Methodological issues of security vulnerability analysis and risk assessment

• Autorzy: Bobcow A. , Kosmowski K.T.

Warianty tytułu

PL

Metodyczne problemy analizy podatności na utratę integralności i oceny ryzyka

• Języki publikacji: EN

Abstrakty

EN

This article addresses methodological issues associated with the safety and security management of hazardous plants. It is emphasized that there are important installations and systems for the safety and security that require a special attention. A knowledge-based methodology for integrated LOPA (layer of protection analysis) & ROPA (rings of protection analysis) is proposed for further research to develop relevant methods and tools for supporting integrated safety and security management based on assessments of relevant risks.

PL

Niniejszy artykuł przedstawia problemy metodyczne związane z zarządzaniem bezpieczeństwem i ochroną instalacji podwyższonego ryzyka. Podkreślono, że występują ważne dla bezpieczeństwa i ochrony instalacje, które wymagają specjalnej uwagi. Zaproponowano do dalszych badań metodykę opartą na wiedzy do zintegrowanej analizy LOPA (warstw zabezpieczeń) i ROPA (pierścieni zabezpieczeń) w celu opracowania metod i narzędzi do wspomagania zintegrowanego zarządzania bezpieczeństwem i ochroną w oparciu o oceny odpowiednich ryzyk.

Słowa kluczowe

EN

safety of hazardous plants; security vulnerability analysis

PL

bezpieczeństwo instalacji podwyższonego ryzyka; analiza podatności na utratę integralności

• Wydawca: Wydawnictwo Instytutu Technicznego Wojsk Lotniczych
• Czasopismo: Journal of KONBiN
• Rocznik: 2008
• Tom: No. 3 (6)
• Strony: 89--110
• Opis fizyczny: Bibliogr. 16 poz.

Twórcy

autor

Bobcow A.

autor

Kosmowski K.T.

• Gdansk University of Technology, Faculty of Electrical and Control Engineering Politechnika Gdańska, Wydział Elektrotechniki i Automatyki G.Narutowicza 11/12, 80-952 Gdańsk

Bibliografia

• 1. Bobcow, A., Kosmowski, K.: Managing the Security Vulnerabilities of Critical Systems and Hazardous Plants. Chapter 16 in: Functional Safety Management in Critical Systems. Gdansk University of Technology. Fundacja Rozwoju Uniwersytetu Gdańskiego. Gdańsk, 2007.
• 2. Byres, E., Lowe, J.: The Myths and Facts behind Cyber Security Risks for Industrial Control Systems. British Columbia Institute of Technology, Burnaby. Canada & PA Consulting Group, London, 2004.
• 3. Gheorghe, V., Mili, L. (Editorial): In risk management, integrating the social, economic and technical aspects of cascading failures across interdependent critical infrastructures. International Journal of Critical Infrastructures 1, 2004 (1-7).
• 4. Kosmowski, K. T.: Challenges in security and safety management of critical systems and infrastructures. Proceedings of the International Conference on Technologies for Homeland Security and Safety (eds. A. Stepnowski, A. Ruciński, K. Kosmowski). Gdansk University of Technology, Gdańsk, 2005 (511-520).
• 5. Landoll, D. J.: The Security Risk Assessment Handbook. Auerbach Publications, Taylor & Francis Group. New York, 2006.
• 6. Masse, T., O'Neil, S., Rollins, J.: The Department of Homeland Security's Risk Assessment Methodology: Evolution, Issues, and Options for Congress. Prepared for Members and Committees of Congress, Congressional Research Service, 2007.
• 7. Moteff, J., Copeland, C., Fischer, J.: Critical Infrastructures: What Makes an Infrastructure Critical? Congressional Research Service, The Library of Congress; Resources, Science, and Industry Division; August 30, 2002.
• 8. Sticles, R. P., Ozog, H.: Facility Major Risk Survey. ioMosaic Corporation. Salem, 2002.
• 9. Sticles, R. P., Ozog, H., Mohindra, S.: Security Vulnerability Assessment (SVA) Revealed. ioMosaic Corporation. Salem, 2003.
• 10. Commission Decision of 4th February 2005: Concerning the adoption of the Programme of Work 2005 for the Preparatory Action in the field of Security Research. C(2005) 259. Brussels, 18.01.2005.
• 11. Critical Infrastructure Protection in the fight against terrorism. Communication from the Commission to the Council and the European Parliament. COM(2004) 702 final. Brussels, 20.10.2004.
• 12. Guidelines for Analyzing and Managing the Security Vulnerabilities of Fixed Chemical Sites. Center for the Chemical Process Safety of the American Institute of Chemical Engineers. New York, 2003.
• 13. General Security Risk Assessment Guideline. ASIS International. Alexandria 2003.
• 14. Layer of Protection Analysis, Simplified Process Risk Assessment. Center for Chemical Process Safety, American Institute of Chemical Engineers. New York, 2001.
• 15. On the implementation of the Preparatory Action on the enhancement of the European industrial potential in the field of Security Research, Towards a programme to advance European security through Research and Technology. COM (2004) 72 final. Brussels, 3.02.2004.
• 16. Research for a Secure Europe. Report of the Group of Personalities in the field of Security Research. Luxembourg, Office for Official Publications of the European Communities, 2004.