Critical Infrastructure Partnerships – Prioritizing Assets

A key early step for critical infrastructure protection (CIP) programs is to identify and prioritize the most important facilities and assets for maintaining community safety, normalcy, and quality of life. Within single jurisdictions, CIP program managers typically choose prioritization criteria to determine the most critical assets. However, developing customized prioritization criteria for multiple, closely interconnected jurisdictions in the National Capital Region (NCR) – where public safety authority is decentralized – recently proved much more challenging. Here is how they overcame this challenge.

To build a regional program, representatives of each existing jurisdictional program – despite already selecting a prioritization methodology for their own use – sought to develop a new, consensus methodology that each would use voluntarily for regional assessments. Each jurisdiction’s existing prioritization system for internal use would remain unchanged. A robust consensus methodology was essential to developing a regional public safety perspective that reflects the region’s unusually high interdependence and joint responsibility for supporting the federal government’s broad geographical footprint, but there were no known methods of developing such a consensus.

From 2016 to 2017, the NCR’s Critical Infrastructure Protection Work Group (CIP WG) successfully developed regional critical infrastructure prioritization criteria by utilizing a carefully controlled, discussion-based process of trial and error in which the group applied a small set of selected assets to several existing sets of criteria. The CIP WG’s success in developing consensus on regional prioritization criteria is a compelling case study in how highly interconnected, multijurisdictional regions can adopt a more holistic approach to CIP.

The Purpose of Prioritizing Critical Infrastructure Assets in the National Capital Region

The need for a multijurisdictional, holistic critical infrastructure (CI) prioritization methodology in the NCR stems from the region’s unusually comprehensive interdependence and joint responsibility for supporting the federal government’s broad footprint. NCR jurisdictions share critical transportation networks, drinking water supplies, communications systems, and energy resources. From a public safety perspective, the region jointly manages and shares data from license plate readers, syndromic surveillance, and automated fingerprint collection programs; closed circuit television feeds for real-time intelligence; and emergency planning, training, exercising, and incident management resources. Several jurisdictions utilize mutual aid for fire and emergency medical services every day, and even allow dispatchers to deploy first responders from other jurisdictions. Regional CI prioritization reflects that, as a practical matter, each NCR jurisdiction shares responsibility for maintaining public safety, normalcy, and quality of life in the region as a whole. Moreover, regional CI prioritization reflects that the same regional assets and partnerships provide essential services that allow the federal government’s central hub to function as usual.

To develop the necessary regional consensus, the CIP WG developed an innovative workshop-based process that relied on facilitated discussion to identify the specific characteristics that make assets critical. The CIP WG’s full membership was invited to participate in each workshop to ensure that the final product would reflect the region’s diverse stakeholders and perspectives. Workshops included substantive contributions from: emergency management and/or homeland security experts representing Montgomery County, Maryland; the State of Maryland; Arlington County, Virginia; the Commonwealth of Virginia; the District of Columbia; the Department of Homeland Security; Joint Force Headquarters – National Capital Region, the District of Columbia Water and Sewer Authority; the Metropolitan Washington Council of Governments (COG); and University of Maryland Center for Health and Homeland Security (CHHS). Analysts from intelligence fusion centers in Maryland, the District of Columbia, and Virginia also made key contributions. Each workshop included approximately 15 to 20 participants.

Analysis of Existing Prioritization Systems

As background research, support staff from the COG and CHHS identified three existing prioritization systems to help brainstorm different kinds of legitimate criteria. All three systems considered key issues relating to asset criticality as well as the severity of specific impacts that would result from damage to or destruction of a CI asset. When used to examine CI assets, all three systems also generate a three-tiered prioritized asset list.

Criteria A examined nine possible impacts, Criteria B considered five potential impacts, and Criteria C assessed eight potential impacts. Combined, the three systems considered the following 13 impacts:

  • Economic impact
  • Fatalities
  • Impact on national security and/or public safety
  • Length of mass evacuation
  • Percentage of population significantly affected
  • Public Confidence/Morale
  • Impact on other assets in the same CI sector
  • Impact on assets in other CI sectors
  • Environmental impact
  • Lifeline sector status (Water, Energy, Transportation, Communications, and Emergency Services)
  • Redundancy
  • Hazardous/CBRNE materials status
  • Cyber-dependency

COG and CHHS also constructed a “Straw Man” prioritization system not as a formal policy suggestion, but to help stimulate discussion and compel group members to think about the challenges of designing new criteria. The Straw Man includes all 13 impacts, and is based on a combination of the other three systems and educated guesses about which characteristics would establish the most useful distinctions for regional stakeholders.

The group held an initial half-day work session in August 2016 to apply all four systems to a sample group of assets that reflect different sectors, are geographically dispersed, and appeared likely to possess varying regional criticality. The assets are listed below:

  • 14th Street Bridge Complex
  • Brighton Dam
  • Montgomery County Government Complex
  • Metropolitan Washington Council of Governments Building
  • New Carrollton (WMATA/Amtrak) Rail Station
  • District of Columbia Office of Unified Communications
  • Reagan National Airport
  • Reston Town Center
  • Springfield Interchange (I-95, I-395, I-495)
  • Washington Aqueduct – Dalecarlia Water Treatment Plant

After applying each system to all 10 assets, the group analyzed each set of results to identify strengths and weaknesses of the prioritization systems and pinpoint the characteristics that would provide the most useful regional findings.

Workshop Guidelines & Assumptions

Though projecting how an incident would influence CI assets may seem straightforward, the group quickly realized that the analysis depended largely on the nature of the events that would damage or destroy the asset. For example, an attack on a large airport could result in a major fuel spill, or might have a less significant environmental impact. The same attack could moderately damage the airport, or destroy it. Applying the systems to each asset was difficult without additional context.

To guarantee comparable results between the four systems, and to make sure the new regional system could be used for all hazards and all 16 CI sectors, the group agreed that discussion would incorporate the related principles of “generic total loss” and “non-scenario based” analysis. A generic total loss is a hypothetical state in which an asset that is functioning under normal conditions is assumed to have disappeared along with the people and property the asset contained at the time of disappearance. Everything that asset was doing would halt and the asset would need to be rebuilt. The generic total loss approach thus added the context that the group needed by basing the analysis on consistent points of reference, allowing the group to focus on the potential impacts of an asset loss rather than the scenario-specific details of how an asset might be damaged or destroyed.

Additional ambiguity remained concerning the fatality and economic impacts. The group agreed that fatalities would be determined based on the maximum capacity of each asset under normal circumstances. Economic loss totals would include the cost of rebuilding each asset as well as the total value of lost economic activity resulting from each asset’s absence.

The group also agreed to make all decisions based on consensus. Though complicating matters somewhat by not relying on a formal decision-making process, the group recognized that each partner in the room was voluntarily agreeing to work regionally, and would only continue to do so if every partner agreed that the prioritization system was legitimate. To ensure that partners would be able to agree to the new system’s legitimacy, it was essential they felt their concerns were fully incorporated into the decision-making process.

Finally, the group agreed to rely on the collective’s best professional judgment to apply the criteria, even though they would not have immediate access to all of the information they would need to confirm each judgment. Since the group regarded the workshop as the start of a long-term, iterative process of evaluation and reevaluation, they agreed to conduct follow-up research as needed after the workshop and reexamine assets as appropriate.

Sample Findings

Each of the four existing prioritization systems generated three separate tiers of prioritized assets. To be consistent with the Department of Homeland Security’s two-tiered national prioritization system (Levels 1 and 2), the group agreed to refer to each of the four systems’ highest impact severity tiers as Level 3, middle tiers as Level 4, and lowest tiers as Level 5.

After the group agreed to the ground rules, they then held informal, roundtable discussions to determine whether a generic total loss of each asset reached Level 3, 4, or 5 severity thresholds for each impact within each of the four systems. Though the group will not disclose the four systems they examined due to security concerns, Table 1 provides a real-world example of differences in impact severity thresholds that are typical for the four prioritization systems the group considered during the workshop.

Table 2 shows the impact severity thresholds that the group determined applied best to one asset, which the group chose not to identify due to security concerns. Blacked out portions of the table indicate impacts that the corresponding prioritization system does not examine. “Unranked” indicates that the asset did not meet the lowest severity threshold for that impact.

TABLE 1. EXAMPLES OF IMPACT SEVERITY THRESHOLDS
Harris County, Texas Critical Infrastructure Prioritization Criteria
  Level 3

Level 4

Level 5

Fatalities Greater than 1,000 prompt fatalities

Greater than 100
prompt fatalities

0-100 prompt fatalites
Length of
Mass
Evacuation
Mass evacuations with a prolonged absence of greater than 3 weeks Mass evacuations with a prolonged absence of more than 2 weeks Mass evacuations (100s to1000s) with a prolonged absence of more than one week
Economic
Impact
Greater than $1 billion
in first-year economic
consequences
Greater than $100 million in first-year economic consequences $0-$99,999
first-year economic consequences
TABLE 2.. CRITERIA THRESHOLDS MET – ASSET 1
Asset 1 – Criteria Thresholds Met
Impacts Criteria A Criteria B Criteria C Straw Man
Economic

Level 5

Level 3 Level 3 Level 3
Fatalities Level 4 Level 3 Level 3 Level 3
National Security/Public Safety     Level 4 Level 4
Length of Mass Evacuation   Unranked Unranked Unranked

% of Population Affected

Level 5 Level 3   Level 3
Public Confidence/Morale   Level 4 Level 3 Level 3
Impact on Assets/Facilities/Systems within Individual Sector Level 3

Level 3

  Level 3
Mission Impact on Other CI Sector Assets/Facilities Level 5 Level 5   Level 5
Environmental Level 3 Level 3   Level 3
Lifeline CI Sector Level 3     Level 3
Redundancy Level 3     Level 4
CBRNE/Hazmat Level 5     Level 5
Cyber       Level 3

Selecting Impacts

After applying the four systems to all 10 assets, group members worked independently to review the results in detail and develop an opinion of which impacts were most important to include in a regional system. When the group reconvened for a second half-day session the following month, they moved through the list of impacts and asked, by a show of hands, which impacts should be included in an NCR prioritization system. Clear consensus emerged for 11 of the 13 impacts – the group was nearly unanimous that eight of the impacts should be included, and three others should be excluded. After discussing the two remaining impacts, the group agreed that the NCR’s CI prioritization criteria would examine the following impacts:

  • Lifeline Sector
  • Fatalities
  • National Security/Public Safety
  • Percentage of Population Affected
  • Impact on Assets/Facilities/Systems within Individual sector
  • Mission Impact on Other CI Sector/Assets/Facilities
  • Economic impact
  • Cyber-dependent
  • Length of mass evacuation

Selecting Thresholds

Having decided on which impacts to include, discussion transitioned to the question of which of the four existing systems’ impact severity thresholds would be best for the NCR criteria. Initial discussion revealed broad group consensus that the Straw Man’s thresholds did the best job of identifying meaningful similarities and dissimilarities in the projected impacts of a generic total asset loss. Rather than suggesting changes to the Straw Man’s thresholds based on educated guesses, the group agreed to keep the existing language and revisit the discussion once the group had used the regional criteria. Group members could then suggest specific changes based on experience.

Conclusion

The CIP WG utilized a carefully controlled, discussion-based process of trial and error to develop a three-tiered regional CI prioritization methodology. The new criteria work better for the NCR than other prioritization systems because they focus on consequences that pose the greatest degree of concern to the region’s subject-matter experts, and because the criteria are customized to reflect the NCR’s unique interconnectedness and shared responsibility for public safety. The CIP WG’s success in developing a consensus regional prioritization criteria is a compelling case study in how highly interconnected, multijurisdictional regions can adopt a more holistic approach to critical infrastructure protection.

A subsequent article on this topic will examine how the NCR’s CIP WG synthesized information about the impact severity thresholds that each asset met into a weighted, numerical scoring system. With the numerical scoring system in place, the CIP WG is able to build, maintain, and update a single, prioritized regional list of CI assets that they can use for all hazards and all 16 sectors.

Christopher Ryan

Christopher Ryan is a senior policy analyst with the University of Maryland’s Center for Health and Homeland Security (CHHS). Since joining CHHS in 2015, he has focused primarily on providing technical assistance to the National Capital Region on critical infrastructure protection, complex coordinated attack preparedness, strategic planning, program management, capabilities assessment, and grant management. He previously worked as a Homeland Security StateStat analyst in the Maryland Governor’s Office, where he provided policy and programmatic guidance to state agencies and tracked their progress toward statewide goals. He also represented the Governor’s Office on the interagency Ebola Planning Cell. He holds a bachelor’s degree in history from Towson University and a master’s degree in history and public policy from The George Washington University.

SHARE:

TAGS:

No tags to display

COMMENTS

Translate »