Modeling the risk of terrorism - it's not a probability, it's a polyhedron

摘要

Government analysts or facility managers for critical infrastructure are faced with the difficult task of managing risk from man made threats, specifically terrorism Current methods of modeling risk frequently examine risk as a function of threat, vulnerability and consequence utilizing convolution. These methods have many shortcomings, including lacking a temporal dimension, a heavy reliance on expert judgment, or a basis on probability distributions. In many cases, experts are difficult to locate, and their estimates are educated guesses at best, resulting in the inability to create a proper probabilistic distribution. Further, for many significant threats, existing probability distributions are not accurate because historic information is not available or the circumstances surrounding the event are significantly different from the infrastructure for which the risk is being evaluated. This paper proposes that risk should be modeled and evaluated as a function of the volume of a risk polyhedron with causal factors as nodes and the relationships instantiated as edges. Using absolute uncertainty as the base value, the volume of the polyhedron either increases or decreases as information is verified. Multip le threats can be modeled and related to represent the intricate relationships between various scenarios. Incorporation of this paradigm would result in a more comprehensive and meaningful analysis of risk in critical infrastructure models.