Presentation is loading. Please wait.

Presentation is loading. Please wait.

Enhanced Critical Infrastructure Protection (ECIP) Facility Dashboard November 2009.

Similar presentations

Presentation on theme: "Enhanced Critical Infrastructure Protection (ECIP) Facility Dashboard November 2009."— Presentation transcript:

1 Enhanced Critical Infrastructure Protection (ECIP) Facility Dashboard November 2009

2 Infrastructure Survey Tool (IST) Development Began in June 2008 Pilot (Summer 2008) Version 1 (Fall 2008) Version 2 (Summer 2009) Web-based Tool Collects Data Streamlines data collection Oracle back end database Supports analysis and Dashboard Major Principles Simply a survey of existing protective measures in place at the facility Gathers data at the weakest point for any particular protective measure (e.g., the shortest part of the fence or the one gate with the single lock) 2 Resulting Protective Measures Index (PMI) is calculated using the relative importance assigned to each protective measure attribute by a team of subject matter experts

3 Protective Measures Index (PMI) - Review Based on Six Level 1 Components 1.Physical Security 2.Security Management 3.Security Force 4.Information Sharing 5.Protective Measures Assessment 6.Dependencies Each of these components is based on Level 2 Components Level 2 Components are, in turn, based on the most detailed asset characteristics, which are Level 3 Components for the facility (at the weakest point) 3

4 4 IST Level 1 and Level 2 Components

5 Fences Gates Closed circuit television (CCTV) Intrusion detection systems (IDS) Parking Access control Security lighting Vehicle access control Building envelope For Example, There Are 9 Physical Security Level 2 Components: 5

6 Similarly, Fences has Several Level 3 Components (Detailed Characteristics) Fraction enclosed Fence type Height Base anchored Other fence characteristics Clear zone Warning signs Free of objects Outriggers Enhancements (e.g., barbed wire) Vehicle protection Constant illumination Triggered illumination 6

7 Level 3 Components Affect Vulnerability (Fences Example) Fence Protective Measures Index = f (fraction enclosed, type, height, base anchored, other fence characteristics) FPMI = f (z 1, z 2,..., z n ) = b i * z i n Σ i = 1 FPMI is a protective measures index of fence security going from 0 (less secure) to 100 (more secure), the z i represent specific levels of achievement for the factors that increase fence security (e.g., height, type, characteristics), and the b i are scaling constants (weights) that specify the relative importance of the factors. (Note: the equation may take on a different form) 7 Additional information can be found at Constructing Vulnerability and Protective Measures Indices for the Enhanced Critical Infrastructure Protection Program by R.E. Fisher, W.A. Buehring, et al., October 1, 2009.

8 8 Fences PMI Has Many Components FenceCharacteristics RankRI OutriggersOutriggers: 45 degree1100 Outriggers: Y style290 Outrigger: Straight up380 No Outrigger40 EnhancementsRankRI Barbed wire 570 Broken glass 830 Spikes 760 Razor wire 480 Reinforced anchor points 1100 Electric Fence 1100 Mesh Kevlar 1100 Second Fence 570 Screening 570 Worst LevelBest LevelRankRI Clear ZoneNoYes640 Warning SignsNoYes725 Free of ObjectsNo Yes450 VehiclesNoneAll295 IlluminationNoYes360 Triggered IlluminationNoYes545 CharacterizeNoneAll1100 Other Fence Characteristics Summary 8

9 7-foot aluminum chain-link fence Anchored base Outriggers, 45 degree Barbed wire Clear zone, free of objects Fence Protective Measures Index = 60 Fences PMI Example Wood fence 6-foot height Partial clear zone Fence Protective Measures Index = 13 9

10 Comparing Facility and Subsector Facility PMI 10 Subsector MaximumSubsector AverageSubsector Minimum Overall Facility PMI

11 Dashboard – Overall Tab Overall tab shows the overall facility PMI and the PMIs for each major component (Level 1) of the facility PMI (blue bar) and the low, average, and high PMI for the subsector (dots). Touch on the bar or dots to see the exact PMI figures. 11

12 Dashboard – Component Screens Level 2 Components Level 3 Data Level 3 Component PMI Overall PMI Bar Level 1 PMI Bar Level 2 PMI Dial Tabs – Level 1 12

13 Dashboard Buttonology The IST Level 1 Components are shown as tabs across the top. Touching a tab opens to the PMIs for each of the Level 2 and 3 Components within that section. The dark blue bar is the PMI for the answer in the IST (Facility: Existing) The light blue bar (Facility: Scenario) moves to reflect changes to the PMI based on manipulation of the buttons to reflect different scenarios. The subsector average PMI is shown in grey. A dial to the left indicates the existing PMI for that Level 2 section (e.g. CCTV); it moves to show the scenario PMI when changes have been made to the Level 3 answers. The bars above the dial show the Overall Facility PMI and Level 1 PMI (e.g., Physical Security) - black is existing and does not move, and blue moves to show the changes from the scenario selected. 13

14 Dashboard Buttonology (contd) For Yes/No questions, the dark blue bar will not be visible if the answer input is No. If the answer input is Yes, the bar will extend all the way to the right. 14

15 Dashboard Buttonology (contd) Touching a button at the left will open the Level 3 questions. Level 3 buttons can be manipulated to either show data corrections or demonstrate different scenarios for the Facility to try. The bars and dials will change accordingly. 15

16 Dashboard Interpretation The Dashboard is a way to display facility-specific information obtained through the ECIP Shows the PMI calculations for each component of the IST PMI has a constructive sense in that it increases (gets better) as protective measures are added The Dashboard shows the difference between the individual facilitys specific PMI and the average PMI for other like facilities (usually the critical infrastructure subsector) The product should not give the impression that the subsector average PMIs are indicative of desired or adequate performance 16

17 Dashboard Interpretation (contd) The Dashboard draws attention to components that are well below or well above the subsector average and may deserve additional study. There may be very good reasons why a facility has a component PMI that is below subsector average. Example: An urban facility where parking is allowed on the street would result in a low standoff number; no additional facility action may be possible May just note the vulnerability and consider other protective measures enhancements (e.g., additional CCTV along the facility street-side to identify suspicious vehicles) Each facility is different and will mitigate vulnerabilities and implement protective measures based on an individualized assessment of risks taking into consideration threat, assets to be protected, and facility characteristics. 17

18 Dashboard is a Tool The Dashboard is simply a tool, and the PMI is simply a reflection of existing protective measures at the facility, not a definitive determination of facility vulnerability. DHS is not advocating that any particular protective measures be installed/utilized at a facility based solely on the relative impact to the facilitys PMI reflected in the scenario element of the Dashboard. It is recognized that not all protective measures are appropriate at every facility. Therefore, simply raising the PMI for a section in the Dashboard is not necessarily directly correlated to a reduction in vulnerability for a particular facility unless it is an appropriate measure that is properly integrated with the facilitys current security posture and effectively implemented. 18

19 Questions and Comments 19

Download ppt "Enhanced Critical Infrastructure Protection (ECIP) Facility Dashboard November 2009."

Similar presentations

Ads by Google