Critical Infrastructures

from Wikipedia, the free encyclopedia

Critical infrastructures are facilities , systems or a part thereof that are essential for the maintenance of important social functions, the health , safety and economic or social well-being of the population and the disruption or destruction of which would have significant effects because their functions are not maintained could become.

General

Infrastructures are public or private facilities or facilities that are accessible to everyone and that provide services in a defined organizational and / or geographical area . This also includes the running processes , the information technology used and the workforce . Critical infrastructures are accordingly "Organizations and facilities of major importance for the state community , whose failure or impairment would lead to lasting supply bottlenecks , significant disruptions to public safety or other dramatic consequences." "Critical" refers to the systemic relevance of the infrastructures, i.e. on the institutions that are particularly important for the overall system and services of general interest .

It also requires the protection of critical information infrastructures ( English Critical Information Infrastructure Protection , CIIP). "Critical" does not mean that the probability of occurrence of disruptions is high. Rather, it should be understood that disruptions or failures can have far-reaching consequences, including catastrophic effects on the state, economy and / or large parts of the population.

history

Awareness of the focus on critical infrastructures did not emerge until July 1996 in the USA , when political decisions were made and measures were taken to protect them. After the April 1995 bombing of the Murrah Federal Building in Oklahoma City , Janet Reno , Attorney General under President Bill Clinton , proposed a commission to deal with the US's vulnerability to attacks on essential facilities. The body was officially called the “Presidential Commission on Critical Infrastructure Protection (PCCIP)” and in October 1997 it drew attention to the fact that the main focus should be placed on the Internet because hackers could use it to paralyze critical infrastructures. The commission identified the sectors of information and communication , finance , water , electricity , gas and oil supply , traffic and transportation , emergency services and US administration as critical infrastructures .

Further progress was only made on the occasion of special disasters. So who made terrorist attacks on 11 September 2001 , among other things by the term Disaster Preparedness ( German  "Disaster Preparation" ) that the US government funds , personnel , skills and tasks for the civil protection , the airport security and aviation security increased. In August 2003, a computer virus caused all train signals to be out for hours in 23 states , causing railways to be up to 6 hours late or even to fail completely. In the same month, a lightning strike on the east coast triggered a widespread power outage when power lines stopped working, overloading power plants that shut down automatically.

species

Critical infrastructures are made up of basic technical infrastructures and socio-economic infrastructures: Basic technical infrastructures guarantee the energy supply, drinking water supply and wastewater disposal and enable information exchange, communication as well as transport and traffic right through to sales and supply chains . Socio-economic infrastructures relate to food supply , finance , emergency services, and the supply of mass media and culture . Sometimes they are interdependent, such as transport and food supply (supply chains).

Legal issues

Within the meaning of Council Directive 2008/114 / EC of December 8, 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection , a critical infrastructure is an installation , a system or a part thereof that is operated by are essential for the maintenance of important social functions, the health , the safety and the economic or social well-being of the population and the disruption or destruction of which would have significant effects, since their functions could not be maintained.

Critical infrastructures appear as a legal term for the first time in December 2008 in the Regional Planning Act (ROG). According to this, one of the principles of spatial planning is that, according to Section 2 (2) No. 3 ROG, the protection of critical infrastructures must be taken into account. The protection of critical infrastructures also includes the supply of key industries , the impairment of which would immediately lead to serious disruptions in the supply situation . The “criticality of infrastructures” is a measure of the importance of an infrastructure with regard to its system functionality. Critical infrastructures within the meaning of Section 2 (10) of the BSI Act are facilities, systems or parts thereof that belong to the energy, information technology and telecommunications, transport and traffic, health, water, nutrition, and finance and insurance sectors and are of great importance for the functioning of the community because their failure or impairment would result in considerable supply bottlenecks or threats to public safety.

The operators of critical infrastructures are in accordance with § 8 para. 1 BSI-law duty to take appropriate organizational and technical measures to avoid disturbances in the availability, integrity, authenticity and confidentiality of their information technology systems, components or processes necessary for the functioning of the of them operated critical infrastructures are decisive. In accordance with Section 10 (1) of the BSI Act, the Federal Ministry of the Interior specified in more detail which facilities, systems or parts thereof are considered critical infrastructures within the meaning of this Act. This statutory ordinance is the BSI-KritisV, which identifies the following eight sectors as critical infrastructures:

  1. Energy : electricity , gas , mineral oil ( § 2 BSI-KritisV),
  2. Water : Public water supply , public waste water disposal ( § 3 BSI-KritisV),
  3. Nutrition : food industry , food trade ( § 4 BSI-KritisV),
  4. Information technology and telecommunications ( § 5 BSI-KritisV),
  5. Health : Medical care , drugs and vaccines , laboratories ( § 6 BSI-KritisV),
  6. Finance and insurance : credit institutions , stock exchanges , insurance companies , financial service providers ( § 7 BSI-KritisV),
  7. Transport and traffic : aviation , maritime shipping , inland shipping , rail traffic , road traffic , logistics ( § 8 BSI-KritisV).

The Federal Office for Civil Protection and Disaster Assistance also includes the following critical infrastructures:

The last two sectors are not part of the BSI-KritisV.

economic aspects

Due to the networking of critical infrastructures, both across sectors and across borders, there are strong, non-linear interdependencies . This can lead to a disruption from one operator of a critical infrastructure spreading through a cascade effect to other operators and thus endangering the population. According to § 1 No. 2 BSI-KritisV, the operator is a natural or legal person who, taking into account the legal, economic and factual circumstances, exercises decisive influence on the quality and operation of a system or parts thereof.

International

In Switzerland , the spectrum of critical infrastructures comprises nine sectors, divided into 27 subsectors (branches).

Critical infrastructures are in Austria in § 74 Z 11 criminal code as well as in § 22 6 par. 1 Z Sicherheitspolizei law defined. The Federal Ministry of the Interior and the Federal Chancellery are responsible for protection ; these are supported in implementation by the APCIP . Austria has binding bilateral agreements with the countries of Slovakia and the Czech Republic , in which they assure each other of help in emergencies. There is also a DA-CH cooperation and cooperation with the European Commission on EPCIP , Internal Security Fund (ISF for short) and CIWIN .

See also

Literature / web links

Individual evidence

  1. ↑ Council Directive 2008/114 / EC of December 8, 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection , accessed on April 30, 2017
  2. Tillmann Schulze, Conditionally ready for defense: Protection of critical information infrastructures in Germany and the USA , 2006, p. 24 FN 14
  3. Federal Ministry of the Interior, Building and Home Affairs (BMI), KRITIS Strategy , 2009, p. 5
  4. Harald Karutz / Wolfram Geier / Thomas Mitschke, Civil Protection , 2017, p 186
  5. Tillmann Schulze, Conditionally ready for defense: Protection of critical information infrastructures in Germany and the USA , 2006, p. 112
  6. Tillmann Schulze, Conditionally ready for defense: Protection of critical information infrastructures in Germany and the USA , 2006, p. 25
  7. Markus Schumacher / Utz Roedig / Marie-Luise Moschgath, Hacker Contest: Security Problems , Solutions, Examples , 2003, p. 157
  8. Tillmann Schulze, Conditionally ready for defense: Protection of critical information infrastructures in Germany and the USA , 2006, p. 136
  9. Bernd Buthe, Integration of spatial planning issues in traffic planning , 2017, p. 14 f.
  10. Bernd Buthe, Integration of spatial planning issues in traffic planning , 2017, p. 15
  11. BMVI , Security Strategy for the Freight Transport and Logistics Industry , 2014, p. 10
  12. BMI , National Strategy for the Protection of Critical Infrastructures (KRITIS Strategy) , 2009, p. 5
  13. Definition of “critical infrastructures” (sector and branch classification) according to the Federal Office for Civil Protection and Disaster Assistance , accessed on April 20, 2020
  14. Stefan Voßschmidt / Andreas Karsten (eds.), Resilience and Critical Infrastructures , 2019, pp. 20 f.
  15. Federal Office for Civil Protection (FOCP), The Critical Infrastructures , 2020 , accessed on April 20, 2020
  16. Austrian Program for the Protection of Critical Infrastructures, Master Plan 2014 accessed on March 4, 2019