Port Insecurity Special Report: Points of entry
- By Patience Wait
- Jul 22, 2005
Manifest's Destiny: A worker in the Savannah Port's 'kitchen' matches a truck's manifest with a view of the actual truck.
Authentication is key to controlling access at ports, but implementing systems is a complex puzzle
'The adminstration's budget includes $600 million for infrastructure protection, but it doesn't include a line item for port security.'
- Sen. Susan Collins (R- Maine)
The main entrance to the Port of Savannah looks a lot like a toll plaza on the New Jersey Turnpike.
A long row of tollbooths serves as a barricade to the lines of trucks that queue up, waiting to get in. As the truck drivers pull up to each booth, they present their orders to clerks sitting in the kitchen, the nickname for the dispatch room, a quarter-mile away.
'This is when the drivers ring the doorbell, so to speak,' said Robert Morris, director of external affairs for the Georgia Ports Authority, which governs Savannah and three other ports in the state.
Via remote cameras, the operators verify that the pick-up orders match the shipments waiting in the yard, and confirm that the driver's name and truck and trailer numbers all match the orders. Once confirmed, printed tickets tell the drivers where to pick up their loads among the ever-shifting stacks in the shipyard.
Those pieces of paper are important, because the pathways inside the port to the docks appear and disappear within hours, as four- and five-high stacks of containers are moved and rearranged. To keep the clerks' information up to date, dockworkers use personal digital assistants to record the location of the containers as they get shuffled around.
The verification system has cut down on errors significantly, Morris said. As many as 300 truck drivers a day used to have problems with their paperwork, gumming up the lines for other truckers. That number has been cut to 30 a day. And problems that could take hours to straighten out are now usually resolved in less than 30 minutes, he said.
But most important, the system identifies not only the cargo, but the drivers.
Additional improvements are being developed by the Maritime Logistics Innovation Center, a partnership between the Georgia Port Authority, the state's university system, and the Industry Trade and Tourism De- partment that addresses maritime logistics and security issues. In the works: a wireless system that would let truck drivers transmit manifest information to the port when they're as far as 10 miles away, said MLIC director Page Siplon.Human threats
Every improvement helps. The Port of Savannah is the fifth busiest seaport in the country based on container volume, and one of 55 designated as a strategic port by the government, because of its dual role as a commercial and a naval facility.
As at most U.S. ports, authorities in Savannah are turning to technology to improve safeguards not only on the cargo that flows in and out of ports, but increasingly, the people as well.
For instance, the port authority has instituted its own smart-card credentialing and access control program. Everyone who comes to the port is required to apply for a card and must wear it at all times. With the Navy using the facility to ship out troops, Morris said, heightened security only made sense.
Though the federal government has initiated a widely publicized plan for a national Transportation Worker Identification Credential'TWIC for short'Savannah officials decided to put their own system in place until the federal standards have been determined. The TWIC program, which aims to issue IDs to roughly 12 million individuals working in the air, sea, rail, trucking and mass transit industries, has been hampered by delays (see story, Page 16). Morris said Georgia port officials recognized that the money they've spent might be a redundant cost once the national standard is determined, but they went ahead with it anyway.
That decision reflects the continuing challenge that ports face in reconciling national demands against local needs.
All of Florida's 14 ports, for instance, were included in the TWIC pilot program because the state legislature had already passed laws requiring maritime workers to undergo background checks and receive ID cards, according to Louis Noriega, computer services manager for the Port of Miami. The state law also required the ports to implement access control systems, he said.
Florida obtained a memorandum of understanding from the Homeland Security Department guaranteeing that the state's credentialing program, which uses DHS-provided equipment, would be accepted within TWIC's eventual standards, Noriega said.
'TSA still calls (the program) a prototype, but Florida is implementing it,' Noriega said.Coastal burden
Port officials in general give the federal government credit for moving quickly, if erratically, to take steps to protect the cargo shipped into the United States. But actions to provide access control and physical security to the nation's ports have moved far more slowly.
The disparity is due in part to the separation of security and commerce within DHS. In the aftermath of 9/11, and after decades of neglect and underfunding, the Coast Guard suddenly gained primacy as the organization responsible for providing physical security for the United States' coastline.
An attack such as that on the USS Cole in October 2000, where suicide bombers in a Yemeni port pulled up next to the destroyer and triggered explosives, blowing a hole in the side of the ship and killing 17 crew members, is now conceivable within the boundaries of a U.S. port.
Just as conceivable is a container set to detonate on a loading dock, or the ingredients for a nuclear, biological or chemical weapon being smuggled from a container onto a truck and shipped into the nation's heartland.
These are among the threats the Coast Guard is charged with thwarting, in addition to its traditional maritime duties.
In response, the Coast Guard is pursuing what it calls Maritime Domain Awareness, the knowledge at all times of activities in the global maritime environment that could affect the security, safety, economy or environment of the United States.
'Our experience shows that we're uniquely positioned'we're a military service in a civilian department'to bring all the stakeholders together,' said Dana Goward, chief of programs and architecture for MDA.
One component of MDA is the Integrated Deepwater Systems contract, the 20- to 25-year program to completely overhaul the Coast Guard's aging'in some cases decrepit'fleet and infrastructure. With a price tag estimated to be between $19 billion and $24 billion, it is the most ambitious acquisition program in the history of the agency.
The Deepwater program calls for up- grading the Coast Guard's command, control, communications, computers, intelligence, surveillance and reconnaissance systems, commonly called C4ISR. But the program has come under fire from Congress, which has threatened to withhold some funding because lawmakers have not received timely status reports.Communications overhaul
Another MDA initiative is Rescue 21, a $611 million contract awarded to General Dynamics Corp. in September 2002 to provide a complete overhaul of the Coast Guard's communications network. The program would enhance VHF-FM and UHF coverage, add digital communications and expand bandwidth'but do it over 19 years.
Port security advocates worry that's too long to wait.
Another more promising program, born out of the Maritime Transportation Security Act of 2002, requires the Coast Guard to develop an Automatic Identification System for ships similar to the transponders carried by aircraft. As early as September 2003, the Government Accountability Office expressed concern that 'more than half of the 25 busiest U.S. ports' will not have [a fully-functioning system] for the foreseeable future because it requires extensive shore-based equipment and infrastructure that many ports do not have' (www.gcn.com
The Coast Guard's Goward is much more upbeat about the prospects for the AIS.
'We currently are receiving signals from about 70 percent of the vessels coming to the United States,' he said. 'We have [a form of] AIS at all major ports.' In addition, the agency expects to release a request for proposals by the end of this fiscal year or the first quarter of next year to complete the AIS, Goward said.
The Coast Guard also is putting a lot of effort into coordinating Rescue 21 and Deepwater to ensure their interoperability, he said.
'We have to be able to define them as stovepipes, in some ways, because that's where the money comes from ... and that's the way we have to contract, to some extent,' Goward said. But the agency is looking at the two programs to see if they can share shore-based communications towers, for instance, and IT channels.
'It initially looks like they can,' he said.Insufficient funds
While the Coast Guard shoulders the brunt of protecting ships, harbors and shorelines, seaports must take responsibility for securing their dockyards and facilities.
The Coast Guard is charged with assessing the security status of more than 3,000 U.S. port and related facilities and steps needed to improve them. But the cost of making those improvements falls to the ports themselves.
To pay for the changes, ports look to a port security grants program, which has been administered by the DHS Office of State and Local Government Coordination.
The grants program has been criticized for being underfunded, given the magnitude of the challenge, and for failing to meet priorities.
Among those raising concern about the program is Sen. Susan Collins (R-Maine), who chairs the Homeland Security and Governmental Affairs Committee.
'The administration's budget includes $600 million for infrastructure protection, but it doesn't include a line item for port security. Yet the Coast Guard has estimated that just complying with [the Maritime Transportation Security Act] would cost $7.3 billion over the next decade,' Collins said in an interview with GCN.Combined programs
The administration announced plans this year to combine the port security grant program with a critical infrastructure grants program. The move drew complaints, however, that port projects would receive less funding if forced to compete against projects to secure chemical plants, train stations, rail lines and thousands of other critical infrastructure sites throughout the country.
The DHS Inspector General's Office, meanwhile, faulted the way grants were distributed, in a report issued in January (www.GCN.com/459). The report said that grants were awarded for projects that lacked 'clear security-related merit' and that, through four rounds of grant awards, DHS kept changing its definition of 'national critical seaport.' DHS also spread funds around to as many ports as possible, rather than concentrating on those at greatest risk, according to the report.
The funds that have been tapped to date are being used for a variety of projects'some basic, others more innovative.
Lockheed Martin Corp. has won several contracts from the Port Authority of New York-New Jersey to improve the security of the bridges and tunnels that fall under the authority's jurisdiction. SAIC has won other contracts to provide nonintrusive inspection devices at ports around the country, to screen individual containers for radiation.
VistaScape Security Systems Corp. of Atlanta, meanwhile, has been developing software that can automatically monitor the water's surface along ports, looking for anomalous traffic.
'Typically, ports say, 'We want to look outward onto the waterside, to make sure that while ships are at port, people don't attempt to cause them harm,' ' said Glenn McGonnigle, CEO of VistaScape. 'But every port is different in physical size and layout. That's the beauty of enforcing [security] policy through software'it's user-configurable.'
The company's application can take data from a wide range of sensors and devices, he said, and apply analytical rules looking for types of objects, their speed, their size, the direction they're moving'all the elements a human would be watching for. The application can distinguish and eliminate wave activity, even seagulls flying a few feet above the water's surface, he said.
Although they can help improve security, technology systems are uncharted water for many ports.
'These customers are incorporating this type of technology in many cases for the first time,' he said. 'Frequently they're not prepared for the ongoing IT administration that this new generation of security systems require. ... It's something that airports and seaports, along with the systems integrators, are having to get up to speed on.'
Other programs, meanwhile, resemble a Justice Department project in Charleston, S.C., called Project Seahawk. The initiative puts federal, state and local law enforcement officials who have maritime responsibilities into a single facility, including a command center with multiple screens to monitor ships and activities at the port.Reassessing priorities
But how do federal, state and local authorities tie all these efforts together'and provide the layered defense that Customs and Border Protection is pursuing? And how do officials prioritize among projects, when the money is scarce?
Business-process specialists contend the best approach is one that matches the highest security returns with the practical needs of today's global supply chain.
Many projects'such as using GPS or chemical, biological or radiation sensors to turn containers into smart boxes'are both expensive and difficult to implement, says Unisys Corp.'s Randy Koch, director of the company's supply chain solutions practice.
Koch prefers an approach that identifies processes, policies and technologies directly related to security threats and vulnerabilities, that have bang for the buck and that have reasonable odds of being implemented. He also would keep track of which responsibilities are federal, which belong to the port authorities, and which require the involvement of state and local governments or even private enterprise.
Encouraging nations to integrate their customs programs and develop interoperable systems, as endorsed by the World Customs Organization last month, is another step that will improve security, he said.
For the ports themselves, Koch believes emphasis should be on improving emergency response planning, integrating communications systems among the various law enforcement and security forces that cover the waterfront, and completing TWIC enrollments and improving other access controls.
Still, the task of increasing security at the nation's seaports remains a huge undertaking that continues to suffer from a lack of focus and funding.
'I think this is an extraordinarily important area that has not received the attention it deserves from the administration,' Collins said. 'This vulnerability just cries out for attention. When I talk to terrorism experts, the scenario I always hear ... is using container ships to [sneak in] weapons of mass destruction. I'm not trying to say that nothing has been done, but when you look at the funding, and GAO's criticisms,' the shortfall is evident.
Collins said that she and Sen. Patty Murray (D-Wash.) are considering whether the department needs a new office to take the lead in organizing port security efforts.
'I view the Coast Guard as being the lead agency since they have responsibility for MTSA (Maritime Transportation Security Act), but there are an awful lot of agencies involved,' she said.
Collins said Congress must quickly address the issues of funding, priorities and vulnerabilities. DHS appropriations are still being debated in light of secretary Michael Chertoff's reorganization plan.
'I think we need a dedicated grant program within the Department of Homeland Security that is specifically aimed at port security,' Collins said.
To that end, she has introduced legislation to establish a grants program that would provide $400 million a year over the next five years. Rep. Jane Harman (D-Calif.) has sponsored the same bill on the House side, she said.
'It's still way short of what the Coast Guard says ports need,' but it's a start, she said.