Search results for: cyber risk assessment

Authors: Amirhossein Karamoozian, Desheng Wu, Behzad Abbasnejad

Abstract:

Building information modelling (BIM) is a new technology to enhance the efficiency of project management in the construction industry. In addition to the potential benefits of this useful technology, there are various risks and obstacles to applying it in construction projects. In this study, a decision making approach is presented for risk assessment in BIM adoption in construction projects. Various risk factors of exerting BIM during different phases of the project lifecycle are identified with the help of Delphi method, experts’ opinions and related literature. Afterward, Shannon’s entropy and Fuzzy TOPSIS (Technique for Order Preference by Similarity to Ideal Situation) are applied to derive priorities of the identified risk factors. Results indicated that lack of knowledge between professional engineers about workflows in BIM and conflict of opinions between different stakeholders are the risk factors with the highest priority.

Keywords: risk, BIM, fuzzy TOPSIS, construction projects

Procedia PDF Downloads 195

Authors: Lagnajeet Mohanty, Mohnish Mishra, Pratham Tapdiya, Himanshu Sekhar Nayak, Swetapadma Singh

Abstract:

In the era of global interconnectedness, effective risk assessment and management are critical for organizational resilience. This review explores the integration of machine learning (ML) into risk processes, examining its transformative potential and the challenges it presents. The literature reveals ML's success in sectors like consumer credit, demonstrating enhanced predictive accuracy, adaptability, and potential cost savings. However, ethical considerations, interpretability issues, and the demand for skilled practitioners pose limitations. Looking forward, the study identifies future research scopes, including refining ethical frameworks, advancing interpretability techniques, and fostering interdisciplinary collaborations. The synthesis of limitations and future directions highlights the dynamic landscape of ML in risk management, urging stakeholders to navigate challenges innovatively. This abstract encapsulates the evolving discourse on ML's role in shaping proactive and effective risk management strategies in our interconnected and unpredictable global landscape.

Keywords: machine learning, risk assessment, ethical considerations, financial inclusion

Procedia PDF Downloads 33

Authors: Cai Qianyi

Abstract:

In the midst of global digital revolution, the flow of data poses security threats that call China's existing legislative framework for protecting personal information into question. As a preliminary procedure for risk analysis and prevention, the risk assessment of personal data transmission lacks detailed guidelines for support. Existing provisions reveal unclear responsibilities for network operators and weakened rights for data subjects. Furthermore, the regulatory system's weak operability and a lack of industry self-regulation heighten data transmission hazards. This paper aims to compare the regulatory pathways for data information transmission risks between China and Europe from a legal framework and content perspective. It draws on the “Data Protection Impact Assessment Guidelines” to empower multiple stakeholders, including data processors, controllers, and subjects, while also defining obligations. In conclusion, this paper intends to solve China's digital security shortcomings by developing a more mature regulatory framework and industry self-regulation mechanisms, resulting in a win-win situation for personal data protection and the development of the digital economy.

Keywords: personal information data transmission, risk assessment, DPIA, internet service provider, personal information data transimission, risk assessment

Procedia PDF Downloads 26

Authors: Shireen Simon

Abstract:

Cyberbullying among schoolchildren and teenagers became a hot issue discussed by Malaysian society. Cyberbullying is a new age of bullying because it uses the modern digital technology intentionally to hurt and degrade someone in the cyber world. Cyberbullying is a problem affecting many teenagers as they embrace online communication and interaction whereby virtual world with no borders. By adopting a qualitative approach, this study has captured 8 cyberbullied victims’ school experience. Even years after leaving school, these 8 cyberbullied victims remember how it feels to be bullied in the cyber world. The principal investigator also tries to identify the possibility factors that contribute to cyberbullying among these 8 victims. The result shows that these victims were bullied differently in cyber world. This study not just primarily focuses on cyberbullying issues among schoolchildren and teenagers; it also addresses the motives and causes of cyberbullying. Lastly, this article will be served as guidance for school teachers, parents and teenagers to prepare to tackle cyberbullying together. Cyberbullying is no laughing matter in our community, and it is time to spread the seeds of peace inspires others to do the same.

Keywords: cyberbullying, cyber victimization, internet, school experience, teenagers

Procedia PDF Downloads 266

Authors: Mohamed Fadzlee Sulaiman, Mohd Zabri Adil Talib, Aswami Fadillah Mohd Ariffin

Abstract:

Each individual organization has their own mechanism to build up cyber defense capability in protecting their information infrastructures from data breaches and cyber espionage. But, we can not deny the possibility of failing to detect and stop cyber attacks especially for those targeting credential information and intellectual property (IP). In this paper, we would like to share the modern approach of effective digital forensic methodology in order to identify the artifacts in tracing the trails of evidence while mitigating the infection from the target machine/s. This proposed approach will suit the digital forensic investigation to be conducted while resuming the business critical operation after mitigating the infection and minimizing the risk from the identified attack to transpire. Therefore, traditional digital forensics methodology has to be improvised to be proactive which not only focusing to discover the root caused and the threat actor but to develop the relevant mitigation plan in order to prevent from the same attack.

Keywords: digital forensic, detection, eradication, targeted attack, malware

Procedia PDF Downloads 246

Authors: Nuruddeen Usman, Usman Mohammed Gidado, Muhammad Ahmad Ibrahim

Abstract:

Construction industry is one of the sectors that are eyeing adoption of ICT for its development due to the advancement in technology. Though, many manufacturing sectors had been using it, but construction industry was left behind, especially in the developing nation like Nigeria. On account of that, the objective of this study is to conceptually and quantitatively synthesise whether the slow adoption of ICT by the construction industries can be attributable to cybercrime threats. The result of the investigation found that, the risk of cybercrime, and lack of adequate cyber security policies that can enforce and punish defaulters are among the things that hinder ICT adoption of the Nigerian construction industries. Therefore, there is need for the nations to educate their citizens on cybercrime risk, and to establish cybercrime police units that can be monitoring and controlling all online communications.

Keywords: construction industry, cybercrime, information and communication technology adoption, risk

Procedia PDF Downloads 477

Authors: Bouba Oumarou Aboubakar, HongXia Li, Sardar Annes Farooq

Abstract:

The Belt and Road Initiative’s success strongly depends on the safety of all the million workers on construction projects sites. As the new BRI is directed toward Africa and meets a completely different culture from the Chinese project managers, maintaining low risk for workers risks shall be closely related to cultural sharing and mutual understanding. This is why this work introduces a cultural-wise safety management framework for Chinese Construction projects in Africa. The theoretical contribution of this paper is an improved risk assessment framework that integrates language, culture and difficulty of controlling risk factors into one approach. Practically, this study provides not only a useful tool for project safety management practitioners but the full understanding of all risks that may arise in the BRI projects in Africa.

Keywords: cultural-wise, safety culture, risk assessment, Chinese construction, BRI projects, Africa

Procedia PDF Downloads 61

Authors: Muhammad Wasif, Asif Ahmed Shaikh, Sarosh Hashmat Lodi, Muhammad Aslam Bhutto, Riazuddin

Abstract:

Risk Management System is quite popular in profit- based organizations, health and safety and project management fields since the last few decades. But due to rapidly changing environment and requirement of ISO 9001:2015 standards, public-sector institution, especially higher education institutes are also performing risk assessment to monitor the performance of the institution and aligning it with the latest benchmark. In this context, NED University of Engineering and Technology performed research and developed a Standard Operating Procedure (SOP) for the risk assessment, its monitoring and control. In this research, risks are broken into the four sources, namely; Internal Academics Risks, External Academics Risks, Internal Non-academic Risks, External Non-academic Risks. Risks are identified by the management at all levels. Severity and likelihood of the risks are assigned based on the previous audit results and the customer complains. Risk Ratings are calculated to orderly arrange the risk according to the Risk Rating, and controls for the risks are designed, which are assigned to the responsible person. At the end of the article, result and analysis on the different sources of risk are discussed in details and the conclusion is drawn. Discussion on few sample risks are presented in this article. Hence it is presented in the research that the Risk Management System can be applied in a Higher Education Institute to effectively control the risks which might affect the scope and Quality Management System of an organization.

Keywords: higher education, quality management system, risk assessment, risk management

Procedia PDF Downloads 275

Authors: Ines Gasmi, Salima Smiti, Makram Soui, Khaled Ghedira

Abstract:

Credit risk is considered as one of the important issues for financial institutions. It provokes great losses for banks. To this objective, numerous methods for credit risk evaluation have been proposed. Many evaluation methods are black box models that cannot adequately reveal information hidden in the data. However, several works have focused on building transparent rules-based models. For credit risk assessment, generated rules must be not only highly accurate, but also highly interpretable. In this paper, we aim to build both, an accurate and transparent credit risk evaluation model which proposes a set of classification rules. In fact, we consider the credit risk evaluation as an optimization problem which uses a genetic programming (GP) algorithm, where the goal is to maximize the accuracy of generated rules. We evaluate our proposed approach on the base of German and Australian credit datasets. We compared our finding with some existing works; the result shows that the proposed GP outperforms the other models.

Keywords: credit risk assessment, rule generation, genetic programming, feature selection

Procedia PDF Downloads 322

Authors: Grace karimi Muriithi, Behnaz Papari, Ali Arsalan, Christopher Shannon Edrington

Abstract:

Complexity and nonlinearity of the control system design is increasing for DC microgrid applications when the cyber concept associated with the technology constraints will added to the picture. Controllers’ functionality during the critical operation mode is required to guaranteed specifically for a high profile applications such as NAVY DC ship power system (SPS) as an small-scaled DC microgrid. Thus, SPS is susceptible to cyber-attacks and, accordingly, can provide the disastrous effects. In this study, a machine learning (ML) approach is demonstrated to offer the promising performance of SPS for developing an effective and robust functionality over attacks time. Simulation results analysis demonstrate that the proposed method can improve the controllability successfully.

Keywords: controlability, cyber attacks, distribute control, machine learning

Procedia PDF Downloads 76

Authors: Prandesha Govender, Chris Cloete

Abstract:

Purpose: The objective of the paper is to develop a tool for the evaluation of the financial risk of a shopping center. Methodology: Important factors that indicate the success of a shopping center were identified from the available literature. Weights were allocated to these factors and a risk rating was calculated for 505 shopping centers in the largest province in South Africa by taking the factor scores, factor weights, and category weights into account. The ratings for ten randomly selected shopping centers were correlated with consumer feedback and standardized against the ECAI (External Credit Assessment Institutions) data for the same centers. The ratings were also mapped to corporates with the same risk rating to provide a better intuitive assessment of the meaning of the inherent risk of each center. Results: The proposed risk tool shows a strong linear correlation with consumer views and can be compared to expert opinions, such as that of fund managers and REITs. Interpretation of the tool was also illustrated by correlating the risk rating of selected shopping centers to the risk rating of reputable and established entities. Conclusions: The proposed Shopping Centre Risk Tool, used in conjunction with financial inputs from the relevant center, should prove useful to an investor when the desirability of investment in or expansion, renovation, or purchase of a shopping center is being considered.

Keywords: risk, shopping centres, risk modelling, investment, rating tool, rating scale

Procedia PDF Downloads 89

Authors: Jessemyn Modiini, Timothy Lynar, Elena Sitnikova

Abstract:

We present a novel enhanced compartmental model for malware spread analysis in cyber security. This paper applies cyber security data features to epidemiological compartmental models to model the infectious potential of malware. Compartmental models are most efficient for calculating the infectious potential of a disease. In this paper, we discuss and profile epidemiologically relevant data features from a Domain Name System (DNS) dataset. We then apply these features to epidemiological compartmental models to network traffic features. This paper demonstrates how epidemiological principles can be applied to the novel analysis of key cybersecurity behaviours and trends and provides insight into threat modelling above that of kill-chain analysis. In applying deterministic compartmental models to a cyber security use case, the authors analyse the deficiencies and provide an enhanced stochastic model for cyber epidemiology. This enhanced compartmental model (SUEICRN model) is contrasted with the traditional SEIR model to demonstrate its efficacy.

Keywords: cybersecurity, epidemiology, cyber epidemiology, malware

Procedia PDF Downloads 86

Authors: Elena M. Capitanul, Carlos A. Nunes Cosenza, Walid El Moudani, Felix Mora Camino

Abstract:

The construction of a new airport or the extension of an existing one requires massive investments and many times public private partnerships were considered in order to make feasible such projects. One characteristic of these projects is uncertainty with respect to financial and environmental impacts on the medium to long term. Another one is the multistage nature of these types of projects. While many airport development projects have been a success, some others have turned into a nightmare for their promoters. This communication puts forward a new approach for airport investment risk assessment. The approach takes explicitly into account the degree of uncertainty in activity levels prediction and proposes milestones for the different stages of the project for minimizing risk. Uncertainty is represented through fuzzy dual theory and risk management is performed using dynamic programming. An illustration of the proposed approach is provided.

Keywords: airports, fuzzy logic, risk, uncertainty

Procedia PDF Downloads 375

Authors: Jong-Hyo Park, Eunyoung Choi, Jae-Yeon Lim, Seon-Suk Lee, Yeong-Rong Koo, Ji-Ung Kwon, Kyung-Sung Kim, Jong-Ik Lee, Juhan Park, Hyun-Kyu Lee, Won-Kyoung Oh, Jisang Lee, Jiwon Choe

Abstract:

Due to COVID-19, cyber violence among youths has soared as they spend more time online than before. In contrast to the deepening concerns, measurement tools that can assess the vulnerability of cyber violence in individual youths still need to be supplemented. The measurement tools lack consideration of various factors related to cyber violence among youths. Most of the tools are self-report questionnaires, and these adolescents' self-report questionnaire forms can underestimate the harmful behavior and overestimate the damage experience. Therefore, this study aims to develop a multi-report measurement tool for youths that can reliably measure individuals' ecological factors related to cyber violence. The literature review explored factors related to cyber violence, and the questions were constructed. The face validity of the questions was confirmed by conducting focus group interviews. Exploratory and confirmatory factor analyses (N=671) were also conducted for statistical validation. This study developed a multi-report measurement tool for cyber violence with 161 questions, consisting of six domains: online behavior, cyber violence awareness, victimization-perpetration-witness experience, coping efficacy (individuals, peers, teachers, and parents), psychological characteristics, and pro-social capabilities. In addition to self-report from a youth respondent, this measurement tool includes peers, teachers, and parents reporting for the respondent. It is possible to reliably measure the ecological factors of individual youths who are vulnerable or highly resistant to cyber violence. In schools, teachers could refer to the measurement results for guiding students, better understanding their cyber violence conditions, and assessing their pro-social capabilities. With the measurement results, teachers and police officers could detect perpetrators or victims and intervene immediately. In addition, this measurement tool could analyze the effects of the prevention and intervention programs for cyber violence and draw appropriate suggestions.

Keywords: adolescents, cyber violence, cyber violence measurement tool, measurement tool, multi-report measurement tool, youths

Procedia PDF Downloads 80

Authors: Misha Teimouri

Abstract:

Our world has been transformed by the use of the internet and the constant flow of information. While this transmission has its benefits, it has also added significant challenges to family relations, primarily in the field of parenting and children's digital lives. Screens, speed, and connectedness are the words that characterize the lives of today's digital generation; it's as if the entire world is in their pockets at all times. Parents attempt to regulate and control their children's internet use in the hopes of maximizing the advantages and minimizing the disadvantages of their children's internet use; however, given that children spend more time online, particularly ever since the pandemic, children's cyber-aggression has become an issue for them. Children may externalize their behavior online, bully others, send anger/hatred/resist messages, share violent and bloody content, and engage in sexting. These types of online aggression make parenting more difficult, especially for digital immigrant parents compared to digital native parents. In response to these challenges, this study investigated the level of cyber aggression among children, as well as the effects of digi-parenting (active, monitoring, restrictive, and warm and supportive) on children's cyber-aggression (sexual, verbal, visual) as victims or aggressors. The study also determined whether there were any differences in parenting styles between digital natives (DN) and digital immigrants. In accordance with the study, boys and older children are more likely to engage in cyber aggression as aggressors, whereas girls and younger children are more likely to engage as victims. Warmth and supportive digiparenting have a greater impact on children's cyber-aggression (sexual, verbal, and visual) as victims or aggressors. This study also found that, when compared to DI parents, DN parents are more successful at digi-parenting and reducing their children's exposure to cyber-aggression.

Keywords: digi-parenting, cyber-aggression, digital natives, digital immigrants, children's cyber-aggression (sexual, verbal, visual)

Procedia PDF Downloads 28

Authors: Yunos Zahri, Ab Hamid R. Susanty, Ahmad Mustaffa

Abstract:

This paper explores the need for a national baseline study on understanding the level of cyber security situational awareness among primary and secondary school students in Malaysia. The online survey method was deployed to administer the data collection exercise. The target groups were divided into three categories: Group 1 (primary school aged 7-9 years old), Group 2 (primary school aged 10-12 years old), and Group 3 (secondary school aged 13-17 years old). A different questionnaire set was designed for each group. The survey topics/areas included Internet and digital citizenship knowledge. Respondents were randomly selected from rural and urban areas throughout all 14 states in Malaysia. A total of 9,158 respondents participated in the survey, with most states meeting the minimum sample size requirement to represent the country’s demographics. The findings and recommendations from this baseline study are fundamental to develop teaching modules required for children to understand the security risks and threats associated with the Internet throughout their years in school. Early exposure and education will help ensure healthy cyber habits among millennials in Malaysia.

Keywords: cyber security awareness, cyber security education, cyber security, school students

Procedia PDF Downloads 269

Authors: Babatunde Osabiya

Abstract:

Cybersecurity has emerged as a pressing policy problem in recent years, affecting individuals, businesses, and governments worldwide. This research paper aims to critically review the literature on cybersecurity policy and apply policy theory to propose a policy approach that balances the freedom to access and use technology with the human rights risks and threats posed by cyber. Drawing on various credible sources, the paper examines the scale and seriousness of cyber threats, highlighting the growing threat posed by cybercriminals, hackers, and nation-states. The paper also identifies the key challenges facing policymakers, including the need for more significant investment in cybersecurity research and development and the importance of balancing the benefits of technological innovation with the risks to privacy, security, and human rights. To address these challenges, the paper proposes a policy approach emphasizing investing in cybersecurity research and development to maintain a technological edge over potential adversaries. This approach also highlights the need for greater collaboration between government, industry, and civil society to develop effective cybersecurity policies and practices that protect the rights and freedoms of people while mitigating the risks posed by cyber threats. This paper will contribute to the growing body of literature on cybersecurity policy and offers a policy framework for addressing this critical policy challenge.

Keywords: security risk, legal framework, cyber security and policy, national security

Procedia PDF Downloads 63

Authors: Charuvan Kasemsap

Abstract:

This research was studied in Bangnampriao District, Chachernsao Province, Thailand. The primary data relating to flooding, drought, and saline intrusion problem on agriculture were collected by surveying, focus group, and in-depth interview with agricultural officers, technical officers of irrigation department, and local government leader of Bangnampriao District. The likelihood and consequence of risk were determined the risk index by risk assessment matrix. In addition, the risk index and the total coping capacity scores were investigated the vulnerability index by vulnerability matrix. It was found that the high-risk drought and saline intrusion was dramatically along Bang Pakong River owing to the end destination of Chao Phraya Irrigation system of Central Thailand. This leads yearly the damage of rice paddy, mango tree, orchard, and fish pond. Therefore, some agriculture avoids rice growing during January to May, and also pumps fresh water from a canal into individual storage pond. However, Bangnampriao District will be strongly affected by the impacts of climate change. Monthly precipitations are expected to decrease in number; dry seasons are expected to be more in number and longer in duration. Thus, the risk and vulnerability of agriculture are also increasing. Adaptation strategies need to be put in place in order to enhance the resilience of the agriculture.

Keywords: agriculture, bangnampriao, climate change, risk assessment

Procedia PDF Downloads 398

Authors: Yang Yu, Jian Wang, Jiqiang Liu, Lei Han, Xudong He, Shaohua Lv

Abstract:

As the increasing network attacks become more and more complex, network situation assessment based on log analysis cannot meet the requirements to ensure network security because of the low quality of logs and alerts. This paper addresses the lack of consideration of security attributes of hosts and attacks in the network. Identity and effectiveness of Distributed Denial of Service (DDoS) are hard to be proved in risk assessment based on alerts and flow matching. This paper proposes a multi-dimension threat situation assessment method based on network security attributes. First, the paper offers an improved Common Vulnerability Scoring System (CVSS) calculation, which includes confident risk, integrity risk, availability risk and a weighted risk. Second, the paper introduces deterioration rate of properties collected by sensors in hosts and network, which aimed at assessing the time and level of DDoS attacks. Third, the paper introduces distribution of asset value in security attributes considering features of attacks and network, which aimed at assessing and show the whole situation. Experiments demonstrate that the approach reflects effectiveness and level of DDoS attacks, and the result can show the primary threat in network and security requirement of network. Through comparison and analysis, the method reflects more in security requirement and security risk situation than traditional methods based on alert and flow analyzing.

Keywords: DDoS evaluation, improved CVSS, network security attribute, threat situation assessment

Procedia PDF Downloads 184

Authors: Miral Sabry AlAshry

Abstract:

The main objective of the study is to investigate the effectiveness of Egyptian Journalists through the Anti-Cyber and Information Technology Crimes Law, as well as its implications for journalistic practice and the implications for press freedom in Egypt. Questionnaires were undertaken with 192 journalists representing four official newspapers, and in-depth interviews were held with 15 journalists. The study used an Authoritarian theory as a theoretical framework. The study revealed that the government placed restrictions on journalists by using the law to oppress them.

Keywords: anti-cyber and information technology crimes law, media legislation, personal information, Egyptian constitution

Procedia PDF Downloads 346

Authors: J. R. Wang, W. Y. Cheng, J. S. Yeh, S. W. Chen, Y. M. Ferng, J. H. Yang, W. S. Hsu, C. Shih

Abstract:

To understand the risk for dry storage concrete casks in the cask loading, transfer, and storage phase, the purpose of this research is to establish the probabilistic risk assessment (PRA) analysis methodology for dry storage concrete casks by using SAPHIRE 8 code. This analysis methodology is used to perform the study of Taiwan nuclear power plants (NPPs) dry storage system. The process of research has three steps. First, the data of the concrete casks and Taiwan NPPs are collected. Second, the PRA analysis methodology is developed by using SAPHIRE 8. Third, the PRA analysis is performed by using this methodology. According to the analysis results, the maximum risk is the multipurpose canister (MPC) drop case.

Keywords: PRA, dry storage, concrete cask, SAPHIRE

Procedia PDF Downloads 189

Authors: Isabela Moreira Queiroz

Abstract:

Slope stability analyses are largely carried out by deterministic methods and evaluated through a single security factor. Although it is known that the geotechnical parameters can present great dispersal, such analyses are considered fixed and known. The probabilistic methods, in turn, incorporate the variability of input key parameters (random variables), resulting in a range of values of safety factors, thus enabling the determination of the probability of failure, which is an essential parameter in the calculation of the risk (probability multiplied by the consequence of the event). Among the probabilistic methods, there are three frequently used methods in geotechnical society: FOSM (First-Order, Second-Moment), Rosenblueth (Point Estimates) and Monte Carlo. This paper presents a comparison between the results from deterministic and probabilistic analyses (FOSM method, Monte Carlo and Rosenblueth) applied to a hypothetical slope. The end was held to evaluate the behavior of the slope and consequent risk analysis, which is used to calculate the risk and analyze their mitigation and control solutions. It can be observed that the results obtained by the three probabilistic methods were quite close. It should be noticed that the calculation of the risk makes it possible to list the priority to the implementation of mitigation measures. Therefore, it is recommended to do a good assessment of the geological-geotechnical model incorporating the uncertainty in viability, design, construction, operation and closure by means of risk management. 

Keywords: probabilistic methods, risk assessment, risk management, slope stability

Procedia PDF Downloads 350

Authors: Baobao Li

Abstract:

Operational risk covers all operations of commercial banks and has a close relationship with the bank’s internal control. But in the commercial banks' management practice, internal control is always separated from the operational risk measurement. With the increasing of operational risk events in recent years, operational risk is paid more and more attention by regulators and banks’ managements. The paper first discussed the relationship between internal control and operational risk management and used CVaR-POT model to measure operational risk, and then put forward a modified measurement method (to use operational risk assessment results to modify the measurement results of the CVaR-POT model). The paper also analyzed the necessity and rationality of this method. The method takes into consideration the influence of internal control, improves the accuracy and effectiveness of operational risk measurement and save the economic capital for commercial banks, avoiding the drawbacks of using some mainstream models one-sidedly.

Keywords: commercial banks, internal control, operational risk, risk measurement

Procedia PDF Downloads 372

Authors: Francesco Lubrano, Fabrizio Bertone, Federico Stirano

Abstract:

Modern societies strongly depend on Critical Infrastructures (CI). Hospitals, power supplies, water supplies, telecommunications are just few examples of CIs that provide vital functions to societies. CIs like hospitals are very complex environments, characterized by a huge number of cyber and physical systems that are becoming increasingly integrated. Ensuring a high level of security within such critical infrastructure requires a deep knowledge of vulnerabilities, threats, and potential attacks that may occur, as well as defence and prevention or mitigation strategies. The possibility to remotely monitor and control almost everything is pushing the adoption of network-connected devices. This implicitly introduces new threats and potential vulnerabilities, posing a risk, especially to those devices connected to the Internet. Modern medical devices used in hospitals are not an exception and are more and more being connected to enhance their functionalities and easing the management. Moreover, hospitals are environments with high flows of people, that are difficult to monitor and can somehow easily have access to the same places used by the staff, potentially creating damages. It is therefore clear that physical and cyber threats should be considered, analysed, and treated together as cyber-physical threats. This means that an integrated approach is required. SAFECARE, an integrated cyber-physical security solution, tries to respond to the presented issues within healthcare infrastructures. The challenge is to bring together the most advanced technologies from the physical and cyber security spheres, to achieve a global optimum for systemic security and for the management of combined cyber and physical threats and incidents and their interconnections. Moreover, potential impacts and cascading effects are evaluated through impact propagation models that rely on modular ontologies and a rule-based engine. Indeed, SAFECARE architecture foresees i) a macroblock related to cyber security field, where innovative tools are deployed to monitor network traffic, systems and medical devices; ii) a physical security macroblock, where video management systems are coupled with access control management, building management systems and innovative AI algorithms to detect behavior anomalies; iii) an integration system that collects all the incoming incidents, simulating their potential cascading effects, providing alerts and updated information regarding assets availability.

Keywords: cyber security, defence strategies, impact propagation, integrated security, physical security

Procedia PDF Downloads 142

Authors: Anikó Kaluzsa

Abstract:

The article's author aims to introduce and analyze those microbiological safety hazards which indicate the presence of secondary contamination in the water supply system. Since drinking water belongs to primary foods and is the basic condition of life, special attention should be paid on its quality. There are such indicators among the microbiological features can be found in water, which are clear evidence of the presence of water contamination, and based on this there is no need to perform other diagnostics, because they prove properly the contamination of the given water supply section. Laboratory analysis can help - both technologically and temporally – to identify contamination, but it does matter how long takes the removal and if the disinfection process takes place in time. The identification of the factors that often occur in the same places or the chance of their occurrence is greater than the average, facilitates our work. The pathogen microbiological risk assessment by the help of several features determines the most likely occurring microbiological features in the Carpathian basin. From among all the microbiological indicators, that are recommended targets for routine inspection by the World Health Organization, there is a paramount importance of the appearance of Escherichia coli in the water network, as its presence indicates the potential ubietiy of enteric pathogens or other contaminants in the water network. In addition, the author presents the steps of microbiological risk assessment analyzing those pathogenic micro-organisms registered to be the most critical.

Keywords: drinking water, E. coli, microbiological indicators, risk assessment, water safety plan

Procedia PDF Downloads 308

Authors: Asnawi Mohd Busrah, Au Mau Teng, Tan Chin Hooi, Lau Chee Chong

Abstract:

This paper describes value based planning (VBP) methodology incorporating risk assessment as an enhanced and more practical approach to evaluate distribution network projects in Peninsular Malaysia. Assessment indicators associated with economics, performance and risks are formulated to evaluate distribution projects to quantify their benefits against investment. The developed methodology is implemented in a web-based software customized to capture investment and network data, compute assessment indicators and rank the proposed projects according to their benefits. Value based planning approach addresses economic factors in the power distribution planning assessment, so as to minimize cost solution to the power utility while at the same time provide maximum benefits to customers.

Keywords: value based planning, distribution network, value of loss load (VoLL), energy not served (ENS)

Procedia PDF Downloads 459

Authors: Rula D. Alshareef, Safa S. Alqathmi, Ghadah K. Alkhouldi, Reem O. Bagabas, Farheen B. Hasan

Abstract:

Safety engineering is among the most crucial considerations in any work environment. Providing mentally, physically, and environmentally safe work conditions must be the top priority of any successful organization. Company X is a local paint production company in Saudi Arabia; in a month, the factory experienced two significant accidents, which indicates that workers’ safety is overlooked. The aim of the research is to examine the risks, assess the root causes and recommend control measures that will eventually contribute to providing a safe workplace. The methodology used is sectioned into three phases, risk identification, assessment, and finally, mitigation. In the identification phase, the team used Rapid Entire Body Assessment (REBA) and National Institute for Occupational Safety and Health Lifting Index (NIOSH LI) tools to holistically establish knowledge about the current risk posed to the factory. The physical hazards in the factory were assessed in two different operations, which are mixing and filling/packaging. For the risk assessment phase, the hazards were deeply analyzed through their severity and impact. Additionally, through risk mitigation, the Rapid Entire Body Assessment (REBA) score decreased from 11 to 7, and the National Institute for Occupational Safety and Health Lifting Index (NIOSH LI) has been reduced from 5.27 to 1.85.

Keywords: ergonomics, safety, workplace risks, hazards, awkward posture, fatigue, work environment

Procedia PDF Downloads 55

Authors: Narissara Nuthammachot, Dimitris Stratoulias

Abstract:

Fire is one of the main causes of environmental and ecosystem change. Therefore, it is a challenging task for fire risk assessment fire potential mapping. The study area is Hua Sai district, Nakorn Sri Thammarat province, which covers in a part of peat swamp forest areas. 55 fire points in peat swamp areas were reported from 2012 to 2016. Analytic Hierarchy Process (AHP) and Geographic Information System (GIS) methods were selected for this study. The risk fire area map was arranged on these factors; elevation, slope, aspect, precipitation, distance from the river, distance from town, and land use. The results showed that the predicted fire risk areas are found to be in appreciable reliability with past fire events. The fire risk map can be used for the planning and management of fire areas in the future.

Keywords: analytic hierarchy process, fire risk assessment, geographic information system, peat swamp forest

Procedia PDF Downloads 177

Authors: Yusuf Garba Baba

Abstract:

The construction industry and housing subsector are fraught with risks that have the potential of negatively impacting on the achievement of project objectives. The success or otherwise of most construction projects depends to large extent on how well these risks have been managed. The recent paradigm shift by the subsector to use of formal risk management approach in contrast to hitherto developed rules of thumb means that risks must not only be identified but also properly assessed and responded to in a systematic manner. The study focused on identifying risks associated with housing development projects and prioritisation assessment of the identified risks in order to provide basis for informed decision. The study used a three-step identification framework: review of literature for similar projects, expert consultation and questionnaire based survey to identify potential risk factors. Delphi survey method was employed in carrying out the relative prioritization assessment of the risks factors using computer-based Analytical Hierarchical Process (AHP) software. The results show that 19 out of the 50 risks significantly impact on housing development projects. The study concludes that although significant numbers of risk factors have been identified as having relevance and impacting to housing construction projects, economic risk group and, in particular, ‘changes in demand for houses’ is prioritised by most developers as posing a threat to the achievement of their housing development objectives. Unless these risks are carefully managed, their effects will continue to impede success in these projects. The study recommends the adoption and use of the combination of multi-technique identification framework and AHP prioritization assessment methodology as a suitable model for the assessment of risks in housing development projects.

Keywords: risk management, risk identification, risk analysis, analytic hierarchical process

Procedia PDF Downloads 91

Authors: Christo Februanto Putra

Abstract:

This paper presents risk identification that affects investment feasibility on toll road infrastructure in Indonesia using qualitative methods survey based on the expert practitioner in investor, contractor, and state officials. The problems on infrastructure investment in Indonesia, especially on KPBU model contract, is many risk factors in the investment plan is not calculated in detail thoroughly. Risk factor is a value used to provide an overview of the risk level assessment of an event which is a function of the probability of the occurrence and the consequences of the risks that arise. As results of the survey which is to show which risk factors impacts directly to the investment feasibility and rank them by their impacts on the investment.

Keywords: risk identification, indonesia toll road, investment feasibility

Procedia PDF Downloads 252