A Quantitative Approach to Risk Management in Critical Infrastructures

摘要

In the last ten years, an efficient Security Management System (SEMS) has acquired an important role for organizations working in transportation sector. In many cases, Critical Infrastructure legislation plans specific and mandatory quality requirements for the implementation of a security management system. The organizations are encouraged by the legislative requirements and the competitiveness to certify the SEMS in accordance with the current international standards (e.g. ISO 27001 and ISO 28000). As well known, certification can be either a mandatory or a voluntary process but it is usually voluntary and qualitative. In the SEMS, as in other management systems, current certification uses a qualitative approach deriving from the ISO 9000. Normally in certification, quantitative assessment characterizes only some technological systems while every other application including human factor or procedures uses qualitative assessment. The development of security management system certification should bring to introducing risk-based and quantitative assessment methods. Benefits arising from the residual risk quantification of the SEMS can set certification a tool enabling to bargain with insurances, a warranty for the investments undertaken when facing stakeholders and shareholders, a proof to justify decisions during a legal action and last but not least a good publicity for company's image and hence company's competitiveness. This paper proposes the implementation of risk-based methodologies in use by process engineering to achieve a quantitative assessment of security management systems. The methodology is exposed and applied to a railway case study. The first steps show how to analyze the system (study of macro operability functions, identification of subsystems, etc.) and how to integrate technological, human and procedural aspects by flow charts. The later steps describe how to manage threats, vulnerability and criticality of Critical Infrastructure subsystems and how to identify “primary causes” and “Top Event consequences” drawing fault trees and event trees, and finally how to calculate the residual risk for security management system. In conclusion, the methodology is applied on a case study of one railway subsystem and the results of the quantitative risk analysis are exposed.