A roadmap for quantifying the efficacy of risk management of information security and interdependent SCADA systems

Journal of Homeland Security and Emergency Management

Volumn 2, Issue , 2005, Pages

  Haimes, Yacov Y ^a   Chittester, Clyde G ^b  

^a UNIVERSITY OF VIRGINIA   (United States)

^b CARNEGIE MELLON UNIVERSITY   (United States)

Author keywords

HHM; IIM; SCADA

Indexed keywords

EID: 21244494118     PISSN: 15477355     EISSN: 15477355     Source Type: Journal    
DOI: 10.2202/1547-7355.1117     Document Type: Review

References (33)

1. Armstrong, J.S., 2002. How to Avoid Surprises in the War on Terrorism: What to Do When You Are between Iraq and a Hard Place. The Wharton School, University of Pennsylvania. http://www.chforum.org/library/gaming.html. Date accessed, January 6, 2003.
2. Bace, R.G. Intrusion Detection. Indianapolis: Macmillan Technical Publishing, 2000.
3. Brucker, S.M., Hastings, S.E. and Latham, W.R. III. The variation of estimated impacts from five regional input-output models. International Regional Science Review 13: 113-139, 1990.
4. Chankong, V. and Haimes, Y.Y. Multiobjective Decision Making: Theory and Methodology. New York: North-Holland, 1983.
5. Coulouris, G., Dollimore, J. and Kindberg T. Distributed Systems: Concepts and Design. Essex, England: Pearson Education Ltd., 2001.
6. Haimes, Y. Y. and Chittister, C. Systems Integration via Software Risk Management. IEEE Transactions on Systems, Man and Cybernetics, 26 (5): 521-532, 1996.
7. Chittister, C. and Haimes, Y.Y. "Risk of terrorism to information technology and to critical interdependent infrastructures. Journal of Homeland Security and Emergency Management, 1(4): 1-20, 2004.
8. DHS (US Department of Homeland Security). Progress and Challenges in Securing the Nation's Cyberspace. Report by the Office of Inspector General, Office of Information Technology, OIG-04-29, July 2004.
9. ECPC (Economic Classification Policy Committee). The North American Industry Classification System. Washington, DC: Office of Management and Budget (OMB), 2002.
10. Feynman, R. P., Leighton, R.B. and Sands, M. The Feynman Lectures on Physics. Addison-Wesley Publishing Company, Reading, Mass. 1977.
11. Friedman, T.L. Terrorism game theory. Commentary Section, The New York Times. September 25, 2001. http://sixtiessurvivor.org/docs/friedman092501 .html. Date accessed, January 6, 2003.
12. Gnedenko, B. V., The Theory of Probability, Second Edition, translated from the Russian by B. D. Seckler, Chelsea Publishing Company, NY, 1963
13. th International Conference on Input-Output Techniques, Montreal, CA, 2002.
14. Haimes, Y.Y. Hierarchical holographic modeling. IEEE Transactions on Systems, Man, and Cybernetics_11(9): 606-617, 1981.
15. Haimes, Y.Y. Risk Modeling, Assessment, and Management, Second Edition. New York: John Wiley & Sons, 2004.
16. Haimes, Y.Y. and Horowitz, B.M. Adaptive two-player hierarchical holographic modeling game for counterterrorism intelligence analysis. Journal of Homeland Security and Emergency Management, 1(3): 1-21, 2004.
17. Haimes, Y.Y. and Jiang, P. Leontief-based model of risk in complex interconnected infrastructures. ASCE Journal of Infrastructure Systems 7(1): 1-12, 2001.
18. Kaplan, S. The general theory of quantitative risk assessment. In. Risk-Based Decision Making in Water Resources V, Haimes, Moser, and Stakhiv, Eds.: 11-39. New York: American Society of Civil Engineers, 1991.
19. Kaplan, S. and. Garrick, B.J. On the quantitative definition of risk. Risk Analysis 1(1): March 1981.
20. Kuhbach, P.D. and Planting, M.A.. Annual input-output accounts of the US economy. Survey of Current Business: 9-42, January 2001.
21. Leontief, W.W. Input-output economics. Scientific American, 185(4). 1951.
22. Lowrance, W. W. Of Acceptable Risk. William Kaufmann, Los Altos, CA. 1976.
23. Major, J.A. (SVP, The Guy Carpenter & Company, Inc.). Advanced techniques for modeling terrorism risk. National Bureau of Economic Research Insurance Group Conference, February 1,2002. http://www.guycarp.com/pdf/ major_terrorism.pdf. Date accessed, January 6, 2003.
24. Office of Management and Budget. 2002 North American Industry Classification System-Updates for 2002. Washington, DC: Federal Register 67(249):79500-79506, 2002.
25. Oster, C. Can the risk of terrorism be calculated by insurers? game theory might do it. The Wall Street Journal Online, April 8, 2002. http://www.gametheory.net/news/Items/011.html. Date accessed, January 6, 2003.
26. RMS (Risk Management Solutions). RMS unveils game theory-based terrorism risk model. Journal of Insurance: National News. September 19, 2002. http://www.insurancejournal.com/news/newswire/national/2002/09/19/23153.htm. Date accessed, January 6, 2003.
27. Santos, J.R., 2003. Inter-dependency Analysis: Extensions to Demand Reduction Inoperability Input-Output Modeling and Portfolio Selection, Ph.D. Dissertation, University of Virginia, Charlottesville, VA.
28. Santos, J.R. and Haimes, Y.Y Modeling the demand reduction input-output inoperability due to terrorism of interconnected infrastructures. Risk Analysis, 2004.
29. Schneider, F.B., Editor. Trust in Cyberspace. Washington, D.C.: National Academy Press, 1999.
30. Smith, E.M. Designing for sabotage. American Society of Mechanical Engineers, September 2002. http://www.memagazine.org/backissues/sept02/features/ sabotage/sabotage.html. Date accessed, January 6, 2003.
31. Toffler, A. The Third Wave: The Classic study of Tomorrow, Bantam Books, New York, 1991.
32. US Department of Commerce, Bureau of Economic Analysis. Regional Multipliers: A User Handbook for the Regional Input-Output Modeling System (RIMS II). Washington DC: US Government Printing Office, 1997.
33. US Department of Commerce, Bureau of Economic Analysis. Benchmark Input-Output Accounts of the United States, 1992. Washington DC: US Government Printing Office, 1998.