Critical Infrastructures: Background, Policy, and Implementation [Updated March 13, 2007] [open pdf - 206KB]
From the Summary: "The nation's health, wealth, and security rely on the production and distribution of certain goods and services. The array of physical assets, functions, and systems across which these goods and services move are called critical infrastructures (e.g., electricity, the power plants that generate it, and the electric grid upon which it is distributed). The national security community has been concerned for sometime about the vulnerability of critical infrastructure to both physical and cyber attack. In May 1998, President Clinton released Presidential Decision Directive No. 63. The Directive set up groups within the federal government to develop and implement plans that would protect government-operated infrastructures and called for a dialogue between government and the private sector to develop a National Infrastructure Assurance Plan that would protect all of the nation's critical infrastructures by the year 2003. While the Directive called for both physical and cyber protection from both manmade and natural events, implementation focused on cyber protection against manmade cyber events (i.e. computer hackers). However, given the physical damage caused by the September 11 attacks, physical protections of critical infrastructures has received increased attention. […] This report discusses in more detail the evolution of a national critical infrastructure policy and the institutional structures established to implement it. The report highlights five issues of Congressional concern: identifying critical assets; assessing vulnerabilities and risks; allocating resources; information sharing; and, regulation."
CRS Report for Congress, RL30153