Cover Image

Not for Sale

View/Hide Left Panel
Click for next page ( 76

The National Academies | 500 Fifth St. N.W. | Washington, D.C. 20001
Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement

Below are the first 10 and last 10 pages of uncorrected machine-read text (when available) of this chapter, followed by the top 30 algorithmically extracted key phrases from the chapter as a whole.
Intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text on the opening pages of each chapter. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.

Do not use for reproduction, copying, pasting, or reading; exclusively for search engines.

OCR for page 75
75 APPENDIX F: Examples of SSI and Non-SSI The following table is reproduced from FTA's March 2009 Sensitive Security Information (SSI): Designation, Markings, and Control, Resource Document for Transit Agencies, page 9, http://transit- Table 1. Examples of SSI and Non-SSI Might Be SSI Usually Not SSI System Design and Operational Information Transit system design configurations, including architectural Environmental, safety, or health information drawings and engineering schematics; critical assets and network topology maps; exposed, unattended, or unprotected assets; critical infrastructure layouts; energy sources; and communications assets and procedures Installation and design-related operational information concern- Information needed to comply with laws and ing critical equipment or components that, if sabotaged, could pre- regulations vent operation or safe shutdown Security System Design and Equipment Information Records of vulnerabilities or security deficiencies at specified fa- Information discernable by casual observa- cilities or locations, or within the transit agency in general tion Records of specific locations and design or operational details of Budgeting and cost information internal security devices, such as sensors, detectors, alarms, and barriers Information about the capabilities and limitations of security sys- General information about equipment tems, and methods and times to defeat or degrade equipment, op- erations, or mitigations Security procedures and operations that are of a non-routine na- Routine administrative data ture Information about physical security vulnerabilities and deficien- Records of past facility and equipment cies, especially if they have not been corrected evaluations that do not reveal security-related deficiencies or that reveal deficiencies that have been corrected Information about intrusion detection, alarm, or assessment Installation records for intrusion detection, equipment, including physical and cybersecurity plans and perform- alarm, or assessment systems ance of installed equipment Information about security system design or integration, includ- Commercial vendor information about secu- ing heightened-risk operating procedures rity equipment and systems Data on security personnel assigned to specific transit facilities, Total number of security personnel assigned including times and locations, where information can not be deter- to transit system facilities, or the fact that per- mined by casual observation sonnel numbers are being increased or de- creased Emergency and Emergency Communications Information Some emergency procedures, including heightened-risk operating Fire response and evacuation plans that must procedures, contingency plans, and business continuity plans be shared with all employees Records of assessments, drills, or exercises that reveal system or Records of communications equipment used security vulnerabilities by transit authorities, including emergency management Ridership Data Information about the number of passengers on individual trains or buses or at a particular time of day