Dealing with variability in the design, planning and evaluation of healthcare inpatient units : a modeling methodology for patient dependency variations

Moris, Matías Urenda

January 2010

This research addresses the fluctuating demand and high variability in healthcare systems. These system’s variations need to be considered whilst at the same time making efficient use of the systems’ resources. Patient dependency fluctuation, which makes determining the level of adequate staffing highly complex, is among the variations addressed. Dealing with variability is found to be a key feature in the design, planning and evaluation of healthcare systems. Healthcare providers are facing increasing challenges resulting from an aging population, higher patient expectancies, a shortage of healthcare professionals, as well as increasing costs and reduced funding. Despite the accentuated need for effective healthcare systems and efficient use of resources, many healthcare organisations are inadequately designed and, moreover, poorly managed. Hospital systems consist of complex interrelations between relatively small units, each of which is sensitive to stochastic variations in demand. In addition to this aspect of the system view, a critical resource for the patients’ wellbeing and survival is the staffing level of nurses. This puts the planning and scheduling of human resources as one of the system’s foremost aims. Current tools for staffing and personnel planning in healthcare organisations do not take into consideration the workload variations that result from the variable nature of patient dependency levels. The work presents the empirical findings of a number of case studies conducted at a regional hospital in Sweden. Principles and practical suggestions for the robust system design of inpatient wards using Discrete Event Simulation (DES) have been identified. Although DES techniques have, in principle, all the features for modelling the variation and stochastic nature of systems, DES has not been previously used for workload studies of inpatient wards. The main contribution of this work is therefore how a combination of DES and the data of Patient Classification Systems (PCSs) can be used to model workload variations and, subsequently, plan the nurse staffing requirements in systems with high variability. The work presented gives step by step guidance in how the analysis and subsequent modelling of an inpatient ward should be carried out. It defines a novel modelling methodology for patient dependency variations and length of stay modelling of a patient’s dependency progression, including an adaptation to the ward’s discharge figures. The modelling approach opens a novel way of analysing and evaluating the system design of inpatient wards.

620

Risk monitoring with intrusion detection for industrial control systems / Surveillance des risques avec détection d'intrusion pour les systèmes de contrôle industriels

Muller, Steve

26 June 2018

Les cyberattaques contre les infrastructures critiques telles que la distribution d'électricité, de gaz et d'eau ou les centrales électriques sont de plus en plus considérées comme une menace pertinente et réaliste pour la société européenne. Alors que des solutions éprouvées comme les applications antimalware, les systèmes de détection d'intrusion (IDS) et même les systèmes de prévention d'intrusion ou d'auto-cicatrisation ont été conçus pour des systèmes informatiques classiques, ces techniques n'ont été que partiellement adaptées au monde des systèmes de contrôle industriel. En conséquence, les organisations et les pays font recours à la gestion des risques pour comprendre les risques auxquels ils sont confrontés. La tendance actuelle est de combiner la gestion des risques avec la surveillance en temps réel pour permettre des réactions rapides en cas d'attaques. Cette thèse vise à fournir des techniques qui aident les responsables de la sécurité à passer d'une analyse de risque statique à une plateforme de surveillance des risques dynamique et en temps réel. La surveillance des risques comprend trois étapes, chacune étant traitée en détail dans cette thèse : la collecte d'informations sur les risques, la notification des événements de sécurité et, enfin, l'inclusion de ces informations en temps réel dans une analyse des risques. La première étape consiste à concevoir des agents qui détectent les incidents dans le système. Dans cette thèse, un système de détection d'intrusion est développé à cette fin, qui se concentre sur une menace persistante avancée (APT) qui cible particulièrement les infrastructures critiques. La deuxième étape consiste à traduire les informations techniques en notions de risque plus abstraites, qui peuvent ensuite être utilisées dans le cadre d'une analyse des risques. Dans la dernière étape, les informations collectées auprès des différentes sources sont corrélées de manière à obtenir le risque auquel l'ensemble du système est confronté. Les environnements industriels étant caractérisés par de nombreuses interdépendances, un modèle de dépendance est élaboré qui prend en compte les dépendances lors de l'estimation du risque. / Cyber-attacks on critical infrastructure such as electricity, gas, and water distribution, or power plants, are more and more considered to be a relevant and realistic threat to the European society. Whereas mature solutions like anti-malwareapplications, intrusion detection systems (IDS) and even intrusion prevention or self-healing systems have been designed for classic computer systems, these techniques have only been partially adapted to the world of Industrial ControlSystems (ICS). As a consequence, organisations and nations fall back upon risk management to understand the risks that they are facing. Today's trend is to combine risk management with real-time monitoring to enable prompt reactions in case of attacks. This thesis aims at providing techniques that assist security managers in migrating from a static risk analysis to areal-time and dynamic risk monitoring platform. Risk monitoring encompasses three steps, each being addressed in detail in this thesis: the collection of risk-related information, the reporting of security events, and finally the inclusion of this real time information into a risk analysis. The first step consists in designing agents that detect incidents in the system. In this thesis, an intrusion detection system is developed to this end, which focuses on an advanced persistent threat (APT) that particularly targets critical infrastructures. The second step copes with the translation of the obtained technical information in more abstract notions of risk, which can then be used in the context of a risk analysis. In the final step, the information collected from the various sources is correlated so as to obtain the risk faced by the entire system. Since industrial environments are characterised by many interdependencies, a dependency model is elaborated which takes dependencies into account when the risk is estimated.

Gestion de risque en temps réel

Surveillance des risques

Modélisation de dépendances

Systèmes industriels

Détection d'intrusions

Real-Time risk management

Risk monitoring

Dependency modelling

Industrial control systems

Intrusion detection

004