Highlighting the importance of transportation to a country’s infrastructure and survival, Transportation Systems Security presents the strategic and practical considerations involved in the implementation of physical, procedural, and managerial safeguards required to keep all modes of transportation up and running during an actual or potential disaster.
Structured in an easy cognitive fashion, the book begins with a basic introduction providing terms and definitions. It describes both physical and information system layouts and defines who controls what parts of the process, how far control is extended, and who oversees controls within the system.
Building on this foundation, subsequent chapters discuss problems such as the need for a more defined “domain-based” approach when threats, assets, vulnerabilities, and safeguards are not under local control. The book describes and refines the concepts of criticality, impact, and consequence as they relate to the assignation of value for personnel, assets, facilities, information and activities in terms of how they might support performance.
By comparing continuity of operations planning (COOP) to business continuity planning (BCP), the book presents security measures as a value-added benefit rather than a hindrance to business and introduces the notion of certification, accreditation, and licensure. It demonstrates safeguards that layer outward from the entity and across the system with the ability to prevent, detect, and notify, as well as respond to and recover from a crisis.
Emphasizing the sharing of information and methods, the book encourages security to become an integrated component within the system, not just imposed on top of it. It takes a holistic approach to the transportation infrastructure, introducing the concept of fragility and the measurable factors involved, and including a 20 page questionnaire to help managers determine their company’s fragility in terms of transportation security.
Requirements for Securing the Sector
The Transportation Sector as Linked Systems
Impact Resulting from System Failure or Interruption
Trends within the Transportation Sector
Fragility and Reliability
Understanding Transportation System Security
Transportation System Topography
General Overview
Nodes and Conduits
Directly and Indirectly Derived Demands
Factors Affecting Directly Derived Demands
Factors Affecting Indirect Demands
Routing of Conduits
Spoke-and-Hub Systems
Control Points versus Nodes
Control Points in Fixed Conduits
Control Points along Flexible Conduits
Terminal or Transfer?
System as a Sum of Interlinked Systems
Recap of the System
Constraints within the System
Coordination Networks
Coordination Network—Operations
How the Coordination Network Interacts with the System
Conduit-Based Networks: Operations and Deployment
Use of Systems for Automation
Persons and Associations and Networks of Persons
Sector-Wide
Factors to Consider
Business Goals and Mission Analysis
Scales of Operability
General Interaction
How Is the System Mission Achieved?
Considerations of the Transportation System
System-Level Mission Statement
Transportation System Security Mission Statement
Determining the Mission Statement for Organizations
Strategic Level Mission Statements as Organizational Constraints
Operational Level within the Structure
Interaction between the Strategic and Operational Levels
Role of the Operational Level
Tactical Level within the Structure
Interaction between the Operational and Tactical Levels
Overview of the Structure
Limitations on Controls
Limitations on the Strategic Level
Limitations on the Operational Level
Limitations on the Tactical Level
Generation of the Mission Statements
ABC Transport’s Security Mission Statements
How Does the Mission Statement Fit into Critical Infrastructure Protection?
Questions
General Definitions and Approaches
Persons, Assets, Facilities, Information, and Activities
Follow-the-Pipe Approach
Mission-Driven Value
Vulnerability-Driven Considerations
Integrating the C-I-A Triad
Integrating the D-M-L Triad
CIP Management Approach
Criticality
Means, Opportunity, and Intent
Convergence within the Transportation System
The Concept of Risk, Residual Risk, and Risk Appetite
Who Decides the Threshold for Risk Appetite?
Avoiding, Addressing, Transferring, Accepting, and Ignoring Risk
Responses to Risk and Regulation
Risk Awareness
The Concept of Safeguards
Prevention, Detection, Response, and Recovery
Looking at Vulnerabilities
Interim versus Proposed Measures
Layered Defenses
The Macro Level
ABC Transport
Local versus Systems Approaches
Structures of Networks
The Flux of the Transportation System
Imperatives Driving Network Component Behavior
Aligning Imperatives with the Mission Statement
Relationship between Imperatives and Levels
Tactical-Level Imperatives
Operational-Level Imperatives
Strategic-Level Imperatives
Aligning the Levels of the Organization
Communications among the Levels
Pace of Evolution
Internal Influences versus External Influences
Transorganizational Constraints
Alignment with Mission Statements
Influences on Follow the Pipe
Alignment of Transorganizational Groups with the Matrix
Constraints by Regulators
Questions
Answers
Criticality, Impact, Consequence, and Internal and External Distributed Risk
Assignment of Value
Criticality
Impact
Consequence
Risk
Risk Calculations
ABC Transport Example
Questions
Mitigation and Cost Benefit
First Step to Mitigating Risk—Strategy
Key Considerations
Selecting a Mitigation Strategy
Tactical-Level Considerations
Operational-Level Considerations
Strategic-Level Considerations
System-Level Considerations
Cost Considerations
Benefit Considerations
Aligning Procedures with Performance
Setting Strong Procedures
Linking Business Activities
Robustness, Resiliency, and Redundancy
Setting Goals and Benchmarks
Generating the Manual
Questions
Certification, Accreditation, Registration, and Licensing
Linking to Mitigation
Certification
Accreditation
Registration
Licensing
The Trusted Transportation System
ABC Transport Example
Continuity of Operations Planning
Questions
Continuity of Operations
What Is COOP?
Aligning COOP, BCP, and Contingency Planning
Background of COOP
Objectives
Elements
Operations
Issues Implementing COOP
Aligning with Preventive Safeguards
Detection
Response and Mitigation
Recovery
Supply Chain Management Security
Questions
Networks and Communities of Trust
Value of Community Involvement
Prevention
Detection
Response
Recovery
Community Building as a Continuum
Setting of Arrangements
Communities and Council Building
Tactical, Operational, and Strategic Considerations
Communities, Trusted Networks, and Operations
ABC Transport Example
Questions
Establishing and Monitoring Learning Systems
Intent of the Learning System
How the Intent Is Met
Assessing or Evaluating against Criteria
Prioritizing Based on Divergence
Determining Causes
Communicating Results
Challenges with ISACs
How Would Information Be Shared?
Legal Issues with ISACs
Consequences of Accidental Disclosure of Information
Intellectual Property and ISACs
Trend Analysis
Reporting Trends
Information Sharing and Definition and Categorization Challenges
ABC Transport
Questions
Fragility and Fragility Analysis Management
Requirement for Information
Repositories of Information
Lines of Communication
Data Categorization
Adaptability of the Categorization Process
Adaptability of Data Sets or Mutability
Assessment
Integration into Mitigation Strategies
Addressing Capacity in Decision-Making Gaps
Translating of Strategies into Action
The Rough Fragility Score for Evolution
Additional Factors with Respect to Fragility
Rating Geographic, Sphere of Control, and Interdependency Fragility
Fragility Factor
Relating to Resiliency and Redundancy
Fragility and the Path of Least Resistance
Mean Time between Business Failure (MTBBF)
Mean Time between Market Failure (MTBMF)
Persistent Fragility Leading to System Revolution
Management of Fragility
Relating to Prevention, Detection, Response, and Recovery
Transportation System Security, Risk, and Fragility
Questions
Appendix A:
Sample Memorandum of Understanding between the Radio Amateurs of Canada, Inc. and the Canadian Red Cross Society
Memorandum of Understanding between the Radio Amateurs of Canada Inc. and the Canadian Red Cross Society
Appendix A Guidelines for Cooperation
Appendix B
Organization of The Canadian Red Cross Society
Organization of the Radio Amateurs of Canada, Inc.
Appendix B: Manager’s Working Tool
Section 1: Product or Service Delivery
Section 2: Geography and Community Building
Section 3: Data Categorization and Information Management
Section 4: Establish a Learning System
Section 5: Maintenance and Sustainability
Biography
Robert Radvanovsky, Allan McDougall