Introducing the STAMP method in road tunnel safety assessment

After the tremendous accidents in European road tunnels over the past decade, many risk assessment methods have been proposed worldwide, most of them based on Quantitative Risk Assessment (QRA). Although QRAs are helpful to address physical aspects and facilities of tunnels, current approaches in the road tunnel field have limitations to model organizational aspects, software behavior and the adaptation of the tunnel system over time. This paper reviews the aforementioned limitations and highlights the need to enhance the safety assessment process of these critical infrastructures with a complementary approach that links the organizational factors to the operational and technical issues, analyze software behavior and models the dynamics of the tunnel system. To achieve this objective, this paper examines the scope for introducing a safety assessment method which is based on the systems thinking paradigm and draws upon the STAMP model. The method proposed is demonstrated through a case study of a tunnel ventilation system and the results show that it has the potential to identify scenarios that encompass both the technical system and the organizational structure. However, since the method does not provide quantitative estimations of risk, it is recommended to be used as a complementary approach to the traditional risk assessments rather than as an alternative. (C) 2012 Elsevier Ltd. All rights reserved

Efficient Computations of a Security Index for False Data Attacks in Power Networks

The resilience of Supervisory Control and Data Acquisition (SCADA) systems for electric power networks for certain cyber-attacks is considered. We analyze the vulnerability of the measurement system to false data attack on communicated measurements. The vulnerability analysis problem is shown to be NP-hard, meaning that unless $P = NP$ there is no polynomial time algorithm to analyze the vulnerability of the system. Nevertheless, we identify situations, such as the full measurement case, where it can be solved efficiently. In such cases, we show indeed that the problem can be cast as a generalization of the minimum cut problem involving costly nodes. We further show that it can be reformulated as a standard minimum cut problem (without costly nodes) on a modified graph of proportional size. An important consequence of this result is that our approach provides the first exact efficient algorithm for the vulnerability analysis problem under the full measurement assumption. Furthermore, our approach also provides an efficient heuristic algorithm for the general NP-hard problem. Our results are illustrated by numerical studies on benchmark systems including the IEEE 118-bus system

EcoBlock: Grid Impacts, Scaling, and Resilience

Widespread deployment of EcoBlocks has the potential to transform today's electricity system into one that is more resilient, flexible, efficient and sustainable. In this vision, the system will consist of self- su cient, renewable-powered, block-scale entities that can deliberately adjust their net power exchange and can optimize performance, maintain stability, support each other, or disconnect entirely from the grid as needed. This report is intended as an independent analysis of the potential relationships, both constructive and adverse, between EcoBlocks and the grid

Driving automation: Learning from aviation about design philosophies

Full vehicle automation is predicted to be on British roads by 2030 (Walker et al., 2001). However, experience in aviation gives us some cause for concern for the 'drive-by-wire' car (Stanton and Marsden, 1996). Two different philosophies have emerged in aviation for dealing with the human factor: hard vs. soft automation, depending on whether the computer or the pilot has ultimate authority (Hughes and Dornheim, 1995). This paper speculates whether hard or soft automation provides the best solution for road vehicles, and considers an alternative design philosophy in vehicles of the future based on coordination and cooperation

Pillar 1 vs. Pillar 2 Under Risk Management

Under the New Basel Accord bank capital adequacy rules (Pillar 1) are substantially revised but the introduction of two new "Pillars" is, perhaps, of even greater significance. This paper focuses on Pillar 2 which expands the range of instruments available to the regulator when intervening with banks that are capital inadequate and investigates the complementarity between Pillar 1 (risk-based capital requirements) and Pillar 2. In particular, the paper focuses on the role of closure rules when recapitalization is costly. In the model banks are able to manage their portfolios dynamically and their decisions on recapitalization and capital structure are determined endogenously. A feature of our approach is to consider the costs as well as the benefits of capital regulation and to accommodate the behavioral response of banks in terms of their portfolio strategy and capital structure. The paper argues that problems of capital adequacy are minor unless, in at least some states of the world, banks are able to violate the capital adequacy rules. The paper shows how the role of Pillar 2 depends on the effectiveness of capital regulation, i.e., the extent to which banks can "cheat".