191 |
A risk assessment and optimisation model for minimising network security risk and costViduto, Valentina January 2012 (has links)
Network security risk analysis has received great attention within the scientific community, due to the current proliferation of network attacks and threats. Although, considerable effort has been placed on improving security best practices, insufficient effort has been expanded on seeking to understand the relationship between risk-related variables and objectives related to cost-effective network security decisions. This thesis seeks to improve the body of knowledge focusing on the trade-offs between financial costs and risk while analysing the impact an identified vulnerability may have on confidentiality, integrity and availability (CIA). Both security best practices and risk assessment methodologies have been extensively investigated to give a clear picture of the main limitations in the area of risk analysis. The work begins by analysing information visualisation techniques, which are used to build attack scenarios and identify additional threats and vulnerabilities. Special attention is paid to attack graphs, which have been used as a base to design a novel visualisation technique, referred to as an Onion Skin Layered Technique (OSLT), used to improve system knowledge as well as for threat identification. By analysing a list of threats and vulnerabilities during the first risk assessment stages, the work focuses on the development of a novel Risk Assessment and Optimisation Model (RAOM), which expands the knowledge of risk analysis by formulating a multi-objective optimisation problem, where objectives such as cost and risk are to be minimised. The optimisation routine is developed so as to accommodate conflicting objectives and to provide the human decision maker with an optimum solution set. The aim is to minimise the cost of security countermeasures without increasing the risk of a vulnerability being exploited by a threat and resulting in some impact on CIA. Due to the multi-objective nature of the problem a performance comparison between multi-objective Tabu Search (MOTS) Methods, Exhaustive Search and a multi-objective Genetic Algorithm (MOGA) has been also carried out. Finally, extensive experimentation has been carried out with both artificial and real world problem data (taken from the case study) to show that the method is capable of delivering solutions for real world problem data sets.
|
192 |
Risk analysis in tunneling with imprecise probabilitiesYou, Xiaomin 09 November 2010 (has links)
Due to the inherent uncertainties in ground and groundwater conditions, tunnel projects often have to face potential risks of cost overrun or schedule delay. Risk analysis has become a required tool (by insurers, Federal Transit Administration, etc.) to identify and quantify risk, as well as visualize causes and effects, and the course (chain) of events. Various efforts have been made to risk assessment and analysis by using conventional methodologies with precise probabilities. However, because of limited information or experience in similar tunnel projects, available evidence in risk assessment and analysis usually relies on judgments from experienced engineers and experts. As a result, imprecision is involved in probability evaluations. The intention of this study is to explore the use of the theory of imprecise probability as applied to risk analysis in tunneling. The goal of the methodologies proposed in this study is to deal with imprecise information without forcing the experts to commit to assessments that they do not feel comfortable with or the analyst to pick a single distribution when the available data does not warrant such precision.
After a brief introduction to the theory of imprecise probability, different types of interaction between variables are studied, including unknown interaction, different types of independence, and correlated variables. Various algorithms aiming at achieving upper and lower bounds on previsions and conditional probabilities with assumed interaction type are proposed. Then, methodologies have been developed for risk registers, event trees, fault trees, and decision trees, i.e. the standard tools in risk assessment for underground projects. Corresponding algorithms are developed and illustrated by examples. Finally, several case histories of risk analysis in tunneling are revisited by using the methodologies developed in this study. All results obtained based on imprecise probabilities are compared with the results from precise probabilities. / text
|
193 |
Klimatförändringar i byggbranschen : Är branschen redo för extremt väder?Nord, Niklas, Iranmanesh, Reza January 2015 (has links)
It has over the last 20 years occurred a series of extreme weather events around the worldthat caused damage to people and buildings. Many published reports have studied thedeveloping countries and less studies has been conducted on the construction industry andthe economically powerful countries.Sweden has been spared from the most extreme events but still suffered some events whichcan be considered extreme for the country. Therefore, the aim of this report is to study howthe construction industry in Sweden works with risk management, as a preventive measureagainst extreme weather events. The intention has been to find out how aware the industryis of climate change.Studies of this kind have not been carried out previously in Sweden and therefore this studyuses a qualitative approach to conduct the study. Thorough studies on risks, riskmanagement and all its processes have been performed. The focus has been on the generalrisks and the risks associated with extreme weather conditions. This is to analyze how theconstruction industry works with risks of this kind. Interviews have been conducted withproject managers and production managers at a major Swedish construction company to becompared with the written theory.The study and 10 interviews have been conducted at Skanska Hus in Stockholm to get apicture of how different projects in the same region are working with risk managementlinked to extreme weather events as they have the same weather conditions.The study concluded that the studied company was very good at working with riskmanagement but they were less prepared for extreme weather than had been expected. Thisgave the impression that the industry as a whole are in need to be informed about what kindof impacts climate change has on production and the working environment for the future.The investigation showed that it still needs improvements and more knowledge in this areasince climate change is a fact.
|
194 |
Hierarchical Bayesian Benchmark Dose AnalysisFang, Qijun January 2014 (has links)
An important objective in statistical risk assessment is estimation of minimum exposure levels, called Benchmark Doses (BMDs) that induce a pre-specified Benchmark Response (BMR) in a target population. Established inferential approaches for BMD analysis typically involve one-sided, frequentist confidence limits, leading in practice to what are called Benchmark Dose Lower Limits (BMDLs). Appeal to hierarchical Bayesian modeling and credible limits for building BMDLs is far less developed, however. Indeed, for the few existing forms of Bayesian BMDs, informative prior information is seldom incorporated. Here, a new method is developed by using reparameterized quantal-response models that explicitly describe the BMD as a target parameter. This potentially improves the BMD/BMDL estimation by combining elicited prior belief with the observed data in the Bayesian hierarchy. Besides this, the large variety of candidate quantal-response models available for applying these methods, however, lead to questions of model adequacy and uncertainty. Facing this issue, the Bayesian estimation technique here is further enhanced by applying Bayesian model averaging to produce point estimates and (lower) credible bounds. Implementation is facilitated via a Monte Carlo-based adaptive Metropolis (AM) algorithm to approximate the posterior distribution. Performance of the method is evaluated via a simulation study. An example from carcinogenicity testing illustrates the calculations.
|
195 |
Risk Management in the bidding context A Schedule Risk Analysis Approach / Risk Management vid offerförfarande Med fokus på tidsriskanalysByström, Sten, Pierre, Andreas January 2003 (has links)
Risk Management has emerged during the last decades and is now considered an indispensable component in management of projects. However, no attention has been directed towards Risk management in the bidding context. Uncertainties, but also the opportunities to affect project success, are extremely high during this phase. The purpose of this thesis has been to design a schedule risk analysis method with supporting methodology based on current research and to verify its usefulness in a business environment. We have conducted a case study at the Business Unit Gripen (BUG) subdivision of SAAB Aerospace. BUG produces large and complex offers of defense systems including the Gripen aircraft. Through interviews and participative observation we have gained an understanding of the bidding context and the requirements of risk management in this phase. The case has been used to verify the usefulness of the developed framework. The results of this thesis are a new framework for schedule risk analysis during the pre-project phases and an Excel-based model for estimation and quantification of schedule risks in project networks. The method and methodology developed seems to be able to produce schedules with better precision and quite easy to integrate in the offer process. We believe that the model is applicable to many other contexts, including ongoing projects in diverse industries where it is vital to assess uncertainties in project schedules.
|
196 |
Addressing the Uncertainty Due to Random Measurement Errors in Quantitative Analysis of Microorganism and Discrete Particle Enumeration DataSchmidt, Philip J. 10 1900 (has links)
Parameters associated with the detection and quantification of microorganisms (or discrete particles) in water such as the analytical recovery of an enumeration method, the concentration of the microorganisms or particles in the water, the log-reduction achieved using a treatment process, and the sensitivity of a detection method cannot be measured exactly. There are unavoidable random errors in the enumeration process that make estimates of these parameters imprecise and possibly also inaccurate. For example, the number of microorganisms observed divided by the volume of water analyzed is commonly used as an estimate of concentration, but there are random errors in sample collection and sample processing that make these estimates imprecise. Moreover, this estimate is inaccurate if poor analytical recovery results in observation of a different number of microorganisms than what was actually present in the sample. In this thesis, a statistical framework (using probabilistic modelling and Bayes’ theorem) is developed to enable appropriate analysis of microorganism concentration estimates given information about analytical recovery and knowledge of how various random errors in the enumeration process affect count data. Similar models are developed to enable analysis of recovery data given information about the seed dose. This statistical framework is used to address several problems: (1) estimation of parameters that describe random sample-to-sample variability in the analytical recovery of an enumeration method, (2) estimation of concentration, and quantification of the uncertainty therein, from single or replicate data (which may include non-detect samples), (3) estimation of the log-reduction of a treatment process (and the uncertainty therein) from pre- and post-treatment concentration estimates, (4) quantification of random concentration variability over time, and (5) estimation of the sensitivity of enumeration processes given knowledge about analytical recovery. The developed models are also used to investigate alternative strategies that may enable collection of more precise data. The concepts presented in this thesis are used to enhance analysis of pathogen concentration data in Quantitative Microbial Risk Assessment so that computed risk estimates are more predictive. Drinking water research and prudent management of treatment systems depend upon collection of reliable data and appropriate interpretation of the data that are available.
|
197 |
”See something, say something” : - En kvalitativ undersökning om arenaansvarigas arbete kring säkerhetsinteraktion med besökare. / ”See something, say something” : - A qualitative study of the arena manager’s work around safety and security interaction with spectators.Olofsson, Angélica January 2013 (has links)
Historiska tragedier har visat på den potentiella faran och de allvarliga och ibland tragiska konsekvenser som kan uppstå på arenor och platser där det vistas många människor. I en publik finns alla typer av människor representerade och det finns flera utmaningar kring att kommunicera säkerhet till en bred målgrupp som har fokus på upplevelsen av evenemanget. Syftet med denna studie är att fånga uppfattningen av hur ansvariga på arenor arbetar och interagerar kring säkerhet med besökare på en arena. Totalt har sex stycken kvalitativa intervjuer med åtta personer som arbetar med arenor genomförts och tematiskt analyserats. Resultatet framhäver att säkerhet och trygghet ligger högst på prioritetslistan både hos arenor och arrangörer. Aktörernas storlek och därmed resurser påverkar förutsättningarna för arbetet och därför kan arbetssättet variera. Samverkan mellan olika aktörer och myndigheter har utvecklats de senaste åren och fungerar väl. Även om det sett till lagar och regler finns en tydlig ansvarsfördelning ser flera arenor sig som en form av kontrollant gällande vissa säkerhetsaspekter. Det finns flera utmaningar, bland annat eftersom riskuppfattning är subjektiv och varje evenemang unikt. Planering och analys är därför viktigt, med hänsyn till bland annat typen av evenemang, förväntad publikbild, aktuell hotbild och lokala förutsättningar. Sociala medier har öppnat upp nya möjligheter kring information och dialog men också nya risker då okontrollerad information snabbt kan spridas. Erfarenhetsutbyte mellan arenorna verkar i dagsläget till största delen ske informellt trots att forskning visar att genom att lära sig från sina egna och andras misstag kan nya misstag undvikas eller konsekvenser lindras. Resultatet tyder på att utvecklingen kring säkerhetsinformation går mot en mer proaktiv approach och att trygghet och service är nyckelord. Framtiden finns i ett gemensamt ansvar - ”see something, say something”. / Historical events have shown the potential danger and the serious and sometimes tragic consequences that can occur at arenas and places where large crowds are gathered. There are several challenges when communicating safety to a broad audience whose focus lays on the event and its adventures. The purpose of this study is to examine how managers at arenas operate and interact around the safety of visitors in an arena. A total of six qualitative interviews with eight people who work with arenas was done and thematically analysed. The results of the study show that safety and security are on top of the priority list of both the arenas and organizers. The organisation’s size and thus resources affects the conditions for work and therefore the approach can differ. Although there is a clear division of responsibilities in terms of laws and regulations most arenas consider themselves as a form of controller on certain fundamental aspects of safety. Collaboration between stakeholders and government has evolved during the last years and is considered to be good. There are several challenges since risk perception is subjective, and also because each event is unique. Planning and analysis is therefore crucial, taking into account the nature of the event, expected audience, potential threats and local conditions. Social media has opened up new possibilities related to information and dialogue but also new risks since uncontrolled information can spread rapidly. Exchange of experience between the arenas appears to mainly be done informally, although research has shown that by learning from own and others' mistakes, new mistakes can be avoided and potential impacts milder. The result shows that there is a movement towards a more proactive safety approach and that safety and service are key factors. The future will hold a shared responsibility - “see something, say something”.
|
198 |
Vandentvarkos sektoriaus infrastruktūros rekonstrukcijos ir išplėtimo investicinių projektų rizikos analizė ir valdymas / Risk analysis and management of water sector infrastructure reconstruction and extension investment projectsRadzevičiūtė, Lina 19 August 2008 (has links)
Šis baigiamasis darbas apibrėžia išsamios rizikos analizės ir efektyvaus rizikos valdymo svarbą sėkmingam vandentvarkos infrastruktūros rekonstrukcijos ir išplėtimo investicinių projektų įgyvendinimui. Darbo objektas – vandentvarkos sektoriaus infrastruktūros rekonstrukcijos ir išplėtimo investicinių projektų rizikos. Darbo tikslas – atlikti išsamią vandentvarkos sektoriaus infrastruktūros rekonstrukcijos ir išplėtimo investicinių projektų rizikos analizę ir pateikti rizikos valdymo vertinimą. Darbo struktūra: rizikos sąvokų ir charakteristikų apibrėžimas, rizikos identifikavimo, kokybinės ir kiekybinės analizės metodų apžvalga, pagrindinių rizikos valdymo strategijų pristatymas, dviejų etapų tyrimo imties suformavimas, identifikuojant 3 pasirinktų vandentvarkos infrastruktūros rekonstrukcijos ir išplėtimo investicinių projektų rizikas ir atliekant identifikuotų rizikų kokybinę analizę, projektų rizikos modelių analizė, naudojant Primavera Pertmaster kompiuterin�� rizikos analitikos programą su integruotomis kaštų ir tvarkaraščio analizėmis, darbo hipotezių analizavimas, remiantis tyrimo rezultatais, ir projetų rizikso valdymo rekomendacijų pateikimas. Darbo rezultatai rodo, kad išsami rizikos analizė ir aktyvus rizikos valdymas užtikrina didelių tvarkaraščio ir kaštų nukrypimų nuo planuotų išvengimą. Projektų sėkmės užtikrinimas rizikos valdymu, kitų metodų pritaikymas, detalių rizikos valdymo planų parengimas galėtų būti tolesnės šio darbo temos tyrimo kryptys. / This paperwork defines the importance of comprehensive risk analysis and efficient risk management for successful implementation of water sector infrastructure reconstruction and extention investment projects. The object of the work is risks of water sector infrastructure reconstruction and extention investment projects. The goal of the work is to prepare a comprehensive risk analysis of water sector infrastructure reconstruction and extention investment projects and their risk management evaluation. The structure of the workis following: risk terms and characteristics are defined, methods of risk identification, qualitative and quantitative analyses are overviewed, the main risk management strategies are presented, research data sample is formed of 3 selected water sector reconstruction and extension investment projects risks in two identification and qualitative analysis of identified risks stages, projects risk models are analysed using Primavera Pertmaster risk analytics tool with integrated shedule and costs analyses, the hypotheses of the work are analysed based on research results and risk management recomendations are prepared. The results of the work shows that comprehensive risk analysis and active risk management ensures avoidance of schedule and costs variations. The further work extention could be research on project success ensurance through risk management, adoption of other methods and preparation of detailed risk management plans.
|
199 |
Risk analysis and potential implications of exotic Gyrodactylus species on cultured and wild cyprinids in the Western Cape, South AfricaMaseng, Monique Rochelle January 2010 (has links)
<p>Koi and goldfish have been released into rivers in South Africa since the 1800&rsquo / s for food and sport fish and have since spread extensively. These fish are present in most of the river systems in South Africa and pose an additional threat the indigenous cyprinids in the Western Cape. Monogenean parasites of the genus Gyrodactylus are of particular concern, as their unique biology renders them a possible threat. Gyrodactylus kherulensis and G. kobayashii were identified from koi and goldfish respectively imported from Asia, Europe and locally bred fish. Morphometrics and the use of statistical classifiers, which includes univariate (ANOVA and Kruskal-Wallis), bivariate (Pearson&rsquo / s correlation) and multivariate (Principal Component Analysis) placed the two species within their respective groups. There was some intraspecific variation among the different populations collected from the various locations, especially in the hamulus and ventral bar features, but the marginal hooklets, however, remained static for both helminth species.</p>
|
200 |
L'audit de sécurité et la protection des organisationsMignault, Sylvain January 2009 (has links)
Mémoire numérisé par la Division de la gestion de documents et des archives de l'Université de Montréal
|
Page generated in 0.0226 seconds