Search results for: cybersecurity risk assessment

Authors: Anders Thorsén, Behrooz Sangchoolie, Peter Folkesson, Ted Strandberg

Abstract:

As more parts of the power grid become connected to the internet, the risk of cyberattacks increases. To identify the cybersecurity threats and subsequently reduce vulnerabilities, the common practice is to carry out a cybersecurity risk assessment. For safety classified systems and products, there is also a need for safety risk assessments in addition to the cybersecurity risk assessment in order to identify and reduce safety risks. These two risk assessments are usually done separately, but since cybersecurity and functional safety are often related, a more comprehensive method covering both aspects is needed. Some work addressing this has been done for specific domains like the automotive domain, but more general methods suitable for, e.g., intelligent distributed grids, are still missing. One such method from the automotive domain is the Security-Aware Hazard Analysis and Risk Assessment (SAHARA) method that combines safety and cybersecurity risk assessments. This paper presents an approach where the SAHARA method has been modified in order to be more suitable for larger distributed systems. The adapted SAHARA method has a more general risk assessment approach than the original SAHARA. The proposed method has been successfully applied on two use cases of an intelligent distributed grid.

Keywords: intelligent distribution grids, threat analysis, risk assessment, safety, cybersecurity

Procedia PDF Downloads 119

Authors: Hilalah Alturkistani, Alaa AlFaadhel, Nora AlJahani, Fatiha Djebbar

Abstract:

Cloud computing is one of the most widely used technology which provides opportunities and services to government entities, large companies, and standard users. However, cybersecurity risk management studies of cloud computing and resiliency approaches are lacking. This paper proposes resilient cloud cybersecurity risk assessment and management tailored specifically, to Dropbox with two approaches:1) technical-based solution motivated by a cybersecurity risk assessment of cloud services, and 2)a target personnel-based solution guided by cybersecurity-related survey among employees to identify their knowledge that qualifies them withstand to any cyberattack. The proposed work attempts to identify cloud vulnerabilities, assess threats and detect high risk components, to finally propose appropriate safeguards such as failure predicting and removing, redundancy or load balancing techniques for quick recovery and return to pre-attack state if failure happens.

Keywords: cybersecurity risk management plan, resilient cloud computing, cyberattacks, cybersecurity risk assessment

Procedia PDF Downloads 99

Authors: Pema Choejey, David Murray, Chun Che Fung

Abstract:

Bhutan is becoming increasingly dependent on Information and Communications Technologies (ICTs), especially the Internet for performing the daily activities of governments, businesses, and individuals. Consequently, information systems and networks are becoming more exposed and vulnerable to cybersecurity threats. This paper highlights the findings of the survey study carried out to understand the perceptions of cybersecurity implementation among government organizations in Bhutan. About 280 ICT personnel were surveyed about the effectiveness of cybersecurity implementation in their organizations. A questionnaire based on a 5 point Likert scale was used to assess the perceptions of respondents. The questions were asked on cybersecurity practices such as cybersecurity policies, awareness and training, and risk management. The survey results show that less than 50% of respondents believe that the cybersecurity implementation is effective: cybersecurity policy (40%), risk management (23%), training and awareness (28%), system development life cycle (34%); incident management (26%), and communications and operational management (40%). The findings suggest that many of the cybersecurity practices are inadequately implemented and therefore, there exist a gap in achieving a required cybersecurity posture. This study recommends government organizations to establish a comprehensive cybersecurity program with emphasis on cybersecurity policy, risk management, and awareness and training. In addition, the research study has practical implications to both government and private organizations for implementing and managing cybersecurity.

Keywords: awareness and training, cybersecurity policy, risk management, security risks

Procedia PDF Downloads 304

Authors: Kitty Kioskli, Nineta Polemi

Abstract:

Evaluating the levels of cyber-security risks within an enterprise is most important in protecting its information system, services and all its digital assets against security incidents (e.g. accidents, malicious acts, massive cyber-attacks). The existing risk assessment methodologies (e.g. eBIOS, OCTAVE, CRAMM, NIST-800) adopt a technical approach considering as attack factors only the capability, intention and target of the attacker, and not paying attention to the attacker’s psychological profile and personality traits. In this paper, a socio-technical approach is proposed in cyber risk assessment, in order to achieve more realistic risk estimates by considering the personality traits of the attackers. In particular, based upon principles from investigative psychology and behavioural science, a multi-dimensional, extended, quantifiable model for an attacker’s profile is developed, which becomes an additional factor in the cyber risk level calculation.

Keywords: attacker, behavioural models, cyber risk assessment, cybersecurity, human factors, investigative psychology, ISO27001, ISO27005

Procedia PDF Downloads 123

Authors: Saadia Drissi

Abstract:

The cloud computing is an innovative paradigm that introduces several changes in technology that have resulted a new ways for cloud providers to deliver their services to cloud consumers mainly in term of security risk assessment, thus, adapting a current risk assessment tools to cloud computing is a very difficult task due to its several characteristics that challenge the effectiveness of risk assessment approaches. As consequence, there is a need of risk assessment model adapted to cloud computing. This paper requires a new risk assessment model based on multi-agent system and AHP model as fundamental steps towards the development of flexible risk assessment approach regarding cloud consumers.

Keywords: cloud computing, risk assessment model, multi-agent system, AHP model, cloud consumer

Procedia PDF Downloads 514

Authors: Andrew John Zeller, Francis Pouatcha

Abstract:

Working according to the DevOps principle has gained in popularity over the past decade. While its extension DevSecOps started to include elements of cybersecurity, most real-life projects do not focus risk and security until the later phases of a project as teams are often more familiar with engineering and infrastructure services. To help bridge the gap between security and engineering, this paper will take six building blocks of cybersecurity and apply them to the DevOps approach. After giving a brief overview of the stages in the DevOps lifecycle, the main part discusses to what extent six cybersecurity blocks can be utilized in various stages of the lifecycle. The paper concludes with an outlook on how to stay up to date in the dynamic world of cybersecurity.

Keywords: information security, data security, cybersecurity, devOps, IT management

Procedia PDF Downloads 66

Authors: Sanja Bracun, Nikolina Kasunic

Abstract:

After graduation, the student population of applied sciences will become the population of employees on IT experts’ positions or "just" business users of certain IT technologies for which the level of awareness of existing cybersecurity risks is extremely important. This research results define the current cybersecurity awareness level of students at Zagreb University of Applied Sciences (TVZ), what can be useful not only for teaching staff to form a curriculum related to cybersecurity more accurately but also to employers to know what to expect from their future employees regarding cybersecurity awareness level.

Keywords: student population cybersecurity awareness, cybersecurity awareness, cybersecurity, applied sciences students

Procedia PDF Downloads 213

Authors: Jolanta Tamošaitienė

Abstract:

The article focuses on a developed comprehensive model to be used in an agile environment for the risk assessment and selection based on multi-attribute methods. The model is based on a multi-attribute evaluation of risk in construction, and the determination of their optimality criterion values are calculated using complex Multiple Criteria Decision-Making methods. The model may be further applied to risk assessment in an agile construction environment. The attributes of risk in a construction project are selected by applying the risk assessment condition to the construction sector, and the construction process efficiency in the construction industry accounts for the agile environment. The paper presents the comprehensive risk assessment model in an agile construction environment. It provides a background and a description of the proposed model and the developed analysis of the comprehensive risk assessment model in an agile construction environment with the criteria.

Keywords: assessment, environment, agile, model, risk

Procedia PDF Downloads 222

Authors: Shaila Rana, Wasim Alhamdani

Abstract:

Effective cybersecurity learning relies on an engaging, interactive, and entertaining activity that fosters positive learning outcomes. VR cybersecurity training may promote these aforementioned variables. However, a methodological approach and framework have not yet been created to allow trainers and educators to employ VR cybersecurity training methods to promote positive learning outcomes to the author’s best knowledge. Thus, this paper aims to create an approach that cybersecurity trainers can follow to create a VR cybersecurity training module. This methodology utilizes concepts from other cybersecurity training frameworks, such as NICE and CyTrONE. Other cybersecurity training frameworks do not incorporate the use of VR. VR training proposes unique challenges that cannot be addressed in current cybersecurity training frameworks. Subsequently, this ontology utilizes concepts unique to developing VR training to create a relevant methodology for creating VR cybersecurity training modules. The outcome of this research is to create a methodology that is relevant and useful for designing VR cybersecurity training modules.

Keywords: virtual reality cybersecurity training, VR cybersecurity training, traditional cybersecurity training, ontology

Procedia PDF Downloads 249

Authors: Gampel Alexander, Mazzuchi Thomas, Sarkani Shahram

Abstract:

The cybersecurity landscape is constantly evolving, and organizations must adapt to the changing threat environment to protect their assets. The implementation of the NIST Risk Management Framework (RMF) has become critical in ensuring the security and safety of industrial control and automation systems. However, cybersecurity professionals are facing challenges in implementing RMF, leading to systems operating without authorization and being non-compliant with regulations. The current approach to RMF implementation based on business practices is limited and insufficient, leaving organizations vulnerable to cyberattacks resulting in the loss of personal consumer data and critical infrastructure details. To address these challenges, this research proposes a Model-Based Systems Engineering (MBSE) approach to implementing cybersecurity controls and assessing risk through the RMF process. The study emphasizes the need to shift to a modeling approach, which can streamline the RMF process and eliminate bloated structures that make it difficult to receive an Authorization-To-Operate (ATO). The study focuses on the practical application of MBSE in industrial control and automation systems to improve the security and safety of operations. It is concluded that MBSE can be used to solve the implementation challenges of the NIST RMF process and improve the security of industrial control and automation systems. The research suggests that MBSE provides a more effective and efficient method for implementing cybersecurity controls and assessing risk through the RMF process. The future work for this research involves exploring the broader applicability of MBSE in different industries and domains. The study suggests that the MBSE approach can be applied to other domains beyond industrial control and automation systems.

Keywords: authorization-to-operate (ATO), industrial control systems (ICS), model-based system’s engineering (MBSE), risk management framework (RMF)

Procedia PDF Downloads 50

Authors: K. Sekulová, M. Šimon

Abstract:

This article focuses on upper-extremity musculoskeletal disorders risk assessment model at workplace. In this model are used risk factors that are responsible for musculoskeletal system damage. Based on statistic calculations the model is able to define what risk of MSD threatens workers who are under risk factors. The model is also able to say how MSD risk would decrease if these risk factors are eliminated.

Keywords: ergonomics, musculoskeletal disorders, occupational diseases, risk factors

Procedia PDF Downloads 505

Authors: Cinzia Carrodano, Dimitri Konstantas

Abstract:

Risk is part of our lives. In today’s society risk is connected to our safety and safety has become a major priority in our life. Each person lives his/her life based on the evaluation of the risk he/she is ready to accept and sustain, and the level of safety he/she wishes to reach, based on highly personal criteria. The assessment of risk a person takes in a complex environment and the impact of actions of other people’actions and events on our perception of risk are alements to be considered. The concept of Holistic Risk Assessment (HRA) aims in developing a methodology and a model that will allow us to take into account elements outside the direct influence of the individual, and provide a personalized risk assessment. The concept is based on the fact that in the near future, we will be able to gather and process extremely large amounts of data about an individual and his/her environment in real time. The interaction and correlation of these data is the key element of the holistic risk assessment. In this paper, we present the HRA concept and describe the most important elements and considerations.

Keywords: continuous data, dynamic risk, holistic risk assessment, risk concept

Procedia PDF Downloads 83

Authors: Sadiq Nasir

Abstract:

The need for strong cybersecurity measures has been brought to light by society's growing reliance on technology. Cybersecurity breaches continue, with the human aspect playing a crucial role, despite the availability of technology remedies. By analyzing the most recent findings in this area of research on awareness, attitudes, and behaviour, this literature review seeks to comprehend the human element in cybersecurity. A thorough overview of the most recent studies and gaps in the body of knowledge will be determined through a systematic examination of the literature. The paper indicates that in order to address the human component in cybersecurity, a socio-technical strategy is required, and it advocates for additional study in order to fully comprehend the consequences of various interventions. The findings of this study will increase our understanding of cybersecurity and have useful ramifications for companies wanting to strengthen their cybersecurity posture.

Keywords: cybersecurity, cybersecurity awareness, human factor in security, human security

Procedia PDF Downloads 52

Authors: Lenka Jesonkova, Frantisek Bozek

Abstract:

Trihalogenmethanes (THMs) are disinfection byproducts with non-carcinogenic and genotoxic effects. The contamination of 6 sites close to the water treatment plant has been monitored in second largest city of the Czech Republic. Health risk assessment including both non-carcinogenic and genotoxic risk for long term exposition was realized using the critical concentrations. Concentrations of trihalogenmethanes met national standards in all samples. Risk assessment proved that health risks from trihalogenmethanes are acceptable on each site.

Keywords: drinking water, health risk assessment, trihalogenmethanes, water pollution

Procedia PDF Downloads 488

Authors: Shaila Rana, Wasim Alhamdani

Abstract:

Effective cybersecurity training is of the utmost importance, given the plethora of attacks that continue to increase in complexity and ubiquity. VR cybersecurity training remains a starkly understudied discipline. Studies that evaluated the effectiveness of VR cybersecurity training over traditional methods are required. An engaging and interactive platform can support knowledge retention of the training material. Consequently, an effective form of cybersecurity training is required to support a culture of cybersecurity awareness. Measurements of effectiveness varied throughout the studies, with surveys and observations being the two most utilized forms of evaluating effectiveness. Further research is needed to evaluate the effectiveness of VR cybersecurity training and traditional training. Additionally, research for evaluating if VR cybersecurity training is more effective than traditional methods is vital. This paper proposes a methodology to compare the two cybersecurity training methods and their effectiveness. The proposed framework includes developing both VR and traditional cybersecurity training methods and delivering them to at least 100 users. A quiz along with a survey will be administered and statistically analyzed to determine if there is a difference in knowledge retention and user satisfaction. The aim of this paper is to bring attention to the need to study VR cybersecurity training and its effectiveness compared to traditional training methods. This paper hopes to contribute to the cybersecurity training field by providing an effective way to train users for security awareness. If VR training is deemed more effective, this could create a new direction for cybersecurity training practices.

Keywords: virtual reality cybersecurity training, VR cybersecurity training, traditional cybersecurity training

Procedia PDF Downloads 179

Authors: Pui Yong Leo, Normy Maziah Mohd Said

Abstract:

Change of global economy landscape and business environment has led to companies’ decision to go global and enter international markets. As the companies go beyond the comfort zone (i.e. investing in the home country), it is important to ensure a comprehensive risk assessment is carried out. This paper describes a standardized approach for international investment, ensuring identification of risk, risk appetite, risk rating, risk treatment and mitigation plans for respective international investment proposal. The standardized approach is divided into three (3) stages as follows: Stage 1 – Preliminary Risk profiling; with the objective to gauge exposure to countries and high level risk factors as first level assessment. Stage 2 – Risk Parameters; with the objective to define risk appetite for the international investment from the perspective of likelihood and impact. Stage 3 – Detailed Risk Assessments; with the objectives to assess in detail any triggered elements from Stage 1, and project specific risks. The final output will include the mitigation plans for the identified risks for the total investment. Example will be given in this paper to show how comprehensive risk assessment is carried out for an international investment in power energy sector.

Keywords: international investment, mitigation plans, risk appetite, risk assessment

Procedia PDF Downloads 342

Authors: Dipak Sonawane, Sudarshan Daga, Somesh Gupta

Abstract:

Quantitative risk assessment (QRA) is a very precise and consistent approach to defining the likelihood, consequence and severity of a major incident/accident. A variety of hazardous cargoes in bulk, such as hydrocarbons and flammable/toxic chemicals, are handled at various ports. It is well known that most of the operations are hazardous, having the potential of damaging property, causing injury/loss of life and, in some cases, the threat of environmental damage. In order to ensure adequate safety towards life, environment and property, the application of scientific methods such as QRA is inevitable. By means of these methods, comprehensive hazard identification, risk assessment and appropriate implementation of Risk Control measures can be carried out. In this paper, the authors, based on their extensive experience in Risk Analysis for ports and harbors, have exhibited how QRA can be used in practice to minimize and contain risk to tolerable levels. A specific case involving the operation for unloading of hydrocarbon at a port is presented. The exercise provides confidence that the method of QRA, as proposed by the authors, can be used appropriately for the identification of hazards and risk assessment of Ports and Terminals.

Keywords: quantitative risk assessment, hazard assessment, consequence analysis, individual risk, societal risk

Procedia PDF Downloads 49

Authors: Preeda Sansakorn, Min An

Abstract:

In order to be capable of dealing with uncertainties, subjectivities, including vagueness arising in building construction projects, the application of fuzzy reasoning technique based on fuzzy set theory is proposed. This study contributes significantly to the development of a fuzzy reasoning safety risk assessment model for building construction projects that could be employed to assess the risk magnitude of each hazardous event identified during construction, and a third parameter of probability of consequence is incorporated in the model. By using the proposed safety risk analysis methodology, more reliable and less ambiguities, which provide the safety risk management project team for decision-making purposes.

Keywords: safety risk assessment, building construction safety, fuzzy reasoning, construction risk assessment model, building construction projects

Procedia PDF Downloads 451

Authors: Phontip Kanlahasuth

Abstract:

This paper presents the environmental safety and occupational health risk assessment of rocket static test by assessing risk level from probability and severity and then appropriately applying the risk control measures. Before the environmental safety and occupational health measures are applied, the serious hazards level is 31%, medium level is 24% and low level is 45%. Once risk control measures are practically implemented, the serious hazard level can be diminished, medium level is 38%, low level is 45% and eliminated level is 17%. It is clearly shown that the environmental safety and occupational health measures can significantly reduce the risk level.

Keywords: rocket static test, hazard, risk, risk assessment, risk analysis, environment, safety, occupational health, acceptable risk, probability, severity, risk level

Procedia PDF Downloads 550

Authors: Sandija Zeverte-Rivza, Irina Pilvere, Baiba Rivza

Abstract:

The use of renewable energy sources incl. biogas has become topical in accordance with the increasing demand for energy, decrease of fossil energy resources and the efforts to reduce greenhouse gas emissions as well as to increase energy independence from the territories where fossil energy resources are available. As the technologies of biogas production from agricultural biomass develop, risk assessment and risk management become necessary for farms producing such a renewable energy. The need for risk assessments has become particularly topical when discussions on changing the biogas policy in the EU take place, which may influence the development of the sector in the future, as well as the operation of existing biogas facilities and their income level. The current article describes results of the risk assessment for farms producing biomass from agriculture biomass in Latvia, the risk assessment system included 24 risks, that affect the whole biogas production process and the obtained results showed the high significance of political and production risks.

Keywords: biogas production, risks, risk assessment, biosystems engineering

Procedia PDF Downloads 364

Authors: Qing Cao

Abstract:

Generally speaking, China has a relatively high level of intellectual property (IP) infringement. Risk assessment is indispensable in the strategic planning process. To complement the current literature in international business, the paper sheds the light on how to assess IP risk for foreign companies in planning market entry to China. Evaluating internal and external IP environment, proposed in the paper, consists of external analysis, internal analysis and further internal analysis. Through position the company’s IP environment, the risk assessment approach enables the foreign companies to either build the corresponding IP strategies or abort the entry plan beforehand to minimize the IP risks.

Keywords: intellectual property, IP environment, risk assessment

Procedia PDF Downloads 522

Authors: Serzhan Ashirov, Dana Nour, Rafat Rob, Khaled Alotaibi

Abstract:

There has been a fast growth in the introduction and use of communications, information, monitoring, and sensing technologies. The new technologies are making their way to the Industrial Control Systems as embedded in products, software applications, IT services, or commissioned to enable integration and automation of increasingly global supply chains. As a result, the lines that separated the physical, digital, and cyber world have diminished due to the vast implementation of the new, disruptive digital technologies. The variety and increased use of these technologies introduce many cybersecurity risks affecting cyber-resilience of the supply chain, both in terms of the product or service delivered to a customer and members of the supply chain operation. US department of energy considers supply chain in the IR4 space to be the weakest link in cybersecurity. The IR4 identified the digitization of the field devices, followed by digitalization that eventually moved through the digital transformation space with little care for the new introduced cybersecurity risks. This paper will examine the best methodologies for securing the electrical substations from cybersecurity attacks due to supply chain risks, and due to digitization effort. SCADA systems are the most vulnerable part of the power system infrastructure due to digitization and due to the weakness and vulnerabilities in the supply chain security. The paper will discuss in details how create a secure supply chain methodology, secure substations, and mitigate the risks due to digitization

Keywords: cybersecurity, supply chain methodology, secure substation, digitization

Procedia PDF Downloads 36

Authors: Saif Hussein Abdallah Alghazo, Norshima Humaidi

Abstract:

Adopting cybersecurity protective behaviour among the employees is seriously considered in the organization, especially when the Internet of Things (IoT) is widely used in Industrial Revolution 4.0 (IR 4.0) era. Cybersecurity issues arise due to weaknesses of employees’ behaviour such as carelessness and failure to adopt good practices of information security behaviour. Therefore, this study aims to explore the dimensions that might influence employees’ behaviour to adopt good cybersecurity practices and to develop a new holistic model related to this concept. The study proposed this by reviewing the existing works of literature related to this field extensively, especially by focusing on the existing theory such as Protection Motivation Theory (PMT). Moreover, this study has also explored the role of cybersecurity competency among the security manager in the organization since this construct is essential to enhance the protective behaviour towards cybersecurity among the employees in the organization. The proposed research model is important to be quantitatively tested in the future as the findings will serve as the input to the act that will enhance employee’s cybersecurity protective behaviour in the IR 4.0 environment.

Keywords: cybersecurity protective behaviour, protection motivation theory, IR 4.0, cybersecurity competency

Procedia PDF Downloads 112

Authors: Charles Amoatey

Abstract:

The issue of risk in the mining industry is a global phenomenon and the Ghanaian mining industry is not exempted. The main purpose of this study is to identify the critical risk factors affecting the mining industry. The study takes an integrated view of the mining industry by examining the contribution of various risk factors to mining project failure in Ghana. A questionnaire survey was conducted to solicit the critical risk factors from key mining practitioners. About 80 respondents from 11 mining firms participated in the survey. The study identified 22 risk factors contributing to mining project failure in Ghana. The five most critical risk factors based on both probability of occurrence and impact were: (1) unstable commodity prices, (2) inflation/exchange rate, (3) land degradation, (4) high cost of living and (5) government bureaucracy for obtaining licenses. Furthermore, the study found that risk assessment in the mining sector has a direct link with mining project sustainability. Mitigation measures for addressing the identified risk factors were discussed. The key findings emphasize the need for a comprehensive risk management culture in the entire mining industry.

Keywords: risk, assessment, mining, Ghana

Procedia PDF Downloads 402

Authors: Rossouw De Bruin, Sebastiaan H. Von Solms

Abstract:

The state of national security is an evolving concern. Companies, organizations, governments, states and individuals are aware of the security of their information and their assets however, they may not always be aware of the risks present. These risks are not only limited to non-existence of security procedures. Existing security can be severely flawed, especially if there is non-conformance towards policies, practices and procedures. When looking at humanitarian actions, we can easily identify these flaws. Unfortunately, humanitarian aid has to compete with factors from within the states, countries and continents they are working in. Furthermore, as technology improves, so does our connectivity to the internet and the way in which we use the internet. However, there are times when security is overlooked and humanitarian agencies are some of the agencies that do not always take security into consideration. The purpose of this paper will be to introduce the importance of cybersecurity and cybersecurity governance with respect to humanitarian work. We will also introduce and briefly discuss a model that can be used by humanitarian agencies to assess, manage and maintain their cybersecurity efforts.

Keywords: humanities, cybersecurity, cybersecurity governance, maturity, cybersecurity maturity, maturity model

Procedia PDF Downloads 230

Authors: Mohammadreza Ashouria, Majid Motamedzadeb

Abstract:

Rapid Entire Body Assessment (REBA) and Quick Exposure Check (QEC) are two general methods to assess the risk factors of work-related musculoskeletal disorders (WMSDs). This study aimed to compare ergonomic risk assessment outputs from QEC and REBA in terms of agreement in distribution of postural loading scores based on analysis of working postures. This cross-sectional study was conducted in an engine oil company in which 40 jobs were studied. A trained occupational health practitioner observed all jobs. Job information was collected to ensure the completion of ergonomic risk assessment tools, including QEC, and REBA. The result revealed that there was a significant correlation between final scores (r=0.731) and the action levels (r =0.893) of two applied methods. Comparison between the action levels and final scores of two methods showed that there was no significant difference among working departments. Most of the studied postures acquired low and moderate risk level in QEC assessment (low risk=20%, moderate risk=50% and High risk=30%) and in REBA assessment (low risk=15%, moderate risk=60% and high risk=25%).There is a significant correlation between two methods. They have a strong correlation in identifying risky jobs and determining the potential risk for incidence of WMSDs. Therefore, there is a possibility for researchers to apply interchangeably both methods, for postural risk assessment in appropriate working environments.

Keywords: observational method, QEC, REBA, musculoskeletal disorders

Procedia PDF Downloads 334

Authors: Hyeon-Kyo Lim, Sang-Hun Byun

Abstract:

Risk assessment is carried out in most industrial plants for accident prevention, but there exists insufficient data for statistical decision making. It is commonly said that risk can be expressed as a product of consequence and likelihood of a corresponding hazard factor. Eventually, therefore, risk assessment involves human decision making which cannot be objective per se. This study was carried out to comprehend perceptive characteristics of human beings in industrial plants. Subjects were shown a set of illustrations describing scenes of industrial plants, and were asked to assess the risk of each scene with not only linguistic variables but also numeric scores in the aspect of consequence and likelihood. After that, their responses were formulated as fuzzy membership functions, and compared with those of university students who had no experience of industrial works. The results showed that risk level of industrial workers were lower than those of any other groups, which implied that the workers might generally have a tendency to neglect more hazard factors in their work fields.

Keywords: fuzzy, hazard, linguistic variable, risk assessment

Procedia PDF Downloads 220

Authors: Maithem Al-Saadi, Min An

Abstract:

During airport planning and design stages, the major issues of capacity and safety in construction and operation of an airport need to be taken into consideration. The airside of an airport is a major and critical infrastructure that usually consists of runway(s), taxiway system, and apron(s) etc., which have to be designed according to the international standards and recommendations, and local limitations to accommodate the forecasted demands. However, in many cases, airport airsides are suffering from unexpected risks that occurred during airport operations. Therefore, safety risk assessment should be applied in the planning and design of airsides to cope with the probability of risks and their consequences, and to make decisions to reduce the risks to as low as reasonably practicable (ALARP) based on safety risk assessment. This paper presents a combination approach of Failure Modes, Effect, and Criticality Analysis (FMECA), Fuzzy Reasoning Approach (FRA), and Fuzzy Analytic Hierarchy Process (FAHP) to develop a risk analysis model for safety risk assessment. An illustrated example is used to the demonstrate risk assessment process on how the design of an airside in an airport can be analysed by using the proposed safety design risk assessment model.

Keywords: airport airside planning and design, design for safety, fuzzy reasoning approach, fuzzy AHP, risk assessment

Procedia PDF Downloads 326

Authors: Mohammad Nazri Mustafa, Pedram Hatami Abdullah, M. Fakhrur Razi Ahmad Faizul

Abstract:

With the issuance of Malaysian National Annex 2017 as a part of MS EN 1998-1:2015, the seismic mapping of Malaysian Peninsular including Sabah and Sarawak has undergone some changes in terms of the Peak Ground Acceleration (PGA) value. The revision to the PGA has raised a concern on the safety of oil and gas onshore structures as these structures were not designed to accommodate the new PGA values which are much higher than the previous values used in the original design. In view of the high numbers of structures and buildings to be re-assessed, a risk assessment methodology has been developed to prioritize and rank the assets in terms of their criticality against the new seismic loading. To-date such risk assessment method for oil and gas onshore structures is lacking, and it is the main intention of this technical paper to share the risk assessment methodology and risk elements scoring finalized via Delphi Method. The finalized methodology and the values used to rank the risk elements have been established based on years of relevant experience on the subject matter and based on a series of rigorous discussions with professionals in the industry. The risk scoring is mapped against the risk matrix (i.e., the LOF versus COF) and hence, the overall risk for the assets can be obtained. The overall risk can be used to prioritize and optimize integrity assessment, repair and strengthening work against the new seismic mapping of the country.

Keywords: methodology, PGA, risk, seismic

Procedia PDF Downloads 117

Authors: Ulas Cinar, Omer Faruk Ugurlu, Selcuk Cebi

Abstract:

Occupational safety risk management is the most important element of a safe working environment. Effective risk management can only be possible with accurate analysis and evaluations. Scoring-based risk assessment methods offer considerable ease of application as they convert linguistic expressions into numerical results. It can also be easily adapted to any field. Contrary to all these advantages, important problems in scoring-based methods are frequently discussed. Effective measurability is one of the most critical problems. Existing methods allow experts to choose a score equivalent to each parameter. Therefore, experts prefer the score of the most likely outcome for risk. However, all other possible consequences are neglected. Assessments of the existing methods express the most probable level of risk, not the real risk of the enterprises. In this study, it is aimed to develop a method that will present a more comprehensive evaluation compared to the existing methods by evaluating the probability and severity scores, all sub-parameters, and potential results, and a new scoring-based method is proposed in the literature.

Keywords: occupational health and safety, risk assessment, scoring based risk assessment method, underground mining, weighted risk scores

Procedia PDF Downloads 112