Two good reports that should be of interest to the domestic counterterror/homeland security crowd in the feeds over the last several days. The first is by RAND and is titled, "Securing America's Passenger-Rail Systems". While the report is focused on domestic rail systems, I found the methodology used by the authors to be worth a closer look. They state, and I agree, that it could be extended to other areas of research concerning infrastructure. Highlights include (Boldface is mine):
- "Even though there have been no successful attacks on rail systems in the United States recently, the FBI and local police departments have thwarted several planned attacks against the New York subway system alone. The use of passenger rail and the frequency with which terrorists target it call for a commitment to analyzing and improving rail security in the United States."
- "...we found that the most prevalent terrorist threat to rail systems comes from bombings, that most terrorist attacks on rail systems produce few fatalities and injuries, and that attacks in densely packed rail cars and interior rail-facility locations are of particular concern because of the casualties they can produce."
- "In addition, given the damage associated with a relatively small number of large attacks, security measures that prevent only the largest-scale attacks could significantly reduce the human costs associated with this threat."
- "The vulnerability assessment identified 11 potential target locations (e.g., system operation and power infrastructure) within a notional rail system and eight potential attack modes (e.g., small explosives). These targets and attack modes were combined to produce 88 different attack scenarios of concern."
- "We identified 17 security-improvement options (SIOs) within three broad categories: (1) process-based improvements (e.g., implementing enhanced security training), (2) technology-based alternatives (e.g., using portable [handheld] detection systems), and (3) infrastructure and facility modifications (e.g., installing blast-resistant containers)...The 17 security measures were rated for their incremental impact at each layer, as well as to their potential system-level contribution across layers."
- "Thus, we can predict with near certainty that terrorist-attack patterns will change in the future, though we cannot predict with much certainty precisely how those changes will be manifested. Given this uncertainty, rail-security systems must be designed to be responsive to potential changes in attack patterns, and the consequent impact on the relative effectiveness of the security portfolio must be reevaluated periodically."
- "There are no federal standards or agreed upon industry best practices within the water infrastructure sector to govern readiness, response to security incidents, and recovery. Efforts to develop protocols and tools are ongoing since the 2001 terrorist attacks."
- "A key issue is how additional protections and resources directed at public and private sector priorities will be funded. In response, Congress has provided $789 million in appropriations for security at water infrastructure facilities (to assess and protect federal facilities and support vulnerability assessments by non-federal facilities) and passed a bill requiring drinking water utilities to conduct security vulnerability assessments (P.L. 107-188). When Congress created the Department of Homeland Security (DHS) in 2002 (P.L. 107-297), it gave DHS responsibilities to coordinate information to secure the nation’s critical infrastructure, including the water sector. Under Homeland Security Presidential Directive-7, the Environmental Protection Agency (EPA) is the lead federal agency for protecting drinking water and wastewater utility systems." (Interesting. Anyone know how much experience EPA has with terrorism or physical security issues in general?)
- "Recent congressional interest has focused on bills concerning security of wastewater utilities. In the 109th Congress, the Senate Environment and Public Works Committee approved legislation to encourage wastewater treatment works to conduct vulnerability assessments and develop site security plans (S. 2781), but there was no further action on this bill. Similar legislation has been introduced in the 110th Congress (S. 1968)."