Ezell Barry Charles
Society of Risk Analysis, U.S. Army Capabilities Integration Center, Fort Monroe, VA, USA.
Risk Anal. 2007 Jun;27(3):571-83. doi: 10.1111/j.1539-6924.2007.00907.x.
Quantifying vulnerability to critical infrastructure has not been adequately addressed in the literature. Thus, the purpose of this article is to present a model that quantifies vulnerability. Vulnerability is defined as a measure of system susceptibility to threat scenarios. This article asserts that vulnerability is a condition of the system and it can be quantified using the Infrastructure Vulnerability Assessment Model (I-VAM). The model is presented and then applied to a medium-sized clean water system. The model requires subject matter experts (SMEs) to establish value functions and weights, and to assess protection measures of the system. Simulation is used to account for uncertainty in measurement, aggregate expert assessment, and to yield a vulnerability (Omega) density function. Results demonstrate that I-VAM is useful to decisionmakers who prefer quantification to qualitative treatment of vulnerability. I-VAM can be used to quantify vulnerability to other infrastructures, supervisory control and data acquisition systems (SCADA), and distributed control systems (DCS).
文献中尚未充分探讨对关键基础设施脆弱性的量化问题。因此,本文的目的是提出一个量化脆弱性的模型。脆弱性被定义为系统对威胁场景的敏感程度的一种度量。本文认为,脆弱性是系统的一种状态,可以使用基础设施脆弱性评估模型(I-VAM)进行量化。该模型被提出并应用于一个中型净水系统。该模型要求主题专家(SMEs)建立价值函数和权重,并评估系统的保护措施。模拟用于考虑测量中的不确定性、汇总专家评估,并生成脆弱性(Ω)密度函数。结果表明,I-VAM对那些倾向于对脆弱性进行量化而非定性处理的决策者很有用。I-VAM可用于量化对其他基础设施、监督控制和数据采集系统(SCADA)以及分布式控制系统(DCS)的脆弱性。
