A review of cyber security risk assessment methods for SCADA systems

This paper reviews the state of the art in cyber security risk assessment of Supervisory Control and Data Acquisition (SCADA) systems. We select and in-detail examine twenty-four risk assessment methods developed for or applied in the context of a SCADA system. We describe the essence of the methods and then analyse them in terms of aim; application domain; the stages of risk management addressed; key risk management concepts covered; impact measurement; sources of probabilistic data; evaluation and tool support. Based on the analysis, we suggest an intuitive scheme for the categorisation of cyber security risk assessment methods for SCADA systems. We also outline five research challenges facing the domain and point out the approaches that might be taken

Developing and applying the concept of Value of Information to optimise data collection strategies for seismic hazard assessment

In seismic hazard assessments the importance of knowing different input parameters accurately depends on their weight within the hazard model. Many aspects of such assessments require inputs based on knowledge and data from experts. When it comes to decisions about data collection, facility owners and seismic hazard analysts need to balance the possible added value brought by acquiring new data against the budget and time available for its collection. In other words, they need to answer the question “Is it worth paying to obtain this information?” Assessing the value of information (VoI) before data collection should lead to optimising the time and money that one is willing to invest. This thesis presents a method that combines available data and expert judgment to facilitate the decision-making process within the site-response component of seismic hazard assessments. The approach integrates influence diagrams and decision trees to map the causal-relationships between input parameters in site-response analysis, and Bayesian inference to update the model when new evidence is considered. Here, the VoI is assessed for univariate, bivariate and multivariate uncertain parameters to infer an optimal seismic design for typical buildings and critical facilities. For the first time in the field of seismic hazard assessment and earthquake engineering, a framework is developed to integrate prior knowledge, ground investigation techniques characteristics and design safety requirements. The consistent findings across different applications show that VoI is highly sensitive to prior probabilities and to the accuracy of the test to be performed. This highlights the importance of defining those from available data as well as only considering tests that are suitable for our needs and budget. The developed VoI framework constitutes a useful decision-making tool for hazard analysts and facility owners, enabling not only the prioritisation of data collection for key input parameters and the identification of optimal tests, but also the justification of the associated decisions. This approach can enhance the accuracy and reliability of seismic hazard assessments, leading to more effective risk management strategies.In seismic hazard assessments the importance of knowing different input parameters accurately depends on their weight within the hazard model. Many aspects of such assessments require inputs based on knowledge and data from experts. When it comes to decisions about data collection, facility owners and seismic hazard analysts need to balance the possible added value brought by acquiring new data against the budget and time available for its collection. In other words, they need to answer the question “Is it worth paying to obtain this information?” Assessing the value of information (VoI) before data collection should lead to optimising the time and money that one is willing to invest. This thesis presents a method that combines available data and expert judgment to facilitate the decision-making process within the site-response component of seismic hazard assessments. The approach integrates influence diagrams and decision trees to map the causal-relationships between input parameters in site-response analysis, and Bayesian inference to update the model when new evidence is considered. Here, the VoI is assessed for univariate, bivariate and multivariate uncertain parameters to infer an optimal seismic design for typical buildings and critical facilities. For the first time in the field of seismic hazard assessment and earthquake engineering, a framework is developed to integrate prior knowledge, ground investigation techniques characteristics and design safety requirements. The consistent findings across different applications show that VoI is highly sensitive to prior probabilities and to the accuracy of the test to be performed. This highlights the importance of defining those from available data as well as only considering tests that are suitable for our needs and budget. The developed VoI framework constitutes a useful decision-making tool for hazard analysts and facility owners, enabling not only the prioritisation of data collection for key input parameters and the identification of optimal tests, but also the justification of the associated decisions. This approach can enhance the accuracy and reliability of seismic hazard assessments, leading to more effective risk management strategies

RISK-BASED ASSESSMENT AND STRENGTHENING OF ELECTRIC POWER SYSTEMS SUBJECTED TO NATURAL HAZARDS

Modern economic and social activities are dependent on a complex network of infrastructure systems that are highly interdependent. Electric power systems form the backbone of such complex network as most civil infrastructure systems cannot function properly without reliable power supply. Electric power systems are vulnerable to extensive damage due to natural hazards, as evident in recent hazard events. Hurricanes, earthquakes, floods, tornados and other natural hazards have caused billions of dollars in direct losses due to damage to power systems and indirect losses due to power outages, as well as social disruption. There is, therefore, a need for a comprehensive framework to assess and mitigate the risk posed by natural hazards to electric power systems. Electric power systems rely on various components that work together to deliver power from generating units to customers. Consequently, any reliable risk assessment methodology needs to take into account how the different components interact. This requires a system-level risk assessment approach. This research presents a framework for system-level risk assessment and management for electric power systems subjected to natural hazards. Specifically, risk due to hurricanes and earthquakes, as well as the combined effect of both is considered. The framework incorporates a topological-based system reliability model, probabilistic and scenario-based hazard analysis, climate change modeling, component vulnerability, component importance measure, multi-hazard risk assessment, and cost analysis. Several risk mitigation strategies are proposed; their efficiency and cost-effectiveness are studied. The developed framework is intended to assist utility companies and other stakeholders in making a risk-informed decision regarding short- and long-term investment in natural hazard risk mitigation for electric power systems. The framework can be used to identify certain parts of the system to strengthen, compare the efficiency and cost-effectiveness of various risk mitigation strategies using life-cycle cost analysis, compare risks posed by different natural hazards, and prioritize investment in the face of limited resources

Engineering User-Centric Smart Charging Systems

Die Integration erneuerbarer Energiequellen und die Sektorenkopplung erhöhen den Bedarf an Flexibilität im Elektrizitätssystem. Elektrofahrzeuge koordiniert zu Laden bietet die Chance solche Flexibilität bereitzustellen. Allerdings hängt das Flexibilitätspotential von Elektrofahrzeugen davon ab in welchem Umfang sich die Nutzer der Fahrzeuge dazu entschließen intelligentes Laden zu nutzen. Ziel dieser Dissertation ist es Lösungen für intelligente Ladesysteme zu entwickeln, welche die Nutzer zu flexiblerem Laden anreizen und diese dabei zu unterstützen. Anhand eines Literaturüberblicks und einer Expertenbefragung werden zunächst Ziele identifiziert, welche Nutzer zu einer flexiblen Ladung motivieren können. Die Ergebnisse zeigen, dass neben finanziellen Anreizen auch die Integration erneuer-barer Energien und die Vermeidung von Netzengpässen einen Anreiz für das flexible La-den darstellen können. In der Folge wird untersucht, ob das Framing der Ladesituation hinsichtlich dieser Ziele die Ladeflexibilität von Elektrofahrzeugnutzern beeinflussen kann. Hierzu wird ein Online-Experiment mit Elektrofahrzeugnutzern evaluiert. Das sich ein Teil der Nutzer bei einem Umwelt-Framing flexibler verhält, macht Feedback darüber, wie die CO2-Emissionen von der bereitgestellten Flexibilität abhängen zu einem vielversprechenden Anreiz intelligentes Laden zu nutzen. Um solches Feedback zu er-möglichen werden als Nächstes die CO2-Einsparpotenziale eines optimierten Ladens im Vergleich zu unkontrolliertem Laden untersucht. Dazu werden die marginalen Emissions-faktoren im deutschen Stromnetz mithilfe eines regressionsbasierten Ansatzes ermittelt. Um Echtzeit-Feedback in realen Systemen zu ermöglichen wird darauf aufbauend eine Prognosemethode für Emissionsfaktoren entwickelt. Die Zielerreichung intelligenten Ladens hängt hauptsächlich von der zeitlichen und energetischen Flexibilität der Elektrofahrzeuge ab. Damit Nutzer diese Ladeeinstellungen nicht bei jeder Ankunft an der Ladestation von Hand eingeben zu müssen, könnten sie durch intelligente Assistenten unterstützt werden. Hierfür werden probabilistische Prognosen für die Flexibilität einzelner Ladevorgänge basierend auf historischen Ladevorgängen und Mobilitätsmustern entwickelt. Darüber hinaus zeigt eine Fallstudie, dass probabilistische Prognosen besser als Punktprognosen dazu geeignet sind die Ladung mehrerer Elektrofahrzeuge zu koordinieren

Applying risk informed methodologies to improve the economics of sodium-cooled fast reactors

Thesis (S.M.)--Massachusetts Institute of Technology, Dept. of Nuclear Science and Engineering, February 2010.Cataloged from PDF version of thesis.Includes bibliographical references (p. 94-97).In order to support the increasing demand for clean sustainable electricity production and for nuclear waste management, the Sodium-Cooled Fast Reactor (SFR) is being developed. The main drawback has been its high capital and operating costs in comparison with traditional light water reactors. In order to compete, the SFR must be shown to be economically competitive. This study makes use of the proposed Technology Neutral Framework (TNF) being developed by the U.S. NRC. By applying this risk-based approach to safety, rather than the traditional approach of applying deterministic requirements, it will be shown that significant savings can be realized without compromising fundamental safety. A methodology was developed using the Technology Neutral Framework to judge design alternatives based on risk significance that provide acceptable safety within the framework at less cost. The key probabilistic metrics of Risk Achievement Worth and Limit Exceedence Factor will be used to assess whether a system or component plays an important safety function. If not the system, structure or component either can be eliminated, modified or its safety grade can be reduced resulting in cost savings. In addition, assessments were made to determine how to improve thermal efficiency by raising reactor exit temperature and by applying other design alternatives to reduce costs as evaluated on a safety, reliability and economic basis.(cont.) This methodology was applied in a series of case studies demonstrating the value of the approach in design. The probabilistic risk assessment, the reference economic model and the Technology Neutral Framework tools required for this methodology are described. A reference economic model for a pool-type SFR was developed using the G4-ECONS model since it is an acceptable standard model for economic analysis. Since cost predictions for sodium cooled fast reactors are highly uncertain, the results of the economic analysis are used to estimate the relative improvement in cost as a function of the design alternatives proposed by the TNF methodology approach. This study used generic and comparative numbers for the ALMR and SPRISM reactors for cost of components of the SFR, to identify capital cost drivers for further study and cost reduction. For comparative purposes, the light water reactor (LWR) economic model in the G4-ECONS model was used and benchmarked to current LWR data. As a result of the case studies in which the methodology was applied, it was shown that the capital cost of the SFR could be reduced by almost 18% ($336 million) over the reference design and the levelized generating costs could be reduced by over 10% (almost 1 cent/kw-hr). These savings come largely from improvements in thermal efficiency, elimination of the energetic core disruptive accident as a design basis event and simplification of the reactor shutdown system based on risk analysis and safety significance. Should this methodology be applied to the entire plant design, it is expected that significant additional savings could be identified.by Christopher C. Nitta.S.M

Saving Lives Through Administrative Law and Economics

This article examines the recent history and future of federal lifesaving regulation. The article argues that, considering both philosophical and practical perspectives, lifesaving regulation informed by benefit-cost analysis (BCA) has compelling advantages compared to the main alternatives to BCA. Contrary to the popular belief that BCA exerts only an anti-regulation influence, I show, based on first-hand experience in the White House from 2001 to 2006, that BCA is also an influential tool in protecting or advancing valuable lifesaving rules, especially in a pro-business Republican administration. Various criticisms of BCA that are common in the legal literature are shown to be unconvincing: the tool's alleged immorality when applied to lifesaving situations, its supposed indeterminacy due to conceptual and empirical shortcomings, and the alleged biases in the way benefits and costs are computed. But the article also pinpoints problems in the "benefit-cost" state, including opportunities for improvement in the process of lifesaving regulation. Innovations in analytic practice, coupled with improvements in the design of regulatory systems, are proposed to strengthen the efficiency and fairness of federal lifesaving regulation. The article's suggestions provide a menu of promising reforms for consideration by the new administration and the new Congress as they take office in January 2009.