In March 2006, a water storage tank in the town of Blackstone, Mass., was vandalized by three teenagers, potentially contaminating the water system serving the town’s 9,000 residents. The security breach resulted in a ban on all water use until the water was tested, the system was flushed and it was verified that the water was safe for all uses.
One Blackstone resident said, “I didn’t think it was that easy to get to our water supply.”
Establishing the VA
Protection of public water supplies from terrorism, vandalism and other threats has long been a part of operating a water system. The events of Sept. 11, 2001, however, heightened the concern. As a result, the Public Health Security and Bioterrorism Preparedness and Response Act of 2002 required that all community water systems serving a population of 3,300 people or more complete a vulnerability assessment (VA).
The VA identified the potential threats, critical facilities, critical customers, consequences of losing a critical facility, current status of the facilities with respect to the potential threats, and implementation of improvements, procedures and other mitigation measures to counteract the system’s vulnerability. By June 30, 2004, all water systems were expected to have completed a VA and submitted it to the U.S. EPA.
While many cities and towns have implemented the recommendations of the VA, many have not, potentially leaving their water systems at risk. The recent security breach in Massachusetts and similar events throughout the country emphasize the need to make water system security a continuous process.
Designing a system
The initial step in updating or implementing a security program is determining the utility’s current status. This should be followed by reviewing the VA study recommendations and determing what was implemented and which recommendations are still pertinent. The American Water Works Association (AWWA) security guidance documents and the EPA water security website (www.epa.gov/safewater/security/ ) are excellent tools for reassessing security needs, programs and priorities.
On its website, the EPA identifies “14 Features of Active and Effective Security,” which are organized into four categories below.
- Explicit commitment to security;
- Promote security awareness; and
- Defined security roles and employee expectations.
- Vulnerability assessment (VA) up to date;
- Security resources and implementation priorities;
- Contamination detection;
- Threat-level-based protocols;
- Emergency response plan tested and up to date; and
- Utility-specific measures and self-assessment.
- Intrusion detection and access control;
- Information protection and continuity; and
- Design and construction standards.
- Communications; and
Water utilities can use these guidelines to help shape their VAs and security plans. The VA should be considered a “living document” that is updated on a regular basis (every one to three years) based on changing needs, conditions and standards. This regular review allows you to reevaluate your utility’s vulnerabilities, security practices and responsibilities, and to employ new security tools and technologies. In addition, the review provides utility staff an opportunity to update security-related budget needs on an annual basis as part of the VA update.
Policies and procedures
Organizational and management considerations are generally easy to implement in a water security program. These issues typically involve communication, planning, staff training, and changing policies and procedures. Some examples include:
- Background checks of all employees;
- Key and lock management systems;
- Contractor/vendor/supplier policies for background checks, sign-in/sign-out policies and escorts at critical facilities;
- Cyber-security and information access policies;
- Materials management/emergency procurement;
- Public education and neighborhood watches; and
- Mutual aid procedures.
After developing these policies and procedures, utility managers need to communicate them to their staff and other stakeholders. In addition, security training may be required to ensure that staff understands and can implement the new policies. The AWWA, EPA and Water Environment Federation offer significant training resources, and the AWWA’s security guidance information outlines relevant training for water utility personnel.
Making operational changes can be the most cost-effective method of significantly improving physical security as well as system reliability. Similar to capital security improvements, operational changes should be implemented in a “layered” approach, beginning at the site perimeter and extending to the site, the building, and the building or facility’s systems. These changes should be developed for every facility including source water, intakes and impoundments, wells and pumping stations, treatment facilities, storage facilities and the distribution system. Administration, operations and storage facilities are also critical components and must be included in the security plan.
By now, many VAs and operational procedures utilities put in place as a result of the initial heightened security response may have been stopped or reduced due to changes in priorities, staffing, or a lack of threats or incidents.
Re-energizing the security program with training, defining responsibilities and measuring progress will keep operations focused on the importance of security. An example of general operational practices for a water facility using a layered approach is demonstrated in Table 1, developed by the AWWA.
Physical security improvements for existing facilities are the most difficult to implement due to costs, financing and perceived benefit. Physical security components for new facilities, however, may be easier to implement, as they can be designed and budgeted as a component of the total capital improvement cost.
Both the AWWA and the Great Lakes Upper Mississippi River Board (also known as the Ten-State Standards) proposed physical design considerations for water facilities, including:
- Redundancy or enhanced security features for critical single points of failure;
- Design for effective response or replacement of critical components including standardization, re-procurement lead time, availability of key parts and provision for a critical parts inventory;
- Control of human/vehicle access to facilities including barriers, hardened windows, doors and louvers, intrusion detection, site lighting, video surveillance and alarm monitoring;
- Hardened locking devices, hatches and hard-ware for storage facilities, pumping stations, power stations, vaults, and chemical storage and fill facilities;
- Cyber security measures for SCADA, system networks and other IT-based operations including redundancy, data backup, password security and manual overrides;
- Real-time water quality monitoring with alarms at sources and key areas in the water system for detection of intentional contamination; and
- Facilities and procedures for handling storage, delivery and protection of chemicals and fuel used at all facilities.
Just as with operational changes, physical security systems should also be designed using a “layered” method, requiring an intruder to penetrate multiple separate barriers. The selection of these systems needs to be based on the vulnerability, potential risks and consequences of failure for each facility.
Utilities must also consider their current level of operations—does the utility have sufficient staff to monitor video surveillance and respond to alarms, or staff expertise to maintain the equipment?
Because implementing physical security improvements can be expensive and often competes with other capital projects, they will require prioritizing and phasing. A typical cost-benefit analysis is difficult to use in these evaluations, as many of the benefits cannot be converted to a monetary value; however, using a numerical risk-reduction technique can help quantify the effectiveness of proposed security improvements.
Keeping water system security as an active part of the operations of a water system is a difficult task. Implementing a process that continuously monitors progress and effectiveness is critical to keeping our public drinking water safe and our systems secure from potential threats.
Several methods can help overcome the tendency to forget about the importance of security:
- Identify managers and staff who are responsible for security;
- Establish security expectations;
- Incorporate security procedures and responsibilities into job descriptions and standard operating procedures;
- Provide training on a regular basis to existing and new employees;
- Develop specific measures and perform self assessments;
- Keep vulnerability assessments and emergency response plans up to date; and
- Communicate the status and activities to staff, public safety officials, regulators and the community (as appropriate).
There are hundreds of water security resources available to assist in developing, improving and implementing a water system security plan. The EPA and AWWA websites provide resources and links to other organizations specifically related to water system security. These resources, tools, training programs and guides will make implementation of specific issues or programs much easier.
Our world has changed, and water system security will forever be a critical component of operating and maintaining a public water system. It is the water supplier’s responsibility to make sure the health and safety of its customers and community are protected and that security is always a priority.