The Risk analysis and evaluation toolkit is consisted of state of art models and tools for the analyis and evaluation of risks (from physical, cyber and combined events) to the water systems (with focus on the vulnerable assets identified). Considering the close connection and interoperability of all components foreseen under the Risk Assessement and Treatment Framework, this document aims at providing the readers with a vivid and complete picture of all autonomous, yet interoperable, tools towards the tactical and strategic risk assessment and intervention planning. The first part of this report provides a common ground in the field of cyber-physical systems and their secutiry through a thorough literature review on relavent terms, legal frameworks, standards and state-of-the-art methodologies and tools for risk identification/analysis/management/treatment, whereas the second part documents the STOP-IT products and the overall established methdology. After ensuring compatibility with ISO 31000, inter-related components of STOP-IT are described, the methodological approach and different levels of analysis are explained, which are concluded with the user’s perspective descriptions and scenarios of use. Further, a more detailed description is provided for the development of the InfraRisk-CP, the Risk Analysis and Evaluation Toolkit (RAET) and the Key Performance Indicators (KPIs), which are some of the key elements of the framework.
The Risk Identification Database (RIDB) is an organized collection of data, which includes the identification of threats, risk sources, risk factors, causal relations and the description of risk events. The objective of the RIDB therefore is to identify risk events, related to physical and cyber threats, which can occur in water distribution systems utilities, their locations, and causes.