Below is the uncorrected machine-read text of this chapter, intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text of each book. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.
4 Summary Countermeasures Assessment and Security Experts (CASEâ¢) and Western Management and Consulting (WMC) conducted research with the objective: to develop a second edition of the Security 101 primer for use by transportation personnel without a security background whose work requires them to address, perform, or supervise security or infrastructure protection activities as a part of their overall job responsibilities. The research effort focused on developing a primer that should be suitable for adoption by the AASHTO Special Committee on Transportation Security and Emergency Management (SCOTSEM) and includes approaches and recommendations applicable by all transportation modes under state control or influence. NCHRP Report 525: Surface Transportation Security, Volume 14: Security 101: A Physical Security Primer for Transportation Agencies (2009) provided transportation managers and employees with an introductory-level reference document containing essential security concepts, guidelines, definitions, and standards. Since the guide was published, there have been significant advances in transportation security approaches. As the RFP for this project noted, âThe decade- long effort to improve the state of security and emergency management practice in the transportation industry has produced new strategies, programs, and ways of doing business that have increased the security of our transportation systems as well as ensured their resiliency.â This new understanding was summarized in the 2015 Fundamental Capabilities of Effective All- Hazards Infrastructure Protection, Resilience and Emergency Management for State DOTs report which documented a security domain that has now expanded to include the complementary topics of infrastructure protection and system resiliency. While the 2009 Security 101 primer focused on physical security, defending against the full spectrum of threats facing transportation systems today requires a more comprehensive approach encompassing cyber-physical systems security and cyber security aspects to be added to the physical security discussion. Recent guidance at the national level has redirected the focus and long-term direction of the security-related mission within transportation agencies. Since the publication of the Security 101 primer in 2009, a number of national-level directives and executive orders have been issued, each one adding to the nationâs complementary goals pertaining to transportation security, infrastructure protection, system resiliency, and emergency management. Transportation agencies are in the process of understanding and incorporating the details of these policy directives, and are wrestling with their impacts on ongoing security and emergency management functions. Threats and hazards to the system have also continued to evolve since the Security 101 primer was published. While the incidence of large-scale terrorist attacks has remained small, transportation agencies are at increasingly greater risk from system-disrupting events due to natural causes, accidents or unintentional human intervention, or intentional criminal acts (e.g. active shooter incidents). Because todayâs transportation systems integrate cyber and physical components, cyber risks are increasing, and include the risk of a cyber incident impacting
5 not only data, but the control systems operating a portion of the physical infrastructure operated by transportation agencies (e.g., tunnel ventilation systems). The research team considers the NCHRP Project 20-59 (51)A as an undertaking to build upon the foundational physical security framework achieved in the Security 101 research. Our research approach is to: (1) synthesize the most recent (since 2009) existing literature and resources related to physical security, infrastructure protection and cyber security; (2) layer in resilience, sustainability and other applicable concepts, policy, guidance and procedures (such as the National Preparedness Goal and Planning Frameworks); (3) use this comprehensive knowledge base to revise and enhance the Security 101 guide; and (4) provide transportation agencies with a valuable fundamental resource that addresses âall-hazardsâ security in todayâs and tomorrowâs transportation environment.