Risk analysis consists of five cornerstones that have to be viewed holistically by risk practitioners of any organization regardless of the industry type or nature of its critical infrastructures. The cornerstones are hazard identification, risk assessment and consequence analysis, determination of risk management actions required to reduce risks to acceptable levels, communication of risk insights among the stakeholders, and continuous monitoring and verification to ensure sustained attainment of tolerable risk levels. Our primary objectives in this research are two fold: first, we compare and contrast a wide spectrum of current industry-specific and application-dependent semi-quantitative risk models. Secondly, based on the insights to be gained from the first task, we propose a framework for a robust risk-based approach for conducting security vulnerability assessment (SVA). Risk practitioners of critical infrastructures, such as commercial nuclear power plants, water utilities, chemical plants, transmission and distribution substations ... etc., could readily use this proposed approach to classify, evaluate, and prioritize risks to support allocation of resources required to ensure protection of public health and safety.

This content is only available via PDF.
You do not currently have access to this content.