1 / 0

Developing the Next Generation Safeguards and Security Specialist

Developing the Next Generation Safeguards and Security Specialist. Dyrk Greenhalgh Oak Ridge National Laboratory January 28, 2010. Overview. Introduction Risk Management vs Vulnerability Assessment Design and Evaluation Process Vulnerability Assessment Process. Introduction.

yanka
Télécharger la présentation

Developing the Next Generation Safeguards and Security Specialist

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Developing the Next Generation Safeguards and Security Specialist

    Dyrk Greenhalgh Oak Ridge National Laboratory January 28, 2010
  2. Overview Introduction Risk Management vs Vulnerability Assessment Design and Evaluation Process Vulnerability Assessment Process
  3. Introduction Graduated in 1999 with a B.S. in Information Systems Management Worked as an IT consultant in Arizona Worked at ASU as a Systems Analyst ***** 9/11 Terrorist Attacks ***** Found Security Engineering program at ASU Moved to Los Alamos, NM to work @ LANL as a Security Engineer Graduated in 2007 with an M.S. in Security Engineering Moved to Oak Ridge in 2008 to work at ORNL as a Security Project Engineer
  4. Obsolescence of Security Systems “The search for static security - in the law and elsewhere - is misguided. The fact is security can only be achieved through constant change, adapting old ideas that have outlived their usefulness to current facts.” -William Osler
  5. Physical Protection SystemTerminology Safety refers to the systems that react to/in abnormal events by minimizing their impact, preserving human life, and protecting property Event examples: fire, flood, earthquake, natural or human accidents, and earthquakes Security represents the systems that prevent, detect, delay, respond to, interrupt, and neutralize a malevolent human adversary Event examples: industrial espionage, direct facility attack, insider theft, employee strike, and material diversion
  6. Relationship Between Risk Management and Vulnerability Assessment
  7. Design and Evaluation Process
  8. VA Macro Process
  9. Facility Vulnerabilities vs. Threat Exploitation Vulnerabilities Trump Threats: If you know the vulnerabilities (weaknesses), you’ve got a shot at understanding the threats (the probability that the weaknesses will be exploited, how, and by whom). You might even be ok if you get the threats all wrong. (But if you focus only on the threats, you’re probably in trouble).
  10. Ahem… “As we know, there are known knowns. There are things we know we know. We also know there are known unknowns. That is to say, we know there are some things we do not know. But there are also unknown unknowns, the ones we don't know we don't know.” — Donald Rumsfeld, February 12, 2002, Department of Defense news briefing
  11. Facility Characterization Physical conditions Facility operations Policies and procedures Regulatory requirements Safety considerations Legal issues Corporate goals
  12. Facility Characterization (continued)Physical Condition Characterization is made easier because much is known and info is usually available Site boundaries, access points, geography, number of buildings, infrastructure, vegetation, wildlife, climate, existing systems, response forces and their capabilities, and more included …
  13. Facility Characterization (continued)Facility Operations Products of the facility Facility processes Operating conditions/states Types and numbers of employees Review of the operating procedures (usually most time intensive portion of review) Operational review of procurement, computing, maintenance, asset tracking, shipping and receiving, workflow, shift changes, accounting functions, vehicle activity
  14. Threat Definition Steps for threat definition: List information needed to define threat: Outsiders Insiders Outsiders working in collusion with insiders Motivation: Ideologic Economic Personal “Water shapes its course according to the nature of the ground over which it flows; the soldier works out his victory in relation to the foe whom he is facing.” --Sun Tzu, The Art of War, 6th Century B.C.
  15. Threat Definition (continued) Base potential goals on targets assuming: Tactics: Force Stealth Deceit Numbers and capabilities: Vehicles, tools, resourcefulness, system knowledge Collect information on potential threat: Intelligence sources Crime analysis Professional organizations Published literature Government directives
  16. Threat Definition (continued) Then organize it into usable information: Outsider adversary threat spectrum Sample threat statements Design Basis Threat (DBT) Perform target identification: Manual listing Sabotage fault trees and fault tree analysis (FTA) Consequence analysis “We only need to be lucky once. You need to be lucky every time.” --The IRA to Margaret Thatcher, after a failed assassination attempt
  17. Threat Definition (continued)
  18. The Risk Equation Risk = PA * [1 - (PE)] * C
  19. Vulnerability Assessment Create an Adversary Sequence Diagram (ASD) for all asset locations Conduct pathway analysis, which provides PI (probability of interruption, an input to PE): Pathway and FTA Perform scenario analysis Complete neutralization analysis, which provides PN (probability of neutralization): JCATS, tabletop, results from force-on-force exercises Determine system effectiveness, PE (probability of effectiveness) Develop and analyze system effectiveness upgrades, if PE or risk not acceptable
  20. Regarding Deterrence … Theft, sabotage, and other malevolent acts may be prevented by deterring or defeating an adversary Deterrence occurs by implementing measures perceived as being too difficult to defeat: Target becomes “unattractive” May help discourage certain types; determined adversary will choose to attack anyway
  21. Regarding Deterrence … (continued) Do not assume that because the system has not endured an attack that it is an effective system or an effective deterrent Deterrence is difficult to measure = perception. Reliance on deterrence alone is risky; no definitive research on deterrent values exist One study shows that deterrent value of a system is actually lower than designers had hoped (Sivarajasingam and Sheperd, 1999)
  22. Target Identification Manual listing: Works best for small areas Manageable lists of equipment Simple processes Consequence analysis: Prioritization of assets (targets) based on consequence of loss: (1) List targets (2) Determine consequence of loss (3) Estimate probability of loss Can measure in dollars, loss of life, loss of reputation, etc.
  23. Target Identification (continued) The general who wins a battle makes many calculations before the battle is fought. Many calculations lead to victory and few calculations to defeat. Sun Tzu, The Art of War, 6th Century B.C.
  24. Target Identification (continued) Fault Tree Analysis (FTA): Basic event, this is the beginning “And” gate: all listed events must occur to pass this gate Supporting event or final event “Or” gate: any listed events can occur to pass this gate Undeveloped Event Continued event from chart “A”
  25. Target Identification (continued)
  26. Three Critical Factors for Security Design Detection Delay Response
  27. Detection What is detection? Which tools are used to determine intrusion attempts? When is an adversary or malevolent action considered “detected”? Detection without assessment is not detection.
  28. Detection (continued)Sensor Classification PD/CL (probability of detection/confidence level) NAR (nuisance alarm rate; false alarm is a type of nuisance alarm) Vulnerability to defeat Passive/Active Covert/Visible LOS (line of sight)/Terrain-following Volumetric/Line Buried line/Fence-associated/Freestanding Emerging technologies
  29. Delay Access delay (each has a defeat time, in seconds): Fences Gates Vehicle barriers Personnel in fighting positions Structural barriers: Walls and doors Windows and utility ports Roofs and floors Dispensable barriers Delay before detection is primarily a deterrent.
  30. Physical Security Response “The spot where we intend to fight must not be made known. Numerical weakness comes from having to prepare against possible attacks.” --Sun Tzu, The Art of War, 6th Century B.C.
  31. Physical Security Response (continued) What is response? When is an adversary interrupted? When is an adversary neutralized?
  32. Physical Security Response (continued) Inputs to the system effectiveness equation: Risk = PA * [1 - (PE)] * C PE = PI * PN PI = PD * PAC * PAD Where: PI = Probability of Interruption (0-1) PD = Probability of Detection = PS * PT * PA (0-1) PAC = Probability of Accurate Communication (0-1) PAD = Probability of Timely Deployment (0-1)
  33. Physical Security Response (continued) Response force calculations: Probability of Interruption (PI) Response Force Time (RFT) Critical Detection Point (CDP) Response force communications Response force training Response force weapons
  34. Physical Security Response (continued)
  35. “Bang-for-the-Buck” Calculation
  36. Summary (continued) Questions?
  37. Academic Attribution/Citations ASIS International Website (www.asisonline.org) Fischer, R. J., and Green, G., Introduction to Security, 7th ed. Butterworth Heinemann, 2005. Garcia, M. L., The Design and Evaluation of Physical Protection Systems, Butterworth Heinemann, 2007. Garcia, M. L., Vulnerability Assessment of Physical Protection Systems, Butterworth Heinemann, 2006. Sivarajasingam, V., and Sheperd, J. P., Effect of closed circuit television on urban violence, Journal of Accident and Emergency Medicine, 1999; 16(4):255-257.
More Related