14 December 2001
Text: New Security Assessment Processes Help Protect Dams, Power Systems
(Similar techniques used to protect nuclear weapons facilities) (750)
Two new security assessments could help keep U.S. dams, hydroelectric
facilities and power transmission systems safe from terrorists.
The new processes, developed by the Interagency Forum on
Infrastructure Protection (IFIP), takes operators and security
managers of dams and transmission systems through an examination of
each facility's unique situation -- its potential adversaries,
vulnerabilities, consequences of attack and existing security
measures. The assessments then provide cost-benefit analyses of
possible security upgrades.
The processes, called RAM-D for "Risk Assessment Methodology for Dams"
and RAM-T for "Risk Assessment Methodology for Transmission," are
based on many of the formal risk assessment tools and techniques used
by Sandia National Laboratories to protect U.S. nuclear weapons
facilities.
IFIP, a team of government dam owners, transmission system operators
and anti-terrorism experts, began working on the assessments following
presidential directives in May 1998 encouraging federal agencies to
find new ways to deter and prevent terrorist attacks on U.S.
information systems, facilities and infrastructures.
Following is the text of a December 10 press release on the security
assessment processes, from Sandia National Laboratories in
Albuquerque, New Mexico:
(begin text)
Sandia National Laboratories
News Release
December 10, 2001
Two new methodologies can help owners improve security of nation's
dams and power systems
ALBUQUERQUE, N.M. - Operators of U.S. dams, hydroelectric facilities,
and power transmission systems can make their sites less attractive
targets to terrorists using new step-by-step security assessment
processes developed by the Interagency Forum on Infrastructure
Protection (IFIP), a team of government dam owners, transmission
system operators, and anti-terrorism experts.
The IFIP includes representatives of the FBI, U.S. Army Corps of
Engineers, Bonneville Power Administration, U.S. Bureau of
Reclamation, Sandia National Laboratories, Lawrence Livermore National
Laboratory, Southwestern Power Administration, Western Area Power
Administration, and others.
The two new processes, called RAM-DSM for "Risk Assessment Methodology
for Dams" and RAM-TSM for "Risk Assessment Methodology for
Transmission," takes owners, operators, and security managers of dams
and transmission systems through a magnifying-glass examination of
each facility's unique situation - its potential adversaries,
vulnerabilities, consequences of attack, and existing security
measures - then provides cost-benefit analyses of possible security
upgrades.
The methodologies are based on many of the formal risk-assessment
tools and techniques used by Sandia to protect U.S. nuclear weapons
facilities. Sandia is a Department of Energy (DOE) research and
development lab with expertise in the physical security of national
facilities and infrastructures.
"This is much more than a checklist," says Rudy Matalucci, Sandia
RAM-D and RAM-T project leader. "It begins with the events you don't
want to happen, identifies who might want to do it and what their
resources are, and quantifies how much risk reduction you get with
each given upgrade. It is a way to help facility owners make decisions
about how to balance the need for security with other considerations."
In simplest terms, RAM-D and RAM-T include characterization of a
facility; evaluation of the consequences if the facility is attacked;
definition of potential adversaries and their motives and resources;
quantification of risk; detailed analysis of a facility's
vulnerabilities; and cost-benefit analysis of possible upgrades.
Dam operators might use RAM-D, for instance, to determine where to
place sensors, cameras, or lights, or whether to invest in walls,
barriers, higher fences, better doors, extra training, or improved
policies.
The methodology includes worksheets for evaluating existing security
features, equations for calculating risk, and a proprietary fault-tree
analysis tool for identifying vulnerabilities.
Each methodology is contained on a compact disk and in two inch-thick
manuals.
To develop RAM-D and RAM-T, IFIP conducted trial assessments on four
actual dams and a major regional transmission system. It is the first
scientifically verified security assessment process for key elements
of U.S. water and power supply infrastructures.
IFIP's work was inspired by two Presidential Decision Directives
issued in May 1998 encouraging federal agencies to find new ways to
deter and prevent terrorist attacks on US information systems,
facilities, and infrastructures.
For information about acquiring the RAM-D Field Manual and Training
Guide, contact Sandia at 505-844-2311. RAM-T is currently being
finalized and is expected to be ready for release by January 2002.
Sandia is a multiprogram laboratory operated by Sandia Corporation, a
Lockheed Martin Company, for the United States Department of Energy.
With main facilities in Albuquerque, N.M., and Livermore, Calif.,
Sandia has major research and development responsibilities in national
security, energy and environmental technologies, and economic
competitiveness.
(end text)
(Distributed by the Office of International Information Programs, U.S.
Department of State. Web site: http://usinfo.state.gov)
NEWSLETTER
|
Join the GlobalSecurity.org mailing list
|
|