Skip to Main Content
Critical infrastructure (CI) services are constantly consumed by the society and are expected to be available 24 hours a day. A common definition states that CIs are so vital to our society that a disruption or destruction would have a severe impact on the social well-being and the economy nationally and internationally. CI sectors include, amongst others, the electricity, telecommunication, air traffic and transport sectors. CIs can be mutually dependent on each other and a failure in one CI can cascade to another dependent or interdependent CI to cause service disruptions. Methods to better assess and monitor CIs and their dependencies in order to predict possible risks have to be developed. Information about the current risk in a service provided by a CI can contribute not only to increase CI security, but also to increase the confidence of consumers and CIs that depend on this service. In this paper, a previous work on CI security modelling is extended. A trust based component is added to the security model as a means to improve its accuracy and its resilience to inconsistent information provided by dependent CIs allowing to evaluate the correctness of information received from those dependencies.