Kenneth G. Crowther

Risk Analysis in Interdependent Infrastructures

Human activities are defined and influenced by interdependent engineered and socioeconomic systems. In particular, the global economy is increasingly dependent on an interconnected web of infrastructures that permit hitherto unfathomable rates of information exchange, commodity flow and personal mobility. The interconnectedness and interdependencies exhibited by these infrastructures enable them to provide the quality of life to which we have become accustomed and, at the same time, expose seemingly robust and secure systems to risk to which they would otherwise not be subjected. This paper examines several analytical methodologies for risk assessment and management of interdependent macroeconomic and infrastructure systems. They include models for estimating the economic impact of disruptive events, describing complex systems from multiple perspectives, combining sparse data to enhance estimation, and assessing the risk of cyber attack on process control systems.

Decentralized risk management for strategic preparedness of critical infrastructure through decomposition of the inoperability input–output model

Abstract Recent disasters and terrorist attacks have increased the demand on the US government in assuring the safety and reliability of the nation’s critical infrastructure. The response of the US Department of Homeland security, as set forth by the National Infrastructure Protection Plan (NIPP) is to decentralize much of the risk assessment and strategic decision-making processes to the owners and operators of the critical infrastructure. Although, this decentralization method has many advantages, it may provide a solution that is inferior to a comprehensive centralized approach. This manuscript develops a multi-objective strategic preparedness problem that is constrained by distinctive model features of an interdependent, regional socio-economic system. The model is a generalization of the nation’s critical infrastructure protection problem that focuses on commodity transaction between economic sectors. The strategic preparedness problem is solved by various decomposition methods, to illustrate the complexity of a decentralized risk management process of a system that is pregnant with interdependencies. The Inoperability Input–Output Model is core to the preparedness problem of this manuscript, and provides a rich database and modeling paradigm to support the study of regional interdependent economies. Derived from a Nobel Prize-winning W. Leontief economic model, and built on Bureau of Economic Analysis (BEA) data, the IIM is a quick, inexpensive, holistic method for estimating economic impacts and sector interdependencies. The IIM is useful as a part of a larger multi-objective decision model used in this paper to analyze the process of decentralized strategic preparedness. This paper develops a general ability to quantify system trade-offs between objectives of preparedness decisions, by embedding the IIM into a multi-objective risk management model for strategic preparedness. Through decomposition of the multi-objective strategic preparedness model constructed around the IIM, we analytically calculate the trade-offs between preparedness costs and economic resilience of regions from existing regional economic data, and provide insights into the decentralized risk management process.

Quantitative assessment of cyber security risk using bayesian network-based model

This paper proposes a quantitative model for assessing cyber security risk in information security. The model can be used to evaluate the security readiness of firms in the marketplace through qualitative and quantitative tools. We propose a Bayesian network methodology that can be used to generate a cyber security risk score that takes as input a firms security profile and data breach statistics. The quantitative model enables cyber risk to be captured in a precise and comparable fashion. The objective of the scoring model is to create a common reference in the marketplace that could enhance incentives for firms to invest and improve their security systems. This paper concludes with a demonstration of scoring an intrusion detection network.

Understanding and Overcoming Information Sharing Failures

Abstract Despite improved data interoperability, common digital architectures, and massive connected digital networks, the same failures of information sharing occur again and again. This paper reviews the information sharing failures that caused or exacerbated major catastrophes – the attack on Pearl Harbor, the 9/11 terrorist attacks, and Hurricane Katrina. An analysis of these failures reveals that they fall into only a couple of categories that reflect how organizations partner, communicate, synthesize, or make decisions. The results prompt a redefining of information sharing to capture these broader system notions, furthermore provides a foundation for identifying and explaining historic forms of collaboration that have led to both failures and successes. This paper also reviews the common information sharing safeguards that lead to shared understanding and collaborative outcomes. We map these safeguards against the failures for developing collaboration strategies, and classify them according to six basic systems engineering categories of governance, processes, operations, acceptance, performance measurement, and resource management. Our study of information sharing activities finds that some safeguards like oversight mechanisms or stakeholder management processes are more essential than others. These principles direct evaluation of information sharing activities to prevent these failures in future responses to complex threats.

Risk-informed assessment of regional preparedness: A case study of emergency potable water for hurricane response in Southeast Virginia

Abstract Decisionmakers need to understand the degree to which information-based decision processes affect the capabilities of a region to absorb the impact of a disaster and to respond and recover within an acceptable envelope of time and cost. This paper explores the modeling of a region as a system that has imperfect information about itself and an imperfect ability to discern its future infrastructure conditions. The paper illustrates this system-modeling paradigm with a data-based example of how emergency potable water was supplied as part of hurricane response in Southeastern Virginia. In this example, results indicate that prepositioning potable water supplies can result in savings in excess of one million dollars per forecast and can affect as much as one-third of the regional population. Moreover, the capacity of the region to respond to imperfect information and to reduce risk of both response costs and persons impacted can be achieved through strategic preparedness methods that change the decision-processing capability of the region. The major purpose of this paper is to demonstrate the importance of information and information processes in evaluating regional risk and capability and to emphasize the need for simultaneous evaluation of response and preparedness.

Risk-based airport selection for runway safety assessments through the development and application of systems-driven prioritization methodologies

A runway incursion is the erroneous presence of an aircraft or other object on the runway. Runway incursions are rare precursors to aviation accidents and result from a variety of complex factors. Current quantitative methods are inadequate for analysis, forecasting, and understanding the risk profiles of airports. The Federal Aviation Administration (FAA) biennially employs runway safety action teams (RSATs) to evaluate airports with the aim of reducing runway incursions. This manuscript describes the development of a decision-making tool that combines systems methodologies to help the FAA select airports at which employing RSATs would be the most beneficial for the reduction of collision risk. These methodologies include hierarchical Bayesian modeling (HBM) and analytic hierarchy process (AHP).

Principles for Better Information Security through More Accurate, Transparent Risk Scoring

This paper explores approaches for scoring information security risk that could lead to investment drivers and drive appropriate levels of security. Our approach is grounded on two important factors that determine cyber risk: (1) the information security resources (e.g., technologies, skills, and policies) that reduce the likelihood and consequences of successful information exploits; and (2) the security processes and capabilities that drive a continuous improvement of the security resources in use. The quality of a cyber defense system is the result of the integration of these two factors. This manuscript proposes such a two-factor hierarchical system of scoring, details candidate measures, and explores economic conditions for selecting appropriate measures. We review several scoring systems available that contain elements from this proposed system and discuss conditions for market adoption of information security scoring.

Collaborative risk-based preparedness for pandemic influenza in Southeastern Virginia

There is consensus among preparedness experts, including epidemiologists, that another influenza pandemic is imminent (R.I. Webby and R.G. Webster, 2003). An influenza pandemic is a worldwide spread of a new, highly contagious strain of flu where little or no immunity exists and a vaccine is unavailable. The development of a preparedness plan before the next pandemic outbreak is vital because past pandemics have led to millions of American casualties and substantial economic losses. This project develops a set of risk mitigation strategies in the form of mask distribution for reducing the impact of an influenza outbreak in the Hampton Roads Planning District (HRPD). The project found a significant reduction in illnesses, hospitalizations, deaths, worker absenteeism, economic losses and medical surge for all strategies. However, an analysis of regional supply concludes that only partial mask strategies are feasible.

Risk-informed assessment of Scott Stadium evacuation through agent-based simulation

The risk of personal injury from lightning and other threats is increasing without being consistently addressed through continuous improvement of evacuation operations. Three major factors contribute to this growing risk. First, natural and man-made disasters (e.g., lightning storms) remain a constant threat. Second, stadium expansion, renovation, and increased utilization allow more spectators at a greater number of events, which amplifies nation-wide exposure to both natural and man-made disasters. Third, evacuation and disaster management plans are quite complex because they require the coordination of spectators, ushers, managers, police officers, firefighters, medical teams, and athletes, among others, and do not always keep up with the changes to stadium or community emergency management procedures. Analysts are increasingly able to capture certain individual and crowd behaviors through simulation. Our team has constructed a simulation by section, ensuring the quality and correctness of the utilized computer drawings and making corrections as necessary to build a valid model. Through analysis of individual subsections of the stadium, we have noticed that 99% of the attendees within the 70 sections of a total of approximately 60,000 people evacuated in about 19 minutes, with 50% of the population evacuated in 6 minutes and 95% of the population evacuated within 15 minutes. The full capacity evacuation started with evacuees in the stands, and the first evacuees reached the exits within the first minute.

Letter to the editor. On the local sensitivity analysis of the inoperability input-output model.

In his Perspective article in the July 2011 issue titled “On the Local Sensitivity Analysis of the Inoperability Input-Output Model” (hereafter cited as Percoco(1)), Professor Percoco proposes an extension of the inoperability input-output model (IIM) “to map the technologically most important sectors [of the economy] through so-called fields of influence. In the present note we aim to show that this important measure also has a clear connection with local sensitivity analysis theory.” By citing seven technical papers on the IIM and its extensions co-authored by the responders below, the author covers in his article interesting and valuable perspectives related to the local sensitivity of the IIM and its extensions; however, the author misses important attributes that compensate for the local sensitivity of the IIM—only three of which are addressed below.