Peter Williams, Chief Technology Officer, Big Green Innovations, IBM

Dr. Peter Williams is the Chief Technology Officer, Big Green Innovations, at IBM. His focus areas are resilience to natural disasters and chronic stresses; Smarter Cities; and cloud computing for government. He has had a major role in developing the intellectual foundation for IBM's "Smarter Planet" and "Smarter Cities" initiatives, and in identifying and integrating their technological components - both IBM-originated and from outside the company.

Who will you meet?

Cities are innovating, companies are pivoting, and start-ups are growing. Like you, every urban practitioner has a remarkable story of insight and challenge from the past year.

Meet these peers and discuss the future of cities in the new Meeting of the Minds Executive Cohort Program. Replace boring virtual summits with facilitated, online, small-group discussions where you can make real connections with extraordinary, like-minded people.


This article was adapted from work to create a forthcoming issue brief from the UN ARISE initiative with Ms. Yoshiko Abe, Sustainability Strategist at Kokusai Kogyo Co., Ltd. (Japan), with input from Dr. William Hynes, founder of Future Analytics Consulting, and leader of the EU’s HARMONISE and RESILENS Initiatives.  The views expressed do not necessarily represent those of my employer, IBM.

As cities grapple with urban growth and climate change placing more people and economic activity in harm’s way, the resilience of critical infrastructures, and of the assets that make up these infrastructures, is coming increasingly under the spotlight. However, this is a complex issue, and not all its dimensions are well understood.  This article attempts to explore them.

Cities can be thought of as “systems of systems”, where energy, water, communications, transportation, healthcare, law and order, data, and other physical systems (not to mention social, political and economic systems) interact. From this perspective, many issues arise.

First, each system may interact with other systems in ways that allow the possibility of cascading “failure chains”. An example of which happened with the US and Canadian energy grid in 2003; a tree branch tripped out a segment of a power line, which then cascaded to multiple further segments and in turn to 60 million people and to cell-phone, Amtrak, and water treatment systems. The failure chains may then extend to social systems too – as an extreme example, The Economist recently speculated how social breakdown could arise from the consequences of a solar magnetic storm hitting the US Energy Grid.

Some countries and cities can identify their critical systems and assets (it is, for example,  a Federal requirement for cities to do this in the US), but very few can identify how they are linked to each other. As a result, they have no way to identify and manage the associated inter-dependencies. In many cases, as with the grid failure example, the existence of these linkages may not even be fully understood by all the entities affected, and accordingly come as a highly unwelcome surprise. Achieving critical infrastructure resilience therefore requires investing time and effort to identify and maintain relevant and up-to-date data on these linkages.

Second, each critical infrastructure system in the “system of systems” – and the critical assets that make them up – may be in different ownership, either within the city government, or in some other tier of government, or in a private sector utility or other organization. Critical infrastructure resilience is inherently, therefore, a multi-organizational endeavor. In very few cities that I have seen is the necessary level of collaboration in place to enable this. Either there is generally too little information sharing, or some major infrastructure system (too often, in my observation, the telecommunications system) is excluded from the collaboration mechanisms that have been set up.

Third, the definition of “critical” in critical infrastructure resilience is not fixed in time. A road or a flood pump may become critical over a period of years, perhaps as a nearby suburb expands to accommodate people from the city; or as the road or pump becomes more endangered over time as sea levels rise or weather patterns change. On an altogether different timescale, an otherwise unremarkable access road may, if it becomes blocked by debris and impedes access to a critical asset such as the flood pump above, itself become critical in real time, and remain that way for a period of days. Critical infrastructure resilience needs to include the “may become critical” assets that can impinge on critical ones.

Fourth, risk to critical assets needs to be assessed on a very granular scale. Each asset in the same system and in the same region may have different seismic capabilities or ability to accommodate flooding. Some individual asset – perhaps an electricity substation – in a system judged to be broadly resilient may trigger some cascading failure of its own. Therefore, critical infrastructure resilience needs to be assessed bottom up, from the individual assets that make up each system, as well as top down from the system-wide view.

As well as being a “system of systems” issue, it is not always appreciated that critical infrastructure resilience is a process, rather than a series of one-time actions such as hardening some asset, or holding emergency drills, or responding to an actual disaster.  Clearly, planning for achieving resilience is a long run process, but there are other process dimensions that may be overlooked.

As noted above, the resilience goal itself needs to be continually reviewed as system risk and resilience levels change – and are recovered – over time, rather than as a one-time exercise.

Many organizations (cities, and private companies) have weak asset management processes, with erratic inspection routines, poor data collection on asset status and maintenance carried out, or weaknesses in in reserving funds for maintenance and upgrades. This means that critical assets may fail or be impaired when needed (for example, when the spillway for the Oroville Dam in California collapsed early in 2017 when used during a wet winter, necessitating evacuation of 188,000 people); or in extreme cases, they may fail randomly (again, for example, when a gas pipeline exploded in San Bruno, California in 2010 killing eight people). Critical infrastructure resilience is as much a function of organizational process discipline and stewardship of assets, as it is of hardening or relocating those assets.

Many critical assets and systems may be in areas that are known to be disaster prone but have not experienced a disaster for some years. Their owners may not have practiced disaster resilience in the period since the last real alert; or they may not have documented how they addressed the problems that arose last time – and those who had that knowledge may no longer be with the organization. In either case, with the next disaster, the infrastructure owner will be “learning all over again”. Related to the previous point, therefore, critical infrastructure resilience is, therefore, also a function of organizational readiness.


A number of tools and approaches exist that can improve critical asset management in cities.

First, more widespread use needs to be made of engineering methodologies for detecting and managing linkages between critical assets. The military has for many years used established methodologies such as Failure Modes, Effects and Criticality Analysis (FMECA) for the management of complex engineered “systems of systems” such as aircraft carriers, and there are several other options from the civil engineering world. A standard method (or set thereof) needs to be identified and promulgated for critical infrastructure.

Second, while as noted many organizations are likely to be involved in critical infrastructure management in a city, collaboration and information sharing has to be enabled between them.  One example might be a sharing a common GIS base-map with layers depicting the location of all critical assets, the linkages between them, ownership, access information and so on.  (For all its value to the city and infrastructure owners in managing disasters, the value of this information to terrorists or cyber criminals would be substantial, so access to it needs to be carefully protected.  One solution that is used in Japan is to carefully ensure consistent base maps, definitions etc, but to disable the information sharing in day to day work, only turning it on with separate security and access controls in a defined “emergency mode” – for specific exercises and for managing actual events).

Third, those who own and manage critical infrastructure systems and assets, including local governments and private companies, may prioritize investment towards resilience in their own hardware and physical readiness, over other possible actions such as building collaboration, or in ignorance of the impact on other systems. Government leadership is essential in promoting the necessary prioritization and collaboration, which may not otherwise take place.

Fourth, critical infrastructure resilience needs to be managed not in isolation from the rest of the city but in the context of a wider view of the city and how it operates. For example, building codes may need to be changed to ensure asset resilience; or neighborhoods may need to be made aware of the capabilities (or lack thereof) of storm water management systems; or investment in critical infrastructure may need to be prioritized along with other resilience investments. One instrument that allows the full context to be addressed is the UN ISDR’s City Disaster Resilience Scorecard, based on the its “Ten Essentials” of disaster resilience (see the graphic below).

Broader still is the assessment instrument used by the Rockefeller Foundation’s 100 Resilient Cities (100RC) initiative.

One key benefit of considering the wider context is the ability to spot where investments in critical infrastructure resilience might yield “dividends” in other areas, for example, where a flood zone also functions as a park when not flooded, or where investment in a neighborhood microgrid makes part of the energy supply more resilient. Conversely, investments in other areas can yield “dividends in critical infrastructure resilience, for example, where underground parking garages are designed also to function as storm-water cisterns. These dividends can help greatly with making the case for investing in critical infrastructure resilience in the first place.

Finally, critical infrastructure management processes and systems need to improve:

  • Owners and operators of critical infrastructure need to ensure that their basic asset management disciplines – budgeting, inspections, data capture and so on – are sound and reliable. Mobile data capture tools may help with aspects of this.
  • Knowledge repositories or content management tools are also essential for capturing the “institutional knowledge” of each organization involved, so helping to offset the “brain drain” as key workers or executives leave the organization or retire.
  • In particular, with the growing use of sensors on machinery and structures, and analysis of the data provided, failures of equipment or infrastructure can frequently be predicted using predictive maintenance tools. Standards for critical infrastructure resilience need to specify the use of predictive maintenance.


Leave your comment below, or reply to others.

Please note that this comment section is for thoughtful, on-topic discussions. Admin approval is required for all comments. Your comment may be edited if it contains grammatical errors. Low effort, self-promotional, or impolite comments will be deleted.


  1. For the most part utilities already plan for such resilience, recovery and resumption of service. What should be new here is the increasing demand for multi-functional and cross-functional planning. Elevation above the traditional utility landscape is increasingly important given the inter-operability of systems and their increasing reliance on energy systems.

    With increases in the numbers of smart meters, smart appliances and more and more distributed generation, the complexity of need demands greater complexity of preparedness. Its no longer just ‘lights off’ and ‘lights back on’ again!

    • Stephen – thanks for this. Yes indeed – many people know what and where their critical assets are, but they don’t know how they are linked to other assets that may be owned or controlled by other entities. So critical asset management becomes a team sport. basically…


Submit a Comment

Your email address will not be published. Required fields are marked *

Read more from

Spotlighting innovations in urban sustainability and connected technology

Middle-Mile Networks: The Middleman of Internet Connectivity

Middle-Mile Networks: The Middleman of Internet Connectivity

The development of public, open-access middle mile infrastructure can expand internet networks closer to unserved and underserved communities while offering equal opportunity for ISPs to link cost effectively to last mile infrastructure. This strategy would connect more Americans to high-speed internet while also driving down prices by increasing competition among local ISPs.

In addition to potentially helping narrow the digital divide, middle mile infrastructure would also provide backup options for networks if one connection pathway fails, and it would help support regional economic development by connecting businesses.

Wildfire Risk Reduction: Connecting the Dots

Wildfire Risk Reduction: Connecting the Dots

One of the most visceral manifestations of the combined problems of urbanization and climate change are the enormous wildfires that engulf areas of the American West. Fire behavior itself is now changing.  Over 120 years of well-intentioned fire suppression have created huge reserves of fuel which, when combined with warmer temperatures and drought-dried landscapes, create unstoppable fires that spread with extreme speed, jump fire-breaks, level entire towns, take lives and destroy hundreds of thousands of acres, even in landscapes that are conditioned to employ fire as part of their reproductive cycle.

ARISE-US recently held a very successful symposium, “Wildfire Risk Reduction – Connecting the Dots”  for wildfire stakeholders – insurers, US Forest Service, engineers, fire awareness NGOs and others – to discuss the issues and their possible solutions.  This article sets out some of the major points to emerge.

Innovating Our Way Out of Crisis

Innovating Our Way Out of Crisis

Whether deep freezes in Texas, wildfires in California, hurricanes along the Gulf Coast, or any other calamity, our innovations today will build the reliable, resilient, equitable, and prosperous grid tomorrow. Innovation, in short, combines the dream of what’s possible with the pragmatism of what’s practical. That’s the big-idea, hard-reality approach that helped transform Texas into the world’s energy powerhouse — from oil and gas to zero-emissions wind, sun, and, soon, geothermal.

It’s time to make the production and consumption of energy faster, smarter, cleaner, more resilient, and more efficient. Business leaders, political leaders, the energy sector, and savvy citizens have the power to put investment and practices in place that support a robust energy innovation ecosystem. So, saddle up.

The Future of Cities

Mayors, planners, futurists, technologists, executives and advocates — hundreds of urban thought leaders publish on Meeting of the Minds. Sign up to follow the future of cities.

You have Successfully Subscribed!

Wait! Before You Leave —

Wait! Before You Leave —

Subscribe to receive updates on the Executive Cohort Program!

You have Successfully Subscribed!

Share This