Methodological Issues of Security Vulnerability Analysis and Risk Assessment
This article addresses methodological issues associated with the safety and security management of hazardous plants. It is emphasized that there are important installations and systems for the safety and security that require a special attention. A knowledge-based methodology for integrated LOPA (layer of protection analysis) & ROPA (rings of protection analysis) is proposed for further research to develop relevant methods and tools for supporting integrated safety and security management based on assessments of relevant risks.
Kosmowski, K. T.: Challenges in security and safety management of critical systems and infrastructures. Proceedings of the International Conference on Technologies for Homeland Security and Safety (eds. A. Stepnowski, A. Ruciński, K. Kosmowski). Gdansk University of Technology, Gdańsk, 2005 (511-520).
Landoll, D. J.: The Security Risk Assessment Handbook. Auerbach Publications, Taylor & Francis Group. New York, 2006.
Masse, T., O'Neil, S., Rollins, J.: The Department of Homeland Security's Risk Assessment Methodology: Evolution, Issues, and Options for Congress. Prepared for Members and Committees of Congress, Congressional Research Service, 2007.
Moteff, J., Copeland, C., Fischer, J.: Critical Infrastructures: What Makes an Infrastructure Critical? Congressional Research Service, The Library of Congress; Resources, Science, and Industry Division; August 30, 2002.
Sticles, R. P., Ozog, H.: Facility Major Risk Survey. ioMosaic Corporation. Salem, 2002.
Commission Decision of 4th February 2005: Concerning the adoption of the Programme of Work 2005 for the Preparatory Action in the field of Security Research. C(2005) 259. Brussels, 18.01.2005.
Critical Infrastructure Protection in the fight against terrorism. Communication from the Commission to the Council and the European Parliament. COM(2004) 702 final. Brussels, 20.10.2004.
Guidelines for Analyzing and Managing the Security Vulnerabilities of Fixed Chemical Sites. Center for the Chemical Process Safety of the American Institute of Chemical Engineers. New York, 2003.
General Security Risk Assessment Guideline. ASIS International. Alexandria 2003.
Layer of Protection Analysis, Simplified Process Risk Assessment. Center for Chemical Process Safety, American Institute of Chemical Engineers. New York, 2001.
On the implementation of the Preparatory Action on the enhancement of the European industrial potential in the field of Security Research, Towards a programme to advance European security through Research and Technology. COM (2004) 72 final. Brussels, 3.02.2004.
Research for a Secure Europe. Report of the Group of Personalities in the field of Security Research. Luxembourg, Office for Official Publications of the European Communities, 2004.
Bobcow, A., Kosmowski, K.: Managing the Security Vulnerabilities of Critical Systems and Hazardous Plants. Chapter 16 in: Functional Safety Management in Critical Systems. Gdansk University of Technology. Fundacja Rozwoju Uniwersytetu Gdańskiego. Gdańsk, 2007.
Byres, E., Lowe, J.: The Myths and Facts behind Cyber Security Risks for Industrial Control Systems. British Columbia Institute of Technology, Burnaby. Canada & PA Consulting Group, London, 2004.
Gheorghe, V., Mili, L. (Editorial): In risk management, integrating the social, economic and technical aspects of cascading failures across interdependent critical infrastructures. International Journal of Critical Infrastructures 1, 2004 (1-7).