d3.1 - description of method and data sets for the pan

Deliverable 3.1 46|1

D3.1 - Description of method and data sets for the pan-European inventory of disasters

Grant agreement number: 607078 Date of deliverable: 2014-07-31

Date of project start: 2014-06-01 Date of revision: 2014-10-31

Duration of project: 36 months Deliverable

approved by:

Georg Neubauer (AIT)

Harold Linke (HITEC)

Lead Beneficiary: DLR

Contributing Beneficiaries: AIT, UNIST, PSCE, TCCA, KULeuven, IES, TUG, HITEC

Establish Pan-European Information Space to Enhance seCurity of Citizens


www.episecc.eu

Executive Summary

As the absolute number of hazards and disasters worldwide rises, the improvement of disaster

management becomes an essential research objective. During a disaster, having the right resource available within the shortest time and at the location with the highest relevance, presents a major

factor for success. Therefore communication and the provision of information are essential, and in particular in cross-border situations challenging. The creation of a common Pan-European

information space, which is the aim of the project EPISECC, is one approach for the improvement of disaster management. So, deliverable 3.1 presents the first steps towards the underlying inventory by identifying and defining methods and approaches and developing a first structure of the

inventory. For an efficient collaboration between different entities, also their organization and role in Disaster

Management and Civil Protection Mechanisms has to be taken into account. Disaster Management and civil protection are organized very heterogeneously in different countries or parts of the world.

The European Union provides a Civil Protection Mechanism which can be activated by any country if additional assistance during a disaster situation is required. But due to varying disaster experiences

and legal frameworks the organization and implementation of mechanisms is very heterogeneous when comparing the different member states. An overview of Civil Protection and Disaster

Management within the EU is provided within this report. Not only organization varies but also tools and databases that are used to access and exchange

information on disaster events vary. Therefore, the report presents a first insight, primarily into existing databases for disaster management.

This short survey represents the basis for subsequent identification, definition and further selection of methods and approaches for the development of the underlying inventory. First limitations are defined and a common framework based on the ARIS (Architecture of Integrated Information

Systems) concept is created. It contains the major disaster related domains such as data, tools, processes, organizations, business models and disaster information. Within these domains relevant

categories or fields of information that need to be implemented in the frame of an inventory are identified. Based on these areas and categories a first UML-structure of the inventory is developed.

As deliverable 3.1 presents the foundation for ongoing work, legal and technical requirements for the development and implementation of a database are considered as well.

http://www.episecc.eu/


www.episecc.eu

Table of Content

List of Tables .............................................................................................................................................4

List of Figures ............................................................................................................................................5

List of Acronyms .......................................................................................................................................6

Introduction ..............................................................................................................................................9

Part A ..................................................................................................................................................... 11

1. Introduction of Civil Protection and Disaster Management in Europe ......................................... 11

2. Databases and Tools for Disaster Management – a brief overview ............................................. 15

3. Information-based Approach for the Inventory Development ..................................................... 22

4. Analysis Methodology for the Inventory Development ................................................................ 23

Part B ..................................................................................................................................................... 29

5. Relevant Areas and Fields of Information ..................................................................................... 29

6. Architecture of the Inventory ........................................................................................................ 35

7. Technical Requirements for the Development of an Information System ................................... 37

8. Legal Requirements for the Inventory Development .................................................................... 39

9. Summary and Outlook ................................................................................................................... 41

Bibliography ........................................................................................................................................... 42

Annex ..................................................................................................................................................... 45



www.episecc.eu

List of Tables

Table 1: EU Civil Protection Mechanism - Participating states ............................................................. 12

Table 2: Disaster-related data bases and tools ..................................................................................... 21

Table 3: Fields of Information about 'Business Model' ......................................................................... 29

Table 4: Fields of Information about 'Data' ........................................................................................... 30

Table 5: Fields of Information about 'Process' ...................................................................................... 30

Table 6: List of Emergency Response Processes ................................................................................... 31

Table 7: Fields of Information about 'Organisation'.............................................................................. 31

Table 8: Fields of Information about 'Tool' ........................................................................................... 32

Table 9: Fields of Information about 'Disaster' ..................................................................................... 32

Table 10: Field of Information 'Disaster Category' ................................................................................ 33

Table 11: Field of Information 'Time information' ................................................................................ 33

Table 12: Field of Information 'Spatial Scope' ....................................................................................... 34

Table 13: Field of Information 'Measured Data' ................................................................................... 34

Table 14: Field of Information 'Environment' ....................................................................................... 34

Table 15: Field of Information 'Effect' ................................................................................................... 34

Table 16: Field of Information 'Response Information' ........................................................................ 35



www.episecc.eu

List of Figures

Figure 1: The Emergency Response Coordination Centre ERCC ........................................................... 13

Figure 2: Summary per year of all disaster from EM-DAT database in the area of Europe .................. 16

Figure 3: Website of NatCatService with exemplary reports on natural disasters ............................... 17

Figure 4: List of disasters from GLIDE database with examples of selectors and events ..................... 18

Figure 5: Example of the VirtualOSOCC in GDACS with status report on the flood in Serbia ............... 19

Figure 6: Map and list of disaster inventories from DesInventar .......................................................... 20

Figure 7: Organisational structure for information and data collection and analysis .......................... 25

Figure 8: Analysis framework – basic structure .................................................................................... 27

Figure 9: Analysis framework – assignment of WP tasks ...................................................................... 27

Figure 10: Analysis framework – impact of PPDR management levels and country profiles ............... 28

Figure 11: Basic structure of Inventory ................................................................................................. 36

Figure 12: Network plan ........................................................................................................................ 38

Figure 13: Database access with a SQL firewall .................................................................................... 39



www.episecc.eu

List of Acronyms

Abbreviation Description

ADRC Asian Disaster Reduction Center

ADT Abstract Data Type

ARC Austrian Red Cross

ARIS Architecture of Integrated Information Systems

BIZTEKON Business Technology Economy

BPMN Business Process Model and Notation

CECIS Common Emergency Communication and Information System

CPU Central Processing Unit

CRED Collaborating Centre for Research on the Epidemiology of Disasters

DBMS Database Management System

DesInventar Sistema de Inventario de Desastres

DG ECHO EU Humanitarian Aid and Civil Protection Department

EC European Commission

EM-DAT Emergency Events Database

EMS Emergency Management Systems

ENISA European Union Agency for Network and Information Security

EPISECC Establish Pan-European Information Space to Enhance seCurity of Citizens

ERCC Emergency Response Coordination Centre

ERM Entity Relationship Models

ESRI Environmental Systems Research Institute

EU European Union

EURATOM European Atomic Energy Community

FAO Food and Agriculture organization of the United Nation

FSCC Field Coordination Support Services

GB Gigabyte



www.episecc.eu

GDACS Global Disaster Alert and Coordination System

GeoTIFF Geographic Tagged Image File Format

GIS Geographic Information System

GLIDE Global Identifier

HCNP High Commission for National Protection

HDD Hard Disk

ID Identification

IFRC International Federation of Red Cross and Red Crescent Societies

ISDR UN International Strategy for Disaster Reduction

JSON Java Script Object Notation

KML Keyhole Markup Language

LA RED Network of Social Studies in the Prevention of Disasters in Latin America

Munich RE Munich Reinsurance

NatCat Natural Catastrophes

NUTS Nomenclature of Units for Territorial Statistics

OCHA UN Office for the Coordination of Humanitarian Affairs

OFDA Office of U.S. Foreign Disaster Assistance

ORDBMS object-relational database management system

PPDR Public Protection and Disaster Relief

PSCE Public safety Communication Europe

RAID redundant array of inexpensive disks

RAM Random Access Memory

RDBMS Relational Database Management System

REDIRNET Emergency Responder Data Interoperability Network

RSS Really Simple Syndication

SecInCoRe Secure Dynamic Cloud for Information, Communication and Resource

Interoperability based on Pan-European Disaster Inventory

SQL Structured Query Language

STOF Service Technology Organization Finance



www.episecc.eu

Swiss RE Swiss Reinsurance

TAMOS Tawes Modeling System

TB Terabytes

TCCA TETRA and Critical Communications Association

TETRA Terrestrial Trunked Radio

TFEU Treaty on the Functioning of the European Union

UK United Kingdom

UML Unified Modeling Language

UN United Nation

UNDP United Nations Development Programme

UNISDR United Nations Office for Disaster Risk Reduction

UPS Uninterruptible Power Supply

USA United States of America

USAID United States for International Development

WHO World Health Organisation

WMO World Meteorological Organization

WP Work package



www.episecc.eu

Introduction

This report presents Deliverable D3.1 of the EC Project EPISECC – Establish Pan-European Information

Space to Enhance seCurity of Citizens. The deliverable provides the description of method and data sets for the pan-European inventory of disasters. The deliverable also defines the basic architecture

of the Pan-European inventory. Within the report the findings of the working package 3, task 3.1, titled “Architecture of inventory” are summarized. It should be seen as an intermediate output,

which will be further elaborated later in the project.

The aim of EPISECC is to improve the collaboration and the interoperability of first responders and the police authorities in large scale disaster situations through the definition and validation of a

concept for a common information space. Therefore a pan-European inventory of past critical events/disasters and their consequences focusing on the performance of processes, the data

exchange and the organisational boundaries will be built up. Based on this work a concept of a common information space including appropriate semantic definitions by taxonomies and/or

ontologies will be developed. The analysis of existing concepts of interoperability from different domains as basis for the concept of a common information space applies to the identification of new

possible emergency and crisis management models. The validation of this common information space architecture and a suggestion of new Emergency and Crisis Management Models will

summarise the project work. This new system will enable access to necessary information, communication with other rescuers and stakeholders as well as the availability of resources which

are key factors in case of a disaster. So this system will contribute to minimizing damage and loss of life.

The EPISECC project is funded by the European Union’s Seventh Framework Programme for research, technological development and demonstration under grant agreement no 607078, [sec-2013.5.1-1].

To have a common understanding on the different meanings of disaster, critical event and response

within the project, the following definitions of the United Nations Office for Disaster Reduction (UNISDR) terminology are agreed by the consortium and will be used during the course of the project

[1].

• Disaster means any situation which has or may have a severe impact on people, the

environment, or property, including cultural heritage", from Decision No 1313/2013/EU Article 4.1.

• Critical event has the same meaning as a disaster, but could also be considered as a situation which straightforwardly leads to a disaster.

• Response means any action taken upon request for assistance under the Union Mechanism in

the event of an imminent disaster, or during or after a disaster, to address its immediate adverse consequences", from Decision No 1313/2013/EU Article 4.1.

Within the project disaster and critical event are used as synonyms. Please find further definitions of relevant terms in the annex.



www.episecc.eu

This deliverable report is divided into two parts, A and B, and covers nine chapters. The first part of

the report focusses on possible approaches and methodologies for investigating and developing the inventory. Whereas the second part of the report focuses on the identification of relevant areas of

investigation, their interdependencies and fields of information and the description of a basic structure of the inventory.

In detail, the first chapter of the report reflects civil protection and disaster management in Europe, in particular the EU civil protection mechanism. Chapter 2 briefly describes the current state of the

art of already existing data bases and tools for disaster management and their possible application within EPISECC. These first two chapters will not replace the state of the art reports of work package

2, D2.1 or D.2.2. Rather parts of Deliverable 3.1 in addition with D2.1 will give a unified status quo of the European Disaster management processes, organization, tools and so on. Chapter 3 and 4

describe approaches for the inventory development. Chapter 3 focuses on the information-based approach of inventory development whereas in chapter 4 different methodical approaches are explained, the preferred methodology is specified and a framework is developed. Based on the

developed framework chapter 5 in the beginning of Part B identifies areas of investigation and fields of information which are implemented into a first basic inventory structure within chapter 6.

Chapters 7 and 8 present technical and legal requirements for the pan-European information system. The report is closing with a brief summary and an outlook of the next steps to realise this pan-

European inventory.



www.episecc.eu

Part A

1. Introduction of Civil Protection and Disaster Management in Europe

The following section discusses the European Civil Protection Mechanism and disaster management

practices in Europe. First, the overview discusses legal basis of the European Civil Protection Mechanism and then it presents its accompanying instruments.

Legal basis for the EU Civil Protection Mechanism

The EU capacity to develop policies in various domains is limited to the competences conferred by

the Member States upon the founding treaties; the field of civil protection is not an exception. The EU, as set forth in Article 6 of the Treaty on the Functioning of the European Union (TFEU) has so

called “supporting competences” in the civil protection matters; the EU can only intervene to support, coordinate or complement actions of Member States [2]. Several EU initiatives related to

the Member State cooperation in the civil protection area date back to the 80’s, however the EU Civil Protection Mechanism, which provides integrated coordination in the field of disaster response, was

launched only in 2001. As of the enforcement of the Lisbon Treaty (2009), a new legal basis (i.e., Article 196 of the TFEU) encouraging Member States cooperation in the civil protection matters has

been introduced.

According to Article 196 of the TFEU, the EU will support and complement Member States actions

undertaken on national, regional and local levels related to the field of civil protection [3]. The EU will also “promote swift, effective operational cooperation within the Union between national civil-protection services” and “promote consistency in international civil-protection work” [3]. This article

also foresees that the European Parliament and the Council, within the competences of the EU, will adopt measures necessary to promote Member States cooperation [4].

Article 196 of the TFEU should be read together with the solidarity clause, introduced in Article 222 of the TFEU. The solidarity clause provides that in case of natural or man-made disasters Member

States “shall act jointly in a spirit of solidarity” [5]. The wording of this article is somewhat vague, however, it does not set any limits as to the implementation of the provision under different

circumstances.

The EU Civil Protection Regulation

The foundational provisions of the EU treaties are further specified in the following legal acts, namely, Council Decision (2001/792/EC, Euratom) of 23 October 2001 establishing a Community

mechanism to facilitate reinforced cooperation in civil protection assistance interventions, recast by Council Decision (2007/779/EC, Euratom) of 8 November 2007 establishing a Community Civil

Protection Mechanism and Council Decision establishing a Civil Protection Financial Instrument (2007/162/EC, Euratom) [6]. Additionally, three Commission Decisions have been issued after the

adoption of these two main pillars of civil protection legislation, each of them having a specific purpose within the meaning of the Council Decisions. One of these Decisions (2007/606/EC,



www.episecc.eu

Euratom) deals with laying down implementing rules for transport; the other two (2008/73/EC,

Euratom and 2010/481/EU, Euratom) provide for the implementation of the modules concept. This legal framework has been revised and further improved by Decision No 1313/2013/EU of the

European Parliament and of the Council on a Union Civil Protection Mechanism and Regulation No 375/2014 of the European Parliament and the Council on establishing the European Voluntary

Humanitarian Aid Corps (‘EU Aid Volunteers initiative’).

The Community Civil Protection Mechanism and the Civil Protection Financial Instrument together

cover three of the main aspects of the disaster management cycle – prevention, preparedness and response. The Mechanism itself covers response and some preparedness actions, whereas the

Financial Instrument enables actions in all three fields.

In addition to legislation specifying foundational provisions and implementing rules, a number of

council conclusions, parliament resolutions and other policy documents provide suggestions as to the future work in the field of civil protection. In particular, the European Commission Communications “Reinforcing the Union's Disaster Response Capacity” and “Strengthening Early Warning Systems in

Europe” lay further ground and guidance as to the key priorities of the EU Civil Protection Mechanism.

The scope of the EU Civil Protection Mechanism

The EU Civil Protection Mechanism (Mechanism) is composed of 31 participating states (compare Table 1). This mechanism can be triggered upon the assistance request of a Member State or a third

country. The main objective of the mechanism is to facilitate cooperation in civil protection assistance interventions in the event of emergencies requiring urgent response actions.

Table 1: EU Civil Protection Mechanism - Participating states

28 EU Member States Other participating States

Austria Estonia Italy Portugal Iceland

Belgium France Latvia Romania Norway

Bulgaria Finland Lithuania Slovakia former Yugoslav Republic of Macedonia

Croatia Germany Luxembourg Slovenia

Cyprus Greece Malta Spain

Czech Republic Hungary Netherlands Sweden

Denmark Ireland Poland United Kingdom

The tools of the EU Civil Protection Mechanism

The EU Civil Protection has a number of tools that facilitate both adequate preparedness as well as

effective response to disasters within and outside the EU.



www.episecc.eu

Emergency Response Coordination Centre (ERCC)

The ERCC is the operational heart of the Mechanism. It is operated by the Directorate-General for Humanitarian Aid and Civil Protection (DG ECHO) of the European Commission and is accessible 24

hours a day [7]. It gives countries access to a platform, to a one-stop-shop of civil protection means available amongst the participating states. However, it should be noted that any country inside or

outside the Union affected by a major disaster can request for assistance through the ERCC. The ERCC acts as a communication hub at the DG ECHO headquarters level among the participating

states, the affected country, and dispatched field experts. The ERCC also provides participating countries with useful and updated information on the actual status of an ongoing emergency. Finally,

the ERCC coordinates available resources to meet the needs of a country stricken by a disaster.

Figure 1: The Emergency Response Coordination Centre ERCC

Common Emergency and Information System (CECIS)

The CECIS is a reliable web-based alert and notification application created with the intention of

facilitating emergency communication among the participating states [8]. It provides an integrated platform to send and receive alerts, details of assistance required, to make offers of help and to view

the development of the ongoing emergency as they happen in an online logbook.

Training Programme

A training programme has also been set up with a view to improving the co-ordination of civil protection assistance interventions by ensuring compatibility and complementarity between the

intervention teams from the participating states [8]. It also enhances the skills of experts involved in civil protection assistance operations through the sharing of best practices. This programme involves

training courses, the organisation of joint exercises and a system of exchange of experts of the participating states.

Civil protection modules

Civil protection modules are made of national resources from one or more Member States on a

voluntary basis [8]. They constitute a contribution to the civil protection rapid response capability called for by the European Council in the Conclusions in June 2005 and by the European parliament in its Resolution of January 2005 on the tsunami disaster. Thirteen civil protection modules have been

identified by the Commission together with Member States [9], [10].

ERCC

Disaster-stricken country

Civil protection contact points



www.episecc.eu

As mentioned above, the Mechanism can be activated by any participating state or a third country

seeking prompt international assistance following a disaster that overwhelms national civil protection capacities.

As soon as a request for assistance is received, it can be viewed by all participating states via CECIS. The national contact points then assess their available resources and inform the ERCC whether or not

they are in a position to help. The ERCC then liaises between the offering and the requesting country to ensure the prompt delivery of the accepted assistance.

Activation of the Mechanism

As the use of the Mechanism is not restricted to interventions within the EU, any third country

affected by a disaster can also make an appeal for assistance through the ERCC. Following a formal request for assistance from a third country, different procedures are applied for the activation of the

Mechanism. In such cases, the European Commission needs to consult the Presidency of the Council so as to determine the course of action it needs to take. For instance, if an emergency takes place in

an area affected by conflict or civil unrest, the Council through the Presidency may declare it to fall under the so called crisis management provisions (Chapter V of the Treaty of EU). In this case, the

Council plays a leading role in co-ordinating the EU response. If it is not deemed a crisis management situation, the ERCC follows its general operating rules.

Dispatching assistance

Arrangements for the dispatch of the accepted assistance (delivery, transport, visa requirements,

customs, etc.) are made directly between the offering and requesting states. If required, the ERCC may play a facilitating role. Any intervention teams or assistance sent from the EU to a disaster area

remains under the direction of the national authorities of the affected country, which has the right to ask European teams to step down at any time. European teams are subject and should operate in

conformity with national rules and procedures of the affected country.

To facilitate the technical co-ordination of the EU Civil Protection mechanism, a small team of experts

can be dispatched on a site by the ERCC. This team will ensure effective liaison with local authorities and any other relevant actors in order to integrate European civil protection assistance into the overall disaster relief effort and facilitate the work of European teams on the ground. Moreover, as

they continue to monitor the emergency and assess its development, they can keep the ERCC headquarters updated.

Co-ordination with other actors

Mechanism interventions in third countries, particularly in the developing world, are usually conducted in close collaboration with other actors, such as the UN Office for the Coordination of Humanitarian Affairs (OCHA), Humanitarian Aid and the Red Cross when these are present on the

ground.

Emergencies

Since its establishment in 2001, the Mechanism has been activated for over 180 times, for very

different types of disasters [8]. Major disasters requested assistance including the Tsunami in South Asia (2004/2005); Hurricanes Katrina and Rita in the USA (2005); earthquakes in China (2008), Haiti



www.episecc.eu

(2010), Japan (2011); floods in the Balkans (2010); forest fires in Greece (2007, 2012); civil unrest in

Libya (2011); and explosion at a naval base in Cyprus (2011); in 2013 the Mechanism was activated 35 times. The biggest deployment of teams and assistance of 2013 focused on the response to the

typhoon Haiyan in the Philippines.

A brief overview on how often the European Community Civil Protection Mechanism was activated

within the last five years (01.01.2007 – 31.12.2012) in Europe is presented in the following:

In 2007 the European Community Civil Protection Mechanism was activated in the European area 18-

times. This was caused by forest fires and two oil spills. Mostly the south and south east part of Europe, like Greece, Cyprus, Bulgaria, Albania and Italy, was affected. 15 times the European

Community Civil Protection Mechanism was activated in 2008. The main causes of this activity were 5 forest fires, 4 floods, 3 extreme weather conditions and two earthquakes. The year 2009 was

characterized by 18 activities, of which were alone 10 forest fires in the southern countries of Europe. In 2010 the EU Civil Protection Mechanism was activated 19 times. The mostly occurring disasters in 2010 were floods (9 times) and forest fires (4 times). In 2010 mostly the southern

countries were affected. Only 8 times the European Community Civil Protection Mechanism was activated in 2011. Forest fires (4) and floods (2) remained the usual cause to trigger the activation of

the EU Civil Protection Mechanism. In 2012 the European Community Civil Protection Mechanism was activated 22 times. EU Member States requested assistances as a result of forest fires (9), floods

(4), earthquakes (3), extreme weather conditions (5), and a marine pollution. It can be observed that the mechanism is mostly triggered by the countries located in the southern part of Europe.

Conclusion

The EU Civil Protection Mechanism is an illustrative example proving the added value of EU-

coordinated action in a response to disaster situations, when national competence and responsibility to provide a disaster response remains unchallenged. So, in disaster situations national disaster

management may have to be coordinated with cross-border disaster response. But as disaster management within the European Union is organised, applied and executed very heterogeneously

and organisations, processes and authorities differ between the member states, a coordination action requires numerous information and effort. These required information for the coordination of

national and cross-border disaster management, in particular when the EU Civil Protection Mechanism is activated, will be considered within the common information space that will be

created during this project. An overview of where disaster management information as a basis for the inventory could be requested and which ‘information systems’ already exist will be presented

briefly in the following section.

2. Databases and Tools for Disaster Management – a brief overview

To allow the integration of existing data collection for disasters as well as tools and procedures for

first response, the state of the art and data models of existing data storages are investigated at a first stage to ensure compatibility with the future EPISECC data model and also that user requirements

can be fulfilled based on the stored data. A further, more detailed analysis of the state of the art will be covered in work package 2.



www.episecc.eu

From previous projects as well as organizations that are responsible for disaster management already

a multitude of databases are provided to store disaster data. The list of databases presented here covers those that are currently most interesting for the EPISECC project and cover the domain of

disaster data as well as tools and procedures and should give a good impression of the state of the art and commonly used data models in this area. But due to the vast amount of already existing data

stores, this list is not exhaustive, further ones that come to our attention during the progress of this project will be evaluated and if suitable also considered and integrated in EPISECC.

EM-DAT (Emergency Events Database)

EM-DAT is a database on the occurrence and immediate effects of all disasters (natural and

technological), that was created with the initial support of the WHO and the Belgian Government (see Figure 2). Its events database has been maintained since 1988 by the WHO Collaborating Centre

for Research on the Epidemiology of Disasters (CRED).

Figure 2: Summary per year of all disaster from EM-DAT database in the area of Europe

The main objective of the database is to serve the purposes of humanitarian action at national and

international levels. It is an initiative aimed to rationalize decision making for disaster preparedness, as well as providing an objective base for vulnerability assessment and priority setting. EM-DAT

contains essential core data on the occurrence and effects of over 18,000 mass disasters in the world from 1900 to present. The database is compiled from various sources, including UN agencies, non-

governmental organizations, insurance companies, research institutes and press agencies [11].

At the time of analysis the access was limited due to maintenance work and only a summary of all

disasters per year, amongst others presenting the total number of deaths and injured (cp. Figure 2), could be accessed. A more detailed list with information on each separate disaster was not available.

Since references on EM-DAT can also be found in other data sources (e.g. unique identifier for



www.episecc.eu

disasters according to EM-DAT) and the collection of disasters in the EM-DAT store seems to be very

extensive we consider it as a valuable data source for integration as soon as a more detailed access would be possible.

NatCatSERVICE (Natural Catastrophes SERVICE)

NatCatSERVICE was created by the insurance company Munich RE as a comprehensive natural catastrophe loss database containing more than 30,000 data records on natural disaster events. An average of 1,000 events are recorded and analyzed every year. The information collected can be

used to document and perform risk and trend analyses on the extent and intensity of individual natural hazard events in various parts of the world. A selection of analyses can be accessed at their

website, where they present annual statistics from 2004 onwards, informative maps and comprehensive basic knowledge [12].

Figure 3: Website of NatCatService with exemplary reports on natural disasters

The list of disasters that can be accessed directly via NatCatService is focused on most extreme events and thus not very extensive and is provided as PDF files, which complicates integration into a

database. But compared to other data stores, this data store is more focused on economic impacts of disasters or emergencies. But also methodological work (e.g. data model and categorization of

disasters) of Munich RE together with other stakeholders that is published here could provide valuable input to EPISECC in the development of a data model.

GLIDE (GLobal IDEntifier)

The main objectives of GLIDE is to provide an extensive access to disaster information at one place as

well as a globally common Unique ID code for disasters, that consists of an code for the event type (e.g. FL for flood), followed by year, a sequential number and the ISO country code for the country of

occurrence. In 2004 the GLIDE data store and a generator for unique identifier for disaster events was set up by the Asian Disaster Reduction Center (ADRC) in cooperation with the Centre for



www.episecc.eu

Research on the Epidemiology of Disasters (CRED), the University of Leuven, OCHA/ReliefWeb,

OCHA/FSCC, ISDR, UNDP, WMO, IFRC, OFDA-USAID, FAO, LA RED and the World Bank, covering disaster events since 2000 [13].

Figure 4: List of disasters from GLIDE database with examples of selectors and events

For events that are stored by EM-DAT the respective identifier is given for reference between both

data stores, but also further disasters that do not fall under the EM-DAT criteria are stored in GLIDE. In addition to a lists of disaster events GLIDE can also generate summaries of disasters, e.g. by type,

country or year and also provides export of data sets in charts, tabular reports or statistics. Aside from good usability this could facilitate the integration of these data into an EPISECC data inventory.

GDACS (Global Disaster Alert and Coordination System)

GDACS was created by the United Nations and the European Commission as a cooperation

framework between disaster managers and disaster information systems worldwide and aims at filling the information and coordination gap in the first phase after major disasters. It provides real-

time access to web‐based disaster information systems and related coordination tools. At annual



www.episecc.eu

GDACS stakeholders meetings standards for information exchange and a strategy for further

development of its tools and services are discussed [14].

While the previous databases are focused on disasters only, the goal of GDACS is also to provide

tools to improve alerts, information exchange and coordination in the first phase after disasters, e.g. via the real-time coordination platform “VirtualOSOCC” (cp. Figure 5) [15]. While access is strictly

restricted to disaster managers, examples of latest disaster reports show the scope of GDACS, covering detailed information on the event, international relief teams, analysis of the situation and

recommendations on immediate actions. A detailed analysis of GDACS will be provided within work package 2.

Figure 5: Example of the VirtualOSOCC in GDACS with status report on the flood in Serbia

DesInventar (Sistema de Inventario de Desastres - Disaster Inventory system)

DesInventar is a conceptual and methodological tool for the construction of databases of loss, damage, or effects caused by emergencies or disasters. It is focused on small and medium scale

disasters and based on a common conceptual and methodological framework developed since 1994 by researchers and institutional actors linked to the Network of Social Studies in the Prevention of

Disasters in Latin America (LA RED). The DesInventar framework includes the following components:

• Methodology (definitions and help in the management of data)

• A Database with flexible structure • Software to input, filter and access data from the database



www.episecc.eu

Figure 6: Map and list of disaster inventories from DesInventar

From the website of DesInventar [16] multiple local databases can be selected (cp. Figure 6), each covering one country and most of them in Latin America, but also databases for Algeria, Mali, India,

Sri Lanka, Nepal, Iran and Vanuatu. Especially on the topic of disasters already many collections of data exist, which are commonly used and also referenced containing all of the disasters since at least

the year 2000. Other sources are focused on special disasters or from specific perspectives (e.g. insurances). From given examples data structures on disasters in EPISECC can be derived easily. For

the integration of disaster data, unique identifiers on disasters that are used in these collections (also for reference between different data stores) should be included in the EPISECC data on disasters.

Data on tools for first response is not very common due to a separated and heterogeneous market with many stakeholders in this area. There seem no standards to be used by different tools so far. As

an example GDACS (especially VirtualOSOCC) can be used as reference on data and information exchange between first responders.

The following Table 2 describes the analysed data collections by a few common key figures that can be used to characterize these in terms of usefulness for different application scenarios like overview

on the topic, creation of a data model and integration of data on disaster events into EPISECC.



www.episecc.eu

Table 2: Disaster-related data bases and tools

Org

anis

atio

n

Con

tent

Dis

aste

rs

spat

ial r

esol

utio

n

tem

pora

l res

olut

ion

diffe

rent

iatio

n by

dis

aste

r typ

e

cont

ains

nat

ural

/ m

an-m

ade

disa

ster

s

cont

ains

als

o da

ta fr

om E

urop

e

#affe

cted

cost

s €/

$

cont

ains

con

tent

abo

ut T

ools

/Pro

cedu

res

data

form

at /

stru

ctur

ed d

ata

Com

men

ts

EM-DAT / CRED

list per year / summary of all disasters

continent year no -/- yes summary summary no csv (export) / yes

some queries are blocked, maybe more detailed data w ith direct access

NatCatService / Munich RE

map for 2013 / 10 most extreme disasters per disaster type (not complete list)

map year (yes) (yes) / no (yes) casualities per disaster no PDF / yes original format: PDFs

GLIDE / ADRA w orld-w ide list / unique identif ier for each disaster

country day yes yes / yes yes / / no w eb table / yes

good usability, more detailed information as plain text, reports can be converted easily into csv/Excel format

DesInventar / La Red

links to local disaster inventories

(region) (year) (yes) no (yes) (yes) no Unknow n (no access)

usability very low , linked disaster inventories are not w orking, guess about functionality and content from user interface



www.episecc.eu

The previous section provides a first insight into existing databases and tools and a possible

application within the project. It will present one basis for methods and approaches described in the following sections. At a later point of the project, after a more detailed analysis undertaken in work

package 2, some of the mentioned databases and tools will provide necessary data for the development of the database which will also be integrated.

3. Information-based Approach for the Inventory Development

The development of the inventory follows an evolutionary approach, since not all surveys are done and not every requirement is clear at this early stage of the project. The evolutionary database

development has the advantage that developing can be started right away and iterations can be done when changes of the requirements occur.

The evolutionary database development techniques are as follows:

1. Database refactoring. Evolve an existing database schema a small bit at a time to improve the

quality of its design without changing its semantics. 2. Evolutionary data modelling. Model the data aspects of a system iteratively and incrementally,

just like all other aspects of a system, to ensure that the database schema evolves in step with the application code.

3. Database regression testing. Ensure that the database schema actually works. 4. Configuration management of database artifact. Your data models, database tests, test data,

and so on are important project artifact that should be managed just like any other artifact.

5. Developer sandboxes. Developers need their own working environments in which they can modify the portion of the system that they are building and get it working before they integrate

their work with that of their teammates [17].

We will use an object-relational database management system (ORDBMS), which is an extended

development of existing relational database system. To overcome the certain limitations and to increase the performance level, and to achieve the benefits of relational model and object model,

ORDBMS technology evolved by combining the relational databases and object oriented concepts.

We can incorporate our custom data types, functions, operators and methods with the database and

we can store images, geographical information and multimedia objects such as audio and video, it allows us to raise the level of abstraction at which we want to view the problem domain. In ORDBMS

limited support of object-oriented features, mostly to new data types, is provided. Moreover, it supports abstract data types (ADTs) and complex relationships.

ORDBMSs have the same query centric approach to data management as we have in RDBMS. Through declarative SQL (Structured Query Language) statements, we can handle the data access

and there is no procedural or object-at-a-time, navigational interface.

PostgreSQL with PostGIS extension will be used ass ORDBMS, in order to have a simple and common picture of the real world and to make the software development easier, by providing object-oriented

data-structures. Furthermore the PostGIS extension adds support for geographic objects to the



www.episecc.eu

database. There are several import and export features included, which opens a wide range of

possibilities for the data acquisition (e.g. ESRI-shapefile, KML, GeoTIFF, GeoJSON) [18].

The Design will be done in UML 2 (Unified Modeling Language) with Enterprise Architect [19].

Input from other Databases

The EPISECC inventory might need input data from already existing databases, therefore a first approach for interfaces and other applications for data transfer has to be developed. The main input interface to the database will be via the SQL which is provided by all common Database Management

Systems (DBMS), and so it builds the basis for data exchange between different DBMS. Access to the database will be restricted through the rights management.

Based on the SQL-interface, further applications for the data input are planned:

• A web-site based input mask for the manual input auf existing and new data,

• different web service interfaces to make an automatic import possible and • RSS Feed Parser which after the review of a moderator allows the import of online data and new

events.

The information-based approach presented within this section is one approach that needs to be

described for the inventory development. Furthermore, the method for investigation and analysis has to be discussed and determined as well.

4. Analysis Methodology for the Inventory Development

This section gives a basis for survey and analysis methodology that will be applied during inventory development. The objective of the Inventory is to support a development of a common

understanding of the post-disaster situation, and the main users are strategic and tactical management levels of first responders and police forces. The decision makers should gain a better

insight of the management and business models of the first responders, not only in the neighbouring countries but also in Pan-European space, develop better understandings of European first response

mechanisms and bridging the gaps. The inventory shall be also useful for other stakeholders like international organisations, governmental organisations and bodies, European organisations, non-governmental organisations, researchers, law makers, etc.. One major user who will be addressed is

the European Emergency Response Coordination Centre (ERCC). From the project's perspective, the inventory shall serve for a development of the taxonomy and ontology model for a specific use case

(WP 4), as well as for creation of common information space (WP 5).

Since the methodology will be fully elaborated within WP 2 and WP 3, herein criteria and guides for

the development of the relevant survey methodology are defined. In order to avoid misinterpretation, a terminology with definitions of relevant terms was conducted and will be

elaborated during the preparation for the survey. A survey should cover pan-European space (31 countries) and will go beyond taking into account international organisations. To make survey as

efficacious as possible the following criteria will be considered for the evaluation of the methodology: survey units, types and amounts of disasters/critical events, combination of first

responders, information sources and acquisition.



www.episecc.eu

In this context, a term survey units is related to the division of the pan-European space into

geographical or thematic based units to make survey more efficient. After revising various aspects, the following approaches have been selected:

• a country driven approach, covering not only partners' countries, but also other countries that partners linked to the users (PSCE, TCCA) are able to cover;

• a disaster/critical event driven approach, covering the most significant disasters/critical events based on the defined criteria (number of casualties/fatalities/economic losses, origin, affected

area, etc.); • a combination of the above mentioned approaches.

• During the conduction of the survey the most feasible approach will be followed.

Regarding the mechanism the survey strategy being developed within WP2 and WP3 shall analyse

the mechanisms during:

• cross-border disasters, • national disasters with EU and/or international assistance,

• specifically disasters where the EU civil protection mechanism was activated, • national disasters without assistance from outside.

Since the objective of the project is the development of a pan-European information space that helps to improve the first response for mainly cross-border disasters, the survey will focus on cross-border

disasters as well as disasters with international or EU assistance. National disasters will be included if the scope and impact covered a specific size and adds additional benefit. In general isolated smaller

incidents will be covered but only in the context of a big disaster, being cascading incidents or events.

Concerning the origin, all disasters will be taken into account. So basically, the survey will go through

natural disasters and man-made disasters. Further disaster analysis, specification and classification will be provided in detail in the Task 3.2.

The selection of first responders that will be considered for analysis shall be coordinated with users' needs and expectations from the project. For the purposes of the EPISECC use case, the survey will

try to find critical events which involve as many first responders and agencies as possible and necessary, with significant physical, syntactic and semantic interoperability.

Information gathering is planned as a two-step approach. Firstly, desk research within the specified

areas will be conducted. For example data for the organizational view (organizational charts) can be gathered based on existing material available from Vademecum [20]. Further desk research

concerning disasters and its additional information will be conducted. Here the mentioned databases of section 3 will be consulted. The survey will review all existing resources to get information and

data. Section 3 gives an overview of the existing databases and services providing information on civil protection mechanism. Secondly, for information, that is not publicly available, representatives of

organizations need to be contacted and interviewed personally. This is especially true for data gathering for processes and standards and more detailed information on events, since documents

about internal processes are hardly available to the public. A questionnaire will be developed to harmonize gathered information and simplify the data analysis and completion of the inventory.



www.episecc.eu

Furthermore, cooperation with projects funded within the same call will be fostered (REDIRNET and

SecInCoRe).

Organisationally, the information and data collection and analysis will be performed as follows (cp.

Figure 7):

• strategic and tactical levels of PPDR management in WP 2,

• operational level of PPDR management in WP 3, • whereas WP 2 covers the data collection concerning Tools and Standards, Data and Processes

and WP 3 basically focuses on the collection of disaster-related information. More details will be provided within Task 2.1.

Figure 7: Organisational structure for information and data collection and analysis

Since the inventory shall serve to WP 5 for development of a common information space, for the

analysis framework an approach for information system development has been chosen. The analysis framework for WP 2 and WP 3 is structured as depicted in Figure 7. A disaster event is managed by

PPDR organizations using business models. PPDR management tools are used to master disaster events. A disaster management organization is based on a static organizational structure and

executes processes to overcome a disaster event. Tools are used to support managing the system and influence the efficiency of the processes. Processes are a set of actions, executed by

organizational entities, aiming for a certain result. They can be structured into: internal communication, coordination, resources management, interaction with citizens, command and control, communication with other entities, interoperability actions. Processes take data from data

storage or in situ measurements (sensors, devices or human observations) transform them and store into a database. In the context disaster/emergency management, the investigation shall be focused

on procedures, services and actions undertaken during the response timeframe.

As mentioned above PPDR managements are complex systems having static organizational structure

but, at the same time, they define and execute processes, create and exchange data, use IT-tools,



www.episecc.eu

which follow specific business models. The disaster presents the basement for the use case of PPDR

management. Therefore, tools to be used to analyse such organizations need to:

• cover all aspects that need to be explored,

• describe these aspects to an adequate level of detail, • but they should still be easily understandable.

Respecting the above mentioned criteria the most relevant existing frameworks have been analysed, such as: BIZTEKON [21], STOF [22] for business view, ARIS [23] as a general framework and standard

modelling concepts (Unified Modelling Language, Business Process Modelling Notation, etc.). An approach based on a concept called “Architecture of Integrated Information Systems” (ARIS) has

been chosen. Other tools, such as BIZTEKON or STOF, are perfect for analysis for a specific view (e.g. business view), but do not support a comprehensive evaluation, as ARIS does.

ARIS provides a framework that enables us to cover all aspects of our proposed analysis by introducing different views on the organization. For each view specific modelling tools and analysis concepts can be applied to describe aspects on an adequate level of detail. This modular approach

enables holistic analysis of PPDR management organizations and, at the same time, the needed level of detail at each area. As far as possible standard modelling tools (UML, BPMN, etc.) will be used

within each area to facilitate communication based on a common knowledge.

The ARIS concept was originally developed for describing information systems and their integration

into business environments. The concept has been adapted to fulfil WP 2’s needs. The proposed framework facilitates holistic analysis of PPDR Management tools or so called Emergency

Management Systems (EMS) by structuring analysis into four main areas:

• Organization: This view analyses the structure of the organization, the information system is

embedded into. The structure of organizations can be modelled with organizational charts representing organizational units and their interrelations.

• Data: This view analyses data that is processed within EMS and exchanged with other EMS. Analysis in this area can be based on Entity Relationship Models (ERM) or similar toolsets (UML).

• Processes, Standards, Best Practices: This view analyses processes, standards and best practices of EMS organizations and their relation to the EMS investigated.

• Business Models: This view analyses the business models of PPDR organisations. The analysis of

business models can be based on a business model analysis framework from Graz University of Technology including a Value Network Analysis tool [24].

• Tools: This view analyses software tools used by PPDR organizations for emergency management. Analysis of PPDR management tools will be based on the analysis framework

which will be described in the deliverable 2.1.



www.episecc.eu

Figure 8: Analysis framework – basic structure

The analysis framework described above will be used in WP 2 and WP 3. Figure 9 provides an overview of the assignment of WP tasks to each analysis area.

Figure 9: Analysis framework – assignment of WP tasks

As depicted in Figure 10, the analysis framework will be applied on various European countries taking

PPDR management levels (operational, tactical, strategic) into account. Furthermore events/disasters analysis will lay the ground for planned analysis.

Business Model

Data Processes, Standards

Tools

e.g. Organizational

Charts

e.g. Business ProcessModeling Notation

(BPMN)

EPISECC analysisframework for tools

e.g. UML, Entity Relationship Models

(ERM)

Organisation

e.g. Value Network Analysis

Business Model


Tools

Task 3.4

Task 2.2Task 3.2, 3.3

Task 2.1Task 3.3

Task 2.1, 2.2Task 3.2, 3.3

Organisation

Task 2.2Task 3.3



www.episecc.eu

Figure 10: Analysis framework – impact of PPDR management levels and country profiles

The presented method and framework will serve as foundation for WP 2 and WP 3. Besides, it presents the basis for the identification for the relevant areas and its fields of information which is

covered in Part B.

Disaster

Strategic level

Tactical level

Operational level

Organisation


ToolsBusiness Models

Organisation


ToolsBusiness Models

Business Model


ToolsOrganisation

Country ACountry B

Country C



www.episecc.eu

Part B

5. Relevant Areas and Fields of Information

Based on the described framework, the developed inventory will contain various fields of

information. The columns within the framework (data, processes, organisations and tools) as well as the business models and the disaster present the identified and defined areas of investigation.

Within these areas specific fields of information (descriptors) have to be determined in order to develop the inventory and data base. In the following the fields of information for each area will be

presented. It displays an evolving structure which is not final as it also depends on the data that can be gathered.

The area business model will contain among others the fields of information presented below.

Table 3: Fields of Information about 'Business Model'

Business Model

Nam

e

Busin

ess M

odel

ID

Desc

riptio

n

Proc

ess R

elat

ion

Tool

Even

t

Lega

l Bas

is

Term

inol

ogy

Org

anisa

tion

ID

Proc

ess I

D

Tool

ID

Even

t ID

Data

ID

• Internal communication

• Coordination • Resource

management

• Interactions with citizens

• Command and control

• Interoperability model

• Financing • …

A business model is a set of interconnected processes, which are modelled for: e.g. internal

communication, coordination, resources management, interaction with citizens, command and control, communication with other entities, interoperability model, service performance

(outsourced, in house) or financing.

Fields of Information of descriptors can be its name, a description (purpose, framework, architecture), relationships to processes it consist of and its legal basis. Again, it also links to

organisations, tools, processes, events and data.



www.episecc.eu

The fields of information follow the description of the areas within the ARIS framework. In addition,

PPDR management is a complex system which needs to be linked to processes, exchanged data, organisation, used tools and the event and vice versa. The linkage demands the introduction of IDs

within the particular areas.

The area data can cover the fields of information shown in Table 4. Within the data area it should be

distinguished between the syntactical data exchange as well as the physical data exchange. The syntactical data exchange focuses on the type of data, the format, semantic structure, protocol and

in which PPDR phase it is applied. The physical exchange focuses on the infrastructure which can be public or dedicated.

Table 4: Fields of Information about 'Data'

Data

Nam

e

Data

ID

Synt

actic

al

Exch

ange

Phys

ical

Exc

hang

e

Stor

age

Conf

iden

tial

Tool

ID

Org

anisa

tion

ID

Busin

ess M

odel

ID

Proc

ess I

D

Even

t ID

Type

Form

at/ S

tand

ard

Sem

antic

Str

uctu

re

Exch

ange

Pro

toco

l

PPDR

Pha

se

Infr

astr

uctu

re

• Message • Organisational • Geographical

• Public • Dedicated

… The area processes contains the present fields of information below.

Table 5: Fields of Information about 'Process'

Process

Nam

e

Proc

ess I

D

Star

t tim

e

End

time

Desc

riptio

n

Actio

ns

Even

t ID

Org

anisa

tion

ID

Busin

ess M

odel

ID

Data

ID

Tool

ID

Containment and control of disasters

Medical assistance Public order and traffic management

Taking care of population

… Organization- and disaster-related processes can be defined, described and eventually linked to a specific organization, the business model used, data and applied tools. A first definition for processes



www.episecc.eu

for first response during disasters at a national level in the Netherlands was conducted by the TU

Delft [25]. This process standardization could be applied and developed further for disasters at an international level, respective covering a broader range of organizations involved. Table 6 shows the

current list based on disaster management in the Netherlands.

Table 6: List of Emergency Response Processes

List of Emergency Response Processes [25] Containment and control of the disaster and its effects Responsible: Fire Brigade 1. Fighting fire and emission of dangerous substances 2. Rescuing and technical assistance 3. Decontaminating people and animals 4. Decontaminating vehicles and infrastructure 5. Observations and measurements 6. Alerting the population 7. Making accessible and clearing up Medial Assistance Responsible: GHOR 8. Medical aid chain 9. Preventative public health and medical/environmental measures 10. Psycho-social aid and care Public order and traffic management Responsible: Police and Ministry of Justice 11. Clearance and evacuation 12. Fencing off disaster area 13. Traffic control 14. Maintaining the legal order 15. Identification of fatal casualties 16. Giving directions 17. Criminal investigation Taking care of population Responsible: the Municipality 18. Advice and information 19. Relief and care 20. Funeral arrangements 21. Registration of victims 22. Providing primary needs 23. Damage registration 24. Environment protection 25. Follow-up care Within the framework the area ‘organisation’ is defined. It contains amongst others the information

fields presented in Table 7.

Table 7: Fields of Information about 'Organisation'

Organisation

Nam

e

Org

aniza

tion

ID

Org

aniza

tiona

l Ch

art o

f in

stitu

tion

Leve

l of

inst

itutio

n w

ithin

civ

il pr

otec

tion

hier

arch

y

Tool

ID

Data

ID

Busin

ess M

odel

ID

Proc

ess I

D

Even

t ID

…



www.episecc.eu

Another area within the framework of PPDR management is ‘tools’. Below applying fields of

information are displayed. As mentioned above, tools and also data and processes are covered within WP 2. Therefore more details will follow within WP 2 which also might imply further

evolvement of the fields of information.

Table 8: Fields of Information about 'Tool'

Tool

Nam

e

Tool

ID

Type

of T

ool

Stak

ehol

der/

Use

r

Dom

ain

Area

of a

pplic

atio

n

Org

anisa

tiona

l Sco

pe

Spat

ial S

cope

PPDR

pha

se

Com

mun

icat

ion

infr

astr

uctu

re

Leve

l of i

nter

oper

abili

ty

Lang

uage

Type

of d

ata

exch

ange

Data

Sem

antic

stru

ctur

e

Proc

ess I

D

Org

anisa

tion

ID

Busin

ess M

odel

ID

Even

t ID

Data

ID

… As WP 3 mainly focuses on the analysis of past disasters, which also present the foundation for the

above mentioned areas, an extended overview of the field of information concerning disasters is provided. Table 9 shows the upper level of necessary fields of information/ categories to be

contained within the inventory.

Table 9: Fields of Information about 'Disaster'

Disaster (Upper Level)

Nam

e

Even

t ID

Disa

ster

Cat

egor

y

Desc

riptio

n

Casc

adin

g Di

sast

er

Caus

e

Tim

e In

form

atio

n

Spat

ial S

cope

Mea

sure

d Da

ta

Envi

ronm

ent

Effe

cts

Resp

onse

Info

rmat

ion

Data

Sem

antic

stru

ctur

e

Proc

ess I

D

Busin

ess M

odel

ID

Tool

ID

Data

ID

… In the following each category/ descriptor of the upper level fields of information is presented

separately. First Table 10 shows the division of the Disaster Category.



www.episecc.eu

Table 10: Field of Information 'Disaster Category'

Disaster Category

Disa

ster

Gen

eric

Gr

oup

Disa

ster

Gro

up

Disa

ster

Mai

n Ty

pe

Disa

ster

Sub

-ty

pe

• Natural • Technological • Complex Disaster

• Geophysical • Meteorological • Hydrological • Climatological

• Earthquake • Volcanic

Eruption • Mass movement

dry • Storm • Flood • Mass movement

wet • Extreme

temperature • Drought • Wildfire

• Earth quake • Fire Following • Tsunami • Volcanic Eruption • Subsidence • Landslide • Tropical Storm

(Hurricane, Typhoon, Cyclone)

• Extratropical Storm (Winter storm, Blizzard/Snowstorm)

• Convective Storm (Severe Storm, Thunderstorm, Lightning, Hailstorm, Tornado)

• … When describing the disaster category, a selection within the shown group has to be done. The categorisation of disasters follows the harmonized categorisation/ terminology of the CRED,

MunichRe and SwissRe. In 2007, these organisations developed together with the UNDP, the Asian Disaster Reduction Centre and the International Strategy for Disaster Reduction (ISDR) a harmonized

approach where natural disasters are divided into four main disaster groups [26]. To improve the data gathering and the international application and comparability the inventory will also follow this

standard.

In the following tables the break-down of the time information, spatial scope, measured data,

environment, effects and response information is illustrated. The presented categories will either be free text, a selection or in a predefined format.

Table 11: Field of Information 'Time information'

Time Information

Star

t dat

e

End

date

Tim

e of

ala

rm

Occ

urre

nce

[27]

Prog

ress

ion

[27]

• Singular • Occasional • recurring

• none • slow • medium • fast



www.episecc.eu

Table 12: Field of Information 'Spatial Scope'

Spatial Scope

Cont

inen

t

Coun

try

Regi

on/ C

ity

Latit

ude/

Lo

ngitu

de

[Pol

ygon

]

Area

[sqm

]

Radi

us [2

8]

• Europe • Asia • …

• …

• < x • >= x • …

• Small (< 1 km) • Relatively large

(1 – 10 km) • Large (> 10 km)

Table 13: Field of Information 'Measured Data'

Measured Data

Tim

e of

M

easu

rem

ent

Inst

itute

Win

d fo

rce

Prec

ipita

tion

Mag

nitu

de

Gaug

e

Inte

nsity

Table 14: Field of Information 'Environment'

Environment

Char

acte

r [27

]

Terr

estr

ial

Man

euve

rabi

lity

[27]

Aeria

l M

aneu

vera

bilit

y [2

7]

Infr

astr

uctu

re

Popu

latio

n de

nsity

Map

s

Vege

tatio

n

• flat • hilly • mountainous • sea

• Excellent • Slightly limited • Severely limited • impossible

• Excellent • Slightly limited • Severely limited • impossible

• < x • > x

• …

Table 15: Field of Information 'Effect'

Effects

Casu

altie

s [1

2]

Dam

age

[27]

Econ

omic

al

Impa

ct [2

9]

No.

of C

asua

lties

[30]

Kille

d

Miss

ing

Inju

red

Hom

eles

s

Affe

cted

Evac

uate

d

Vict

ims

Civi

lian

Infr

astr

uctu

re

Resc

ue In

fras

truc

ture

Sect

ors [

16]

Ove

rall

Loss

Insu

red

Loss

Estim

ated

Dam

age



www.episecc.eu

Table 16: Field of Information 'Response Information'

Response Information Re

sour

ces

Requ

este

d As

sista

nce

[31]

Activ

atio

n of

Civ

il Pr

otec

tion

Mec

hani

sm

Ope

ratio

n

Dura

tion

of

Initi

al R

espo

nse

[32]

• Local • Regional • National • International • Combined

func

tion

No.

of h

uman

re

sour

ces

No.

of v

ehic

les

No.

of o

ther

reso

urce

s

actio

ns

• < 4 weeks • >= 4 weeks • Extend over

months

The shown fields of information and the corresponding lower levels will be evolved during the

survey’s progress and the following tasks. They present the relevant categories for the inventory and provide the foundation for the development of a basic structure of the inventory which is described

in the following chapter.

6. Architecture of the Inventory

As written in chapter 3 the development of the inventory follows an evolutionary approach, since not

all surveys are done and every requirement is clear at this early stage of the project. As a first approach the six areas from the framework structure (cp. Figure 10) are taken and a disaster-

centered table structure is designed. After that according to the definition of fields of information in chapter 5, tables are split into semantic useful sub tables and the dependencies are identified. A first

UML-diagram is developed with the help of the software “Enterprise architect” and is shown in Figure 11. Since, it is a first approach for the database structure that needs to be evolved during the

following tasks, only primitive data types are used within the tables. Enumeration data types are just displayed as text fields. Primary Keys are marked with “PK”, and Foreign Keys with “FK”. The Foreign

Key connections are displayed for the tables in direct connection to the disaster, as for the other the dependencies will be described at a later point.



www.episecc.eu

Figure 11: Basic structure of Inventory

The dependencies between the identified areas (Business Model, Data, Process, Tool and Organisation) are not represented at this stage of the design because the relations strongly depend

on the further development. Based on the outcomes and requirements of the other work packages, the structure will be adopted and finalized in the next phase of the project.

As a basis for the implementation of the architecture of the inventory into software and the integration of data into the database, a functional, efficient technical infrastructure is required. The necessary technical requirements are presented in chapter 7.



www.episecc.eu

7. Technical Requirements for the Development of an Information System

One of the objective of the project is to design and develop and built-up a suitable data base system. It should be provided to the project partners to store and access data related to disasters and best practices for first responders in a data base and the selection of data from the data bank directly or

via a web application. To provide capacity for data storage as well as performant access to the stored data, the system should consist of sufficient hardware components.

Since also access for first responders via public internet could be a future requirement, security aspects must be considered, in addition to be able to exclude unauthorized access to the data base

system.

Since the service provided is of critical importance in case of a disaster, also a high availability is to be

aspired, to ensure that first responders can rely on this system. To reduce downtimes and offer additional protection to critical data, it will be stored redundantly together with a snapshot of the

system setup in a backup system, so that the data base or the system itself can be restored within a short time in case of a failure.

This chapter describes the hardware basis of the EPISECC system with: Hardware requirements, infrastructure, data security, backup, availability and connection to the internet.

Hardware requirements for the database server

The data base server should be set up in such a way that a hardware failure has only a limited

influence on the overall functionality of the whole system. A RAID-System (redundant array of independent disks) improves data protection through redundant data storage. Redundant power

supply increases the system health to a satisfactory level. It must be ensured that the system corresponds to the hardware standards for the 64-bit-data base server in production environment. A

further important condition for a data base server is that the hardware is extendable and can support future data base growth.

• Database server minimal requirements: • 64-bit operating system • Midrange single CPU (central processing unit) - 4 cores

• Expandable RAM (random access memory), - minimum 4 GB (Gigabyte) • Expandable RAID data storage -minimum 3x300 GB hard disk drives as RAID5

Database server optimal requirements:

• 64-bit operating system

• Midrange single CPU, 8 cores • Expandable RAM -minimum 16 GB

• Expandable RAID data storage - minimum 3 x 2 TB (Terabyte) hard disk drives as RAID5 • Redundant power supply

After evaluations with regard to the expected accesses and data bank size a system is recommended which corresponds to the minimal requirements, with 8 GB RAM and a redundant power supply.



www.episecc.eu

Network infrastructure

The environment of the database server contains a dedicated subnet with a gigabit network-switch

and a firewall. Connections from and to the database server are controlled by a firewall rule set which secures against unauthorized access.

The network infrastructure contains the following components:

• Database Server: provides the data base • Ethernet Switch

• Firewall: protects the system against malicious or unauthorized outside access • Backup System: provides database dumps and system snapshots of the Database Server

Network Plan

The data base server and backup system are located in a subnet of the DLR. A firewall connects this subnet with the Internet and allows access to the data base. The subnet is protected by a firewall against unauthorized accesses.

The following Figure 12 shows the data base environment as a simple network plan. For additional reliability a second mirror-server operated in different entities is discussed for the project.

Figure 12: Network plan

Data Security

To improve the data base security against unauthorized access and SQL injections from outside, the

database should be protected by another safety measure – a SQL proxy/ firewall. It offers the following possibilities: It automatically discovers sensitive data location, blocks SQL injection attacks, prevents unauthorized database access, monitors access and activity, masks data in real time to the

column level and reports about database compliance. The following Figure 13 describes such a scenario.



www.episecc.eu

Figure 13: Database access with a SQL firewall

A data base firewall is not absolute necessary, but this procedure reflects state of the art in database security and will therefore be implemented.

Backup

To allow disaster recovery, it should be possible to restore the system setup and the data base within

a short time from backup data. This should be guaranteed by system snapshots and everyday data base dumps. The backup data are stored on a separate storage system. After a complete failure it will

be possible to restore the system from a snapshot with the latest data base state after a short time. Database dumps can also be used to restore data which were deleted accidentally or to restore the

database in case of an inconsistency.

Availability

To guarantee a sufficient availability of the data base system some measures must be taken:

• Provide redundant server hardware (Hard disk (HDD), power supply)

• Ensure security of the active components by an uninterruptible power supply (UPS). • Provide internet connection with a degree of availability higher than 98%.

Planned downtimes for maintenance should be announced with sufficient time in advance, with regard to time and duration. Generally, it is aimed at providing access to the data base with an

availability as high as possible. Problem occurring at night or during weekends will be solved at the next business day.

Not only technical requirements need to be identified, but also legal requirements need to be considered. A short overview follows in chapter 8.

8. Legal Requirements for the Inventory Development

In general, there are no legal restrictions on the form of databases in the EU. Therefore, the architecture of the Inventory and later, the Pan-European Information Space, is not subject to any

legal regulation. However, certain types of data processed in the Inventory (and in the Pan-European Information Space) may be subject to various restrictions and legal requirements. In particular, processing of personal data, data related to critical infrastructures, and strategic or operational

information that is considered to be confidential data may require the implementation of technical and organisational measures, which may include governance and risk management, human resources

security, security of systems and facilities, operations management, incident management, business continuity management, monitoring, auditing and testing. [33] Therefore, depending on the



www.episecc.eu

information that will be processed in the inventory it may become a subject to certain legal

requirements.

As aforementioned, the main objective of the Inventory is to improve understanding of the post-

disaster situation, which subsequently will allow the development of the Pan-European Information Space. To achieve this objective, the Inventory will gather data about stakeholder processes,

standards and other relevant information about available data sets, management practices or business models, and events. This data may include diverse types of information about internal

communication, coordination, resources management, interaction with citizens, command and control, communication with other entities, and interoperability actions. Therefore, despite that the

content of exact information contained in the gathered data is rather uncertain, it is considered that no processing of personal data is necessary to complete the inventory.

However, the opposite can be observed in the context of the Pan-European Information Space. The processing of personal data in the course of disaster management is essential and unavoidable. In practice, the processing of personal data in disaster management situation takes place via

communication data and tools. A good indication as to the types of communication data has been provided by the European Union Agency for Network and Information Security (ENISA). The Agency

has identified that the emergency services typically use: Terrestrial Trunked Radio (TETRA), data services, often on commercial networks and public networks. The ENISA has also identified the

typical communications systems used in an emergency situation, namely:

• broadcast,

• telephone, • internet and

• emergency radio.

Legal security and organisational requirements of these communication types are subject to national

regulations.

The extent to which Directive 95/46/EC on processing of personal data and Directive 2009/136/EC on

privacy and electronic communication are applicable to the communication data in the context of disaster management will have to be determined. The Directive 2009/136/EC aims at ensuring “an equivalent level of protection of fundamental rights and freedoms, and in particular the right to

privacy, with respect to the processing of personal data in the electronic communication sector and to ensure the free movement of such data and of electronic communication equipment and services

in the Community” further builds on the protection of individuals rights to privacy and data protection, as set forth in Directive 95/46/EC. However, the analysis of the extent to which these two

directives are applicable to the communications data processed in the context of civil protection will be provided in WP 7.1. Provided that different types of data may be subject to legal, organisational,

and security requirements and that the EU definition of personal data is very broad all developments related to the content of data sets that will be processed on the database of the Inventory will be



www.episecc.eu

followed with scrutiny.1 Once the architecture of the Inventory is finalised, an additional legal

analysis regarding the selected data sets will be provided. This analysis will take into consideration any ethical issues that may arise in this context.

9. Summary and Outlook

Within the deliverable an overview of Civil Protection and Disaster Management within the European Union is presented. It shows the heterogeneity of civil protection processes within the EU as also

national disaster management processes apply. The need of a common information space for cross-border events and the necessity of the integration of organizational information into the inventory

are emphasized. Besides, existing databases and tools have been investigated and analysed at a first stage. A more detailed analysis, also of projects with similar objectives, will follow in work package 2.

The analysis showed that there exist databases and tools that provide useful data for the inventory and have potential to be integrated or attached at a later stage. A first approach of the information-

based development of the inventory is presented. Moreover, the analysis methodology and approach for further work are identified and described, following a defined framework for the work

packages 2 and 3 based on the ARIS concept. The framework presents the five main disaster related areas to be considered in the inventory – business model, data, processes, tools and organization –

which will be considered in an event-related approach. Further, these areas are broken down into categories and fields of information to form the basis for the development of a first UML-structure of the inventory. Though, the extent of fields of information and details on data types, relations and

dependencies will be analysed and finalized during the next tasks of the projects. The next task will further cover the analysis of past critical events. Therefore various sources will be inspected,

questionnaires will be prepared, interviews with major stakeholders will be realized and disaster-related data will be collected. In addition the UML- structure of the inventory will be adapted based

on further analyses and the architecture of the inventory will be finalized in coordination with work package 2.

1 According to the Data Protection Directive (95/46/EC), ‘personal data’ means “any information relating to an identified or identifiable natural person (‘data subject’); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity”.



www.episecc.eu

Bibliography

[1] The United Nations Office dor Disaster Risk, “Terminology,” 2014. [Online]. Available:

http://www.unisdr.org/we/inform/terminology. [Accessed 15 07 2014].

[2] European Union, Consolidated Version of the Treaty on European Union and the Treaty on the

Functioning of the European Union (2010/C 83/01), Article 6: Treaty on the Functioning of the European Union, 2010.

[3] European Union, Consolidated Version of the Treaty on European Union and the Treaty on the Functioning of the European Union (2010/C 83/01), Article 196, paragraph 1: Treaty on the Functioning of the European Union, 2010.

[4] European Union, Consolidated Version of the Treaty on European Union and the Treaty on the Functioning of the European Union (2010/C 83/01), Article 196, paragraph 2: Treaty on the

Functioning of the European Union, 2010.

[5] European Union, Consolidated Version of the Treaty on European Union and the Treaty on the

Functioning of the European Union (2010/C 83/01), Article 222: Treaty on the Functioning of the European Union, 2010.

[6] European Union, “EUR-Lex,” [Online]. Available: http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:32007D0162:EN:NOT. [Accessed 18 07

2014].

[7] European Commission, “Humanitarian Aid and Civil Protection,” [Online]. Available:

http://ec.europa.eu/echo/en/what/civil-protection/emergency-response-coordination-centre-ercc. [Accessed 18 07 2014].

[8] European Commission, “Humanitarian Aid and Civil Protection,” [Online]. Available: http://ec.europa.eu/echo/en. [Accessed 18 07 2014].

[9] International Federation of Red Cross and Red Crescent Societies, “Civil Protection Guidance for

National Societies and Federation Secretariat relations with European Union actors,” 2013. [Online]. Available:

http://ifrc.org/PageFiles/140838/%5BEN%5D%20Guidance%20for%20NS%20and%20IFRC_LR.pdf. [Accessed 30 07 2014].



www.episecc.eu

[10] UNESCO, “European Commission Directorate General - Humanitarian Aid and Civil Protection,” 2014. [Online]. Available: http://neamtic.ioc-

unesco.org/index.php?option=com_content&view=article&id=119&Itemid=653. [Accessed 30 07 2014].

[11] EM-DAT, “About | EM-DAT,” [Online]. Available: http://emdat.be/about. [Accessed 21 07 2014].

[12] NatCatSERVICE, “NatCatSERVICE I Munich Re,” [Online]. Available:

http://www.munichre.com/en/reinsurance/business/non-life/natcatservice/. [Accessed 21 07 2014].

[13] GLIDE, “About GLIDE,” [Online]. Available: http://glidenumber.net/glide/public/about.jsp. [Accessed 21 07 2014].

[14] GDACS, “About GDACS,” [Online]. Available: http://portal.gdacs.org/about. [Accessed 21 07 2014].

[15] GDACS, “GDACS - Virtual OSOCC,” [Online]. Available: http://vosocc.unocha.org/. [Accessed 21 07 2014].

[16] DesInventar, “What is DesInventar? - Global Disaster Loss Collection Initiative,” [Online].

Available: http://www.desinventar.org/en/database. [Accessed 21 07 2014].

[17] S. W. Ambler, “Evolutionary Database Development,” 01 07 2005. [Online]. Available:

http://www.tdan.com/view-articles/5235. [Accessed 21 07 2014].

[18] PostGIS, “Spatial and Geographic objects for PostgreSQL,” [Online]. Available:

http://postgis.net/. [Accessed 21 07 2014].

[19] Sparxsystems. [Online]. Available: http://www.sparxsystems.de/. [Accessed 21 07 2014].

[20] European Commission, “Vademecum - civil protection,” [Online]. Available: http://ec.europa.eu/echo/civil_protection/civil/vademecum/index.html. [Accessed 21 07 2014].

[21] I. Gjerde, T. Eskedal and R. Venturin, “BIZTEKON A framework for business modelling and techno-economic analysis,” in International Conference on Telecommunications, 2007. ConTel

2007, 2007.

[22] H. Bouwman, J. De Vos and T. Haaker, Mobile Service Innovation and Business Models,, Berlin

Heidelberg: Springer-Verlag, 2008.

[23] A. Scheer, ARIS - Vom Geschäftsprozess zum Anwendungssystem, Berlin: Springer , 2002.

[24] W. Vorraber, Strategic planning framework for ICT-based Information Service Systems, Doctoral

Thesis, Graz: Graz University of Technology, 2012.



www.episecc.eu

[25] A. Dilo and S. Zlatanova, “Data modelling for emergency response,” in GIST Report No. 54, Delft, TU Delft, p. 11.

[26] Munich Re, “NatCatSERVICE Database for natural catastrophes worldwide,” 2011. [Online]. Available: http://www.munichre.com/site/corporate/get/documents_E-

982631397/mr/assetpool.shared/Documents/5_Touch/Natural%20Hazards/NatCatService/hierarchy_and_terminology_natural_hazards_touch_en.pdf. [Accessed 21 07 2014].

[27] G. Lichtenegger, The Role of Self-Organization in Disaster Relief Operations, Dissertation, Graz: Graz University of Technology, 2009.

[28] J. de Boer, “Definition and Classification of Disasters: Introduction of a disaster severity scale,” The Journal of Emergency Medicine, pp. 591-595, 1990.

[29] R. Below, A. Wirtz and D. Guha-Sapir, “Working Paper: Disaster Category Classification and peril Terminology for Operational Purposes,” 2009.

[30] W. Rutherford and J. de Boer, “The definition and classification of disasters,” Injury, Vol.15/ No.1, pp. 10-12, 1982.

[31] European Commission, 2012. [Online]. Available:

http://ec.europa.eu/echo/files/policies/disaster_response/EUCPM_activations_since_01012007.pdf. [Accessed 18 07 2014].

[32] NSW Government Industry & Investment, Procedure, “Classification system for biosecurity and natural disaster emergency responses,” NSW, Narellan, 2010.

[33] European Union Agency for Network and Information Security (ENISA), “Technical Guideline for Minimum Security Measures,” 03 12 2011. [Online]. Available:

http://www.enisa.europa.eu/activities/Resilience-and-CIIP/Incidents-reporting/technical-guideline-on-minimum-security-measures. [Accessed 22 07 2014].



www.episecc.eu

Annex

Terminology

For further clarification of terms used in the context of the EPISECC project, the consortium developed a preliminary list of definitions. This list is not conclusive and is subject to changes in the

future tasks. The consortium agreed to use definitions provided in the Council Decision of 23 October 2001 establishing a Community mechanism to facilitate reinforced cooperation in civil protection

assistance interventions, Council Decision of 8 November 2007establishing a Community Civil Protection Mechanism, Decision No 1313/2013/EU of the European Parliament and of the Council of

17 December 2013 on a Union Civil Protection Mechanism, Regulation No 375/2014 of the European Parliament and of the Council of 3 April 2014 establishing the European Voluntary Humanitarian Aid

Corps, and Regulation of the European Parliament and of the Council amending Council Regulation No 2012/2002 establishing the European Union Solidarity Fund. According to the agreed list:

'EU civil protection mechanism' means a 'mechanism to facilitate reinforced cooperation between the Community and the Member States in civil protection assistance intervention in the event of

major emergencies, or the imminent threat thereof, which may require urgent response action'. The Mechanism is operated by the Emergency Response Coordination Centre (ERCC).

'Disaster' means any situation which has or may have a severe impact on people, the environment, or property, including cultural heritage; critical event is used as synonym to disaster.

'Response' means any action taken upon request for assistance under the Union Mechanism in the

event of an imminent disaster, or during or after a disaster, to address its immediate adverse consequences;

'Preparedness' means a state of readiness and capability of human and material means, structures, communities and organisations enabling them to ensure an effective rapid response to a disaster,

obtained as a result of action taken in advance;

'Prevention' means any action aimed at reducing risks or mitigating adverse consequences of a

disaster for people, the environment and property, including cultural heritage;

'Early warning' means the timely and effective provision of information that allows action to be

taken to avoid or reduce risks and the adverse impacts of a disaster, and to facilitate preparedness for an effective response;

'Module' means a self-sufficient and autonomous predefined task- and needs-driven arrangement of Member States’ capabilities or a mobile operational team of the Member States, representing a

combination of human and material means that can be described in terms of its capacity for intervention or by the task(s) it is able to undertake;

'Risk assessment' means the overall cross-sectoral process of risk identification, risk analysis, and risk

evaluation undertaken at national or appropriate sub-national level;



www.episecc.eu

'Risk management capability' means the ability of a Member State or its regions to reduce, adapt to

or mitigate risks (impacts and likelihood of a disaster), identified in its risk assessments to levels that are acceptable in that Member State. Risk management capability is assessed in terms of the

technical, financial and administrative capacity to carry out adequate:

(a) risk assessments;

(b) risk management planning for prevention and preparedness; and

(c) risk prevention and preparedness measures;

'Host nation support' means any action undertaken in the preparedness and response phases by the country receiving or sending assistance, or by the Commission, to remove foreseeable obstacles to

international assistance offered through the Union Mechanism. It includes support from Member States to facilitate the transiting of this assistance through their territory;

'Response capacity' means assistance that may be provided through the Union Mechanism upon request;

'Logistical support' means the essential equipment or services required for expert teams referred to

in Article 17(1) to perform their tasks, inter alia communication, temporary accommodation, food or in-country transport.

'Major emergency’ means any situation which has or may have an adverse impact on people, the environment or property and which may result in a call for assistance under the Mechanism; ‘critical

incident’ is used as a synonym to ‘major emergency’.

'Humanitarian aid’ means activities and operations in third countries intended to provide needs-

based emergency assistance aimed at preserving life, preventing and alleviating human suffering, and maintaining human dignity in the face of man-made crises or natural disasters. It encompasses

assistance, relief and protection operations in humanitarian crises or their immediate aftermath, supporting measures to ensure access to people in need and to facilitate the free flow of assistance,

as well as actions aimed at reinforcing disaster preparedness and disaster risk reduction, and contributing towards strengthening resilience and capacity to cope with, and recover from, crises;

'Major natural disaster' means any natural disaster resulting, in a Member State or of a country involved in accession negotiations with the Union, in direct damage estimated either at over EUR 3000 000 000 in 2011 prices, or more than 0,6 % of its gross national income.

'Regional natural disaster' means any natural disaster resulting, in a region at NUTS level 2 of EU Member State or of a country involved in accession negotiations with the Union, in direct damage in

excess of 1,5 % of that region's gross domestic product.
