Both the House and Senate will be back in Washington after a long two week spring break. The committee calendars are on the light side, particularly in the Senate. That may be due to slow posting of committee meetings, however. There are four hearings this week that may be of specific interest to readers of this blog: one hazmat transportation, two cybersecurity and one that will deal with MTSA activities.
DOT Regulations Update
The Subcommittee on Railroads, Pipelines, and Hazardous Materials of the House Transportation and Infrastructure Committee will be holding an oversight hearing on Tuesday on ongoing DOT rail, pipeline and hazmat rulemakings. Two acting administrators (FRA and PHMSA) and the NTSB Chair will be witnesses.
The Committee Staff has put together a nice overview document for the hearing. Topics of interest will include:
∙ Automatic and Remote-Controlled Shut-Off Valves for New Transmission Pipelines;
∙ Maximum Allowable Operating Pressure;
∙ Integrity Management;
∙ Leak Detection;
∙ DOT “High-Hazard Flammable Train” Rule;
∙ Special Permits and Approvals;
∙ Hazardous Materials Safety Permits; and
∙ Tank truck wet lines
This will probably be a pretty contentious hearing. Interesting side note; the Staff report notes that the HHFT rule is due to be published May 12th. We will have to wait and see how that works out.
This week there will be markup of two draft cybersecurity bills; both on Tuesday. The first will be another information sharing bill (National Cybersecurity Protection Advancement Act of 2015). This will be a full committee markup by the House Homeland Security Committee. The second is a breach notification bill (Data Security and Breach Notification Act of 2015). This will also be a full committee markup, this time by the House Energy and Commerce Committee and it will include two other bills so a two day hearing is scheduled.
There are some interesting differences between this bill and the other introduced earlier. It does not specifically include industrial control systems in the definition of ‘information system’, but it does specifically make the DHS ICS-CERT the agency responsible for sharing control system security information. I’ll have more information on all of these bills in a later post.
At present there is nothing in the breach notification bill that applies to control systems since it only deals with breaches where personally identifiable information is involved. I’ll watch the approved amendments to see if anything expands that to include control system information.
Coast Guard Mission
On Wednesday the Subcommittee on Coast Guard and Maritime Transportation of the House Transportation and Infrastructure Committee will be holding an oversight hearing on the mission of the Coast Guard. The only witness scheduled is Deputy Commandant for Operations. The Committee Staff has again produced an overview document.
An interesting point made in this document is that the ‘Ports, Waterways and Coastal Security’ mission of the Coast Guard is the most costly in terms of spending and ‘resource hours’. Given this fact it is interesting to note that of all Homeland Security Missions PWCS has had the history of meeting its operational metrics. In fact of the six sub-missions listed for PWCS only one had not successfully met its operations performance measures in 2013; Security Compliance Rate for High Risk Maritime Facilities (the MTSA program). It will be interesting to hear more about the problems in this program.