Publications

Results 26–47 of 47
Skip to search filters

LinguisticBelief: a java application for linguistic evaluation using belief, fuzzy sets, and approximate reasoning

Darby, John

LinguisticBelief is a Java computer code that evaluates combinations of linguistic variables using an approximate reasoning rule base. Each variable is comprised of fuzzy sets, and a rule base describes the reasoning on combinations of variables fuzzy sets. Uncertainty is considered and propagated through the rule base using the belief/plausibility measure. The mathematics of fuzzy sets, approximate reasoning, and belief/ plausibility are complex. Without an automated tool, this complexity precludes their application to all but the simplest of problems. LinguisticBelief automates the use of these techniques, allowing complex problems to be evaluated easily. LinguisticBelief can be used free of charge on any Windows XP machine. This report documents the use and structure of the LinguisticBelief code, and the deployment package for installation client machines.

More Details
TYPE SAND Report YEAR 2007
OSTIDOI

Linguistic evaluation of terrorist scenarios: example application

Darby, John

In 2005, a group of international decision makers developed a manual process for evaluating terrorist scenarios. That process has been implemented in the approximate reasoning Java software tool, LinguisticBelief, released in FY2007. One purpose of this report is to show the flexibility of the LinguisticBelief tool to automate a custom model developed by others. LinguisticBelief evaluates combinations of linguistic variables using an approximate reasoning rule base. Each variable is comprised of fuzzy sets, and a rule base describes the reasoning on combinations of variables fuzzy sets. Uncertainty is considered and propagated through the rule base using the belief/plausibility measure. This report documents the evaluation and rank-ordering of several example terrorist scenarios for the existing process implemented in our software. LinguisticBelief captures and propagates uncertainty and allows easy development of an expanded, more detailed evaluation, neither of which is feasible using a manual evaluation process. In conclusion, the Linguistic-Belief tool is able to (1) automate an expert-generated reasoning process for the evaluation of the risk of terrorist scenarios, including uncertainty, and (2) quickly evaluate and rank-order scenarios of concern using that process.

More Details
TYPE SAND Report YEAR 2007
OSTIDOI

Evaluation of terrorist risk using belief and plausibility

Proceedings of the 8th International Conference on Probabilistic Safety Assessment and Management, PSAM 2006

Darby, John

The risk for a particular threat scenario can be evaluated as: Risk = fA * (1 - PE) * C where fA is the frequency of the attack, PE is the probability that the security system detects and neutralizes the attack, and C is the consequence if the attack is not neutralized. Risk has the units of consequence per unit time. Most evaluations of the effectiveness of a security system assume that the threat scenario is implemented and evaluate the conditional risk, given the attack. As the Design Basis Threat (DBT) has increased, traditional physical security starting at the facility boundary is hard pressed to counter the increased resources available to the adversary. Other aspects of security need to be considered including the use of intelligence to detect the threat during its formulation stage. Most of the evaluations to date have used a probabilistic approach, but for an overall evaluation of Risk the fidelity of the information available is insufficient to support the use of an entirely probabilistic approach. For example, it is difficult to assign a probability measure to the frequency of an attack, fA; a possibility measure is more appropriate. Both probability and possibility are special cases of belief, and using a belief measure for the three factors for Risk allows the risk to be evaluated including uncertainty consistent with the fidelity of the information available. If all terms in the risk equation are modeled with probability, the convolution process using belief is equivalent to standard convolution of probability distributions. If all terms in the risk equation are modeled with possibility, the convolution process using belief is equivalent to convolution of possibility distributions. A computer program named BeliefRisk has been written in Mathematica to implement the evaluation of Risk. Each factor in the Risk equation is modeled as a discrete set of values, and a distribution reflecting uncertainty is assigned to each set of values. Probability, possibility, or belief can be used as the metric for uncertainty for each factor. Risk is calculated by convoluting the uncertainty distributions for each constituent factor for risk using the mathematics of belief. A belief/plausibility distribution and an expected value interval are calculated for Risk. Also, belief and plausibility exceedance values are calculated for Risk. Belief can also be calculated for an infinite set on the reals given evidence on a finite number of intervals in the set. A computer program named BeliefConvolution has been written in Java to evaluate belief and plausibility for an algebraic combination of variables, each with evidence assigned to intervals of real numbers. For evaluation of Risk, BeliefConvolution provides identical results as BeliefRisk. BeliefConvolution has the ability to aggregate evidence into either linear or logarithmic bins. BeliefConvolution can calculate belief and plausibility for both crisp and fuzzy sets. © 2006 by ASME.

More Details
TYPE Conference YEAR 2006
ScopusOSTI

Critical infrastructure systems of systems assessment methodology

Depoy, Jennifer M.; Phelan, James M.; Sholander, Peter E.; Varnado, G.B.; Wyss, Gregory D.; Darby, John; Walter, Andrew W.

Assessing the risk of malevolent attacks against large-scale critical infrastructures requires modifications to existing methodologies that separately consider physical security and cyber security. This research has developed a risk assessment methodology that explicitly accounts for both physical and cyber security, while preserving the traditional security paradigm of detect, delay, and respond. This methodology also accounts for the condition that a facility may be able to recover from or mitigate the impact of a successful attack before serious consequences occur. The methodology uses evidence-based techniques (which are a generalization of probability theory) to evaluate the security posture of the cyber protection systems. Cyber threats are compared against cyber security posture using a category-based approach nested within a path-based analysis to determine the most vulnerable cyber attack path. The methodology summarizes the impact of a blended cyber/physical adversary attack in a conditional risk estimate where the consequence term is scaled by a ''willingness to pay'' avoidance approach.

More Details
TYPE SAND Report YEAR 2006
OSTIDOI

Evaluation of risk from acts of terrorism :the adversary/defender model using belief and fuzzy sets

Darby, John

Risk from an act of terrorism is a combination of the likelihood of an attack, the likelihood of success of the attack, and the consequences of the attack. The considerable epistemic uncertainty in each of these three factors can be addressed using the belief/plausibility measure of uncertainty from the Dempster/Shafer theory of evidence. The adversary determines the likelihood of the attack. The success of the attack and the consequences of the attack are determined by the security system and mitigation measures put in place by the defender. This report documents a process for evaluating risk of terrorist acts using an adversary/defender model with belief/plausibility as the measure of uncertainty. Also, the adversary model is a linguistic model that applies belief/plausibility to fuzzy sets used in an approximate reasoning rule base.

More Details
TYPE SAND Report YEAR 2006
OSTIDOI
Results 26–47 of 47
Results 26–47 of 47