Critical infrastructures – classification of the vocabulary by the BBK

In 2003, the definition of KRITIS and their classification into sectors and industries was made at the federal level. KRITIS ensure their functioning in society and are subject to disruptions, which the Federal Office of Civil Protection and Disaster Assistance (BBK) proactively counters with its risk management.

For KRITIS protection, common terminology is also needed about critical services and system-relevant facilities of direct or indirect involvement.

Enterprises and authorities at the local, state, and federal levels have worked in recent months to protect KRITIS services and ensure their functioning. Many questions regarding responsibilities for KRITIS have been answered, resulting in the now available "KRITIS Construction Kit: Crisis Prevention and Crisis Management in the Context of Critical Infrastructures".

An identification of so-called systemically important facilities and KRITIS can be made on the basis of levels such as municipality, state, federal government or on the basis of quantitative and qualitative criteria by authorities or operators themselves. In addition, a quantitative regulatory threshold of 500,000 is used to quantify the number of people affected by a failure.

The definition of which facilities and installations are considered critical differs by administrative level, so critical at the municipal level does not mean the same as critical at the federal level.

KRITIS classification according to the Quality I criterion.

Utility services whose failure would have a direct impact on the population or other KRITIS.

KRITIS classification according to the Quality II criterion.

Processes that are necessary for the provision of a KRITIS service as well as system-relevant facilities (suppliers, service providers). Here is the example of a laundry, mentioned as an external service provider for a hospital involved in medical care.

KRITIS classification according to the criterion of quantity

Evaluation of the failure effects of KRITIS on the respective levels of local, state and federal government. Services and processes can be linked to physical assets here

The BSI Act & the IT security of KRITIS

In 2015, the BSIG was amended by the IT Security Act (IT-SiG) to increase IT security of critical infrastructures. The BSI states which systems and facilities are considered critical in the sense of the BSIG. Now, the BSIG addresses only seven of nine critical infrastructure sectors, so its identification also refers only to this subset. It is therefore the case that "critical infrastructures" are not the same as "critical infrastructures within the meaning of the BSIG. By means of the BSI-KritisV, the following facilities are identified as Critical Infrastructures within the meaning of the BSIG:

  • Energy
  • Food
  • Finance and insurance
  • Healthcare
  • Information technology and telecommunications
  • Transport and traffic
  • Water
  • Critical services
  • Facilities that help provide services to more than 500,000 people

Facilities of energy and water utilities, hospitals, banks and insurance companies have repeatedly been the target of cyberattacks in recent months. And it is not just the global crisis that has shown how important it is to maintain infrastructures and services from the KRITIS sectors. Rohde & Schwarz Cybersecurity supports you as a critical infrastructure operator in complying with industry-specific security standards (B3S) and ensuring the availability of your systems and critical processes in the event of a crisis.

Featured content for critical infrastructure

E-Book cybersecurity in healthcare

Download now

Free download whitepaper cybersecurity in the energy sector

Whitepaper cybersecurity in the energy sector

Download E-Book cybersecurity in healthcare

Webinar secure remote workstation

Download E-Book cybersecurity in healthcare

Case Study: Secure browsing for government agencies






我同意,在网站Imprint中提到的Rohde & Schwarz GmbH & Co. KG和罗德与施瓦茨实体及分支机构 可出于营销和广告之目的(例如提供特价优惠和折扣促销信息)而通过选定渠道(电子邮件或邮政信件)与我联系并提供相关信息,包括但不限于测试与测量、安全通信、监测与网络测试、广播电视与媒体以及网络安全领域的产品和解决方案相关信息


您可以随时发送电子邮件至 撤销此同意声明,邮件主题注明“Unsubscribe”即可。此外,我们发送给您的每一封电子邮件中都含有电子邮件取消订阅链接。有关个人数据使用和撤销程序的详情,请参阅“隐私声明”

An error is occurred, please try it again later.