The emergence of the complexity characterizing our systems of systems (SoS) requires a reevaluation of the way we model, assess, manage, communicate, and analyze the risk thereto. Current models for risk analysis of emergent complex SoS are insufficient because too often they rely on the same risk functions and models used for single systems. These models commonly fail to incorporate the complexity derived from the networks of interdependencies and interconnectedness (I-I) characterizing SoS.
View Article and Find Full Text PDFPhysical infrastructure systems are commonly composed of interconnected and interdependent subsystems, which in their essence constitute system of systems (S-o-S). System owners and policy researchers need tools to foresee potential emergent forced changes and to understand their impact so that effective risk management strategies can be developed. We develop a systemic framework for precursor analysis to support the design of an effective and efficient precursor monitoring and decision support system with the ability to (i) identify and prioritize indicators of evolving risks of system failure; and (ii) evaluate uncertainties in precursor analysis to support informed and rational decision making.
View Article and Find Full Text PDFProc Annu Conf Progn Health Manag Soc
January 2015
The vision of Smart Manufacturing Systems (SMS) includes collaborative robots that can adapt to a range of scenarios. This vision requires a classification of multiple system behaviors, or sequences of movement, that can achieve the same high-level tasks. Likewise, this vision presents unique challenges regarding the management of environmental variables in concert with discrete, logic-based programming.
View Article and Find Full Text PDFNatural and human-induced disasters affect organizations in myriad ways because of the inherent interconnectedness and interdependencies among human, cyber, and physical infrastructures, but more importantly, because organizations depend on the effectiveness of people and on the leadership they provide to the organizations they serve and represent. These human-organizational-cyber-physical infrastructure entities are termed systems of systems. Given the multiple perspectives that characterize them, they cannot be modeled effectively with a single model.
View Article and Find Full Text PDFThis article is grounded on the premise that the complex process of risk assessment, management, and communication, when applied to systems of systems, should be guided by universal systems-based principles. It is written from the perspective of systems engineering with the hope and expectation that the principles introduced here will be supplemented and complemented by principles from the perspectives of other disciplines. Indeed, there is no claim that the following 10 guiding principles constitute a complete set; rather, the intent is to initiate a discussion on this important subject that will incrementally lead us to a more complete set of guiding principles.
View Article and Find Full Text PDFThis article highlights the complexity of the quantification of the multidimensional risk function, develops five systems-based premises on quantifying the risk of terrorism to a threatened system, and advocates the quantification of vulnerability and resilience through the states of the system. The five premises are: (i) There exists interdependence between a specific threat to a system by terrorist networks and the states of the targeted system, as represented through the system's vulnerability, resilience, and criticality-impact. (ii) A specific threat, its probability, its timing, the states of the targeted system, and the probability of consequences can be interdependent.
View Article and Find Full Text PDFThe premise of this article is that risk to a system, as well as its vulnerability and resilience, can be understood, defined, and quantified most effectively through a systems-based philosophical and methodological approach, and by recognizing the central role of the system states in this process. A universally agreed-upon definition of risk has been difficult to develop; one reason is that the concept is multidimensional and nuanced. It requires an understanding that risk to a system is inherently and fundamentally a function of the initiating event, the states of the system and of its environment, and the time frame.
View Article and Find Full Text PDFThe risk of cyber attacks on process control networks (PCN) is receiving significant attention due to the potentially catastrophic extent to which PCN failures can damage the infrastructures and commodity flows that they support. Risk management addresses the coupled problems of (1) reducing the likelihood that cyber attacks would succeed in disrupting PCN operation and (2) reducing the severity of consequences in the event of PCN failure or manipulation. The Network Security Risk Model (NSRM) developed in this article provides a means of evaluating the efficacy of candidate risk management policies by modeling the baseline risk and assessing expectations of risk after the implementation of candidate measures.
View Article and Find Full Text PDFThe inoperability input-output model (IIM) has been used for analyzing disruptions due to man-made or natural disasters that can adversely affect the operation of economic systems or critical infrastructures. Taking economic perturbation for each sector as inputs, the IIM provides the degree of economic production impacts on all industry sectors as the outputs for the model. The current version of the IIM does not provide a separate analysis for the international trade component of the inoperability.
View Article and Find Full Text PDFThe U.S. Department of Homeland Security (DHS) has mandated all regions to "carefully weigh the benefit of each homeland security endeavor and only allocate resources where the benefit of reducing risk is worth the amount of additional cost" (DHS, 2006, p.
View Article and Find Full Text PDFHierarchical decision making is a multidimensional process involving management of multiple objectives (with associated metrics and tradeoffs in terms of costs, benefits, and risks), which span various levels of a large-scale system. The nation is a hierarchical system as it consists multiple classes of decisionmakers and stakeholders ranging from national policymakers to operators of specific critical infrastructure subsystems. Critical infrastructures (e.
View Article and Find Full Text PDFWillful attacks or natural disasters pose extreme risks to sectors of the economy. An extreme-event analysis extension is proposed for the Inoperability Input-Output Model (IIM) and the Dynamic IIM (DIIM), which are analytical methodologies for assessing the propagated consequences of initial disruptions to a set of sectors. The article discusses two major risk categories that the economy typically experiences following extreme events: (i) significant changes in consumption patterns due to lingering public fear and (ii) adjustments to the production outputs of the interdependent economic sectors that are necessary to match prevailing consumption levels during the recovery period.
View Article and Find Full Text PDFInterdependency analysis in the context of this article is a process of assessing and managing risks inherent in a system of interconnected entities (e.g., infrastructures or industry sectors).
View Article and Find Full Text PDFWhen stricken by a terrorist attack, a war, or a natural disaster, an economic unit or a critical infrastructure may suffer significant loss of productivity. More importantly, due to interdependency or interconnectedness, this initial loss may propagate into other systems and eventually lead to much greater derivative loss. This belongs to what is known as a cascading effect.
View Article and Find Full Text PDFThe analysis of risk-return tradeoffs and their practical applications to portfolio analysis paved the way for Modern Portfolio Theory (MPT), which won Harry Markowitz a 1992 Nobel Prize in Economics. A typical approach in measuring a portfolio's expected return is based on the historical returns of the assets included in a portfolio. On the other hand, portfolio risk is usually measured using volatility, which is derived from the historical variance-covariance relationships among the portfolio assets.
View Article and Find Full Text PDFThe terrorist acts of September 11, 2001 were a wake-up call for changing our traditional response to risks of terrorism. Given that government and worldwide think-tank organizations maintain that risks of terrorism will continue for the indefinite future, the following questions deserve strategic answers. How long can we respond to terrorism with tactical measures only, sustain current curtailments of some of our freedoms, travel, and quality of life, and absorb losses in human life and properties? Should not underlying strategic motivation lead to the tactical measures? Why do so many groups and individuals in some developing countries hate us? Is it because they fear that the ideas we export through television, movies, literature, and music have a corrupting influence on their cultures? Is it because of past operations that we conducted in such countries as Iran, Nicaragua, El Salvador, and Granada? Can the genesis of the risks of terrorism to the homeland be traced to the unfavorable socioeconomic conditions in less-privileged and developing countries, where civil and religious freedoms are close to nonexistent, and sanitary conditions, health and education, and critical infrastructures of essential utilities are almost at the same level that existed in the United States almost a century ago? If we could make progress at improving the quality of life of the billions of people in the developing countries and become more sensitive to their needs, cultures, and heritage, would their hatred subside? What other measures can we take to reduce their hatred, without compromising our basic cultural and democratic principles or their cultural and social heritage?
View Article and Find Full Text PDFThis paper contributes a methodological framework to identify, prioritize, assess, and manage risk scenarios of a large-scale system. Qualitative screening of scenarios and classes of scenarios is appropriate initially, while quantitative assessments may be applied once the set of all scenarios (hundreds) has been prioritized in several phases. The eight-phase methodology is described in detail and is applied to operations other than war.
View Article and Find Full Text PDF