首页 | 本学科首页   官方微博 | 高级检索  
相似文献
 共查询到20条相似文献,搜索用时 15 毫秒
1.
    
Risk assessors and managers face many difficult challenges related to novel cyber systems. Among these challenges are the constantly changing nature of cyber systems caused by technical advances, their distribution across the physical, information, and sociocognitive domains, and the complex network structures often including thousands of nodes. Here, we review probabilistic and risk-based decision-making techniques applied to cyber systems and conclude that existing approaches typically do not address all components of the risk assessment triplet (threat, vulnerability, consequence) and lack the ability to integrate across multiple domains of cyber systems to provide guidance for enhancing cybersecurity. We present a decision-analysis-based approach that quantifies threat, vulnerability, and consequences through a set of criteria designed to assess the overall utility of cybersecurity management alternatives. The proposed framework bridges the gap between risk assessment and risk management, allowing an analyst to ensure a structured and transparent process of selecting risk management alternatives. The use of this technique is illustrated for a hypothetical, but realistic, case study exemplifying the process of evaluating and ranking five cybersecurity enhancement strategies. The approach presented does not necessarily eliminate biases and subjectivity necessary for selecting countermeasures, but provides justifiable methods for selecting risk management actions consistent with stakeholder and decisionmaker values and technical data.  相似文献   

2.
    
This article presents a new methodology to implement the concept of equity in regional earthquake risk mitigation programs using an optimization framework. It presents a framework that could be used by decisionmakers (government and authorities) to structure budget allocation strategy toward different seismic risk mitigation measures, i.e., structural retrofitting for different building structural types in different locations and planning horizons. A two‐stage stochastic model is developed here to seek optimal mitigation measures based on minimizing mitigation expenditures, reconstruction expenditures, and especially large losses in highly seismically active countries. To consider fairness in the distribution of financial resources among different groups of people, the equity concept is incorporated using constraints in model formulation. These constraints limit inequity to the user‐defined level to achieve the equity‐efficiency tradeoff in the decision‐making process. To present practical application of the proposed model, it is applied to a pilot area in Tehran, the capital city of Iran. Building stocks, structural vulnerability functions, and regional seismic hazard characteristics are incorporated to compile a probabilistic seismic risk model for the pilot area. Results illustrate the variation of mitigation expenditures by location and structural type for buildings. These expenditures are sensitive to the amount of available budget and equity consideration for the constant risk aversion. Most significantly, equity is more easily achieved if the budget is unlimited. Conversely, increasing equity where the budget is limited decreases the efficiency. The risk‐return tradeoff, equity‐reconstruction expenditures tradeoff, and variation of per‐capita expected earthquake loss in different income classes are also presented.  相似文献   

3.
    
We study a hybrid strategy that uses both process flexibility and finished goods inventory for supply chain risk mitigation. The interplay between process flexibility and inventory is modeled as a two‐stage robust optimization problem. In the first stage, the firm allocates inventory before disruption happens; in the second stage, after a disruption happens, the firm determines production quantities at each plant to minimize demand loss. Our robust optimization model can be solved efficiently using constraint generation, and under some stylized assumptions, can be solved in closed form. For a canonical family of flexibility designs known as the K ‐chains, we provide an analytical expression for the optimal inventory solution, which allows us to study the effectiveness of different degrees of flexibilities. Moreover, we find that firms should allocate more inventory to high variability products when its level of flexibility is low, but as flexibility increases, the inventory allocation pattern “flips” and firms should allocate more inventory to low variability products. These observations are further verified through a numerical case study of an automobile supply chain. Finally, we extend our robust optimization model to the time‐to‐survive metric, a metric that computes the longest time a supply chain can guarantee a predetermined service level under disruption.  相似文献   

4.
为缓释债券市场违约风险,央行着力推进信用风险缓释工具CRMW(信用风险缓释凭证)的发展,关于CRMW风险缓释能力度量及CRMW在债券投资组合中的应用成为了亟待解决的关键问题。为此,本文借鉴CVaR思想提出了“CRMW风险缓释效用”以度量CRMW对债券违约风险缓释能力,借助概率分位点理论定义债券的动态风险并制定了动态风险缓释跟踪目标,基于此跟踪目标探讨带有CRMW的债券投资组合优化策略问题。研究结果表明,在保证目标投资收益率的前提下,债券最优投资组合可达到风险缓释效用的目标,使其同时实现转移风险和保障收益的双重目的,且该投资组合优化策略表现出良好的抗风险性能。  相似文献   

5.
    
Robust optimization is a young and active research field that has been mainly developed in the last 15 years. Robust optimization is very useful for practice, since it is tailored to the information at hand, and it leads to computationally tractable formulations. It is therefore remarkable that real-life applications of robust optimization are still lagging behind; there is much more potential for real-life applications than has been exploited hitherto. The aim of this paper is to help practitioners to understand robust optimization and to successfully apply it in practice. We provide a brief introduction to robust optimization, and also describe important do׳s and don׳ts for using it in practice. We use many small examples to illustrate our discussions.  相似文献   

6.
在由一个制造商和多个外部供应商构成的多产品、多阶段供应链中,将经济增加值(EVA)作为体现价值创造的绩效指标,并考虑决策者的经营风险偏好,采用已知概率的离散情景描述资本成本与需求的波动情况,利用鲁棒随机规划方法,建立了以价值创造为目标的供应链鲁棒优化模型。应用分析的结果表明,模型能够将供应链的绩效与风险管理结合起来,减少资本成本与需求不确定对目标值的影响,得到具有鲁棒性的最优解,而且越是风险厌恶型的决策者越会为了保持较低的经营风险而放弃较大的EVA值。同时,决策者可选择不同的权重系数侧重于解鲁棒或模型鲁棒,保证供应链运作的鲁棒性,实现价值创造的目标。  相似文献   

7.
    
Risk information is critical to adopting mitigation measures, and seeking risk information is influenced by a variety of factors. An essential component of the recently adopted My Safe Florida Home (MSFH) program by the State of Florida is to provide homeowners with pertinent risk information to facilitate hurricane risk mitigation activities. We develop an analytical framework to understand household preferences for hurricane risk mitigation information through allowing an intensive home inspection. An empirical analysis is used to identify major drivers of household preferences to receive personalized information regarding recommended hurricane risk mitigation measures. A variety of empirical specifications show that households with home insurance, prior experience with damages, and with a higher sense of vulnerability to be affected by hurricanes are more likely to allow inspection to seek information. However, households with more members living in the home and households who live in manufactured/mobile homes are less likely to allow inspection. While findings imply MSFH program's ability to link incentives offered by private and public agencies in promoting mitigation, households that face a disproportionately higher level of risk can get priority to make the program more effective.  相似文献   

8.
Flynn  James  Slovic  Paul  Mertz  C. K.  Carlisle  Cathie 《Risk analysis》1999,19(2):205-216
During the 1980s, seismic research suggested that Oregon and the City of Portland had a higher risk of a major earthquake than had previously been assumed. In 1993, the State of Oregon adopted a new version of the Oregon Structural Specialty Code, which changed the designation of western Oregon from seismic zone 2b to seismic zone 3. The City of Portland established a program and a Task Force on Seismic Strengthening of Buildings to recommend actions that would encourage upgrading of city buildings. A survey of adult city residents was conducted in April, 1996 to determine public attitudes and opinions about earthquake risks, management and mitigation of earthquake hazards, priorities for protection by strengthening buildings, evaluations of strategies for informing the public about earthquake risks, and support for specific options the city might take to protect citizens against earthquake events. Social and demographic information on individuals and households was also collected. Respondents provided ratings for a wide range of social and environmental risks, provided information on priorities for strengthening key buildings and infrastructure facilities, and answered hypothetical questions about voting for bond measures to pay for city earthquake-mitigation programs. Respondents recognized significant risk from earthquakes and supported programs to protect people, especially vulnerable residents such as children and the sick. There was strong support for protecting emergency response capabilities. There was much less support for using public funds to reduce the risks associated with privately owned buildings. There were also some strong pockets of resistance to publicly funded mitigation programs in response to the hypothetical bond measures.  相似文献   

9.
    
This perspectives article addresses risk in cyber defense and identifies opportunities to incorporate risk analysis principles into the cybersecurity field. The Science of Security (SoS) initiative at the National Security Agency seeks to further and promote interdisciplinary research in cybersecurity. SoS organizes its research into the Five Hard Problems (5HP): (1) scalability and composability; (2) policy‐governed secure collaboration; (3) security‐metrics–driven evaluation, design, development, and deployment; (4) resilient architectures; and (5) understanding and accounting for human behavior. However, a vast majority of the research sponsored by SoS does not consider risk and when it does so, only implicitly. Therefore, we identify opportunities for risk analysis in each hard problem and propose approaches to address these objectives. Such collaborations between risk and cybersecurity researchers will enable growth and insight in both fields, as risk analysts may apply existing methodology in a new realm, while the cybersecurity community benefits from accepted practices for describing, quantifying, working with, and mitigating risk.  相似文献   

10.
    
An integrated risk management strategy, combining insurance and security investments, where the latter contribute to reduce the insurance premium, is investigated to assess whether it can lead to reduced overall security expenses. The optimal investment for this mixed strategy is derived under three insurance policies, covering, respectively, all the losses (total coverage), just those below the limit of maximum liability (partial coverage), and those above a threshold but below the maximum liability (partial coverage with deductibles). Under certain conditions (e.g., low potential loss, or either very low or very high vulnerability), the mixed strategy reverts however to insurance alone, because investments do not provide an additional benefit. When the mixed strategy is the best choice, the dominant component in the overall security expenses is the insurance premium in most cases. Optimal investment decisions require an accurate estimate of the vulnerability, whereas larger estimation errors may be tolerated for the investment-effectiveness coefficient.  相似文献   

11.
    
In this research, we apply robust optimization (RO) to the problem of locating facilities in a network facing uncertain demand over multiple periods. We consider a multi‐period fixed‐charge network location problem for which we find (1) the number of facilities, their location and capacities, (2) the production in each period, and (3) allocation of demand to facilities. Using the RO approach we formulate the problem to include alternate levels of uncertainty over the periods. We consider two models of demand uncertainty: demand within a bounded and symmetric multi‐dimensional box, and demand within a multi‐dimensional ellipsoid. We evaluate the potential benefits of applying the RO approach in our setting using an extensive numerical study. We show that the alternate models of uncertainty lead to very different solution network topologies, with the model with box uncertainty set opening fewer, larger facilities. Through sample path testing, we show that both the box and ellipsoidal uncertainty cases can provide small but significant improvements over the solution to the problem when demand is deterministic and set at its nominal value. For changes in several environmental parameters, we explore the effects on the solution performance.  相似文献   

12.
O'Connor  Robert E.  Bord  Richard J.  Fisher  Ann 《Risk analysis》1998,18(5):547-556
This research explores public judgments about the threat-reducing potential of experts, individual behavior, and government spending. The data are responses of a national sample of 1225 to mail surveys that include measures of several dimensions of public judgments about violent crime, automobile accidents, hazardous chemical waste, air pollution, water pollution, global warming, AIDS, heart disease, and cancer. Beliefs about who can best mitigate threats are specific to classes of threats. In general, there is little faith that experts can do much about violent crime and automobile accidents, moderate faith in their ability to address problems of global warming, and greater expectations for expert solutions to the remaining threats. People judge individual behavior as effective in reducing the threats of violent crime, AIDS, heart disease, and automobile accidents but less so for the remaining threats. Faith in more government spending is highest for AIDS and the other two health items, lowest for the trio of violent crime, automobile accidents, and global warming, and moderate for the remaining threats. For most threats, people are not distributed at the extremes in judging mitigators. Strong attitudinal and demographic cleavages are also lacking, although some interesting relationships occur. This relative lack of sharp cleavages and the generally moderate opinion indicate ample opportunity for public education and risk communication.  相似文献   

13.
    
The consequences that climate change could have on infrastructure systems are potentially severe but highly uncertain. This should make risk analysis a natural framework for climate adaptation in infrastructure systems. However, many aspects of climate change, such as weak background knowledge and societal controversy, make it an emerging risk where traditional approaches for risk assessment and management cannot be confidently employed. A number of research developments aimed at addressing these issues have emerged in recent years, such as the development of probabilistic climate projections, climate services, and robust decision frameworks. However, additional research is needed to improve the suitability of these methods for infrastructure planning. In this perspective, we outline some of the challenges in addressing climate change risks to infrastructure and summarize new developments aimed at meeting these challenges. We end by highlighting needs for future research, many of which could be well‐served by expertise within the risk analysis community.  相似文献   

14.
    
Recovery of interdependent infrastructure networks in the presence of catastrophic failure is crucial to the economy and welfare of society. Recently, centralized methods have been developed to address optimal resource allocation in postdisaster recovery scenarios of interdependent infrastructure systems that minimize total cost. In real-world systems, however, multiple independent, possibly noncooperative, utility network controllers are responsible for making recovery decisions, resulting in suboptimal decentralized processes. With the goal of minimizing recovery cost, a best-case decentralized model allows controllers to develop a full recovery plan and negotiate until all parties are satisfied (an equilibrium is reached). Such a model is computationally intensive for planning and negotiating, and time is a crucial resource in postdisaster recovery scenarios. Furthermore, in this work, we prove this best-case decentralized negotiation process could continue indefinitely under certain conditions. Accounting for network controllers' urgency in repairing their system, we propose an ad hoc sequential game-theoretic model of interdependent infrastructure network recovery represented as a discrete time noncooperative game between network controllers that is guaranteed to converge to an equilibrium. We further reduce the computation time needed to find a solution by applying a best-response heuristic and prove bounds on ε-Nash equilibrium, where ε depends on problem inputs. We compare best-case and ad hoc models on an empirical interdependent infrastructure network in the presence of simulated earthquakes to demonstrate the extent of the tradeoff between optimality and computational efficiency. Our method provides a foundation for modeling sociotechnical systems in a way that mirrors restoration processes in practice.  相似文献   

15.
    
《Risk analysis》2018,38(1):134-150
Infrastructure adaptation measures provide a practical way to reduce the risk from extreme hydrometeorological hazards, such as floods and windstorms. The benefit of adapting infrastructure assets is evaluated as the reduction in risk relative to the “do nothing” case. However, evaluating the full benefits of risk reduction is challenging because of the complexity of the systems, the scarcity of data, and the uncertainty of future climatic changes. We address this challenge by integrating methods from the study of climate adaptation, infrastructure systems, and complex networks. In doing so, we outline an infrastructure risk assessment that incorporates interdependence, user demands, and potential failure‐related economic losses. Individual infrastructure assets are intersected with probabilistic hazard maps to calculate expected annual damages. Protection measure costs are integrated to calculate risk reduction and associated discounted benefits, which are used to explore the business case for investment in adaptation. A demonstration of the methodology is provided for flood protection of major electricity substations in England and Wales. We conclude that the ongoing adaptation program for major electricity assets is highly cost beneficial.  相似文献   

16.
    
This article analyzes the mechanisms and effects of innovative financial instruments that a central public administration (CPA) may adopt to minimize the flood risk in particularly exposed regions. The pattern we suggest assumes that in risky areas the CPA can issue two financial instruments, called project options and CAT‐bonds, producing a dynamic interaction among three types of agents: the CPA itself, the local public administrations, and private investors. We explore the possible scenarios of such interaction and the conditions under which the CPA's goal of maximal risk reduction is attained. This pattern is proposed for flood risk mitigation in the city of Florence, where the model dynamics are tested assuming parameters obtained from engineering studies.  相似文献   

17.
    
Due to the increasing level of supply risk, it is imperative to obtain a better understanding of the nature of risk which is a premise to developing well-grounded risk mitigation strategies. This paper examines how to mitigate supply risk enlightened by discussing the concept of risk in association of three closely related concepts which are uncertainty, variability and trust. The proposed three perspectives are supported and explained using four case studies comprising of two manufacturers based in Australia and four suppliers based in China. The study provides evidence that supply risk can be mitigated by high level of information and knowledge sharing as well as building trust, commitment and goal congruence in a buyer–supplier relationship. It offers theoretical and managerial implications.  相似文献   

18.
    
When stricken by a terrorist attack, a war, or a natural disaster, an economic unit or a critical infrastructure may suffer significant loss of productivity. More importantly, due to interdependency or interconnectedness, this initial loss may propagate into other systems and eventually lead to much greater derivative loss. This belongs to what is known as a cascading effect. It is demonstrated in this article that the cascading effect and the derivative loss can be significantly reduced by effective risk management. This is accomplished by deliberately distributing the initial inoperability to other systems so that the total loss (or inoperability) is minimized. The optimal distribution strategy is found by a linear programming technique. The same risk management can also be applied to situations where objectives need to be prioritized. A case study featuring 12 economic sectors illustrates the theory. The result suggests that using the same amount of resources, minimizing risk (inoperability) of infrastructures will generally give rise to highest payoff, whereas overlooking it may result in greatest total loss. The framework developed in this work uses a steady-state approach that applies primarily to managing situations where the attack is catastrophic resulting in very long recovery time.  相似文献   

19.
    
Reducing the risk of introduction to North America of the invasive Asian gypsy moth (Lymantria dispar asiatica Vnukovskij and L. d. japonica [Motschulsky]) on international maritime vessels involves two tactics: (1) vessels that wish to arrive in Canada or the United States and have visited any Asian port that is subject to regulation during designated times must obtain a predeparture inspection certificate from an approved entity; and (2) vessels with a certificate may be subjected to an additional inspection upon arrival. A decision support tool is described here with which the allocation of inspection resources at North American ports can be partitioned among multiple vessels according to estimates of the potential onboard Asian gypsy moth population and estimates of the onboard larval emergence pattern. The decision support tool assumes that port inspection is uniformly imperfect at the Asian ports and that each visit to a regulated port has potential for the vessel to be contaminated with gypsy moth egg masses. The decision support tool uses a multigenerational phenology model to estimate the potential onboard population of egg masses by calculating the temporal intersection between the dates of port visits to regulated ports and the simulated oviposition pattern in each port. The phenological development of the onboard population is simulated each day of the vessel log until the vessel arrives at the port being protected from introduction. Multiple independent simulations are used to create a probability distribution of the size and timing of larval emergence.  相似文献   

20.
    
This article examines two possible strategies for financing post-disaster infrastructure rehabilitation in developing and transition countries: relying on ex ante financing instruments (including insurance, catastrophe bonds, and other risk-transfer instruments) and ex post borrowing or credit. Insurance and other ex ante instruments will increase a country's stability, especially if the government authorities have a difficult time borrowing or otherwise raising funds after a major disaster; however, these instruments have an opportunity cost and can reduce the country's economic growth potential. The cost-benefit tradeoff is therefore one between economic growth through infrastructure investment and added solvency and stability for the economy. This article develops a model to illustrate this tradeoff. The model, which views the infrastructure of a developing or transition country as a nondiversifiable portfolio that generates returns, can provide a basis for evaluating alternative financing options depending on the country's objectives in terms of growth, solvency, and stability.  相似文献   

设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号