Friday, February 13, 2009

Transportation Systems Security or Blindside

Transportation Systems Security

Author: Allan McDougall

Transportation systems security is an integral part of counterterrorism and homeland security. Highlighting all aspects, this comprehensive text presents strategic, practical, and operational applications for the physical, procedural, and psychological safeguards that are needed to keep all modes of transportation up and running. Topics include systems layout, core performance issues, and risk assessment; predicting internal and external loss; drills, exercises, and training; as well as layered systems, compliance, and shared information. Each chapter features questions and case scenarios to facilitate understanding. A fictitious company is used to depict various scenarios in order to illustrate the theoretical concepts discussed by the authors.



Table of Contents:
Preface     xv
Acknowledgments     xix
Authors     xxi
Introduction to Transportation Systems     1
Introduction     1
Requirements for Securing the Sector     2
The Transportation Sector as Linked Systems     4
Impact Resulting from System Failure or Interruption     4
Trends within the Transportation Sector     6
Fragility and Reliability     7
Understanding Transportation System Security     8
Transportation System Topography     11
Introduction     11
General Overview     12
Nodes and Conduits     12
Directly and Indirectly Derived Demands     14
Factors Affecting Directly Derived Demands     14
Factors Affecting Indirect Demands     16
Routing of Conduits     19
Spoke-and-Hub Systems     19
Control Points versus Nodes     20
Control Points in Fixed Conduits     20
Control Points along Flexible Conduits     21
Terminal or Transfer?     21
System as a Sum of Interlinked Systems     22
Recap of the System     24
Constraints within the System     25
Coordination Networks     25
Coordination Network-Operations     25
How the Coordination Network Interacts with the System     26
Conduit-Based Networks: Operations and Deployment     27
Use of Systems for Automation     27
Persons and Associations and Networks of Persons     28
Aviation (Air)     28
Marine     28
Rail     28
Trucking     28
Sector-Wide     29
Factors to Consider     29
Business Goals and Mission Analysis     33
Introduction     33
Scales of Operability     33
General Interaction     35
How Is the System Mission Achieved?     36
Considerations of the Transportation System     37
System-Level Mission Statement     38
Transportation System Security Mission Statement     38
Determining the Mission Statement for Organizations     39
Strategic Level Mission Statements as Organizational Constraints     40
Operational Level within the Structure     42
Interaction between the Strategic and Operational Levels     42
Role of the Operational Level     43
Tactical Level within the Structure      43
Interaction between the Operational and Tactical Levels     44
Overview of the Structure     45
Limitations on Controls     45
Limitations on the Strategic Level     45
Limitations on the Operational Level     47
Limitations on the Tactical Level     47
Generation of the Mission Statements     48
ABC Transport's Security Mission Statements     49
How Does the Mission Statement Fit into Critical Infrastructure Protection?     49
Questions     50
General Definitions and Approaches     53
Introduction     53
Persons, Assets, Facilities, Information, and Activities     54
Follow-the-Pipe Approach     54
Mission-Driven Value     55
Vulnerability-Driven Considerations     55
Integrating the C-I-A Triad     57
Confidentiality     57
Integrity     58
Availability     59
Integrating the D-M-L Triad     60
Disclosure     61
Modification     61
Loss     62
CIP Management Approach     62
Criticality     63
Means, Opportunity, and Intent      63
Convergence within the Transportation System     64
The Concept of Risk, Residual Risk, and Risk Appetite     65
Who Decides the Threshold for Risk Appetite?     68
Avoiding, Addressing, Transferring, Accepting, and Ignoring Risk     68
Avoiding Risk     69
Addressing Risk     69
Transferring Risk     70
Accepting Risk     71
Ignoring Risk     71
Responses to Risk and Regulation     72
Risk Awareness     73
The Concept of Safeguards     74
Tactical-Level Safeguards     75
Operational-Level Safeguards     75
Strategic-Level Safeguards     76
Regulator-Driven Safeguards     76
Prevention, Detection, Response, and Recovery     77
Prevention     77
Detection and Response     78
Recovery     80
Looking at Vulnerabilities     80
Interim versus Proposed Measures     81
Layered Defenses     82
The Macro Level     83
ABC Transport     83
Local versus Systems Approaches     89
Introduction     89
Structures of Networks     90
The Flux of the Transportation System     91
Imperatives Driving Network Component Behavior     92
Aligning Imperatives with the Mission Statement     93
Relationship between Imperatives and Levels     95
Tactical-Level Imperatives     95
Operational-Level Imperatives     96
Strategic-Level Imperatives     97
Aligning the Levels of the Organization     97
Communications among the Levels     98
Pace of Evolution     99
Internal Influences versus External Influences     100
Transorganizational Constraints     100
Alignment with Mission Statements     100
Influences on Follow the Pipe     101
Alignment of Transorganizational Groups with the Matrix     101
Constraints by Regulators     102
Questions     103
Answers     104
Criticality, Impact, Consequence, and Internal and External Distributed Risk     107
Introduction     107
Assignment of Value     108
Criticality     109
Single Points of Failure     109
Consideration for Nationally Declared Critical Infrastructure     110
Impact     110
Tactical-Level Impact      111
Operational-Level Impact     111
Strategic-Level Impact     112
Consideration for Control Systems     113
Consequence     113
Risk     114
Internal Risk     114
External Risk     115
Risk Calculations     115
ABC Transport Example     116
Questions     119
Mitigation and Cost Benefit     121
Introduction     121
First Step to Mitigating Risk-Strategy     121
Key Considerations     122
Management Tolerances toward Risk     122
Costs     122
Resistance to Change     123
Selecting a Mitigation Strategy     123
Ignoring Risk     124
ABC Transport Example     124
Tactical-Level Considerations     125
ABC Transport Example     126
Operational-Level Considerations     126
ABC Transport Example     127
Strategic-Level Considerations     127
System-Level Considerations     129
Cost Considerations     130
Benefit Considerations     130
Aligning Procedures with Performance      131
Setting Strong Procedures     131
Prevention     132
Detection     133
Response     134
Recovery     135
Linking Business Activities     136
Robustness, Resiliency, and Redundancy     137
Robustness     137
Resiliency     137
Redundancy     137
Cascading Impacts     138
Setting Goals and Benchmarks     138
Generating the Manual     139
Questions     139
Certification, Accreditation, Registration, and Licensing     141
Introduction     141
Linking to Mitigation     142
Certification     142
Accreditation     143
Registration     144
Licensing     145
The Trusted Transportation System     145
ABC Transport Example     146
Continuity of Operations Planning     147
Questions     149
Continuity of Operations     151
Introduction     151
What Is COOP?     152
Aligning COOP, BCP, and Contingency Planning     153
Background of COOP     154
Objectives      155
Elements     156
Operations     157
Issues Implementing COOP     158
Aligning with Preventive Safeguards     159
ABC Transport Example: Business Continuity Planning     159
Detection     161
ABC Transport Example: Corporate Policy     163
Response and Mitigation     163
ABC Transport Example: ABC Employees     163
ABC Transport Example: The Regional Office     164
ABC Transport Example: Senior Management     164
Recovery     165
Supply Chain Management Security     166
Questions     167
Networks and Communities of Trust     171
Introduction     171
Value of Community Involvement     172
Prevention     172
Detection     173
Response     174
Recovery     174
Community Building as a Continuum     175
Setting of Arrangements     176
Communities and Council Building     177
Tactical, Operational, and Strategic Considerations     177
Communities, Trusted Networks, and Operations     178
ABC Transport Example     179
Questions      180
Establishing and Monitoring Learning Systems     183
Introduction     183
Intent of the Learning System     184
How the Intent Is Met     184
Assessing or Evaluating against Criteria     185
Prioritizing Based on Divergence     186
Determining Causes     186
Communicating Results     187
Challenges with ISACs     188
How Would Information Be Shared?     189
Legal Issues with ISACs     190
Consequences of Accidental Disclosure of Information     191
Intellectual Property and ISACs     192
Trend Analysis     192
Reporting Trends     192
Information Sharing and Definition and Categorization Challenges     193
ABC Transport     194
Questions     195
Fragility and Fragility Analysis Management     197
Introduction     197
Requirement for Information     198
Repositories of Information     198
Lines of Communication     201
Data Categorization     202
Adaptability of the Categorization Process     203
Adaptability of Data Sets or Mutability     204
Assessment      205
Integration into Mitigation Strategies     206
Addressing Capacity in Decision-Making Gaps     209
Translating of Strategies into Action     209
The Rough Fragility Score for Evolution     210
Additional Factors with Respect to Fragility     213
Rating Geographic, Sphere of Control, and Interdependency Fragility     214
Fragility Factor     217
Relating to Resiliency and Redundancy     217
Fragility and the Path of Least Resistance     218
Mean Time between Business Failure (MTBBF)     218
Mean Time between Market Failure (MTBMF)     219
Persistent Fragility Leading to System Revolution     220
Management of Fragility     220
Relating to Prevention, Detection, Response, and Recovery     221
Transportation System Security, Risk, and Fragility     221
Questions     221
Sample Memorandum of Understanding between The Radio Amateurs of Canada Inc. and The Canadian Red Cross Society     223
Memorandum of Understanding between The Radio Amateurs of Canada Inc. and The Canadian Red Cross Society     223
Appendix A     224
Guidelines for Cooperation     224
Appendix B     225
Organization of The Canadian Red Cross Society     225
Organization of The Radio Amateurs of Canada Inc     225
Manager's Working Tool     227
Product or Service Delivery     227
Geography and Community Building     231
Data Categorization and Information Management     236
Establish a Learning System     238
Maintenance and Sustainability     242
Index     245

Look this: Attuazione dei quattro livelli: Una guida pratica per l'efficace valutazione dei programmi di formazione

Blindside: How to Anticipate Forcing Events and Wild Cards in Global Politics

Author: Francis Fukuyama

A host of catastrophes, natural and otherwise, as well as some pleasant surprises--such as the sudden end of the cold war--have caught governments and societies unprepared in recent decades. September 11 is only the most obvious example among many unforeseen events that have changed, even redefined, our lives. We have every reason to expect more surprises in future.

Certain kinds of unanticipated scenarios--particularly those of low probability and high impact--have the potential to escalate into systemic crises. Even positive surprises can pose major policy challenges. Contemporary policymakers, however, lack the understanding and the tools they need to manage low-probability, high-impact events. Refining our understanding and developing such tools are the twin foci of this insightful and perceptive volume, edited by renowned author Francis Fukuyama and sponsored by The American Interest magazine.

Organized into five sections, Blindside addresses the psychological and institutional obstacles that prevent leaders from planning for negative low-probability events and allocating the necessary resources to deal with them. Case studies pinpoint the failures--institutional as well as personal--that allowed key historical events to take leaders by surprise, and other chapters examine the philosophies and methodologies of forecasting. The book's final section offers a debate and two discussions with internationally prominent authorities who assess how individuals, communities, and local and national governments have handled low-probability, high-impact contingencies. They suggest what these entities can do to move forward in a period of heightened concern aboutboth man-made and natural disasters.

How can we avoid being blindsided by unforeseen events? There is no easy or obvious answer. But we first must understand the obstacles that prevent us from seeing the future clearly and then from acting appropriately. This readable and fascinating book is an important step in that direction.



No comments:

Post a Comment