Skip to Main Content
ASME Press Select Proceedings

Proceedings of the Eighth International Conference on Probabilistic Safety Assessment & Management (PSAM)

Editor
Michael G. Stamatelatos
Michael G. Stamatelatos
Search for other works by this author on:
Harold S. Blackman
Harold S. Blackman
Search for other works by this author on:
ISBN-10:
0791802442
No. of Pages:
2576
Publisher:
ASME Press
Publication date:
2006

This paper applies a standard system engineering tool used in human reliability analysis (HRA) known as fault tree analysis to human performance characterization as part of the cyber security process. More specifically, it extends the fault tree analysis approach for assessing the human performance contribution to security, risk, and vulnerability issues in process control. Fault tree analysis is useful because it supports quantitative risk analysis and risk management, two areas of growing importance to the U.S. Department of Homeland Security. The authors are convinced that a human factors fault tree analysis can be used to help determine, characterize, and quantify important aspects of risk and vulnerability analysis across infrastructures. Based on the application, fault tree analysis can be applied to different levels of detail to easily obtain finer or coarser granularity. This paper introduces the concept of human factors cyber fault trees (HFCFTs); establishes the basis for using human factors input as part of the security assurance and risk analysis process, and integrates this information with security assurance level (SAL) concepts.

This content is only available via PDF.
Close Modal
This Feature Is Available To Subscribers Only

Sign In or Create an Account

Close Modal
Close Modal