SCENARIO ORIENTED SUFFICIENCY CRITERIA FOR PHYSICAL PROTECTION SYSTEMS PROVIDE A TRACEABLE PATH FROM THREAT CLASSES TO DESIGN REQUIREMENTS
Ramil Akhundov, Elshan Hashimov, Islam Islamov
Abstract
Physical protection systems are often justified through prescriptive controls and compliance checklists, yet such evidence does not necessarily demonstrate operational sufficiency under adaptive, scenario-dependent threats. This paper proposes a scenario-oriented framework that provides a traceable path from threat classes to verifiable design requirements by formalizing sufficiency as explicit constraints on the integrated detection–delay–response chain. A bounded scenario library is defined, each scenario is mapped to adversary and defender timelines, and sufficiency is expressed through a time-margin condition with optional chance constraints to capture uncertainty. Derivation rules convert threat-class assumptions into requirement templates stated as bounds on detection, validation, decision, delay, and response components, coupled with predefined acceptance evidence. The results yield a reproducible sufficiency specification, a scenario matrix that documents coverage and dominant failure modes, and an auditable requirement structure that supports differentiated requirements for covert, forced-entry, insider-assisted, and coordinated scenarios. The framework strengthens review defensibility by enforcing traceability from each requirement to scenario constraints and enabling lifecycle revalidation as facility conditions and threat behaviors evolve.