Empirical Findings on Critical Infrastructure Dependencies in Europe Eric Luiijf 1 , Albert Nieuwenhuijs 1 , Marieke Klaver 1 , Michel van Eeten 2 , and Edite Cruz 2 1 TNO Defence, Security and Safety, Oude Waalsdorperweg 63, 2597AK The Hague, The Netherlands {eric.luiijf,albert.nieuwenhuis,marieke.klaver}@tno.nl www.tno.nl 2 Faculty of Technology, Policy and Management Technical University of Delft, PO Box 5015, 2600 GA Delft, The Netherlands m.j.g.vaneeten@tudelft.nl Abstract. One type of threat consistently identified as a key challenge for Crit- ical Infrastructure Protection (CIP) is that of cascading effects caused by depen- dencies and interdependencies across different critical infrastructures (CI) and their services. This paper draws on a hitherto untapped data source on infras- tructure dependencies: a daily maintained database containing over 2375 serious incidents in different CI all over the world as reported by news media. In this paper we analyse this data to discover patterns in CI failures in Europe like cas- cades, dependencies, and interdependencies. Some analysis results indicate that less sectors than many dependency models suggest drive cascading outages and that cascading effects due to interdependencies are hardly reported. 1 Introduction Most nations and the European Union [1] have identified that critical infrastructures (CI) dependencies are causes of major concern. A failure within a single CI may al- ready be damaging enough to society. However, when such a failure cascades across CI boundaries, then the potential for multi-infrastructural collapse and high catastrophic damages may be high. Various modelling and simulation efforts also stress the possibil- ity of dependencies and cascading failure. But just how to rate this type of risk in com- parison to other risk factors for CI, remains unclear. While probabilities are unknown, the magnitude of the consequences multi-sector collapse is so large that many argue that this factor alone pushes this risk to the top of national priority lists. Auerswald [2] calls CI dependencies the ’unmanaged challenge’, which has proven to be less tractable than managing the vulnerabilities within a single CI: More pervasive and difficult to manage are the (inter)dependencies that exist among firms in different infrastructures. Most national CI protection (CIP) policies identify dependencies as a priority area. Adequately addressing this unmanaged challenge will draw substantial resources away from other CIP areas. The question is whether the risk associated with CI dependencies, and if so, for which set of CI, needs to be prioritised. A confrontation with empirical data, even if scarce or incomplete, may help in decision-taking and prioritising. So far, such efforts - as far as the authors know - are by and large missing. R. Setola and S. Geretshuber (Eds.): CRITIS 2008, LNCS 5508, pp. 302–310, 2009. c  Springer-Verlag Berlin Heidelberg 2009