Protecting Cities’ Critical Assets
This article was adapted from work to create a forthcoming issue brief from the UN ARISE initiative with Ms. Yoshiko Abe, Sustainability Strategist at Kokusai Kogyo Co., Ltd. (Japan), with input from Dr. William Hynes, founder of Future Analytics Consulting, and leader of the EU’s HARMONISE and RESILENS Initiatives. The views expressed do not necessarily represent those of my employer, IBM.
As cities grapple with urban growth and climate change placing more people and economic activity in harm’s way, the resilience of critical infrastructures, and of the assets that make up these infrastructures, is coming increasingly under the spotlight. However, this is a complex issue, and not all its dimensions are well understood. This article attempts to explore them.
Cities can be thought of as “systems of systems”, where energy, water, communications, transportation, healthcare, law and order, data, and other physical systems (not to mention social, political and economic systems) interact. From this perspective, many issues arise.
First, each system may interact with other systems in ways that allow the possibility of cascading “failure chains”. An example of which happened with the US and Canadian energy grid in 2003; a tree branch tripped out a segment of a power line, which then cascaded to multiple further segments and in turn to 60 million people and to cell-phone, Amtrak, and water treatment systems. The failure chains may then extend to social systems too – as an extreme example, The Economist recently speculated how social breakdown could arise from the consequences of a solar magnetic storm hitting the US Energy Grid.
Some countries and cities can identify their critical systems and assets (it is, for example, a Federal requirement for cities to do this in the US), but very few can identify how they are linked to each other. As a result, they have no way to identify and manage the associated inter-dependencies. In many cases, as with the grid failure example, the existence of these linkages may not even be fully understood by all the entities affected, and accordingly come as a highly unwelcome surprise. Achieving critical infrastructure resilience therefore requires investing time and effort to identify and maintain relevant and up-to-date data on these linkages.
Second, each critical infrastructure system in the “system of systems” – and the critical assets that make them up – may be in different ownership, either within the city government, or in some other tier of government, or in a private sector utility or other organization. Critical infrastructure resilience is inherently, therefore, a multi-organizational endeavor. In very few cities that I have seen is the necessary level of collaboration in place to enable this. Either there is generally too little information sharing, or some major infrastructure system (too often, in my observation, the telecommunications system) is excluded from the collaboration mechanisms that have been set up.
Third, the definition of “critical” in critical infrastructure resilience is not fixed in time. A road or a flood pump may become critical over a period of years, perhaps as a nearby suburb expands to accommodate people from the city; or as the road or pump becomes more endangered over time as sea levels rise or weather patterns change. On an altogether different timescale, an otherwise unremarkable access road may, if it becomes blocked by debris and impedes access to a critical asset such as the flood pump above, itself become critical in real time, and remain that way for a period of days. Critical infrastructure resilience needs to include the “may become critical” assets that can impinge on critical ones.
Fourth, risk to critical assets needs to be assessed on a very granular scale. Each asset in the same system and in the same region may have different seismic capabilities or ability to accommodate flooding. Some individual asset – perhaps an electricity substation – in a system judged to be broadly resilient may trigger some cascading failure of its own. Therefore, critical infrastructure resilience needs to be assessed bottom up, from the individual assets that make up each system, as well as top down from the system-wide view.
As well as being a “system of systems” issue, it is not always appreciated that critical infrastructure resilience is a process, rather than a series of one-time actions such as hardening some asset, or holding emergency drills, or responding to an actual disaster. Clearly, planning for achieving resilience is a long run process, but there are other process dimensions that may be overlooked.
As noted above, the resilience goal itself needs to be continually reviewed as system risk and resilience levels change – and are recovered – over time, rather than as a one-time exercise.
Many organizations (cities, and private companies) have weak asset management processes, with erratic inspection routines, poor data collection on asset status and maintenance carried out, or weaknesses in in reserving funds for maintenance and upgrades. This means that critical assets may fail or be impaired when needed (for example, when the spillway for the Oroville Dam in California collapsed early in 2017 when used during a wet winter, necessitating evacuation of 188,000 people); or in extreme cases, they may fail randomly (again, for example, when a gas pipeline exploded in San Bruno, California in 2010 killing eight people). Critical infrastructure resilience is as much a function of organizational process discipline and stewardship of assets, as it is of hardening or relocating those assets.
Many critical assets and systems may be in areas that are known to be disaster prone but have not experienced a disaster for some years. Their owners may not have practiced disaster resilience in the period since the last real alert; or they may not have documented how they addressed the problems that arose last time – and those who had that knowledge may no longer be with the organization. In either case, with the next disaster, the infrastructure owner will be “learning all over again”. Related to the previous point, therefore, critical infrastructure resilience is, therefore, also a function of organizational readiness.
A number of tools and approaches exist that can improve critical asset management in cities.
First, more widespread use needs to be made of engineering methodologies for detecting and managing linkages between critical assets. The military has for many years used established methodologies such as Failure Modes, Effects and Criticality Analysis (FMECA) for the management of complex engineered “systems of systems” such as aircraft carriers, and there are several other options from the civil engineering world. A standard method (or set thereof) needs to be identified and promulgated for critical infrastructure.
Second, while as noted many organizations are likely to be involved in critical infrastructure management in a city, collaboration and information sharing has to be enabled between them. One example might be a sharing a common GIS base-map with layers depicting the location of all critical assets, the linkages between them, ownership, access information and so on. (For all its value to the city and infrastructure owners in managing disasters, the value of this information to terrorists or cyber criminals would be substantial, so access to it needs to be carefully protected. One solution that is used in Japan is to carefully ensure consistent base maps, definitions etc, but to disable the information sharing in day to day work, only turning it on with separate security and access controls in a defined “emergency mode” – for specific exercises and for managing actual events).
Third, those who own and manage critical infrastructure systems and assets, including local governments and private companies, may prioritize investment towards resilience in their own hardware and physical readiness, over other possible actions such as building collaboration, or in ignorance of the impact on other systems. Government leadership is essential in promoting the necessary prioritization and collaboration, which may not otherwise take place.
Fourth, critical infrastructure resilience needs to be managed not in isolation from the rest of the city but in the context of a wider view of the city and how it operates. For example, building codes may need to be changed to ensure asset resilience; or neighborhoods may need to be made aware of the capabilities (or lack thereof) of storm water management systems; or investment in critical infrastructure may need to be prioritized along with other resilience investments. One instrument that allows the full context to be addressed is the UN ISDR’s City Disaster Resilience Scorecard, based on the its “Ten Essentials” of disaster resilience (see the graphic below).
Broader still is the assessment instrument used by the Rockefeller Foundation’s 100 Resilient Cities (100RC) initiative.
One key benefit of considering the wider context is the ability to spot where investments in critical infrastructure resilience might yield “dividends” in other areas, for example, where a flood zone also functions as a park when not flooded, or where investment in a neighborhood microgrid makes part of the energy supply more resilient. Conversely, investments in other areas can yield “dividends” in critical infrastructure resilience, for example, where underground parking garages are designed also to function as storm-water cisterns. These dividends can help greatly with making the case for investing in critical infrastructure resilience in the first place.
Finally, critical infrastructure management processes and systems need to improve:
- Owners and operators of critical infrastructure need to ensure that their basic asset management disciplines – budgeting, inspections, data capture and so on – are sound and reliable. Mobile data capture tools may help with aspects of this.
- Knowledge repositories or content management tools are also essential for capturing the “institutional knowledge” of each organization involved, so helping to offset the “brain drain” as key workers or executives leave the organization or retire.
- In particular, with the growing use of sensors on machinery and structures, and analysis of the data provided, failures of equipment or infrastructure can frequently be predicted using predictive maintenance tools. Standards for critical infrastructure resilience need to specify the use of predictive maintenance.
Leave your comment below, or reply to others.
Please note that this comment section is for thoughtful, on-topic discussions. Admin approval is required for all comments. Your comment may be edited if it contains grammatical errors. Low effort, self-promotional, or impolite comments will be deleted.
Read more from MeetingoftheMinds.org
Spotlighting innovations in urban sustainability and connected technology
Based on our observations and experiences, we’ve written a white paper describing a Smart City-Public Health Emergency collaboration framework. We define a structured approach to broadly consider and maximize collaboration opportunities between the smart city innovation community and municipalities for the COVID-19 outbreak. It integrates the CDC Public Health Emergency and Response Capabilities standards with components of a smart city innovation ecosystem. The CDC defined capability standards are organized into six domains. Each intersection in the framework represents a collaboration point where the smart city’s innovation ecosystem and digital capabilities can be used to augment the municipalities’ public health emergency response needs.
Social distancing is becoming the new normal, at least for those of us who are heeding the Center for Disease Control’s warnings and guidelines. But if you don’t have reliable, high-speed broadband, it is impossible to engage in what is now the world’s largest telecommunity. As many schools and universities around the world (including those of my kids) are shut down, these institutions are optimistically converting to online and digital learning. However, with our current broadband layout, this movement will certainly leave many Americans behind.
Accenture analysts recently released a report calling for cities to take the lead in creating coordinated, “orchestrated” mobility ecosystems. Limiting shared services to routes that connect people with mass transit would be one way to deploy human-driven services now and to prepare for driverless service in the future. Services and schedules can be linked at the backend, and operators can, for example, automatically send more shared vehicles to a train station when the train has more passengers than usual, or tell the shared vehicles to wait for a train that is running late.
Managing urban congestion and mobility comes down to the matter of managing space. Cities are characterized by defined and restricted residential, commercial, and transportation spaces. Private autos are the most inefficient use of transportation space, and mass transit represents the most efficient use of transportation space. Getting more people out of private cars, and into shared feeder routes to and from mass transit modes is the most promising way to reduce auto traffic. Computer models show that it can be done, and we don’t need autonomous vehicles to realize the benefits of shared mobility.