Embed Size (px)
Citation preview
CRITICAL INFRASTRUCTURE RISK ASSESSMENT SUPPORT
WP2 Concept of the risk assessment tool
with the planned components
1st Stakeholders’ Workshop Katowice, March, 5th, 2015
Andrzej Białas, Dariusz Rogowski, Jacek Bagiński
2
Design of the CIRAS tool – Input
1. State of the art – analysis of the existing solutions
2. Requirements based on the stakeholders’ needs and expectations
3. Ciras project requirements and constraints4. Early experimentations
Design of the CIRAS tool
3
State of the art – legal requirements
• Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection
• COMMISSION STAFF WORKING DOCUMENT on a new approach to the European Programme for Critical Infrastructure Protection Making European Critical Infrastructures more secure
• COMMUNICATION FROM THE COMMISSION on a European Programme for Critical Infrastructure Protection 2006
• national regulations
1
4
State of the art – standards
Risk and assets management standards• ISO 31000:2009 Risk management – Principles and guidelines‑• ISO/IEC 31010:2009 Risk management – Risk assessment techniques‑• ISO Guide 73:2009 Risk management – Vocabulary‑• ISO/IEC 27000 family Information technology – Security techniques – Information ‑
security management systems• ISO 55001:2014 Asset management – Management systems – Requirements‑
Risk related technical standards• ISO 17776:2000 Petroleum and natural gas industries – Offshore production ‑
installations – Guidelines and tools for hazard identification and risk assessment• ISO/DTS 16901 Guidance on performing risk assessment in the design of onshore ‑
LNG installations including the ship/shore interface• NORSOK standard Z-013 Risk and emergency preparedness analysis‑• MIL_STD_1629A Procedures for performing a Failure Mode, Effects and Criticality ‑
Analysis (FMECA)• IEC 61025 (2006) Fault tree analysis (FTA)‑• IEC 62502 (2010) Analysis techniques for dependability – Event tree analysis (ETA‑ )
1
5
State of the art – frameworks
• BMI (ger. Budesministerium des Innern) The Federal Ministry of Interior ‑(Germany), the Federal Office for Civil Protection and the Disaster Response and the Federal Criminal Police Office have issued a baseline protection plan
• DECRIS (Risk and Decision Systems for Critical Infrastructures) approach – a programme funded by the Norwegian Research Council
• EURACOM EUropean Risk Assessment and COntingency planning ‑Methodologies for interconnected energy networks
• MIN (Multilayer Infrastructure Network) – developed by the Purdue School of Civil Engineering (US).
• NIPP (US National Infrastructure Protection Plan)• NISAC (National Infrastructure Simulation and Analysis Center) a program ‑
within the US Department of Homeland Security (DHS)• NPOIK (National Critical Infrastructure Protection Programme for Poland)• RAMCAP Plus an extended version of Risk Analysis and Management for ‑
Critical Asset Protection developed by ASME (American Society of Mechanical Engineers)
1
6
State of the art – methods
• Bayesian Networks• BIA (Business impact analysis)• Bow Tie Analysis• CBA (Cost/benefit analysis)• Consequence/probability matrix• ETA (Event tree analysis)• FMEA/FMECA (Failure mode effect analysis)• FTA (Fault tree analysis)• HAZOP (Hazard and operability)• LOPA (Layers of Protection Analysis) • MCDA (Multi-criteria decision analysis)• PHA (Preliminary Hazard Analysis)• RVA (Risk and Vulnerability Analysis)• SWIFT (Structured “What if” Technique)
1
7
State of the art – tools (1/2)
• BowTieXP ‑ BowTie Analysis• CAFTA (Computer Aided Fault Tree Analysis System) – FTA, ETA• Expert Choice ‑ MCDA (Multi-criteria decision analysis)• Free Web-based Fault Tree Analysis Software FTA‑• GeNIe 2.0 Bayesian Networks, Influence diagrams, Probabilistic ‑
models• GRC (Governance, Risk and Compliance) risk identification and ‑
assessment• HAZOP Manager HAZOP, PHA, Hazid (Hazard identification), ‑
FMEA/FMECA• HAZOP+ 6.0 ‑ HAZOP• InfraRisk Preliminary Hazard Analysis, Bow Tie model with Fault- ‑
and Event Tree Analysis• LOPAWorks® 3 ‑ LOPA
1
8
State of the art – tools (2/2)
• Open FTA FTA‑• OSCAD Business Impact Analysis, Consequence/ Probability Matrix‑• PHAWorks® 5 PHA, HAZOP, SWIFT, FMEA‑• QCA tool – ValueSec toolset for MCDA (Multi-criteria decision
analysis)• RAM Commander FMEA/FMECA, Fault Tree Analysis, Event Tree ‑
Analysis• Reliability Workbench FMEA/FMECA, FTA, ETA, Markov Analysis‑• RiskSpectrum PSA FMEA, FTA, ETA‑• THESIS BowTie BowTie Analysis, Layers of Protection Analysis ‑
(LOPA)• WCK GRC – risk management• Xfmea (Synthesis Platform) FMEA/FMECA‑• XFTA – FTA
1
9
State of the art – method assessment criteria
1
10
State of the art – methods assessment summary
1
Threshold for choosing the best methods >=30 points (max 48)
11
State of the art – tools assessment criteria
1
12
State of the art – tools assessment summary
1
Threshold for choosing the best tools >=30 points (max 46)
13
Requirements based on the stakeholders’ needs and expectations
CIRAS STAKEHOLDERS’ WORKSHOPQUESTIONNAIRE
Objective: to collect expert input from CI stakeholders
for an appropriate functional concept of the toolset to be implemented within the CIRAS toolset.
The stakeholders’ answers and conclusions will influence • the functions of the toolset• the layout of the toolset
2
14
Ciras project requirements and constraints
• Use of the ValueSec solution in CIRAS - assessment
o Integration of risk assessment toolso Cost-benefits assessment o Consideration of social, political, legal restrictions
• Identification of components (incl. their communication aspects)
• Technology of the project fulfilment determined• Time /budget constraints
3
15
General scheme of the ValueSec decision framework
Aggregated results for decision maker
#1public mass event
#2 mass transportationRRA – Risk Reduction Assess. (OSCAD)
CBA – Cost-Benefit Assessment
QCA – Qualitat. Criteria Assess.
#3 air transport/airport
#4 communal security planning
#5 cyber threats
ThreatsAssets
Social values
Budget
Security measuresto assess
Decision contexts
Ciras has quite a different decision context
3
16
Ciras toolset concept
Ciras framework facade
RRA – Risk Reduction
Assessment
OSCAD-Ciras component
Analyses manager
CBA – Cost-Benefit Assessment
QCA – Qualitative Criteria Assessment
CBA component
QCA component
Authentication module
Knowledge base
FTA component?
ETA component?
Interdependencies diagram
Reporting/dashboard
Other component?
This colour –„Candidate component”
17
RRA: OSCAD-based early experimentations
4External event acqusition
OSC
AD sy
stem
Dictionaries, configuration, management
Asset inventory
Document management
Tasks management
Risk analysis (AORA/PORA,ABIA/PBIA)
Audit management
Tasks scheduler
Incident management
Business continuity planning
Measures of effectiveness
ReportingEx
tern
al in
terf
aces
Technical system, SCADA
Fire protection, antiburglary
systems
ERP
IT monitoring
Other OSCAD
Other OSCADIncident statisctics
Redundant OSCAD
• BS25999 (ISO 22301)• ISO/IEC 27001
18
RRA: Bow-tie model implementation
Analyzing causes of hazardous events:• AORA – Asset Oriented Risk Analyzer• PORA – Process Oriented Risk Analyzer
Analyzing multidimensional consequences:• ABIA – Asset Oriented Business Impact Analyzer,• PBIA – Process Oriented Business Impact Analyzer
4
19
RRA: Causes/consequences diversifications
Causes: AORA/PORA Consequences: ABIA/PBIA
4
Scenario relevant analyses
4
21
CBA: CBA environment for CIs
22
QCA: QCA environment for CIs
23
Experiment – summary
• indirect implementation of the bow-tie model• enhanced focus on CIs reporting is needed• FTA (Fault Tree Analysis), ETA (Event Tree
Analysis), FMECA (Failure Mode Effects Analysis), … additional modules needed?
4
24
Ciras toolset concept
Ciras framework facade
RRA – Risk Reduction
Assessment
OSCAD-Ciras component
Analyses manager
CBA – Cost-Benefit Assessment
QCA – Qualitative Criteria Assessment
CBA component
QCA component
Authentication module
Knowledge base
FTA component?
ETA component?
Interdependencies diagram
Reporting/dashboard
Other component?
This colour –„Candidate component”
25
Way ahead of tool implementation
• Interdependencies and cascading effects• OSCAD-Ciras, CBA, QCA will be integrated into the
Ciras toolset • All three components (RRA_OSCAD, CBA, QCA)
will be updated to be more focused on CIs
4
Thank you for your attention!
Andrzej BiałasProject [email protected] +48 32 2007711
www.cirasproject.euCo-funded by the Prevention, Preparedness and Consequence Management of Terrorism and other Security-related Risks Programme of the European Union
![RISK ASSESSMENT [ASSESSMENT]](https://img.pdfslide.us/doc/110x75/6212412fca52115ed803cf10/risk-assessment-assessment.jpg)
