通过贝叶斯网络分析从过去的事件数据集中识别参考安全情景

IF 9.4 1区工程技术 Q1 ENGINEERING, INDUSTRIAL

Reliability Engineering & System Safety Pub Date : 2024-10-28 DOI:10.1016/j.ress.2024.110615

Matteo Iaiani, Giuseppe Fazari, Alessandro Tugnoli, Valerio Cozzani

{"title":"通过贝叶斯网络分析从过去的事件数据集中识别参考安全情景","authors":"Matteo Iaiani, Giuseppe Fazari, Alessandro Tugnoli, Valerio Cozzani","doi":"10.1016/j.ress.2024.110615","DOIUrl":null,"url":null,"abstract":"<div><div>The global threat of deliberate attacks on chemical, process, and energy facilities underscores the urgent need to enhance Security Vulnerability/Risk Assessment (SVA/SRA) approaches. Traditional assessments often use historical data and Exploratory Data Analysis (EDA) to identify reference scenarios. However, EDA lacks a standardized approach to identify and rank the incident chains. A novel methodology based on Bayesian Networks (BN), named BAS<sup>2</sup>E, was developed to support the systematic identification of reference scenarios from past event datasets. The methodology is based on the development of a static quantified BN, that accurately reflects the causal relationships in incident chains, focusing specifically on those between threats, attack methods, and physical damage scenarios. The BN is quantified by statistical information from the analysis of the incident records and employs the Noisy-OR gate model to manage data gaps in the conditional probability tables (CPTs) specification. The application of the BN sensitivity analysis provides quantification of the reciprocal influence between nodes using a specific derivative-based parameter, allowing for the systematic ranking of the most impactful incident chains to be included as reference scenarios in SVA/SRA. The methodology is demonstrated through its application to a dataset of 109 security incidents that occurred in the offshore Oil&Gas sector.</div></div>","PeriodicalId":54500,"journal":{"name":"Reliability Engineering & System Safety","volume":"254 ","pages":"Article 110615"},"PeriodicalIF":9.4000,"publicationDate":"2024-10-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Identification of reference security scenarios from past event datasets by Bayesian Network analysis\",\"authors\":\"Matteo Iaiani, Giuseppe Fazari, Alessandro Tugnoli, Valerio Cozzani\",\"doi\":\"10.1016/j.ress.2024.110615\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>The global threat of deliberate attacks on chemical, process, and energy facilities underscores the urgent need to enhance Security Vulnerability/Risk Assessment (SVA/SRA) approaches. Traditional assessments often use historical data and Exploratory Data Analysis (EDA) to identify reference scenarios. However, EDA lacks a standardized approach to identify and rank the incident chains. A novel methodology based on Bayesian Networks (BN), named BAS<sup>2</sup>E, was developed to support the systematic identification of reference scenarios from past event datasets. The methodology is based on the development of a static quantified BN, that accurately reflects the causal relationships in incident chains, focusing specifically on those between threats, attack methods, and physical damage scenarios. The BN is quantified by statistical information from the analysis of the incident records and employs the Noisy-OR gate model to manage data gaps in the conditional probability tables (CPTs) specification. The application of the BN sensitivity analysis provides quantification of the reciprocal influence between nodes using a specific derivative-based parameter, allowing for the systematic ranking of the most impactful incident chains to be included as reference scenarios in SVA/SRA. The methodology is demonstrated through its application to a dataset of 109 security incidents that occurred in the offshore Oil&Gas sector.</div></div>\",\"PeriodicalId\":54500,\"journal\":{\"name\":\"Reliability Engineering & System Safety\",\"volume\":\"254 \",\"pages\":\"Article 110615\"},\"PeriodicalIF\":9.4000,\"publicationDate\":\"2024-10-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Reliability Engineering & System Safety\",\"FirstCategoryId\":\"5\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S0951832024006860\",\"RegionNum\":1,\"RegionCategory\":\"工程技术\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"ENGINEERING, INDUSTRIAL\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Reliability Engineering & System Safety","FirstCategoryId":"5","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0951832024006860","RegionNum":1,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"ENGINEERING, INDUSTRIAL","Score":null,"Total":0}

引用次数: 0

摘要

蓄意攻击化学、加工和能源设施的全球威胁突出表明，迫切需要加强安全漏洞/风险评估（SVA/SRA）方法。传统评估通常使用历史数据和探索性数据分析 (EDA) 来确定参考情景。然而，EDA 缺乏标准化的方法来识别和排列事件链。我们开发了一种基于贝叶斯网络（BN）的新方法，名为 BAS2E，以支持从过去的事件数据集中系统地识别参考情景。该方法基于静态量化贝叶斯网络的开发，可准确反映事件链中的因果关系，尤其侧重于威胁、攻击方法和物理损害情景之间的因果关系。通过分析事件记录中的统计信息对 BN 进行量化，并采用 Noisy-OR 门模型来管理条件概率表 (CPT) 规范中的数据缺口。应用 BN 敏感性分析，可使用基于特定导数的参数对节点之间的相互影响进行量化，从而对影响最大的事件链进行系统排序，作为 SVA/SRA 的参考情景。通过将该方法应用于海上石油和天然气行业发生的 109 起安全事件的数据集，对其进行了演示。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Identification of reference security scenarios from past event datasets by Bayesian Network analysis

The global threat of deliberate attacks on chemical, process, and energy facilities underscores the urgent need to enhance Security Vulnerability/Risk Assessment (SVA/SRA) approaches. Traditional assessments often use historical data and Exploratory Data Analysis (EDA) to identify reference scenarios. However, EDA lacks a standardized approach to identify and rank the incident chains. A novel methodology based on Bayesian Networks (BN), named BAS²E, was developed to support the systematic identification of reference scenarios from past event datasets. The methodology is based on the development of a static quantified BN, that accurately reflects the causal relationships in incident chains, focusing specifically on those between threats, attack methods, and physical damage scenarios. The BN is quantified by statistical information from the analysis of the incident records and employs the Noisy-OR gate model to manage data gaps in the conditional probability tables (CPTs) specification. The application of the BN sensitivity analysis provides quantification of the reciprocal influence between nodes using a specific derivative-based parameter, allowing for the systematic ranking of the most impactful incident chains to be included as reference scenarios in SVA/SRA. The methodology is demonstrated through its application to a dataset of 109 security incidents that occurred in the offshore Oil&Gas sector.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Reliability Engineering & System Safety 管理科学-工程：工业

CiteScore

15.20

自引率

39.50%

发文量

621

审稿时长

67 days

期刊介绍： Elsevier publishes Reliability Engineering & System Safety in association with the European Safety and Reliability Association and the Safety Engineering and Risk Analysis Division. The international journal is devoted to developing and applying methods to enhance the safety and reliability of complex technological systems, like nuclear power plants, chemical plants, hazardous waste facilities, space systems, offshore and maritime systems, transportation systems, constructed infrastructure, and manufacturing plants. The journal normally publishes only articles that involve the analysis of substantive problems related to the reliability of complex systems or present techniques and/or theoretical results that have a discernable relationship to the solution of such problems. An important aim is to balance academic material and practical applications.