Systems Engineering Approach to MPS Risk Management Kelly Mahoney Presented at the Workshop for Machine Protection in Linear Accelerators.

Slides:



Advertisements
Similar presentations
Module N° 4 – ICAO SSP framework
Advertisements

Integra Consult A/S Safety Assessment. Integra Consult A/S SAFETY ASSESSMENT Objective Objective –Demonstrate that an acceptable level of safety will.
PROJECT RISK MANAGEMENT
Course: e-Governance Project Lifecycle Day 1
S3-1 © 2001 Carnegie Mellon University OCTAVE SM Process 3 Identify Staff Knowledge Software Engineering Institute Carnegie Mellon University Pittsburgh,
Information Risk Management Key Component for HIPAA Security Compliance Ann Geyer Tunitas Group
KDP-1: Integrate supply chain knowledge into secure solutions concepts Evaluate supply chain threats with respect to the set of possible solutions under.
S2-1 © 2001 Carnegie Mellon University OCTAVE SM Process 2 Identify Operational Area Management Knowledge Software Engineering Institute Carnegie Mellon.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Security Controls – What Works
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
Computer Security: Principles and Practice
Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Stephen S. Yau CSE , Fall Security Strategies.
Breakout Group 2: Software Quality Assurance Outcome 8/18/10 1.
Session 3 – Information Security Policies
INCOSE 1 st reactions. One other area that struck me has the sheer number of levels of proficiency—in ours we are going with 5 and the first one is limited.
Romaric GUILLERM Hamid DEMMOU LAAS-CNRS Nabil SADOU SUPELEC/IETR ESM'2009, October 26-28, 2009, Holiday Inn Leicester, Leicester, United Kingdom.
Key changes and transition process
SEC835 Database and Web application security Information Security Architecture.
EOSC Generic Application Security Framework
Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.
© Palaniappan R Kannan PMP.,CFSE 1 IEC Standard – What is it? IEC is a Standard for the functional safety of Electric / Electronic / Programmable.
Standard WBS Version 1.0 WBS2-3.pptPage 1 Standard Work Breakdown Structure Legend = Decomposes to lower level WBS elements 4.0 Implementation 4.0 Implementation.
QA Requirements for DOE Accelerator Safety System Software K. Mahoney Group Leader, Safety Systems TJNAF Presented at the 2008 DOE Accelerator Safety Workshop.
Slide 1 Using Models Introduced in ISA-d Standard: Security of Industrial Automation and Control Systems (IACS) Rahul Bhojani ISA SP99 WG4 Meeting.
1 Process Engineering A Systems Approach to Process Improvement Jeffrey L. Dutton Jacobs Sverdrup Advanced Systems Group Engineering Performance Improvement.
IAEA International Atomic Energy Agency IAEA Nuclear Security Programme Enhancing cybersecurity in nuclear infrastructure TWG-NPPIC – IAEA May 09 – A.
Rich Archer Partner, Risk Advisory Services KPMG LLP Auditing Business Continuity Plans.
Asher Etkin DOE Accelerator Safety Workshop August , 2009 DRAFT DOE STANDARD APPLICATION OF SAFETY INSTRUMENTED SYSTEMS USED AT DOE NON-REACTOR.
Installation and Maintenance of Health IT Systems
Certification and Accreditation CS Phase-1: Definition Atif Sultanuddin Raja Chawat Raja Chawat.
Slide 1V&V 10/2002 Software Quality Assurance Dr. Linda H. Rosenberg Assistant Director For Information Sciences Goddard Space Flight Center, NASA
JLab Software Assurance Program A Risk Based Approach to Software Management.
SIPI61508 Soft computing based qualitative method for determination of SILs István Ajtonyi 1 – László Ormos 2 1 University of Miskolc, Institute of Electric.
Engineering Essential Characteristics Security Engineering Process Overview.
Search Engine Optimization © HiTech Institute. All rights reserved. Slide 1 What is Solution Assessment & Validation?
1 | 2010 Lecture 3: Project processes. Covered in this lecture Project processes Project Planning (PP) Project Assessment & Control (PAC) Risk Management.
PLC Workshop at ITER, 4-5 th of December 2014 A. Nordt, ESS, Lund/Sweden.
Machine Protection at the 1MW CEBAF Electron Accelerator and Free Electron Laser Facility Kelly Mahoney Presented at the Workshop for.
International Atomic Energy Agency Roles and responsibilities for development of disposal facilities Phil Metcalf Workshop on Strategy and Methodologies.
IAEA International Atomic Energy Agency Methodology and Responsibilities for Periodic Safety Review for Research Reactors William Kennedy Research Reactor.
Software Integrity and Cyber Security NAMEPA: Managing Change in a Changing World Jim Watson Division President & COO, Americas Division Management New.
International Security Management Standards. BS ISO/IEC 17799:2005 BS ISO/IEC 27001:2005 First edition – ISO/IEC 17799:2000 Second edition ISO/IEC 17799:2005.
Pavan Rajagopal, GeoControl Systems James B. Dabney, UHCL Gary Barber, GeoControl Systems 1Spacecraft FSW Workshop 2015.
Slide 1 Security Engineering. Slide 2 Objectives l To introduce issues that must be considered in the specification and design of secure software l To.
Swedish Risk Management System Internal management and control Aiming to Transport Administration with reasonable certainty to.
Revision N° 11ICAO Safety Management Systems (SMS) Course01/01/08 Module N° 9 – SMS operation.
SwCDR (Peer) Review 1 UCB MAVEN Particles and Fields Flight Software Critical Design Review Peter R. Harvey.
Information Security tools for records managers Frank Rankin.
LECTURE 5 Nangwonvuma M/ Byansi D. Components, interfaces and integration Infrastructure, Middleware and Platforms Techniques – Data warehouses, extending.
Dr. Gerry Firmansyah CID Business Continuity and Disaster Recovery Planning for IT (W-XIV)
Introduction to Safety Engineering for Safety-Critical Systems Seo Ryong Koo Dept. of Nuclear and Quantum Engineering KAIST Lab. Seminar.
An Integrated Model-Based Approach to System Safety and Aircraft System Architecture Development Eric Villhauer – Systems Engineer Brian Jenkins – System.
Donald JG Chiarella, PhD, CISM, CDMP, PEM, CHS-CIA, MBA.
DOE Accelerator Safety Workshop 2017 Bob Lowrie
BIL 424 NETWORK ARCHITECTURE AND SERVICE PROVIDING.
Safety Instrumented Systems
Security SIG in MTS 05th November 2013 DEG/MTS RISK-BASED SECURITY TESTING Fraunhofer FOKUS.
DT249/4 Information Systems Engineering Lecture 0
Safety Instrumented Systems
Flooding Walkdown Guidance
Food Production Systems
Software Independent Verification and Validation (IV&V)
BU IS GIG Chemical, Oil & Gas
NRC Cyber Security Regulatory Overview
PSS verification and validation
IT Management Services Infrastructure Services
Presentation transcript:

Systems Engineering Approach to MPS Risk Management Kelly Mahoney Presented at the Workshop for Machine Protection in Linear Accelerators June 8, 2012

Systems Approach (from Tuesday’s talk) Top-Down Encompasses all aspects of a technical project Focus on overall facility mission and goals Overall context for development of systems under specific standards, e.g. IEC 61508, 61511, 62062,… Accelerator is a system of systems Similar lifecycle activities apply to all subsystems – rigor depends on risk under consideration. Assumptions under one analysis become requirements to another system Should be tracked

System Engineering Processes CERN MPS Workshop 6-8 June, 2012Slide 3 Agreement Process Project Process Organizational Process Technical Process Ref. IEC15288/12207/ INCOSE Systems Safety Handbook Stakeholder Requirements Definition Process Stakeholder Requirements Definition Process Verification Process Verification Process Requirements Analysis Process Requirements Analysis Process Architectural Design Process Architectural Design Process Implementation Process Implementation Process Transition Process Transition Process Operation Process Operation Process Maintenance Process Maintenance Process Disposal Process Disposal Process Validation Process Validation Process 80/20 Rule Applied to Systems: 80% of system errors are introduced in the requirements, 20% in all remaining lifecycle stages. 80% of a project’s committed cost are determined during the 1 st 20% of actual cost (Requirements + first stages of Architectural Design) Cost to correct incorrect/incomplete requirements increase by an order of magnitude for each major project activity.

Safety Risk Management CERN MPS Workshop 6-8 June, 2012Slide 4 Identify Hazards Identify Hazards Assess Risk Establish Controls Establish Controls Implement Controls Implement Controls Maintain and Assess Identify Hazards Identify Hazards Assess Risk Establish Controls Establish Controls Implement Controls Implement Controls Maintain and Assess Identify Hazards Identify Hazards Assess Risk Establish Controls Establish Controls Implement Controls Implement Controls Maintain and Assess Systems Assurance Software Assurance Cyber Security Assurance

Integrated System Risk Management CERN MPS Workshop 6-8 June, 2012Slide 5 Identify Hazards Identify Hazards Assess Risk Establish System Level Controls Establish System Level Controls Implement System Level Controls Implement System Level Controls Maintain and Assess Establish Software Controls Establish Software Controls Implement Software Controls Implement Software Controls Establish Security Controls Establish Security Controls Implement Security Controls Implement Security Controls Systems Assurance Central management of hazards and risks. Applies to all safety functions Personnel Safety Beam Containment MPS Common high level requirements and assumptions; as well as assessments. Horizontal link of controls, assumptions, constraints Functional testing, Software QA, defensive programming, physical security, …

Integrated System Risk Management CERN MPS Workshop 6-8 June, 2012Slide 6 Identify Hazards Identify Hazards Assess Risk Establish System Level Controls Establish System Level Controls Implement System Level Controls Implement System Level Controls Maintain and Assess Establish Software Controls Establish Software Controls Implement Software Controls Implement Software Controls Establish Security Controls Establish Security Controls Implement Security Controls Implement Security Controls Systems Assurance Common Requirements Among Standards: Management Requirements Competency in each specialty area Graded Approach to system design, mitigations, and management based on risk Hazard and Risk Assessment Configuration Management

Cyber Security Risk Not well defined in current safety management practices Large emphasis on control system cyber security US NIST Common Risk Evaluation Areas Risk to Integrity Risk to Availability Risk to Confidentiality Latest version of IEC61508 attempts to address cyber security CERN MPS Workshop 6-8 June, 2012Slide 7

Cyber Security Risk Risk is defined in terms of ‘vulnerability’ Consequences are same as identified in hazard analysis Failure modes include malicious intent by internal or external party Mitigations Staff training and security awareness Physical security (limited access) Least Privileges/Authentication Segmentation Passive monitoring Defensive/Fault Tolerant programming Forensic capability Intrusion Response Plan Resources for control system cyber security IEC Security for industrial process measurement and control ISA S99.01 Security for Industrial Automation and Control Systems US NIST “Special Publicaiton ” Recommended Security Controls for Federal Information Systems and Organization US ICW-CERT ENISA Protecting Industrial Control Systems Recommendations for Europe and Member States CERN MPS Workshop 6-8 June, 2012 Sl ide 8

JLab Controls Cyber Security Working to establish controls cyber security program Controls Cyber assurance program in process Covers all controls Risk Based Management CERN MPS Workshop 6-8 June, 2012Slide 9

JLab Global Risk Assessment Method Started as software risk assessment tool Applicable to all aspects of risk management Developed by team with representatives of all enclaves at JLab Safety Systems (facilitator) Network and Infrastructure (Cyber Security) Business Computing and Information Systems Quality Assurance Accelerator Controls and Networking Experimental Physics Physics Computing and Data Management Chief Information Officer/Chief Information Security Officer Covers ALL software – from Experiment Data to FPGAs Now used as basis for configuration management Assurance process defines minimum activities for a given risk level. Does not dictate how. CERN MPS Workshop 6-8 June, 2012Slide 10

JLab Global Risk Assessment Method Six Areas Direct Risk of Financial Loss Direct Risk of Loss of Tangible Property Direct Risk of Harm to People Direct Risk of Harm to the Environment Direct Risk of Loss of Mission Direct Risk of Regulatory Body Intervention Each subject evaluated in an FEMA type scenario Each of the six areas are assigned a score 0-5, based on predefined unmitigated consequences. CERN MPS Workshop 6-8 June, 2012Slide 11

JLab Global Risk Assessment Method Score is evaluated on BOTH max value of single category AND sum of all scores Some risks that were below the radar now pop up as more important Because the system owner evaluates the risk, they are invested in the process Evaluator determines risk acceptance level of unmitigated and mitigated risk. Intolerable Unacceptable Tolerable Acceptable Amazing agreement between evaluation scores and risk acceptance levels among different enclaves. CERN MPS Workshop 6-8 June, 2012Slide 12

Functional Risk Assessment Methods Used for JLab MPS Safety Functions Event Tree Risk Matrix Risk Graph Layer of Protection Analysis All of the above can be used to assign a SIL level to a safety function. CERN MPS Workshop 6-8 June, 2012Slide 13

Conclusions Systems approach allows early identification and mitigation of operational risks Same approach can be used for all safety related systems Correct Requirements are critical for correct and efficient implementation of a protection system. JLab Global Risk Assessment tool can uncover risks that fall below radar in other assessments SIL methods can be used to manage MPS safety functions’ CERN MPS Workshop 6-8 June, 2012Slide 14

Additional Slides: CERN MPS Workshop 6-8 June, 2012Slide 15

MIL-STD-882E System Safety CERN MPS Workshop 6-8 June, 2012Slide 16 Ref. MIL-STD-882E

882 E Software Safety Criticality Matrix CERN MPS Workshop 6-8 June, 2012Slide 17 Ref. MIL-STD-882E

Software Assurance CERN MPS Workshop 6-8 June, 2012Slide 18

A Note on Safety Integrity Levels (SILs) A Safety Integrity Level applies to a mitigation function performed by a system. Individual SILs are determined by the difference between (unmitigated risk + risk reduction of other safety layers or functions) and acceptable risk goal. Examples: MPS Safety Requirement: Prevent catastrophic loss of two or more superconducting dipole magnets due to a beam loss event. Other Layers SF1: CERN MPS Workshop 6-8 June, 2012Slide 19

IEC61508 Lifecycle Model Concept Overall scope definition Hazard and risk analysis Overall safety requirements Safety requirements allocation Back to appropriate overall safety lifecycle phase Overall operation, maintenance and repair Overall modification and retrofit Overall safety validation Decommissioning or disposal 16 Safety-related systems: E/E/PES Realization (see E/E/PES safety lifecycle) Safety-related systems: other technology Realization Overall installation and commissioning Overall planning Overall operation and maintenance planning Overall installation and commissioning planning Overall safety validation planning External risk reduction facilities Realization Analysis Phase Realization Phase Operations Phase

© K Mahoney/S. Prior USPAS June, 2004 IEC Safety Allocation

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.