TY - JOUR
T1 - Tackling uncertainty in security assessment of critical infrastructures
T2 - Dempster-Shafer Theory vs. Credal Sets Theory
AU - Misuri, Alessio
AU - Khakzad, Nima
AU - Reniers, Genserik
AU - Cozzani, Valerio
PY - 2018
Y1 - 2018
N2 - Securing critical infrastructures is a complex task. Required information is usually scarce or inexistent, and experts’ judgments may be inaccurate and biased. In this paper, two methodologies dealing with data scarcity, imprecision, and uncertainty are presented: Evidential network and Credal network. Evidential network is a graphical technique based on Dempster-Shafer Theory to explicitly model the propagation of epistemic uncertainty among variables while Credal network is an extension of Bayesian network to deal with sets of probabilities, known as Credal sets, based on experts’ judgments. Both methodologies constitute robust frameworks to account for high degree of imprecision on data, producing informative results despite the low-informative input. In the present study, the power in expressing uncertainty of these two methodologies have been showed, and their differences have been described through their application to a case study of security vulnerability assessment. Results demonstrate the substantial equivalence of the two methodologies in prognostic analysis, thus, an approximate updating procedure of Evidential network through equivalent Credal network has been proposed, to overcome the lack of possibility to compute updating in the context of Dempster-Shafer Theory.
AB - Securing critical infrastructures is a complex task. Required information is usually scarce or inexistent, and experts’ judgments may be inaccurate and biased. In this paper, two methodologies dealing with data scarcity, imprecision, and uncertainty are presented: Evidential network and Credal network. Evidential network is a graphical technique based on Dempster-Shafer Theory to explicitly model the propagation of epistemic uncertainty among variables while Credal network is an extension of Bayesian network to deal with sets of probabilities, known as Credal sets, based on experts’ judgments. Both methodologies constitute robust frameworks to account for high degree of imprecision on data, producing informative results despite the low-informative input. In the present study, the power in expressing uncertainty of these two methodologies have been showed, and their differences have been described through their application to a case study of security vulnerability assessment. Results demonstrate the substantial equivalence of the two methodologies in prognostic analysis, thus, an approximate updating procedure of Evidential network through equivalent Credal network has been proposed, to overcome the lack of possibility to compute updating in the context of Dempster-Shafer Theory.
KW - Attack tree
KW - Bayesian network
KW - Credal network
KW - Dempster-Shafer Theory
KW - Evidential network
KW - Security vulnerability assessment
KW - Uncertainty modeling
UR - http://www.scopus.com/inward/record.url?scp=85045714456&partnerID=8YFLogxK
U2 - 10.1016/j.ssci.2018.04.007
DO - 10.1016/j.ssci.2018.04.007
M3 - Article
AN - SCOPUS:85045714456
SN - 0925-7535
VL - 107
SP - 62
EP - 76
JO - Safety Science
JF - Safety Science
ER -