How to assess the value of critical infrastructure

Loading...
Thumbnail Image
Authors
Alderson, David
Brown, Gerald
Carlyle, Matthew
Subjects
critical infrastructure
worst-case risk
defender-attacker-defender
system operator
optimation
vulnerability
intelligent adversary
resilience
Advisors
Date of Issue
2009-05-31
Date
Publisher
Language
Abstract
Type
Article
Description
We present a new paradigm for evaluating critical infrastructure that assesses the function of an infrastructure system as a whole, rather than some enumeration of the vulnerability, risk, economic replacement cost, size, or connectivity of each of its components. Indeed, we hold that we can only discover the value of a set of components if we model the function of the entire infrastructure systems both with and without the function of that set. Our results call into question several currently fashionable methods of risk analysis. For instance, probabilistic risk analysis was designed to model Mother Nature, but now is used to treat terrorists as dice-throwers, rather than intelligent goal-seeking decision makers, and replaces their intelligence with probabilities that subject matter experts guess. Using optimization-based models of system function, we identify the worst-case disruptions to the intelligent operation of a system. We show how to answer rigorously the questions "which parts of an infrastructure are critical," and "how should we allocate limited defensive resources in order to minimize worst-case disruptions?"
Series/Report No
Department
Operations Research
Organization
Naval Postgraduate School (U.S.)
Identifiers
NPS Report Number
Sponsors
Funder
Format
Citation
Distribution Statement
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.
Collections