The Role of Modeling and Simulation in Risk-Informed Security Decision Making

Physical Security Modeling and Simulation (PSMS) provides unique benefits to the strategic and tactical decisions across a nuclear security enterprise. As security managers increasingly turn to PSMS tools for insights into their facility and fleet security performance, they face a common challenge of how best to implement these tools and how to incorporate them into their existing processes and organization. When operated within their design specifications, PSMS tools have progressed to a point that they can be counted on to produce a high-quality measurement of the facility’s security posture and risk profile. Two key challenges exist before these tools can be successfully applied in an organization’s decision- support process: 1) How to take available data and facility knowledge and transform it into the required input data for a PSMS analysis. It is common for an organization to incur significant expense and frustration because of misunderstandings regarding required input data; 2) Lack of a context for how the PSMS analysis results will fit into existing decision processes, regulatory requirements, and security design requirements of the organization. The desire to engage promising and powerful technologies such as PSMS often causes an organization to launch into analyses without well thought-out and documented expectations. Using a PSMS process implemented at more than two-dozen nuclear facilities, this paper demonstrates how an organization can address these challenges and establish a process for ensuring all applications of PSMS achieve expectations and efficiency from time and cost perspectives. The solutions presented are geared primarily toward strategic risk-informed decision-making in order to complement the continuous risk management approaches that are typical in an organization’s nuclear security culture. To address the first challenge, solutions are provided for producing threat scenarios; computer models of the facility and the structures, systems, and components; and performance data for the security components to be analyzed. The second challenge is addressed by providing a suggested decision process along with examples and best practices for using PSMS results in decisions regarding nuclear facility security.