SlideShare a Scribd company logo

Physical security analysis tool

Jere Peltonen
Jere Peltonen

The document discusses EASI (Estimate of Adversary Sequence Interruption), a methodology developed by Sandia National Laboratories to analyze the security of facilities. EASI calculates the probability of successfully interrupting unauthorized entry by estimating detection probability and comparing total delay time to response time, taking into account uncertainty. It can analyze structural arrangements, surveillance, and the effectiveness of concentric protection layers. The TUREAN application of EASI additionally calculates all alternative routes of entry.

1 of 45
Download to read offline
Jere Peltonen Estimate of Multiple Adversary Sequence Interruption Jere Peltonen, CPP linkedin.com/in/jerepeltonen EASI  EASI (Estimate of Adversary Sequence Interruption)  Sandia National Laboratories  U.S. Department of Energy  EASI has been used to analyze e.g. physical security arrangements of nuclear facilities JERE PELTONEN www.ysecurity.net 1
Jere Peltonen What is analyzed?  Structural arrangements  Surveillance JERE PELTONEN What are the results?  probability of failure of unauthorized entry in other words  probability of successful interruption JERE PELTONEN www.ysecurity.net 2
Jere Peltonen EASI  can be used easily to analyze arrangements that follow the principle of concentric protection layers JERE PELTONEN EASI / TUREAN  Basic EASI does not calculate alternative routes of entry  TUREAN application of EASI calculates all alternative routes JERE PELTONEN www.ysecurity.net 3
Jere Peltonen Why to use?  To get more reliable information JERE PELTONEN Why to use?  Security arrangements cost money  On the other hand, to not use any arrangements can be very costly mistake  We must find the optimum solution, that does not cost too much, but gives adequate protection JERE PELTONEN www.ysecurity.net 4
Jere Peltonen Why to use?  The security expert or manager needs to make his/her case to the people that have the money  He/she must demonstrate the vulnerabilities of existing arrangements  He/she must demonstrate the effectiveness of planned arrangements with regard to protection of assets JERE PELTONEN Why to use?  Existing or planned arrangements may be good as such, but the chain is only as strong as its weakest link  TUREAN finds the weakest links JERE PELTONEN www.ysecurity.net 5
Jere Peltonen Why to use?  To get clear numerical information that can be used to  find the existing weaknesses  test the effectiveness of planned arrangements  justify the necessary new arrangements JERE PELTONEN Why to use?  TUREAN is an excellent tool for teaching analytical approach JERE PELTONEN www.ysecurity.net 6
Jere Peltonen How to get numerical information?  calculate the probability of successfull detection and alarm And  calculate the probability that remaining time will be enough to interrupt the entry JERE PELTONEN How to get numerical information?  the probability of successful detection and alarm is calculated using the reliability of detection elements and detection-to-response reliability JERE PELTONEN www.ysecurity.net 7
Jere Peltonen Detection elements  anything that may detect the unauthorized entry and execute the alarm (intrusion detectors, local guards, passers-by) JERE PELTONEN How to get numerical information?  the probability that remaining time allows interruption is calculated by  adding up delay values of all delay elements, taking into account the real world uncertainties of the values, and  comparing it to the response time value, taking into account the uncertainty JERE PELTONEN www.ysecurity.net 8
Jere Peltonen Delay elements  Anything that may delay the intruder (door, window, wall, fence, lock, etc.) JERE PELTONEN 3 most essential terms  Delay  Detection  Response time JERE PELTONEN www.ysecurity.net 9
Jere Peltonen Other terms  Probability  Type  Normal distribution  Sequence of events  Expected value  Zone  Standard deviation  Intrusion route JERE PELTONEN Concentric layers of protection SAFE DOOR WINDOW DOOR GATE WINDOW FENCE JERE PELTONEN www.ysecurity.net 10
Jere Peltonen Intrusion route JERE PELTONEN Sequence of events 7 6 5 4 2 1 3 JERE PELTONEN www.ysecurity.net 11
Jere Peltonen Alternative events (=alternative routes) 7 6 1 5 5 4 3 2 1 3 3 1 JERE PELTONEN Alternative events 1 1 1 7 6 1 5 5 4 3 2 3 1 3 1 1 Crossing the fence JERE PELTONEN 1 Locked gate 1 Through the fence www.ysecurity.net 12
Jere Peltonen Alternative events 1 1 2 1 7 6 1 5 5 4 3 2 1 3 3 1 JERE PELTONEN 2 Moving across the yard Alternative events 1 3 1 2 3 1 3 7 6 1 5 5 2 4 3 1 3 3 1 3 Making a hole JERE PELTONEN 3 Window 3 Locked door www.ysecurity.net 13
Jere Peltonen Alternative events 1 3 1 2 3 4 1 3 7 6 1 5 5 3 2 4 1 3 3 1 JERE PELTONEN 4 Moving inside Alternative events 1 3 5 1 2 3 4 5 1 3 7 6 1 5 5 4 3 2 1 3 3 1 5 Making a hole JERE PELTONEN 5 Locked door www.ysecurity.net 14
Jere Peltonen Alternative events 1 3 5 1 2 3 4 6 5 1 3 7 1 6 5 5 4 3 2 1 3 3 1 JERE PELTONEN 6 Moving inside Alternative events 1 3 5 1 2 3 4 6 7 5 1 3 7 6 1 5 5 4 3 2 1 3 3 1 JERE PELTONEN 7 Safe www.ysecurity.net 15
Jere Peltonen Alternative events 1 3 5 1 2 3 4 6 7 8 5 1 3 7 6 1 5 5 4 3 2 1 3 3 1 JERE PELTONEN 8 Going back the same or different route Alternative events 1 3 5 1 2 3 4 6 7 8 5 1 3 7 6 1 5 5 4 3 2 1 3 3 1 JERE PELTONEN 18 ALTERNATIVE INTRUSION ROUTES www.ysecurity.net 16
Jere Peltonen Delay 30 s Event 1 30 s Total JERE PELTONEN Delay 30 s Event 1 60 s Event 2 90 s Total JERE PELTONEN www.ysecurity.net 17
Jere Peltonen Delay 30 s Event 1 60 s Event 2 45 s Event 3 135 s Total JERE PELTONEN Delay 30 s Event 1 60 s Event 2 45 s Event 3 45 s Event 4 180 s Total JERE PELTONEN www.ysecurity.net 18
Jere Peltonen Delay, detection 30 s Event 1 60 s Event 2 45 s Event 3 45 s Event 4 180 s Total 1st JERE PELTONEN possibility of detection ->detection Delay, detection, response time 30 s Event 1 60 s Event 2 45 s Event 3 45 s Event 4 180 s Total Response time 105 s 1st JERE PELTONEN possibility of detection ->detection www.ysecurity.net 19
Jere Peltonen Delay, detection, response time successful interruption 30 s Event 1 60 s Event 2 45 s Event 3 45 s Event 4 180 s Total Response time 105 s 1st Interruption JERE PELTONEN possibility of detection ->detection Delay, detection, response time ??? 30 s Event 1 60 s Event 2 45 s Event 3 45 s Event 4 180 s Total Response time 1st JERE PELTONEN possibility of detection but NO detection www.ysecurity.net 20
Jere Peltonen Delay, detection, response time ??? 30 s Event 1 60 s Event 2 45 s Event 3 45 s Event 4 180 s Total Response time 1st 1st JERE PELTONEN possibility of detection detection but NO detection Delay, detection, response time ??? 30 s Event 1 60 s Event 2 45 s Event 3 45 s Event 4 180 s Total Response time 105 s 1st 1st JERE PELTONEN possibility of detection detection but NO detection www.ysecurity.net 21
Jere Peltonen Delay, detection, response time unsuccessful interruption 30 s Event 1 60 s Event 2 45 s Event 3 45 s Event 4 180 s Total Response time 105 s 1st 1st Interruption JERE PELTONEN possibility of detection detection but NO detection Delay, detection, response time  the example uses exact times for the sake of concept simplicity  in the real world, there exists a level of uncertainty that has to be taken into account somehow JERE PELTONEN www.ysecurity.net 22
Jere Peltonen Delay, detection, response time  uncertainty is modelled by assuming that all times follow the normal distribution (Gaussian curve) JERE PELTONEN Normal distribution JERE PELTONEN www.ysecurity.net 23
Jere Peltonen Normal distribution = single measurement measurements 0 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 JERE PELTONEN Normal distribution ?? = single measurement measurements 10 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 10 JERE PELTONEN value 50 is measured 10 times www.ysecurity.net 24
Jere Peltonen Normal distribution = single measurement measurements 10 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 10 JERE PELTONEN value 50 is measured 10 times Normal distribution = single measurement measurements 11 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 1 1 1 2 1 2 1 1 1 JERE PELTONEN value 50 is measured 2 times www.ysecurity.net 25
Jere Peltonen Normal distribution = single measurement measurements 41 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 1 2 2 3 3 2 4 5 4 4 3 3 2 2 1 JERE PELTONEN value 50 is measured 5 times Normal distribution = single measurement measurements 86 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 1 1 1 1 2 2 2 4 4 9 8 10 9 9 8 5 3 2 1 1 2 1 JERE PELTONEN value 50 is measured 10 times www.ysecurity.net 26
Jere Peltonen Normal distribution = single measurement measurements 86 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 1 1 1 1 2 2 2 4 4 9 8 10 9 9 8 5 3 2 1 1 2 1 JERE PELTONEN value 50 is measured 10 times Standard deviation  standard deviation is a value that shows how much and how often real world times vary around the expected value JERE PELTONEN www.ysecurity.net 27
Jere Peltonen Standard deviation Real world times vary quite lot and often from the expected value µ -s µ +s standard deviation 3,8 JERE PELTONEN Standard deviation Real world times vary not so much and not so often as in previous example -s µ +s standard deviation 2,2 JERE PELTONEN www.ysecurity.net 28
Jere Peltonen Type  when delay and detection elements exist at the same event  type tells how much delay has been used before detection  three types in the model JERE PELTONEN Type H  no delay before detection  whole delay is calculated  for example: a PIR detector that detects an intruder at the beginning of a hallway JERE PELTONEN www.ysecurity.net 29
Jere Peltonen Type K  half of delay before detection  half of delay is calculated  for example: a PIR detector that detects an intruder when he has moved midway of a hallway JERE PELTONEN Type J  all delay before detection  no delay of particular delay element is taken into accounct in calculation  for example: magnetic contacts at a door, which give detection only after the lock has been picked and door opens JERE PELTONEN www.ysecurity.net 30
Jere Peltonen Example Window 95%/H/30s/10s Wall Safe Door 0%/7200s/3000s 95%/J/300s/100s 95%/H/7200s/3000s JERE PELTONEN Example Door 95%/J/300s/100s Please note that the terminology in TUREAN JERE PELTONEN screenshots used in this presentation is in Finnish. The TUREAN tool is available in English also. Check www.yhteisturvallisuus.net or www.ysecurity.net www.ysecurity.net 31
Jere Peltonen Example Window 95%/H/30s/10s JERE PELTONEN Example Wall 0%/7200s/3000s JERE PELTONEN www.ysecurity.net 32
Jere Peltonen Example Safe ! 95%/H/7200s/3000s JERE PELTONEN Example Going back ! 95%/H/60s/20s JERE PELTONEN www.ysecurity.net 33
Jere Peltonen Example JERE PELTONEN Example Report JERE PELTONEN www.ysecurity.net 34
Jere Peltonen Example JERE PELTONEN Example The worst probability of interruption is with the route that goes through the wall!! WHY?? JERE PELTONEN www.ysecurity.net 35
Jere Peltonen EXERCISE  analyze using the following values JERE PELTONEN 0% / 600s / 200s 0% / 60s / 20s 0% / 120s / 20s Alternative events 1 1 1 7 6 0%/120s/20s 5 5 4 3 2 0%/60s/20s 3 3 0%/600s/200s 1 Crossing fence JERE PELTONEN 1 Locked gate 1 Going through www.ysecurity.net 36
Jere Peltonen JERE PELTONEN 0% / 60s / 10s Alternative events 1 1 2 1 7 6 1 5 5 4 3 0%/60s/10s 1 3 3 1 JERE PELTONEN 2 Moving accross the yard www.ysecurity.net 37
Jere Peltonen 0% / 7200s / 3000s 95% / H / 30s / 10s 95% / J / 300s / 100s Alternative events 1 3 1 2 3 1 3 7 6 1 5 5 4 2 95%/J/300s/100s 1 0%/7200s/3000s 95%/H/30s/10s 1 3 Going through JERE PELTONEN 3 Window 3 Locked door 95% / H / 60s / 10s Alternative events 1 3 1 2 3 4 1 3 7 6 1 5 5 3 2 95%/H/60s/10s 1 3 3 1 JERE PELTONEN 4 Moving inside www.ysecurity.net 38
Jere Peltonen 0% / 3600s / 1000s 95% / J / 300s / 100s Alternative events 1 3 5 1 2 3 4 5 1 3 7 6 1 95%/J/300s/100s 0%/3600s/1000s 4 3 2 1 3 3 1 5 Going through JERE PELTONEN 5 Locked door 95% / H / 20s / 5s Alternative events 1 3 5 1 2 3 4 6 5 1 3 7 95%/H/20s/5s 1 5 5 4 3 2 1 3 3 1 JERE PELTONEN 6 Moving inside www.ysecurity.net 39
Jere Peltonen 95% / H / 7200s / 3000s Alternative events 1 3 5 1 2 3 4 6 7 5 1 3 95%/H/7200s/3000s 6 1 5 5 4 3 2 1 3 3 1 JERE PELTONEN 7 Safe 95% / H / 300s / 100s Alternative events 1 3 5 1 2 3 4 6 7 8 5 1 3 7 6 1 5 5 4 3 2 1 3 3 95%/H/300s/100s 1 JERE PELTONEN 8 Going back www.ysecurity.net 40
Jere Peltonen Other values  response time 900 s / standard deviation 300 s  reliability 95% JERE PELTONEN First results JERE PELTONEN www.ysecurity.net 41
Jere Peltonen Sorted and colored result list JERE PELTONEN JERE PELTONEN www.ysecurity.net 42
Jere Peltonen EXERCISE  the safe is open  delay 0 s, standard deviation 0 s JERE PELTONEN Results JERE PELTONEN www.ysecurity.net 43
Jere Peltonen Results { JERE PELTONEN JERE PELTONEN www.ysecurity.net 44
Jere Peltonen Questions? TUREAN tool is available for free at www.yhteisturvallisuus.net or www.ysecurity.net JERE PELTONEN www.ysecurity.net 45

Recommended

USliittovaltio
USliittovaltioUSliittovaltio
USliittovaltio
Jere Peltonen
 
Poikkeustilannetoimintakyky
PoikkeustilannetoimintakykyPoikkeustilannetoimintakyky
Poikkeustilannetoimintakyky
Jere Peltonen
 
CYBERBULLYING
CYBERBULLYINGCYBERBULLYING
CYBERBULLYING
Reynante Tagum
 
Gatorade Brand Vision Presenation
Gatorade Brand Vision PresenationGatorade Brand Vision Presenation
Gatorade Brand Vision Presenation
brianabrochu
 
Disaster management and role of nurse
Disaster management and role of nurseDisaster management and role of nurse
Disaster management and role of nurse
AIIMS, Rishikesh
 
6 Physical Security
6 Physical Security6 Physical Security
6 Physical Security
Alfred Ouyang
 
Bullying thesis
Bullying thesisBullying thesis
Bullying thesis
none
 
Lecture5 - C4.5
Lecture5 - C4.5Lecture5 - C4.5
Lecture5 - C4.5
Albert Orriols-Puig
 

Recommended

USliittovaltio
USliittovaltioUSliittovaltio
USliittovaltio
Jere Peltonen
 
Poikkeustilannetoimintakyky
PoikkeustilannetoimintakykyPoikkeustilannetoimintakyky
Poikkeustilannetoimintakyky
Jere Peltonen
 
CYBERBULLYING
CYBERBULLYINGCYBERBULLYING
CYBERBULLYING
Reynante Tagum
 
Gatorade Brand Vision Presenation
Gatorade Brand Vision PresenationGatorade Brand Vision Presenation
Gatorade Brand Vision Presenation
brianabrochu
 
Disaster management and role of nurse
Disaster management and role of nurseDisaster management and role of nurse
Disaster management and role of nurse
AIIMS, Rishikesh
 
6 Physical Security
6 Physical Security6 Physical Security
6 Physical Security
Alfred Ouyang
 
Bullying thesis
Bullying thesisBullying thesis
Bullying thesis
none
 
Lecture5 - C4.5
Lecture5 - C4.5Lecture5 - C4.5
Lecture5 - C4.5
Albert Orriols-Puig
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
Marius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
Expeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
Pixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
ThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
marketingartwork
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
Skeleton Technologies
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
Neil Kimberley
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
contently
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
Albert Qian
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
Kurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
SpeakerHub
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
Tessa Mero
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Lily Ray
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
Rajiv Jayarajah, MAppComm, ACC
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
Christy Abraham Joy
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
Vit Horky
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
MindGenius
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
RachelPearson36
 

More Related Content

Featured

How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
ThinkNow
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
Kurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
SpeakerHub
 

Featured (20)

2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
 

Physical security analysis tool

  • 1. Jere Peltonen Estimate of Multiple Adversary Sequence Interruption Jere Peltonen, CPP linkedin.com/in/jerepeltonen EASI  EASI (Estimate of Adversary Sequence Interruption)  Sandia National Laboratories  U.S. Department of Energy  EASI has been used to analyze e.g. physical security arrangements of nuclear facilities JERE PELTONEN www.ysecurity.net 1
  • 2. Jere Peltonen What is analyzed?  Structural arrangements  Surveillance JERE PELTONEN What are the results?  probability of failure of unauthorized entry in other words  probability of successful interruption JERE PELTONEN www.ysecurity.net 2
  • 3. Jere Peltonen EASI  can be used easily to analyze arrangements that follow the principle of concentric protection layers JERE PELTONEN EASI / TUREAN  Basic EASI does not calculate alternative routes of entry  TUREAN application of EASI calculates all alternative routes JERE PELTONEN www.ysecurity.net 3
  • 4. Jere Peltonen Why to use?  To get more reliable information JERE PELTONEN Why to use?  Security arrangements cost money  On the other hand, to not use any arrangements can be very costly mistake  We must find the optimum solution, that does not cost too much, but gives adequate protection JERE PELTONEN www.ysecurity.net 4
  • 5. Jere Peltonen Why to use?  The security expert or manager needs to make his/her case to the people that have the money  He/she must demonstrate the vulnerabilities of existing arrangements  He/she must demonstrate the effectiveness of planned arrangements with regard to protection of assets JERE PELTONEN Why to use?  Existing or planned arrangements may be good as such, but the chain is only as strong as its weakest link  TUREAN finds the weakest links JERE PELTONEN www.ysecurity.net 5
  • 6. Jere Peltonen Why to use?  To get clear numerical information that can be used to  find the existing weaknesses  test the effectiveness of planned arrangements  justify the necessary new arrangements JERE PELTONEN Why to use?  TUREAN is an excellent tool for teaching analytical approach JERE PELTONEN www.ysecurity.net 6
  • 7. Jere Peltonen How to get numerical information?  calculate the probability of successfull detection and alarm And  calculate the probability that remaining time will be enough to interrupt the entry JERE PELTONEN How to get numerical information?  the probability of successful detection and alarm is calculated using the reliability of detection elements and detection-to-response reliability JERE PELTONEN www.ysecurity.net 7
  • 8. Jere Peltonen Detection elements  anything that may detect the unauthorized entry and execute the alarm (intrusion detectors, local guards, passers-by) JERE PELTONEN How to get numerical information?  the probability that remaining time allows interruption is calculated by  adding up delay values of all delay elements, taking into account the real world uncertainties of the values, and  comparing it to the response time value, taking into account the uncertainty JERE PELTONEN www.ysecurity.net 8
  • 9. Jere Peltonen Delay elements  Anything that may delay the intruder (door, window, wall, fence, lock, etc.) JERE PELTONEN 3 most essential terms  Delay  Detection  Response time JERE PELTONEN www.ysecurity.net 9
  • 10. Jere Peltonen Other terms  Probability  Type  Normal distribution  Sequence of events  Expected value  Zone  Standard deviation  Intrusion route JERE PELTONEN Concentric layers of protection SAFE DOOR WINDOW DOOR GATE WINDOW FENCE JERE PELTONEN www.ysecurity.net 10
  • 11. Jere Peltonen Intrusion route JERE PELTONEN Sequence of events 7 6 5 4 2 1 3 JERE PELTONEN www.ysecurity.net 11
  • 12. Jere Peltonen Alternative events (=alternative routes) 7 6 1 5 5 4 3 2 1 3 3 1 JERE PELTONEN Alternative events 1 1 1 7 6 1 5 5 4 3 2 3 1 3 1 1 Crossing the fence JERE PELTONEN 1 Locked gate 1 Through the fence www.ysecurity.net 12
  • 13. Jere Peltonen Alternative events 1 1 2 1 7 6 1 5 5 4 3 2 1 3 3 1 JERE PELTONEN 2 Moving across the yard Alternative events 1 3 1 2 3 1 3 7 6 1 5 5 2 4 3 1 3 3 1 3 Making a hole JERE PELTONEN 3 Window 3 Locked door www.ysecurity.net 13
  • 14. Jere Peltonen Alternative events 1 3 1 2 3 4 1 3 7 6 1 5 5 3 2 4 1 3 3 1 JERE PELTONEN 4 Moving inside Alternative events 1 3 5 1 2 3 4 5 1 3 7 6 1 5 5 4 3 2 1 3 3 1 5 Making a hole JERE PELTONEN 5 Locked door www.ysecurity.net 14
  • 15. Jere Peltonen Alternative events 1 3 5 1 2 3 4 6 5 1 3 7 1 6 5 5 4 3 2 1 3 3 1 JERE PELTONEN 6 Moving inside Alternative events 1 3 5 1 2 3 4 6 7 5 1 3 7 6 1 5 5 4 3 2 1 3 3 1 JERE PELTONEN 7 Safe www.ysecurity.net 15
  • 16. Jere Peltonen Alternative events 1 3 5 1 2 3 4 6 7 8 5 1 3 7 6 1 5 5 4 3 2 1 3 3 1 JERE PELTONEN 8 Going back the same or different route Alternative events 1 3 5 1 2 3 4 6 7 8 5 1 3 7 6 1 5 5 4 3 2 1 3 3 1 JERE PELTONEN 18 ALTERNATIVE INTRUSION ROUTES www.ysecurity.net 16
  • 17. Jere Peltonen Delay 30 s Event 1 30 s Total JERE PELTONEN Delay 30 s Event 1 60 s Event 2 90 s Total JERE PELTONEN www.ysecurity.net 17
  • 18. Jere Peltonen Delay 30 s Event 1 60 s Event 2 45 s Event 3 135 s Total JERE PELTONEN Delay 30 s Event 1 60 s Event 2 45 s Event 3 45 s Event 4 180 s Total JERE PELTONEN www.ysecurity.net 18
  • 19. Jere Peltonen Delay, detection 30 s Event 1 60 s Event 2 45 s Event 3 45 s Event 4 180 s Total 1st JERE PELTONEN possibility of detection ->detection Delay, detection, response time 30 s Event 1 60 s Event 2 45 s Event 3 45 s Event 4 180 s Total Response time 105 s 1st JERE PELTONEN possibility of detection ->detection www.ysecurity.net 19
  • 20. Jere Peltonen Delay, detection, response time successful interruption 30 s Event 1 60 s Event 2 45 s Event 3 45 s Event 4 180 s Total Response time 105 s 1st Interruption JERE PELTONEN possibility of detection ->detection Delay, detection, response time ??? 30 s Event 1 60 s Event 2 45 s Event 3 45 s Event 4 180 s Total Response time 1st JERE PELTONEN possibility of detection but NO detection www.ysecurity.net 20
  • 21. Jere Peltonen Delay, detection, response time ??? 30 s Event 1 60 s Event 2 45 s Event 3 45 s Event 4 180 s Total Response time 1st 1st JERE PELTONEN possibility of detection detection but NO detection Delay, detection, response time ??? 30 s Event 1 60 s Event 2 45 s Event 3 45 s Event 4 180 s Total Response time 105 s 1st 1st JERE PELTONEN possibility of detection detection but NO detection www.ysecurity.net 21
  • 22. Jere Peltonen Delay, detection, response time unsuccessful interruption 30 s Event 1 60 s Event 2 45 s Event 3 45 s Event 4 180 s Total Response time 105 s 1st 1st Interruption JERE PELTONEN possibility of detection detection but NO detection Delay, detection, response time  the example uses exact times for the sake of concept simplicity  in the real world, there exists a level of uncertainty that has to be taken into account somehow JERE PELTONEN www.ysecurity.net 22
  • 23. Jere Peltonen Delay, detection, response time  uncertainty is modelled by assuming that all times follow the normal distribution (Gaussian curve) JERE PELTONEN Normal distribution JERE PELTONEN www.ysecurity.net 23
  • 24. Jere Peltonen Normal distribution = single measurement measurements 0 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 JERE PELTONEN Normal distribution ?? = single measurement measurements 10 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 10 JERE PELTONEN value 50 is measured 10 times www.ysecurity.net 24
  • 25. Jere Peltonen Normal distribution = single measurement measurements 10 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 10 JERE PELTONEN value 50 is measured 10 times Normal distribution = single measurement measurements 11 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 1 1 1 2 1 2 1 1 1 JERE PELTONEN value 50 is measured 2 times www.ysecurity.net 25
  • 26. Jere Peltonen Normal distribution = single measurement measurements 41 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 1 2 2 3 3 2 4 5 4 4 3 3 2 2 1 JERE PELTONEN value 50 is measured 5 times Normal distribution = single measurement measurements 86 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 1 1 1 1 2 2 2 4 4 9 8 10 9 9 8 5 3 2 1 1 2 1 JERE PELTONEN value 50 is measured 10 times www.ysecurity.net 26
  • 27. Jere Peltonen Normal distribution = single measurement measurements 86 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 1 1 1 1 2 2 2 4 4 9 8 10 9 9 8 5 3 2 1 1 2 1 JERE PELTONEN value 50 is measured 10 times Standard deviation  standard deviation is a value that shows how much and how often real world times vary around the expected value JERE PELTONEN www.ysecurity.net 27
  • 28. Jere Peltonen Standard deviation Real world times vary quite lot and often from the expected value µ -s µ +s standard deviation 3,8 JERE PELTONEN Standard deviation Real world times vary not so much and not so often as in previous example -s µ +s standard deviation 2,2 JERE PELTONEN www.ysecurity.net 28
  • 29. Jere Peltonen Type  when delay and detection elements exist at the same event  type tells how much delay has been used before detection  three types in the model JERE PELTONEN Type H  no delay before detection  whole delay is calculated  for example: a PIR detector that detects an intruder at the beginning of a hallway JERE PELTONEN www.ysecurity.net 29
  • 30. Jere Peltonen Type K  half of delay before detection  half of delay is calculated  for example: a PIR detector that detects an intruder when he has moved midway of a hallway JERE PELTONEN Type J  all delay before detection  no delay of particular delay element is taken into accounct in calculation  for example: magnetic contacts at a door, which give detection only after the lock has been picked and door opens JERE PELTONEN www.ysecurity.net 30
  • 31. Jere Peltonen Example Window 95%/H/30s/10s Wall Safe Door 0%/7200s/3000s 95%/J/300s/100s 95%/H/7200s/3000s JERE PELTONEN Example Door 95%/J/300s/100s Please note that the terminology in TUREAN JERE PELTONEN screenshots used in this presentation is in Finnish. The TUREAN tool is available in English also. Check www.yhteisturvallisuus.net or www.ysecurity.net www.ysecurity.net 31
  • 32. Jere Peltonen Example Window 95%/H/30s/10s JERE PELTONEN Example Wall 0%/7200s/3000s JERE PELTONEN www.ysecurity.net 32
  • 33. Jere Peltonen Example Safe ! 95%/H/7200s/3000s JERE PELTONEN Example Going back ! 95%/H/60s/20s JERE PELTONEN www.ysecurity.net 33
  • 34. Jere Peltonen Example JERE PELTONEN Example Report JERE PELTONEN www.ysecurity.net 34
  • 35. Jere Peltonen Example JERE PELTONEN Example The worst probability of interruption is with the route that goes through the wall!! WHY?? JERE PELTONEN www.ysecurity.net 35
  • 36. Jere Peltonen EXERCISE  analyze using the following values JERE PELTONEN 0% / 600s / 200s 0% / 60s / 20s 0% / 120s / 20s Alternative events 1 1 1 7 6 0%/120s/20s 5 5 4 3 2 0%/60s/20s 3 3 0%/600s/200s 1 Crossing fence JERE PELTONEN 1 Locked gate 1 Going through www.ysecurity.net 36
  • 37. Jere Peltonen JERE PELTONEN 0% / 60s / 10s Alternative events 1 1 2 1 7 6 1 5 5 4 3 0%/60s/10s 1 3 3 1 JERE PELTONEN 2 Moving accross the yard www.ysecurity.net 37
  • 38. Jere Peltonen 0% / 7200s / 3000s 95% / H / 30s / 10s 95% / J / 300s / 100s Alternative events 1 3 1 2 3 1 3 7 6 1 5 5 4 2 95%/J/300s/100s 1 0%/7200s/3000s 95%/H/30s/10s 1 3 Going through JERE PELTONEN 3 Window 3 Locked door 95% / H / 60s / 10s Alternative events 1 3 1 2 3 4 1 3 7 6 1 5 5 3 2 95%/H/60s/10s 1 3 3 1 JERE PELTONEN 4 Moving inside www.ysecurity.net 38
  • 39. Jere Peltonen 0% / 3600s / 1000s 95% / J / 300s / 100s Alternative events 1 3 5 1 2 3 4 5 1 3 7 6 1 95%/J/300s/100s 0%/3600s/1000s 4 3 2 1 3 3 1 5 Going through JERE PELTONEN 5 Locked door 95% / H / 20s / 5s Alternative events 1 3 5 1 2 3 4 6 5 1 3 7 95%/H/20s/5s 1 5 5 4 3 2 1 3 3 1 JERE PELTONEN 6 Moving inside www.ysecurity.net 39
  • 40. Jere Peltonen 95% / H / 7200s / 3000s Alternative events 1 3 5 1 2 3 4 6 7 5 1 3 95%/H/7200s/3000s 6 1 5 5 4 3 2 1 3 3 1 JERE PELTONEN 7 Safe 95% / H / 300s / 100s Alternative events 1 3 5 1 2 3 4 6 7 8 5 1 3 7 6 1 5 5 4 3 2 1 3 3 95%/H/300s/100s 1 JERE PELTONEN 8 Going back www.ysecurity.net 40
  • 41. Jere Peltonen Other values  response time 900 s / standard deviation 300 s  reliability 95% JERE PELTONEN First results JERE PELTONEN www.ysecurity.net 41
  • 42. Jere Peltonen Sorted and colored result list JERE PELTONEN JERE PELTONEN www.ysecurity.net 42
  • 43. Jere Peltonen EXERCISE  the safe is open  delay 0 s, standard deviation 0 s JERE PELTONEN Results JERE PELTONEN www.ysecurity.net 43
  • 44. Jere Peltonen Results { JERE PELTONEN JERE PELTONEN www.ysecurity.net 44
  • 45. Jere Peltonen Questions? TUREAN tool is available for free at www.yhteisturvallisuus.net or www.ysecurity.net JERE PELTONEN www.ysecurity.net 45