Upload
others
View
0
Download
0
Embed Size (px)
Citation preview
HOME/2013/CIPS/AG/4000005001
Terrorism & Other Security-related Risks in Transportation Systems
Wednesday, 21th January 2015
Villa Cambiaso Via Montallegro 1 – 16145 Genova, Italy
1st DAISY Workshop
HOME/2013/CIPS/AG/4000005001
9:00 Welcome Stam
9:10 Impact Analysis and Cost Benefit Analysis of Countermeasures on Airport Infrastructure
Umberto Battista (Stam)
9:40 Novel Intruder Detection & Authentication Optical Sensing Technology
Isabel Oliveira (Aeroportos de Portugal)
10:25 Low Cost and Fully Passive Terahertz Inspection System Based on Nano-Technology for Security Application
Wojciech Gołębiowski (SKA Polska)
10:55 Coffee Break
11:10 MobilE Applications & future InterneT - MEgAbIT: Research Activity and Security Aspects
Mario Marchese (UNIGE)
11:30 The Protection of Critical Infrastructures on Trans-Boundary Areas: a Multidisciplinary Challenge Massimo Migliorini
(SiTi)
12:00 Modelling and Simulation for Security in the extended maritime framework
Alberto Tremori (NATO)
12:30 Wrap-up and Conclusions Stam
13:00 Meeting closure
Agenda
HOME/2013/CIPS/AG/4000005001
DAISY Impact Analysis and Cost Benefit Analysis of Countermeasures on Airport infrastructure
HOME/2013/CIPS/AG/4000005001
industrial research
HOME/2013/CIPS/AG/4000005001
Stam was established in Genova in 1997 thanks to the seed funding provided by the European Space Agency Technology Transfer Program for the development of an innovative gearbox technology. Today Stam is a successful high tech company offering its services and products in a number of market sectors including: Aerospace Security and Defense Transport Robotics and Bio-engineering Energy
Who We Are
Genova
HOME/2013/CIPS/AG/4000005001
Project Operation Sites
Project Locations Since 1997 Stam has completed more than 150 projects in more than 15 countries in the EU. Thanks to the strong technical and managerial background Stam is able to offer its services and products to a number of clients in various industrial sectors. Stam has also developed a significant experience in working with the funding instruments of the European Commission under FP5, FP6 and FP7.
HOME/2013/CIPS/AG/4000005001
Selected Customers and Partners
HOME/2013/CIPS/AG/4000005001
A large part of Stam’s activities are related to safety and security aspects in transportation engineering. Stam has established partnerships with key players in the field of defense and security: the Italian Navy, Oto Melara, WAT, Gilardoni, AeroSekur, Istituto Affari Internazionali, QinetiQ. The company has also deep experience in the analysis and simulation of explosion effects and consequences. Its senior research staff have been involved in the simulation and evaluation of the effects of blast on vehicles and structures.
Transport and Security
http://www.google.it/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&uact=8&docid=VFyQVym4e9mXaM&tbnid=0kdKJ2Y1-5cEwM:&ved=0CAUQjRw&url=http://www.zingarate.com/foto/notizie-dal-mondo/fatti-interessanti-sul-sistema-metropolitano-del-mondo/&ei=MyDJU4iZCcGmO8G5gWA&bvm=bv.71198958,d.bGE&psig=AFQjCNEKKGqZ3DXYiDEDUHvHn340a1xv0A&ust=1405776299819257http://www.google.it/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&uact=8&docid=RAnb1Poyr3DLnM&tbnid=SJuXbrUr5USOmM:&ved=0CAUQjRw&url=http://www.travelquotidiano.com/trasporti/aeroporti-di-roma-fusione-con-autostrade-per-litalia/tqid-135823&ei=YiDJU8rFEse7OaC_gLgL&bvm=bv.71198958,d.bGE&psig=AFQjCNE1ZNWYS-EiLqOLeXGLM1COled8qQ&ust=1405776337935784http://www.google.it/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&uact=8&docid=L847PLBUrYIIJM&tbnid=fbWZ4SuPWYaXXM:&ved=0CAUQjRw&url=http://www.dipendentistatali.org/marina-militare/&ei=liDJU7ypK83KOcXNgUg&bvm=bv.71198958,d.bGE&psig=AFQjCNE8QWDGATRja9x-ZNK15-xG1ZA7rA&ust=1405776401589407
HOME/2013/CIPS/AG/4000005001
DAISY Project
The main objective of the DAISY project is to provide CI Security Managers and Airport Manager with an instrument which will help in defining the risk their infrastructures are subject to, in order to assess the vulnerabilities and identify/implement the most appropriate integrated non-invasive inspection countermeasures. Moreover, the most valuable target of this project is to provide the end-users with an instrument that will help them in evaluating which non-invasive inspection systems are the most effective.
http://www.google.it/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&uact=8&docid=SdtCWN7uzCQYSM&tbnid=ugYriqJmulmIsM:&ved=0CAUQjRw&url=http://precisesecurityandprotection.com/history&ei=wQXOU4TIMoerO8jFgNgF&bvm=bv.71198958,d.bGQ&psig=AFQjCNEEXvkLe9SijaMsZDQpWz3qv9bxFA&ust=1406097192257423http://www.google.it/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&uact=8&docid=OdOUd1lL9lYDuM&tbnid=guJ_pLiBnGbYoM:&ved=0CAUQjRw&url=http://travel.nationalgeographic.com/travel/traveler-magazine/the-insider/airport-security-2/&ei=hs7HU6fAKoPnPPyKgegF&bvm=bv.71198958,d.d2k&psig=AFQjCNEFsQI-r08YLR_qANcITSA2Io4STg&ust=1405689860725533
HOME/2013/CIPS/AG/4000005001
Project Consortium
http://www.google.it/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&uact=8&docid=EhAsAu43R1qWfM&tbnid=tjYmQwGLWhXK6M:&ved=0CAUQjRw&url=http://www.master.eurec.be/en/Partnering-Universities/Spe-Ocean-Energy-IST-Lisbon-Portugal/&ei=Ks_HU5PrJszEPKi6gZgL&bvm=bv.71198958,d.d2k&psig=AFQjCNEz8K5iBV0zw0vgInMagvtfH7VSLA&ust=1405690020656536http://www.google.it/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&uact=8&docid=d43ej5Eep_6e4M&tbnid=T3JCHrAUgBI8aM:&ved=0CAUQjRw&url=http://worldwide.vortal.biz/anas-experience-with-vortalgov_item_5182&ei=087HU8-uFcOrPKzsgYgN&bvm=bv.71198958,d.d2k&psig=AFQjCNHKrNv7vF5Qoleqqcsb20PC9hLxbg&ust=1405689926950720
HOME/2013/CIPS/AG/4000005001
Aims (1/2)
The current methods to detect people transporting harmful and hazardous materials inside the terminal are expensive and time-consuming and generate indirect costs on the community that are invisible to the security manager but create frustration to passengers and additional burden on the general economy. EU indications are in fact to reduce as low as possible, compatibly with the necessary degree of security, the number of body analyses.
http://www.google.it/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&uact=8&docid=-iP6q9yZiBtVCM&tbnid=sJotvsmE9HOh0M:&ved=0CAUQjRw&url=http://www.whitespace.on.ca/Blog/bid/59773/Is-your-business-blog-writing-too-time-consuming&ei=TNbMU9SOKsHROZ6WgegO&bvm=bv.71198958,d.bGE&psig=AFQjCNG1K_QjyeXhAYIBWhbR0W1vnhRnzg&ust=1406019481430081
HOME/2013/CIPS/AG/4000005001
Aims (2/2)
This aspect is addressed by the DAISY Consortium through the involvement of partners from Italy, Portugal and Poland, with great expertise dealing with security related issues from a technological perspective. Project dissemination activities on and workshops will divulgate the project results and recommendations to analyze and achieve an adequate level of security in airports. The project results will complement other present and future activities: • Providing effective methodologies for airport security engineering activities. • Promoting new investigation activities taking these developments as the basis. • Prevention and mitigation and training operations in such a way that evaluation of risk
scenarios is possible.
HOME/2013/CIPS/AG/4000005001
Methodology (1/2)
The project will be carried out by relying on the following aspects, which are deemed as fundamental in the achievement of the stated goals: • Definition of a methodology for cost/benefit evaluation of integrated non-invasive
inspection countermeasures implementation. • Development of IT instruments to support the methodology application. • Provision of an instrument that can be used for training purposes by the users. • Support to the development of risk assessment methodology to protect airport critical
infrastructures. • Support to the identification and analysis of European criticalities in the airport terminal
infrastructures. • Development of tools and concepts to integrate the protection of airport terminal
infrastructures into crisis management.
HOME/2013/CIPS/AG/4000005001
Methodology (2/2)
• Development of a common framework for the effective protection of critical infrastructure at EU level.
• Increase in the security awareness of airport terminal infrastructure stakeholders. • Improvement of information management with regard to airport terminal
infrastructures. • Increase of critical infrastructure protection capability in the civil aviation sector. • Promotion of investment in innovative non-invasive inspection technologies applied to
airport terminal infrastructures, taking the project developments as the basis.
HOME/2013/CIPS/AG/4000005001
Main Inputs: • Existing security procedures, practices, and relationships in airports • Threats analysis • Scenarios definition Objectives: • Identification of existing security procedures, practices, and relationships • Identification of reference threats, and capture of new threats • Identification of real scenarios, in a critical infrastructures which could be
vulnerable to attacks from a terrorist source
WP1 - Homeland Security Trends and Application Scenarios
HOME/2013/CIPS/AG/4000005001
Main Inputs: • Existing security procedures, practices, and relationships in airports • Threats analysis • Scenarios definition Objectives: • Identification of countermeasures to eliminate, reduce, or mitigate risk on
selected critical infrastructure • Appraisal and evaluation of the methodologies and processes and identification
of strengths and weaknesses of state-of-the-art risk assessment methodologies • Development of specifications for risk assessment methodology and tool • Definition of risk assessment methodology • Definition of the cost/benefit assessment methodology
WP2 - DAISY risk assessment methodology and countermeasures set definition
HOME/2013/CIPS/AG/4000005001
Main Inputs: • Economic losses, keeping into account the expected magnitude of damage in
terms of fatalities, injuries, property damage, asset replacement cost, productivity losses and other direct and indirect business values
• Risk management process Objectives: • Definition of assets value and impact, based on expected magnitude of
damage • Development of DAISY risk assessment package, based on specifications
defined in the previous WPs • Development of DAISY cost/benefit package • Development of upgrade recommendation for target group and stakeholders • Development of DAISY tool
WP3 - Development of the DAISY tool
HOME/2013/CIPS/AG/4000005001
Main Inputs: • Development of DAISY tool Objectives: • Simulation of DAISY methodology on real scenarios • Validation of DAISY tool • Optimization of DAISY tool
WP4 - Use case validation
HOME/2013/CIPS/AG/4000005001
Objectives • To conduct workshop to validate and verify functionality of tool • To disseminate outputs of DAISY to key industry stakeholders and wider public • To develop training methodology to roll-out DAISY software tool
WP5 - Exploitation and training
HOME/2013/CIPS/AG/4000005001
WP1 - Homeland Security Trends and Application Scenarios
• Security in Aviation based on a layered approach fits well to the airport infrastructure.
• Analysis of existing Regulations and regulating Bodies. • Analysis of screening methodologies for passenger, cabin baggage and hold baggage. • Best practices in Risk Management (SeMS, decision processes)
HOME/2013/CIPS/AG/4000005001
WP1 - Homeland Security Trends and Application Scenarios
Classification Monitoring and recording
Inputs for risk analysis tool
• Type of attack • Objectives • Motives • Locations • Perpetrators • Casualties
Statistics
HOME/2013/CIPS/AG/4000005001
WP1 - Homeland Security Trends and Application Scenarios
• Threat assessment review o attack planning o collecting information o assessing future threats
• Current Trends of Terrorist Threats o Global terrorism (GTD) o Situation in the World o Situation in Europe (Europol)
• Terrorist attacks to transportation overview • Security incidents in Airports
HOME/2013/CIPS/AG/4000005001
Methodology Sector/Hazards End-Users Objectives
Inte
rdep
ende
ncie
s
CM a
sses
smen
t
Resi
lienc
e
Counteract (Generic Guidelines for Conducting Risk Assessment in Public
Transport Networks) Transport, Energy/ Terrorist threats Operators, asset managers
Risk reporting, protection measures effectiveness
evaluation No Yes No
NSRAM (Network Security Risk Assessment Modeling)
All sectors/ Technical hazards CI operators and decision makers What if analysis under malicious attacks Yes Yes Yes
RAMCAP Plus All sectors/ Technical hazards CI operators and decision makers RA and mitigation, multi-level, cross-sector Yes No Yes
RVA (risk and vulnerability analysis) All sectors/ Technical, socio- technical hazards CI Decision makers Risk assessment,
qualitative No Yes No
BMI (Baseline protection concept) All sectors/ Technical, natural hazards, Terrorist threats Private companies, CI operators,
Policy makers RA collaboration between
PM & private sector Yes No Yes
RAND ( Infrastructure, Safety) Transport/ Terrorist threats CI operators and decision makers Risk assessment, qualitative No Yes No
Stam Transport/ Terrorist threats CI operators and decision makers Risk assessment, quantitative Yes Yes Yes
WP2 - DAISY risk assessment methodology and countermeasures set definition
HOME/2013/CIPS/AG/4000005001
RA Methodology Schematic approach
• Intolerable • Precarious • Tolerable • Negligible
RA Model Available data Scenarios
results
Expert Revision
Biasing
Training
Impact analysis
HOME/2013/CIPS/AG/4000005001
RA Model Available data Scenarios
results
Expert Revision
Biasing
Training
Impact analysis
High impact / frq
scenarios
CM. Design
CM. Evaluation
RA Methodology Schematic approach
• Effectiveness • Cost • Time for implementation • Additional benefits • Crowd invasive • etc.
HOME/2013/CIPS/AG/4000005001
RA Model Available data Scenarios
results
Expert Revision
Biasing
Training
Impact analysis
High impact / frq
scenarios
CM. Design
CM. Evaluation
CM. Ranking
RA Methodology Schematic approach
HOME/2013/CIPS/AG/4000005001
RA Methodology RA Model
COA Section 1 . . Section N Section 1 . . Section N .
Casualties
Physical Impact
Impact Attack
Available Records
POA 1 .
POA N Section 1
.
. Section N
Security measure 1 . .
Security measure N Attack tactic 1
. Attack tactic N
HOME/2013/CIPS/AG/4000005001
Quantitative Risk Assessment Formulations and Methodology
𝑹𝑹𝑖𝑖𝑖𝑖𝑖𝑖 = 𝑻𝑻ℎ𝑟𝑟𝑟𝑟𝑟𝑟𝑟𝑟 .𝑽𝑽𝑢𝑢𝑢𝑢𝑢𝑢𝑟𝑟𝑟𝑟𝑟𝑟𝑢𝑢𝑖𝑖𝑢𝑢𝑖𝑖𝑟𝑟𝑢𝑢. 𝑰𝑰𝑚𝑚𝑚𝑚𝑟𝑟𝑚𝑚𝑟𝑟
Risk assessment A. Threat assessment B. Vulnerability assessment C. Impact assessment
HOME/2013/CIPS/AG/4000005001
Quantitative Risk Assessment A. Threat Assessment
Threat Measure Scale
Explosives IED/VBIED Size 0~10 Incendiary Size 0~10 Public disorder Level of panic 0~10 Armed attack lethality 0~10 Unconventional weapon lethality 0~10 Sabotage destructiveness 0~10 CBRA lethality 0~10 Hoax or Threat H rate * 0~10 etc. …….. ………..
List of used threat tactics and their scaling method respect to their lethality
HOME/2013/CIPS/AG/4000005001
Security measure Scale
Past terrorist attack record 0~10
Active local Terrorist groups 0~10
Threat declared 0~10
Time of the day 0~10
Country involved in war 0~10
etc. ………..
Quantitative Risk Assessment A. Threat Assessment
List of parameters that makes a place, a potential terrorist attack target
HOME/2013/CIPS/AG/4000005001
Attacks Location Scale
Airport Parking lot 0|1
Check-in salon entrance 0|1
Power supply Unit 0|1
Check-in stands 0|1
Passport check-in gate 0|1
Transit salon 0|1
etc. 0|1
List of all available sectors in an airport
Quantitative Risk Assessment B. Vulnerability Assessment
HOME/2013/CIPS/AG/4000005001
Security measure Definition Scale
Perimeter surveillance system Level 0~10
Airport check-in salon surveillance systems Level 0~10 Uniformed patrols Q&Q 0~10 Rapid-deployment forces Q&Q 0~10 Check-in baggage scan Technology 0~10 Cabin baggage scan Technology 0~10 Airplane corridor body scan Technology 0~10 etc. …….. ………..
List of security measures and their scaling method
Quantitative Risk Assessment B. Vulnerability Assessment
HOME/2013/CIPS/AG/4000005001
Quantitative Risk Assessment C. Impact Assessment
Economy loss
Psychological Impact
Intersectoral Impact
Physical Impact Casualties
Mass media
Incident
A model has to translate the high level impact to the lower ones
HOME/2013/CIPS/AG/4000005001
CM categories: 1. Detection 2. Delay 3. Response Assessment parameters: • Expected benefits
o Reduce probability of attack o Reduce fatalities in system o Resilience
• Cost • Impact on market • Speed of implementation
Counter Measures Assessment
Constraints: • Generic and non-scenario
oriented • Non-invasive to passengers • Cost efficient Solutions that proved to have highest payback: • Human resource training • Technology
HOME/2013/CIPS/AG/4000005001
WP5 - Project Website
• Active and timely presentation of project results
• Dedicated to different target groups: the general public (“information section”), relevant stakeholders, experts, and project partners
• Internal part for the exchange of information
• External part open to the public including non-confidential information
www.daisy-project.eu
HOME/2013/CIPS/AG/4000005001
Stam S.r.l.
Piazza della Vittoria 14/11 16121 Genova, Italy
Phone: +39 010 3694967 Fax: +39 010 3626539 www.stamtech.com
Roberto Landò [email protected]
Umberto Battista [email protected]
Mony Khosravi [email protected]
Contacts
http://www.stamtech.com/mailto:[email protected]:[email protected]:[email protected]
1st DAISY WorkshopAgendaDiapositiva numero 3Diapositiva numero 4Diapositiva numero 5Project Operation SitesSelected Customers and PartnersTransport and SecurityDAISY ProjectProject ConsortiumAims (1/2)Aims (2/2)Methodology (1/2)Methodology (2/2)WP1 - Homeland Security Trends� and Application ScenariosWP2 - DAISY risk assessment methodology and countermeasures set definitionWP3 - Development of the DAISY toolWP4 - Use case validationWP5 - Exploitation and trainingWP1 - Homeland Security Trends� and Application ScenariosWP1 - Homeland Security Trends� and Application ScenariosWP1 - Homeland Security Trends� and Application ScenariosWP2 - DAISY risk assessment methodology and countermeasures set definitionRA Methodology�Schematic approachRA Methodology�Schematic approachRA Methodology�Schematic approachRA Methodology�RA Model Quantitative Risk Assessment �Formulations and Methodology Quantitative Risk Assessment �A. Threat Assessment Quantitative Risk Assessment �A. Threat Assessment Quantitative Risk Assessment �B. Vulnerability Assessment Quantitative Risk Assessment �B. Vulnerability Assessment Quantitative Risk Assessment �C. Impact Assessment Counter Measures AssessmentWP5 - Project WebsiteContacts