Functional quantitative security risk analysis (QSRA) to assist in protecting critical process infrastructureFunctional quantitative security risk analysis (QSRA) to assist in protecting critical process infrastructure
Staalduinen, van, Mark Adrian
Faculty of Applied Economics
Reliability engineering and system safety. - Barking
157(2017), p. 23-34
This article proposes a quantitative security risk assessment methodology that can assist management in the decision-making process where and when to protect critical assets of a chemical facility. An improvement upon previous work is the approach of conducting concurrent Threat and Vulnerability Assessments, as opposed to a sequential approach. Furthermore, this method introduces a Bow Tie risk model mapped into a Bayesian Network model that allows for various logical relaxation assumptions to be applied. Different uncertainty relaxation approaches such as Noisy-OR and Leaky Noisy-OR and Noisy-AND are tested to improve Threat and Vulnerability likelihood. Finally, integrating threat/vulnerability likelihood with potential losses, the security risk is quantified. The potential security countermeasures are characterized into either decreasing vulnerability or decreasing threat likelihood and are reassessed considering a cost analysis. A theoretical case study is conducted to exemplify the execution and application of the proposed method.