Quantitative security risk assessment and management for railway transportation infrastructures
2009 (English)In: Critical Information Infrastructure Security. CRITIS 2008 / [ed] Setola, Roberto ; Geretshuber, Stefan, Springer , 2009, p. 180-189Conference paper, Published paper (Refereed)
Abstract [en]
Scientists have been long investigating procedures, models and tools for the risk analysis in several domains, from economics to computer networks. This paper presents a quantitative method and a tool for the security risk assessment and management specifically tailored to the context of railway transportation systems, which are exposed to threats ranging from vandalism to terrorism. The method is based on a reference mathematical model and it is supported by a specifically developed tool. The tool allows for the management of data, including attributes of attack scenarios and effectiveness of protection mechanisms, and the computation of results, including risk and cost/benefit indices. The main focus is on the design of physical protection systems, but the analysis can be extended to logical threats as well. The cost/benefit analysis allows for the evaluation of the return on investment, which is a nowadays important issue to be addressed by risk analysts. © 2009 Springer Berlin Heidelberg.
Place, publisher, year, edition, pages
Springer , 2009. p. 180-189
Series
Lecture Notes in Computer Science, ISSN 1973-2018 ; 5508
Keywords [en]
Cost/benefit evaluation, Critical infrastructure protection, Quantitative approaches, Railways, Risk analysis, Security, Computer networks, Economics, Investments, Locomotive cranes, Mathematical models, Offshore pipelines, Profitability, Railroad transportation, Railroads, Risk management, Risk perception, Safety factor, Risk assessment
National Category
Computer Systems
Research subject
Computer Science, Software Technology
Identifiers
URN: urn:nbn:se:mdh:diva-47798DOI: 10.1007/978-3-642-03552-4_16Scopus ID: 2-s2.0-70349312712ISBN: 3642035515 (print)ISBN: 9783642035517 (print)OAI: oai:DiVA.org:mdh-47798DiVA, id: diva2:1427377
Conference
Critical Information Infrastructures Security.Third International Workshop, CRITIS, 13-15 October 2008, Rome
2018-06-052020-04-29Bibliographically approved