1. Terrorism Risk Management Authors of the Paper: David C. Daniels Linwood D.Hudson Kathryn B. Laskey Suzanne M. Mahoney Bryan S. Ware Edward J. Wright Book: Bayesian Networks: Practical Guide Application Edited By : Olivier Pourret Chapter : 14:

2. Introduction The U.S military defines Antiterrorism as the defensive posture taken against terrorist threats Antiterrorism includes ◦ Fostering awareness of potential threats, ◦ Deterring aggressors, ◦ Developing security measures, ◦ Planning for future events, ◦ Prohibition of an event in process and ◦ Mitigating and managing the consequences of an event.

3. A key element of an en effective antiterrorist strategy is evaluating individual sites or assets for terrorist risk Assessing the threat of a terrorist attack requires combining information from multiple disparate sources involving intrinsic uncertainties Terrorism Risk Management due to this inherent uncertainty becomes a natural domain for application of Bayesian Networks

4. Topics Covered Methodologies that have been applied to Terrorism Risk Management Strengths and Weaknesses of each methodology How BN addresses all the weaknesses Description of Site Profiler Installation Security Planner (ISP) suite for risk managers and security planners to evaluate risk of a terrorist attack Software Implementation of Risk Influence Network

5. What is Risk ? Risk: possibility of suffering from any type of harm or loss to individual, organization or entire society Risk Management: Identifying and implementing policies to protect against a risk Degree of Risk: Measure of Adverse Effect: ◦ Monitory Loss ◦ Non monitory such as death, suffering etc Likelihood of event * Measure of Adverse Effect

6. Terrorism Risk Management Methodologies Risk Mnemonics Algebraic Expressions of Risk Fault Trees Simulations Risk= Threat *Vulnerability*Consequence

7. Risk Mnemonics CARVER : Criticality, Accessibility, Recognizability, Vulnerability, Effect and Recoverability S#Risk MnemonicApproachApplicationDrawbacks 1.CARVER (Criticality, Accessibility, Recognizability, Vulnerability, Effect and Recoverability) Score each factor on a ten point scale and adding the scores Developed by US forces during the Viet Nam conflict to optimize targeting of enemy installations Non specific to particular threats Labor- intensive Non scalable to many assets 2.DSHARPP(Demography, Susceptibility, History, Accessibility and Recognizability, Proximity and Population) Installation Planner assigns the score from 1 to 5 and then the points are summed to rank potential targets Subjective Risk Assessment used by US military to identify the assets at highest risk of terrorist attack None of these scores are adjusted based on the threat, type of target or any special consideration

8. S#Risk MnemonicApproachApplicationDrawbacks 3.SNJTK (Special Needs Jurisdiction Tool Kit) An asset based risk approach that uses Critical Asset Factors for evaluation of threat-asset scenario Developed for DHS by Office of Domestic Preparedness Similar to BN approach in expert judgment but since threat is not considered so not a true metric of risk 4.CAPRA (Critical Asset and Portfolio Risk Analysis) Five Expert Evaluation Phases related to mission critical elements Developed by University of Maryland for asset driven approach subjected to expert judgment using parametric equation Though expert based it is unclear how the risk equation was derived or validated Algebraic Expressions of Risk

9. Other Approaches Fault Trees: Assumes a threat baseline and uses decision paths to evaluate the probabilities and outcomes of different outcomes e.g OCTAVE Simu lations: Focus on the consequences of terrorist attack and most are applicable to specific type of assets and threat scenarios

10. Site Profiler Approach to Terrorism Risk Management An Asset risk management program that has been designed to evaluate the risk of terrorist attack. Methodology employs a knowledge-base Bayesian Network construction to combine evidence from analytical models, simulations, historical data and user judgments

11. Why Site Profiler? Individuality of Risk Scenarios Intrinsic Uncertainty Defensible Methodology Flexibility Modifiability, maintainability and Extensibility Customization Usability Portfolio management Tractability

12. Why Bayesian Networks ? Analytical Method for quantitative assessment of risks Coherent means of combining objective and subjective data Well suited for complex problem solving involving large number of interrelated uncertain variables Logically coherent calculus Tractable algorithms exist for calculating and updating evidential support BN can combine inputs from diverse sources

13. Bayesian Networks for Analyzing Risk Clusters of variables for a particular domain These clusters are used to define BN fragments For example: Clusters of variables corresponding to characteristics of valuable asset. Fragment is created corresponding to the concept of an asset If some uncertain variable is related more than one type of entity we name it relational entity type to representing pairing Each fragment is Manageable and tested independently

14. Risk Influence Network The heart of Site Profiler is Risk Influence Network It is a Bayesian network constructed on a fly from knowledge base of BN Fragments Used to assess relative risk of an attack against an asset by a specific threat

15. Steps Involved Knowledge Representation (MEBN) MEBN is not a computer language such as Java or C++, or an application such as Netica or Hugin. Rather, it is formal system that instantiates first-order Bayesian logic That is, MEBN provides syntax, a set of model construction and inference processes, and semantics that together provide a means of defining probability distributions over unbounded and possibly infinite numbers of interrelated hypotheses.

16. Knowledge-base development Concept Definition: Data Physical and Domain data MFRag for seven type of entities Assets, Threats, Tactics, Weapon systems, Targets, attacks and Attack Consequences Formal Definition and Analysis Subsection review by Experts Scenario Elicitation and Revision Implementation (cRIN and uRIN) Operational Revision

17. Software Implementation Uses Object Oriented Database to manage Mfrag Mfrag: Like a BN, an MFrag contains nodes, which represent Random Variables, arranged in a directed graph whose edges represent direct dependence relationships. Context Nodes Input Nodes Resident Nodes

18. RIN Bayesian Attributes, Objects and Domain Objects RIN Structure

19. The Site Profiler domain objects combine to describe risk Assets and Threats combine to form Targets When targets created from Threat-Asset pair an instance of RIN is created Mfrag for Assets: how critical the asset is to the organization, how desirable to enemy and how soft accessible it is Mfrag for Threats: how plausible the tactic and weapon are, intent of an actor to target, the asset types most likely to target These Risk Elements combine to form the key Nodes for Target: Likelihood of an event, Susceptibility of an asset to an event, the consequences of the event and ultimately risk of the event

20. Conclusion Site Profiler Knowledge-base is essential decision support for assessing terrorist threats BN approaches not found to be selling point Many people ask wrong questions Power of BN comes from ability to ask: What are the factors that make risk high or low?