designed to assist industrial facilities using Vulnerability Assessment Model
This software product is designed to assist industrial facilities such as chemical plants and oil refineries to develop plans for preventing or mitigating terrorist or criminal actions that could have significant impacts – such as the loss chemicals vital to the national defense or economy – or could seriously affect local communities, such as the release of hazardous chemicals that would compromise the integrity of the facility, contaminate adjoining areas or injure or kill employees or neighboring populations. Vulnerability assessments are a key component under the Environmental Management Standards (EMS) – ISO 14001, and have traditionally been addressed as "security." However, since the War on Terrorism and 9/11, the importance of Vulnerability Assessments has been elevated by operating facilities and falls as a separate area of responsibility linked to the EMS.
While methodology has been devised to conduct Vulnerability Assessments, largely through the efforts of the National Institute of Justice and the Department of Energy's Sandia National Laboratories , there are currently no sophisticated software tools available to industry.
This product uses the Vulnerability Assessment Model (VAM) developed by Homeland Security as a software tool that will provide industry with a systematic, risk-based approach to assessing the vulnerability of an industrial complex. This product will help to address physical security at fixed sites but not cyber and transportation security issues.
Our software will enable the user to apply a systematic, risk-based approach in which risk is a function of the severity of consequences of an undesired event. IVA will enable the user to compare relative security risks. If the risks are deemed unacceptable, recommendations can be developed to reduce the risks. This is the identical approach that is applied in an EMS in the management of environmental aspects. For example, the severity of the consequences can be lowered in a number of ways, such as reducing the quantity of hazardous materials present or siting chemical facilities far from populated areas. While adversary characteristics are outside the control of industrial facilities, they can take steps to make themselves a less attractive target, thereby reducing the likelihood of attack to their facilities. Another and more common approach to reducing the likelihood of adversary success in causing a catastrophic event is to increase protective measures against specific adversary attack scenarios.
Each undesirable event is likely to have its own consequences, adversaries, likelihood of attack, attack scenario, and likelihood of adversary success. IVA will enable the user to determine the risk of each combination of risk factors.
IVA will assist facility managers in the preparation of Risk Management Plans (RMPs). It will also be applicable for addressing undesired events of lesser consequences than those found in RMPs.
IVA will apply twelve basic steps in its logic execution:
1. Screening for the need for a vulnerability assessment.
2. Defining the program.
3. Characterizing the facility.
4. Deriving severity levels.
5. Assessing threats
6. Prioritizing threats.
7. Preparing for the site analysis.
8. Surveying the site.
9. Analyzing the system's effectiveness.
10. Analyzing the risks.
11. Making recommendations for risks reduction.
12. Documenting and preparing the final report.
IVA is created as a data base management system that enables the refinery and chemical plant managements to organize all the necessary information needed to determine levels of risks from unplanned catastrophic events. IVA will enable the user to develop a Facility Characterization Matrix – which organizes the security factors for each processing activity and thus provides a framework for determining and prioritizing the critical activities.
As an example:
No. Parameter Activity
1 2 3 4 5 6 7 8 9 10
1 Process Activity
2 Hazardous Chemicals
3 Quantity Hazardous Chemicals
4 Process Duration
5 Recognizability
6 Accessibility
7 Criticality Rating (sum of activity)
In the above matrix, the fields are defined as follows:
1. Process activity – Describes the activity (e.g., flow diagram, P&ID, reactor, storage tank, etc.)
2. Hazardous chemicals – The names of dangerous chemicals used at the facility (e.g., those listed in 40 CFR68.130 or 29CFR1910.119)
3. Quantity of hazardous chemicals – IVA will allow user to designate '1' if the quantity is more than 25 times the threshold quantity (TQ); '2' if the quantity is 10-25 times TQ; '3' if the quantity is 1-10 times the TQ; '4' if the quantity is TQ or less.
4. Process duration – IVA will allow the user to enter '1' if the process is 100% continuous; '2' if the process is 50-99% continuous; '3' if the process is 25-49% continuous; and '4' if the process is less than 25% continuous.
5. Recognizability – IVA will instruct the user to enter '1' if the target and importance are clearly recognizable with little or no prior knowledge; '2' if the target and importance are readily recognizable with a small amount of prior knowledge; '3' if the target and importance are difficult to recognize without some prior knowledge; and '4' if the target and importance require extensive knowledge for recognition.
6. Accessibility – IVA will instruct the user to enter '1' if easily accessible; '2' if fairly accessible (e.g., target is located outside or in an unsecured area); '3' if moderately accessible (e.g., target id located inside a building or enclosure); '4' if not accessible or only accessible with extreme difficulty.
The reviewer can appreciate that by applying this logic, an overall scoring can be calculated, where the facility will readily recognize the activity or activities that have the lowest scores and will require mitigation plans.
IVA will allow facility operators to prioritize the likelihood of attacks. It will do so by numerically ranking the severity of each event in a matrix and allowing the user to identify the highest risk scenarios. Once this is determined, the user can apply IVA to develop a Physical Protection System to discover overt actions and to devise appropriate Response Plans to neutralize or plan for contingencies.
Related Titles
|
Your Shopping
Print this
+1 (713) 529 4301
Your Shopping