Biringer / Vugrin / Warren | Critical Infrastructure System Security and Resiliency | E-Book | www2.sack.de
E-Book

E-Book, Englisch, 229 Seiten

Biringer / Vugrin / Warren Critical Infrastructure System Security and Resiliency


Erscheinungsjahr 2013
ISBN: 978-1-4665-5751-2
Verlag: Taylor & Francis
Format: PDF
 Kopierschutz: Adobe DRM (»Systemvoraussetzungen)

E-Book, Englisch, 229 Seiten

ISBN: 978-1-4665-5751-2
Verlag: Taylor & Francis
Format: PDF
 Kopierschutz: Adobe DRM (»Systemvoraussetzungen)

Security protections for critical infrastructure nodes are intended to minimize the risks resulting from an initiating event, whether it is an intentional malevolent act or a natural hazard. With an emphasis on protecting an infrastructure's ability to perform its mission or function, Critical Infrastructure System Security and Resiliency presents a practical methodology for developing an effective protection system that can either prevent undesired events or mitigate the consequences of such events.

Developed at Sandia National Labs, the authors’ analytical approach and methodology enables decision-makers and security experts to perform and utilize risk assessments in a manner that extends beyond the theoretical to practical application. These protocols leverage expertise in modeling dependencies—optimizing system resiliency for effective physical protection system design and consequence mitigation.

The book begins by focusing on the design of protection strategies to enhance the robustness of the infrastructure components. The authors present risk assessment tools and necessary metrics to offer guidance to decision-makers in applying sometimes limited resources to reduce risk and ensure operational resiliency.

Our critical infrastructure is vast and made up of many component parts. In many cases, it may not be practical or affordable to secure every infrastructure node. For years, experts—as a part of the risk assessment process—have tried to better identify and distinguish higher from lower risks through risk segmentation. In the second section of the book, the authors present examples to distinguish between high and low risks and corresponding protection measures. In some cases, protection measures do not prevent undesired events from occurring. In others, protection of all infrastructure components is not feasible. As such, this section describes how to evaluate and design resilience in these unique scenarios to manage costs while most effectively ensuring infrastructure system protection.

With insight from the authors’ decades of experience, this book provides a high-level, practical analytical framework that public and private sector owners and operators of critical infrastructure can use to better understand and evaluate infrastructure security strategies and policies. Strengthening the entire homeland security enterprise, the book presents a significant contribution to the science of critical infrastructure protection and resilience.

Biringer / Vugrin / Warren Critical Infrastructure System Security and Resiliency jetzt bestellen!

Zielgruppe

Homeland security professionals, corporate security managers, security system designers, security system integrators, security consultants, physical security and risk professionals, facility managers, and managers of critical infrastructure and public and private utilities.

Autoren/Hrsg.

Biringer, Betty
Vugrin, Eric
Warren, Drake

Fachgebiete

Weitere Infos & Material

SECURITY RISK ASSESSMENT
Introduction to Security Risk Assessment

Security Risk Assessment

Protection System Robustness

Security System Resiliency

System Approach for Security Risk Assessment

Determine Undesired Events, Associated Critical Assets,
and Available Resources

Threat Analysis

Assess Likelihood of Initiating Event

Estimate Protection System Effectiveness

Assess Consequences for Undesired Event

Estimate Security Risk

Upgrade the Protection System to Be Robust against Undesired Event

Upgrade Security System to Be Resilient for Undesired Event

Undesired Events, Associated Critical Assets, and Available Resources

Critical Assets

Logic Model

Threat Analysis
Malevolent Threats

Type of Adversary

Adversary Capability

Design Basis Threat

Natural Hazards

Hurricane

Earthquake

Tornado

Flood

Accidents

Likelihood of Initiating Events

Malevolent Threat
Outsider Threat

Insider Threat

Natural Hazard Threat

Accident Threat

Assess Consequences and Responses for Undesired Event

Reference Table for Consequences

Estimating Consequence Level for Undesired Events
Assessment of Protection System Effectiveness

Assessment of Protection System Effectiveness for Malevolent Threat

Adversary Scenarios

Effective Physical Protection System for the Malevolent Threat
Physical Protection System Effectiveness Assessment
Physical Protection System Effectiveness Assessment—Example

Protection System Effectiveness against Blast Attacks

Protection System Effectiveness for Blast Attacks Assessment—Example

Mitigation of the Insider Threat
Cyber Protection System Effectiveness

Cyber Functions

Cyber Protection System Effectiveness Assessment—Example

Effectiveness for Natural Hazards
Protection System Effectiveness Assessment for Natural
Hazards—Example

Protection System Effectiveness for Accidents

Protection System Effectiveness Assessment for Accidents—Example
Estimate Security Risk

System Approach for Security Risk Assessment
Determine Undesired Events, Associated Critical Assets, and Available Resources

Threat Analysis

Assess Likelihood of Initiating Event

Estimate Protection System Effectiveness

Assess Consequences for Undesired Event

Estimate Security Risk

Upgrade Protection System to Be Robust against Undesired Event

Upgrade Security System to Be Resilient for Undesired Event
EVALUATION AND DESIGN OF RESILIENT SYSTEMS
Motivating Infrastructure Resilience Analysis

Current State of Resilience Assessment

Definitions of Resilience

Domains

Assessment Processes

Structural Resilience Assessment Methodologies

Performance-Based Measurement
Hybrid Approaches
Gaps and Limitations

Infrastructure Resilience Analysis Methodology

Definition of Resilience

Measurement of Resilience Costs

Systemic Impact

Total Recovery Effort

Resilience Cost Calculation

Use and Interpretation of Recovery-Dependent Resilience
Costs and Optimal Resilience Costs Quantities

Additional Notes on Calculation of Resilience Costs
Qualitative Structural Analysis
Absorptive Capacity

Adaptive Capacity

Restorative Capacity

Additional Notes on Resilience Capacities
Applying the Infrastructure Resilience Analysis Methodology

Case Studies Using the Infrastructure Resilience Analysis Framework
Qualitative Resilience Analysis Case Study
Define Systems

Define Scenario
Perform Structural Analysis

Analysis Conclusions

Quantitative Resilience Analysis Case Study
Define Systems

Define Scenario

Define Metrics and Obtain Data

Calculate Resilience Costs

Perform Structural Analysis

Case Study on Optimizing Resilient Recovery Strategies
Define Systems
Define Scenario
Define Metrics

Obtain Data and Calculate Resilience Costs

Future Directions
APPENDIX A: EXAMPLE USE OF FAULT TREES TO IDENTIFY CRITICAL ASSETS

APPENDIX B: PHYSICAL PROTECTION FEATURES PERFORMANCE DATA

INDEX

Betty E. Biringer is a mathematician currently conducting specialized technical assessments and research in the national interest as a distinguished member of the technical staff at Sandia National Laboratories. As the former manager of the Security Risk Assessment Department, she provided oversight and technical guidance for Sandia’s modeling and simulation tools for physical security vulnerability analyses and risk assessments. Ms. Biringer was actively involved in the development and implementation of most of Sandia’s service-marked Risk Assessment Methodology (RAM) tools for critical infrastructure elements, including dams, high-voltage electric power transmission, chemical facilities, communities, and energy. She has served as a subject matter expert for security risk on review panels for the Department of Homeland Security’s National Centers of Excellence. Her other primary research area is the development of methodologies for the assessment and mitigation of the insider threat.

Dr. Eric D. Vugrin is currently a distinguished member of the technical staff in the Resilience and Regulatory Effects Department at Sandia National Laboratories. His primary research interest is the development of analytical tools and methods for infrastructure analysis. Most recently, his research has focused on capability development for vulnerability, consequence, and resilience analysis of chemical supply chains, transportation networks, electrical power systems, and other infrastructure networks. These efforts provided support and guidance to the U.S. Department of Homeland Security’s Infrastructure Protection, Science and Technology, and Policy programs. Prior to his work in the area of infrastructure analysis, he performed risk analyses for complex systems as Sandia’s technical lead for Total Systems Performance Assessment at the Waste Isolation Pilot Plant, the world’s only certified, deep-underground repository for nuclear waste.

Dr. Drake E. Warren was a senior member of technical staff at Sandia National Laboratories until he joined the RAND Corporation as an associate policy researcher in 2011. While at Sandia, he worked on projects across a range of homeland security and national security issues, including projects that assessed the economic impacts of disruptions to industries and infrastructure systems caused by hurricanes, climate change, and other disruptive events. He helped develop frameworks for assessing the resilience and criticality of infrastructure and economic systems and led studies directed toward improving foresight of national security challenges.

Ihre Fragen, Wünsche oder Anmerkungen
Vorname*
Nachname*
Ihre E-Mail-Adresse*
Kundennr.
Ihre Nachricht*
Lediglich mit * gekennzeichnete Felder sind Pflichtfelder.
Wenn Sie die im Kontaktformular eingegebenen Daten durch Klick auf den nachfolgenden Button übersenden, erklären Sie sich damit einverstanden, dass wir Ihr Angaben für die Beantwortung Ihrer Anfrage verwenden. Selbstverständlich werden Ihre Daten vertraulich behandelt und nicht an Dritte weitergegeben. Sie können der Verwendung Ihrer Daten jederzeit widersprechen. Das Datenhandling bei Sack Fachmedien erklären wir Ihnen in unserer Datenschutzerklärung.