Innovation Brief: Post-Pandemic Critical Infrastructure

Critical Infrastructure in the age of COVID-19

In this this chapter of our Innovation Brief on post-pandemic places we look at how COVID-19 has impacted the domain of Critical Infrastructure and what new opportunities have emerged or been accelerated. In particular, we focus on the underlying utilities and services which underpin a place – water, waste, power, and digital connectivity.

Disaster movie representations of pandemics often feature catastrophic breakdowns of critical infrastructure as high infection rates and preventative quarantine measures trigger systemic collapse. It has been striking how resilient systems have been in the context of the current crisis. The lights have remained on. Our garbage has still been collected. All due to the heroic efforts of key workers. Despite this success, there are areas where new opportunities and needs are emerging – in cyber-security, digital connectivity and asset management and maintenance.

These opportunities have different triggers and we explore them through the three time-horizons we have discussed in previous chapters of this Innovation Brief:

• Right now: the emergency response – The urgent need to contain COVID-19 has stimulated demand for rapid-response solutions and collapsed traditional barriers to the adoption of new approaches. One area with increased demand, driven by the huge upswing in remote working, is cyber-security. How should organisations minimise risks in this area while ensuring compliance with data privacy regulations?
• What next? The transitional restart – Having managed the initial crisis, what might the opportunities be to help the world step cautiously into a post-lockdown, pre-vaccine period? As higher levels of remote working are likely to be sustained, investing in our digital infrastructure is critical – and will open up a range of new possibilities.
• Beyond recovery and into the ‘new normal’ – What can we take from the response and restart phases that create opportunities to answer changes in demand and build back better over the longer term? The impact of COVID-19 reminds us of the importance of accelerating progress to a net-zero world and makes maintenance of some parts of our infrastructure more risky. In both cases, we see the acceleration of technologies which were already being explored.

The sudden, pressing imperative for improved cyber security

With a vast number of organisations “going digital” within days, the need for more robust cybersecurity has grown dramatically. In the initial rush to facilitate home-working, many organisations have seen increased risks due to:

• Growth in the number of ‘bring your own’ (i.e. not company issued) devices
• Insecure remote-access protocols
• A lack of established processes for remote working
• ‘Insider threats’ – i.e. actions of employees (sometimes malicious, but often accidental – for example clicking on a phishing email)

The use of virtual communication platforms has skyrocketed with employees using software to remotely access corporate networks. These platforms have faced a growing number of cyberattacks, ranging from relatively low impact ‘zoom bombing’, to attackers attempting to penetrate corporate networks through remote ‘home office’ vulnerabilities.

The National Cyber Security Centre (NCSC) has described a range of online attacks through which criminals seek to exploit COVID-19. For instance, individuals have been targeted with COVID-themed phishing emails with infected attachments containing fictitious ‘safety measures’.

New critical infrastructure: new national vulnerabilities

These challenges affect all organisations but are particularly acute for several types of organisation that were never considered part of critical infrastructure pre-COVID. As well as parts of the healthcare ecosystem, logistics companies and supermarkets are now recognised as essential national assets and are prime targets for cyberattacks.

These organisations must reassess their cyber risks, plan for regulatory compliance and implement more sophisticated security frameworks. With reports of key institutions in the fight against the pandemic succumbing to ransomware extortion attacks, these risks are not theoretical, but increasingly urgent.

The vigilance vs. privacy debate heats up – lessons from contact tracing apps

Organisations realising the need to secure their networks are reviewing points of vulnerability. ‘Human vectors’ are often a weak point and it may be tempting for organisations to ramp up efforts to track employee activities to mitigate these risks.

For this approach to be successful, it requires adoption and compliance, in a context of strong legal protections for personal data. Innovators may benefit from the lessons being learned in the roll out of contact tracing apps. Such apps are a key virus control technology which warn people who have been near an infected person to get tested and/or self-isolate.

Many countries are developing and rolling out these apps, with varied degrees of success. In Germany, a country with a strong tradition of data privacy, an app launched in mid-June. The Covid-warn app is compliant with a stringent European standard on location data privacy (PEPP-PT) but nonetheless is struggling to drive adoption: only 42% of citizens said they would download it. For an app to work effectively, approximately 60% of the population needs to use it.

Other countries such as South Korea have had more success, using more intrusive location tracking technology (and cross referencing with CCTV) among a population more comfortable with such measures.

In a recent virtual roundtable hosted by the Centre for Data Ethics and Innovation (CDEI) people from around ten countries working on contact tracing apps explored various approaches being taken globally to develop such apps. A key theme was the need to balance effectiveness and public trust in the design of the apps. A ‘privacy by design’ approach and a clear communication strategy customised to the culture concerned are important elements of success.

Security and trust

Strengthening cybersecurity to protect critical infrastructure is essential. This cannot succeed without the support of society. We need to develop tools that can do the job without compromising privacy to the point where citizens rebel. Whether it is enhanced security protocols for remote working or contact tracing apps, they must be unobtrusive, transparent in their purpose and actions, and acceptable to those who will be affected. Privacy by design, proven data security, and total reliability will all help to persuade people to trust.

The need for speed

The pandemic has accelerated the demand for high speed and reliable connectivity across the UK. In most places, providers have successfully supported additional demand but robust connectivity in UK’s rural areas, coastal towns and some urban inner city areas remains a challenge. The proliferation of ‘critical apps’, Over-The-Top (OTT) and other digital content, coupled with the surge in cloud computing requires more robust digital infrastructure across the UK.

As we emerge from the crisis phase of the pandemic, new behaviours which put a strain on existing infrastructure are likely to continue. Remote working will remain the norm for many employees, and remote applications such as distance learning and tele-health will continue to grow. As these applications become more immersive, demand for more throughput and faster speeds will accelerate.

All of this requires significant public and private investment across fibre optic networks, 5G, data centres, mobile towers and small cell infrastructure. Several projects are already well underway but COVID-19 may stimulate more investment and momentum in upscaling current testbeds and trials across the UK.

Some of these projects include:

• Building Digital UK (BDUK) is piloting a way to provide gigabit-capable broadband to the remote places in the UK through its Rural Gigabit Connectivity programme, currently funded through to March 2021
• New fibre-optic cabling is being laid along London’s tube tunnels to create a ‘fibre backbone’ across London at an investment of £10 million by the City Hall. The upgrade will give more Londoners access to gigabit-speed fibre to the premises (FTTP), tackling ‘not spot’ areas. It will also pave the way for 5G connectivity, which requires an extensive full-fibre network. It will also reduce the cost to providers of laying ‘last-mile’ cabling between public buildings and homes and businesses in the city.
• Several 5G testbeds and trials are underway in the UK now including 5G RuralFirst, 5G Smart Tourism, Worcestershire 5G Consortium, Liverpool 5G Testbed and 5G Rural Integrated Testbed (5GRIT)
• The Urban Connected Communities Project is developing a large-scale, 5G pilot across the West Midlands, with hubs in Birmingham, Coventry and Wolverhampton. The 5G Programme will invest over £20 million (October 2018 to March 2022)
• The UK government has also made up to £30m available for the 5G Create competition, that aims to explore and develop new use-cases and sustainable business models for 5G applications and services.

As this infrastructure starts to roll out and scale, there will be opportunities across the value chain – from hard transmission infrastructure, including cell towers and ‘small cells’ or antennas, to cloud and data centre services, to mobile networks and hand-held devices for end users. And when the new infrastructure is in place, a huge range of opportunities open up. Low latency and high speeds mean that 5G networks will enable new applications including:

• reliable remote control over elements of critical infrastructure (discussed further below)
• facilitating the safe operation of connected autonomous vehicles
• new smart city applications

A wake-up call on the size of the net zero challenge

During the pandemic-induced lockdowns which were put in place globally, we saw a dramatic dip in CO2 emissions. Perhaps, some thought, this period of enforced immobility (most reductions came from lower vehicle usage) might help us by making overall reduction targets more manageable. Alas – while the dips were substantial (around a 17% decrease), they only (temporarily) reduced emission levels to those which were the norm in 2006. With vehicle usage rapidly rising again as lockdowns lift (as discussed in our mobility chapter), unfortunately emissions are nearly back to pre-pandemic levels. This experience should focus minds: if a complete global lockdown for multiple months barely dents our climate trajectory, it is clear that systemic change is needed to reach ‘net zero’ as a country by 2050.

A net zero energy network

As our sister Catapult, Energy Systems Catapult (ESC) discuss in detail in their recent report, significant change is required across multiple domains for the UK to dramatically reduce its emissions. Electricity supply and transmission is a key component of this with multiple implications for how our network operates and is managed. If this wasn’t challenging enough, ESC project that electricity generation capacity needs to double or potentially even treble if we are to support the transition to other cleaner technologies such as hydrogen fuelled vehicles.

Multiple technologies, tools and policies need to come together to make this happen – all of which represents both a huge challenge of coordination and a big opportunity as new markets are created. On the policy side of things, low carbon economic incentives such as a UK carbon trading market which is being developed as we exit the EU will be important, but there are many other areas rich with opportunities for innovation. These include demand side response approaches, more localised micro-production of heat and power or combined systems such as this one at Kings Cross.

Safe and hygienic asset management

Current approaches to maintaining our critical infrastructure assets are largely reliant on sending old fashioned humans to the assets themselves to check for damage and administer repairs. In cases where assets are located in densely populated areas or cramped conditions, we can add an increased chance of viral infection to the other risks and inefficiencies represented by the status quo (risks of injuries, costs of unnecessary field visits etc).

These are already areas where new technology is disrupting old processes and we would expect the adoption of more modern approaches to accelerate as we enter the re-start phase of this pandemic. The remote asset management market where IoT sensors are used to monitor the performance and integrity of assets is projected to be worth $32.6 billion by 2025 according to Markets and Markets. Companies such as Telit use sensors deployed on assets, combined with LoRaWAN networks for data transmission and smart predictive analytics to maximise the ‘up time’ of machinery by preventing break-downs before they happen.

For assets such as overhead power pylons or other ‘hard to reach’ structures and machines, drone-based inspections are taking off. UK based Sky Futures now operates in 28 countries and services multiple industries. Zooming out further, Earth-I use satellite imaging to monitor assets including pipelines, industrial sites and ports, identifying current risks and building up a dataset to forecast future risks.

Building more flexible, resilient and climate friendly critical infrastructure

Building the infrastructure systems which are needed to enable economic recovery, a successful transition to net zero and resilience in the event of future crises represents a major opportunity for innovators. If you are working on solutions which will enable that future, or if anything in this chapter or the rest of the Innovation Brief has sparked your imagination, we want to hear from you.