Decision Theory and Risk Analysis: Some organising questions

1
Decision Theory and Risk Analysis Some
organising questions
David Rios Insua
Jesus Rios Risk
Analysis, Extreme Event and Decision Theory
Program, SAMSI Stats and
OR, U. Rey Juan Carlos
Interneg, Concordia U. Durham NC, September
07
2
Outline

• Background
• Risk analysis framework
• Adversarial risk analysis several approaches
• Final questions

3
Background Risk analysis

• Risk assessment. Information on the extent and
  characteristics of risk attributed to a hazard.
• Risk management. Activities undertaken to control
  the hazard
• Risk communication. Exchange of info and opinion
  concerning risk and risk-related factors among
  risk assessors, risk managers and other
  interested parties.

4
Background Our interest in RA

• Interest in risk management in project management
  driven by auctions
• Interest in negotiation analysis in political
  decision making

5
BackgroundRisk challenges in a complex world

• Sao Paulo airport accident
• Population has increased facilities previously
  remote, now close to lots of population
• Chinese toys
• Use of toxic or potentially toxic materials
  increased, genetically modified organisms
• Climate change
• Public much more aware of hazards posed to humans
• Estonian hacker attack
• Need to protect critical infrastructures to
  assure continuity of a nation. Interconnected
  international infrastructures
• EU Water directives
• Government agencies tend to involve the public,
  multiplicity of stakeholders
• Awareness about equity with respect to risks
• ..

6
Back Risk mgt in project mgt

• Standard practice 1
• Increase costs by a default 25. If very
  uncertain, further add 5
• Risk management is current top priority for top
  executives
• Standard practice 2
• For each incurred cost provide minimum, most
  likely, maximum. Fit triangular distributions.
  Simulate.

7
Background risk mgt in ICT

• Singpurwalla (2006) they often do a credible
  job analyzing the causes of software failure, but
  then quantify their uncertainties using a myriad
  of analytical techniques, many of them ad hoc.
  This has caused concern about the
  state-of-the-art of software risk assessment
• www.enisa.europa.eu/rmra/rm_ra_tools.html
• (2007) Putting numbers on such risks may be at
  best dubious and at worse will only result in
  spurious accuracy
• Probabilities (ordinal scale)
• 1 zero, 2 very low,., 6 very high, 7 certain
• Impact (ordinal scale)
• 1 none, 2 small, 3 large, 4 catastrophic
• Comparison with current system
• 1 additional, 2 increased, 3 neutral, 4
  decreased, 5 eliminated

8
Background Many criteria, guiding principles,
some unformalised

• Many methods for assessing (eg Covello,
  Merkhofer, 93) and expressing (eg Stern, Fineburg
  96)
• Value at Risk
• Maximum loss over a target horizon such that
  there is a low, prespecified probability (defined
  as the confidence level) that the actual loss
  will be larger
• As Low as Reasonably Practicable/Achievable
• Ideal and Upper Limits to probability of death as
  a result of operation of a system

9
Question 1

• Many unformalised criteria, very different in
  various fields.
• Could we unify them through decision theory,
  decision analysis?

10
A framework for risk analysis/mgt starting
assumptions

• Firstly informed by project management, auctions.
  Later by counterterrorism
• Only interested in (project) cost, initially
• An existing project design, initially
• Only another participant (if any)
• Aim. Maximise expected utility (most times)

11
Risk analysis and mgt. framework (Single DM)

• Forecast costs under normal circumstances
• Identify hazard events, estimate probabilities
  and impacts on costs (additional induced costs)
• Forecast costs (a mixture model). Compute
  expected utility
• Identify interventions, estimate impact on
  probabilities and/or costs.
• Compute expected utilities. Choose best
  intervention

12
Basic setting

• Design given (no interventions, status quo)

13
Question 2. Uncertainty in costs??

• SAMSI RA-EV-DT page
• To a significant extent costs are not treated as
  random
• RAND, 2006. Better methods for analyzing Cost
  Uncertainty can improve acquisition
  decisionmaking
• OSD have historically underestimated the cost of
  buying new weapon systems
• Davey (2000)
• Preventing project escalation costs
• Garvey (2000)
• Probability Methods for Cost Uncertainty Analysis

14
Question 2. Uncertainty in costs??

• Model (Palomo, RI, Ruggeri, 2008)
• Impact of future technological
• Advances (Harville, Yaschin, 2007)

15
Basic setting

• Design given

• Including choice of design

16
Risk assessement

• Likelihood and impact of identified hazards

• Expected utility after risk assessed

• Impact of risks

17
Question 3? Modeling hazards Risk assessment

• Extreme event models
• As in Palomo, Rios Insua, Ruggeri (2007)
• K potentially disruptive eventsnothing happens.
  Beta binomial for their probabilities q
• Independent case
• Beta marginalsDeterministic constraints
• Copulas
• Limiting interactions (Dirichlet-multinomial)
• Gravity (Additional cost). (max, min, mode) Beta

18
Risk management

• Intervention to be chosen

• Gain through managed risk

19
Adversarial risks

• Other intelligent participants
• Auctions for large projects,
  Counterterrorism, Regulators,
• Their actions influence my risks
• My actions influence their risks
• Some nodes might be shared
• Possibly conflicting interests, but possibly
  cooperating,

20
Adversarial risks Just me
21
Adversarial risks Me and other
22
Adversarial risks Modelling 3
23
Adversarial risks. Solving 1 Game Theoretic
approach

• Forecast costs and model preferences for me
• Forecast costs under normal circumstances
• It. under abnormal circumstances (RA)
• Model preferences
• Estimate costs and preferences for others
• Solve problem (Nash equilibrium??)
• Summarise solutions

24
Adversarial risks. Solving 2 Game Theoretic
approach

• Computing best responses
• Computing my best intervention given
• Computing my best strategy given

25
Adversarial risks. Solving 3 Game Theoretic
approach

• Iterative elimination of dominated actions
• Mainly used in discrete settings but SEF
• Sample policies, Evaluate policies, Filter
  dominated ones
• May be used to focus attention on interesting
  policies

26
Adversarial risks. Solving 4 Game Theoretic
approach

• Nash equilibrium

27
Adversarial risks. Solving 5 Game Theoretic
approach

• Nash equilibrium (Auctions with risk I)

Decision to be made bid If winner, win
bid-costs (once costs realised) If not,
win 0
28
Adversarial risks. Solving 5 bis Game Theoretic
approach

• Nash equilibrium (Auctions with risk II)

29
Adversarial risks. Solving 5 tris Game Theoretic
approach

• Nash equilibrium (Auctions with risk III)

Under certain technical general conditions, if
all participants are constant risk averse, there
is a unique equilibrium Palomo, Rios Insua,
Ruggeri (2008).
30
Adversarial risks. Questions 4,5,6 Game
Theoretic approach

• Compute equilibria in influence diagrams,
• Common and uncommon structures (Koller and
  Milsch, 2003 Rios and Rios Insua, 2008)
• Compute equilibria for various types of utility
  functions
• Summarise solutions
• Efficient implementations of SEF
• Role of MCMC (Augmented probability simulation)
• .

31
Adversarial risks. Solving 6 Game Theoretic
approach

• Critics to game theoretic approach
• Full and common knowledge of the game by the
  players
• FOTE, FOTID
• Simultaneous decision making
• What if not unique
• Social dilemmas
• Implementation of security initiatives in
  international networks requires contribution of
  all members
• each member is better off if he defects and the
  rest contribute
• But if everyone defects the result is worse than
  if they would cooperate
• Cooperation incentives
• Disclose free rider identities, reward for
  cooperation, punishment for defect,..
• Equilibria are not tools for giving partisan
  advise

32
Adversarial risks Bayesian approach

• An symmetrically prescriptive/descriptive
  approach to negotiation analysis (Raiffa, Kadane,
  Larkey,)
• Prescriptive advice to one party conditional on a
  (probabilistic) description of how others will
  behave
• Based on MABOO analysis from auctions
• Estimate
• Probabilities of the others uncertain
  costsThink about how the other would assess
  these probabilities
• Preferences of the other over his costs
• Treat the other participant decisions as
  uncertain
• Assess probabilities over the others decision
  actions
• Choose strategy that maximises my expected utility

33
Adversarial risks Bayesian approach
34
Question 7

• How to assess the probability of other
  participants actions, e.g.
• Sensitivity/Robustness analysis

35
Adversarial risks. A negotiation approach

• Even in disputed settings, negotiate
• Terrorism, example of Spain
• Until a few months ago, government negotiating
  with Basque terrorist organisation the
  opposition party strongly against it. Now, at
  least in public, no negotiations.
• Auctions, temporary unions of (competing)
  enterprises
• Cooperation between France and Spain against
  terrorism
• Negotiation a decision making process in which
  two or more parts communicate and exchange ideas,
  arguments and offers to satisfy their needs and
  achieve their objectives educating and informing
  their rivals, possibly modifying their relations
  and making concessions to reach an agreement
• (Concessions, Joint gains, Pareto frontier
  exploration)

36
Adversarial risks How to reach a solution?
Balanced increment method

• Bliss point, Kalai-Smorodinsky solution

37
Adversarial risks Negotiations with BIM, first
steps

• Desirable properties of a negotiated solution
• Feasibility
• Efficiency
• Fairness
• Discreteness
• Rios, Kim,
• Rios Insua (2007)

UTILITY SPACE
38
Questions
BIM and other methods like BCM? How do they
compare Computational implementations in specific
structures like influence diagrams Role of MCMC
(augmented probability simulation)
39
Negotiations for adversarial risks. Intervention
portfolios

• Security system
• FMEA
• Critical event (successful terrorist attack) E
• Failure modes
• Logical relations between them, e.g.
• Adversarial agent 's (terrorists) possible
  actions
• Elicit probabilities of failure modes given
  adversarial actions
• and probabilities of each adversarial action

40
Negotiations for adversarial risks. Intervention
portfolios

• Compute probability of critical event under the
  logical model
• (ind)
• Is it below an acceptable bound,

41
Questions

• Probability elicitations
• Include consequences (not just successful attack)
• Formalise through DT
• Assess acceptable level
• Should we consider values form experts, public,
  stakeholders?

42
Negotiations for adversarial risks. Intervention
portfolios

• If not acceptable
• Propose interventions improving failure mode
  occurrence
• Interventions entail limited resource consumption
  (money, human resources, )
• C maximum amount of money that can be spent
• H human resources
• R other limited resources
• Each proposal needs
• ci euros
• hi people working on it
• ri units of other limited resources

43
Negotiations for adversarial risks. Intervention
portfolios

• If proposal i is implemented
• Choosing a portfolio of interventions to improve
  system security affordable under limited resources

44
Negotiations for adversarial risks. Intervention
portfolios

• Portfolio of intervention proposals
• A feasible portfolio F should satisfy
• Select feasible portfolio of proposals which
  minimise failure probability p(EF)?

45
Negotiations for adversarial risks. Intervention
portfolios

• Assessment of P(EF)
• probabilities of adversarial actions (may be
  influenced by F)
• probabilities of failure modes when F is
  implemented

46
Negotiations for adversarial risks. Intervention
portfolios

• P(EF) under the previous logical model (
  ) ind
• Optimization problem
• Is p below acceptable bounds,

47
Questions

• Effective reassessment of probabilities
• Computation of objective function (when
  dependencies arise)
• Efficient solution of problem
• Other formulations
• Minimise costs for acceptable solution

48
Negotiations for adversarial risks. Intervention
portfolios

• If optimal portfolio of interventions not
  acceptable?
• Acceptable failure risk as a constraint
• Nondominated (infeasible) portfolios P.F.(c,h,r)
  
• How to select a unique F such that
• Multiobjective optimization
• Goal programming
• Goal G (C,H,R)
• Look for a point x (c h r) such that

49
Question

• Acceptable but infeasible interventions
  F.P.(c,h,r) F can be used as preparation for a
  negotiation with somebody for additional
  resources
• How to conduct such negotiations?
• Add new issues and trade them for necessary
  resources
• Logrolling

50
Negotiations for adversarial risks. Risk sharing
negotiations

• Terrorism as an international problem
• Uncertainty about which countries are targets of
  terrorism
• Responses to terrorist attacks (ex-post
  antiterrorist actions) requires resources that
  not all countries have
• This leads to international antiterrorist
  cooperation
• How to negotiate a priori a contingent ex-post
  antiterrorist response?
• Sharing risks resources

51
Negotiations for adversarial risks. Risk sharing
negotiaitions

• Participants
• Governments of two negotiating countries (G and
  G )
• Terrorists (T)
• T's possible actions
• Resources needed to respond to
  x
• G and G negotiate who contributes with how
  much resources
• Contribution of G x
• Contribution of G x
• Negotiators bottom line
• Limited resources of G R
• x lt R
• Limited resources of G R
• x lt R

x x gt x
52
Negotiations for adversarial risks. Risk sharing
negotiations

• Set resource contributions depend on what T will
  do
• Probabilistic assessments over
• Viewpoint of G
• Viewpoint of G
• A contingent contract specifies each ones
  contribution per

53
Negotiations for adversarial risks. Risk sharing
negotiations

• G and G agree on the contingent contract
• Analysis of joint gain opportunities
• FOTE or FOTID
• Is agreement Q a dominated contract?
• G G

54
Negotiations for adversarial risks. Risk sharing
negotiations
G
R
Q
x
Joint gains
Bliss point
G
R
x
55
Questions

• Securing insecure agreements
• Is agreement Q secure?
• Convert agreement Q in a Nash equilibrium
• Do we implement BIM or BCM or

56
Some final questions

• Public involvement in risk analysis is increasing
• Producing better decisions and outcomes
• Changing the manner in which decisions are made
  or deliberations are conducted
• Better information, better communication,
  increased confidence in institutions,
• More costs, Delayed processes
• Deliberative polls
• Referenda
• Workshops
• Negotiated rule making
• How to rationally support public involvement?
  E-democracy, E-participation
• Gregory, Fischoff, Mac Daniels (2005), Rios
  Insua, Kersten, Rios (2007)
• Risk communication

57

• IT COULD BE A FUN AT RISK YEAR AT SAMSI !!!!