Approaches and Tools to Quantifying Facility Security Risk. Steve Fogarty, CSO

Similar documents
How AlienVault ICS SIEM Supports Compliance with CFATS

Transportation Security Risk Assessment

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

Department of Homeland Security

Critical Infrastructure Security Vulnerability Assessment. A New Approach. Norman Bird - Senior Technical Lead - Nuclear Security

Continuous protection to reduce risk and maintain production availability

Presented by Joe Burns Kentucky Rural Water Association July 19, 2005

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

Advanced IT Risk, Security management and Cybercrime Prevention

Security in a Converging IT/OT World

Summary of Cyber Security Issues in the Electric Power Sector

To Audit Your IAM Program

Illinois Cyber Navigator Program

Courses. X E - Verify that system acquisitions policies and procedures include assessment of risk management policies X X

UNCLASSIFIED. R-1 ITEM NOMENCLATURE PE D8Z: Data to Decisions Advanced Technology FY 2012 OCO

An Update on Security and Emergency Preparedness Standards for Utilities

DEVELOP YOUR TAILORED CYBERSECURITY ROADMAP

Cybersecurity Presidential Policy Directive Frequently Asked Questions. kpmg.com

The Perfect Storm Cyber RDT&E

Building Resilience in a Digital Enterprise

Meeting PCI DSS 3.2 Compliance with RiskSense Solutions

ELECTRICAL ENGINEERING & INSTRUMENTATION MECHANICAL ENGINEERING BIOLOGICAL & INDUSTRIAL ENGINEERING NUCLEAR ENGINEERING STRUCTURAL & CIVIL

Executive summary. by Michel Bonnet, Maximilien Laforge, and Jean-Baptiste Samuel

Impact of Enterprise Security Risk Assessments on Integrators & Manufacturers. J. Kelly Stewart Steve Oplinger James Marcella

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

Robert Hayes Senior Director Microsoft Global Cyber Security & Data Protection Group

UNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO

PATHWAYS TO INNOVATION IN DISASTER RISK MANAGEMENT. Paolo Venturoni CEO European Organisation For Security 4 th June 2018

NCSF Foundation Certification

Department of Management Services REQUEST FOR INFORMATION

CA Security Management

Securing Data Centers: The Human Element

Compliance with ISPS and The Maritime Transportation Security Act of 2002

whitepaper How to Measure, Report On, and Actually Reduce Vulnerability Risk

Future Grid Initiative Technology Challenges in Designing the Future Grid to Enable Sustainable Energy Systems

Chapter 1. Chapter 2. Chapter 3

Instrumentation, Controls, and Automation - Program 68

Nuclear Power Plant Security

A Practical Guide to Avoiding Disasters in Mission-Critical Facilities. What is a Disaster? Associated Business Issues.

CERT C++ COMPLIANCE ENFORCEMENT

EPRO. Electric Infrastructure Protection Initiative EPRO BLACK SKY SYSTEMS ENGINEERING PROCESS

Reinvent Your 2013 Security Management Strategy

NERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS

Improved Situational Awareness with OSIsoft PI for the U.S. Nuclear Regulatory Commission (NRC)

Executive Order on Coordinating National Resilience to Electromagnetic Pulses

THE WHITE HOUSE. Office of the Press Secretary. EMBARGOED UNTIL DELIVERY OF THE PRESIDENT'S February 12, 2013 STATE OF THE UNION ADDRESS

MIS5206-Section Protecting Information Assets-Exam 1

ARC VIEW. Critical Industries Need Active Defense and Intelligence-driven Cybersecurity. Keywords. Summary. By Sid Snitkin

A Survival Guide to Continuity of Operations. David B. Little Senior Principal Product Specialist

ARC VIEW. Critical Industries Need Continuous ICS Security Monitoring. Keywords. Summary. By Sid Snitkin

An Operational Cyber Security Perspective on Emerging Challenges. Michael Misumi CIO Johns Hopkins University Applied Physics Lab (JHU/APL)

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

TEL2813/IS2820 Security Management

UNCLASSIFIED. UNCLASSIFIED Office of Secretary Of Defense Page 1 of 8 R-1 Line #18

CYBERSECURITY MATURITY ASSESSMENT

UNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO

HP Fortify Software Security Center

RiskSense Attack Surface Validation for IoT Systems

Symantec Data Center Transformation

How Boards use the NIST Cybersecurity Framework as a Roadmap to oversee cybersecurity

Advanced Security Tester Course Outline

Disaster Recovery and Business Continuity Planning (Mile2)

NRC INSPECTION MANUAL MANUAL CHAPTER 0609

ALIGNING CYBERSECURITY AND MISSION PLANNING WITH ADVANCED ANALYTICS AND HUMAN INSIGHT

Chapter X Security Performance Metrics

Integrated Consortium of Laboratory Networks (ICLN) Brief to the NPDN National Meeting

STANDARD ELECTRIC UNIVERSITY

Internet of Things. Internet of Everything. Presented By: Louis McNeil Tom Costin

Cyber Attacks & Breaches It s not if, it s When

UNCLASSIFIED FY 2016 OCO. FY 2016 Base

Solutions Technology, Inc. (STI) Corporate Capability Brief

If you were under cyber attack would you ever know?

Today s cyber threat landscape is evolving at a rate that is extremely aggressive,

Balancing Compliance and Operational Security Demands. Nov 2015 Steve Winterfeld

How To Reduce the IT Budget and Still Keep the Lights On

FDA & Medical Device Cybersecurity

Chemical Facility Anti- Terrorism Standards

Reachback: A Crucial Cross-cutting Element of Nuclear Security Detection Architecture

Boundary Security. Innovative Planning Solutions. Analysis Planning Design. criterra Technology

UNCLASSIFIED. FY 2016 Base FY 2016 OCO

Cyber Security Requirements for Supply Chain. June 17, 2015

Critical Infrastructure Resilience

Security and Privacy Governance Program Guidelines

Cybersecurity, safety and resilience - Airline perspective

A HOLISTIC APPROACH DRIVING BETTER OUTCOMES.

Security Management Models And Practices Feb 5, 2008

IP Risk Assessment & Loss Prevention By Priya Kanduri Happiest Minds, Security Services Practice

BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE

The contribution of ETSON to improved emergency preparedness in the light of the Fukushima NPS accident

Risk Informed Cyber Security for Nuclear Power Plants

Cybersecurity. Securely enabling transformation and change

THE POWER OF TECH-SAVVY BOARDS:

the SWIFT Customer Security

Chapter X Security Performance Metrics

NEXT GENERATION SECURITY OPERATIONS CENTER

Cybersecurity: Incident Response Short

Operationalizing Cyber Security Risk Assessments for the Dams Sector

OPTIMIZATION OF ACTIVITIES TO IMPROVE THE NUCLEAR MATERIAL AND FACILITIES SECURITY

Canadian Chemical Engineering Conference Edmonton, Alberta October 30, 2007

STAY ONE STEP AHEAD OF THE CRIMINAL MIND. F-Secure Rapid Detection & Response

Transcription:

Approaches and Tools to Quantifying Facility Security Risk Steve Fogarty, CSO

ARES Security Corporation ARES is a high-performing Technology Solutions provider with more than 20 offices around the world. Certified and accredited products that have performed by identifying over $5M in cost avoidance for multiple users Product management that supports over 200 accounts with more than 4,500 users worldwide Product development that is CMMI Level 3 certified Aggressive roadmap supported by over $1M in yearly IRAD Extensive multi-industry perspective 2

ARES provides technology to Protect the Worlds Most Critical Assets. DECISION SUPPORT SOFTWARE for assessing threats and vulnerabilities while optimizing security budgets INTERACTIVE TRAINING SIMULATOR without the expense, site disruption, danger, or potential security concerns of conventional training ADVANCED CYBER security analysis to identify vulnerabilities and threats earlier and provide a better response to attacks ENHANCED SITUATIONAL AWARENESS and sensor correlation to better manage response and operations. 3

Computer-based Modeling & Simulation for Security Security Modeling Security Simulation Facility Characterization Site Layout Infrastructure Security layers Elevation / Terrain Barrier Systems Perimeter structure Barriers Delay systems Detection Systems Sensors & cameras Command / control Communications Response Force Patrol & response Capabilities Training Analysis of Alternatives Define Scenario Threat capabilities Targets Site Conditions Sensitivity (counterfactual) Analysis Constructive Simulation Attack planning or vulnerability Overall system response to attack Determine KPIs: system effectiveness, detections, interruption, neutralization Virtual Simulation Response of real and virtual agents to scenario Compare human response to anticipated/optimal response Determine KPIs: exposure and response time, neutralization given response Decision Metrics Baseline Option A Option B Option C Effectiveness Cost 4

Facility Characterization: Model Building Virtual Model Expectations 3D geometric representation (i.e., solid model) of the exterior of the facility as well as interiors of critical areas such as reactor building and fuel storage. Realistic visual representation overlayed (i.e., textured ) on geometric representation 3D Solid Model Textured Model

Facility Characterization: Security Laydown Expectations Those entering security configuration data (both technology and personnel) into the model are typically different than those that built the model geometry/texturing. Knowledge and expertise resides within the security professionals at the site, so they are ideally suited to provide the laydown of the security Tools should provide straightforward user interface with guided steps for common activities (e.g., wizards). Easiest if quantification/simulation engine connects directly to the tools used for laydown

System Performance Data Tool(s) leverage performance data from NRC, DOE, and DoD to assess the system effectiveness of physical protection at their facilities Library of performance data for protective measures used at nuclear facilities Performance data includes: terrains, detection tools, vehicles/platforms, weapons, barrier systems, environmental conditions, armor, equipment, security access, etc. 7

Perform Evaluation Provides a more consistent and systematic approach to define an adversary s attack Attack plan analysis considers site layout (terrain, detection, delay, response), adversary starting point, target set, and strategy (detection, firepower, speed) Remove subjectivity (e.g., time to breach) Consistently identifies new vulnerabilities Simulate numerous (100s to 1000s) attacks, each simulation is equivalent to a table-top drill or force-on-force exercise Monte Carlo techniques Combat simulation uses Ph/Pk Explicit treatment of detection, interruption, and neutralization Simulations use an adaptive adversary which may alter its attack paths based on circumstances 8

History of AVERT In the late 1990s the Defense Threat Reduction Agency led large scale PRAs for peacetime nuclear operations. These assessments used many of the same PRA techniques known as Weapon System Safety Assessments (WSSAs) initially developed and implemented for the commercial nuclear power industry. Focused on the accident-induced risk of nuclear material dispersal. Although it was recognized at the time that radiological dispersal could be initiated by intentional acts (e.g., terrorism), the tools to quantify such risk did not exist for these events as they did for accident (i.e., safety) events. This led to the DoD initiating funding under their Small Business Innovation Research program to evaluate methods for quantifying risks of intentional acts. The AVERT tool was initially developed under the three phases of this Small Business Innovation Research funding from DoD. Tool was fully commercialized in 2007 with significant R&D since that time.

AVERT - What can happen (i.e., What can go wrong)? Early development of the tool was focused on a predictive method for determining adversary attack plans (i.e., vulnerabilities). These attack plans are analogous to accident sequences used in traditional commercial nuclear PRAs Key difference is that typical event sequence models for safety are static and based upon expertise needed to determine possible states. The adaptive and thinking nature of an adversary made traditional PRA approaches inappropriate for this portion of the risk assessment. The unique approach created focuses on general adversary strategies to automatically predict how the security system could be defeated. Used either individually or in combinations, the factors in these strategies include the adversaries desire to: 1. proceed to their objective(s) as quickly as possible 2. minimize probability of detection by the security system 3. avoid fire from the opposing security force. A critical element of this process is the characterization of all aspects of the security system to include both security technology and security personnel.

AVERT - How likely is it that, that will happen? Determining the likelihood of an attack for each of the previously determined attack plans. The biggest hurdle in this problem is finding a method to justify the frequency of attack by the adversary. Data to justify such estimates are generally scarce, and just as we begin to utilize such data, the adversary is likely to adapt so as to invalidate any estimate. Fortunately, we do find an excellent application of quantitative risk techniques toward the remainder of likelihood calculations. In addition to attack frequency, our second risk question also requires an understanding of whether the security system can successfully neutralize such an attack (Pe), thereby preventing the adversary from accomplishing their objective.

AVERT - How likely is it that, that will happen? (contd.) AVERT s architecture contains a simulation engine that can virtually attack the facility along each of the previously determined attack plans. In this way, the system performance can be evaluated as a whole and the system s effectiveness determined simply by dividing the number of attacks where the system succeeded at stopping the adversary, by the total number of simulated attacks. One key consideration is replicating the adversaries or security force s ability to adapt to the situation on the ground as an attack plays out. The previously algorithm used in the attack planning phase is adjusted to allow adversaries and security forces to begin the simulation with a plan, but also let them deviate or adapt as desired. The flexibility and dynamic nature of this adaptation has proven to be a primary reason why the DoD and DOE have implemented AVERT for their nuclear facilities.

AVERT - If it does happen, what are the consequences? Historically, nuclear reactor safety risk assessments focus on answering only the first two questions in the triplet risk definition. These Level 1 PRAs, have the risk of core damage as the focus. Regulations and guidance for security align well with these safety PRAs in that they also require prevention of core or spent fuel damage. AVERT s focus is on assisting with risk decisions for the security professional who designs, maintains, and operates the security system and therefore, the risk calculation in AVERT is geared to cover those risks that a licensee can control. If a determination of consequence is desired beyond spent fuel or core damage, the same techniques utilized in Level 2 and 3 reactor safety PRAs can be directly applied.

Computer-based Modeling & Simulation for Security Security Modeling Security Simulation Facility Characterization Site Layout Infrastructure Security layers Elevation / Terrain Barrier Systems Perimeter structure Barriers Delay systems Detection Systems Sensors & cameras Command / control Communications Response Force Patrol & response Capabilities Training Analysis of Alternatives Define Scenario Threat capabilities Targets Site Conditions Sensitivity (counterfactual) Analysis Constructive Simulation Attack planning or vulnerability Overall system response to attack Determine KPIs: system effectiveness, detections, interruption, neutralization Virtual Simulation Response of real and virtual agents to scenario Compare human response to anticipated/optimal response Determine KPIs: exposure and response time, neutralization given response Decision Metrics Baseline Option A Option B Option C Effectiveness Cost 14

Rapidly Produce Charts, Graphs & Visuals Rapidly produce powerful visualizations of pathways and points of breach, detection, neutralization and charts on detection, neutralization Graphs on Detection, Interruption, Neutralization over time and distance Compare points of neutralization 22 Nov 2013 Plot results over heat maps that show the fields of fire View shots taken during exercise 15

Visualization of Results: Weapon LOS Heat Maps

Visualization of Results (contd.) Model Visualization: New design changes Determine tower height for new camera that minimizes cable run length but ensures visibility of area Easy visual access to areas of nuclear facility where access is difficult due to safety or security reasons. Simulation Visualization Diagnostic tool for M&S validation Once scenarios of particular interest have been identified (via performance or risk assessment), they can be replayed in 3D using high-fidelity simulators Visualization is Key For Communicating The Benefits Of M&S To The Organization. 17

How to make tools that work for the community Vendors need feedback to ensure M&S tools are meeting the needs Operators need to select tools that have undergone verification and validation testing for their intended purpose Operators needs tools that are matched to the skills of their staff Otherwise M&S will remain only in the domain of specialized external consultants

Summary There has been a significant leap forward in simulation capability Accredited and proven solution for nuclear security Targeted to the needs and capabilities of the facility security user Well suited for analysis of alternatives and what-if analyses. Can create very realistic simulations that represent a facility including situations that are not practical to do live Metrics of overall performance of the security system as well as risk drivers, maximize benefit

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback