A Consistent Approach for Security Risk Assessments of Dams and Related Critical Infrastructure

The Common Risk Model for Dams (CRM-D), developed in collaboration with the U.S. Army Corps of Engineers and the U.S. Department of Homeland Security, is a consistent, mathematically rigorous, and easy to implement methodology to assess the security risk at dams, navigation locks, hydropower project...

Full description

Saved in:
Bibliographic Details
Main Authors: Morgeson, J D, Dechant, Jason A, Kirpichevsky, Yev, Seda-Sanabria, Yazmin, Matheu, Enrique E
Format: Report
Language:English
Subjects:
Administration and Management
Civil Engineering
CONDITIONAL RISKS
CONSEQUENCES
CRITICAL INFRASTRUCTURE
CRM-D(COMMON RISK MODEL FOR DAMS)
DAMS
DAMS SECTOR
INFRASTRUCTURE
Operations Research
PORTFOLIO RISKS
RISK ANALYSIS
RISK METHODOLOGY
THREATS
VULNERABILITY
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The Common Risk Model for Dams (CRM-D), developed in collaboration with the U.S. Army Corps of Engineers and the U.S. Department of Homeland Security, is a consistent, mathematically rigorous, and easy to implement methodology to assess the security risk at dams, navigation locks, hydropower projects, and similar infrastructures. It provides a systematic approach for evaluating and comparing security risks across a large portfolio. Risk is calculated for attack scenarios (a specific adversary using a specific attack vector against a specific target) by combining consequence, vulnerability, and threat estimates in a way that properly accounts for the relationships among these variables. The CRM-D can effectively quantify the benefits of implementing a particular risk mitigation strategy, enabling return-on-investment analyses for multiple mitigation alternatives across a large portfolio. Recently, refinements have been made to the methodology to characterize the complexities of adversarial threats and the ability to interdict their actions. In addition, this fully-featured methodology has been extended beyond site-specific defenses to consider the role of local and national defenses in mitigating the risk of attacks and is extensible to other types of critical infrastructures. This document discusses various features of the CRM-D methodology, as well as findings and lessons learned resulting from its recent implementation. Prepared in collaboration with the Sector Outreach and Programs Division, Office of Infrastructure Protection, National Protection and Programs Directorate, U.S. Department of Homeland Security, Washington, DC.