Preface to the electronic transcript of the dissertation on Integral Safety

The articles on integral safety are a transcription of the dissertation of Ing. Tomáš Kertis entitled “Safety assessment of a selected critical object from the perspective of integral safety and proposal for reducing the criticality of the object” defended on 31.10.2021 at the Faculty of Transportation of the Czech Technical University in Prague. The full unedited text of the dissertation is available for download at the stands of the Czech Technical University F6-D-2021-Kertis-Tomas.pdf (cvut.cz).

The transcript contains largely the original text, with original references to the literature, but it may also be slightly modified according to current knowledge at the date of transcription, or supplemented with notes. Edits and notes will be duly indicated in the text.

The texts of the dissertation will be published successively according to the chapters in the section Integrální Bezpečnost – KINT S.r.o. some important parts contributing to science for further use also in Věda A Výzkum – KINT S.r.o.

Introduction

People’s lives and health, their property and well-being, the environment, as well as technology and critical infrastructure, are essential public assets of the human system that models the world we live in [1,2]. Critical infrastructure is an important asset because it provides essential goods and services for people. Therefore, in critical conditions, such as major natural, technological and other disasters, critical infrastructure elements need to perform their tasks safely.

The task at hand is more complex and difficult today because of the increasing introduction of new untested technologies and their interconnection. The interconnection of systems creates so-called complex systems and new functions that would not normally arise from individual unconnected systems, hence the so-called system of systems. With the help of the desired links established according to the standards, the complex systems of systems in question have high reliability under normal operating conditions, i.e. the conditions considered in the project. The deviations that occur under abnormal operating conditions are managed by means of operating rules. Problems arise under critical conditions, where unwanted and undesirable couplings often occur, leading to the failure of critical assets, thereby endangering the entire system and its environment. Therefore, it is necessary to search for critical assets of the system, assess their criticality and ensure their operability even under adverse conditions. Criticality assessment of assets allows to identify and manage significant risks, analyse system vulnerabilities and propose measures to improve system safety.

When managing the safety of critical infrastructure, it is essential to account for assets and links that can lead to system failure under certain conditions. That is, it is necessary to include them in the analysis of assets and their criticality and to define rules for working with them [3]. The current knowledge, methods and tools allow to ensure the safety of infrastructures at a certain level, but due to the continuous development of technologies, the demands on the interfaces between systems and operating entities, it still appears that there are insecure places.

The field of critical infrastructure safety and security, due to the complexity of critical infrastructure, is characterized by working with many soft factors, objects, and entities within a system of systems (hereafter SoS). Due to the scale and complexity of the many internal interconnections in the object under study, the system can only be analyzed using expert and heuristic methods. There are many methods and tools of system analysis and engineering, but there is no formalized methodological procedure for determining the criticality of individual elements (assets) of critical infrastructure, the level of safety and the design of measures to improve safety. Therefore, I focused on the issue of critical infrastructure safety in my PhD studies.

My doctoral studies in Engineering Informatics in Transportation and Communications at the Institute of Safety Technology and Engineering were a follow-up to my Master’s thesis focused on a safety plan for a model subway station [4]. As part of my doctoral studies, I conducted research on the safety of Prague metro operation with case studies in cooperation with the Prague City Transport Company [5]. The aim was to find and verify a suitable methodological procedure, to propose a method for analysis and determination of criticality of assets, and to verify the procedures on a specific case, i.e. ensuring safe operation of the metro as an element of critical infrastructure.

The results of the work, both defined methods and specific case studies and events, have been continuously presented at a number of Czech and international conferences and also published in a number of peer-reviewed and refereed publications (see Tomas Kertis (researchgate.net)).

The presented dissertation presents in its first part a research focused on state-of-the-art methods in the field of safety management and the state of engineering practice and technology. In the next part, it introduces a methodology for the identification and analysis of assets of a critical infrastructure object, determination of their criticality and subsequent processing for the analysis of primary risks, searching for scenarios of the impact of various events and thus enabling their management, respectively. In addition to heuristic methods, it also applies sensitivity theory and graph theory. In the last two parts it presents the results of the research on the safety of Prague metro operation, their discussion, evaluation and proposals for measures to improve the safety of metro operation.

The results of this dissertation can be applied to other similar complex systems where vulnerabilities need to be identified and managed, and where the vulnerability and importance of their assets, criticality and safety need to be considered. Areas of applicability of the dissertation results are critical infrastructures, critical infrastructure elements, critical asset management and safety and security management in a territory or complex technological units.

1.1      Objectives and scope of the scientific work

The topic of the thesis is the assessment of the safety of a selected critical object from the perspective of integral safety and a proposal to reduce the criticality of the object, i.e. to increase its safety. The selected critical object is the Prague metro.

The main objective of the work is to increase the safety of the metro by applying methods for identifying and working with assets, their criticalities and risks in order to ensure the overall (integral) safety of the metro based on increased knowledge of the problems and vulnerabilities of assets, in the technical area, in the cyber area, where it is about increasing the information performance of the system, and other areas of management that are important for safe operation.

The sub-objectives of the dissertation are:

• Increase knowledge of the problems, risks of the systems and their management,
• data on the problem under study, i.e. data on the operation of the Prague metro,
• define a methodological approach, describe methods and tools for working with assets,
• identify and determine the criticality of assets for the safe management of Prague Metro operations,
• appropriately interpret and evaluate the results for further work with the assets,
• transform the results into graphs in order to find the weak points of the metro operation in terms of safety,
• analyse and evaluate the selected disaster impact scenario,
• propose measures to reduce the criticality of the metro assets,
• thereby reducing its overall criticality and improving its safety.

1.2      Scientific problem formulation

The present dissertation focuses on the study of complex SoS (System of Systems) in the real world and on ensuring their safety. Due to the complexity of the systems, the criticality of the assets needs to be considered depending on the different sources of risk in the real world. In particular, the realization of supra-project phenomena that are the originators of risks leads to critical situations that are caused by the emergence of unwanted interconnections in a complex system, i.e., unexpected interconnections arise that lead to failures, and often to entire cascades of failures [6].This causes traffic accidents resulting in loss of human life, damage to public and carrier property and damage to the environment.

Interdependencies, both desired and undesired, are physical, logical, cyber and local [6], which means that the issue is very broad. When considering the nature of SoS (i.e. a socio-cyber-physical system), which is also the Prague metro, it can be stated that it is a soft system, where many problems arise mainly from insufficient management, i.e. management at different levels and in different contexts between technology, information system and human factor.

If certain conditions of the technical work, or the designed system, are ensured, some situations can be solved by exact methods, but the safety mainly affects the area outside the limits and conditions of the systems, i.e. over-design phenomena. Under these conditions, and due to anisotropies and inhomogeneities in the system and its surroundings, interconnections arise in the SoS that were not considered in the design [6]. Therefore, in very complex systems with a large number of known and unknown states, their behaviour cannot be predicted with certainty under these conditions, i.e. emergent phenomena arise (phenomena that arise spontaneously and cannot be simply inferred from the properties of the system elements and their relationships).

The present dissertation, due to the above mentioned scope and complexities, therefore uses multicriteria and heuristic methods and focuses only on selected parts of the problems in the safety management of the system under consideration. It uses the procedure given below to solve the problem.

1.3      Dissertation methodology

The following procedure was used to achieve the results of the work:

1. Selection and design of methods and tools for:
2. for data collection – identification of assets, vulnerabilities (selection),
3. for working with data – determining criticalities and their interpretation (selection),
4. transformation of sensitivity matrices (vulnerabilities) into graphs (design),
5. to create impact scenarios (design).
6. Identification of critical infrastructure assets (Prague metro operations).
7. Determination of vulnerabilities and criticality of assets.
8. Determination of the real state of system security against specific and critical disasters.
9. Interpretation of results using vulnerability matrices.
10. Transformation of the matrices into a graph.
11. Modelling of impact scenarios for a selected critical disaster.

1.4      Expected contribution of the dissertation

The dissertation contributes by applying advanced methods, tools and recent knowledge to enhance integral system security as required by the concept of UN (OSN [9]). The results of the work, i.e. the proposal of measures to increase the overall safety of Prague metro operation, were submitted to the Transport Company of the capital city of Prague. Prague for implementation in practice [7].

The paper presents a number of open untreated vulnerabilities, opening up the possibility for new research projects. The proposed methods and tools of the thesis can be further developed and supported by appropriate software tools, opening the possibility for further development and innovation projects. The contribution of the thesis is the summarization of knowledge, the establishment and validation of a method that allows achieving higher goals than the safety of processes or individual technical devices, i.e. achieving integral safety. This is in line not only with the objectives of professional knowledge, but above all with the requirements of UN (OSN) i EU for a safe and sustainable world [2,8,9].