S/M-art Security

Site-Specific Value

Risk Assessment Methodology - Buildings(RAM-Bldg.) - as developed - Rudolph Matalucci consultants, Inc.

Risk Assessment Methodology - Transmission(Power) (RAM-Tsm) -similar to RAM-Dsm methodology - RAM-Dsm introduction follows

Enterprise Value

As series of actions, a systematic value chain, Actions, Values, Tools (click-on “Enterprise Value” section above)

Risk Assessment Methodology - Enterprise (RAM - Enterprise) - as developed -Strothman/Associates, Inc.

References, Fundamental systematic principles are recognized throughout Strothman risk management model

Security Risk Assessment and Management

Rudolph V. Matalucci, Betty E. Biringer, Sharon L. O'Connor, John Wiley & Sons, Inc. 2007 A professional practice guide for protecting buildings and infrastructures offering the necessary guidance to professionals and assist with the management of security risk that achieves risk reduction and adequate security performance. Methods were develop by authors while at Sandia National Laboratories.



Risk Assessment Method -Property Analysis and Ranking Tool (RAMPART), Sandia National Laboratories
http://www.nwer.sandia.gov/wlp/factsheets/rampart.pdf



The Design and Evaluation of Physical Protection Systems". Mary Lynn Garcia. Butterworth-Heinmann, Boston, MA, 2001. A text book guide to security system design and integration. It emphasizes component performance measures to establish security effectiveness and provides process for estimating security performance againtst threats. The fundamental principles presented in this text were base fo security risk assessment methodologies at Sandia National Laboratories

Academic/Institutional Value

Architectural Surety® -introduction follows, also click on video link

ARCHITECTURAL SURETY^®

Sandia National Laboratories (Sandia) has been developing the science and engineering of system surety for nuclear weapons for several decades.  Surety is a risk-based approach that provides the confidence a system will perform in acceptable ways in both expected and unexpected circumstances.  In 1995 when Sandia began to apply the safety, security, and reliability principles of weapons surety to the nation’s infrastructure, we service-marked the term Architectural Surety^®.  This program, created to address multi-hazard mitigation, covers the full Research-Development-Application cycle, including an educational program. The mission of the Architectural Surety^® program at Sandia National Laboratories is to assure the performance of buildings, facilities, and other infrastructure systems under normal (reliability), abnormal (safety), and malevolent (security) threat conditions.

A normal threat is an event or condition that affects the reliability of the day-to-day operations, e.g., mean time between failures of the air-handling system. Buildings, dormitories, airports, utilities, and other kinds of infrastructure deteriorate over time, as evidenced most dramatically by our crumbling cities and aging buildings, bridges, and other facility systems.  An abnormal threat is a natural disaster. Natural disasters such as tornadoes, earthquakes, hurricanes, and flooding also stress the materials and structural elements of our built environment.  A malevolent threat is manmade, e.g., a politically motivated bombing.  Criminals, vandals, and terrorists attack our federal buildings, dams, bridges, tunnels, and other public and private facilities.

Engineers and architects are beginning to systematically consider these threats during the design, construction, and retrofit phases of buildings and infrastructures and are recommending advanced research in new materials, technologies, and design techniques.  Existing building codes and standards do not adequately address the protection of our infrastructure or the public from many of these emerging threats.

Security of federal dams, blast modeling for the Department of State, a risk-based building evaluation program for the General Services Administration, a graduate-level educational course, a systematic assessment of a large regional power transmission system,  and consultations on the design and vulnerabilities of federal facilities are a sampling of the Architectural Surety^® projects undertaken.  The objectives of the program are to enhance the safety and security of the general public, ensure the reliability and quality of federal buildings and facilities in the national interests, and incorporate surety concepts in academic curricula for continued applications.

Within the Architectural Surety^® program, a graduate-level class has been created and taught at the University of New Mexico to teach students a risk-based approach to multi-hazard mitigation.  The skills required to prepare for and mitigate the chemical/biological agent threat and other terrorist activities are lacking in the private sector.  Existing building codes do not consider blast design or actions to take in the event of a chemical attack.  There is a need to develop performance standards and to educate our design and construction professionals.

SANDIA NATIONAL LABORATORIES

Sandia is a multi-program laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department of Energy under contract  DE-AC04-94AL85000. Sandia is the Department of Energy’s lead laboratory for the science and technology for terror.

In the mid-1970s, the Department of Energy (DOE) designated Sandia National Laboratories as the lead laboratory for development of physical security technology and funded Sandia to develop a technical capability in security modeling and systems analysis; security equipment and components; and security systems engineering, integration, and implementation.  As of 2000, the DOE had invested more than $250 million in these Sandia programs, and over $100 million had been invested by the Department of Defense (DOD).  Sandia has developed a vulnerability assessment process that is employed at high-consequence facilities around the world.

Methodology Summarization:

At the core of RAM is the methodology to achieve a risk assessment successfully.  Risk assessment is embodied in the Risk Equation:

The objective of RAM is to determine risk associated with an adversarial attack on a critical asset; the adversary thus achieving a consequence and defeating the security system successfully.  The manager then might want to reduce the risk to an acceptable level knowing that the adversary strives to achieve maximum consequences and impact.

To determine the risk, the methodology addresses the factors of the risk equation sequentially and systematically.  The methodology first describes how to estimate the likelihood of attack by adversaries who pose a threat to the project.  The methodology subsequently describes how to estimate the consequence of attacks on the assets that are critical for the project to meet its mission objectives.  Finally the methodology describes how to estimate security system effectiveness and its opposite, the likelihood that the adversary can defeat the security system.     

Back To Top

Strothman Associates Inc.
847-491-6700