Tackling uncertainty in security assessment of critical infrastructures: Dempster-Shafer Theory vs. Credal Sets Theory

Abstract Securing critical infrastructures is a complex task. Required information is usually scarce or inexistent, and experts’ judgments may be inaccurate and biased. In this paper, two methodologies dealing with data scarcity, imprecision, and uncertainty are presented: Evidential network and Credal network. Evidential network is a graphical technique based on Dempster-Shafer Theory to explicitly model the propagation of epistemic uncertainty among variables while Credal network is an extension of Bayesian network to deal with sets of probabilities, known as Credal sets, based on experts’ judgments. Both methodologies constitute robust frameworks to account for high degree of imprecision on data, producing informative results despite the low-informative input. In the present study, the power in expressing uncertainty of these two methodologies have been showed, and their differences have been described through their application to a case study of security vulnerability assessment. Results demonstrate the substantial equivalence of the two methodologies in prognostic analysis, thus, an approximate updating procedure of Evidential network through equivalent Credal network has been proposed, to overcome the lack of possibility to compute updating in the context of Dempster-Shafer Theory.

[1]  G. Montibeller,et al.  In the Opponent's Shoes: Increasing the Behavioral Validity of Attackers’ Judgments in Counterterrorism Models , 2016, Risk analysis : an official publication of the Society for Risk Analysis.

[2]  Arthur P. Dempster,et al.  Upper and Lower Probabilities Induced by a Multivalued Mapping , 1967, Classic Works of the Dempster-Shafer Theory of Belief Functions.

[3]  Faisal I. Khan,et al.  Functional quantitative security risk analysis (QSRA) to assist in protecting critical process infrastructure , 2017, Reliab. Eng. Syst. Saf..

[4]  Philippe Weber,et al.  Evidential Networks for Reliability Analysis and Performance Evaluation of Systems With Imprecise Knowledge , 2009, IEEE Transactions on Reliability.

[5]  Valerio Cozzani,et al.  Security vulnerability assessment of gas pipelines using Discrete-time Bayesian network , 2017 .

[6]  Marco Zaffalon,et al.  Bayesian Networks with Imprecise Probabilities: Theory and Application to Classification , 2012 .

[7]  G Zhang,et al.  Maritime accidents risk prediction based on Bayesian Network with interval probabilities , 2015 .

[8]  David Avis,et al.  A pivoting algorithm for convex hulls and vertex enumeration of arrangements and polyhedra , 1991, SCG '91.

[9]  Faisal Khan,et al.  Dynamic safety analysis of process systems by mapping bow-tie into Bayesian network , 2013 .

[10]  Eugene Charniak,et al.  Bayesian Networks without Tears , 1991, AI Mag..

[11]  Philippe Weber,et al.  Bayesian networks inference algorithm to implement Dempster Shafer theory in reliability analysis , 2008, Reliab. Eng. Syst. Saf..

[12]  Glenn Shafer,et al.  A Mathematical Theory of Evidence , 2020, A Mathematical Theory of Evidence.

[13]  Luigi Portinale,et al.  Improving the analysis of dependable systems by mapping fault trees into Bayesian networks , 2001, Reliab. Eng. Syst. Saf..

[14]  Michael A. S. Guth A probabilistic foundation for vagueness and imprecision in fault-tree analysis , 1991 .

[15]  Richard F. Paige,et al.  Fault trees for security system design and analysis , 2003, Comput. Secur..

[16]  Marco Zaffalon,et al.  Assessing Debris Flow Hazard by Credal Nets , 2004 .

[17]  Gabriele Landucci,et al.  Probabilistic Vulnerability Assessment of Chemical Plants Subjected to External Acts of Interference , 2016 .

[18]  Marco Gribaudo,et al.  Exploiting Bayesian Networks for the Analysis of Combined Attack Trees , 2015, PASM.

[19]  Marco Zaffalon,et al.  Decision-theoretic specification of credal networks: A unified language for uncertain modeling with sets of Bayesian networks , 2008, Int. J. Approx. Reason..

[20]  Nima Khakzad,et al.  Safety analysis in process facilities: Comparison of fault tree and Bayesian network approaches , 2011, Reliab. Eng. Syst. Saf..

[21]  David Avis,et al.  A pivoting algorithm for convex hulls and vertex enumeration of arrangements and polyhedra , 1992, Discret. Comput. Geom..

[22]  Larry Wasserman,et al.  Dilation for Sets of Probabilities , 1993 .

[23]  Igor Nai Fovino,et al.  Integrating cyber attacks within fault trees , 2009, Reliab. Eng. Syst. Saf..

[24]  D. Avis A Revised Implementation of the Reverse Search Vertex Enumeration Algorithm , 2000 .

[25]  Fabio Gagliardi Cozman,et al.  Credal networks , 2000, Artif. Intell..

[26]  Peter Walley,et al.  Measures of Uncertainty in Expert Systems , 1996, Artif. Intell..

[27]  Jai P. Gupta,et al.  Site Security: for Chemical Process Industries , 2011 .

[28]  P. Walley Statistical Reasoning with Imprecise Probabilities , 1990 .