Publications

Abstract not provided.

Abstract not provided.

Recent examples provide a significant concern for the resilience of the U.S. electric grid and represent a need for enhanced decision-making to address an increasingly wide range of complex system interactions and potential consequences. In response, this LDRD project produced a proof-of-concept evaluation called the Resilience and Hazard Assessment to Prioritize Security Operations for Decisions and Impacts (RHAPSODI) methodology as an agile and flexible analytic framework capable of addressing multiple, diverse threats to desired electric grid performance. After empirically grounding needs for the future of U.S. electric grid resilience, this project employed the systems-theoretic process analysis (STPA) to develop a systems engineering risk model. The results of a completed feasibility study of a notional high voltage transmission system demonstrate an improved ability to incorporate both spatial (e.g., geographically distributed) and temporal (e.g., dynamic and time-dependent) elements of security risk to the gird. The success of this LDRD project provides the foundation for further evolution of the systems engineering risk model for the grid; derivation of quantitative approaches to evaluate risk and resilience performance; facilitation of agile experimenting and grid sensitivity to a range of vulnerabilities; and development of tools to assist decision-makers in enhancing U.S. electrical grid resilience.

Current approaches to securing high consequence facilities (HCF) and critical assets are linear and static and therefore struggle to adapt to emerging threats (e.g., unmanned aerial systems) and changing environmental conditions (e.g., decreasing operational control). The pace of change in technological, organizational, societal, and political dynamics necessitates a move toward codifying underlying scientific principles to better characterize the rich interactions observed between HCF security technology, infrastructure, digital assets, and human or organizational components. The promising results of Laboratory Directed Research and Development (LDRD) 20-0373—“Developing a Resilient, Adaptive, and Systematic Paradigm for Security Analysis”—suggest that when compared to traditional security analysis, invoking multilayer network (MLN) modeling for HCF security system components captures unexpected failure cases and unanticipated interactions.

Systems engineering today faces a wide array of challenges, ranging from new operational environments to disruptive technological — necessitating approaches to improve research and development (R&D) efforts. Yet, emphasizing the Aristotelian argument that the “whole is greater than the sum of its parts” seems to offer a conceptual foundation creating new R&D solutions. Invoking systems theoretic concepts of emergence and hierarchy and analytic characteristics of traceability, rigor, and comprehensiveness is potentially beneficial for guiding R&D strategy and development to bridge the gap between theoretical problem spaces and engineering-based solutions. In response, this article describes systems–theoretic process analysis (STPA) as an example of one such approach to aid in early-systems R&D discussions. STPA—a ‘top-down’ process that abstracts real complex system operations into hierarchical control structures, functional control loops, and control actions—uses control loop logic to analyze how control actions (designed for desired system behaviors) may become violated and drive the complex system toward states of higher risk. By analyzing how needed controls are not provided (or out of sequence or stopped too soon) and unneeded controls are provided (or engaged too long), STPA can help early-system R&D discussions by exploring how requirements and desired actions interact to either mitigate or potentially increase states of risk that can lead to unacceptable losses. This article will demonstrate STPA's benefit for early-system R&D strategy and development discussion by describing such diverse use cases as cyber security, nuclear fuel transportation, and US electric grid performance. Together, the traceability, rigor, and comprehensiveness of STPA serve as useful tools for improving R&D strategy and development discussions. In conclusion, leveraging STPA as well as related systems engineering techniques can be helpful in early R&D planning and strategy development to better triangulate deeper theoretical meaning or evaluate empirical results to better inform systems engineering solutions.

Abstract not provided.

As the frequency and quantities of nuclear material shipments escalate internationally to meet the increased demand for small modular (SMR) and advanced (AR) reactors, the risks and costs associated with shipping activities also likely to increase with them. The primary objective of this study is to evaluate possibilities for risk reduction via avoidability—or, avoiding or reducing the need for nuclear shipments, where possible, either by reducing the frequency or quantities of materials contained in shipments.

Abstract not provided.

Abstract not provided.

Abstract not provided.

Abstract not provided.

Abstract not provided.

Abstract not provided.

Abstract not provided.

Abstract not provided.

Abstract not provided.

Abstract not provided.

Abstract not provided.

The PRO-X program is actively supporting the design of nuclear systems by developing a framework to both optimize the fuel cycle infrastructure for advanced reactors (ARs) and minimize the potential for production of weapons-usable nuclear material. Three study topics are currently being investigated by Sandia National Laboratories (SNL) with support from Argonne National Laboratories (ANL). This multi-lab collaboration is focused on three study topics which may offer proliferation resistance opportunities or advantages in the nuclear fuel cycle. These topics are: 1) Transportation Global Landscape, 2) Transportation Avoidability, and 3) Parallel Modular Systems vs Single Large System (Crosscutting Activity).

Abstract not provided.

Security engineering approaches can often focus on a particular domain—physical security, cyber security, or personnel security, for example. Yet, security systems engineering consistently faces challenges requiring socio-technical solutions to address evolving and dynamic complexity. While some drivers of this complexity stem from complex risk environments, innovative adversaries, and disruptive technologies, other drivers are endogenous and emerge from the interactions across security engineering approaches. In response, INCOSE's Systems Security Working Group identified the need to better coordinate “disparate security solutions [that] operate independently” as one of eleven key concepts in their IS21 FuSE Security Roadmap. From this perspective, this need for “security orchestration” aligns with the perspective that security is a property that emerges from interactions within complex systems. Current efforts at Sandia National Laboratories are developing a systems security engineering approach that describes high consequence facility (HCF) security as a multidomain set of interacting layers. The result is a multilayered network (MLN)-based approach that captures the interactions between infrastructure, physical components, digital components, and humans in nuclear security systems. This article will summarize the MLN-based approach to HCF security and describe two preliminary results demonstrating potential benefits from incorporating interactions across disparate security solutions. Here, leveraging the logical structure of networks, this MLN model-based approach provides an example of how security orchestration provides enhanced systems security engineering solutions.

Abstract not provided.

Abstract not provided.

Abstract not provided.

Abstract not provided.