Protecting the Complex: An Integrated Approach to Vulnerability, Risk and Robustness

Protecting and securing critical nuclear infrastructure remains a top concern around the world. Since the turn of the century, there has been a greater understanding of the variety and complexity of threats and catastrophes that make this infrastructure vulnerable. Within the nuclear energy complex, a vulnerability/risk analysis approach is being taken to protect assets. This approach is based on a static model of threat identifications and determination of their probabilities along with the response­time calculations. Layered systems of protection have been designed and analyzed, and the vulnerability of the nuclear energy complex has then been quantified. These methods are proven and successful in many applications; however, the complexities of both the infrastructure to be protected and the threats are continually evolving. If we assume that the overall system is dynamic without the ability to foresee all possible threats, then the question becomes how to deal with unexpected, unforeseen threats. In other words, once a threat is detected several layers deep in the system and that threat is in a position and situation that should not be possible based on the scenarios in the vulnerability assessment, what do we do? How to we prevent the threat from happening again? And how do we learn to anticipate threats of this type in the future? One model involves a recursive process of (1) sensing, (2) anticipating, (3) adapting, and (4) learning within the system. In this model, “Sensing” is the identification/detection of a new threat against the system, and the ability to incorporate this new threat into our understanding of the whole system. “Anticipating” is the ability to postulate possible outcomes related to a sensed threat that could be a crisis or disaster. Anticipation does not involve forecasting or determining probabilities, but it exists to assist with adaption strategies. “Adapting” is the response taken by the organization to deal with the sensed threat. “Learning” is the process by which new knowledge gained can be incorporated back into the risk/vulnerability deterministic model. It is our contention that a pursuit of this model of robustness is necessary and complementary to vulnerability analysis modeling for the management and protection of the nuclear energy complex.