The budget constrained r-interdiction median problem with capacity

CEJOR (2010) 18:269–291 DOI 10.1007/s10100-009-0110-6 ORIGINAL PAPER

The budget constrained r-interdiction median problem with capacity expansion Deniz Aksen · Nuray Piyade · Necati Aras

Published online: 18 September 2009 © Springer-Verlag 2009

Abstract In this article, we elaborate on a budget constrained extension of the r -interdiction median problem with fortification (RIMF). The objective in the RIMF is to find the optimal allocation of protection resources to a given service system consisting of p facilities so that the disruptive effects of r possible attacks to the system are minimized. The defender of the system needs to fortify q facilities of the present system to offset the worst-case loss of r non-fortified facilities due to an interdiction in which the attacker’s objective is to cause the maximum possible disruption in the service level of the system. The defender-attacker relationship fits a bilevel integer programming (BIP) formulation where the defender and attacker take on the respective roles of the leader and the follower. We adopt this BIP formulation and augment it with a budget constraint instead of a predetermined number of facilities to be fortified. In addition, we also assume that each facility has a flexible service capacity, which can be expanded at a unit cost to accommodate the demand of customers who were serviced by some other interdicted facility before the attack. First, we provide a discrete optimization model for this new facility protection planning scenario with a novel set of closest assignment constraints. Then, to tackle this BIP problem we use an implicit enumeration algorithm performed on a binary tree. For each node representing

D. Aksen (B) College of Administrative Sciences and Economics, Koç University, Rumelifeneri Yolu, 34450 Sarıyer, Istanbul, Turkey e-mail: [email protected] N. Piyade · N. Aras Department of Industrial Engineering, Bo˘gaziçi University, 34342 Bebek, Istanbul, Turkey e-mail: [email protected] N. Aras e-mail: [email protected]

123

270

D. Aksen et al.

a different fortification scheme, the attacker’s problem is solved to optimality using Cplex 11. We report computational results obtained on a test bed of 96 randomly generated instances. The article concludes with suggestions for future research. Keywords Mixed-integer bilevel programming · Interdiction median problem with fortification · Facility protection · Binary enumeration tree

1 Introduction and background 1.1 Critical infrastructure analysis: Interdiction and fortification models The identification and protection of critical infrastructure and physical assets under worst-case scenarios attract the attention of operations research (OR) professionals in our time. The roots of protection planning can be traced back to military defense applications where enemy attacks are analyzed in what is called interdiction models. These models are utilized by military planners to assess the impact of losing critical links or nodes in transportation networks. An interdiction model usually looks at the target system and its vulnerabilities from the attacker’s point of view. A typical objective of the attacker (interdictor) is to identify the most critical assets or infrastructure elements of a network or a service system. The loss of those due to an interdiction would cause the maximum degree of disruption; i.e., would have the maximum impact on the sustainability of the associated network or service system. Obviously, there is a multitude of causes leading to service disruption. These can be divided into three groups: natural causes, systematical causes inherent to the components of a system, and man-made causes arising in the form of intentional attacks. Reliability and continuity of a system can be compromised by one or more of these groups. The OR literature is abundant with reliability studies striving for the development of reliable systems in the initial design phase. An exemplary review of reliability models is provided in Snyder and Daskin (2004). The overwhelming majority of reliability models deal with the first two groups of disruptive causes, namely with natural and systematical ones. Consideration of deliberately perpetrated attacks in system reliability started with the proposal of interdiction models. Researchers later adopted the position of the defender, and sought the way of fortifying the infrastructure of a system already in place against intentional attacks. The motivation of only a handful so-called fortification models proposed as a complement to interdiction models is that redesigning an entire system with limited resources is not always reasonable. This is due to the potentially large expense involved with relocating facilities, changing suppliers, or reconfiguring the network infrastructure of a system from head to foot. As an alternative, the reliability of existing infrastructure can be enhanced through efficient investments in protection and security measures (Snyder et al. 2006). The key question in fortification models is to identify which facilities to protect or fortify in order to preserve the functionality of the system as much as possible in the wake of such external disruptions as sabotages, riots, enemy or terrorist attacks. The impact of interdiction and protection has been formulated only recently in the literature. The interested reader is referred to an excellent volume of articles about reliability,

123

The budget constrained r -interdiction median problem

271

vulnerability, and protection of critical infrastructure (Murray and Grubesic 2007). There is also a comprehensive tutorial by Snyder et al. (2006) who present a broad range of models for designing supply chain networks resilient to disruptions. Resilience implies that the infrastructure of the supply chain works at low cost, i.e., efficiently both in peaceful times and in the event of a disruption. In their tutorial, the authors analyze fortification models from both the facility location and network design perspectives. 1.2 Literature on interdiction models An annotated review of interdiction models is found in Church et al. (2004). The authors furthermore develop two facility interdiction models, designated as the r -interdiction median model (RIM) and the covering facility interdiction model (RIC). The objective in both models is to identify among p supply or emergency response facilities a subset of r facilities, which—if lost—disrupt service delivery the most. The RIM model is in fact the antithesis of the well-known p-median problem. While the p-median problem locates a set of p facilities to satisfy the demand of a set of customers in the most efficient way, RIM seeks to maximize the demand-weighted total distance impact due to the interdiction of r existing supply sites (facilities). On the other hand, RIC represents the opposite of the maximal covering location problem (MCLP) first formalized and heuristically solved by Church and ReVelle (1974). The objective of MCLP is to place the facilities in such a manner as to maximize the coverage of demand, whereas RIC involves finding among p different service locations the subset of r facilities whose removal will maximize the amount of demand that is no longer covered after interdiction. Scaparra and Church (2008a) assemble interdiction models in terms of their objective functions and underlying network structures. Accordingly, the following major types of interdiction have been studied in the literature. • Node or arc destruction (removal) in a maximum flow network. • Arc removal in a maximum flow network where interdiction successes are binary random variables and arc capacities are either known or uncertain. • Arc removal in a directed shortest path network. • Arc interdiction and its impact on shipment revenue in a multi-commodity shortest path network. • Supply or emergency facility interdiction in a service network. The protection of critical infrastructure by allocating limited resources among possible mitigation investments and the continuity of service provision in the presence of man-made threats offer a relatively new research venue. Church and Scaparra (2007) for the first time incorporated into the RIM model of Church et al. (2004) the option of fortification against interdiction. The resulting mixed-integer linear programming model is referred to as the interdiction median problem with fortification (IMF). Its objective is to allocate a limited amount of protective resources among the p facilities of a distribution or service network in such a way that the accessibility reduction due to a worst-case loss of r (r < p) unprotected facilities is minimized. IMF assumes that exactly q facilities can be protected where (q + r ≤ p) should hold true, and that an attack on a protected facility has no effect on service delivery. Accessibility

123

272

D. Aksen et al.

reduction is expressed as the cumulative demand-weighted shortest distance between ( p − r ) non-interdicted facilities (supply nodes) and n customers (demand nodes) after the fortification of q and subsequent interdiction of r facilities. Church and Scaparra (2007) solve the IMF using the general-purpose commercial mixed-integer programming (MIP) solver Cplex 7.0 embedded in the optimization software suite OPL Studio 3.5. However, the applicability of such an MIP model is confined to small sized instances with up to 20 facilities, 10 fortifications, and at most four interdictions. The reason for this is that the number of decision variables and constraints in the IMF formulation is directly determined by an explicit enumeration of all possible ways of losing r out of the p facilities. This way, the size of the IMF grows very rapidly as p and r increase causing solution times of Cplex to become prohibitively long. In a later study, Scaparra and Church (2008b) point to this shortcoming of solving IMF with Cplex for most distribution, service, and emergency response networks. Real life systems such as electricity transformer stations, fire stations, shopping malls, river dams, and viaducts are likely to contain a large number of vulnerable facilities making it impracticable to employ any commercial solver to tackle the corresponding IMF. To overcome this situation, Scaparra and Church (2008b) develop an alternative MIP formulation for IMF, called maximal covering problem with precedence constraints (MCPC), and devise an effective solution technique tailored to the mathematical structure of the reformulated problem. The MCPC formulation of IMF allows a specialized model reduction process, providing upper and lower bounds that can be used to reduce the size of the original model. The resulting reduced model can then be solved easily to optimality by Cplex. The MCPC model in Scaparra and (2008b) presents the limitation of requir Church  p ing a complete enumeration of all possible ways of interdicting r out of the p r facilities. Another recent paper by Scaparra and Church (2008a) proposes an implicit enumeration algorithm to solve the bilevel integer programming (BIP) formulation of the r -interdiction median problem with fortification (RIMF). The new RIMF formulation makes it possible to solve larger problem instances than the ones solved with the former models. The difference between RIMF and IMF is two-fold. First, RIMF capitalizes on the simple observation that at least one of the r facilities that would be interdicted in the optimal solution of the lower-level RIM without fortification must be included in the optimal set of q fortifications selected by the defender (leader). By exploiting this observation, the authors manage to significantly reduce the complete enumeration of all possible interdiction patterns into an implicit enumeration, which requires at most (r q+1 − 1)/(r − 1) RIM problems to be solved conditional on the protection plan of the defender. Second, RIMF fits a game theoretic framework as a leader-follower or Stackelberg game, thus it is formulated as a BIP model. A bilevel programming (BP) problem is a special case of the multilevel optimization with two levels or two parties, one of whom takes the leader’s position, and the other one is the follower making his or her plan based on the leader’s decision. In mathematical programming terms, a subset of the variables in the upper level problem is constrained to be a solution of the optimization problem in the lower level. The newest review on BP inclusive of literature survey, sample applications, and existing methods is due to Colson et al. (2007). Two principal textbooks on the subject (Bard 1999; Dempe 2002)

123

The budget constrained r -interdiction median problem

273

particularly deserve the interested reader’s attention. Nonetheless, there is relatively little research concentrating on the integer version of BP, namely BIP. Moore and Bard (1990) introduced an implicit enumeration algorithm and explained difficulties in solving integer BP problems. Wen and Yang (1990) developed an exact algorithm, which works for relatively small problem instances. A tabu search algorithm was proposed by Wen and Huang (1996) when there are integer variables only in the upper level problem. In this study, we consider a budget-constrained version of the bilevel interdictionfortification problem with flexible capacity expansion. The new model is called budget constrained r -interdiction median problem with capacity expansion (BCRIMF-CE). We try to embark on the research directions suggested in the papers of Scaparra and Church (2008a,b) by following their footsteps. The rest of the paper is organized as follows. Section 2 formulates a BIP model for our new BCRIMF-CE. Section 3 presents a solution algorithm conducted on a binary enumeration tree for the new model. In Sect. 4 we report and tabulate our computational results obtained on a test bed of 96 randomly generated instances. Finally, Sect. 5 concludes the paper and suggests ideas for future research. 2 Model development for the BCRIMF-CE 2.1 Description of the proposed BIP model Given the interdependency between interdiction and fortification, a BIP formulation suits the nature of our research problem BCRIMF-CE. In the upper level (leader’s problem), the defender is the decision maker who determines which facilities should be fortified in order to minimize the total cost incurred after an optimal interdiction by the attacker. This total cost includes the sum of demand-weighted traveling costs between customers and non-interdicted facilities and the additional cost of necessary capacity expansions. In the lower level (follower’s problem), the attacker chooses r facilities to interdict such that the total cost is maximized. As is the case in Scaparra and Church (2008a), we assume that a fortified facility becomes immune to attacks, thus cannot be interdicted by the attacker, while an interdicted facility is completely put out of service. Another assumption is that when the attacker selects the facilities to hit, he/she has perfect information about which facilities are protected. If this assumption is relaxed, then the attacker may waste offensive resources by attacking fortified facilities, and his/her attack would not represent worstcase losses inflicted on the system. In addition, we suggest the following modifications to the RIMF in Scaparra and Church (2008a). 1. Instead of a cardinality constraint on the protection resources, we introduce a budget constraint and assume that facilities have nonuniform fortification costs. In other words, the number of facilities to be fortified is not fixed. Instead, the defender has a total budget for fortification, and can fortify any number of facilities as long as the budget allows. 2. We assume that the current service system or network has been initially designed such that p facilities operate at full capacity. They satisfy the demand of customers, who have been assigned to them in accordance with the shortest distance matrix

123

274

D. Aksen et al.

at hand. This picture is subject to change when r facilities are interdicted. A quite likely consequence of interdiction is that customers may need to be reassigned to the nearest non-interdicted facilities. This in turn leads to an inevitable capacity expansion in the non-interdicted facilities since no customer must be left out even after the interdiction. In our model, we account for capacity expansion at a unit cost to satisfy the demand of customers who were originally serviced by some other interdicted facility before the attack. The inclusion of capacity expansion cost applies to both the defender’s and the attacker’s objective functions. The following index sets, parameters, and decision variables are used in the BIP model of BCRIMF-CE. Index Sets: I = Set of customers, I = {1,…, n} J = Set of facility locations, J = {1,…, p} Parameters: di j = traveling cost (shortest distance cost) between facility location j and customer i. dmax = maximum traveling cost between facility location j and customer i, i.e., dmax = max(i, j) {di j }. ai = demand of customer i. c j = unit capacity expansion cost of the facility at location j. b j = fortification cost of the facility at location j. btot = total fortification budget (protective resources) of the defender. r = the number of facilities that can be interdicted within the offensive resources of the attacker.  1 if customer i is initially assigned to the facility at location j, δi j = 0 otherwise. Decision variables:  1 if the facility at location j is fortified, Zj = 0 otherwise.  1 if the facility at location j is lost due to an interdiction, Sj = 0 otherwise.  1 if customer i is assigned to the facility at location j, Xi j = 0 otherwise. The mathematical model of the BCRIMF-CE is given as follows. min H (Z )  Subject to j∈J b j Z j ≤ btot Z j ∈ {0,1}

∀j ∈ J

(1) (2) (3)

where H (Z ) = max

 i∈I j∈J

123

ai di j X i j +

 i∈I j∈J

  c j 1 − δi j ai X i j

(4)

The budget constrained r -interdiction median problem

Subject to



Xi j = 1

275

∀i ∈ I,

(5)

j∈ J



Sj = r

(6)

j∈ J

Sj ≤ 1 − Z j   di j ≤ dik + dmax 1 + S j + Sk − X i j 

  Xi j ≤ n 1 − S j

∀ j ∈ J, (7) ∀i ∈ I, ∀ j, k ∈ J, j = k. (8) ∀ j ∈ J,

(9)

∀j ∈ J

(10)

∀i ∈ I, ∀ j ∈ J.

(11)

i∈ I

S j ∈ {0,1} X i j ∈ {0,1}

In the above formulation, (1–3) represent the upper level fortification problem of BCRIMF-CE, whereas (4–11) correspond to the formulation of the lower level interdiction problem. Equations (1) and (4) show the objective functions of the defender and the attacker, respectively. These are comprised of two cost components: one is the total traveling cost, and the other one is the capacity expansion cost. The latter does not apply to those customers whose original facility assignment—given in the binary indicator matrix [δi j ]—is preserved in the optimal solution of the interdiction problem. While the attacker wants to maximize the total traveling and capacity expansion cost after interdiction, the defender tries to minimize the optimal value of the same objective obtained from the attacker’s problem. Due to this opposite sense of optimization, the two parties of the problem have conflicting objective functions. In this regard, the defender’s objective function in (1) can be seen as a min–max objective. Equation (2) gives the fortification budget constraint of the defender. Since facilities may have unequal fortification costs, this constraint adjusts the number of fortified facilities according to the defender’s budget. In the lower level interdiction problem, constraint (5) makes sure that each customer is assigned to exactly one facility. The number of interdicted facilities is fixed to r by constraint (6). The constraint set in (7) provides a linkage between the upper and lower problems. It states that a facility fortified in the upper level problem cannot be interdicted in the lower level problem. Constraints (8) enforce the closest assignment (CA) of customers to the non-interdicted facilities. Constraints (9) ensure the logic that no customer is assigned to an interdicted facility. Finally, constraints (3), (10), and (11) are integrality constraints on the decision variables. 2.2 Analysis of the new CA constraints The 3-index closest assignment —referred to as 3-CA— constraints (8) are different from the CA constraints in Scaparra and Church’s RIMF model in Scaparra and Church (2008a). While there are n × p inequalities ensuring the assignment of each customer to the closest facility in the formulation of RIMF, we use n × p × ( p × 1)

123

276

D. Aksen et al.

l

Distance order:

k

dil

d ik < d ij < d il

CA constraint for {j,k}: d ij ≤ d ik + d max (1 + S j + Sk − X ij ) CA constraint for {k ,j}: d ik ≤ d ij + d max (1 + Sk + S j − X ik )

dik

i

dij

j

Fig. 1 Visualization of the 3-CA constraints for the customer i and three nearest facilities

inequalities for the same purpose. In order to clarify the working mechanism of the 3-CA constraints, let us assume that the relationship between a particular customer i and three facility locations that are nearest to it is as shown in Fig. 1. The case-by-case analysis of the related 3-CA constraint is provided as follows. Case 1: S j = Sk = 0. This is when neither facility j nor k is interdicted. 3-CA constraint for { j, k} dictates that X i j be equal to 0 since dik < di j . Customer i has to be assigned to exactly one facility according to (5), i.e., exactly one X iq variable must be nonzero for some facility q. It will be k, the nearest facility to customer i. This assignment (X ik = 1) will be enforced when the 3-CA constraint for {k, j} is written together with (5). Case 2: S j = Sk = 1. Both facilities j and k are interdicted. X i j = 0 will be enforced due to (9) and 3-CA constraint will be rendered redundant. Case 3: S j = 1, Sk = 0. Facility j but not k is interdicted. Again, X i j = 0 will be enforced due to (9) and 3-CA constraint will be rendered redundant. Case 4: S j = 0, Sk = 1. Facility k but not j is interdicted. 3-CA constraint will be rendered redundant no matter whether X i j = 0 or 1. However, the coupled 3-CA constraints for the facilities { j, l} and {l, j} are written together with (5), X i j will inevitably be flipped to 1. In general, facility location models do not enforce closest assignment when facilities have limited capacity. However, BCRIMF-CE is a public facility planning model, and if CA constraints were not included, it would be possible to assign a given customer to a farther facility than the closest one. This is inapplicable unless service delivery to customers occurs at customer sites rather than at facility sites. Teixeira and Antunes (2008) and Verter and Lapierre (2002) raise the same argument and use CA constraints in their public facility planning models. In an earlier article, Gerrard and Church (1996) thoroughly reviewed CA formulations and applications in several location models. They too recommended the use of CA constraints in capacitated location models in public facility planning for the reason that CA is very likely to improve public confidence and acceptance in the corresponding solutions. Several other ways of imposing closest assignment are found in the facility location literature. For example, Scaparra and Church (2008a) experiment both with the CA constraints previously proposed by Church and Cohon (1976) and the ones employed earlier by Rojeski and ReVelle (1970). The former are designated as CC and the latter as RR constraints. Moreover, they apply a special variable reduction called

123

The budget constrained r -interdiction median problem

h

dh1 = 2

4

dh4 = 5

1 c1 = 2

277

c4 = 2

dh2 = 3 dh3 = 4

3

2

c3 = 1

c2 = 3

Fig. 2 A toy example for the case where CC constraints fail without the logical constraints

COBRA to both types of CA constraints, which was proposed as part of a new model formulation in Church (2003) for the p-median location problem. On the other hand, Verter and Lapierre (2002) resort to the RR constraints in their formulation of a preventive health care facility location problem. It has been first pointed out in Gerrard and Church (1996), later reiterated both in Teixeira and Antunes (2008) and Verter and Lapierre (2002) that RR constraints might work wrong when there exist multiple equidistant facilities to a given customer. We would like to note that CC constraints given in Eq. (12) are employed in Scaparra and Church (2008a) and Church and Scaparra (2007) to enforce the assignment of each customer to its closest legitimate facility without the use of logical constraints in (9). In our problem BCRIMF-CE, however, CC constraints alone may fail to identify a feasible solution. The reason is that the objective function consists of the sum of the total traveling cost and the capacity expansion cost, whereas the problems considered in Scaparra and Church (2008a) and Church and Scaparra (2007) have only the total traveling cost as the objective function. We demonstrate this by a toy example. CC constraints :



X ik ≤ S j

∀i ∈ I, ∀ j ∈ J

(12)

k∈ J:dik >di j

Suppose that there are four facilities indexed by j ∈ {1, 2, 3, 4} As can be seen in Fig. 2, the order of the distances between h and the facilities is given as dh1 < dh2 < dh3 < dh4 . This means that before interdiction the closest facility to customer h is facility 1. Therefore, h is assigned to 1, i.e., δh1 = 1.   Consider the case in which none of the facilities is fortified Z j = 0, ∀ j , the number of facilities to be interdicted, r , is equal to two, the demand of customer h is unity, and the unit capacity expansion costs are given as c1 = 2, c2 = 3, c3 = 1, c4 = 2. When S1 = S2 = 1, S3 = S4 = 0 (i.e., facility 1 and facility 2 are interdicted as indicated by a shaded square in Fig. 2), CC constraints for h can be written as X h2 + X h3 + X h4 ≤ 1 for j = 1, X h3 + X h4 ≤ 1 for j = 2, and X h4 ≤ 0 for j = 3. These three constraints together with the constraint X h1 + X h2 + X h3 + X h4 = 1 imply that any one of the assignment variables but X h4 can be equal to one. If the

123

278

D. Aksen et al.

  objective function is given as H (Z ) = max i∈I j∈J ai di j X i j , which is the case in the papers Scaparra and Church (2008a) and Church and Scaparra (2007), then we would have at optimality X h3 = 1 and X h1 = X h2 = 0, because dh3 is larger than both is maximization. In other words, the logidh2 and dh1 , andthe sense of optimization  cal constraints i∈I X i1 ≤ 0 and i∈I X i2 ≤ 0 written respectively for facility 1 and facility 2 are not required to avoid an assignment to an interdicted  However, the facility. objective function in our problem is defined as H (Z ) = max i∈I j∈J ai di j X i j +     i∈I j∈J c j 1 − δi j ai X i j having a capacity expansion cost component besides the traveling cost. Without the logical constraints in (9), customer h would be assigned to interdicted facility 2 since the assignment costs (traveling plus capacity expansion costs) are computed as two, six, and five for facilities 1, 2, and 3, respectively. Thus, CC constraints in (12) must be used along with the logical constraints in (9) to prevent customer assignments to an interdicted facility. As shown in the case-by-case analysis earlier, the 3-CA constraints introduced in this research and the CC constraints can be employed interchangeably. They will both achieve the enforcement of closest assignment between customers and facilities. Yet, we should compare these two constraint sets in terms of their solution time effect in which they may differ. To this end, we have solved all test instances twice, once by using the 3-CA constraints in (8) and once by replacing them with the CC constraints in (12). The discussion of the results can be found in Sect. 4. 3 Solution algorithm for the BCRIMF-CE We solve BCRIMF-CE with an implicit enumeration algorithm applied on a binary tree. This tree is constructed in the light of an observation made in Church and Scaparra (2007). It is shown that the defender should fortify at least one of the facilities that the attacker determines to interdict by solving the lower level interdiction problem to optimality. This result is justified by pointing out that if none of the facilities found in the optimal solution of the interdiction problem is fortified, then the worst-case scenario of r interdictions cannot be avoided. Our algorithm starts by creating the root of the tree and solving at this node the r interdiction median problem defined by the expressions (4–11). To obtain the solution, all Z j variables are set to zero, and then the callable library of the commercial MIP solver Cplex 11 is employed. This solution gives us the optimal set of r interdicted facilities when none of them is fortified. These facilities also constitute the candidates for fortification due to the observation mentioned above. In other words, the defender should fortify at least one of these facilities. Let us denote by R the candidate set of facilities to be fortified at any node of the enumeration tree given the fortification plan from the root up to that node and the solution of the corresponding interdiction problem. We proceed by arbitrarily choosing a facility j ∈ R and creating two child nodes: the first one has the fortification variable Z j = 0 and the other one has Z j = 1. It is a binary tree, because at each step two child nodes are created from a parent node. Now, at the newly created node (current node) with Z j = 1 we check whether the total cost of the fortified facilities along the path from the root to the current node exceeds the available budget. If this is the case, then the current node is fathomed and becomes

123

The budget constrained r -interdiction median problem

279

consequently a leaf node, i.e., a node without child nodes. If, on the other hand, the budget allows the fortification of facility j in addition to other facilities fortified along the path from the root to the current node, then we solve the follower’s problem at this current node (i.e., lower level interdiction problem). It yields a new candidate set R of facilities yet to be fortified. Branching is continued from the current node by choosing again one of the facilities in R and setting its Z j value to 0 or 1. There is no need to solve the follower’s problem in the child node that is obtained from a parent node by setting Z j = 0, since none of the facilities in the set R of the parent node would be fortified when Z j is set to zero. Therefore, we update R by removing facility j from it. There are now two possibilities. If the updated set R becomes empty, the current node is fathomed. Otherwise, we select an arbitrary facility j  from R and generate two child nodes by branching on the fortification variable corresponding to j  as before. The algorithm is terminated when all leaf nodes of the binary enumeration tree are fathomed. The node with the lowest objective value becomes the optimal solution to the bilevel problem BCRIMF-CE. The optimal set of to-be-fortified facilities is obtained by backtracking the path from that node to the root. We have to mention some strategies about the implementation of the method. First, the tree is constructed according to the depth-first search rule. The order of branching variables is not significant since all possible fortifications will have been evaluated by the time all of the leaf nodes are fathomed. The depth of the tree depends on the fortification budget btot and on the fortification costs b j of the facilities. The size of the enumeration tree is independent of the cardinality of the facility set J, i.e.,|J| = p. However, p has an impact on the size of the interdiction problem solved at each node of the tree, which in turn affects the solution time required by Cplex 11. Recall that this problem is a binary programming problem consisting of ( p + np) variables, namely S j and X i j . Let us illustrate the working mechanism of the binary enumeration tree by an example. Suppose that the set of facilities is given as J = {1,2,3,4,5}, two facilities are to be interdicted by the attacker (r = 2), and the total protection budget of the defender is equal to 12 monetary units (btot = 12). The fortification cost of the facilities are given as b1 = 4, b2 = 6, b3 = 4, b4 = 5, and b5 = 3. The binary enumeration tree corresponding to this toy problem is depicted in Fig. 3 where R : The candidate set of to-be-fortified facilities at any node given the fortification plan from the root up to that node and the solution of the corresponding interdiction problem, Z j : Protection variable (1 if facility j is protected, 0 otherwise), H (Z) : Defender’s objective value brem : The remaining protection budget at the current node. At the root of the tree, none of the facilities is fortified by the defender. The attacker’s problem (namely, the r -interdiction median problem or RIM) is solved, and the facilities to be interdicted by the attacker for maximum service disruption are found to be R = {2, 3}. Facility 2 is arbitrarily chosen for fortification, which consumes six units from the budget so that brem becomes six units. At the new node, the attacker’s problem is solved again given that facility 2 is fortified. This gives rise to the optimal interdiction plan R = {1, 4}. The other child node obtained from the root corresponds to the

123

280

D. Aksen et al.

Fig. 3 Binary enumeration tree for a toy problem

branch Z 2 = 0, i.e., facility 2 is not fortified, which leaves R = {3} with the remaining budget of 12 units. Since both nodes have sufficient budget for the fortification of other facilities, branching is continued. The two branches emanating from the node on the left-hand side correspond to the cases where facility 1 is fortified or not. In the former case, the attacker’s problem is solved by setting Z 1 = Z 2 = 1. Since the fortification cost is four units, brem is set to two. The optimal set of to-be-interdicted facilities, thereby the candidate set of facilities to be fortified is found as R = {4, 5}. Since the remaining budget does not allow further fortification, this node—shown as a striped circle—becomes a leaf node. At this node, the objective value is given hypothetically as H (Z)= 15. Branching in the binary enumeration tree is continued until either the remaining budget is insufficient for the fortification of another facility or the candidate set R becomes empty. For example, consider the child node obtained from the root node by setting Z 2 = 0. At this node, R = {3}, thus it is possible to generate two nodes by branching as Z 3 = 1 or Z 3 = 0. The branch with Z 3 = 0 leads to a node where the attacker’s problem is such that facilities 2 and 3 are both unfortified, hence the attacker optimally interdicts these facilities to inflict the maximum possible H (Z). This node need not be considered further and is fathomed. The optimal solution of the example is the leaf node with the lowest objective value H (Z)= 13. Backtracking from that leaf node up to the root of the enumeration tree suggests that the defender should fortify facilities 1, 3, and 5 at optimality. In response to this fortification scheme, the attacker will interdict facilities 2 and 4 to maximize the value of the objective function H (Z).

123

The budget constrained r -interdiction median problem

281

Table 1 The characteristics of 96 test instances of BCRIMF-CE Prob. set

Prob. name

# Customers, n

# Facilities, p

# Interdict. fac., r

Budget level Low

High

1

n100p10

100

10

2, 3, 4, 5

9,750

29,250

2

n100p15

100

15

2, 3, 4, 5

12,250

36,500

3

n100p20

100

20

2, 3, 4, 5

15,500

36,500

4

n100p25

100

25

2, 3, 4, 5

15,000

36,500

5

n150p10

150

10

2, 3, 4, 5

9,750

29,250

6

n150p15

150

15

2, 3, 4, 5

12,250

22,500

7

n150p20

150

20

2, 3, 4, 5

16,500

35,250

8

n150p25

150

25

2, 3, 4, 5

16,000

39,500

9

n200p10

200

10

2, 3, 4, 5

10,500

29,250

10

n200p15

200

15

2, 3, 4, 5

12,250

36,500

11

n200p20

200

20

2, 3, 4, 5

16,500

39,500

12

n200p25

200

25

2, 3, 4, 5

16,500

39,500

4 Computational results 4.1 Generation of random test instances We conducted our experimental analysis on 96 test instances of the BCRIMF-CE varying in the number of customers (n), the total number of existing facilities ( p), the number of facilities that are interdicted (r ), and the level of total fortification budget (btot ). The data sets include 100, 150, and 200 customers with 10, 15, 20 and 25 existing facilities. Demand data of customers and coordinates of customer and facility locations have been taken from the paper by Aras and Aksen (2008) on locating used product collection centers within the context of reverse logistics. Unit capacity expansion costs (c j values) have been derived from a discrete uniform distribution between 50 and 100 monetary units. For each combination of customer and facility parameters, we ran tests under four values of the interdiction parameter r (r = 2, 3, 4, 5). Recall that the number of facility fortifications is not fixed, but determined by the value of btot . Thus, we used two levels (low and high) for btot in each instance. Fortification 10,000 monetary costs (b j values) were randomly assigned between 1,000 and

units 1  as integer multiples of 250. Low budget level was equal to 1,250 j b j × 250 with [[·]] representing the rounding operator to the nearest integer. High budget level

3  was taken as 1,250 j b j × 250; however, it was reduced as necessary to ensure that the sum of the fortified facilities plus the interdicted facilities never exceeds the total number of all facilities p. Low and high budget levels are shown together with the other problem characteristics in Table 1. The code for the construction of the binary enumeration tree was developed in Microsoft Visual C++ 2005, and experiments were performed on a workstation equipped with two Intel Xeon X5460 3.16 GHz Quad-Core processors and 16 GB

123

282

D. Aksen et al.

RAM. The results are provided in Table 2 showing the available budget, the percentage of budget consumed for fortification, the number of fortified facilities, and finally the objective value for each problem set with respect to different r values and budget levels. Further solution details for each test instance with low- and high-level budget are given in Tables 3 and 4, respectively. Details include the following: • The percentage of capacity expansion cost in the objective value. • The number of reassigned customers and the proportion of their cumulative demand. • The number of times Cplex 11 is called, i.e., the number of nodes on the enumeration tree where a conditional r -interdiction problem (the attacker’s problem) is solved to optimality. • The solution time in seconds obtained with the 3-CA constraints in (8). • The solution time in seconds obtained with the CC constraints in (12). The results indicate that as the interdiction parameter r gets higher, the solution time increases. We observe that the CC constraints require much less CPU time than the newly proposed 3-CA constraints. Average CPU times for these two different types of CA constraints in low (high) budget instances were measured as 3.15 and 193.24 seconds (16.61 and 749.63 s), respectively. There is a substantial discrepancy between the CPU times of high and low budget instances. This can be attributed to the rapidly growing depth of the binary enumeration tree due to the increase in the fortification budget, which in turn creates a larger number of tree nodes at which Cplex is called to solve the attacker’s problem. 4.2 The relationship between the fortification budget and budget consumption As seen in Table 2, in some low-level budgeted test instances the total budget available for fortification is not fully depleted. At optimality, there remains enough money to fortify at least one more facility. This is due to the attacker’s worst-case behavior. If the remaining fortification budget is not enough to fortify any facility in the optimal solution of the attacker’s problem, but is sufficient to protect another facility that is not part of that optimal solution, then the defender does not use this resource. In a sense, these solutions reveal the actual minimum fortification resources required to prevent the worst-case r -interdiction under a specific budget constraint. As an example, for the problem n100p10 with r = 2 and low-level budget (btot = 9,750), the defender protects two facilities (7th and 9th) with a total protection cost of 6,750. There is still a remaining budget of 3,000 which can be used to protect some more facilities (e.g., the 1st facility with the fortification cost b1 = 2,250). However, the optimal strategy of the attacker is to interdict the 2nd (b2 = 8,500) and the 6th (b6 = 7,500) facilities which the defender cannot afford to fortify. Therefore, it is needless for the defender to protect any facility that would not be interdicted in the attacker’s interdiction problem conditional on those facilities fortified in the upper level problem. In conclusion, the number of facilities to be fortified and consequently the objective value not only depend on the total fortification budget, but also on the individual protection costs of the facilities.

123

2 3 4 5 2 3 4 5 2 3 4 5 2 3 4 5 2 3 4 5 2 3 4 5

1

6

5

4

3

2

r

Prob. set Obj. value

12,250

9,750

15,000

15,500

12,250

9,750

69.2 92.3 82.1 93.9 93.9 93.9 93.9 96.8 96.8 96.8 96.8 100.0 100.0 100.0 100.0 71.8 92.3 84.6 84.6 85.7 85.7 91.8 91.8 98.5

2 2 3 3 3 3 3 3 4 4 4 4 5 5 5 5 2 3 3 3 4 4 6 6

205,497 244,954 274,434 311,038 174,675 216,190 236,832 252,489 144,407 171,828 191,782 211,722 107,680 127,634 150,050 170,004 290,480 338,680 398,034 444,836 231,146 272,455 301,819 327,425 22,500

29,250

36,500

36,500

36,500

29,250

Available budget

# Fortified fac.

Available budget

Budget used (%)

Budget level: high

Budget level: low

Table 2 Computational results of 96 test instances of BCRIMF-CE

96.6 96.6 96.6 88.9 95.9 99.3 99.3 99.3 96.6 96.6 96.6 96.6 100.0 100.0 97.9 97.9 98.3 98.3 98.3 88.9 100.0 100.0 100.0 100.0

Budget used (%) 6 6 6 5 9 10 10 10 8 8 8 8 8 8 9 9 6 6 6 5 7 7 7 7

# Fortified fac.

145,084 165,427 184,921 221,919 96,045 105,334 113,794 119,723 103,561 113,125 121,585 129,900 89,849 102,333 110,662 118,843 231,437 262,137 284,813 322,760 192,583 219,175 243, 314 267, 151

Obj. value

The budget constrained r -interdiction median problem 283

123

123

2 3 4 5 2 3 4 5 2 3 4 5 2 3 4 5 2 3 4 5 2 3 4 5

7

12

11

10

9

8

r

Prob. set

Table 2 Continued

Obj. value

16,500

16,500

12,250

10,500

16,000

16,500

97.0 100.0 100.0 90.6 90.6 90.6 90.6 66.7 85.7 97.6 97.6 85.7 85.7 85.7 85.7 97.0 97.0 97.0 97.0 80.3 87.9 87.9 87.9 69.2

4 4 6 6 5 5 5 5 2 3 4 4 4 4 4 4 4 4 4 4 4 5 5 5

185,330 220,240 248,434 273,108 172,281 196,690 219,059 240,616 369,421 425,715 483,125 522,804 291,475 345,066 387,271 427,500 242,637 288,953 331,028 372,950 245,327 281,752 316,455 349,236 39,500

39,500

36,500

29,250

39,500

35,250

Available budget

# Fortified fac.

Available budget

Budget used (%)

Budget level: high

Budget level: low

90.1 90.1 96.5 97.9 97.5 96.2 96.2 96.2 94.0 98.3 98.3 94.0 95.2 95.2 97.9 95.2 94.3 99.4 99.4 99.4 82.3 95.6 98.1 98.1

Budget used (%) 9 9 10 11 9 11 11 11 5 6 6 5 9 9 11 9 10 11 11 11 8 10 11 11

# Fortified fac.

150,969 175,643 191,281 204,215 147,162 163,750 176,469 188,965 297,573 340,904 380,331 431,736 231,203 267,362 292,115 318,328 203,632 225,109 252,709 271,504 197,406 217,546 237,678 255,883

Obj. value

284 D. Aksen et al.

The budget constrained r -interdiction median problem

285

Table 3 Solution details of 48 test instances with Low Level budget Prob. set

1

2

3

4

5

6

7

8

9

r

Cap. exp. cost (%)

Reassigned dem. (%)

No. of reassigned customers

No. of Cplex calls

CPU time (sec) 3-CA constraints in (8)

CC constraints in (12)

2

54.0

28.4

26

4

0.56

0.39

3

60.1

38.2

34

6

0.36

0.13

4

63.9

46.1

43

11

0.70

0.42

5

66.7

56.9

51

18

1.30

0.72

2

59.4

23.7

20

6

0.81

0.16

3

62.2

34.8

30

12

1.61

0.33

4

64.9

39.2

36

22

2.58

0.63

5

66.1

42.2

42

48

5.34

0.98

2

62.9

15.9

14

11

3.08

0.42 0.98

3

61.9

23.5

21

20

5.16

4

64.7

27.5

24

36

9.55

1.58

5

67.3

32.4

30

68

17.64

2.75 0.48

2

64.3

11.0

10

10

4.77

3

68.2

14.9

13

20

9.23

1.03

4

67.4

17.6

16

38

17.17

2.06

5

70.0

21.6

19

74

32.00

4.70

2

49.5

23.5

32

4

0.53

0.33

3

55.9

32.3

45

6

0.84

0.55

4

60.9

39.5

54

10

1.14

0.67

5

61.6

44.2

61

18

2.00

1.00

2

49.8

19.5

25

13

3.61

1.17

3

56.4

26.4

35

22

5.22

1.56

4

60.7

29.8

41

37

8.20

2.72 4.19

5

61.4

34.5

48

56

12.16

2

51.7

12.0

15

21

10.39

1.47

3

56.8

19.9

25

51

22.09

2.75

4

60.9

22.6

32

108

49.30

5.34

5

64.0

26.8

39

188

73.06

8.11

2

55.6

10.6

14

10

9.09

1.41

3

60.8

14.7

21

26

23.64

3.17

4

63.8

20.1

28

51

43.95

8.11

5

66.5

24.2

35

89

93.45

16.34

2

49.1

22.8

41

4

0.81

0.47

3

54.9

30.6

58

9

3.13

1.03

4

57.2

36.0

72

12

4.83

1.72

5

58.7

43.4

91

22

10.38

2.70

123

286

D. Aksen et al.

Table 3 Continued Prob. set

10

11

12

r

Cap. exp. cost (%)

Reassigned dem. (%)

No. of reassigned customers

No. of Cplex calls

CPU time (sec) 3-CA constraints in (8)

CC constraints in (12)

2

48.8

18.4

32

11

24.36

1.63

3

55.3

25.0

44

23

58.45

2.08

4

57.3

30.7

54

33

126.55

3.30

5

60.7

36.9

70

46

237.48

5.74

2

49.4

15.7

32

17

444.36

1.80

3

55.4

20.9

41

38

469.88

3.38

4

60.3

26.1

53

73

690.55

6.50

5

64.1

32.4

69

123

1058.33

8.89

2

58.9

13.8

26

9

912.08

1.81 4.05

3

63.5

18.4

35

20

1212.41

4

66.8

23.9

47

47

1533.36

9.63

5

68.6

28.8

55

79

2018.13

19.75

4.3 The effects of the interdiction parameter and the budget level on the objective value For the same budget level, increasing the interdiction parameter r clearly leads to an increase in the objective value, which is undesirable from the defender’s point of view. This is an expected result since losing more facilities due to interdiction causes more disruption in the system, and the total cost of providing the service increases. As revealed in the results in Table 2, this is the case for each problem set under different budget levels. Figure 4 depicts the effect of the number of interdicted facilities r on the objective value for the problem set n200p25 (Prob. 12). An increase in the objective value is observed in this diagram for both low-level and high-level budgets with increasing r . On the other hand, when we increase the level of the budget for fixed values of r , we observe a decrease in the objective value, which translates into improvement from the defender’s point of view. This decrease can be observed in Fig. 4 as well. It is an expected result since a sufficient increase in the protection resources gives the option of fortifying more facilities, which in turn makes the system stronger against the worst-case interdiction of the attacker. Each additional protected facility in the system leads to an improvement in the objective value. We remark that the line segment corresponding to the low budget level in Fig. 4 is steeper than the one corresponding to the high budget level. It means that the defender with a tighter fortification budget suffers more as the attacker’s interdiction capability grows.

123

The budget constrained r -interdiction median problem

287

Table 4 Solution details of 48 test instances with High Level budget Prob. set r

1

2

3

4

5

6

7

8

9

Cap. exp. Reassigned cost (%) dem. (%)

No. of reassigned customers

No. of Cplex calls

CPU time (sec) 3-CA constraints in (8)

CC constraints in (12)

2

42.1

13.3

12

23

0.83

0.22

3

47.5

18.3

19

73

2.38

0.55

4

51.1

23.4

28

159

5.11

1.81

5

57.2

34.3

36

254

7.13

2.86

2

33.7

6.9

9

47

4.03

0.56 2.30

3

38.3

9.3

12

181

14.14

4

39.9

11.2

14

669

43.69

7.38

5

42.4

12.6

16

2,104

133.61

20.17 0.99

2

51.5

6.9

7

45

8.63

3

54.0

8.9

12

214

37.38

3.92

4

54.5

10.8

14

820

138.52

12.80

5

56.9

12.5

16

2,737

436.53

47.61

2

55.3

9.3

10

44

16.53

1.23

3

59.5

12.2

12

162

58.14

4.25

4

61.5

13.0

11

540

179.17

13.77

5

63.5

14.8

14

1,738

551.72

47.05 0.48

2

39.7

14.7

25

20

1.20

3

45.4

19.8

35

86

3.97

1.49

4

48.0

24.5

42

188

8.36

2.53

5

51.7

30.3

50

271

12.66

3.77

2

43.5

12.6

21

23

5.59

1.38

3

50.0

17.5

27

64

14.95

2.53

4

53.0

21.4

34

137

33.16

4.98

5

54.5

22.4

37

289

63.77

11.70 2.28

2

43.6

8.2

13

52

34.66

3

50.8

12.4

20

188

137.53

6.08

4

53.3

14.7

24

547

518.86

14.72

5

56.1

17.8

27

1,402

1469.58

37.80

2

47.9

7.8

12

44

49.31

2.98 10.06

3

52.1

10.3

16

178

253.39

4

55.1

12.6

19

630

1084.88

33.97

5

57.7

14.7

22

1,960

3291.50

115.84

2

39.8

15.2

36

20

7.66

0.77

3

45.9

20.6

50

84

33.92

2.11

4

49.4

26.3

60

184

87.08

4.30

5

52.2

31.3

70

286

96.48

6.64

123

288

D. Aksen et al.

Table 4 Continued Prob. set r

10

11

12

Cap. exp. Reassigned cost (%) dem. (%)

No. of reassigned customers

No. of Cplex calls

CPU time (sec) 3-CA constraints in (8)

CC constraints in (12)

2

37.5

10.8

22

45

56.08

3

44.6

15.3

33

178

230.64

2.52 6.25

4

49.2

18.1

36

581

742.61

19.13

5

52.3

22.3

46

1,612

1947.36

54.13

2

44.5

9.5

18

52

566.13

2.92

3

49.3

12.5

24

201

797.67

9.28

4

53.6

14.3

31

652

2083.97

27.47 68.48

5

56.3

16.5

36

1,847

4667.47

2

47.8

9.5

17

40

1078.89

3.84

3

51.7

11.0

21

162

1876.41

11.45

4

55.6

14.6

28

549

3808.27

39.50

5

58.4

17.1

33

1,691

9280.84

118.61

400,000

low level high level

Objective value

350,000 300,000 250,000 200,000 150,000 100,000

2

3

4

5

No. of Interdicted Facilities, r Fig. 4 The effect of the interdiction parameter r on the objective value under two budget levels for n200p25 (Prob. 12)

4.4 The effect of interdictions on the capacity expansion cost and demand reassignment Table 5 gives the average capacity expansion cost as a percentage of the objective value H (Z), and the average proportion of reassigned customer demand for each number of interdicted facilities (r ). As can be seen in the table, the improving interdiction capability of the attacker increases the percent capacity expansion cost endured by the

123

The budget constrained r -interdiction median problem

289

Table 5 The effect of r on capacity expansion cost and demand reassignment # Interdicted facilities, r

Avg. percentage of capacity expansion cost (%)

Avg. proportion of reassigned customer demand (%)

Low budget

Low budget

High budget

High budget

2

54.5

43.9

17.9

10.4

3

59.3

49.1

25.0

14.0

4

62.4

52.0

29.9

17.1

5

64.6

54.9

35.4

20.5

defender. Each increment in r produces approximately the same rate of increase in the average percentage of capacity expansion cost at both low and high levels of the fortification budget. A similar trend applies also to the average proportion of reassigned customer demand. Finally, to see the effect of c j (unit capacity expansion cost), we halved each c j and solved 96 test instances again. This scenario led to minute changes in the reassigned customer demand proportions, whereas average capacity expansion percentages were affected noticeably. To be exact, the average capacity expansion cost computed over all 96 instances dropped from 55.1 to 38.3% of the average total cost value H (Z). 5 Summary and future research insights In this paper, we consider the budget-constrained r -interdiction median problem with capacity expansion (BCRIMF-CE). BCRIMF-CE is modeled as a BIP problem. It involves a defender who provides service at a set of facilities to a number of customers. Since these facilities are prone to attacks undergone by an attacker whose objective is to cause the maximum disruption to the service system, the defender engages in a fortification activity such that the disruption is minimized. There is a leader-follower relationship between the defender and the attacker in the problem which gives rise to a BP formulation. The contribution of the paper is twofold. First, we impose a budget constraint instead of accepting a predetermined number of facilities to be fortified. Second, capacity expansion in the non-interdicted facilities, which results from the reassignment of customers due to interdictions, is also taken into account. As the solution method, we use a binary enumeration tree at each node of which a binary integer programming model is solved to optimality with the commercial solver Cplex 11. Based on extensive numerical experiments performed on a set of randomly generated 96 test instances, we try to obtain some tendencies for the effects of such model parameters as the budget level, the number of interdicted facilities, and unit capacity expansion cost. We also propose a novel set of three-index closest assignment (3-CA) constraints to be used in the mathematical model of the BCRIMF-CE. Our computer experiments revealed that 3-CA constraints are not as efficient as Church and Cohon (1976) twoindex constraints, which are usually used in the location literature to enforce closest

123

290

D. Aksen et al.

assignment between customers and facility locations. Nonetheless, possible benefits of 3-CA constraints should be investigated, since they may be utilized as valid inequalities in a branch-and-bound solution technique. There are several imminent extensions of the presented study, which have merit for future research. One of them is the inclusion of strict capacity constraints in lieu of flexible capacity expansion. In a similar way, a maximum traveling distance restriction could also be imposed on behalf of the customers as a quality of service guarantee. Both of these modifications would directly lead to the necessity of accounting for the cost of lost demand in the BCRIMF model. Another extension involves combining strategic planning in the design phase with operational planning of protection. This means the BCRIMF could be merged with a fixed charge or p-median facility location problem. The resulting joint problem would look into both the design and protection aspects of the service network in question. We have started to investigate this comprehensive problem within the same BIP framework as presented in this paper. Acknowledgments Necati Aras was supported by Bo˘gaziçi University Research Fund under grant number 08HA301D. We are indebted to two anonymous referees for their valuable comments and suggestions, which have been instrumental in improving the content and presentation of the paper.

References Aras N, Aksen D (2008) Locating collection centers for distance- and incentive-dependent returns. Int J Prod Econ 111(2):316–333 Bard JF (1999) Practical bilevel optimization: algorithms and applications. Nonconvex optimization and its applications, vol 30. Kluwer, Dordrecht Church RL (2003) COBRA: a new formulation of the classic p-median location problem. Ann Oper Res 122(1/4):103–120 Church RL, Cohon JL (1976) Multiobjective location analysis of regional energy facility sitting problems. Report prepared for the US energy research and development administration (BNL 50567) Church RL, ReVelle C (1974) The maximal covering location problem. Pap Reg Sci Assoc 32(1):101–118 Church RL, Scaparra MP (2007) Protecting critical assets: the r -interdiction median problem with fortification. Geogr Anal 39(2):129–146 Church RL, Scaparra MP, Middleton RS (2004) Identifying critical infrastructure: the median and covering facility interdiction problems. Ann Assoc Am Geogr 94(3):491–502 Colson B, Marcotte B, Savard G (2007) An overview of bilevel optimization. Ann Oper Res 153(1):235– 256 Dempe S (2002) Foundations of bilevel programming. Nonconvex optimization and its applications, vol 61. Kluwer, Dordrecht Gerrard RA, Church RL (1996) Closest assignment constraints and location models: properties and structure. Location Sci 4(4):251–270 Murray AT, Grubesic TH (eds) (2007) Critical infrastructure: reliability and vulnerability. Advances in spatial sciences. Springer, Berlin Moore JT, Bard JF (1990) The mixed-integer linear bilevel programming problem. Oper Res 38(5):911– 921 Rojeski P, ReVelle CS (1970) Central facilities location under an investment constraint. Geogr Anal 2(4):343–360 Scaparra MP, Church RL (2008) A bilevel mixed integer program for critical infrastructure protection planning. Comput Oper Res 35(6):1905–1923 Scaparra MP, Church RL (2008) An exact solution approach for the interdiction median problem with fortification. Eur J Oper Res 189(1):76–92 Snyder LV, Daskin MS (2004) Reliability models for facility location: the expected failure cost case. Technical Report, Department of Industrial & Systems Engineering, Lehigh University

123

The budget constrained r -interdiction median problem

291

Snyder LV, Scaparra MP, Daskin MS, Church RL (2006) Planning for disruptions in supply chain networks. In: Greenberg HK (ed) Tutorials in operations research. INFORMS, Baltimore pp 234–257 Teixeira JC, Antunes AP (2008) A hierarchical location model for public facility planning. Eur J Oper Res 185(1):92–104 Verter V, Lapierre SD (2002) Location of preventive health care facilities. Ann Oper Res 110(1/4):123–132 Wen UP, Yang YH (1990) Algorithms for solving the mixed-integer two-level linear programming problem. Comput Oper Res 17(2):133–142 Wen UP, Huang AD (1996) A simple tabu search method to solve the mixed-integer linear bilevel programming problem. European Journal of Operational Research 88(3):563–571

123