Short Takes – 6-3-26 - Federal Register Edition

Generic Clearance for the Collection of Qualitative Feedback on National Security and Emergency Preparedness Communications (NSEPC). Federal Register CISA 30-day information collection request for new ICR. Summary: “To continuously work to ensure that programs are effective and meet customers' needs, the Cybersecurity and Infrastructure Security Agency Emergency Communications Division seeks to obtain OMB approval through the generic clearance process to collect qualitative and quantitative feedback on national security and emergency preparedness communications. Qualitative feedback means information that provides useful insights on perceptions and opinions but are not statistical surveys that yield quantitative results that can be generalized to the population of study.” 

Evaluation of Emergency Communications Division Interoperable Communications Technical Assistance Program Training Program. Federal Register CISA 60-day ICR request for new ICR. Summary: “The online survey will be created and sent using Qualtrics, a survey software. The evaluation team will provide a link via email that participants can use to access and complete the survey using a tablet, smartphone, or laptop. Electronic submission will ensure the maximum response rate while also permitting respondents to complete the survey at a time of their own choosing.” 

Hazardous Materials: Streamlining Requirements for the Approval of Certain Energetic Materials. Federal Register final rule. Summary: “PHMSA is amending the Hazardous Materials Regulations (HMR) by streamlining the classification and approval process for transporting certain low-hazard fireworks, revising the criteria for small arms cartridges to include tracer ammunition as eligible for self-classification, designating the PHMSA portal as the sole method to submit applications for all explosives approvals, and authorizing voluntary termination of an explosive approval by the approval holder.” 

EO 14407 - Realigning United States Core Childhood Vaccine Recommendations with Best Practices from Peer, Developed Countries. Federal Register. 

EO 14408 - Removing Unnecessary and Counterproductive Restrictions on Access to Federal Lands. Federal Register. 

CSB and 2026 Hurricane Season

Yesterday, just two days into the Atlantic Hurricane season, the Chemical Safety Board published their annual reminder about preparing facilities for potential weather issues related to hurricanes and tropical storms. They note that: 

“Although the National Oceanic Atmospheric Administration (NOAA) has predicted a below- normal hurricane this season, the threat posed by severe storms still exists. Adequate preparations by chemical facilities is critical to ensure the safety of workers, emergency responders, and surrounding communities.” 

Not much in the way of new information or recommendations, but the 2017 Arkema incident and the 2020 Bio-labs fire do remain as prime examples of the results of inadequate preparation for these unpredictably violent events. Remember that flooding, from both storm surge and rainfall, is expected to cover a wider area than severe wind damage. 

Not mentioned here is the fact that facilities far from the potential impacts of these tropical cyclones almost certainly have their own weather-related hazards to worry about. This too would be a good time to make an annual review of the weather hazards for those facilities. 

CISA Announces New CVE Partner – OMICRON Electronics

 Yesterday, CISA announced a new CVE Partner, OMICRON Electronics. This now makes OMICRON a CVE Numbering Authority under the CISA-ICS Root authority. That means that OMICRON can now assign CVE numbers and publish CVE records for vulnerabilities in its products, either those it detects itself or those reported to it. This also means that OMICRON has established a vulnerability disclosure process and point of contact for vulnerability reporting. 

As a practical matter going forward, when OMICRON publishes an advisory (see here for example) their products, the vulnerabilities reported in the advisory that are not 3rd party vulnerability would be expected to have CVE numbers assigned and included in the advisory. 

Review – 2 Updates Published – 6-2-26

Today CISA’s NCCIC-ICS published two updates for control system security advisories for products from Schneider Electric and Dreame Technology. 

Updates 

Schneider Update - This update provides additional information on the EcoStruxure advisory that was originally published on March 20th, 2025. 

Dreame Update - This update provides additional information on the Dreamehome iOS advisory that was originally published on August 7th, 2025. 

For more information on these advisories, including a brief DTRH look at failing to coordinate with CISA, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/2-updates-published-6-2-26 - subscription required. 

Review - PHMSA Publishes Break Out Tank Inspection Final Rule

Today, DOT’s Pipeline and Hazardous Materials Safety Administration (PHMSA) published a notice of proposed rulemaking in the Federal Register (91 FR 32919-32927) on “Pipeline Safety: Breakout Tank Inspection Rule”. PHMSA is proposing to update its regulations for breakout tanks to incorporate the 5th edition of API Std 653 (issued November 2014) by reference, and to authorize the use of risk-based inspection (RBI) procedures for establishing the inspection intervals of in-service breakout tanks. 

PHMSA is soliciting comments on these proposed changes. Written comments may be submitted via the Federal eRulemaking Portal (www.Regulations.gov; Docket # PHMSA-2025-1271). Comments should be submitted by August 3rd, 2026. PHMSA is also planning on conducting a public meeting to receive comments. The date and time of that meeting will be announced in the Federal Register. 

For more information on the provisions of this NPRM, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/phmsa-publishes-break-out-tank-inspection - subscription required. 

Review - CISA Publishes ChemLock Initial 30-day ICR Notice

Today, CISA published a 30-day information collection request (ICR) notice in the Federal Register (91 FR 32993-32994) for a new ICR for their ChemLock program. The 60-day ICR notice was published on December 31st, 2024. The table below shows the burden estimate for this ICR. 

Request for Comments 

CISA is soliciting comments on this ICR notice. Comments may be submitted via the Federal eRulemaking Portal (www.Regulations.gov, Docket # CISA-2024-0034). Comments should be submitted by July 2nd, 2026. 

No comments were received on the 60-day ICR notice. 

Commentary 

The disruptions that CISA suffered in the first year of the new Administration certainly contributed to the delay in issuing today’s notice. I hope that its publication signals that there is a resurgence of interest in chemical facility security. Since the demise of the CFATS program, I have been advocating an increased emphasis on the ChemLock program as a method, and this would certainly be a necessary first step in that increase. 

For more details about the buden estimate for this ICR, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/cisa-publishes-chemlock-initial-30 - subscription required. 

FCC Sends Space Modernization Final Rule to OMB

 Yesterday, the OMB’s Office of Information and Regulatory Affairs (OIRA) announced that it had received a final rule from the FCC on “Space Modernization for the 21st Century (SB Docket No. 25.306)”. The notice of proposed rulemaking was published on December 5th, 2025. 

This rulemaking was not listed in the Spring 2025 Unified Agenda. The preamble to the NPRM noted that: 

“As we re-design the Commission's space licensing processes to increase speed, predictability, and flexibility we must do so in a way that guides our determination as to whether a license for space-based communications is in the public interest based on evaluation in these areas. We recognize that a process which efficiently and effectively reviews license applications for these factors will promote the wide availability of communications delivered by a thriving space economy employing new technologies. In addition, it is our intention that by simplifying and modernizing our space licensing procedures we will ensure that the use of part 5 experimental licenses will again be for the testing and development of truly novel space concepts.” 

I will not be covering this rule in any detail, but as part of my limited Space Geek coverage, I will report its publication in the appropriate Short Takes post.