Terrorism Risk Management Book: Bayesian Networks: Practical Guide Application Edited By : Olivier Pourret Chapter : 14: Authors of the Paper: • David C. Daniels • Linwood D.Hudson • Kathryn B. Laskey • Suzanne M. Mahoney • Bryan S. Ware • Edward J. Wright Introduction The U.S military defines Antiterrorism as the defensive posture taken against terrorist threats Antiterrorism includes ◦ Fostering awareness of potential threats, ◦ Deterring aggressors, ◦ Developing security measures, ◦ Planning for future events, ◦ Prohibition of an event in process and ◦ Mitigating and managing the consequences of an event. A key element of an en effective antiterrorist strategy is evaluating individual sites or assets for terrorist risk Assessing the threat of a terrorist attack requires combining information from multiple disparate sources involving intrinsic uncertainties Terrorism Risk Management due to this inherent uncertainty becomes a natural domain for application of Bayesian Networks Topics Covered Methodologies that have been applied to Terrorism Risk Management Strengths and Weaknesses of each methodology How BN addresses all the weaknesses Description of Site Profiler Installation Security Planner (ISP) suite for risk managers and security planners to evaluate risk of a terrorist attack Software Implementation of Risk Influence Network What is Risk ? Risk: possibility of suffering from any type of harm or loss to individual, organization or entire society Risk Management: Identifying and implementing policies to protect against a risk Degree of Risk: Likelihood of event * Measure of Adverse Effect Measure of Adverse Effect: ◦ Monitory Loss ◦ Non monitory such as death, suffering etc Terrorism Risk Management Methodologies Risk Mnemonics Algebraic Expressions of Risk Risk= Threat *Vulnerability*Consequence Fault Trees Simulations Risk Mnemonics S# Risk Mnemonic Approach Application Drawbacks 1. CARVER (Criticality, Score each Developed by •Non specific Accessibility, factor on a ten US forces to particular Recognizability, point scale and during the Viet threats Vulnerability, Effect and adding the Nam conflict •Labor- Recoverability) scores to optimize intensive targeting of •Non scalable enemy to many assets installations 2. DSHARPP(Demography, Installation Subjective Risk None of these Planner assigns Assessment Susceptibility, History, scores are Accessibility and the score from used by US adjusted based 1 to 5 and Recognizability, Proximity military to on the threat, CARVER : and Population) then the identify the type of target points are assets at or any special Criticality , Accessibility, to summed Recognizability, highest risk of consideration Vulnerability, Effect and Recoverability rank potential terrorist targets attack Algebraic Expressions of Risk S# Risk Mnemonic Approach Application Drawbacks 3. SNJTK (Special Needs An asset based Developed for •Similar to BN Jurisdiction Tool Kit) risk approach DHS by Office approach in that uses of Domestic expert Critical Asset Preparedness judgment but Factors for since threat is evaluation of not considered threat-asset so not a true scenario metric of risk 4. CAPRA (Critical Asset and Five Expert Developed by Though expert Portfolio Risk Analysis) Evaluation University of based it is Phases related Maryland for unclear how to mission asset driven the risk critical approach equation was elements subjected to derived or expert validated judgment using parametric equation Other Approaches Fault Trees: Assumes a threat baseline and uses decision paths to evaluate the probabilities and outcomes of different outcomes e.g OCTAVE Simulations: Focus on the consequences of terrorist attack and most are applicable to specific type of assets and threat scenarios Site Profiler Approach to Terrorism Risk Management An Asset risk management program that has been designed to evaluate the risk of terrorist attack. Methodology employs a knowledge-base Bayesian Network construction to combine evidence from analytical models, simulations, historical data and user judgments Why Site Profiler? Individuality of Risk Scenarios Intrinsic Uncertainty Defensible Methodology Flexibility Modifiability, maintainability and Extensibility Customization Usability Portfolio management Tractability Why Bayesian Networks ? Analytical Method for quantitative assessment of risks Coherent means of combining objective and subjective data Well suited for complex problem solving involving large number of interrelated uncertain variables Logically coherent calculus Tractable algorithms exist for calculating and updating evidential support BN can combine inputs from diverse sources Bayesian Networks for Analyzing Risk Clusters of variables for a particular domain These clusters are used to define BN fragments For example: Clusters of variables corresponding to characteristics of valuable asset. Fragment is created corresponding to the concept of an asset If some uncertain variable is related more than one type of entity we name it relational entity type to representing pairing Each fragment is Manageable and tested independently Risk Influence Network The heart of Site Profiler is Risk Influence Network It is a Bayesian network constructed on a fly from knowledge base of BN Fragments Used to assess relative risk of an attack against an asset by a specific threat Steps Involved Knowledge Representation (MEBN) MEBN is not a computer language such as Java or C++, or an application such as Netica or Hugin. Rather, it is formal system that instantiates first-order Bayesian logic That is, MEBN provides syntax, a set of model construction and inference processes, and semantics that together provide a means of defining probability distributions over unbounded and possibly infinite numbers of interrelated hypotheses. Knowledge-base development Concept Definition: Data Physical and Domain data MFRag for seven type of entities Assets, Threats, Tactics, Weapon systems, Targets, attacks and Attack Consequences Formal Definition and Analysis Subsection review by Experts Scenario Elicitation and Revision Implementation (cRIN and uRIN) Operational Revision Software Implementation Uses Object Oriented Database to manage Mfrag Mfrag: Like a BN, an MFrag contains nodes, which represent Random Variables, arranged in a directed graph whose edges represent direct dependence relationships. Context Nodes Input Nodes Resident Nodes RIN Bayesian Attributes, Objects and Domain Objects RIN Structure The Site Profiler domain objects combine to describe risk Assets and Threats combine to form Targets When targets created from Threat-Asset pair an instance of RIN is created Mfrag for Assets: how critical the asset is to the organization, how desirable to enemy and how soft accessible it is Mfrag for Threats: how plausible the tactic and weapon are, intent of an actor to target, the asset types most likely to target These Risk Elements combine to form the key Nodes for Target: Likelihood of an event, Susceptibility of an asset to an event, the consequences of the event and ultimately risk of the event Conclusion Site Profiler Knowledge-base is essential decision support for assessing terrorist threats BN approaches not found to be selling point Many people ask wrong questions Power of BN comes from ability to ask: What are the factors that make risk high or low?
Pages to are hidden for
"Terrorism Risk Management - CSE655"Please download to view full document