RAIL SYSTEM SECURITY
The importance of rail system security has increased substantially due to the threat of terrorism.
A transit system is vulnerable to certain types of threats including:
- terrorism,
- theft,
- assault,
- rape,
- vandalism,
- graffiti on buildings and equipment,
- pick-pocketing and purse snatching,
- fare avoidance, and
- trespassing.
A transit system can face threats to its security including curious children, destructive passengers, criminals, and even disgruntled workers.
A potential security problem exists when these two components - threat and vulnerability - coincide.
SYSTEM SECURITY PROGRAM PLAN
The development of a System Security Program Plan and its implementation, in the form of a System Security Program, ensures that security is built into the rail system concurrent with system development.
SYSTEM SECURITY PROGRAM
The System Security Program Plan orchestrates the System Security Program.
The purpose of this Plan is to set forth the approach, organization and methodology to be used to ensure the thorough and timely identification, evaluation and elimination or minimization of potential security hazards throughout the life-cycle of the system.
The purpose of this Plan is to set forth the approach, organization and methodology to be used to ensure the thorough and timely identification, evaluation and elimination or minimization of potential security hazards throughout the life-cycle of the system.
SYSTEM SECURITY PRINCIPLES
The foundational principles of system security are clearly stated in FTA's Transit Security Handbook:
"System security is a form of risk management that eliminates or controls threats and vulnerabilities through an ongoing threat and vulnerability resolution process. The system security approach identifies, evaluates, and controls security threats and vulnerabilities through all system life cycle phases. Security is addressed in the design, construction, and operation of the transit system. This proactive approach encourages both the design of features which "harden" system elements against criminal activity, and the implementation of security information monitoring systems, which identify and control new threats and vulnerabilities. This approach also identifies designs technologies, and deployment strategies that assist in reducing patron fear.
A System Security Program utilizing the systems approach offers the functional and integrated capability of protecting users and operators of the system, as well as the resources of the system. The basic elements of protection involve prevention or deterrence of acts or conditions threatening the safety or welfare of those persons or resources, and corrective or remedial action to limit the effects of such acts or conditions when they do occur.
The system security approach relies on threat and vulnerability management. This threat identification and resolution process includes a thorough examination of the role and interrelationship between the four elements of the System:
Such an approach will assist in minimizing System threats while providing the highest level of security practical."
"System security is a form of risk management that eliminates or controls threats and vulnerabilities through an ongoing threat and vulnerability resolution process. The system security approach identifies, evaluates, and controls security threats and vulnerabilities through all system life cycle phases. Security is addressed in the design, construction, and operation of the transit system. This proactive approach encourages both the design of features which "harden" system elements against criminal activity, and the implementation of security information monitoring systems, which identify and control new threats and vulnerabilities. This approach also identifies designs technologies, and deployment strategies that assist in reducing patron fear.
A System Security Program utilizing the systems approach offers the functional and integrated capability of protecting users and operators of the system, as well as the resources of the system. The basic elements of protection involve prevention or deterrence of acts or conditions threatening the safety or welfare of those persons or resources, and corrective or remedial action to limit the effects of such acts or conditions when they do occur.
The system security approach relies on threat and vulnerability management. This threat identification and resolution process includes a thorough examination of the role and interrelationship between the four elements of the System:
- Passengers and employees,
- Equipment and facilities,
- Procedures, and
- Environment
Such an approach will assist in minimizing System threats while providing the highest level of security practical."
THREAT AND VULNERABILITY ANALYSIS
Threats and vulnerabilities should be identified, examined, and appropriately resolved.
The overall process is usually referred to as a Threat and Vulnerability Analysis (TVA).
Similar to the approach used for system safety where a Preliminary Hazard Analysis is used to analyze system hazards, a Threat and Vulnerability Analysis is used to analyze security hazards.
HCRQ possesses this type of expertise so much so that it has taught "how to" webinars on the subject. One of the targeted systems was the JFK AirTrain.
The overall process is usually referred to as a Threat and Vulnerability Analysis (TVA).
Similar to the approach used for system safety where a Preliminary Hazard Analysis is used to analyze system hazards, a Threat and Vulnerability Analysis is used to analyze security hazards.
HCRQ possesses this type of expertise so much so that it has taught "how to" webinars on the subject. One of the targeted systems was the JFK AirTrain.
SECURITY RISK MANAGEMENT
It is impossible for a transit system to be completely secure.
Management of security issues is a process of risk management.
It is necessary to identify the major vulnerabilities and to identify threats to which the System is subject.
These identifications should be done independently so that assumptions about vulnerability do not hide the possibility of problems with threats.
Once the vulnerability and threat areas are brought into focus, the security resources can be applied to solve specific problems.
Management of security issues is a process of risk management.
It is necessary to identify the major vulnerabilities and to identify threats to which the System is subject.
These identifications should be done independently so that assumptions about vulnerability do not hide the possibility of problems with threats.
Once the vulnerability and threat areas are brought into focus, the security resources can be applied to solve specific problems.
HCRQ EXPERIENCE
On the JFK AirTrain project, we provided the role of "Safety and Security Manager" for the Air Rail Transit Consortium (Bombardier, Slattery Skanska, STV, Perini). We liaised with the Port Authority of New York & New Jersey (e.g., safety committee, security committee, Port Authority Police, Port Authority Fire Department) and were responsible for the production of:
Due to the reputation we gained in the role of "Safety and Security Manager" (sometimes known as "Safety and Security Officer"), HCRQ was awarded other similar contracts such as the Chief Safety and Security Officer on the Eglinton Crosstown LRT project.
- system security program plan,
- security threat & vulnerability analysis,
- access control plan,
- wayside intrusion detection analysis, and
- security system design document.
Due to the reputation we gained in the role of "Safety and Security Manager" (sometimes known as "Safety and Security Officer"), HCRQ was awarded other similar contracts such as the Chief Safety and Security Officer on the Eglinton Crosstown LRT project.