Centre for Software Reliability
  1. News
  2. Staff
  3. Research
  4. Publications
  5. Courses
  6. Consultancy & Advisory Services
  7. Contact CSR
  1. Research Projects
Software Reliability


Integrated Risk Reduction of Information-Based Infrastructure Systems

Principal Investigator: Prof Robin Bloomfield

Contact:  Prof Robin Bloomfield, CSR contact: Dr Peter Popov

Funding Source:  EU Integrated Project, contract 027568

Funding for CSR : Euro 499,000

Duration: February 2006 - January 2009

Summary and objectives:

IRRIIS aims at increasing dependability, survivability and resilience of the underlying information-based infrastructures.
The main objectives are:

  • Determine a sound set of public and private sector requirements based upon detailed scenario and data analysis.
  • Develop MIT (Middleware Improved Technology), a collection of software components, which facilitates IT-based communication between different infrastructures and different infrastructure providers.
  • Build SYNTEX, a synthetic simulation environment for controlled experimentation with a special focus on LCCIs (Large Critical Complex Infrastructures) interdependencies.
  • Disseminate novel and innovative concepts, results and products to other information-based critical sectors.

The interdisciplinary research and development is performed by a European consortium of fifteen partners, ranging from academia over technical consultant and service providers to key stakeholders from the fields of energy supply and telecommunication. CSR is working with our IRRIIS partners to develop techniques to help discover and analyse interdependencies between infrastructures. This builds on research on common mode failure, diversity and complex systems.

We are keen to assess the relevance of IRRIIS results to other infrastructures. Please contact Peter Popov if you are interested in any such initiatives.


Summary of CSR's work on the IRRIIS project on interdependency analysis

The work by CSR has been focussed broadly in the area of stochastic modelling, a core area of expertise of the Centre. More specifically the following aspects have been looked at closely:

  • Preliminary (qualitative) Interdependency analysis (PIA) - a method of interdependency discovery applicable at service level (e.g. power utility, telco ISP, etc.).
    • Tool support, based on ASCE tool, to assist a user document the services and how they depend on each other. The method allows for discovery and documenting:
      • Peer wise dependencies between services via their input/outputs, resources, assets and components, which form the networks owned/operated by the respective service provider (i.e. organisations);
      • Dependence on "common" factors, such as local weather, natural disaster events (e.g. earthquakes, flooding, etc.), which might affect simultaneously components of different services due to their geographical proximity;
  • Quantitative (probabilistic) interdependency analysis:
    • Models of dependencies. Here we focussed on probabilistic models of dependence between the components of critical Infrastructures (CIs), but also looked at combining these with deterministic domain specific models. The work has started on abstract topologies, but gradually converged towards a specific scenario (the Rome Scenario) developed within the IRRIIS consortium, which covers with a reasonable level of details 2 CIs in the Rome area: the power transmission/distribution network and the telecom network in the area. The scenario includes a range of services such as the fixed lines telephony, fibre optics trunks and GSM. More specifically, we addressed the following aspects:
      • Probabilistic models of dependence between the services (via the elements thereof). A key metric used in dependence modelling was probability of failure. When element A of the model is dependent on element B the probability of failure of A is assumed dependent on the state of B (normal operation, failure). In more details the developed models allow for capturing different dependencies:
        • Dependence of the elements' failure rates on "local effects". Under "normal" conditions the rates of failure will be lower than under "stressful" conditions (e.g. when adverse "local" events occur):
          • The failure rate of the elements is affected by the state of the neighbouring elements (it increases as a result of failure of the neighbouring elements);
          • Local "disasters" lead to an increase of the failure rate of the elements in the affected areas;
        • Dependence of the failure rates on the flows (power flows/telco traffic) through the elements of the network. A study showed that outages (failures of large parts of the respective networks) are more frequent than, as is the common practice, this dependence is ignored.
        • Tool support for quantitative interdependency analysis based on stochastic activity networks (SAN). The work resulted in an extensive development using Mobius (SAN) tool augmented with a custom C++ development to represent adequately the Rome Scenario, mentioned above. The current state of the work allows for complex studies to be undertaken via Monte-Carlo simulation. A set of custom built tools/scripts was also developed to assist an experimenter in setting up the experimentation harness (e.g. importing the topology of the networks, parameterising the stochastic model, describing the stochastic associations/dependencies between the modelled elements, etc.).
      • Combining stochastic models with high fidelity deterministic domain specific engineering models (e.g. power flows). The SAN model of the Rome Scenario was extended with a DC power flow computation routine, which allows for the deterministic consequences of failures (overloads and possible trips of the power lines) to be modelled in addition to probabilistic dependencies via failure rates. A study was conducted into how the level of abstraction used in the model affects the results of the analysis by comparing how adding power flow models (DC power flow calculations) affects the distribution of time between blackouts/partitioning the power grid.
  • SAN model-based risk-estimation, applicable to services offered by their respective service providers. This line of research, only started recently, is intended to illustrate that stochastic modelling can be immediately useful to service providers, e.g. can be used in addition to the current deterministic procedures used such as N-1 criterion used for for power networks. A typical use-case of risk-estimation will be deploying an on-line risk-estimator (a SAN-model augmented with the relevant deterministic models) of the underlying network for predicting on demand (e.g. on a change of the state of the elements of the network) the probability of a disruption of the service provided to external operators in short term, e.g. the next 30 min. For instance a power disruption operator can compute the risk of a disruption of the GSM network powered by them and notifiy the respective GSM operator of an increased risk of a disruption before the disruption actually occurs. This early notification will allow the the operator of the affected service to mitigate the consequences of the potential disruptions, e.g. by proactive resource allocation in the "risky" areas.

We welcome your feedback, please mail any comments/suggestions to webadm@soi.city.ac.uk
version 2.9 Published: 15th May 2009