Outlining comprehensive security analysis of a critical infrastructure network

    Research output: Contribution to journalArticleScientificpeer-review

    1 Citation (Scopus)


    This paper outlines a security assessment methodology for analysing critical infrastructure networks. The focus is on intentional attacks against critical infrastructure, but otherwise the scope is not delimited much. Comprehensive security analysis of a critical infrastructure network requires an assessment of the probability of an attack, the probability of success of the attack, the propagation of the consequences in the network and the severity of the consequences. In this paper, a critical infrastructure network should be understood as a network including different infrastructures, such as gas, water and electricity. The aim is that the interconnections between different infrastructures are built in the risk model. In the outlined methodology, the analysis starts with the identification of potential attackers and targets, and selection of analysis cases. Then, a network model is utilised to identify attack locations and assess consequences, and in the last steps, attack events and their probabilities are analysed. Although different steps of the methodology can use different risk analysis methods, they are linked so that dependencies between them can be taken into account, and total risk estimates can be determined. It is not specified which particular method should be used in each step, but some potential methods are discussed. The selection of methods can depend on the application target and the size of the problem.
    Original languageEnglish
    Pages (from-to)30-39
    JournalInternational Journal of Safety and Security Engineering
    Issue number1
    Publication statusPublished - 2016
    MoE publication typeA1 Journal article-refereed


    • attacks
    • consequence analysis
    • critical infrastructure network
    • security analysis


    Dive into the research topics of 'Outlining comprehensive security analysis of a critical infrastructure network'. Together they form a unique fingerprint.

    Cite this