Abstract
Risk Priority Number (RPN) based Failure Mode and Effects Analysis (FMEA) can be used as a structured method to prioritize all possible vulnerable areas (failure modes) for review of safety and security in a supervisory control and data acquisition (SCADA) system. However, traditional RPN based FMEA has some inherent problems for risk management of information system. Therefore, the main purpose of this study was to propose a new cost-consequence FMEA model. It not only can recover traditional RPN-based FMEA problems, but also can evaluate, prioritize and correct safety and security of a SCADA system’s failure modes. A numerical case study was conducted to demonstrate that the proposed cost-consequence FMEA model is not only capable of addressing FMEA’s inherent problems but also is best suited for balancing monetary cost and risk consequence of failure modes in a SCADA system. It also facilitates to make better use of resources in optimizing cost and consequence of failure modes.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
NIST: Special Publication 800-30, Revision 1, Guide for Conducting Risk Assessments, September. National Institute of Standards and Technology, Gaithersburg, MD (2012)
Sutton, D.: Information Risk Management. BCS Learning & Development Limited, UK, Swindon (2015)
NIST: Special Publication 800-82 Revision 2, Guide to Industrial Control Systems Security. National Institute of Standards and Technology, Gaithersburg, MD (2015)
Firesmith, D.G.: Common Concepts Underlying Safety, Security, and Survivability, Technical note CMU/SEI-2003-TN-033, Software Engineering Institute, Pittsburgh. Carnegie Mellon University, PA (2003)
Stamatis, D.H.: Failure Mode and Effect Analysis: FMEA from Theory to Execution, 2nd edn. ASQ Quality Press, New York (2003)
Asllani, A., Lari, A., Lari, N.: Strengthening information technology security through the failure modes and effects analysis approach. Int. J. Qual. Innovation 4(5), 1–14 (2018)
Silva, M.M., de Gusmão, A.P.H., Poleto, T., e Silva, L.C., Costa, A.P.C.S.: A multidimensional approach to information security risk management using FMEA and fuzzy theory. Int. J. Inf. Manage. 34(6), 733–740 (2014)
Bowles, J.B., Pelaez, C.E.: Fuzzy logic prioritization of failures in a system failure modes, effects and criticality analysis. Reliab. Eng. Sys. Safety 50(2), 203–213 (1995)
Chang, K.H., Cheng, C.H., Chang, Y.C.: Reprioritization of failures in a silane supply system using an intuitionistic fuzzy set ranking technique. Soft. Comput. 14(3), 285–298 (2010)
Chin, K.S., Wang, Y.M., Poon, G.K.K., Yang, J.B.: Failure mode and effects analysis by data envelopment analysis. Decis. Support Syst. 48(1), 246–256 (2009)
Sankar, N.R., Prabhu, B.S.: Modified approach for prioritization of failures in a system failure mode and effects analysis. Int. J. Qual. Reliab. Manag 18(3), 324–335 (2001)
ISO 15686-5: Buildings and Constructed Assets-Service-Life Planning-Part 5: Life-cycle Costing, International Organization for Standardization standard (2017)
OGC: Whole Life Costing and Cost Management, Achieving Excellence in Construction, Procurement Guide, Number 07. Office of Government Commerce (2007)
Nilsson, J., Bertling, L.: Maintenance management of wind power systems using Condition monitoring systems-life cycle cost analysis for two case studies in the Nordic system. IEEE Trans. Energy Convers. 22(1), 223–229 (2007)
Kogan, A.: The criticism of net present value and equivalent annual cost. J. Adv. Res. Law Econ. 1(9), 15–22 (2014)
Gau, W.L., Buehrer, D.J.: Vague sets. IEEE Trans. Syst. Man Cybern. 23, 610–614 (1993)
Chen, S.M., Tan, J.M.: Handling multicriteria fuzzy decision-making problems based on vague set theory. Fuzzy Sets Syst. 67(2), 163–172 (1994)
Lin, K.S., Chiu, C.C.: Multi-criteria group decision-making method using new score function based on vague set theory. In: 2017 International Conference on Fuzzy Theory and Its Applications (iFUZZY 2017), pp. 1–6, Pingtung, Taiwan (2017)
Lin, K.S.: Efficient and rational multi-criteria group decision making method based on vague set theory. J. Comput. Accepted 11/18/2018. (in press)
Bagchi, S.: Performance and quality assessment of similarity measures in collaborative filtering using mahout. Procedia-Procedia Comput. Sci. 50, 229–234 (2015)
Kaufmann, A., Gupta, M.M.: Introduction to Fuzzy Arithmetic Theory and Applications. Van Nostrand Reinhold, New York (1991)
Szmidt, E., Kacprzyk, J.: Distances between intuitionistic fuzzy sets. Fuzzy Set Syst. 114, 505–518 (2000)
AIAG-VDA: Failure Mode and Effect Analysis (FMEA) Handbook, 1st edn. (2018)
Hillger, C.: Lifestyle and health determinants. In: Kirch, W. (ed.) Encyclopedia of Public Health. Springer, New York (2008)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Lin, KS. (2020). New Cost-Consequence FMEA Model for Information Risk Management of Safe And Secure SCADA Systems. In: Lee, R. (eds) Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing. SNPD 2019. Studies in Computational Intelligence, vol 850. Springer, Cham. https://doi.org/10.1007/978-3-030-26428-4_3
Download citation
DOI: https://doi.org/10.1007/978-3-030-26428-4_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-26427-7
Online ISBN: 978-3-030-26428-4
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)