Begin Main Content Area

Pennsylvania's Critical Infrastructure

Critical infrastructure (CI) consists of the public and private assets and networks, whether physical or virtual, so vital that their incapacitation or destruction would have a debilitating effect on national security, the economy, public health or safety, or any combination thereof. A local power station, the highway system around a major city and a government building could all be considered critical infrastructure. Key Resources (KR) are the public or private commodities essential to the health and well-being of the citizenry, the economy and continuity of government.  A reservoir, which holds the drinking water for a community would be considered a key resource. The Federal Department of Homeland Security (DHS) has developed the National Infrastructure Protection Plan (NIPP), which brings together various protection efforts and recovery plans into a single national program. The NIPP requires that each state develops and implements its own critical infrastructure protection (CIP) plan as a component of the overarching Homeland Security program. Pennsylvania has developed its own CIP plan, the Commonwealth Critical Infrastructure Protection Plan (CCIPP), to address the responsibilities at the state, county and municipal levels. Various federal and state laws set the roles and responsibilities of the agencies involved in Homeland Security and protection planning.  

IP Gateway

An imporant step in ensuring that Pennsylvania's critical infrastructure is protected, is simply to identify all of our critical infrastructure sites. Each state determines its own criteria for what it considers critical, and Governor's Office of Homeland Security (GOHS) works with representatives from various state departments and agencies to define these criteria. In turn, the GOHS works with industry stakeholders and facility owners across the state to identify our critical infrastructure and key resources. 

The GOHS uses a tool called IP Gateway, a secure web-based tool, which aids law enforcement, public safety and emergency response personnel in the event of an emergency at one of these sites.  More information on ACAMS is available from the Department of Homeland Security.

Protected Critical Infrastructure Information (PCII)

The Protected Critical Infrastructure Information (PCII) Program, managed by the U.S. Department of Homeland Security's (DHS) National Protection and Programs Directorate (NPPD), is designed to encourage owners/operators of private sector critical infrastructure, key resources and significant special events (CIKR) to share sensitive, security-related business information with the Federal government.

The PCII program offers an information-protection, software tool that facilitates information sharing between the government and private sector. DHS and other federal, state and local analysts use PCII in pursuit of a more secure homeland, assisting in the 

  • Analyzing and securing critical  infrastructure and protected systems
  • Identifying vulnerabilities and developing risk assessments
  • Enhancing recovery preparedness measures

Information submitted, if found to satisfy the requirements codified in the Critical Infrastructure Information Act of 2002 (Cll Act), is protected from public disclosure under the following:

  • The Freedom of Information Act
  • State and local disclosure laws
  • Use in civil litigation