8th Annual RMIA Conference

The Risk Management Institution of Australasia (RMIA) will be holding its annual conference 20-22 November 2011 in Melbourne, Australia. As in years past, the event promises to offer insightful and groundbreaking discussion of risk management and security analysis, with lectures and roundtables from the industry's leading professionals. Highlights include:

• CPRM masterclass: climate change & managing the implementation of the Australian Government's carbon tax.

• Corporate risk managers roundtable.

• Risk policy forum on Australian & international standards, policies & guidelines.

• Chief Risk Officer forum: the major challenges facing Chief Risk Officers -- what keeps them awake at night?

• Insurance market update: does the insurance market have the capability to fund future business needs?

• Young risk professionals forum.

• Women in risk management forum.

For more information, please visit the RMIA Conference website.

 

Two electromagnetic phenomena have the potential to create continental-scale disasters. The first, nuclear electromagnetic pulse (EMP), results from a nuclear detonation high above the tropopause. The second, a major solar storm, or "solar tsunami" occurs naturally when an intense wave of charged particles from the sun perturbs the earth's magnetic field. Both phenomena can debilitate electrical and electronic systems necessary for the operation of infrastructure systems and services.

 

Infrastructure systems comprised of long-line conductor networks are the most vulnerable to both effects. Susceptible networks include the electric power grid, land-line communications, and interstate pipelines. Effects on these networks will cascade to most other infrastructures. Smaller, self-contained, self-powered infrastructure systems are also vulnerable, but only to EMP and to a lesser degree than long-line networks.

 

In the case of high altitude nuclear bursts, three main phenomena come into play, each with distinct associated system effects:    

 

The first, a "prompt" EMP field, referred to as E1, is created by gamma ray interaction with stratospheric air molecules. It peaks at tens of kilovolts per meter in a few nanoseconds, and lasts for a few hundred nanoseconds. E1's broad-band power spectrum (frequency content in the 10s - 100s of megahertz) enables it to couple to electrical and electronic systems in general. Induced currents range into the 1000s of amperes. Exposed systems may be upset or permanently damaged.

 

The second phenomenon, late-time EMP, referred to as magnetohydrodynamic (MHD) EMP or E3, is caused by distortion of the earth's magnetic field lines due to the expanding nuclear fireball and ionized layers of the ionosphere. Currents of 100s-1000s of amperes are inducted in long conducting lines (a few kilometers or greater) that damage power grid components as well as connected systems. Long-line communication systems are also affected, including copper as well as fiber-optic lines with repeaters. Transoceanic cables are a prime example of the latter.  

 

The third effect is caused by ionization of the upper atmosphere, leading to interference with normal radio wave propagation and reflection behavior for tens of hours in the HF, VHF, UHF and GPS transmission bands.    

 

Solar storm effects result from large excursions in the flux levels of charged particles from the sun and their interactions with Earth's magnetic field and upper atmosphere. Two effects are present: first, perturbation of Earth's magnetic field, similar to MHD EMP, that generates overvoltages in long-line systems over large regions of the earth's surface affecting electric power and communication transmission networks; and second, ionization of the upper atmosphere, similar to MHD EMP, leading to interference with HF, VHF, UHF, and GPS signals. For typical solar storms, these effects last for around 30 hours.

 

The Congressional EMP Commission has made a compelling case for protection of critical infrastructure.[1] Its conclusions and recommendations apply to both nuclear and solar effects. However, because its charter forced a broad approach, the Commission wrestled with focus. While recognizing the impossibility of protecting all exposed critical infrastructures, the Commission report was not prescriptive in terms of protection priorities. One reason why a U.S. protection program has yet to be initiated is that policy makers continue to wrestle with the question of where to begin, given DHS' list of 18 critical infrastructure sectors.

 

DHS is pursuing a "risk-based" prioritization approach in developing general protection programs. Such an approach is helpful in developing an EMP/solar storm threat protection program as well. A commonly used equation for calculating risk (R) is R = E x V x C, where E represents probability of system exposure to the threat, V represents system vulnerability, and C represents system criticality. The EMP/solar storm "exposure factor" is similar for all civilian infrastructures due to the effects' seamless continental-scale coverage. Thus, vulnerability and criticality become the sole determinant factors for risk.   

  

A simple risk-based prioritization exercise conducted by the author is instructive using the following vulnerability and criticality criteria:

 

       EMP/Solar Storm Vulnerability Criteria (V)

• Does the infrastructure function require connection to long conducting lines and/or networks?
• Does the infrastructure depend on digital electronic control systems?
• Are manual work-around procedures available to perform the infrastructure's function?
• What is the time needed to reconstitute the system?
• How difficult is it to protect the system?   

        EMP/Solar Storm Criticality Criteria (C)

• How many other infrastructures would fail should this infrastructure be debilitated?
• What is the immediacy of effects on services provided?
• How many human casualties would occur?
• How big is the economic impact?
• Is this infrastructure necessary to enable the repair and recovery of other infrastructures post-attack?

The exercise used a scale of 1-3 to score the overall vulnerability and criticality of each infrastructure sector, with 3 being the most vulnerable/critical and 1 being the least. The risk values thus ranged from 1-9. Figure 1 below plots the results:

 

                  

 A sobering conclusion from this simple exercise is that our most critical infrastructures (Energy and Information/Communications) are also the most vulnerable to EMP/solar storm threats. Debilitation of the electric power portion of the energy infrastructure and the information/ communication infrastructure pose the highest risks to society in EMP/solar storm scenarios.

Dr. George H. Baker is Professor of Applied Science at James Madison University and serves as Technical Director of the University's Institute for Infrastructure and Information Assurance (IIIA). He is involved in consulting with industry and government in the areas of critical infrastructure assurance, high power electromagnetics, and nuclear/directed-energy weapon effects including vulnerability assessments of major communication facilities. He is the former director of the Defense Threat Reduction Agency's Springfield Research Facility (SRF) responsible for assessing and protecting critical federal facilities and mobile systems. 

 

 

Work Cited:

1. W. Graham et al., Report of the Commission to Assess the Threat to the United States from Electromagnetic Pulse (EMP) Attack, Volume 1: Executive Report, 2004.
2. Cascading Infrastructure Failures: Avoidance and Response, James Madison University/National Academies' Federal Facilities Council Homeland Security Symposium Proceedings, 2007, pp. 19-31.
3. MIL-STD-188-125-1, MIL-STD-188-125-2, MIL-HDBK-423.
4. Shield Act, H.R. 668.
5. High-Impact, Low-Frequency Event Risk to the North American Bulk Power System, June 2010.
6. Severe Space Weather Events: Societal and Economic Impacts, North American Electric Reliability Council, August 2009.