Below are the first 10 and last 10 pages of uncorrected machine-read text (when available) of this chapter, followed by the top 30 algorithmically extracted key phrases from the chapter as a whole.
Intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text on the opening pages of each chapter.
Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.
Do not use for reproduction, copying, pasting, or reading; exclusively for search engines.
OCR for page R1
Assessment of the Bureau of Reclamation’s Security Program
ASSESSMENT OF THE BUREAU OF RECLAMATION’S SECURITY PROGRAM
Committee on the Assessment of the Bureau of Reclamation’s Security Program
Board on Infrastructure and the Constructed Environment
Division on Engineering and Physical Sciences
NATIONAL RESEARCH COUNCIL OF THE NATIONAL ACADEMIES
THE NATIONAL ACADEMIES PRESS
Washington, D.C.
www.nap.edu
OCR for page R2
Assessment of the Bureau of Reclamation’s Security Program
THE NATIONAL ACADEMIES PRESS
500 Fifth Street, N.W. Washington, DC 20001
NOTICE: The project that is the subject of this report was approved by the Governing Board of the National Research Council, whose members are drawn from the councils of the National Academy of Sciences, the National Academy of Engineering, and the Institute of Medicine. The members of the committee responsible for the report were chosen for their special competences and with regard for appropriate balance.
This study was supported by Contract/Grant No. 05CS811164 between the National Academy of Sciences and the U.S. Bureau of Reclamation. Any opinions, findings, conclusions, or recommendations expressed in this publication are those of the author(s) and do not necessarily reflect the views of the organizations or agencies that provided support for the project.
International Standard Book Number-13: 978-0-309-12527-7
International Standard Book Number-10: 0-309-12527-8
Additional copies of this report are available from the
National Academies Press,
500 Fifth Street, N.W., Lockbox 285, Washington, DC 20055; (800) 624-6242 or (202) 334-3313 (in the Washington metropolitan area); Internet, http://www.nap.edu.
Cover photographs from top to bottom: Glen Canyon Dam (from the Committee on the Assessment of the Bureau of Reclamation’s Security Program); Hoover Dam at night (from U.S. Bureau of Reclamation); Grand Coulee Dam (from the Committee on the Assessment of the Bureau of Reclamation’s Security Program); Friant Dam (from U.S. Bureau of Reclamation); Folsom Dam (from U.S. Bureau of Reclamation)
Copyright 2008 by the National Academy of Sciences. All rights reserved.
Printed in the United States of America
OCR for page R3
Assessment of the Bureau of Reclamation’s Security Program
THE NATIONAL ACADEMIES
Advisers to the Nation on Science, Engineering, and Medicine
The National Academy of Sciences is a private, nonprofit, self-perpetuating society of distinguished scholars engaged in scientific and engineering research, dedicated to the furtherance of science and technology and to their use for the general welfare. Upon the authority of the charter granted to it by the Congress in 1863, the Academy has a mandate that requires it to advise the federal government on scientific and technical matters. Dr. Ralph J. Cicerone is president of the National Academy of Sciences.
The National Academy of Engineering was established in 1964, under the charter of the National Academy of Sciences, as a parallel organization of outstanding engineers. It is autonomous in its administration and in the selection of its members, sharing with the National Academy of Sciences the responsibility for advising the federal government. The National Academy of Engineering also sponsors engineering programs aimed at meeting national needs, encourages education and research, and recognizes the superior achievements of engineers. Dr. Charles M. Vest is president of the National Academy of Engineering.
The Institute of Medicine was established in 1970 by the National Academy of Sciences to secure the services of eminent members of appropriate professions in the examination of policy matters pertaining to the health of the public. The Institute acts under the responsibility given to the National Academy of Sciences by its congressional charter to be an adviser to the federal government and, upon its own initiative, to identify issues of medical care, research, and education. Dr. Harvey V. Fineberg is president of the Institute of Medicine.
The National Research Council was organized by the National Academy of Sciences in 1916 to associate the broad community of science and technology with the Academy’s purposes of furthering knowledge and advising the federal government. Functioning in accordance with general policies determined by the Academy, the Council has become the principal operating agency of both the National Academy of Sciences and the National Academy of Engineering in providing services to the government, the public, and the scientific and engineering communities. The Council is administered jointly by both Academies and the Institute of Medicine. Dr. Ralph J. Cicerone and Dr. Charles M. Vest are chair and vice chair, respectively, of the National Research Council.
www.national-academies.org
OCR for page R4
Assessment of the Bureau of Reclamation’s Security Program
This page intentionally left blank.
OCR for page R5
Assessment of the Bureau of Reclamation’s Security Program
COMMITTEE ON THE ASSESSMENT OF THE BUREAU OF RECLAMATION’S SECURITY PROGRAM
JOHN T. CHRISTIAN, Chair, Consulting Engineer,
Waban, Massachusetts
BILAL M. AYYUB,
University of Maryland, College Park
GEORGE H. BAKER III,
James Madison University, Harrisonburg, Virginia
DWIGHT A. BERANEK,
Michael Baker, Jr., Inc., Alexandria, Virginia
MARK M. HANKEWYCZ,
The Protection Engineering Group PC, Chantilly, Virginia
JEREMY ISENBERG,
Weidlinger Associates, Inc. (retired), Atherton, California
L. MICHAEL KAAS,
U.S. Department of the Interior (retired), Arlington, Virginia
DAVID A. KLINGER,
University of Missouri, St. Louis
RICHARD G. LITTLE,
University of Southern California, Los Angeles
JOHN A. McCARTHY,
Kamal Advisory Services LLC, Dubai
CHARLES I. McGINNIS,
U.S. Army Corps of Engineers (retired), Charlottesville, Virginia
KARLENE H. ROBERTS,
University of California, Berkeley
RANDY ROSSMAN,
Miami-Dade Police Department, Miami, Florida
CRAIG D. UCHIDA,
Justice & Security Strategies, Silver Spring, Maryland
Staff
LYNDA STANLEY, Director
KEVIN LEWIS, Senior Program Officer
DANA CAINES, Financial Associate
OCR for page R6
Assessment of the Bureau of Reclamation’s Security Program
BOARD ON INFRASTRUCTURE AND THE CONSTRUCTED ENVIRONMENT
DAVID J. NASH, Chair,
Dave Nash & Associates, Washington, D.C.
JESUS de la GARZA,
Virginia Tech, Blacksburg
REGINALD DesROCHES,
Georgia Institute of Technology, Atlanta
DENNIS DUNNE,
dddunne & associates, Scottsdale, Arizona
BRIAN ESTES,
U.S. Navy (retired), Williamsburg, Virginia
PAUL FISETTE,
University of Massachusetts, Amherst
LUCIA GARSYS,
Hillsborough County, Florida
THEODORE C. KENNEDY,
BE&K, Inc., Birmingham, Alabama
PETER MARSHALL,
Dewberry Company, Norfolk, Virginia
DEREK PARKER,
Anshen+Allen Architects, Inc., San Francisco, California
JAMES PORTER,
E. I. du Pont de Nemours and Company, Wilmington, Delaware
E. SARAH SLAUGHTER,
Massachusetts Institute of Technology, Cambridge
WILLIAM WALLACE,
Rensselaer Polytechnic Institute, Troy, New York
Staff
LYNDA STANLEY, Director
KEVIN LEWIS, Senior Program Officer
DANA CAINES, Financial Associate
OCR for page R7
Assessment of the Bureau of Reclamation’s Security Program
Preface
Malicious acts intended to cause the failure of a major dam or dams are a threat to the nation and its citizens. Nearly 7 years ago, on September 11, 2001, 19 determined individuals took control of four airplanes with hundreds of passengers aboard and crashed the planes into the World Trade Center in New York City, the Pentagon in Washington, D.C., and a field in Pennsylvania, all within a matter of hours. In seeking to determine how these attacks could have happened, the 9/11 Commission found that the lack of preparedness was the result of an underlying “lack of imagination” on the part of the U.S. security enterprise. The commission concluded that although the 9/11 attacks were a shock, they should not have come as a surprise.
It is tempting to assume that, because no dams have yet been compromised by international terrorists or domestic extremists, it cannot someday happen. In the United States today more than 79,500 dams are used to control flooding and provide power and water for a variety of uses, and many would become significant hazards if they should fail. Some hold back millions of gallons of water, which, if unleashed in an uncontrolled way, could rush downstream and destroy lives, property, and communities.
Thirty-two years ago, the failure of the Teton Dam changed how the nation managed, inspected, and invested in dams. Following the 9/11 attacks, the physical assurance of dams took on new importance. Now the owners and operators of dams find they need to change the ways they identify threats to and vulnerabilities of dams, manage risk, and imple-
OCR for page R8
Assessment of the Bureau of Reclamation’s Security Program
ment measures to protect dams from security-related failures. The owners and operators of large dams, including the U.S. Bureau of Reclamation, the U.S. Army Corps of Engineers, the Tennessee Valley Authority, and others, have recognized the potential consequences of an intentionally caused dam failure. They are consequently redefining their concept of stewardship and responsibility for their infrastructure to include physical security.
At the request of the U.S. Bureau of Reclamation, the National Research Council (NRC) appointed a multidisciplinary committee of 14 experts to assess Reclamation’s security program and determine its level of preparedness to deter, respond to, and recover from malicious threats to its physical infrastructure and to the people who use and manage it. The committee held four meetings, and subgroups of committee members and NRC staff visited all five of Reclamation’s regions and the Hoover, Shasta, Folsom, Glen Canyon, and Grand Coulee dams, among others. The committee held briefings and discussions with Reclamation’s senior executives, program managers, regional directors, and area staff; Reclamation contractors and partners; and representatives of other federal agencies involved in dam security. The committee appreciates the exceptional cooperation, support, and insights provided by all of the Reclamation staff with whom it met. The committee also appreciates the support and insights of Reclamation’s partners and its fellow federal agencies.
The committee’s report is organized into five chapters. Chapter 1, “Context,” describes Reclamation’s security challenges, the history of its security program, previous reviews of that program, and the committee’s approach for addressing the statement of task.
Chapter 2, “Description of Reclamation’s Security Program,” describes the program’s organizational structure, the major responsibilities of the security, law enforcement, and emergency management offices, and the resources available to implement security-related activities.
Chapter 3, “Assessment of Reclamation’s Security-Related Processes,” contains the committee’s observations and findings on Reclamation’s physical security, law enforcement, and incident response processes, functions, and expertise, its organizational structure, and its working relationships.
Chapter 4, “Future Plans,” contains the committee’s observations and findings on the development of a robust, sustainable security program.
Chapter 5, “Conclusions and Recommendations,” contains the committee’s conclusions and its recommendations for improvement based on its observations and findings.
Although this report focuses on the Bureau of Reclamation, the security-related challenges described are not unique to that organization. Other owners and operators of large dams, including the U.S. Army
OCR for page R9
Assessment of the Bureau of Reclamation’s Security Program
Corps of Engineers, the Tennessee Valley Authority, other federal agencies, states and localities, water and power authorities, and private-sector corporations, must grapple with similar challenges and find ways to meet them. Each of these organizations has its own history, culture, organizational structure, and physical location. The committee did not extend its investigations to consider security issues beyond the Bureau of Reclamation because time and resources were limited and because its mandate and authority extended only to the Bureau of Reclamation. Nevertheless, it believes that the nation would benefit from cooperation among the dam-owning organizations to ensure the security of their dams and the safety of the public. The public and private effort to develop guidelines and tools for protecting the nation’s dams being led by the Department of Homeland Security is one way of doing this. Indeed it may be that a comprehensive review of the security of the nation’s dams is called for. The committee hopes this report will contribute not only to the continued development of Reclamation’s security program but also to the national dialogue on how best to ensure the physical security of the nation’s dams and the people who rely on them for water and power.
John T. Christian, Chair
Committee on the Assessment of the Bureau of Reclamation’s Security Program
OCR for page R10
Assessment of the Bureau of Reclamation’s Security Program
This page intentionally left blank.
OCR for page R11
Assessment of the Bureau of Reclamation’s Security Program
Acknowledgments
This report has been reviewed in draft form by individuals chosen for their diverse perspectives and technical expertise, in accordance with procedures approved by the National Research Council’s (NRC’s) Report Review Committee. The purpose of this independent review is to provide candid and critical comments that will assist the institution in making its published report as sound as possible and to ensure that the report meets institutional standards for objectivity, evidence, and responsiveness to the study charge. The review comments and draft manuscript remain confidential to protect the integrity of the deliberative process. We wish to thank the following individuals for their review of this report:
Shawn Fenn, Ecology and the Environment Inc.,
James Fetzer, James Fetzer & Associates, LLC,
Gerald E. Galloway, Jr., University of Maryland,
Henry J. Hatch, U.S. Army Corps of Engineers (retired),
Michael Hightower, Sandia National Laboratories,
James H. Lambert, University of Virginia, and
Terrence P. Ryan, CPP, Raytheon.
Although the reviewers listed above have provided many constructive comments and suggestions, they were not asked to endorse the conclusions or recommendations, nor did they see the final draft of the report before its release. The review of this report was overseen by M. Granger
OCR for page R12
Assessment of the Bureau of Reclamation’s Security Program
Morgan, Carnegie Mellon University. Appointed by the NRC, he was responsible for making certain that an independent examination of this report was carried out in accordance with institutional procedures and that all review comments were carefully considered. Responsibility for the final content of this report rests entirely with the authoring committee and the institution.
The committee also acknowledges and appreciates the contribution of the members of the Board on Infrastructure and the Constructed Environment (BICE) of the NRC. BICE was established in 1946 as the Building Research Advisory Board. It brings together experts from a wide range of scientific, engineering, and social science disciplines to discuss potential studies of interest, develop and frame study tasks, ensure proper project planning, suggest possible reviewers for reports produced by fully independent ad hoc study committees, and convene meetings to examine strategic issues. The board members were not asked to endorse the committee’s conclusions or recommendations or to review the final draft of the report before its release.
OCR for page R13
Assessment of the Bureau of Reclamation’s Security Program
Contents
SUMMARY
1
1
CONTEXT
14
Reclamation’s Security Challenges,
16
Teton Dam Failure and Reclamation’s Response,
19
History of Reclamation’s Security Program,
21
Previous Reviews of Reclamation’s Security Program,
24
Statement of Task,
26
The Committee’s Approach,
27
References,
28
2
DESCRIPTION OF RECLAMATION’S SECURITY PROGRAM
29
Security,
32
Law Enforcement,
38
Incident Response Management,
45
Information and Information Technology Security,
47
Resources and Funding,
48
References,
49
3
ASSESSMENT OF RECLAMATION’S SECURITY-RELATED PROCESSES
50
Security Assessments and Risk Management,
51
Personnel Security,
55
Facility Security Plans,
56
OCR for page R14
Assessment of the Bureau of Reclamation’s Security Program
Incident Response,
58
Exercises and Training,
63
Intelligence Gathering and Dissemination,
65
Working Relationships,
66
Expertise,
68
References,
70
4
FUTURE PLANS
71
Senior Management Support and Commitment,
72
Resources,
74
Performance Measurement,
75
Methods for Capturing, Disseminating, and Implementing Lessons Learned,
78
A Vision and a Long-Term Plan for a Sustainable Program,
79
References,
82
5
CONCLUSIONS AND RECOMMENDATIONS
83
Conclusions,
83
Recommendations,
84
A Risk Management Approach,
85
An Integrated Security Plan for Each Facility,
87
Policies and Operational Guidance for Key Aspects of the Program,
92
A Collaborative Operating Environment,
95
Senior Management Support and Commitment,
98
Adequate Resources,
99
Performance Measurement,
101
A Method for Disseminating Lessons Learned,
102
A Vision and a Long-Term Plan,
103
References,
104
APPENDIXES
A Biographies of Committee Members
107
B Briefings to the Committee and Discussions
114
C Two Approaches to Risk Assessment for Dams
120
OCR for page R15
Assessment of the Bureau of Reclamation’s Security Program
Acronyms
ASCE American Society of Civil Engineers
BLM Bureau of Land Management
BOR Bureau of Reclamation
CAPRA Critical Asset and Portfolio Risk Analysis
CFR comprehensive facility review
CIO chief information officer
COOP continuity of operations plan
CSR comprehensive security review
DHS Department of Homeland Security
DOI Department of the Interior
DTRA Defense Threat Reduction Agency
EAP emergency action plan
ECQ executive core qualification
EOC emergency operations center
FBI Federal Bureau of Investigation
FEMA Federal Emergency Management Agency
FOUO for official use only
FPS Federal Protective Service
OCR for page R16
Assessment of the Bureau of Reclamation’s Security Program
HSEEP Homeland Security Exercise and Evaluation Program
HSPD Homeland Security Presidential Directive
ICS incident command system
IED improvised explosive device
IMARS Incident Management and Reporting System
JTTF Joint Terrorism Task Force
LEA law enforcement administrator
MC mission critical
MMC major mission critical
MOU memorandum of understanding
MSRA Matrix Security Risk Assessment
NCI national critical infrastructure
NEP National Exercise Program
NIMS National Incident Management System
NIPP National Infrastructure Protection Plan
NRC National Research Council
NRF National Response Framework
NRP National Response Plan
OLESEM Office of Law Enforcement, Security, and Emergency Management
OMB Office of Management and Budget
OVI occurrence, vulnerability, importance
PART Program Assessment Rating Tool
PE project essential
PEMO Program and Emergency Management Office
PFR periodic facility review
PIV personal identity verification
PSR periodic security review
RAM–D Risk Assessment Methodology–Dams
RSA regional special agent
RSO regional security officer
SAT security advisory team
SCADA supervisory control and data analysis
OCR for page R17
Assessment of the Bureau of Reclamation’s Security Program
SSLE Security, Safety, and Law Enforcement
TSC Technical Services Center
USACE U.S. Army Corps of Engineers
OCR for page R18
Assessment of the Bureau of Reclamation’s Security Program
This page intentionally left blank.
