for Physical Security
Violence, vandalism, and terrorism are prevalent in the world today. Managers and decision-makers must have a reliable way of estimating risk to help them decide how much security is needed at their facility. A risk assessment methodology has been refined by Sandia National Laboratories to assess risk at various types of facilities including US Mints and federal dams. The methodology is based on the traditional risk equation:
Risk = PA * (1 - PE) * C,
PA is the likelihood of adversary attack,
PE is security system effectiveness,
1 - PE is adversary success, and
C is consequence of loss to the attack.
The process begins with a characterization of the facility including identification of the undesired events and the respective critical assets. Guidance for defining a design basis threat is included, as well as for using the definition of the threat to estimate the likelihood of adversary attack at a specific facility. Relative values of consequence are estimated. Methods are also included for estimating the effectiveness of the security system against the adversary attack. Finally, risk is calculated. In the event that the value of risk is deemed to be unacceptable (too high), the methodology addresses a process for identifying and evaluating security system upgrades in order to reduce risk.
Likelihood of attack
Note: Each critical infrastructure (CI) follows a RAM process developed specifically for that CI. This white paper provides a general discussion of the RAM approach and does not address the differences between the different RAMs.
An analysis methodology has been used to assess the vulnerability of physical protection systems for facilities. Figure 1 describes the order and sequence of the seven basic steps of the methodology. 1. Facility Characterization
An initial step in security system analysis is to characterize the facility operating states and conditions. This step requires developing a thorough description of the facility itself (the location of the site boundary, building locations, floor plans, and access points). A description of the processes within the facility is also required, as well as identification of any existing physical protection features. This information can be obtained from several sources, including facility design blueprints, process descriptions, safety analysis reports, environmental impact statements, and site surveys. Figure 1. Steps in the Analysis Methodology
2. Undesired Events/Critical Assets Identification
Undesired Events- The undesired events must be established. Undesired events result in undesired consequences. Undesired events are site-specific and have adverse impacts on public health and safety, the environment, assets, mission, and publicity.
Critical Assets- The adversary could cause each undesired event to occur in several ways. A structured approach is needed to identify critical components for prevention of the undesired events. A logic model, like a fault tree, can be used to identify the critical components. The critical components and their locations become the critical assets to protect. Figure 2 is the top-level portion of a generic fault tree for facilities.
3. Consequence Determination
The next step is to categorize undesired events or loss of critical assets. The proposed categories of consequences are similar to those used by the Department of Defense per Military Standard 882C. Yes
Characterize F acility
Events & C ritical Assets
Determine C onsequences
Analyze P rotection
Upgrade the System
The consequence values and categories are described in Table 1. The goal is to estimate the relative consequence value associated with each undesired event....