Operational models of infrastructure resilience.

We propose a definition of infrastructure resilience that is tied to the operation (or function) of an infrastructure as a system of interacting components and that can be objectively evaluated using quantitative models. Specifically, for any particular system, we use quantitative models of system operation to represent the decisions of an infrastructure operator who guides the behavior of the system as a whole, even in the presence of disruptions. Modeling infrastructure operation in this way makes it possible to systematically evaluate the consequences associated with the loss of infrastructure components, and leads to a precise notion of "operational resilience" that facilitates model verification, validation, and reproducible results. Using a simple example of a notional infrastructure, we demonstrate how to use these models for (1) assessing the operational resilience of an infrastructure system, (2) identifying critical vulnerabilities that threaten its continued function, and (3) advising policymakers on investments to improve resilience.

How probabilistic risk assessment can mislead terrorism risk analysts.

Traditional probabilistic risk assessment (PRA), of the type originally developed for engineered systems, is still proposed for terrorism risk analysis. We show that such PRA applications are unjustified in general. The capacity of terrorists to seek and use information and to actively research different attack options before deciding what to do raises unique features of terrorism risk assessment that are not adequately addressed by conventional PRA for natural and engineered systems-in part because decisions based on such PRA estimates do not adequately hedge against the different probabilities that attackers may eventually act upon. These probabilities may differ from the defender's (even if the defender's experts are thoroughly trained, well calibrated, unbiased probability assessors) because they may be conditioned on different information. We illustrate the fundamental differences between PRA and terrorism risk analysis, and suggest use of robust decision analysis for risk management when attackers may know more about some attack options than we do.

Scientists urge DHS to improve Bioterrorism Risk Assessment.

In 2006, the Department of Homeland Security (DHS) completed its first Bioterrorism Risk Assessment (BTRA), intended to be the foundation for DHS's subsequent biennial risk assessments mandated by Homeland Security Presidential Directive 10 (HSPD-10). At the request of DHS, the National Research Council established the Committee on Methodological Improvements to the Department of Homeland Security's Biological Agent Risk Analysis to provide an independent, scientific peer review of the BTRA. The Committee found a number of shortcomings in the BTRA, including a failure to consider terrorists as intelligent adversaries in their models, unnecessary complexity in threat and consequence modeling and simulations, and a lack of focus on risk management. The Committee unanimously concluded that an improved BTRA is needed to provide a more credible foundation for risk-informed decision making.