Security risk assessment and protection in the chemical and process industry

This article describes a security risk assessment and protection methodology that was developed for use in the chemical- and process industry in Belgium. The approach of the method follows a risk-based approach that follows desing principles for chemical safety. That approach is beneficial for workers in the chemical industry because they recognize the steps in this model from familiar safety models .The model combines the rings-of-protection approach with generic security practices including: management and procedures, security technology (e.g. CCTV, fences, and access control), and human interactions (pro-active as well as re-active). The method is illustrated in a case-study where a practical protection plan was developed for an existing chemical company. This chapter demonstrates that the method is useful for similar chemical- and process industrial activities far beyond the Belgian borders, as well as for cross-industrial security protection. This chapter offers an insight into how the chemical sector protects itself on the one hand, and an insight into how security risk management can be practiced on the other hand

De-perimeterisation as a cycle: tearing down and rebuilding security perimeters

If an organisation wants to secure its IT assets, where should the security mechanisms be placed? The traditional view is the hard-shell model, where an organisation secures all its assets using a fixed security border: What is inside the security perimeter is more or less trusted, what is outside is not. Due to changes in technologies, business processes and their legal environments this approach is not adequate anymore.\ud This paper examines this process, which was coined de-perimeterisation by the Jericho Forum.\ud In this paper we analyse and define the concepts of perimeter and de-perimeterisation, and show that there is a long term trend in which de-perimeterisation is iteratively accelerated and decelerated. In times of accelerated de-perimeterisation, technical and organisational changes take place by which connectivity between organisations and their environment scales up significantly. In times of deceleration, technical and organisational security measures are taken to decrease the security risks that come with de-perimeterisation, a movement that we call re-perimeterisation. We identify the technical and organisational mechanisms that facilitate de-perimeterisation and re-perimeterisation, and discuss the forces that cause organisations to alternate between these two movements

Rethinking De-Perimeterisation: Problem Analysis And Solutions

For businesses, the traditional security approach is the hard-shell model: an organisation secures all its assets using a fixed security border, trusting the inside, and distrusting the outside. However, as technologies and business processes change, this model looses its attractiveness. In a networked world, “inside” and “outside” can no longer be clearly distinguished. The Jericho Forum - an industry consortium part of the Open Group – coined this process deperimeterisation and suggested an approach aimed at securing data rather than complete systems and infrastructures. We do not question the reality of de-perimeterisation; however, we believe that the existing analysis of the exact problem, as well as the usefulness of the proposed solutions have fallen short: first, there is no linear process of blurring boundaries, in which security mechanisms are placed at lower and lower levels, until they only surround data. To the contrary, we experience a cyclic process of connecting and disconnecting of systems. As conditions change, the basic trade-off between accountability and business opportunities is made (and should be made) every time again. Apart from that, data level security has several limitations to start with, and there is a big potential for solving security problems differently: by rearranging the responsibilities between businesses and individuals. The results of this analysis can be useful for security professionals who need to trade off different security mechanisms for their organisations and their information systems

An n-sided polygonal model to calculate the impact of cyber security events

This paper presents a model to represent graphically the impact of cyber events (e.g., attacks, countermeasures) in a polygonal systems of n-sides. The approach considers information about all entities composing an information system (e.g., users, IP addresses, communication protocols, physical and logical resources, etc.). Every axis is composed of entities that contribute to the execution of the security event. Each entity has an associated weighting factor that measures its contribution using a multi-criteria methodology named CARVER. The graphical representation of cyber events is depicted as straight lines (one dimension) or polygons (two or more dimensions). Geometrical operations are used to compute the size (i.e, length, perimeter, surface area) and thus the impact of each event. As a result, it is possible to identify and compare the magnitude of cyber events. A case study with multiple security events is presented as an illustration on how the model is built and computed.Comment: 16 pages, 5 figures, 2 tables, 11th International Conference on Risks and Security of Internet and Systems, (CRiSIS 2016), Roscoff, France, September 201

System engineering approach applied to Galileo system

Developing a localization system, with more precise performances than GPS that guarantees Europe autonomy is a complex challenge that ESA and a large number of European economical actors of space industry were decided to meet. To design and manage such a huge system would have been impossible without applying System Engineering best practices, thanks to fundamental activities, multidisciplinary teams and dedicated tools. This paper gives an overview of the System Engineering approach applied to design and develop Galileo, the European Satellite Radio-Navigation System. Galileo system scope is so wide that we have decided to focus on some particular steps of the System Engineering processes that are: Requirements Engineering and Architec-ture. All along this paper, examples are given to illustrate the additional difficulties that have made Systems Engineering more and more complex

Rural sustainable drainage systems:a practical design and build guide for Scotland's farmers and landowners

Soil cultivation, manure / fertiliser applications and chemical spraying can all contribute to diffuse pollution from agricultural land. Rainfall runoff from farm roads, tracks, yards and dusty roofs are also potential sources of diffuse pollution. Whilst many changes in farming practice have dealt with these sources of pollution there still remains instances where small amounts escape from a farmyard into a nearby ditch or where sediment laden overland field flows make their way into a ditch or burn, river or natural wetland and finally the sea. This not only has cost implications for a farmer but these incidents across a catchment have a huge impact on our water environment. Rural Sustainable Drainage Systems (Rural SuDS) will reduce agricultural diffuse pollution impacts as they are physical barriers that treat rainfall runoff. They are low cost, above ground drainage structures that capture soil particles, organic matter, nutrients and pesticides before they enter our water environment. Rural SuDS for steadings prevent blockages in drains and ditches. They contribute to good environmental practice and farm assurance schemes. In fields they can be used for returning fertile soil back to farmland and will help your business become more resilient to the impacts of climate change. Trapping soils, organic matter and nutrients means that valuable assets can be reclaimed – recent studies indicate savings of £88 per hectare per year! This Design and Build guide can be used by farmers and land managers to reduce diffuse pollution

Status of the Instream Flow Issue in Arkansas, 1987

Expansion of Arkansas\u27 population with concurrent increases in the state\u27s domestic, industrial, and agricultural water uses and possible out-of-state diversion are placing substantial demands on the state\u27s water resources. In an attempt to address this growing concern, Act 1051 (1985) of the Arkansas legislature was passed requiring the determination of present and future state water needs. A specific area of this mandate was the quantification of instream flow requirements. Basic instream flow needs are maintenance of the aquatic ecosystem and dependent riparian environment. Flow reservation may compliment other instream uses such as recreation, navigation, water quality, and groundwater recharge. However, offstream uses (e.g. irrigation and industry) may compete for these same flows and often at the most critical time of year. In order to answer questions concerning instream flow requirements, over 40 methods of instream flow determination have been developed, the majority in the semi-arid western United States. These individual procedures may be classified into four major methodologies: (1) discharge, (2) single transect, (3)multiple transect, and (4) regression analysis of historical data. Requirements of these four types vary according to necessary level of expertise, time and effort expended, and monetary outlay. In one year, requests for fish and wildlife instream flow needs for approximately 60 stream reaches throughout Arkansas limited the possible options. Modification and further development of a well-known method is outlined as an initial step in the process of quantifying Arkansas\u27 instream flow needs. Examples are given for some of the major river basins throughout the state