Australian Government Attorneys General's Department

Critical Infrastructure Protection Projects

Critical Infrastructure Protection Modelling and Analysis Program
Computer Network Vulnerability Assessment Program

_____________________________________________________________

Critical Infrastructure Protection Modelling and Analysis Program

The Critical Infrastructure Protection Modelling and Analysis (CIPMA) Program is a key component of Australian Government efforts to enhance the protection of our critical infrastructure and to strengthen the resilience of our economy and society. CIPMA examines the relationships and dependencies between critical infrastructure systems and shows how a failure in one sector can greatly affect the operations of other critical infrastructure sectors.

Specifically, the CIPMA Program supports decision-making in government and business by helping to:

identify connections between critical infrastructure nodes and facilities within sectors and across sectors
provide insight into the behaviour of complex networks
analyse relationships and dependencies
examine the flow-on effects of infrastructure failure
identify choke points, single points of failure and other vulnerabilities
assess various options for investment in security measures, and
test mitigation strategies and business continuity plans.

CIPMA Opens for Business

The ‘tasking’ phase of CIPMA was launched on 3 October. Sectors covered in CIPMA are now able to ‘task’ it to examine a scenario or potential disaster and advise about the flow-on effects.

To ensure the orderly tasking of CIPMA and the appropriate and secure dissemination of the tasking results, the Attorney-General’s Department has developed CIPMA Tasking and Dissemination Protocols. The Protocols also ensure that the integrity and confidentiality of the data and models are safeguarded at all times.

The Protocols are derived from a discussion paper circulated in 2006 and incorporate feedback received from stakeholders. The current version of the Protocols is currently being trialled and will be reviewed in July 2008. Feedback received from the last call for comment, and any other feedback received in the interim, will be considered in the review.

Applications under the Protocols should be made on this application form. The first round of applications for tasking closed on 4 January 2008.

CIPMA Capability Architecture and Analysis Workflow

The CIPMA Capability Architecture explains components in the CIPMA Program in terms of scenarios, data and models, impact and recovery, and decision support.

The CIPMA Analysis Workflow diagram explains the workflow from a scenario event that impacts on people, buildings and infrastructure. It also covers economic impacts.

A limited number of DVDs showing how CIPMA works (running time approx 3 mins 30 secs) are currently available. These can be ordered by e-mailing cipprojects@ag.gov.au.

Links

Further information, and hard copy documents, e-mail cipprojects@ag.gov.au.

Computer Network Vulnerability Assessment Program

The Computer Network Vulnerability Assessment (CNVA) Program is an Australian Government grants scheme developed to help ensure the security of Australia’s critical infrastructure. The program is managed by GovCERT.au – the Australian Government Computer Emergency Readiness Team located in the Australian Government Attorney-General’s Department.

The program provides funding of up to 50 per cent of the cost of a vulnerability assessment to private critical infrastructure owners and/or operators, including Government Business Enterprises.

Further information on the program is available by downloading the CNVA fact sheet or by e-mailing cnva@ag.gov.au.

Funding rounds

The ninth round of funding is now open and will close on 30 September 2008. Late applications will be accepted at the Attorney-General’s Department’s discretion.