A Methodology to Prioritize Security Vulnerabilities in Ports

  • Girish Gujar
  • Adolf K. Y. Ng
  • Zaili Yang
Part of the Palgrave Studies in Maritime Economics book series (PSME)


This chapter develops a conceptual methodology to realize the quantitative analysis of vulnerabilities under different threat modes in ports. It can be a stand-alone technique for prioritizing critical systems (e.g., port facilities) with high value and significant functions, or as part of an integrated decision-making method to evaluate the effectiveness of container security control options. It explains the need to prioritize security vulnerabilities in ports. After that, a fuzzy rule-based Bayesian reasoning (FuRBaR) approach (cf. Yang et al., IEEE Transactions on Reliability, 57, 517–528, 2008) is applied as the core technique to develop a new generic security management model, in which analytic hierarchy process (AHP) is newly used to aid subjective data elicitation. The model is calibrated by an illustrative example in port security, and its future development is also discussed.


Model Fuzzy rule-based Bayesian reasoning Vulnerability Port 


  1. Andersen, S. K., Olesen, K. G., Jensen, F. V., & Jensen, F. (1990). HUGIN—A shell for building belief universes for expert systems. In G. Shafer & J. Pearl (Eds.), Readings in Uncertain Reasoning (pp. 332–337). San Francisco, CA: Morgan Kaufmann.Google Scholar
  2. Aven, T. (2007). A unified framework for risk and vulnerability analysis and management covering both safety and security. Reliability Engineering & System Safety, 92, 745–754.CrossRefGoogle Scholar
  3. Aven, T. (2009). Identification of safety and security critical systems and activities. Reliability Engineering & System Safety, 94, 404–411.CrossRefGoogle Scholar
  4. Ayyub, B. M., McGill, W. L., & Kaminskiy, M. (2007). Critical asset and portfolio risk analysis: An all-hazards framework. Risk Analysis, 27, 789–801.CrossRefGoogle Scholar
  5. Balducelli, C., Bologna, S., Lavalle, L., & Vicoli, G. (2007). Safeguarding information intensive critical infrastructures against novel types of emerging failures. Reliability Engineering & System Safety, 92, 1218–1229.CrossRefGoogle Scholar
  6. Bier, V. M. (2005). Game-Theoretic and Reliability Methods in Counter-terrorism and Security in Modern Statistical and Mathematical Methods in Reliability. Series on Quality, Reliability and Engineering Statistics. Hackensack: World Scientific.Google Scholar
  7. Bier, V. M., & von Winterfeldt, D. (2007). Meeting the challenges of terrorism risk analysis. Risk Analysis, 27, 503–504.CrossRefGoogle Scholar
  8. Bott, T. F., & Eisenhawer, S. W. (2002). Risk analysis using a hybrid Bayesian-approximation methodology. In Proceedings of Annual Reliability and Maintenance Symposium (pp. 127–133), 28–31 January, Seattle, USA.Google Scholar
  9. Dillon, R. L., Liebe, R. M., & Bestafka, T. (2009). Risk-based decision making for terrorism applications. Risk Analysis, 29, 321–335.CrossRefGoogle Scholar
  10. Eleye-Datubo, A. G., Wall, A., & Wang, J. (2008). Marine and offshore safety assessment by incorporative risk modelling in a fuzzy-Bayesian network of an induced mass assignment paradigm. Risk Analysis, 28(1), 95–112.CrossRefGoogle Scholar
  11. Federal Government of Canada. (2003). Security & Emergency Preparedness, Marine Transportation Regulations. Ottawa, Canada: Federal Government of Canada.Google Scholar
  12. Gheorghe, A. V., Masera, M., Weijnen, M., & Vries, L. D. (2006). Critical Infrastructures at Risk. Dordrecht, The Netherlands: Springer.CrossRefGoogle Scholar
  13. Gorman, S. P., Schintler, L., Kulkarni, R., & Stough, R. (2004). The revenge of distance: Vulnerability analysis of critical information infrastructure. Journal of Contingencies and Crisis Management, 12, 48–63.CrossRefGoogle Scholar
  14. Huang, H. Z., Zuo, M. J., & Sun, Z. Q. (2006). Bayesian reliability analysis for fuzzy lifetime data. Fuzzy Sets and Systems, 157(12), 1674–1686.CrossRefGoogle Scholar
  15. IMO. (2003). International Ship and Port Facility Security (ISPS) Code. London, UK: International Maritime Organization.Google Scholar
  16. Jenelius, E., Petersen, T., & Mattson, L. G. (2006). Importance and exposure in road network vulnerability analysis. Transportation Research A: Policy and Practices, 40, 537–560.Google Scholar
  17. Johnson, C. W. (2007). Understanding the interaction between public policy, managerial decision-making and the engineering of critical infrastructures. Reliability Engineering & System Safety, 92, 1141–1154.CrossRefGoogle Scholar
  18. Jonsson, H., Johansson, J., & Johansson, H. (2007). Identifying critical components of electric power systems: A network analytic approach. In Annual Conference of European Safety and RELiability (ESREL) 2007, 25–27 June, Stavanger, Norway.Google Scholar
  19. Latora, V., & Marchiori, M. (2005). Vulnerability and protection of infrastructure networks. Physical Review E, 71, 1–4.CrossRefGoogle Scholar
  20. Liu, J., Yang, J. B., Ruan, D., Martinez, L., & Wang, J. (2008). Self-tuning of fuzzy belief rule bases for engineering system safety analysis. Annals of Operations Research, 163(1), 143–168.CrossRefGoogle Scholar
  21. Masse, T., O’Neil, S., & Rollins, J. (2007). The Department of Homeland security’s risk assessment methodology: Evolution, issues, and options for Congress. Congressional Research Service Report No. RI33858, USA.Google Scholar
  22. Pate-Cornell, M. E., & Guikema, S. D. (2002). Probabilistic modeling of terrorist threats: A systems analysis approach to setting priorities among countermeasures. Military Operations Research, 7, 5–23.CrossRefGoogle Scholar
  23. Patterson, S. A., & Apostolakis, G. E. (2007). Identification of critical locations across multiple infrastructures for terrorist actions. Reliability Engineering & System Safety, 92, 1183–1203.CrossRefGoogle Scholar
  24. Pillay, A., & Wang, J. (2002). Technology and Safety of Marine Systems. Oxford, UK: Elsevier.Google Scholar
  25. van der Borst, M., & Schoonakker, H. (2001). An overview of PSA importance measures. Reliability Engineering & System Safety, 72, 241–245.CrossRefGoogle Scholar
  26. Willis, H. H. (2007). Guiding resource allocations based on terrorism risk. Risk Analysis, 27, 597–606.CrossRefGoogle Scholar
  27. Yang, Z. L., Bonsall, S., & Wang, J. (2008). Fuzzy rule-based Bayesian reasoning approach for prioritization of failures in FMEA. IEEE Transactions on Reliability, 57, 517–528.CrossRefGoogle Scholar
  28. Yang, Z. L., Bonsall, S., & Wang, J. (2009). Use of fuzzy evidential reasoning in maritime security assessment. Risk Analysis, 29, 95–120.CrossRefGoogle Scholar

Copyright information

© The Author(s) 2018

Authors and Affiliations

  • Girish Gujar
    • 1
  • Adolf K. Y. Ng
    • 2
  • Zaili Yang
    • 3
  1. 1.Division of Business and ManagementBeijing Normal University-Hong Kong Baptist University United International CollegeZhuhaiChina
  2. 2.Department of Supply Chain ManagementAsper School of Business St. John’s College University of ManitobaWinnipegCanada
  3. 3.Department of Maritime & Mechanical EngineeringLiverpool John Moores UniversityLiverpoolUK

Personalised recommendations