Operation Safe Commerce (OSC) is an innovative public–private partnership dedicated to enhancing security throughout international and domestic supply chains while facilitating the efficient cross-border movement of legitimate commerce. The object is to prevent terrorists or their weapons from gaining access to the United States to cause catastrophic harm, while sustaining the viability of the global transportation lifelines that support international commerce. The way to accomplish this is to move away from primary reliance on a system of control at the borders that lie within U.S. jurisdiction and toward point-of-origin controls. Point-of-origin controls are to be supported by controls developed within international supply chains and accompanied by a concentric series of checks built into the system at points of transshipment and at points of arrival. In return, the nation’s world trade partners rightfully expect reciprocity and controls on U.S. exports to aid the security of their imports.
Effective international trade corridor security must rest on a foundation of credible risk management—that is, a regime that can reliably identify the people, goods, and conveyances that are legitimate, so their movements can be facilitated. This would allow shippers, importers, regulators, and inspectors to focus on the smaller number of entities about which they know little or have specific concerns. Achieving this goal requires a layered public–private approach.
OSC will validate security at the point of origin and will demonstrate what is needed to ensure that parties associated with commercial shipping exert reasonable care and due diligence in packing, securing, and manifesting the contents of
Below are the first 10 and last 10 pages of uncorrected machine-read text (when available) of this chapter, followed by the top 30 algorithmically extracted key phrases from the chapter as a whole.
Intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text on the opening pages of each chapter. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.
Do not use for reproduction, copying, pasting, or reading; exclusively for search engines.
OCR for page 63
APPENDIX C PROTECTING INTERNATIONAL TRADE CORRIDORS: THE OPERATION SAFE COMMERCE INITIATIVE1 Operation Safe Commerce (OSC) is an innovative public–private partnership dedicated to enhancing security throughout international and domestic supply chains while facilitating the efﬁcient cross-border movement of legitimate com- merce. The object is to prevent terrorists or their weapons from gaining access to the United States to cause catastrophic harm, while sustaining the viability of the global transportation lifelines that support international commerce. The way to accomplish this is to move away from primary reliance on a system of control at the borders that lie within U.S. jurisdiction and toward point-of-origin con- trols. Point-of-origin controls are to be supported by controls developed within international supply chains and accompanied by a concentric series of checks built into the system at points of transshipment and at points of arrival. In return, the nation’s world trade partners rightfully expect reciprocity and controls on U.S. exports to aid the security of their imports. Effective international trade corridor security must rest on a foundation of credible risk management—that is, a regime that can reliably identify the peo- ple, goods, and conveyances that are legitimate, so their movements can be facil- itated. This would allow shippers, importers, regulators, and inspectors to focus on the smaller number of entities about which they know little or have speciﬁc concerns. Achieving this goal requires a layered public–private approach. OSC will validate security at the point of origin and will demonstrate what is needed to ensure that parties associated with commercial shipping exert reason- able care and due diligence in packing, securing, and manifesting the contents of 1 The material in this appendix is based on government-supplied information not independently veriﬁed by the committee. 63
OCR for page 63
64 CYBERSECURITY OF FREIGHT INFORMATION SYSTEMS: A SCOPING STUDY a shipment of goods in a container. In addition, OSC will demonstrate various methods to ensure that the information and documentation associated with these shipments are complete, accurate, and secure from unauthorized access. The proj- ect will ultimately gauge the security of the supply chain with these new proce- dures in order to determine their viability. OSC will provide validated recommendations and workable solutions to leg- islators, regulatory agencies, the International Maritime Organization, and the World Customs Organization on how best to address the critical issue of cargo security. The following are some of the major objectives of OSC: • Ensure the integrity of the supply chain by encompassing the entire trans- action between an importer and a supplier. This includes validating security at the point of origin, ensuring the contents of containers, and tracking the container in transit with the intent of identifying methods and evidence of possible tampering. • Pilot the use of off-the-shelf technologies and conduct proof-of-concept projects to demonstrate other technologies to monitor the movement of legitimate cargo in transit before it reaches the U.S. border and all the way to its ﬁnal destination. • Provide a tangible prototype that can inform post–September 11 efforts—by federal and international authorities—that aim to enhance the security asso- ciated with all types of cargo, conveyances, and people moving across borders and within international trade corridors, by proving the feasibility of various industry and government proposals for layered cargo security strategies. To achieve these objectives, OSC proposes the following: 1. Apply a common set of standard security practices to govern the loading and movement of cargo throughout the supply chain. The goal is to ensure that an authorized packer of a container knows what is in that container and can report those contents accurately. 2. Ensure that the container’s electronic documentation is complete, accurate, and secure against computer hackers and is provided to law enforcement agencies in a timely manner.
OCR for page 63
PROTECTING INTERNATIONAL TRADE CORRIDORS: THE OPERATION SAFE COMMERCE INITIATIVE 65 3. Reduce the risk of a container being intercepted and compromised in transit. OSC will work initially with three major ports: Seattle/Tacoma, New York/ New Jersey, and Los Angeles/Long Beach. Seventy percent of the container movement in the United States originates or terminates with these entities. To achieve these objectives, the three load centers will use several methods that may include all or some of the following: • Validating and assessing the entire delivery system through examination of the discrete stages of the product ﬂow (supply chain): 1. Product origination (the factory and subcontract manufacturing), 2. Product shipping to export facility (transportation company), 3. Export stage repackaging and shipping (export broker), 4. International transport (freight company), 5. Export arrival and storage (transportation company, warehouses, cus- toms facilities, port, ocean carrier), 6. Vessel voyage (ocean carrier), 7. Import arrival and storage (port, transportation company, warehouses, customs facilities), 8. Cargo conveyance (rail, truck), 9. Cargo breakup into multiproduct facilities (drop centers, distribution warehouses), and 10. Product arrival and storage at the buyer’s facility. • Complying with Business Anti-Smuggling Security Coalition or similar procedures and standards. • Requiring secure packing procedures for loading intermodal containers along the lines of ISO9000 quality assurance rules. • Maintaining secure loading docks at manufacturing plants or at shipping facilities that restrict access to authorized individuals and that use cameras to monitor the loading process. Loading docks would be subject to periodic, random, independent inspections to ensure compliance. • Using third-party veriﬁers to augment the capability of government enforce- ment authorities to audit, certify, and validate shipments and supply chain service providers.
OCR for page 63
66 CYBERSECURITY OF FREIGHT INFORMATION SYSTEMS: A SCOPING STUDY • Providing and checking proper import vouchers before loading cargo on vessels. • Using technology to secure and monitor containers and their movement through the intermodal supply chain. • Outﬁtting containers with theft-resistant mechanical and electronic seals. • Installing light, temperature, or other sensors in the interior of the con- tainer, which would be programmed to set off an alarm if the container is opened illegally at some point of transit. • Conducting background checks of truck drivers who deliver goods to the port and outﬁtting them with biometrically based identity cards. • Attaching an electronic transponder (such as those used for the “E-ZPass” toll payment system in the northeastern United States) and Global Positioning System devices to the truck cab and chassis or rail car carrying containers and using intelligent transportation system technologies to monitor in-transit movements to and within the port terminal. • Maintaining the means to communicate with operators from their pickup to their off-load destinations. • Providing tracking information to the appropriate regulatory or enforce- ment authorities within the jurisdictions through which the cargo will be transported. • Leveraging the Port of New York and New Jersey’s Freight Information Real-Time System for Transport vessel and cargo information system, or other similar information portals, by requiring all participants in the supply chain cycle to provide advance notice of the details about their shipments, operators, and conveyances in accordance with agreed-upon protocols. This early notice would give government inspectors the time to assess the valid- ity of the data and check the data against any watch lists they may be main- taining, and would provide timely support to a ﬁeld inspector deciding what should be targeted for examination.
OCR for page 63
PROTECTING INTERNATIONAL TRADE CORRIDORS: THE OPERATION SAFE COMMERCE INITIATIVE 67 The following may be among the major project tasks: 1. Forming regional task forces that will include the law enforcement com- munity and other regulatory authorities, as well as appropriate academic and technical experts. 2. Enlisting private business-sector partners involved with all stages of prod- uct ﬂow in the construction of a process ﬂow map for the physical move- ment of each container/supply chain that has been identiﬁed. The chain of custody as well as the information ﬂow will also be mapped out to identify security gaps and how they can be redressed. 3. Tasking the regional task force members to examine the following for secu- rity gaps: (a) the entire design-to-delivery product ﬂow; (b) the means of conveyance—maritime, rail, truck, and air; and (c) the “who and how” con- nected with the operators who move the products. 4. Conducting ﬁeld visits to witness the actual supply chain process. 5. Having the regional task force prepare recommendations they believe might redress the gaps they identify. A recommendation should fall under one of three groupings: (a) off-the-shelf technologies for securing and track- ing shipments, (b) improvements to existing data collection and sharing arrangements, and (c) process changes that would close opportunities for compromise at the point of origin or in transit. 6. Enlisting a support group made up of academic and private-sector partners to develop technological applications for testing as the regional task force iden- tiﬁes gaps. An outreach effort will be made to other government-sponsored R&D programs that are ﬁeld-testing tracking and sensor technologies that support a demonstration of how secure in-transit visibility and accountabil- ity can be achieved. 7. Conducting trials of new technologies, data arrangements, or process changes using volunteer manufacturers, importers, surface shippers, freight forwarders, maritime shipping lines, and terminal operators. 8. Testing the integrity of systems with “red-team” exercises.
OCR for page 63
68 CYBERSECURITY OF FREIGHT INFORMATION SYSTEMS: A SCOPING STUDY 9. Preparing reports to capture and quickly relate lessons learned from the secu- rity gap analyses and the testing and reﬁnement of technological applications. The reports will aim to provide guidance for a layered, multitiered approach for replication and standardization of policy approaches to securing trade corridors. The audience includes legislators and policy makers involved in the U.S.–Canada “Smart Border” Agreement and participants in counter- terrorism initiatives under consideration by the International Maritime Organization, the World Customs Organization, the International Standards Organization, and other relevant multilateral and international bodies.