AbstractThe service outage caused by a faulty CrowdStrike software update in July 2024 triggered a widespread disruption in services and activities worldwide, ranging from airline operations, to credit card transaction processing, emergency and cellular telephone operations, and technical issues for more than 8 million Microsoft Windows users. The outage was not the result of a deliberate attempt to disrupt systems, but rather of what Charles Perrow has termed a “normal accident.” This article explores the implications of technological complexity for critical infrastructure and offers ideas for a research agenda to better understand resilience in tightly coupled, critical infrastructure systems.

AbstractA surge in US federal infrastructure funding is accelerating a variety of transportation, water, energy, broadband, and other improvements nationally, with the potential to support millions of new jobs. However, continued struggles to recruit, train, and retain infrastructure workers—particularly younger workers, women, and people of color—may limit the reach and ultimate impact of this funding. This article—drawing from past Brookings Institution analyses on the infrastructure workforce—explores these struggles in greater depth and points to several steps that both infrastructure and workforce leaders can take to better harness new funding and support more durable workforce development strategies in years to come.

AbstractThe effects of climate change have put tremendous stress on our existing water infrastructure and necessitate rethinking of how we govern and manage these systems. This commentary is a call to action for placing a holistic understanding of climate resilience at the center of water governance, understanding and approaching the issues as contextual and interdisciplinary in nature. Drawing from experiences from the Netherlands and the United States, this commentary outlines climate adaptation as policy dilemma and the role and characteristics of engineering, nature‐based, and community‐focused approaches. It concludes with some thoughts on pathways forward and an invitation for future research and dialog.

Physical hazards such as extreme weather, and increasingly, sophisticated cyber threats, jeopardize safe, reliable operation of the power grid in the United States. More than 98 percent of military installations in the nation depend on the civilian power grid to execute military and national security missions around the world. For these installations, power outages can have devastating consequences. Public Utility Commissions are in a unique position to help bring stakeholders together and work to enhance resiliency of this defense critical energy infrastructure.This article examines issues related to defense energy resilience and explores opportunities for PUCs to develop relationships with the Department of Defense to encourage projects that will enhance national security and provide resilience benefits to communities outside the fence line. Effective state‐specific examples are highlighted.

Operation Warp Speed (OWS) delivered new and effective vaccines to the general public in just 9 months, exploding previously held ideas about the government's role in medical countermeasure (MCM) development as well as what is possible on the timescale of vaccine development. OWS has potential to become a map for action in future pandemic crises. This article examines federal modes of governance that emerged in response to the Covid‐19 crisis, with special attention to how those modes differ from normal government operations. It is at the intersection of crisis modes of action and normal modes of operation that lessons emerge from OWS that may be worth applying in normal times – or not.In “Rules for Operating at Warp Speed,” I outlined how the leadership of OWS was able to accelerate operations under a suspension of the government's usual modes of operation (Arnold, 20201). This included suspension of rules that normally govern transparent and robust federal contracting and relaxing standards for scientific consensus‐building and expertise across government. This article draws from interviews completed in 2020 and 2021 with senior officials at the Department of Defense (DOD), Food and Drug Administration (FDA), and the White House in order to identify the key pandemic modes of action contributing to the success of OWS. It also discusses whether (and how) those modes of action might be adapted to enhance critical infrastructure preparedness in non‐crisis times.

As stated in our website, the Journal is focused on “addressing the security and resiliency threats faced by US critical infrastructure sectors and the corresponding resiliency challenges of jurisdictions that rely on these infrastructures . . . each sect

The evolution of cyber‐physical infrastructure has made its security more challenging. The last few years have witnessed a convergence of hardware and software segments in various domains, including operational technology (OT) which is responsible for carrying out critical tasks such as monitoring and controlling power grids, nuclear plants, transportation, and emergency services. Both hardware and software encapsulate numerous open source and proprietary subcomponents, making it crucial for end‐users to understand the composition of the products they are using. For example, wind turbines incorporate thousands of lines of code (software) used for the turbine's design, planning, operation, and analytics in addition to the numerous hardware subcomponents that construct it. Due to the highly complex nature of software and hardware, knowledge of the components and subcomponents is required to mitigate cyber vulnerabilities and to defend against cyberattacks.There has also been a transformation from a traditional linear supply chain into a global, dynamic, diverse, and interconnected system. The digitization of the supply chain makes it easier to find and exploit vulnerabilities. Critical infrastructures (e.g., power grids, oil, natural gas, water, and wastewater) rely on OT to function, and if the OT is compromised, equipment damage and potential interruption of services could result. A significant security measure to protect OT systems from disruption is to develop a supply chain bill of materials (BoM) corresponding to the software and hardware used in OT, along with attestations amongst vendors and asset owners. A supply chain BoM is a proactive way to understand the inherent vulnerabilities in the system and mitigate them in advance of being exploited. BoMs bolster the trust placed in the digital infrastructure and enhance software supply chain security by sustaining the management of component obsolescence and compliance, along with the seclusion of unsafe segments of a specific product.Adopting BoM tools is becoming increasingly important across various government sectors, as evidenced by the recent U.S. executive order on cybersecurity (NIST 2021). This paper aims to classify BoMs based on structure, functionality, component type, and architecture. The work also discusses case studies to further highlight the benefits of BoMs. In addition, it identifies missing pieces in existing BoM implementations so that future research may identify bounds on where it could expect to make improvements and directly enable researchers to identify promising areas for exploration. Further, the authors provide valuable recommendations to tool developers, researchers, and standardizing organizations (policymakers), additionally benefitting critical infrastructure owners and government executives. This aids in paving a path for future work, thereby, providing suggestions to determine a tool for consumers that best suit their needs.