Strategic Management of Information and Communications Technology: The United States Air Force Experience with Y2K (PGA, CSTB)

Released 08.27.07

The Y2K situation presented an opportunity to learn how various factors affect risk that can threatens critical information infrastructure.  Events since then have demonstrated how an incomplete plan for strategic management of information and communications technology (ICT) could have severe consequences for delivery of emergency services.  This report provides lessons from how the US Air Force prepared for and responded to the Y2K threat.  It presents them under three headings: lessons for managing ICT complexity, lessons for aligning organizational and ICT strategies, and lessons for minimizing ICT risk.  The report also offers recommendations for improving Air Force management of information and supporting infrastructure and their implications for other organizations.  This report represents only the views of the principal investigator and not necessarily those of the NRC.

Fusion of Security System Data to Improve Airport Security (NMAB)

Released 10.30.07

The security of the U.S. commercial aviation system has been a growing concern since the 1970's when the hijacking of aircraft became a serious problem.  Over that period, federal aviation officials have been searching for more effective ways for non-invasive screening of passengers, luggage, and cargo to detect concealed explosives and weapons.  To assist in this effort, the Transportation Security Administration (TSA) asked the NRC for a study of emerging screening technologies.  This report-the fourth of four-focuses on data fusion as a means to significantly improve the ability of the existing suite of airport detection systems and access control systems to detect and prevent attacks.  The report presents a discussion of the data fusion, an analysis of current data fusion efforts, and an assessment of data fusion opportunities for various airport security activities. 

Released 06.26.07

The nation's critical infrastructure depends extensively on information technology (IT). The United States, however, faces real risks that adversaries will exploit vulnerabilities in the nation's critical information systems. In addition, there is inadequate understanding of what makes IT systems vulnerable, how best to reduce these vulnerabilities, and how to transfer cybersecurity knowledge to practice. In response to these concerns and at the request of Congress, the NRC undertook a study to develop a strategy for cybersecurity research that could address this vulnerability issue. This report presents an assessment of the nature of the cybersecurity threat; explores why previous research efforts have been less effective than desired; gives an analysis of human resource needs to advance cybersecurity research; provides a collection of illustrative research areas; and offers a set of priorities for action.

The Role of Naval Forces in the Global War on Terror (NSB)

Released 06.05.07

The growth of the terrorism threat to the nation's security has created significant strategic challenges for U.S. armed forces in fighting this global war on terrorism (GWOT). For the Navy, the challenges have centered on developing maritime capabilities to prosecute the GWOT as far forward as possible. To assist the Navy's planning in this area, the former Chief of Naval Operations requested the NRC to conduct an assessment of the adequacy of and prospects for improving the role of Naval Forces in the GWOT. The study developed a defense-in-depth framework as the organizing principle for the report. The report contains information as described in 5 U.S.C. 552(b) and therefore could not be released to the public in its entirety. The public version consists of an executive summary that presents an assessment of the transformation of naval forces for addressing the GWOT; a brief description of the defense-in-depth framework; and a list of findings and major recommendations.

Interim Report on Methodological Improvements to the Department of Homeland Security's Biological Agent Risk Analysis (BMSA)

Released 02.02.07

In 2004, the President issued a homeland security directive focusing on defense against biological weapons. This directive, along with the National Strategy for Homeland Security published in 2002, mandated assessments of the biological weapons threat to the nation and assigned responsibility for those assessments to the Department of Homeland Security (DHS). To assist in this project, DHS asked the NRC to carry out a study of the methodology used by the agency to prepare its first bioterrorism risk assessment. This interim report provides a preliminary examination of that methodology along with recommendations for near-term guidance and direction for the further development of its risk analysis models. A final report will address longer-term issues in the development of risk assessment capabilities for DHS.

Improving Disaster Management: the Role of IT in Mitigation, Preparedness, Response, and Recovery (CSTB)

Released 01.29.07

Information technology (IT) has the potential to play a critical role in managing natural and human made disasters. Damage to communications infrastructure, along with other communications problems exacerbated the difficulties in carrying out response and recovery efforts following Hurricane Katrina. To assist government planning in this area, the Congress, in the E-government Act of 2002, directed the Federal Emergency Management Agency (FEMA) to request the NRC to conduct a study on the application of IT to disaster management. This report characterizes disaster management providing a framework for considering the range and nature of information and communication needs; presents a vision of the potential for IT to improve disaster management; provides an analysis of structural, organizational, and other non-technical barriers to the acquisition, adoption, and effective use of IT in disaster; and offers an outline of a research program aimed at strengthening IT-enabled capabilities for disaster management.

Assessment of Millimeter-Wave and Terahertz Technology for Detection and Identification of Concealed Explosives and Weapons (NMAB)

Released 01/29/2007

The security of the U.S. commercial aviation system has been a growing concern since the 1970's when the hijacking of aircraft became a serious problem. Over that period, federal aviation officials have been searching for more effective ways for non-invasive screening of passengers, luggage, and cargo to detect concealed explosives and weapons. To assist in this effort, the Transportation Security Administration (TSA) asked the NRC for a study of emerging screening technologies. This report-the third of four-focuses on currently maturing millimeter-wavelength/terahertz imaging and spectroscopy technologies that offer promise in meeting aviation security requirements. The report provides a description of the basic operation of these imaging systems, an assessment of their component technologies, an analysis of various system concepts, and an implementation strategy for deployment of millimeter-wavelength/terahertz technology screening systems.