Joint Security Workshop Budapest, 28

1
Joint Security WorkshopBudapest, 28 29 April 05

• Industrial Safety Security Issues
• Are we going beyond Seveso?
• Maria.stangl_at_stmk.gv.at

2
(No Transcript)
3
Safety Security

• Industrial Safety Security

• R/H-Assessment
• Internal sources
• -Human
• -Technical
• -Technological
• External sources
• Other establ.
• Transport
• Infrastructure
• human
• ?
• MAPP
• ?
• SR SMS IEP
• ________________
• ?
• EEP
• LUP, Inspection

• Vulnerability assessment
• - threats
• ......
• Human factor
• Employees
• Subcontractors
• Unauthorized personnel
• Visitors
• Clients
• intruders
• Terrorists
• ______________
• ?

4
Current status of Seveso

• Operator
• Risk/hazard assessment
• Internal sources
• Technical
• construction operation of installations
• Technological
• storage use of DSs
• (chemical) processes
• commissioning, shut down, maintenance
• Human factor
• Including own personnel subcontractors
• Organization management (incl m of change)
• Instruction training

5
Current status of Seveso II / 2

• External sources
• Other (Seveso) establishments
• Transport
• Infrastructure
• Natural hazards
• Earthquakes
• Flooding
• Avalanches
• Landslides
• storms

6
Current status of Seveso II / 3

• Human factor
• Visitors
• Clients
• Other unauthorized persons
• adversaries
• Thieves, intruders, protesters, terrorists
  (???)

7
Current status of Seveso II / 3

• MAPP
• safety policy
• SR, SMS, (IEP)
• Documentation and demonstration of safety
  performance (incl internal planning for
  emergencies)

8
Current status of Seveso II / 4

• Seveso related Authorities
• Assessment of safety documentation
• External emergency planning
• Land use planning
• Inspection
• Prohibition of use / operation

9
Current status of Seveso II / 5

• The tasks both of the operator and the Seveso
  related Authorities is to aim at industrial
  safety under the regime of the current Seveso
  II Directive. Safety is considered in relation
  to (properties of) dangerous substances. The
  human factor mainly is taken into account in
  relation to non intentional ( accidental)
  actions (human failure).
• So far, security issues have not been part of
  these tasks.
• Do we have to go beyond?

10
Security issues

• Elements to be considered in addition to
  classical Industrial safety assessment
• vulnerability assessment how vulnerable are
  onsite assets, such as people, information and
  properties (installations buildings) to
  potential threats?
• Potential threats other than considered in a r/h
  assessment under the Seveso regime can be

11
Security issues /2

• Sabotage
• Cyber attack
• Workplace violence
• Theft (different motivations)
• Fraud
• Product contamination
• Infiltration by adversaries
• Attack on a chemical plant as part of chemical
  and biological terrorism
• assault

• Trespassers committing vandalism or setting fire
  for fun
• Protesters intruding into the plant
• Bomb threats
• Workplace drug crime
• Theft of confidential information
• computer hacking

12
Security issues /3

• Product tampering
• hands off threats such as cutting electricity,
  telephone etc
• Disruption of cooling systems
• Creation of destructive or hazardous conditions
  through modification of fail-safe mechanisms, etc.

• Other......

13
Security issues /4

• Measures and Consequences
• Prevention strategies See sample..

14
Security issues /5

• Management issues, such as
• security policy,
• internal and external collaboration,
• incident reporting and analysis,
• employee and contractor training and security
  awareness,
• investigations of suspicious incidents and
  security breaches,
• Emergency response and crisis management
• Periodic reassessment

15
Security issues /6

• Physical security
• Access control
• Perimeter protection (keeping intruders
  offsite)
• Security officers
• Backup systems
• Other measures, such
• as entering post control
• etc

16
Security issues /7

• Employee and Contractor Security Issues
• Hiring and employment termination practices
• Workplace violence prevention and response

17
Security issues /8

• Information, Computer and network security
• Operations security
• Spoken information security
• Computer and network security
• Audits and investigation

18
Security issues /9

• The tasks of the operator concerning Security
  issues aim mainly at assessing the vulnerability
  of his assets and to take preventative measures
  against intentional actions performed by
  adversaries both onsite, such as own personnel
  contractors and offsite, such as thieves,
  demonstrators other intruders, lunatics,
  terrorists etc. The human factor mainly is
  taken into account in relation to intentional
  adversary actions. Collaboration with Security
  Authorities on local, regional and national level
  will be necessary (police forces, home-affairs
  authorities, intelligence services etc)

19
Security issues / 10

• Taking Security issues into account may be
  already good management practice to a certain
  extent.
• There are many open questions, especially with
  respect to terrorism (e.g. can we develop a
  typology of terrorists or a typology of
  terroristic acts related to chemical
  substances?)
• These tasks go far beyond the current Seveso
  regime.

20
Current status in Austria... Beyond Seveso II....

• RTD
• 2005 high-level study on Austrian status and
  needs for security research (Austrian Academy of
  Sciences, Austrian Research Centers ARC, eds)
  Industrial Safety Security (Seveso-type) is
  no priority
• ?There may be a special need for this research
  type in Austria

21
Current status in Austria /2... Beyond Seveso
II...

• Operators
• Awareness of operators many operators have
  security control measures in place, such as
  access control, fences, video-control of the
  premises, etc
• Protection against adversaries
• Protection against terrorist attacks in most
  cases is not considered
• mostly international companies
• ?enhancing awareness??

22
Current status in Austria /3... Beyond Seveso
II...

• Authorities
• Security Authorities have special requirements in
  place to protect certain vulnerable properties
  (including industrial establishments
  infrastructures)
• In Styria cooperation between Regional Security
  Authority ( Police) and Regional
  Seveso-Authority agreed upon recently
• ?joint workshop with operators intended

23
Literature other sources

• Dir 96/82/EC Seveso II Directive
• Amendment Directive 2003/105/EC
• Wettig J. and S. Porter, The Seveso II Directive,
  Feb 1999
• Seveso and Security, EC-DG Env, 12th CCA
  Amsterdam
• EC Communication 12 Dec 03, A Secure Europe in a
  Better World
• EC Doc EUR 21110, Research for a Secure Europe

24
Literature other sources 2

• American Chemistry Council, Chlorine Institute
  Inc., Synthetic Organic Chemical Manufacturers
  Ass. (eds) Site Security Guidelines for the US
  Chemical Industry, 2001
• Chemical Security Preparedness Seminar, Atlanta,
  2001
• Richards Stephen, Security Issues Stratgies,
  BP Chemicals
• Rosera Richard S. Small Chemical Plant Site
  Security Case Study
• Tonetti Rob, Chemical Securtiy Seminar, Ashland

25
Literature other sources 3

• EU Workshop onSimulation Exercises on Chemical
  Terrorism Events, Luxembourg, 7-8 Feb 2005
• Coleman Gary, The Development of Generic
  Scenarios and Chemical Lists for Terrorist
  Chemical Attack (GSCT, EU Proj. No 2003217)The
  development of Generic Scenarios
• Leeuw, M.W., Assessment of the vulnerabilities of
  societies to terrorist acts employing RBC agents
  to assist in developing crisis management studies
  (EU Project IMPACT)
• Russel D., A matrix for prioritizing chemicals
  and public health actionsa for the prevention,
  preparedness, response and recovery related to
  terrorist events

26
Literature other sources 4

• Österreichische Akademie der Wissenschaften
  Austrian Research Centers (ARC) (eds)
  Sicherheitsforschung Begriffsfassung und
  Vorgangsweise für Österreich, Wien, 2005
• (Austrian Academy for Sciences Austrian
  Research Centers (ARC) (eds) Security Research
  Definition and procedures in Austria, Vienna,
  2005)

27
The End

• Thank you for your attention.
• Questions and Answers??