PSAM 16 - Session Th01 Overview

PSAM 16 Conference Session Th01 Overview

Session Chair: Vaibhav Yadav (vaibhav.yadav@inl.gov)

Paper 1 JL284

Lead Author: John Russell Co-author(s): Carl Stern Carl_Stern@mgtsciences.com

Advancing Intrusion Detection Sensor Performance Using Deliberate Motion Analytics
Excessive Nuisance Alarm Rates (NAR) are a major issue for all exterior intrusion detection systems. Sites with problematic sensor systems can experience an excessive number of nuisance alarms per day as a result of weather, animals, and other natural occurrences causing security personnel to become complacent to sensor alarm, thereby undermining sensor system detection capability. All sites that are utilizing current commercial systems are believed to experience elevated NAR. In addition to being susceptible to nuisance alarms, the cost to purchase and install exterior sensors in security perimeters is very high. Sandia National Laboratories has developed a sensor algorithm that exploits deliberate motion to differentiate alarms caused by an intruder from those caused by other natural occurrences. The Deliberate Motion Analytics (DMA) algorithm is capable of fusing multiple sensors, such as radar, lidar, buried line sensors, microwaves, and video, to provide reliable detection. Preliminary results show that DMA will significantly reduce nuisance alarm rates even when sensors are set to very sensitive detection thresholds. This technology will allow the creation of next generation security architectures that will significantly drive down purchasing and installation costs by an estimated 50%.

Advancing Intrusion Detection Sensor Performance Using Deliberate Motion Analytics

Excessive Nuisance Alarm Rates (NAR) are a major issue for all exterior intrusion detection systems. Sites with problematic sensor systems can experience an excessive number of nuisance alarms per day as a result of weather, animals, and other natural occurrences causing security personnel to become complacent to sensor alarm, thereby undermining sensor system detection capability. All sites that are utilizing current commercial systems are believed to experience elevated NAR. In addition to being susceptible to nuisance alarms, the cost to purchase and install exterior sensors in security perimeters is very high. Sandia National Laboratories has developed a sensor algorithm that exploits deliberate motion to differentiate alarms caused by an intruder from those caused by other natural occurrences. The Deliberate Motion Analytics (DMA) algorithm is capable of fusing multiple sensors, such as radar, lidar, buried line sensors, microwaves, and video, to provide reliable detection. Preliminary results show that DMA will significantly reduce nuisance alarm rates even when sensors are set to very sensitive detection thresholds. This technology will allow the creation of next generation security architectures that will significantly drive down purchasing and installation costs by an estimated 50%.

Paper JL284 | |

A PSAM Profile is not yet available for this author.

Paper 2 ES302

Lead Author: Emily Sandt Co-author(s): Adam Williams adwilli@sandia.gov Tunc Aldemir aldemir.1@osu.edu

Technique for Managing STPA Results in Physical Security Applications
Mitigating risk at nuclear power plants and other nuclear facilities includes security of the site and material. Current processes to determine what needs to be protected—so-called vital area identification (VAI)—leverages safety analytic methods and previously completed safety analyses in its methodology through use of Fault Tree (FT) based logic models. Though successful to date, VAI traditional approaches heavily rely on completed nuclear safety analyses that may not exist for novel advanced or small modular reactor facilities. In response, a newly proposed method for informing the vital area identification process incorporates Systems Theoretic Process Analysis (STPA). STPA’s systems and control theory basis allows for a single analysis that incorporates multiple adversary objectives. This is both an advancement over the current methodology that only considers sabotage of material and can lead to a broad output of potential areas for protection. A frequent criticism of STPA is the lack of prioritization of its high output volume that can be challenging for practical implementation. This work describes a prioritization strategy for managing the results from an STPA for physical security through ranking identified areas based on their frequency of appearance. Using appearance frequency as the criterion for ranking promotes a “risk-informed” approach to identifying vital area sets. Risk-informing is a concept becoming more prevalent in nuclear security in an effort to incorporate state-of-the-art risk-related methodologies, particularly in advanced reactor and international applications. Providing a ranked set of STPA outcomes provides several benefits for physical security, including (but not limited to) offering an opportunity for physical security system design that moves away from costly retrofitting and prioritizing critical components for this protection. Invoking appearance frequency in STPA to improve VAI can also help reduce the cost of overall security system design and implementation. The prioritization of areas serves as a baseline for using STPA to enhance the process—ultimately overcoming criticisms of the currently used method and supporting more robust security systems for nuclear facilities.

Technique for Managing STPA Results in Physical Security Applications

Mitigating risk at nuclear power plants and other nuclear facilities includes security of the site and material. Current processes to determine what needs to be protected—so-called vital area identification (VAI)—leverages safety analytic methods and previously completed safety analyses in its methodology through use of Fault Tree (FT) based logic models. Though successful to date, VAI traditional approaches heavily rely on completed nuclear safety analyses that may not exist for novel advanced or small modular reactor facilities. In response, a newly proposed method for informing the vital area identification process incorporates Systems Theoretic Process Analysis (STPA). STPA’s systems and control theory basis allows for a single analysis that incorporates multiple adversary objectives. This is both an advancement over the current methodology that only considers sabotage of material and can lead to a broad output of potential areas for protection. A frequent criticism of STPA is the lack of prioritization of its high output volume that can be challenging for practical implementation. This work describes a prioritization strategy for managing the results from an STPA for physical security through ranking identified areas based on their frequency of appearance. Using appearance frequency as the criterion for ranking promotes a “risk-informed” approach to identifying vital area sets. Risk-informing is a concept becoming more prevalent in nuclear security in an effort to incorporate state-of-the-art risk-related methodologies, particularly in advanced reactor and international applications. Providing a ranked set of STPA outcomes provides several benefits for physical security, including (but not limited to) offering an opportunity for physical security system design that moves away from costly retrofitting and prioritizing critical components for this protection. Invoking appearance frequency in STPA to improve VAI can also help reduce the cost of overall security system design and implementation. The prioritization of areas serves as a baseline for using STPA to enhance the process—ultimately overcoming criticisms of the currently used method and supporting more robust security systems for nuclear facilities.

Paper ES302 | | Download the presentation pdf file.

Name: Emily Sandt (esandt@sandia.gov)

Bio: Emily is a graduate intern at Sandia National Laboratories and a PhD candidate at The Ohio State University. Her work focuses on improving the state of nuclear security both domestically and abroad. Her dissertation research is centered around using STPA to inform the vital area identification process. She has a background in DPRA and physics.

Country: USA
Company: Sandia National Laboratories
Job Title:

Paper 3 GD286

Lead Author: Gregory D. Wyss

Risk-Informed Management of Enterprise Security
An oft-stated goal within the physical security community is to make security investment decisions within a risk context. For many, risk is defined in a traditional mathematical context of likelihood of occurrence (a probability or frequency) and consequence. Some will further multiply these values and aggregate them to obtain an annualized loss expectancy value for risk, as has been common in safety risk analysis. Others express security risk in terms of Threat, Vulnerability and Consequence, believing that risk can be computed by multiplying numerical values for these attributes. In all cases strong foundational issues exist in application of these numerical methods, including adversary definition, likelihood of attack (and its twin sibling “deterrence”), interdependence among the mathematical terms, adversary tactics, and the differences in adversary groups (known and unknown) with respect to their motivations, goal intensity, knowledge of the target, etc. Even where analysts have tried to be faithful in using these methods to compute “security risk”, the uncertainty bounds on the resulting estimates have often been so broad as to make it almost impossible to use statistical tools to make meaningful recommendations for security decision makers. This research takes a different approach to security risk management in that it begins with the basic assertion that one does not need to compute a numerical value for risk in order to effectively manage risk. It is consistent with a 2010 National Academies report on DOE security management in this regard. The method developed in this paper is based on the premise that potential attack scenarios represent higher security risks to the extent that they are easier for an adversary to successfully accomplish and lead to higher consequences. Security risk management then consists of identifying attack scenarios for which the combination of consequences and scenario difficulty is unacceptably high, and then identifying and implementing mitigation methods that will increase adversary difficulty, reduce expected consequences, or both.

Risk-Informed Management of Enterprise Security

An oft-stated goal within the physical security community is to make security investment decisions within a risk context. For many, risk is defined in a traditional mathematical context of likelihood of occurrence (a probability or frequency) and consequence. Some will further multiply these values and aggregate them to obtain an annualized loss expectancy value for risk, as has been common in safety risk analysis. Others express security risk in terms of Threat, Vulnerability and Consequence, believing that risk can be computed by multiplying numerical values for these attributes. In all cases strong foundational issues exist in application of these numerical methods, including adversary definition, likelihood of attack (and its twin sibling “deterrence”), interdependence among the mathematical terms, adversary tactics, and the differences in adversary groups (known and unknown) with respect to their motivations, goal intensity, knowledge of the target, etc. Even where analysts have tried to be faithful in using these methods to compute “security risk”, the uncertainty bounds on the resulting estimates have often been so broad as to make it almost impossible to use statistical tools to make meaningful recommendations for security decision makers. This research takes a different approach to security risk management in that it begins with the basic assertion that one does not need to compute a numerical value for risk in order to effectively manage risk. It is consistent with a 2010 National Academies report on DOE security management in this regard. The method developed in this paper is based on the premise that potential attack scenarios represent higher security risks to the extent that they are easier for an adversary to successfully accomplish and lead to higher consequences. Security risk management then consists of identifying attack scenarios for which the combination of consequences and scenario difficulty is unacceptably high, and then identifying and implementing mitigation methods that will increase adversary difficulty, reduce expected consequences, or both.

Paper GD286 | | Download the presentation pdf file.

Name: Gregory D. Wyss (gdwyss@sandia.gov)

Bio: Greg is a Distinguished Member of Technical Staff at Sandia National Laboratories, where he has worked and taught in the areas of risk, reliability and vulnerability assessment for over 30 years. He has developed methods and performed risk and vulnerability assessment studies for nuclear reactors, space vehicle launches, nuclear test facilities, telecommunications, and other high-integrity and high-consequence systems. His current responsibilities include developing security risk management methodologies for high-security nuclear facilities. His research interests include assessment of pre-attack planning, insider threats, decision support, and synergistic effects between cyber and physical security systems. Greg has a Ph.D. in Nuclear Engineering from the University of Illinois, and is a Fellow of the International Association for the Advancement of Space Safety.

Country: USA
Company: Sandia National Laboratories
Job Title: Distinguished Member of Technical Staff

Paper 4 TO106

Lead Author: Tomasz KISIEL Co-author(s): Artur KIERZKOWSKI artur.kierzkowski@pwr.edu.pl

A method for managing a security checkpoint through multi-criteria analysis with consideration of safety and process performance.
The purpose of this paper is to develop a method for configuring a security screening checkpoint at an airport. The method will be based on such personnel management that the most advantageous ratio of safety to process efficiency is achieved. The paper uses a computer simulation method on the basis of which a multi-criteria analysis is conducted. Two criteria are taken into account: safety and process performance. Such a model has not yet been developed in the scientific literature and can be of significant interest to the airport security control manager. The article is part of the work related to the project: "Development of an innovative desk of the primary and supplementary training of the security control operator at the airport".

A method for managing a security checkpoint through multi-criteria analysis with consideration of safety and process performance.

The purpose of this paper is to develop a method for configuring a security screening checkpoint at an airport. The method will be based on such personnel management that the most advantageous ratio of safety to process efficiency is achieved. The paper uses a computer simulation method on the basis of which a multi-criteria analysis is conducted. Two criteria are taken into account: safety and process performance. Such a model has not yet been developed in the scientific literature and can be of significant interest to the airport security control manager. The article is part of the work related to the project: "Development of an innovative desk of the primary and supplementary training of the security control operator at the airport".

Paper TO106 | Download the paper file. | Download the presentation pdf file.

Name: Tomasz KISIEL (tomasz.kisiel@pwr.edu.pl)

Bio:

Country: POL
Company: Wroclaw University of Science and Technology
Job Title: Assistant Professor