UNCLASSIFIED
Criticality and Risk in
DODAF 2
DoD CIO Architecture and
Interoperability Directorate
September 2013
DISTRIBUTION STATEMENT A. Approved for public release; distribution is unlimited.
UNCLASSIFIED
UNCLASSIFIED
Topics
• Background and Requirements
• Source Definitions
• How to Implement in DODAF 2
September 2013
UNCLASSIFIED
2
UNCLASSIFIED
Background and Requirements
September 2013
UNCLASSIFIED
3
September 2013
UNCLASSIFIED
Classification Caveat
Information Assurance
Timeliness
Periodicity
Receiving Op Activity Name
and Identifier
Consumer
Classification
Protection (Type Name,
Duration, Date)
Receiving Op Node Name
and Identifier
Producer
Accountability
Sending Op Node Name
and Identifier
Sending Op Node Name
and Identifier
Interoperability Level
Triggering Event
Transaction Type
Nature of
Transaction
Integrity
Information Criticality
Performance
Attributes
Accuracy
Language
Mission/Scenario UJTL
or METL
Information Description
Dissemination Control
Confidentiality
Information
Exchange
Identifier
Availability
Needline
Identifier
Information
Exchange
Identifier
Content Description
Information Element Name
and Identifier
Needline
Identifier
Timeliness
Periodicity
UNCLASSIFIED
IER Criticality
• Criticality was IER attribute since 1990's
• Was in C4RDP and CJCSI 6212.01C
• In DoDAF 1.0:
Performance
Attributes
Security
4
UNCLASSIFIED
DoDAF 1.x / CADM Definitions
•
•
•
The attribute InformationCriticalityCode is formally defined as “The code that represents
the seriousness of the benefit that the information exchange element provides to the
objective of the action being taken for a specific information exchange requirement
assurance.”
Critical—Criticality assessment of the information being exchanged in relationship to the
mission; supported in CADM v1.5 through ObjectByReference with CategoryCode =
INFORMATION-EXCHANGE-REQUIREMENT-ASSURANCE.
The attribute InformationCriticalityCode 23 is specified in CADM v1.5 via
ObjectByReferenceCharacterization (see Volume III for details). The (DoD approved)
values of this code are the following:
–
–
–
–
–
–
September 2013
1 = Category 1 Mission Critical (Force C2)—Critical and high-level
information (e.g., emergency action message and commander’s guidance)
2 = Category 2 Mission Critical (Mission Operations)—Required in support to
operations (e.g., joint task force contingency plans and operations plan)
3 = Category 3 Mission Critical (Core Functions)—Ongoing information
exchanges (e.g., configuration and guidance information and restricted
frequency list)
4 = Mission critical [not otherwise specified]
5 = Mission support—Logistics, transportation, medical (e.g., gallons of
petroleum-oil-lubrication scheduled for delivery)
6 = Administrative—Personnel, pay, training, etc. (e.g., change in allotment)
UNCLASSIFIED
5
UNCLASSIFIED
DoDAF Working Group Activity in this
Area
• Is related to Risk
• DM2 Change Request # 315. Trust and Risk.
315Trust and Risk
September 2013
Address Trust and Risk.
Risk = probability of
outcomes (disposition).
Trust = probability of an
Agreement being kept.
20Ellis
Mar-09
Sandia DM2 Rule H M
UNCLASSIFIED
Defer
See if there's a rqmt -- CMG,
Wayson
6
UNCLASSIFIED
Source Definitions
September 2013
UNCLASSIFIED
7
UNCLASSIFIED
Risk Definitions
•
IEC 61508:2010
•
•
MIL STD 882E
•
•
Mishap Risk. An expression of the impact and possibility of a mishap in terms of potential mishap
severity and probability of occurrence.
NIST
•
•
Combination of the probability of occurrence of harm and the severity of that harm
The net mission/business impact considering (1) the likelihood that a particular threat source will
exploit, or trigger, a particular information system vulnerability and (2) the resulting impact if this
should occur.
WIKIPEDIA
•
September 2013
Risk is the potential of loss (an undesirable outcome, however not necessarily so) resulting from a
given action, activity and/or inaction. The notion implies that a choice having an influence on the
outcome sometimes exists (or existed). Potential losses themselves may also be called "risks".
Any human endeavor carries some risk, but some are much riskier than others.
UNCLASSIFIED
8
UNCLASSIFIED
Criticality Definitions
•
DICTIONARY.COM
•
•
•
GOOGLE.COM
•
•
of decisive importance with respect to the outcome; crucial
of essential importance
Critical measures are selected measures that best demonstrate success/failure of the mission.
WIKIPEDIA
•
September 2013
Criticality index is mainly used in risk analysis. The Criticality Index of an activity (task) can be
expressed as a ratio (between 0 and 1) but is more often expressed as a percentage. During a (
e.g. Monte Carlo) simulation tasks can join or leave the critical path for any given iteration. The
Criticality Index expresses how often a particular task was on the Critical Path during the
analysis. Tasks with a high Criticality Index are more likely to cause delay to the project as they
are more likely to be on the Critical Path. If a task does not exist for some iterations (e.g. it is
probabilistic) then it is marked as not being critical.
UNCLASSIFIED
9
UNCLASSIFIED
How to Implement in DODAF 2
September 2013
UNCLASSIFIED
10
UNCLASSIFIED
DM2 Overview
•
•
•
In DM2, Criticality is a Measure of a Resource needed to achieve a desired Resource
state.
It is related to Risk which is an outcome (Resource state) that is less desired than other
outcomes (shown through MeasureOfDesire) and also the probability of that outcome .
In the OV-3, this can be associated to the performance (Measures) of Activities by a
operational Performer
–
•
In the SV/SvcV-6, this can associated to the performance (Measures) of System (or
Service) Functions by a System or Service
–
•
Critical to performance of the System or Service
In PV’s, this can be associated to the performance (Measures) of the set of Activities that
make up a Project realizing desired Project outcomes (Resource states).
–
•
Critical to the success of the Mission or Task or to the achievement of the Capability
Critical to the success of the Project
Criticality and other Measures can apply to the same Resource state to relate them.
–
September 2013
How critical something is, to how desirable or probable that Resource state is.
UNCLASSIFIED
11
UNCLASSIFIED
Criticality Diagram
class Criticality
Measure
Criticality
+
numericValue :string
measureOfTypeActiv ity
measureOfTypeResource
Criticality
Activity
effectMeasure
desireMeasure
MeasureOfEffect
MeasureOfDesire
Project
ProjectType
Resource
Other Resource States
desiredResourceStateRealizedByProj ectType
Performer
System
September 2013
activ ityPartOfProj ectType
activ ityPerformedByPerformer
UNCLASSIFIED
Criticality is a Measure and it can be
applied to a Resource
class Criticality
Measure
Criticality
+
numericValue :string
measureOfTypeActiv ity
measureOfTypeResource
Criticality
Activity
effectMeasure
desireMeasure
MeasureOfEffect
MeasureOfDesire
Project
ProjectType
Resource
Other Resource States
activ ityPartOfProj ectType
desiredResourceStateRealizedByProj ectType
Performer
activ ityPerformedByPerformer
System
September 2013
UNCLASSIFIED
13
UNCLASSIFIED
Resources can have states and Criticality
can be measured for those states
class Criticality
Measure
Criticality
+
numericValue :string
measureOfTypeActiv ity
measureOfTypeResource
Criticality
Activity
effectMeasure
desireMeasure
MeasureOfEffect
MeasureOfDesire
Project
ProjectType
Resource
Other Resource States
activ ityPartOfProj ectType
desiredResourceStateRealizedByProj ectType
Performer
activ ityPerformedByPerformer
System
September 2013
UNCLASSIFIED
14
UNCLASSIFIED
Resource states can have
other Measures as well as Criticality
•
•
How desirable it is for a Resource to be in a particular state is a defined subtype of
Measure called MeasureOfDesire.
Another Measure could be the probability of a Resource being in that state.
class Criticality
Measure
Criticality
+
numericValue :string
measureOfTypeActiv ity
measureOfTypeResource
Criticality
Activity
effectMeasure
desireMeasure
MeasureOfEffect
MeasureOfDesire
Project
ProjectType
Resource
Other Resource States
activ ityPartOfProj ectType
desiredResourceStateRealizedByProj ectType
Performer
activ ityPerformedByPerformer
System
September 2013
UNCLASSIFIED
15
UNCLASSIFIED
A Resource can be a Performer that
performs an Activity
•
•
If that Performer is a System, then the Activity is called a System Function.
A Measure can be associated to a System Function.
class Criticality
Measure
Criticality
+
numericValue :string
measureOfTypeActiv ity
measureOfTypeResource
Criticality
Activity
effectMeasure
desireMeasure
MeasureOfEffect
MeasureOfDesire
Project
ProjectType
Resource
Other Resource States
activ ityPartOfProj ectType
desiredResourceStateRealizedByProj ectType
Performer
activ ityPerformedByPerformer
System
September 2013
UNCLASSIFIED
16
UNCLASSIFIED
A collection of Activities make up a
Project that realizes a Resource state
class Criticality
Measure
Criticality
+
numericValue :string
measureOfTypeActiv ity
measureOfTypeResource
Criticality
Activity
effectMeasure
desireMeasure
MeasureOfEffect
MeasureOfDesire
Project
ProjectType
Resource
Other Resource States
activ ityPartOfProj ectType
desiredResourceStateRealizedByProj ectType
Performer
activ ityPerformedByPerformer
System
September 2013
UNCLASSIFIED
17
UNCLASSIFIED
Fit For Purpose
•
Fit For Purpose PES allows you to exchange Criticality data by creating a Criticality
Measure XML element and placing your data as subtypes of that:
–
<IdeasEnvelope OriginatingNationISO3166TwoLetterCode="String" ism:ownerProducer="NMTOKEN"
ism:classification="U" xsi:schemaLocation="http://cio.defense.gov/xsd/dm2 DM2_PES_v2.03.XSD"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:ism="urn:us:gov:ic:ism:v2"
xmlns:ideas="http://www.ideasgroup.org/xsd" xmlns:dm2="http://www.ideasgroup.org/dm2"
xmlns="http://cio.defense.gov/xsd/dm2">
<IdeasData XMLTagsBoundToNamingScheme="DM2Names" ontologyVersion="2.01" ontology="DM2">
<NamingScheme ideas:FoundationCategory="NamingScheme" id="ns1">
<ideas:Name namingScheme="n0" id="n0" exemplarText="DM2Names"/>
</NamingScheme>
<Measure ideas:FoundationCategory="IndividualType" id="m1">
<ideas:Name exemplarText="Criticality (the Class)" namingScheme="ns1" id="n1"/>
</Measure>
<superSubtype ideas:FoundationCategory="superSubtype" id="ss1" tuplePlace1="m1“
tuplePlace2="m2"/>
<Measure ideas:FoundationCategory="IndividualType" id="m2">
<ideas:Name exemplarText="Actual Criticality Data" namingScheme="ns1" id="n2"/>
</Measure>
</IdeasData>
</IdeasEnvelope>
September 2013
UNCLASSIFIED
18