1 U.S. Coast Guard Maritime Security Risk Analysis Model (MSRAM) “Balancing resources to risk” Presentation for the Critical Infrastructure Protection Workshop The Center for Homeland Defense and Security June 2008 Greeting – introduce (speaker) and guests Thank you for taking time out of your busy schedule for us to show you MSRAM and how these programs will support your risk management decisions now and what they can do for you and the Coast Guard in the future. Presented by LCDR Brady Downs, USCG Domestic Port Security Evaluations Division (CG-5142) Directorate of Assessment, Integration and Risk Management US Coast Guard Headquarters, Washington, D.C.

2 USCG Security Risk Evolution 2006 2007 PSRAT MSRAM 1 MSRAM 2 MSRAM + Focus: Support COTP Risk Security Management Improve: Consistency & threat Consequence data to support Operation Neptune Shield Port Risk data supported Port Security Risk Assessments Focus: Support Field & Headquarters Addresses threat element from ICC & consistency issues Supported: COTP/Sectors Operation Neptune Shield Transportation Worker Identification Card Combating Maritime Terrorism Focus: Improve training, support, & data review/validation Expanded range of scenarios Supported: COTP/Sectors Operation Neptune Shield Transportation Worker Identification Card Combating Maritime Terrorism Mounted Automatic Weapon Project Future updates: Address full scope of threat (Transfer & CBRN Threat) Improve Consequence/ Vulnerability analysis Address 18 of 18 CIKR Support DHS, OGA, States, & other nation’s risk analysis Intro: Displayed here is the risk management timeline and how the Coast Guard has improved in our risk management efforts. Highlights: Earlier Approach (PS-RAT) Limitations No viable threat component Only valid at individual port Assumes total target destruction (Not always plausible – led to wrong consequence values) Inconsistent consequence equivalencies (each port assumed different consequence values) Independent Target class/attack modes (unable to query the data) No ability to determine baseline risk density between ports (Not able to provide national risk profile) MRSRAM Solutions Incorporates threat assessment from Intelligence Community (unique) Enables comparison across ports Incorporate response capability of owner/operator, local first responders and the CG to reduce consequence Defensible / weighted consequence equivalency scale to ensure consistent evaluation between ports Aligned target class/attack modes (allows roll up of data and ability to query the data) Incorporates layered vulnerability evaluation for owner/operator, local law enforcement, and the CG. Required baseline scenarios to compare risk density across ports Provide training to all sector, district and area users Conducted AMSC training to all AMCS 2007 for the PSGP GAO: Good start – improvements needed GAO: Address concerns Addresses 13 of 18 Critical Infrastructure & Key Resources GAO: Most efficient tool for risk management in DHS GAO: Maritime Security only area to receive the grade of “Substantial Progress” 2 2

3 OUR MISSION Homeland Security Act of 2002Prevent terrorist attacks within the United States - (PREVENT) Reduce America’s vulnerability to terrorism - (PROTECT) Minimize the resulting damage if prevention fails - (RESPOND) Recover from attacks that do occur- Ensure economic security - (RECOVER) Homeland Security Act of 2002 MSRAM alignment w/ DHS Mission.

4 MSRAM Analysis Crosses DHS SectorsThe complexity of the marine transportation system and the maritime domain creates a unique opportunity for the Coast Guard due to the vast array of critical infrastructure, assets, key resources, systems, & networks that make up our nation’s riverports, seaports and the maritime domain. Maritime domain is a microcosm of the national economy. Risk crosses all 18 DHS Sectors Similar situation for Localities, Cities, State, National, International risk analysis

5 Support Senior Leadership risk based decision making processMSRAM Risk Calculator The MSRAM was designed to enhance security and reduce the risk of terrorism by identifying and prioritizing critical infrastructure, key resources and high consequence transits and events across sectors using a common risk methodology, taxonomy and metrics to measure security risk at the local, regional, and national levels. Support Senior Leadership risk based decision making process

6 MSRAM Security Risk ConceptThreat Vulnerability Consequence X X = Risk Vulnerability = Achievability X System Security X Target Hardness Consequence = Death and Injury, Primary and Secondary Economic, Environment , National security, Symbolic Impacts X (Less Response Capability) And Secondary Economic Impact Threat = Capability X Intent (with confidence) We get the threat capability and consequence scores from ICC. One of the uniques aspects of MSRAM is that we capture the capability of the layers of system security to reduce vulnerability and 1st responders to reduce consequences. ICC Strategic Threat Mitigated by Interdiction Capability Mitigated by Response Capability

7 MSRAM Risk Components T*C*V=RThe reason MSRAM is unique from other risk models: MSRAM is a risk calculator created by Coast Guard HQ, Areas, Districts and ectors - MSRAM is the only risk model that incorporates threat provided from the intelligence community (ICC) - MSRAM incorporates all other vulnerability assessments (such as the 55 port security assessments) and translates them into common metrics to synergize efforts from other agencies - MSRAM also incorporates a layered defense strategy for vulnerability evaluation (discussed on next slide) - MSRAM integrates other blast and consequence models/studies data into common metrics (i.e. CAMEO, MARPLOT, CHEMTAP, Blast Analysis on CDC Barges, LPGs, and Ferries) Proper risk data from MSRAM allows for confident risk analysis and management MSRAM Risk Analysis scores the Risk of a specific scenario occurring based on the evaluation of T*V*C=Risk. - Scenario = Target and Attack Mode Pairing. - Red = Threat. Threat is provided by ICC. - Gray = is a placeholder for Geographic Threat. This will be developed in the future. - Salmon = Consequence factors. Primary Economic Impact falls within the realm of insurance loss. Secondary Economic Loss falls within the realm of economics. - Light Blue = Recoverability and Redundancy are qualitative values that inform the scoring of Secondary Economic Impact. - Mustard = Vulnerability features that are inherent at a Target. Achievability is how easy it would be for the terrorist to carry out an attack in the absence of system security. Target Hardness is the ability of the target to withstand the attack mode. - Green = Are factors that reduce risk and are the primary focus of the development and evaluation of risk management strategies based on their effectiveness to Prevent, Protect, Respond to and Recover from specific attack scenarios. - Brown = Risk. Risk is expressed as: - A Relative Risk Index Number (RIN) - It is also expressed as a function of Likelihood & Consequence where Likelihood = Threat * Vulnerability Scenario Target / Asset Attack Mode

8 Breadth of MSRAM Risk Information 644,000 Data PointsTarget Factors Target name Target Class Availability Maximum Consequence USCG Role (Lead, Support, Other) Maritime Transportation Security Act Regulated Area Captain of the Port CG Station Port Waterway Latitude / Longitude County (link to FEMA regions) River Mile Marker DHS MCI/KR sector DHS Grant Port Ability to add additional DOD target factors as necessary Scenario Factors (Scenarios = Target +Attack Mode) Threat Intent Capability Consequence Death/Injury Primary Economic Secondary Economic (Recoverability/Redundancy) Environmental National Security Symbolic Response Capability (Owner/Operator, 1st Responders, USCG) Vulnerability Achievability System Security (Owner/Operator, LE, USCG) Target Hardness Risk Organic: 24 hour, steady state owner/operator response Mitigated: risk including impact of USCG & LEA Primary: primary economic impact only Total: risk including secondary economic

9 Depth of MSRAM Risk Information Over 74,000 JudgementsTarget Categories/Classes Barge 10 classes Facility 14 classes Infrastructure 7 classes Key Asset 8 classes Other 2 classes High Population Events Vessel 21 classes Attack Modes Attack by Hijacked Vessel Boat Bomb Boat Bomb (while vessel is present) Car/Truck Bomb Hijacking of Vessel Passenger/Passerby Explosives/Improvised Explosive Devices Sabotage Standoff Weapon Launched from Water and Land (including Man-Portable Air Defense Weapon) Swimmer/Diver/Underwater Delivery Systems Terrorist Assault Team (Hostage Taking) Attack by Hijacked Large Aircraft Small Suicide Aircraft Chemical, Biological, Radiological, Nuclear Cyber Attack Mines (Aquatic) & Mines (Land) Transfer of Terrorist, weapons/materials Ability to add additional DOD attack modes as necessary MSRAM target classes link to DHS sectors

10 MSRAM – Synergizes the Use of Other Risk Tools, Models, and AssessmentsThreat ICC Strategic Threat Analysis Intent w/Confidence Capability w/Confidence Time Horizon when terrorist Capability Acquired Consequence Studies (Blast & Consequence) Plans (AMSP) Tools (Chemtap, Oiltap, CAMEO, Aloha, Marplot) Consequence Data (RMP, GCOA, HASZUS) Vulnerability Assessments (AMSC, VSP, FSP, RAM-D, MAST, PSA, RAMCAP, CRs, SAV, PIVA, HLS-CAM, JISVA, FHWA). Tools (ACAMS, ViSAT) Studies / Grants ( BZPP) Workgroups (SME) MSRAM Risk Calculator MSRAM does not supplant other risk models, rather it synergizes there efforts and puts them through the risk calculator to compare different critical infrastructure to each other providing a prioritized risk ranking of key assets. Consequence AMSP Area Maritime Security Plan CHEMTAP OILTAP CAMEO Computer-Aided Management of Emergency Operation ALOHA Area Locations of Hazardous Atmospheres MARPLOT Mapping Application for Response, Planning, and Local Operational Tasks RMP Risk Management Plan GCOA Gross Consequence of Attack HAZUS-MH Hazards U.S. Multi-Hazard Vulnerability AMSC Area Maritime Security Committee VSP Vessel Security Plan FSP Facility Security Plan RAM-D Risk Assessment Methodology - Dams MAST Maritime Assessment and Strategy Toolkit PSA Port Security Assessments RAMPCAP Risk Analysis and Management for Critical Asset Protection CR’s Comprehensive Review SAV Site Assistance Visits PIVA Port Integrated Vulnerability Assessment HLS-CAM Homeland Security Comprehensive Assessment Model JISVA Joint Installation Security Vulnerability Assessment FHWA ACAMS Automated Critical Asset Management System ViSAT Vulnerability Identification Self-Assessment Tool BZPP Buffer Zone Protection Plan SME Subject Matter Experts Outputs NADB National Asset Database Analyze & Exercise PSAC Protective Security Analysis Center NISAC National Infrastructure Simulation & Analysis Center PREP Preparedness for Response Exercise Program PORTSTEP Port Security Training Exercise Program AMSTEP Area Maritime Security Training Exercise Program TOPOFF Top Officials Outputs Analyze & Exercise Prioritized Risk Ranking - Common Risk Model (NADB) Security Risk Profiles Risk Drivers Data for Risk Management Analysis Risk Management Priorities Strategic Risk Analysis Process Protective Security Analysis Center (PSAC) National Infrastructure Simulation and Analysis Center (NISAC) Coast Guard R & D Center / National Labs Exercises: PREP, PORTSTEP, AMSTEP, TOPOFF

11 MSRAM Data Review Process Local, Regional and NationalHQ Assessment, Review & Analysis Provide consistency/ normalization between Areas RED = Data is at the Secret level 4 To ensure consistency, 160 representatives from Sectors, Districts and Areas were expertly trained by our HQ Division Personnel 6 weeks ago in the use of the MSRAM tool and evaluation process. Unlike the process for PSRAT, MSRAM includes the Districts, Areas and HQ in the evaluation and approval of the data. (this provides a bottom up and top down comprehensive evaluation so the approved data can be rolled-up and used at all levels of the chain of command) NOTE: Based upon input from your staff we plan to conduct a joint District, Area, and HQ review this year. Review and Direction Area Review Provide consistency/normalization between Districts 3 District Review Provide consistency/normalization between Sectors 2 COTP/Sector Assessment with AMSC Input - Identifies risk profile for individual targets 1 Green = Data is at the Security Sensitive Information level

12 Previous Consequence-Based ApproachNuclear Power Plant Cruise Ship Bridge Refinery Waterway Freight Ship Oil Tanker Ferry -Before we had the fidelity of the rigorous data from the MSRAM evaluation process, the CG employed protective strategies on high consequence assets within the AOR. -Now that we have a layered defense strategy involving other federal, state and local agencies, as well as, Owners and Operators of vessels, facilities, resources & infrastructure, the CG has matured in our understanding of risk, our risk management tools and processes, to update our protective strategies toward a risk based approach (as required by the Secretary). CDC Barge Chemical Plant Defense Facility LOW Consequence HIGH Consequence One Dimension Consequence Scale

13 MSRAM creates a Risk-Based Risk-Informed Security ProfileLOW HIGH Bridge - Boat Bomb High Capacity Ferry Terminal- Car/Truck Bomb Ferry – Boat Bomb Displayed here is a risk profile of the port of New York provided by MSRAM I data that was entered by the sector and approved by D1 and LANT area. risk is a function of Likelihood and Consequence. In this risk profile: Likelihood is on the Left side. Consequence is on the Bottom. Each point represents a specific scenario (target & attack mode pairing) and has a corresponding Relative Risk Index Number (RIN). Red represents unacceptable risk Green represents acceptable risk Orange, Yellow & Blue are varying levels of risk tolerance. The curved lines represent groups of like risk. With this understanding, we can adjust our protective strategies from high consequence to high risk. Comparing consequence to risk: On the previous slide we saw Nuclear Power Plants were High Potential Consequence, here we see for a Car/Truck Bomb Attack they are low risk. On the previous slide we saw Cruise Ships were Low Potential Consequence, here we see for a Boat Bomb they are High Risk, for a Car/Truck Bomb they are Medium Risk, and for an Attack by Hijacked Vessel they are Low Risk. Cruise Terminal – Car/Truck Bomb High Capacity Ferry – Boat Bomb National Icon – Boat Bomb Petroleum Refinery – Car/Truck Bomb Cruise Ship - Boat Bomb High Capacity Ferry - Car/Truck Bomb Likelihood (Threat * Vulnerability) Oil Tanker – Boat Bomb LPG Tanker - Boat Bomb CDC Facility – Car/Truck Bomb Cruise Ship - Car/Truck Bomb Nuclear Power Plant – Car/Truck Bomb Cruise Ship – Attack By Hijacked Vessel LPG Tanker – Stand-Off Weapon Bridge – Attack By Hijacked Vessel LOW Consequence HIGH Consequence

14 MSRAM creates reports for analysis Risk by Target ClassUse reports to quickly scan for risk by target classes SAMPLE DATA Risk by Target Class (Sample data) Bridges & Tunnels

15 Comparison of Chemical facilitiesILLUSTRATIVE SAMPLE DATA RISK Chlorine Ammonia LNG

16 MSRAM Analysis – Compare Risk Density by StateSAMPLE DATA

17 MSRAM change case supports Risk Mitigation Decision StrategiesLisa August (OMB), here is the power of MSRAM… MSRAM allows the Operational Commander to evaluate the effectiveness of Operational Strategies for Prevention and Protection and Contingency Plans for Response and Recovery. Recalling: - Each point on the plot represents the relative risk of a scenario. - The relative location of the scenario on the plot provides information useful to Port Security Planners, Federal Maritime Security Coordinators, Area Maritime Security Committees, Area Committees, Exercise Planners & Regulators for the development of risk based mitigation strategies & contingency plans. The Response / Recovery, Prevention / Protection, and Regulatory Regime arrows illustrate types of strategies that a risk manager can employ to reduce risk & in-which relative direction those focused strategies will generally move the risk. - Prevention & Protection strategies reduce Likelihood - Response & Recovery strategies reduce Consequence - Regulatory Regime strategies can reduce both The impact of any strategy is represented by the length & direction of the little arrows connecting two dots. Sector Commanders can evaluate alternative risk profiles: - To develop Operational Plans for MARSEC level changes, special events, & seasonal fluctuation - MSRAM can be used to evaluate grants, & to gain an improved understanding of Risk in their AOR. MSRAM can be used to determine risk on a daily basis to recognize dynamic & static risk. There are finite Authorities, Capabilities, Capacities, Competencies, & Partnerships (ACCCP), which can be applied to reduce that risk. There are activities which specifically speak to reducing risk & Sector Commanders should use a daily MSRAM risk profile to identify the high-risk areas to apply activities to drive down risk to an acceptable level. (from CG-5) Therefore, using MSRAM on a operational level can assist operational commanders to articulate why they should conduct certain activities, & defend why they are not doing other activities with an available, quantifiable, & defendable process. Real Life example: (this is how the Sector Commanders are using MSRAM for the Port Security Grant process)

18 MSRAM National Risk ProfileResponse/Recovery X# target represent top 20% of the total risk X# target represent top 40% of the total risk LIKELIHOOD (Threat * Vulnerability) Regulatory Regime Prevention/Protection X# target represent top 60% of the total risk 18,000+ targets represent 100 % of the total risk CONSEQUENCE

19 Senior Leadership can utilize MSRAM to illustrate High Risk Scenarios by Attack Mode locally, regionally, nationally Attack Modes Car / Truck Bomb Boat Bomb (while vessel is present) Swimmer/Diver/Underwater Delivery Systems Standoff Weapon Launched from Water Attack by Hijacked Vessel Illustrative 3 6 19 11 11 9 18 3 15 12 If we receive a threat advisory for high capacity passenger vessels? This slide illustrates MSRAM’s ability to support decisions in times of crisis by identifying what scenarios are the highest risk, the risk drivers and where they are located. 7 10 13 11 13 12 1 6 13 2 23 18 9

20 demonstration purposesMSRAM assists to identify where are the greatest risks and risk drivers are in your AOR Geographic distribution of high risk attacks in Sector Miami Illustrative for demonstration purposes This slide illustrates the geographic distribution of high risk scenarios within an AOR. The highlights the richness of MSRAM risk information and how it can be used to inform the operational commanders Attack Modes Car / Truck Bomb Boat Bomb (while vessel is present) Swimmer/Diver/Underwater Delivery Systems Standoff Weapon Launched from Water Attack by Hijacked Vessel

21 MSRAM supports Local, Regional and National applicationsStrategic Uses Provides an understanding of: the types of targets and attacks that present the highest risk the risk-based distribution of targets regionally (Risk Density) Strategic planning outcomes measure Support of Strategic planning effort-Combating Maritime Terrorism (CMT) Transportation Worker Identification Credential (TWIC) implementation DHS Port Security Grant Process (risk formula and grant evaluation) National Maritime Security Risk Assessment (NMSRA) National Maritime Threat Assessment Methodology Strategic Operational Planning Process (SOPP) Operational Uses Operation Neptune Shield Geospatial Risk Map Area Maritime Security Plans (AMSP) / Action Plans / Contingency plans Mounted Automatic Weapon allocation project Tactical Uses Incident Command System (ICS) risk management cycle National Special Security Event (NSSE) Communication tool amongst stakeholders-AMS Committee Supports updates to NVIC AMSPs and Facility security plans

22 Global Supply Chain Security RiskMSRAM can assist in determining the risk & interdiction capability along critical nodes International Ship & Port Facility Compliance CBP Booking Information CTPAT 96 Hour Notice of Arrival Container Security Initiative 24 Hour Advance Shipment Notice Entry State / Local DNDO, Deep Water, Domain Awareness Carrier Movements Truck, Rail, Barge Transport Distribution Center Truck, Rail, Barge Transport Port of Lading Trans-shipment Port Port of Entry Truck, Rail, Barge Transport Distribution Center Factory Water Conveyance Air Conveyance DR. Lewis MSRAM Explain that the graphic illustrates a possible supply chain for a commodity from the factory to a retail distribution center. This particular example includes an intermediate transit point. The vessel can be a ship, aircraft, train, or truck. Advance trade data is the information received from all phases of supply chain operations. Point out that a key concept of advance trade data is having more time for analysis of shipments prior to arrival. Commercial benefits include making it easier for the trade to adjust loading and schedules prior to departure or arrival. CFR Critical Network Analysis Transportation Security Regulatory Regime Enforcement Security Risk Analysis

23 Unified Risk Coast Guard Missions Expected Residual Loss (Risk) that the CG has the ability to influence due to: All incidents (excluding transfer of WMD) Important Note: These are not suggested resourcing profiles! Context is required before these profiles are able to meaningfully inform planning and budgeting decisions. MSRAM data contributes to this risk profile

24 Maritime Security Risk Analysis ModelSupport Senior Leadership risk based/informed decision making process “In the absence of emotion and Political influence Risk is where risk is.” Quote by LCDR Brady Downs, USCG during Congressional briefing 2007 Questions? Topics for Discussion!