HOMELAND and NATIONAL SECURITY

Aviation Security: The United States and its citizens remain targets for terrorist groups seeking to challenge or influence domestic and international affairs. Thus, protecting air travelers against terrorist and other criminal acts is a homeland and national security priority. After the terrorist attacks of September 11, 2001, the President signed the Aviation and Transportation Security Act (P.L. 107-71), establishing the Transportation Security Administration, and charging it with carrying out this important responsibility. Public confidence in the safety and security of air travel enables its continued growth, and tourism and world economies depend on effective aviation security measures being efficiently applied. Governments, airlines and airports must work together cooperatively to achieve our common goal - safe and secure air transportation worldwide.

2002 Results: There were no performance targets established for FY 2002.

TSA’s performance highlights in FY 2002 are:

▪ took immediate steps to secure the cockpit against hijacking by significantly expanding the Federal Air Marshal program and reinforcing commercial aircraft cockpit doors. Administered a $100 million Federal grant program to help the U.S. airline and cargo industry finance aircraft cockpit doors modifications;

▪ hired 148 Federal Security Directors, who are responsible for nearly 400 airports;

▪ hired more than 36,000 security screeners and deployed Federal screeners to 142 airports;

▪ established a customer service call center, a coalition to advice TSA on passengers with disabilities, and other initiatives to promote communication and responsiveness to the flying public;

▪ purchased over 1,000 explosives detection systems and 3,700 explosive trace detectors for screening checked and carry-on baggage; and

▪ continued research and development on technologies and procedures to enhance transportation security - including CAPPS II, an advanced automated profiling system to focus screening.

FY 2003 Performance Plan Evaluation: DOT met the passenger screening Federalization deadline, and with new authority provided in the Homeland Security Act of 2002, met the baggage screening deadline, and will ensure that explosive detection technology is in full use for baggage screening as soon as possible in FY 2003.

Management Challenge – Aviation and Transportation Security (IG/GAO)

The IG and GAO have previously noted that challenges exist in effectively meeting national requirements for improving security in aviation and surface transportation. After the terrorist attacks of September 11, Congress passed and the President signed the Aviation and Transportation Security Act, which created an Under Secretary of Transportation for Security, and a new DOT Operating Administration - the Transportation Security Administration.

TSA efforts for 2002 mostly focused on addressing aviation security and meeting deadlines established in the Aviation and Transportation Security Act. TSA met the unprecedented challenge to hire and train a federalized workforce to screen all passengers and their carry-on baggage by November 19, 2002, and, for the most part, to deploy the necessary equipment and federalized workforce to meet the December 31, 2002 deadline to screen all checked baggage. At the same time, TSA significantly expanded the Federal Air Marshals program with more flights being guarded now than anytime in history.

However, TSA’s work is not done. Until TSA is transferred to the Department of Homeland Security in March 2003, DOT must continue to take the lead for the Government’s increased aviation security responsibilities, including completing deployment of explosives detection equipment to the remaining airports where alternate screening methods are employed, and developing plans for expanding security in all modes of transportation. The primary responsibility will move with TSA to the new Department of Homeland Security.

DOT’s focus in FY 2003 will be to ensure effective aviation security, to ensure an effective transition of these two DOT administrations to the new department with no loss of effectiveness, and to develop methods for working effectively with DHS on the overlapping issues of transportation security and safety. This issue continues on the IG’s 2003 list of DOT top management challenges.

Public Transportation Security Initiatives

Since September 11, 2001, FTA has helped prepare the transit industry to counter terrorist threats. To date, FTA has:

▪ completed 37 threat and vulnerability assessments and provided feedback to individual agencies on how to improve their security systems and reduce vulnerabilities, as well as information on “best practices” to all transit agencies;

▪ deployed emergency response planning and technical assistance teams to the top 50-60 transit agencies to help them implement systematic security programs;

▪ awarded 83 grants for emergency responder and transit agency drills to test and improve security and emergency response plans;

▪ accelerated testing and deployment of the PROTECT system for chemical detection in subway systems;

▪ FTA also completed 11 short-term, quick payoff research projects identified by the transit industry;

▪ facilitated training and regional collaboration through security awareness courses for front line employees and supervisors, and regional forums to promote regional collaboration and coordination among fire, police, and medical emergency responders and transit; and

▪ developed a list of Security Program Action Items that transit agencies should incorporate into their System Security Program Plans.

Strategies for FY 2003

With the knowledge and expertise acquired, FTA is enhancing its strategies and moving forward to further enhance transit security. FTA will continue to tap the expertise of TSA, the intelligence community, the transit industry, and others to help strengthen transit security, as follows:

Reducing America’s Vulnerability to Terrorism: FTA is working with the transit industry to identify critical, high-risk assets and operations, and is developing a broad range of strategies to increase security. These strategies must become an integral part of daily transit operations and will include special emphasis on training, as well as technical assistance, guidelines, best practices, and testing of available technologies for intrusion detection, surveillance, and chemical and biological substance detection. FTA will provide on-site technical assistance to the largest 60 transit agencies to assist them in updating and enhancing their security system programs. This will include implementing protocols for handling suspicious packages and chemical/biological incidents, as well as addressing the twenty priority security program initiatives that have been identified by FTA. Chem/bio guidelines have been developed and an updated transit security guidebook will be published.

Minimizing Damage and Speeding Recovery: FTA’s ongoing security program will work to promote regional coordination, communication, and shared drills among transit and emergency responders. Training and emergency response preparedness are top priorities for quickly enhancing transit security. FTA will complete the regional forums and collect best practices and develop training from the full-scale emergency response drills and tabletop exercises. Security courses at Transportation Safety Institute and National Transit Institute are under review. They will be updated and a comprehensive curriculum will be defined.

Management Challenge – Computer Security (Department-wide and FAA) (IG/GAO/OMB)

The IG, GAO, and OMB have identified information system security as a critical government-wide management challenge, and in particular, have identified FAA air traffic control information systems as needing special attention to harden them against malicious or criminal attack.

The DOT Chief Information Officer (CIO) will lead intermodal efforts to ensure the continued security of our transportation information systems to make IT systems less vulnerable to attack and other service disruptions, including those caused by natural disasters.

The Computer Security Challenge presents itself on two fronts: 1) protection of all IT assets as required by the Computer Security Act of 1987, the Government Information Security Reform Act (GISRA), OMB Circular A-130, National Institute of Standards and Technology guidance, etc.; and, 2) specific protection of critical IT assets in accordance with Presidential Decision Directive 63 (PDD-63).

DOT established an IT Security Program requiring:

▪ that all DOT IT systems be assessed to identify vulnerabilities;

▪ that vulnerabilities be evaluated and mitigated where justified; and

▪ that systems be tested and certified as adequately protected.

In FY 2002

▪ DOT CIO developed a comprehensive Information Technology Security Performance Measurement (IT SPM) program to identify and track quantifiable results related to key IT security metrics. DOT reduced GISRA program related weaknesses by over 40 percent and reduced vulnerabilities in the primary “demilitarized zone” (DMZ) by over 70 percent a month.

▪ DOT instituted a robust training and awareness program, focused on developing and providing specialized training to IT security personnel. DOT provided awareness training to more than 99 percent of all employees, provided specialized training in certification and accreditation (C&A) and network security to more than 90 percent of the Agency-level Information Systems Security Officers (ISSO).

▪ DOT developed and began implementing a comprehensive policy for integrating IT security into the Capital Planning and Investment Control (CPIC) process, with Agency ISSOs participating as members of the CPIC Review Board. IT security policy is embedded in each phase of the CPIC and the system development life cycle through security costs estimation methodologies.

▪ DOT developed and executed an Incident Reporting Policy Memorandum and began reporting incidents on a weekly basis to the Federal Computer Incident Response Center (FedCIRC), the National Infrastructure Protection Center (NIPC) and other law enforcement agencies as required. DOT is implement intrusion detection systems (IDS) at critical access points throughout the DOT backbone and on NHTSA, RSPA and FAA local area networks. FAA, in particular, has made significant improvements in implementing and monitoring network and perimeter security.

▪ DOT published comprehensive network security guidelines and began a Web Server Vulnerability Testing Program in the DOT DMZ. Based on this program, vulnerabilities decreased from an average of more than 200 incidents a month to fewer than 30 a month for systems within the DMZ.

For FY 2003, DOT established a contract for an enterprise-wide vulnerability-scanning tool. This contract was the result of an FAA testing project and provides all DOT organizations with an effective, cross cutting cost solution for vulnerability testing.

FAA has developed a concept of operations, approach, and major milestones to address information security issues and protect information assets. FAA’s approach focused on protecting the operational capability of its facilities, which requires an integrated approach to information systems, personnel, and physical security at each facility. Other efforts included authorizing and certifying computer security systems, security awareness training, vulnerability assessments, and improving intrusion detection capability, and to develop methods for working effectively with DHS on the overlapping issues of transportation security and safety. This issue continues on the IG’s 2003 list of DOT top management challenges.

Coastal and Seaport Security: The Department, through the Transportation Security Administration and the U.S. Coast Guard, provides an essential maritime element of homeland and national security. DOT’s maritime homeland and national security functions are anchored in coordinated interagency law enforcement, coastal sea control, and port security.

Performance measure:

Percent of high interest vessels screened.

1999 2000 2001 2002

Target: N/A N/A N/A ##

Actual: N/A N/A N/A ##

## Not published due to sensitive security information being protected under 49 CFR Part 1520.7(r).

2002 Results: DOT met the performance target.

DOT’s FY 2002 actions to ensure seaport and cargo security included:

▪ USCG protection of high consequence targets, including critical bridges, port facilities and other infrastructure; a permanent regulation requiring 96-hour advance notices of arrival for ships arriving in U.S. ports; tracked inbound high-interest vessels in cooperation with the Office of Naval Intelligence; and disseminated intelligence on passengers, crew, and cargoes to partner agencies; and deployed Sea Marshals and small boat escorts to ensure positive control of vessels containing critical cargoes and in sensitive areas;

▪ MARAD’s work with maritime industry to examine and address security issues and policy and heightened security at its Ready Reserve Force fleet sites and outports;

▪ TSA’s, MARAD’s and an inter-departmental Credential Direct Action Group’s examination of ways that advanced technologies, including smart cards, biometrics and public key infrastructure, could be used throughout the maritime and related industries to identify employees working in security-sensitive areas; and TSA/MARAD/ USCG’s distribution of $93 million in grants to seaports for security assessments and enhanced facility and operational security; and

▪ SLSDC’s close partnership with its Canadian counterpart and USCG to heighten security on the St. Lawrence River and ensure the protection of ocean access to Great Lakes ports.

An interagency Container Working Group established by the Secretary of Transportation and co-chaired by the Department of the Treasury, worked to address security issues surrounding the movement of marine cargo containers through the international and intermodal transportation system. The Container Working Group focused on information technology, security, business practices, and international affairs, and made recommendations to improve international container security efforts and increased use of advanced technologies to improve container profiling.

“Operation Safe Commerce,” co-led by DOT, was initiated by the private sector as an attempt to make the supply chain more secure. This effort seeks to move the primary reliance away from control systems at U.S. ports of entry and toward improved controls at points of origin and along the way. It relies on using new technology such as electronic container seals to strengthen the security of cargo as it moves along the international supply chain. Efforts center on the following:

▪ ensuring that containers are loaded in a secure environment at the point of product origin, with 100 percent verification of their contents;

▪ using pressure, light, or temperature sensors to continually monitor containers throughout their overseas voyage to the point of distribution in the United States; and

▪ using cargo-tracking technology to track containers at all points in the supply chain, including delivery of cargo inside containers to consignees.

The three largest container port complexes (Los Angeles/Long Beach, New York/New Jersey, and Seattle/Tacoma) are involved in the Operation Safe Commerce pilot project addressing security vulnerabilities posed by containers entering the U.S. through seaports. These projects will help determine which procedures and technologies constitute the best practices in supply chain security.

DOT and other Federal agencies are working with international organizations [the International Maritime Organization (IMO), the International Organization for Standardization (ISO), the International Labor Organization (ILO), and the United Nations Subcommittee of Experts on the Transportation of Dangerous Goods] to accelerate, where possible, the deadlines for implementation of important new security requirements.

USCG continues to make progress in providing the required number of “combat ready” units to meet Combatant Commander operational requirements in wartime and peacetime. The Coast Guard contributes high endurance cutters, patrol boats, Law Enforcement Detachments, and Port Security Units to DOD Combatant Commanders’ war plans. High endurance cutters met readiness requirements 84 percent of the time. Readiness degradations stemmed from equipment casualties and unit training deficiencies. This is a seven percent drop from last year, but deficiencies were manageable and quickly remedied on notification of a scheduled deployment. Patrol boats met readiness objectives 100 percent of the time. Though Port Security Units achieved acceptable readiness ratings only 25 percent of the time, recruiting incentives, increases in unit budgets and establishment of a formal training and standardization program have been established to close readiness gaps.

The challenges associated with operating an aging cutter fleet are well recognized and the Coast Guard is taking steps to ensure replacement assets are brought into action without the transition degrading current capability.

USCG supplementary performance measure:

Percentage of days that the designated number of critical defense assets (high endurance cutters, patrol boats, and port security units needed to support DOD operational plans) maintain a combat readiness rating of 2 or better.

1999 2000 2001 2002

Target: N/A 100 100 100

Actual: 4 51 67# 70

# Three-quarter year data since fourth quarter data did not survive the attack on the Pentagon.

FY 2003 Performance Plan Evaluation: DOT cannot characterize Transportation Security Administration and Coast Guard performance for FY 2003, since they will be a part of the new Department of Homeland Security.

Management Challenge – Cargo Security (IG)

The IG has stated that strengthening cargo security is a major management challenge facing DOT. Ensuring robust port and maritime security is a national priority and an intermodal challenge, with impacts in America's heartland communities just as directly as the U.S. seaport cities where cargo and passenger vessels arrive and depart daily. The U.S. has more than 361 ports containing more than 3,700 passenger and cargo terminals. Current growth predictions indicate that container cargo will double in the next 20 years. The biggest cargo security challenge facing DOT is how to ensure that legitimate cargo is not unnecessarily delayed as we introduce enhanced security measures against security threats.

Management Challenge - Coast Guard Capital Acquisition Budget (IG/GAO)

The IG and GAO have stated that DOT needs to:

▪ stabilize Coast Guard's missions and budget requirements in light of post-9/11 priorities;

▪ make progress on Deepwater, while at the same time moving with dispatch on National Distress and Response System and Search and Rescue procurements;

▪ meet the enhanced Coast Guard port security mission, while continuing to effectively meet Coast Guard's other responsibilities; and

▪ ensuring the planning progress includes a realistic level of funding and using a process to assess the readiness of proposed technology.

Deepwater Capability Replacement. The Coast Guard is in the midst of the largest acquisition project in its history. On June 25, 2002, the Coast Guard awarded the Integrated Deepwater System contract to Integrated Coast Guard Systems (ICGS), a joint venture of Lockheed Martin and Northrop Grumman. In executing the contract, ICGS will modernize or replace the Coast Guard’s major cutters and aircraft and their supporting communications, sensors, and logistics systems, transforming the aging current fleet into an integrated, interoperable network-centric system. This innovative, performance-based approach manages acquisition risk by using state-of-the-market technologies. The overall goal of this unique acquisition project is to develop an integrated system that maximizes operational effectiveness while minimizing total ownership costs.

The IG identified the Coast Guard Search and Rescue program’s effectiveness as needing additional focus due to staffing, training and capital asset readiness problems; particularly with regard to budget and acquisition schedule estimates for replacing the National Distress System (NDS). The Coast Guard is currently undertaking the major task of modernizing the NDS. Through a six year, $611M contract with General Dynamics, the Coast Guard will upgrade the existing system to meet the safety requirements of growing marine traffic and the International Convention for the Safety of Life at Sea treaty. The acquisition project, named “Rescue 21”, will expand existing capability through greater area coverage, eliminate emergency access problems, comply with Federal mandates for narrow banding, provide voice recorder replay, and add direction finding capability to improve Coast Guard emergency response. In FY 2003, Rescue 21 deployments will begin in southern New Jersey, the Eastern shore of Maryland and Virginia, the Strait of Juan de Fuca and Puget Sound, Washington; the panhandle and west coast of Florida, and south Alabama and Mississippi. Rescue 21 deployments in the continental U.S. will be completed by September 2005 with all regions completed by September 2006. Training and staffing are discussed above under the Maritime Safety performance results.

The Coast Guard’s acquisition projects remain on the IG’s top management challenges list for 2003.

Strategic Mobility: To maximize DOD’s logistics capability and minimize its cost, defense sealift increasingly relies on the U.S. commercial sector. DOD’s ability to respond to military contingencies requires adequate U.S.-flag sealift resources, skilled U.S. maritime labor, and the associated maritime infrastructure. DOT helps provide for a seamless, time-phased transition from peacetime to wartime operations while balancing the defense and commercial elements of our transportation system. The Ready Reserve Force (RRF) is a key source of strategic sealift capacity to support the rapid deployment of U.S. military forces during the early stages of a military crisis. Merchant mariners employed on commercial vessels in the U.S. domestic and international trades provide the core job skills needed to crew the RRF. The Maritime Security Program (MSP) and the Voluntary Intermodal Sealift Agreement (VISA) program ensure that the active U.S.-flag fleet is available for sealift while continuing to carry commercial freight. Merchant mariners employed on these and other vessels in the U.S. domestic and international trades provide the crew to simultaneously operate both the RRF and the commercial fleet during wartime. DOT is responsible for establishing DOD's prioritized use of ports and related intermodal facilities during DOD mobilizations, when the smooth flow of military cargo through commercial ports is critical.

Performance measures:

Percentage of DOD-required shipping capacity complete with crews available within mobilization timelines.

1999 2000 2001 2002

Target: N/A N/A N/A 93

Actual: 97 92 97 94

Percentage of DOD-designated commercial ports available for military use within DOD established readiness timelines.

1999 2000 2001 2002

Target: 90 90 93 92

Actual: 93 93 92 92

2002 Results: DOT met both performance targets for DOD-required shipping capacity and for DOD-designated port availability.

MARAD also achieved its target of 99 percent RRF ship mission-capability while under Military Sealift Command control, but did not achieve its 100 percent target for timely ‘no-notice’ RRF ship activations (97 percent on-time activation rate). Beginning in FY 2002, on-time activation includes a requirement that activated ships successfully complete a 72-hour sea trial upon activation. MARAD is conducting additional repairs to ensure successful activations. MARAD was slightly below its 165,000 twenty-foot equivalent units (TEUs) target for the amount of available sealift capacity within the MSP/VISA fleet (164,271 TEUs).

MARAD estimates that sufficient mariners were available to crew the available shipping capacity, however, the number of mariners declined significantly since many mariners did not upgrade their licenses to meet new, more stringent standards for maritime training and certification implemented in 2002.

FY 2003 Performance Plan Evaluation: DOT will meet both performance targets in FY 2003. In November 2002, a larger vessel will replace a vessel in the MSP and provide the additional necessary TEUs.

Drug and Migrant Interdiction: Illegal drugs threaten our children, our communities, and the social fabric of this country. Illegal immigration also poses a serious threat to America’s economic and social well being, and challenges the integrity of our borders as a sovereign Nation. Approximately 52,000 deaths occur annually in America from drug abuse and drug-related crimes, accidents, and illnesses. An untold number of illegal migrants perish each year when overloaded and un-seaworthy vessels founder at sea.

Performance Measures:

Amount of drugs seized or destroyed at sea (metric tons).

1999 2000 2001 2002

Target: N/A N/A N/A 75

Actual: 78.7 83.2 78.6 71.9

Interdict and/or deter at least 87 percent of undocumented migrants who consider attempting to enter the U.S. via maritime routes.

1999 2000 2001 2002

Target: 87 87 87 87

Actual: 86.7 89 82.5 88.3

2002 Results: DOT met the illegal migrant interdiction performance target, but did not meet the drug interdiction performance target.

Although the flow of cocaine toward the U.S. remains relatively high, USCG cocaine seizures dropped by about 15 percent from FY 2001. There are two reasons for this drop in performance:

▪ the apparent increase in the smugglers' willingness to destroy their vessels rather than face interdiction and prosecution. For example, upon approach for boarding, smugglers scuttled two vessel strongly suspected of transporting a total of over 20 metric tons of cocaine. Had these drugs been seized, the Coast Guard would have set a new record for fiscal year total seizures.

▪ the Coast Guard’s FY 2002 focus on coastal and seaport security required shifting some effort from drug interdiction.

USCG stopped 4,104 illegal immigrants from reaching the U.S. Most of the illegal migrants successfully interdicted and returned were from the Caribbean. Cuban migration was steady but slightly less than previous years. Haitian migrant flow was higher than last year and this is expected to persist. In the Pacific, almost 1,500 Ecuadorian migrants were interdicted in eight events. People’s Republic of China (PRC) migration was slightly higher than last year, but remained low overall. Guam and the U.S. Virgin Islands will continue to remain attractive targets for future PRC migration since they are the closest points of entry along traditional migration routes.

USCG supplementary performance measure:

Percent of cocaine seized that is shipped through the transit zone (high seas between source countries and the United States).

1999 2000 2001 2002

Target: 12.5 13.0 15.0 18.7

Actual: 12.2 10.6 11.1 10.3#

# Preliminary estimate based on 2001 cocaine flow quantity.

FY 2003 Performance Plan Evaluation: DOT cannot characterize Coast Guard performance for FY 2003, since the Coast Guard will be a part of the new Department of Homeland Security. As requested resources for port and coastal security come on stream, the Coast Guard will be increasingly able to restore levels of effort to drug interdiction.

STRATEGIC OBJECTIVE: Ensure the security of the transportation system for the movement of people and goods, and support the National Security Strategy.

Performance Summary:

FY 2001 Final Performance Report

	1996	1997	1998	1999	2000	2001	2002	2002 Target	Met	Not Met
Percent of high interest vessels screened.	N/P	N/P	N/P	N/P	N/P	N/P	N/P	N/P	ü
Percentage of DOD-required shipping capacity complete with crews available within mobilization timelines.	N/A	N/A	N/A	97	92	97	94	93	ü
Percentage of DOD-designated commercial ports available for military use within DOD established readiness timelines	64	57	93	93	93	92	92	92	ü
Amount of drugs seized or destroyed at sea (metric tons).	27	94	52	79	83	79	72	75		ü
Interdict and/or deter at least 87 percent of undocumented migrants who consider attempting to enter the U.S. via maritime routes.	92	94	91	87	89	83	88	87	ü