The National Academies Press

Currently Skimming:

2 Assessing Vulnerability
Pages 13-27

The Chapter Skim interface presents what we've algorithmically identified as the most significant single chunk of text within every page in the chapter.
Select key terms on the right to highlight them within pages of the chapter.

From page 13... ... REVIEW OF THE METHODOLOGY AND FINDINGS OF THE DEPARTMENT OF TRANSPORTATION VULNERABILITY ASSESSMENT Overall, the DOT vulnerability assessment is excellent, and DOT is to be commended for producing a useful report. The assessment clearly demonstrates the validity of concerns about security in surface transportation and lays a good foundation for addressing those concerns via an R&D program. Read the entire page →
From page 14... ... Identification of potential countermeasures DOT acknowledges that the scenarios are illustrative, not exhaustive, but they cover a wide range of possible targets and attacks (see Table 2-1~. The vulnerability assessment states clearly that it analyzes only the vulnerabilities of surface transportation assets, without regard to the likelihood of any particular threat. Read the entire page →
From page 15... ... detonated at pipeline compressor stations bomb detonated at pipeline storage facility bomb detonated on pipeline segment simultaneous attacks on ports terrorist bombing of waterfront pavilion container vessel fire at marine terminal ramming of railroad bridge by maritime vessel attack on passenger vessel in port shooting in rail station vehicle bomb adjacent to rail station bombing of airport transit station bombing of underwater transit tunnel bus bombing deliberate blocking of highway-rail grade crossing terrorist bombing of rail tunnel bomb detonated on train in rail station vandalism of track structure and signal system terrorist bombing of rail bridge explosives attack on multiple rail bridges explosive in cargo of passenger aircraft Biological Attacks � biological release in highway tunnel � anthrax release from freight ship � anthrax release in transit station � anthrax release on passenger train Chemical Attacks � satin release in multiple subway stations � physical attack on railcar carrying a toxic chemical Cyber and C3 Attacks � cyber attack on highway traffic control system � cyber attack on pipeline automated control system � attack on port power and telecommunications facility � sabotage of train control system � tampering with rail signals � cyber attack on train control center Read the entire page →
From page 16... ... Means of Attack The vulnerability assessment includes a nine-page chapter on possible means of attack against surface transportation. Such a brief discussion is appropriate as background for the vulnerability assessment, but future efforts to extend the assessment will have to be based on a more complete, balanced, and clearly defined analysis of the various means of threat delivery. Read the entire page →
From page 17... ... As this report was nearing completion, an outbreak of the Melissa computer virus drew considerable media attention. Implemented as a computer program BOX 2-1 Nonvirus Cyber Attacks on Surface Transportation Not all cyber attacks involve computer viruses. Read the entire page →
From page 18... ... Chemical and Biological Attacks in scenarios involving chemical and biological attacks, future assessments should make more careful distinctions between the consequences of chemical attacks and biological attacks and between the consequences of attacks involving various agents with different properties. Although chemical and biological attacks are often considered together the phrase "chem/bio" is sometimes used almost as a single word they are in fact different in many ways, particularly as a consequence of the incubation period associated with biological agents (see Box 2-2 and Appendix B) Read the entire page →
From page 19... ... The Need for a Continuing Effort The DOT vulnerability assessment, although very valuable to the transportation industry and others, should not be a one-time effort. Rather, it should be the first installment in a continuing series of analyses. Read the entire page →
From page 20... ... They were not considered in any depth in the DOT vulnerability assessment, but they warrant close attention. Interdependencies in the Surface Transportation System Because of the decentralized, multimodal character of surface transportation, mounting a system-wide attack with large spatial and temporal impact would be difficult. Read the entire page →
From page 21... ... , might require simulation or "wargaming" exercises. Interdependencies and Cyber Attacks The growing and evolving automation of the transportation infrastructure, particularly the introduction of infrastructure-wide automation systems, may increase the opportunities for infrastructure-wide attacks. Read the entire page →
From page 22... ... Even the air traffic control system, which is far more highly automated and centralized than any part of the surface transportation infrastructure, is still relatively decentralized and retains the option for individual controllers to control traffic, albeit at reduced capacity. ITS technology may offer comparable levels of automated control in the future, but it seems likely that the highway infrastructure as a whole will remain distributed and decentralized and retain reduced-capacity fallback modes for the foreseeable future. Read the entire page →
From page 23... ... These lessons could emerge from the many modeling and planning exercises that are being conducted before the event, as well as from the actual consequences. The analogy between Y2K and the threat of cyber attacks may be similar to the analogy between hazardous materials and the threat of chemical attacks. Read the entire page →
From page 24... ... To compensate, travelers made increased use of ferry service and the Bay Area Rapid Transit system, several major employers instituted shuttle services, and many commuters adjusted their routes and travel schedules. Natural disasters like these suggest that "transportation system redundancy and the ability of individuals to make a variety of short-term adjustments in travel patterns make rapid recovery possible even from major disasters" (Giuliano and Golob, 1998) Read the entire page →
From page 25... ... Attacks on the communications services used by surface transportation could have serious consequences, but the committee agrees with the judgment of the DOT vulnerability assessment that the consequences would probably be inconveniences and economic losses rather than loss of life. The communications infrastructure itself is quite resilient, with redundant communications links and fallback navigational systems. Read the entire page →
From page 26... ... In the context of a military emergency or another crisis, a disruption that might be less significant under ordinary circumstances could have major consequences. An assessment of strategic vulnerabilities, by identifying key transportation nodes that lack redundant alternatives, would help to highlight potential situations of this kind. Read the entire page →
From page 27... ... Future assessment efforts should distinguish carefully between chemical attacks and biological attacks and between attacks involving agents with different properties. Strategic, systemic vulnerabilities deserve close attention. Read the entire page →

From page 13...

... REVIEW OF THE METHODOLOGY AND FINDINGS OF THE DEPARTMENT OF TRANSPORTATION VULNERABILITY ASSESSMENT Overall, the DOT vulnerability assessment is excellent, and DOT is to be commended for producing a useful report. The assessment clearly demonstrates the validity of concerns about security in surface transportation and lays a good foundation for addressing those concerns via an R&D program.

2 Assessing Vulnerability Pages 13-27

2 Assessing Vulnerability
Pages 13-27