Causal reasoning A consistent theme in our technology is the management of composite alternatives, and causal reasoning. Fundamentally, an infrastructure is a composite entity. One can reason from effects to causes to discover the state of an infrastructure, and reason from causes to effects to estimate the effects of various scenarios upon the infrastructure.

Infrastructure applications The framework offered by our products enables us to easily develop applications for:

Fault diagnosis: Observations of anomalous behavior in the infrastructure evoke hypotheses as to its cause. Testing the predictions of those causes, and matching them against the observations, reveals the most believable causes..

Design: Possible designs can be generated automatically (adding or improving nodes, links, etc.), and they can be tested against various situations (e.g., a link failing) to determine their merit. The best designs are presented to the user, so they can examine the tradeoffs between the infrastructure's costs and its robustness against various contingencies.

Recovery and hardening: In response to a feared or an actual attack, an infrastructure can be designed starting from its current state, instead of from scratch, with the costs being calculated as an increment from the existing equipment. So, as well as assisting in the design of new infrastructures, we can bring value to the improvement of existing infrastructures.

Network-of-networks: Different infrastructures interact with one another. For example, the power network can be instrumental to the operation of the transportation network and to the distribution of water and fuel. Our modeling language supports the ability to encode different interacting infrastructures, so that our system can take account of a long chain of effects as each problem with an infrastucture affects the others.

Vulnerability analysis: Possible attacks against or failures of parts of an infrastructure can be generated and their predictions tested. Those of greatest predicted severity can then be studied by the user. This is relevant both for planning attacks against others, and preparing for attacks against oneself: for instance, denying communications to the enemy while assuring one's own communications.

Example Based on previous Air Force work, and with funding from the Army and the Navy, we examined the vulnerability of a communications network to attacks on the nodes and the links. An important question was of the command centers remaining in touch with one another. Direct attacks on the command centers were costly, so multiple targets around them had to be destroyed in order to isolate them. We applied an evolutionary algorithm that progressively developed increasingly complex attacks and successfully discovered a number of the attack plans that caused the most impairment to communications for the least cost.