Incorporating security as an integral part <strong>of</strong> the nation’s physical infrastructureSecuring our nation’s infrastructuresVirtually every economic and social function in the United States depends on secure and reliableinfrastructure. These vital lifelines include the transportation networks, pipelines, power lines, into the 21st century, this national infrastructure has become increasingly interconnected and complex.However, we have not significantly changed how we design, maintain, upgrade, and retr<strong>of</strong>it it.The <strong>Technological</strong> <strong>Leadership</strong> <strong>Institute</strong> (TLI),in partnership with the <strong>University</strong> <strong>of</strong> Minnesota’sDepartment <strong>of</strong> Civil Engineering, has <strong>of</strong>fered a Master<strong>of</strong> Science in Infrastructure Systems Engineering(ISE) program since 2000. The ISE program helpscivil engineers, city managers, planners, and othersevaluate and maintain the health, security, andprotection <strong>of</strong> infrastructure systems.“Our current practice for managing infrastructureis on an item-by-item basis, like treating bridgesseparately from sewer systems,” says Vaughan Voller,Pr<strong>of</strong>essor and Director <strong>of</strong> Graduate Studies for ISE.“Instead, infrastructure should be managed on asystems level.”Voller says the ISE program’s objective is to breakmyopic approaches and instead recognize the holisticinterdependencies between civil infrastructures.While a systems approach has many advantages,it can increase vulnerabilities to disturbances,like natural disasters, deliberate attacks, materialfailure, or even overuse. The Critical InfrastructureSecurity and Protection (CISP) course addresses thesevulnerabilities head-on.“The elegance <strong>of</strong> the CISP course taught by Pr<strong>of</strong>.Massourd Amin is that it shows how to incorporatesecurity in civil infrastructure systems managementand operation without compromising the engineeringfunctionality,” says Voller.However, infrastructure pr<strong>of</strong>essionals <strong>of</strong>ten fearsecurity, says Amin, TLI director and Honeywell/Harold W. Sweatt Chair. “We take that worry and fearand turn it into actionable, positive remedies we canafford.”Layered defenseThe most effective way to prevent or localize adisturbance is a layered defense, similar to what theDepartment <strong>of</strong> Defense calls “defense in depth,” saysAmin.In the case <strong>of</strong> terrorism, implementing manycheckpoints minimizes an intruder’s probability <strong>of</strong>penetrating all layers. “It alleviates the old, tiredsaying that we have only one chance to catch thebad guys. With a layered approach, we have multiplechances,” says Amin.14 <strong>Technological</strong> <strong>Leadership</strong>
“Our current practice for managing infrastructure is onan item-by-item basis, like treating bridges separatelyfrom sewer systems. Instead, infrastructure should bemanaged on a systems level.”Jennifer Zink and her ISE teammatesAdam Ahrndt and Jason Grode exploredhow a layered approach mitigatesthe vulnerabilities <strong>of</strong> terrorism andinformation technology (IT) in their ISECapstone Project class.A notable recommendation was forengineers to collaborate with experts inIT, cyber security, terror threat ratings,and computer science. “One <strong>of</strong> thegreatest assets in security protection ispeople working together as a team,” Zink’steam reports.InterdependenciesWhile bridges themselves are not overlydependent upon other infrastructure,other components <strong>of</strong> society rely heavilyon bridges, especially emergency services,as Mark Pribula and his teammatesMichael Ferry, Neile Reider, and MarkSchoenfelder revealed in their capstoneproject.Police, fire, and rescue squads need tocross bridges in most geographic areas <strong>of</strong>the Twin Cities. A bridge closure couldincrease response time in a coordinatedattack and increase loss <strong>of</strong> life or damageto property regardless <strong>of</strong> the disturbance.What’s critical is evaluating both obviousand less obvious interdependences <strong>of</strong>infrastructure.As a bridge inspection engineer forMn/DOT, Pribula has incorporated thisviewpoint as he looks for vulnerabilities.“It’s not just steel and concrete. I now seeelectrical components, utility conduits,and surrounding power lines,” he says. “Idon’t even think about it anymore. I justdo it.”Security and society’sneedsTo navigate our strained transportationsystem, users require better mobilityand safety. Intelligent transportationsystems (ITS), such as overhead variablemessage signs, 511 service, automated tollcollection, and embedded roadway sensors,help meet that demand.—PROF. VAUGHAN VOLLER, ISE Director <strong>of</strong> Graduate StudiesGe<strong>of</strong>f Bitner and his teammates TiffanyKautz and Steve Kummer explainedhow interconnected ITS componentsrely on information managementand centralization, which leads tovulnerabilities.Information across the network mustbe efficiently collected and shared withother components in real time. However,this integration makes it more difficultto isolate localized damage. Also, awidespread compromise increases thelikelihood <strong>of</strong> a catastrophic system-widecollapse.When Bitner’s team evaluated the risksand vulnerabilities to an ITS network,it also considered civil liberties. Theirconcern, to paraphrase Benjamin Franklin,is that when liberty is compromised forsecurity, then both are lost.“I originally thought they weremutually exclusive. Now I understandthat we can increase security while stillprotecting privacy and personal freedoms,”says Bitner.ObligationsThe vast size and wide distribution<strong>of</strong> our nation’s infrastructure ensuresits integrity as a whole, but does notinherently protect any one part frombeing disrupted. Whether national,regional, local, or a combination, anydisturbance causes varying degrees<strong>of</strong> economic, social, and politicalrepercussions, says Amin.One <strong>of</strong> the most importantbreakthroughs in security understandingand threat prevention is that security isreally no security if strategies are static,as Zink’s team came to realize. Publicand private infrastructure organizationsmust approach security as a dynamic andconstantly self-improving process.To put it another way: “We takeour infrastructure for granted and weshouldn’t. We are obligated to take care <strong>of</strong>what we build,” says Pribula.Nationalinfrastructurestatistics46,893miles <strong>of</strong> Interstate highway 15,233public-use airports 194,313miles <strong>of</strong> freight railroads 126,000miles <strong>of</strong> navigable water channels 1169,346miles <strong>of</strong> oil pipelines 11,214,000miles <strong>of</strong> gas transmission lines 1599,766bridges 1155,000public drinking water systems 279,000dams 3217,000miles <strong>of</strong> high-voltage lines163,300,000Internet users 4<strong>Fall</strong> <strong>2010</strong>/<strong>Winter</strong> 2011 15SOURCES: 1 Bureau <strong>of</strong> Transportation Statistics Pocket Guide to Transportation, 2 Environmental Protection Agency, 3 National Inventory <strong>of</strong> Dams, 4 comScore