5
A Vision of the Future
This study's contribution to improving surface transportation security is the first step of a journey. The surface transportation system is remarkably reliable in the face of accidents and natural disasters, but hostile attacks are a different and new concern. Moreover, the pace of technological change is so rapid that, at the same time efforts are made to improve security, dramatic changes are sure to occur in the nature of hostile threats, the vulnerability of transportation to those threats, and the nature of the transportation system itself. The emerging awareness of chemical, biological, and cyber vulnerabilities is just one aspect of the evolution of the security challenge.
In this fluid situation, it will be critical that DOT and other agencies work together in a coherent, unified, but flexible and dynamic way. An effective response will also require the close involvement of many other stakeholders, including the research community, state and local transportation agencies, and above all the owners and operators who provide transportation services across the country. Ensuring this involvement will undoubtedly require overcoming organizational, institutional, and disciplinary barriers.
But although the security of surface transportation is a relatively new concern in one sense, in another sense it is not new at all. Prevention and mitigation of accidents, recovery from natural disasters, and safe handling of hazardous materials are all familiar aspects of the transportation system. Building on this foundation will make enhancing security a more tractable and less daunting task. System designers will have to build security into their plans from the beginning, not add it on at the end. Developers of security features will have to recognize the transportation system's other goals and capitalize on them by selecting dual-use
alternatives that benefit transportation owners and operators beyond improved security. Viewing security as part of a broader picture will make the task far easier.
This study has endeavored to identify elements of an R&D strategy for DOT that would further this vision of the future. Some of the report's key findings and recommendations are restated below.
At this early stage in the establishment of an R&D program for surface transportation security, building a solid strategic basis is the most important task. The strategy should be a systematic process consisting of five fundamental steps:
1. |
Defining the problem, the objectives, and the criteria for evaluating success or failure |
2. |
Identifying ways to meet the objectives, namely potential R&D projects |
3. |
Evaluating the alternatives identified in Step 2 against the objectives defined in Step 1 |
4. |
Deciding on a course of action |
5. |
Implementing the decision |
The implementation of this strategy should incorporate the following key features:
- Because improving security is a crosscutting problem, DOT should not break up its efforts in this area according to transportation modes.
- DOT should clearly identify and understand its role in security R&D and how that role meshes with work being done by other agencies.
- As a framework for identifying and evaluating potential R&D topics, DOT should categorize topics according to the type of attack to which they respond and the type of response to which they are directed: prevention, mitigation, monitoring, recovery, investigation, or systems.
- DOT should make strenuous efforts to increase the involvement of transportation owners and operators. Their serious involvement in all stages of the program will be critical to successful implementation.
- To meet the growing need to protect information that is sensitive, but not classified, DOT should consider urging the Congress to provide legal authority similar to the regulation 14 CFR 191, which protects information on aviation security.
Vulnerability assessment is an important part of defining the security problem in Step 1 above. DOT has already made commendable progress in this area. Those efforts should be continued, with attention to the following points:
- further checking of the basic assumptions and predicted consequences of attack scenarios, in cooperation with experts from industry
- further assessment of threat likelihood, where possible
- a more complete, balanced, and clearly defined analysis of possible means of attack
- more attention to cyber attacks and other attacks on C3 systems, especially attacks other than the introduction of computer viruses
- a close examination of chemical and biological vulnerabilities
- careful distinction between chemical attacks and biological attacks and between attacks involving agents with different properties
- an examination of strategic, systemic vulnerabilities
To improve its understanding of strategic vulnerabilities, DOT should undertake (1) a strategic assessment of the surface transportation system's redundancies and interdependencies, and (2) an analysis of lessons learned about impact and mitigation from past accidents and natural disasters.
When DOT conducts a complete and thorough evaluation of potential R&D topics, using this systematic five-step strategy, the following themes will emerge:
- the value of taking a dual-use approach, in which security objectives are furthered at the same time as other transportation goals
- the potential for more use of modeling to improve understanding of the scope of the security problem
- the importance of DOT's role in developing and disseminating information about best practices that use existing technologies and processes, including low-technology alternatives
- the need to consider security as part of a broader picture, not a wholly new and different problem, but one that is similar and closely connected to the transportation community's previous experience in responding to concerns about safety, natural disasters, and hazardous materials