TY - JOUR T1 - Protecting Critical Infrastructure by Identifying Pathways of Exposure to Risk JF - Technology Innovation Management Review Y1 - 2013 A1 - Philip O’Neill KW - critical infrastructure KW - cybersecurity KW - directed graph KW - modelling KW - path analysis KW - risk analysis KW - simulation KW - strongest-path method AB - Increasingly, our critical infrastructure is managed and controlled by computers and the information networks that connect them. Cyber-terrorists and other malicious actors understand the economic and social impact that a successful attack on these systems could have. While it is imperative that we defend against such attacks, it is equally imperative that we realize how best to react to them. This article presents the strongest-path method of analyzing all potential pathways of exposure to risk – no matter how indirect or circuitous they may be – in a network model of infrastructure and operations. The method makes direct use of expert knowledge about entities and dependency relationships without the need for any simulation or any other models. By using path analysis in a directed graph model of critical infrastructure, planners can model and assess the effects of a potential attack and develop resilient responses. PB - Talent First Network CY - Ottawa VL - 3 UR - http://timreview.ca/article/714 IS - 8 U1 - Deep Logic Solutions Philip O'Neill is Chief Scientist at Deep Logic Solutions Inc. He holds a PhD in Combinatorics and Optimization from the University of Waterloo, Canada. He is a specialist in operational research and risk analysis, and has additional expertise in mathematical modelling, quantitative analysis, algorithms, and decision support. His career has included 17 years of practice in the Operational Research Division of the Department of National Defence (DND); he has served as chairman of the NATO Panel 7 Specialist Team on the Evaluation of Readiness and Sustainment Policy; and he was chosen by the DND to model dependency relationships among infrastructures in Canada as part of risk analysis for the millennium turnover. Since 2001, he has designed and managed the software development of RiskOutLook, an analytical tool for risk analysis that identifies and quantifies risks that result from dependency relationships. ER -