CREATE OVERVIEW

1
CREATE OVERVIEW

• Detlof von Winterfeldt
• Professor of Industrial and Systems Engineering
• Professor of Public Policy and Management
• Center for Risk and Economic Analysis of
  Terrorism Events
• University of Southern California
• Fall, 2008

2
Four Years of CREATE
July, 2008
March, 2004
3
Why Risk Analysis?

• .We have to identify and prioritize risks --
  understanding the threat, the vulnerability and
  the consequence. And then we have to apply our
  resources in a cost-effective manner..

4
Why Economic Analysis?

• If their economy is destroyed, they will be busy
  with their own affairs rather than enslaving the
  weak peoples. It is very important to
  concentrate on hitting the US economy through all
  possible means.

5
CREATE is an Interdisciplinary Center

• Social Science
• Economics
• Psychology
• Political Science
• Engineering
• Industrial and Systems Engineering (OR)
• Civil Engineering
• Computer Science
• Other
• Public Policy
• Decision Science
• International Relations

6
CREATE is an (Inter)national Center
7
CREATE Researchers

• 40 faculty members
• 40 tenure track faculty members
• 10 adjunct, research professors, etc.
• 20 Other Researchers
• 6 Postdoctoral Research Associates
• 14 research scientists, computer scientists, etc.
• 40 Research Assistants
• Mix of Ph.D. and Masters students
• First batch of Ph.D. students graduated in 2007
• Quality Indicators
• Ten researchers with 1,000 citations (ISI Web of
  Science)
• One member of the NAS, two members of the NAE
• Two presidents, four fellows of INFORMS

8
CREATE Models

• Risk Assessment
• Probabilistic Risk Analysis
• Game Theory
• Terrorist Utility Models
• Economic Assessment
• Advanced Economic Impact Models (I/O and CGE)
• Economic Analyses of Terrorist Behavior
• Models of Public Responses and Resilience
• Risk Management
• Dynamic, Adaptive Decision Analysis
• Game theoretic models for inspections and patrols
• Optimal Resource Allocation Models

9
Examples of Center Projects and Products
Applied Research Projects Analysis of dirty bomb
attacks on ports Allocation of funds to critical
infrastructure Economic analysis of bioterrorism
events Randomization of inspections and patrols
Fundamental Research Projects Game theory
extensions to terrorism problems Decision
analysis with adaptive responses Probabilistic
models of terrorist preferences Network
reliability and failure models
Software Development Risk Analysis Workbench
(RAW) MANPADS Decision Tree Software National
Interstate Economic Impact Model Randomization
software
10
(No Transcript)
11
CREATE Research Framework
Risk Assessment
Economic Assessment
Risk Management
12
CREATE Research Framework
Risk Assessment
Threat Assessment
Consequence Assessment
Vulnerability Assessment
13
CREATE Research Framework
Risk Assessment
Threat Assessment
Consequence Assessment
Vulnerability Assessment
Valuation of Direct Econ. Consequences

Estimation of Indirect Econ. Consequences
Economic Assessment
Assessment of Resilient Responses
14
Overall Framework
Economic Assessment
Risk Assessment
Threat Assessment
Consequence Assessment
Vulnerability Assessment
Valuation Of Direct Consequences

Assessment of Indirect Econ. Consequences
Response Recovery
Prevention
Protection
Cost-Benefit Decision Analysis
Risk Management
15
Risk Analysis Over 30 Years of Experience

• Reliability engineering (aerospace industry)
• Nuclear power plant risks
• Chemical and other industrial risks
• Environmental risks
• Natural disaster risks
• Business, project and RD risks
• Medical risks

16
Attempts to Apply Risk Analysis to Terrorism

• Probabilistic risk analysis
• Dynamic adaptive decision tree analysis
• Game theory
• Vulnerability and risk scoring systems
• ____________________________________
• Hardest Part Threat Analysis

17
Lugar Report Threat Probabilities
18
Selected Participants in the Luger Study

• Richard Allen
• Graham Allison
• Frank Carlucci
• Bill Cohen
• James Dobbins
• Amitai Etzione
• Bob Galluci
• Sig Hecker
• Ron Lehman

• Michael Moodie
• Sam Nunn
• Noman Schwarzkopf
• Strobe Talbott
• James Woolsey
• 70 others

19
Assessing the Threat of Bioterrorism
Non-communicable
20
Expert Elicitation

• Elicitation of selection probabilities of 28
  agents
• Four bioterrorism experts
• Two risk analysts (Hora, von Winterfeldt)
• Hierarchical elicitation
• Software support

21
Expert Elicitation- Observations

• A few biological agents float to the top for all
  experts (and non-experts)
• Worked well with experts who had biological
  knowledge
• Some problems with experts who did not have
  biological knowledge
• Nevertheless High correlation between experts
  risk assessments (0.87)

22
Terrorists Utility Functions

• Develop a muliattribute utility function for
  terrorists preferences for attack modes and
  targets
• Initial focus on Al Quaeda and selected attack
  modes
• Develop an expected utility function
• Folding in probability of success
• Develop a random expected utility model
• Using parameter uncertainty
• Derive probabilities of choice
• Initially for Al Quade and choice of attack modes

23
Radical Islamist Fundamentalists Goals
Attack US
Attack Arab States
Attack Israel
Recruit Followers
24
Source Admiral Sullivan, 2006
The expanse of the Caliphate by 1500 included
most of Africa, the middle east, much of SW Asia,
and SE Europe.
In A.D. 900, the Caliphate included most of
present day Spain and portions of France and
Italy
The enemy is focused on the history of the Muslim
world which drives much of the extremist
ideology
24
25
Restoring the Historical Caliphate(Source
Admiral Sullivan, 2006)
25
26
Terrorists Value Tree
High Value Attack on US
27
Attack Alternatives Considered
ALTERNATIVES
No attack (baseline)
IED engine room of naval vessel
Explosion resulting in dam failure
MANPADS attack on airplane
Portable nuclear bomb in major city
Explosions on mass transport(s)
Release of anthrax (movie or sports)
Detonation of dirty bomb
Smallpox release in major city
28
Event Tree Indicates various possible points of
failure
Successful Attack
Success
PS
Trigger Event
Success
PI
Failed Attack
Interdiction?
Failure
Success
PM
1-PS
Failed Attack
Material Acquisition?
Failure
1-PI
Failed Attack
Failure
1-PM
29
Attack Utility (conditional on Success)
Attack Type Utility (assuming successful attack)
No Attack 0.16
IED 0.18
Dam Explosion 0.17
Manpad 0.16
Portable Nuclear Device 0.45
Transport. Systems 0.17
Anthrax 0.26
Dirty Bomb 0.18
Smallpox 0.46
30
Expected Utility of Attack(including event tree
uncertainties)
Attack Type Expected Utility
No Attack 0.16
IED 0.14
Dam Explosion 0.11
Manpad 0.10
Portable Nuclear Device 0.06
Transport. Systems 0.12
Anthrax 0.11
Dirty Bomb 0.08
Smallpox 0.07
31
Overall Framework
Economic Assessment
Risk Assessment
Threat Assessment
Consequence Assessment
Vulnerability Assessment
Valuation Of Direct Consequences

Assessment of Indirect Econ. Consequences
Response Recovery
Prevention
Protection
Cost-Benefit Decision Analysis
Risk Management
32
Smart Randomization (Tambe et al)

• Terrorists monitor defenses, exploit patterns
• Examples Patrols, inspections, surveillance
• Randomize defenses, maintain quality

33
Defender and Attacker Game(Stackelberg game)
34
Expected Utility of Attacker
35
Solution

• Set p(Defend A) to minimize attackers maximum
  expected utility
• Also maximizes defenders minimum expected
  utility
• Example p 11/17

36
Extensions

• Non-zero sum
• Multiple targets
• Multiple attackers
• Constraints on real world patrols
• Fast algorithms
• Real world implementation

37
Assistant for Randomized Monitoring Over Routes
(ARMOR) Project
An Interdisciplinary Counter-Terrorism Research
Partnership Los Angeles World Airports The
University of Southern California
38
ARMOR System
ARMOR Knowledge Base
DOBSS GAME THEORY ALGORITHMS
Provide inputs, constraints
Weights for randomization
Randomized Schedule generation
Schedule evaluation
39
(No Transcript)
40
September 28, 2007
The Element of Surprise To help combat the
terrorism threat, officials at Los Angeles
International Airport are introducing a bold new
idea into their arsenal random placement of
security checkpoints. Can game theory help keep
us safe?
Security forces work the sidewalk at LAX
41
Resource Allocation to Protect Infrastructure
Assets

• Develop practical decision analysis tools for
  allocating Department of Homeland Security funds
• First case study BZPP Fund Allocation
• Conducted with the California Governor's Office
  of Homeland Security

42
Selected Sites in California
Chemical High fatality potential
Commercial high threat
Dams Fatality economic impact potential
43
Only Five Inputs Required per Site

• Threat Probability of Attack (P)
• Vulnerability Probability Attack Succeeds (Q)
• Consequences Expected Loss if Attack Succeeds
  (L) -equivalent losses
• Loss Reduction Loss Reduction with RMP (0 lt R lt
  1)
• Cost Cost of Risk Reduction (C)
• Expected loss No RMP EL PQL With RMP
  EL PQL(1-R) C
• Net loss reduction (EL - EL) PQLR C

44
Three Sectors Appeared to Be Higher Risk
45
Consequence Analysis for Dams
46
Sector Prioritizations Dams
47
Consequence Analysis for Chemical Plants
48
Observations

• CA OHS found the analysis useful
• Much improved over previous year
• Increased credibility
• Sector based prioritization was considered very
  helpful
• Identified critical needs for future analyses
• Threat probability is still a problem
• Need to better assess effectiveness of risk
  reduction
• Ongoing work
• Develop criteria for assessment of risks
• Assess risks and risk reduction effectiveness
• Robust allocation models

49
Some Conclusions

• Risk assessment remains difficult
• Too many possible attack scenarios need
  screening
• Adversaries seek vulnerabilities and high impact
  - need improved threat and vulnerability analysis
• Probabilities of threats and attacks shift - need
  game sciences
• Economic impacts are critical
• Indirect economic impacts often overshadow direct
  ones
• Public responses can create large indirect
  economic impacts
• Need strategy for addressing public concerns
• Risk management focus helps
• Focus on what can be done, not what to worry
  about
• Many variables do not matter for decisions
• Eliminate clearly inferior options

50
The Main ChallengeHow Secure is Secure Enough?

• We will never be completely secure
• The costs of increasing security increase
  dramatically when we get close to zero risk
• Increasing security may create other risks,
  inconveniences, and restrict civil liberties