Skip to contentUnited States Department of Transportation - Federal Highway Administration FHWA Home
Research Home
Report
This report is an archived publication and may contain dated technical, contact, and link information
Publication Number: FHWA-HRT-06-072
Date: March 2006

Multiyear Plan for Bridge and Tunnel Security Research, Development, and Deployment

Appendix C Results from the Security Workshop

The product of this workshop was an unstructured and unprioritized collection of gaps in knowledge, understanding, and technology. This represented the collective thinking of a group of knowledgeable and experienced professionals who have been directly engaged in improving the security of the Nation and its highway systems at the operational and policymaking level.

Reducing the Vulnerability of the Nation's Highway Systems

  1. Need for a better understanding of the interrelationship and interdependencies of the highway network and other systems.
  2. The sharing of sensitive information is perceived as a need that will prevent us from achieving our goal of improved security.
  3. Information, methods, and tools for prioritization are needed.
  4. Targets need to be identified.
  5. Network analysis is lacking.
  6. National network vulnerability analysis is lacking.
  7. Multi-objective optimization within a vulnerability and security framework is needed.
  8. Is it possible to do this by simply tying local networks together?
  9. The threat is unknown and hard to quantify in a probabilistic sense. Traditional risk assessment methods are hard to apply.
  10. Insider threats and crime also need to be considered. (We have not considered how to reduce the risk of highways being used to help commit crime.)
  11. Other critical infrastructure needs to be considered, such as transit.
  12. An explicit definition of what is critical infrastructure is needed.
  13. Can cargo tracking technology reduce risk?
  14. Cost-benefit analysis of vulnerability reduction.
  15. Model elements and test them. There is a need to verify models for testing. There are tools, but no clear models, so we need to verify models (cannot go off of computer assumption).
  16. Need to contribute to DHS Critical Infrastructure R&D Plan.
  17. Specific information on connection details is lacking (connection within a bridge, not the columns) (e.g., 100-year-old steel bridge).
  18. National strategy for spending not in place for security infrastructure.
  19. Looking at other scenarios other than the common blast scenario (e.g., poison in cargo ship). Other threats need to be considered.
  20. Military standards are available as a tool, but are not necessary applicable to highway cases.
  21. There is a need for a National Strategy for spending for security.
  22. The assumption that a blast is the most likely threat must be challenged.
  23. Ask: What are realistic damage states for highway infrastructure? How much damage is tolerable? Where are we vulnerable?
  24. In an ideal world, know what is in the carrier (ship, truck). Cargo tracking technology is needed.
  25. Risk needs to be considered in the TSL stage.
  26. Low-cost changes to new structures need to be reviewed and included in overviews.
  27. National local networks need to be tied together. There is much information floating locally; there is no national tie-in to bring it all together.
  28. Security threats from inside agencies should be considered.
  29. Cost-benefit analysis is necessary.
  30. Risks to be considered in early part of design.
  31. Ticket checker example. System design for operations strategies. They need to be checked. How often do we check systems in place? Security checks?
  32. Fire suppression and analysis are necessary.
  33. Research the application of artificial intelligence or other adaptive computational methods and emerging technologies to this aspect of the problem.
  34. Information about threats:
    1. Intelligence ration: Getting information to the right people.
  35. Validation tools/models for analyzing dynamic failure (blasts, impacts).
  36. Probability risk assessment methodology:
    1. Ranking critical infrastructure (assessing it).
    2. Distribution of funds.
    3. Strategies to reduce risk.
  37. Physical vulnerability vs. operational vulnerability.
  38. Operational vulnerability:
    1. Power grid systems (cause and effect).
  39. Design guides/specifications: Ultimate goal is cost-effective measures.
  40. Creating a tool to make it more cost-effective.
  41. Cost-effective advanced materials (nanotechnology) design solutions.
  42. Integrated software tools (integrating different modules for better decisionmaking).
  43. Alternative power source (off grid for traffic control purposes).
  44. Handling sensitive security information:
    1. Getting it to the right person.
    2. Plans and designs as examples of this information (whether available or not).
    3. Computation/modeling.
    4. Goal: Developmental work protected, but final product is open.
    5. Legislative involvement and impact on changes.
    6. Final product and availability.
  45. Biological/radiological sensors.
  46. Improve surveillance and monitoring capabilities.
  47. Transportation issues:
    1. Broaden our focus.
    2. Transportation funding over model funding.
  48. Guidance to be included on the Web (e.g., hazardous materials sites, nuclear sites, bridge locations, defense routes).
  49. Is there sufficient knowledge of surge capacity?
  50. Smart structures: Can these reduce vulnerability?
  51. Rapid post-event assessment methodology in place.
  52. Need literature search on what others have done.
  53. What are the cross-cutting issues (risk-reduction metrics)?:
    1. Threat, vulnerability, risk assessment, countermeasures against security (risk-reduction metrics).
    2. Interdependencies for infrastructure.
    3. Redundancy (alternative routing/intermodal):
      1. Other options.
      2. Redundancy reduces criticality and attractiveness.
    4. Collaboration, communications, coordination (i.e., intelligence).
    5. Interoperability.
    6. Analytical tool required.
    7. Security cost tradeoffs (e.g., potholes vs. security).
  54. Detection:
    1. Intrusion detection.
    2. Cameras - semi-automated analytical tools to reduce FTE.
    3. Cheap, easy-to-use alternative to current video systems.
    4. Biological/radiation/chemical detection - detect at high speeds.
    5. Institutionalized arrangements for response.
    6. Analytical support tools - synthesizing systems.
    7. Create a system that is not highly dependent on electrical sources.
    8. Broad category of sensing.
    9. Synthesis of existing technology and practices.
    10. Communications between these remote sensors.
  55. Deterrence:
    1. Effectiveness of surveillance on deterrence.
    2. Strategies to reduce target value.
    3. Coordination of security risk vis-a-vis other societal values.
    4. Scientific risk - society tools (how much to invest on security).
    5. Effectiveness of physical patterns on deterrence.
  56. Defend:
    1. Vulnerabilities:
      1. Suspension bridge towers.
      2. Bridge cables.
      3. Through arches.
      4. Box girders.
      5. Thin-shell underwater tunnels.
    2. Need to identify mitigation strategies and testing methodologies for above.
    3. Materials for defending:
      1. Column wrap.
      2. High-performance material- fiber reinforced concrete.
      3. Thermal protection.
      4. Windows - electromagnetic pulse.
    4. Barrier Effectiveness.
    5. Biological/chemical strategies and technologies.
  57. Deny:
    1. Methods to achieve standoff/enforcement (what works for enforcement).
    2. Routing restrictions (access or deny in critical infrastructure).
    3. Strategies to deny access to critical infrastructure.
    4. Parking restrictions (how effective are they?) - inspect, proximity to critical infrastructure and elements.

Reducing the Risk of a Highway System Being Used as a Means to Attack

  1. Sensors to detect threat (unauthorized vehicle or cargo).
  2. Integration of sensors into a system to detect a threat and perhaps respond.
  3. Include institutional process.
  4. Technology to deal with data overload.
  5. Boiling it down to a green light (data mining).
  6. Chain-of-possession system (identify the possessor of freight).
  7. Process to share intelligence and data (tied to communications interoperability).
  8. Simulation tools to develop and evaluate the above.
  9. Testing of actual systems using simulated attack (exercise or drill) at a large scale at the multi-agency level.
  10. Sensitivity analysis of frequency of test and exercise.
  11. National tracking system:
    1. Integration of State (local) systems at the national level.
    2. Effects of such systems on mobility or congestion.
  12. Mobility can spread a biological or radiological agent.
  13. Deterrence, or denial of access, if a threat is detected through intelligence (pre-screening).
  14. Lack of knowledge of threat. Access to intelligence.
  15. Highway ISAC (design and capability analysis).
  16. Research on deterrence.
  17. Development of new sensors:
    1. PPB sensitivity is here.
    2. MEMS is here.
  18. Strategy for deployment of sensors.
  19. Reliability of detection studies.
  20. Detecting and responding to behavior patterns (pattern recognition).
  21. Research on the security benefits of law enforcement (presence and visibility).
  22. Other applications of the benefits of this technology for other law enforcement areas.
  23. What will public tolerate with regard to infringement on personal liberty?
  24. Balance with legitimate movement of explosion, radiation, etc.
  25. Legal research into what is our authority to do such things.
  26. Tie to permitting systems.
  27. Must be coordinated with DHS.
  28. Link to intelligence systems.
  29. Detect changes in drivers.
  30. Technology transfer from other industries that may have better ways of dealing with this.
  31. Scalable to the national level.
  32. Decision support systems for making investments technologies vs. benefits vs. risk.
  33. Fitness for duty (dual benefit).
  34. Eyes-on-the-road program - dealing with the data.
  35. Reliability of detection study.
  36. Linkage to law enforcement system is essential.
  37. Research on efficiency and management of a HISAC
  38. Proper archiving of data:
    1. Data aspects of the problem.
    2. Data management for security.
  39. Coordination with other systems (e.g., Amber Alert).
  40. Design of highway to reduce use as a weapon.
  41. All aspects need to be considered.
  42. Use traffic control systems to thwart an attack.
  43. Consider the business interests as well.
  44. Possible use of TRANSIMS
  45. Need to better understand how the highway system can be used to deliver an attack.
  46. Research of targets.
  47. Data communications:
    1. Protection at data transmission.
    2. Any control systems.
  48. Tracking cargo:
    1. Origin to destination.
    2. Screening for weapons of mass destruction.
  49. Route restriction.
  50. Managing the flow of hazardous cargo:
    1. Developing analytical tools.
    2. Evaluate the impact of strategies.
  51. Developing better screening techniques.
  52. Using technology to identify suspiciously operated vehicles.
  53. Advanced screening/surveillance.
  54. Identifying overheight/overweight vehicles.
  55. Establishing rings of security to detect threats.
  56. Enabling DOT employees to be more alert (training):
    1. Research to determine the characteristics and attributes of suspicious vehicles/drivers.
  57. Identifying human factors research (associated with security aspects/actions in chemical/biological/nuclear/radiological event):
    1. Management.
    2. Employees sent to establish quarantine barriers (looking at other agencies to support).
  58. Using bridges as platforms for delivery (study to evaluate citing and design).
  59. Research to identify critical node points in our transportation network.
  60. Research to provide redundant transportation systems for critical node points.
  61. Freight security (applications to borders and tunnels):
    1. Cargo tracking.
    2. Cargo identification.
    3. Anti-hijacking technology (public fleets and private fleets).
    4. Hazardous materials routing.
    5. Vehicle tracking.
  62. Traffic surveillance:
    1. Non-typical behavior recognition.
    2. Driver licensing.
    3. Route deviation alerts.
    4. Rapid response techniques.
    5. Remote sensing and tracking (chemical, radiation, biological).
    6. Evaluation of technical solutions and cost.
  63. Response and control methodologies.
  64. Calibration (resolution of false indications).
  65. Threat definition:
    1. What are we designing to prevent?
  66. Physical security:
    1. Barrier design guides.
    2. Barrier usage/applications.
    3. Vehicle inspection (visual, sensing).
    4. Routing options (vehicle restrictions).
    5. Rapid threat investigation technology.
    6. Vehicle restrictions.
    7. Access denial.
    8. Rapid removal of vehicles.
  67. Evaluation of hardening vs. policing.
  68. Tunnel ventilation control and detection systems.
  69. Surveillance:
    1. Effectiveness of highway watch.
    2. Terrorist screening of driver's license applications.
  70. TWIC requirements at key construction sites/critical factors.
  71. Alternatives to standard national security clearance procedure.

Improving the Utility of the Highway Systems to Respond to and Recover From an Attack

  1. Role of transportation in a biohazard situation? Traffic control paradigm?
  2. Linkage to modeling and simulation.
  3. Modeling in advance of an incident.
  4. Real-time modeling capability.
  5. Decontamination: How to do it? (biological and radiological).
  6. Decontaminate vehicles?
  7. Exploration of how intelligent transportation systems (ITS) get applied in response and recovery.
  8. Capacity of system under extreme situations (emergencies). Reverse directions, etc.
  9. Basic highway engineering questions.
  10. Linkage to other infrastructure systems (e.g., cell phone systems): How do we do it?
  11. Role playing/people simulation: How bad does a situation have to be before an emergency declaration is made? What types of decisions are people willing to make?
  12. What other infrastructures could take down the transportation system (e.g., electric grid)?
  13. Develop studies on how long it would take to evacuate a city: Evacuation modeling is a gap. Basic behavior information is missing. Some behavior is counterintuitive. Some behavior is contrary to governmental guidance.
  14. Taken off of modeling of hurricane evacuations.
  15. Dealing with an unplanned evacuation.
  16. Pass through in medians (guidance, number, etc.) break the barriers.
  17. Understanding what is involved in decontamination.
  18. Research into materials that are more tolerant of decontamination.
  19. Effective communication with people in vehicles.
  20. Basic research in disaster communication.
  21. Dealing with pedestrians in an emergency situation.
  22. Focus on moving people not just vehicles (linkage to other modes).
  23. Traffic officers might not be available.
  24. Assumptions need to be changed.
  25. Public awareness of routes (public education/preparedness).
  26. Optimal decisionmaking tools:
    1. War games.
    2. Simulation.
    3. Lines of authority (changes in laws needed?) - Federal/State/local.
  27. Specific roles/responsibility/authority defined and refined through simulation (role playing).
  28. Research into rapid recovery, repair, etc.
  29. Sensors for real-time analysis and decisionmaking (is the bridge safe to use or not?).
  30. Possible need to understand military mobilization needs in today's world.
  31. Dealing with emergencies in rural areas.
  32. Modeling of the national system lead - interdependency again
  33. Research needs to include deployment plan considering the capability of users. Need to train potential users.
  34. Identify capabilities needed to respond and use tool.
  35. Ultimate effects/constraints to response and recovery.
  36. Rapid recovery of ITS infrastructure.
  37. Standards for redundancy and reliability of ITS/traffic control systems. Possible implications for design. Back in service in a short time.
  38. Standards for systems redundancy (possible implications for design).
  39. Dual use must be a basic guiding principle.
  40. Include response and recovery to routine events.
  41. Research of technology in support of National Incident Management System.
  42. Identification processes for key personnel to enter an area in the event of an attack.
  43. Clearly developed policy and implementation guidelines for agencies in the event of an attack for tool development.
  44. Communication interoperability (SAFECOM):
    1. Voice and data communications, standards, and architecture between effective parties as needed for security event.
  45. Identification of alternative routes:
    1. Enhancement of the Strategic Highway Network (STRAHNET).
  46. An all-hazards approach in dealing with security issues.
  47. Forensics experts (national pool).
  48. Quick analysis needed to avert other attacks.
  49. Identification of organization to develop tools, use the developed tools, conduct analysis, and provide results.
  50. Develop alternative evacuation strategies and plans:
    1. Local.
    2. Regional.
  51. Post-event assessment (consistent data-gathering protocol lessons learned).
  52. Response planning for an event.
  53. Rapid recovery (e.g., rapid replacement of structures (short-term, long-term)).
  54. Enhanced traffic monitoring network.
  55. Alternative power supply.
  56. Evacuation rerouting techniques:
    1. Reversible lanes.
    2. Movable traffic barriers.
  57. Medical evacuation planning.
  58. Identification and isolation of the hazard.
  59. Planning for multiple attacks.
  60. Regional coordination through multi-jurisdictional areas.
  61. Rapid assessment.
  62. Improvement of system use in response and recovery:
    1. Need for rapid repair options materials.
    2. Maximizing short-term lane.
    3. Emergency lane clearance.
    4. Proper amount of system redundancy.
    5. Communications (what?, to whom?).
  63. Response planning:
    1. Human factors in emergency situations: What can you expect?
    2. Ability of current network tools to model human behavior under stress.
    3. User needs assessment during emergencies (do current models reflect the needs?).
    4. What are the data needs for modeling response options?
  64. Chemical/biological/radiation cleanup:
    1. Structural capacity of damaged critical infrastructure.
    2. Tools to access roadway incidents in terms of security mplications.
    3. Response strategies for DOT employees.
    4. Literature search on response to natural disasters and an evaluation of the implications for response preparedness for State and local DOTs.
  65. International border implications regarding emergency response and recovery at borders:
    1. Jurisdictional issues.
    2. Federal roles in developing possible plans.
  66. National incident command systems as a requirement for DOT.
  67. Coordination of the transportation requirements of special response teams (urban search and rescue) (management training) under national response plan (interdependency).
  68. Special structural load-carrying capabilities (analytical techniques).
  69. Communications procedures.
  70. Legal agreements
  71. Secure communications needs and systems for use in emergency situations. (Federal-Federal, Federal-State, State-State, etc.).
Previous    Table of Contents    Next

 

ResearchFHWA
FHWA
United States Department of Transportation - Federal Highway Administration