Below are the first 10 and last 10 pages of uncorrected machine-read text (when available) of this chapter, followed by the top 30 algorithmically extracted key phrases from the chapter as a whole.
Intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text on the opening pages of each chapter. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.
Do not use for reproduction, copying, pasting, or reading; exclusively for search engines.
OCR for page 3
1 Introduction and Background Surface transportation in the United States is an extraordinarily large and complex system responsible for the movement of vast numbers of passengers and vast quantities of freight via road, rail, water, and pipeline. The system includes many thousands of independent, interlocking operators, some small and some large, some public and some private. The system's efficiency and convenience are essential to the strength of our economy, the security of our nation, and the quality of our lives. For a variety of reasons, security against hostile attacks is rarely a high priority for surface transportation. This situation is unlike the case of aviation, for which a series of incidents in the late 1960s and early 1970s inspired an extensive program of technological and procedural security measures (NRC, 1999). Yet because of the surface transportation system's importance and vulnerability, as highlighted by several recent studies and high-profile incidents, improving security is essential. This study considers research and development (R&D) strategies to improve the security of all modes of surface transportation (but not aviation) against such threats as bombings, intentional chemical and biological releases, and cyber attacks. (See Box 1-1 for some examples of recent incidents.) Numerous federal agencies conduct R&D on security measures against hostile attacks. Much of that work is generally applicable. Work in related areas, particularly protection against natural disasters and accidents, is also relevant. Interagency information sharing and coordination are thus extremely important elements of any security R&D effort. Capitalizing on these broader efforts while
OCR for page 4
BOX 1-1 Some Incidents Involving Surface Transportation in the United States 1977 Bombs explode on a Florida highway to protest the Panama Canal Treaty 1980 Pipe bombs placed by a Puerto Rican nationalist group explode in Penn Station lockers 1982 liquid explosive found in a car parked under the Bay Bridge in San Francisco 1984 Bomb threat on a Florida bridge 1986 Bomb threat on a Massachusetts bridge in support of striking fishermen 1987 Bomb threat on a Missouri bridge 1992 Hand grenade found in a Chicago commuter rail station 1993 Muslim fundamentalists arrested in a plot to blow up tunnels and a bridge in New York 1993 Bomb threat on bridges near Niagara Falls 1994 Bombs explode in the New York subway (two incidents) to extort money from the city 1995 Train intentionally derailed in Arizona probably by right-wing extremists or a former railroad employee 1995 New York subway token booth set on fire Source: Mineta institute, 1997. identifying the unique role of the U.S. Department of Transportation (DOT) is a key challenge. Now that the Cold War is over, security concerns in many fields are being focused increasingly on the threat of terrorism, whether by an organized state or state-sponsored group as a form of "asymmetrical warfare" or by a nonstate group or individual motivated by extremist ideology or hatred. The present study is just one of many recent and continuing efforts to address this problem, either in broad terms or with a specific focus on individual sectors of the nation's infrastructure. The goal of this chapter is to provide an overview of these issues as background for the remainder of the report. The chapter concludes with a brief description of the general structure and approach of the report. The Surface Transportation System The U.S. surface transportation system is large, complex, and decentralized. DOT, despite its regulatory and other responsibilities for transportation, actually
OCR for page 5
owns or operates almost none of the system. This makes addressing surface transportation security concerns particularly challenging. In particular, it means that any R&D program at DOT must pay special attention to the process of transferring technology to owners and operators. Another consequence of the decentralized nature of surface transportation is its resiliency in responding to disruptions, whether caused by intentional attacks, accidents, or natural disasters. Except in a few major metropolitan areas, and except during peak periods even in those areas, the system usually has redundant capacity—alternate routes and alternate transportation modes. Although even a single attack could cause significant destruction and distress, as well as reduce public confidence in the transportation system, it is hard to imagine a single attack that could shut down a large city, let alone a region or the country as a whole. Multiple, coordinated attacks or attacks that directly affect a wide area—such as attacks on control or communications systems, particularly as surface transportation becomes increasingly computerized and automated—raise different concerns. And redundancy is low in some specific cases, such as passenger transport in major cities during peak commuting periods, or some types of freight transport. The goal of the transportation system is to be open, accessible, free flowing, and convenient. Many security measure are inherently restrictive and hence run counter to this goal. For example, it is hard to imagine instituting airport-style security checkpoints on highways. Thus the system's openness and accessibility sometimes make it more vulnerable. Moreover, because transportation systems bring masses of people together and are highly visible and familiar, they are particularly attractive targets. In 1996, there were at least 631 violent attacks against surface transportation worldwide (DOT, 1998b). Most attacks are bombings, but the targets and incidents vary widely and include such well known cases as the hijacking of the Achille Lauro cruise ship in 1985 and the satin gas attack on the Tokyo subway in 1995 (see Box 1-2). So far, the U.S. transportation system has experienced very few incidents. Nevertheless, the attacks that have occurred (along with several high-profile attacks against other U.S. targets, such as the bombing of a federal office building in Oklahoma City in 1995 and the bombings of U.S. embassies overseas in 1998) and high-profile attacks against transportation in other countries have raised the level of concern considerably. Because threats change over time as the world situation changes and as security is tightened in other areas, DOT and others should be proactive in preparing for the future despite the low frequency of recent attacks on surface transport, on in the United States. The responsible agencies would be most unwise to walt passively until a major incident brings calls for action which they would then be ill prepared to meet. Finally, the huge impact of even unintentional breakdowns, when they do occur despite the system's usual resiliency, makes clear the enormous potential consequences of intentional attacks against surface transportation. For example,
OCR for page 6
BOX 1-2 The Sarin Gas Attack on the Tokyo Subway in 1995 Victims receive assistance on a Tokyo subway platform. Source unknown. During rush hour on a Monday morning in March 1995, a Japanese cult released the nerve agent sarin in the Tokyo subway. Even tiny quantities of this chemical are deadly. The sarin was concealed in lunch boxes and soft-drink containers, placed on train floors, and released by puncturing the containers with umbrellas as the terrorists left the trains. Firefighters were the first emergency personnel to arrive on the scene. They were not equipped with any antidote, and even if they had been, they had no idea what substance they were dealing with. Many victims made their own way to hospitals by car or taxi. The treatment of arriving casualties varied from hospital to hospital. At one, staff members were unaware of the nature of the incident for several hours and so made no attempt at decontamination. As a result, more than 20 percent of the staff who treated victims at that hospital developed symptoms themselves. At another hospital, staff initially believed they were dealing with cyanide poisoning. By noon the next day 5,510 patients had reported to medical facilities. Eight died on the first day and four more in the following month. Sources: Ohbu et al., 1997; Neifert, 1996.
OCR for page 7
in Texas alone, service disruptions following a major railroad merger in 1996 are estimated to have cost shippers at least $1 billion in delays, lost production and sales, and higher shipping costs (Weinstein and Clower, 1998). In a system this vast, a loss of public confidence, even in the absence of actual attacks, could have a significant economic impact. Federal Security Research and Development A variety of U.S. federal agencies conduct security-related R&D; most of them are not directly concerned with surface transportation. They include the agencies and services of the Department of Defense (at numerous laboratories and covering a broad range of topics), the Department of Energy and its national laboratories (also very broad), the Department of Justice (focused primarily on tools for law enforcement personnel), the Federal Aviation Administration (focused on bomb and weapon attacks against aircraft), the Department of Health and Human Services (focused on biological and chemical attacks), the Department of Commerce (including work on cyber security at the National Institute of Standards and Technology), the Central Intelligence Agency, the Department of the Treasury, the Department of State, and others. This diversity is significant for DOT's role in security R&D in two ways: interagency coordination and information sharing are critical, and DOT's own efforts must be focused sharply on areas where it is the agency best placed to make effective progress. Coordination and information sharing are a major challenge for DOT and, indeed, for all agencies involved in addressing security issues.1 The most basic problem is just finding out what work is being done. For DOT to capitalize on the results of R&D by other agencies and work effectively with them, it will have to make strenuous efforts to acquire a clearer picture of the situation than is currently available. To that end, DOT should continue its active and long-term participation in such coordinating organizations as the Critical Infrastructure Coordinating Group's interagency working group on R&D (supported by the Critical Infrastructure Assurance Office) and the Technical Support Working Group (an interagency activity led by the Departments of Defense, State, and Energy). Because security is a concern that cuts across agency boundaries, another challenge for DOT will be to identify its appropriate role in the overall security R&D effort. That role will be vitally important, but in an overall picture that 1 This challenge is not new or unique to DOT. A 1997 General Accounting Office report that considered all federal agencies found that federal funding for ''programs and activities to combat terrorism is unknown and difficult to determine." The same report found "no basis to have reasonable assurance" that policy and strategy are coordinated and focused, that activities and capabilities are "not unnecessarily duplicative or redundant," or that "funding gaps or misallocations have not occurred" (GAO, 1997).
OCR for page 8
includes such R&D giants as the Department of Defense and the Department of Energy, it will also be relatively small. DOT should therefore focus its efforts sharply on meeting the specific needs of surface transportation. Probably DOT's main emphasis will be on the adaptation, synthesis, implementation, and deployment of existing or low-technology solutions and on the development and dissemination of best practices for transportation owners and operators, rather than on long-term basic research or the development of new high-technology hardware or software. Characteristics of Surface Transportation Research and Development A brief overview of the character and structure of surface transportation R&D in general may provide a useful perspective on the context for specifically security-related R&D. DOT is the single largest source of R&D funding for nondefense surface transportation. Although its share is less than a quarter of the total, it acts as a catalyst for other funders, which include state and local governments and the private sector. These other groups are particularly important in ensuring that R&D results are implemented. The remainder of this section focuses on DOT because security-related transportation R&D is likely to receive most support at the federal level, but the roles of others, particularly in implementation, should not be neglected. DOT is made up of several agencies, most of them defined by particular transportation modes. Their R&D efforts (see Box 1-3) are not centralized, although the Office of the Secretary, which includes an Office of Intelligence and Security, provides coordination and strategic planning. This dispersed structure has significant implications for R&D in crosscutting areas such as security. R&D is not the primary focus of any DOT agency. For the most part, DOT agencies are focused on regulatory functions and on the transfer of federal transportation funding to state and local agencies. For example, as shown in Box 1-3, about three-quarters of DOT's surface transportation R&D is funded by the Federal Highway Administration (FHWA); nevertheless, R&D accounts for only 1.7 percent of FHWA's total budget. For the department as a whole, R&D accounts for only 1.8 percent of total expenditures. Because DOT agencies have specific missions, the R&D they support tends to focus on applied topics that are narrowly defined. Projects are usually directed toward specific deliverables, rather than being open-ended or exploratory. Very little basic research is supported. Funds are typically awarded via contracts rather than grants or cooperative agreements, and although these contracts are usually awarded competitively, the proposals are usually reviewed by agency staff rather than peer researchers. A large fraction of R&D funding is congressionally directed ("earmarked") for specific institutions or activities. Together, the applied, mission-specific focus of most programs and the prevalence of detailed
OCR for page 9
BOX 1-3 DOT Agencies with R&D Activities FY99 Funding DOT Agency R&D (in M$) Total (in M$) R&D (%) Major R&D Areas Federal Highway Administration 462 27,367 1.7 construction materials and processes, safety, environment, data gathering and policy analysis, intelligent transportation systems National Highway Traffic Safety Administration 72 360 20.0 biomechanics, crash avoidance, vehicle safety systems, data collection and analysis, driver behavior Federal Transit Administration 58 5,388 1.1 access for the disabled, air quality, traffic congestion, safety, innovative vehicles, regional planning Federal Railroad Administration 43 778 5.5 safety, high-speed rail, magnetically levitated trains U.S. Coast Guard 17 4,302 0.4 mission-related technologies, materials, and human factors Office of the Secretary 9 87 10.3 policy analysis, systems development Research and Special Programs Administrationa 7 72 9.7 planning, assessment, pipeline safety, transportation of hazardous materials Federal Aviation Administration 226 9,754 2.3 aircraft structures and materials, aviation security Otherb 0 242 0.0 Total 894 48,351 1.8 a The Research and Special Programs Administration operates the John A. Volpe National Transportation Systems Center, which conducts R&D under contract for other DOT and nonDOT agencies. To prevent double counting, this contract funding is not shown separately in the table. Typically it amounts to about $200 million per year. b Includes Bureau of Transportation Statistics, Saint Lawrence Seaway Development Corporation, Maritime Administration, Office of the Inspector General, and Surface Transportation Board. Note: The figures given here are totals for "Research, Development, and Technology." For most agencies, these are the sums of subtotals for "R&D," "Technology,'' and "Facilities." There are many ways to define R&D and the types of activity it includes. The purpose of this table is to give a general sense of the scope of DOT's R&D activities in surface transportation. The committee has not attempted either to reconcile the definitions used by different sources or to judge the appropriateness of definitions. Source: DOT, 1999a, 1999b.
OCR for page 10
congressional direction severely limit DOT's discretion to increase support for security-related R&D using existing funds. The main opportunity for investigator-initiated R&D is through the University Transportation Centers program, which provides about $32 million per year in matching funds for research, education, and technology transfer. None of the centers currently specializes in security-related topics. Related Efforts in Infrastructure Protection Policy Efforts to protect the surface transportation system are only a small part of recent efforts throughout the federal government to protect critical national infrastructures. These efforts include two presidential decision directives, the work of the Presidential Commission on Critical Infrastructure Protection (PCCIP) and its successor the Critical Infrastructure Assurance Office, and DOT's own efforts at vulnerability assessment. A brief overview of these activities may help to place surface transportation issues in context. The PCCIP was formed by executive order in July 1996 and consisted of 18 senior representatives from private industry, government, and academia. It was charged with identifying critical infrastructures, assessing their vulnerabilities, and formulating a comprehensive national strategy for protecting them from physical and cyber threats. An infrastructure was considered critical if its incapacity or destruction would have a debilitating effect on the defense or economic security of the nation. The PCCIP determined that the critical infrastructures are transportation, telecommunications, electrical power, gas and oil distribution, banking and finance, water supply, government services, and emergency services. It concluded that the threat is real, the vulnerabilities are extensive, and the responsibility for addressing the problem should be shared by the government and private-sector owners and operators. Among the wide range of actions the PCCIP recommended in its final report was an increase in R&D (PCCIP, 1997). The President subsequently issued two presidential decision directives. Combating Terrorism (PDD-62) lays out a new and more systematic management approach for federal counterterrorism activities. Its key element is the identification of organizational responsibilities of federal agencies. In addition, it establishes the position of national coordinator for security, infrastructure protection, and counterterrorism at the National Security Council. The coordinator is responsible for overseeing policies and programs in counterterrorism, protection of critical infrastructures, preparedness, and consequence management. Critical Infrastructure Protection (PDD-63) sets out a program of federal actions to improve the security of critical infrastructures. These include identifying and assessing vulnerabilities, planning to reduce exposure to attack, and improving cooperation between the government and the private sector. In each infrastructure area, including transportation, a federal liaison official and a
OCR for page 11
private-sector coordinator will work together. (For transportation, the National Defense Transportation Association is expected to serve as private-sector coordinator.) Achieving private-sector buy-in is generally seen as the most significant challenge for the implementation of PDD-63. The goal is to achieve an initial operating capability for protection of critical infrastructures by 2000 and a full operating capability by 2003. The Critical Infrastructure Assurance Office, which is housed in the Department of Commerce, was formed in May 1998 as a result of PDD-63. It has several responsibilities: integration of plans for individual sectors into a national infrastructure assurance plan coordination of analysis of the federal government's dependencies on critical infrastructures coordination of national education and awareness efforts and other public and legislative activities related to infrastructure protection support of the national coordinator for security, infrastructure protection, and counterterrorism, the interagency Critical Infrastructure Coordinating Group, and the National Infrastructure Assurance Council In July 1998, the Critical Infrastructure Assurance Office published the report of a multiagency road-mapping effort for infrastructure protection R&D (CIAO, 1998). Coordinated by a group from Argonne National Laboratory, this effort involved a large team from a variety of federal and private-sector organizations. The group examined the critical infrastructure sectors identified in the PCCIP report as a first step in "developing a robust and harmonized national research and development plan that comprehensively addresses critical infrastructure assurance needs" (p. vii). The discussion of the transportation sector discussed four categories of R&D topics: identification and measurement of and awareness training for system vulnerabilities development and adaptation of monitoring, detection, mitigation, and incident response hardware development and adaptation of monitoring, detection, mitigation, and incident response software information assurance, human factors, and institutional effects in pre-paredness and response The primary focus was on cyber attacks; the threat of physical attacks was less prominent; chemical and biological threats were mostly left to others to address (Davis, 1998).
OCR for page 12
The Organization of this Report The remainder of this report is structured as follows. Chapter 2 presents the study's evaluation of DOT's vulnerability assessment for surface transportation and recommends some ways to improve on it in future assessments. The recommendations give particular attention to the important and underrecognized question of strategic vulnerabilities, that is, vulnerabilities of the surface transportation infrastructure as a whole as distinct from vulnerabilities of individual infrastructure elements. Chapter 3 discusses a systematic approach to establishing an R&D strategy. It focuses on the process of planning a program (defining, selecting, and evaluating potential R&D projects) rather than on the details of specific projects. Because threats to the surface transportation infrastructure are constantly evolving, careful attention to this planning process will be vital for keeping the program on target. Finally, Chapter 4 attempts a preliminary application of the methodology recommended in Chapter 3, and in doing so, presents some examples of the kinds of R&D projects that might be considered. Note that this study has intentionally not divided up its subject according to the various modes of transportation. Although most transportation-related R&D is funded and organized according to mode, there is so much synergy and overlap among the security concerns of the different modes that such a division in this report would be artificial and even deleterious. An important conclusion of the study is the need for close coordination and cooperation, not only within DOT, but also with other agencies. Emphasizing the differences between the transportation modes would make that coordination more difficult.
Representative terms from entire chapter: