Dynatrace announced that Aeroporti di Roma (ADR), the largest airport operator in Italy – serving nearly 50 million people annually via more than 100 airlines and the Fiumicino Leonardo da Vinci and Ciampino airports – is using the Dynatrace platform to keep travelers flowing through its airports quickly and efficiently. Digital systems are at the heart of ADR’s efficiency, underpinning all critical airport processes, including security checks, border control, baggage handling, airside operations, and traveler information systems such as those used for check-in and travel updates.
Previously, the ADR team had limited in-house visibility into its applications or the underlying on-premises and cloud infrastructure. They relied on multiple third-party systems integrators to share information on the performance of their software and its impact on travelers’ experiences and satisfaction. This reliance on multiple systems and manual triaging, with no single source of truth, complicated efforts to resolve issues quickly or optimize experiences. Dynatrace has enabled ADR to overcome these challenges by unifying observability and security data from its hybrid-cloud environment.
Dynatrace’s powerful, causal AI enables ADR to use this data to uncover the root cause of performance issues and security vulnerabilities and proactively resolve them before they impact travelers. This has helped ADR process 90% of travelers through security in 3 minutes, enable punctual arrivals and departures for more than 99% of its daily flights, and guarantee that 13 million bags reach more than 200 destinations each year. Thanks to these service levels, Fiumicino Airport was recently rated “Best Airport in Europe with Over 40 million Passengers” by Airports Council International (ACI) for the sixth consecutive year. Fiumicino also received a 5-Star Airport Rating from Skytrax earlier this year, making it the second European airport to achieve this rating.
“Performance issues and security vulnerabilities in our software may have significant real-world ramifications for travelers’ experience in our airports,” said Emiliano Sorrenti, chief information and technology officer at ADR. “If one of our critical applications is offline even for a few minutes, it can lead to huge queues at check-in, border control, or baggage handling desks, which could cause travelers to miss their flights. The Dynatrace platform enables us to optimize and safeguard the systems our customers rely on easily and proactively. That means we can create a better airport experience for our travelers and, ultimately, get more of them to their destination on time.”
The Dynatrace platform’s extensive automation capabilities enable service optimization and issue resolution often without human intervention. Dynatrace also seamlessly integrates with ADR’s IT Service Management solution, which has enabled significant operational efficiencies. Dynatrace automatically creates tickets when it discovers problems, identifies the root cause, and instantly routes them to the right team within ADR to facilitate proactive resolution. This has reduced the time teams spend triaging issues by 70%. In addition, Dynatrace alerts ADR to any new security vulnerabilities as they emerge in its environments, while automatically prioritizing them based on the risk to the airports’ systems and travelers. These insights enable the ADR team to resolve any issues quickly, minimizing airport disruption.
“Dynatrace has revolutionized how we manage service incidents and software vulnerabilities, enabling us to create more seamless airport journeys for our travelers,” continued Sorrenti. “The platform’s extensive automation and causal AI capabilities mean we can now have a ticket raised that points to the exact cause of the issue and can have that in the hands of the person who needs to resolve it within milliseconds. For many types of incidents, we’ve even been able to create automated workflows to enable our applications to self-heal without the need for human intervention. As well as improving the reliability and security of our critical airport services, these automations have enhanced our operational efficiency by eliminating the need to triage problems and scan for vulnerabilities manually. Instead, the answers from Dynatrace empower us to jump straight into a resolution with our partners. Ultimately, that keeps travelers flowing through our airports with ease.”
ION Science has launched a new, upgraded version of Titan, its fixed benzene-specific monitor, called the Titan 2. In accordance with recent legislation changes, Titan 2 offers enhanced stability and sensitivity, supporting ION’s continued mission of protecting lives and preserving the environment.
“Benzene is a toxic, carcinogenic gas representing a serious threat to many workers, as well as the environment,” explained Duncan Johns, ION Science Group managing director. “It is therefore vital that staff are protected by monitors that can continuously measure benzene at the low levels required by increasingly stringent international regulations. Titan 2 is the only commercially available, truly selective, fixed continuous benzene monitor worldwide that can meet this requirement.”
Titan 2 delivers unrivalled accuracy and sensitivity in benzene detection and is ideal for use in a variety of sectors, such as oil & gas, bulk storage facilities, chemical manufacturing and processing, and asphalt production.
Users of the original Titan will be familiar with the instrument’s accuracy and performance, however, within the new Titan 2 they will see core enhancements, such as a new rugged manifold, a piezoelectric micro pump for enhanced stability, a lower limit of detection, and updated PC software for easier management and control.
An occupational exposure limit (OEL) for benzene of 100 ppm was originally recommended in 1946. Following further associations with leukaemia, the OEL was reduced to 50 ppm and then to 1 ppm as the 8-hour time weighted average (TWA) exposure limit (U.S. OSHA, 1987). However, further health problems have been reported at levels below 1ppm so there is pressure in many countries to lower the limit further. For example, NIOSH recommended airborne exposure limit (REL) is 0.1 ppm (10-hr TWA) and 1 ppm during any 15-minute work period. Similarly, the current EU 8-hour TWA for benzene is 1 ppm (3.25 mg/m3). However, from 5th April 2024, the long-term exposure limit will be reduced to 0.5 ppm – and will be cut again from April 2026 to just 0.2 ppm. – Directive (EU) 2022/431 of the European parliament of the council, March 2022.
Regulatory requirements are therefore driving the need for greater sensitivity, and these needs are met by Titan 2. Thanks to innovative technology in conjunction with industry-leading PID sensor technology, the Titan 2 has a reduced likelihood of cross-sensitivity and can detect benzene rapidly at levels as low as 0.02 parts per million (20 parts per billion). At the other end of the scale, it can detect benzene at up to 20 ppm, delivering high speed and high sensitivity.
Titan 2 captures a gas sample once every 60 seconds. The sample is then conditioned within a further 60 seconds to allow precise benzene measurement, ensuring a consistent flow of real-time data. The piezoelectric micro pump in the latest version delivers enhanced pressure and flow accuracy to ensure a rapid response and unrivaled reliability.
Titan 2 also features visible alarm capability, triggering an alert when benzene concentrations reach either of two operator-configurable levels. Twin relay outputs enable the user to integrate the unit with existing site alarm systems, while easy-to-use firmware allows a simplified calibration procedure. For analysis of readings captured by Titan 2, both 4-20mA and RS485 MODBUS communication protocols can be utilized.
A proven, robust separation method ensures specific readings for benzene, with an easy-to-read display. An internally regulated heating system ensures stable operation even at extremes of temperatures, and the new robust housing reduces contamination risk and allows for extended use in the harshest environments.
Titan 2 has been designed to comply with international safety standards, including ATEX and IECEx, making it safe for use in any environment, as well as featuring an IP65 Ingress Protection rating. ION Science’s photoionization detection (PID) technology has been independently verified as the best-performing on the market, providing reliable, accurate solutions backed by outstanding product support. Importantly, the new, unique to Titan 2, MiniPID T2 10.0 eV Sensor features a patented design to nullify potential humidity interference, whilst ensuring a fast response, the highest levels of sensitivity and market-leading reliability.
The Titan 2 service module is designed to be backwards compatible, so in conjunction with a simple firmware upgrade now provides existing Titan customers with a quick and convenient upgrade opportunity.
Summarizing, Johns added, “Benzene is one of the more dangerous VOCs so the Titan 2’s ability to reliably speciate this gas is extremely important in the protection of lives, and with lowering regulatory limits, the instrument’s enhanced sensitivity is a major advantage.”
Surveillance solutions company Cozaint has been selected by WGS Group, a security guard services company with headquarters in Las Vegas, NV, and servicing California, Texas, Florida, and other states, to deliver the BOBBY physical security kiosk system to their customers. WGS Group is looking to augment its human security guard team with advanced intelligent surveillance technologies that offers video surveillance, access control, “smart” sensor alerts, and area monitoring capabilities all designed to create a safer environment for their end customers.
Cozaint’s BOBBY platform of physical security kiosks provides 24/7 situational awareness for organizations of all sizes. The Cozaint BOBBY stationary robot also has a 15” interactive display that highlights information about client’s activities as well as allowing for visitors to activate a “Panic Button” if they feel threaten. The BOBBY kiosk can be connected to the client’s own security department, WGS Group’s team of monitoring agents, or to Cozaint’s team of monitoring agents.
The BOBBY kiosks have two-way audio and video capabilities where officers can see and speak with the kiosk visitor to determine if an emergency exists and how best to respond to a visitor’s needs.
“For our team of highly trained security professionals, adding in the BOBBY surveillance capabilities brings another level of service and sophistication to our clients,” said Marcus Skeen, president of WGS Group. “Implementing the BOBBY surveillance systems will enhance our team’s ability to provide the best security services to our clients.”
With 180-degree video surveillance coverage and 24/7 video recording, the BOBBY kiosk delivers the peace of mind the WGS Group can provide to its client when they are looking to increase the security level within an organization.
“Our BOBBY kiosks are an ideal community safe zone security platform, where users can rest assured that their environment is being monitored for safety and security reasons when dealing within a client’s property,” stated Jay Jason Bartlett, CEO, Cozaint. “Augmenting WGS Group’s guard services and capabilities by delivering additional eyes and ears will enhance their team’s ability to respond and secure a client’s property quickly and efficiently.”
The BOBBY kiosk’s 15 inch touchscreen display also presents local community information as well as current events, helping to keep the client’s community up to date on what is happening within that organization.
Teledyne FLIR, part of Teledyne Technologies Incorporated, announced the FLIR E8 Pro, providing a larger 3.5-inch touchscreen with FLIR Ignite cloud connectivity within the same pistol-grip form factor as legacy E8 series thermal cameras. Through the touchscreen, users can share captured images with colleagues, partners, and clients over Wi-Fi, including with on-screen annotations to highlight findings. Images can then be loaded straight to the FLIR Ignite cloud for improved efficiency and a smoother workflow.
“As part of effective predictive maintenance and condition monitoring programs, thermography inspectors require easy-to-use and cloud-connected handheld thermal cameras to quickly locate issues and effortlessly share that data with colleagues and clients for further analysis,” said Rob Milner, global business development director, Teledyne FLIR. “The FLIR E8 Pro answers the call with a larger touchscreen and improved 640 × 480 screen resolution. It also features FLIR Ignite cloud connectivity for instant documentation to provide inspectors with a familiar, yet superior, handheld thermal imaging camera to get the job done quickly and efficiently.”
Teledyne says the FLIR E8 Pro offers crisp thermal and visual detail at an affordable price by pairing a 5 MP digital camera with a powerful thermal camera via the FLIR patented Multi-Spectral Dynamic Imaging (MSX) capability. MSX overlays the edge detail of the visible camera upon the thermal image, providing significantly greater detail and contextual awareness without sacrificing any thermal data. The tool also includes a built-in LED lamp to capture critical details via MSX in low-light scenarios for improved decision support.
When connected to Wi-Fi, the FLIR E8 Pro can automatically sync with the FLIR Ignite application (now available with an additional 10 GB storage for only $30 per year), accessible from anywhere on mobile devices, a web browser, or a desktop, eliminating the need to carry extra USB flash drives, card storage, or cables. Images and videos shared via FLIR Ignite can then be accessed through FLIR Thermal Studio software so inspectors, colleagues and clients can instantly review, edit, analyze, and report findings.
Built to handle the harshest of industrial and outdoor environments, the FLIR E8 Pro is drop-tested up to two meters (6.5 ft). The ruggedized design also features a 25G-shock and 2G vibration test rating along with built-in lens protection. The FLIR E8 Pro also offers up to four hours of continuous operation on one battery, which can be quickly swapped out and recharged for all-day use.
The FLIR E8 Pro is currently available to buy. The purchase also includes two removable and rechargeable batteries, a hard-carrying case, a battery charger and a USB cable power supply.
More digital rail and transit grow vulnerable in the cyber fight. The industry must build the confidence and standards needed to prevail
Rail and transit manufacturers and suppliers are grappling with increasingly frequent, speedy and sophisticated cyberattacks as their systems and devices become more connected digitally.
“Threat actors” attack vulnerabilities common to everyone dependent on computers and industrial control systems (ICS). Rail must manage unique vulnerabilities.
Efforts to strengthen cyber resilience come as rail struggles, like others, with pressing challenges: economic uncertainty, political instability, the Ukraine war, sustainability imperatives, and Covid’s aftereffects.
“Major disruptive events have tested the resilience of transport organizations as never before,” said Sara Ulrich of PA Consulting, which surveyed 360 European transportation leaders from all modes about their ability to defeat cyberattacks.
Amid the fight, leaders are doubting their general employees’ and cyber specialists’ ability to sustain cyber resilience while others question leaders’ commitment to cyber security.
PA Consulting Sara Ulrich
To press the fight, industry and government agencies globally are collaborating on streamlined cyber resilience strategies.
Flaw in the Foundation
Complicating the fight is a flaw in the foundation of computer-based activity throughout the world: software code.
CISA Jen Easterly
“We have normalized the acceptance of software that comes full of holes,” U.S. Cybersecurity and Infrastructure Security Agency (CISA) director Jen Easterly said June 12 on the podcast “On With Kara Swisher.” A May report for cyber firm Immersive Labs said 81 percent of large organizations’ software development teams knowingly release unsecure code. “We’ve accepted it,” Easterly said. CISA and five international allies have launched a campaign to change that.
Cyber’s danger to critical infrastructure, well known in technical circles, became clear to the public on May 7, 2021. Cybercriminals told Colonial Pipeline (the largest U.S. oil pipeline operator) they had stolen nearly 100 gigabytes of accounting and billing data, encrypted it and would release unencrypted versions unless paid a nearly $5 million ransom.
Concerned the crooks’ had penetrated operating systems, Colonial shut its 5,500-mile (8,850-km) pipeline. It supplies about 45 percent of the eastern U.S.’s fuel. Colonial quickly paid the ransom (as 80 percent of companies do, experts told Transport Security International). It got decryption codes, but seven days passed before pipeline flow was normal. By then, panic had ensued. Americans snaked through long gas lines, filling whatever would hold fuel, uncertain when more might flow.
With that attack, “the vulnerability of our highly connected society became a nationwide reality,” Easterly and Southern Company executive chairman Tom Fanning (CISA’s Cybersecurity Advisory Committee chair) wrote in a CISA blog.
Rail’s Digital Revolution
In the wake of rail’s digital revolution, cyberattacks against the sector have increased by 220 percent over the last five years, according to a report by rail cybersecurity specialist Cylus. Those attacks resulted in billions of dollars in losses.
“Rail systems are quality targets for threat actors,” Cylus chief technology officer Miki Shifman said. “Rail operators that are usually critical national infrastructure are on the radar.”
A case in point: Denmark State Railways halted passenger service for hours on Oct. 29 after a vendor, Supeo, suspended its Digital Backpack 2 electronic safety/security work documents service, which rail personnel tap through tablets or phones. The reason: ransomware. Restoring long-distance service took a day.
Beyond ransomware, cyberattacks draw on traditional tactics like malware, phishing (the most common initial one), and intellectual property piracy. On the rise is social engineering (“human hacking”), which uses psychology to manipulate people into revealing passwords, downloading software, or otherwise compromising security.
“Cyber attackers are becoming much more sophisticated in their techniques,” Scott Swanson, security advisory practice leader at the risk management consultancy Aon, said. “They’ve got more resources and capabilities to target critical infrastructure systems.”
Attackers are making more use of prefabricated tools, he said, and leveraging “advanced persistent threats.” These gain access undetected and loiter in networks and systems, seeking weaknesses, stealing data, and disrupting functions.
Volt Typhoon
In May, Microsoft reported that a threat actor linked with China, dubbed Volt Typhoon and active since mid-2021, has targeted critical infrastructure in Guam and elsewhere in the U.S.
Volt Typhoon has hit sectors from communications and government to information technology (IT) and transportation. Microsoft said the threat actor intends to spy and maintain access undetected for as long as possible by “living off the land,” using normal Windows systems, network activities, and administration tools for its objectives. This lets it avoid “endpoint detection and response (EDR) products that would alert” on a third-party application’s presence; Volt Typhoon’s behavioral indicators could be legitimate Windows commands that appear benign.
Better safeguards drive attackers’ growing sophistication. Some have turned to high-level executives and their families. A report for the digital protection firm BlackCloak found 42 percent of information technology and IT security professionals surveyed said cybercriminals had attacked executives or family members, with tactics ranging from malware and doxing to extortion and physical attack.
As security improves, cybercriminals increasingly target the private lives of “C-suite executives, board members, senior and executive leadership teams and other key personnel,” the report said. They have attacked home networks and compromised unsecured vectors from address books to social media accounts.
Cyberattacks are getting faster. A 2018 distributed denial-of-service (DDoS) attack on the software developer platform GitHub was considered a record, flooding it with commands at 1.3 terabits per second (Tbps). Commonly now, DDoS attacks approach 2 Tbps. A May 2022 DDoS attack on Microsoft Azure cloud computing platform peaked at 3.25 Tbps. Experts also said attacks are getting longer. Immersive Labs cyber vice president Max Vetter said it’s not uncommon to hear of attacks lasting nine months or more.
Cybercriminals’ growing sophistication and capabilities stem from their evolution from loosely affiliated groups to highly organized ones. “These aren’t just teenagers doing this in their bedroom,” Vetter said. “This is the work of advanced hacking groups.”
Supply Chain Vulnerabilities
Rail and transit share the cyber exposures, or attack surfaces, of others dependent on IT and the operational technology (OT) that runs their equipment. One example? Supply chain vulnerabilities.
Homeland Security Robert Silvers
Vendor cybersecurity is one of the most difficult challenges, Robert Silvers, U.S. Homeland Security undersecretary for strategy, policy, and plans, said. “It’s hard enough to protect your four corners,” he said. Understanding supplier vulnerabilities “is daunting at a minimum.”
Razor Secure Randy Mitzelfelt
Subsystems providers, like everyone in rail, are modernizing products with digital capabilities, Randy Mitzelfelt, head of North America rail cyber security business development for RazorSecure, said. Components that had been just hardware — brake systems, coupler systems — are digitized. “Subsystems that previously weren’t part of a network now are.”
When it comes to vulnerabilities, “there are lots of unique things about rail,” Cylus’ Shifman said. He outlined several.
Rail’s rolling stock and infrastructure is built for 30 years or more; computer systems aren’t designed for such long lives. Rail’s stringent safety constraints “make it very hard to patch systems or add security software.”
Over 80 percent of traffic relies on proprietary, industry-specific communications unsuitable for IT security measures, he said. The industry is just implementing cybersecurity standards, so operators can’t make assumptions about a system’s security level.
Trains run over remote stretches where communications may fade to low bandwidth and physical security of wayside components is difficult. They rely on wireless train-to-ground communication prone to cyberattacks.
Rail supports commands that can override a network’s safety logic. Trains may include hidden maintenance and troubleshooting applications. These are potential attack vectors.
Christian Schlehuber, Cybershield
Cybershield consulting managing director Christian Schlehuber added, “Almost everything in the rail system needs to be accessible by passengers.” Airports or nuclear plants can put up fences to keep out unauthorized persons. “For rail, that is hardly possible.”
It is unclear how well rail and transit have absorbed past attack lessons or their sector’s vulnerabilities. PA Consulting’s report, “The always-on advantage,” found that 88 percent of executives surveyed said resilience was a strategic imperative. But only 60 percent of rail executives rated their operational resilience as good or excellent.
That was up from 2019’s 47 percent. But the gap persists between executives’ resilience aspirations and confidence and plans. Despite the resilience’s strategic imperative, 65 percent of leaders told PA Consulting they have no plans to increase investment in resilience.
Transportation’s urgency around resilience is waning, the report said. One in four executives said more disruptive events that force them to prioritize resilience is the top driver of cyber resilience efforts. “Many organizations are waiting for fresh disruption to reignite a sense of urgency.” Only one in eight identified “clear resilience leadership,” as the top driver.
The Immersive Labs report delved deeper into the gap between resilience aspirations and capabilities. The firm surveyed 570 senior security and risk professionals at 1,000-employee-plus U.S., U.K., and German organizations. It found 86 percent of organizations have a cyber resilience program. But only 33 percent said they were confident their workforce is fully prepared to perform the tasks needed to recover from a cyber incident.
That’s an obvious problem.
Humans are the weakest link in getting into a cyber secure organization. Siemens
The Weakest Link
“Humans are the weakest link in getting into a cyber secure organization,” but critical links in establishing and executing plans for responding to cyberattacks, said Augusto Chiaravalloti, Genetec’s industry marketing manager for the public sector, justice and public safety. “That’s why organizations need to educate employees about cybersecurity.”
Augusto Chiaravalloti, Genetec
Best practices, typified by the U.S. National Institute of Standards and Technology (NIST) Cybersecurity Framework and International Electrotechnical Commission (IEC) guidance, lay out five key steps: Identify critical assets, risk management practices, and security capabilities. Protect, defining prioritized defenses and safeguards for critical assets to minimize an attack’s impact. Detect threats promptly through continuous monitoring. Respond to contain and mitigate security incidents. Recover by restoring any damaged functions or services. Those all depend on employees executing effectively.
“If you have an attack and nobody knows what to do, people are just running around asking everybody who might have some knowledge about things. This is completely uncoordinated,” Schlehuber said. “You have to have a plan for how to react.”
An added benefit of an emergency response plan? Insight. “By planning a response, you find yourself trying to identify your system, your assets, who the owners are, what security mechanisms exist in them, what’s critical to your operation, and what could happen with any disruption,” Shifman said. With that insight, “you can prepare yourself better for the moment.”
Rail and transit organizations have adopted cyber best practices in large part because almost every country has enacted regulations requiring operators to increase security, experts said. The question is how.
One effort to answer that is an international collaboration to draft rail-specific cybersecurity guidelines. The NIST and IEC frameworks help, but they are directed at all ICS users. The new effort, led by the IEC’s Project Team 63452, aims to draft and publish no later than 2025 “an international standard for handling cybersecurity for the whole rail sector,” said Serge Benoliel, Alstom’s cybersecurity governance and expertise director and the team leader. It includes 79 experts from 14 countries. The standard will be based on the rail-specific cybersecurity Technical Specification 50701 published in 2021 by the European Committee for Electrotechnical Standardization (CENELEC).
The New Standard
The new standard “is going to be the future of how operators will secure themselves,” Shifman said.
That work builds on collaboration throughout the industry. “Train builders, suppliers and vendors are putting a lot of time and energy into trying to proactively address the needs of their customer base,” Mitzefelt said. “Among operators and agencies there is a lot of conversation and discussion about cybersecurity. That is at the forefront.”
Talks include CISA. “We’re having very good conversations with technology companies,” Easterly said, “to ensure that they understand what we think safe software products are.” Counterparts in Australia, Canada, the Netherlands, New Zealand, and the U.K. are involved.
Top leadership needs to do more, several experts said. “Until you really have the leadership involved, with tracking key performance indicators, reporting on progress, and embracing an interest in cybersecurity,” Swanson said, “your security posture is a little bit doomed.”
Easterly and Fanning concurred.
“The days of relegating cybersecurity to the chief information officer or chief information security officer must end,” they wrote. “CEOs and boards of directors must embrace cyber risk as a matter of good governance and prioritize cybersecurity as a strategic imperative and business enabler.”
There are approximately 600,000 bridges in the United States. With the growing number and intensity of domestic and international terrorist events in the post 9/11 world, more and more is being done to try to protect them. Terrorists attack critical infrastructure where human casualties and economic consequences are likely to be substantial. Because bridges are an integral cog in the transportation network with a bearing on human lives and economic activity, they are a likely terrorist target. Bridges are easily accessible to the public, have minimal security and provide the opportunity for a high number of casualties and injuries.
Surfside image.
An al-Qaeda training manual found in 2000 explicitly endorsed “Blasting and destroying bridges leading into and out of…cities.” A bridge or tunnel collapse during rush hour traffic might kill hundreds or thousands. Overall estimates of the cost to replace a major long-span bridge on a busy interstate highway corridor in the United States could cost billions of dollars, and hamper or divert commerce, industry, agriculture, and investing both locally and nationally.
Secure and Protect
Given their importance, and the potential economic, psychological and human consequences of such attacks, it is crucial that traffic and railway bridges are properly secured and protected from disruption. However, doing this can be challenging. There are no easy security measures to guard against terrorist attacks on bridges. With bridges, the roadway or railroad track has to remain open to allow traffic flow. Bridges are exposed on all sides, making them vulnerable from above, below and at the water’s edge.
Bridge security, like security for any infrastructure asset, includes a broad range of issues that must ensure that adequate measures are taken to protect the asset and the people and goods that utilize the asset. According to a panel formed by the Federal Highway Administration (FHWA) and the American Association of State Highway and Transportation Officials (AASHTO) the consequences of a terrorist attack on a bridge can be expressed as follows:
• Threats to the integrity of the structure (e.g., resulting in replacement of the facility or major repairs).
• Damage that inhibits the structure’s functionality for an extended period of time, such as closure of the facility for 30 days or more.
• Catastrophic failure resulting from an attack based on the threats described above.
Terrorist threats to bridges can include:
• Fire (can lead to buckling of steel beams and spalling of concrete).
• Impact (can lead to damage of piers, causing collapse of the superstructure and failure of hangers, again resulting in collapse of the superstructure).
• Mechanical cutting devices (can lead to cutting of hangers, resulting in collapse of the superstructure).
• Corrosive chemicals.
• Blast or explosion (can lead to severe damage of the structure).
Today, the U.S. Department of Homeland Security (DHS) plays a critical role in bridge security. In addition, the Transportation Research Board (TRB), through its cooperative research programs, had been addressing these security issues prior to 9/11 and substantially expanded its effort after. FHWA has continued to work with TRB in this effort.
After the 9/11 attacks, FHWA started conducting onsite assessments of bridges. In collaboration with other agencies, it began evaluating these structures around the country for their ability to resist attack. There were also several independently sponsored assessment studies and security retrofit projects done at that time on major bridges.
Information gathered from all of this helped fine-tune retrofit measures and increased potential restrictions on proposed countermeasures. The original focus was on vehicle-borne charges, but the engineering assessment teams found alternative attack methods to be feasible, so where possible the researchers factored those into the development of countermeasures.
The field investigations helped identify long-term issues and focus implementation. Other issues considered by the researchers included size and weight limitations on existing structures, especially older ones; material and geometric restrictions; practical restrictions imposed by construction, maintenance and inspection; and the need to coordinate retrofit designs and hardware with those from other retrofits.
Mitigating Damage
What can be done to prevent terrorist attacks on bridges? There is a variety of countermeasures that can be used singly or in combination to reduce attractiveness and/or vulnerability, or to reduce consequences if an attack occurs. Countermeasures are often grouped into actions or technologies to deter attack, deny access, detect presence, defend the facility, or design structural hardening to minimize consequences to an accepted level.
Bridge owners and operators should consider incorporating physical security features, including traffic and pedestrian cameras, increased illumination, restricted access to critical areas, and barriers for bridge piers and pedestrian and bicycle pathways. As structurally deficient bridges are updated or replaced, public safety personnel — emergency managers, planners and others — are encouraged to work closely with engineers and inspectors during the planning stages to contribute security and emergency response considerations.
According to the Office of the Director of National Intelligence, the following observable indicators specific to bridges may create some degree of suspicion of criminal activity. Any determination of possible illicit intent should be supported by additional facts that justify reasonable suspicion. While one activity may be insignificant on its own, the indicators should be looked at “under the totality of the circumstance.” Any indicators creating a strong suspicion of violence when observed in combination with other suspicious behaviors may constitute a basis for reporting.
Watch for:
• Unauthorized persons inside restricted areas or areas not normally accessed by the public.
• Evidence of tampering, cutting or other signs of damage to the structure or its components.
• Unattended or abandoned bags, packages, containers, or other items.
• Surveillance of the bridge or its components either in person or remotely — for example, by using unmanned aircraft systems — without a reasonable explanation.
• Vehicles or water vessels loitering or illegally parked near bridges or critical components.
According to the Department of Transportation the following actions should be considered during the design phase of all structures. In general, public access to bridges should be limited to the traveled way. Example of details to consider include: locating box girder access openings away from abutments where the soffit is close to the ground; providing locking mechanisms on deck access openings; placing screens at soffit vents near abutments, and; preventing access to girder flanges and maintenance walkways at abutments.
Withstanding an Attack
Can bridges be built and retrofitted to better withstand a terrorist attack? In a study funded by the Texas DOT and seven other state transportation agencies, analytical models helped investigate cost-effective and unobtrusive design and retrofit options for a variety of bridges. The researchers collaborated with the U.S. Army Corps of Engineers and private consultants specializing in bridge design and structural response to blast loads. Vehicle bombs are the terrorist weapon of choice worldwide and are a significant concern for highway bridges. Using computer simulations and blast tests on 16 half-scale bridge columns, the researchers were able to see how these critical bridge components respond to various explosion scenarios.
Among the major findings is that the shape of a bridge column can play a large role in how well a bridge withstands blast pressure. In the experiments, circular columns decreased the blast pressure on a bridge by up to 34 percent compared to a square or rectangular column of the same size. The dimensions of bridge columns also had a major impact on the column’s capacity to withstand a close blast. Consequently, the researchers recommended a minimum bridge column diameter of 30 inches in their design guidelines.
In states prone to earthquakes, like California, the impact of the guidelines is not as significant because bridges there are already designed and built to withstand tremors from an earthquake. But in states like Texas, where there is little or no seismic activity, bridge construction may require improved column detailing. In these states, the new guidelines can make a significant difference in improving bridge safety.
U.S. Army Engineer Research and Development Center has Anti-Terrorism Planner for Bridges (ATP-Bridge) software available to provide help. It is a fast-running, engineering-level code for predicting damage to bridge components by explosive, thermal and mechanical threats. ATP-Bridge enables rapid vulnerability assessment for existing bridges and can aid designers to incorporate protective design in new construction. This software is primarily aimed at bridge engineers, but could also help law enforcement or emergency management personnel to assess likely damage to bridge infrastructure from selected human-made intentional or accidental hazards.
With this software, damage predictions are made using a combination of empirical models for localized damage and an explicit time-integration finite element code for column structural response. Models in ATP-Bridge leverage over a decade of physical testing and high-fidelity simulation. A straightforward graphical user interface allows the user to create an inventory of components and threats quickly and easily. The component types that can be modeled cover reinforced concrete (R/C) columns with circular or rectangular cross sections, R/C tower panels, steel tower panels and cables.
Surveillance
Surveillance systems for bridges flooded the market after September 11, but many states lacked guidance for choosing among them. FHWA undertook a research study to determine the latest surveillance technologies and security practices, and develop a protocol to assist in the decision-making processes.
FHWA led a Transportation Pooled Fund effort focusing on the state of current and future surveillance and monitoring technologies available both within the United States and abroad. Researchers surveyed bridge and tunnel owners about their existing surveillance and security capabilities, including their experiences with these technologies.
The research also included site visits to examine existing systems. The study produced a report, Bridge and Tunnel Security and Surveillance Technologies, and a database of available security and surveillance systems. Currently, the report is available by contacting FHWA, and the long-term plan is to make it available through the National Technical Information Service.
Smart thermal cameras with integrated video analytics can survey critical infrastructure in the tough outdoor environment that bridges exist in to keep them safe.
Princeton, N.J.-based SightLogix’s SightSensors aid bridge security challenges because they can:
• Detect movement with a high degree of accuracy in the presence of small animals, birds, flowing water or blowing debris.
• Provide early warning of intruders over massive buffer zones beyond the bridge structure itself — detecting intruders and approaching watercraft over hundreds of meters far and wide.
• Operate in complete darkness as well as glare conditions caused by the rising or setting sun, headlights, or reflections off water.
• Employ automatic stabilization to remove camera shake caused by passing trains, traffic and wind.
• Determine the exact location of the intrusion and automatically zoom PTZ cameras to follow the action in real time.
Looking ahead, surveillance and more effective detection and warning systems will help mitigate incidents. Improved designs and effective uses of new materials can help protect structures and ensure that unpreventable damage does not result in complete failure, which could cause major disruption to the economy and possibly numerous lives lost.
AFCEA International, in partnership with the AFCEA Atlanta Chapter, presents the Homeland Security Cybersecurity and Infrastructure Conference, July 17-19, 2023.
Attendees will come away from this event having learned about emerging trends in homeland security, and they’ll have the chance to interact with industry leaders showcasing the newest equipment and technology available to help keep communities and the infrastructure that serves them safe and protected.
This event features a technical program of unsurpassed scope as well as a central meeting place for government, academia and industry working in all disciplines in industry, service, government, military and academic sectors. Several sessions carry continuing education credits.
Speakers include: Keri Farley, Special Agent in Charge, Atlanta Field Office, Federal Bureau of Investigation; Dr. David Mussington, Executive Assistant Director for Infrastructure Security, Cybersecurity and Infrastructure Security Agency; RADM John Vann, Commander, Coast Guard Cyber Command; Colt Whittall, Chief Experience Officer, US Air Force.
Media are invited to cover the event at no charge (select the government–no meals option at this registration page.
Contact: Howard Wahlberg, Senior Director of Marketing, AFCEA International media@afcea.org (703) 631-6199
The new Savox Noise-COM 500 products are Bluetooth hearing protectors specifically designed for use in extremely harsh, noisy operations. They are suitable, for example, for use in construction, mining, or other heavy industries where using hearing protectors is vital, and the ability to communicate with clarity is of equally high importance. Thes durable hearing protectors combine excellent ambient sound quality with an outstanding noise-cancelling microphone for clear speech.
As the Savox Noise-COM 500 can be connected to various Bluetooth two-way radios or mobile phones, users can comfortably listen to audio as well as make and receive phone calls. Additionally, the ambient sound feature allows users to clearly hear surrounding sounds, such as speech or warning signals while blocking high-level, harmful noises out. There is also an easily accessible rotary button for push-to-talk and ambient sound volume adjustment. With the Savox Noise-COM 500XP model, there is an added possibility to define ambient sound audio profiles for different occasions, enabling the best possible audio for every operational situation.
“It is essential to protect the hearing of professionals in heavy industry operations without compromising on safety, nor on the quality and clarity of communications with fellow workers. With the Savox Noise-COM 500, there is no danger of missing out on important surrounding sounds or urgent alarms,” says Jerry Kettunen, CEO at Savox Communications.
“Safety is as much a question of hearing what you need to hear as it is of noise reduction. ‘Hear what you must hear and hear what you want to hear’ summarizes what it’s all about,” he emphasizes. “We at Savox firmly believe that this product has huge potential to become the best option available on the industrial market,” Mr. Kettunen concludes.
Key Features:
Wireless connection to Bluetooth® enabled devices (Bluetooth 5.0 and profiles: HFP, HSP, A2DP)
Ambient sound with audio profiles (NC-500XP)
Voice prompted menu
Built-in rechargeable battery
Professional two-way radio with push-to-talk compatibility
Easily accessible rotary button for push-to-talk and ambient sound volume adjustment
Unique casting technique protects the electronics for maximum reliability
Noise-cancelling boom microphone
Low battery warning and automatic switch off.
Retired Lt. Gen. Todd Semonite, former chief of eEngineers and commanding general of the U.S. Army Corps of Engineers (USACE), is the recipient of the Society of American Military Engineers (SAME) 2023 Golden Eagle Award for National Security.
SAME presented the prestigious award on May 4 to Semonite, president of Federal Programs at WSP USA, a leading engineering, environment and professional services consultancy, during the organization’s annual Joint Engineer Training Conference in San Antonio. The award cites his leadership role in ensuring Americans had reliable access to healthcare facilities during the COVID pandemic in 2020.
In addition, Semonite was announced as one of 26 members newly invested into SAME’s Fellows Academy, which formally acknowledges distinguished individuals for their dedication to SAME and the architecture/engineering/construction profession.
“I am very honored to receive this Golden Eagle award, but it’s not just about me. It’s also about all of the men and women whom I’ve had the pleasure to work with in my career,” Semonite said. “I was in the Army for 41 years and the mission was always about ‘How are we going to take care of America?’ So, whether you’re building barracks or an airfield, supporting soldiers overseas, or directing emergency response operations following a major disaster mission accomplishment is what we do best. The military ethic enabled us to pull people together to find solutions and get things done.”
As USACE commanding general, Semonite advised the Secretary of the Army on general, combat and geospatial engineering; construction, real property, public infrastructure; and natural resources science and management. He also oversaw 36,000 civilian employees, 800 military personnel, and managed a $68 billion project portfolio.
Semonite was leading USACE in February 2020 when the U.S. was on the brink of the COVID pandemic. USACE stepped up to build temporary “alternative care” facilities (field hospitals) in locations around the country, where needed.
Working along with the Federal Emergency Management Agency, the goal was to support local capacity for inpatient and outpatient healthcare services, at a time when many regions were overwhelmed with demand from COVID. After talking with hundreds of governors and mayors, USACE completed 1,100 assessments nationwide and, of those, they designed and built about 70 needed facilities in record time. The first was New York City’s Javits Center. Other converted facilities included sports arenas, hotels, dormitories and vacant hospitals. The result was the creation of over 30,000 additional bed spaces nationwide.
“We, as engineers, filled a void when our nation needed someone to step up,” Semonite said. “While it was never in my mandate, as the head of the USACE, to think about how to solve COVID, there was a problem and somebody had to figure out how to address it. So, we worked together with healthcare professionals, the engineering staff, as well as the industry side, to put these massive facilities together in record time.”
As Chief of Engineers in 2017, Semonite managed USACE’s emergency response operations for three major storms: Hurricane Harvey in Texas; Hurricane Irma, which struck the U.S. Virgin Islands and Florida; and Hurricane Maria in Puerto Rico, where he directed rebuilding efforts for three grids, as part of over $1 billion in infrastructure repairs that included installing more than 66,000 power poles. In 2012, as Division Commander of the USACE South Atlantic Division, he coordinated the response to Hurricane Sandy in the Southeast after the devastating storm struck the U.S. East Coast and caused nearly $70 billion in damage.
“I’ve been unbelievably blessed to have a lot of people in my life who have made me successful,” Semonite said. “This is my opportunity to thank the thousands of mentors, peers, soldiers and civilians who have supported me throughout my career and pay that back, by thanking them for that success. I also want to thank my wife Connie, my kids, and my 10 grandchildren for their support.”
A licensed professional engineer in New York, Virginia and Vermont, he has a bachelor’s degree in civil engineering from the U.S. Military Academy at West Point, New York. He also holds a master’s in civil engineering from the University of Vermont, as well as a master’s in military arts from Fort Leavenworth.
His military awards include the three Distinguished Service Medals, the Defense Superior Service Award, five Legion of Merit awards, the Bronze star, the Ranger tab and the Parachutist badge.
Despite rail safety in India actually improving in recent years, a serious train accident accident occurred when three trains collided near Balasore, India, on June 4. The death toll from the crash has reportedly reached 300 or more, with hundreds more injured. Indian officials say that an electronic signaling error may have been the cause of the accident. It is said to be one of the deadliest transportation disasters in the country’s history.
India’s railways are the largest train network in the world under one management. Indian Prime Minister Nahrendra Modi flew to the crash site and examined the recovery effort and talked to rescue officials, according to reports.
Ashwini Vaishnaw, India’s railway minister, said there would be an investigation, while some railway officials recommended a criminal probe be conducted.
