Upload
sommerville-videos
View
316
Download
0
Tags:
Embed Size (px)
DESCRIPTION
Citation preview
Infrastructure dependability, 2013 Slide 1
Critical National Infrastructure 2:
Infrastructure dependabilityIan Sommerville
Infrastructure dependability, 2013 Slide 2
Influences on dependability
• Infrastructure ownership
• Infrastructure funding
• Infrastructure dependencies
Infrastructure dependability, 2013 Slide 3
Infrastructure ownership
• No single owner or authority
• Mixture of public and private ownership
• Increasing privatisation
Infrastructure dependability, 2013 Slide 4
Infrastructure internationalisation
• Owners may be international companies located in different countries from the infrastructure that they own
Infrastructure dependability, 2013 Slide 5
UK rail privatisation
British rail
Infrastructure dependability, 2013 Slide 6
Regulation
• Government regulators are responsible for safety and have powers to enforce safety-related changes on companies
Infrastructure dependability, 2013 Slide 7
Dependability consequences
• No single organisation is responsible for overall system dependability and for liaison with other infrastructure providers
• Cost and budgets rather than safety are the key drivers as company shareholders have to be satisfied
Infrastructure dependability, 2013 Slide 8
Dependability consequences
• Companies try to avoid responsibility for incidents and accidents as these mean that compensation may have to be paid to other companies or individuals
• There is a tendency to try to blame other companies when things go wrong
Infrastructure dependability, 2013 Slide 9
Infrastructure funding
• Infrastructure replacement is very expensive
• Governments and companies are often reluctant to pay for infrastructure
©Stefan Kuhn (flickr)
© UK Highways Agency (via Jimmy Guano)
Infrastructure dependability, 2013 Slide 10
Infrastructure replacement
• Across the developed world, ageing infrastructure built in the 1950s and 1960s is in need of replacement.
© Dennis Bratland
Infrastructure dependability, 2013 Slide 11
Dependability consequences
• Because of the high costs, there is a tendency to delay infrastructure investment and maintenance but to wait until failures occur and then repair the infrastructure
• This leads to longer periods of unavailability and disruption for users of the infrastructure
Infrastructure dependability, 2013 Slide 12
Infrastructure dependencies
• Infrastructure elements are often dependent on each other so that failure of one element may be caused by failure of some other element elsewhere
Infrastructure dependability, 2013 Slide 13
(Source: US DOE)
Infrastructure dependability, 2013 Slide 14
Types of dependency
• Functional– Use of common functions by different
elements of the infrastructure
• Informational – Decision making may depend on data
from the same source
• Shared Control– Control is from the same
system/location
Infrastructure dependability, 2013 Slide 15
Types of dependency
• Geospatial– Components are located physically close to
each other
• Purpose– Elements of the infrastructure may have a
shared function or purpose so components may be reused
• Policy– Different elements of the infrastructure may
be governed by the same policies
Infrastructure dependability, 2013 Slide 16
Cascade failure
• A failure in one area cascades to another infrastructure sector, causing failures and disruption, sometimes in quite unrelated areas
Infrastructure dependability, 2013 Slide 17
Cascade failure
• Failure of flood defences results in an electricity distribution centre being threatened by flooding
• Shut down for safety reasons
• Leads to a loss of power in the local area
• An ISP in that area goes offline, leading to a loss of internet service to customers who may be anywhere in the country.
Infrastructure dependability, 2013 Slide 18
Mutual dependencies
• Mutual dependencies cause major problems in the event of failure– Communications systems depend on
power
– Power recovery depends on communications
– Power failure that leads to loss of communications is difficult to recover from
Infrastructure dependability, 2013 Slide 19
www.geography.org.uk
Infrastructure dependability, 2013 Slide 20
Single points of failure
• Several services share some facility so that failure at that facility leads to a loss of all of these services.
• Power and communication cables in the same duct
© Martin Pettitt (2006)
Infrastructure dependability, 2013 Slide 21
Single point of failure
• Transport, communication and power cables use the same bridge to cross a river or sea channel
Infrastructure dependability, 2013 Slide 22
Shared system components• Control systems for different
infrastructure elements may be supplied by the same company
• Software components may be reused across systems for different types of infrastructure control
Infrastructure dependability, 2013 Slide 23
Shared components
• Failure of a reused component can lead to failures in apparently unrelated parts of the infrastructure
Infrastructure dependability, 2013 Slide 24
Dependability consequences
• Infrastructure systems are not independent
• Assessment of the dependability of one part of the infrastructure has to consider the dependability of other infrastructure elements
• Dependencies may be unknown
• Contingencies for the failure of these other elements may have to be made
Infrastructure dependability, 2013 Slide 25
Key points
• The fragmented ownership of national infrastructure has overall effects on its dependability
• Infrastructure elements are rarely independent but depend on other elements of the national infrastructure
• When considering the dependability of part of the infrastructure, you have to take into account its possible dependencies with other parts of the infrastructure and their dependability