Caskey, Susan; Keating, Charles B.; Katina, Polinpapilinho F.; Bradley, Joseph M.; Hodge, Richard; Martin, James N.
The purpose of this paper is to explore the concept of ‘enterprise’ in the context of Systems Engineering (SE). The term ‘enterprise’ has been used extensively to generally describe large complex entities that have an extensive scope of operations. However, a deeper examination of ‘enterprise’ significance for SE can provide insights as our challenges continue with increasingly complex, uncertain, ambiguous, and integrated entities struggling to thrive in the future. The paper explores three central topics. First, the concept of enterprise is introduced as a central aspect of the future focus for SE, as recognized in the INCOSE SE Vision 2035. Second, a more detailed examination of the enterprise concept is developed in relationship to SE. The thrust of this examination is to understand the nature and role of ‘enterprise’ across a broad spectrum of literature and knowledge, ultimately providing a more informed perspective of enterprise for SE. As part of this exploration, a bibliometric analysis of the term ‘enterprise’ is performed. This exploration extracts key themes (clusters) in the ‘enterprise’ literature. Third, challenges for further development and inculcation of ‘enterprise’ within the SE discipline and support for realization of the SE 2035 Vision are suggested. These challenges point out the need to ‘think differently’ about ‘enterprise’ within the SE context. ‘Enterprise’ is proposed as a central, albeit different, perspective for the SE discipline. Finally, the paper closes with a first–generation perspective for ‘enterprise’ in pursuit of the SE Vision 2035.
Organizations play a key role in supporting various societal functions, ranging from environmental governance to the manufacturing of goods. Here, the behaviors of organization are impacted by various influences, including information, technology, authority, economic leverage, historical experiences, and external factors, such as regulations. This paper introduces a generalized framework, focused on the relative structure of an organization (tight vs. loose), that can be used to understand how different influence pathways can impact decision-making within differently structured organizations. This generalized framework is then translated into a modeling and simulation platform to support and assess implications of these structural differences in resilience to disinformation (measured by organizational behaviors of timeliness and inclusion of quality information) using a systems dynamics approach Preliminary results indicate that a tightly structured organization may be less timely at processing information but could be more resilient against using poor quality information in organizational decisions compared to a loosely structured organization. Ongoing work is underway to understand the robustness of these findings and to validate current model design activities with empirical insights.
Current approaches to securing high consequence facilities (HCF) and critical assets are linear and static and therefore struggle to adapt to emerging threats (e.g., unmanned aerial systems) and changing environmental conditions (e.g., decreasing operational control). The pace of change in technological, organizational, societal, and political dynamics necessitates a move toward codifying underlying scientific principles to better characterize the rich interactions observed between HCF security technology, infrastructure, digital assets, and human or organizational components. The promising results of Laboratory Directed Research and Development (LDRD) 20-0373—“Developing a Resilient, Adaptive, and Systematic Paradigm for Security Analysis”—suggest that when compared to traditional security analysis, invoking multilayer network (MLN) modeling for HCF security system components captures unexpected failure cases and unanticipated interactions.
This paper explores the utility of organizational system modeling frameworks to provide valuable insight into information flows within organizations and subsequently the opportunities for increasing resilience against disinformation campaigns targeting the system's ability to utilize information within its decision making. Disinformation is a growing challenge for many organizations and in recent years has created delay in decision making. Here the paper has utilized the viable systems model (VSM) to characterize organizational systems and used this approach to outline potential subsystem requirements to promote resilience of the system. The results of this paper can support the development of simulations and models considering the human elements within the system as well as support the development of quantitative measures of resilience.
A significant amount of uncertainty exists regarding potential human exposure to laboratory biomaterials and organisms in Biosafety Level 2 (BSL-2) research laboratories. Computational fluid dynamics (CFD) modeling is proposed as a way to better understand potential impacts of different combinations of biomaterials, laboratory manipulations, and exposure routes on risks to laboratory workers. Here, in this study, we use CFD models to simulate airborne concentrations of contaminants in an actual BSL-2 laboratory under different configurations. Results show that ventilation configuration, sampling location, and contaminant source location can significantly impact airborne concentrations and exposures. Depending on the source location and airflow patterns, the transient and time-integrated concentrations varied by several orders of magnitude. Contaminant plumes from sources located near a return vent (or exhaust like a fume hood or ventilated biosafety cabinet) are likely to be more contained than sources that are further from the exhaust. Having a direct flow between the source and the exhaust (through-flow condition) may reduce potential exposures to individuals outside the air flow path. Designing a BSL-2 room with ventilation and airflow patterns that maximize through-flow conditions to the return/exhaust vents and minimize dispersion and mixing throughout the room is, therefore, recommended. CFD simulations can also be used to assist in characterizing the impacts of supply and return vent locations, room layout, and source locations on spatial and temporal contaminant concentrations. In addition, proper placement of particle sensors can also be informed by CFD simulations to provide additional characterization and monitoring of potential exposures in BSL-2 facilities.
Security assessments support decision-makers' ability to evaluate current capabilities of high consequence facilities (HCF) to respond to possible attacks. However, increasing complexity of today's operational environment requires a critical review of traditional approaches to ensure that implemented assessments are providing relevant and timely insights into security of HCFs. Using interviews and focus groups with diverse subject matter experts (SMEs), this study evaluated the current state of security assessments and identified opportunities to achieve a more "ideal" state. The SME-based data underscored the value of a systems approach for understanding the impacts of changing operational designs and contexts (as well as cultural influences) on security to address methodological shortcomings of traditional assessment processes. These findings can be used to inform the development of new approaches to HCF security assessments that are able to more accurately reflect changing operational environments and effectively mitigate concerns arising from new adversary capabilities.
Community, corporate, and government organizations are being targeted by disinformation attacks at an unprecedented rate. These attacks interrupt the ability of organizations to make high-consequence decisions and can lower their confidence in datasets and analytics. New interdisciplinary research approaches are being actively developed to expand resilience theory applications to organizations, and to determine the metrics and mitigations needed to increase resilience against disinformation. This paper presents initial ideas on adapting resilience methodologies for organizations and disinformation, highlighting key areas that require further exploration in this emerging field of research.
This article presents a global prioritization methodology that evaluates the relative risks of non-state actor acquisition of materials that could be used in chemical, biological, radiological, nuclear and high explosive Weapons of Mass Destruction (WMD) from the country’s relevant infrastructure. Prioritization is based on three domains: 1. Assessing relative scale of materials in each country, 2. The country’s corresponding security posture, and 3. The presence of threat actors. The output is a list of countries prioritized from greatest risk to least. Rather than providing an overall 1 to N ranking, however, the results are placed into tiers based upon their natural groupings within the three domains. The countries in the highest tiers are flagged as potential US national security concern; those scoring in the middle and at the bottom are flagged as posing lower US national security concern. A systematic approach assesses each country by leveraging many disciplines, such as risk and decision analysis, as well as expert judgement. A quantitative value model based on Multi-Attribute Value Theory (MAVT) organizes the objectives scoring criteria into a value tree using lessons learned from previous studies, published literature, and expert judgement. The article presents the prioritization categories and corresponding value model scoring criteria to include measurement type, weight, range, and value preference. Country names and data are notional in order to share the details on the underlying methodology and model without identification of actual security risks. A deliberative process addresses factors external to the model and scrutinizes inputs, methodology, model, and results.
China is endeavoring to build nuclear power plants (NPPs) in numerous countries around the globe - an initiative that has the potential to strengthen Chinas political and economic influences on those countries. This study provides an overview of the situation and considers the issues involved in such partnerships with China. In order to assess Chinas ability to follow through with its agreements, this study also presents a technical review of its NPP production capability.
Protecting high consequence facilities (HCF) from malicious attacks is challenged by today’s increasingly complex, multi-faceted, and interdependent operational environments and threat domains. Building on current approaches, insights from complex systems and network science can better incorporate multidomain interactions observed in HCF security operations. These observations and qualitative HCF security expert data support invoking a multilayer modeling approach for HCF security to shift from a “reactive” to a “proactive” paradigm that better explores HCF security dynamics and resilience not captured in traditional approaches. After exploring these multi-domain interactions, this paper introduces how systems theory and network science insights can be leveraged to describe HCF security as complex, interdependent multilayer directed networks. A hypothetical example then demonstrates the utility of such an approach, followed by a discussion on key insights and implications of incorporating multilayer network analytical performance measures into HCF security.
Resilience has been defined as a priority for the US critical infrastructure. This paper presents a process for incorporating resiliency-derived metrics into security system evaluations. To support this analysis, we used a multi-layer network model (MLN) reflecting the defined security system of a hypothetical nuclear power plant to define what metrics would be useful in understanding a system's ability to absorb perturbation (i.e., system resilience). We defined measures focusing on the system's criticality, rapidity, diversity, and confidence at each network layer, simulated adversary path, and the system as a basis for understanding the system's resilience. For this hypothetical system, our metrics indicated the importance of physical infrastructure to overall system criticality, the relative confidence of physical sensors, and the lack of diversity in assessment activities (i.e., dependence on human evaluations). Refined model design and data outputs will enable more nuanced evaluations into temporal, geospatial, and human behavior considerations. Future studies can also extend these methodologies to capture respond and recover aspects of resilience, further supporting the protection of critical infrastructure.
Performance measures commonly used in systems security engineering tend to be static, linear, and have limited utility in addressing challenges to security performance from increasingly complex risk environments, adversary innovation, and disruptive technologies. Leveraging key concepts from resilience science offers an opportunity to advance next-generation systems security engineering to better describe the complexities, dynamism, and non-linearity observed in security performance—particularly in response to these challenges. This article introduces a multilayer network model and modified Continuous Time Markov Chain model that explicitly captures interdependencies in systems security engineering. The results and insights from a multilayer network model of security for a hypothetical nuclear power plant introduce how network-based metrics can incorporate resilience concepts into performance metrics for next generation systems security engineering.
Individuals infected with SARS-CoV-2, the virus that causes COVID-19, may be infectious between 1-3 days prior to symptom onset. People may delay seeking medical care after symptom development due to multiple determinants of health seeking behavior like availability of testing, accessibility of providers, and ability to pay. Therefore, understanding symptoms in the general public is important to better predict and inform resource management plans and engage in reopening. As the influenza season looms, the ability to differentiate between clinical presentation of COVID-19 and seasonal influenza will also be important to health providers and public health response efforts. This project has developed an algorithm that when used with captured syndromic trends can help provide both differentiation to various influenza-like illnesses (ILI) as well as provide public health decision makers a better understanding regarding spatial and temporal trends. This effort has also developed a web-based tool to allow for the capturing of generalized syndromic trends and provide both spatial and temporal outputs on these trends. This page left blank
To date, chemical security education practices in postsecondary institutions are poorly understood. The purpose of this study is to provide an initial understanding of the practices, attitudes, and barriers toward chemical security education for undergraduate and graduate programs in the United States (US) by surveying representatives of American Chemical Society (ACS)-approved programs. All programs with ACS-approved undergraduate chemistry programs (n = 691) were contacted for participation: 21% (n = 148) fully completed and 6% (n = 41) partially completed the survey for a combined total of 27% complete and/or partially complete surveys (n = 189). We observed that most programs currently teach chemical safety (undergraduate >99%, graduate 73%); however, only about one-third of programs teach chemical security at any education level (undergraduate 32%, graduate 34%). We also observed that safety education is provided more frequently than security education. Further, ACS-approved programs reported that their chemical safety culture was stronger than chemical security culture and felt that safety should be taught differently than security. The overwhelming majority of respondents (96%) indicated that chemical safety should be mandatory at some level, while only about half of respondents (57%) indicated that chemical security should be mandatory at some level. More efforts are needed by the chemistry community to raise awareness of the importance of chemical security education so that more institutions commit to training their faculty and students on the topic. The authors suggest that adoption of chemical security education could be increased if ACS were to advocate for chemical security by including it in its guidelines for educational program approval.
Sandia National Laboratories currently has 27 COVID-related Laboratory Directed Research & Development (LDRD) projects focused on helping the nation during the pandemic. These LDRD projects cross many disciplines including bioscience, computing & information sciences, engineering science, materials science, nanodevices & microsystems, and radiation effects & high energy density science.
This report summarizes the work performed as part of a Laboratory Directed Research and Development project focused on evaluating and mitigating risk associated with biological dual use research of concern. The academic and scientific community has identified the funding stage as the appropriate place to intervene and mitigate risk, so the framework developed here uses a portfolio-level approach and balances biosafety and biosecurity risks, anticipated project benefits, and available mitigations to identify the best available investment strategies subject to cost constraints. The modeling toolkit was designed for decision analysis for dual use research of concern, but is flexible enough to support a wide variety of portfolio-level funding decisions where risk/benefit tradeoffs are involved. Two mathematical optimization models with two solution methods are included to accommodate stakeholders with varying levels of certainty about priorities between metrics. An example case study is presented.
Rinderpest is a virus that can affect cattle and other even toes ungulates; evidence of outbreaks from over 10,000 years ago highlights the potential impact of this virus. During the 18th century, Rinderpest caused huge losses in cattle throughout Europe. Starting in the mid 1900’s vaccination efforts seemed feasible and work was initiated to vaccinate large populations of cattle. Walter Plowright received numerous awards for updating the Rinderpest vaccine which many believed would be the key to eradication. Vaccination of the disease lead to a massive drop in outbreaks and the last confirmed case of Rinderpest in Asia was in 2000 and in Africa in 2001.1 At this point, Rinderpest has been declared eradicated from nature. However, stocks of the virus are still in many laboratories.2 Rinderpest was investigated as a biological weapon agent during the Second World War. However, following WWII, rinderpest was not considered a high risk as a biological weapon as there was no direct military advantage. Now, with the concern of the use of biological agents as weapons in acts of terrorism, concern regarding rinderpest has resurfaced. Since the eradication of this virus, cattle populations are highly susceptibility to the virus and the economic impacts would be significant. This paper will discuss the specific nature of the terrorism risks associated with rinderpest; and based upon those risks provide recommendations regarding biosecurity management. The biosecurity management measures will be defined in a manner to align with the CWA 15793: the laboratory biorisk management document.
Laboratories that work with biological agents need to manage their safety risks to persons working the laboratories and the human and animal community in the surrounding areas. Biosafety guidance defines a wide variety of biosafety risk mitigation measures, which include measures which fall under the following categories: engineering controls, procedural and administrative controls, and the use of personal protective equipment; the determination of which mitigation measures should be used to address the specific laboratory risks are dependent upon a risk assessment. Ideally, a risk assessment should be conducted in a manner which is standardized and systematic which allows it to be repeatable and comparable. A risk assessment should clearly define the risk being assessed and avoid over complication.
Wireless networking can provide a cost effective and convenient method for installing and operating an unattended or remote monitoring system in an established facility. There is concern, however, that wireless devices can interfere with each other and with other radio systems within the facility. Additionally, there is concern that these devices add a potential risk to the security of the network. Since all data is transmitted in the air, it is possible for an unauthorized user to intercept the data transmissions and/or insert data onto the network if proper security is not in place. This paper describes a study being undertaken to highlight the benefits of wireless networking, evaluate interference and methods for mitigation, recommend security architectures, and present the results of a wireless network demonstration between Sandia National Laboratories (SNL) and the Joint Research Centre (JRC).
Wireless networking using the IEEE 802.11standards is a viable alternative for data communications in safeguards applications. This paper discusses the range of 802.11-based networking applications, along with their advantages and disadvantages. For maximum performance, safety, and security, Wireless networking should be implemented only after a comprehensive site survey has determined detailed requirements, hazards, and threats.
