SlideShare a Scribd company logo

F041123639

I
IOSR-JEN

Volume 4 ~ Issue 11 ~ Version 2 (November 2014)

Technology
1 of 4
Download to read offline
IOSR Journal of Engineering (IOSRJEN) www.iosrjen.org ISSN (e): 2250-3021, ISSN (p): 2278-8719 Vol. 04, Issue 11 (November. 2014), ||V2|| PP 36-39 International organization of Scientific Research 36 | P a g e Quantitative Risk Analysis of VSAT Communication System Mohammed Tahseen Al Agha1 1 Department Of Electronics Engineering, Jordanian Sudanese College For Science & Technology Abstract: - Since today's business environment is dynamic and rapidly change, many surprises and risks are taken into account appear suddenly, leading to block the implementation of engineering projects or may cause a total collapse. A risk management plan has been extensively used to deal with threats facing the activities of any organization. It aims to maximize the probability and consequences of positive events and minimize the probability and consequences of adverse events. This paper presents the advantages of using quantitative risk analysis techniques to describe what risk managers will expect and what is required to be done to enhance the performance of the organization. It also provides better information to support critical decisions which help to estimate the size of contingency reserves for time and cost that would be appropriate for stakeholders. The technique will be used in the assessment is based on Expected Monetary Value which is a simple calculation of a value such as expected target of cost, and a decision tree analysis that is a powerful utility for choosing an option from alternatives. Keywords: - Contingency reserve, making decisions, risk analysis, risk assessment, risk management plan. I. INTRODUCTION Risk is an uncertain event, or condition that if it occurs has a positive or negative effect on a project‟s objectives. Risk Management is the systematic process of identifying, analyzing, and responding to project risks. The power of risk management is fully realized when a project manager takes action to respond to identified risks based on the risk analysis, with effort being directed toward those risks that rank the highest in terms of significant impact to project objectives. Risk management has become increasingly high profile in recent times, because of the global financial crisis and the number of high profile corporate failures across the world that preceded it. As well as assisting with better decision making and improved efficiency, risk management can also contribute to the provision of greater assurance to stakeholders. This assurance has two important components. The directors of any organization need to be confident that risks have been identified and that appropriate steps have been taken to manage risk to an appropriate level. Also, there is greater emphasis on accurate reporting of information by organizations, including risk information. Stakeholders require detailed information on company performance, including risk awareness Telecommunications sector is being one of the most important aspect in practical life. This case study has been applied to a very small aperture terminal (VSAT) system. VSAT is a small telecommunication earth station that receives and transmits real-time data via satellite. A VSAT transmits narrow and broadband signals to orbital satellites. The satellite sends and receives signals from an earth station, which acts as the hub for the system. Each end user is connected to this hub station through the satellite in a star topology. II. METHODOLOGY The main purpose of this section is to clarify the risks (Threats) associated with a VSAT system. Several important parameters should be covered in risk assessment for future analysis. The technique will be performed in the assessment is based on quantitative risk analysis (QRA) specially on Expected Monetary Value (EMV) to expect the achievable cost, and decision tree analysis which is used to explore different options and outcomes of selecting a specific option. The first and most significant step in risk assessment is to identify all possible VSAT threats which are expose to. Table. 1 illustrates a number of VSAT threats, risk reasons, and its consequences on the system. Table 1. VSAT System Threats No. R ID Risk Name Reason & Description Consequence 1 R01 Bit Error Rate (BER) Environmental obstacles play essential role to reduce the BER Signal attenuation may occur 2 R02 VSAT Power Off Commercial power off Service Down 3 R03 Instability The Bandwidth offered by the operator company is limited Low Quality of Service
Quantitative Risk Analysis of VSAT Communication System International organization of Scientific Research 37 | P a g e 4 R04 Maintenance Delay limitation are; time management, lack of transportation (vehicles), and long distance Denial of Service 5 R05 Operations Cost National Telecommunication Corporation imposes high fees Affect annual profit 6 R06 License Granting tenders or partial works for more than a firm Unseen jobs will be out of focus of the original operator 7 R07 Security Problems Political conflicts in the coverage area. Unavailability and delay of service maintenance. Or, may lose of equipments 8 R08 Fail to use the system effectively New hardware installation, Or, lack of experience Ineffective work practices. Or, System fault and may damage 9 R09 Hardware Failure Failure in hardware components Connection between VSAT components may be lost 10 R10 Software Failure Software internal errors, or virus in computer systems This risk can completely deny the users from the service. 11 R11 Theft of System components Loss any part of the system Denial of Service After the identification and classification of risks, risk analysis should be applied in order to determine the risk factors that are likely to have a greater influence on the system, and therefore, must be managed by the project owner with a particular attention. III. RISK ANALYSIS MODEL QRA refers to the thorough and complete numeric analysis of the overall effect of the total quantifiable amount of risks involved in the project objectives. QRA techniques offer a relatively precise process when compared to other analysis techniques.. Before starting the analysis, impact scale should be determined. Table. 2 describes the quantitative analysis definitions and rating. Table 2. Quantitative Risk Consequence Ratings Probability Ranking Probability Scale Severity category Contingency Scale $ High More than 51 % Major Impact 5,001 - 10,000 Medium 31 % - 50% Moderate Impact 2,001 - 5,000 Low 10% - 30% Minor Impact Less than 2,000 3.1 Expected Monetary Value Model EMV is evaluated by multiplying the probability of each risk by its impact of cost. In order to compute the contingency reserve, probability and cost impact on VSAT system must be assigned. It should be mentioned that values of probability and impact are differ from time to time, and from operator to another. In order to complete the assessment in this case study, probability and impact cost values are assumed. Table 3 shows the method of computing EMV, while fig. 1 (a) shows the cost impact of each threats on the system. Table 3 : EMV Calculations Risk ID Probability % Impact $ Contribution to EMV $ Effect on The System % R01 33 5,000 1,650 5.49 R02 10 2,500 250 0.43 R03 30 8,000 2,400 4.12 R04 25 10,000 2,500 4.48 R05 75 8,500 6,375 11.95 R06 70 8,000 5,600 11.92 R07 80 9,000 7,200 17.40 R08 30 2,000 600 1.76 R09 25 3,000 750 2.23 R10 25 3,000 750 2.28 R11 20 10,000 2,000 6.24 Total Expected Monetary Value $ 30,075
Quantitative Risk Analysis of VSAT Communication System International organization of Scientific Research 38 | P a g e It obvious from the previous calculations, the telecom company have to take into account the reserved money of 30,075 $ in the annual budget in order to meet any risk may occur in the VSAT system. If some identified risks don‟t occur, it means some of these reserved money will be as a profit for the company which is called opportunity. Another issue should be mentioned is the percentage of consequence on the VSAT assets. It is computed by divide the cost impact of each risk by the overall cost impact, as illustrated in the last column in table 3. For instance, the effect of R01 on the system is equal to 1,650/30,075 *100 % which is 5.49 % . Fig. 1 (b) shows the different effect of each threat on the VSAT system. It‟s noticed also that the threats denoted by R07, R05, and R06 have a high level of risk respectively. Senior manger must take into account these threats in order to reduce its consequences on the VSAT system. Figure 1: (a) Cost impact of each threat. (b) Impact ratio of each threats on VSAT system 3.2 Decision Tree Analysis Model The second important assessment model technique is a decision tree analysis, which is a model of real situations and is used to make informed decisions about things such as,“ Which option should I select?” by taking into account the associated risks, probability, and impact. In case of risk denoted by R11 for instance, in the risk identification list, suppose there are two options in order to take a response to the theft of VSAT component risk. The first option (A) is to use security force members, with an initial cost of 4,500 $, this option leads to a successful ratio of 90% without stealing, whereas the second option (B) is to use a CCTV system with an initial cost of 4,000 $, and with a successful ratio of 80% without stealing. In case of stealing, the organization will lose about of 10,000 $. It should take a decision to choose between the two options to save the annual cost. In such a case, a decision tree analysis plays a significant role to take a suitable and best action against this problem. Base on the previous data, and at first sight, the risk manger should choose option (B) since it is less cost than option (A), and it will save of 500 $ to the organization, however, the best option is (A) according to a simple calculation. The risk manager has to use the principle of expected monetary value calculations to make a decision as follows: Table 4 : Decision Tree Analysis No. Option Name EMV 1 Option (A) (10% * 10,000 $) + (90 % * 0 $ ) + 4,500 $ = 5,500 $ 2 Option (B) (20% *10,000 $) + (80 % * 0 $) + 4,000 $ = 6,000 $ The EMV of option (A) is computed from left to right in the diagram 2. The impact of 10,000 $ is multiplied by the probability of occurrence 10 % plus the impact of 0 $ in case of no theft, plus the initial cost of 4,500 $. The same steps are implemented to option (B) to get the final EMV. Since the analysis proves differently as computed in table 4, it worth taking into account one future event. Option (A) will cost the organization 5,500 $, whereas the option (B) will cost 6,000 $. It „s obvious that option (A) will save of 500 $ to the organization. Fig. 2 summarize the applied scenario. 0 1,000 2,000 3,000 4,000 5,000 6,000 7,000 8,000 1 2 3 4 5 6 7 8 9 10 11 0.00 5.00 10.00 15.00 20.00 1 2 3 4 5 6 7 8 9 10 11
Quantitative Risk Analysis of VSAT Communication System International organization of Scientific Research 39 | P a g e Figure 2 : Decision Tree Analysis IV. CONCLUSION Conducting a quantitative risk analysis is relatively simple and can easily follow a model to get satisfactory results. Benefits arising from performing QRA are not only to determine the overall threats to the organization which requiring most care, but also to estimate the amount of contingency reserve for any further action required to make full use of this reserves. On the other hand, it supports the risk assessment team to take appropriate and proper decisions at the lowest possible cost. Furthermore, it has the ability to calculate the hazard ratio for each asset affecting the system. REFERENCES [1] Duncan, W. R., A Guide to the Project Management Body of Knowledge (Project Management Institute Inc., Newtown Square, Pennsylvania, USA, 2013) [2] Mark Gabel, P.E., Project Risk Management Guidance for WSDOT Projects (WSDOT, Washington, USA, 2013) [3] Project Management Institute, Practice Standard for Project Risk Management (Project Management Institute, Inc., Pennsylvania, USA, 2009) [4] Hopkin, Paul, Fundamentals of risk management : understanding, evaluating, and implementing effective risk management (The Institute of Risk Management, London, 2010) [5] Knútur Birgir Otterstedt, Risk analysis on VoIP systems, master theses, Faculty of Industrial Engineering, Mechanical Engineering and Computer Science, University of Iceland, June 2011 [6] http://www.rmstudy.com/rmdocs/Perform%20Quantitative%20Risk%20Analysis.pdf [7] http://www.madrid.org/cs/StaticFiles/Emprendedores/Analisis_Riesgos/pages/pdf/metodologia/4Analisis ycuantificaciondelRiesgo%28AR%29_en.pdf [8] http://www.nisnet.no/filer/Finse11/Risk%20Assessment.pdf [9] http://www.techopedia.com/definition/5095/very-small-aperture-terminal-vsat [10] http://www.quizlet.com/28759753/ch-11-risk-flash-cards/ Probability of successful and failure Decision CostDecision Name Choosing : Security Men Force (A) OR CCTV (B) Option (A) : Cost of 4,500 $ 90 % (No Theft) Impact (0 $) 10 % (Theft) Impact (10,000 $) Option (B) : Cost of 4,000 $ 80 % (No Theft) Impact (0 $) 20 % (Theft) Impact (10,000 $)

Recommended

Financial critical infrastructure a mas trusted architecture for alert detect...
Financial critical infrastructure a mas trusted architecture for alert detect...Financial critical infrastructure a mas trusted architecture for alert detect...
Financial critical infrastructure a mas trusted architecture for alert detect...Luxembourg Institute of Science and Technology
 
Legal and ethical aspects
Legal and ethical aspectsLegal and ethical aspects
Legal and ethical aspectsCAS
 
Risk assessment report
Risk assessment reportRisk assessment report
Risk assessment reportEugene Mukuka, BSc. MBA, MSc
 
IT Security management and risk assessment
IT Security management and risk assessmentIT Security management and risk assessment
IT Security management and risk assessmentCAS
 
50320130403010
5032013040301050320130403010
50320130403010IAEME Publication
 
Outsourcing
OutsourcingOutsourcing
Outsourcingkarlhennessy
 
SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...
SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...
SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...FireEye, Inc.
 
Ffiec cat may_2017
Ffiec cat may_2017Ffiec cat may_2017
Ffiec cat may_2017Josef Sulca Cueva
 

Recommended

Financial critical infrastructure a mas trusted architecture for alert detect...
Financial critical infrastructure a mas trusted architecture for alert detect...Financial critical infrastructure a mas trusted architecture for alert detect...
Financial critical infrastructure a mas trusted architecture for alert detect...Luxembourg Institute of Science and Technology
 
Legal and ethical aspects
Legal and ethical aspectsLegal and ethical aspects
Legal and ethical aspectsCAS
 
Risk assessment report
Risk assessment reportRisk assessment report
Risk assessment reportEugene Mukuka, BSc. MBA, MSc
 
IT Security management and risk assessment
IT Security management and risk assessmentIT Security management and risk assessment
IT Security management and risk assessmentCAS
 
50320130403010
5032013040301050320130403010
50320130403010IAEME Publication
 
Outsourcing
OutsourcingOutsourcing
Outsourcingkarlhennessy
 
SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...
SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...
SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...FireEye, Inc.
 
Ffiec cat may_2017
Ffiec cat may_2017Ffiec cat may_2017
Ffiec cat may_2017Josef Sulca Cueva
 
SANS 2013 Report: Digital Forensics and Incident Response Survey
SANS 2013 Report: Digital Forensics and Incident Response Survey SANS 2013 Report: Digital Forensics and Incident Response Survey
SANS 2013 Report: Digital Forensics and Incident Response Survey FireEye, Inc.
 
Dynamic RWX ACM Model Optimizing the Risk on Real Time Unix File System
Dynamic RWX ACM Model Optimizing the Risk on Real Time Unix File SystemDynamic RWX ACM Model Optimizing the Risk on Real Time Unix File System
Dynamic RWX ACM Model Optimizing the Risk on Real Time Unix File SystemRadita Apriana
 
A Case Study on the Effects of Cyber Attacks on Firms' Stock Price
A Case Study on the Effects of Cyber Attacks on Firms' Stock PriceA Case Study on the Effects of Cyber Attacks on Firms' Stock Price
A Case Study on the Effects of Cyber Attacks on Firms' Stock PriceShravan Chandrasekaran
 
2013 Incident Response Survey
2013 Incident Response Survey2013 Incident Response Survey
2013 Incident Response SurveyFireEye, Inc.
 
Cyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public CommentCyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public CommentDavid Sweigert
 
Sensitive Data Exposure Incident Checklist
Sensitive Data Exposure Incident ChecklistSensitive Data Exposure Incident Checklist
Sensitive Data Exposure Incident Checklist- Mark - Fullbright
 
M-Trends® 2010: The Advanced Persistent Threat
M-Trends® 2010: The Advanced Persistent Threat M-Trends® 2010: The Advanced Persistent Threat
M-Trends® 2010: The Advanced Persistent ThreatFireEye, Inc.
 
Vulnerability Management: What You Need to Know to Prioritize Risk
Vulnerability Management: What You Need to Know to Prioritize RiskVulnerability Management: What You Need to Know to Prioritize Risk
Vulnerability Management: What You Need to Know to Prioritize RiskAlienVault
 
Planning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management ProgramPlanning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management ProgramSasha Nunke
 
HRIA and tool example.pdf
HRIA and tool example.pdfHRIA and tool example.pdf
HRIA and tool example.pdfFederico Marengo
 
IEEE-S&P Magazine-2015-Massacci
IEEE-S&P Magazine-2015-MassacciIEEE-S&P Magazine-2015-Massacci
IEEE-S&P Magazine-2015-MassacciFabio Massacci
 
Layer of protection analysis
Layer of protection analysisLayer of protection analysis
Layer of protection analysisSandip Sonawane
 
Ieeepro techno solutions 2013 ieee embedded project an integrated design fr...
Ieeepro techno solutions 2013 ieee embedded project an integrated design fr...Ieeepro techno solutions 2013 ieee embedded project an integrated design fr...
Ieeepro techno solutions 2013 ieee embedded project an integrated design fr...srinivasanece7
 
Implementing Vulnerability Management
Implementing Vulnerability Management Implementing Vulnerability Management
Implementing Vulnerability Management Argyle Executive Forum
 
Ponemon report : 'Critical Infrastructure: Security Preparedness and Maturity -
Ponemon report : 'Critical Infrastructure: Security Preparedness and Maturity -Ponemon report : 'Critical Infrastructure: Security Preparedness and Maturity -
Ponemon report : 'Critical Infrastructure: Security Preparedness and Maturity -Marcello Marchesini
 
Enterprise Class Vulnerability Management Like A Boss
Enterprise Class Vulnerability Management Like A BossEnterprise Class Vulnerability Management Like A Boss
Enterprise Class Vulnerability Management Like A Bossrbrockway
 
Designing NextGen Threat Identification Solutions
Designing NextGen Threat Identification SolutionsDesigning NextGen Threat Identification Solutions
Designing NextGen Threat Identification SolutionsArun Prabhakar
 
Information Secuirty Vulnerability Management
Information Secuirty Vulnerability ManagementInformation Secuirty Vulnerability Management
Information Secuirty Vulnerability Managementtschraider
 
Concepts in Software Safety
Concepts in Software SafetyConcepts in Software Safety
Concepts in Software Safetydalesanders
 
Octav ethreat profiles
Octav ethreat profilesOctav ethreat profiles
Octav ethreat profilesFrancis Esquivel Cuenca
 
Risks in cc
Risks in ccRisks in cc
Risks in ccRubaNagarajan
 
IRJET- Analysis of Risk Management in Construction Sector using Fault Tree...
IRJET- Analysis of Risk Management in Construction Sector using Fault Tree...IRJET- Analysis of Risk Management in Construction Sector using Fault Tree...
IRJET- Analysis of Risk Management in Construction Sector using Fault Tree...IRJET Journal
 

More Related Content

What's hot

SANS 2013 Report: Digital Forensics and Incident Response Survey
SANS 2013 Report: Digital Forensics and Incident Response Survey SANS 2013 Report: Digital Forensics and Incident Response Survey
SANS 2013 Report: Digital Forensics and Incident Response Survey FireEye, Inc.
 
Dynamic RWX ACM Model Optimizing the Risk on Real Time Unix File System
Dynamic RWX ACM Model Optimizing the Risk on Real Time Unix File SystemDynamic RWX ACM Model Optimizing the Risk on Real Time Unix File System
Dynamic RWX ACM Model Optimizing the Risk on Real Time Unix File SystemRadita Apriana
 
A Case Study on the Effects of Cyber Attacks on Firms' Stock Price
A Case Study on the Effects of Cyber Attacks on Firms' Stock PriceA Case Study on the Effects of Cyber Attacks on Firms' Stock Price
A Case Study on the Effects of Cyber Attacks on Firms' Stock PriceShravan Chandrasekaran
 
2013 Incident Response Survey
2013 Incident Response Survey2013 Incident Response Survey
2013 Incident Response SurveyFireEye, Inc.
 
Cyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public CommentCyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public CommentDavid Sweigert
 
Sensitive Data Exposure Incident Checklist
Sensitive Data Exposure Incident ChecklistSensitive Data Exposure Incident Checklist
Sensitive Data Exposure Incident Checklist- Mark - Fullbright
 
M-Trends® 2010: The Advanced Persistent Threat
M-Trends® 2010: The Advanced Persistent Threat M-Trends® 2010: The Advanced Persistent Threat
M-Trends® 2010: The Advanced Persistent ThreatFireEye, Inc.
 
Vulnerability Management: What You Need to Know to Prioritize Risk
Vulnerability Management: What You Need to Know to Prioritize RiskVulnerability Management: What You Need to Know to Prioritize Risk
Vulnerability Management: What You Need to Know to Prioritize RiskAlienVault
 
Planning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management ProgramPlanning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management ProgramSasha Nunke
 
IEEE-S&P Magazine-2015-Massacci
IEEE-S&P Magazine-2015-MassacciIEEE-S&P Magazine-2015-Massacci
IEEE-S&P Magazine-2015-MassacciFabio Massacci
 
Layer of protection analysis
Layer of protection analysisLayer of protection analysis
Layer of protection analysisSandip Sonawane
 
Ieeepro techno solutions 2013 ieee embedded project an integrated design fr...
Ieeepro techno solutions 2013 ieee embedded project an integrated design fr...Ieeepro techno solutions 2013 ieee embedded project an integrated design fr...
Ieeepro techno solutions 2013 ieee embedded project an integrated design fr...srinivasanece7
 
Implementing Vulnerability Management
Implementing Vulnerability Management Implementing Vulnerability Management
Implementing Vulnerability Management Argyle Executive Forum
 
Ponemon report : 'Critical Infrastructure: Security Preparedness and Maturity -
Ponemon report : 'Critical Infrastructure: Security Preparedness and Maturity -Ponemon report : 'Critical Infrastructure: Security Preparedness and Maturity -
Ponemon report : 'Critical Infrastructure: Security Preparedness and Maturity -Marcello Marchesini
 
Enterprise Class Vulnerability Management Like A Boss
Enterprise Class Vulnerability Management Like A BossEnterprise Class Vulnerability Management Like A Boss
Enterprise Class Vulnerability Management Like A Bossrbrockway
 
Designing NextGen Threat Identification Solutions
Designing NextGen Threat Identification SolutionsDesigning NextGen Threat Identification Solutions
Designing NextGen Threat Identification SolutionsArun Prabhakar
 
Information Secuirty Vulnerability Management
Information Secuirty Vulnerability ManagementInformation Secuirty Vulnerability Management
Information Secuirty Vulnerability Managementtschraider
 
Concepts in Software Safety
Concepts in Software SafetyConcepts in Software Safety
Concepts in Software Safetydalesanders
 

What's hot (20)

SANS 2013 Report: Digital Forensics and Incident Response Survey
SANS 2013 Report: Digital Forensics and Incident Response Survey SANS 2013 Report: Digital Forensics and Incident Response Survey
SANS 2013 Report: Digital Forensics and Incident Response Survey
 
Dynamic RWX ACM Model Optimizing the Risk on Real Time Unix File System
Dynamic RWX ACM Model Optimizing the Risk on Real Time Unix File SystemDynamic RWX ACM Model Optimizing the Risk on Real Time Unix File System
Dynamic RWX ACM Model Optimizing the Risk on Real Time Unix File System
 
A Case Study on the Effects of Cyber Attacks on Firms' Stock Price
A Case Study on the Effects of Cyber Attacks on Firms' Stock PriceA Case Study on the Effects of Cyber Attacks on Firms' Stock Price
A Case Study on the Effects of Cyber Attacks on Firms' Stock Price
 
2013 Incident Response Survey
2013 Incident Response Survey2013 Incident Response Survey
2013 Incident Response Survey
 
Cyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public CommentCyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public Comment
 
Sensitive Data Exposure Incident Checklist
Sensitive Data Exposure Incident ChecklistSensitive Data Exposure Incident Checklist
Sensitive Data Exposure Incident Checklist
 
M-Trends® 2010: The Advanced Persistent Threat
M-Trends® 2010: The Advanced Persistent Threat M-Trends® 2010: The Advanced Persistent Threat
M-Trends® 2010: The Advanced Persistent Threat
 
Vulnerability Management: What You Need to Know to Prioritize Risk
Vulnerability Management: What You Need to Know to Prioritize RiskVulnerability Management: What You Need to Know to Prioritize Risk
Vulnerability Management: What You Need to Know to Prioritize Risk
 
Planning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management ProgramPlanning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management Program
 
HRIA and tool example.pdf
HRIA and tool example.pdfHRIA and tool example.pdf
HRIA and tool example.pdf
 
IEEE-S&P Magazine-2015-Massacci
IEEE-S&P Magazine-2015-MassacciIEEE-S&P Magazine-2015-Massacci
IEEE-S&P Magazine-2015-Massacci
 
Layer of protection analysis
Layer of protection analysisLayer of protection analysis
Layer of protection analysis
 
Ieeepro techno solutions 2013 ieee embedded project an integrated design fr...
Ieeepro techno solutions 2013 ieee embedded project an integrated design fr...Ieeepro techno solutions 2013 ieee embedded project an integrated design fr...
Ieeepro techno solutions 2013 ieee embedded project an integrated design fr...
 
Implementing Vulnerability Management
Implementing Vulnerability Management Implementing Vulnerability Management
Implementing Vulnerability Management
 
Ponemon report : 'Critical Infrastructure: Security Preparedness and Maturity -
Ponemon report : 'Critical Infrastructure: Security Preparedness and Maturity -Ponemon report : 'Critical Infrastructure: Security Preparedness and Maturity -
Ponemon report : 'Critical Infrastructure: Security Preparedness and Maturity -
 
Enterprise Class Vulnerability Management Like A Boss
Enterprise Class Vulnerability Management Like A BossEnterprise Class Vulnerability Management Like A Boss
Enterprise Class Vulnerability Management Like A Boss
 
Designing NextGen Threat Identification Solutions
Designing NextGen Threat Identification SolutionsDesigning NextGen Threat Identification Solutions
Designing NextGen Threat Identification Solutions
 
Information Secuirty Vulnerability Management
Information Secuirty Vulnerability ManagementInformation Secuirty Vulnerability Management
Information Secuirty Vulnerability Management
 
Concepts in Software Safety
Concepts in Software SafetyConcepts in Software Safety
Concepts in Software Safety
 
Octav ethreat profiles
Octav ethreat profilesOctav ethreat profiles
Octav ethreat profiles
 

Similar to F041123639

IRJET- Analysis of Risk Management in Construction Sector using Fault Tree...
IRJET- Analysis of Risk Management in Construction Sector using Fault Tree...IRJET- Analysis of Risk Management in Construction Sector using Fault Tree...
IRJET- Analysis of Risk Management in Construction Sector using Fault Tree...IRJET Journal
 
Safety in design paper a live picture of organisational risk by linking risk...
Safety in design paper a live picture of organisational risk by linking risk...Safety in design paper a live picture of organisational risk by linking risk...
Safety in design paper a live picture of organisational risk by linking risk...Alex Apostolou
 
Developing a Continuous Monitoring Action Plan
Developing a Continuous Monitoring Action PlanDeveloping a Continuous Monitoring Action Plan
Developing a Continuous Monitoring Action PlanTripwire
 
Pillar III presentation 11 18-14 - redacted version
Pillar III presentation 11 18-14 - redacted versionPillar III presentation 11 18-14 - redacted version
Pillar III presentation 11 18-14 - redacted versionBenjamin Huston
 
The use of Monte Carlo simulation in quantitative risk assessment of IT projects
The use of Monte Carlo simulation in quantitative risk assessment of IT projectsThe use of Monte Carlo simulation in quantitative risk assessment of IT projects
The use of Monte Carlo simulation in quantitative risk assessment of IT projectsEswar Publications
 
Pasta Threat Modeling
Pasta Threat ModelingPasta Threat Modeling
Pasta Threat ModelingEC-Council
 
Optimization of different objective function in risk assessment system
Optimization of different objective function in risk assessment systemOptimization of different objective function in risk assessment system
Optimization of different objective function in risk assessment systemAlexander Decker
 
Risk assessment of information production using extended risk matrix approach
Risk assessment of information production using extended risk matrix approachRisk assessment of information production using extended risk matrix approach
Risk assessment of information production using extended risk matrix approachTELKOMNIKA JOURNAL
 
Project Risk Management-Pankaj K Sinha
Project Risk Management-Pankaj K SinhaProject Risk Management-Pankaj K Sinha
Project Risk Management-Pankaj K SinhaPankaj K Sinha
 
IRJET- Accident Information Mining and Insurance Dispute Resolution
IRJET- Accident Information Mining and Insurance Dispute ResolutionIRJET- Accident Information Mining and Insurance Dispute Resolution
IRJET- Accident Information Mining and Insurance Dispute ResolutionIRJET Journal
 
IRJET - Detection of False Data Injection Attacks using K-Means Clusterin...
IRJET - Detection of False Data Injection Attacks using K-Means Clusterin...IRJET - Detection of False Data Injection Attacks using K-Means Clusterin...
IRJET - Detection of False Data Injection Attacks using K-Means Clusterin...IRJET Journal
 
Effective Solutions for Your Supply Chain Risks
Effective Solutions for Your Supply Chain RisksEffective Solutions for Your Supply Chain Risks
Effective Solutions for Your Supply Chain RisksHalo BI
 
2Cloud computing threats One of the biggest challenges informa.docx
2Cloud computing threats One of the biggest challenges informa.docx2Cloud computing threats One of the biggest challenges informa.docx
2Cloud computing threats One of the biggest challenges informa.docxlorainedeserre
 
Financial critical infrastructure a mas trusted architecture for alert detect...
Financial critical infrastructure a mas trusted architecture for alert detect...Financial critical infrastructure a mas trusted architecture for alert detect...
Financial critical infrastructure a mas trusted architecture for alert detect...christophefeltus
 
Chief Audit Execs speak out: Cybersecurity & risk management
Chief Audit Execs speak out: Cybersecurity & risk managementChief Audit Execs speak out: Cybersecurity & risk management
Chief Audit Execs speak out: Cybersecurity & risk managementGrant Thornton LLP
 
IRJET- Survey on Flood Management System
IRJET- Survey on Flood Management SystemIRJET- Survey on Flood Management System
IRJET- Survey on Flood Management SystemIRJET Journal
 
Risk-based cost methods - David Engel, Pacific Northwest National Laboratory
Risk-based cost methods - David Engel, Pacific Northwest National LaboratoryRisk-based cost methods - David Engel, Pacific Northwest National Laboratory
Risk-based cost methods - David Engel, Pacific Northwest National LaboratoryGlobal CCS Institute
 

Similar to F041123639 (20)

Risks in cc
Risks in ccRisks in cc
Risks in cc
 
IRJET- Analysis of Risk Management in Construction Sector using Fault Tree...
IRJET- Analysis of Risk Management in Construction Sector using Fault Tree...IRJET- Analysis of Risk Management in Construction Sector using Fault Tree...
IRJET- Analysis of Risk Management in Construction Sector using Fault Tree...
 
Safety in design paper a live picture of organisational risk by linking risk...
Safety in design paper a live picture of organisational risk by linking risk...Safety in design paper a live picture of organisational risk by linking risk...
Safety in design paper a live picture of organisational risk by linking risk...
 
Developing a Continuous Monitoring Action Plan
Developing a Continuous Monitoring Action PlanDeveloping a Continuous Monitoring Action Plan
Developing a Continuous Monitoring Action Plan
 
Pillar III presentation 11 18-14 - redacted version
Pillar III presentation 11 18-14 - redacted versionPillar III presentation 11 18-14 - redacted version
Pillar III presentation 11 18-14 - redacted version
 
The use of Monte Carlo simulation in quantitative risk assessment of IT projects
The use of Monte Carlo simulation in quantitative risk assessment of IT projectsThe use of Monte Carlo simulation in quantitative risk assessment of IT projects
The use of Monte Carlo simulation in quantitative risk assessment of IT projects
 
Pasta Threat Modeling
Pasta Threat ModelingPasta Threat Modeling
Pasta Threat Modeling
 
Optimization of different objective function in risk assessment system
Optimization of different objective function in risk assessment systemOptimization of different objective function in risk assessment system
Optimization of different objective function in risk assessment system
 
Risk assessment of information production using extended risk matrix approach
Risk assessment of information production using extended risk matrix approachRisk assessment of information production using extended risk matrix approach
Risk assessment of information production using extended risk matrix approach
 
Project Risk Management-Pankaj K Sinha
Project Risk Management-Pankaj K SinhaProject Risk Management-Pankaj K Sinha
Project Risk Management-Pankaj K Sinha
 
IRJET- Accident Information Mining and Insurance Dispute Resolution
IRJET- Accident Information Mining and Insurance Dispute ResolutionIRJET- Accident Information Mining and Insurance Dispute Resolution
IRJET- Accident Information Mining and Insurance Dispute Resolution
 
IRJET - Detection of False Data Injection Attacks using K-Means Clusterin...
IRJET - Detection of False Data Injection Attacks using K-Means Clusterin...IRJET - Detection of False Data Injection Attacks using K-Means Clusterin...
IRJET - Detection of False Data Injection Attacks using K-Means Clusterin...
 
Irjet v7 i3475
Irjet v7 i3475Irjet v7 i3475
Irjet v7 i3475
 
Effective Solutions for Your Supply Chain Risks
Effective Solutions for Your Supply Chain RisksEffective Solutions for Your Supply Chain Risks
Effective Solutions for Your Supply Chain Risks
 
2Cloud computing threats One of the biggest challenges informa.docx
2Cloud computing threats One of the biggest challenges informa.docx2Cloud computing threats One of the biggest challenges informa.docx
2Cloud computing threats One of the biggest challenges informa.docx
 
Financial critical infrastructure a mas trusted architecture for alert detect...
Financial critical infrastructure a mas trusted architecture for alert detect...Financial critical infrastructure a mas trusted architecture for alert detect...
Financial critical infrastructure a mas trusted architecture for alert detect...
 
Chief Audit Execs speak out: Cybersecurity & risk management
Chief Audit Execs speak out: Cybersecurity & risk managementChief Audit Execs speak out: Cybersecurity & risk management
Chief Audit Execs speak out: Cybersecurity & risk management
 
IRJET- Survey on Flood Management System
IRJET- Survey on Flood Management SystemIRJET- Survey on Flood Management System
IRJET- Survey on Flood Management System
 
aCCelerate Brochure
aCCelerate BrochureaCCelerate Brochure
aCCelerate Brochure
 
Risk-based cost methods - David Engel, Pacific Northwest National Laboratory
Risk-based cost methods - David Engel, Pacific Northwest National LaboratoryRisk-based cost methods - David Engel, Pacific Northwest National Laboratory
Risk-based cost methods - David Engel, Pacific Northwest National Laboratory
 

More from IOSR-JEN

More from IOSR-JEN (20)

C05921721
C05921721C05921721
C05921721
 
B05921016
B05921016B05921016
B05921016
 
A05920109
A05920109A05920109
A05920109
 
J05915457
J05915457J05915457
J05915457
 
I05914153
I05914153I05914153
I05914153
 
H05913540
H05913540H05913540
H05913540
 
G05913234
G05913234G05913234
G05913234
 
F05912731
F05912731F05912731
F05912731
 
E05912226
E05912226E05912226
E05912226
 
D05911621
D05911621D05911621
D05911621
 
C05911315
C05911315C05911315
C05911315
 
B05910712
B05910712B05910712
B05910712
 
A05910106
A05910106A05910106
A05910106
 
B05840510
B05840510B05840510
B05840510
 
I05844759
I05844759I05844759
I05844759
 
H05844346
H05844346H05844346
H05844346
 
G05843942
G05843942G05843942
G05843942
 
F05843238
F05843238F05843238
F05843238
 
E05842831
E05842831E05842831
E05842831
 
D05842227
D05842227D05842227
D05842227
 

Recently uploaded

Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfngoud9212
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 

Recently uploaded (20)

Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdf
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 

F041123639

  • 1. IOSR Journal of Engineering (IOSRJEN) www.iosrjen.org ISSN (e): 2250-3021, ISSN (p): 2278-8719 Vol. 04, Issue 11 (November. 2014), ||V2|| PP 36-39 International organization of Scientific Research 36 | P a g e Quantitative Risk Analysis of VSAT Communication System Mohammed Tahseen Al Agha1 1 Department Of Electronics Engineering, Jordanian Sudanese College For Science & Technology Abstract: - Since today's business environment is dynamic and rapidly change, many surprises and risks are taken into account appear suddenly, leading to block the implementation of engineering projects or may cause a total collapse. A risk management plan has been extensively used to deal with threats facing the activities of any organization. It aims to maximize the probability and consequences of positive events and minimize the probability and consequences of adverse events. This paper presents the advantages of using quantitative risk analysis techniques to describe what risk managers will expect and what is required to be done to enhance the performance of the organization. It also provides better information to support critical decisions which help to estimate the size of contingency reserves for time and cost that would be appropriate for stakeholders. The technique will be used in the assessment is based on Expected Monetary Value which is a simple calculation of a value such as expected target of cost, and a decision tree analysis that is a powerful utility for choosing an option from alternatives. Keywords: - Contingency reserve, making decisions, risk analysis, risk assessment, risk management plan. I. INTRODUCTION Risk is an uncertain event, or condition that if it occurs has a positive or negative effect on a project‟s objectives. Risk Management is the systematic process of identifying, analyzing, and responding to project risks. The power of risk management is fully realized when a project manager takes action to respond to identified risks based on the risk analysis, with effort being directed toward those risks that rank the highest in terms of significant impact to project objectives. Risk management has become increasingly high profile in recent times, because of the global financial crisis and the number of high profile corporate failures across the world that preceded it. As well as assisting with better decision making and improved efficiency, risk management can also contribute to the provision of greater assurance to stakeholders. This assurance has two important components. The directors of any organization need to be confident that risks have been identified and that appropriate steps have been taken to manage risk to an appropriate level. Also, there is greater emphasis on accurate reporting of information by organizations, including risk information. Stakeholders require detailed information on company performance, including risk awareness Telecommunications sector is being one of the most important aspect in practical life. This case study has been applied to a very small aperture terminal (VSAT) system. VSAT is a small telecommunication earth station that receives and transmits real-time data via satellite. A VSAT transmits narrow and broadband signals to orbital satellites. The satellite sends and receives signals from an earth station, which acts as the hub for the system. Each end user is connected to this hub station through the satellite in a star topology. II. METHODOLOGY The main purpose of this section is to clarify the risks (Threats) associated with a VSAT system. Several important parameters should be covered in risk assessment for future analysis. The technique will be performed in the assessment is based on quantitative risk analysis (QRA) specially on Expected Monetary Value (EMV) to expect the achievable cost, and decision tree analysis which is used to explore different options and outcomes of selecting a specific option. The first and most significant step in risk assessment is to identify all possible VSAT threats which are expose to. Table. 1 illustrates a number of VSAT threats, risk reasons, and its consequences on the system. Table 1. VSAT System Threats No. R ID Risk Name Reason & Description Consequence 1 R01 Bit Error Rate (BER) Environmental obstacles play essential role to reduce the BER Signal attenuation may occur 2 R02 VSAT Power Off Commercial power off Service Down 3 R03 Instability The Bandwidth offered by the operator company is limited Low Quality of Service
  • 2. Quantitative Risk Analysis of VSAT Communication System International organization of Scientific Research 37 | P a g e 4 R04 Maintenance Delay limitation are; time management, lack of transportation (vehicles), and long distance Denial of Service 5 R05 Operations Cost National Telecommunication Corporation imposes high fees Affect annual profit 6 R06 License Granting tenders or partial works for more than a firm Unseen jobs will be out of focus of the original operator 7 R07 Security Problems Political conflicts in the coverage area. Unavailability and delay of service maintenance. Or, may lose of equipments 8 R08 Fail to use the system effectively New hardware installation, Or, lack of experience Ineffective work practices. Or, System fault and may damage 9 R09 Hardware Failure Failure in hardware components Connection between VSAT components may be lost 10 R10 Software Failure Software internal errors, or virus in computer systems This risk can completely deny the users from the service. 11 R11 Theft of System components Loss any part of the system Denial of Service After the identification and classification of risks, risk analysis should be applied in order to determine the risk factors that are likely to have a greater influence on the system, and therefore, must be managed by the project owner with a particular attention. III. RISK ANALYSIS MODEL QRA refers to the thorough and complete numeric analysis of the overall effect of the total quantifiable amount of risks involved in the project objectives. QRA techniques offer a relatively precise process when compared to other analysis techniques.. Before starting the analysis, impact scale should be determined. Table. 2 describes the quantitative analysis definitions and rating. Table 2. Quantitative Risk Consequence Ratings Probability Ranking Probability Scale Severity category Contingency Scale $ High More than 51 % Major Impact 5,001 - 10,000 Medium 31 % - 50% Moderate Impact 2,001 - 5,000 Low 10% - 30% Minor Impact Less than 2,000 3.1 Expected Monetary Value Model EMV is evaluated by multiplying the probability of each risk by its impact of cost. In order to compute the contingency reserve, probability and cost impact on VSAT system must be assigned. It should be mentioned that values of probability and impact are differ from time to time, and from operator to another. In order to complete the assessment in this case study, probability and impact cost values are assumed. Table 3 shows the method of computing EMV, while fig. 1 (a) shows the cost impact of each threats on the system. Table 3 : EMV Calculations Risk ID Probability % Impact $ Contribution to EMV $ Effect on The System % R01 33 5,000 1,650 5.49 R02 10 2,500 250 0.43 R03 30 8,000 2,400 4.12 R04 25 10,000 2,500 4.48 R05 75 8,500 6,375 11.95 R06 70 8,000 5,600 11.92 R07 80 9,000 7,200 17.40 R08 30 2,000 600 1.76 R09 25 3,000 750 2.23 R10 25 3,000 750 2.28 R11 20 10,000 2,000 6.24 Total Expected Monetary Value $ 30,075
  • 3. Quantitative Risk Analysis of VSAT Communication System International organization of Scientific Research 38 | P a g e It obvious from the previous calculations, the telecom company have to take into account the reserved money of 30,075 $ in the annual budget in order to meet any risk may occur in the VSAT system. If some identified risks don‟t occur, it means some of these reserved money will be as a profit for the company which is called opportunity. Another issue should be mentioned is the percentage of consequence on the VSAT assets. It is computed by divide the cost impact of each risk by the overall cost impact, as illustrated in the last column in table 3. For instance, the effect of R01 on the system is equal to 1,650/30,075 *100 % which is 5.49 % . Fig. 1 (b) shows the different effect of each threat on the VSAT system. It‟s noticed also that the threats denoted by R07, R05, and R06 have a high level of risk respectively. Senior manger must take into account these threats in order to reduce its consequences on the VSAT system. Figure 1: (a) Cost impact of each threat. (b) Impact ratio of each threats on VSAT system 3.2 Decision Tree Analysis Model The second important assessment model technique is a decision tree analysis, which is a model of real situations and is used to make informed decisions about things such as,“ Which option should I select?” by taking into account the associated risks, probability, and impact. In case of risk denoted by R11 for instance, in the risk identification list, suppose there are two options in order to take a response to the theft of VSAT component risk. The first option (A) is to use security force members, with an initial cost of 4,500 $, this option leads to a successful ratio of 90% without stealing, whereas the second option (B) is to use a CCTV system with an initial cost of 4,000 $, and with a successful ratio of 80% without stealing. In case of stealing, the organization will lose about of 10,000 $. It should take a decision to choose between the two options to save the annual cost. In such a case, a decision tree analysis plays a significant role to take a suitable and best action against this problem. Base on the previous data, and at first sight, the risk manger should choose option (B) since it is less cost than option (A), and it will save of 500 $ to the organization, however, the best option is (A) according to a simple calculation. The risk manager has to use the principle of expected monetary value calculations to make a decision as follows: Table 4 : Decision Tree Analysis No. Option Name EMV 1 Option (A) (10% * 10,000 $) + (90 % * 0 $ ) + 4,500 $ = 5,500 $ 2 Option (B) (20% *10,000 $) + (80 % * 0 $) + 4,000 $ = 6,000 $ The EMV of option (A) is computed from left to right in the diagram 2. The impact of 10,000 $ is multiplied by the probability of occurrence 10 % plus the impact of 0 $ in case of no theft, plus the initial cost of 4,500 $. The same steps are implemented to option (B) to get the final EMV. Since the analysis proves differently as computed in table 4, it worth taking into account one future event. Option (A) will cost the organization 5,500 $, whereas the option (B) will cost 6,000 $. It „s obvious that option (A) will save of 500 $ to the organization. Fig. 2 summarize the applied scenario. 0 1,000 2,000 3,000 4,000 5,000 6,000 7,000 8,000 1 2 3 4 5 6 7 8 9 10 11 0.00 5.00 10.00 15.00 20.00 1 2 3 4 5 6 7 8 9 10 11
  • 4. Quantitative Risk Analysis of VSAT Communication System International organization of Scientific Research 39 | P a g e Figure 2 : Decision Tree Analysis IV. CONCLUSION Conducting a quantitative risk analysis is relatively simple and can easily follow a model to get satisfactory results. Benefits arising from performing QRA are not only to determine the overall threats to the organization which requiring most care, but also to estimate the amount of contingency reserve for any further action required to make full use of this reserves. On the other hand, it supports the risk assessment team to take appropriate and proper decisions at the lowest possible cost. Furthermore, it has the ability to calculate the hazard ratio for each asset affecting the system. REFERENCES [1] Duncan, W. R., A Guide to the Project Management Body of Knowledge (Project Management Institute Inc., Newtown Square, Pennsylvania, USA, 2013) [2] Mark Gabel, P.E., Project Risk Management Guidance for WSDOT Projects (WSDOT, Washington, USA, 2013) [3] Project Management Institute, Practice Standard for Project Risk Management (Project Management Institute, Inc., Pennsylvania, USA, 2009) [4] Hopkin, Paul, Fundamentals of risk management : understanding, evaluating, and implementing effective risk management (The Institute of Risk Management, London, 2010) [5] Knútur Birgir Otterstedt, Risk analysis on VoIP systems, master theses, Faculty of Industrial Engineering, Mechanical Engineering and Computer Science, University of Iceland, June 2011 [6] http://www.rmstudy.com/rmdocs/Perform%20Quantitative%20Risk%20Analysis.pdf [7] http://www.madrid.org/cs/StaticFiles/Emprendedores/Analisis_Riesgos/pages/pdf/metodologia/4Analisis ycuantificaciondelRiesgo%28AR%29_en.pdf [8] http://www.nisnet.no/filer/Finse11/Risk%20Assessment.pdf [9] http://www.techopedia.com/definition/5095/very-small-aperture-terminal-vsat [10] http://www.quizlet.com/28759753/ch-11-risk-flash-cards/ Probability of successful and failure Decision CostDecision Name Choosing : Security Men Force (A) OR CCTV (B) Option (A) : Cost of 4,500 $ 90 % (No Theft) Impact (0 $) 10 % (Theft) Impact (10,000 $) Option (B) : Cost of 4,000 $ 80 % (No Theft) Impact (0 $) 20 % (Theft) Impact (10,000 $)