Fri Apr 8 06:51:39 PDT 2016

Risk Management: Threats: What design basis threat is used?


Options:

Codify the design basis threats and fill in the table as appropriate. Fill in details of attack mechanisms within combined capabilities for more in-depth analysis.

Decision:

Enter the identified design basis threat:

Design Basis ThreatFunding/jobSizeMotivesSkillHrs/taskAccessConcerns?Incidents??
THREAT NAME and/or description $$ ## Justice / Acceptance / Money / Malice / Insanity / Power / Patriotism / Revenge / Randomness / Exploration / Religion / Pride Low/Med/HighhrsInsider/Partner/Industry/Internet??
THREAT NAME and/or description $$ ## Justice / Acceptance / Money / Malice / Insanity / Power / Patriotism / Revenge / Randomness / Exploration / Religion / Pride Low/Med/HighhrsInsider/Partner/Industry/Internet??
THREAT NAME and/or description $$ ## Justice / Acceptance / Money / Malice / Insanity / Power / Patriotism / Revenge / Randomness / Exploration / Religion / Pride Low/Med/HighhrsInsider/Partner/Industry/Internet??
THREAT NAME and/or description $$ ## Justice / Acceptance / Money / Malice / Insanity / Power / Patriotism / Revenge / Randomness / Exploration / Religion / Pride Low/Med/HighhrsInsider/Partner/Industry/Internet??
THREAT NAME and/or description $$ ## Justice / Acceptance / Money / Malice / Insanity / Power / Patriotism / Revenge / Randomness / Exploration / Religion / Pride Low/Med/HighhrsInsider/Partner/Industry/Internet??
THREAT NAME and/or description $$ ## Justice / Acceptance / Money / Malice / Insanity / Power / Patriotism / Revenge / Randomness / Exploration / Religion / Pride Low/Med/HighhrsInsider/Partner/Industry/Internet??
THREAT NAME and/or description $$ ## Justice / Acceptance / Money / Malice / Insanity / Power / Patriotism / Revenge / Randomness / Exploration / Religion / Pride Low/Med/HighhrsInsider/Partner/Industry/Internet??
THREAT NAME and/or description $$ ## Justice / Acceptance / Money / Malice / Insanity / Power / Patriotism / Revenge / Randomness / Exploration / Religion / Pride Low/Med/HighhrsInsider/Partner/Industry/Internet??
THREAT NAME and/or description $$ ## Justice / Acceptance / Money / Malice / Insanity / Power / Patriotism / Revenge / Randomness / Exploration / Religion / Pride Low/Med/HighhrsInsider/Partner/Industry/Internet??
Design basis threat

Basis:

The design basis threat is the threat used as the basis for design. Since it is infeasible for most organizations to address every possible threat, risk managers, and typically the chief executive, make a decision about a set of archetypical threats that will be addressed by their security architecture. These should be specified in terms used in the enterprise and additional details identified as appropriate in the table.

Given the DBT, attack mechanisms to be considered in analysis should then be identified based on the assessment of capabilities and intents. A good place to start might be the all.net Database at http://all.net/game?what=Responder

An example of a design basis threat for high risk might be the one defined in the Nuclear Regulatory Commission's 10 CFR 73. Here is an extract:

    (1) Radiological sabotage.

      (i) A determined violent external assault, attack by stealth, or deceptive actions, including diversionary actions, by an adversary force capable of operating in each of the following modes:

      • A single group attacking through one entry point,
      • multiple groups attacking through multiple entry points,
      • a combination of one or more groups and one or more individuals attacking through multiple entry points,
      • or individuals attacking through separate entry points,
      with the following attributes, assistance and equipment:

        (A) Well-trained (including military training and skills) and dedicated individuals, willing to kill or be killed, with sufficient knowledge to identify specific equipment or locations necessary for a successful attack;

        (B) Active (e.g., facilitate entrance and exit, disable alarms and communications, participate in violent attack) or passive (e.g., provide information), or both, knowledgeable inside assistance;

        (C) Suitable weapons, including handheld automatic weapons, equipped with silencers and having effective long range accuracy;

        (D) Hand-carried equipment, including incapacitating agents and explosives for use as tools of entry or for otherwise destroying reactor, facility, transporter, or container integrity or features of the safeguards system; and

        (E) Land and water vehicles, which could be used for transporting personnel and their hand-carried equipment to the proximity of vital areas; and

      (ii) An internal threat; and

      (iii) A land vehicle bomb assault, which may be coordinated with an external assault; and

      (iv) A waterborne vehicle bomb assault, which may be coordinated with an external assault; and

      (v) A cyber attack.

    (2) Theft or diversion of formula quantities of strategic special nuclear material.

      (i) A determined violent external assault, attack by stealth, or deceptive actions, including diversionary actions, by an adversary force capable of operating in each of the following modes:
      • a single group attacking through one entry point,
      • multiple groups attacking through one or more groups and one or individuals attacking through multiple entry points,
      • or individuals attacking through separate entry points,
      with the following attributes, assistance and equipment:

        (A) Well-trained (including military training and skills) and dedicated individuals, willing to kill or be killed, with sufficient knowledge to identify specific equipment or locations necessary for a successful attack;

        (B) Active (e.g., facilitate entrance and exit, disable alarms and communications, participate in violent attack) or passive (e.g., provide information), or both, knowledgeable inside assistance;

        (C) Suitable weapons, including handheld automatic weapons, equipped with silencers and having effective long range accuracy;

        (D) Hand-carried equipment, including incapacitating agents and explosives for use as tools of entry or for otherwise destroying reactor, facility, transporter, or container integrity or features of the safe-guards system;

        (E) Land and water vehicles, which could be used for transporting personnel and their hand-carried equipment; and

      (ii) An internal threat; and

      (iii) A land vehicle bomb assault, which may be coordinated with an external assault; and

      (iv) A waterborne vehicle bomb assault, which may be coordinated with an external assault; and

      (v) A cyber attack.

Copyright(c) Fred Cohen, 1988-2015 - All Rights Reserved