HLS640 Vulnerability Analysis and Protection

Critical Infrastructure Protection (CIP) is one of the cornerstones of homeland security. HSPD-7 lists the following critical infrastructure and key resource sectors: Agriculture and Food, Banking and Finance, Chemical, Commercial Facilities, Communications, Dams, Defense Industrial Base, Emergency Services, Energy, Government Facilities, Information Technology, National Monuments and Icons, Nuclear Reactors, Materials and Waste, Postal and Shipping, Public Health and Healthcare, Transportation Systems, and Water. The course begins with an overview of risk, its definition and application to critical infrastructures as it relates to the National Infrastructure Protection Plan (NIPP). We then investigate measures, tools, and techniques for CIP assessment. The course develops a network theory of vulnerability analysis and risk assessment called Model-Based Risk Assessment (MBRA) used to extract the critical nodes from each sector, model the nodes' vulnerabilities by representing them in the form of a fault-tree, and then applying fault and financial risk reduction techniques to derive the optimal strategy for protection of each sector. The sectors are studied in detail in order to learn how they are structured, how regulatory policy influences protection strategies, and how to identify specific vulnerabilities inherent to each sector and its components. At the completion of the course, students will be able to apply CIP techniques (MBRA and others) to any critical infrastructure within their multi-jurisdictional region, and derive optimal strategies and draft policies for prevention of future terrorist attacks or natural disasters.