Threat and Risk Assessment Using Continuous Logic

2021 ◽

pp. 1212-1227

Author(s):

Aristides Dasso ◽

Ana Funes

Keyword(s):

Risk Assessment ◽

Decision Making ◽

Energy Management ◽

Quantitative Method ◽

Critical Infrastructure ◽

Banking Industry ◽

Continuous Logic ◽

Multiple Systems ◽

Response And Recovery ◽

Detection Response

Threat and Risk Assessment is an important area in cybersecurity. It covers multiple systems and organizations where cybersecurity is significant, such as banking, industry, SCADA, Energy Management System, among many others. The chapter presents a method to help assessing threats and risks associated with computer and networks systems. It integrates the Framework for Improving Critical Infrastructure Cybersecurity—developed by the National Institute of Standards and Technology—with a quantitative method based on the use of a Continuous Logic, the Logic Scoring of Preference (LSP) method. LSP is a method suitable for decision making that provides the guidelines to produce a model to assist the expert in the process of assessing how much a product or system satisfy a number of requirements, in this case associated to the identification, protection, detection, response and recovery of threat and risks in an organization.

Download Full-text

A Decision Making Method of Pipeline Risk Assessment

2010 8th International Pipeline Conference, Volume 1 ◽

10.1115/ipc2010-31193 ◽

2010 ◽

Author(s):

Hong Lu ◽

Allison Denby

Keyword(s):

Risk Assessment ◽

Decision Making ◽

Relative Risk ◽

Matrix Method ◽

Input Data ◽

Quantitative Method ◽

Probability Of Failure ◽

Limited Resources ◽

Mitigation Options ◽

Score Index

The pipeline risk assessment has been more and more widely used in the industry because of economic factors and regulatory requirements. The three most popular risk assessment methods are qualitative method (simple decision making matrix method), semi-quantitative method (score index method) and quantitative method. The decision-making matrix method greatly depends on expert’s opinion, and does not provide much information to optimize the mitigation program. The quantitative method provides details of mitigation options, mitigation criteria, and prioritizations, but requires a lot of input data that the pipeline operators usually do not have. The score index risk assessment is widely used in the pipeline industry. The input data is relatively easy to acquire. The method provides details of mitigation options and relative risk values. The score index risk assessment is a relative method. Upstream pipeline operators often have questions, such as “Which is the most effective mitigation option to use with my limited resources?” and how the index scores relate with the actual failure frequencies and failure consequence. In order to effectively answer these questions, this paper outlines a method to correlate the probability of failure score with actual failure probability, and leak impact factor score with actual failure consequence in monetary units. Rather than using the final risk score, this method applies the monetarily calibrated consequence factor to the probability of failure so that a normalized and calibrated risk in monetary unit is obtained. By comparing the cost of an estimated mitigation program, the decision can be made based on relative risk. This process is straightforward and practical for industrial application, especially for upstream companies where operators have limited resources to run an in-depth risk assessment. A case study is presented using this method based on upstream pipelines.

Download Full-text

Considerations on Decisions Making Process under the Risk of Terrorism

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.463-464.1002 ◽

2012 ◽

Vol 463-464 ◽

pp. 1002-1005

Author(s):

Catalin Cioaca ◽

Mircea Boscoianu

Keyword(s):

Decision Making ◽

Critical Infrastructure ◽

Terrorist Attack ◽

Analytical Tool ◽

Decision Making Process ◽

Terrorism Risk ◽

Response And Recovery ◽

Effective Decision ◽

Effective Decision Making

This paper offers a decision making process based on terrorism risk. The purpose of the model is to support effective decision making in order to involve multiple potential targets and countermeasure alternatives. Because of the complexity of the issues and the posible catastrophic consequences of a terrorist attack, it is necesary to use an analytical tool to detect, assess, warn, response, and recovery the critical infrastructure. The perspective taken is that in order to establish priorities for threats and vulnerabilities and to identify and evaluate options for action.

Download Full-text

Applying the Msharpp Method in Risk Assessment for the Water Supply Critical Infrastructure Sector

Scientific Bulletin ◽

10.1515/bsaft-2015-0014 ◽

2015 ◽

Vol 20 (1) ◽

pp. 92-96

Author(s):

Dorel Badea ◽

Dumitru Iancu ◽

Olga Maria Cristina Bucoveţchi

Keyword(s):

Risk Assessment ◽

Decision Making ◽

Water Supply ◽

Critical Infrastructure ◽

Legal Systems ◽

Simple Method ◽

Preliminary Stage

Abstract The paper highlights a manner to assess risks for an important sector of critical infrastructure, that of water supply, frequently regulated in international legal systems. We took into consideration the fact that risk is a problem related to the processes of decision making under conditions of uncertainty in most cases, so that by this approach we bring to the attention of critical infrastructure managers, drawing on their experience, a simple method that can be considered in a preliminary stage of risk assessment specific to water supply.

Download Full-text

Risk Assessment and Decision-Making Based on Mean-CVaR-Entropy for Flood Control Operation of Large Scale Reservoirs

Water ◽

10.3390/w11040649 ◽

2019 ◽

Vol 11 (4) ◽

pp. 649 ◽

Cited By ~ 2

Author(s):

Quansen Wang ◽

Jianzhong Zhou ◽

Kangdi Huang ◽

Ling Dai ◽

Gang Zha ◽

...

Keyword(s):

Risk Assessment ◽

Decision Making ◽

Flood Control ◽

Large Scale ◽

Yangtze River Basin ◽

Mean Value ◽

Operation System ◽

Control Operation ◽

Flood Control Operation ◽

Reservoir Flood Control Operation

The risk inevitably exists in the process of flood control operation and decision-making of reservoir group, due to the hydrologic and hydraulic uncertain factors. In this study different stochastic simulation methods were applied to simulate these uncertainties in multi-reservoir flood control operation, and the risk caused by different uncertainties was evaluated from the mean value, extreme value and discrete degree of reservoir occupied storage capacity under uncertain conditions. In order to solve the conflict between risk assessment indexes and evaluate the comprehensive risk of different reservoirs in flood control operation schemes, the subjective weight and objective weight were used to construct the comprehensive risk assessment index, and the improved Mahalanobis distance TOPSIS method was used to select the optimal flood control operation scheme. The proposed method was applied to the flood control operation system in the mainstream and its tributaries of upper reaches of the Yangtze River basin, and 14 cascade reservoirs were selected as a case study. The results indicate that proposed method can evaluate the risk of multi-reservoir flood control operation from all perspectives and provide a new method for multi-criteria decision-making of reservoir flood control operation, and it breaks the limitation of the traditional risk analysis method which only evaluated by risk rate and cannot evaluate the risk of the multi-reservoir flood control operation system.

Download Full-text

Quantifying Road-Network Robustness toward Flood-Resilient Transportation Systems

Sustainability ◽

10.3390/su13063172 ◽

2021 ◽

Vol 13 (6) ◽

pp. 3172

Author(s):

Suchat Tachaudomdach ◽

Auttawit Upayokin ◽

Nopadon Kronprasert ◽

Kriangkrai Arunotayanun

Keyword(s):

Road Network ◽

Critical Infrastructure ◽

Policy Issue ◽

Analytical Framework ◽

Transportation Systems ◽

Network Robustness ◽

System Response ◽

Chiang Mai ◽

Protection Measures ◽

Response And Recovery

Amidst sudden and unprecedented increases in the severity and frequency of climate-change-induced natural disasters, building critical infrastructure resilience has become a prominent policy issue globally for reducing disaster risks. Sustainable measures and procedures to strengthen preparedness, response, and recovery of infrastructures are urgently needed, but the standard for measuring such resilient elements has yet to be consensually developed. This study was undertaken with an aim to quantitatively measure transportation infrastructure robustness, a proactive dimension of resilience capacities and capabilities to withstand disasters; in this case, floods. A four-stage analytical framework was empirically implemented: 1) specifying the system and disturbance (i.e., road network and flood risks in Chiang Mai, Thailand), 2) illustrating the system response using the damaged area as a function of floodwater levels and protection measures, 3) determining recovery thresholds based on land use and system functionality, and 4) quantifying robustness through the application of edge- and node-betweenness centrality models. Various quantifiable indicators of transportation robustness can be revealed; not only flood-damaged areas commonly considered in flood-risk management and spatial planning, but also the numbers of affected traffic links, nodes, and cars are highly valuable for transportation planning in achieving sustainable flood-resilient transportation systems.

Download Full-text

Evaluating the Implementation of the “Build-Back-Better” Concept for Critical Infrastructure Systems: Lessons from Saint-Martin’s Island Following Hurricane Irma

Sustainability ◽

10.3390/su13063133 ◽

2021 ◽

Vol 13 (6) ◽

pp. 3133

Author(s):

Rita Der Sarkissian ◽

Anas Dabaj ◽

Youssef Diab ◽

Marc Vuillet

Keyword(s):

Decision Making ◽

Conceptual Analysis ◽

Scientific Literature ◽

Critical Infrastructure ◽

Methodological Approach ◽

Infrastructure Systems ◽

Before And After ◽

Study Offer ◽

Hurricane Irma ◽

Operational Aspects

A limited number of studies in the scientific literature discuss the “Build-Back-Better” (BBB) critical infrastructure (CI) concept. Investigations of its operational aspects and its efficient implementation are even rarer. The term “Better” in BBB is often confusing to practitioners and leads to unclear and non-uniform objectives for guiding accurate decision-making. In an attempt to fill these gaps, this study offers a conceptual analysis of BBB’s operational aspects by examining the term “Better”. In its methodological approach, this study evaluates the state of Saint-Martin’s CI before and after Hurricane Irma and, accordingly, reveals the indicators to assess during reconstruction projects. The proposed methods offer practitioners a guidance tool for planning efficient BBB CI projects or for evaluating ongoing programs through the established BBB evaluation grid. Key findings of the study offer insights and a new conceptual equation of the BBB CI by revealing the holistic and interdisciplinary connotations behind the term “Better” CI: “Build-Back-resilient”, “Build-Back-sustainable”, and “Build-Back-accessible to all and upgraded CI”. The proposed explanations can facilitate the efficient application of BBB for CI by operators, stakeholders, and practitioners and can help them to contextualize the term “Better” with respect to their area and its CI systems.

Download Full-text

Implementing a Pre‐Disaster Recovery Workshop in Intramuros, Manila, Philippines: Lessons for Disaster Risk Assessment, Response, and Recovery for Cultural Heritage

Disasters ◽

10.1111/disa.12486 ◽

2021 ◽

Author(s):

Kevin Macarius Florentin ◽

M. Onuki ◽

M. Esteban ◽

V. P. Valenzuela ◽

M. C. Paterno ◽

...

Keyword(s):

Risk Assessment ◽

Cultural Heritage ◽

Disaster Recovery ◽

Disaster Risk ◽

Disaster Risk Assessment ◽

Response And Recovery

Download Full-text

An empirical study on open position risk assessment using VAR and regression analysis: A case study of Iranian banking industry

Management Science Letters ◽

10.5267/j.msl.2012.06.005 ◽

2012 ◽

Vol 2 (6) ◽

pp. 2135-2140 ◽

Cited By ~ 1

Author(s):

Mohammad Khodaei Valahzaghard ◽

Mina Ghavidel ◽

Mojtaba Heidar ◽

Elmira Mahmoudzadeh

Keyword(s):

Risk Assessment ◽

Regression Analysis ◽

Empirical Study ◽

Banking Industry ◽

Open Position

Download Full-text

Fire Risk Assessment in Healthcare Settings: Application of FMEA Combined with Multi‐Criteria Decision Making Methods

Mathematical Problems in Engineering ◽

10.1155/2020/8913497 ◽

2020 ◽

Vol 2020 ◽

pp. 1-12

Author(s):

Fateme Omidvari ◽

Mehdi Jahangiri ◽

Reza Mehryar ◽

Moslem Alimohammadlou ◽

Mojtaba Kamalinia

Keyword(s):

Risk Assessment ◽

Decision Making ◽

Fire Risk ◽

Fire Detection ◽

Healthcare Setting ◽

Multi Criteria Decision Making ◽

Intuitionistic Fuzzy ◽

Healthcare Settings ◽

Fire Risk Assessment ◽

Risk Parameters

Fire is one of the most dangerous phenomena causing major casualties and financial losses in hospitals and healthcare settings. In order to prevent and control the fire sources, first risk assessment should be conducted. Failure Mode and Effect Analysis (FMEA) is one of the techniques widely used for risk assessment. However, Risk Priority Number (RPN) in this technique does not take into account the weight of the risk parameters. In addition, indirect relationships between risk parameters and expert opinions are not considered in decision making in this method. The aim is to conduct fire risk assessment of healthcare setting using the application of FMEA combined with Multi‐Criteria Decision Making (MCDM) methods. First, a review of previous studies on fire risk assessment was conducted and existing rules were identified. Then, the factors influencing fire risk were classified according to FMEA criteria. In the next step, weights of fire risk criteria and subcriteria were determined using Intuitionistic Fuzzy Multiplicative Best-Worst Method (IFMBWM) and different wards of the hospital were ranked using Interval-Valued Intuitionistic Fuzzy Combinative Distance-based Assessment (IVIFCODAS) method. Finally, a case study was performed in one of the hospitals of Shiraz University of Medical Sciences. In this study, fire alarm system (0.4995), electrical equipment and installations (0.277), and flammable materials (0.1065) had the highest weight, respectively. The hospital powerhouse also had the highest fire risk, due to the lack of fire extinguishers, alarms and fire detection, facilities located in the basement floor, boilers and explosive sensitivity, insufficient access, and housekeeping. The use of MCDM methods in combination with the FMEA method assesses the risk of fire in hospitals and health centers with great accuracy.

Download Full-text