included serve the purpose of issuing recommendations on cybersecurity related research topics. Such recommendations intend to highlight the bases needed to bolster the EU’s digital autonomy.

Autonomous driving systems: A long road ahead

Substantive regulatory progress has been made since last year, despite the global COVID-19 pandemic that paralyzed supply chains in some industries around the world and shifted the mobility landscape considerably.
Still, progress towards fully autonomous driving has been slow. Five levels have been established within the industry for assisted, automated and autonomous driving. Fully autonomous driving is represented by only Level 5.
SAE levels of automation
Here are the top three takeaways from the recent Symposium on the Future Networked Car 2021:
1. Regulatory efforts are advancing in preparation for Autonomous Driving Systems (ADS)
The past year has seen considerable progress at the global, regional and national levels. The shared nature of most transport infrastructure and automotive supply chains means that common standards and interoperability in the manufacture and communication capabilities of different types of vehicles will be vital.
At the global level, two new regulations were introduced recently from United Nations’ Economic Commission for Europe (UNECE) on Cybersecurity (UN Regulation 155) and Software Updates (UN Regulation 156). A new UN Regulation 157 on Automated Lane Keeping Systems for highly automated driving up to 60 kph on motorways was recently approved.
Regulatory preparedness is mostly being developed at the regional level, with vehicle type approval, product liability and general product safety, and roadworthiness tests developed by the European Union and also in the Asia-Pacific region.
At the national level, developments include liability, traffic rules, regulatory mandates, trials, and infrastructure. For example, Finland has authorized Level 5 driving, and Germany has already authorized the use of automated vehicles on its motorways.
2. Fully Autonomous Driving Systems (ADS) are still a long way off
Currently, mainly only Level 2 vehicles are available on the market (other than autonomous shuttles and an autonomous taxi service operating in Phoenix, Arizona, the United States since October 2020). However, Honda recently announced its first Level 3 driving system, due to be launched later this year.
The car industry, highways agencies and transport regulators are working together to overcome the significant challenges introduced by autonomous driving. Chief among these are safety considerations – and what constitutes ‘acceptable risk’ for car occupants, as well as the broader public.
Data challenges also persist, from the capture and preservation of data to its interpretation and protection. Improving the physical environment with markers to make a more intelligent environment for automated, let alone autonomous, vehicles is another challenge, as well as collaboration that would enable intelligent vehicles to function across borders.
Other major challenges include the introduction of self-learning artificial intelligence (AI) systems in automated driving systems, as well as cybersecurity considerations – how to prevent unauthorized or illegal intrusions into connected cars or their networks.
3. The communication and data demands of ADS will be enormous
The changes driven by the advent of ADS are many and large. Even cars already on the road today are said to be running over 150 million lines of code. Many participants emphasized the changes needed in physical infrastructure, such as 5G masts and improved road markings, as well as the information needs and data demands, for mapping and object identification, for instance.
5G will be instrumental in improving automated driving and its communication needs like smart parking, but also V2V (vehicle-to-vehicle) and V2I (vehicle-to-infrastructure) communications. A host of innovations and improvements are needed throughout the vehicle ecosystem to help create an optimal real-world environment for automated driving systems. ITU is working with all stakeholders to help realize these innovations in the interests of smarter and safer mobility.
[Source: ITU]

White Paper on the future of weather and climate forecasting

The advancement of our ability to predict the weather and climate has been the core aspiration of a global community of scientists and practitioners, in the almost 150 years of international cooperation in meteorology and related Earth system sciences.
The demand for weather and climate forecast information in support of critical decision-making has grown rapidly during the last decade and will increase even faster in the coming years. The generation and provision of these services has been revolutionized by supercomputers, satellite and remote sensing technology, smart mobile devices. A growing share in these innovations has come from the private sector. At the same time progress has been hampered by persisting holes in the basic observing system.
In a new White Paper on the Future of Weather and Climate Forecasting, 30 leading experts from the research, operations and education fields therefore analyse the challenges and opportunities and set directions and recommendations for the future.
White Paper on the future of weather and climate forecasting“Undoubtedly, the 2020s will bring significant changes to the weather, climate and water community: on the one hand through rapid advancement of science and technology, and on the other hand through a swiftly changing landscape of stakeholders with evolving capabilities and roles,” writes WMO Secretary-General Prof. Petteri Taalas.
“Such changes will affect the way weather and climate forecasts are produced and used,” he says.
While National Meteorological and Hydrological Services in all 193 WMO Members are still the public entities designated by governments to provide meteorological and related services, many other providers have entered the weather forecasting business in recent decades, including intergovernmental organizations like ECMWF, private sector companies and academic institutions.
This profound change into multi-stakeholder delivery of weather and climate services is driven by several factors such as: rapidly growing demand for such services from public and private sectors; the open data policy of many public agencies and the technological advancement and affordable solutions for service delivery; and the improved skill of the forecasts, which raises demand and user confidence. As a result, there is now a new era of weather and climate services with many new challenges and opportunities.
In June 2019, WMO launched the Open Consultative Platform (OCP), Partnership and Innovation for the Next Generation of Weather and Climate Intelligence, embracing a community-wide approach with participation of stakeholders from the public and private sectors, as well as academia and civil society. The new White Paper is an output of this consultative platform.
“The White Paper is based on the concept of a weather and climate innovation cycle which is determined to advance prediction services with the aim to improve public safety, quality of life, protect the environment, safeguard economic productivity. This applies across all domains, weather, climate, oceans, hydrology and the land surface, and time span of decisions from minutes and hours, through to weeks, months and even years ahead." Says Dr Gilbert Brunet, Chair of the WMO Scientific Advisory Panel and lead author and coordinator of the group of prominent scientists and experts worldwide who contributed to the White Paper.
"With appropriate investment in science and technology, and through better PPE, the weather and climate enterprise will meet the increasing stakeholder and customer demands for tailored and seamless weather and climate forecasts. Such improvements will provide significant value to all nations. This paper makes the case that in many ways the PPE will accelerate the desired bridging of the capacity gap in weather and climate service needed for developing countries," said Dr Brunet.
The White Paper traces the development of the weather enterprise and examines challenges and opportunities in the coming decade. It examines three overarching components of the innovation cycle: infrastructure, research and development, and operation.
Chapters include:
- Infrastructure for forecasting (observational and high-performance ecosystems; advances through public-private engagement)
- Science and technology driving advancement of numerical prediction (numerical Earth-system and weather-to-climate prediction; high-resolution global ensembles; quality and diversity of models; innovation through artificial intelligence and machine learning; leveraging through public–private engagement.
- Operational forecasting: from global to local and urban prediction (computational challenges and cloud technology; verification and quality assurance; further automation of post-processing systems and the evolving role of human forecasters; leveraging through public–private engagement).
- Acquiring value through weather and climate services (user perspective; forecasts for decision support; bridging between high-impact weather and climate services; education and training).
“The decade 2021–2030 will be the decisive period for realization of the 17 United Nations Sustainable Development Goals. Most of these goals have links with the changing environment – climate change, water resources and extreme events,” he said.
“The desired outcomes in all areas require enhanced resilience, which is also the main call of the WMO Vision 2030. The advances expected in weather forecasting and climate prediction during this decade will support those ambitious goals by enabling a next generation of weather and climate services that help people, businesses and governments to better mitigate risks, reduce losses, and materialize opportunities from the new intelligence of highly accurate and reliable forecasts and predictions,” says the concluding chapter of the White Paper.

UNDRR ROAMC: Investment in education creates more resilient societies

Investments in safe schools provide economic returns for society and also contribute to economic recovery, according to the latest evidence. They represent a clear way to finance risk reduction initiatives in the education sector and are a direct contribution to the creation of more resilient societies.
The suspension of classes for more than a year, due to the pandemic, has not been duly dimensioned.  Until now. Education may well be one of the most affected sectors by the COVID-19 crisis. According to different analyses, students affected by school closures will obtain 3% less income during their professional lives, which will mean an approximate GDP loss of 1.5% over the remainder of the century. The pandemic will also increase school desertion and will have a profound effect on learning processes for an entire generation, without taking into account systemic effects from school closures, such as increased malnutrition, mental health effects, and other vulnerabilities.
These are devastating figures that demonstrate the need for schools and their safety to be a fundamental part of national budgetary preparations. 3 out of 5 students who did not go to school last year live in Latin America and the Caribbean.  This was emphasized during the Virtual Caribbean Safe School Initiative Pre-Ministerial Forum, held between the 15th to the 26th of last March, which was oriented towards the promotion of safety in Caribbean schools, and which is the regional mechanism for putting into practice a relationship between education and resilience.
The sixth session of the Pre-forum: School safety investment as a Key Element of Economic Recovery showed the importance of integrating into recuperation processes all the lessons learnt during this crisis.
“We should invest in gathering and use of information for observation and mapping of precise interventions, while at the same time modernizing our technological infrastructure, not only to be able to face disasters, but also in regards to contemporary realities,” stated Fayval Willams, Minister of Education, Youth, and Information of Jamaica.
According to João Pedro Azevedo, World Bank economist, the educational system must prepare its teachers to confront lower learning levels and higher inequality levels. That is to say, to prepare them for the consequences of the pandemic. “Vulnerable sectors have been those most affected by the closures during the pandemic since they have no access to the necessary technology,” added Cynthia Hobbs, an education specialist from the Interamerican Development Bank.
Andrew A. Fahie, Prime Minister of the British Virgin Islands, stated that reconstruction of the school system after the pandemic must consider technology. “Inaction cannot be an action,” he stated.
FUNDING PRIORITY
Kamal Ahmed, an international disaster risk finance consultant for the United Nations Office for Disaster Risk Reduction (UNDRR), elaborated further on the importance of investing in all aspects of school safety. “A school structure that collapses or closes interrupts nutritional programs, for example, which are a key element in social programs of many countries, and which at times are the only access to nutrition for many vulnerable children. In the case of the pandemic, if the child stays at home, and the father or mother must also stay, it reduces participation of that home in the labour market and therefore, their income,” stated Ahmed. “Investment in education produces amazing results, but also a lack of investment leaves surprising consequences.”
According to Ahmed, governments should develop a comprehensive evaluation of schools, identifying strengths and capacities, in addition to creating a matrix with safe and resilient school strategies, fragile and marginal school programs, and most vulnerable school projects. A plan must be created to compensate for learning losses.
From the financial point of view, added Ahmed, investment must be made in such a way as to reduce economic, social, environmental, physical, and lack of governance vulnerabilities. The Ministry of Education must be the priority in national budget preparation, with projections not only for costs but also for emergency funds.
Raúl Salazar, chief of UNDRR - Regional Office for the Americas and the Caribbean, stated that “loss of education increases gaps and inequality in the school system, and therefore social vulnerabilities. The disappearance of a large sector of the school population from the educational system will create significant effects on all social systems, including the economic systems.”    This clearly underlines the dimensions of systemic risk by its characteristics and requires us to confront them with a holistic and comprehensive vision.
Fahie, Prime Minister of the British Virgin Islands, specified that 20% of the 7% tax collection is applied to financial services for the improvement of schools structure. In this case, risk reduction forms a permanent part of state expenditures.
The Sendai Framework for Disaster Risk Reduction (2015-2030) is clear on this subject: “disaster risk reduction should be strengthened by providing adequate resources through various funding mechanisms, including increased, timely, stable and predictable contributions to the United Nations Trust Fund for Disaster Reduction and by enhancing the role of the Trust Fund in relation to the implementation of the present Framework”.
The world initiative for Safe Schools was accepted by the States during the signing of the Sendai Framework, which has been in effect for six years as of the 18th of March.
“In order to go forward, we must do it together, in a comprehensive way, with inter-institutional and inter-sectorial effort that would employ the disaster management abilities of various sectors which will put in motion well developed plans and strategies, financed and coherent with other large agencies, such as the Sustainable Development Objectives, and the Paris Agreement,” stated Mami Mizutori, the Special Representative of the Secretary General for Disaster Risk Reduction, during the opening day of the Pre-Ministerial Forum.

How AI will shape smart cities

Cities worldwide are not just growing, but also trying to reconfigure themselves for a sustainable future, with higher quality of life for every citizen. That means capitalizing on renewable power sources, maximizing energy efficiency and scaling up electrified transport on an unprecedented scale.
In parallel, artificial intelligence (AI) and machine learning are emerging as key tools to bring that future into being as global temperatures creep upward.
The 2015 Paris Agreement called for limiting the rise in average global temperatures to 1.5oC compared to pre-industrial levels, implying a massive reduction of greenhouse gas (GHG) emissions.
Meeting the ambitious climate goal would require a near-total elimination of emissions from power generation, industry, and transport by 2050, said Ariel Liebman, Director of Monash Energy Institute, at a recent AI for Good webinar convened by an ITU Focus Group studying AI and environmental efficiency.
A key role in renewables
Renewable energy sources, including the sun, wind, biofuels and renewable-based hydrogen, make net-zero emissions theoretically possible. But solar and wind facilities – whose output varies with seasons, the weather and time of day – require complex grid management and real-time responsiveness to work 24/7.
Smart grids incorporating data analytics, however, can operate smoothly with high shares of solar and wind power.
"AI methods – particularly optimization, machine learning, time series forecasting and anomaly detection – have a crucial role to play in the design and operation of this future carbon-free electricity grid," explained Liebman.
One power grid in Indonesia could reach 50 per cent renewables by 2030 at no extra cost compared to building new coal- and gas-fired plants, according to a modelling tool used at Monash. Renewable power generation costs have plummeted worldwide in recent years.
Anticipating future needs
Shifts in consumer demand for heat, light, or mobility can create further uncertainties, especially in urban environments. But reinforcement learning, combined with neural networks, can aid the understanding of how buildings consume energy, recommending adjustments and guide occupant behaviour.
"AI can make our existing assets more effective and efficient, but also help us in developing new business models, both in terms of cleaner technology, and also for our customers," said Dan Jeavons, General Manager, Data Science, at Shell.
The global energy giant put over 65 AI applications into service last year, enabling the company to monitor 5,700 pieces of equipment and generate real-time data feeds from across its asset base.
A data-driven approach
Digital consultancy Capgemini uses satellite data to understand fire risks and devise rescue plans. Another project uses data from Copernicus satellites to detect plastic waste in our natural environment.
“Deep learning algorithms simulate the shape and movement of plastic waste in the ocean and then train the algorithm to efficiently detect plastic waste," said Sandrine Daniel, head of the company’s scientific office.
Electric vehicle start-up Arrival takes a data-driven approach to decisions over the entire product lifecycle. Produced in micro-factories with plug-and-play composite modules, its vehicle designs reduce the environmental impact of manufacturing and use.
"We design things to be upgradable," said Jon Steel, Arrival’s Head of Sustainability. Functional components facilitate repair, replacement, or reuse, while dedicated software monitors energy use and performance, helping to extend each vehicle’s useful life.
Digital twins for urban planning
Real-time virtual representations – known as digital twins – have been instrumental in envisioning smart, sustainable cities, said Kari Eik, Secretary General of the Organization for International Economic Relations (OiER).
Under the global United for Smart Sustainable Cities (U4SSC) initiative, a project with about 50 cities and communities in Norway uses digital twins to evaluate common challenges, model scenarios and identify best practices.
"Instead of reading a 1,000-page report, you are looking into one picture,” Eik explained. “It takes five seconds to see not just a challenge but also a lot of the different use cases."
For digital twins, a privacy-by-design approach with transparent, trusted AI will be key to instil trust among citizens, said Albert H. Seubers, Director of Global Strategy IT in Cities, Atos. He hopes the next generation of networks in cities is designed to protect personal data, reduce network consumption, and make high-performance computing more sustainable. "But this also means we have to build a data management function or responsibility at the city level that really understands what it means to deploy data analytics and manage the data."
Seubers called for open standards to enable interoperability, a key ingredient in nurturing partnerships focused on sustainable city building. "Implementing minimal interoperability mechanisms means that from design, we have private data security and explainable AI. In the end, it's all about transparency and putting trust in what we do," he said.
[Source: ITU]
1 25 26 27 28 29 30