Improving awareness in early stages of security analysis: A zone partition method based on GrC

We present a method based on granular computing to support decision makers in analysing and protecting large-scale infrastructures or urban areas from external attacks by identifying a suitable partition of the infrastructure or the area under analysis. The method works on a very limited set of information relating to the vulnerabilities of components, and probability information regarding how vulnerabilities can impact meaningful partitions. These aspects make the method very useful as a reasoning mechanism to improve awareness and support rapid decision making at early stages of intelligence analysis, when information is scarce and contains a high degree of uncertainty. The results of the case study, which are based on the hypothesis of a terrorist attack on a subway, show that the method provides approximate solutions with the advantages of supporting reasoning at different levels of abstraction and providing simplicity of threat scenario analysis. We also discuss the limitations of the applicability of our approach.