An official website of the European Union How do you know?      
European Commission logo
JRC Publications Repository Menu

Protection of Multiple Assets to Intentional Attacks: A Methodological Framework

cover
Security risk analysis is the term used to describe the analysis of critical facilities in which the initiating events of possible accident sequences are human actions intentionally carried out with the objective of causing harm and/or damage. Several methodologies are available for security risk assessment, which are applicable to different domains. In general, they are characterised by the following phases: 1) Identification of possible adversaries; 2) Identification of possible targets (assets); 3) Vulnerability analysis of the infrastructure; 4) Security Risk Analysis; and 5) Improvement of the protection measures. Generally an installation contains multiple assets that need to be protected. A sequence of attack to a given asset describes the paths the adversary has to follow to reach the target. Protection systems are in place to detect the presence of non-authorised people and to trigger alarms to security forces. Parts of these systems protect different assets. The vulnerability analysis of the installation aims at identifying the weakest point of the protection system that could be exploited by the attackers. This paper describes a methodological approach to implement in particular steps 3-5 of the aforementioned process. Attack scenarios to each asset of interest are identified and modelled by means of event trees and attack trees, which contain different types of events: choice, actions, and protection. At the same time, response trees model the different actions of the security forces to interrupt the attacks. Finally, the concurrent analysis of all attack scenarios is presented, to provide an overall picture of the probability of successful attack and, in turn, the suitability of the security system. Concurrent Importance and Sensitivity Analysis is also performed in order to identify the most critical events and the best cost-effective actions to be implemented to improve the security system performances.
2013-01-17
IPSAM & ESRA
JRC71858
978-1-62276-436-5,   
https://www.psam11.org/www/fi/papers/index.php,    https://publications.jrc.ec.europa.eu/repository/handle/JRC71858,   
NameCountryCityType
Datasets
IDTitlePublic URL
Dataset collections
IDAcronymTitlePublic URL
Scripts / source codes
DescriptionPublic URL
Additional supporting files
File nameDescriptionFile type 
Show metadata record  Copy citation url to clipboard  Download BibTeX
Items published in the JRC Publications Repository are protected by copyright, with all rights reserved, unless otherwise indicated. Additional information: https://ec.europa.eu/info/legal-notice_en#copyright-notice