Abstract

The aim of this paper was to investigate whether infrastructure could be modelled in order to find critical points using network science and graph theory. Since a lot of information about our infrastructures is publicly available, an attacker might exploit this to find vulnerabilities in our systems. With that in mind, the methods of this paper were implemented from an attackers point of view who’d want to maximize harm with minimal effort. The Swedish railway network served as an example and starting point for the optimization of the methods. The data for the network was obtained from the Swedish Transport Agency’s website and was implemented in Networkx using Python. Different centrality metrics were used to identify and remove critical nodes in the network. The centrality metrics were also used to rank the nodes and to remove them after order of importance as the size of the largest component was recorded. This was done both with no recalculation and with a recalculation after each removal. The results were compared with the random removal of nodes, and it showed that without a recalculation the random removal performed better but with recalculation all the centrality metrics performed significantly better. The Swedish railway network is a sensitive network in terms of how it is connected. Targeting a few nodes could completely cut off parts of the graph, creating two sub components with no way of traveling between them. Many different methods can identify these nodes, but only a few are suitable in terms of generic results that could work on other networks as well. The most prominent one being the one dealing with degree and connectivity. The nodes that had a higher degree than connectivity between themselves and the source, identified nodes that would completely disrupt the network, leaving two subcomponents. Infrastructures can be seen as highly intertwined systems, where the physical-, cyber- and human parts all affect and interact with each other.