Below is the uncorrected machine-read text of this chapter, intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text of each book. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.
192 Information Resources A P P E N D I X Information related to topics in this report is available from many sources and in many formats. Security Awareness Information Resources 1. AASHTO National Operations Center of Excellence https://transportationops.org/ 2. APTAâRecommended Practices: Security Awareness Training for Transit Employees, 2012 http://www.apta.com/resources/standards/Documents/APTA-SS-SRM-RP-005-12.pdf 3. DHSâIf You See Something, Say Something⢠print materials and video and audio awareness items in English and Spanish https://www.dhs.gov/see-something-say-something/campaign-materials 4. DHSâBomb Threat Checklist http://emilms.fema.gov/is906/assets/ocso-bomb_threat_samepage-brochure.pdf 5. DHSâCounter-IED Awareness Products https://www.dhs.gov/counter-ied-awareness-products a. Awareness cards and posters b. DHS-DOJ Bomb Threat Stand-off Guide c. DHS Bomb Threat Checklist d. DHS-DOJ Bomb Threat Guidance e. DHS Vehicle Inspection Guide and Video f. Vehicle-Borne IED Identification Guide: Parked Vehicles g. First Responder Support Tools 6. TSAâhttps://www.tsa.gov/for-industry/surface-transportation a. Employee Guide to System SecurityâCommuter Bus (Pocket Guide) b. Employee Guide to System SecurityâCommuter Rail (Pocket Guide) c. Employee Guide to System SecurityâHeavy Rail (Pocket Guide) d. Employee Guide to System SecurityâLight Rail (Pocket Guide) e. System Security Awareness for Transit Employees (CD), also available in Spanish f. The Mark (DVD) g. Warning Signs (DVD) h. Visible Intermodal Prevention and Response (Pamphlet) i. Motor Coach (Pocket Guide) j. Trucking (Pocket Guide) k. Highway Infrastructure (Pocket Guide) l. School Bus (Pocket Guide) m. Hazmat Motor Carrier Security Action Item Training (Brochure) n. First Observer: School Transportation Security Training (School Bus and School Transportation) available with Spanish subtitles
Information Resources 193 v. Security Awareness for Passenger Vessel Employees (CD) w. VBIED/IED Recognition/Response for Passenger Vessels and Terminals (CD) x. Crowd Control for Passengers Vessels and Terminals (CD) y. Maritime Terrorism and Hijacking Situations (CD) z. Screening Procedures (CD) aa. Terminal and Vessel Evacuation Procedures (CD) 7. First Observer Plus⢠Program, multiple modes https://www.tsa.gov/for-industry/firstobserver 8. FTAâTransit Agency Security and Emergency Management Protective Measures (CD) 9. National Transit Institute Guides www.ntionline.com a. Employee Guide to All-Hazards Awareness and Preparedness b. Employee Guide to Preventing Workplace Violence c. Infectious Disease Awareness and Prevention d. Emergency Preparedness Guide for Transit Employees: On the Job and At Home 10. FEMAâNational Training and Education Division https://www.frstrespondertraining.gov/content.do 11. FEMAâTraining Operations Course Catalog https://www.firstrespondertraining.gov/webforms/pdfs/gt_catalog.pdf 12. FEMA Emergency Management Institute (EMI) 13. http://training.fema.gov/is/ a. Workplace Security Awareness (IS-906) b. Active Shooter: What You Can Do (IS-907) c. Surveillance Awareness: What You Can Do (IS-914) d. Critical Infrastructure Security: Theft and DiversionâWhat You Can Do (IS-916) e. Workplace Violence Awareness Training 2014 (IS-106.14) f. Protecting Critical Infrastructure Against Insider Threats (IS-915) 14. MTI National Transportation Security Center of Excellence Exploring the Effectiveness of Transit Security Awareness Campaigns in the San Francisco Bay Area, 2010 15. Transportation Safety Institute http://www.tsi.dot.gov/ 16. Rural Domestic Preparedness Consortium (RDPC) 17. http://www.ruraltraining.org/training/courses/ 18. Federal Bureau of Investigation (FBI) Guide to Concealable Weapons, Federal Bureau of Investigation (FBI), 2003 http://www.cutr.usf.edu/security/reports.htm 19. ATF Bomb Threat Checklist ATF 1613.1, Bureau of Alcohol Tobacco and Firearms June 1997 http://www.state.tn.us/homelandsecurity/bomb_checklist.pdf 20. Improvised Explosive Device (IED) Safe Standoff Distance Cheat Sheet, US Army National Ground Intelligence Center 21. Terrorist Bomb Threat Stand-Off Card, (Pocket Guide) Technical Support Working Group http://www.cttso.gov/?q=node/243 22. Best Practices for Safe Mail Handling, DHS Interagency Committee, September 2006 23. Biological Attack Human Pathogens, Biotoxins, and Agricultural Threats, National Academy of Sciences, 2004 www.nae.edu/nae/pubundcom.nsf/weblinks/CGOZ-642P3W?OpenDocument 24. Chemical Attack Warfare Agents, Industrial Chemicals, and Toxins, National Academy of Sciences, 2004 www.nae.edu/nae/pubundcom.nsf/weblinks/CGOZ-642P3W?OpenDocument o. First Observer: Operation Secure Transport (Motorcoach) available with Spanish subtitles p. School Transportation Security Awareness q. Hazmat Motor Carrier: Security self-assessment training r. IED Detection and Recognition for Railroad Employees (CD) s. On the Tracks: Rail Sabotage Awareness and Reporting (CD) t. On the Tracks: Rail Sabotage Awareness and Reporting (Poster) u. On the Tracks: Rail Sabotage Awareness and Reporting (Brochure)
194 Update of Security 101: A Physical Security and Cybersecurity Primer for Transportation Agencies 29. Dirty BombsâFact Sheet, Department of Health and Human Services, Centers for Disease Control and Prevention (CDC) July 2003 PDF http://www.cdc.gov 30. What You Should Do To Prepare For and Respond to Chemical, Radiological, Nuclear and Biological Terrorist Attacks, RAND Corporation, 2003 31. NCHRP Report 525: Surface Transportation Security Volume 1, Responding to Threats: A Field Personnel Manual, 2004 www.trb.org/TRB/publications/Publications.asp 32. NCHRP Report 793: Incorporating Transportation Security Awareness into Routine State DOT Operations and Training, 2014 33. NCHRP Report 525: Surface Transportation Security Volume 7âSystem Security Awareness for Transportation Employees, 2005 34. http://www.trb.org/Main/Blurbs/154638.aspx 35. NCHRP 20-59(51)B Draft Interim Report: A Guide to Emergency Management at State Transportation Agencies, Second Edition, 2017 36. NCHRP Synthesis 468: Interactive Training for All-Hazards Emergency Planning, Preparation, and Response for Maintenance and Operations Field Personnel, 2015 37. TCRP Report 86, Volume 5: Security-Related Customer Communications and Training for Public Transportation Providers, 2004 38. TCRP F-21 Tools And Strategies For Eliminating Assaults Against Transit Operators, 2017 39. TCRP Report 180: Policing and Security Practices for Small- and Medium-Sized Public Transit Systems, 2015 40. TCRP Synthesis 80: Transit Security Update, 2008 http://onlinepubs.trb.org/onlinepubs/tcrp/tcrp_syn_80.pdf 41. TCRP Report 86, Volume 9: Guidelines for Transportation Emergency Training Exercises, 2006 42. What You Should Do to Prepare for and Respond to Chemical, Radiological, Nuclear and Biological Terrorist Attacks, RAND Corporation, 2003. http://www.rand.org/pubs/monograph_reports/MR1731z2.html 43. DHS ICS-CERT Control Systems Security Program (CSSP) and Virtual Learning 44. Portal https://ics-cert-training.inl.gov/ 45. Federal Virtual Training Environment (free on-demand training) 46. https://niccs.us-cert.gov/training/federal-virtual-training-environment-fedvte 47. TSA Surface Transportation Cyber Toolkit 48. https://www.tsa.gov/for-industry/surface-transportation-cybersecurity-toolkit 49. NCHRP Protection of Transportation Infrastructure from Cyber Attacks: A Primer 26. Radiological Attack: Dirty Bombs and Other Devices, National Academy of Sciences, 2004 www.nae.edu/nae/pubundcom.nsf/weblinks/CGOZ-642P3W?OpenDocument 27. Worker Training in a New Era: Responding to New Threats, Department of Health and Human Services NIOSH, October 2002 28. Dirty Bombs Fact Sheet, United States Nuclear Regulatory Commission, March 2003 25. Nuclear Attack, National Academy of Sciences, 2004 www.nae.edu/nae/pubundcom.nsf/weblinks/CGOZ-642P3W?OpenDocument http://nap.edu/23516 50. ACRP Report 140: Guidebook on Best Practices for Airport Cybersecurity, 2015 51. http://trbcybersecurity.erau.edu/resources/acrp_rpt_140.pdf The National Institute of Standards and Technology (NIST) offers many relevant resources and standards including the following Special Publications. 52. SP 800-16 A Role-Based Model for Federal Information Technology/Cybersecurity Training, Revision 1 (Third Draft) 2014 53. SP 800-50 Building an Information Technology Security Awareness and Training Program, 2003 54. SP 800-84 Guide to Test, Training, and Exercise Programs for IT Plans and Capabilities, 2006 55. 2017 National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework
Information Resources 195 b. Part II: Defining a Security Zone Architecture for Rail Transit and Protecting Critical Zones c. Part III: Attack Modeling Security Analysis White Paper Building Security Standards and Resources 1. ISC Security Design Criteria for New Federal Office Buildings and Major Modernization Projects, ISC, May 2001 2. ISC Security Standards for Leased Space, ISC, 2004 3. Standard Guide for Developing a Cost-Effective Risk Mitigation Plan for New and Existing Constructed Facilities: E 2506â06 ASTM Committee on Standards, © 2006 ASTM International www.astm.org 4. GSA Facilities Standards for the Public Buildings Service General Services Administration, March 2005 http://www.gsa.gov 5. DoD Minimum Antiterrorism Standards for Buildings (Unified Facilities Criteria UFC 4-010-01) Department of Defense, October 2003 www.wbdg.org/ccb/DOD/UFC/ufc_4_010_01.pdf 6. Risk Management Process for Federal Facilities: An ISC Standard, 2016 https://www.hsdl.org/?abstract&did=797952 7. Reference Manual to Mitigate Potential Terrorist Attacks Against Buildings (DHS BIPS 07) refreshes FEMA 426, Reference Manual to Mitigate Potential Terrorist Attacks Against Buildings. The manual identifies new ways to blunt the damage and limit casualties from various attacks. It also offers a new way to understand infrastructure resiliency and assess risk. 8. Items Prohibited from Federal Facilities: An ISC Standard 9. Security Specialist Competencies: An ISC Guideline [PDF] 10. U.S. Department of Veterans Affairs Physical Security Design Manual For Mission Critical Facilities, 2015 11. FEMA 430, Site and Urban Design for Security: Guidance against Potential Terrorist Attacks, 2007 12. Best Practices and Key Considerations for Enhancing Federal Facility Security and Resilience to Climate-Related Hazards, 2015 13. Best Practices for Working with Lessors: An ISC Guide, 2014 https://www.dhs.gov/sites/default/files/publications/ISC-Best-Practices-for-Working-with- Lessors-1st-Edition-508.pdf 14. Best Practices for Armed Security Officers in Federal Facilities, 2013 15. Violence in the Federal Workplace: A Guide for Prevention and Response, 2013 https://www.dhs.gov/sites/default/files/publications/ISC%20Violence%20in%20%20the%20Fede ral%20Workplace%20Guide%20April%202013.pdf 16. Occupant Emergency Programs: An ISC Guide, 2013 https://www.dhs.gov/sites/default/files/publications/ISC%20- Occupant%20Emergency%20Programs%20Guide%20FINAL_508_0.pdf 17. Best Practices for Managing Mail Screening and Handling Processes: A Guide for the Public and Private Sectors, 2012 18. Planning and Response to an Active Shooter: An Interagency Security Committee Policy and Best Practices Guide, 2015 19. DOD Security Engineering Facilities Planning Manual (Draft) UFC 4-020-01 Department of 20. Defense March 2006 www.wbdg.org/ndbm/DesignGuid/pdf/Final%20Draft_UFC_4-020-01.pdf 56. https://www.nist.gov/itl/applied-cybersecurity/nice/resources/nice-cybersecurity-workforce- framework 57. American Public Transportation Association Recommended Practices: Securing Control and Communications Systems in Transit Environments a. Part I: Elements, Organization and Risk Assessment/Management
196 Update of Security 101: A Physical Security and Cybersecurity Primer for Transportation Agencies 1. FHWA Framework for Improving Resilience of Bridge Design (Report No. FHWA-IF-11- 016, January 2011). Recognizing that addressing security concerns and potential failures during design is a much less costly approach, the framework that can be employed by bridge designers during the design process that can help to minimize bridge failures while in service and/or during construction. It was developed to provide bridge designers with a tool for identifying potential failure mechanisms by highlighting design considerations that could reduce failures that might not be readily apparent in current design specifications. 2. NCHRP Report 645: Blast-Resistant Highway Bridges: Design and Detailing Guidelines (2010) contains general design guidance and a simplified design procedure for blast-resistant reinforced concrete bridge columns. 3. NCHRP 20-07/Task 378 Assessing Risk for Bridge Management, 2016 focused on developing guidelines for a data-driven risk assessment at the bridge and structure level that considered risks from natural and human-made hazards. The methodology and proposed guidelines produced support the state DOTsâ focus on risk-based asset management. 4. FHWA Bridge Security Design Manual (2017) provides state-of-the-art guidance on bridge- specific security planning, extreme loading phenomenology and characterization, and protective design strategies for vulnerability assessments of existing bridges, resilient design of new bridge construction, and emergency planning efforts. 5. TSA Comparative Analysis of Assessed Bridges (2015) indicates nine most common bridge construction types, the most vulnerable structural element, recommended mitigation method, and cost of such mitigation. The report is identified as Sensitive Security Information (SSI) but is available on a âneed to knowâ basis for persons validly associated with bridge security and construction. Tunnel Security Guidance and Resources 1. 2015 FHWA Tunnel Operations, Maintenance, Inspection, and Evaluation Manual (TOMIE Manual) 2. Tunnel Security for Public Transit (APTA SS-SIS-RP-16-15, 2015) offers best practices in the development of security for transit tunnels and the application and implementation of security design considerations where applicable. This document outlines the structure of tunnels, potential threats, and measures to enhance the security of these structures. Additionally, it recommends technologies, policies, and procedures, coupled with the operational aspects for securing tunnels from potential threats. 3. TCRP Report 86, Volume 12: Making Transportation Tunnels Safe and Secure, 2006 4. Risk Management for Terrorist Threats to Bridges and Tunnels, Federal Highway Administration (FHWA)/U.S. Army Corps of Engineers (USCOE), 2008 5. Integrated Rapid Visual Screening Series (IRVS) for Tunnels, Department of Homeland Security (DHS), 2011 6. Best Practices for Implementing Quality Control and Quality Assurance for Tunnel Inspections, NCHRP 20-07/Task 261 7. Design Fires in Road Tunnels, NCHRP Project 20-05, Synthesis Topic 41-05 8. Tunnel Operations, Maintenance, Inspection and Evaluation (TOMIE) Manual 9. FHWA DTFH61-07-D 00004 Bridge Security Guidance and Resources
Information Resources 197 11. Recommended AASHTO LRFD Tunnel Design and Construction Specifications, NCHRP 12-89, FY 2011, ongoing 12. National Fire Protection Association, Standard for Road Tunnels, Bridges, and Other Limited Access Highways, Publication 502, 2011 13. Technical Security Working Group (TSWG), Best Practices for Bridges and Tunnels, TSWG Contract Number N4175-05-R-4828, accessed Jan. 31, 2013 10. High Speed Nondestructive Testing Methods for Mapping Voids, Debonding, Delaminations, Moisture, and Other Defects Behind or Within Tunnel Linings, SHRP2 R06(G)
Abbreviations and acronyms used without definitions in TRB publications: A4A Airlines for America AAAE American Association of Airport Executives AASHO American Association of State Highway Officials AASHTO American Association of State Highway and Transportation Officials ACIâNA Airports Council InternationalâNorth America ACRP Airport Cooperative Research Program ADA Americans with Disabilities Act APTA American Public Transportation Association ASCE American Society of Civil Engineers ASME American Society of Mechanical Engineers ASTM American Society for Testing and Materials ATA American Trucking Associations CTAA Community Transportation Association of America CTBSSP Commercial Truck and Bus Safety Synthesis Program DHS Department of Homeland Security DOE Department of Energy EPA Environmental Protection Agency FAA Federal Aviation Administration FAST Fixing Americaâs Surface Transportation Act (2015) FHWA Federal Highway Administration FMCSA Federal Motor Carrier Safety Administration FRA Federal Railroad Administration FTA Federal Transit Administration HMCRP Hazardous Materials Cooperative Research Program IEEE Institute of Electrical and Electronics Engineers ISTEA Intermodal Surface Transportation Efficiency Act of 1991 ITE Institute of Transportation Engineers MAP-21 Moving Ahead for Progress in the 21st Century Act (2012) NASA National Aeronautics and Space Administration NASAO National Association of State Aviation Officials NCFRP National Cooperative Freight Research Program NCHRP National Cooperative Highway Research Program NHTSA National Highway Traffic Safety Administration NTSB National Transportation Safety Board PHMSA Pipeline and Hazardous Materials Safety Administration RITA Research and Innovative Technology Administration SAE Society of Automotive Engineers SAFETEA-LU Safe, Accountable, Flexible, Efficient Transportation Equity Act: A Legacy for Users (2005) TCRP Transit Cooperative Research Program TDC Transit Development Corporation TEA-21 Transportation Equity Act for the 21st Century (1998) TRB Transportation Research Board TSA Transportation Security Administration U.S. DOT United States Department of Transportation
TRA N SPO RTATIO N RESEA RCH BO A RD 500 Fifth Street, N W W ashington, D C 20001 A D D RESS SERV ICE REQ U ESTED N O N -PR O FIT O R G . U .S. PO STA G E PA ID C O LU M B IA , M D PER M IT N O . 88 ISBN 978-0-309-48134-2 9 7 8 0 3 0 9 4 8 1 3 4 2 9 0 0 0 0 U pdate of Security 101: A Physical Security and Cybersecurity Prim er for Transportation A gencies N CH RP Research Report 930 TRB