IDEAS home Printed from https://ideas.repec.org/a/eee/reensy/v159y2017icp196-205.html
   My bibliography  Save this article

Moving beyond probabilities – Strength of knowledge characterisations applied to security

Author

Listed:
  • Askeland, Tore
  • Flage, Roger
  • Aven, Terje

Abstract

Many security experts avoid the concept of probability when assessing risk and vulnerabilities. Their main argument is that meaningful probabilities cannot be determined and they are consequently not useful for decision-making and security management. However, to give priority to some measures and not others, the likelihood dimension needs to be addressed in some way; the question is how. One approach receiving attention recently is to add strength of knowledge judgements to the probabilities and probability intervals generated. The judgements provide a qualitative labelling of how strong the knowledge supporting the probability assignments is. Criteria for such labelling have been developed, but not for a security setting. The purpose of this paper is to develop such criteria specific to security applications and, using some examples, to demonstrate their suitability.

Suggested Citation

  • Askeland, Tore & Flage, Roger & Aven, Terje, 2017. "Moving beyond probabilities – Strength of knowledge characterisations applied to security," Reliability Engineering and System Safety, Elsevier, vol. 159(C), pages 196-205.
    • Handle: RePEc:eee:reensy:v:159:y:2017:i:c:p:196-205
    DOI: 10.1016/j.ress.2016.10.035
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S0951832016307323
    Download Restriction: Full text for ScienceDirect subscribers only
    File URL: https://libkey.io/10.1016/j.ress.2016.10.035?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Guikema, Seth D. & Aven, Terje, 2010. "Assessing risk from intelligent attacks: A perspective on approaches," Reliability Engineering and System Safety, Elsevier, vol. 95(5), pages 478-483.
    2. Aven, Terje, 2008. "A semi-quantitative approach to risk analysis, as an alternative to QRAs," Reliability Engineering and System Safety, Elsevier, vol. 93(6), pages 790-797.
    3. Robert Gibbons, 1997. "An Introduction to Applicable Game Theory," Journal of Economic Perspectives, American Economic Association, vol. 11(1), pages 127-149, Winter.
    4. Jun Zhuang & Vicki M. Bier, 2007. "Balancing Terrorism and Natural Disasters---Defensive Strategy with Endogenous Attacker Effort," Operations Research, INFORMS, vol. 55(5), pages 976-991, October.
    5. Kjell Hausken, 2002. "Probabilistic Risk Analysis and Game Theory," Risk Analysis, John Wiley & Sons, vol. 22(1), pages 17-27, February.
    6. W. Edwards Deming, 2000. "Out of the Crisis," MIT Press Books, The MIT Press, edition 1, volume 1, number 0262541157, April.
    7. Aven, Terje, 2013. "Probabilities and background knowledge as a tool to reflect uncertainties in relation to intentional acts," Reliability Engineering and System Safety, Elsevier, vol. 119(C), pages 229-234.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Ruponen, Pekka & Montewka, Jakub & Tompuri, Markus & Manderbacka, Teemu & Hirdaris, Spyros, 2022. "A framework for onboard assessment and monitoring of flooding risk due to open watertight doors for passenger ships," Reliability Engineering and System Safety, Elsevier, vol. 226(C).
    2. Flage, Roger & Askeland, Tore, 2020. "Assumptions in quantitative risk assessments: When explicit and when tacit?," Reliability Engineering and System Safety, Elsevier, vol. 197(C).
    3. Øystein Amundrud & Terje Aven & Roger Flage, 2017. "How the definition of security risk can be made compatible with safety definitions," Journal of Risk and Reliability, , vol. 231(3), pages 286-294, June.

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Andrew Samuel & Seth D. Guikema, 2012. "Resource Allocation for Homeland Defense: Dealing with the Team Effect," Decision Analysis, INFORMS, vol. 9(3), pages 238-252, September.
    2. Insua, Insua Rios & Rios, Jesus & Banks, David, 2009. "Adversarial Risk Analysis," Journal of the American Statistical Association, American Statistical Association, vol. 104(486), pages 841-854.
    3. Roshanak Nateghi & Seth D. Guikema & Yue (Grace) Wu & C. Bayan Bruss, 2016. "Critical Assessment of the Foundations of Power Transmission and Distribution Reliability Metrics and Standards," Risk Analysis, John Wiley & Sons, vol. 36(1), pages 4-15, January.
    4. Zare Moayedi, Behzad & Azgomi, Mohammad Abdollahi, 2012. "A game theoretic framework for evaluation of the impacts of hackers diversity on security measures," Reliability Engineering and System Safety, Elsevier, vol. 99(C), pages 45-54.
    5. Hausken, Kjell, 2008. "Strategic defense and attack for reliability systems," Reliability Engineering and System Safety, Elsevier, vol. 93(11), pages 1740-1750.
    6. Kjell Hausken & Vicki M. Bier & Jun Zhuang, 2009. "Defending Against Terrorism, Natural Disaster, and All Hazards," International Series in Operations Research & Management Science, in: Vicki M. M. Bier & M. Naceur Azaiez (ed.), Game Theoretic Risk Analysis of Security Threats, chapter 4, pages 65-97, Springer.
    7. Simon, Jay & Omar, Ayman, 2020. "Cybersecurity investments in the supply chain: Coordination and a strategic attacker," European Journal of Operational Research, Elsevier, vol. 282(1), pages 161-171.
    8. Argenti, Francesca & Landucci, Gabriele & Reniers, Genserik & Cozzani, Valerio, 2018. "Vulnerability assessment of chemical facilities to intentional attacks based on Bayesian Network," Reliability Engineering and System Safety, Elsevier, vol. 169(C), pages 515-530.
    9. Vineet M. Payyappalli & Jun Zhuang & Victor Richmond R. Jose, 2017. "Deterrence and Risk Preferences in Sequential Attacker–Defender Games with Continuous Efforts," Risk Analysis, John Wiley & Sons, vol. 37(11), pages 2229-2245, November.
    10. Terje Aven & Seth Guikema, 2015. "On the Concept and Definition of Terrorism Risk," Risk Analysis, John Wiley & Sons, vol. 35(12), pages 2162-2171, December.
    11. Xiaojun Shan & Jun Zhuang, 2013. "Cost of Equity in Homeland Security Resource Allocation in the Face of a Strategic Attacker," Risk Analysis, John Wiley & Sons, vol. 33(6), pages 1083-1099, June.
    12. Jesus Rios & David Rios Insua, 2012. "Adversarial Risk Analysis for Counterterrorism Modeling," Risk Analysis, John Wiley & Sons, vol. 32(5), pages 894-915, May.
    13. Kjell Hausken & Fei He, 2016. "On the Effectiveness of Security Countermeasures for Critical Infrastructures," Risk Analysis, John Wiley & Sons, vol. 36(4), pages 711-726, April.
    14. Mohammad E. Nikoofal & Jun Zhuang, 2012. "Robust Allocation of a Defensive Budget Considering an Attacker's Private Information," Risk Analysis, John Wiley & Sons, vol. 32(5), pages 930-943, May.
    15. Talarico, Luca & Reniers, Genserik & Sörensen, Kenneth & Springael, Johan, 2015. "MISTRAL: A game-theoretical model to allocate security measures in a multi-modal chemical transportation network with adaptive adversaries," Reliability Engineering and System Safety, Elsevier, vol. 138(C), pages 105-114.
    16. Kjell Hausken & Jonathan W. Welburn & Jun Zhuang, 2024. "A Review of Attacker–Defender Games and Cyber Security," Games, MDPI, vol. 15(4), pages 1-27, August.
    17. Abdolmajid Yolmeh & Melike Baykal-Gürsoy, 2019. "Two-Stage Invest–Defend Game: Balancing Strategic and Operational Decisions," Decision Analysis, INFORMS, vol. 16(1), pages 46-66, March.
    18. Nikoofal, Mohammad E. & Zhuang, Jun, 2015. "On the value of exposure and secrecy of defense system: First-mover advantage vs. robustness," European Journal of Operational Research, Elsevier, vol. 246(1), pages 320-330.
    19. Levitin, Gregory & Hausken, Kjell, 2009. "False targets vs. redundancy in homogeneous parallel systems," Reliability Engineering and System Safety, Elsevier, vol. 94(2), pages 588-595.
    20. Chen, Shun & Zhao, Xudong & Chen, Zhilong & Hou, Benwei & Wu, Yipeng, 2022. "A game-theoretic method to optimize allocation of defensive resource to protect urban water treatment plants against physical attacks," International Journal of Critical Infrastructure Protection, Elsevier, vol. 36(C).

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:reensy:v:159:y:2017:i:c:p:196-205. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: https://www.journals.elsevier.com/reliability-engineering-and-system-safety .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.