CCI has developed working definitions* related to critical infrastructure as follows:
Critical infrastructure includes systems, facilities, and assets so vital that if destroyed or incapacitated would disrupt the security, economy, health, safety, or welfare of the public. Critical infrastructure may cross political boundaries and may be built (such as structures, energy, water, transportation, and communication systems), natural (such as surface or ground water resources), or virtual (such as cyber, electronic data, and information systems).
Safety denotes a status, which is extensively free of adverse effects or is regarded as non-dangerous.
Security provides protection against attacks, sabotage, acts of violence, or disruption. Security concepts are constructed and used to reach the status of safety. Measures of security are effective when they prevent or mitigate expected and unexpected consequences.
Sensible security is the level of protection provided through design, construction, and operation that mitigates adverse impacts to systems, facilities, and assets, in proportion to their value to society and their likelihood of being affected by natural and/or man-made events.
Multihazards include significant events such as infrastructure deterioration, natural disasters, accidents, and malevolent acts.
Resilience refers to the capability to prevent or protect against significant multihazard threats and incidents and to expeditiously recover and reconstitute critical services with minimum damage to public safety and health, the economy, and national security.
*See ASCE Policy Statement 518, Unified Definitions for Critical Infrastructure and Sensible Security