IDEAS home Printed from https://ideas.repec.org/a/eee/reensy/v191y2019ics0951832017311535.html
   My bibliography  Save this article

A Bayesian network methodology for optimal security management of critical infrastructures

Author

Listed:
  • Misuri, Alessio
  • Khakzad, Nima
  • Reniers, Genserik
  • Cozzani, Valerio

Abstract

Security management of critical infrastructures is a complex task as a great variety of technical and socio-political information is needed to realistically predict the risk of intentional malevolent acts. In the present study, a methodology based on Limited Memory Influence Diagram (LIMID) has been developed for the protection of critical infrastructures via cost-effective allocation of security measures. LIMID is an extension of Bayesian network (BN) intended for decision-making, allowing for efficient modelling of complex systems while accounting for interdependencies and interaction of system components. The probability updating feature of BN has been used to investigate the effect of vulnerabilities on adversaries’ preferences when planning attacks. Moreover, the proposed methodology has been shown to be able to identify an optimal defensive strategy given an attack through maximizing defenders’ expected utility. Despite being demonstrated via a chemical facility, the methodology can easily be tailored to a wide variety of critical infrastructures.

Suggested Citation

  • Misuri, Alessio & Khakzad, Nima & Reniers, Genserik & Cozzani, Valerio, 2019. "A Bayesian network methodology for optimal security management of critical infrastructures," Reliability Engineering and System Safety, Elsevier, vol. 191(C).
    • Handle: RePEc:eee:reensy:v:191:y:2019:i:c:s0951832017311535
    DOI: 10.1016/j.ress.2018.03.028
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S0951832017311535
    Download Restriction: Full text for ScienceDirect subscribers only
    File URL: https://libkey.io/10.1016/j.ress.2018.03.028?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Viscusi, W Kip & Aldy, Joseph E, 2003. "The Value of a Statistical Life: A Critical Review of Market Estimates throughout the World," Journal of Risk and Uncertainty, Springer, vol. 27(1), pages 5-76, August.
    2. Sumitra Sri Bhashyam & Gilberto Montibeller, 2016. "In the Opponent's Shoes: Increasing the Behavioral Validity of Attackers’ Judgments in Counterterrorism Models," Risk Analysis, John Wiley & Sons, vol. 36(4), pages 666-680, April.
    3. William L. McGill & Bilal M. Ayyub & Mark Kaminskiy, 2007. "Risk Analysis for Critical Asset Protection," Risk Analysis, John Wiley & Sons, vol. 27(5), pages 1265-1281, October.
    4. Jesus Rios & David Rios Insua, 2012. "Adversarial Risk Analysis for Counterterrorism Modeling," Risk Analysis, John Wiley & Sons, vol. 32(5), pages 894-915, May.
    5. Gilboa,Itzhak, 2009. "Theory of Decision under Uncertainty," Cambridge Books, Cambridge University Press, number 9780521517324.
    6. Insua, Insua Rios & Rios, Jesus & Banks, David, 2009. "Adversarial Risk Analysis," Journal of the American Statistical Association, American Statistical Association, vol. 104(486), pages 841-854.
    7. Sandler, Todd & Lapan, Harvey E., 1988. "The Calculus of Dissent: An Analysis of Terrorists' Choice of Targets," Staff General Research Papers Archive 10818, Iowa State University, Department of Economics.
    8. Steffen L. Lauritzen & Dennis Nilsson, 2001. "Representing and Solving Decision Problems with Limited Information," Management Science, INFORMS, vol. 47(9), pages 1235-1251, September.
    9. van Staalduinen, Mark Adrian & Khan, Faisal & Gadag, Veeresh & Reniers, Genserik, 2017. "Functional quantitative security risk analysis (QSRA) to assist in protecting critical process infrastructure," Reliability Engineering and System Safety, Elsevier, vol. 157(C), pages 23-34.
    10. Bryan Caplan, 2006. "Terrorism: The relevance of the rational choice model," Public Choice, Springer, vol. 128(1), pages 91-107, July.
    11. Ross D. Shachter, 1986. "Evaluating Influence Diagrams," Operations Research, INFORMS, vol. 34(6), pages 871-882, December.
    12. repec:reg:rpubli:282 is not listed on IDEAS
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Zhang, Lu & Cui, Li & Chen, Lujie & Dai, Jing & Jin, Ziyi & Wu, Hao, 2023. "A hybrid approach to explore the critical criteria of online supply chain finance to improve supply chain performance," International Journal of Production Economics, Elsevier, vol. 255(C).
    2. Zhou, Jian-Lan & Lei, Yi, 2020. "A slim integrated with empirical study and network analysis for human error assessment in the railway driving process," Reliability Engineering and System Safety, Elsevier, vol. 204(C).
    3. Kampova, Katarina & Lovecek, Tomas & Rehak, David, 2020. "Quantitative approach to physical protection systems assessment of critical infrastructure elements: Use case in the Slovak Republic," International Journal of Critical Infrastructure Protection, Elsevier, vol. 30(C).
    4. Wu, Jiansong & Zhang, Linlin & Bai, Yiping & Reniers, Genserik, 2022. "A safety investment optimization model for power grid enterprises based on System Dynamics and Bayesian network theory," Reliability Engineering and System Safety, Elsevier, vol. 221(C).
    5. Huang, Wencheng & Li, Linqing & Liu, Hongyi & Zhang, Rui & Xu, Minhao, 2021. "Defense resource allocation in road dangerous goods transportation network: A Self-Contained Girvan-Newman Algorithm and Mean Variance Model combined approach," Reliability Engineering and System Safety, Elsevier, vol. 215(C).
    6. Deng, Yu-Jing & Li, Ya-Qian & Qin, Yu-Hua & Dong, Ming-Ru & Liu, Bin, 2020. "Optimal defense resource allocation for attacks in wireless sensor networks based on risk assessment model," Chaos, Solitons & Fractals, Elsevier, vol. 137(C).
    7. Dong, Mingxin & Zhang, Zhen & Liu, Yi & Zhao, Dong Feng & Meng, Yifei & Shi, Jihao, 2023. "Playing Bayesian Stackelberg game model for optimizing the vulnerability level of security incident system in petrochemical plants," Reliability Engineering and System Safety, Elsevier, vol. 235(C).
    8. Tomáš Loveček & Lenka Straková & Katarína Kampová, 2021. "Modeling and Simulation as Tools to Increase the Protection of Critical Infrastructure and the Sustainability of the Provision of Essential Needs of Citizens," Sustainability, MDPI, vol. 13(11), pages 1-18, May.
    9. Suo, Weilan & Wang, Lin & Li, Jianping, 2021. "Probabilistic risk assessment for interdependent critical infrastructures: A scenario-driven dynamic stochastic model," Reliability Engineering and System Safety, Elsevier, vol. 214(C).

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. David Rios Insua & Roi Naveiro & Victor Gallego, 2020. "Perspectives on Adversarial Classification," Mathematics, MDPI, vol. 8(11), pages 1-21, November.
    2. Friedrich Schneider & Tilman Brück & Daniel Meierrieks, 2010. "The Economics of Terrorism and Counter-Terrorism: A Survey (Part II)," Discussion Papers of DIW Berlin 1050, DIW Berlin, German Institute for Economic Research.
    3. G. Quijano, Eduardo & Ríos Insua, David & Cano, Javier, 2018. "Critical networked infrastructure protection from adversaries," Reliability Engineering and System Safety, Elsevier, vol. 179(C), pages 27-36.
    4. Salo, Ahti & Andelmin, Juho & Oliveira, Fabricio, 2022. "Decision programming for mixed-integer multi-stage optimization under uncertainty," European Journal of Operational Research, Elsevier, vol. 299(2), pages 550-565.
    5. González-Ortega, Jorge & Ríos Insua, David & Cano, Javier, 2019. "Adversarial risk analysis for bi-agent influence diagrams: An algorithmic approach," European Journal of Operational Research, Elsevier, vol. 273(3), pages 1085-1096.
    6. Wei Wang & Francesco Di Maio & Enrico Zio, 2019. "Adversarial Risk Analysis to Allocate Optimal Defense Resources for Protecting Cyber–Physical Systems from Cyber Attacks," Risk Analysis, John Wiley & Sons, vol. 39(12), pages 2766-2785, December.
    7. Roponen, Juho & Ríos Insua, David & Salo, Ahti, 2020. "Adversarial risk analysis under partial information," European Journal of Operational Research, Elsevier, vol. 287(1), pages 306-316.
    8. Javier Cano & David Ríos Insua & Alessandra Tedeschi & Ug̃ur Turhan, 2016. "Security economics: an adversarial risk analysis approach to airport protection," Annals of Operations Research, Springer, vol. 245(1), pages 359-378, October.
    9. César Gil & David Rios Insua & Jesus Rios, 2016. "Adversarial Risk Analysis for Urban Security Resource Allocation," Risk Analysis, John Wiley & Sons, vol. 36(4), pages 727-741, April.
    10. Fernandez del Pozo, J. A. & Bielza, C. & Gomez, M., 2005. "A list-based compact representation for large decision tables management," European Journal of Operational Research, Elsevier, vol. 160(3), pages 638-662, February.
    11. Bielza, Concha & Gómez, Manuel & Shenoy, Prakash P., 2011. "A review of representation issues and modeling challenges with influence diagrams," Omega, Elsevier, vol. 39(3), pages 227-241, June.
    12. Stefan Rass & Sandra König & Stefan Schauer, 2017. "Defending Against Advanced Persistent Threats Using Game-Theory," PLOS ONE, Public Library of Science, vol. 12(1), pages 1-43, January.
    13. Borgonovo, Emanuele & Tonoli, Fabio, 2014. "Decision-network polynomials and the sensitivity of decision-support models," European Journal of Operational Research, Elsevier, vol. 239(2), pages 490-503.
    14. Bruno S. Frey & Simon Luechinger, 2005. "Measuring terrorism," Chapters, in: Alain Marciano & Jean-Michel Josselin (ed.), Law and the State, chapter 6, Edward Elgar Publishing.
    15. Michael Macgregor Perry & Hadi El-Amine, 2021. "Computational Efficiency in Multivariate Adversarial Risk Analysis Models," Papers 2110.12572, arXiv.org.
    16. Barry R. Cobb, 2007. "Influence Diagrams with Continuous Decision Variables and Non-Gaussian Uncertainties," Decision Analysis, INFORMS, vol. 4(3), pages 136-155, September.
    17. David Rios Insua & David Banks & Jesus Rios, 2016. "Modeling Opponents in Adversarial Risk Analysis," Risk Analysis, John Wiley & Sons, vol. 36(4), pages 742-755, April.
    18. Christoph Werner & Tim Bedford & John Quigley, 2018. "Sequential Refined Partitioning for Probabilistic Dependence Assessment," Risk Analysis, John Wiley & Sons, vol. 38(12), pages 2683-2702, December.
    19. J. S. Busby & B. Green & D. Hutchison, 2017. "Analysis of Affordance, Time, and Adaptation in the Assessment of Industrial Control System Cybersecurity Risk," Risk Analysis, John Wiley & Sons, vol. 37(7), pages 1298-1314, July.
    20. Vineet M. Payyappalli & Jun Zhuang & Victor Richmond R. Jose, 2017. "Deterrence and Risk Preferences in Sequential Attacker–Defender Games with Continuous Efforts," Risk Analysis, John Wiley & Sons, vol. 37(11), pages 2229-2245, November.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:reensy:v:191:y:2019:i:c:s0951832017311535. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: https://www.journals.elsevier.com/reliability-engineering-and-system-safety .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.