Current approaches to securing high consequence facilities (HCF) and critical assets are linear and static and therefore struggle to adapt to emerging threats (e.g., unmanned aerial systems) and changing environmental conditions (e.g., decreasing operational control). The pace of change in technological, organizational, societal, and political dynamics necessitates a move toward codifying underlying scientific principles to better characterize the rich interactions observed between HCF security technology, infrastructure, digital assets, and human or organizational components. The promising results of Laboratory Directed Research and Development (LDRD) 20-0373—“Developing a Resilient, Adaptive, and Systematic Paradigm for Security Analysis”—suggest that when compared to traditional security analysis, invoking multilayer network (MLN) modeling for HCF security system components captures unexpected failure cases and unanticipated interactions.
Protecting high consequence facilities (HCF) from malicious attacks is challenged by today’s increasingly complex, multi-faceted, and interdependent operational environments and threat domains. Building on current approaches, insights from complex systems and network science can better incorporate multidomain interactions observed in HCF security operations. These observations and qualitative HCF security expert data support invoking a multilayer modeling approach for HCF security to shift from a “reactive” to a “proactive” paradigm that better explores HCF security dynamics and resilience not captured in traditional approaches. After exploring these multi-domain interactions, this paper introduces how systems theory and network science insights can be leveraged to describe HCF security as complex, interdependent multilayer directed networks. A hypothetical example then demonstrates the utility of such an approach, followed by a discussion on key insights and implications of incorporating multilayer network analytical performance measures into HCF security.
Performance measures commonly used in systems security engineering tend to be static, linear, and have limited utility in addressing challenges to security performance from increasingly complex risk environments, adversary innovation, and disruptive technologies. Leveraging key concepts from resilience science offers an opportunity to advance next-generation systems security engineering to better describe the complexities, dynamism, and non-linearity observed in security performance—particularly in response to these challenges. This article introduces a multilayer network model and modified Continuous Time Markov Chain model that explicitly captures interdependencies in systems security engineering. The results and insights from a multilayer network model of security for a hypothetical nuclear power plant introduce how network-based metrics can incorporate resilience concepts into performance metrics for next generation systems security engineering.