1 / 22

Mr. Michael X Clawson HQ AFCESA/CESC 17 August 2004

Designing Water System Security Measures . Mr. Michael X Clawson HQ AFCESA/CESC 17 August 2004. Overview. Air Force & Dod Guidance & Policy False assumptions about water system security Water System Security Measures Source Water (Before Treatment) Treatment Plants Distribution System

bernad
Download Presentation

Mr. Michael X Clawson HQ AFCESA/CESC 17 August 2004

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Designing Water System Security Measures Mr. Michael X Clawson HQ AFCESA/CESC 17 August 2004

  2. Overview • Air Force & Dod Guidance & Policy • False assumptions about water system security • Water System Security Measures • Source Water (Before Treatment) • Treatment Plants • Distribution System • SCADA & Controls • Contaminant detection

  3. Air Force & DoD Policy • Security Engineering Manual • Air Force AFMAN 32-1071 Vol 1-4 • Army TM 5-853-1/2/3/4 • For Official Use Only • Comprehensive publication covering everything from front gate, fence, & facility criteria to water systems. • Each Chapter being converted into a separate UFC • Current publication is to massive to efficiently update and keep current and has not been updated in many years • Breaking chapters into separate documents update process and coordination simpler & quicker • Funding for converting chapter on water system security has been requested.

  4. Air Force & DoD Policy • Air Force ETL 04-5 Design Recommendations for Potable Water System Security • Issued August 2004 • For Official Use Only • Contains additional recommendations for water system security • Measures in ETL are optional • Designed to fill gap between AFMAN 32-1067 and new information & technology on water system security • Interim document to be used until new UFC on water system security is published

  5. False Assumptions About Water System Security • Water systems are not mission critical assets • Water system pressure provides security against contamination • Water systems have sufficient redundancy • Dilution in water systems means large quantities of toxins are necessary • Physical security alone can protect systems

  6. Source Water Vulnerabilities • Water course contamination sources • Chemical & fuel manufacturing bulk storage facilities • Road & Railroad crossings • Industrial impounds, mills, and mines • Nuclear Facilities • Intake structures • Wellhead contamination • Piping

  7. Source Water Protection Measures • General Measures • Backup/Alternate source • Intrusion detection systems • Surface Water • Restrict access near intakes • Bank Filtration/infiltration galleries • Wellhead security measures • Wellhead protection plan • Restrict access & activities in wellhead area • Enclosed well houses • Fenced well area

  8. Treatment Plant Vulnerabilities • Treatment plants have numerous vulnerabilities • Areas open to atmosphere • Chemical injection points • Hazardous material storage

  9. Treatment Plant Protection Measures • Where feasible, totally enclose treatment plant • Provide multiple layers of security & fencing • Intrusion Detection • Electronic monitoring of valves, pumps, equipment settings, chemical levels, etc.

  10. Distribution System Vulnerabilities • Smaller amount of contaminate needed • Pump can be used to overcome system pressure and introduce contaminates • Hydrants • Facilities • Destruction of key nodes can affect entire system • Storage tanks at atmospheric pressure • Pump houses • Meters & Backflow preventors

  11. Distribution System Protection Measures • Prevent unauthorized access • Fence, alarm, and secure critical components • Develop hydraulic model • Can be used to determine critical nodes • Can predicted contaminate travel when injection point is known • By developing unidirectional flushing plan, it can help restore system after contamination

  12. Distribution System Protection Measures • Valves • Secure and lock all valve • Eliminate quick closing valves • Tamper resistant fire hydrants are NOT recommended

  13. Distribution System Protection Measures • Storage tanks • Remove vegetation or other items that may hide an attacker • Install lighting • Install locks, tampering/ intrusion alarms, and/or security cameras on tank ladders, scuttles, access panels, access ways, air vents, etc. • Secure ladders/tank access • Harden tank vents/overflows

  14. SCADA & Electronic Controls • Attacker does not have to physically be present • Can be miles away or half way around the world • SCADA attack can be used to damage controls/electronics or actual system components • Example – Wastewater system attack in Australia • Disgruntled employee of a consultant used SCADA vulnerabilities and laptop computer to attack system • Controlled pumps & valves and caused raw sewage to be dumped in waterways, parks, and neighborhoods • Only caught when police found computer equipment and stolen cell phone during a traffic stop

  15. SCADA & Electronic Controls Protection Measures • Develop a attack detection strategy • Develop an attack response plan • Conduct a thorough analysis to assess the risk and necessity of each connection to the SCADA network. Identify and evaluate the following types of connections: • Internal local area networks (LAN) and wide area networks (WAN) • Internet • Wireless network devices • Modem or dial-up connections • Connections to contractors, consultants, vendors, or regulatory agencies

  16. SCADA & Electronic Controls Protection Measures • Isolate the SCADA network from other network connections • Some SCADA systems use unique proprietary protocols for communications and the security some SCADA systems is based solely on the secrecy of these protocols. • Many older SCADA/EMCS systems have few or no security features. • Eliminate backdoors or vendor interfaces to the SCADA/EMCS system • Install SCADA/EMCS overrides for local control points are critical to operate the system in the event of attack

  17. Contaminate Detection Systems • There are two types of contaminate detection systems • Single sample testing • Continuous on line monitoring • The EPA has approved several “Rapid Toxicity Testing Systems” to test single samples • Mainly for chemical agent detection • Information on these systems is available from the EPA website

  18. Contaminate Detection Systems • An ideal continuous on-line warning system would: • monitor parameters that provide sufficient warning time • Detect a wide range of contaminants • Chemical & biological • Be affordable • Be reliable • Be easy to operate • And give a minimal number of false alarms • Unfortunately, the currently available on-line systems fail to meet one or more of these criteria

  19. Contaminate Detection Systems • Several systems under development show great promise in detecting virtually all potential terrorist agents • These systems include detectors using: • Immunoassays • Bioactive compounds • Deoxyribonucleic acid/ribonucleic acid (DNA/RNA) • And other methods • Technology promises very low detection limits • little as a single cell of a biological agent • or a few molecules of a chemical agent • Most are one to several years away from commercial release

  20. Contaminate Detection Systems • For these reasons, continuous monitoring systems are not currently recommended for widespread implementation • Regardless of the detection method, it is necessary to have an appropriate response plan to follow when something is detected

  21. Conclusion • Water systems are vulnerably • Hardening water system alone does not provide security • Water system security must be a comprehensive program that includes • Delaying an adversary • Detecting the adversary • And the appropriate response

  22. Questions Michael X. Clawson, PE, REM HQ AFCESA/CESC 139 Barnes Drive, Suite 1 Tyndall AFB, FL 32403-5319 (850)283-6362 DSN 523-6362 FAX: (850)283-6219 DSN FAX 523-6219 E-mail: Michael.Clawson@tyndall.af.mil

More Related