Modeling risk as a polyhedron

Abstract

Risk analysts historically have employed several approaches when examining the risk of terrorism to critical infrastructure. However, frequently these approaches rely on statistical methods, which suffer from a lack of appropriate historical data to produce distributions and do not integrate epistemic uncertainty. Other concerns include locating appropriate subject matter experts who can provide judgment and undertaking an associated validation of these judgments. Given the current body of knowledge, the modeling and simulation community can assist risk analysts to develop more robust methods for the analysis of the risk of terrorism in a critical infrastructure. This paper proposes that risk should be modeled and evaluated as a function of the volume of a risk polyhedron with the key characteristics of the risk of terrorism represented as nodes and the relationship between the key characteristics forming the edges. Specific attention is given to development of the threat component of the risk equation. The values of the key characteristics, instantiated as the length of the edges, are defaulted to absolute uncertainty, the state where there is no information for, or against, a particular causal factor. By adjusting an edge length, the polyhedron’s volume either increases or decreases, depending on the informed state of the modeler. Furthermore, individual threat scenarios can be joined, or nested, to inform risk understanding and management.