Critical Information Infrastructure Protection (CIIP)

Publication Type:

Journal Article


Peter Westrin


Information & Security: An International Journal, Volume 7, p.67-79 (2001)


CIIP; security; cyber threats; conventional vs. IT-related security threats; infrastructure vulnerability; CIIP R&D; network society., Critical Information Infrastructure Protection


This article treats a number of fundamental issues concerning Critical Information Infrastructure Protection, including the basic concept of CIIP as such. What are we actually referring to when we talk about a society’s critical information infrastructure and against whom or what must we be prepared to protect this infrastructure? The notion of “network society” is central here, and certain aspects of societal development within the framework of CIIP are discussed. These include the issues of responsibility and trust, and whether or not CIIP is primarily a technological problem. Some basic differences between conventional threats and IT-related threats are discussed, as well as important issues concerning system complexity, error propagation and mutual dependence. Also discussed is the question of whether it is, in fact, possible to establish a solid and durable framework for research into a problem context such as CIIP, a context which is both fragmented and continually developing at a rapid pace. The article concludes with a short description of on-going CIIP-research.

Last updated: Wednesday, 13 February 2019