Risks evaluation IMPACT LOW MEDIUM HIGH P HIGH R O B A R04 MEDIUM R01 B R05 I L I R03 LOW R02 T R06 Y
Crisis Management • Crisis Definition • Crisis Management Overview • Crisis Management Process • Risk Analysis – Risk Analysis Case (quantitative ) – Risk Aversion – Risk Analysis in Project Management (qualitative) • Risks Analysis Modeling • Crisis Management System – Common situation awareness – Even Driven Architecture
Risk elements • Event: what could happen? • Probability: how likely is it to happen? • Impact: how bad will it be if it happens? • Mitigation: how to reduce the probability and by how much? • Contingency: how to reduce the impact and by how much? • Reduction = mitigation x contingency • Exposure = risk – reduction
Types of risk analysis • Quantitative risk analysis – The probability of an event occurring – The likely loss should it occur. • Probability x likely loss • Qualitative risk analysis – Focuses on the impact – Risk model
Qualitative risk analysis model • Threats • Vulnerabilities • Controls
Qualitative risk analysis model • Threats – Things that can go wrong or that can 'attack' the system. • Examples might include fire or fraud. – Threats are ever present for every system.
Threats • Human – From individuals or organizations, illness, death, etc. • Operational – From disruption to supplies and operations, loss of access to essential assets, failures in distribution, etc. • Reputation – From loss of business partner or employee confidence, or damage to reputation in the market. • Procedural – From failures of accountability, internal systems and controls, organization, fraud, etc. • Project – Risks of cost over-runs, jobs taking too long, of insufficient product or service quality, etc. • Financial – From business failure, stock market, interest rates, unemployment, etc. • Technical – From advances in technology, technical failure, etc. • Natural – Threats from weather, natural disaster, accident, disease, etc. • Political – From changes in tax regimes, public opinion, government policy, foreign influence, etc.
Natural threats • Flooding, • Fire, • Seismic activity, • High winds, • Snow and ice storms, • Volcanic eruption, • Tornado, hurricane, • Epidemic, • Tidal wave, typhoon.
Modeling And Simulation Hurricanes
Technical threats • Power failure/fluctuation, • Heating, • Ventilation or air conditioning failure, malfunction or failure of CPU, • Failure of system software, • Failure of application software, • Telecommunications failure, • Gas leaks, • Communications failure, • Nuclear fallout.
Human threats • Robbery, • Sabotage, • Explosion, • Bomb threats, • War, • Embezzlement, • Biological contamination, • Extortion, • Radiation contamination, • Burglary, • Hazardous waste, • Vandalism, • Vehicle crash, • Terrorism, • Airport proximity, • Civil disorder, • Work stoppage (strike) • Chemical spill, • Computer crime.
Qualitative risk analysis model • Vulnerabilities – Make a system more prone to attack by a threat or make an attack more likely to have some success or impact. • For example, for fire a vulnerability would be the presence of inflammable materials (e.G. Paper). • Software Complexity
Qualitative risk analysis model • Controls – Countermeasures for vulnerabilities. – There are four types of controls: • Deterrent (dissuasive) controls – Reduce the likelihood of a deliberate attack • Preventative controls – Protect vulnerabilities and make an attack unsuccessful or reduce its impact • Corrective controls – Reduce the effect of an attack • Detective controls – Discover attacks and trigger preventative or corrective controls.
Qualitative risk analysis model THREAT Fire Software Error VULNERABILITY Presence of Flammable Complexity materials CONTROLS Sprinklers Extinguishers Design and development, standards, Change control.
Qualitative risk analysis model Threat creates Attack eploits Vulnerabilty Results in Impact
Qualitative risk analysis model Threat Deterrent control creates Reduces likelihood of Attack discovers Detective eploits Control Triggers Triggers protects Vulnerabilty Results in Corrective Preventative Control control Reduces Impact Decreases
Risk management process Establish Context Opportunities & Losses Identify Risks Analyze Risks Likelihood & Severity Evaluate Risks Ranked & Prioritized Treat Risks
Crisis Management • Crisis Definition • Crisis Management Overview • Crisis Management Process • Risk Analysis – Risk Analysis Case (quantitative ) – Risk Aversion – Risk Analysis in Project Management (qualitative) • Risks Analysis Modeling • Crisis Management System – Common situation awareness – Even Driven Architecture
Crisis management system
Incident management system • Provide the pertinent, accurate information you need to make critical decisions. • Deploy personnel, equipment, communication, facilities and procedures effectively and efficiently. • Give access to information to plan, direct, coordinate and control resources. • Foster collaboration and coordination with other command control systems. • Deliver secure, dependable systems on time and within budget.
Incident management system
Emergency response organization Strategic Big Picture Operational Tactical First Responder
Emergency system architecture Higher level Response (Strategic level) Planning tools Risk Assessment emergency centers (Operative Level) Low response Cell (Tactical Level) Simulation Framework M&S System First Responders Units Resource Mgt Management (logistic, …) Environment Critical Assets (Urban area, weather)
Crisis management schedule Preparation Crisis Management Non real time Real Time Off line On line incident response phase The incident
Crisis management system functions • Command and control – To provide the functions necessary to put multiple response and recovery plans into action • Communication and intelligence – To effectively receive and transmit information • Coordination and documentation – To organize all of the steps taken to respond to an event and create a record of those actions to protect employees, infrastructure and shareholder value • Automated checklists – To ensure that response and recovery is complete for major functions • Alert notifications – To sort and distribute messages so managers/commanders can track and log multiple and varied notifications • Media management – To inform the media about the progress the company is making toward normal operations
Emergency system architecture
Emergency system architecture
Crisis Management • Crisis Definition • Crisis Management Overview • Crisis Management Process • Risk Analysis – Risk Analysis Case (quantitative ) – Risk Aversion – Risk Analysis in Project Management (qualitative) • Risks Analysis Modeling • Crisis Management System – Common situation awareness – Even Driven Architecture
Distributed crisis management system • All participants have to share information, make decisions and deploy resources without being physically present in the same place. • Using web-enabled software allows participants to work from their normal workstation, from home or from the field. • Emergency plans and reports are available from any location. • All information can be maintained in a central database that is available to participants from anywhere in the world.
Geographical information system geo-referenced information: information that is associated with a physical location
Common situation awareness • Annotations and markups • Data sharing and synchronization • Chat • Data acquisition • Geospatial collaboration • Asset tracking: blue force tracking, location-based services • Decentralized data editing • Fusion of geospatial data • Neutral and trusted workspace • Sensor integration • Reporting • Web-based services
Web services based distributed emergency system architecture Emergency Transform Work Flow Services Use Orchestration Services Expose Components Middleware
Crisis Management • Crisis Definition • Crisis Management Overview • Crisis Management Process • Risk Analysis – Risk Analysis Case (quantitative ) – Risk Aversion – Risk Analysis in Project Management (qualitative) • Risks Analysis Modeling • Crisis Management System – Common situation awareness – Even Driven Architecture
Events Driven Architecture • Ontology • Complex Event Processing • Bayesian Networks
Protege
Complex Event Processing (CEP) • It is an event processing concept that deals with the task of processing multiple events with the goal of identifying the meaningful events within the event cloud.
CEP classical example • A church bells ringing, • The appearance of a man in a tuxedo with a woman in a flowing white gown, • Rice flying through the air. • A complex event is what one infers from the simple events: – a wedding is happening.
Complex Event Inference ? ? ? ?
Threat Process Inference ? ? ? ?
CEP techniques • Complex patterns events, • Multiple events correlation, • Multiple events hierarchies, • Relationships between events: – timing – causality, – membership, – event-driven processes.
Bayesian Networks Bayes theorem models a learning process Event B is independent of events A and C, Event B is independent of events A, C. Event C depends on event A. Event B influences both A and C. Event A depends on event B. Event B is independent of events A and C. Event C depends on events A and B. Event C depends on events A and B. A B A B A B C C C P(A,B,C) = P(C/A)P(A) P(A,B,C) = P(C/A,B)P(A)P(B) P(A,B,C) = P(C/A,B)P(A/B)P(B)
BN classical example • What is the probability that it is raining, given the grass is wet? Raining Wet grass
BN classical example • Suppose that there are two events which could cause grass to be wet either: – the sprinkler is on – or it's raining.
BN, Nodes, CPT CPT : Conditional Probability Table
Bayesian Networks • A Bayesian network is a graph in which nodes represent random variables, and the links the influences between variables. The graph is acyclique. • Links represent causal relationship between variables which are either determinists, or probability.
Bayesian Inference • P(Bad Battery | Has Gas, Won’t Start) Battery Gas Start
Not Only Probability C A ~a~b ~ab ab ~a~b ~a b B
Bayesian subjectivity • Bayesians networks allow to merge in a theoretical frame: – probability stemming from a statistical experience feedback, – and subjective probability . • Thus In the absence of experience feedback data, it is possible to used values of subjective probability, estimated by experts.
Norsys NETICA
A simple example belief network for diagnosing why a car won't start, based on spark plugs, headlights, main fuse, etc. Car Case
Recommend
More recommend