ISSN 1557- 2269
December 2008
This work was performed as part of the CCIT Program of the University of
California, in cooperation with the State of California Business, Transportation,
and Housing Agency, Department of Transportation, and the United States
Department of Transportation, Federal Highway Administration.
The contents of this report reflect the views of the authors who are responsible
for the facts and the accuracy of the data presented herein. The contents do not
necessarily reflect the official views or policies of the State of California. This
report does not constitute a standard, specification, or regulation.
CALIFORNIA CENTER FOR INNOVATIVE TRANSPORTATION
INSTITUTE OF TRANSPORTATION STUDIES
UNIVERSITY OF CALIFORNIA, BERKELEY
Homeland Security:
Keeping Abreast of Transportation Security
Technologies and Best Practices
UCB- ITS- CWP- 2008- 2
CCIT Working Paper
Prepared by Bensen Chiou, Senior Development Engineer
CALIFORNIA CENTER FOR INNOVATIVE TRANSPORTATION
Final Report for CCIT TO 1007
Homeland Security:
Keeping Abreast of Transportation Security
Technologies and Best Practices
Final Report - December 2008
Prepared by:
California Center for Innovative Transportation
For:
California Department of Transportation
Division of Research and Innovation
Univers ity of California Berkeley Phone: ( 510) 642- 4522
2105 Bancroft Way, Suite 300 Fax: ( 510) 642- 0910
Berkeley, CA 94720- 3830 http:// www. calccit. org
CALIFORNIA CENTER FOR INNOVATIVE TRANSPORTATION
Project Fact Sheet
Title: Homeland Security – How to Keep Abreast of Latest
Transportation Security Technologies and Best Practices
Sponsor: Caltrans Division of Research and Innovation
Executing organization: California Center for Innovative Transportation
2105 Bancroft Way, Berkeley, CA 94720
Phone: ( 510) 642- 4522. Fax: ( 510) 642- 0910
Execution period: 10/ 1/ 2005 – 12/ 31/ 2008
Contract amount: $ 279,980
Principal investigator: Professor Adib Kanafani, Civil Engineering and
Environmental Department, UC Berkeley
Center Director: Thomas H. West, Executive Director, CCIT
Project manager: Bensen Chiou, Senior Development Engineer
CCIT
Administrative Officer: Coralie Claudel, Administrative Analyst
CCIT
Additional researchers: Yi- Chih Hsiao, Grad Student Researcher, CCIT
Sin- Yi Chu, Grad Student Researcher, CCIT
Paul Huang, Graduate Student Researcher, CCIT
Diana- Luz Laborde, GSR, CCIT
Tsz Shing TSOI, GSR, CCIT
Shaopeng Long, GSR, CCIT
Univers ity of California Berkeley Phone: ( 510) 642- 4522
2105 Bancroft Way, Suite 300 Fax: ( 510) 642- 0910
Berkeley, CA 94720- 3830 http:// www. calccit. org
CALIFORNIA CENTER FOR INNOVATIVE TRANSPORTATION
Acknowledgements
The project team warmly thanks, in no particular order, the following people who
invaluably helped the project by committing their time and knowledge. Anyone who may
have been forgotten additionally receives our deep apologies.
• Larry Orcutt, Chief, Caltrans Division of Research and Innovation
• Azzeddine Benouar, Caltrans Project Manger, DRI
• J. D. Margulici, Associate Director of CCIT
• Hamed Benouar who was Executive Director of CCIT
• Frank Taylor of Caltrans Division of Research and Innovation
• Sri Bakasubramanian of Caltrans Division of Maintenance
• Nancy Chinlund of Caltrans, Division of Research and Innovation
• George Smith of Caltrans, Division of Research and Innovation
• Don Dean of Caltrans, Division of Research and Innovation
• Don Fogle of Caltrans Division of Maintenance
We also thank the rest of the CCIT staff, in particular Anne Crowe, Lori Luddington
and Marika Benko, whose help is fully appreciated every day
7
Table of Contents
Executive Summary.......................................................................................................... 11
1. Introduction............................................................................................................... 12
1.1 Background ......................................................................................................... 12
1.2 Objectives ........................................................................................................... 13
1.3 Scope................................................................................................................... 13
1.4 Research Plan ...................................................................................................... 13
1.5 Report Overview ................................................................................................. 14
2. Research Methodology.............................................................................................. 15
3. Project Tasks ............................................................................................................. 17
3.1 Survey Security Technologies and Practices ........................................................ 17
3.2 Conduct Seminar on Transportation Security....................................................... 17
3.3 Set up and Maintain Forums ................................................................................ 17
3.4 Evaluate Viable Transportation Security Technologies ........................................ 17
4. Discussion .................................................................................................................. 20
5. Conclusion ................................................................................................................. 23
5.1 Ways to Keep Employees Abreast of Latest Security Technologies ..................... 23
5.2 Steps to Achieve, Measure and Maintain Security Risk Reduction....................... 24
5.3 Steps for developing an information protection policy ......................................... 25
5.4 Emerging Security Trend of Transportation Security ........................................... 25
6. Report on Transportation Security Technologies and Best Practices..................... 27
6.1 Overview............................................................................................................. 27
6.2 Physical and Cyber Security ................................................................................ 28
6.3 Transportation Security Framework..................................................................... 28
6.4 Vulnerability Assessment Methodology............................................................... 31
6.5 Threats and Security Objectives........................................................................... 32
6.5.1 Security Objectives...................................................................................... 33
6.5.2 Security Threats........................................................................................... 33
6.6 Transportation Security Areas.............................................................................. 34
6.6.1 Transportation Infrastructure Security.......................................................... 34
6.6.1.1 Risk from Earthquake Damage to Roadway System ( REDARS) .............. 34
6.6.1.2 Other Transportation Infrastructure Security Technologies....................... 35
6.6.1.3 Freight and commercial Vehicle Security................................................. 35
6.6.1.3.1 Threat to Freight Transport................................................................... 35
6.6.1.3.2 Freight Security Technologies.............................................................. 36
6.6.1.4 HAZMAT Security .................................................................................. 40
6.6.1.4.1 HAZMAT Security Technologies and Best Practices ........................... 41
6.6.1.4.2 Improving Communication Procedure for Emergency Response .......... 42
6.6.1.4.3 HAZMAT Truck Security System........................................................ 43
6.6.1.5 Emergency Response and Disaster Recovery ........................................... 50
6.6.1.5.1 Disaster Planning and Emergency Management ................................... 50
6.6.1.5.2 Geographical for Emergency Management........................................... 52
6.6.1.5.3 What can transportation agencies handle public health emergencies ..... 57
6.6.1.5.4 Technologies for Emergency Response and Disaster Recovery ............ 59
6.6.1.6 Rail Security ............................................................................................ 63
8
6.6.1.6.1 Rail Security Technologies................................................................... 63
6.6.1.6.2 Rail Security Best Practices.................................................................. 65
6.6.1.7 Transit Security........................................................................................ 66
6.6.1.7.1 Transit Security Technologies and Best Practices................................. 66
6.6.1.7.2 Transit Security Checklist for Transit Agencies.................................... 67
6.6.1.8 Inter- Modal Security................................................................................ 73
6.6.1.9 Traveler Security...................................................................................... 74
6.6.1.10 Operational Security............................................................................. 74
6.6.1.11 Personal Security.................................................................................. 75
6.6.1.12 Security Management........................................................................... 76
6.6.1.13 Security Risk Management and Regulation Compliance....................... 76
6.6.1.14 All- Hazard Security ............................................................................. 78
6.6.1.14.1 Technologies and Tools........................................................................ 78
6.6.1.15 Physical Security.................................................................................. 82
6.6.1.16 Integrated Physical Security Planning................................................... 83
6.6.1.17 Video Surveillance System................................................................... 89
6.6.1.17.1 Value of Video Surveillance System.................................................... 90
6.6.1.17.2 Digital Video Surveillance ................................................................... 92
6.6.1.17.3 Video Surveillance and Access Management Systems.......................... 94
6.6.1.18 Bridge and Tunnel Monitoring and Assessment Methodology.............. 97
6.6.1.18.1 Synthesis on Recommendation for Bridge and Tunnel Security............ 98
6.6.1.18.2 Earthquake Upgrades Needed in California Bridges ........................... 101
6.6.1.19 Tunnel Security.................................................................................. 102
6.6.1.20 Grade- Crossing Security .................................................................... 103
6.6.1.21 Transportation Management Center.................................................... 105
6.6.1.22 Cyber Security ................................................................................... 106
6.6.2 Steps to Achieve and Measure Optimal Security Risk Reduction ............... 107
6.6.2.1 Overview............................................................................................... 107
6.6.2.2 Measuring What Matters........................................................................ 107
6.6.3 Information Security Maturity.................................................................... 108
6.6.4 Vulnerability Analysis of Critical Information Infrastructure ..................... 110
6.6.5 Public Key Infrastructure and Key Management ........................................ 111
6.6.5.1 Public Key Infrastructure ....................................................................... 111
6.6.5.2 Key Management ................................................................................... 112
6.6.5.3 PKI Security Technologies..................................................................... 113
6.6.6 Biometrics and SmartCards........................................................................ 114
6.6.6.1 Security Technologies............................................................................ 115
6.6.7 Data Security ............................................................................................. 115
6.6.7.1 Identifying Sensitive Information........................................................... 115
6.6.7.2 Controlling Access to Sensitive Information .......................................... 116
6.6.7.3 Steps for Developing An Information Protection Policy ......................... 117
6.6.7.4 Federated Data Model ............................................................................ 118
6.6.7.5 Data Management Services .................................................................... 120
6.6.8 Management Services ................................................................................ 121
6.6.9 Access Services ......................................................................................... 121
9
6.6.10 Data Security Technologies and Best Practices .......................................... 122
6.6.10.1 Check Point Endpoint Security........................................................... 122
6.6.10.2 Seagate Disk- Drive Level Encryption................................................. 127
6.6.10.3 RSA Access Manager......................................................................... 128
6.6.10.4 eToken Authentication for PC and Laptop Security ...................... 128
6.6.10.5 Information Leak Prevention System.............................................. 129
6.6.10.5.1 Best Practice to Prevent Data Loss.................................................. 130
6.6.10.6 Encrypted Drives Keep Files Safe ................................................... 133
6.6.11 Application Security .................................................................................. 137
6.6.11.1.1 Application Security Technologies and Best Practices ................... 138
6.6.12 Host- Based Security................................................................................... 139
6.6.12.1 Transportation Asset Management ................................................. 139
6.6.12.1.1 Asset Management Technologies and Best Practices .......................... 140
6.6.12.2 Patch and Vulnerability Management............................................... 141
6.6.13 Network- based Security............................................................................. 142
6.6.13.1 Firewall.............................................................................................. 143
6.6.13.2 Intrusion Detection and Prevention System ........................................ 144
6.6.13.3 Penetration Testing............................................................................. 145
6.6.13.4 Unified Threat Management............................................................... 145
6.6.13.5 Security Technologies and Best Practices........................................... 146
6.6.13.6 Security Information Management ..................................................... 147
6.6.13.7 Single Sign- On................................................................................... 147
6.6.13.7.1 Enterprise Single Sign- On ............................................................... 148
6.6.13.7.2 General Requirements for Enterprise Single Sign- On......................... 149
6.6.13.7.3 Single Sign- On Security Technologies ............................................... 149
6.6.13.8 Intrusion Detection and Prevention System........................................ 150
6.6.13.9 Integrated Security Information Management Solution ................ 151
6.6.13.10 Information Security Policy............................................................. 154
6.6.13.10.1 Security Policy Types ..................................................................... 155
6.6.13.10.2 Policy Implementation ................................................................... 160
6.6.13.10.3 Cost Considerations ....................................................................... 162
6.6.14 Mobile Security ......................................................................................... 163
6.6.15 Physical and Logical Security convergence................................................ 167
6.6.15.1 Converge Security Technologies ........................................................ 169
6.6.16 Other Security Areas.................................................................................. 170
6.7 References to Report on Transportation Security Technologies.......................... 171
10
11
Executive Summary
The California Center for Innovative Transportation ( CCIT), with sponsorship from the
California Department of Transportation ( Caltrans), identified the Caltrans security needs
and viable security technologies and best practices to mitigate the potential security risk.
The project team created a server for hosting the security forum and security research reports.
The access to the server is controlled by a two- level access control for general security
documents and security forum respectively. We synthesized some lengthy security reports
and posted them to the server. We also presented the project overview, security server and
forums to Caltrans, western state Department of Transportation ( DOTs), nationwide state
DOTs via web- based broadcast ( webinar) and at Intelligent Transportation System ( ITS)
World Congress 2008.
Since the objective of this project is to help Caltrans employees keep abreast of the latest
security technologies and best practices, the final project report is designed to present
information on the assessed security technologies and best practices as much and detail as
possible. Much information on the security technologies and best practices presented in this
final report are copied from vendors’ websites, white papers and presentations with some
editing for clarification.
12
1. Introduction
As a part of Task Order ( T. O.) 1007, CCIT identified and assessed the viability of the latest
transportation security technologies and best practices, created a server to host the security
reports and security forum, and presented it to state DOTs, U. S. DOT, Department of
Homeland Security and transportation security related providers. This report is intended to
assist those responsible for properly maintaining and securing transportation infrastructures
and facilities for the transportation agencies. This section describes the reason why this
project is undertaken, the scope of the project, the methodology & tasks to accomplish the
project objectives, the discussion and conclusion. Due to the limited resources, it was
infeasible to acquire and test these security technologies to validate security vendors’ claim.
However, based on the project manager’s years of experience in security related design and
assessment, it is very likely that the collected information is valid, therefore merits further
evaluation.
1.1 Background
With the world’s focus on terrorism, homeland security has undergone dramatic changes in
the last few years. New technologies and strategies are continually being developed and
updated. While Caltrans has been considered a leader in addressing homeland security
issues, both the dynamic nature of ongoing threats and the influx of new technologies and
strategies under development require that we keep abreast of these advances. Staying up- to-date
with the latest technologies and best practices is paramount to protecting the State’s
infrastructure, its economy, and its traveling public citizens. It is vital that we improve
Caltrans' preparedness and response to terrorist attacks and find viable solutions that are less
labor intensive and cost effective.
The California Center for Innovative Transportation ( CCIT), with sponsorship from the
California Department of Transportation ( Caltrans), identified and assessed viable and latest
transportation security technologies and best practices, created a server to host the
information on these technologies and best practices, designed and implemented a forum for
the security officers to share their security knowledge and to refine the best practices to
improve the security posture of the transportation infrastructure and facilities. We also
synthesized lengthy articles on transportation security and posted them to the server.
13
1.2 Objectives
The project objectives were to keep Caltrans employees abreast of the latest security
technologies and best practices applicable to improve the security posture of Caltrans
transportation infrastructures and facilities.
1.3 Scope
T. O. 1007 aimed to further facilitate the information sharing on the transportation security
technologies and best practices by the following avenues:
• Designing and implementing a server to host the security reports
• Creating a security forum for extensive security categories
• Gathering and assessing the applicable security reports.
• Synthesizing and posting security articles and best practices to security server.
Project team presented the project and security server to the following stakeholders:
• State Department of Transportations
• Federal DOT.
• Department of Homeland Security.
• Western state DOTs.
• Private companies providing technologies and solutions for transportation security
and
• Other security related conferences.
Due to the limited project resources, it was not feasible to buy and validate the security tools
and technologies.
1.4 Research Plan
Securing the transportation system and improving Caltrans’ preparedness and response to
terrorist attacks can be achieved by addressing three areas:
• Keeping abreast of the latest transportation security technologies and best practices
• Assessing threats, vulnerabilities, and countermeasures, performing gap analysis, and
plugging the security gap
14
• Appraising Caltrans of approaches and priorities for a comprehensive statewide,
multimodal transportation security program
We used a multi- pronged approach to keep Caltrans and other agencies abreast of the latest
technologies and best practices. We built on the assessment work done by Caltrans and other
agencies and research institutes since September 11, 2001. We combined a top- down
approach ( e. g., analyzing threats and making specific recommendations) with a bottom- up
approach ( e. g., surveying state- of- the- art technologies of other states and institutions and
implementing versions tailored to Caltrans’ unique needs). Our proposed plan would:
• Build on existing work, as well as survey state- of- the- art technologies and the best
practices of transportation security
• Conduct seminars for pivotal Caltrans security personnel on these technologies and
best practices
• Set up transportation security forums for Caltrans and other security officials,
academia, and research institutions so that they may share and refine best practices
and discuss evaluations of and application experiences with security technologies
• Identify, document, and prioritize critical transportation assets according to the
associated business criticalities of District 4
• Assess the vulnerabilities of identified critical transportation infrastructure
• Identify and document existing protection measures for the assessed assets, and
perform gap analysis
• Research viable security technologies for preventing, deterring, and mitigating the
effects of terrorist attacks
• Analyze the cost effectiveness of viable security technologies to plug any identified
security gaps
The project team was instructed by the major Caltrans stakeholder not to identify, document
and to perform vulnerability against Caltrans infrastructure due to security concern and the
fact that the California Highway Patrol ( CHP) had performed these tasks on Caltrans
infrastructure shortly before the project started.
1.5 Report Overview
Section 2 describes research methodology. Section 3 describes the proposed project tasks.
Section 4 discusses some issues which transportation security officers are facing, the activities for
the initiative for multi- agency transportation partnership. Section 5 concludes with some
recommendations. Section 6 describes detail information on the assessed transportation
security technologies and best practices. Section 6.1 lists all the references of data sources
and website URLs referenced in the Section 6..
15
2. Research Methodology
We combined a top- down approach with a bottom- up approach, and created forums to
facilitate information sharing and discussion of the latest transportation security technologies
and best practices among transportation agencies and operators.
Top- down approach
The top- down approach would ( 1) document Caltrans transportation assets and business
criticality; ( 2) determine risk associated the documented assets, ( 3) assess the protection
countermeasures to protect the transportation asset, ( 4) determine security gap and ( 5)
generate a cost- effective matrix to improve transportation security. For security reason,
Caltrans key stakeholder, Caltrans
Bottom- up approach
The bottom- up approach would ( 1) search transportation security related websites, literatures
and conferences for relevant articles, reports, tools, and best practices, ( 2) contact
transportation agencies and operators for lessons learned and best practices, ( 3) contact
academia and research institutes for information on transportation security related
configuration, control, and management of transportation assets, ( 4) survey transportation
and information security industries for the latest security technologies and best practices.
Facilitating Security Information Sharing
We conducted seminars on transportation security and the security server demonstration,
with goal of improving agencies’ transportation security by providing forum to facilitate
information sharing on vulnerability assessment, asset protection, security technologies, best
practices, processes and procedures related to improving transportation security.
Multi- Agency Partnership for Improving Transportation Security
In the later project stages, the project team decided to launch an effort aimed to create a
multi- agency partnership for improving transportation security. To accomplish this objective,
we performed the following sub- tasks:
• Prepared presentation slides on transportation security and the server hosting security
forum.
• Conducted web- based seminar to present the content and benefit of the security
servers, and how to use the security server for improving transportation security.
• Presented to western state DOTs the content hosted on security server and effective
way to utilize security server to improve agencies’ own security.
16
• Presented the security server and its benefit to attendees of ITS World Congress 2008,
and other security related conferences.
• Created accounts for the SCOTS members to access the security server.
• Created a server transition plan aimed to formulate a server maintenance &
improvement partnership.
Although the multi- agency partnership wasn’t created by the end of this project due to lack
of enough active support from state DOTs, project team has laid the foundation for future
partnership effort.
17
3. Project Tasks
The project tasks consisted ( 1) survey of the latest security technologies and best practices;
( 2) conducting seminars on the technologies and practices; ( 3) setting up server for hosting
security reports and for hosting security forum; ( 4) technology evaluation on transportation
security technologies and best practices; and risk assessment and gap analysis. Due to
security concern and the fact that California Highway Patrol ( CHP) had already performed
risk assessment, the project team decided that the tasks of risk assessment and gap analysis
should be excluded.
The performed project tasks are as follows:
3.1 Survey Security Technologies and Practices
We performed literature search on the web and libraries, contacted security related vendors
research institutes, government agencies, and attended security related conferences. The
outcome is comprehensive reports on technologies and best practices for improving
transportation security.
3.2 Conduct Seminar on Transportation Security
We conducted several classroom seminars to key Caltrans stakeholders, SCOTS members
and U. S. state DOTs. We also presented the project and security server at proper security
conference and ITS World Congress 2008 in New York City, NY.
3.3 Set up and Maintain Forums
We created a computer server and populated it with security reports we collected and/ or
synthesized. We also created an extensive security forum for various chat rooms on various
categories such as infrastructure protection, emergency response, HAZMAT security, cyber
security, rail security, and physical and cyber security converge.
3.4 Evaluate Viable Transportation Security Technologies
We identified the security publications, reports, white papers and offerings from security
vendors, and selected those technologies and practices potential useful to transportation
agencies to improve the security posture. Due to lack of resources, it was infeasible to
acquire and test the security technologies or best practices. We did high- level evaluation of
the technologies based on vendors’ publication, industry trend, and project team’s experience
on security works and exposure. The collection of the information on latest security
technologies and best practices will pave the way for future follow- up security project to
acquire and validate the vendors claim.
18
19
20
4. Discussion
We created a server to host the reports and information on transportation security
technologies and best practices. We also created and populated security forums for
transportation security officers to share knowledge and experience on security technologies
and to refine the best practices to improve transportation agencies’ security. We launched
activities aimed to create a multi- agency partnership to enable and promote the transportation
security.
In the late project stage, project team believed that the security server hosting the security
articles and reports and the security forum would be very beneficial to all the U. S. state and
federal transportation agencies, Department of Homeland Security, security research
institutes, and private security solution providers. Due to the security concern of major
Caltrans stakeholder, the project team didn’t perform tasks to identify Caltrans critical assets
and assess asset vulnerability and to formulate strategy to mitigate Caltrans security risks.
However, we identified various potentially useful cyber and physical security technologies
and best practices and populated the security server and forums for helping transportation
agencies strengthen agencies’ security.
Security officers of transportation agencies are facing daunting tasks. There are wide scope
of transportation security technologies and policies potentially needed to improve
transportation agencies’ security posture. These technologies includes, and not limited to
those needed for government compliance, vulnerability assessment, penetration testing,
network defense, intrusion detection and prevention, end- point and data security, mobile
security, physical security, employee training on security awareness, security policies and
procedures, business continuity, and emergency planning, response and recovery.
Each one of security technologies and tools needed to be evaluated and assessed against the
needs of each transportation agency. It takes enormous skill, time, and financial resources to
validate security vendors’ claims. Making the security- improvement task even tougher is the
fact that the security improvement may be an afterthought or back burners on the to- do list of
transportation agencies especially when the budget available for agencies’ security
improvement is decreasing.
Transportation security includes security policies and procedure, vulnerability assessment,
physical security; cyber security and physical- cyber security converge. The security areas
include infrastructure protection, freight and commercial vehicle security, HAZMAT
security, Rail security, emergency planning and response, data security technologies.
The technologies for physical security includes physical obstacles such as door, alarm, lock,
fence, lighting, security guards, surveillance camera, etc. Modern physical security system
includes software for facility monitoring and video analytics.
21
The security technologies for cyber security includes those for network defense, host- based
security, mobile security, end device security, application security, database security,
intrusion detection and prevention, penetration testing, patch and vulnerability management
and unified threat management.
There are many enabling technologies for realizing the security improvement for the above-mentioned
security areas. The enabling technologies include public key infrastructure and
key management, biometrics and smart card, and Single Sign- On.
The issues on non- interoperable communication systems are results of the following limiting
factors: incompatible and aging communication equipments; limited and fragmented funding;
limited and fragmented planning; lack of coordination and cooperation; and limited and
fragmented radio spectrum.
The strategies for achieving interoperability: the Role of the Governor are:
• Create a governance structure that fosters collaborative planning among local, state
and federal government agencies
• Development of flexible and open architecture and standards
• Support funding for public safety agencies that work for interoperability and no
funding to those who don’t
• Support efforts of the public safety community to work with the federal
communications commission ( FCC) to allocate amble spectrum for public safety and
create contiguous bands for public safety spectrum.
22
23
5. Conclusion
Risks that threaten the security and availability of networks and applications range from
software and operating system vulnerabilities to mis- configurations and errors that easily
creep into server, firewall and end- point setting. Rapid changes within technology, new
server, software developments, and the evolving sophistication of attack methods used to
infiltrate systems and to steal data is the greatest set of challenges faced by security and IT
administrators trying to keep their systems secure and within regulatory compliance.
5.1 Ways to Keep Employees Abreast of Latest Security Technologies
Keeping Caltrans and other transportation agencies’ employees of the latest transportation
security technologies and best practices involves the following critical components and
activities:
• Engagement and buy- in of organizational upper managements and security officers.
• Development, refinement of agencies security policies, procedures, requirement,
rules, governance and employee education and training.
• Inter- agency collaboration and coordination for sharing the vulnerability and security
knowledge and best practices.
• On- going assessment of transportation assets, emerging vulnerabilities, designing and
refining mitigation strategies, and monitoring effectiveness of countermeasures.
• Periodical user education, training and tabletop exercise on the best practices of
improving agencies’ security postures.
• The platform created by this project for information sharing among the security
officers can be enhanced for facilitating information sharing and refining without
disclosing agencies’ vulnerabilities and countermeasures in place.
• A viable partnership among federal and state departments of transportation, research
institutes and private companies is needed for realizing the benefit of security
improvement by sharing the transportation vulnerabilities and countermeasure
technologies and best practices. This partnership can facilitate to promote the security
improvement of transportation agencies and provide needed server enhancement, and
on- going server and forum management.
24
• Formulating IT security policies requires communication and understanding of the
agencies’ goals, and potential benefits. Through a carefully structured approach to
policy development, the delegation of program management responsibility and an
understanding of both program- level and issue- specific policy components, a
coherent set of policies can be integrated into sensible practices and procedures.
• Security policy implementation is a continuous process. Upper management can’t
merely mention the security policy in a one- time statement with high expectations of
being implemented when employees at all levels will be affected in some way, or new
procedures and activities are introduced. Some viable avenues to ensure the
implementation of security improvement are presentations, forum discussions, panel
discussions, newsletter and security refreshing via email.
5.2 Steps to Achieve, Measure and Maintain Security Risk Reduction
Risks that threaten the security and availability of networks and applications range from
software and operating system vulnerabilities to misconfigurations and errors that easily
creep into server, firewall and end- point setting. Rapid changes within technology, new
server, software developments, and the evolving sophistication of attack methods used to
infiltrate systems and to steal data is the greatest set of challenges faced by security and IT
administrators trying to keep their systems secure and within regulatory compliance. That’s
why measuring the security status of infrastructure and agencies’ ability to rapidly mitigate
emerging threats needs to be continuously monitored and measured.
It’s impossible to secure what isn’t measured without an accurate depiction of an agency’s
network, the ability to identify real- world security threats and evaluate an agency’s ability to
respond, there’s no way to improve, let alone understand, the true security posture of
agency’s infrastructure. More and more, companies seeking to better manage complex threats
and increased regulatory demands are enhancing their security efforts by establishing
effective and sustainable vulnerability and risk management programs that quantify their
security progress to maintain the confidentiality, integrity, and availability of business data
and networks.
Measuring What Matters
Measuring the effectiveness of your IT security and vulnerability management program
doesn’t mean increased workload for security managers and system administrators. In fact,
with the right tools in place, collecting, correlating, and analyzing IT security information
should be integrated into the workflow already in place to identify and fix your un- patched
and mis- configured systems. The goal is to track the progress of your vulnerability
management program in ways that give administrators the information they need to swiftly
remedy at- risk systems, while also providing business leaders the insight they need to
understand their company’s overall levels of risk. This is accomplished by obtaining an
accurate network baseline, classifying IT systems, identifying and prioritizing system
25
vulnerabilities, validating their remediation, and capturing the intelligence needed to measure
security posture and improvement over time.
The steps are:
• Discover baseline network assets
• Asset classification
• Accurate vulnerability identification
• Transform raw security data into intelligence
• Ability to measure and trend security posture
• Remediation process integration
• Demonstrating regulatory compliance
5.3 Steps for developing an information protection policy
• Create an oversight committee for setting sensitive information policies
• Continuous review and identify DOT's sensitive information
• Establish a single point of contact for managing sensitive information
• Establish and continuous training on sensitive information handling protocol
• Educate DOT staff about sensitive information and best practices
5.4 Emerging Security Trend of Transportation Security
In recent years, there are several emerging trend in transportation security:
• Physical and Cyber security converge
• More transportation infrastructures are controlled by information systems
• Unified threat management can provide a comprehensive protection strategy and
offers security management approach for security officers
• Emergency Management is more focused on all- hazard emergency planning and
response
• Better interoperable communication system is needed for emergency planning and
response
• Information security is focused more on identifying and controlling access to
sensitive data security
• Network protection strategy was moving intrusion detection toward intrusion
prevention
• Mobile security is gaining more attention on securing mobile work force
• Geographical Information System ( GIS) became a viable tool for emergency
management
• Data breach incident is gaining more attention through government disclosure
mandate.
• Tabletop exercise for transportation employees can improve business continuity
• Single sign- on is needed for improving security and operation efficiency. It can
reduce password fatigue and time for different user name and password combination,
26
reduce IT costs, security on all levels of entry/ exit/ access to systems without the
inconvenience of re- prompting users and centralize reporting for compliance
adherence.
27
6. Report on Transportation Security Technologies
and Best Practices
6.1 Overview
This report describes the result of the research on the transportation security technologies and
best practices. It is divided into thrusts: physical security; cyber Security; physical & cyber
security convergence; emergency planning and response, public safety, etc. There are
different security areas under each thrust. Each area may be divided into three sections:
vulnerability; technologies; best practices.
We surveyed and evaluated the latest transportation security technologies and best practices.
Seminars on the findings were presented to key Caltrans stakeholders. A security website
with forums was set up for information sharing on the security technologies and for
refinement of the best practices among agencies and research institutions. It was presented to
Caltrans managers and to The Special Committee on Transportation Security ( SCOTS) of
The American Association of State Highway and Transportation Officials ( ASSHTO).
The website hosting the security technologies and best practices is secured with two- level
protections: General protection and Forum protection. General protection layer protects the
security resources such as Security framework, Vulnerability Assessment Methodology,
Surface Transportation security, and synthesis on transportation security and best practices.
Once a user enters the general protection area, the user can login to the forums to view or
post the messages for sharing the transportation security technologies or refining the best
practices.
By agreement with the sponsor, CALTRANS, the tasks of vulnerability assessment, and risk
mitigation were not performed. We, nevertheless, did assess available information on
transportation vulnerabilities in general and what viable security technologies are available to
mitigate them.
To ensure that the homeland security server created under the scope of this project can be
used to benefit all the federal and state transportation agencies, the project team members
worked with Caltrans manager to formulate a multi- agency partnership with federal and state
DOTs. Given the unfavorable current state of U. S. economy, it was a challenge to enlist state
DOTs to support the multi- agency partnership and to fund security server enhancement and
content acquisition. It is the hope of project team that follow- up project, if feasible, can built
28
upon the foundation of this project to formulate a lasting, win- win multi- agency, public-private
partnership.
6.2 Physical and Cyber Security
Physical security assessments include evaluations of security requirements, threats and
vulnerabilities, policies and procedures, personnel response, mechanical and electronic
security measures, access control, closed circuit television, alarm systems and other measures
necessary to ensure deterrence, detection, assessment, response, and neutralization of
potential adversaries. Vulnerabilities and associated risks are identified, and recommended
countermeasures such as improvements to facilities, equipment, personnel, plans, and
procedures are deployed, monitored and managed [ 1].
These assessments determine the state of security for client's facilities, systems, networks,
and high value assets based on business requirements. A thorough assessment is performed to
determine the operations vulnerabilities through review of current policy, procedure, staff
interviews, and premise surveys. Ultimately, this assessment provides a risk management
view of the operational environment's vulnerabilities.
Cyber Security [ 2] includes the security for the information system, network, data, policy
and procedure. Risk assessments combine knowledge of business objectives, information
flow, safeguard requirements, network architecture, and operational policies and procedures.
The result is an identification of critical assets, an understanding of the internal and external
threats, and a prioritized set of cost- effective risk- mitigation measures.
Security assessments are available at various levels of complexity; from high- level reviews
of organizational policies and procedures to technical vulnerability assessments involving
sophisticated tools and procedures to identify specific configuration and implementation
weaknesses within the network infrastructure.
Penetration tests determine the extent of a network's exposure to external or internal attack
and assess the effectiveness of existing safeguards in providing the level of protection you
desire. Using proven methodology to exploit discovered weaknesses can validate the
effectiveness of network security measures.
6.3 Transportation Security Framework
The transportation security framework developed by the project teams is to grow and
mutually enhanced transportation security knowledge base. In order to develop a
29
comprehensive effective security framework, there are several inter- related project tasks:
Survey of Security Technologies and Best Practices and Develop Knowledge base;
Transportation Security Forum; Vulnerability Assessment; Mitigation Plan & Program.
30
The relationship among these task areas is depicted in the following diagram
Survey of Security
Technology & Best Practices
Develop Knowledge Base
Vulnerability
Assessment
Mitigation Plans and
Programs
California
Transportation
Security Forum
31
The objectives and information flow of these security tasks are:
• Survey of Security Technologies & Best Practice
The information of the development of security technologies is surveyed and the best
practices are assessed. The related research articles, books, reports, and proceeds of
security related conferences are synthesized as part of knowledge base.
• Transportation Security Forum
A web site for hosting the transportation security forums was developed for the
transportation security professionals and decision makers of transportation agencies
to share the knowledge and experience on security tools, procedures and the best
practices.
• Vulnerability Assessment
Every transportation agency has its own mission. Supporting and realizing its mission
are the transportation assets, procedures and policies of the agency. The objective of
the vulnerability assessment is to identify and document the transportation assets,
assess the threats to these assets, assess the existing countermeasures, and perform the
security gap analysis.
• Mitigation Plans and Programs
Based on the result of gap analysis, viable technologies and tools - existing or under
development - are assessed. The life- cycle cost of the counter- measure is taken into
consideration for formulating mitigation strategy, plan and programs. These
mitigation options are then evaluated and determined by the decision makers and
security professionals of the transportation agency.
6.4 Vulnerability Assessment Methodology
The vulnerability assessment on the transportation agency focuses on the assessment of the
potential vulnerability of the agency's transportation assets, and the existing protection
measures in place. These assets may be transportation infrastructure, facilities, security
procedures and policies.
The vulnerability of a transportation asset is the combination of an occurrence factor and a
vulnerability factor.
The occurrence factor is a measure of the relative probability or likelihood of a threat. It is a
weighted combination of the following attributes for a transportation asset:
• Level of access
• Level of security
32
• Level of publicity
The values of these attributes of a transportation asset can be determined by enlisting
Caltrans security officials to apply the Analytic Hierarchy Process ( AHP) methodology.
AHP is a flexible decision- making process that helps groups to set priorities and make the
best decisions in situations that involve both qualitative and quantitative factors. By reducing
complex decisions to a series of one- on- one comparisons and then synthesizing the results,
AHP not only helps decision makers arrive at the best decision, but also provides clear
rationales for these decisions.
The vulnerability factor is a measure of the consequence to the transportation facility and the
loss of life following an adverse event. It is a weighted combination of the following:
• Expected economic impact of loss of the asset.
• Expected economic and life losses due to the closure of the facility.
• Expected number of casualties incurred when the asset is damaged.
The weighting of these attributes of each vulnerability factor will be determined by applying
the AHP methodology.
The vulnerability of a transportation asset can be determined by combining the values of
occurrence and vulnerability factors.
6.5 Threats and Security Objectives
The objective of security is to protect the surface transportation information and
infrastructure. Surface transportation is now, more than ever, relying on information
technologies to sense, collect, process and disseminate information to improve the efficiency
of moving goods and people, improve the safety of the transportation system and provide
travel alternatives.
The security of an agency includes the security of the physical infrastructures and facilities,
the information systems on which various transportation systems builds upon, and the
security policy & procedure for ensuring that the objective of agency can me met without
disruption.
Each component supporting the transportation system should be analyzed in order to ensure
that the threat is identified, countermeasures are put in place, and the security posture is
constantly monitored and improved.
The process of applying security on a transportation system consists of the following
processes:
• Setting security objectives
33
• Performing the following loop of security management tasks to ensure the security
objectives is constantly met:
• Analyzing security threat and system vulnerability.
• Assess risk on how the security threat can exploit the system vulnerability.
• Identify viable technologies and cost to mitigate the risk.
• Deploy the cost- effective counter- measures to mitigate the risk
6.5.1 Security Objectives
There are three overarching security objectives: Confidentiality, Integrity and Availability.
The Confidentiality objective ensures that the information is not disclosed to unauthorized
individuals, processes, or systems. It deals with the prevention of unauthorized disclosure of
information deems sensitive. The confidentiality security objective defines the level of
restriction to sensitive information that is transmitted or stored within a system.
The Integrity objective ensures the accuracy and reliability of information and systems, and
defines the level of protection from unauthorized intentional or unintentional modifications.
This objective is related to auditing accountability, authentication, and access control
services for sensitive information.
The Availability objective ensures that systems and information are accessible and usable to
authorized individuals and/ or processes.
6.5.2 Security Threats
Security threats are events or circumstances that adversely impact a surface transportation
system or communication between systems. Threats cover a broad spectrum and include
errors, fraud, disgruntled employees, fire, water damage, hackers, terrorist acts, viruses and
natural disasters. The general threat categories are as follows:
• Deception: A circumstance or event that may result in an authorized entity receiving
false data and believing it to be true.
• Disruption: a circumstance or event that interrupts or prevents the correct operation of
system services and functions.
• Usurpation: a circumstance or event that results in control of system services or
functions by an unauthorized entity.
34
• Disclosure: a circumstance or event whereby an entity gains access to data for which
the entity is not authorized.
The system implementer and security officer must ultimately identify and analyze specific
threats to determine the likelihood of their occurrence and their potential to harm the
transportation system.
6.6 Transportation Security Areas
The transportation security areas includes the security technologies and best practices on
transportation infrastructure, freight and commercial vehicles, HAZMAT, rail, transit,
traveler, personnel and inter- modal facilities,
6.6.1 Transportation Infrastructure Security
Transportation infrastructure can be monitored and protected by a broad array of
technologies. Transportation infrastructure security includes the monitoring of transportation
infrastructure ( e. g., bridge, tunnels, facilities, management center, freeways and other
systems) for potential threats using sensors and surveillance equipment. Threats to
infrastructures can result from acts of nature ( e. g., hurricanes, earthquakes), terrorist attacks
or other incidents causing damage to the infrastructure ( e. g., stray barge hitting a bridge
support). Barrier and safeguard systems are used to preclude an incident, control access
during and after an incident or mitigate impact of an incident.
At institutional level, the Emergency Management Subsystem monitors the transportation
infrastructure. Information on threats is shared primarily with the other security and
emergency response subsystems. The Traffic Management Subsystem controls the barrier
and safeguard equipment although emergency management can request deployment.
6.6.1.1 Risk from Earthquake Damage to Roadway System ( REDARS)
REDARS [ 3] ( Risk from Earthquake DAmages to Roadway Systems) is software that
estimates the extent and location of earthquake damage to a roadway system, how this
damage affects system- wide post- earthquake travel times and traffic flows, and the economic
losses caused by travel time delays. User can configure and run a single- earthquake
( deterministic) or multi- earthquake analysis.
REDARS embodies Seismic Risk Analysis ( SRA) research conducted by a team of
specialists under the sponsorship of the Multidisciplinary Center for Earthquake Engineering
Research ( MCEER) and the Federal Highway Administration ( FHWA) during two
consecutive six year research projects: FHWA- MCEER Project 106 ( 1993 to 2000) and
FHWA- MCEER Project 094 ( 2000 to 2005). In addition, the California Department of
35
Transportation ( Caltrans) has sponsored a REDARS Demonstration Project that has
supported related research and software development work
6.6.1.2 Other Transportation Infrastructure Security Technologies
Other transportation infrastructure security technologies and best practices are described
under the Chapter “ Physical Security”.
6.6.1.3 Freight and commercial Vehicle Security
The area of Freight and Commercial Vehicle Security [ 4] considers the awareness aspect of
security through the surveillance or inspection of either commercial vehicles or freight
equipment. Freight equipment includes containers, the chassis, or trailers. In addition, the
interface with inter- modal facilities is another aspect of this area. This security area includes
the following four major functions:
• Tracking commercial vehicle or freight equipment locations to determine if an asset
has deviated from its planned route. The carrier’s operation center, via Fleet and
Freight Management System ( FMS), would be responsible for monitoring the route.
In addition, the commercial vehicle’s on- board system can correlate its current
location to the planned route and notify the operation center of a route deviation. The
operation center could notify public agencies if necessary.
• Monitoring the identities of the driver, commercial vehicle and freight equipment for
consistency with the planned assignment. The carrier’s operation center determines if
an unauthorized change has occurred and is responsible for implementing a response
plan. In support of a seamless inter- modal system, assignment information is
exchanged with inter- modal facilities and shippers.
• Monitoring freight equipment for any breach or tamper event including nature of
event, time, location, equipment identity, monitoring device status and environmental
threat sensor readings ( chemical, biological, etc.).
• Monitoring commercial vehicle for any breach or tamper event including event, time,
location, vehicle identity, driver identity, and monitoring device status.
6.6.1.3.1 Threat to Freight Transport
The terrorist threat to the freight transport network gains far less attention than passenger
transport, since few terrorist organizations have made a serious attempt to either target major
freight networks, or use freight as their means of attack. Nevertheless, any serious attempt at
assessing the risk must look beyond past experience, and we should examine for a set of
locations, their perceived value to the terrorist through the following two types of predicted
36
attacks: ( a) using freight transportation mode/ network as means of attack, and ( b) using the
freight itself as weapon.
The key issues concerning the freight sector lie in gaining a thorough overview of its key
components including the means of freight delivery, freight contents and the operational
system that controls and regulates it.
Fig 1. Supply Chain Network- The Challenges
6.6.1.3.2 Freight Security Technologies
Electronic Cargo Seals [ 5]
After September 11, attention shifted to more robust seals with greater security capabilities.
Used well, these tools may help reduce congestion at border inspection areas at the same time
they increase confidence about security. Electronic seals must be part of a layered approach
to security since they are not sufficient on their own. It is essential to precede the sealing
process with business practices and tools that assure the integrity of the container loading and
sealing process. In addition, it is helpful— especially for efficiency and productivity— if
electronic seals are part of a harmonized and standard international process. From a
productivity perspective, electronic seals should be viewed as part of a management visibility
and control system, not simply as a security tool.
Electronic seals tend to combine physical seals and RFID components. Most of the
electronics include passive or active RFID technologies.
37
Passive seals are short range, low cost, and disposable. They have no inherent electric power,
such as a battery. The RFID reader or interrogator provides energy when it illuminates or
scans the seal. The passive seal uses the absorbed energy to reflect its information back to the
reader. The lack of on- board power limits the functionality. For example, since passive seals
cannot provide continuous power to measure the condition of the seal cable, they cannot
detect and record tampering at the time of the event— they simply report whether they are
intact or not when interrogated by a reader.
Active seals are more sophisticated, have higher initial costs, and— until prices drop
significantly— demand reuse. Active seals carry batteries and the power permits longer range
and greater functionality. To extend the previous example, they can detect tampering when it
occurs and add it to a time log of events. If equipped or interfaced with GPS, an active seal
can also log the location. Further, some seals can provide live “ mayday” tampering reports as
the events happen, mostly within specially equipped terminals.
Because of their low unit cost and operational simplicity, passive seals were generally the
preferred solution for “ pre- September 11” security requirements aimed against theft. The
greater functionality of active seals enhances their appeal for “ post- September 11” security
against terrorist tampering.
Security Sensors
Shippers, carriers, and firms that support them have a history of using sensors to monitor the
condition of cargoes, to support safe and efficient operations, and to enhance security,
usually against theft.
The best example for monitoring cargo condition is the temperature of refrigerated products.
Some devices are self- contained recorders that move with the shipment and collect an audit
trail of shipment temperatures for quality assurance and assigning liability. Other devices
detect temperature threshold violations and trigger immediate message reports calling for
field inspection or automatic restarting of the cooling or heating unit. Hazmat shippers use
analogous devices to monitor tank pressure and vapor leakage. Automotive railcars are often
equipped with impact- measuring devices including accelerometers, GPS receivers, and
recording devices to build an audit trail of rail terminal humping impacts. The data report
impacts above contract thresholds for quality control and assigning liability.
Sensors tuned to operating efficiency and safety is common among motor carriers and
railroads. While such data may be recorded on board for collection in a terminal, the growing
trend is for live delivery of the data to dispatch centers via wide area communications.
Until September 2001, most interest in security sensors focused on thwarting theft and
contraband such as drugs and human smuggling. Intrusion detection devices included
mechanical, light- sensitive, infrared motion detectors, and the development of electronic
seals. Breakwire grids can detect forcible entry through ceilings and sidewalls as well as
38
doors. Early trailer tracking devices included door open/ door closed sensors. Surround
vehicle video systems permit drivers to survey their entire rig without leaving the cab. There
were reports of a South African firm working on a device to monitor and repel unauthorized
intrusion with automatic and repeated releases of pepper sprays directed towards the trailer
door.
Non- Intrusive Inspection ( NII) devices and technologies are used to scan trailers, containers,
and railcars with x- rays and gamma rays, such as the Vehicle and Cargo Inspection System
( VACIS). The devices measure vehicle densities and variances to detect hidden
compartments, voids, and cargo anomalies. There are also portable devices, some the size of
pagers and cell phones, to “ detect drugs, explosives and radiological material. These devices
include particle and vapor detectors, personal radiation detectors, and isotope identifiers.”
Airport security also uses sensors that are applicable to freight, including explosive detection
scanners for baggage.
Cargo and Vehicle Inspection [ 6]
AS& E specializes in detection technologies that can uncover dangerous and elusive threats,
including explosives, plastic and metal weapons, and radioactive devices, such as dirty
bombs and nuclear WMD. AS& E systems also detect commonly smuggled goods, such as
drugs and alcohol. These X- ray systems are deployed worldwide at ports and borders, and
military and high- threat facilities.
AS& E Cargo and Vehicle inspection systems are engineered to provide security personnel
with an effective means of detection without disrupting the flow of commerce.
AS& E uses the most advanced proprietary technologies in the industry to deliver X- ray
inspection systems that can detect a multitude of threats and contraband, including:
* Illegal Drugs
* Illegal Immigrants
* Plastic Weapons and Explosives, including car and truck bombs
* Radioactive Threats, including nuclear devices and dirty bombs
* Smuggled goods, such as alcohol, tobacco products, and other legal goods smuggled to
evade duties ( trade fraud)
* Weapons or other inorganic threats, including metal weapons and shielding to conceal
radioactive materials
These systems can inspect cars, vans, and trucks, as well as palletized cargo, and air and sea
cargo containers. The systems support a variety of configurations to give customers
maximum flexibility, safety, and utility when implementing security solutions.
39
Wide Area Communication and Tracking [ 7]
Wide area communications and tracking is an ideal platform on which to marry condition
sensors, transaction confirmation tools, and geo- location information. Dramatic
improvements in components, integration, and cost promises disruptive technologies that will
change significantly today’s definition of both good business practices and good security.
Satellite- based systems are preferable to cellular for coverage footprints and potential global
applicability. Cellular- based systems are generally less expensive and may be more suitable
for some domestic applications.
The Global Positioning System ( GPS) is the most common source of geo- location data, but
other sources are available. For example, Qualcomm’s OmniTRACS can draw location data
from a different satellite configuration and SkyBitz uses proprietary location technology.
Within the U. S., the FCC’s Enhanced 911 regulations require cellular system operators to
implement a capability to identify the location of most emergency calls— a capability that
will be transferable to logistics applications.
Potential sensors and transaction confirmation tools cover a wide array, tailorable to user
needs. Examples include weapons of mass destruction sensors, RFID transponders for
precision gate arrival confirmations, electronic seal integration, and asset management
sensors such as empty/ partial/ full indicators.
Electrical power is an important consideration for wide area platforms, a consideration that
grows in importance as more sensors and capabilities are added to the communications
platform. Power is rarely an issue for conveyances that generate their own electricity, such as
tractors, ships, and aircraft. Power is a challenge for devices, such as chassis and trailer
monitors that may be able to re- charge storage batteries when connected to power units.
However, power is most vexing for devices with no access to external electricity, as would
be the case for any device on standard ( non- reefer) cargo containers. Battery failure troubled
the Army’s early experiments with RFID tags on containers. Battery replacement in the field
can be cumbersome and expensive.
One approach to the power issue is to encourage more research into batteries. Another
approach is elegant engineering to reduce significantly the drain on batteries. SkyBitz is an
example of the latter, cutting by a factor of 30 the power needed by GPS units. However,
elegant engineering of location determination power needs may be insufficient if gangs of
mobile sensors also draw on the same batteries.
Qualcomm OmniTRACS [ 8]
Qualcomm dominates the market for mobile satellite two- way data communications and
tracking systems for the transportation industry, especially trucking. In addition to location
determination and communications, the system provides data from vehicle- mounted sensors,
such as speed, fuel and engine operations. Available security services include an emergency
40
notification button— essentially a pre- set macro command that sends a digital location/“ need
help” message to the network center. Qualcomm also reports they can add features such as
remote locking and unlocking of trailers; remote activating fuel/ ignition cutoff switches; geo-fencing
( notice of passing set boundaries); providing out- of- route notices; and adding live
connections to cargo- related sensors and electronic seals.
Although primarily a productivity tool, OmniTRACS is already used for security purposes in
several markets. The best known is for DoD munitions shipments in the U. S., all of which
require near- constant monitoring with capabilities equivalent to OmniTRACS; the program is
the Defense Transportation Tracking System ( DTTS).
SkyBitz Global Locating System [ 9]
Eagle Eye, Inc., generally known as SkyBitz, is a small firm with proprietary technology that
permits very low power satellite location determination. SkyBitz becomes more attractive as
a security and productivity platform when other capabilities are added to location
determination. For example, the firm teamed with WhereNet, a Real Time Locations Systems
( RTLS) vendor that specializes in more precise monitoring within instrumented terminals
and warehouses.
PAR Chassis Tracking System Cargo* Mate [ 10]
PAR Logistics Management Systems developed a monitoring system for container chassis.
he Chassis Data Unit includes GPS, cellular communications with satellite options, and a
suite of sensors. Versions are available that will run off a self- contained or tractor-rechargeable
battery. The sensor options offer information relevant to operations and security.
They include covered/ uncovered ( container presence) and hooked/ unhooked. PAR offers
geo- fencing and is working on both RFID readers to identify unique ( tagged) containers.
Safety sensors, such as tire pressure and tread wear, are also options.
SAIC Integrated Container Information System ( ICIS) [ 11]
SAIC ICIS combines gamma ray imaging with radiation scanning and Optical Character
Recognition ( OCR) technology to provide a comprehensive solution to enhance security and
productivity at terminal gates, quays, railways and other checkpoint locations. SAIC provides
cargo & vehicle inspection systems, radiation detection systems, portable x- ray inspection
systems, and radiation measurement systems.
6.6.1.4 HAZMAT Security
41
The area of HAZMAT security is to reduce the likelihood of a successful hijacking of
security sensitive HAZMAT cargo and its subsequent use as a weapon. There are three
functions in this area:
• Tracking security sensitive HAZMAT cargo carrying commercial vehicles and report
unexpected and significant deviations or operations on restricted roadways to police.
In order to protect confidential operational information, the operational tracking and
determination of a significant route deviation requiring notification of public safety is
one by a commercial carrier’s operational center.
• Detecting security sensitive HAZMAT cargos on commercial vehicles by remote
sensing and imaging from the roadside. By reading electronic tag information ( carrier
ID, vehicle ID and driver ID) from a sensed commercial vehicle, any detected
security sensitive HAZMAT can be correlated with existing credentials.
• Authenticating driver and notifying public safety if an unexpected driver attempts to
operate a vehicle carrying security sensitive HAZMAT.
Keeping hazardous materials secure will continue to require active involvement and close
cooperation among all the players in the logistics chain. Railroads, for example, do not own
the tank cars used to ship highly hazardous chemicals. Tank car owners, chemical shippers,
chemical users and railroads each play a critical role in the transportation of hazardous
materials. Concrete steps should be taken to bolster security along our nation's railroads and
other hazardous material transportation vehicles, including increased security of information
systems, increased inspections of cars, and a DOD- certified 24/ 7 operations center that links
the railroads with the appropriate national intelligence agencies for tracking, information
sharing and analysis.
6.6.1.4.1 HAZMAT Security Technologies and Best Practices
Safefreight Technology [ 12] has developed solutions that promise to enhance not only
security and reduce risk, but also provide sufficient returns on investment through improved
management, more productive operations, safety to motor carriers, and leveling or reductions
in hazmat transportation insurance rates.
Safefreight’s solution is based on wireless communications and GPS tracking and a perimeter
of security provided by onboard security system, including alarms. Safefreight’s scalable,
open architecture allows for the integration of additional security and productivity
functionality. Hazmat carriers will benefit from the following features and services:
• 24/ 7 situational awareness by tracking the location and movement of mobile
assets. Dispatch can send a query to determine the current or last position of a vehicle
or trailer. Onboard hardware can also be programmed to report location information
at any chosen time or distance interval.
• Enhanced route planning through more efficient, safe routing optimization.
42
• Security alert notification to pre- established key contacts when onboard sensors,
including tamper, volumetric, door, radiation, temperature are tripped.
• Trailer disconnection notification when a trailer has been disconnected to its assigned
truck, or if it is connected to an alien truck.
• Geo- fencing of mobile assets to provide a digital, geographic perimeter of security.
Once this asset- centric fence is broken, an alert is immediately sent to notify key
contacts of the breach.
• Geo- zoning a digital geographic boundary of any shape around high- risk areas such
as nuclear facilities. If a vehicle crosses into the land- marked area, you’ll know about
it instantly so that you can take immediate action.
• Panic buttons that alert dispatch or call centers of distress or emergency situations
when the driver activates the button.
• Forensic software that provides a log of location, speed, working hours, idle time,
alarms and vehicle history.
6.6.1.4.2 Improving Communication Procedure for Emergency Response
On November 28, 2006, the District of Columbia Emergency Management Agency
sponsored the National Capital Region ( NCR) Regional Emergency Support Function # 1
( RESF- 1) Transportation Tabletop Exercise ( TTX) [ 13]. The TTX scenario detailed three
separate rush- hour traffic incidents across the region. The first incident involved a derailed
CSX tank car that exploded near the Greenbelt, Maryland, Metro station and resulted in a
large chlorine gas plume. The second incident consisted of a major traffic accident involving
a tractor- trailer and a large gasoline spill, which required fire, emergency medical services,
and hazardous material operations. The third incident involved a potential terrorist bomb
threat, which required evacuation of the surrounding area. These incidents caused extensive
gridlock and major traffic delays, which hindered emergency response efforts. The scenario
required that TTX participants formulate a coordinated regional response to the three
incidents.
TTX objectives included the identification of communication tools that would be employed
by regional transportation personnel during an emergency. Participants also used the TTX as
an opportunity to evaluate regional communication assets. Thirty participants from thirteen
state and local transportation and transit agencies in the District of Columbia, Maryland, and
Virginia participated in the TTX.
Some participants were not aware of interagency communication processes and procedures.
While TTX participants identified each agency’s primary communication tools, they did not
produce a comprehensive list of all the available emergency communication tools. Further,
the primary information coordination tool used to maintain situational awareness in
Maryland is not the same tool that is used in Virginia. Some agencies rely upon pre- existing
and informal relationships between individuals and agencies to acquire situational awareness
during an event. A regional communication tool was not employed during the TTX.
43
Some agencies do not have access to available communications systems that would provide
regional situational awareness. TTX participants indicated that the high demands on the
various transit and transportation systems and the close proximity of local jurisdictions
highlighted the need for increased regional situational awareness. Most participants did not
know if regional communication assets were available to their agency or how to request such
resources.
The TTX after- action report ( AAR) offered three separate recommendations designed to
build awareness of regional communications processes and technology tools:
First, formal communication and notification procedures between transportation and transit
agencies should be included in the development and revision of agency emergency response
plans. These should include criteria for determining what type of information needs to be
disseminated, when and why it should be sent out, and what the path of notification should be.
Formalizing these processes, coupled with improved communication between field operators
and operations centers, will help ensure that regional officials have access to accurate and
timely information during incident response operations.
Second, once formal processes are in place, improved data sharing can ensure the rapid
dissemination of information among agencies. The AAR recommended that NCR
transportation agencies remain involved in the ongoing development of a program that will
allow for real- time data sharing between agencies and will be accessible in operations centers.
Transportation emergency response officials can leverage the information sharing occurring
during routine incidents and can apply this data when responding to critical events.
Third, enhanced voice communication capabilities and interoperability can improve
emergency response. The AAR recommended establishing a dedicated talk group on a
regional 700/ 800 MHz radio system that can be identified for use by transportation officials
during an emergency. This talk group should be programmed into console radios at
operations centers as well as into portable radios with operators in the field.
The AAR noted that if agencies do not have 700/ 800 MHz radios available to operators,
procurement of a limited number of radios should be an agency priority. Regional
transportation and transit agencies can improve communication procedures between regional
agencies and increase awareness about available communications technology through such
measures as formalizing notification processes, improving data sharing capabilities, and
improving voice communication capabilities and interoperability.
6.6.1.4.3 HAZMAT Truck Security System
The importance of protecting the US population from the security risks posed by HAZMAT
transportation has long been recognized. With thousands of extreme HAZMAT shipments
44
each day and the use of HAZMAT trucks by terrorists in Iraq and elsewhere, there is a strong
need for enhanced HAZMAT security measures in the US. In response to this threat the
HAZMAT Truck Security Pilot was initiated as a congressionally mandated pilot project led
by the Transportation Security Agency ( TSA) Highway and Motor Carrier Program Office.
The project was to establish and evaluate a truck tracking center capability to allow TSA to
“ continually” track truck locations and HAZMAT load types in all 50 states and to monitor
exception- based events.
HAZMAT carriers are increasingly deploying GPS- based systems for tracking their fleets
and supporting emergency reporting. However, these commercial systems currently operate
in isolation. The HAZMAT Truck Security Pilot [ 14] was undertaken as a step towards
automating the process and promoting collaboration between commercial industry and
government entities. This section summarizes the results of this program.
HAZMAT Truck Security System Requirements
The four requirements of the HAZMAT Truck Security System are:
1. Facilitate government and industry collaboration.
2. Provide risk- based identification and analysis of threats.
3. Leverage current business processes and technology.
4. Include sufficient involvement from carriers, trucking vendors, first responders, and
local/ state agencies to evaluate the collaboration benefits.
Overview Of The HAZMAT Truck Security System
The HAZMAT Trucking Security system included three main components:
1. The Universal Communications Interface ( UCI). The UCI employed industry standard
protocols to provide interconnectivity between the various carriers’ truck tracking systems
and a central TSA HAZMAT security monitoring facility.
2. The Truck Tracking Center ( TTC). The TTC provided the operational capability for
monitoring and managing HAZMAT security threats. It included a manned emergency
operations facility and software components for securely receiving messages and displaying
the relevant HAZMAT shipment data.
3. The Risk- based Approach Component. The risk- based component provided a mechanism
for highlighting high- risk events based on predetermined risk factors.
45
46
Together these components leverage existing HAZMAT carrier protocols and fleet tracking
systems to provide an integrated HAZMAT security threat monitoring and response capability.
The figure above presents an overview of the HTSS.
Analysis of HAZMAT Traffic Routes Using The TFA/ MR- EE
Software
One of the issues faced by the major North American railroads is the size of the databases
that they need to analyze. There are millions of individual traffic data records, each with
dozens of fields, in one year’s set of waybill data for a large railroad. Within the TFA system,
the user is able to design and save sophisticated “ extraction rules,” which are then used to
examine and select traffic data ( minimally origin, destination, and commodity type) to be
used in the traffic analysis. Most rail carriers’ historical traffic data is derived from a waybill
database or from car movement records ( the individual trains a car moves on and the key
locations the railcar passes through). In the case of the TFA, this data is stored in an Oracle
database containing more than 3 years of waybill and compressed car movement/ train data.
The TFA extraction tools allow the user to select specific traffic data sets for a period of time
and to further filter the selection by parameters such as origin, destination, via locations, car
type, car owner, traffic type ( by a standardized commodity code), and hazardous
classification. The Extraction Filter rules is used to create pre- designed Extraction Filter
Groups that can be applied to the same or different traffic data sets.
In the Extraction Filter screen shown in the Figure below, the user has created a data
extraction rule, comprised of specific traffic attribute values. In this case, a rule with the
name “ HAZMAT_ 490” was created and is shown in the top pane. This rule will be used to
filter the traffic database for all records beginning with the Standard Transportation
Commodity Code ( STCC) of “ 490”.
47
The filter is shown in the bottom pane where the “ 490*” is circled in the
Transportation_ STCC “ include” attribute field. Once one or more extraction rules have been
created, the user can then create an Extraction Filter Group by grouping related rules. In our
example, three individual extraction filters ( HAZMAT_ 490, HAZMAT_ 491, and
HAZMAT_ 492) have been grouped into a filter group named “ HAZMAT.”
Using TFA's Data Extraction Tool, the TFA user is able to use the Extraction Filter Group
and processing specifications, such as a date range within the traffic database, to generate an
actual extraction of the data from the selected traffic database. The ability to define and save
different extraction sets in the Data Extraction module is very important, given the size of
the complete traffic databases.
It is this extraction capability that will be used to find all relevant HAZMAT traffic for a
particular time period. By compressing the results, a set of O- D pairs can be developed for
use in the overall HAZMAT route management process.
Using the TFA to Create Flow Maps to Analyze Hazmat Shipments
Once the data extraction has been created, the user is in a position to display and compare
this data in a Flow Map. The Flow Map, or link density map, is a graphical representation of
traffic volumes displayed on a network map. For a given set of traffic data ( minimally origin,
destination, volume by link, and commodity type) and a time period, the Flow Map tool is
used to create a visual display of traffic volumes along their network paths from origin to
48
destination. The volumes represented on the graph are color coded by specific traffic groups
within the traffic data set.
Sample Flow of a Single Link
The figure above displays a sample screen showing a single link of a Flow Map using traffic
data filtered for HAZMAT_ 490, HAZMAT_ 491, and HAZMAT_ 492. The legend shows that
the illustration represents total cars for the date period and it also includes information on the
type of flow map displayed.
The link volume labels show the direction of the traffic flow and the total number of railcars
of the selected traffic, by direction. In the Figure, there are 764 railcars moving from
LOCATION B northwest to LOCATION A, and 904 railcars moving in the other direction.
The key shows that three user- defined groups of traffic categories, HAZMAT_ 490,
49
HAZMAT_ 491, and HAZMAT_ 492 are represented on the link density map. The flow
bandwidths are proportional to traffic volume, and the key also shows the scale or height of
the color bands by number of cars. The volume of each group is fully shown, since the color
bands are stacked on top of each other, not behind one another.
In addition to the graphical representation of the traffic flow, the TFA user can “ drill down”
into a link on the Flow Map to reveal the underlying data. With Drill Down engaged, the user
can interactively select a link to list the aggregate volumes by direction of each flow band
represented on the link, as shown in the figure below. Here you can see that the
HAZMAT_ 490 flow band contains 233 cars moving in one direction and 269 moving in the
opposite direction.
Drill Down Options on a Single Network Link
Then, upon selecting a flow band ( HAZMAT_ 490), the user can further drill down to the
core individual traffic flows and the related train moves. TFA will display the sets of
compressed or aggregated traffic for the selected link and the bottom pane can show either
the unprocessed “ raw” traffic movements or the trains that the traffic used for these
shipments. The TFA software also supports the analysis of differences in traffic densities on
a link- by- link basis. Reports are available to compare the traffic, as well as flow maps, that:
 Uses two colors to represent a drop in volume or an increase
 Use the same labeling options that are available for a regular flow map
 Allow the user to dynamically make changes in how traffic is routed and see the resulting
differences
This flow map- based analysis will be complemented by the Risk Analysis Factors review and
the use of MR- EE to provide an iterative toolset for testing various car block sequences and
train services for the shipment that is being reviewed. This will effectively give the user the
tools and methodology to generate alternative routes and to test the routes within the
operating plan parameters. Once the “ scored” routes have been transferred back to TFA/ MR
EE from RCRMS, selected routes can be translated into block sequences and train services
that are “ understood” by, and maintain the integrity of, the operating plan.
50
6.6.1.5 Emergency Response and Disaster Recovery
The Emergency Response and Disaster Recovery are needed for enhancing the ability of the
surface transportation system to respond to and recover from nature disasters, terrorist acts,
and other catastrophic events. It improves access to the scene for response personnel and
resources, provides better information about the transportation system in the vicinity of the
disaster, supports resources coordination and sharing of current situation information, and
provides more efficient, safer evacuation for the general public if needed.
Pre- existing relationships among key personnel enabling the institutional coordination is the
key to the success of emergency management. Broad inter- agency cooperative planning and
response coordination is critical in all disaster scenarios, with transportation professionals at
multiple public agencies and other stakeholders performing well- defined roles in the larger
context of the multi- agency planning and response to the disaster. These same steps have
widespread benefits for routine operations as well.
Redundancy built into institutional and physical systems is an important factor in responding
to the emergency and restoring the system. Redundant public wired line and wireless
capacity is need to prevent service disruption and communication overload.
Effective emergency planning and response requires a strategic perspective towards
emergency management that weighs the significance of the emergency in terms of its impact
on both the immediate local and national population and the local commercial infrastructure,
as well as the regional economy, and the socio- political importance of responding effectively
to disasters so that both local confidence and society’s overall security are strengthened. Here,
the critical concept to grasp is the importance of refining skills, honing useful techniques and
adopting best practices in incident command and disaster management to such a degree that
public confidence is reinforced and community security is upheld. Excellence in response,
crisis management and incident command are keys.
6.6.1.5.1 Disaster Planning and Emergency Management
Disaster planning and emergency management are related to public safety. They are
considered as large- scale events which affect the safety of the general public caused by
natural disasters, terrorist attacks and failure of infrastructure, etc. While the public safety
systems manage the daily and small- scale incidents, disaster planning and emergency
management systems manage events which happen once in a while and of larger scale. In this
section, different elements of emergency management will be discussed, and then some
51
examples of the disaster planning and emergency management solutions will be described,
followed by some examples of solution implementation by certain government agencies.
Elements of Disaster Planning and Emergency Management
Emergency management can be divided into five phases, which are:
• Planning. It is the activities related to analyzing the possibility and potential consequences of
a disaster or an emergency. It coordinates all the remaining four phases that are mitigation,
preparedness, response and recovery.
• Mitigation. It is the activities related to reducing the probability and effects of a disaster.
• Preparedness. It is the planned activities related to handling the disaster if the mitigation
works could not stop the disaster from breaking out.
• Response. It is the activities following an emergency or disaster.
• Recovery. It is the activities necessary to return everything to normal after an emergency or
disaster. It includes the short- term activities that return the system to minimum standard, and
the long- term activities that return the system to normal or even better level.
Solution Providers
Examples of solutions to disaster planning and emergency management are given below:
1. Improving Emergency Response by ESi
ESi, the global leader in emergency operations software and provider of WebEOC ® , and
PIER Systems, Inc., leading provider of public information software for large- scale events,
have collaborated to improve interoperability for multi- agency emergency response efforts.
Atlanta- Fulton County and Houston will be the first metropolitan areas to implement this
recently integrated technology. PIER will act as the Virtual Joint Information Center ( JIC)
for ESi's WebEOC software, assisting responders' collaborative efforts during an emergency,
as well as the efficient information flow to communicators and key stakeholders. Using
WebEOC, emergency responders are able to share informational updates and collaborate on
response efforts during a crisis situation. The software links local, state, federal, volunteer
and private users, to support decision- making efforts and continuity of operations during
emergencies.
2. Crisis Preparedness Solution by Ness Technologies
Ness Technologies, Inc., a global provider of information technology solutions and services,
has completed the development of its NessCMS Crisis Management System. NessCMS is a
multidisciplinary solution for crisis preparedness and management and creates a real- time
integrated situation picture, and enhances crisis control and management. The system enables
faster and better responses to emergency situations, and it optimizes rescue operation
planning and resource allocation. NessCMS addresses all emergency and security
52
requirements from the municipal level up to the regional and national levels. NessCMS
covers the full breadth of the crisis team, from governmental bodies, rescue crews and
emergency service organizations to police, firefighters, ambulances and others.
3. SkyPort Global Communications Signs with Cisco Systems to Provide Emergency
Response Solution by Cisco
SkyPort Global Communications has signed a contract with Cisco Systems Inc. to provide
satellite connectivity for Cisco's Emergency Response Networks ( ERN) service. Cisco's ERN
service provides emergency voice, video, and Internet connectivity for first responders
during disasters where terrestrial communication is unavailable or disrupted. Cisco maintains
two mobile command and control centers on the east and west coasts of the United States that
can be deployed to a disaster site on a moment's notice to become a command center for
personnel managing the response to the disaster. Each of the ERN mobile command centers
are equipped with the latest Cisco technology, including the company's high- definition video
conferencing solution, Telepresence. In addition, each command center uses Cisco's IP
Interoperability Collaboration System ( IPICS) to provide radio interoperability for
emergency first responders. The IPICS software, embedded in routers and other parts of the
network, creates a single communications platform out of radio, IP, and non- IP networks,
such as landlines and mobile emergency service radio technologies.
6.6.1.5.2 Geographical for Emergency Management
The following is the definition for geographic information system ( GIS) from Wikipedia.
“ GIS …… is a system for capturing, storing, analyzing and managing data and associated
attributes which are spatially referenced to the Earth.
In the strictest sense, it is an information system capable of integrating, storing, editing,
analyzing, sharing, and displaying geographically referenced information. In a more generic
sense, GIS is a tool that allows users to create interactive queries ( user created searches),
analyze the spatial information, edit data, maps, and present the results of all these
operations. ……
Geographic information system technology can be used for scientific investigations, resource
management, asset management, Environmental Impact Assessment, Urban planning,
cartography, criminology, history, sales, marketing, and logistics.“
As one can see, the use of GIS is very broad, ranging from planning, management to
marketing or even crime investigation. Amid the increasing attention of disaster and
emergency management as an area of homeland security, the application of GIS on this area
has been becoming more and more widespread.
53
Application of GIS for Emergency Management
Emergency management can be divided into five phases, and GIS can be used in each of the
five phases to help emergency management. The five phases are briefly described as follows:
• Planning. It is the activities related to analyzing the possibility and potential
consequences of a disaster or an emergency. It coordinates all the remaining four
phases that are mitigation, preparedness, response and recovery.
• Mitigation. It is the activities related to reducing the probability and effects of a
disaster.
• Preparedness. It is the planned activities related to handling the disaster if the
mitigation works could not stop the disaster from breaking out.
• Response. It is the activities following an emergency or disaster.
• Recovery. It is the activities necessary to return everything to normal after an
emergency or disaster. It includes the short- term activities that return the system to
minimum standard, and the long- term activities that return the system to normal or
even better level.
Each phase of the emergency management depends on data. These data are usually from
various sources and departments. GIS comes into play that it provides a common platform
for all departments to share their data that are necessary for the related personnel to plan for
each of the phases. GIS can also display the data visually on a map, which provides easier
planning. The following describes how GIS help emergency management in each of the five
phases.
• Planning. GIS allows planners to view various combinations of spatial data on maps.
This allows emergency management officials to formulate mitigation, preparedness,
response and possible recovery needs when for example hazards ( earthquake faults,
fire hazard areas, flood zones, shoreline exposure, etc.) are viewed with other map
data ( streets, pipelines, buildings, residential areas, power lines, storage facilities,
etc.).
• Mitigation. GIS helps officials to identify which facilities are in the high hazard areas.
For example, GIS can identify specific slope categories and certain species of
flammable vegetation near homes that could be threatened by wildfire; it can identify
certain soil types adjacent to earthquake impact zones with structures built over; it
can also identify the likely path of a flood based on the topographic features. This
information is necessary for officials to identify facilities that are at risk and perform
protective measures accordingly.
54
• Preparedness. GIS helps officials to plan ahead of the strategies to deal with an
emergency. With the spatial display of the data, officials would know where the first
responders should be located, what evacuation routes should be selected in case of
emergency, and whether the road networks can handle the traffic along the evacuation
routes by analyzing the road capacity, etc. GIS can also display the wind direction
and some other weather conditions in real- time to help in planning.
• Response. GIS can provide data to the computer- aided dispatch ( CAD) systems,
which can identify the closest response units and the dispatch routes once the disaster
location is known. Advanced vehicle locating ( AVL) can be incorporated to track ( in
real time) the location of incoming emergency units, which can assist in determining
the closest mobile units to be dispatched to an emergency.
• Short- term recovery. GIS plays an important role in damage assessment. It works
with GPS to locate the damaged facility, and identify the type and amount of damage.
GIS can display the amount of emergency supplies needed and where they should be
located for easy access, as well as the supplies inventory in the shelters. It also
displays areas where services have been restored to help the prioritization of recovery
work.
• Long- term recovery. GIS keeps track of long- term recovery plans and progress. It can
also help in the prioritization of major restoration investments. It can also keep track
of the recovery cost for accounting need.
Using GIS to Support Emergency Management and Homeland Security
The efficiency of Geospatial Information Systems in the case of emergency has nowadays
been established. However in many cities the Offices of Emergency Management are still
reluctant to the use of GIS systems and prefer invest on emergency equipment such as boots
even if the Department of Homeland Security has offered grants for the acquisition of such
systems. This section presents several case studies in cities where GIS and OEM work
together efficiently to respond to a wide range of emergencies.
City of Sacramento California
Institutions at local, state and federal state have been using GIS applications for a long time
enhancing the efficiency of public safety services and emergency response. Some of the
successes of the integration of GIS to emergency management are presented here. The
creation of a Regional GIS cooperative improved the effectiveness of the use of GIS data.
The GIS cooperative coordinates the development of GIS among agencies and organizations
promoting the shared maintenance of geographical data. The aim of the cooperative is in the
long term to develop a coordinate information management and distribution service that local
governments can access when planning for emergency response. Moreover the Sacramento
55
Regional GIS address framework has strongly helped first responders with 911 call taking
and dispatch in a daily basis since the shared maintenance of data ensured a better accuracy
of data and saved many hours of work and efforts. A reverse- 911 database was also
developed and is very useful for public officials and emergency managers to inform people
about geographical information. Finally GIS also improved decision making in regards to
flood events that threatens the city of Sacramento. Thus thanks to GIS applications, impact
areas data and critical facilities data, emergency planners can identify population at risk,
evacuation areas and routes.
. City of Chicago, Illinois
In the City of Chicago, the Office of Emergency Management and Communications ( OEMC)
collaborates with first responders to provide an effective response to emergencies. The GIS
unit is part of the Information and Technology and they have collaborated with the OEMC
through the implementation of a tool that generates incident impact data ( the Federal and
Emergency Management Agency’s HAZUS tool). They have also developed the Alert
Chicago Emergency toolkit ( ACE) that can be used by first responders without specific
training. Thus first responders can identify the area of impact and have access to spatial
impact factors such as density or demographics. Finally the tool provides maps and the list of
critical facilities near the impact such as hospitals or police stations. Moreover they can also
track evacuation- routes road- blocks when needed. This collaboration between GIS and
OEMC through this tool could improve the emergency response significantly.
City and county of Denver, Colorado
The Denver’s geographic information system ( DenverGIS) provides the OEM, police, fire
and first responders with data, maps with spatial layers such as population density, and
statistical analysis in the case of an emergency.
A specific tool has been developed to face the risk of storms: the ESRI ArcIMS software
( Denver’s Storm Watch). This software is able to evaluate flood zones, monitor real time
stream flows, and assess the risks to infrastructure and populations. The software therefore
provides GIS maps that present the extent of the incident that could be analyzed to offer a
better response to the public in affected areas.
The great success of the integration of GIS systems in emergency management operations
relied on the intergovernmental agreements for GIS data sharing between local state, federal
entities and private partners. Moreover it seems critical to develop training exercises in order
to provide an effective and coordinate emergency response.
56
City of Fort Worth, Texas
Since 2002, the City of Worth’s emergency management community has integrated
geospatial technology, in particular concerning the following components: response protocol,
standardized maps, emergency planning, continuity in data gathering and data analysis and
visualization. This collaboration has been proven to be effective in several real word
response such as hurricane Katrina ( maps showing shelter locations), Valley solvent and
chemical fire ( evacuation and shelter recommendations thanks to impact maps), Landmark
tower implosion ( modeling of an explosive dispersion plume) and hurricane Rita ( a flooding
model tracking the path of the hurricane).
The success of the integration of GIS capabilities to emergency management community is
based on the creation of a GIS workstation. Off- site computer would hamper the GIS
effectiveness. Moreover it was critical to open a GIS Analyst position that would plan for all
departments and coordinate the GIS response. Finally the City of Worth will be soon
acquiring geographical data based on Planimetrics. This means that they will acquire
geographical features based on recent aerial photography that will enhance the identification
staging areas locations and will permit to delineate the roads between affected areas, shelters,
decontamination areas and command centers.
Miami- Dade County, Florida
The Miami- Dade Office of Emergency Management ( OEM) uses an ArcGIS application
named Critical Facility Management. This application provides information concerning
critical facilities around the incident location and maps in order to give a more effective
emergency response. Moreover OEM also created a damage assessment application that
prioritizes the locations where resources are needed and give a quick overview of the damage.
This application is based on the participation of residents that enter online on the OEM’s web
the level of damage their houses suffered after a hurricane, flood or tornado.
The emergency management capabilities have increased thanks to a mutual support between
GIS and OEM. A full time GIS administrator works in the OEM; he creates maps, provides
data and enhances system capabilities and applications. Emergency management staff uses
GIS applications very frequently throughout the phases of emergency management.
City of Seattle, Washington
Seattle Public Utilities ( SPU) that owns the enterprise GIS and Seattle Emergency
Management ( SEM) have been working in collaboration since they hired a GIS trained
information Technology coordinator in 1995. This strong relationship has resulted in the
integration of GIS in a daily basis into emergency management operations and has improved
the emergency management capabilities of the city of Seattle. First of all it appeared
necessary to create a full service dedicated to GIS within the Emergency Operation Center.
57
Moreover it was critical to enhance GIS skills of the emergency management staff, in the
same way to make GIS staff aware of emergency management functions and to adopt new
GIS technologies. Finally the collaboration between GIS staff and SEM led to the creation of
a regional plan that predefines data layers non preexistent to a disruption.
Summary
The examples above presented by the Public Technology Institute underline the
improvements that can be performed by integrating GIS into emergency management. The
key points that seem to be recurrent are the use of GIS applications on a daily basis, a
regional cooperation among entities at different levels to establish a shared maintenance of
GIS data, the use of recently developed GIS software and applications and the presence of an
entity or a person ( such as the GIS analyst position in the city of Worth) who coordinates
GIS between different entities. Thus these points combined together could enhance the
emergency response to an incident.
6.6.1.5.3 What can transportation agencies handle public health emergencies
This report from the Bureau of Justice Assistance presents the role of law enforcement in
public health emergencies as in case of public emergencies they have a crucial role to play.
Some of the recommendations presented in this report could apply to transportation agencies
in case of public health emergencies, as transportation facilities are potential assets for a
release of infectious agent since they represent accessible facilities and they can propagate
the infection very quickly and easily.
All hazard Approach
It is necessary to keep an all- hazard approach in order that practices and methods apply to all
types of public health hazards that could be intentional such as a terrorist attack or
unintentional.
Continuity of Operations
Moreover for transportation agencies as well as for law enforcement it is critical to maintain
the continuity of operations in order to provide the essential functions of the agencies. In the
aftermath of a public health emergency that occurs in a transportation facility it is likely that
the number of employees available will be reduced. The employees directly exposed to the
infectious agent would be unavailable and they should be put in quarantine. However some
employees in quarantine should consider working at home if there are some tasks for the
58
primary response that could be performed from home through the phone or Internet.
Moreover employees who used to perform some functions that are not so essential during a
disruption should perform primary response tasks and assist the core functions of the
agencies
Protection Employees from Epidemic Disease
Another critical issue that was presented for law enforcement that could be applied for
transportation agencies concerns the protection of employees from disease. To be prepared to
a disruptive event such as a biological or chemical infection, transportation agencies should
provide education about infectious disease biology, the modes of transmission and the routes
of exposure. If a transportation facility suffers a bio chemical terrorist attack, transportation
employees will certainly have to deal with the crowds, work with health workers that would
be highly exposed to infected people. Thus it is important to encourage employees to be fully
immunised in the case of an infection for which a vaccine exists, or it could also be
conceivable to mandate inoculation against specific disease to transportation employees.
Furthermore transportation agencies should provide Personal Protective Equipment ( PPE) to
employees during the emergency response in particular. There are three classes of PPE which
are hand sanitation using antibacterial wipes and sanitizing gels, protection against blood and
body fluids with gloves, gowns and masks or respiratory protection for an infectious agent
that propagates by the respiratory ways. Moreover we can assume that employees will not
report to work if they do not know if their families are safe and healthy. One solution that is
proposed is to offer also to family members, roommates or persons sharing the intimacy of
employee vaccines as well. Finally the issue of paid sick leave for employees who are sick is
problematic. Someone sick and infected should not be allowed to work but the paid sick
leave is very limited. Thus this raises the issue of creating special leave policies for these
emergencies.
Protecting the Community
The factors that could improve the response of emergency responders such as health workers,
law enforcement employees, or transportation agencies’ employees are the cooperation and
coordination between agencies. Elaborating a cross training between responders should be
enhancing the performance of the response after a disruptive event such as a bio chemical
terrorist attack.
Summary
This report provides some recommendations useful for the improvement of transportation
agencies’ response to a public health emergency. Having an all hazard approach, maintaining
the essential functions of the agencies and the collaboration between agencies, and
considering issues related with the safety of the employees and the community will certainly
enhance the performance of the emergency response.
59
6.6.1.5.4 Technologies for Emergency Response and Disaster Recovery
For Preparedness
Preparedness stages focus on identifying the critical services of the transportation agencies
and the critical assets, which support these services. It also focuses on assessing the security
postures of these assets and assessing the threats and the resultant vulnerabilities. Based on
the information collected, an emergency response plan can be formulated. The emergency
plan should include emergency scenarios and contingency plan options. Most importantly,
the emergency plans should be formulated cooperatively among regional agencies and first
responders, and be validated via disaster simulation.
Workplace Emergency Preparedness Guidelines
Workplace Emergency Preparedness Guidelines [ 15] is a tool for Federal emergency planners,
managers and employees to capture effective practices and lessons learned by departments
and agencies
The Emergency Preparedness Resource Inventory ( EPRI)
EPRI [ 16] is a tool allowing local or regional planners to assemble an inventory of critical
resources that would be useful in responding to a bioterrorist attack. In addition to a Web-based
software tool, EPRI includes an Implementation Report, a Technical Manual, and an
Appendix.
Argonne National Laboratory
Argonne National Laboratory’s Emergency Preparedness Group [ 17] has advanced the state-of-
the- art in emergency preparedness and response by developing innovative concepts,
methodologies, and software applications to enhance federal, state, local, and tribal
emergency preparedness policy, preparedness, response, disaster exercising, and training.
60
For Response
Once an emergency or disaster occurs, the ability to respond efficiently and effectively is
extremely important. The Response part of an Emergency Response plan relates to activities
that address the immediate and short- term effects of the disaster or emergency. This portion
of the plan should answer the question of what must the agency do to ensure that they
respond quickly and efficiently to a disaster or emergency that threatens the well being of the
agency's operations.
Who is a First Responder? The Department of Homeland Security uses the following
definition, taken from Homeland Security Presidential Directive 8, Preparedness: " Those
individuals who in the early stages of an incident are responsible for the protection and
preservation of life, property, evidence, and the environment, including emergency response
providers as defined in section 2 of the Homeland Security Act of 2002 ( 6 U. S. C. 11), as well
as emergency management, public health, clinical care, public works, and other skilled
support personnel ( such as equipment operators) that provide immediate support services
during prevention, response, and recovery operations."
FHWA Operation [ 18] provides information on the role of transportation during emergency
response, evacuation, first response treatment and resource guide, and how the Intelligent
Transportation System can be used in responding emergency.
Issues - Non- interoperable communication systems
The interoperability between public safety agencies is related to the ability of agencies to
work together using radio wireless communications systems to share information ( voice
and data) when it is crucial. Nowadays, there is a critical lack of interoperability between
the first responders during an emergency. This report presents why the interoperability
between public safety agencies is not efficient nowadays and how it could be improved.
Limiting factors
Incompatible and aging communications equipment
The equipment used in many jurisdictions is very old which incurs high maintenance
costs and low reliability. Moreover with different equipment and different frequencies
used, agencies from different jurisdictions cannot work together as they cannot
communicate. Finally even at the same frequency some new digital systems prevent the
exchange of information. Thus it is critical to implement a state wide communication
plan that would lead to a possible communication between different agencies.
Limited and fragmented funding
61
Nowadays the resources for funding are small in comparison to the demand of agencies.
Moreover until now most of public safety agencies had used funding to develop radio
communication systems responding to their own needs with no consideration of
interoperability. It is thus necessary to secure funding for initiative including
interoperability in their goals. However the way that funding is managed on an agency-by-
agency, jurisdiction- by- jurisdiction basis is an obstacle to this strategic funding. To
improve the allocation of funding, states are developing processes that integrate state and
federal funding streams. Thus for instance, the Kentucky Wireless Interoperability
Executive Committee ( KWIEC) reviews all federal and state funding related to
communications equipments, and they coordinate the funding among jurisdictions and
agencies in order to increase the interoperability among agencies.
Limited and fragmented planning
There is a lack of coordination concerning the distribution of the funding streams made
available to buy or update radio communication equipment, which leads to an investment
on equipment, which is not interoperable. Therefore there is a need for a strategic
planning for all the interoperability efforts and funding distribution. For instance in
Virginia the solution that has been adopted is the creation of one focal point that
coordinates all the interoperability planning efforts in the state.
Lack of coordination and cooperation
There is a need for a coordinating body among public safety agencies. However the
agencies do not totally agree in ceding the management and control of their
communication system to another entity because of disparate agency missions and
jurisdictional responsibilities. Thus as interoperability requires that agency share the
same management, control, policies and procedures it is necessary to establish trust and
buy- in among agencies. For instance in Washington, a State Interoperability Executive
Committee ( SIEC) gathers members from state, local, federal agencies for decision
related to Interoperability.
Limited and fragmented radio spectrum
The band spectrum is a finite resource. The Federal Communication Commission ( FCC)
had allocated certain frequencies to public safety. Nowadays since the FCC has recently
added some spectrum to public agencies, 10 bands are allocated to public safety.
However those are scattered and insufficient to respond to the increased need of band
spectrum of new devices. Since new devices can operate in higher frequencies, FCC has
provided the 700- MHz radio spectrum to public safety but it is right now blocked by
television broadcast operations. Broadcasters are supposed to migrate from analogue
service to digital service by 2009 liberating the space for public safety.
Strategies for achieving interoperability: the Role of the Governor
62
Governors are leaders that can support the needs for investment and coordination at the
federal, state and local levels in order to achieve interoperability. It could be necessary to
create an all- inclusive executive committee to define priorities and develop a strategic
funding allocation. The report presents the following strategies in order to achieve
interoperability.
Create a governance structure that fosters collaborative planning among local, state
and federal government agencies
The institution of a governance structure will permit to strengthen relationships among
stakeholders. Moreover the governance structure could explore innovative technologies
and funding resources to achieve interoperability between first responders. Finally, the
governance structure should develop a statewide plan fulfilling local needs and ensuring
adequate use of funding. Indeed, a local representation in the governance structure is
necessary.
Development of flexible and open architecture and standards
To increase the flexibility and ease in linking different systems, it is necessary that
communication systems be designed on open architecture and universal standards. Thus
an association of public safety agencies and private sector companies ( APCO) developed
a digital standard for wireless communications called “ Project 25” that improves the
interoperability between agencies and increase the radio spectrum efficiency. Moreover
the Department of Homeland Security published a Statement of Requirements ( SOR)
defining the future requirements for voice and data communications related to task force
or mutual aid operations. Then states should hire vendors that implement equipment with
those requirements, which will achieve interoperability between agencies.
Support funding for public safety agencies that work for interoperability and no
funding to those who don’t
The use of funding has to be optimized. Spending funding efficiently and effectively is
possible through the coordination of state wide and regional plans that will ensure in
particular a share funding for common infrastructure and equipment.
Support efforts of the public safety community to work with the federal
communications commission ( FCC) to allocate amble spectrum for public safety and
create contiguous bands for public safety spectrum
The FCC and public safety community are working together to give continuous bands to
public safety spectrum. Moreover the FCC also established the Public Safety National
Coordination Committee ( NCC) that provides help on technical and operational standards.
63
Summary
The governor has an important role to play in order to overcome the limitations that
exists nowadays in the collaboration between agencies. Thus the governor thanks to its
leadership should be able to implement state wide and regional plans in order to improve
the interoperability between agencies.
6.6.1.6 Rail Security
The general area of Rail security includes monitoring and securing trains, rail cars, fixed
assets ( track, wayside equipment and highway- rail intersections) and personnel. Rail security
focuses on freight rail. It also addresses the interface between rail entities and highway
entities. These are the interfaces relating to highway rail intersections and the interfaces from
rail operations to traffic and emergency management functions.
Rail Security is commonly separated into two parts: passenger rail and freight rail. Each type
has its own security concerns.
Passenger rail is vulnerable because they are most often located in densely populated cities
with numerous stops, allowing for easy movement and escape. In addition, the nature of mass
transportation relies on accessibility and quick service, both of which would be harmed by
airport- like security measures.
Freight rail, although often not traveling through dense urban areas, transports approximately
half of the US's hazardous waste materials. As prior accidents have shown, these materials
can cause great damage. The nature of freight rail would also prevent airport- like security to
be imposed. As a commercial entity, freight rail must compete with trucks and air in order to
effectively serve as transporters of goods.