Presentation is loading. Please wait.

Presentation is loading. Please wait.

SMUCSE 8394 Border and Transportation Security (BTS) Class 2 C-TPAT and CSI Concept, Technologies, and Vulnerabilities.

Similar presentations


Presentation on theme: "SMUCSE 8394 Border and Transportation Security (BTS) Class 2 C-TPAT and CSI Concept, Technologies, and Vulnerabilities."— Presentation transcript:

1 SMUCSE 8394 Border and Transportation Security (BTS) Class 2 C-TPAT and CSI Concept, Technologies, and Vulnerabilities

2 SMUCSE 8394 C-TPAT In November 2001, Customs initiated C-TPAT – Customs-Trade Partnership Against Terrorism – to improve the security of containers as they move through the global supply chain Under C-TPAT, Customs officials work in partnership with private industry, reviewing supply chain security plans and recommending improvements In return, C-TPAT members receive the benefit of a reduced likelihood that containers traveling along their supply chains will be inspected for WMDs.

3 SMUCSE 8394 C-TPAT– First thing to Note... C-TPAT is a general agreement on a Security Process It addresses... Security Guidelines (defined by C- TPAT) Security Plan (defined by each member) C-TPAT Compliance Evaluation. Validation Process

4 SMUCSE 8394 C-TPAT Has Guidelines for... 1.Importers 2.Air Carriers 3.Sea Carriers 4.Rail Carriers 5.Licensed Brokers 6.Air Freight Consolidators/Ocean Transportation Intermediaries, and NVOCCs (1) 7.U.S. Marine Port Authority/Terminal Operators 8.Foreign Manufacturers a)Warehouse Security Recommendations b)Status Verification Interface c)FAST Application Information. (2) (1)Non-vessel Operating Common Carrier (2)This program allows U.S./Canada and U.S./Mexico partnering importers expedited release for qualifying commercial shipments.

5 SMUCSE 8394 C-TPAT Process for Importers Importer Security Recommendations for C-TPAT Contains a list of suggestions for establishing, improving, or amending, security procedures along the entire supply chain. Each set of recommendations applies to a specific segment of the import chain such as a carrier, broker, importer, or warehouse and is meant to serve as only a guide and not as an established standard C-TPAT Agreement to Participate Voluntarily Required voluntary agreement that shows a company's commitment to complete the appropriate Security Questionnaire within 60 days and participate in C-TPAT.

6 SMUCSE 8394 C-TPAT Importers’ Security Profile 1.Provide an executive summary outlining the process elements of the security procedures currently in place. At minimum, address: –Security Program –Personnel Security –Service Provider Requirements - Product suppliers, Carriers, Forwarders 2.Indicate that the specific detailed procedures noted above are available to Customs in a verifiable format at an identified location –Include an assessment of your security processes –As well as information on what changes you envision making to correct identified weaknesses. Facilities security Theft prevention Shipping & receiving controls Information security controls - integrity of automated systems Internal controls - process established for reporting and correcting problems. Pre-employment screening & periodic bkgnd reviews Employee training on security awareness and procedures Internal codes of conduct Internal controls - process established for reporting and managing problems related to personnel security Written standards for physical plant security Quality controls Financial assessment process Internal controls to select service providers Profiles of Tier 1 suppliers maintained and available for review Indicate if your service providers participate...

7 SMUCSE 8394 C-TPAT – Focus on CSI Announced in January 2002, the Container Security Initiative addresses security vulnerabilities created by the ocean container trade Two issues1) WMDs in a container could destroy a port 2) WMDs slipping into the country could destroy a place HENCE – CSI allows U.S. Customs to screen containers at CSI-designated foreign seaports.

8 SMUCSE 8394 Rationale for CSI Ocean-going cargo containers are a critical link in the system of global trade With the rise of the “just-in-time” delivery system and increased efficiencies in maritime transportation, the U.S. and world economies have become increasingly reliant on the cargo container to transport their goods Approximately 90 percent of the world’s trade moves by cargo container About 49 percent of U.S.-bound containers arrive from the top 10 international ports shown in Table 1.

9 SMUCSE 8394 Rationale for CSI Ocean-going cargo containers are a critical link in the system of global trade With the rise of the “just-in-time” delivery system and increased efficiencies in maritime transportation, the U.S. and world economies have become increasingly reliant on the cargo container to transport their goods Approximately 90 percent of the world’s trade moves by cargo container About 49 percent of U.S.-bound containers arrive from the top 10 international ports shown in Table 1.

10 SMUCSE 8394 C-TPAT’s Security Architecture C-TPAT identifies –Procedural and physical changes to “heighten security” –Continuous monitoring / updating to maintain it CSI identifi e s –Procedures to qualify and evaluate supply-chain security as it pertains to shipping containers –Continuous monitoring / updating to maintain it What’s missing?

11 SMUCSE 8394 C-TPAT’s Security Architecture Technology –How can warehouses, depots, and containers be secured –What must be secured –What should we measure / detect / report Infrastructure –What is required to enable a secure architecture –Who provides it / controls it / or maintains it Our challenge...

12 SMUCSE 8394 Customs Commissioner Robert C. Bonner asked importers to tighten the security of their supply chains “security measures must serve a greater purpose” Companies should expand the "security perimeter" of the U.S. by assuring their vendors and transportation means are "airtight." Dedola International (Nov 28/01) Customs Commissioner Robert C. Bonner asked importers to tighten the security of their supply chains “security measures must serve a greater purpose” Companies should expand the "security perimeter" of the U.S. by assuring their vendors and transportation means are "airtight." Dedola International (Nov 28/01) Compelling Problem – Border Security U.S. Borders are inundated with Imports Import levels impact HomeLand Security & may delay processing at the port of entry

13 SMUCSE 8394 Today’s Short-comings in CSI Security Current systems are designed to foul the “dumb criminal” They are not “hardened” to foul “smart, well-funded” criminals Opportunistic Insider “Grab-and-run” mentality Timing  Delivery-oriented “Idealistic” Outsider & insider “Send-a-message” mentality Timing  Impact-oriented.

14 SMUCSE 8394 Security Architecture for CSI Now that we understand the concepts behind C-TPAT and CSI the security methods introduced the “terrorist characteristics” We will identify processes, technologies, and architecture necessary to give “teeth” to CSI.

15 SMUCSE 8394 Security Architecture – “Thought Lab”  SRC What do we need here to ensure only legitimate goods are loaded  Transport How can we be sure nothing “slipped in” DST  How can we maximize the likelihood of a high-detection hit-rate.

16 SMUCSE 8394 Security Architecture – “Thought Lab”  SRC Identify the conditions needed here Consider Trusted Agent – at each Vendor or Port Mechanism to ensure that once loaded and secured, opening a container is detected 100% and reported Infrastructure to ensure the “mechanism” cannot be compromised – cloned / mutated. 15 min Discussion

17 SMUCSE 8394 Security Architecture – “Thought Lab” Consider Mechanism to ensure opening any part of a container is detected 100% and reported Infrastructure to ensure the “mechanism’s” ability to report cannot be compromised – jammed / faked. Identify the conditions needed here  Transport 15 min Discussion

18 SMUCSE 8394 Security Architecture – “Thought Lab” Consider Mechanism to clearly and reliably indicate container compromise to inspector or inspecting station Infrastructure to ensure customs inspector can identify compromised containers quickly Infrastructure to analyze possible breeches and to report them for up-stream analysis and reporting. DST  What does Customs need 15 min Discussion

19 SMUCSE 8394 End of Current Lesson The purpose of the Thought-experiment was to 1.Identify an architecture to support CSI 2.Identify technology characteristics to support rapid and reliable detection 3.Identify the impacts to infrastructure An extension to our exercise is to determine cost impacts – ultimately, someone has to pay for it – so minimizing cost is a winning goal Think of what may be lost through cost-minimization.


Download ppt "SMUCSE 8394 Border and Transportation Security (BTS) Class 2 C-TPAT and CSI Concept, Technologies, and Vulnerabilities."

Similar presentations


Ads by Google