With this in mind, a reader challenged me to take a look at CFATS and see if there were any potential ‘all hazards’ problems that the CFATS program ought to look at. I always appreciate a challenge and love to tell government people what they ought to do. More importantly it will allow us to take a look at the real purpose of looking at security programs.
What are the Hazards
First off lets define the different categories of hazards that can affect high-risk chemical facilities and I would like to limit those hazards those that could result in an off-site hazard uniquely traced to the chemical facility. For example, a flue epidemic could cause a worker shortage that could cause serious business consequences for a chemical facility, but those consequences would be no different for a food processor, widget manufacturer or any other non-chemical employer.
Potential hazards could include:
● Terrorist attacks (duh)Now any of these hazards could result in hazardous situations for neighbors and local communities. The first category is the type of hazard that the CFATS program is specifically designed to regulate and reduce the potential consequences; reduce the consequences by reducing the probability of a successful attack.
● Natural disasters (floods, fires, hurricanes, tornados, etc)
● Utility disruptions (stoppage of water, electric, gas, etc)
● Mechanical integrity problems (failure of equipment)
● Process upsets (over/under pressure, over/under temperature, too much/little flow, etc)
● Personnel upsets (shooters, sabotage, etc)
● Management issues (failure to comply with various regulations, failure to provide for maintenance, failure to provide training, etc)
Other Hazards and CFATS
Two other hazards on the list can be directly related to terrorist attacks and so should be addressed in some manner under the CFATS program. If utility disruptions can lead to a chemical release or uncontrolled chemical reaction then disrupting those utilities could be a tool for a terrorist attack. If a disgruntled or unstable employee can be influenced or controlled by a terrorist organization then their actions can be made part of a terrorist attack.
The natural disasters category can have a potential impact on security operations at high-risk chemical facilities. I have addressed those in a couple of hurricane related blogs. Facilities in areas with well known natural hazards should address the potential responses to security issues related to those hazards in their security planning process.
Process upset problems caused by externally generated computer problems (worms, viruses and Trojans targeted generally at computers rather than specifically at the control system or the facility) will be prevented to some degree by the control system security procedures put in place as part of the site security plan.
As CFATS is currently configured (and authorized), it appears that those are the limits of the ‘all hazards’ considerations addressed in the CFATS program. Other federal programs (primarily EPA and OSHA), to one degree or another, address the remaining issues at many of the chemical facilities covered under the CFATS programs.
CFATS and Remaining Hazards
There is also another way of looking at this; we can ask: “Is there anyway that the CFATS process can affect the prevention and response to the other hazards?” Do things that are done because of CFATS security plans contribute to or detract from dealing with these?
I can’t think of anything in a properly crafted, well thought out security plan that would detract from dealing with any of these hazards. I have heard people question the potential effects of CVI on dealing with outsiders, but that should only apply to CFATS information in a CFATS context. If the information is not presented in a security context CVI should have no effect on disclosure.
Some people have also expressed concerns that searches, restricted areas and other personnel restrictive measures will make it more difficult for emergency responders, utility personnel and contractors to respond to problems at the facility. That should not be true for emergency response personnel, especially when the security force knows that they are expected. The brief delays to verify utility personnel and contractor identities should not cause any significant problems. The only potential problem area is the escorting requirements after normal operational hours and that does deserve special mention in security plans.
Likewise, I don’t see anything in the CFATS rules or the Risk Based Performance Standards Guidance that specifically helps to make these problems easier to deal with. Some of the internal surveillance tools might make it easier to manage an incident related to these hazards. The facility security center (if the facility establishes one on site) would probably be a good location for the emergency management team to work out of because of the communications and surveillance tools available.
CFATS – Chemical Facility All-hazards Threat Solution
Since the real goal of the current CFATS program is to really prevent off-site consequences of a terrorist attack, couldn’t many of the same tools be used to prevent off-site consequences from these other hazards as well? The short answer to this question is actually: No. Since CFATS focuses on preventing attacks instead of managing consequences of an attack the utility of the CFATS tools in managing the consequences of these other hazards is minimal at best. The CFATS prevention tools are not really useful in preventing most of these other types of hazards; guards are not going to stop a hurricane.
If consequence management tools were added to the CFATS programs the answer would change significantly. I have often argued that the major drawback of the CFATS program is that it essentially ceases to function once the toxic cloud has been released. There are no provisions for off-site consequence management or planning. There are good reasons for that; a private facility can not be made responsible for governmental responses off-site. But it is still a major shortcoming of the program.
I’ll take a more detailed look at how CFATS could be made more of an ‘all hazards’ program in a future posting.
No comments:
Post a Comment