Impact of extreme weather on critical infrastructure: the EU-INTACT risk framework

Resilience of critical infrastructure (CI) to extreme weather events, such as heavy rainfall, high temperatures and winter storms, is one of the most demanding challenges for governments and society. Recent experiences have highlighted the economic and societal reliance on a dependable and resilient infrastructure, and the far-reaching impacts that outages or malfunctions can have. Growing scientific evidence indicates that more severe and frequent extreme weather events are likely. The EU-funded INTACT project addresses these CI challenges and attempts to bring together cutting-edge knowledge and experience from across Europe to inform the development of best practice approaches in planning, crisis response and recovery capabilities. The project considers the options for mitigating the extreme weather impacts. A key component of the INTACT project is the development of a risk management structure to support decision-making in the case studies. This structure forms part of the overall INTACT Wiki: the main output of the project. It comprises a risk ‘framework’ that sets out how information and guidance can be accessed by CI owners and operators. Within this there is a step-wise risk assessment process based on best practice from the IEC. The risk framework and process presents: structures for models and data requirements for decision making; identifies tools and methods that support decision making; supports analysis of measures to protect CI through simulation; and indicates gaps in modelling and data availability. This paper outlines the components of the risk framework and process, and illustrates its use in a case study dealing with electricity supply


The challenge of extreme weather events and critical infrastructures
Resilience of critical infrastructure (CI) to extreme weather events (EWEs), such as heavy rainfall, high temperatures and winter storms, is one of the most demanding challenges for governments and society. Recent experiences have highlighted the economic and societal reliance on a dependable and resilient infrastructure, and the far-reaching impacts that outages or malfunctions can have [1]. For example, too much or too little rainfall, compared to the 'norm', results in droughts or floods, with major disruptions and economic costs [2]. The cost of developing and maintaining CI is high given it is expected to perform under most conditions and to have realistic functional and economic design lives. Growing scientific evidence indicates that more severe and frequent extreme weather events are likely, with increasing disruption on the functioning of CI.
All of the above challenges indicate that it is important to share knowledge, experience and best practices on how best to protect our critical infrastructures against current and future EWEs. Unfortunately, there is wide variation in EWE impacts across Europe, both due to the geographical context, but also the variations in weather that occur seasonally. It is also the nature of the observed extremes, which can be seen in variation in intensity, duration or frequency. What has also become apparent is that CI is often managed in a compartmentalised manner, with little interaction or regard for other systems [3]. Therefore the interoperability that everyone agrees is required for these connected systems is often lacking. So whilst CIs may have detailed operational and recovery plans, a detailed understanding of indirect, cascading effects between infrastructures may be lacking. The EU project INTACT [4] sets out to address these challenges, to collate existing best practices, and provide comprehensive decision support to CI operators and policy makers, to enhance business continuity and sustained resilience.
The main output of the project will be the INTACT Reference Guide, which will be delivered in the form of a publicly accessible Wiki [5], based on generic information and specific case study datasets and outputs. A central part of the Wiki will be a risk framework and associated risk process that will guide the user through the various steps in how to assess the vulnerability and risk of their CI to current and future EWEs, advice on a range of mitigation measures, and how to best assess these according to different evaluation criteria.
The next section of the paper describes the challenges in being able to characterise extreme weather, and the approach being taken in the INTACT project. This is followed by a general explanation of the whole project, before a more detailed section describing the risk framework and management process: this forms the main topic of this paper. Finally we provide an example of the application of the risk approaches to the Finnish case study dealing with the impact of winter storms on the electricity network.

Climate change and future weather events
Extremes of climate and temporal variation in weather are known to have an impact on the natural environment and society. It is therefore important to be able to detect the occurrence of such variations in normal behaviour and be able to predict such variation in the future, particularly as our observations indicate that weather extremes are increasing in frequency and intensity against the historical baseline. However this is not straightforward, both in terms of defining what extreme weather is, and in characterising the subsequent impacts, since these are generally non-linear and more dependent on the specific context (scale, location, type of CI etc.). So extreme events are defined not only with respect to their low frequency, but also with respect to their intensity. For events characterized by relatively small or large values (i.e. events that have large magnitude deviations from the norm), one needs to take into account that not all intense events are rare.
The severity of climate impacts on infrastructures will vary across Europe according to specific locations and their geophysical risk exposure, the existing adaptive capacity and resilience, and the level of economic development. Evaluation of potential effects of climate change on infrastructure is still very limited and further research and development is required to support decisionmaking. Evaluation of vulnerability of infrastructures requires the analysis of several climatic elements and their impact on the resilience; this is considered in the INTACT project [6].
A large reinsurance company has calculated that more than 90 percent of all disasters and 65 percent of associated economic damages were weather and climate related (7). For example, the July 2007 flood in the UK involved the highest number of people of any flood event in the EU between 2000 and 2009, and also involved 7 fatalities and economic losses of $4.1 billion (8). The Insurance industry generally reports an increase in the number of weather-related events, which have caused significant losses; for example, wind-storms and floods in Europe.
Given the complexity in characterising weather extremes and the predicted impact of climate change, one approach is the use of EWE indicators which can be linked to thresholds and observed impacts on CI. In the INTACT project the indicators are those defined by the ECA&D project [9], which added extra factors related to wind, snow and humidity to build on the original 27 indicators developed by ETCCDI.
These indices highlight various characteristics of extremes, including frequency, amplitude and persistence [10] and are widely used to assess future changes (e.g. [11]). Some indices involve calculation of the number of days in a year/season exceeding specific thresholds. Others use percentile values as thresholds, above or below which some form of impact is likely.
However, even with this suite of indicators it can be difficult to detect meaningful trends that can then be used in CI planning. This can be due to the lack of consistent data sets and the climatic diversity found across Europe. Figure 1 a illustrates some significant, general trends for the period 1980 to 2010 across Europe for precipitation, wind and temperature [12]. So whilst there is an increase in the intensity of rainfall, there is a decline in duration of extreme wind speeds (although latter is associated with a strong decline in number of calm days). Within the INTACT project, these indicators are used to characterise extreme weather, with simulated data sets produced for future climate epochs over the coming century. Table 1

The INTACT project
The INTACT project addresses the challenges posed by increasing extreme weather on European-wide critical infrastructure. It aims to bring together innovative and cutting edge knowledge and experience in Europe in order to develop and demonstrate best practices in engineering, materials, construction, planning and designing protective measures as well as crisis response and recovery capabilities.
The project consists of a series of 8 work packages that are linked together in a structured workflow, and summarised in Table 2.

Framing and Perspectives
Establishes a consistent appreciation and taxonomy of the interaction between Critical Infrastructure and Extreme Weather Events, including an understanding of the current state of the art

Climate and Extreme Weather
Collects and analyses trends, patterns and tendencies in extreme weather, including predictions up to 2100 Vulnerability and

Resilience of European Critical Infrastructures
Develops a methodological framework for CI vulnerability assessment and an analysis of CI protection measures

Risk and Risk Analysis
Develops a framework for risk management, and presents a process for risk assessment, including guidance on tools and methods

Stakeholder Engagement and Dissemination
Collects and disseminates best practice approaches and brings together stakeholders

Case Studies
Five case studies to test the developed methods and provide useful feedback for inclusion in the guidance

INTACT Wiki
Collates all information and knowledge gained within the project into a comprehensive and yet practical guide for CI operators and associated policy makers Table 2. Overview of INTACT work packages Using the consistent framework and taxonomy developed in WP1, there is a logical sequence from the investigation of extreme weather in WP2, the important EWE-CI interactions and vulnerabilities from WP3, which are then used in the central risk analysis and management work package. These three technical work areas feed information and outputs into the wiki, which in turn is tested in the case studies [13]. This paper concentrates on the risk management activities and provides a case study example from Finland.
Although all of the many project tasks will be captured in a series of standard reports, the main output of the project will be the INTACT Wiki; a decision support system set in a wiki environment that facilitates cross-disciplinary and cross-border data sharing and provides for a forum for evidence-based policy formulation. The wiki will both contain relevant content and data related to EWEs and CIs, in addition to guidance and support on how to navigate this extensive data store, including links to external sources. Experiences in using the wiki and the other project outputs will be demonstrated via five case studies; initial findings from one of these are described in Section 5.
Overall, the objectives of the INTACT project are to: x Assess regionally differentiated risk throughout Europe associated with extreme weather; x Identify and classify, on a Europe wide basis, CI and to assess the resilience of such CI to the impact of EWE; x Raise awareness of decision-makers and CI operators about the challenges (current and future) EW conditions may pose to their CI; and, x Indicate a set of potential measures and technologies to consider and implement, be it for planning, designing and protecting CI or for effectively preparing for crisis response and recovery.

The risk framework and process
In terms of improving the resilience of Europe's critical infrastructure to future EWEs, it is necessary to consider the probability and intensity of such events, as well as the exposure of the infrastructures and their vulnerability to disruption. Hence, a standard risk assessment needs to be undertaken, considering both the hazard and the consequences. In support of this risk assessment, it is necessary to assemble a comprehensive range of information covering: current and future weather hazards (including induced hazards); data on CI-specific vulnerabilities; policies and procedures for different CIs; relevant guidance and legislation applicable to the CI and the assessment locality. From the state-of-the-art review undertaken in INTACT [14], a vast amount of information is available for these risk components: however, many of the assessment tools are CI-specific, and there appears to be limited interaction between CI sectors. As a result, the INTACT project sets out a logical structure for accessing this information and associated tools, and to provide guidance on how to conduct a risk assessment.

Risk framework
Following the review of risk tools used to assess weather impacts on CI, a series of questionnaires were sent to project partners and case study stakeholders to further ascertain what tools and information they used in assessment of CI impacts [15]. A "gap analysis" was also undertaken, that looked at selected weather events and what methods had been used before, during and after the incidents to improve the CI resilience. This identified areas where additional methods could have assisted in a better understanding of the risk and in developing improved response measures. Based on this analysis, a risk framework was proposed, to support asset owners and operators and authorities in their aim to make reliable, cost-effective, efficient, and transparent decisions. This framework aims to provide information on the assessment process, appropriate methods and tools for decision support, and to clarify how different methods and tools are related to each other. It also includes information on legislation, regulations, guidelines and best practices and on the most important standards in the area of risk, dependability and asset management -all accessed as part of the INTACT Wiki. Figure 2 below shows the structure of this framework within the wiki, with information presented under three headings, and the associated risk process set above this. The following sections provide a brief overview of the framework content.

Climate and extreme weather
This part of the wiki addresses the climate and extreme weather and provides information on: x EWE data and indictors (in a variety of spatial formats), x Historical trends and RCM performance, x Future scenarios for extreme weather indicators x A catalogue of past EW-related events causing damage to CI in and outside of Europe, extracted from the INTACT database. Section 2 above provides a summary of the issues and output from the project concerning extreme weather.

Requirements, guidance and best practices
This module sets out examples of Europe-wide and specific guidance and best practices for assessing EWEs and CI. Furthermore, it describes the factors contributing to CI vulnerability and resilience as well as global change and CI vulnerability and resilience. Examples of good practices in adaptive decision-making (existing projects and programs) are also presented, based on the results of the case studies. Finally it includes details of the gap analysis undertaken for selected EWE events, which illustrates how to identify problem areas that need addressing in any risk assessment.

Rules and regulations
This final section of the framework focuses on: • EU-directives, regulations and rules, • National laws, acts and regulations, • Standards etc. Overall, the INTACT project has identified a large body of EU-level directives and acts, as well as national level acts and regulations. Furthermore, in the area of risk and reliability management and asset management there are many standards available and published [16,17]; many of the most relevant documents are produced by the International Standards Organisation (ISO) and the International Electrotechnical Commission (IEC).

Risk management process
The risk process in INTACT is based on the IEC 60300 procedures (now superseded by IEC/ISO 31010) [16]. The representation of this in the wiki is shown in Figure 3. The main objective is to provide a structured approach to assess the EWE impacts on CI (focusing on the ex post performance) and the resilience and vulnerability of CI as well as deriving and testing alternative measures and their costs / benefits (focusing on the on ex ante planning). The risk process incorporates many elements and phases and supports the use of a variety of methods and tools that can be classified as hazard assessment, vulnerability assessment, risk assessment and cost-benefit analysis. As the process is not always linear and not all steps are conducted in series, the tools and methods integrated in each step can of course also be used separately. Additionally, some tools and methods may cover several steps. The INTACT risk process has retained most of the tools contained in the IEC 31010 standard, supplemented by specific examples that are being used in the case studies (see Section 4.2.2). Figure  4 summarises the availability of tools in the wiki, covering each of the six process steps.  The INTACT risk process is flexible in the sense of allowing a user to enter and exit the process at other steps than the first and the final ones. At all steps, the formal process is accompanied by framing conditions which determine, to a large extent, how the described risk process is followed in a decision situation. This indicates that different decision rules may also be employed in each step. The level of detail and type (qualitative, quantitative, and semi-quantitative) in the assessment needs to be consistent with the level of the decision (local, national, EU-level).
The following provides a short commentary on the content of the process building blocks.

Scope definition
The first stage is to define the scope of the risk assessment, primarily based on the type of CI the user is interested in and the timeframe for the assessment. For each selected CI the process gives advice on the types of EWE that are of most relevance plus the timeframes and scale over which these effects are likely to occur. For the selected parameters, the process will direct the user to information on the types of assessment possible (quantitative or qualitative) and relevant guidelines, policies or legislation that may inform the subsequent assessment. The output from this step is the defined problem scope.

Risk identification
Having set out the problem scope, guidance then assists the user in understanding the specific threats to their infrastructure, and in defining relevant EW indicators to characterise the hazard that is most appropriate for the assessment. It is also necessary to consider any induced hazards, such as flooding resulting from high rainfall, or cascading effects from other CI systems, that may require additional risk assessments. Vulnerability analysis of CI systems is not straightforward as they comprise complex interactions, and a holistic approach is challenging. Nevertheless, vulnerability should be considered for three perspectives: technological, societal, and human. Again, several methods are available to help in the identification, and subsequent phases: these include the Storyline Method [18] and the Circle tool [19], both of which have been used in several of the project case studies.
For the identified risk formulation, information is provided on the most appropriate approaches to estimating risk, which may be quantitative or qualitative, plus guidance on any dimensional characteristics of the risk problem. The output from this step will be a shortlist of threats to be taken forward in the risk estimation

Risk estimation
This step involves the calculation of the risk, based on the selected EWE hazard and CI vulnerability. The process provides guidance on the various methods available to the user, with details of the possible outputs and indicators from each method. There are many available methods, and the choice will depend on the level of effort that can be devoted to achieve the outcome, the availability of data and the required output. In simple terms, three levels of risk estimation can be identified [16]: • Qualitative assessment defines consequence, probability and level of risk by significance levels such as "high", "medium" and "low", may combine consequence and probability, and evaluates the resultant level of risk against qualitative criteria, • Semi-quantitative methods use numerical rating scales for consequence and probability and combine them to produce a level of risk using a formula. Scales may be linear or logarithmic, or have some other relationship; formulae used can also vary, • Quantitative analysis estimates practical values for consequences and their probabilities, and produces values of the level of risk in specific units defined when developing the context. Full quantitative analysis may not always be possible or desirable due to insufficient information about the system or activity being analysed, lack of data, influence of human factors, etc. or because the effort of quantitative analysis is not warranted or required. The issue of uncertainty is important, as this should form part of the user's assessment of the level of risk that is acceptable, covered in the next step.

Risk evaluation
A key aspect in the evaluation phase is the setting of appropriate thresholds for an acceptable or tolerable risk. This can then be compared to the estimate made in the previous step. For example, an economic framework can be employed to present the EWE impacts as monetary values, and these can be compared to a range of mitigation options to assess what level of cost is acceptable. Although a full economic risk assessment is desirable, it does require the evaluation of both tangible and intangible impacts, some of which may be difficult or impossible to monetise. Hence, a semi-quantitative or mixed assessment may be preferable. The risk process provides guidance on setting suitable thresholds. This will make use of examples from the case studies, the gap analysis described above, and examples from the published literature. The output of this step will be whether some form of intervention or action is required to try and reduce the assessed risk level.

Proposals for action and risk reduction/control
The penultimate stage involves the provision of guidance on the possible mitigation measures or actions that could be taken to reduce the estimated risk. Possible ways of managing the risk include adaptation, coping, mitigation and risk transfer. This is central to the whole INTACT project, in that the derivation of a suite of measures is one of the main outputs, based on the assembled EWE/CI database and the experiences from the case studies. A key consideration will be what stage or stages of the disaster cycle the CI user is considering (or advised to consider). Based on the CI vulnerability study, a series of generic mitigation measures have been assembled, covering all four disaster phases (mitigation, preparedness, response and recovery), and the weather types of: cold snap; heat wave; intense rain; high snow cover and wind storm.
There are many ways to assess the suitability of any measure, which can include Cost Benefit Analysis, multicriteria methods, indices and ranking, and the wiki provides guidance on all of these, including when they are most appropriate, and providing examples from the case studies or wider literature.
A final stage in the IEC process concerns risk reduction and control, for which the INTACT process will provide guidance in the wiki, although this will not form part of the main risk process. This step relates to the on-going assessment of risk and appropriate mitigation, balancing operational and capital measures.

Finnish case study application
The Finnish case study in the INTACT project considers the impacts of extreme winter conditions on electricity distribution in Pirkanmaa (also known as The Tampere Region) in South-West Finland. Due to the criticality of power supply for society, strengthening the resilience of electricity networks to withstand and to survive unwanted situations is extremely important. The electricity distribution system in Finland includes some 800 substations, 150,000 km of medium-voltage lines, 100,000 distribution transformers and 240,000 km of low-voltage lines (20). 80 % of the medium-voltage network is overhead lines, 7 % of it is overhead cables and 13 % of it consists of underground and underwater cables. 3 % of the low-voltage distribution network is overhead lines, 58 % of it is overhead cables and 39 % of it underground cables (22). The overhead lines are often located in forests, creating a threat to security of supply of electricity. Moreover, the power sector is one of the few sectors that have the potential to cause major and widespread breakdowns in many other sectors (25).
Snow storms and heavy snowfalls are typical winter extremes that affect critical infrastructure in Pirkanmaa. Especially a blizzard (defined by low temperature, sustained wind or frequent wind gust and considerable falling or blowing snow blizzards) can represent a great challenge for the electricity networks (26). In terms of projected future climate the winter extremes, frequency and intensity of weather and climate extremes are likely to continue. For example, there will be a slight increase in heavy snowfalls (over 10 cm/24 hour) in future. (24) Furthermore, strong winds can involve extreme gusts that can topple trees and fly branches onto the overhead lines and cause disruptions in electricity distribution.
Several steps of the proposed INTACT risk management process have already been conducted in the Finnish case study. The process gives guidance on assessing risks associated with and the vulnerabilities of electricity networks in order to improve the preparedness and effective response on winter extremes. Vulnerability assessment is an important subset of the entire process. In the Finnish case study, the vulnerability assessment was made in close co-operation with the distribution network operator. The aim was to identify network vulnerabilities and potential failure modes and their likelihoods in the situation where the electricity network is exposed to snow storms and leading to an electricity blackout (23). The operator uses SCADA and DMS (Network manager) systems for real-time monitoring and control and such systems provide also a lot of data on reliability, availability, and maintainability of the electricity network. However, the data is typically confidential and owned by the operator.
Event tree analysis (ETA) was used to analyse the probability of electricity blackout in Finland. The idea was to estimate blackout probabilities resulting from a snow storm in forests dominated by different types of trees. The structure started from the first factor affecting the Pirkanmaa region's electricity distribution network's vulnerability to snow storms, i.e. the portion of overhead lines built in forest areas and ended in blackouts resulting from several different factors. Each of these factors has been given an estimated probability. In the end, probabilities for each outcome were calculated to see which outcomes are the likeliest. The analysis was done by the researchers by the help of spatial and other data provided by the distribution network operator. The main focus was not so much on the end results but rather on testing out the method where each step is reviewed independently by experts and to see how adjusting the probabilities of these factors impacts the blackout probabilities of the complete chains of events. (21) The results of the vulnerability assessment (information on vulnerabilities, probabilities for electricity blackout) can be used as an input for risk estimation and evaluation phases of the INTACT risk process. Risk estimation and evaluation phase in the Finnish case study added the consideration of the probability of snow storms coupled with the economic, societal and environmental consequences of the power outage. The main public and private actors who contributed to this step of the process were rescue department / services, municipalities, health care district, Centre for Economic Development, Transport and the Environment, Finnish Red Cross, the distribution network operator and the ICT Company that builds up the new Finnish emergency call system. The analysis was done in a workshop with the above mentioned stakeholders and the focus was on the organisational, co-operation and communication related aspects. This was because both preparedness and response of the crisis situations due to electricity blackout require an extensive co-ordination between power and other sectors of society and the authorities. Consequently, as the impacts of snow storms to society can be huge, it is important to ensure that the preparedness and response activities for these situations are well planned, enough trained and smoothly performed.
Action Error Analysis (AEA) was used to find out the worst shortcomings of the actions during electricity blackout due to snow storm. Moreover, the stakeholders of the Finnish case study argued that the probabilities for snow storms in Finland are not necessarily needed in the evaluation because winter storms recur almost every winter somewhere in Finland. The base case for the AEA was the snow storm that occurred in the end of November 2015 in Pirkanmaa. The aim was to analyse the gap between planned and real actions to support the preparedness and response planning and decision-making for winter storms induced black-outs. The results were reported in a table form covering several aspects for each action error: x Agreed way of working x Action error and its roots x Consequences x Actors x Planned preparedness activities x Consequence class and consequence likelihood, risk class x Actions to be done.
During the next steps of the Finnish case study, the INTACT risk process will be applied to analyse the future risk that future snow storms can pose to the electricity network. Both the situation with current strategies and actions and the situation in which new measures to reduce future risk are implemented will be considered. In the final step of the INTACT risk process, the cost-benefit analysis for the measures will be conducted. In the Finnish case study, for example, placement of the overhead lines and underground cabling as well as improved co-operation and co-ordination practices and strategies can reduce the risk of how winter extremes affect the electricity network.
Based on the experiences of applying the INTACT risk process in the Finnish case study so far, it can be concluded that the process provides a practical approach to the assessment of risks and impacts of snow storms induced black-outs and the resilience of the electricity network. We believe that the developed approach fills its intended purpose as an easy-to-apply and -follow assessment approach. Furthermore, the approach enhances the transparency of risk management and contributes to the more comprehensive use of available tools, methods and information affecting the effectiveness of preparedness planning and response actions.

References 7 Acknowledgement
The research leading to these results has received funding from the European Union Seventh Framework Programme (FP7/2007-2013) under grant agreement n° 606799. The information and views set out in this paper are those of the author(s) and do not necessarily reflect the official opinion of the European Union. Neither the European Union institutions and bodies nor any person acting on their behalf may be held responsible for the use which may be made of the information contained therein. Reproduction is authorised provided the source is acknowledged.