Publications

Abstract not provided.

The US is currently on the brink of a nuclear renaissance that will result in near-term construction of new nuclear power plants. In addition, the Department of Energy’s (DOE) ambitious new Global Nuclear Energy Partnership (GNEP) program includes facilities for reprocessing spent nuclear fuel and reactors for transmuting safeguards material. The use of nuclear power and material has inherent safety, security, and safeguards (SSS) concerns that can impact the operation of the facilities. Recent concern over terrorist attacks and nuclear proliferation led to an increased emphasis on security and safeguard issues as well as the more traditional safety emphasis. To meet both domestic and international requirements, nuclear facilities include specific SSS measures that are identified and evaluated through the use of detailed analysis techniques. In the past, these individual assessments have not been integrated, which led to inefficient and costly design and operational requirements. This report provides a framework for a new paradigm where safety, operations, security, and safeguards (SOSS) are integrated into the design and operation of a new facility to decrease cost and increase effectiveness. Although the focus of this framework is on new nuclear facilities, most of the concepts could be applied to any new, high-risk facility.

Abstract not provided.

Abstract not provided.

Abstract not provided.

Abstract not provided.

Abstract not provided.

Abstract not provided.

LinguisticBelief is a Java computer code that evaluates combinations of linguistic variables using an approximate reasoning rule base. Each variable is comprised of fuzzy sets, and a rule base describes the reasoning on combinations of variables fuzzy sets. Uncertainty is considered and propagated through the rule base using the belief/plausibility measure. The mathematics of fuzzy sets, approximate reasoning, and belief/ plausibility are complex. Without an automated tool, this complexity precludes their application to all but the simplest of problems. LinguisticBelief automates the use of these techniques, allowing complex problems to be evaluated easily. LinguisticBelief can be used free of charge on any Windows XP machine. This report documents the use and structure of the LinguisticBelief code, and the deployment package for installation client machines.

In 2005, a group of international decision makers developed a manual process for evaluating terrorist scenarios. That process has been implemented in the approximate reasoning Java software tool, LinguisticBelief, released in FY2007. One purpose of this report is to show the flexibility of the LinguisticBelief tool to automate a custom model developed by others. LinguisticBelief evaluates combinations of linguistic variables using an approximate reasoning rule base. Each variable is comprised of fuzzy sets, and a rule base describes the reasoning on combinations of variables fuzzy sets. Uncertainty is considered and propagated through the rule base using the belief/plausibility measure. This report documents the evaluation and rank-ordering of several example terrorist scenarios for the existing process implemented in our software. LinguisticBelief captures and propagates uncertainty and allows easy development of an expanded, more detailed evaluation, neither of which is feasible using a manual evaluation process. In conclusion, the Linguistic-Belief tool is able to (1) automate an expert-generated reasoning process for the evaluation of the risk of terrorist scenarios, including uncertainty, and (2) quickly evaluate and rank-order scenarios of concern using that process.

Abstract not provided.

Abstract not provided.

Risk consists of the likelihood of an event combined with the consequence ofthat event. There is uncertainty associated with an estimate of risk for an event that may happen in the future. For random, "dumb" events, such as an earthquake, this uncertainty is aleatory (stochastic) in nature and can be addressed with the probability measure of uncertainty. A terrorist act is not a random event; it is an intentional act by a thinking malevolent adversary. Much of the uncertainty in estimating the risk of a terrorist act is epistemic (state of knowledge); the adversary knows what acts will be attempted, but we as a defender have incomplete knowledge to know those acts with certainty. To capture the epistemic uncertainty in evaluating the risk from acts of terrorism, we have applied the belief/plausibility measure of uncertainty from the Dempster/Shafer Theory of Evidence. Also, to address how we as a defender evaluate the selection of scenarios by an adversary, we have applied approximate reasoning with fuzzy sets. We have developed software to perform these evaluations. © 2006 IEEE.

Abstract not provided.

Assessing the risk of malevolent attacks against large-scale critical infrastructures requires modifications to existing methodologies that separately consider physical security and cyber security. This research has developed a risk assessment methodology that explicitly accounts for both physical and cyber security, while preserving the traditional security paradigm of detect, delay, and respond. This methodology also accounts for the condition that a facility may be able to recover from or mitigate the impact of a successful attack before serious consequences occur. The methodology uses evidence-based techniques (which are a generalization of probability theory) to evaluate the security posture of the cyber protection systems. Cyber threats are compared against cyber security posture using a category-based approach nested within a path-based analysis to determine the most vulnerable cyber attack path. The methodology summarizes the impact of a blended cyber/physical adversary attack in a conditional risk estimate where the consequence term is scaled by a ''willingness to pay'' avoidance approach.

Abstract not provided.

Risk from an act of terrorism is a combination of the likelihood of an attack, the likelihood of success of the attack, and the consequences of the attack. The considerable epistemic uncertainty in each of these three factors can be addressed using the belief/plausibility measure of uncertainty from the Dempster/Shafer theory of evidence. The adversary determines the likelihood of the attack. The success of the attack and the consequences of the attack are determined by the security system and mitigation measures put in place by the defender. This report documents a process for evaluating risk of terrorist acts using an adversary/defender model with belief/plausibility as the measure of uncertainty. Also, the adversary model is a linguistic model that applies belief/plausibility to fuzzy sets used in an approximate reasoning rule base.

Abstract not provided.

Abstract not provided.

Abstract not provided.

Abstract not provided.

Abstract not provided.