Vulnerability and Security Risk Assessment of a Thermal Power Plant Using SVA Technique


  • Abbas Sadeghi Shahid Beheshti University of medical Science
  • Mousa Jabbari Shahid Beheshti University of medical Science
  • Ali Alidoosti Malek Ashtar University of Technology
  • Mohsen Rezaeian Amirkabir University of Technology



The philosophy behind the creation of every organization is bound up with the objectives for each it has been created. There are always factors threatening the continuation of the organization’s activities or even its existence. Some of these factors involve common threats in the security area which should be identified, assessed and controlled through a systematic risk management pattern. In the present study, Security Vulnerability Assessment (SVA) technique and a local version of SVA-Pro software called Joshan-Pro was used to estimate the vulnerability and security risk of a combined cycle power plant. In this Plant, 17 assets were identified and among them, 13 assets with higher priority were entered into Joshan-Pro software for further detailed analysis. Gas oil storage tanks with the vulnerability of 2.33 out of 5 and security risk of 46.60 out of 125 were identified as the most important asset in terms of security and the 230 kV substation with the vulnerability of 0.96 and security risk of 8.64 were labeled as asset with the lowest security risk in the plant. The results showed that Joshan-Pro software, using expert’s opinion, has acceptable capability to determine the security vulnerability of the infrastructures.

Author Biographies

Abbas Sadeghi, Shahid Beheshti University of medical Science

Department of Industrial Safety

Mousa Jabbari, Shahid Beheshti University of medical Science

Department of Industrial Safety


Bajpai, S., A. Sachdeva, and J.P. Gupta, Security risk assessment: Applying the concepts of fuzzy logic. Journal of Hazardous Materials, 2010. 173(1–3): p. 258-264.

Moore, D.A., The new risk paradigm for chemical process security and safety. Journal of Hazardous Materials, 2004. 115(1–3): p. 175-180.

Bajpai, S. and J.P. Gupta, Site security for chemical process industries. Journal of Loss Prevention in the Process Industries, 2005. 18(4–6): p. 301-309.

Ashwani, S. and G. J.P., New methodologies for security risk assessment of oil and gas industry. Process Safety and Environmental Protection, 2010. 88(6): p. 407-412.

Esmaeli Shahrokht, M.T., A., Urban Reorganization with focus on Passive defense. Urban Management, 2011. No.28 Autumn&Winter: p. 93-110.

Yazdani, M., Risk Analysis for Critical Infrastructures Using Fuzzy TOPSIS. Journal of Management Research, 2012. 4(1).

Jamshidi, A.A., A., The Presentation of Security Vulnerability Assessment in oil industry Case study: Marine Oil Industry. Journal of Emergency Management, 2012. 1(1): p. 61-67.

Institute, A.P., Security Guidelines for the Petroleum Industry-3rd Edition. 2005: API Publishing Services.

Nickell, R., J. Jones, and K. Balkey. RAMCAP: Risk Analysis and Management for Critical Asset Protection, overview of methodology. in AMSE International Mechanical Engineering Congress and RD7D Expo, Annaheim, CA. 2004.

Moore, D.A., et al., Development of a security vulnerability assessment process for the RAMCAP chemical sector. Journal of hazardous materials, 2007. 142(3): p. 689-694.

Al Mannai, W.I., Development of a decision support tool to inform resource allocation for critical infrastructure protection in Homeland Security, 2008, DTIC Document.

National Infrastructure Institute, C.f.I.E., Criticality Accessibility Recoverability Vulnerability Espyability Redundancy, (CARVER), 2006.

Downs, B., Balancing Resources to Risk, U.S.C. Guard, Editor 2007: Presentation to SCOTS/NCHRP 20-59. Irvine, CA.

Downs, B., The maritime security risk analysis model. Proceedings of the Marine Safety & Security Council, 2007. 64.

Security, T.U.S.D.o.H., Transit Risk Assessment Tool, 2008.

Ted Lewis, R.D., Thomas Mackin, Managing Risk in critical Infrastructures using Network modeling. IEEE Spectrum, 2006.

Liu, C., et al., The Security Risk Assessment Methodology. Procedia Engineering, 2012. 43: p. 600-609.

Safety, C.C.P., Guidelines for Analyzing and Managing the Security Vulnerabilities of Fixed Chemical Sites. 2010: Wiley.

DoE, U., Vulnerability Assessment Methodology–Electric Power Infrastructure. Washington, DC, 2002.