Review – S 1180 Introduced – Abolish TSA Act

Last month Sen Lee (R,UT) introduced S 1180, the Abolish TSA Act of 2025. The bill would required DHS and DOT to establish a plan to “expeditiously eliminate or transfer all authorities, enforcement functions, and programs” of the TSA to the Department of Transportation. It would abolish the TSA three years from the date of enactment of the bill. No new funding is provided.

Moving Forward

Neither Lee, nor his sole cosponsor, Sen Tuberville (R,AL) are members of the Commerce, Science, and Transportation Committee to which this bill was assigned for consideration. This means that there will not be sufficient influence to see the bill considered in Committee. I suspect that there would be substantial Republican opposition to the bill, so that there would be little chance of passage if it were considered. There would certainly not be 60 votes in the Senate to move the bill forward for consideration.

Commentary

While §5(b)(5) would require the plan to transfer all surface transportation functions of the TSA to the Department of Transportation, it does not specifically address TSA’s responsibilities for security threat assessments for TWIC program, which is more of a Coast Guard (DHS) program rather than DOT surface transportation program. The cavalier, single paragraph treatment of surface transportation security issues is to be expected, as this has always been a bastard step-child of TSA operations, but there should have been language requiring the transfer of the TWIC security assessments to the Coast Guard, not DOT.

 

For more information about the provisions of this bill, including an expanded commentary, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/s-1180-introduced - subscription required. 

Short Takes – 4-29-25

Spain's blackout: Cyber or Not? An unbiased technical analysis. LinkedIn.com article. Well worth the read pending completion of a real world investigation of the incident. Pull quote: “That said, I don't completely rule out the possibility that this could have been a cyberattack, though I would be extremely surprised...and terrified it were. I sincerely hope that’s not the case.”

Falling vaccine rates could mean millions of measles cases: Study. TheHill.com article. Pull quote: “But if vaccination rates drop just 10 percent, there could be 11.1 million measles cases in that same time frame. If vaccination rates drop by 50 percent, there could be 51.2 million cases of measles over the next 25 percent, the study notes.”

'I didn't look too good because I didn't feel too good': NASA astronaut Don Pettit explains why he seemed so unwell after landing. Space.com article. Pull quote: “"Some people can roll off a [space] shuttle flight, and they're ready to go out and have pizza and dance," Pettit said. "Someone like me, coming back to Earth has always been a significant challenge. And even with a 16-day shuttle mission, that felt about like being gone for six months on space station. And that's just my physiology."”

Radian Aerospace lays out its plan to create reusable re-entry vehicle for hypersonic tests. GeekWire.com article. Pull quote: “Radian says the insights gained from R3V’s uncrewed test flights will inform critical elements of the Radian One mission platform, including aerodynamic performance, guidance and control, and the operability of subsystems such as propulsion and thermal protection.”

The Judge Dugan Case Is More Complicated Than It Seems. LawfareMedia.org article. Pull quote: “The facts are obviously not all in for this case charged less than a week ago based on events that occurred less than two weeks ago. But one thing is clear. The competing narratives—that Judge Dugan represents a threat to the rule of law, or that her prosecution does—both sacrifice accuracy and nuance on the altar of political expediency.”

Firefly’s rocket suffers one of the strangest launch failures we’ve ever seen. ArsTechnica.com article. Pull quote: “While Firefly's live video of the launch lacked a clear, stable view of first-stage separation, the appearance of white vapor is a sign that the rocket was likely emitting propellant. It wasn't immediately obvious whether the first stage recontacted the upper stage after separation or if the booster exploded and harmed the upper stage engine.”

EO 14284 - Strengthening Probationary Periods in the Federal Service. Federal Register.

EO 14285 - Unleashing America's Offshore Critical Minerals and Resources. Federal Register.

Review – 2 Advisories and 1 Update Published – 4-29-25

Today, CISA published two control system security advisories for products from Delta Electronics and Rockwell Automation. They also updated an advisory for products from Lantronix.

Advisories

Delta Advisory - This advisory describes three vulnerabilities in the Delta ISPSoft programing software.

Rockwell Advisory - This advisory describes two vulnerabilities in the Rockwell ThinManager.

Updates

Lantronix Update - This update provides additional information on the XPort advisory that was originally published on April 15^th, 2025.

 

For more information on these advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/2-advisories-and-1-update-published-33b - subscription required.

Review – HR 2344 Introduced - Water ISAC Threat Protection Act

Last month Rep Schakowsky (D,IL) introduced HR 2344, the Water Intelligence, Security, and Cyber (Water ISAC) Threat Protection Act. The bill would require the EPA to carry out a program to support, and encourage participation in, the Water Information Sharing and Analysis Center (W-ISAC). The legislation would authorize $10-million for FY 2024 and FY 2025 to support this initiative.

This bill is very similar (with the exception of the bill’s short title) to HR 1367 that was introduced by Schakowsky in March 2023. No action was taken on that bill in the 118^th Congress.

Moving Forward

Schakowsky and her sole cosponsor, Rep Mullins (R,OK) are members of the House Energy and Commerce Committee to which the bill was assigned for secondary consideration. While this may provide sufficient influence to see the bill considered in that Committee, it will not provide sufficient influence to see the bill considered in the House Transportation and Infrastructure Committee to which this was assigned for primary consideration. In fact, the T&I chair may consider this bill an assault on that Committee’s oversight prerogatives, resulting in active opposition to the bill.

 

For more information on the provisions of the bill, including an expanded ‘Moving Forward’ section, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/hr-2344-introduced - subscription required. 

New Presidential Rule Making

President Trump has greatly expanded the use of Executive Orders. Today, he published an executive order in the federal register (90 FR 17729-17733) that breaks new ground, even for this Administration. In EO 14284, Strengthening Probationary Periods in the Federal Service, Trump moves beyond the normal directing federal agencies to undertake rulemakings and attempts to directly change existing regulations.

The ‘rulemaking’ makes the following changes to 5 CFR Part 2:

Removes existing §2.4, Probationary Period, and

Adds a new Part 11, Probationary and Trial Periods (Rule XI).

According to §6 of the Executive Order these regulatory changes take effect today (except for §11.5 which takes effect in 90-days).

The details of this regulatory change are not of specific interest here (the regulatory intent is explained in §1). What is of concern here is the fact that this EO bypasses the regulatory process using the justification that existing regulations of concern “are not statutorily required”. This would seem to open the door to more direct regulatory actions by the Office of the President without going through the publication and comment process, or even the standard regulatory approval process within the OMB’s Office of Regulatory Affairs and Information (OIRA).

As with many of the Administration’s EO’s, I expect that this one will be challenged in the Courts.

CISA Adds Broadcom Vulnerability to KEV Catalog – 4-28-25

Yesterday CISA added a Broadcom Brocade Fabric OS code injection vulnerability to their Known Exploited Vulnerabilities catalog. The vulnerability was reported by Broadcom on April 24^th. At that time they noted that “this vulnerability has been actively exploited in the field.” Exploit code has not yet been reported by NVD.NIST.gov.

CISA has ordered federal agencies using Brocade Fabric OS to apply “mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.” A completion date of May 19^th, 2025 has been set. Since this is an operating system product, it may not be immediately apparent which agency OT/IoT assets are affected.

Short Takes – 4-28-25

Grand Jury indicts Lexington man in connection with incidents at poultry plant. WISTV.com article. Pull quote: ““There were times that he increased the amount, there were times where he decreased that amount of chemicals, but he did that after he was fired, and his access to his computer was actually a federal crime. It’s one that could have had substantial harms for the consumers as well as this company if he wasn’t caught by the FBI,” said Brook Andrews, acting U.S Attorney, District of South Carolina.”

Russian Anti-Drone GP25 Adaptor. ArmourersBench.com article. Pull quote: “It undoubtedly provides the operator with a means of engaging a drone but it also has drawbacks. The reloading process is comparatively slow meaning that the user is likely to only have one chance to engage a drone if it is one of the faster FPV drones and is unlikely to otherwise match a conventional shotgun in terms of reload times when engaging drones engaged in munitions dropping or observation. It also means the grenadier has to choose what to have loaded ready in his GP-25 in various situations. The limited availability of underbarrel grenade launchers also means that, depending on the unit, only one soldier per squad will have the ability to use the adaptor.” US Army M79 and M203 grenade launchers fire a buckshot round (20 metal pellets weighing 1.6g each (in Vietnam US gunners would frequently add shot to the round). The M79 had a flechette round which I suspect could be fired from an M203. These would probably be more effective.

New IACS/OT oriented and evidence-based effort underway for improving incident management. SCADAMag.Infracritical.com blog post. Pull quote: “Once an anomalous event in the system under consideration has been detected, reporting becomes possible. Asset owners/operators should have policies and procedures related to reporting IACS security-related events in a timely manner. What exactly to report and to whom is a problem identified in the WP. It was also noted that a poor understanding of what is an incident will make risk analysis and management difficult.”

Axiom Space’s Chief Revenue Officer tapped as new CEO. SpaceFlightNow.com article. Includes brief review of Axiom history and future plans. Pull quote: “Axiom Space said in a statement that he was pivotal in overseeing the reception of Private Astronaut Missions to the International Space Station from Axiom Mission 1 (Ax-1) through Axiom Mission 4 (Ax-4), which is due to launch in late May.”

iOS and Android juice jacking defenses have been trivial to bypass for years. ArsTechnica.com article. Pull quote: “As I reported in 2023, these warnings are mostly scaremongering, and the advent of ChoiceJacking does little to change that, given that there are no documented cases of such attacks in the wild. That said, people using Android devices that don’t support Google’s new authentication requirement may want to refrain from public charging.”

House GOP leaders move to forestall potential Signalgate votes. Politico.com article. Pull quote: “Under House rules, once a resolution of inquiry is introduced and referred to a committee, that panel has 14 legislative days to take it up or it becomes privileged on the House floor. The language included in the Rules measure Monday would essentially block that provision through Sept. 30.” Is anyone in the leadership worried about some moderate Republicans voting against the rule because of this inclusion like we saw with the anti-Luna provision?

HR 2482 Passed in House – NTIA Authorization

This afternoon the House took up  HR 2482, the NTIA Reauthorization Act of 2025, under the suspension of the rules process. After 14 minutes of debate, the House passed the bill by a voice vote. The bill now moves to the Senate.

Last session a similar bill, HR 4510, also passed in the House, but no action was taken on the bill when it reached the Senate. A number of provisions from HR 4510 were not found in HR 2482, so maybe there will be an increased chance of it being considered in Senate Commerce, Science, and Transportation Committee. As is typical for so many bills introduced, this bill is not politically important enough to take up the time needed for the Senate to consider the bill under the regular order process.

While the whole point of a program authorization bill is for the committee responsible for the oversight of the program to provide direction to the executive agency as to how the program should be carried out, it is often easier to include these relatively small program authorizations in spending bills as the bills are more likely (or at least used to be more likely) to be favorably considered in both bodies.

HR 866 Passed in House – ROUTER Act

This afternoon the House took up HR 866 the Removing Our Unsecure Technologies to Ensure Reliability and Security (ROUTERS) Act, under the suspension of the rules process. With just a little over six minutes of debate, the House passed the bill by a voice vote. The bill now moves to the Senate for consideration.

Last session the House passed a similar bill, HR 7589, but the Senate did not have time to take up the bill during the end of the 118th session. This bill is not politically important enough be considered under regular order, particularly early in a new administration. This bill might be a good candidate for the Senate’s unanimous consent process, but it may be easier to add the language to a spending or authorization bill.

Review – Committee Hearings – Week of 4-27-25

This week with both the House and Senate back in Washington from their Spring Break, there is a fairly busy hearing schedule. The House will be working on their reconciliation bill. Additionally there will be a cUAS hearing and one markup session of interest in the House. The Senate continues to focus on nomination hearings but also includes a hearing on the defense industrial base cybersecurity.

cUAS Hearing

On Tuesday, the Subcommittee on Military and Foreign Affairs of the House Committee on Oversight and Government Reform will hold a hearing on “Securing the Skies: Addressing Unauthorized Drone Activity Over U.S. Military Installations”.

Markup Hearing

On Tuesday the House Space, Science, and Technology Committee will hold a business meeting that will look at six pieces of legislation. The bills that will be covered here include:

HR 2613 - Next Generation Pipelines Research and Development Act,

HR 1223 - ANCHOR Act, and

HR TBA - Nucleic Acid Standards for Biosecurity Act (will probably be introduced today).

Defense Industrial Base

On Wednesday the Subcommittee on Cybersecurity of the Senate Armed Services Committee will hold a hearing on “To receive testimony on industry views on partnership with the Department of Defense and defense of the Defense Industrial Base”.

 

For more information on these hearings, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/committee-hearings-week-of-4-27-25 - subscription required.

OMB Approves DOT Rulemaking NPRM

On Friday the OMB’s Office of Information and Regulatory Affairs (OIRA) announced that it had approved a notice of proposed rulemaking from DOT’s Office of the Secretary on “Administrative Rulemaking, Guidance, and Enforcement Procedures”. The NPRM was sent to OIRA on March 25^th, 2025.

This rulemaking was not listed in the Fall 2024 Unified Agenda, almost certainly because this is a new initiative by the incoming administration. Back in March  Secretary Duffy issued DOT Order 2100.6B on “Rulemaking and Guidance Procedures.” That order superseded DOT Order 2100.6A that was published in June 2021. While the details of this rulemaking may end up being somewhat Trumpian, this is a relatively normal internal procedure update for a new administration. I will not be covering this rulemaking in any detail, but I will note its publication in the appropriate ‘Short Takes’ post.

HR 866 Reported in the House – ROUTER Act

Earlier this month the House Energy and Commerce Committee took up HR 866, the Removing Our Unsecure Technologies to Ensure Reliability and Security (ROUTERS) Act, in a business meeting along with 25 other pieces of legislation. Substitute language for the bill was considered and adopted by the Committee by a voice vote. On Thursday the Committee published their report (H Rept 119-75) and the reported version of the bill. The bill is scheduled to be considered by the Full House tomorrow under the suspension of the rules.

The amendment expanded the scope of the required study to specifically include ‘cybersecurity vulnerabilities’; “study of the national security risks and cybersecurity vulnerabilities posed by consumer routers, modems, and devices”. The other significant change was the insertion of a new §2(c) that requires consulting “with appropriate bureaus and offices within the Department of Commerce” during the conduct of the study.

The bill would still require the Department of Commerce to conduct a study on the national security risks of consumer routers and modems manufactured in China. No new funding is authorized by the legislation.

HR 2482 Reported in House – NTIA Reauthorization

Earlier this month the House Energy and Commerce Committee took up HR 2482, the NTIA Reauthorization Act of 2025, in a business meeting that considered 26 bills. They adopted the bill without amendment. The Committee’s report (H Rept 119-63) was published (the GPO does not yet have a copy printed) on Friday along with the reported version of the bill. HR 2482 is scheduled to be considered by the full House on Monday under the suspension of the rules process.

This bill is the latest attempt to reauthorization process for the National Telecommunications and Information Administration (NTIA). The bill would authorize $57 million in spending (down from $62 million in last year’s bill) for NTIA for FY 2025 and FY 2026. There are no cybersecurity provisions included in this year's version of the bill.

Chemical Incident Reporting – Week of 4-20-25

NOTE: See here for series background.

Fort Dodge, IA – 4-14-25

Local News Report: Here, here, here, and here.

There was a ‘fertilizer byproduct spill’ at a lysine production facility resulted in high-levels of ammonia in a nearby creek causing a fish kill incident. No damage estimates were reported and there were no reports of injuries or deaths.

Probably not CSB reportable.

Jaspeer County, IN– 4-21-25

Local News Report: Here, here, here, and here.

There was a truck fire caused by overheated breaks that caused the cans of spray paint being transported to explode. The resulting paint fire caused the interstate to be closed in both directions while the fire was brought under control. Damage was done to the pavement that caused the southbound lanes to remain closed overnight. No injuries were reported.

Not CSB reportable, this was a transportation related incident.

Review – Public ICS Disclosures – Week of 4-19-25 – Part 2

For Part 2 we have two additional vendor disclosures from Trumpf, and Zyxel. There are five vendor updates from FortiGuard (2), HPE, Palo Alto Networks, and Rockwell Automation. There are six researcher reports for products from SonicWall and MedDream (5). Finally, we have an exploit for products from OpenSSH.

Advisories

Trumpf Advisory - CERT-VDE published an advisory that discusses an improper restriction of XML external entity reference vulnerability in multiple Trumpf products.

Zyxel Advisory - Zyxel published an advisory that describes two vulnerabilities in their USG FLEX H series firewalls.

Updates

FortiGuard Update #1 - FortiGuard published an update for their RADIUS Protocol advisory that was originally published on August 13^th, 2024, and most recently updated on March 14^th, 2025.

FortiGuard Update #2 - FortiGuard published an update for their fgfm connection advisory that was originally published on April 8^th, 2025, and most recently updated on April 11^th, 2025.

HPE Update - HPE published an update for their Cray Data Virtualization Service advisory that was originally published on April 18^th, 2025.

Palo Alto Networks Update - Palo Alto Networks published an update for their GlobalProtect App advisory that was originally published on April 9^th, 2025, and most recently updated on April 11^th, 2025.

Rockwell Update - Rockwell published an update for their ThinManager advisory that was originally published on April 15^th, 2025.

Researcher Reports

SonicWall Report - BishopFox published a report on a NULL pointer dereference vulnerability in the SonicWall Sonic OS product.

MedDream Reports - ZDI published five reports describing individual vulnerabilities in the MedDream PACS Server.

Exploits

OpenSSH Exploit - Milad Karimi published an exploit for a race condition vulnerability in the OpenSSH server.

 

For more information on these disclosures, including links to exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-4-d2e - subscription required.

Short Takes – 4-26-25

America is not prepared for drone warfare in the homeland — yet. TheHill.com commentary. Pull quote: “Unfortunately, the ability to defend against drone attacks from any enemy, foreign or domestic, is severely hampered by a legal framework that has lagged behind this emerging threat. It turns out there is a complex web of federal laws that criminalize efforts to damage, disable or even detect or track drones.”

Notice of Rail Energy Transportation Advisory Committee Meeting. Federal Register STB meeting notice. Summary: “RETAC was formed in 2007 to provide advice and guidance to the Surface Transportation Board (Board), and to serve as a forum for discussion of emerging issues related to the transportation of energy resources by rail. Establishment of a Rail Energy Transp. Advisory Comm., EP 670 (STB served July 17, 2007). The purpose of this meeting is to facilitate discussions regarding issues including rail service, infrastructure planning and development, and effective coordination among suppliers, rail carriers, and users of energy resources. Potential agenda items for this meeting include a rail performance measures review, industry segment updates by RETAC members, and a roundtable discussion.”  Meeting date: May 29^th, 2025.

Notice of Request for Public Comments on Section 232 National Security Investigation of Imports of Trucks. Federal Register BIS request for comments. Summary: “On April 22, 2025, the Secretary of Commerce initiated an investigation to determine the effects on the national security of imports of medium-duty trucks, heavy-duty trucks, and medium- and heavy-duty truck parts, and their derivative products. This investigation has been initiated under section 232 of the Trade Expansion Act of 1962, as amended (Section 232). Interested parties are invited to submit written comments, data, analyses, or other information pertinent to the investigation to the Department of Commerce's (Department) Bureau of Industry and Security (BIS), Office of Strategic Industries and Economic Security. This notice identifies issues on which the Department is especially interested in obtaining the public's views.” Comments due May 16^th, 2025.

Notice of Request for Public Comments on Section 232 National Security Investigation of Imports of Processed Critical Minerals and Derivative Products. Federal Register BIS request for comments. Summary: “On April 22, 2025, the Secretary of Commerce initiated an investigation to determine the effects on the national security of imports of processed critical minerals as well as their derivative products. This investigation has been initiated under section 232 of the Trade Expansion Act of 1962, as amended (Section 232). Interested parties are invited to submit written comments, data, analyses, or other information pertinent to the investigation to the Department of Commerce's (Department) Bureau of Industry and Security (BIS), Office of Strategic Industries and Economic Security. This notice identifies issues on which the Department is especially interested in obtaining the public's views.” Comments due: May 16^th, 2025.

DOGE deactivates 500,000 credit cards in unprecedented new program. NewsBreak.com article.  Pull quote: “DOGE wrote on their X account, "The program to audit unused/unneeded credit cards has been expanded to 30 agencies. After 7 weeks, ~470k cards have been de-activated. As a reminder, at the start of the audit, there were ~4.6M active cards/accounts, so still more work to do."”

EO 14278 - Preparing Americans for High-Paying Skilled Trade Jobs of the Future. Federal Register.

EO 14279 - Reforming Accreditation To Strengthen Higher Education. Federal Register.

EO 14280 - Reinstating Commonsense School Discipline Policies. Federal Register.

EO 14281 - Restoring Equality of Opportunity and Meritocracy. Federal Register.

EO 14282 - Transparency Regarding Foreign Influence at American Universities. Federal Register.

EO 14283 - White House Initiative To Promote Excellence and Innovation at Historically Black Colleges and Universities. Federal Register.

Review – Public ICS Disclosures – Week of 4-19-25 – Part 1

This week we have 18 vendor disclosures from Bosch, Broadcom, CODESYS, Hitachi (3), HPE (6), Milestone, Mitsubishi, Philips (2), and SEL (2).

Advisories

Bosch Advisory - Bosch published an advisory that describes 15 vulnerabilities in their ctrlX OS product.

Broadcom Advisory - Broadcom published an advisory that discusses an improper isolation or compartmentalization vulnerability in multiple Broadcom products.

CODESYS Advisory - CODESYS published an advisory that describes a forced browsing vulnerability in multiple CODESYS products.

Hitachi Advisory #1 - Hitachi published an advisory that discusses three vulnerabilities (one with publicly available exploit) in their JP1/Automatic Operation products.

Hitachi Advisory #2 - Hitachi published an advisory that describes an insertion of sensitive information into a log file vulnerability in their Ops Center Common Services within Hitachi Ops Center OVA.

Hitachi Advisory #3 - Hitachi published an advisory that describes a use of default credentials vulnerability in Ops Center Common Services within Hitachi Ops Center Analyzer viewpoint OVF.

HP Advisory - HP published an advisory that discusses two vulnerabilities in multiple HP products.

HPE Advisory #1 - HPE published an advisory that discusses five vulnerabilities (3 with publicly available exploits, one listed in CISA’s KEV catalog) in their Telco Unified OSS Console.

HPE Advisory #2 - HPE published an advisory that discusses four vulnerabilities (one with publicly available exploit) in their Superdome Flex 280 and Compute Scale-up Server 3200 platforms.

HPE Advisory #3 - HPE published an advisory that discusses an OS command injection vulnerability in their SAN Switches with Brocade Fabric OS.

HPE Advisory #4 - HPE published an advisory that discusses 13 vulnerabilities in their Telco Network Function Virtualization Orchestrator Software.

HPE Advisory #5 - HPE published an advisory that discusses a deserialization of untrusted data vulnerabilities (listed in CISA’s KEV catalog) vulnerability in their Telco Service Orchestrator.

HPE Advisory #6 - HPE published an advisory that discusses three vulnerabilities in their Telco Service Activator.

Milestone Advisory - Milestone published an advisory that describes a missing encryption of sensitive data vulnerability in their XProtect installer.

Mitsubishi Advisory - Mitsubishi published an advisory that describes an improper validation of specified quantity in input vulnerability in multiple FA products.

Philips Advisory #1 - Philips published an advisory that discusses five Apple vulnerabilities.

Philips Advisory #2 - Philips published an advisory that discusses two Google Chrome vulnerabilities.

SEL Advisory #1 - SEL published a software update notice that includes cybersecurity enhancements for their SEL-5702 Synchrowave Operations product.

SEL Advisory #2 - SEL published a software update notice that includes cybersecurity enhancements for their Blueframe OS.

For more information on these disclosures, including links to 3^rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-4-83e - subscription required.

Short Takes – 4-25-25

Catenane with tuneable mechanical chirality created. ChemistryWorld.com article. Just a bit Chem-Geeky. Pull quote: “While the approach works in solution too, complete control of chirality can currently only be achieved in the solid state. ‘When the molecule is crystalised with the chiral anion, the crystal packing of one diastereomer is so favourable compared to the other that a single diastereomer of the crystal is formed,’ comments Goldup. ‘This is important because although mechanically chiral molecules with fixed stereochemistry have been shown to have exciting potential applications in areas like catalysis and chiral emission, making them enantiopure is still difficult.’”

China selects international payloads for Chang’e-8 lunar south pole mission. SpaceNews.com article. Pull quote: “Chosen payloads include multi-functional robots, rovers, and instruments for astronomy and analyzing particles, imagers and a laser retroreflector. The mission will include a Chinese rover, a Pakistani rover, and, for the first time in a Chinese lunar mission, micro-rovers jointly developed by a Turkish university, a Chinese university and a private company.”

Isaacman calls potential NASA science cuts not “optimal”. SpaceNews.com article. Pull quote: “That includes appearing to break with the White House on the future of the Roman Space Telescope. “To my knowledge, the Nancy Grace Roman Space Telescope is nearing completion and remains on schedule and within budget—something that is unfortunately rare for flagship programs at the agency,” he said in response to another question from Schatz. “I’m not aware of any reason why it should be canceled, and I would support its completion and successful deployment.””

First foodborne illness tied to Bacillus velezensis found in bakery cake outbreak. FoodSafetyNews.com article. Pull quote: “nvestigators identified undercooking and 72-hour storage as key factors that allowed B. velezensis spores — naturally present in flour or added to crops as an inoculant — to multiply. A dose-response relationship showed that higher consumption (up to 504 grams) increased the likelihood of illness, with odds 9.23 times higher for those exposed. Noticing a bad odor reduced consumption by an average of 151 grams.”

Review - CSB Updates Accidental Release Reporting Database – 4-17-25

Yesterday the CSB updated their published list of reported chemical release incidents. They added 39 new incidents that occurred since the previous version was published in January. These are not incidents that the CSB is investigating, these are incidents that were reported to the CSB under their Accidental Release Reporting rules (40 CFR 1604).

The table below shows the top six states based upon the number of reported incidents since the January update was published.

INSERT Top 5 for Incidents graphic

For more information on the data, including a listing of chemical incidents reported in the news that should have been reported to CSB, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/csb-updates-accidental-release-reporting-849 - subscription required. 

OMB Approves PHMSA LNG Facilities ANPRM

Yesterday the OMB’s Office of Information and Regulatory Affairs announced that it had approved an advanced notice of proposed rulemaking (ANPRM) on “Pipeline Safety: Amendments to Liquefied Natural Gas Facilities”. The ANPRM was sent to OIRA on April 15^th, 2025.

According to the Fall 2024 Unified Agenda entry for this rulemaking:

“This rulemaking would update incorporated industry standards and revise all subparts of part 193 as needed. These updates to part 193 would address the risks associated with today's liquefied natural gas facilities, including permanent, small scale liquefied natural gas pipeline facilities as required by section 27 of the PIPES Act of 2016. These updates would also address section 110 of the PIPES Act of 2020 regarding operating and maintenance standards.”

Please note that that summary was written under the Biden Administration, and the new Administration has had almost four months to put their stamp on this rulemaking. Part of that effort may be the reason for the disconnect between the ‘prerule’ status of this rulemaking in OIRA’s announcement and the ‘proposed rule stage’ listed in the most recent Unified Agenda entry. We will know which it is when the rule makes it to the Federal Register in the next week or so.

Transportation Chemical Incidents – Week of 3-22-25

Reporting Background

See this post for explanation, with the most recent update here (removed from paywall).

Data from PHMSA’s online database of transportation related chemical incidents that have been reported to the agency.

Incidents Summary

• Number of incidents – 377 (370 highway, 7 air, 0 rail, 0 water)

• Serious incidents – 0 (0 Bulk release, 0 evacuation, 0 injury, 0 death, 0 major artery closed, 1 fire/explosion, 36 no release) Note: there were two reports where both the ‘Spillage’ and “No Release’ boxes were checked, there is little quality control on the part of submitters.

• Largest container involved – 2,600-gal DOT 406 Tank Truck {Diesel Fuel} Driver over filled UST.

• Largest amount spilled – 40-gal Plastic IBC {Environmentally Hazardous Substances, Liquid, N.O.S.} Load shifted in transit.

NOTE: Links above are to Form 5800.1 for the described incidents. Links not working for incident reports.

Most Interesting Chemical: Thiourea Dioxide: A white or light-yellow odorless crystalline powder. Mp:126°C. Soluble in water (27 g / L at room temperature). Decomposes exothermically at temperatures above 126°C with the emission of noxious gases (sulfur oxides, ammonia, carbon monoxide, nitrogen oxides and hydrogen sulfide) and carbon dioxide. Extended exposure to temperatures above 50°C and moisture may cause visible decomposition. Irritating to skin and mucous membranes. Corrosive to eye tissue. Used in leather processing, the paper industry, photographic industry, and in textile processing as a bleaching agent. Flammable/combustible material. May ignite on contact with moist air or moisture.  (Source: CameoChemicals.NOAA.gov).

 

Review - Bills Introduced – 4-24-25

With the House and Senate meeting in the last pro forma session of their Spring Break, there were 55 bills introduced. Two of those bills may receive additional attention in this blog:

HR 3001 To advance commonsense priorities. Fitzpatrick, Brian K. [Rep.-R-PA-1] 

HR 3026 To reinstate employees removed from the Cybersecurity and Infrastructure Security Agency, to limit the removal of employees from such Agency, to prohibit DOGE employees from working at such Agency, and for other purposes.

Space Geek

As part of the limited Space Geek coverage in this blog I would like to call attention to the following bill:

HR 2984 ASTRO Act Babin, Brian [Rep.-R-TX-36] (Text available here)

 

For more information on these bills, including legislative history for similar bills in the 118^th, as well as two bills mentioned in passing, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/bills-introduced-4-24-25 - subscription required.

Short Takes – 4-24-25

Simple blood test could enable detection of Parkinson’s disease before symptoms emerge. ChemistryWorld.com article. Pull quote: “However, Barran highlights that surveys have suggested that only half of people with Parkinson’s would have liked to know their status earlier, because currently there is no cure. ‘As a test currently, this is not appropriate and would not be useful except for a very small – about 12 to 14% – number of people who have a genetic link,’ she explains. ‘Those people tend to want to know because their chances of getting Parkinson’s are higher than people who don’t have [a genetic link]…. Where learning about those people’s Parkinson’s status is useful clinically, is that treatments are being developed for people who have genetic risk factors.’”

Anti-Vaxxers Are Grifting Off the Measles Outbreak—and Claim a Bioweapon Caused It. Wired.com article. Pull quote: ““This is the standard radical anti-vaccine extremist playbook,” Imran Ahmed, CEO of the Center for Countering Digital Hate, tells WIRED. “You can see RFK Jr. has translated his anti-vaccine lies into political power. You can see others have converted it into economic power. And there’s some that just do it because it makes them feel good to be listened to, to be important, to be the center of a community. There’s always an ulterior motive.””

DOGE vs. TSCA: Is EPA Prepared?  Pull quote: “She [Shari Barash, director of new chemicals within the Office of Pollution Prevention and Toxics] also added that she doesn't think the new chemicals division will face severe cuts, given the administration's focus on reducing the review backlog. “I feel like the new chemicals program is hopefully well-positioned to maintain our resources,” she said. “I haven't been informed at this point, so we're all hopeful.””

Bad News for China: Rare Earth Elements Aren’t That Rare. Wired.com article. Pull quote: “Because companies only need tiny quantities of these minerals, the market for them is very volatile—prices can drop when a single new factory comes online and starts mass producing and refining them. That means if a mining company were to open up shop in the US, it could inadvertently tank the price of the same mineral it’s trying to profit from, says Lange.”

NASA Airborne Sensor’s Wildfire Data Helps Firefighters Take Action. JPL.NASA.gov article

. Pull quote: “AVIRIS and the Firesense Airborne Campaign are part of NASA’s work to leverage its expertise to combat wildfires using solutions including airborne technologies. The agency also recently demonstrated a prototype from its Advanced Capabilities for Emergency Response Operations project that will provide reliable airspace management for drones and other aircraft operating in the air above wildfires.”

Statement from Matt Hartman on the CVE Program. CISA.gov press release. Pull quote: “The CVE Program is an invaluable public resource relied upon by network defenders and software developers alike. As the nation’s cyber defense agency, it is a foundational priority for CISA. Recent public reporting inaccurately implied the program was at risk due to a lack of funding. To set the record straight, there was no funding issue, but rather a contract administration issue that was resolved prior to a contract lapse. There has been no interruption to the CVE program and CISA is fully committed to sustaining and improving this critical cyber infrastructure.” ‘Funding issue’ – ‘Contract administration issue’: Lack of communication makes the two the same thing.

China Report – 4-24-25. SpaceNews.com article. Space debris - Commercial activities expand scope – Space Day –

Alpha FLT006 Message in a Booster. FireFlySpace.com mission page. Pull quote: “Alpha FLTA006 is the second mission Firefly is launching for Lockheed Martin and the first of Firefly’s multi-launch agreement with Lockheed Martin that includes up to 25 missions over the next five years. This mission will launch Lockheed Martin’s LM 400 tech demo to prove out the risk-reduction and path finding efforts the company has done for its multi-mission satellite bus. Launching the mid-size satellite to low Earth orbit, FLTA006 will further validate Alpha’s robust performance to take customers directly to their preferred orbits as the only operational 1 metric ton rocket.”

Review – 6 Advisories and 1 Update Published – 4-24-25

Today CISA’s NCCIC-ICS published six control system security advisories for products from Planet Technology, Johnson Controls, Nice, Vestel, ALBEDO Telecom, and Schneider Electric. They also updated an advisory for products from Fuji Electric.

Advisories

Planet Advisory - This advisory describes five vulnerabilities in multiple Planet network products.

Johnson Controls Advisory - This advisory describes a stack-based buffer overflow vulnerability in the Johnson Controls ICU tool.

Nice Advisory - This advisory describes an OS command injection vulnerability (with publicly available exploit) in the Nice Linear eMerge e3-Series access control platform.

Vestel Advisory - This advisory describes an exposure of sensitive information to an unauthorized control sphere vulnerability in the Vestel AC Charger EVC04.

ALBEDO Advisory - This advisory describes an insufficient session expiration vulnerability in the ALBEDO Net.Time - PTP/NTP clock.

Schneider Advisory - This advisory describes 22 vulnerabilities (16 with publicly available exploits) in the Schneider Modicon Controllers.

Update

Fuji Update - This update provides additional information on the Monitouch V-SFT advisory that was originally published on December 3^rd, 2024.

 

For more information on these advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/6-advisories-and-1-update-published-ad4 - subscription required.

Review - HR 2109 Introduced – Cybersecurity for Rural Water Systems

Last month Rep Davis (D,NC) introduced HR 2109, the Cybersecurity for Rural Water Systems Act. The bill would expand the USDA’s support of the Circuit Rider program to provide cybersecurity technical assistance for rural water systems. The legislation would extend the authorization for the Circuit Rider program through 2028 and adds $7.5 million in additional annual funding to support the cybersecurity effort.

This bill is essentially the same as HR 3809, the Cybersecurity for Rural Water Systems Act of 2023, that was introduced by Davis in June of 2023, There was no action taken on that bill in the 118^th Congress. A similar sounding bill (S 1018) was introduced in the Senate last month.

Moving Forward

Both Davis, and one of his two cosponsors, Rep Nunn (R,IA), are members of the House Agriculture Committee to which this bill was assigned for consideration. This means that there may be sufficient influence to see the bill considered in Committee. The major drawback to this bill is $7.5 million dollars in additional funding being proposed for the program. In the 119^th Congress (even more so than in the 118^th) any legislation increasing funding will face a high hurdle with leadership.

 

For more information on the provisions of this bill, including additional commentary of the bill moving forward, see my article at CFSN Detailed Analysis - https://open.substack.com/pub/patrickcoyle/p/hr-2109-introduced - subscription required.

Short Takes – 4-23-25

CISA launches new wave of job cuts. CybersecurityDive.com article. Pull quote: ““The recent layoffs at CISA have made the cybersecurity workforce less stable, further complicating efforts to secure critical infrastructure,” Grant Guyer, chief strategy officer at Claroty, said via email. “Losing skilled professionals due to job instability, especially with government roles not being as attractive as private sector positions, leaves the country more vulnerable to cyber threats.””

Mass Evacuation After Massive Explosion at Russian Weapons Depot in Vladimir Oblast. Novinite.com article. Sophia, Bulgaria based news site. Pull quote: “The facility is believed to be the 51st Arsenal of the Main Missile and Artillery Directorate, located roughly 530 kilometers from the Ukrainian border. According to Ukrainian defense outlet Militarnyi, this arsenal is one of the largest in Russia, known for storing a broad range of weaponry, including medium-caliber artillery shells, anti-aircraft missiles, and ammunition for multiple launch rocket systems. The site also reportedly houses a laboratory for monitoring artillery propellants and workshops for testing high-tech weapon systems.” Safety issue or attack by Ukraine?

Atmos Space Cargo declares first test flight a success despite reentry uncertainty. SpaceNews.com article. Pull quote: “However, five weeks before the launch, SpaceX informed Atmos of a change in trajectory because of “operational constraints” of the primary payload, a South Korean reconnaissance satellite. That resulted in a splashdown well off the coast of Brazil, ruling out any attempt to recover Phoenix after splashdown. It also meant a steeper reentry than previously planned, creating higher loads on the spacecraft.” Demonstrates the limits of a ride-share mission.

Exclusive: AI Outsmarts Virus Experts in the Lab, Raising Biohazard Fears.  Pull quote: “But bad-faith actors can now use AI models to walk them through how to create viruses—and will be able to do so without any of the typical training required to access a Biosafety Level 4 (BSL-4) laboratory, which deals with the most dangerous and exotic infectious agents. “It will mean a lot more people in the world with a lot less training will be able to manage and manipulate viruses,” Inglesby says.” No mention of the attendant dangers to the inexperienced researchers.

Is a Military Coup Unfolding at the Pentagon?  Pull quote: “As he and others I talked to have explained, Hegseth is being undermined and perhaps even drummed out of office by the uniformed military, aided by the permanent bureaucracy. One official told me that there had been tension between Hegseth’s office and the top commander in the Middle East over policy and priorities. A senior military intelligence specialist told me that Hegseth is near-universally loathed by the uniformed colleagues he works with.” The classic and ‘accepted’ recourse for military officers has always been to resign when conflicts with higher authority are untenable.

The guardian’s rifle: why mission-essential space support cannot be outsourced. SpaceNews.com commentary. Pull quote: “This means the satellites that provide these critical connections — especially during combat operations — must be owned, operated and secured by the U.S. government. Not leased. Not borrowed. Not at the mercy of commercial availability, cost models or external interference.” Does anyone else hear the echo of ‘like turning off Starlink service’?

Improving Performance, Accountability and Responsiveness in the Civil Service. Federal Register, OPM notice of proposed rulemaking. Summary: “The Office of Personnel Management (OPM) is proposing a rule to increase career employee accountability. Agency supervisors report great difficulty removing employees for poor performance or misconduct. The proposed rule lets policy-influencing positions be moved into Schedule Policy/Career. These positions will remain career jobs filled on a nonpartisan basis. Yet they will be at-will positions excepted from adverse action procedures or appeals. This will allow agencies to quickly remove employees from critical positions who engage in misconduct, perform poorly, or undermine the democratic process by intentionally subverting Presidential directives.” Public comments due May 23^rd, 2025.

CG Homeport Issues

I do not get around to the Coast Guard’s Homeport website very often, it is old and not very internet friendly. But imagine my surprise when I saw the following notice at https://www.uscg.mil/Homeport/ today:

The Coast Guard Homeport Internet Portal platform will be decommissioned on 12 April 2025. You will need to use alternate approaches for tasks typically performed through the Homeport platform.

We recognize that Homeport has long been a trusted tool for mariners and the broader maritime community. The Coast Guard is establishing temporary workarounds to ensure essential services remain accessible until we can identify the best permanent approach for each function.

The following pages will provide you with guidance on how to conduct activities previously done through Homeport.

The Coast Guard is responsible for maintaining both the physical and cyber security of our country’s maritime commerce system. The Homeport system is facing increasing costs and system obsolescence. As a result, it is no longer a viable tool for managing the many functions required to ensure the smooth and safe flow of vessel traffic.

The page goes on to provide email links for many of the basic services that were provided by Homeport. I suspect that this is part and parcel of the Trump Administration’s limiting of information sharing by the federal government, but there is still some truth in that notice. I hope that something good comes out of this as the Coast Guard stands up a more user-friendly version of their portal.

Review – OMB Approves CG NRRI ICR Update – 4-22-25

Yesterday the OMB’s Office of Information and Regulatory Affairs (OIRA) announced that it had approved an information collection request (ICR) revision from the Coast Guard on “National Response Resource Inventory (NRRI)”. The revision reports a reduction in the number of responses expected by the Coast Guard with an increase in the burden hours.

 

For a more detailed discussion of the changes in the burden estimate provided by the Coast Guard, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/omb-approves-cg-nrri-icr-update-4 - subscription required.

Short Takes – 4-22-25

Lucy probe snaps closeup of weirdly shaped asteroid. CosmicLog.com article.  Pull quote: “Lucy came as close as 600 miles (960 kilometers) to Donaldjohanson on April 20, snapping images every two seconds or so as it zoomed past. The pictures confirmed the asteroid’s status as a contact binary — that is, a compound object formed by the sticky collision of two smaller celestial bodies. Donaldjohanson is somewhat larger than it was previously thought to be, with a length of about 5 miles (8 kilometers) and a width of 2 miles (3.5 kilometers) at the widest point.”

Whistleblower: DOGE Siphoned NLRB Case Data. KrebsOnSecurity.com article. Pull quote: “Berulis said he and his colleagues grew even more alarmed when they noticed nearly two dozen login attempts from a Russian Internet address (83.149.30,186) that presented valid login credentials for a DOGE employee account — one that had been created just minutes earlier. Berulis said those attempts were all blocked thanks to rules in place that prohibit logins from non-U.S. locations.”

SpaceX launches European reentry capsule on 'Bandwagon-3' rideshare mission (video). Space.com article. Pull quote: “The goal is to test the Phoenix system's inflatable heat shield and other core technology, showing the craft can safely bring valuable cargo from space to Earth — something Atmos plans to do for a variety of customers in the near future.”

US FDA suspends milk quality tests amid workforce cuts. Reuters.com article. Pull quote: “WASHINGTON, April 21 (Reuters) - The Food and Drug Administration is suspending a quality control program for testing of fluid milk and other dairy products due to reduced capacity in its food safety and nutrition division, according to an internal email seen by Reuters.” This is testing of labs that do milk and diary product testing to assure that they properly conducting such tests.

Beyond XX & XY—Human Sex And Gender Were Never A Simple Binary. TheBigPicture.substack.com article. Pull quote: “In 2017, I wrote a piece introducing the research of Amanda Hobbs—under expert review by Amy Wisniewski of the University of Oklahoma Health Sciences Center. Hobbs's research identified five factors that determine sex: chromosomes, genes, hormones, reproductive organs, and secondary sex characteristics.”

EO 14276 - Restoring American Seafood Competitiveness. Federal Register.

Review – 4 Advisories and 1 Update Published –

Today CISA’s NCCIC-ICS published four control system security advisories for products from ABB, Schneider, and Siemens (2). They also updated an advisory for products from Schneider.

Advisories

ABB Advisory - This advisory discusses 15 vulnerabilities in the ABB MV Drives products.

Schneider Advisory - This advisory describes an exposure of sensitive information to an unauthorized actor vulnerability in the Schneider Wiser Home Controller.

Siemens Advisory #1 - This advisory describes an improper handling of length parameter inconsistency in the Siemens TeleControl Server Basic.

Siemens Advisory #2 - This advisory describes 67 SQL injection vulnerabilities in the Siemens TeleControl Server Basic.

Updates

Schneider Update - This update provides additional information on the Modicon M580 PLCs advisory that was originally published on February 4^th, 2025.

 

For more information on these advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/publish/post/161915633 - subscription required.

HR 2482 Introduced – NTIA Reauthorization

Last month Rep Latta (R,OH) introduced HR 2482, the NTIA Reauthorization Act of 2025. This bill is the latest attempt to reauthorization process for the National Telecommunications and Information Administration (NTIA). The bill would authorize $57 million in spending (down from $62 million in last year’s bill) for NTIA for FY 2025 and FY 2026. The House Energy and Commerce Committee considered the bill in a business meeting (along with 23 other bills) and approved the bill by a voice vote without amendments.

Last session Latta also introduced an NTIA reauthorization bill, HR 4510. That bill was considered in a business meeting of the House Energy and Commerce Committee and adopted the bill by a vote of 48 to 0. The Committee Report was published on October 25^th, 2023. The full House took up HR 4510 on May 14^th, 2024 and passed the legislation by a vote of 374 to 36. No action was taken on this legislation in Senate the 118^th Congress.

HR 2482 is very different from last session’s bill. Whole titles are missing, and titles that are included are missing a substantial number of sections. Of importance here, Title IV that would have established within NTIA an Office of Policy Development and Cybersecurity has not been included in this bill. This means that there are no cybersecurity provisions within the current legislation.

Review - Bills Introduced – 4-21-25

Yesterday with the House and Senate in their Easter district work break and meeting in pro forma session, there were 17 bills introduced. One of those bills may receive additional coverage in this blog:

HR 2980 To direct the Secretary of Energy to establish a program to provide financial assistance to graduate students and postdoctoral researchers pursuing certain courses of study relating to cybersecurity and energy infrastructure, and for other purposes. Ross, Deborah K. [Rep.-D-NC-2]

 

For more information on these bills, including legislative history for similar bills in the 118th, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/bills-introduced-4-21-25 - subscription required.

Short Takes – 4-21-25

GOP lawmakers running out of options to pay for Trump’s costly agenda. TheHill.com article. Pull quote: “The most ambitious plan floated so far, to reduce Medicaid spending by hundreds of billions of dollars, now appears all but dead after a dozen House Republicans informed their leadership this week that they would not support a bill that includes any reduction in Medicaid coverage to vulnerable populations.”

Francis, the First Latin American Pope, Dies at 88. NYTimes.com article (free). Pull quote: “Some of Francis’ defenders argued that his ambiguities and incrementalisms reflected a strategy to build a consensus for a larger, longer-lasting project — that of creating a more collegial church that shifted power away from Rome to local bishops and priests in the trenches.”

Hegseth Said to Have Shared Attack Details in Second Signal Chat. NYTimes.com article (free). Pull quote: “Unlike the chat in which The Atlantic was mistakenly included, the newly revealed one was created by Mr. Hegseth. It included his wife and about a dozen other people from his personal and professional inner circle in January, before his confirmation as defense secretary, and was named “Defense | Team Huddle,” the people familiar with the chat said. He used his private phone, rather than his government one, to access the Signal chat.”

Agencies will still see strict limits on recruitment once hiring freeze expires in July. FederalNewsNetwork.com article. Pull quote: “But even after the hiring freeze lifts later this summer, agencies will still be limited in how many new employees they can hire, and how many new positions they can create. The White House said it will cap agencies to one new hire for every four federal employees who leave the civil service.”

How Hackers Use Hidden Text in Emails to Bypass Security Filters. I-HLS.com article. Pull quote: “Cisco Talos, which has been tracking these emerging threats, reports a rise in the use of text salting since mid-2024. Hackers use this technique to achieve three main goals: avoid detection by keyword-based spam filters, confuse language detection systems, and prevent security tools from decoding and analyzing malicious attachments.”

Interview With Lesley Carhart - Principal Industrial Incident Responder at Dragos. SafetyDetectives.com blog post. Pull quote: “What I want people to understand is how different that space is. Almost every organization has industrial control systems (ICS) in their environment. Even if it’s just data centers with big air conditioners or buildings with elevators and water systems—those are all ICS.” Lots of other critical points, but this has widespread implications.

Taking ‘remote care’ to new heights — how space can shape the future of healthcare. Spacenews.com article. Pull quote: “The lessons learned and technologies developed for space missions like Artemis are not only advancing human exploration beyond our planet but are also paving the way for a new era in healthcare here on Earth. By integrating real-time data monitoring, AI-guided interventions and seamless communication across vast distances, HERMES is laying the foundation for a more responsive, efficient and accessible healthcare system for high-risk environments. From remote expeditions to everyday medical care, the advancements we make in space will have far-reaching implications for the future of healthcare on Earth.”

Review – S 1017 Introduced – Pipeline Damage Expansion

Last month Sen Sheehy (R,MT) introduced S 1017, the Safe and Secure Transportation of American Energy Act. The bill would amend 49 USC 60123(b) to expand the coverage of ‘the penalty for damaging or destroying an interstate pipeline’ to include select civil disobedience activities. No new funding is authorized by this legislation.

The bill is essentially the same as to S 5045, that was introduced by Sen Cruz (R,TX) in September 2024. No action was taken on that bill in the 118^th Congress.

Moving Forward

Sheehy and all seven of his cosponsors {Sen Cruz (R,TX; Chair), Sen Sullivan (R,AK), Sen Budd (R,NC), Sen Capito (R,WV), Blackburn (R,TN), Sen Young (R,IN), and Sen Fischer (R,NE)} are all members of the Senate Commerce, Science, and Transportation Committee to which this bill was assigned for consideration. With the Chair of the Committee as one of the cosponsors, there is certainly adequate influence to see the bill considered in Committee. There will be strong opposition to this bill from most Democrats, who would view it as an effort to make demonstrations about new pipelines illegal. The bill would pass in Committee, perhaps even with some Democrats supporting the bill, but there would probably not be enough votes to overcome a cloture vote on the Senate floor.

 

For more information on the provisions of this bill, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/s-1017-introduced - subscription required.

Short Takes – 4-21-25 – Space Geek Edition

NASA's Lucy probe flies by the asteroid Donaldjohanson on Easter Sunday. Space.com article. Pull quote: “"We're going to observe [Donaldjohanson] as if it was one of the Trojan asteroids, because we wanted to have a complete practice run," Arizona State University professor Phil Christensen, who designed L'TES, said in a video interview prior to the scheduled flyby. The goal, he shares, is to figure out the asteroid's composition.”

Firefly Aerospace’s launch of Lockheed Martin’s FLTA006 Message in a Booster mission is ‘to be determined’. SatNews.com article.  Pull quote: “Alpha FLTA006 is the second mission Firefly is launching for Lockheed Martin and the first of Firefly’s multi-launch agreement with Lockheed Martin that includes up to 25 missions over the next five years. This mission will launch Lockheed Martin’s LM 400 tech demo to prove out the risk-reduction and pathfinding efforts the company has done for its multi-mission satellite bus. Launching the mid-size satellite to low Earth orbit, FLTA006 will further validate Alpha’s robust performance to take customers directly to their preferred orbits as the only operational 1 metric ton rocket.”

Sidus Space’s LizzieSat®-powered vessel detection enables Little Place Labs near real-time maritime intelligence. SatNews.com article. Pull quote: “By processing data directly onboard LizzieSat® satellites, OrbitfyEdge is expected to eliminate the delays traditionally associated with downlinking and ground-based analysis. This solution not only detects and classifies vessels but also cross-references onboard AIS (Automatic Identification System) data to identify or flag “dark” vessels engaged in illegal activities such as piracy or illegal fishing. The insights will be delivered in near real-time, supporting rapid response to maritime security threats and supply chain disruptions.”

NASA faces critical issue that could jeopardize all future SpaceX missions. JasonDeegan.com article. Pull quote: “Creating timekeeping devices that work accurately across different planetary environments is no easy task. These devices must maintain precision despite varying gravitational forces, extreme temperatures, and other operational conditions. Engineers are currently exploring solutions like miniaturized atomic clocks and advanced materials that can handle the tough space conditions. Ensuring the reliability of these devices is paramount for the success of long-duration missions.” Interesting look at the scope of the interplanetary time keeping issues.

Why are two Texas senators trying to wrest a Space Shuttle from the Smithsonian? ArsTechnica.com article. Pull quote: “The bottom line is that two Texas senators want taxpayers to spend at least $1 billion to remove the most historic Space Shuttle from the most historic spaceflight museum in the world, possibly break it in an across-the-country move, and then put it in a nondescript warehouse in Houston. I am a huge space buff who lives just a few minutes away from Space Center Houston. Even I can recognize this for the colossally stupid idea that it is.”

Review – TSA Publishes Surface Transportation Security ICR Notice

On Monday TSA will publish (available online yesterday) a 60-day information collection request (ICR) revision notice in the Federal Register (90 FR 16697-16698). The TSA is intending to combine two existing ICRs into a single document to support their surface transportation security program. The combined ICR would be reported under RIN# 1652-0051. The two existing ICRs are:

1652-0051 - Rail Transportation Security, and

1652-0066 - Security Training Program for Surface Transportation Employees

The table below shows the current burden estimates for the two ICRs as well as the combined burden being reported in Monday’s ICR Notice. There is one ‘apples and oranges’ problem with this data, the ICR notice reports the number of ‘respondents’ not the number of responses.

TSA has not explained the drastic decrease in burden estimate for the combined ICR.

Public Comments

TSA is soliciting public comments on the accuracy of the data presented in this ICR notice. Comments may be submitted via email (TSAPRA@dhs.gov). Comments should be submitted by June 20^th, 2025.

Commentary

The TSA has a long history of providing inadequate information to support changes to the burden estimates in their ICR notices. This makes it difficult for the affected public to provide meaningful comments on “the accuracy of the agency’s estimate of the burden of the proposed collection of information” being proposed by the TSA as required by 44 USC 3506(c)(2)(A)(ii). Unfortunately, OIRA only apparently cares about the supporting information provided to them after the 30-day ICR notice is published as OIRA has never taken TSA to task for their inadequate information sharing.

 

For more information on this ICR notice, including a look at why the burden estimate is almost certainly too low, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/tsa-publishes-surface-transportation-e9b - subscription required.