Frequency of Attack adn the Safeguards and Security Risk Evaluation Process

Political and fiscal considerations are driving safeguards and security policy changes. Frequent topics of discussion as a means of addressing both cost effectiveness and the perceived reduction in threat to Department of Energy facilities is to change the current valuation of the Frequency of Attack in the \"Conditional risk Equation\" to a value which reflects this low probability of attack. A major premise of this paper is that the low probability of an attack on a nuclear facility in the United States is due to the level of deterrence, mitigation, and prevention of the protection systems, not a lack of adversary interest in nuclear facilities. The most recent high profile terrorist attack in the United States, the World Trade Center bombing, was against a \"soft\" target. One that was not protected by armed guards, physical barriers, and other protection system elements. Though nuclear facilities would seem to be ideal attention getting targets for terrorists, the protection system has a deterrent effect, making them \"hard\" targets, thus lowering the probability that they will be attacked. The purpose of this paper is to present an approach to taking credit for those \"qualitative\" protection system elements which effect the probability that an attack will occur against a sensitive facility in the United States. Complex problems such as assessing values to large and multi-faceted protection programs require a rigorous analytical approach. Analytic tools can assist in breaking down large, complex problems into their component parts. The Analytic Hierarchy Process (AHP) is a methodology which is ideally suited for structuring complex problems such as determining how effective the \"qualitative\" protection system elements are against a given adversary type and across a specific path to a target. This approach is rigorous, provides significant detail on the rationale for decisions made, and is flexible in adjusting to changing situations. Examples chosen to demonstrate this rigorous methodology are Insider adversary types within the DOE \"Design Basis Threat\" policy.