Physical security analysis tool
-
Upload
jere-peltonen -
Category
Documents
-
view
997 -
download
0
description
Transcript of Physical security analysis tool
![Page 1: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/1.jpg)
www.ysecurity.net 1
Jere Peltonen
Estimate of Multiple Adversary Sequence Interruption
Jere Peltonen, CPPlinkedin.com/in/jerepeltonen
JER
E P
ELT
ON
EN
EASI
EASI (Estimate of Adversary Sequence Interruption)
Sandia National Laboratories
U.S. Department of Energy
EASI has been used to analyze e.g. physical security arrangements of nuclear facilities
![Page 2: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/2.jpg)
www.ysecurity.net 2
Jere Peltonen
JER
E P
ELT
ON
EN
What is analyzed?
Structural arrangements
Surveillance
JER
E P
ELT
ON
EN
What are the results?
probability of failure of unauthorized entry
in other words
probability of successful interruption
![Page 3: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/3.jpg)
www.ysecurity.net 3
Jere Peltonen
JER
E P
ELT
ON
EN
EASI
can be used easily to analyze arrangements that follow the principle of concentric protection layers
JER
E P
ELT
ON
EN
EASI / TUREAN
Basic EASI does not calculate alternative routes of entry
TUREAN application of EASI calculates all alternative routes
![Page 4: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/4.jpg)
www.ysecurity.net 4
Jere Peltonen
JER
E P
ELT
ON
EN
Why to use?
To get more reliable information
JER
E P
ELT
ON
EN
Why to use?
Security arrangements cost money
On the other hand, to not use any arrangements can be very costly mistake
We must find the optimum solution, that does not cost too much, but gives adequate protection
![Page 5: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/5.jpg)
www.ysecurity.net 5
Jere Peltonen
JER
E P
ELT
ON
EN
Why to use?
The security expert or manager needs to make his/her case to the people that have the money
He/she must demonstrate the vulnerabilities of existing arrangements
He/she must demonstrate the effectiveness of planned arrangements with regard to protection of assets
JER
E P
ELT
ON
EN
Why to use?
Existing or planned arrangements may be good as such, but the chain is only as strong as its weakest link
TUREAN finds the weakest links
![Page 6: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/6.jpg)
www.ysecurity.net 6
Jere Peltonen
JER
E P
ELT
ON
EN
Why to use?
To get clear numerical information that can be used to
find the existing weaknesses
test the effectiveness of planned arrangements
justify the necessary new arrangements
JER
E P
ELT
ON
EN
Why to use?
TUREAN is an excellent tool for teaching analytical approach
![Page 7: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/7.jpg)
www.ysecurity.net 7
Jere Peltonen
JER
E P
ELT
ON
EN
How to get numerical information?
calculate the probability of successfull detection and alarm
And
calculate the probability that remaining time will be enough to interrupt the entry
JER
E P
ELT
ON
EN
How to get numerical information?
the probability of successful detection and alarm is calculated using the reliability of detection elements and detection-to-response reliability
![Page 8: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/8.jpg)
www.ysecurity.net 8
Jere Peltonen
JER
E P
ELT
ON
EN
Detection elements
anything that may detect the unauthorized entry and execute the alarm (intrusion detectors, local guards, passers-by)
JER
E P
ELT
ON
EN
How to get numerical information?
the probability that remaining time allows interruption is calculated by
adding up delay values of all delay elements, taking into account the real world uncertainties of the values, and
comparing it to the response time value, taking into account the uncertainty
![Page 9: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/9.jpg)
www.ysecurity.net 9
Jere Peltonen
JER
E P
ELT
ON
EN
Delay elements
Anything that may delay the intruder (door, window, wall, fence, lock, etc.)
JER
E P
ELT
ON
EN
3 most essential terms
Delay
Detection
Response time
![Page 10: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/10.jpg)
www.ysecurity.net 10
Jere Peltonen
JER
E P
ELT
ON
EN
Other terms
Probability
Normal distribution
Expected value
Standard deviation
Type
Sequence of events
Zone
Intrusion route
JER
E P
ELT
ON
EN
Concentric layers of protection
GATEDOOR
DOORWINDOW
WINDOW
SAFE
FENCE
![Page 11: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/11.jpg)
www.ysecurity.net 11
Jere Peltonen
JER
E P
ELT
ON
EN
Intrusion route
JER
E P
ELT
ON
EN
Sequence of events
12
3
45
67
![Page 12: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/12.jpg)
www.ysecurity.net 12
Jere Peltonen
JER
E P
ELT
ON
EN
Alternative events(=alternative routes)
12
345
67
3
1
3
5
1
JER
E P
ELT
ON
EN
Alternative events
12
345
67
3
1
3
5
1
1 Crossing the fence
1 Locked gate
1 Through the fence
1
1
1
![Page 13: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/13.jpg)
www.ysecurity.net 13
Jere Peltonen
JER
E P
ELT
ON
EN
Alternative events
123
45
67
3
1
3
5
1
2 Moving across the yard
1
1
1
2
JER
E P
ELT
ON
EN
Alternative events
12
345
67
3
1
3
5
1
3 Making a hole
3 Window
3 Locked door
1
1
1
2
3
3
3
![Page 14: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/14.jpg)
www.ysecurity.net 14
Jere Peltonen
JER
E P
ELT
ON
EN
Alternative events
12
345
67
3
1
3
5
1
4 Moving inside
1
1
1
2
3
3
3
4
JER
E P
ELT
ON
EN
Alternative events
12
345
67
3
1
3
5
1
5 Making a hole
5 Locked door
1
1
1
2
3
3
3
45
5
![Page 15: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/15.jpg)
www.ysecurity.net 15
Jere Peltonen
JER
E P
ELT
ON
EN
Alternative events
12
34567
3
1
3
5
1
6 Moving inside
1
1
2 3
3
45
56
1 3
JER
E P
ELT
ON
EN
Alternative events
12
345
67
3
1
3
5
1
7 Safe
1
1
1
2
3
3
3
45
56 7
![Page 16: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/16.jpg)
www.ysecurity.net 16
Jere Peltonen
JER
E P
ELT
ON
EN
Alternative events
12
345
67
3
1
3
5
1
8 Going back the same or different route
1
1
1
2
3
3
3
45
56 7 8
JER
E P
ELT
ON
EN
Alternative events
12
345
67
3
1
3
5
1
1
1
1
2
3
3
3
45
56 7 8
18 ALTERNATIVE INTRUSION ROUTES
![Page 17: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/17.jpg)
www.ysecurity.net 17
Jere Peltonen
JER
E P
ELT
ON
EN
Delay
30 s
30 s
Event 1
Total
JER
E P
ELT
ON
EN
Delay
30 s
60 s
90 s
Event 1
Event 2
Total
![Page 18: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/18.jpg)
www.ysecurity.net 18
Jere Peltonen
JER
E P
ELT
ON
EN
Delay
30 s
45 s
60 s
135 s
Event 1
Event 2
Event 3
Total
JER
E P
ELT
ON
EN
Delay
30 s
45 s
60 s
45 s
180 s
Event 1
Event 2
Event 3
Event 4
Total
![Page 19: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/19.jpg)
www.ysecurity.net 19
Jere Peltonen
JER
E P
ELT
ON
EN
Delay, detection
30 s
45 s
60 s
45 s
180 s
Event 1
Event 2
Event 3
Event 4
Total
1st possibility of
detection->detection
JER
E P
ELT
ON
EN
Delay, detection, response time
30 s
45 s
60 s
45 s
180 s
105 s
Response time
Event 1
Event 2
Event 3
Event 4
Total
1st possibility of
detection->detection
![Page 20: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/20.jpg)
www.ysecurity.net 20
Jere Peltonen
JER
E P
ELT
ON
EN
Delay, detection, response time successful interruption
30 s
45 s
60 s
45 s
180 s
105 s
Response time
1st possibility of
detection
Interruption
Event 1
Event 2
Event 3
Event 4
Total
->detection
JER
E P
ELT
ON
EN
Delay, detection, response time ???
30 s
45 s
60 s
45 s
180 s
but NO detection
Event 1
Event 2
Event 3
Event 4
Total
Response time
1st possibility of
detection
![Page 21: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/21.jpg)
www.ysecurity.net 21
Jere Peltonen
JER
E P
ELT
ON
EN
Delay, detection, response time ???
30 s
45 s
60 s
45 s
180 s
1st detection
Event 1
Event 2
Event 3
Event 4
Total
Response time
but NO detection
1st possibility of
detection
JER
E P
ELT
ON
EN
Delay, detection, response time ???
30 s
45 s
60 s
45 s
180 s
105 s
Event 1
Event 2
Event 3
Event 4
Total
Response time
1st detection
but NO detection
1st possibility of
detection
![Page 22: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/22.jpg)
www.ysecurity.net 22
Jere Peltonen
JER
E P
ELT
ON
EN
Delay, detection, response time unsuccessful interruption
30 s
45 s
60 s
45 s
180 s
105 s
Interruption
Event 1
Event 2
Event 3
Event 4
Total
Response time
1st detection
but NO detection
1st possibility of
detection
JER
E P
ELT
ON
EN
Delay, detection, response time
the example uses exact times for the sake of concept simplicity
in the real world, there exists a level of uncertainty that has to be taken into account somehow
![Page 23: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/23.jpg)
www.ysecurity.net 23
Jere Peltonen
JER
E P
ELT
ON
EN
Delay, detection, response time
uncertainty is modelled by assuming that all times follow the normal distribution (Gaussian curve)
JER
E P
ELT
ON
EN
Normal distribution
![Page 24: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/24.jpg)
www.ysecurity.net 24
Jere Peltonen
JER
E P
ELT
ON
EN
Normal distribution
50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 6634 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49
= single measurement measurements 0
JER
E P
ELT
ON
EN
Normal distribution ??
= single measurement measurements 10
50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 6634 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49
10
value 50 is measured 10 times
![Page 25: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/25.jpg)
www.ysecurity.net 25
Jere Peltonen
JER
E P
ELT
ON
EN
Normal distribution
= single measurement measurements 10
50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 6634 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49
10
value 50 is measured 10 times
JER
E P
ELT
ON
EN
Normal distribution
= single measurement measurements 11
50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 6634 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49
2 1 1 11 1 1 2 1
value 50 is measured 2 times
![Page 26: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/26.jpg)
www.ysecurity.net 26
Jere Peltonen
JER
E P
ELT
ON
EN
Normal distribution
= single measurement measurements 41
50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 6634 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49
5 4 4 3 3 2 2 11 2 2 3 3 2 4
value 50 is measured 5 times
JER
E P
ELT
ON
EN
Normal distribution
= single measurement measurements 86
50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 6634 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49
10 9 9 8 5 3 2 1 1 2 11 1 1 2 2 2 4 4 9 81
value 50 is measured 10 times
![Page 27: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/27.jpg)
www.ysecurity.net 27
Jere Peltonen
JER
E P
ELT
ON
EN
Normal distribution
50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 6634 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49
10 9 9 8 5 3 2 1 1 2 11 1 1 2 2 2 4 4 9 81
= single measurement measurements 86
value 50 is measured 10 times
JER
E P
ELT
ON
EN
Standard deviation
standard deviation is a value that shows how much and how often real world times vary around the expected value
![Page 28: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/28.jpg)
www.ysecurity.net 28
Jere Peltonen
JER
E P
ELT
ON
EN
Standard deviation
+s-s µ
standard deviation 3,8
Real world times vary quite lot and oftenfrom the expected value µ
JER
E P
ELT
ON
EN
Standard deviation
+s-s µ
Real world times vary not so much and not so often as in previous example
standard deviation 2,2
![Page 29: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/29.jpg)
www.ysecurity.net 29
Jere Peltonen
JER
E P
ELT
ON
EN
Type
when delay and detection elements exist at the same event
type tells how much delay has been used before detection
three types in the model
JER
E P
ELT
ON
EN
Type H
no delay before detection
whole delay is calculated
for example: a PIR detector that detects an intruder at the beginning of a hallway
![Page 30: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/30.jpg)
www.ysecurity.net 30
Jere Peltonen
JER
E P
ELT
ON
EN
Type K
half of delay before detection
half of delay is calculated
for example: a PIR detector that detects an intruder when he has moved midway of a hallway
JER
E P
ELT
ON
EN
Type J
all delay before detection
no delay of particular delay element is taken into accounct in calculation
for example: magnetic contacts at a door, which give detection only after the lock has been picked and door opens
![Page 31: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/31.jpg)
www.ysecurity.net 31
Jere Peltonen
JER
E P
ELT
ON
EN
Example
Door
Window
WallSafe
95%/H/7200s/3000s
95%/H/30s/10s
95%/J/300s/100s0%/7200s/3000s
JER
E P
ELT
ON
EN
Example
Door
95%/J/300s/100s
Please note that the terminology in TUREAN screenshots used in this presentation is in Finnish.
The TUREAN tool is available in English also.Check www.yhteisturvallisuus.net or
www.ysecurity.net
![Page 32: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/32.jpg)
www.ysecurity.net 32
Jere Peltonen
JER
E P
ELT
ON
EN
Example
Window
95%/H/30s/10s
JER
E P
ELT
ON
EN
Example
Wall
0%/7200s/3000s
![Page 33: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/33.jpg)
www.ysecurity.net 33
Jere Peltonen
JER
E P
ELT
ON
EN
Example
Safe
95%/H/7200s/3000s!
JER
E P
ELT
ON
EN
Example
Going back
95%/H/60s/20s!
![Page 34: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/34.jpg)
www.ysecurity.net 34
Jere Peltonen
JER
E P
ELT
ON
EN
Example
JER
E P
ELT
ON
EN
Example
Report
![Page 35: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/35.jpg)
www.ysecurity.net 35
Jere Peltonen
JER
E P
ELT
ON
EN
Example
JER
E P
ELT
ON
EN
Example
The worst probability of interruption is with the route that goes through the wall!!
WHY??
![Page 36: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/36.jpg)
www.ysecurity.net 36
Jere Peltonen
JER
E P
ELT
ON
EN
EXERCISE
analyze using the following values
JER
E P
ELT
ON
EN
Alternative events
2
345
67
3
0%/600s/200s
3
50%/60s/20s
0%/120s/20s
1
1
1
1 Crossing fence
1 Locked gate
1 Going through
0% / 600s / 200s 0% / 60s / 20s 0% / 120s / 20s
![Page 37: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/37.jpg)
www.ysecurity.net 37
Jere Peltonen
JER
E P
ELT
ON
EN
JER
E P
ELT
ON
EN
Alternative events
13
45
67
3
1
3
5
1
2 Moving accross the yard
1
1
1
2
0%/60s/10s
0% / 60s / 10s
![Page 38: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/38.jpg)
www.ysecurity.net 38
Jere Peltonen
JER
E P
ELT
ON
EN
Alternative events
124
567
1
5
1
3 Going through
3 Window
3 Locked door
1
1
1
2
3
3
3
0%/7200s/3000s
95%/J/300s/100s
95%/H/30s/10s
0% / 7200s / 3000s 95% / H / 30s / 10s 95% / J / 300s / 100sJE
RE P
ELT
ON
EN
Alternative events
12
3
567
3
1
3
5
1
4 Moving inside
1
1
1
2
3
3
3
4
95%/H/60s/10s
95% / H / 60s / 10s
![Page 39: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/39.jpg)
www.ysecurity.net 39
Jere Peltonen
JER
E P
ELT
ON
EN
Alternative events
12
34
67
3
1
3
1
5 Going through
5 Locked door
1
1
1
2
3
3
3
45
5
0%/3600s/1000s95%/J/300s/100s
0% / 3600s / 1000s 95% / J / 300s / 100sJE
RE P
ELT
ON
EN
Alternative events
12
345
7
3
1
3
5
1
6 Moving inside
1
1
2 3
3
45
56
1 3
95%/H/20s/5s
95% / H / 20s / 5s
![Page 40: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/40.jpg)
www.ysecurity.net 40
Jere Peltonen
JER
E P
ELT
ON
EN
Alternative events
12
345
6
3
1
3
5
1
7 Safe
1
1
1
2
3
3
3
45
56 7
95%/H/7200s/3000s
95% / H / 7200s / 3000sJE
RE P
ELT
ON
EN
Alternative events
12
345
67
3
1
3
5
1
8 Going back
1
1
1
2
3
3
3
45
56 7 8
95%/H/300s/100s
95% / H / 300s / 100s
![Page 41: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/41.jpg)
www.ysecurity.net 41
Jere Peltonen
JER
E P
ELT
ON
EN
Other values
response time 900 s / standard deviation 300 s
reliability 95%
JER
E P
ELT
ON
EN
First results
![Page 42: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/42.jpg)
www.ysecurity.net 42
Jere Peltonen
JER
E P
ELT
ON
EN
Sorted and colored result list
JER
E P
ELT
ON
EN
![Page 43: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/43.jpg)
www.ysecurity.net 43
Jere Peltonen
JER
E P
ELT
ON
EN
EXERCISE
the safe is open
delay 0 s, standard deviation 0 s
JER
E P
ELT
ON
EN
Results
![Page 44: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/44.jpg)
www.ysecurity.net 44
Jere Peltonen
JER
E P
ELT
ON
EN
Results
{
JER
E P
ELT
ON
EN
![Page 45: Physical security analysis tool](https://reader034.fdocuments.in/reader034/viewer/2022051412/5491f215ac79595e288b4670/html5/thumbnails/45.jpg)
www.ysecurity.net 45
Jere Peltonen
JER
E P
ELT
ON
EN
Questions?
TUREAN tool is available for free at
www.yhteisturvallisuus.netor
www.ysecurity.net