Science, Technology, and Security: Knowledge for the Post-9/11 World logo Symposium October 10-11, 2002 logo
shim
Workshop Report button
Workshop Background button
Executive Summary button
Integrated Summary button
Integrated Summary PDF button
Panel Leader Remarks button
Breakout Groups button
Contributed Material button
Sponsored by the Center for Science and Technology Policy Research

U.S. Water Security Report

November 15, 2002

Introduction:

US water supply and treatment facilities are part of US critical infrastructure as defined in Presidential Decision Directive 63 (PDD-63). The events of September 11, 2001 demonstrated the ability of terrorist groups to carry out large scale attacks within the US, and these events increased the urgency of assessing the vulnerability of US infrastructure and devising mitigation measures to reduce such vulnerability. Government and private sector analyses indicate that US water supply and treatment facilities are indeed vulnerable to disruption and contamination and that the development of effective strategies to mitigate this vulnerability is a major challenge. There are multiple aspects to this problem:

  • Water supply and treatment facilities have evolved over more than a century into many complex webs of large-scale physical infrastructure (dams, pumps, pipelines, treatment plants, etc.). There are about 55,000 separate water systems in the US. This distributed set of systems means that the national "U.S. water system" has relatively low vulnerability (an attack on the entire nation's water system would be very difficult to carry out), but there is typically only one water treatment and supply system in any given area, meaning that local vulnerability is higher.
  • The operation and maintenance of this physical infrastructure is highly dependent on information technology (for command, control, and ongoing analysis) and reliable energy supplies.
  • The distribution and exchange of information about vulnerability and mitigation strategies is complicated by concerns over making such information widely known. The industry and regulatory structures are in the midst of shifting from a paradigm of openness to one of restricted information. The initial reaction to September 11 has been to curtail the distribution of information about vulnerability; unfortunately, such information is exactly what system operators need to define and implement mitigation measures.

Background

  • The United States Environmental Protection Agency (USEPA) sets and enforces regulatory requirements for safe drinking water under the authority of the Safe Drinking Water Act. The USEPA sets broad regulatory goals that drinking water must meet, and administers a program that allows enforcement of drinking water regulations by individual state agencies.
  • The USEPA was named the Sector Liaison - the lead federal agency - to work with water utilities in providing increased security to water. This designation was made in relation to PDD-63 in 1998. However, the USEPA had not aggressively pursued security as an issue, nor had it developed considerable expertise in the area of security, prior to September 11, 2001.
  • PDD-63 promoted a voluntary public-private partnership to address water security needs. The Safe Drinking Water Act (SDWA) had no specific requirements addressing security of drinking water systems until the SDWA was amended by the "Public Health Security and Bioterrorism Preparedness and Response Act of 2002." President Bush signed this act on June 12, 2002. This act requires water utilities serving more than 3,300 people (approximately 8,000 water utilities) to conduct vulnerability assessments and to update their emergency response plans by certain deadlines.
  • Forty-nine states across the country are authorized by the USEPA to enforce drinking water regulations in their states. Each of these forty-nine states has developed their own regulatory strategy and approach to enforcing drinking water regulations. The USEPA directly enforces drinking water regulations in the state of Wyoming. It is expected that most of these state drinking water agencies will play some role in addressing security at drinking water utilities. The Association of State Drinking Water Administrators (ASDWA) represents state drinking water administrators from across the country.
  • The 55,000 drinking water utilities across the country vary widely in size and operations, and they are not organized on any one common basis. Some of these utilities are huge, such as the Metropolitan Water District of Southern California, which handles water that is consumed by approximately 17 million people, employs approximately 2,000 fulltime employees, and wholesales water to almost 30 member agencies who in turn sell the water to individual customers. Many more drinking water utilities are very small, serving water consumed by a few hundred people or less, and often not even having a full time operator. Common associations and organizational lines for these diverse utilities include:

    • The Association of Metropolitan Water Agencies (AMWA) that represents approximately the largest 100 public drinking water utilities across the country. AMWA focuses on representing these 100 utilities in governmental regulatory and policy issues. AMWA was named the Sector Coordinator for water security issues in the public-private partnership anticipated in PDD-63.
    • The National Association of Water Companies (NAWC) that represents private (investor owned) drinking water companies across the United States.
    • The American Water Works Association (AWWA), which represents approximately 5,000 public and private drinking water utilities, and approximately 50,000 individual members, across the country in both technical and policy issues relevant to drinking water utilities.
    • The National Rural Water Association (NRWA) that represents small, rural drinking water systems across the country. These systems often serve water to fewer than 1,000 people each.
    • The Water Environment Federation that represents wastewater utilities across the country in both technical and policy issues relevant to these utilities.
    • The American Water Works Association Research Foundation (AwwaRF) and the Water Environment Research Foundation (WERF) which are research organizations addressing the needs of the drinking water and wastewater utilities, respectively.

  • In many instances water utilities sell water that is provided to them by other state or federal entities focused on management of water resources. These groups normally manage reservoirs and water conveyance structures for a variety of drinking water and agricultural needs. For instance, in California the California Department of Water Resources, a statewide organization which itself employs approximately 2,600 people, manages water that ultimately serves the needs of 66% of the population of California, and also irrigates 600,000 acres of land. California Department of Water Resources also manages 32 water storage facilities, 17 pumping stations, eight hydroelectric plants, and 660 aqueducts and pipelines. A similar organization in Colorado, although not a statewide organization as in California, is the Northern Colorado Water Conservancy District.
  • The United States Army Corp of Engineers is involved in flood control and navigational issues throughout the country. This organization has built and manages many reservoirs and other water storage and conveyance structures around the country.
  • The United States Bureau of Reclamation is involved in providing water in western states for the primary purpose of irrigation of land, and thus the Bureau of Reclamation also manages many water storage and conveyance structures in the western states.

  • Water rights in western states are bought and sold as private property, with a complicated system based on first beneficial use of water that determines who gets water when. Some western states, such as Colorado, have a separate court system that only addresses water issues. In eastern states water is administered as a common commodity for public use.

Science and Technology Needs and Opportunities

In general, our group discussions indicated that improving water security is more dependent on enhancing the application of existing science and technology than on generating new knowledge through additional large-scale basic research activities. There is an extensive body of scientific knowledge and engineering practices that are well documented in the literature. However, there are a number of specific scientific questions that are relevant to the assessment of vulnerability and the crafting of mitigation strategies. Specific interlinked S&T needs include:

  • Monitoring Technologies and Strategies: Which contaminants should we try to detect? What monitoring devices are needed? What is the most effective monitoring strategy, including the spatial distribution of monitoring devices? Is continuous monitoring required, or is a sampling strategy adequate?
  • Data Analysis and Interpretation: What is the right suite of measurements to assess water quality? How can we best detect and characterize contamination? Must we monitor contaminants directly, or can we monitor "indicators?"
  • Social Science/Risk Assessment: What contaminants are the most dangerous? What contaminants are the most easily available? What are the top mitigation priorities (large systems, medium systems)? How safe is safe enough, and how can risk be communicated in such a way as to contribute to public health and safety?
  • Mitigation Strategy Evaluation: How can we compare and evaluate mitigation options? How can we best weigh mitigation costs against risks?

Barriers to the Application of Science and Technology to Water Security

It is not clear that existing mechanisms of connection between the S&T community and the water sector are strong enough to permit the effective application of S&T to enhance US water security. Furthermore, as noted in the introduction, some recent security measures may actually hinder the establishment and use of mechanisms to enhance such connections. Barriers include:

  • Restrictions on the Flow of Information: Restrictions on the distribution of information about vulnerability are inhibiting the flow of existing information (some of which is scientific and technical) from the federal government to system operators. Restrictions on exchange of information (and publication of results, if this occurs) are also likely to inhibit the dialogue and communication among scientists, and between the technical community and system operators, that is necessary to make progress on the S&T questions outlined above. Restrictions on information flow can also inhibit technology transfer.
  • Problem Definition/Characterization: The specific problem with water security is complex and difficult to define, widely distributed, and involves many different individuals and organizations (at the extreme, one could define 55,000 separate problems). The identification of clients, information needs, and points of entry to the problem are significant challenges.
  • Mature Infrastructure: Our nation's physical water infrastructure is not easy to modify. The application of new ideas is constrained by the fact that water systems are long lasting, expensive, complex, and in many cases, highly customized (meaning that not all solutions or innovative approaches are universally applicable).

Next Steps: Improving the Connections and Improving US Water Security

There are a number of ongoing and planned activities that are focused on improving US water security, listed in Appendix 1 of this report. A fundamental conclusion of our group is that more effective application of existing science and technology can help improve US water security, and that consideration of the existing S&T knowledge base and means of improving connections between the S&T community and water system operators and regulators should thus be part of such activities.

We identified a number of steps that could be taken in the near-term:

  • The most important recommendation from our group is initiation of a bottoms-up adaptive learning process that includes the S&T community and the system operators: The complexity and scale of the problem and the infrastructure makes the near-term implementation of an effective and successful "grand solution" very unlikely. Small steps, pilot projects responsive to specific local/regional conditions/needs, and robust dialogue, experimentation and feedback mechanisms are needed to enable progress while avoiding big mistakes. Such a process could itself be undertaken in a community or region on a prototype or pilot basis.
  • Improved information sharing and protection: The adaptive learning process advocated above is not possible if information and results cannot be shared. An initial step could be the creation of secure (restricted access) web sites (or adaptation of existing secure web sites) and restricted access meetings and briefings to support the exchange of and access to existing information. There are examples of relatively secure information sharing short of full-scale classification. If this proves to be unworkable for the federal government, the water sector may be able to take steps on its own.
  • Agreement on minimum standards and procedures: It should be possible to gather the relevant technical community and system operators, perhaps on a state by state basis, to identify and agree on minimal standards and procedures for monitoring, mitigation, and, possibly, on effective response strategies (based on the existing "state of knowledge").
  • Systems Analysis: Given the complexity of the problem and the physical infrastructure, a systems analysis approach to characterizing risk, vulnerability, and resiliency, and evaluating possible mitigation and response strategies seems warranted. Such an analysis could address issues of the value of commonality vs. customization, assess the cost and benefits of potential mitigation strategies, and might identify no regrets mitigation strategies. One example would be to look at the potential value of increasing the use of common, as opposed to custom, components in water systems (i.e., pumps), perhaps as part of ongoing maintenance, to improve the ability to recover from disruptions.

Appendix 1

AwwaRF SECURITY AND COUNTER-TERRORISM RESEARCH ACTIVITIES
October 16, 2002

Frank J. Blaha, P.E.
AwwaRF
6666 W. Quincy Avenue
Denver, CO 80235
303-347-6244
fblaha@awwarf.com

Security Projects that are Substantially Underway or Near Completion

  1. Actual and Threatened Security Events at Water Utilities
    • Project will help to better define the design basis threat posed to water utilities
    • Project will help to populate the upcoming Information Sharing and Analysis Center (ISAC) to be hosted by AMWA with security events
    • Project will help utilities better understand the threat posed to drinking water utilities
    • Final report should be completed in early 2003
  2. Water Utility Security Research Needs and Priorities Issue Group Meeting
    • Held May 21-22, 2002, in Laurel, Maryland, at WSSC Office
    • Secure meeting with attendance by invitation only
    • Focused on security needs from a drinking water utility perspective
    • Approximately 30 participants from the drinking water community
    • Coordinated with EPA, AMWA, AWWA, DOE, DOD, and others
    • Number of projects funded by Board of Trustees in June, 2002
    • Other projects identified at the meeting funded with EPA or other partnership money
    • Issue group results updated for current situation with follow-up meeting on October 3, 2002
  3. Vulnerability Assessment Methodology Upgrade, Version 2
    • This work started in July, 2002
    • Will capture knowledge from four additional vulnerability assessment case studies funded by EPA and conducted at water utilities across the country since September 11
    • Will also capture knowledge generated from the Sandia training experience in the 3-day Practitioner Workshops and other training activities in 2002
    • Revised methodology will directly address cyber, SCADA, and groundwater concerns, more specific than version 1 in many respects
    • This work is USEPA funded
    • AwwaRF coordinating utility involvement and publication of revised methodology
    • Sandia National Laboratory under contract for the work
    • Version 2 document distribution to begin in late October, 2002

Projects that Are Just Starting, or will Start Shortly

A number of projects were funded by the AwwaRF Board of Trustees on June 15th based on recommendations from the Security Research Issue Group meeting.

  1. Utility-Relevant Information on Contaminants That Are Candidates for Purposeful Water Supply Contamination: This is a phased project with the goal of ensuring that a central repository, accessible by drinking water utilities on a need-to-know basis, is created that provides accurate and actionable information on contaminants that could be used for purposeful contamination of drinking water. Phase 1 of this project will entail working with EPA, CDC, and others that have already developed some or all of this information and try to more fully and eloquently describe the needs of the drinking water community for access to some information on purposeful contaminants which is expected to be included in the USEPA "State of the Knowledge Report." At this time the State of the Knowledge report is only available to the USEPA, CDC, and the FBI, it is not available to water utilities. It is likely that two tiers of information might be available, one tier for utilities to prevent a successful purposeful water contamination event, and another tier for utilities that know or suspect they are addressing an attack on their water quality. More complete and detailed information would likely be available to a utility that believes it has been attacked. Access to such information will be critical in utility-identified responses until such time as the FBI takes over response. While considering the needs of the drinking water community in this area, work will start on creating this information in association with other organizations that have also worked on this issue such as water utilities, DOE groups, and DOD groups, etc. An integral part of this task will be to assess outstanding information gaps and research needs. Phase 1 funded in June, 2002 at a $50,000 level. Follow-on needs are to be identified by January, 2003, possibly funded by the AwwaRF Board of Trustees in the January meeting. Phase 1 of this project will be completed in January or February of 2003.
  2. Inventory and Assess Analytic Capabilities of Existing Monitoring Technologies for Use as Early Warning/Real-Time Systems Technologies: This is a paper study with the intent to identify and communicate core issues that utilities and consultants should consider in evaluating early and real-time warning sensors. Much of the work is expected to largely, but not solely, focus on the lessons learned in an extensive, long-term, and comprehensive DOD project on early/real-time warning system technologies. This project would include three primary steps: selection criteria for monitors, market assessment (what's out there and available), and then assess the sample/capture/concentration/extraction methods of the various available technologies. This is a partnership project with the Department of Defense (DOD), with Phase 1 funding of $50,000 approved in June, 2002. The need for follow-on, Phase 2 work will be identified as Phase 1 nears completion. Phase 1 of this project will be completed in the summer of 2003.
  3. Extraction Methods for Early/Real-time Warning Systems for Biological Agents: This is a technology and lab-based project, with the broad goal of further development of useful early/real-time warning systems for biological contaminants. This project will screen 3 to 5 different water extraction methods for biological agent surrogates, and test the best method on actual bio-terrorism agents at an appropriate CDC or DOD laboratory. Desire a single method that would simultaneously extract bacterial, viral, and parasitic agents in a rapid and efficient method. This would be a partnership project with DOD and CDC. Project is funded at a $300,000 level, with $150,000 from AwwaRF and $150,000 from DOD. AwwaRF support funded in June, 2002. This project should be completed in early 2004.
  4. Lessons Learned from Initial Water Quality Vulnerability Assessments: To capture lessons learned and provide a forum for information exchange on vulnerability assessments conducted by the large drinking water utilities. Lessons learned would be extracted from these experiences and shared throughout the community of water suppliers. ($150,000). Funded in June, 2002. This project should be completed in late spring to early summer of 2003.
  5. Vulnerability Assessment Methodology for Medium and Small Systems: Develop an easy-to-use, intuitive, and scale-appropriate methodology for utility operators to characterize and assess the vulnerability of medium/small systems to a variety of terrorist (and other security-related) threats. The tool should be suitable for self-application by utility managers, able to accommodate real world input parameters for each system, and computer based. This work will also be coordinated with AWWA training efforts, so that a complete package for these vulnerability assessments will be available in early 2003. This project was funded at $100,000 by the AwwaRF Board of Trustees in June, 2002. Sandia National Laboratory is conducting this work, which will be completed in early January, 2003. Training will be offered by AWWA one to two months after completion of the methodology. Computerization of this methodology, as is desired by many parties, will take additional funding support.

Additional Projects that are Just Starting or Will Start Shortly - These Projects are Funded by Left-over Residual USEPA Money from other AwwaRF/EPA Agreements (Not Security Agreements)

  1. PipelineNet Case Application, Additional Functionality Review: This project is a case application and review of strengths/weaknesses of PipelineNet to address distribution system security needs as expressed by water utilities. A key need as expressed by water utilities was the need for distribution system models or methods for monitoring and projecting the fate and transport of potentially introduced contaminants in water distribution systems, particularly as related to use and application in an emergency response situation. Such a model should be applicable to determining the optimal placement of extraction and monitoring instruments, to help develop monitoring regimes for routine screening of distribution system water quality, and/or to predict/track the fate and transport of contaminants in a system in order to effectively respond to a purposeful contamination incident. While these general needs were expressed by water utility representatives, one model is already under development that has most of these functionalities. This model is PipelineNet which is a FEMA and EPA-created distribution system model that is GIS based and ultimately similar to EPANET. EPANET is one of the more commonly used distribution system models. While PipelineNet has been successfully used at Salt Lake City in relation to the Olympics, some attempted applications of this model at other systems already running EPANET were not successful. This project will focus on an additional test application at a utility already running or capable of running EPANET, and once successfully running additional testing will be conducted to determine if some additional functionalities of PipelineNet as described above can be built into this model. PipelineNet is available for free. SAIC, the initial developer of PipelineNet for FEMA/EPA is performing the work. This project became active in late August, 2002, funded with EPA money, and will be completed in January, 2003.
  2. Security Implications of Innovative and "Unconventional" Water Provision Options: To provide utilities with a security-oriented evaluation of alternative water supply provision options. To characterize the security-related advantages (or disadvantages) of unconventional options so that they can be considered along with other pros and cons of these currently "unconventional" supply options (e.g., using neighborhood treatment/polishing facilities as a mechanism for meeting regulatory compliance requirements, reducing costs, and/or increasing customer satisfaction), as part of a comprehensive evaluation of such innovative water supply options. This is a new task added to an existing project, AwwaRF project 2761 "Comparison of Conventional and Unconventional Approaches for the Provision of Drinking Water." This original project is providing an evaluation of "unconventional" approaches to providing water. The options being evaluated include (a) utility-endorsed (or co-sponsored) POU/POE or bottled water provision, (b) dual distribution systems, (c) decentralized treatment in outer reaches of distribution networks to polish centrally treated water. The existing project is focusing on regulatory compliance pressures, customer expectations and acceptance/preferences, and economics as driving forces toward, or away from, these options. The re-allocation of USEPA funding for this project was approved September 10th, and work must be completed on the security task of this larger project by May 30, 2003.
  3. Primer on Security Best Management Practices: Addressing the threat of deliberate contamination or disruption of water systems requires vigilance on all fronts, not just intensification of physical security measures. This project focuses on policies and issues related to increased security, as opposed to physical security hardware and water quality issues. Utility operational issues such as personnel selection and background checks, clearance for contractors and vendors, liability and insurance issues, control and management of sensitive information and Freedom of Information Act (FOIA) requirements, and physical layout and facility design all have important impacts on and implications for system security. Security issues must be integrated with all utility operations, without degradation of operations and customer service. The re-allocation of USEPA funding for this project was approved September 10th, and work must be completed on this project by May 30, 2003.
shim
Sponsors: University of Colorado at Boulder; University of Colorado at Denver; University of Colorado at Colorado Springs; University of Colorado Health Sciences Center; Sloan Foundation; University of Denver Graduate School of International Studies; Colorado State University Rocky Mountain Institute for Biosecurity Research