Identification of reference security scenarios from past event datasets by Bayesian Network analysis

IF 9.4 1区 工程技术 Q1 ENGINEERING, INDUSTRIAL Reliability Engineering & System Safety Pub Date : 2024-10-28 DOI:10.1016/j.ress.2024.110615
Matteo Iaiani, Giuseppe Fazari, Alessandro Tugnoli, Valerio Cozzani
{"title":"Identification of reference security scenarios from past event datasets by Bayesian Network analysis","authors":"Matteo Iaiani,&nbsp;Giuseppe Fazari,&nbsp;Alessandro Tugnoli,&nbsp;Valerio Cozzani","doi":"10.1016/j.ress.2024.110615","DOIUrl":null,"url":null,"abstract":"<div><div>The global threat of deliberate attacks on chemical, process, and energy facilities underscores the urgent need to enhance Security Vulnerability/Risk Assessment (SVA/SRA) approaches. Traditional assessments often use historical data and Exploratory Data Analysis (EDA) to identify reference scenarios. However, EDA lacks a standardized approach to identify and rank the incident chains. A novel methodology based on Bayesian Networks (BN), named BAS<sup>2</sup>E, was developed to support the systematic identification of reference scenarios from past event datasets. The methodology is based on the development of a static quantified BN, that accurately reflects the causal relationships in incident chains, focusing specifically on those between threats, attack methods, and physical damage scenarios. The BN is quantified by statistical information from the analysis of the incident records and employs the Noisy-OR gate model to manage data gaps in the conditional probability tables (CPTs) specification. The application of the BN sensitivity analysis provides quantification of the reciprocal influence between nodes using a specific derivative-based parameter, allowing for the systematic ranking of the most impactful incident chains to be included as reference scenarios in SVA/SRA. The methodology is demonstrated through its application to a dataset of 109 security incidents that occurred in the offshore Oil&amp;Gas sector.</div></div>","PeriodicalId":54500,"journal":{"name":"Reliability Engineering & System Safety","volume":"254 ","pages":"Article 110615"},"PeriodicalIF":9.4000,"publicationDate":"2024-10-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Reliability Engineering & System Safety","FirstCategoryId":"5","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0951832024006860","RegionNum":1,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"ENGINEERING, INDUSTRIAL","Score":null,"Total":0}
引用次数: 0

Abstract

The global threat of deliberate attacks on chemical, process, and energy facilities underscores the urgent need to enhance Security Vulnerability/Risk Assessment (SVA/SRA) approaches. Traditional assessments often use historical data and Exploratory Data Analysis (EDA) to identify reference scenarios. However, EDA lacks a standardized approach to identify and rank the incident chains. A novel methodology based on Bayesian Networks (BN), named BAS2E, was developed to support the systematic identification of reference scenarios from past event datasets. The methodology is based on the development of a static quantified BN, that accurately reflects the causal relationships in incident chains, focusing specifically on those between threats, attack methods, and physical damage scenarios. The BN is quantified by statistical information from the analysis of the incident records and employs the Noisy-OR gate model to manage data gaps in the conditional probability tables (CPTs) specification. The application of the BN sensitivity analysis provides quantification of the reciprocal influence between nodes using a specific derivative-based parameter, allowing for the systematic ranking of the most impactful incident chains to be included as reference scenarios in SVA/SRA. The methodology is demonstrated through its application to a dataset of 109 security incidents that occurred in the offshore Oil&Gas sector.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
通过贝叶斯网络分析从过去的事件数据集中识别参考安全情景
蓄意攻击化学、加工和能源设施的全球威胁突出表明,迫切需要加强安全漏洞/风险评估(SVA/SRA)方法。传统评估通常使用历史数据和探索性数据分析 (EDA) 来确定参考情景。然而,EDA 缺乏标准化的方法来识别和排列事件链。我们开发了一种基于贝叶斯网络(BN)的新方法,名为 BAS2E,以支持从过去的事件数据集中系统地识别参考情景。该方法基于静态量化贝叶斯网络的开发,可准确反映事件链中的因果关系,尤其侧重于威胁、攻击方法和物理损害情景之间的因果关系。通过分析事件记录中的统计信息对 BN 进行量化,并采用 Noisy-OR 门模型来管理条件概率表 (CPT) 规范中的数据缺口。应用 BN 敏感性分析,可使用基于特定导数的参数对节点之间的相互影响进行量化,从而对影响最大的事件链进行系统排序,作为 SVA/SRA 的参考情景。通过将该方法应用于海上石油和天然气行业发生的 109 起安全事件的数据集,对其进行了演示。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
Reliability Engineering & System Safety
Reliability Engineering & System Safety 管理科学-工程:工业
CiteScore
15.20
自引率
39.50%
发文量
621
审稿时长
67 days
期刊介绍: Elsevier publishes Reliability Engineering & System Safety in association with the European Safety and Reliability Association and the Safety Engineering and Risk Analysis Division. The international journal is devoted to developing and applying methods to enhance the safety and reliability of complex technological systems, like nuclear power plants, chemical plants, hazardous waste facilities, space systems, offshore and maritime systems, transportation systems, constructed infrastructure, and manufacturing plants. The journal normally publishes only articles that involve the analysis of substantive problems related to the reliability of complex systems or present techniques and/or theoretical results that have a discernable relationship to the solution of such problems. An important aim is to balance academic material and practical applications.
期刊最新文献
Lifting wavelet-informed hierarchical domain adaptation network: An interpretable digital twin-driven gearbox fault diagnosis method A novel sim2real reinforcement learning algorithm for process control Multi-label domain adversarial reinforcement learning for unsupervised compound fault recognition High-efficient non-iterative reliability-based design optimization based on the design space virtually conditionalized reliability evaluation method Pseudo-label assisted contrastive learning model for unsupervised open-set domain adaptation in fault diagnosis
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1