60 Matching Results

Search Results

Advanced search parameters have been applied.

Analysis of insider threats against computerized nuclear materials accountability applications

Description: DOE Order 5633.3B requires that nuclear material accountability (MA) systems provide for (1) tracking material inventories, (2) documenting material transactions, (3) issuing periodic reports, and (4) assisting in the detection of- unauthorized system access, data falsification, and material gains or losses. Insider threats against the MA system represent the potential to degrade the integrity with which these requirements are addressed (e.g., altering data to misrepresent the quantity or location of nuclear material). In this paper, we describe a methodology for evaluating potential insider threats against both current and future (e.g., client-server network) MA software applications. The methodology comprises a detail yet practical taxonomy for characterizing various types of MA system/software applications and their implementation options. This taxonomy facilitates the systematic collection and organization of key information that helps spotlight such things as stag of information flow, transaction procedures, or auditing procedures potentially susceptible to inside falsification. Methodology benefits include helping MA managers and policy makers: (1) examine proposed software designs or modifications with respect to how they might reduce or increase exposure to insider threats; and (2) better understand safeguards cost (e.g., operational hindrances) and benefit (resistance to falsification) tradeoffs of different system/software alternatives.
Date: July 1, 1995
Creator: Jones, E. & Sicherman, A.
Partner: UNT Libraries Government Documents Department

Retractable spiked barrier strip for law enforcement

Description: The Idaho National Engineering Laboratory has designed an laboratory tested a prototype retractable spiked barrier strip for law enforcement. The proposed system, which is ready for controlled field testing, expands the functionality of existing spiked barrier strips. A retractable barrier strip, one that can place the spikes in either the active (vertical) or passive (horizontal) position, would allow law enforcement personnel to lay the unobtrusive strip across a road far in advance of a fleeing vehicle. No damage occurs to passing vehicles until the spikes are activated, and that can be done from a safe distance and at a strategic location when the offending vehicle is close to the strip. The concept also allows the strips to be place safely across several roadways that are potential paths of a fleeing vehicle. Since they are not activated until needed, they are harmless to nonoffending vehicles. The laboratory tests conducted on the system indicate that it will puncture tires only when the spikes are rotated to the active position and is safe to travel over when the spikes are in the down position. The strip itself will not cause instability to a vehicle driving over it, nor is the strip disturbed or adversely affected by vehicles driving over it. The spikes can be quickly rotated between the active (vertical) and passive (horizontal) position. However, the laboratory tests have only demonstrated that the retractable spiked barrier strip can perform its intended function in a laboratory environment. Field tests are needed to finalize the design and develop the system into a functional law enforcement tool.
Date: March 1, 1995
Creator: Marts, D.J. & Barker, S.G.
Partner: UNT Libraries Government Documents Department

Modelling adversary actions against a nuclear material accounting system

Description: A typical nuclear material accounting system employing double-entry bookkeeping is described. A logic diagram is used to model the interactions of the accounting system and the adversary when he attempts to thwart it. Boolean equations are derived from the logic diagram; solution of these equations yields the accounts and records through which the adversary may disguise a SSNM theft and the collusion requirements needed to accomplish this feat. Some technical highlights of the logic diagram are also discussed.
Date: April 1, 1979
Creator: Lim, J.J. & Huebel, J.G.
Partner: UNT Libraries Government Documents Department

The ASSESS (Analytic System and Software for Evaluating Safeguards and Security) Outsider module with multiple analyses

Description: The Analytic System and Software for Evaluating Safeguards and Security (ASSESS) includes modules for analyzing vulnerabilities against outsider and insider adversaries. The ASSESS Outsider Analysis Module has been upgraded to allow for defining, analyzing, and displaying the results of multiple analyses. Once a set of threat definitions have been defined in one Outsider file, they can be readily copied to other Outsider files. This multiple analysis, or batch, mode of operation provides an efficient way of covering the standard DOE outsider threat spectrum. A new approach for coupling the probability of interruption, P(I), values and values calculated by the ASSESS Neutralization module has been implemented in Outsider and is described. An enhanced capability for printing results of these multiple analyses is also included in the upgraded Outside module. 7 refs., 7 figs., 1 tab.
Date: January 1, 1990
Creator: Snell, M.K.; Winblad, A.E. (Sandia National Labs., Albuquerque, NM (USA)); Bingham, B.; Key, B. & Walker, S. (Science and Engineering Associates, Inc., Albuquerque, NM (USA))
Partner: UNT Libraries Government Documents Department

Evaluation of safeguards procedures: a summary of a methodology

Description: A methodology for the evaluation of safeguards procedures is described. As presently conceptualized, the methodology will consist of the following steps: (1) expansion of the general protection requirements that are contained in the NRC regulations into more detailed but still generic requirements for use at the working level; (2) development of techniques and formats for using the working-level requirements in an evaluation; (3) development of a technique for converting specific facility protection procedures into a format that will allow comparison with the working-level requirements; (4) development of an evaluation technique for comparing the facility protection procedures to determine if they meet the protection requirements.
Date: March 8, 1979
Creator: Salisbury, J.D. & Savage, J.W.
Partner: UNT Libraries Government Documents Department

Monte-Carlo approach to the generation of adversary paths

Description: This paper considers the definition of a threat as the sequence of events that might lead to adversary success. A nuclear facility is characterized as a weighted, labeled, directed graph, with critical adversary paths. A discrete-event, Monte-Carlo simulation model is used to estimate the probability of the critical paths. The model was tested for hypothetical facilities, with promising results. (DLC)
Date: January 1, 1977
Partner: UNT Libraries Government Documents Department

Optimal improvement of networks to nuclear safeguards problems: an alternate view

Description: Networks have been used to model fixed-site security systems and to determine optimal travel routes of thieves or saboteurs. Considered here is the problem of upgrading the security by optimally investing in means to increase the travel time and/or detection probabilities over the arcs of the network. It is shown how to formulate a single linear programming problem to answer the following question. If the cost of increasing travel time is linear for each arc, what is the minimum amount of money one must invest to guarantee that there does not exist a path for thief or saboteur of length less than a fixed time T.
Date: August 1, 1979
Creator: Slater, P.J.
Partner: UNT Libraries Government Documents Department

Aggregated systems model: a tool for nuclear safeguards decision-making

Description: Setting performance criteria for systems that safeguard special nuclear material (SNM) involves many considerations: characteristics of adversaries attempting to divert SNM, safeguards response to attempts, costs of safeguards systems, and the consequences of diverted SNM. This paper describes an Aggregated Systems Model which is designed to assist decision makers integrate and evaluate consistently these diverse factors. Results from applying the model to a hypothetical facility handling SNM are summarized. The paper also describes a new performance criterion designed to measure the effectiveness of a safeguard system in deterring adversaries.
Date: October 4, 1979
Creator: Al-Ayat, R.; Judd, B. & Huntsman, J.
Partner: UNT Libraries Government Documents Department

A Long-Range Video Observation Post

Description: The Long Range Video Observation Post (LRVOP) Project is a cooperative effort between the US and a Middle Eastern country to develop an improved version of their current video observation post. This project is part of a larger effort to cooperatively develop anti-terrorist technology. This particular equipment is required to facilitate the recording and identification of humans at a range of 1000 meters in day-light and 500 meters at night. The project objective was to take advantage of recent advances in camera technology, recorders, and image processing to provide an significant increase in performance with only a minimum increase in size, weight, and cost. The goal of the project was to convert the users general needs and desires into specific requirements that could be bid on by several companies. This paper covers the specific performance requirements, generally describe the components that might be used, and concentrate on describing the more difficult issues and technical challenges.
Date: July 1, 1995
Creator: Arlowe, D.
Partner: UNT Libraries Government Documents Department

Performance estimates for personnel access control systems

Description: Current performance estimates for personnel access control systems use estimates of Type I and Type II verification errors. A system performance equation which addresses normal operation, the insider, and outside adversary attack is developed. Examination of this equation reveals the inadequacy of classical Type I and II error evaluations which require detailed knowledge of the adversary threat scenario for each specific installation. Consequently, new performance measures which are consistent with the performance equation and independent of the threat are developed as an aid in selecting personnel access control systems.
Date: October 1, 1980
Creator: Bradley, R. G.
Partner: UNT Libraries Government Documents Department

Procedure for the assessment of material control and accounting systems

Description: The current status of the LLL program for MC and A system assessment is reviewed. Particular emphasis is given to the assessment procedure and results. The integrated approach we have taken includes many of the functions normally assigned to physical security. Deceit and tampering are explicitly considered. The results of such a detailed assessment include a systematic identification of adversary targets; the most vulnerable portions of the safeguards system; the number and type of adversaries required, in collusion, to fail the system; and the conditional probabilities of safeguard system failure for a variety of assumptions. The assessment procedure was demonstrated by analyzing a prototype fuel cycle facility, the Test Bed. We believe our methodology will be useful to the NRC as a means of performing detailed, objective assessments. The nuclear industry also should find it valuable as a design tool.
Date: June 9, 1978
Creator: Maimoni, A.; Sacks, I. & Cleland, L.
Partner: UNT Libraries Government Documents Department

Overview of the structured assessment approach and documentation of algorithms to compute the probability of adversary detection

Description: The Structured Assessment Approach was applied to material control and accounting systems at facilities that process Special Nuclear Material. Four groups of analytical techniques were developed for four general adversory types. Probabilistic algorithms were developed and compared with existing algorithms. 20 figures. (DLC)
Date: December 15, 1978
Creator: Rice, T.R. & Derby, S.L.
Partner: UNT Libraries Government Documents Department

Tempering of accounts and records to disguise SNM theft

Description: A typical nuclear material accounting system employing double-entry bookkeeping is described. A logic diagram is used to model the interactions of the accounting system and the adversary when he attempts to thwart it. Boolean equations are derived from the logic diagram; solution of these equations yields the accounts and records through which the adversary may disguise SNM theft and the collusion requirements needed to accomplish this feat.
Date: July 1, 1979
Creator: Lim, J.J. & Huebel, J.G.
Partner: UNT Libraries Government Documents Department

Methodology for characterizing potential adversaries of Nuclear Material Safeguards Systems

Description: The results are described of a study by Woodward--Clyde Consultants to assist the University of California Lawrence Livermore Laboratory in the development of methods to analyze and evaluate Nuclear Material Safeguards (NMS) Systems. The study concentrated on developing a methodology to assist experts in describing, in quantitative form, their judgments about the characteristics of potential adversaries of NMS Systems.
Date: November 1, 1978
Creator: Kirkwood, C.W. & Pollock, S.M.
Partner: UNT Libraries Government Documents Department

Impact of sensor-scene interaction on the design of an IR security surveillance system

Description: Recent encouraging developments in infrared staring arrays with CCD readouts and in real time image processors working on and off the focal plane have suggested that technologies suitable for infrared security surveillance may be available in a two-to-five year time frame. In anticipation of these emerging technologies, an investigation has been undertaken to establish the design potential of a passive IR perimeter security system incorporating both detection and verification capabilities. To establish the design potential, it is necessary to characterize the interactions between the scene ad the sensor. To this end, theoretical and experimental findings were employed to document (1) the emission properties of scenes to include an intruder, (2) the propagation and emission characteristics of the intervening atmosphere, and (3) the reception properties of the imaging sensor. The impact of these findings are summarized in the light of the application constraints. Optimal wavelengths, intruder and background emission characteristics, weather limitations, and basic sensor design considerations are treated. Although many system design features have been identified to this date, continued efforts are required to complete a detailed system design to include the identifying processing requirements. A program to accomplish these objectives is presented.
Date: January 1, 1982
Creator: Claassen, J.P. & Phipps, G.S.
Partner: UNT Libraries Government Documents Department

Workshop materials from the 2nd international training course on physical protection of nuclear facilities and materials, Module 13

Description: This course is intended for representatives of countries where nuclear power is being developed and whose responsibilities include the preparation of regulation and the design and evaluation of physical protection systems. This is the second of two volumes; the first volume is SAND-79-1090. (DLC)
Date: April 1, 1980
Creator: Martin, F. P.
Partner: UNT Libraries Government Documents Department

Generic physical protection logic trees

Description: Generic physical protection logic trees, designed for application to nuclear facilities and materials, are presented together with a method of qualitative evaluation of the trees for design and analysis of physical protection systems. One or more defense zones are defined where adversaries interact with the physical protection system. Logic trees that are needed to describe the possible scenarios within a defense zone are selected. Elements of a postulated or existing physical protection system are tagged to the primary events of the logic tree. The likelihood of adversary success in overcoming these elements is evaluated on a binary, yes/no basis. The effect of these evaluations is propagated through the logic of each tree to determine whether the adversary is likely to accomplish the end event of the tree. The physical protection system must be highly likely to overcome the adversary before he accomplishes his objective. The evaluation must be conducted for all significant states of the site. Deficiencies uncovered become inputs to redesign and further analysis, closing the loop on the design/analysis cycle.
Date: October 1, 1981
Creator: Paulus, W.K.
Partner: UNT Libraries Government Documents Department

Denial technology, the neglected security element

Description: Even though there has been an increased concern over providing adequate security during the past decade, and even though some aspects of existing security systems have been enhanced during this period, much remains to be done to provide that balance which is so necessary to have all elements function as an effective unit. The area that primarily has been neglected is the delay element - the part of the system which makes possible the needed time for the security force to respond after an intrustion is detected and prior to the adversary attaining his desired goal. The purpose of this paper is to address the vulnerabilities of a security system which exist without the proper delay elements and to suggest how current technology can provide, through the use of activated barriers, that needed delay time to bring the system into balance. Security managers desire reliability and effectiveness; plant managers require safety, non-interference with operations, cost considerate capability, and aesthetic application - these characteristics will be addressed in the context of providing the required delay. This paper, hopefully, will set the stage for dialogue between developer and user, yielding a mutally acceptable approach to balanced security protection.
Date: January 1, 1982
Creator: Mauney, C.H.
Partner: UNT Libraries Government Documents Department

Users guide for EASI graphics

Description: EASI (Estimate of Adversary Sequence Interruption) is an analytical technique for measuring the effectiveness of physical protection systems. EASI Graphics is a computer graphics extension of EASI which provides a capability for performing sensitivity and trade-off analyses of the parameters of a physical protection system. This document reports on the implementation of EASI Graphics and illustrates its application with some examples.
Date: March 1, 1978
Creator: Sasser, D.W.
Partner: UNT Libraries Government Documents Department

Commercially available video motion detectors

Description: A market survey of commercially available video motion detection systems was conducted by the Intrusion Detection Systems Technology Division of Sandia Laboratories. The information obtained from this survey is summarized in this report. The cutoff date for this information is May 1978. A list of commercially available video motion detection systems is appended.
Date: January 1, 1979
Partner: UNT Libraries Government Documents Department

Safeguards methodology development history

Description: The development of models for the evaluation and design of fixed-site nuclear facility, physical protection systems was under way in 1974 at Sandia Laboratories and has continued to the present. A history of the evolution of these models and the model descriptions are presented. Several models have been and are continuing to be applied to evaluate and design facility protection systems.
Date: January 1, 1979
Creator: Chapman, L.D.; Bennett, H.A.; Engi, D.; Grady, L.M.; Hulme, B.L. & Sasser, D.W.
Partner: UNT Libraries Government Documents Department

Definition, development, and demonstration of analytical procedures for the structured assessment approach. Final report

Description: Analytical procedures were refined for the Structural Assessment Approach for assessing the Material Control and Accounting systems at facilities that contain special nuclear material. Requirements were established for an efficient, feasible algorithm to be used in evaluating system performance measures that involve the probability of detection. Algorithm requirements to calculate the probability of detection for a given type of adversary and the target set are described.
Date: April 15, 1979
Partner: UNT Libraries Government Documents Department

Structural properties of the material control and accounting system

Description: A unified digraph approach is proposed for the assessment of the structure of the MC and A System. The approach emphasizes the two structural aspects of the system: vulnerability and reliability. Vulnerability is defined as a possibility of loosing connectedness in a given structure due to line and/or node removals. It is purely deterministic notion which leads to a qualitative analysis of redundancy of connections in the corresponding system. Reliability of the MC and A System structure provides a more quantitative way of assessing how safe the system is to random failures of the links representing lines of communication, material paths, monitors, and the components of the power supply network. By assigning probabilities to the lines and nodes of the corresponding digraph, the least reliable path can be used as a measure of the goodness of the system, which can be computed by efficient shortest path algorithms. Both vulnerability and reliability considerations are important in determining the effect of tampering of an adversary with the elements of the MC and M System.
Date: December 1, 1978
Partner: UNT Libraries Government Documents Department

Adversary modeling: an analysis of criminal activities analogous to potential threats to nuclear safeguard systems

Description: This study examines and analyzes several classes of incidents in which decision makers are confronted with adversaries. The classes are analogous to adversaries in a material control system in a nuclear facility. Both internal threats (bank frauds and embezzlements) and external threats (aircraft hijackings and hostage-type terrorist events were analyzed. (DLC)
Date: December 20, 1978
Creator: Heineke, J.M.
Partner: UNT Libraries Government Documents Department