Recent terrorist attacks on infrastructure have highlighted the vulnerability of our rail and road networks, reinforcing the importance of good risk assessments to protect some of our biggest assets.
The UK is currently in the grip of its annual winter flooding. This is a season-long suffering for Britain which sees integral infrastructure damaged by flash floods that delay all journeys on road or rail, often for hours and sometimes for days.
Throughout the European Union there are five million kilometres of road – 65,000km of these being motorways – and 212,000km rail lines, half of which are electrified, as well as 42,000km of navigable inland waterways.
This infrastructure network, or the trans-European transport network (TEN-T), is vital to the economic and social development of the 27 countries within the EU. But it is not only the forces of nature that critical infrastructure falls victim to. Recent terrorist attacks have shown that these networks are increasingly seen as a viable target.
"It is clear that the world is changing, that we have geo-political issues that change in the world," says Professor Steve Denton, director of bridge and structural engineering at Parsons Brinckerhoff.
"We have got significant changes in technology and on top of that we have got climate change. All of these things are changing the world we live in and that presents us with a series of new challenges that are coupled with changing expectations. That is set against the concept of ageing assets and increasing demand. Interestingly, the solutions that we in countries with mature infrastructures are tending to work towards are smart solutions and technology to optimise the use of the assets that we have and perhaps opening ourselves up to additional threats.
Professor Denton continues: "New challenges, changing expectations... this boils down to [one thing]: how do we make good decisions about our investment options where there is a considerable amount of complexity and uncertainty?"
Transport network security
Recent terrorist attacks have highlighted the vulnerability of global infrastructure and this threat has not gone unnoticed by the European Commission. One particularly susceptible potential target identified was Europe's road and rail networks; this led to the SeRoN (Security of Road Transport Networks) project.
The project concentrates on developing a common European-wide methodology to analyse risk for the transport network. Its purpose is to permit operators to identify weakness in their networks and plan accordingly. "SeRoN undertakes a holistic approach both at individual infrastructure objects and at road network level," it states in its report published earlier this year. "Its main objectives are to investigate the impacts of possible manmade attacks on the transport network, in particular the resulting regional and supra-regional impacts on transport links and their economic impacts."
The project began by looking at potential threats to the network from 'manmade' attacks. This took the form of an initial relevance assessment (InRA), which assessed the significance of various combinations of threat. This initial stage was followed by attempts to classify the multitude of assets on the network and amass a directory of appropriate protection for different types of asset. This was all converted into a knowledge database.
"From the outset it was hoped to develop and apply a methodology, and that's been successfully achieved," says Dr James Kimmance, head of risk management at Parsons Brinckerhoff. "It effectively comprises four very simple steps – it goes out there and starts off with assets, and looks at threat profiles. You then look at your assets and see where they sit and what sort of threats are they exposed to, as well as how they will respond to those threats.
"Then you look at the criticality within the network, where it sits within it and how important it is. You proceed through a similar process and look at an analysis of what will happen in certain events, in this case the terrorist attack."
Kimmance adds: "Because of its structure, it has capabilities way beyond terrorism and manmade disasters such as fires; it has the ability for instance in areas such as climate change and sustainability."
Risk and resilience
The public is becoming increasingly aware of risk and resilience due to regular news stories and features in the national press about energy and transportation infrastructures.
Governments are becoming more aware of infrastructure problems, and how they can affect society and the economy. The whole language of risk management, however, is a morass of confusing and often conflicting terms. Words such as 'risk', 'resilience' and 'vulnerability' have a myriad of implications across various sectors and risk management methodologies.
Dr Kimmance feels that the notion of what 'resilience' actually is has lately become established. He calls it the ability of a system community service that is exposed to hazards to resist, absorb, accommodate and recover from the effects of a hazard in a timely and efficient manner – including through the preservation and restoration of its basic structures and functions. "If an incident happens, how do we recover from it?" he says. "Do we have the necessary spurs, do we have an alternative, and is there something else we can bring online? This takes us into the area of redundancy.
"If we have a system that's operating in a normal state, we would say that it would be producing at 100 per cent," adds Kimmance. "If we have an event that exploits vulnerability or weakness within a system, that output will drop, either totally or partially, and it will stay down until we recover. It's that period of time and how fast we recover that basically reflects resilience."
It is often extremely difficult to judge the criticality of individual elements of a transport infrastructure. Ingo Kaundinya, of the German Federal Highway Research Institute, recounts an example of a recent event on a major highway between Dusseldorf and Cologne. "There was an incident at a bridge; it could have been arson," he says. "It transpired that it was a bunch of plastic pipes burning under the bridge. There was a lot of damage and the smoke caused an accident. One person was killed and there were a lot of injuries.
"The point is that this is a very standard bridge: not a bridge that could be deemed as critical, but the effect of this event was very significant. We suffered two months without the bridge in operation, which caused a lot of traffic jams."
He continues: "The road network in this area around Cologne is very dense and although there were several detour options, the capacity of detours was not enough to replace the major highway link. The lesson is that a big problem can arise from what initially appears to be a small event. The bridge had to be reconstructed but it only took two months to have the highway link back in operation. We learnt that a standard bridge is critical for the road network."
One key area of resilience and infrastructure risk management is the characterisation and understanding of the assets. The position of an asset within a system often defines its criticality.
One way of increasing a system's reliance is to reduce the amount of time the system is down: increasing the resilience by having something in the background that can enable it to recover a lot faster. An alternative is to increase the robustness, which is fighting back against the vulnerability or the weakness that's being exploited.
When considering the effects of an earthquake on a building, for example, you would look at strengthening the building codes. "Taking these concepts forward, you end up in a situation where we've identified asset, threat, vulnerability and consequence, and in a lot of the models that are out there at the moment, in terms of evaluating risk to whatever your critical infrastructure or infrastructure of your asset object is, there is some combination of threat, vulnerability and consequence that gives you a measure of risk," Dr Kimmance says.
One such model is the RAMCAP (Risk Analysis and Management for Critical Asset Protection), a framework for analysing the risks to infrastructure that is backed up by information from the National Asset database (NAB).
"It's very logical," Dr Kimmance explains. "It allows you to use risk and take risk from different types of hazards and add them up together because you are using very similar quantities. It's been put forward as an all-hazards solution.
"For different types of hazard you can look at the risk and amalgamate those to make a reasonable risk profile. Looks straightforward on that sort of basis, but, like all things, the practical considerations behind this make it a little more arduous."
One thing that is typically overlooked is asset characterisation. "You come across a lot of risk assessments where assets are already out there and we move on quickly instead of really understanding the physical aspects of the asset and how it fits logically into the network and the system," Kimmance says.
"Threat is probably one of the biggest issues," he adds. "Natural hazards, you've got historical databases – but when you end up in the region of terrorism, where you're dealing with people looking to do something that you're trying to stop them doing, it's very difficult to look back at the previous history. A lot of successful attacks are based upon something that's novel or new."
One of the most critical assets are tunnels, and these formed a central part of the SeRoN project. There are many influencing factors to make a road infrastructure critical such as the volume of traffic and the amount of heavy goods on the road. There are also specific influence factors such as what kind of infrastructure it is, its age, how robust the construction is, and any vulnerable parts.
That is before you take into account the human aspect. "We identified the 12 different tunnel types and they were differentiated by construction type then the number of tubes in the section, and then we asked the operator to classify these different tunnel types by length," Kaundinya of the German Federal Highway Research Institute explains.
"Data collection was followed by interviews of some road operators. The results were quite good. We contacted more than 30 operators from 19 European countries and got good feedback from half of them." Results covered more than 600 tunnels and almost 46,000 bridges. Most of the tunnels in Europe are shorter than 500m, but nearly a quarter are one kilometre or longer.
When it comes to tunnel types the most widespread uses were the New Austrian Tunnelling method followed by the Cut and Cover Tunnel. "These results helped us to classify the different tunnel and bridge types," Kaundinya says. "We divided the classification into frequency and criticality. Immersed tunnels were the most critical because they are very hard and expensive to re-build. They are often found under rivers, so if you have water ingress or damage to a joint you can lose the whole construction."
The battle to protect infrastructure is an evolving project that will only grow in complexity over coming years. But the work undertaken on the SeRoN project will serve as an essential tool for operators attempting to manage their networks. *