Domestic Nuclear Detection Office (DNDO)
The Challenges of
Using PRA for
National Security
Risk
Assessments?
Michele DeCroix, Ph.D.
Risk Analysis Branch Chief
Domestic Nuclear Detection Office
Department of Homeland Security
11 February 2014
UNCLASSIFIED
Slide 1 of 19
Three Elements of a Risk Program
Risk Management
• Incorporate the risk management process into the overall mission and
management.
• Use risk information and analysis to inform decision-making.
• Develop methodologies where appropriate to determine the extent to which
programs and activities manage and reduce risk to the Nation.
Risk Assessment
• Scenario Development
• Modeling & Simulation
• Data Gathering/Elicitation
• Uncertainty & Variability
Risk Communication
• Written
• Verbal
• Visual
UNCLASSIFIED
Slide 2 of 19
SNRA Hazards
UNCLASSIFIED
Slide 3 of 19
Why we do risk modeling?
By presidential directive,
legislative requirements, and DHS
directive
• DNDO is required to provide risk
assessments for the
radiological/nuclear terrorism
threat
• And use a risk informed decision
process for the development of the
GNDA.
An expansive set of modeling capabilities and activities
are required to fulfill these mandated activities
UNCLASSIFIED
Slide 4 of 19
Uncertainty is a Challenge
is a lack of perfect
knowledge about
everything
must be
communicated along
with results or risk
loses its value as a
decision metric
is from lessthan-perfect
modeling
Uncertainty
is accumulated and
therefore can be
significant in the
overall result
is from
uncertainty in
the input data
UNCLASSIFIED
Slide 5 of 19
Communication is a Challenge
Notional Data
UNCLASSIFIED
Slide 6 of 19
Current IND Framework
RISK
Target
Terrorist
Organization
Initiation
Frequency
Material
Material
Selection
Probability
Weapon
Fabrication:
Yield
Acquisition
Probability
Transport /
Interdiction
DETONATION
Response /
Mitigation
Scenario
Consequences
Yield/Weight
Probability
Path Selection
Probability
Interdiction
Probability
Weapon Model
Adversary Model
Pathway Model
Terrorist
Capability
Utility Weights
Detection
Probability
Scenario
Probability
Rankings
Sensitivity
Cost/Benefit
Adversary Prefs
Material
Acquired
Target / Path
Attributes
Detection
Architectures /
Costs
UNCLASSIFIED
Slide 7 of 19
Overarching R/N Terrorism Scenario
An adversary attacks the US via1 a pathway with a weapon that
uses radiological or nuclear material out of regulatory control
working against a defensive architecture.
 This scenario has 5 dimensions:
 Adversary
 Weapon (def. Something that causes bodily harm or physical damage)
 R/N Material out of regulatory control
 Pathway (def. Source to Target by means of a Route and Conveyances)
 Defensive Architecture (GNDA)
1) Definition : a. Traveling through (a place) en route to a
destination b. By means of
Synonym: through; by way of; by means of
Qualitative or Quantitative?
You need both
UNCLASSIFIED
Slide 8 of 19
The Risk Game
UNCLASSIFIED
Slide 9 of 19
Common Evaluative Framework
Is critical to meaningful risk assessments because their value is
in the relative comparison of different decisions and not the
absolute risk quantity for any one decision.
Should be transparent to facilitate qualitative assessments as
well as comparison supporting information.
Must be rigorous in order to facilitate quantitative modeling when
necessary.
Should support a heterogeneous set of modeling tools and
methodologies
UNCLASSIFIED
Slide 10 of 19
International Cooperation
Global Initiative to Combat Nuclear Terrorism (GICNT)
 Volume I: Model Guidelines Document for Nuclear Detection Architectures (2009)
 Volume II: Guidelines for Awareness, Training and Exercises (2012)
 Volume III: Guidelines for Planning and Organization ( 2013)
 Volume IV: Detection Within a State’s Interior (planned 2014)
 Detection Exercise Playbook (planned 2014)
International Atomic Energy Agency (IAEA)
 Adaptation of GICNT Model Guidelines Document into Nuclear Security Series #21 (2013)
 Currently adapting GICNT Awareness, Training and Exercises and Planning & Organization
 Specialized seminar and TTX material for nuclear detection architecture development
International Law Enforcement Academy (ILEA)
Developed ILEA Law Enforcement Executive Development rad/nuc detection course:
• Raise awareness of national-level nuclear detection architecture approach
• Underscore planning, organization, integration and execution challenges
• Highlight critical role of law enforcement (including customs, border guard, domestic interior)
• Emphasize importance of technical reachback and link to investigations
UNCLASSIFIED
Slide 11 of 19
Notional Risk Budget
 Risk cross-cut by scenario dimensions
Notional Data
UNCLASSIFIED
Slide 12 of 19
Fortress
Each ring represents a layer.
Each layer has different sectors
corresponding to values of that
layer. The probability of encounter
could be shown as height in the
third dimension.
Sector color corresponds with
domain. Sector angular width
could represent likelihood from the
risk model, or nothing at all.
Production options include a
virtual, software based
representation (easier to modify),
a physical model (benefits from
tactile experience), or a file format
which allows for 3D printing and
display on a screen.
The example below shows the
same concept visualized in a
different way.
UNCLASSIFIED
Slide 13 of 19
Cylinder
UNCLASSIFIED
Slide 14 of 19
Backup Slides
UNCLASSIFIED
Slide 15 of 19
Risk Management at DHS
DHS Integrated Risk Management Requirements
 Incorporating the risk management process into the overall mission and management.
 Use risk information and analysis to inform decision-making.
 Develop methodologies where appropriate to determine the extent to which programs
and activities manage and reduce risk to the Nation.
DHS Risk Management Directive
“The Secretary of Homeland Security
has established the requirement for
DHS to build and promote an
integrated approach to homeland
security risk management, working
with partners across the homeland
security enterprise..”
UNCLASSIFIED
C ommunication
Slide 16 of 19
Strategic National Risk Assessment
The Strategic National Risk Assessment (SNRA) was executed in support
of Presidential Policy Directive 8 (PPD-8), which calls for creation of a
National Preparedness Goal, a National Preparedness System, and a
National Preparedness Report.
The assessment was used:
 To identify high risk factors that supported development of the core
capabilities and capability targets in the National Preparedness
Goal;
 To support the development of collaborative thinking about
strategic needs across prevention, protection, mitigation, response,
and recovery requirements, and;
 To promote the ability for all levels of Government to share
common understanding and awareness of National threats and
hazards and resulting risks so that they are ready to act and can do
so independently but collaboratively.
UNCLASSIFIED
Slide 17 of 19
Integrated Terrorism Risk Assessment (ITRA)
Homeland Security Presidential Directive (HSPD)-18 “Medical
Countermeasures Against Weapons of Mass Destruction”, directs the
Department of Homeland Security (DHS) to
"develop a strategic, integrated all
chemical/biological/radiological/nuclear (CBRN) risk assessment that
integrates the findings of the intelligence and law enforcement
communities with input from the scientific, medical, and public health
communities."
 Each hazard is evaluated separately (BTRA, CTRA, and RNTRA)
and results are combined
 The first ITRA was performed in 2008
 Second ITRA was delivered in 2011
 Small update in 2013 with full update in 2015
 The ITRA is still maturing as a product.
UNCLASSIFIED
Slide 18 of 19
UNCLASSIFIED
Slide 19 of 19