[Congressional Bills 113th Congress]
[From the U.S. Government Publishing Office]
[H.R. 2952 Introduced in House (IH)]

113th CONGRESS
  1st Session
                                H. R. 2952

To amend the Homeland Security Act of 2002 to make certain improvements 
 in the laws relating to the advancement of security technologies for 
      critical infrastructure protection, and for other purposes.


_______________________________________________________________________


                    IN THE HOUSE OF REPRESENTATIVES

                             August 1, 2013

  Mr. Meehan introduced the following bill; which was referred to the 
                     Committee on Homeland Security

_______________________________________________________________________

                                 A BILL


 
To amend the Homeland Security Act of 2002 to make certain improvements 
 in the laws relating to the advancement of security technologies for 
      critical infrastructure protection, and for other purposes.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

SECTION 1. SHORT TITLE.

    This Act may be cited as the ``Critical Infrastructure Research and 
Development Advancement Act of 2013'' or the ``CIRDA Act of 2013''.

SEC. 2. DEFINITIONS.

    Section 2 of the Homeland Security Act of 2002 (6 U.S.C. 101) is 
amended by redesignating paragraphs (15) through (18) as paragraphs 
(16) through (19), respectively, and by inserting after paragraph (14) 
the following:
            ``(15) The term `Sector Coordinating Council' means a 
        private sector coordinating council that is--
                    ``(A) recognized by the Secretary as such a Council 
                for purposes of this Act; and
                    ``(B) comprised of representatives of owners and 
                operators of critical infrastructure within a 
                particular sector of critical infrastructure.''.

SEC. 3. CRITICAL INFRASTRUCTURE PROTECTION RESEARCH AND DEVELOPMENT.

    (a) In General.--Title III of the Homeland Security Act of 2002 (6 
U.S.C. 181 et seq.) is amended by adding at the end the following:

``SEC. 318. RESEARCH AND DEVELOPMENT STRATEGY FOR CRITICAL 
              INFRASTRUCTURE PROTECTION.

    ``(a) In General.--Not later than 180 days after the date of 
enactment of the Critical Infrastructure Research and Development 
Advancement Act of 2013, the Secretary, acting through the Under 
Secretary for Science and Technology, shall transmit to Congress a 
strategic plan to guide the overall direction of Federal physical 
security and cybersecurity technology research and development efforts 
for protecting critical infrastructure. Once every 2 years after the 
initial strategic plan is transmitted to Congress under this section, 
the Secretary shall transmit to Congress an update of the plan.
    ``(b) Contents of Plan.--The strategic plan shall include the 
following:
            ``(1) An identification of critical infrastructure security 
        risks and the associated security technology gaps, that are 
        developed following--
                    ``(A) consultation with stakeholders, including the 
                Sector Coordinating Councils; and
                    ``(B) performance by the Department of a risk/gap 
                analysis that considers information received in such 
                consultations.
            ``(2) A set of critical infrastructure security technology 
        needs that--
                    ``(A) is prioritized based on risk and gaps 
                identified under paragraph (1);
                    ``(B) emphasizes research and development of those 
                technologies that need to be accelerated due to rapidly 
                evolving threats or rapidly advancing infrastructure 
                technology; and
                    ``(C) includes research, development, and 
                acquisition roadmaps with clearly defined objectives, 
                goals, and measures.
            ``(3) An identification of laboratories, facilities, 
        modeling, and simulation capabilities that will be required to 
        support the research, development, demonstration, testing, 
        evaluation, and acquisition of the security technologies 
        described in paragraph (2).
            ``(4) An identification of current and planned programmatic 
        initiatives for fostering the rapid advancement and deployment 
        of security technologies for critical infrastructure 
        protection. The initiatives shall consider opportunities for 
        public-private partnerships, intragovernment collaboration, 
        university centers of excellence, and national laboratory 
        technology transfer.
    ``(c) Coordination.--In carrying out this section, the Under 
Secretary for Science and Technology shall coordinate with the Under 
Secretary for the National Protection and Programs Directorate.
    ``(d) Consultation.--In carrying out this section, the Under 
Secretary for Science and Technology shall consult with--
            ``(1) the critical infrastructure Sector Coordinating 
        Councils;
            ``(2) to the extent practicable, subject matter experts on 
        critical infrastructure protection from universities, national 
        laboratories, and private industry;
            ``(3) the heads of other relevant Federal departments and 
        agencies that conduct research and development for critical 
        infrastructure protection; and
            ``(4) State, local, and tribal governments as appropriate.

``SEC. 319. REPORT ON PUBLIC-PRIVATE RESEARCH AND DEVELOPMENT 
              CONSORTIUMS.

    ``(a) In General.--Not later than 180 days after the enactment of 
the Critical Infrastructure Research and Development Advancement Act of 
2013, the Secretary, acting through the Under Secretary for Science and 
Technology, shall transmit to Congress a study on the use by the 
Department of public-private research and development consortiums for 
accelerating technology development for critical infrastructure 
protection. Once every 2 years after the initial study is transmitted 
to Congress under this section, the Secretary shall transmit to 
Congress an update of the study. The study shall focus on those aspects 
of critical infrastructure protection that are predominately operated 
by the private sector and that would most benefit from rapid security 
technology advancement.
    ``(b) Contents of Study.--The study shall include--
            ``(1) a summary of the progress and accomplishments of on-
        going consortiums for critical infrastructure security 
        technologies;
            ``(2) in consultation with the Sector Coordinating 
        Councils, a prioritized list of technology development focus 
        areas that would most benefit from a public-private research 
        and development consortium; and
            ``(3) based on the prioritized list developed under 
        paragraph (2), a proposal for implementing an expanded research 
        and development consortium program, including an assessment of 
        feasibility and an estimate of cost, schedule, and 
        milestones.''.
    (b) Clerical Amendment.--The table of contents in section 1(b) of 
such Act is amended by adding at the end of the items relating to such 
title the following:

``Sec. 318. Research and development strategy for critical 
                            infrastructure protection.
``Sec. 319. Report on public-private research and development 
                            consortiums.''.
    (c) Critical Infrastructure Protection Technology Clearinghouse.--
Section 313 of the Homeland Security Act of 2002 (6 U.S.C. 193) is 
amended by redesignating subsection (c) as subsection (d), and by 
inserting after subsection (b) the following:
    ``(c) Critical Infrastructure Protection Technology 
Clearinghouse.--
            ``(1) Designation.--Under the program required by this 
        section, the Secretary, acting through the Under Secretary for 
        Science and Technology, and in coordination with the Under 
        Secretary for the National Protection and Programs Directorate, 
        shall designate a technology clearinghouse for rapidly sharing 
        proven technology solutions for protecting critical 
        infrastructure.
            ``(2) Sharing of technology solutions.--Technology 
        solutions shared through the clearinghouse shall draw from 
        Government-furnished, commercially furnished, and publically 
        available trusted sources.
            ``(3) Technology metrics.--All technologies shared through 
        the clearinghouse shall include a set of metrics to assist end-
        users in deploying timely and effective solutions relevant for 
        their critical infrastructures.
            ``(4) Review by privacy officer.--The Privacy Officer of 
        the Department appointed under section 222 shall annually 
        review the clearinghouse process to evaluate its consistency 
        with fair information practice principles issued by the Privacy 
        Officer.''.
    (d) Evaluation of Technology Clearinghouse by Government 
Accountability Office.--Not later than 2 years after the date of 
enactment of this Act, the Comptroller General of the United States 
shall conduct an independent evaluation of, and submit to the Committee 
on Homeland Security of the House of Representatives and the Committee 
on Homeland Security and Governmental Affairs of the Senate a report 
on, the effectiveness of the clearinghouses established and designated, 
respectively, under section 313 of the Homeland Security Act of 2002, 
as amended by this section.

SEC. 4. NO ADDITIONAL AUTHORIZATION OF APPROPRIATIONS.

    No additional funds are authorized to be appropriated to carry out 
this Act and the amendments made by this Act, and this Act and such 
amendments shall be carried out using amounts otherwise available for 
such purpose.
                                 <all>