A Bayesian-network approach for assessing the probability of success of physical security attacks to offshore Oil&Gas facilities

Abstract

Offshore Oil&Gas facilities are attractive targets of intentional malicious attacks (security attacks) that may trigger cascading events (e.g., the release and dispersion of hazardous material and/or energy, fires, explosions) with consequences on people, environment, and assets. The severity of these consequences is potentially similar to those arising from major accident scenarios originated by conventional safety-related causes. Current practice in managing the risk of security attacks mostly relies on qualitative or semi-quantitative procedures developed over the years in the offshore Oil&Gas industry. In the present study, a systematic quantitative procedure is developed, based on a Bayesian Network (BN) approach, for calculating the probability of success of physical security attacks, taking into account both preventive and mitigative security intervention strategies. The procedure addresses the specific framework of the offshore Oil&Gas industry. A case study concerning an offshore fixed Oil&Gas platform allowed us to demonstrate the quality of the results that can be achieved and their potential towards the improvement of the security of the installations considered.