Comparing physical protection strategies against insider threats using probabilistic risk assessment
Björkman, Kim; Holmberg, Jan-Erik; Mätäsniemi, T (2022-03-23)
Tätä artikkelia/julkaisua ei ole tallennettu Julkariin. Julkaisun tiedoissa voi kuitenkin olla linkki toisaalle tallennettuun artikkeliin/julkaisuun.
Björkman, Kim
Holmberg, Jan-Erik
Mätäsniemi, T
Elsevier
23.03.2022
Nuclear Engineering and Design
Tiivistelmä
Abstract
Insiders pose a unique challenge to the safety and security of a nuclear facility. They can take advantage of their access rights and knowledge of the plant to bypass, e.g., physical protection elements. In this paper, we present a risk-informed approach to analyze the most plausible ways for an intelligent insider to cause an unwanted outcome (e.g., plant disturbance) by accessing critical locations and preventing the functioning of critical systems. The strength of different protection strategies can be compared using security risk metrics. The starting point of the method is the logical model of a probabilistic risk assessment. The logic model, in the form of minimal cut sets, identifies critical failure combinations that need to be prevented. The case study we performed demonstrated that the approach is usable and should be applicable to realistic facilities. In the analyses, the unwanted outcome to be protected can be basically any outcome that can be represented by minimal cut sets.
Insiders pose a unique challenge to the safety and security of a nuclear facility. They can take advantage of their access rights and knowledge of the plant to bypass, e.g., physical protection elements. In this paper, we present a risk-informed approach to analyze the most plausible ways for an intelligent insider to cause an unwanted outcome (e.g., plant disturbance) by accessing critical locations and preventing the functioning of critical systems. The strength of different protection strategies can be compared using security risk metrics. The starting point of the method is the logical model of a probabilistic risk assessment. The logic model, in the form of minimal cut sets, identifies critical failure combinations that need to be prevented. The case study we performed demonstrated that the approach is usable and should be applicable to realistic facilities. In the analyses, the unwanted outcome to be protected can be basically any outcome that can be represented by minimal cut sets.