[House Hearing, 110 Congress]
[From the U.S. Government Publishing Office]



 
         H.R., THE CHEMICAL FACILTY ANTI-TERRORISM ACT OF 2008

=======================================================================



                                HEARING

                               before the

                     SUBCOMMITTEE ON TRANSPORTATION
                      SECURITY AND INFRASTRUCTURE
                               PROTECTION

                                 of the

                     COMMITTEE ON HOMELAND SECURITY
                        HOUSE OF REPRESENTATIVES

                       ONE HUNDRED TENTH CONGRESS

                             FIRST SESSION

                               __________

                           DECEMBER 12, 2007

                               __________

                           Serial No. 110-89

                               __________

       Printed for the use of the Committee on Homeland Security
                                     
[GRAPHIC] [TIFF OMITTED] CONGRESS.#13

                                     

  Available via the World Wide Web: http://www.gpoaccess.gov/congress/
                               index.html

                               __________



                  U.S. GOVERNMENT PRINTING OFFICE
48-984                    WASHINGTON : 2009
-----------------------------------------------------------------------
For sale by the Superintendent of Documents, U.S. Government Printing 
Office Internet: bookstore.gpo.gov Phone: toll free (866) 512-1800; DC 
area (202) 512-1800 Fax: (202) 512-2104  Mail: Stop IDCC, Washington, DC 
20402-0001



                     COMMITTEE ON HOMELAND SECURITY

               BENNIE G. THOMPSON, Mississippi, Chairman

LORETTA SANCHEZ, California,         PETER T. KING, New York
EDWARD J. MARKEY, Massachusetts      LAMAR SMITH, Texas
NORMAN D. DICKS, Washington          CHRISTOPHER SHAYS, Connecticut
JANE HARMAN, California              MARK E. SOUDER, Indiana
PETER A. DeFAZIO, Oregon             TOM DAVIS, Virginia
NITA M. LOWEY, New York              DANIEL E. LUNGREN, California
ELEANOR HOLMES NORTON, District of   MIKE ROGERS, Alabama
Columbia                             BOBBY JINDAL, Louisiana
ZOE LOFGREN, California              DAVID G. REICHERT, Washington
SHEILA JACKSON LEE, Texas            MICHAEL T. McCAUL, Texas
DONNA M. CHRISTENSEN, U.S. Virgin    CHARLES W. DENT, Pennsylvania
Islands                              GINNY BROWN-WAITE, Florida
BOB ETHERIDGE, North Carolina        MARSHA BLACKBURN, Tennessee
JAMES R. LANGEVIN, Rhode Island      GUS M. BILIRAKIS, Florida
HENRY CUELLAR, Texas                 DAVID DAVIS, Tennessee
CHRISTOPHER P. CARNEY, Pennsylvania
YVETTE D. CLARKE, New York
AL GREEN, Texas
ED PERLMUTTER, Colorado
VACANCY

       Jessica Herrera-Flanigan, Staff Director & General Counsel

                     Rosaline Cohen, Chief Counsel

                     Michael Twinchek, Chief Clerk

                Robert O'Connor, Minority Staff Director

                                 ______

 SUBCOMMITTEE ON TRANSPORTATION SECURITY AND INFRASTRUCTURE PROTECTION

                 SHEILA JACKSON LEE, Texas, Chairwoman

EDWARD J. MARKEY, Massachusetts      DANIEL E. LUNGREN, California
PETER A. DeFAZIO, Oregon             GINNY BROWN-WAITE, Florida
ELEANOR HOLMES NORTON, District of   MARSHA BLACKBURN, Tennessee
Columbia                             GUS M. BILIRAKIS, Florida
YVETTE D. CLARKE, New York           PETER T. KING, New York (Ex 
ED PERLMUTTER, Colorado              Officio)
BENNIE G. THOMPSON, Mississippi (Ex 
Officio)

                      Mathew Washington, Director

                          Erin Daste, Counsel

                   Natalie Nixon, Deputy Chief Clerk

                 Coley O'Brien, Minority Senior Counsel

                                  (II)


                            C O N T E N T S

                              ----------                              
                                                                   Page

                               Statements

The Honorable Sheila Jackson Lee, a Representative in Congress 
  from the State of Texas, and Chairwoman, Subcommittee on 
  Transportation Security and Infrastructure.....................     1
The Honorable Daniel E. Lungren, a Representative in Congress 
  from the State of Texas, and Ranking Member, Subcommittee on 
  Transportation Security and Infrastructure.....................     3
The Honorable Bennie G. Thompson, a Representative in Congress 
  from the State of Mississippi, and Chairman, Committee on 
  Homeland Security..............................................     5
The Honorable Yvette D. Clarke, a Representative in Congress from 
  the State of New York..........................................    48
The Honorable Bill Pascrell, Jr., a Representative in Congress 
  from the State of New Jersey...................................    45

                               Witnesses

Dr. M. Sam Mannan, PE, CSP, Professor and Director, Mary Kay 
  O'Connor Process Safety Center, Artie McFerrin Department of 
  Chemical Engineering, Texas A&M University System:
  Oral Statement.................................................    30
  Prepared Statement.............................................    32
Mr. Clyde Miller, Director, Corporate Security, BASF Corporation:
  Oral Statement.................................................    12
  Prepared Statement.............................................    14
Mr. Gerald C. Setley, Vice President, Region 3 Director, 
  International Chemical Workers Union Council, United Food and 
  Commercial Workers Union:
  Oral Statement.................................................    20
  Prepared Statement.............................................    21
Mr. Gary Sondermeyer, Director of Operations, New Jersey 
  Department of Environmental Protection:
  Oral Statement.................................................    25
  Prepared Statement.............................................    27
Colonel Bob Stephan, Assistant Secretary, Infrastructure 
  Protection, U.S. Department of Homeland security:
  Oral Statement.................................................     6
  Prepared Statement.............................................     9

                             For the Record

Mr. William E. Allmond, IV, Director, Government Relations, 
  Synthetic Organic Chemical Manufactures Association (SOCMA) 
  accompanied by,
Mr. Jeffrey Gunnulfsen, Senior Manager, government Relations, 
  Synthetic Organic Chemical Manufactures Association (SOCMA):
  Joint Prepared Statement.......................................    59


                      H.R., THE CHEMICAL FACILITY


                       ANTI-TERRORISM ACT OF 2008

                              ----------                              


                      Wednesday, December 12, 2007

             U.S. House of Representatives,
                    Committee on Homeland Security,
Subcommittee on Transportation Security and Infrastructure 
                                                Protection,
                                                    Washington, DC.
    The subcommittee met, pursuant to call, at 10:10 a.m., in 
Room 311, Cannon House Office Building, Hon. Sheila Jackson Lee 
[chairwoman of the subcommittee] presiding.
    Present: Representatives Jackson Lee, Clarke, Thompson (ex 
officio) and Lungren.
    Also present: Representatives Pascrell and Langevin.
    Ms. Jackson Lee. Good morning. The subcommittee will come 
to order.
    The subcommittee is meeting today to receive testimony on 
the legislative draft of the Chemical Facility Antiterrorism 
Act of 2008. Importantly, this testimony will include insight 
into the current chemical security regulations and current 
efforts in the State of New Jersey.
    Before I begin, however, I ask for unanimous consent that 
the Chairman of the Subcommittee on Emerging Threats, 
Cybersecurity, and Science and Technology Mr. Langevin, and Mr. 
Pascrell, a member of the full committee, sit and question the 
panel during today's hearing. Without objection, so ordered.
    The Ranking Member wanted to smile his approval, and we 
thank him so very much. Let me also welcome Mr. Pascrell and 
thank him. We know how crucial these issues are to his region. 
And let me as well welcome the Chairman of the full committee, 
Mr. Thompson of Mississippi.
    I would like to take this opportunity to thank you all for 
joining us this morning. As we all know, the Congress, and 
specifically the full committee and this subcommittee are very 
concerned with chemical security and ensuring there are 
effective and robust chemical security regulations when the 
current regulations expire in October 2009.
    Chemical security is a topic that is very important to this 
committee, my constituents, and me. The Houston area is home to 
several chemical facilities and petroleum refineries. As a 
result, the issue of chemical facility security is one that is 
right in my backyard, as well as many, many backyards of many, 
many Americans.
    This subcommittee held a previous hearing on the topic of 
chemical facilities in July of this year. At the time of that 
hearing, the Department of Homeland Security was preparing to 
implement the Chemical Facility Antiterrorism Standards, all 
known as CFATS. Although the Department had moved aggressively 
in drafting the interim final rules and a list of chemicals 
covered under the regulation referred to here as Appendix A, 
which will be made part of the hearing record, the Office of 
Management and Budget took several months before finally 
releasing the list on November 20, less than a month ago.
    Fortunately, the Department proactively reached out to 
roughly 100 companies that it was sure would be captured under 
the regulations and asked them to begin the regulatory process 
by completing a Top-Screen questionnaire that listed the 
chemicals held on site by these companies. This action by the 
Department helped to get these necessary regulations moving.
    With the release of Appendix A, all companies, not just the 
initial 100, are filling out the Top-Screen. The results of the 
Top-Screen determine whether a facility will be regulated under 
CFATS. These facilities that have relatively small amounts of 
chemicals, or otherwise pose low risks, will not be regulated. 
If the facility is determined to have a sufficient amount of a 
chemical of concern, however, it will be regulated.
    Under the regulation, the next step is for a facility to 
complete a Security Vulnerability Assessment and a Site 
Security Plan, which must be approved by the Department and 
implemented by the facility. We are fortunate to have before us 
today representatives from the Department and a regulated 
company to provide us with insight into the implementation of 
CFATS.
    This committee is responsible for oversight of the 
Department, and also for enacting legislation to give 
permanence to CFATS regulation, which will sunset in October 
2009. This hearing then gives us an opportunity to find out 
about what is working in CFATS and what could use improvement. 
Importantly, this committee does not want to reinvent the 
wheel, and we believe that the fundamental approach taken under 
CFATS is a correct one. We do, however, have some concerns 
regarding the protection of information and the introduction of 
a new class of protected information, chemical terrorism 
vulnerability information.
    I, for one, have an open mind on this issue, and I 
understand the need to protect this sensitive information, but 
I am concerned that we might overprotect information. As a 
result, it may not be shared with the necessary stakeholders, 
such as with the facilities as well as State and local 
authorities who have the responsibility, along with the Federal 
Government, to protect the homeland.
    We also would like to see more emphasis placed on employee 
training and the involvement of employees and their 
representatives in creating SCAs and SSPs. For that reason, we 
are happy to have a Chemical Workers Union representative here 
with us here today.
    Clearly, inherently safer technologies has, of course, been 
a hot topic. This hearing will provide an opportunity to have a 
conversation about IST, and I am looking forward to it. We are 
fortunate to have a representative from New Jersey, a State 
with a chemical facility security law that requires an IST 
assessment. We are also joined by an academic expert who has 
studied IST, and a company which has complied with New Jersey's 
law so that we can examine this issue from all sides.
    Let me say how appreciative I am of our Chairman of the 
full committee Mr. Thompson for his recognition of the 
importance of the second half of the responsibilities of this 
subcommittee, infrastructure protection. As we go into 2008, we 
look forward to looking at some unique challenges that we have 
seen not necessarily dealing with terrorism, but certainly 
vulnerable: shopping malls, dams, hospitals, and schools. And 
this subcommittee expects to have enormous oversight in these 
areas in order to again ensure and protect the homeland.
    In addition, I would be open to the whole idea of oversight 
and the question of whether there should be some outside 
contracting as relates to the audit and oversight of dealing 
with chemical companies and their compliance with a potential 
chemical security bill.
    There is a lot to be done, but the work is done 
specifically to ensure that America is safe. We welcome these 
witnesses to be partners in that journey that we must take. The 
whole idea of homeland security is preventative and protective, 
and I hope this hearing today will be an important step toward 
protecting and securing America. The American people deserve 
our best. I am looking forward again to today's hearings, and I 
thank the witnesses for being here, and look forward, as I said 
previously, to their testimony.
    Ms. Jackson Lee. The Chair now recognizes the Ranking 
Member of the subcommittee, the gentleman from California, for 
an opening statement. Mr. Lungren, I yield.
    Mr. Lungren. Thank you very much, Madam Chairwoman.
    I felt it was most appropriate when our subcommittee met in 
July to review the Department of Homeland Security's efforts to 
implement our committee's bipartisan chemical security 
legislation, which we enacted last year. I think it is very 
appropriate for us to have this hearing today. I am 
constrained, however, by an requirement to be in the Judiciary 
Committee in a few minutes because I am the prime sponsor of 
the bill dealing with judicial pay, and we have been working on 
that for some time, and I have to be over there, and then I 
will try and get back as quickly as possible.
    The authority to regulate the security of our Nation's 
chemical industry is not only historic, it is timely. Dangerous 
chemicals stored or processed in high volume at chemical 
facilities naturally would pose a serious threat to facility 
workers and neighboring populations if they became a subject or 
a target of terrorists. Chemical facilities seem to be at the 
top of every terrorist target list. It was this concern over 
the vulnerability of chemical facilities which prompted 
Congress last year to adopt a compromise national risk-based 
security plan for all chemical facilities.
    As was stated by the Chairwoman, the Homeland Security 
Department is currently making progress, I would call it 
excellent progress, identifying our high-risk chemical 
facilities. DHS estimates that 40,000 facilities will 
eventually be assessed under their plan. They will be assessed 
or Top-Screened for potential consequences and assigned to 
risk-based tiers. And I mention risk-based tiers because that 
is in keeping with our idea of a layered approach, and also 
with an approach of giving greatest attention to the greatest 
danger. These facilities which qualify as Tier 1, 2, and 3 will 
be required to conduct a facility vulnerability assessment and 
submit a Site Security Plan to address those vulnerabilities.
    So I hope that we all understand the need to address the 
sunset provision contained in last year's bipartisan chemical 
security legislation. We should recognize, however, that the 
chemical facilities are just beginning the assessment process 
under current regulations, and that assessment is a critical 
step and the first step in the Department's efforts to secure 
our chemical facilities. So I would be very reticent to make 
any substantial changes in the law before it has been fully 
implemented as long as I am satisfied that the Department is 
going forward full steam, and that the Department is receiving 
cooperation from the industry involved. If we don't allow the 
regulations to take effect, we won't be able to identify any 
gaps or legislative deficiencies.
    I am concerned about proposals to grant third-party rights 
of action against chemical facilities. While I am a lawyer and 
have been involved in litigation my entire life, I am not 
always certain that that is the best way, the highest and best 
use of our time and efforts to make ourselves more secure.
    I am intrigued once again by an effort to have inherently 
safer technology imposed. I think we learned much last year 
when we had hearings on that subject as to what it is and what 
it is not, what it can do and what it cannot do, what its 
promise is and what its mere hope is. And I would hope that we 
use some prudence as we approach that question.
    My concern about legislative uncertainty arises also. I 
would suggest that legislative uncertainty would undermine our 
efforts to enlist the cooperation and support of the private 
sector in securing their chemical facilities. The entire Top-
Screen assessment process relies on information supplied by the 
owners of the chemical facilities. I would hope that they would 
continue to work with us, and I would hope that we would engage 
them in a cooperative effort, and one of confidence that we 
have set certain rules, that they should abide by those rules, 
and we will then assess the results of those after we have 
completed the action.
    So, once again, I hope that we will be able to achieve 
bipartisanship as we have in the past, that we will learn from 
what has been done thus far. And I would just say this, that I 
have been impressed with the efforts organized under Colonel 
Stephan since he came to the Department. He has gained my 
confidence and, I believe, the confidence of the members of 
this panel. And so I would very much like to see the results of 
the activity that has been engaged in since we last passed the 
law for this area. And while I have to leave for a period of 
time, I have the written testimony here, and I hope to be back 
for the question-and-answer period. And I thank the Chairwoman.
    Ms. Jackson Lee. I thank the Ranking Member. I appreciate 
his scheduling conflict. And both of us are facing that same 
conflict, and particularly in case of a number of votes that 
may take place. So thank you very much for your testimony.
    The Chair now is very pleased to recognize the 
distinguished gentleman from Mississippi, the Chairman of the 
full committee, Mr. Thompson. And again, my appreciation for 
his leadership on this issue and many issues dealing with the 
security of our Nation.
    Mr. Thompson. I thank the Chairwoman Jackson Lee for 
holding this important hearing, and I look forward to the 
testimony of our witnesses. As has already been said, this is 
our second hearing this subcommittee has held on the subject of 
chemical facility security in this Congress. Both Chairwoman 
Jackson Lee and myself recognize the importance and 
significance of chemical security. Fortunately, we also share 
that sentiment with many committee members here also.
    There has been a great deal of speculation from all sides 
about the current regulations and any legislation to be enacted 
in the future. I hope today's hearing will give us an 
opportunity to move away from speculation and move toward 
actual facts with those who have experience with chemical 
security regulations.
    One of my goals as Chairman of the full committee is to 
ensure the American people that we are doing what we can to 
secure America. While dangerous chemicals do pose a real 
threat, we do not want to over exaggerate this issue. We also 
want to avoid creating fear and confusion for the American 
public. Instead, we want to ensure American freedom from fear 
of a chemical attack.
    In order for our committee to provide that freedom, we must 
be effective in addressing any and all vulnerabilities. We can 
do this by implementing smart, aggressive measures to protect 
our chemical facilities and the populations surrounding them. 
While the CFATS regulations have been in place for a few weeks, 
it is important for us to receive feedback on the 
implementation of the regulations from all sides of the issue. 
In addition, the State of New Jersey has its own chemical 
security regulations in place, and this committee can learn a 
great deal from its experience. The CFATS regulations will 
sunset in October 2009, and I feel strongly that Congress and 
this committee should consider making these regulations 
permanent.
    I look forward to this discussion and the road ahead. I 
thank the Chairwoman, and I yield back.
    Ms. Jackson Lee. I thank the distinguished Chairman.
    Let me remind our colleagues and members of this committee, 
and other members of the subcommittee are reminded that under 
the committee rules, opening statements may be submitted for 
the record.
    I welcome our panel of witnesses, and good morning to you 
again. Our first witness, Colonel Bob Stephan, is the Assistant 
Secretary For Infrastructure Protection at the Department of 
Homeland Security. And we are certainly pleased of his service 
and the approach to the commitment of protecting the Nation's 
infrastructure that he has taken.
    Colonel Bob Stephan was appointed to serve as the Assistant 
Secretary of Homeland Security for Infrastructure Protection in 
April 2005. In this capacity he is responsible for the 
Department's efforts to catalogue our critical infrastructure 
and key resources, and to coordinate risk-based strategies and 
protective measures to secure them from terrorist attack. The 
Chemical Security Compliance Division, which oversees the 
implementation of CFATS, is within his office.
    Our second witness, Mr. Clyde Miller, is the director of 
corporate security at BASF Corporation, where, among other 
activities, he helps ensure BASF compliance with the CFATS 
regulations. Importantly, BASF has sites in the State of New 
Jersey and complies with other regulatory frameworks.
    Our third witness is Mr. Gerald C. Setley. He is the vice 
president and Region 3 director for the International Chemical 
Workers Union Council of the United Food and Commercial Workers 
Union. Mr. Setley was hired in 1974 at what is now known as 
Cabot Corporation as a research and development technician. He 
spent the next 31 years working at various technical jobs at 
Cabot. Through these years he has held numerous elected 
positions in the local. Welcome.
    Our fourth witness, Mr. Gary Sondermeyer, is the director 
of operations at the New Jersey Department of Environmental 
Protection. He will help to shed light on the regulation of 
IST, as he has been intimately involved in that endeavor in New 
Jersey. And our regards to Governor Corzine.
    Our fifth witness is Dr. M. Sam Mannan, professor and 
director of the Mary Kay O'Connor Process Safety Center at the 
Artie McFerrin Department of Chemical Engineering at the Texas 
A&M University System. He has done a great deal of research on 
IST, and his thoughts are most welcome to the subcommittee. And 
proudly, let me celebrate and commend Texas A&M for its 
presence in the State of Texas and its leadership in educating 
young people for the 21st century. Welcome.
    Without objection, the witnesses' full statements will be 
inserted in the record.
    I now ask each witness to summarize his or her statement 
for 5 minutes, beginning with Colonel Stephan.

 STATEMENT OF BOB STEPHAN, ASSISTANT SECRETARY, INFRASTRUCTURE 
          PROTECTION, DEPARTMENT OF HOMELAND SECURITY

    Colonel Stephan. Good morning, and thank you, Madam 
Chairwoman, Chairman Thompson, Ranking Member Lungren, and 
other distinguished members of this subcommittee. It is a 
pleasure to appear before you today to discuss progress on the 
Department's Chemical Facility Antiterrorism Standards 
regulation, or CFATS. The recent release of the final Appendix 
A, the chemicals of concern list, makes the discussion of this 
important topic all the more timely.
    As you know, the fiscal year 2007 DHS Appropriations Act 
directed us to develop and implement a regulatory framework for 
high-risk chemical plants. The Department published the CFATS 
on April 9th, 2007. The following four principles guided the 
development of this regulatory framework, and are very 
important to take into account.
    Number one is that integrated and effective partnerships 
among all stakeholders, Federal, State, local government, and 
private sector, are essential to securing our national critical 
infrastructures, including high-risk chemical facilities. 
Implementing this program means tackling a sophisticated and 
complex set of issues related to identifying and mitigating 
vulnerabilities, and putting security measures in place. 
Consultation with industry, academic specialists, engineering 
associations, and other organizations is fully necessary to 
assist in the creation and implementation of this rule that 
meets security goals while preserving the economic integrity 
and vitality of the chemical sector, our largest export sector. 
We also, by working closely with public experts such as New 
York and New Jersey State government officials at various 
levels, has helped us leverage vital knowledge and insight to 
improve this regulation in its development and implementation.
    Number two, the risk-based tiering approach ensures that 
resources are appropriately focused. Not all facilities, of 
course, present the same level of risk, and the greatest level 
of scrutiny should be focused on those facilities that, if 
attacked, could endanger the greatest number of lives.
    Number three, reasonable, clear, and equitable performance 
standards lead to enhanced security. The rule includes 
enforceable risk-based performance standards based on the type 
of severity or potential risk posed by terrorist organizations. 
Facilities have the flexibility to select among appropriate 
site-specific security measures that will effectively address 
risk, subject to final Department approval, of course.
    Recognition of the progress many companies have already 
made in improving facility security leverages these 
advancements, and is the fourth principle. Many responsible 
companies have made significant capital investments in security 
since 9/11, and building on that progress and implementing the 
CFATS is essential to its success.
    In December of 2006, the Department released an Advance 
Notice of Rulemaking, seeking a comment on significant policy 
issues and draft regulatory text. We received more than 1,300 
pages of comments from more than 106 separate submitters. We 
have carefully reviewed and considered these extensive comments 
within the Interim Final Rule that was published, and we have 
included a second public comment to the rule's Appendix A, the 
Chemicals of Interest list. Getting more specifics on Appendix 
A, the CFATS contains a list of chemicals of interest and their 
security screening threshold quantities.
    The public comment period for Appendix A closed on May 9th 
of this year. We received more than 4,000 comments on a wide 
range of subjects, such as which chemicals and thresholds the 
Department should use, the treatment of chemical mixtures, and 
the potential impact of Appendix A on certain types of 
facilities not traditionally considered chemical facilities. We 
studied these comments carefully, and conducted extensive 
outreach with representatives of several stakeholder groups to 
better understand their specific concerns.
    After follow-on consultation, additional consultation with 
a variety of technical experts, to include the FBI's Explosive 
Unit, and the DHS Science and Technology Directorate's Chemical 
Security Analysis Center, the Department published the final 
Appendix A on November 20th of this year. The final appendix 
lists approximately 300 chemicals of interest, and has included 
chemicals based upon the consequences to public health and 
safety associated with one or more of the following three 
security issues: release, theft and diversion, and sabotage/
contamination.
    Implementation and execution of this regulation requires us 
to identify which facilities we consider high-risk as a 
Department. To facilitate this, we developed a consequence-
based screening tool called the CSAT Top-Screen, which the 
Chairwoman has very ably addressed. The Department requires 
facilities that possess a chemical of interest at or above the 
listed threshold screening quantity to complete the Top-Screen 
within 60 calendar days of publication of the appendix, or upon 
receipt of a chemical of concern beyond the publication of 
Appendix A. Through this process we hope to identify facilities 
that do and do not have a significant potential to be 
considered high-risk.
    If a facility is not screened out, DHS will make a 
preliminary determination and place it in a risk-based tier. 
Through this process we will continue a follow-on sequence of 
site-specific vulnerability assessments, and finally Site 
Security Plans that will undergo a DHS approval process.
    In the security plans themselves, we promulgate 19 risk-
based performance standards through the rule. The standards 
themselves are broad and designed to promote a great deal of 
flexibility in this process. For example, a Tier 1 facility 
with a release security issue, the restricted area perimeter 
performance standards may involve establishing a clearly 
defined perimeter that cannot be breached by a wheeled vehicle. 
To meet this performance standard, the facility is able to 
consider a vast number of security measures, and might 
ultimately choose to install cable anchored in concrete block, 
along with movable bollards at all active gates. Alternatively, 
the facility might choose to landscape their perimeter with 
large boulders, steep berms, water barriers, or other obstacles 
that would thwart a wheeled vehicle. Again, as long as the 
proposed measures are sufficient and according to our 
standards, the Department would approve the plan.
    Ma''am, as you mentioned, we have begun the implementation 
phase of CFATS, beginning with a series of release of documents 
to include the Interim Final Rule, now the Appendix A. We have 
additionally ramped up implementation for approximately 100 
specifically targeted high-risk facilities, where we are now 
about to enter the Security Vulnerability Assessment phase with 
respect to those facilities.
    In terms of the Top-Screen process, since November 20th, we 
have approximately 16,852 facilities that have registered in 
the on-line Top-Screen analysis process as we speak, and 1,818 
facilities have actually completed the Top-Screen submission.
    To conclude, the Department is collaborating extensively 
with the public to actively work toward achieving our 
collective goals under the CFATS framework. We are also working 
very collaboratively with a whole host and range of Federal, 
State, and local government partners, as well as industry.
    I would like to on a final note thank you, Chairman 
Thompson, Ranking Member Lungren, and other members of this 
subcommittee, for your solid leadership and support in every 
step of this process, helping us push a success forward and 
helping us implement this program in the way you intended as 
quickly as possible. Thank you for your time.
    Ms. Jackson Lee. Colonel, thank you very much for your 
testimony.
    [The statement of Colonel Stephan follows:]

     Prepared Statement of Robert B. Stephan, Assistant Secretary, 
 Infrastructure Protection National Protection and Programs Directorate

    Thank you, Chairwoman Jackson-Lee, Congressman Lungren, and 
distinguished Members of the Subcommittee. It is a pleasure to appear 
before you today to address progress on the implementation of the 
Department's authority over security at high-risk chemical facilities 
through CFATS, the Chemical Facility Anti-Terrorism Standards. The 
recent release of the final Appendix A to CFATS makes the discussion of 
this important topic all the more timely.

Chemical Security Regulations
    The Fiscal Year 2007 Department of Homeland Security Appropriations 
Act directed the Department to develop and implement a regulatory 
framework for high-risk chemical facilities. The Department published 
the Chemical Facility Anti-Terrorism Standards on April 9, 2007. 
Specifically, Section 550(a) of the Act authorizes the Department to 
require high-risk chemical facilities to complete Security 
Vulnerability Assessments (SVAs), develop Site Security Plans (SSPs), 
and implement protective measures necessary to meet risk-based 
performance standards defined by the Department of Homeland Security.
    The following core principles guided the development of this 
regulatory structure:previously
        (1) Securing high-risk chemical facilities represents an 
        immense undertaking that involves a national effort, including 
        all levels of government, industry, and the public. Integrated 
        and effective partnerships among all stakeholders--Federal, 
        State, local, and private sector--are essential to securing our 
        national critical infrastructures, including high-risk chemical 
        facilities. Implementing this program, which is focused on 
        securing high-risk facilities, means tackling a sophisticated 
        and complex set of issues related to identifying and mitigating 
        vulnerabilities and setting security goals. This requires a 
        broad spectrum of input. Consultation with industry experts, 
        academic specialists, engineering associations, and non-
        government organizations was necessary to assist in creating 
        and effectively implementing a rule that accomplishes necessary 
        security goals while ensuring economic viability of the sector. 
        By working closely with public experts, such as New York and 
        New Jersey State officials, we leveraged vital knowledge and 
        insight to improve the regulation.
        (2) Risk-based tiering ensures that resources are appropriately 
        deployed. Not all facilities present the same level of risk, 
        and the greatest level of scrutiny should be focused on those 
        facilities that, if attacked, could endanger the greatest 
        number of lives.
        (3) Reasonable, clear, and equitable performance standards lead 
        to enhanced security. The rule includes enforceable risk-based 
        performance standards based on the type and severity of 
        potential risks posed by terrorists. Facilities have the 
        flexibility to select among appropriate site-specific security 
        measures that will effectively address risk. The Department 
        will approve a facility's Site Security Plan if it satisfies 
        the CFATS performance standards. If a Site Security Plan does 
        not meet the CFATS performance standards, DHS will disapprove 
        the plan and work with the facility to revise and resubmit an 
        acceptable plan.
        (4) Recognition of the progress many companies have already 
        made in improving facility security leverages those 
        advancements. Many responsible companies have made significant 
        capital investments in security since 9/11, and building on 
        that progress in implementing the CFATS program raises the 
        overall security baseline of high-risk chemical facilities.
    Public and private stakeholder input was critical to success in 
developing the regulatory framework. In December 2006, the Department 
released an Advance Notice of Rulemaking, seeking comment on 
significant policy issues and draft regulatory text. We received more 
than 1,300 pages of comments from more than 106 separate submitters. We 
carefully reviewed and considered these extensive comments. Within the 
Interim Final Rule, we included a second public comment period specific 
to the rule's Appendix A, the Chemicals of Interest List.

Appendix A: Chemicals of Interest List
    Appendix A to the CFATS contains a list of chemicals and their 
Screening Threshold Quantities. Possession of one or more of these 
chemicals of interest at or above the specified quantity triggers a 
requirement for the facility to complete and submit an online 
consequence assessment tool known as a Top-Screen. The data gathered 
through the Top-Screen informs the Department's preliminary 
determination of the facility's level of risk and the potential need 
for the facility to comply with the substantive requirements of the 
CFATS.
    The public comment period for Appendix A closed on May 9, 2007. We 
received more than 4,000 comments on a wide range of subjects, such as 
which chemicals and thresholds the Department should use, the treatment 
of chemical mixtures, and the potential impact of Appendix A on certain 
types of facilities not traditionally considered chemical facilities, 
such as farms and universities. We studied these comments carefully and 
conducted extensive outreach with representatives of several 
stakeholder groups to better understand their specific concerns.
    After careful consideration of the comments and consultation with a 
variety of technical subject matter experts, including the Federal 
Bureau of Investigation's Explosives Unit and the DHS Science and 
Technology Directorate's Chemical Security Analysis Center, the 
Department published the final Appendix A in the Federal Register on 
November 20, 2007. The final Appendix A listed approximately 300 
chemicals of interest, including common industrial chemicals such as 
chlorine, propane, and anhydrous ammonia, as well as specialty 
chemicals, such as arsine and phosphorus trichloride. The Department 
included chemicals based on the consequence associated with one or more 
of the following three security issues:
        (1) Release--toxic, flammable, or explosive chemicals that have 
        the potential to create significant adverse consequences for 
        human life or health if intentionally released or detonated;
        (2) Theft/Diversion--chemicals that have the potential, if 
        stolen or diverted, to be used or converted into weapons; and
        (3) Sabotage/Contamination--chemicals that, if mixed with other 
        readily available materials, have the potential to create 
        significant adverse consequences for human life or health.
    The Department established a Screening Threshold Quantity for each 
chemical based on its potential to create significant adverse 
consequences for human life or health.

Chemical Security Assessment Tools
    Implementation and execution of the CFATS regulation requires the 
Department to identify which facilities it considers high-risk. To 
facilitate this, the Department developed a consequence-based screening 
tool called the Chemical Security Assessment Tool (CSAT) Top-Screen. 
The Top-Screen builds on the assessment tool referred to as the Risk 
Analysis and Management for Critical Asset Protection (RAMCAP), which 
the Department developed with industry input.
    The Department requires facilities that possess a chemical of 
interest at or above the listed Screening Threshold Quantity to 
complete the Top-Screen within 60 calendar days of the publication of 
Appendix A (or within 60 calendar days of coming into possession of a 
chemical of interest at or above the applicable Screening Threshold 
Quantity after publication of Appendix A). Through the Top-Screen 
process, the Department can identify which facilities do not have a 
significant potential to be high risk and can then ``screen out'' those 
facilities.
    If a facility is not screened out during the Top-Screen process, 
the Department will make a preliminary determination that a facility is 
high-risk and assign the facility to a preliminary risk-based tier. All 
high-risk facilities must then complete the CSAT Security Vulnerability 
Assessment (SVA). Results from this online tool inform the Department's 
final tier determination of a facility's risk level.
    All high-risk facilities fall into one of four risk-based tiers. 
High-risk facilities will be required to develop Site Security Plans 
addressing their identified vulnerabilities. A high-risk facility's 
security measures must meet the performance standards. The higher a 
facility's risk tier, the more robust the measures it will need to 
incorporate and the more frequent and rigorous its inspections will be. 
Inspections will both validate the adequacy of a facility's Site 
Security Plan and verify the implementation of the plan's measures.

Risk-Based Performance Standards
    CFATS promulgates nineteen risk-based performance standards for 
compliance. The standards themselves are broad and designed to promote 
a great deal of flexibility in how a facility approaches meeting 
standards applicable to it. Although all high-risk facilities must 
comply with the risk-based performance standards, each tier requires 
appropriate levels of security for each security issue. For example, a 
Tier 1 facility with a release hazard security issue would carry 
different expectations for perimeter control, personnel access, 
intrusion detection, and all other standards applicable to that 
security issue than lower tier facilities.
    How the facility chooses to meet the required performance standard 
in its Site Security Plan is at the facility's discretion. In the 
example of the Tier 1 facility with a release hazard security issue, 
the ``restrict area perimeter'' performance standard at the Tier 1 
level may involve, for example, the facility establishing a clearly 
defined perimeter that cannot be breached by a wheeled vehicle. To meet 
the performance standard, the facility is able to consider a vast 
number of security measures, and might ultimately choose to install 
cable anchored in concrete block along with movable bollards at all 
active gates. As long as the specific measures are sufficient to meet 
the performance standard, the Department would approve the plan. 
Alternatively, the facility might choose to ``landscape'' their 
perimeter with large boulders, steep berms, streams, or other obstacles 
that would thwart a wheeled vehicle. Again, as long as the proposed 
measures are sufficient, the Department would approve this plan.

Phased Approach to CFATS Implementation
    The Department is using a phased approach for implementation of the 
CFATS regulation. In June of 2007, the Department began CFATS 
implementation at certain facilities deemed likely to present highest-
risk. The release of Appendix A on November 20, 2007, triggered 
implementation at the Nation's remaining high-risk facilities in a 
fashion sequential to Phases 1(a) and (b) discussed below. The phased 
approach will also permit a time of learning, particularly for our 
inspectors, as well as for industry. What we learn in the earlier 
phases can then shape further implementation of the program and ensure 
consistency across the country. The following summarizes our current 
activities:
         On June 8, 2007 the Top-Screen became available 
        online, and the CVI program went into effect. On June 11, we 
        contacted the State Homeland Security Advisors and the Chemical 
        and Oil and Natural Gas Government Coordinating Councils and 
        Sector Coordinating Councils to brief them on program 
        implementation.
         The week of June 11, 2007 marked the beginning of 
        Phase 1(a), in which the Department asked select facilities it 
        believed to be high-risk, given available information, to 
        complete the Top-Screen. Following initial outreach at the 
        corporate level, the Department sent letters to approximately 
        50 facilities, informing them of their selection for 
        participation in Phase 1, and advising those facilities of the 
        requirement to submit a Top-Screen. The facilities were to 
        complete the Top-Screen in advance of the final Appendix A with 
        technical assistance from Department inspectors. The 
        Department, after receiving the final Phase 1(a) Top-Screens in 
        prompt fashion, is currently reviewing these submissions for 
        preliminary high-risk determinations. If those facilities are 
        determined to be high-risk, the Department will provide written 
        notification, and then engage these facilities directly on the 
        CSAT Security Vulnerability Assessment (SVA).
         In October 2007, Phase 1(b) began, in which 
        approximately 50 additional facilities believed to be high-risk 
        were contacted with the request they begin their CFATS 
        requirements in advance of the release of the final Appendix A. 
        A number of the Phase 1(b) facilities have already submitted 
        Top-Screens to the Department.
         November 20, 2007, the date of the publication of the 
        final Appendix A, initiated Phase 2, the full implementation of 
        CFATS. Publication of the final Appendix A officially started 
        the program for all facilities that possess chemicals of 
        interest at or above the listed Screening Threshold Quantities. 
        During Phase 2, such facilities will complete the Top-Screen, 
        and those facilities subsequently determined to be high-risk 
        will receive preliminary tiering decisions and will then be 
        instructed to complete SVAs. Upon receipt, the Department will 
        review the submitted SVAs for purposes of final tiering 
        determinations, and subject facilities will be asked to develop 
        SSPs. DHS will subsequently review those SSPs, and conduct on-
        site facility inspections to ensure a facility's compliance 
        with their submitted plan.

Outreach and Partnership Efforts
    Since the release of the Interim Final Rule in April, the 
Department has made a concerted effort to publicize the rule and make 
sure that our security partners are aware of the CFATS and its 
requirements. As part of a dedicated outreach program, the Department 
has presented at numerous security and chemical industry conferences, 
participated in a variety of other meetings of relevant security 
partners, issued numerous press releases regarding the regulations, 
published and distributed full copies of the regulations as well as 
various facts sheets summarizing critical aspects of the regulations, 
and developed and continually updated a DHS.gov Chemical Security 
website. We believe these efforts are definitely having an impact. As 
of November 25, 2007:
         12,267 facilities have registered in the CSAT process;
         2,079 facilities are in some phase of Top-Screen 
        completion; and
         1,197 facilities have submitted a completed Top-
        Screen.
    Additionally, the Department intends to focus efforts on fostering 
solid working relationships with State and local officials and first 
responders in jurisdictions with high-risk facilities. To meet the 
risk-based performance elements under CFATS, facilities are likely to 
develop active, effective working relationships with local officials in 
the areas of delaying and responding to a potential attacks and a clear 
understanding of roles and responsibilities during an elevated threat 
situation. As stated in our guiding principles, our vision is that all 
stakeholders participate in the planning and implementation of 
protective security measures around high-risk chemical facilities.

Conclusion
    The Department is collaborating extensively with the public to 
actively work toward achieving our collective goals under the CFATS 
regulatory framework. In almost every case, industry has voluntarily 
done a tremendous amount to ensure the security and resiliency of its 
facilities and systems. As we begin to fully implement the chemical 
facility security regulations, we will continue to work as partners 
with industry, States and localities, and the Congress to get the job 
done.
    Given the nature of the terrorist adversary we face, we simply 
cannot afford an ``us-versus-them'' stance toward the Chemical Sector 
but, instead, must work together to implement a risk-and performance-
based approach to regulation and, in parallel fashion, continue to 
pursue the voluntary programs that have already borne considerable 
fruit. In doing so, we look forward to collaborating with the Congress 
to ensure that the chemical security regulatory effort achieves success 
by reducing risk throughout the chemical sector. In addition to our 
Federal Government partners, success is dependent upon continued 
cooperation with our industry and State and local government partners 
as we move towards a more secure future.
    Thank you for holding this important and timely hearing. I would be 
happy to take any questions you might have.

    Ms. Jackson Lee. I now recognize Mr. Miller to summarize 
his statement for 5 minutes.

  STATEMENT OF CLYDE D. MILLER, DIRECTOR, CORPORATE SECURITY, 
                        BASF CORPORATION

    Mr. Miller. Good morning, Chairwoman Jackson Lee, Chairman 
Thompson, and members of the subcommittee. I am Clyde Miller, 
director of corporate security for BASF Corporation, and I am 
responsible for all security functions at our U.S. chemical 
facilities. For BASF there is no greater priority than the 
safety and security of our employees and the communities that 
surround our sites.
    I am pleased to provide feedback on the DHS Chemical 
Facility Antiterrorism Standards, also known as CFATS, and to 
comment on possible legislative action. To that end, I will 
emphasize three points.
    Number one, DHS has acted aggressively to create this 
groundbreaking program. Number two, there are several ways that 
Congress can help improve the implementation of the program. 
Number three, the discussion draft legislation does not appear 
to build on the significant progress being made, and may cause 
unnecessary duplication.
    After 6 years of extensive debate, Congress authorized a 
comprehensive national chemical security program. The CFATS 
program shares elements with programs established by several 
States, most notably New Jersey, but is by far more 
comprehensive and demanding. In just over a year, DHS 
successfully issued demanding security regulations that would 
require over 50,000 facilities to complete a screening 
assessment, known as Top-Screen, by next month. Throughout 
2008, DHS will inspect every regulated facility and evaluate 
security enhancements against 19 stringent performance-based 
standards. Fines and facility shutdowns await those who do not 
comply.
    While DHS has gotten off to an impressive start, the new 
CFATS program is not without its problems, and Congress can 
help in several ways. First, makes information protection more 
workable. Clearly, security-related information needs to be 
carefully protected from public release; however, under the 
current program it is difficult to share certain information 
even within our own company.
    Second, Congress needs to provide adequate funding. DHS 
staff has demonstrated outstanding commitment and effort, but 
they need more resources. We urge Congress to provide DHS with 
the necessary resources to handle the workload.
    And third and most importantly, allow DHS enough time to do 
the job Congress has given it. After 6 years, we finally have 
strong regulations in place. While the current law has a 3-year 
sunset, Congress should give DHS sufficient time to implement 
the program before making significant changes. We are concerned 
that if enacted, the draft would slow the ambitious timetable 
DHS has established and the facilities are racing to meet. 
Billions of dollars will likely be spent to comply with the new 
rule, and companies need to know the requirements are not going 
to change in midstream. Prematurely overhauling them will 
create massive uncertainty, and could delay security 
enhancements.
    Congress should follow the Hippocratic oath in any new 
legislation: First, do no harm. The draft legislation does not 
recognize the progress made under CFATS, and would require 
companies like BASF to do everything all over again, and we 
just do not believe that is a wise use of public or private 
resources.
    Turning to inherently safer approaches, Congress recognized 
last year that neither IST nor any other specific security 
measures are a silver bullet. Under CFATS, companies can lower 
their risk profile through process changes, and thus become 
subject to lower-level performance standards. IST is complex 
and full of risk trade-offs and unintended consequences. These 
choices shouldn't be made from an office in Washington. Rather 
BASF believes process safety experts at chemical facilities, 
working in conjunction with security experts, are in the best 
position to weigh all options and decide on the best approach 
to maximize safety and security.
    The discussion draft, by contrast, would require all high-
risk facilities to conduct an IST assessment and implement 
inherently safer methods when certain conditions are met. While 
these conditions might seem to protect companies from 
unwarranted or harmful mandates, we foresee long and 
complicated debates about what exactly is necessary and what is 
feasible.
    In the short time since CFATS was finalized, there has been 
much criticism of the regulations from all sides. As one 
responsible for complying with these regulations, I can assure 
you these rules are placing considerable demand on regulated 
facilities.
    To conclude, the discussion draft can serve a useful 
purpose by identifying issues with the current program. We look 
forward to working with you and your staff as the discussion 
moves forward. BASF shares Congress's desire for prompt action 
after so many years of debate. Please support DHS with more 
resources so it can get the job done, and support us by backing 
implementation of CFATS and not changing course in midstream. 
Thank you again for the opportunity to appear before you. I 
look forward to answering any questions you may have.
    Ms. Jackson Lee. Mr. Miller, thank you very much for your 
testimony.
    [The statement of Mr. Miller follows:]

                 Prepared Statement of Clyde D. Miller

    Good morning, Chairwoman Jackson-Lee, Ranking Member Lungren, and 
Members of the Subcommittee. My name is Clyde D. Miller, and I am the 
director of corporate security for BASF Corporation. At BASF, I am 
responsible for all security functions at our chemical facilities in 
the United States, a number of which fall under the Chemical Facility 
Anti-Terrorism Standards (CFATS) issued by the Department of Homeland 
Security (DHS). I appreciate the opportunity to appear before the 
Subcommittee this morning to provide feedback on DHS's performance thus 
far, and to ask that the current program be given a chance to work.
    BASF Corporation is the North American affiliate of BASF AG, 
Ludwigshafen, Germany. BASF is the world's leading chemical company: 
The Chemical Company. Our portfolio ranges from chemicals, plastics, 
performance products, agricultural products and fine chemicals to crude 
oil and natural gas. As a reliable partner to virtually all industries, 
BASF's high-value products and intelligent system solutions help its 
customers to be more successful. BASF develops new technologies and 
uses them to meet the challenges of the future and open up additional 
market opportunities. We combine economic success with environmental 
protection and social responsibility, thus contributing to a better 
future. BASF presently operates facilities, including manufacturing 
sites, research facilities, and distribution centers, in more than half 
of the fifty states.
    For BASF and the chemical industry as a whole, there is no greater 
priority than the safety and security of our employees and the 
communities that surround our sites. It is in this vein that we have 
striven to work within our trade associations \1\ and government at all 
levels to safeguard our facilities from attack and to develop 
procedures that allow us to respond quickly and efficiently to 
emergencies should they occur. As my statement explains:
---------------------------------------------------------------------------
    \1\ BASF is a member of a number of trade associations that 
consider site security to be a top priority, including the American 
Chemistry Council, the Consumer Specialty Products Association, 
CropLife America, the National Petrochemical and Refiners Association, 
and others. These groups have worked closely together and with 
government agencies in support of chemical plant security legislation 
and regulation.
---------------------------------------------------------------------------
         Chemical facilities in the United States are moving 
        quickly to implement the regulatory program authorized last 
        year by Congress and subsequently created by DHS.
         There are ways to improve implementation of the 
        program, and Congress can help by, for example, increasing 
        funding for DHS and allowing enough time for the program to be 
        implemented.
         The discussion draft legislation now under 
        consideration would only hinder the progress made thus far and 
        cause unnecessary duplication. We recommend that, before 
        Congress proposes significant changes, it determine exactly 
        what, if anything, is lacking in the existing program.
         We further recommend against mandating inherently 
        safer technology, because process safety experts at chemical 
        facilities--working in conjunction with security experts--are 
        in the best position to weigh all options and decide on the 
        best approach to maximize safety and security.

I. DHS Has Acted Aggressively to Establish a Comprehensive Regulatory 
Program from Scratch. Facilities Are Now Moving Quickly to Comply.
    After six years of debate, last October Congress finally enacted 
Section 550 of the FY07 DHS Appropriations Act,\2\ the law that 
authorized the new CFATS rules.\3\ Under an intense spotlight of public 
scrutiny and Congressional oversight, DHS and chemical facilities are 
acting swiftly to implement a groundbreaking program--the first 
national chemical security regulatory program anywhere in the world. 
While this program shares elements with the programs established by 
several states--most notably New Jersey--the CFATS program is, by far, 
more comprehensive and demanding than any of them. So, even though BASF 
and the 2000 other American Chemistry Council (ACC) member company 
facilities have already invested more than $5 billion to enhance 
security through the ACC Responsible Care/ Security Code, 
the DHS rules leave little doubt that more action will be required of 
those facilities that are deemed to be high risk under those rules. In 
fact, DHS anticipates over $8 billion of implementation costs during 
the first eight years of its program--costs we will certainly bear in 
addition to those we have already incurred. Keeping security measures 
innovative and staying a step ahead of terrorists is the right thing to 
do. Beyond ACC members, thousands of others facilities nationwide will 
also have to step up efforts to meet these stringent requirements.
---------------------------------------------------------------------------
    \2\ Pub. L. No. 109-295, Sec. 550 (2006).
    \3\ 6 C.F.R. Part 27, 72 Fed. Reg. 17688 (April 9, 2007), 65396 
(Nov. 20, 2007).
---------------------------------------------------------------------------
    In just over a year, DHS has successfully completed the issuance of 
comprehensive security regulations that will, by January 2008, require 
over 50,000 facilities nationwide to complete a DHS screening 
assessment known as ``Top-Screen.'' Using risk-based methods, DHS will 
then be able to quickly determine which of these facilities would pose 
a high risk if subjected to a terror attack, and thus warrant action. 
Through informed decisions based upon Top-Screen, DHS will designate 
thousands of facilities as being high-risk and thus subject to 
regulation under CFATS.
    Throughout 2008, these thousands of high risk facilities will be 
required to assess their vulnerabilities, develop site security plans 
and, with close DHS scrutiny, minimize the risks they pose by 
implementing layered security measures. Layered security--based upon 
the site's risk tier and the vulnerabilities its assessment has 
identified--will require consideration and implementation of varied 
measures that in combination will reduce the threat of an attack or 
mitigate an attack that might occur. These measures include: perimeter 
security enhancements; surveillance and monitoring; security officers; 
secured gates; restricted access; employee, contractor and visitor 
background checks; specific protection against both inside and outside 
threats of theft and diversion; cyber-security; inspections of 
incoming/outgoing shipments; customer screening; training; drills; and 
emergency response. DHS will inspect every regulated facility and 
evaluate these security enhancements against 19 stringent performance 
based standards. Fines and facility shutdowns will await those who do 
not comply.

II. What Could DHS Do Better, and How Could Congress Help?
    While DHS has gotten off to an impressive start, the new CFATS 
program is not without its problems. Congress could help in several 
ways.
        A. DHS Needs to Better Coordinate Its Own Programs
    DHS's eagerness to show progress has already clashed with the new 
CFATS program. Just this fall, as many of our companies were already 
working closely with the regulatory staff to accelerate implementation 
of CFATS, another component of DHS initiated the ``Enhanced Critical 
Infrastructure Plan'' (ECIP), an outreach effort to encourage 
facilities to voluntarily take additional security action. While well 
intended, the ECIP staff often are going to the same sites that are 
already implementing the regulatory program. Unfortunately, the ECIP 
program is based upon a different tiering system and uses a different 
vulnerability assessment methodology and different levels of 
information protection. This conflict has created significant confusion 
among, and placed competing demands on, facility security personnel. 
This is the sort of duplication scenario that must be avoided.
        B. Making Information Protection More Workable
    Clearly, security-related information needs to be carefully 
protected from public release. And yet, company staffs have to be able 
to do their jobs, and security is part of the job description of an 
increasing number of our staff. Thus, information protection requires a 
careful balance.
    Section 550(c) instructed DHS to give sensitive information 
protections ``consistent with'' the ``Sensitive Security Information'' 
or ``SSI'' rules that DHS uses now to protect information about 
transportation security.\4\ DHS responded in CFATS by creating a new 
category of protected information that DHS has labeled ``Chemical-
terrorism Vulnerability Information'' or ``CVI.'' In most respects, we 
think DHS got it right with CVI, at least in the rules. But this 
summer, DHS released a CVI Procedural Manual that goes far beyond what 
is necessary.\5\ The manual requires company staff with access to CVI 
to go through web-based training and to sign a nondisclosure agreement 
(NDA) that is more restrictive even than the NDA that is required to 
have access to national security classified information. Chain of 
custody recordkeeping is also required. And all this applies even when 
people are only getting access to their own company's information. This 
means that if my CEO asks specific questions about security measures we 
have enacted at a particular facility, I cannot answer his questions 
without him having to take this training and sign the NDA, a totally 
unnecessary process. In its facility security program, the Coast Guard 
simply ``assumed that the owner/operator's security interest in this 
information will be sufficient to prevent unauthorized disclosure.'' 
\6\ DHS should adopt the same approach. It could do this by amending 
the SSI rules to apply to land-based security information. Congress 
could help here by revising Section 550(c) to speak of ``identical'' 
protections.
---------------------------------------------------------------------------
    \4\ Pub. L. No. 109-295, Sec. 550(c).
    \5\ DHS, Procedural Manual: Safeguarding Information Designated as 
Chemical-Terrorism Vulnerability Information (CVI) (June 2007), 
available at http://www.dhs.gov/xlibrary/assets/
chemsec_cvi_proceduresmanual.pdf.
    \6\ U.S. Coast Guard, Navigation and Vessel Inspection Circular No. 
10-04, Encl. (3), Sec. 4.b (Aug. 20, 2004), available at http://
www.uscg.mil/hq/gm/mp/pdf/NVIC_10-04.pdf.
---------------------------------------------------------------------------
    C. Congress Needs to Provide Adequate Funding to Support Full 
Implementation of the CFATS Requirements
    While CFATS requires considerable action from chemical facilities 
in a short period of time, it also will place enormous burdens on DHS 
to implement the rules. DHS personnel will be required to conduct 
reviews of site-specific vulnerability information and site security 
plans, and to make site visits at each regulated facility. This will 
include assessing how each facility has addressed the applicable risk-
based performance standards for facilities in its risk tier--a complex, 
site-specific, judgmental task.
    With DHS's own estimates of at least 5,000 regulated facilities, 
its 30-person inspection staff will be sorely tested. We think 
implementation of CFATS requirements necessitates a significant 
increase of staffing resources--certainly well beyond what can be 
reasonably expected from the current situation. While DHS staff has 
demonstrated outstanding commitment and effort to date, they clearly 
will need more resources. We urge Congress to provide DHS with the 
necessary resources to handle the workload and to ensure that chemical 
facility security is properly implemented in a timely manner.
        D. Allow DHS Enough Time to Do the Job Congress Has Given It
    In the short period of time since CFATS was finalized, a steady 
stream of misguided criticism has been directed at the rule and our 
industry. Arguments have been wide ranging--some have said the rule 
does not go far enough, while other sectors have sought exemptions for 
themselves, arguing that the rule went too far.\7\ Some say that few 
states have taken action, while others say the rule undermines states' 
rights. And the discussion draft seems to indicate that some believe 
wholesale replacement of the rule is needed even as it is being 
implemented. I can assure you that the program that is currently in 
place establishes considerable demands on companies to comply.
---------------------------------------------------------------------------
    \7\ While we cannot respond to every criticism of the rule, BASF 
would like to point out that critics of CFATS Appendix A are frequently 
wrong. For example, 1-ton chlorine canisters are not exempted; chlorine 
contained in transportation packaging (e.g., 1-ton canisters) is 
covered at 500 lbs--less than what DHS originally proposed and lower 
than the EPA RMP threshold. Also, DHS was right to use the RMP 
thresholds for release chemicals (not 75% of the thresholds, as 
proposed) because the consequences of a release are the same regardless 
of the cause. Coverage is still greater under CFATS than under the RMP 
rule because, unlike RMP, CFATS does not focus only on the single 
process with the greatest potential offsite consequences from a 
release.
---------------------------------------------------------------------------
    It is important to note that BASF and all ACC members did not 
hesitate to act, and we continue to lead by example. The business of 
chemistry has been implementing security measures for years. We have 
assessed our vulnerabilities, prioritized the risks and significantly 
tightened security at our facilities. We also asked Congress for 
legislation that empowered DHS to issue and implement tough 
regulations--and that has happened. Now, we respectfully ask that 
Congress give DHS sufficient time to put the program in place.
    Within the next six months, thousands of facilities will be 
conducting detailed vulnerability assessments required by CFATS. These 
sites will use these assessments to draft site security plans that 
describe security enhancements, which very likely will require an 
increase in capital improvements. Those plans should all be submitted 
to DHS before the end of next year. The current requirements provide a 
clear path of action, the timing for completing the steps of the 
program, including inspections, and a review process that requires 
sites to revisit their situation and assess whether any changes to 
their security systems are needed.
    I respect this Subcommittee's oversight responsibility and 
understand that the legislation enacted last year has a three year 
sunset provision. But I also hope Members will agree that our first 
priority should be to enhance security at sites nationwide as soon as 
practicable. CFATS is meeting this priority. Give DHS and the industry 
enough time to implement the program and then determine what gaps 
remain. Congress will have the assurance that nationwide, the security 
at chemical facilities will have been significantly upgraded during the 
process. Members will also have the benefit of seeing what works in the 
program and whether anything will need to be adjusted.

III. The Discussion Draft Legislation Would Only Hinder Progress
        A. Build on the Solid Accomplishments of the Past Year
    BASF has had limited time to review the discussion draft, but we 
are concerned that it seems to make no reference to Section 550, except 
to repeal it on page 50. The draft appears not to acknowledge that the 
CFATS rules have been issued, or that tens of thousands of facilities 
are hard at work starting to comply. For example, while the bill refers 
to how DHS should evaluate the efforts of facilities under ``other 
provisions of law'' such as the Maritime Transportation Security Act 
(MTSA) or the Safe Drinking Water Act (SDWA) (pp. 19--20), that 
paragraph does not mention Section 550, even though that statute is 
more demanding than either the MTSA or SDWA.
    As noted above, we would prefer Congress give more time for the 
existing program to be implemented before making changes. Certainly, 
though, any proposal must adequately acknowledge all that has happened 
over the past year. While it is unusually short by modern standards, 
Section 550 clearly meets the nation's security needs, and DHS has for 
the most part used its discretion appropriately to flesh it out. When 
considering surgery on the existing program, Congress should follow the 
Hippocratic Oath: First, do no harm. On that score, the discussion 
draft could, indeed, be harmful.
    First, if enacted, the draft would slow down the ambitious 
timetable that DHS has established and that facilities are racing to 
meet. DHS estimates that billions of dollars will be spent to comply 
with the new rule as companies procure funding from management for 
significant capital improvement projects to meet CFATS's performance 
standards. This funding of projects will begin in 2008. Companies need 
to know that the requirements are not going to be changing in mid-
stream. Completely rewriting those requirements will create massive 
uncertainty and could delay security enhancements.
    Second, passing a wholly new law would also divert DHS from the 
focus it very much needs to meet its own deadlines. Passing a major new 
bill could paralyze DHS as the agency shifts what is already an 
overstretched staff to rewriting its rules to match the new law's 
terminology and definitions.
    Third, and most frustrating, the draft would require companies like 
BASF to do everything all over again. Under the CFATS timetable 
established under Section 550 (which this bill would leave in place 
until October 2009), we expect to be submitting site security plans to 
DHS for approval by the end of 2008. We would then hear from DHS around 
February 2009, and would spend the rest of that year finishing 
implementation of any long-term security measures and being inspected. 
Under this bill, by October 2009, DHS would unveil its new regulations, 
and we would then have six short months to submit new vulnerability 
assessments and site security plans (for top-tier facilities). Once 
those documents were finalized, we could well start spending more money 
redoing all the work that had just been approved. This is not a fair or 
productive use of private or governmental resources.
    Again, before Congress proposes significant changes, it should 
determine exactly what, if anything, is lacking in the CFATS program, 
and then fix those targeted areas. In doing so, it should, wherever 
possible, use the concepts and terminology already written into law by 
DHS, to retain the benefits of existing work and minimize any 
unnecessary transition problems.\8\
---------------------------------------------------------------------------
    \8\ Most important, Congress should use the same definitions of 
security measures and the same risk-based performance standards as 
CFATS, unless Congress has identified problems with them. In these and 
many other respects, CFATS is actually superior to the draft bill. For 
example, in CFATS (and under MTSA), DHS has recognized that personnel 
surety screens need to encompass contractors and visitors, not just 
employees. But the bill just repeats the phrase ``employee background 
checks'' used in previous legislation (p. 3). Also, CFATS recognizes 
that chemicals might be stolen or diverted to make chemical weapons or 
IEDs, not just be ``released,'' yet the latter is the only basis for 
listing a chemical under the discussion draft (p. 4).
---------------------------------------------------------------------------
        B. The Discussion Draft's IST Mandate Is Bad Policy
    If considerations of inherent safety drove all Congressional 
action, this hearing would be held in a bunker or some other safe and 
undisclosed location outside Washington. Congress and the Capitol 
building are icons of America that remain attractive targets for 
terrorists. Yet six years after 9/11, Congress understandably continues 
to maintain a high profile in the nation's capital. Clearly removing 
that risk by relocating Congress out of Washington would be safer for 
Congress, and for the surrounding DC community, but it would have 
serious public policy ramifications for the nation.
    Yet we all agree that protective steps have been taken to lower the 
risk and improve the security of this body. Measures to prevent an 
attack have been stepped up and mitigation measures in the event of an 
attack have also been substantially improved. Ultimately, an attack 
could still be attempted, but risk-based measures have been implemented 
to reduce the probability of a successful attack, and these measures 
are constantly being reviewed and improved.
    This is the same approach used every day in the chemical industry. 
Inherently safer approaches have long been a core element of process 
safety, plant design, continuous improvement and sound business 
practices. Like other leading chemical companies, BASF considers 
inherently safer approaches continuously, and has for years. Inherently 
safer approaches, somewhat misleadingly referred to as ``inherently 
safer technology'' (IST), involve designing processes that avoid 
hazards, rather than trying to control them. It has four elements:
         Minimization/Intensification--Using smaller quantities 
        of hazardous substances;
         Substitution--Replacing a particular material with a 
        less hazardous material;
         Moderation/Attenuation--Lowering operating 
        temperatures or pressures that provide less hazardous 
        conditions; and
         Simplification/Error Tolerance--System designs that 
        eliminate or tolerate operating errors, making the plant more 
        user-friendly and reliable.
    While these statements are clear and straightforward, like most 
things in life, the devil is in the details. IST just is not that 
simple in actual application. For example, it is almost always easier 
to select an inherently safer approach when designing a process than to 
apply it to an existing process. In lay terms, you cannot simply begin 
using diesel fuel in a car that runs on gasoline, but you can design a 
car to run on diesel. As another example, reducing inventories of a 
chemical on site might appear to be inherently safer. Yet security 
protection is typically at its greatest within a facility, whereas 
reducing inventories may mean that more of the chemical has to be in 
transit, where securing it is more complex. Improving the layers of 
security where the products are made and stored may provide the best 
means of reducing potential risks.
    The current regulations provide incentives to consider inherently 
safer approaches where feasible. CFATS will help drive implementation 
of inherent safety across the nation's chemical sector, because a 
facility that lowers its risk profile through process changes can move 
itself to a lower risk tier, and then become subject to less demanding 
(and less expensive) security performance standards. I can assure you 
that BASF has made process changes to minimize its vulnerabilities.
    But in Section 550, Congress wisely chose not to allow DHS to 
mandate IST--or any other specific security measure. No single security 
measure is the only right one and Congress recognized that fact. IST is 
complex and full of risk-risk tradeoffs and unintended consequences. 
Rather than making those decisions from an office in Washington, BASF 
believes process safety experts at chemical facilities--working in 
conjunction with security experts--are in the best position to weigh 
all options and decide on the best approach that will maximize safety 
and security.
    The discussion draft, by contrast, would require all high-risk 
facilities to conduct an IST assessment and implement inherently safer 
methods when four conditions are met.\9\ While those conditions might 
seem to protect companies from unwarranted or fiscally ruinous 
mandates, we foresee long and complicated debates about exactly what is 
``necessary for the facility to meet [its] security performance 
requirements,'' what ``can feasibly be incorporated into the operation 
of the facility,'' and what ``would not significantly and demonstrably 
impair [our] ability. . .to continue the business of the facility.'' 
\10\ And would any of these conditions apply if the proposed mandate 
would prevent BASF from making the particular product produced at a 
facility? (The change might be feasibly incorporated, and might not 
shut down the plant, but yet might spell the end of a product.) \11\
---------------------------------------------------------------------------
    \9\ Facilities must implement IST if it:
     is ``necessary for the facility to meet the security 
performance requirements for the facility's risk tier'';
     ``would significantly reduce the risk of death, injury, or 
serious adverse effects to human health or the environment'' from a 
terrorist release;
     ``can feasibly be incorporated into the operation of the 
facility''; and
     ``would not significantly and demonstrably impair the 
ability of the owner or operator of the facility to continue the 
business of the facility.''
    Discussion draft at 43--44 (new 6 U.S.C. Sec. 2110(c)).
    \10\ Id.
    \11\ Speaking of protecting important products, we are also 
concerned that inherently safer approaches that also happen to be 
valuable trade secrets would have to be disclosed by DHS under the 
draft. Neither new Section 2110(d)(4) nor new Section 2108 identifies 
trade secrecy or business confidentiality as a basis for not providing 
information under new Section 2110(d).
---------------------------------------------------------------------------
    Even a requirement to consider IST, as in New Jersey, could be 
problematic. BASF recognizes that New Jersey's Prescriptive Order 
requires covered facilities to consider IST as a means of reducing 
their vulnerability.\12\ However, while BASF believes we have an 
effective, constructive relationship with the State of New Jersey, our 
experience with its process has shown that IST discussions regularly 
take up a vast majority of the total review time of the inspectors, who 
frequently barely look at security measures that have been implemented. 
Isolating a single type of security measure for such intense focus at 
the expense of all the others is not good security practice. Rather, 
facilities and DHS should be considering the full range of security 
measures. We are also concerned that a mandate to consider IST will 
convert the DHS security program into a largely, but intensive, paper 
exercise. Simply put, does Congress want DHS staff reviewing three-ring 
binders, or out in the field inspecting actual security measures being 
implemented at facilities?
---------------------------------------------------------------------------
    \12\ State of New Jersey Domestic Security Preparedness Task Force, 
Domestic Security Preparedness Best Practices at TCPA/DPCC Chemical 
Sector Facilities,  5 (Nov. 21, 2005), available at http://
www.acutech-consulting.com/acutech-news/2005/
BestPracticesStandarsActonChemicalPlantSecurityNov212005.pdf.
---------------------------------------------------------------------------
        C. The Discussion Draft Would Cause Unnecessary Duplication
    BASF supports a risk-based program that applies even-handedly 
across the board. We did not seek or support any special carve-outs 
under CFATS for our facilities or our products, or anyone else's. 
Rather, we have consistently called on Congress, and DHS, to issue 
comprehensive security requirements that would apply nationwide and 
would raise the security protections across all high risk sites. We 
support the CFATS approach of screening over 50,000 individual 
facilities, from small research facilities to large state of the art 
chemical manufacturing facilities. This approach will minimize the 
chance that DHS has overlooked any potential high risk sites. This also 
meets our shared goal of focusing the resources where they are most 
needed.
    We know some have questioned whether Congress was correct in 
Section 550 to exclude certain categories of facilities. A prime 
example from BASF's perspective is facilities currently regulated by 
the Coast Guard under the Maritime Transportation Security Act (MTSA)--
since we have four such sites. While we believe the MTSA is effective, 
its application is dependent upon a facility's physical location and 
whether it conducts commerce on a navigable waterway, rather than the 
chemicals it has on site.
    Congress will ultimately need to come to its own conclusion 
regarding the adequacy of the MTSA program vs. CFATS. Our overriding 
request is that, if Congress decides to apply CFATS to MTSA-regulated 
facilities, then it should clearly exempt those facilities from the 
MTSA. Congress should not impose, or allow DHS to impose, CFATS 
obligations on top of the MTSA program--which is exactly what we fear 
the discussion draft would do. Facilities cannot comply with two 
different, inconsistent, overlapping programs. In addition, the 
integration of the different programs under the draft would take place 
on a facility-by-facility basis, rather than on a programmatic basis. 
And, as noted earlier, no deference to prior work under CFATS is even 
mentioned in the draft.
    Site security must not be regulated by multiple agencies or 
programs. Rather, a broad and comprehensive program for security, 
managed at the Federal level by a single agency component, has the best 
hope of providing the certainty facilities need about their obligations 
and the best protection for the nation.
        D. Miscellaneous Issues
    Based on our limited review of the draft, we invite the 
Subcommittee's attention to the following additional items:
         Red-team exercises (p. 15). While we would appreciate 
        a clearer understanding of what the draft envisions, we are 
        concerned that even if these exercises were single-day events, 
        they necessarily would require weeks of advance planning, as 
        well as subsequent work to distill any lessons learned. 
        Requiring on-site exercises with DHS personnel at all high-risk 
        sites--assuming there were 6,000 such facilities, and phasing 
        that obligation in over 6 years--would require four exercises 
        per business day, every day for the next six years.
         Linkage of SSPs to VA approval. In CFATS, DHS has made 
        clear that the deadline to submit a site security plan is not 
        triggered until the facility receives notice that DHS has 
        approved its vulnerability assessment. If both the VA and SSP 
        were due at the same time, the SSP would likely turn out to be 
        inadequate, cause unapproved and costly measures to be 
        implemented, and require further work. But the bill does not 
        indicate any intent to stagger these submission requirements as 
        CFATS has done.

IV. Conclusion
    The discussion draft does contain a number of provisions that would 
be improvements over Section 550 and CFATS. Most important, it would 
confirm that the federal program would preempt state programs where the 
latter ``conflicted with the purposes of this title'' (p. 31). Such 
``conflict preemption' is very important to facilities, and yet gives 
state and local government broad leeway to craft non-conflicting 
programs. As an example of why this is needed, several states last year 
tried to prevent facility owners from restricting employees from 
bringing firearms onto company property. One state is currently 
considering language which would prohibit companies from conducting 
inspections of entering vehicles. Vehicle screening is a fundamental 
security measure that could not be implemented under that proposed 
statute. As you can see, therefore, preemption can be essential to 
assuring security.
    Another valuable feature of the discussion draft is its requirement 
that DHS give a facility the reasons why it was assigned to a 
particular risk tier (p. 7). It is not clear that DHS will do this 
under CFATS.
    If the discussion draft is merely a vehicle for identifying issues 
like these, then it will have served a useful purpose. But BASF is 
concerned that the Subcommittee intends to seek enactment of the bill 
or something close to it. We had understood that Congress wanted prompt 
action after so many years of delay. BASF certainly does. We ask you 
not to stop the progress that DHS has achieved in the last year. 
Instead, please support DHS with more resources so that it can get the 
job done, and support us by backing implementation of CFATS and not 
changing course in mid-stream.
    Thank you again for the opportunity to appear before you. I look 
forward to answering any questions you may have.

    Ms. Jackson Lee. I now recognize Mr. Setley to summarize 
his statement for 5 minutes.

    STATEMENT OF GERALD C. SETLEY, VICE PRESIDENT, REGION 8 
DIRECTOR, INTERNATIONAL CHEMICAL WORKERS UNION COUNCIL, UNITED 
               FOOD AND COMMERCIAL WORKERS UNION

    Mr. Setley. Thank you, Chairwoman Jackson Lee and members 
of the subcommittee. We are especially pleased that Chairman 
Thompson is sitting in today.
    I am here today representing the 20,000 members of the 
International Chemical Workers Union Council of the United Food 
and Commercial Workers Union. UFCW's chemical workers produce 
everything from petroleum-refining chemicals to over-the-
counter pharmaceuticals. Every day our members work with 
extremely hazardous substances. We have a vital interest in 
their safe production, both for our own health and for that of 
neighboring communities. We believe we bring to the table 
meaningful involvement of the people who have the most 
experience and are the most endangered in any plan, the 
workers. It is therefore an honor for me to appear before you 
to address this national security concern on behalf of our 
members who work in chemical plants.
    I think we can all agree chemical plants in the United 
States have great potential as terrorist targets. This 
possibility threatens the safety of workers in the plants, as 
well as people living in the surrounding communities. This 
subcommittee has taken some important steps to improve chemical 
security, and I would like to thank you for your work on this 
issue.
    Comprehensive chemical security legislation is the next 
step in bringing control to this complex problem. Today I will 
discuss just a few of the issues we feel necessary for 
comprehensive chemical facility security legislation.
    First would be worker involvement. In the control of 
occupational hazards, it has long been recognized that workers 
have the knowledge and experience on all operations in a plant. 
Chemical workers have unique institutional expertise and 
training that must be utilized in developing any security 
plans. The Chemical Council feels strongly that including 
workers in the process will enhance security and protect 
against terrorist attacks at chemical facilities. Legislation 
must not be silent on this subject, and must include a 
requirement for worker and union involvement in the development 
of security plans, safe operations, and secure shutdowns.
    Whistleblower protection. Fear is a fact of life in all too 
many workplaces, and jeopardizing one's job by blowing the 
whistle is a risky thing to do. Workers who bravely come 
forward to protect themselves, their coworkers and the 
communities around the plant should not fear for their jobs 
when they speak out. Whistleblower protection must be included 
to protect the free exchange of ideas, to improve and enhance 
security, and to ensure that measures that are proposed on 
paper are actually implemented.
    Safer technologies are also a key to any comprehensive 
plan, in our belief. The evaluation of safer technology in 
high-risk facilities is especially important to chemical 
workers. We understand that no system of plant perimeter 
security or background checks will ever assure complete plant 
security or end the possibility of a terrorist attack. So while 
we must do everything we can to assure chemical plant security, 
considering safer technology by substituting less dangerous 
formulations, stronger or smaller containers, or engineered 
improvements will minimize the consequences of an accident or 
attack at a chemical plant.
    The evaluation of safer technology is a vital step to 
significantly reduce the risk of catastrophic release of 
chemicals from intentional attacks or unintentional disasters. 
Chemical workers also believe any chemical facility security 
legislation should not supersede the National Labor Relations 
Act protections.
    The International Chemical Workers Union Council believes 
this subcommittee must act now to ensure the safety of our 
chemical workers and of all Americans. We urge the subcommittee 
to act to avoid a terrorist attack by passing legislation that 
includes meaningful worker involvement, whistleblower 
protections, and the use of safer technology. We look forward 
to working with every member of this committee, the full 
committee, and the whole House of Representatives to address 
this important issue. Again, thank you for your time, and I 
would be pleased to answer any questions you have.
    Ms. Jackson Lee. Thank you very much for your testimony.
    [The statement of Mr. Setley follows:]

                   Prepared Statement of Gerry Setley

    Thank you Chairman Thompson, Ranking Member King, and Members of 
the Committee for holding this important hearing and for the 
opportunity to testify. I am here today representing members of the 
International Chemical Workers Union Council of the United Food and 
Commercial Workers Union. The ICWUC, which was founded in 1944, 
represents more than 20,000 chemical workers in 32 states. In 1996, we 
merged with the UFCW and this mutually beneficial partnership continues 
to serve our members well.
    We strongly support improving chemical plant security policy that 
makes solid and substantial improvements in the security of the 
nation's chemical plants. UFCW chemical workers work in many different 
manufacturing industries including petroleum and coal products, 
fertilizers, pharmaceuticals, pesticides and other agricultural 
chemicals in smelters and refineries as well as natural gas 
distribution and power plants. Every day, in these facilities, our 
members work with extremely hazardous substances and are crucially 
interested in their safe production both for their own health as well 
as for the neighboring communities. Despite our small size, we have 
been active in a variety of health and safety issues for over 30 years.
    We have supported effective standards and laws to protect both our 
members and the public. We believe strongly that we bring to the table 
the meaningful involvement of the people who have significant 
experience and are the most endangered in a plant--the workers. Workers 
have the institutional expertise and resources on occupational health 
and safety and need to be formally involved in developing vulnerability 
assessments and security plans.
    It is therefore an honor for me to appear before you to address 
this national security concern on behalf of our members who work in 
chemical plants. In 1974, I was hired as a Research and Development 
Technician at Kawecki-Berylco Industries in Pennsylvania, which is now 
Cabot Corporation. I worked as an analytical technician for Cabot 
Corporation for 31 years and served the local union in various elected 
positions. In 2005, I was hired by the union as a General Organizer/ 
Representative and was elected Vice President in October 2007. At Cabot 
Corporation, we handled large quantities of many of the substances that 
this Committee has focused on in your discussions on chemical security. 
I have also toured many facilities that face the same potential 
dangers. I have seen situations where these hazards are well addressed 
and many where they are not.
    I think we can all agree that chemical plants in the United States 
have a great potential to be terrorists' targets. This potentially 
threatens the safety of workers in the plants as well as people living 
in the surrounding communities. Security experts and numerous federal 
agencies, including the Department of Homeland Security (DHS) and the 
U.S. Army Surgeon General, have repeatedly warned of the terrorist 
vulnerability of U.S. chemical facilities and a Federal Interagency 
Task Force continues to meet on the dangers of Toxic Industrial 
Chemicals.
    An accident or terrorist attack on a facility using hazardous 
chemicals would endanger thousands of lives. Workers and the public 
would face short and long term health threats as a result of such a 
disaster. A chemical disaster would also severely pollute our air and 
water sources. A 2001 U.S. Army Surgeon General study estimated that 
900,000 to 2.4 million people could be killed or injured in a terrorist 
attack on a U.S. chemical plant in a densely populated area. The 
Environmental Protection Agency (EPA) calculated that at least 100 
chemical plants threaten a million or more people. Clearly, we are 
talking about the potential of an enormous disaster.
    This Committee has taken some important steps to improve chemical 
security and I would like to thank you for your work on this issue. 
Comprehensive chemical security legislation is the next step in 
bringing better control to a complex problem. It is also a necessary 
step to fix the significant and large problems associated with current 
DHS rules. We have serious concerns with the current DHS regulations 
and believe they will do little to enhance the security of chemical 
facilities or the safety of workers and the public.
    The interim chemical security program enacted over your objections 
last year is woefully inadequate. April's final Department of Homeland 
Security regulations failed to improve upon the underlying flaws of 
last year's rider and were a large step backwards from legislation that 
was being considered by Congress. Current regulations pre-empt 
stronger, more protective state regulations; do not clearly define 
chemical worker involvement or consultation in the facility process, 
including inspections or their safety committees; and contain no 
whistleblower protections. In addition, there is growing evidence that 
some employers are using DHS' regulations to illegally limit union 
staff's entry into plants and to harass or fire members. Finally, there 
is no requirement to evaluate how safer and more secure technologies 
might reduce the risk from an attack. My testimony today will 
concentrate on these last five issues--denial of staff entry into 
chemical facilities, workers' contractual rights to due process, 
involvement of workers in security plans, strong whistleblower 
protection, and use of safer technology.

Denial of Staff Entry to Facilities
    The Chemical Workers Council believes that companies can easily 
abuse the DHS regulations to deny our union staff legitimate and legal 
entry into chemical facilities. Currently, under the National Labor 
Relations Act (NLRA), union officials have access to union members at 
plants. Yet, under the new rule, companies can deny access based on a 
`perceived'' security threat. The Subcommittee on Emerging Threats, 
Cybersecurity, Science and Technology has heard from labor 
representatives who were denied entry to investigate a worker killed on 
the job. While we have been fortunate that none of our employers have 
ever denied the union access when investigating a fatality, we have not 
had any occupational fatalities in the last year since the regulation 
came out. We do believe, however, that it is imperative that we 
consider what might happen if we are denied access, and we must ensure 
that any new security regulations protect labor union's rights if some 
employers take unlawful action in the name of security.
    Given the NLRA and employers' requirement to provide union access 
to members, we ask, ``What would be the harm in clearly stating that 
right in the legislation?'' After all, ICWUC has witnessed management 
denying federal health officials their rights at a facility where there 
may be a potential health hazard. Current U.S. law clearly states that 
these public health officials have these rights yet they are denied. 
Although this is not due to the current rules, the reality is that some 
companies view their facilities as theirs and theirs alone and will 
find any excuse they can to deny health officials or labor 
representatives their rights. We simply cannot give these unscrupulous 
companies opportunity to deny access from union representatives. We 
must keep the doors open for legally recognized union visits in order 
to not hinder any investigation of plant hazards or other problems.

Workers' Contractual Rights to Due Process
    We are also very concerned about the harassment and firing of 
workers under the guise of ``homeland security.'' As a union 
representative, I have spent many hours fighting for our members' jobs 
and for due process. Recently one of our companies' claimed that due to 
the Patriot Act, they had the right to fire ten workers who had not 
fully explained past criminal convictions. The company argued that the 
Patriot Act required a clean record and therefore they were required to 
re-examine all workers' original application forms and ask for current 
arrests and convictions. While we do not advocate criminal activity or 
hiring workers with criminal records, this company went well beyond the 
regulations on felony convictions to fire workers with misdemeanors 
regardless of their job performances. The union grieved the firings and 
was pleased to win three members their jobs back. Yet, they should 
never have been fired or have to fight for their jobs. There is no 
reason for companies to claim ``their hands are tied'' under the 
Patriot Act or Homeland Security regulations as hardworking Americans 
lose their jobs.
    Clearly, there are other ways the government can handle true 
threats to our country and our national security--rather than weed out 
workers who made a mistake early in their lives and have since led 
lawful lives. Again, we are not saying that a criminal record should 
not be considered in hiring, but using the Patriot Act or DHS 
regulation to fire workers who pose no national risk is outrageous. 
Good chemical worker jobs are not easy to come by and we do not believe 
companies, in the name of national security, should be allowed to 
arbitrarily fire hard working wage earners. Workers rights and job 
security should be an important part of any future chemical security 
legislation.
    In cooperation with other labor unions, including the International 
Association of Machinists, the United Automobile Workers of America and 
United Steel Workers, ICWUC sent a letter to the Department of Homeland 
Security in August asking for clarification of the application of these 
recent regulations with long established labor rights. We asked DHS to 
issue a statement that their current rules do not conflict or take 
precedence over the rights of workers or their bargaining 
representatives under the National Labor Relations Act. Despite the 
letter being sent months ago, we have yet to receive a response. We 
believe it is imperative that future legislation includes a clear 
statement to this affect.

Involvement of Workers in Security Plans
    In the control of occupational hazards, it has been long recognized 
that workers have the direct and current knowledge and experience of 
plant operations. This knowledge is invaluable in solving problems in 
the plant's operations. Certainly, chemical workers have unique 
institutional expertise and resources on occupational health, safety, 
and training that must be formally involved in developing any new 
security plans. It is simply illogical that workers' expertise--the 
same expertise that keeps the plants running everyday--would not be 
utilized on this critical security responsibility at chemical plants. 
ICWUC feels strongly that including chemical workers in this process 
will enhance security and protect against terrorist attacks at chemical 
facilities. That is why employee consultation is so crucial.
    After all, who better to know facilities' weaknesses than the 
workers who work in the plant? If you want to know if security guards 
are doing their job, ask the workers who go through the gates every 
day. If you want to know the exact location where hazardous materials 
are stored and how to protect them, ask the worker who loaded the 
chemicals. If you want to know if training is really effective, ask our 
members who had the training. And, if you want to know if backup 
systems will work in an emergency, just check with the chemical 
workers.
    Chemical workers are responsible for all the raw materials coming 
into the plant as well as the final product that leave the plant. We 
are responsible for hooking up the rail cars to off-load the chemicals, 
transfer them in the plants and then work near the chemicals in the 
plants. These responsibilities make chemical workers the first line of 
defense. That is why any legislation must establish employee 
involvement in the drafting of each site's chemical security plan. 
Legislation must require companies to consult with employees on the 
plan and ensure that employees can join facility inspections. It should 
also allow appropriate chemical workers to be consulted in the course 
of such inspections and audits.
    Workers and their unions can be vital participants in plant safety 
and security. Leaving workers and their representatives out of these 
discussions will make security plans less effective and leave our 
country more vulnerable. Legislation must not be silent on this subject 
and must include a requirement for worker and union involvement in all 
facets of the operations, including the security plans, top screen 
process, safe operations and emergency shutdowns.

Strong Whistleblower Protection
    Hand in hand with the involvement of site workers is the defense of 
their jobs if they face disciplinary procedures for reporting any 
significant security weaknesses at their facility. Fear is a fact of 
life at all too many workplaces and jeopardizing one's job by blowing 
the whistle is a risky thing to do. As mentioned earlier, the defense 
of members' jobs is regrettably a common activity unions are forced by 
necessity to do. Workers can find their jobs on the line as they try to 
protect their facility from potential attacks by reporting security 
problems.
    Workers who bravely come forward to protect themselves, their co-
workers, and communities around the plant, should not fear losing their 
jobs when they speak out. Whistleblower protection must be included to 
protect the free exchange of ideas, to improve and enhance security and 
to ensure that measures that are proposed on paper are actually 
implemented. We urge this Committee to include strong whistleblower 
protection in any legislation in order to protect our first line of 
defense--the workers. It is the only way any new law will be truly 
effective.

Use of Safer Technology
    Requiring the use of safer technology in high risk facilities, as 
in H.R. 5695, is especially important to chemical workers for a number 
of critical reasons. We understand that no system of plant perimeter 
security and background checks will ever assure complete plant security 
or end the possibility of a terrorist attack. To assume that security 
checks, cyclone fences and registering toxic chemicals will deter 
attacks, 100% of the time is unrealistic.
    While we must do everything we can to build chemical plant 
security, considering safer technology--be it substituting less 
dangerous formulations, stronger or smaller containers, or various 
engineering steps--can minimize the consequences of an accident or 
attack at a chemical plant. The use of safer technology is a vital step 
to significantly reduce the risk of a catastrophic release of chemicals 
from intentional attacks or unintentional disasters.
    The temporary chemical security statue, the ``Department of 
Homeland Security Appropriations Act of 2007'' actually prohibits the 
DHS from requiring any ``particular security measure'' such as IST. As 
a result, the DHS current rules do not require any technological 
evaluation. We understand that safer processes may not be feasible in 
all circumstances, either technologically or economically, but we 
believe that safer technology should always be considered in any 
security plan for all high risk facilities regardless. We know that 
safer solvents or formulations can be substituted for more dangerous 
ones. The quantities of these hazardous chemicals can be reduced, 
stronger containers may be used, vulnerable sections can be reinforced 
and maintenance schedules can be reviewed. It just does not make sense 
for a chemical security rule not to include an inherently safer 
technology component.
    We believe that all high risk facilities should be required to 
include an analysis in their vulnerability assessment including 
substitution, engineering controls and administrative measures. The 
Department should have the power to implement those measures that it 
deems to be feasible and cost effective as required in H.R. 5695. These 
measures are critical to minimize the release of toxic substances and 
mitigate the catastrophic consequences.
    We must not forget that we are not only addressing the prospect of 
a terrorist attack when discussing the use of safer technology. Every 
week chemicals are released in a wide range of accidental situations 
and natural disasters. As you address chemical security, Congress must 
take this opportunity to mandate steps that will simultaneously 
minimize the national threat of not only attacks, but releases which 
are not hypothetical but a reality that chemical workers and the public 
living around plants experience frequently. President George W. Bush 
stated in his 2003 Homeland Security Presidential Directive # 8 on 
National Preparedness, that we must ``strengthen the preparedness of 
the United States to prevent and respond to threatened or actual 
domestic terrorist attacks, major disasters, and other emergencies by 
requiring a national domestic all-hazards preparedness goal.'' Your 
work can take a large step in fulfilling all of this Directive's 
elements.
    Although I understand that this Committee's mandate is solely the 
protection of our facilities from terrorist attack, the measures that 
will minimize a hazardous release from an intentional attack will also 
minimize the release that is a direct result of a hurricane, 
earthquake, tornado or accident. The dangers we face in a chemical 
release come from a variety of directions, but the use of safer 
technology will minimize all these risks.
    The International Chemical Workers Union Council believes this 
Committee must act now to ensure the safety of our chemical workers and 
all Americans. DHS's Regulations are flawed and it is imperative that 
Congress moves forward on true chemical security reform. We strongly 
support passage of legislation (H.R. 5695) that is similar to 
legislation that passed out of this Committee last year. We urge the 
Committee to act now, preemptively, to protect America from a terrorist 
attack by passing legislation that includes provisions to protect the 
rights of workers, site investigations, whistleblower protections, and 
the use of safer technology.
    The ICWUC looks forward to working with every Member of this 
Committee and the House of Representatives to address this crucial 
problem. Again, I thank you for your time and would be pleased to 
answer any questions that you may have.

    Ms. Jackson Lee. I now recognize Mr. Sondermeyer to 
summarize his statement for 5 minutes.

  STATEMENT OF GARY SONDERMEYER, DIRECTOR OF OPERATIONS, NEW 
         JERSEY DEPARTMENT OF ENVIRONMENTAL PROTECTION

    Mr. Sondermeyer. Good morning, Chairwoman Jackson Lee, 
Chairman Thompson. Congressman Pascrell, great to see you 
again, sir. I really appreciate the opportunity to appear 
before you today.
    I would like to briefly summarize New Jersey's experience 
over the past 6 years in implementing our homeland security 
program, and then specifically focus on our experiences with 
inherently safer technology evaluation. In very brief summary, 
in New Jersey, our homeland security statute was passed in 
October of 2001, 1 month after 9/11. We had chemical facility 
standards adopted in September of 2003, and then more stringent 
chemical standards put in place in November of 2005. At this 
point we do, in New Jersey, have 4 years of on-the-ground 
experience in implementing our homeland security program, which 
covers, in the context of chemical facilities, about 450 sites. 
All of these facilities at this point have addressed site-
specific vulnerability assessment, target-hardening needs 
assessment, information and cybersecurity protocol development, 
badging and credentialing, worker training, emergency planning 
and response, and preparedness exercising. In addition, for a 
smaller universe of sites, which are referred to in New Jersey 
as Toxic Catastrophe Prevention Act sites, we had an additional 
requirement to perform an inherently safer technology 
evaluation.
    More specifically, on the IST, each of the facilities was 
required to review reducing the amount of extraordinarily 
hazardous substances; substituting less hazardous materials; 
using extraordinarily hazardous substances in the least 
hazardous process, form or condition; and designing equipment 
and processes to minimize the potential for equipment or human 
error.
    I am very happy to report that we are extremely pleased 
with the results of our inspections and our assessment. With 
respect to IST, all of the 45 facilities required to conduct 
the analysis did so. Each has documented that they have made 
changes to improve inherent safety based on the IST analysis or 
other process hazard consequence analysis they did previously. 
Thirty-two percent gave us a specific schedule for implementing 
additional inherent safety programs at their plants, and an 
additional 19 made commitments to make changes, but have yet to 
give us a schedule.
    So, taking a step back, 50 percent of the universe of 
facilities required to do the IST analysis made commitments to 
go beyond where they are today to improve inherent safety.
    It is very clear to us from our experiences that IST 
analysis is not overly burdensome on the chemical industry, and 
we feel that it is good business practice from an economic, 
worker safety, and a regulatory compliance standpoint.
    If I may go a little bit beyond IST, the draft Chemical 
Facility Antiterrorism Act of 2008, New Jersey does continue to 
have serious concern with the issue of preemption, which 
Governor Corzine has gone on record to comment on previously. 
Section 2107 clearly allows States to retain the authority to 
adopt and enforce any regulation, requirement or standard of 
performance that relates to environmental protection, health, 
and safety.
    We would respectfully urge Congress to equally be clear 
that States retain the unqualified authority to adopt enhanced 
security requirements based upon risk and consequence factors 
within their particular State. This could be accomplished by 
simply deleting the phrase at the end of section 2107A, in 
quotes, ``unless the State regulation, requirement, or standard 
of performance would conflict with the purposes of this 
title.''
    If I may, just one final policy point I would like to 
respectfully make. We do strongly recommend consideration of 
permissive enabling language to allow delegating oversight 
responsibility to State governments by DHS. From our 
experiences in the environmental regulatory world, this has 
been standard practice for 20 or 30 years where the United 
States Environmental Protection Agency will be administering a 
Federal statute, Clean Air Act, Clean Water Act, RCRA, whatever 
that would be, but they have the authority to delegate to the 
States the day-to-day operational authority to implement the 
program.
    We make this recommendation respectfully because at this 
point we are 6 years into implementing a program, and we think 
it would work very well if DHS, upon review and finding 
equivalency in our program and finding that it is suitable, to 
allow it to mesh together so that we can perform efficiently in 
government and dovetail and complement the Federal initiative 
without in any way jeopardizing what New Jersey has already put 
in place.
    Thank you very, very much for this great opportunity, and I 
would be happy to answer any questions at the appropriate time. 
Thank you.
    Ms. Jackson Lee. Thank you very much for your testimony.
    [The statement of Mr. Sondermeyer follows:]

                 Prepared Statement of Gary Sondermeyer

    Good morning Chairman Thompson, ranking member King and Members of 
the House Committee on Homeland Security. My name is Gary Sondermeyer 
and I serve as the Director of Operations for the New Jersey Department 
of Environmental Protection (DEP). With me is Paul Baldauf, Assistant 
Director of our Radiation Protection and Release Prevention Element. 
Paul and I have lead responsibility for implementation of New Jersey's 
homeland security program for chemical facilities under the direction 
of DEP Commissioner Lisa P. Jackson and Director Richard L. Canas of 
our Office of Homeland Security and Preparedness (OHSP). I would first 
like to sincerely thank the Committee for the opportunity to appear 
before you to discuss the Chemical Facility Anti-Terrorism Act of 2008 
and specifically the ongoing inherently safer technology and chemical 
sector security initiatives within the State of New Jersey.
    Chemical plant security is a subject that Governor Jon S. Corzine 
and every New Jersey resident regard with urgent concern. We view our 
Chemical Standards, including requirements for inherently safer 
technology evaluation, as vital to providing New Jersey with an 
accurate reflection of our current state of security preparedness, as I 
will further outline in my testimony.
    In response to the risks posed by a possible terrorist attack on 
New Jersey's chemical facilities, New Jersey has taken significant 
steps to strengthen the security precautions at these plants. At this 
point we have four years of on the ground experience in implementing a 
homeland security program for all chemical facilities operating in our 
State. Best Security Practices were adopted for the Chemical Sector 
working cooperatively with industry leaders on September 18, 2003. 
Since November 2005, New Jersey went further and adopted enforceable 
plant security practices for its chemical facilities as well as 
facility security assessments to evaluate potential security threats 
and vulnerabilities. The facilities that pose the most significant 
risks are subject to the State's Toxic Catastrophe Prevention Act 
(TCPA) program, which incorporates EPA's Risk Management Program but is 
stricter and broader in scope than the 112 requirements. New Jersey's 
enforceable plant security practices are vital to providing the state 
with an accurate picture of the current state of preparedness within 
the Chemical Sector and provide a foundation to move forward with the 
appropriate actions to safeguard our citizens.
    I shall begin with a brief overview of New Jersey's domestic 
security preparedness activities, and then turn to the specific reasons 
why the evaluation of inherently safer technologies in the chemical 
industry is of vital importance.

    Overview of New Jersey's Domestic Security Preparedness Effort
    New Jersey's unique vulnerabilities have made us a leader among 
states in initiating and implementing measures to counter potential 
terrorist operatives, to reduce the risk of attack at critical 
infrastructure facilities, and to reduce the potential impacts to 
public health and safety if any such attacks should occur in the 
future. New Jersey undertakes these efforts through our Domestic 
Security Preparedness Task Force (Task Force), chaired by Director 
Richard L. Canas of our OHSP.
    As Director of Operations of the Department of Environmental 
Protection (DEP), I serve as the DEP Commissioner's Task Force 
representative and the liaison to the pharmaceutical and biotechnology, 
chemical, nuclear, petroleum, wastewater, and dam safety sectors of our 
critical infrastructure. DEP shares responsibility for the water sector 
as well in cooperation with the New Jersey Board of Public Utilities. 
Through the Task Force and the OHSP, I also participate in New Jersey's 
preparedness and response effort for other sectors.
    The Task Force has undertaken a comprehensive program to reduce 
terror risk, to ensure preparedness at critical infrastructure 
facilities, and to test the efficacy of both public agencies and the 
private sector in responding to acts of terrorism. Every Task Force 
agency and every sector of our critical infrastructure has developed, 
through a public-private collaboration, a series of ``Best Practices'' 
for domestic security. Each set of Best Practices was reviewed and 
approved by the Task Force and the Governor. Every Task Force agency 
and every sector of our critical infrastructure has also participated 
in appropriate exercises to test the strengths and limits of terror 
detection and response capability.
    New Jersey's current challenge is to ensure full implementation of 
security ``Best Practices'' across all sectors, consistent with a 
policy of ``Zero Tolerance'' for noncompliance, and to identify those 
additional regulatory and other measures that are appropriate to 
contend with emerging threats and challenges. Throughout this process, 
DEP is working with OHSP, our State Police, the Attorney General's 
Office and private companies within our sectors to reduce or eliminate 
specific threats that we have identified on a case-by-case basis.

    New Jersey's Toxic Catastrophe Prevention Act (TCPA) Program
    New Jersey has managed an oversight program to increase safety at 
chemical plants and other facilities that store or utilize 
extraordinarily hazardous materials for over 20 years. The Toxic 
Catastrophe Prevention Act (TCPA) program was created in 1986 as a 
result of a chemical accident in Bhopal, India that killed thousands of 
nearby residents. Several chemical facilities in New Jersey had 
experienced minor accidents prior to this time, clearly indicating that 
a similar risk existed in New Jersey. The TCPA requires facilities that 
handle extraordinarily hazardous substances above certain inventory 
thresholds to prepare and implement risk management plans. The plans 
must include detailed procedures for safety reviews of design and 
operation, operating procedures, maintenance procedures, training 
activities, emergency response, process hazard analysis with risk 
assessment and self-auditing procedures. An extraordinarily hazardous 
substance is defined as a substance, which if released into the 
environment would result in a significant likelihood of causing death 
or permanent disability.
    In 1998 the program adopted USEPA's 112(r) Accidental Release 
Prevention Program (40 CFR 68) by reference. This program included 
additional toxic substances and highly flammable substances. It also 
required each facility to complete a worst case scenario analysis. The 
worst case scenario models the resultant toxic cloud to a predetermined 
concentration. The USEPA end point concentrations are approximately 
one-tenth of the concentration that would cause death to persons 
exposed.
    On August 4, 2003, the readoption of the TCPA rules added reactive 
hazards substances to the list of extraordinarily hazardous substances 
covered under the program. Industrial accidents in New Jersey resulting 
from reactive hazards demonstrated the need to include reactives under 
the TCPA program. Owners and operators having listed reactive hazard 
substances in quantities that meet or exceed thresholds are required to 
develop risk management plans to reduce the risk associated with these 
unstable substances. In addition, and the focus of this testimony, this 
readoption included a requirement that owners and operators evaluate 
inherently safer technology for newly designed and constructed covered 
processes.
    In April, 2007 the DEP proposed amendments to the TCPA rule to 
require all companies subject to the program to evaluate the potential 
of incorporating inherently safer technology at their facility. This 
proposal also covers many sectors such as food, water/wastewater, and 
energy which are outside the chemical industry but store threshold 
amounts of extraordinarily hazardous substances. The DEP is currently 
evaluating comments to the April proposal and expects to issue a final 
rule requiring the evaluation of inherently safer technology at all 
TCPA sites in early 2008.

    Chemical Sector Best Practices Standards
    New Jersey recognizes that facilities in the Chemical Sector are 
diverse in size, complexity, and potential for off site impacts to the 
community and therefore a blanket approach to addressing security 
concerns may not be practical. The Best Practices represent a risk-
based approach to security consisting of a site-specific vulnerability 
assessment that evaluates threats to a facility's operation, its 
particular vulnerabilities and likely consequences of a chemical 
release, and the physical and procedural security measures already in 
place. The Chemical Sector Best Practices were predominantly derived 
from the Security Code of the American Chemistry Council's Responsible 
Care program.
    Subsequently the Task Force determined that additional measures 
were necessary to ensure that appropriate prevention and response 
measures are implemented by the chemical sector to address emerging 
domestic security threats. As a result, Chemical Sector Best Practices 
Standards (Standards) were put in place on November 21, 2005.
        The Standards require chemical sector facilities to, among 
        other things:
         comply with the Chemical Sector Security Best 
        Practices;
         conduct a terrorism-based security vulnerability 
        assessment; and
         develop a prevention, preparedness, and response plan 
        to minimize the risk of a terrorist attack.
    In addition, chemical sector facilities subject to TCPA are 
required to conduct a review of the practicability and potential for 
adopting inherently safer technology.

    Inherently Safer Technology
    Facilities required to conduct an inherently safer technology 
review must evaluate:
         reducing the amount of extraordinarily hazardous 
        substances materials that potentially may be released;
         substituting less hazardous materials;
         using extraordinarily hazardous substances in the 
        least hazardous process conditions or form;
         and, designing equipment and processes to minimize the 
        potential for equipment failure and human error.
    I must emphasize that the inherently safer technology requirement 
under the Standards represents a practicability test; it is not 
mandatory that a covered facility implement IST, only that they 
evaluate. The results of the evaluations are held at the facility site, 
and are made available to DEP inspectors during an on-site visit.
    Compliance with the Standards was required within 120 days of the 
effective date, March 21, 2006. We have been extremely pleased with the 
compliance levels we have seen to our standards. Compliance of the New 
Jersey requirements exceeded 98 percent. The Standards applied to 
facilities that are subject to either the Toxic Catastrophe Prevention 
Act (TCPA) or the Discharge Prevention, Containment and Countermeasure 
(DPCC) program, and report under certain Standard Industrial 
Classification (SIC) or North American Industrial Classification System 
(NAICS) codes. Of the total 157 facilities covered under the Standards, 
45 are regulated TCPA facilities required to perform IST analysis. In 
all cases, facilities required under the Standards to conduct IST 
review have done so. All of these facilities have documented that they 
have previously implemented IST or similar risk reduction measures. 32 
percent of the facilities have provided a schedule to implement 
additional IST or other risk reduction measures, and 19 percent have 
identified additional IST or risk reduction measures but have not yet 
scheduled their completion. The remaining 49 percent of the facilities 
had no additional recommendations. It should be noted that these are 
facilities that have been regulated under the TCPA program for many 
years resulting in the past implementation of IST and risk reduction 
measures. 80 percent of the facilities concluded that at least some of 
the IST or risk reduction measures identified during their evaluation 
were infeasible for their operations. I believe that our compliance 
results clearly indicate that the evaluation of inherently safer 
technology is not overly burdensome on industry and is an effective 
tool for critically evaluating the risk reduction opportunities 
available at a specific facility. It is clear to us that IST analysis 
is simply good business practice for any facility storing or utilizing 
extraordinarily hazardous materials from an economic, worker safety and 
regulatory compliance standpoint.
    But these measures alone are merely a starting point. Our knowledge 
of both the threat and the appropriate response is evolving daily. As 
we implement the ``Best Practices'' and work with facilities on site-
by-site review of security vulnerabilities, we also have begun a public 
process to review what additional regulatory measures may be 
appropriate to harden potential targets, to reduce risk to surrounding 
communities, and to involve workers and communities in the process.

    Chemical Facility Anti-Terrorism Act of 2008
    New Jersey has expressed serious concerns on a number of occasions 
about any language in federal regulations that has the potential to 
preempt existing state chemical security initiatives or limit future 
state actions to address unique vulnerabilities. Section 2107. Federal 
Preemption, clearly allows States to retain the authority to adopt and 
enforce any regulation, requirement, or standard of performance 
relating to environmental protection, health, or safety. We urge 
Congress to be equally clear that States retain the unqualified 
authority to adopt enhanced security requirements based upon risk and 
consequence factors within that State. This could be accomplished by 
deleting the phrase ``unless the State regulation, requirement, or 
standard of performance would conflict with the purposes of this 
title'' from Section 2107 (a).
    The proposed Act would capture chemical facilities currently exempt 
from the existing Chemical Facility Anti-Terrorism Standards, 6 CFR 
Part 27, expand the universe of regulated sites, and require 
assessments of methods to reduce the consequences of a terrorist attack 
at high risk sites. Overall, the Act addresses many of the comments 
previously submitted by New Jersey on 6 CFR Part 27.
    We strongly recommend consideration of permissive enabling language 
toward delegating oversight responsibility to State governments, along 
with appropriate levels of Federal funding to support homeland security 
efforts. This would include a petition process to DHS by interested 
State governments and granting of delegated authority on a 
discretionary basis. In the case of New Jersey, the actions taken in 
chemical security preparedness since September 11 have left the State 
well qualified to undertake such delegated responsibilities. State 
security (Office of Homeland Security and Preparedness and New Jersey 
State Police) and the chemical process safety experts (Department of 
Environmental Protection) are intimately familiar with the chemical 
facilities in question and have conducted multiple security and safety 
inspection at each site over the last five years. Leveraging and 
augmenting State resources is vital to ensuring that our chemical 
facilities are adequately protected from acts of terrorism.

    Conclusion
    Although New Jersey took critical steps to address chemical 
facility security well over four years ago, we recognize that most 
states have not taken formal regulatory action and therefore, federal 
regulations to create minimum national chemical facility security 
standards are essential. At the same time, it is also important not to 
penalize those pro-active states and allow the states to retain the 
authority to adopt enhanced security requirements if states determine 
they are necessary. No two states are alike, and the risks posed by 
every facility present unique challenges based on location, population 
size, and other factors. Security standards that are appropriate to 
safeguard a facility in a rural area, for example, may not be 
sufficient for a facility located in one of the most densely populated 
and heavily traveled sections of the country. Simply put, one size does 
not fit all.
    New Jersey's critical infrastructure concentration and high 
population density may have no comparison in the United States; our 
state needs to retain the ability to go beyond any Federal security 
baseline standard to ensure that our preparedness is measured in line 
with our potential vulnerabilities. We need federal standards, but they 
must be a floor ensuring a base level of protection, not a ceiling that 
constrains our ability to protect our citizens, as well as our 
neighbors. We must emphasize our vehement objection to any preemption 
language that would limit New Jersey's ability to maintain our current 
standards or if necessary impose additional requirements in the future 
to protect our citizens. Governor Corzine has gone on record previously 
to express his concern for the safety of New Jersey's residents. In 
serving Governor Corzine, it is our duty to protect the citizens of our 
State and it is imperative that federal legislation enhances, rather 
than undermines New Jersey's ability to protect our chemical sector 
critical infrastructure.
    I once again would like to thank you Chairman Thompson, ranking 
member King and Members of the House Committee on Homeland Security. On 
behalf of DEP Commissioner Lisa P. Jackson and Director of Homeland 
Security and Preparedness Richard L. Canas, I sincerely want to thank 
you for the opportunity to share some of New Jersey's experience in 
implementing our chemical security and inherent safety program since 
the passage of the New Jersey Domestic Security Preparedness Act in 
October, 2001. We would be happy to entertain any questions you may 
have and are available at any time should additional information be 
valuable to the critical work of your Committee.

    Ms. Jackson Lee. And I now recognize Dr. Mannan to 
summarize his statement for 5 minutes.

 STATEMENT OF M. SAM MANNAN, PE, CSP, PROFESSOR AND DIRECTOR, 
 MARY KAY O'CONNOR PROCESS SAFETY CENTER, TEXAS A&M UNIVERSITY 
                             SYSTEM

    Mr. Mannan. Chairwoman Jackson Lee, Chairman Thompson, and 
members of the subcommittee, my name is Sam Mannan, and I am 
director of the Mary Kay O'Connor Process Safety Center and 
professor of chemical engineering at Texas A&M University. The 
center seeks to develop safer processes, equipment procedures, 
and management strategies that would minimize losses in the 
process industry.
    I also want to take this opportunity to thank Chairwoman 
Jackson Lee for her kind comments about Texas A&M University 
and the role we play in educating Texans and the Nation.
    First I want to thank this committee and the U.S. Congress 
for addressing chemical facility antiterrorism, and giving the 
Department of Homeland Security the necessary authority to 
regulate security in the chemical industry. I applaud the 
subcommittee for holding today's hearing on chemical security 
regulations and their impact on the public and private sector. 
This is a subject that is of extreme importance to our Nation, 
and I am pleased to be able to share my experience and 
opinions, as well as continue to serve as a resource for the 
Federal Government on this important issue.
    The U.S. Congress must give the Department of Homeland 
Security permanent and continuing authority to regulate 
chemical security in the United States. While many facilities 
are voluntarily taking appropriate measures, I am concerned 
that many are not. A regulation that creates a minimum and 
level playing field is very important. The inclusion of water-
processing facilities in the act is very important and 
necessary. As the 9/11 events have shown, terrorists are more 
likely to use easily available materials to strike at us.
    Although section 2110 of the act does not refer to the term 
``inherent safety'' or the term ``inherently safer 
technology,'' compliance with section 2110 deals exclusively 
with the implementation of inherently safer technologies and 
approaches. While there is no question that options with regard 
to inherent safety should be considered, we must understand and 
account for the challenges and difficulties in implementing 
inherently safer technologies and options.
    In this context, the Mary Kay O'Connor Process Safety 
Center published a white paper outlining challenges faced in 
evaluating and implementing inherently safer designs. I have 
provided the white paper as an attachment to my testimony.
    We believe that a coordinated, long-term effort involving 
government, industry, and academia is essential to develop and 
implement inherently safer technologies. A similar 
collaborative approach has shown success in related areas, such 
as green chemistry, energy conservation, and sustainable 
development. I believe that science should precede regulations. 
I do not believe that the science currently exists to quantify 
inherent safety.
    This act and any actions taken as a result of this act 
should not create unintended and unwanted consequences. Instead 
of prescriptive requirements for inherently safer technology 
and approaches, facilities should be allowed the flexibility of 
achieving a manageable level of risk using a combination of 
safety and security options. The current language in the bill 
is far too prescriptive, and focused much too heavily on only 
one method of reducing the consequences of terrorist attack. 
All methods of reducing vulnerability should be considered on a 
case-by-case basis, and the implementation of any one 
particular method should not take or appear to take precedence 
over the others.
    Whether national or man-made, disasters have continued to 
happen. However, as we have seen with the 9/11 events, 
Hurricanes Katrina and Rita, and the chemical incidents such as 
the Bhopal disaster, planning and response is crucial in being 
able to reduce the consequences and recover from the disaster 
more rapidly. In this regard, it is essential to conduct 
vulnerability analysis, response and recovery planning at the 
plant-specific level, the area--and region-specific level, and 
national level. The long-term goal is to develop technology and 
know-how with regard to resilient engineered systems and 
terrorism-resistant plants. In this respect, research and 
technological advances are needed in many areas, such as 
biochemical detection, sensors, and self-healing materials. 
Protection of the chemical infrastructure, like many of the 
challenges, requires the commitment and effort of all 
stakeholders.
    In closing, I again applaud the U.S. Congress for providing 
leadership in this important area of chemical security. It is 
clear that many companies are taking reasonable and responsible 
steps in chemical security; however, all facilities that 
handle, store, or transport hazardous materials should be 
required to take such steps. That is why government must 
develop and enforce good science-based regulation that sets the 
minimum and necessary standards for chemical security. These 
regulations should be based upon good science, aimed at making 
the industry secure, avoid overregulation, and create a level 
playing field. Only through a comprehensive, uniform, and risk-
based approach can we protect the people and communities of our 
Nation, as well as protect our Nation's critical chemical 
infrastructure. I am encouraged by the leadership of Congress 
and the continued effort to seek expertise and opinion from all 
stakeholders.
    Thank you for inviting me to present my opinions, and I 
would be happy to answer any questions.
    Ms. Jackson Lee. Thank you.
    [The statement of Mr. Mannan follows:]

           Prepared Statement of M. Sam Mannan, PhD, PE, CSP

                              Introduction

    Chairwoman Jackson Lee, ranking member Lungren and members of the 
Subcommittee, my name is M. Sam Mannan and I hold a BS, MS, and PhD in 
chemical engineering. I am a registered professional engineer in the 
states of Louisiana and Texas and I am a certified safety professional. 
I am a Fellow of the American Institute of Chemical Engineers and a 
member of the American Society of Safety Engineers, the International 
Institute of Ammonia Refrigeration, and the National Fire Protection 
Association. I am Director of the Mary Kay O'Connor Process Safety 
Center, holder of the T. Michael O'Connor Chair I in Chemical 
Engineering, and Professor of Chemical Engineering at Texas A&M 
University. The Center seeks to develop safer processes, equipment, 
procedures, and management strategies that will minimize losses in the 
process industry. My area of expertise within the chemical engineering 
discipline is process safety. I teach process safety engineering both 
at the undergraduate and graduate level. I also teach continuing 
education courses on process safety and other specialty process safety 
courses in the United States and overseas. My research and practice is 
primarily in the area of process safety and related subjects. The 
opinions I present today both in my written statement and oral 
testimony represent my personal position on these issues. These 
opinions are based on my education, experience, and training.
    First, I want to thank this Committee and the US Congress for 
addressing Chemical Facility Anti-Terrorism and giving the Department 
of Homeland Security the necessary authority to regulate security in 
the chemical industry. I applaud the Subcommittee for holding today's 
hearing on chemical security regulations and their impact on the public 
and private sector. This is a subject that is of extreme importance to 
our nation, and I am pleased to be able to share my experience and 
opinion as well as continue to serve as a resource to the federal 
government on this important issue.

                               Background

    Hazardous materials can be grouped into three tiers of 
vulnerability categories. The first category includes the stationary 
facilities that are members of major industry associations. Even though 
these facilities have large inventories of hazardous materials and are 
quite visible, they are the best prepared against attack because of 
voluntary programs that have been developed and implemented. The second 
tier of vulnerability category includes smaller and medium-sized 
facilities that manufacture or use chemicals but may or may not be 
members of any industry associations. These facilities are less 
visible, but are also, in general, less prepared and more widely 
distributed. Finally, the third category of vulnerability includes all 
hazardous materials that are in transit (by whatever means) throughout 
the United States. In addition to being present almost anywhere in the 
United States at any given time, this category also represents high 
visibility and the highest vulnerability. It could also be argued that 
this category is the least prepared to deal with intentionally caused 
catastrophic scenarios.
    Some pertinent subjects of interest with regard to attacks on the 
chemical infrastructure are: active protection measures; passive 
protection measures; vulnerability analyses, response and recovery 
plans; and long-term needs and priorities. Active protection measures 
include increased security, limited access to facilities, and 
background checks. Examples of passive protection measures include 
development of exclusion areas and process and engineering measures.
    Vulnerability analysis, response, and recovery plans are needed not 
only to help devise the prevention and protection plans, but also to 
develop the response and recovery plans. In this respect, it must be 
mentioned that most of the large, multi-national facilities that are 
members of major industry associations have voluntarily conducted some 
form of vulnerability analysis. What is not clear is whether these 
analyses have been used to integrate planning for response and recovery 
efforts in coordination with local agencies and the public. One very 
stark lesson from the 9/11 events is that the ``first'' first-
responders are usually members of the public. Additionally, area--and 
region-specific vulnerability analysis and assessment of infrastructure 
availability for response and recovery have not been conducted. 
Finally, a national vulnerability analysis and assessment of 
infrastructure availability for response and recovery is a critical 
need.
    Whether natural or man-made, disasters will continue to happen. 
However, as we have seen with the 9/11 events, hurricanes Katrina and 
Rita, and chemical incidents such as the Bhopal disaster, planning and 
response is crucial in being able to reduce the consequences and to 
recover from the disaster more rapidly. In this regard, it is essential 
to conduct vulnerability analysis, response, and recovery planning at 
the following three levels:
         Plant-specific vulnerability analysis and assessment 
        of infrastructure availability and preparedness for response 
        and recovery is needed. As mentioned earlier, most of the large 
        multi-national facilities that belong to prominent industry 
        associations have voluntarily conducted some form of 
        vulnerability analysis. What is not clear is whether these 
        analyses have been used to integrate planning for response and 
        recovery efforts in coordination with local agencies and the 
        public.
         Area--and region-specific vulnerability analysis and 
        assessment of infrastructure availability for response and 
        recovery should be conducted. Each area- and region-specific 
        analysis should include an assessment and planning for 
        evacuation and shelters.
         National vulnerability analysis and assessment of 
        infrastructure availability for response and recovery is 
        critically needed. In doing this national analysis, impact on 
        international issues and criteria should also be considered.

                     Long-term Goals and Priorities

    Long-term goals and priorities to prevent and/or reduce the 
consequences of intentional catastrophic scenarios require clear 
thinking and hard work. While no one would argue that making hazardous 
materials less attractive as a target should be a goal that all 
stakeholders should accept, differences arise in how we realize that 
goal.
    Inherent safety options can and should be considered; however, we 
must be aware of the differences in implementing inherent safety 
options for existing plants, as compared to new plants. Also, in some 
cases, a seemingly clear choice with regard to inherent safety may 
create some undesired and unintended consequences. Issues such as risk 
migration, reduction of overall risk, and practical risk reduction 
should be evaluated whenever an inherent safety option is considered.
    Another long-term goal is to develop technology and know-how with 
regard to resilient engineered systems and terrorism-resistant plants. 
In this respect, research and technological advances are needed in many 
areas, such as bio-chemical detection, sensors, and self-healing 
materials. Protection of the chemical infrastructure, like many other 
challenges, requires the commitment and effort of all stakeholders.
    I feel very strongly that science should precede regulations and 
standards. With regard to science and technology investments, many 
initiatives have been proposed and are being implemented. However, some 
important additional initiatives that should also be considered are 
given below:
        1. The fact is that the chemical infrastructure and all 
        components including the individual sites, supply, and delivery 
        systems were never built with terrorism in mind. Research must 
        be conducted to determine how we might have designed and built 
        the chemical plants and the infrastructure had we considered 
        these threats. The ultimate goal for such research would be 
        two-pronged. First, determine options for what can be feasibly 
        implemented for existing plants. Second, if necessary, 
        prescribe new standards and procedures for new plants.
        2. Research investments should be made on advanced 
        transportation risk assessment methods. Before transportation 
        of any hazardous materials, a transportation risk assessment 
        should be conducted using available information and 
        methodology, as well as time-specific data that may be 
        available.
        3. Additional science and technology investments that should be 
        considered are:
                 Development of incident databases and lessons 
                learned. This knowledge base could then be used to 
                improve planning, response capability, and 
                infrastructure changes. Recent experience in this 
                regard is the improvement in planning and response for 
                the hurricane Rita from lessons learned from the 
                hurricane Katrina.
                 Research should be conducted on decision-
                making, particularly under stress, and how management 
                systems can be improved.
                 Research on inherent safety options and 
                technologies. This type of research should be combined 
                with systems life cycle analysis and review of 
                practical risk reduction. In other words, 
                implementation of inherent safety options should not be 
                allowed to create other unintended consequences, risk 
                migration, or risk accumulation. While transportation 
                is outside the scope of the Chemical Security Act of 
                2008, it must be included in vulnerability assessments 
                to avoid transfer of facility risks to transportation 
                risks.
                 Basic and fundamental research is also needed 
                on design of resilient engineered systems. For example, 
                if the collapse of the World Trade Center towers could 
                have been extended by any amount of time, additional 
                lives could likely have been saved.
                 Basic and fundamental research is also needed 
                on resilient and fail-safe control systems.
                 Long-term research is also needed in the area 
                of self-healing materials and biomimetics.

         Specific Comments on the Chemical Security Act of 2008

    With regard to the Chemical Security Act of 2008, I have the 
following specific comments:
        1. The US Congress must give the Department of Homeland 
        Security permanent and continuing authority to regulate 
        chemical security in the United States. While many facilities 
        are voluntarily taking appropriate measures, I am concerned 
        that many are not. A regulation that creates a minimum and 
        level playing field is very important.
        2. The inclusion of water processing facilities in the Act is 
        important and necessary. As the 9/11 events have shown, 
        terrorists are more likely to use easily available materials to 
        strike at us.
        3. The use of a risk-based approach and risk-tiering in 
        evaluating the vulnerability of any facility is a good 
        approach.
        4. Although Section 2110 of the Chemical Security Act of 2008 
        does not refer to the term ``inherent safety'' or ``inherently 
        safer technology,'' compliance with Section 2110 deals 
        exclusively with the implementation of inherently safer 
        technologies and approaches. I have several comments with 
        regard to the proposed language in the Act.
                a. It is not clear how the Secretary would determine 
                what is an inherently safer technology or approach. 
                More clarity is needed on this issue.
                b. There are many methods available to the industry for 
                potentially reducing risk and vulnerability. 
                Vulnerability assessments should consider the 
                feasibility of all methods for improving security to 
                determine the method to achieve the optimum balance of 
                cost effectiveness and vulnerability reduction.
                c. As I stated earlier, science should precede 
                regulations. I do not believe that the science 
                currently exists to quantify inherent safety. This Act 
                or any actions taken as a result of the Act should not 
                create unintended and unwanted consequences. An example 
                in this context is the substitution of hydrogen 
                fluoride (HF) with sulfuric acid 
                (H2SO4) for refinery alkylation 
                processes. While it is true that HF is more toxic than 
                H2SO4, the amount of H2SO4 needed 
                to do the same amount of processing is 25 times or more 
                than HF. Thus changing from HF to H2SO4 
                would require large storage facilities and more 
                transportation. In fact, changing from HF to H2SO4 may 
                provide more opportunities for a terrorist attack. On 
                the other hand, a well-managed plant with a smaller 
                amount of HF and appropriate safety protective systems 
                may represent a lower overall risk.
                d. While there is no question that options with regard 
                to inherent safety should be considered, we must 
                understand and account for the challenges and 
                difficulties in implementing inherently safer 
                technology and options. In this context, the Mary Kay 
                O'Connor Process Safety Center published a White Paper 
                outlining challenges faced in evaluating and 
                implementing inherently safer designs (the White Paper 
                is provided as an attachment). The first challenge is 
                simply to measure the degree of inherent safety in a 
                way that allows comparisons of alternative designs, 
                which may or may not increase safety or may simply 
                redistribute the risk. The second is that because 
                inherent safety is an intrinsic feature of the design, 
                it is best implemented early in the design of a process 
                plant, while the US has a huge base of installed 
                process plants and little new construction. Finally, in 
                developing inherently safer technologies, there are 
                significant technical challenges that require research 
                and development efforts. These challenges make 
                regulation of inherent safety very difficult. We 
                believe that a coordinated long-term effort involving 
                government, industry, and academia is essential to 
                develop and implement inherently safer technologies. A 
                similar collaborative approach has shown success in 
                related areas such as green chemistry, energy 
                conservation, and sustainable development.
                e. Instead of prescriptive requirements for inherently 
                safer technology and approaches, facilities should be 
                allowed the flexibility of achieving a manageable level 
                of risk using a combination of safety and security 
                options. For example, nuclear facilities have very high 
                hazard materials, but they protect their site and the 
                public with a combination of multiple layers of 
                security and safety protective features. The current 
                language in the bill is far too prescriptive and 
                focused much too heavily on only one method of reducing 
                the consequences of a terrorist attack. All methods of 
                reducing vulnerability should be considered on a case-
                by-case basis, and the implementation of any one 
                particular method should not take or appear to take 
                precedence over the others.
                f. Over the past 10-15 years, and more so after 9/11, 
                consideration of Inherently Safer Technology (IST) 
                options and approaches has effectively become part of 
                industry standards, with the experts and persons with 
                know-how assessing and implementing inherently safer 
                options, without prescriptive regulations that carry 
                risks (both as trumping other tools or potentially 
                shifting risk). A better approach for applying IST in 
                security is by allowing the companies to assess IST as 
                part of their overall safety, security and 
                environmental operations and therefore, cannot be 
                prescriptive. The current DHS regulations allow for 
                IST--but do not require it under the performance-based 
                standards and the no ``one-measure'' language proposed 
                in the Chemical Security Act of 2008. Any new law 
                should adopt the current comprehensive regulatory 
                scheme and build upon the great effort and momentum 
                already established.
        5. The section of the Act dealing with the formation of the 
        Panel on Methods to Reduce the Consequences of a Terrorist 
        Attack is in principle a good idea. However, an issue that 
        needs to be given some thought is trade secrets. Even though 
        the Act contains requirements with regard to protection of 
        information and confidentiality of documents, it stands to 
        reason that companies may feel restricted in providing certain 
        trade secret information when they know that such information 
        may be viewed by panelists who are employees of other companies 
        and competitors. Another issue is that the panel could well be 
        faced with a huge volume of work. There are thousands of 
        different chemical processes in use in the US. What works at 
        one facility is not necessarily appropriate at another 
        facility, even if they have the same feedstock and product.
        6. The numerous uses of the word ``any'' could create a huge 
        amount of workload associated with the evaluations and 
        documentation of site vulnerability assessments (SVA) with 
        little benefit. For example, page 12, ``The identification of 
        any hazard that could result from a chemical facility terrorist 
        incident at the facility.'' Another example on page 12 is 
        paragraph E, ``Any vulnerability of the facility with respect 
        to------.''
        7. Paragraph B on page 12 requiring the quantification of 
        consequences (``The number of individuals at risk of death, 
        injury, or severe adverse effects to human health as a result 
        of a chemical facility terrorist incident at the facility.'') 
        should be removed or modified. As was the case with the RMP 
        ``Population at Risk'' values, the data are often taken out of 
        context or used inappropriately. Furthermore, there will be 
        significant variability in how these estimates are calculated 
        if performed by each company. It would be much better to have 
        these estimates generated by DHS based upon the inventories 
        provided by the companies, as is the case with current DHS 
        regulations.
        8. Regarding SEC. 2110, section (a) METHODS TO REDUCE THE 
        CONSEQUENCES OF A TERRORIST ATTACK, it is not clear how item 
        (5) `procedure simplification', or (10) `reduction of the 
        possibility and potential consequences of equipment failure and 
        human error', would have an impact upon the consequences of a 
        terrorist attack.

                          Concluding Thoughts

    I applaud the US Congress for providing leadership in this 
important area of chemical security. It is clear that many companies 
are taking reasonable and responsible steps in chemical security. 
However, all facilities that handle, store, or transport hazardous 
materials should be required to take such steps. That is why government 
must develop and enforce good-science based regulations that set the 
minimum and necessary standards for chemical security. These 
regulations should be based upon good science aimed at making the 
industry secure, avoid over-regulation, and create a level playing 
field.
    Terrorism should not only be expected from Al-Qaeda and its support 
organizations, but from other sources as well, both home-grown and 
foreign. In this respect, planning and response measures should be 
based upon considering not only the existing structure of Al-Qaeda and 
its support organizations, but also the looming threat of mutations of 
Al-Qaeda and other terrorist organizations. As the Oklahoma City 
bombing and the more recent London events have shown, the terrorists 
could very well be our own citizens. As the mutation keeps evolving, it 
is not unlikely that alliances would develop among Al-Qaeda type 
organizations and other organizations or individuals who are 
disaffected or anti-establishment for totally different reasons. In 
fact, these organizations may be at odds with each other ideologically, 
but may unite because they see the establishment as a common enemy.
    Regardless of what steps are taken by government, industry and 
other stakeholders regarding chemical security, it stands to reason 
that a terrorist attack should be expected and will occur sooner or 
later. As we know now, the 9/11 attacks were in planning for several 
years. As the adage goes, the terrorists only have to be successful 
once. Thus, it is imperative that the approaches taken be based upon 
the triple-pronged philosophy: evaluation and assessment, prevention 
and planning, and response and recovery. Planning and preparedness is 
required for all three areas.
    In closing, only through a comprehensive, uniform and risk-based 
approach can we protect the people and communities of our nation as 
well as protect our nation's critical chemical infrastructure. I am 
encouraged by the leadership of Congress and the continued effort to 
seek expertise and opinion from all stakeholders.
    Thank you for inviting me to present my opinions and I will be 
happy to answer any questions.

                        Attachment:  WHITE PAPER

Abstract
This paper defines inherent safety and contrasts it with more 
traditional approaches to safety. It illustrates through analogies with 
common household examples the challenges faced in evaluating and 
implementing inherently safer designs. The first challenge is simply to 
measure the degree of inherent safety in a way that allows comparisons 
of alternative designs, which may or may not increase safety or may 
simply redistribute the risk. The second is that because inherent 
safety is an intrinsic feature of the design, it is best implemented 
early in the design of a process plant, while the US has a huge base of 
installed process plants and little new construction. Thirdly, in 
developing inherently safer designs, there are significant technical 
challenges that require research and development efforts with limited 
economic incentives. These challenges make regulation of inherent 
safety very difficult. We believe that a coordinated long-term effort 
involving government, industry, and academia is essential to develop 
and implement inherently safer designs. A similar approach has shown 
success in related areas such as green chemistry, energy conservation, 
and sustainable development.
White Paper

   Challenges in Implementing Inherent Safety Principles in New and 
                      Existing Chemical Processes

What is Inherent Safety?
    Inherent safety is based on the use of technologies and chemicals 
with intrinsic properties that reduce or eliminate hazards. Inherent 
safety is based on concepts known for more than 100 years (Kletz, 1998) 
and is an approach to chemical incident and pollution prevention that 
is in some ways contrary to traditional accident prevention and 
mitigation methods. Traditional safety practices typically reduce risk 
by lowering the probability of an incident and/or mitigating the 
consequences of an incident. This approach alone, although extremely 
important and generally effective, does not reduce the hazards of 
serious chemical incidents because it attempts to control hazards 
rather than eliminate them. Inherent safety is especially important in 
today's world where terrorists may cause a chemical release by methods 
that bypass or defeat normal safety systems.
    The concepts of inherent safety as applied to chemical process 
plant design has been discussed elsewhere (Mannan et al., 2002) and are 
summarized below:
        Intensification or minimization consists of reduction of 
        quantities of hazardous chemicals in the plant. ``What you 
        don't have can't leak''.
        Substitution is the use of a safer material in place of a more 
        hazardous one. It may be possible to replace flammable 
        substances with non-flammable ones or toxic substances with 
        non-toxic ones. However, it is necessary to evaluate not only 
        the substance but also the volumes required.
        Attenuation or moderation is the use of a hazardous chemical 
        under less severe conditions such as lower pressure or 
        temperature. Thus chlorine and ammonia are stored as 
        refrigerated liquids at atmospheric pressure rather than at 
        high pressure at ambient temperature. The lower pressure 
        results in lower leak rates and the lower temperature lowers 
        the vaporization rate.
        Limitation of effects, by changing designs or process 
        conditions rather than by adding on protective equipment that 
        may fail. For example, it is better to prevent overheating by 
        using by using a fluid at a lower temperature rather than use a 
        hotter fluid and relying on a control system.
        Simplicity: Simpler plants are safer than complex plants as 
        they provide fewer opportunities for error and contain less 
        equipment that can fail. Other principles such as, making 
        assembly errors impossible, and avoiding knock-on effects are 
        also inherently safer design concepts.
    One of the most common accidents at home is falling on the stairs. 
A home without stairs, i.e. a onestory bungalow, is inherently safer 
with regard to falling on stairs than a two-story house. Even if the 
stairs are equipped with handrails, non-slip surfaces, good lighting, 
and gates for children, the hazard is still present (Kletz, 1998). 
Obviously the choice of an inherently safer house implies positive and 
negative consequences, which may include aesthetics, cost, and other 
types of hazards. An elevator could reduce the use of stairs but 
requires a large capital expense. During construction there would be 
significant hazards to the residents and construction workers and the 
stairs would still be necessary for emergency egress. Few families 
would conclude that installing an elevator is the best use of their 
resources.

Measuring Inherent Safety
    While inherent safety is based on well-known principles, 
difficulties have been encountered in adopting the principles as a 
routine practice by industry. One of the first problems encountered 
during application of inherent safety principles is the subjectivity 
involved. The principles are descriptive rather that prescriptive, 
hence they are subject to interpretation based on previous experience, 
knowledge, and personal perception. A consequence of the subjectivity 
is that a systematic methodology to measure inherent safety does not 
exist, and it is not currently possible to know how inherently safe a 
plant or an equipment item is because it is not possible to evaluate 
how well the principles have been applied. If we cannot measure how 
inherently safer the one story condo is with respect the two-floor 
house, how can we choose the inherently safer option?
    Several measurement and analysis tools have been proposed during 
the last few years, but in general they focus on specific aspects of 
the problem during a specific time in the plant lifecycle and are 
difficult to apply. Besides the lack of measurement methodology, 
inherent safety cannot be applied in the same way for existing 
productive plants as for new facilities during the design stage. 
Existing equipment and processes impose restrictions on changes towards 
inherently safer technologies that might be implemented in an operating 
facility. For instance it is not possible to turn a two-story house 
into a bungalow without an extremely expensive modification. However, 
other smaller changes can be implemented to obtain an inherently safer 
house even if not so safe as the bungalow. Some types of staircases are 
safer than others, e.g., short high steps are inherently more hazardous 
than long low steps. Very low single steps are easy to be undetected 
and cause accidents. Thus the possible solutions could be to avoid 
single small steps and to use staircases with low and long steps or (as 
suggested by Kletz) with frequent landings to reduce the distance and 
height of a possible fall.

Evaluating and Comparing Design Options
    The cost of applying inherent safety to existing facilities may 
require significant financial resources but may also unintentionally 
cause an increase in risk if it is implemented without a holistic view 
of the plant. A chemical plant is a complex collection of intricate and 
interconnected equipment, pipes, vessels, and instruments containing a 
variety of chemicals. When a modification is made in one part of the 
plant, other areas will be affected, requiring other changes in other 
parts of the plant. If the safety impact of this cascade of changes 
into other areas is not understood during the evaluation of the 
original change toward an inherently safer plant, the final result 
could be a less safe plant! A common example is the possible 
substitution of a hazardous chemical substance, used in small amounts, 
by another one that is more benign but is required in much larger 
amounts. In this case it is difficult to evaluate which chemical is 
actually the inherently safer option, because aspects such as 
transportation, storage, and modification of the plant to work with the 
new chemical must be included in the evaluation. There must be a 
systematic assessment and minimization of all hazards together rather 
than one at a time to avoid the appearance of unidentified hazards. 
Application of inherent safety principles to operating plants is 
possible (Hendershot, 1997) but implementation is subject to 
constraints dictated by technical and economic factors.
    The implementation of inherent safety for new plants is simpler and 
cheaper because the design exists only on paper since nothing has been 
built yet. However, since many inherently safer options may be 
available and because a systematic analytical methodology is not 
available, application of the inherent safety principles is still 
restricted. Also, inherent safety is not absolute, it is site and plant 
specific. For instance a two-story house may be safer than a bungalow 
when located in an area threatened by frequent flooding. Therefore, a 
solution that can be inherently safer for one plant may not be the best 
option for the same plant in another location with a different 
environment.
    The application of inherent safety requires subjective judgment and 
tradeoffs among several factors. Furthermore, the selection and use of 
inherently safer technology does not guarantee by itself that a plant 
will result in safer operation among its complex and interrelated 
systems. For instance, a sick person with lung, heart, and digestive 
problems can take the best medicine for each sickness, however the 
interaction of those drugs may have catastrophic results rather than a 
positive therapeutic effect.
    The objective of inherent safety is to remove or reduce hazards. 
The inherently safest case is the one with zero hazards, but this is a 
limiting and unachievable case. Everyday life is plagued with hazards 
that are intrinsic to our society. Removing all the hazards is not 
possible. The situation of a chemical plant is very similar, and 
therefore we can only aspire to design inherently safer plants. It will 
be necessary to apply other methods to control the remaining hazards. 
Therefore, it is still possible for incidents to occur but their 
consequences are reduced.
    It may also be true that it is really not possible to judge which 
of two options is inherently safer. For instance solvent A is toxic but 
not flammable, solvent B is flammable but not toxic. There may be no 
``right'' answer. Also, the answer may depend on one's point of view. A 
plant can use chlorine from 1-ton cylinders or from a 90-ton rail car. 
To the operator who has to connect and disconnect cylinders several 
times a day the rail car is inherently safer. To a neighbor several 
miles away the cylinders are safer, they do not contain enough material 
to affect him.
    When new knowledge about chemical hazards or new technology is 
available, our understanding of the inherent safety of a specific plant 
can change. An example of this change is the adoption of CFC 
refrigerant gases (Hendershot, 1995) that are not flammable or toxic 
compared with ammonia, which was previously used. It has been theorized 
(and widely accepted) that they destroy the earth's ozone layer and our 
judgment of the inherent safety of CFC refrigerants relative to other 
materials are radically changed. Inherent safety is therefore a 
dynamic, subjective, and holistic concept that requires specific 
measurement and analytical tools to evaluate. However, these tools are 
under development and at present are not available for general use. 
Without these analytical tools it is very difficult if not impossible 
to impose restrictions, limits, and regulations to improve inherent 
safety.
    Inherent Safety can also be misused when decisions are subjective 
and based on limited aspects without possibility of a methodical 
analysis. For instance, a plant requiring a specific raw material 
transported by rail can decide to improve the degree of inherent safety 
by reducing the inventory of that hazardous chemical. Changing the mode 
of transportation to truck results in a smaller shipment (and a smaller 
inventory) but it also triples the shipment frequency. Thus the total 
plant inventory is kept low but the remainder of the inventory is on 
wheels traveling from the supplier's plant to the user's plant. This 
example also shows an inherent safety complication that extends outside 
the plant boundaries and represents an incorrect application of 
inherent safety that cannot be detected without a measuring tool and 
without analyzing the plant as a global system. In this case it is 
inherently safer to maintain the large inventory inside the plant and, 
as suggested by Kletz (1998), keep it under control by using good 
design and operating practices that follow other concepts of inherent 
safety (e.g., keep the design simple to avoid errors).

Progress to Date
    We believe that many chemical plants have adopted the easiest and 
most obvious improvements, such as reviewing chemical inventories and 
reducing them when it is practical. This improvement is a natural 
outcome of the Process Hazard Analysis that has been required of most 
major facilities for the last 10 years.
    Less hazardous solvents have been developed and are in use in some 
processes (Crowl, 1996). Plants using hydrofluoric acid can now use an 
additive that reduces the dispersion of this chemical during a release. 
These developments however, required substantial time and cost to 
develop, test, and implement. Many significant advances are possible 
but they too will require research, development, and implementation 
over a long time period. As shown above, the development of methods to 
measure the inherent safety of various process options is an essential 
first step to the widespread implementation of inherently safer 
designs. The Mary Kay O'Connor Process Safety Center is currently 
developing a method to measure inherent safety using fuzzy logic 
mathematics.

Moving Forward
    Regulation to improve inherent safety faces several difficulties. 
One, there is not presently a way to measure inherent safety. Two, the 
complexity of process plants essentially prevents any prescriptive 
rules that would be widely applicable. At most it would seem that 
legislation could explicitly require facilities to evaluate inherently 
safer design options as part of their process hazard analysis, but 
inherent safety would be almost impossible to enforce beyond evaluation 
because of unavoidable technical and economic issues.
    Government programs now support the research and development of 
concepts such as ``green chemistry'', ``solvent substitution'', ``waste 
reduction'' and ``sustainable growth'', which are related to inherent 
safety. A similar approach involving industry, government, and academia 
can enhance the discovery, development, and implementation of 
inherently safer chemical processes.

References:
         Crowl, D, ed., Inherently Safer Chemical Processes, 
        pp. 39--40, CCPS, New York (1996)
         Hendershot, D.C. ``Conflicts and decisions in the 
        search for inherently safer process options'', Process Safety 
        Progress, 1996, Vol. 14, 1, 52.
         Hendershot, D.C. ``Inherently safer chemical process 
        design'', Journal of Loss Prevention, 1997,Vol. 14, 3, 151--
        157.
         Kletz, T.A., ``Inherently Safer Design: The growth of 
        an idea'', Process Safety Progress, 1996, Vol.15, 1, 5.
         Kletz, T., Process Plants: A Handbook for Inherently 
        Safer Design, p. 193,Taylor & Francis, Philadelphia (1998)
         Mannan, M.S., D. Hendershot and T.A. Kletz, 
        ``Fundamentals of Process Safety and Risk Management,'' 
        Encyclopedia of Chemical Processing and Design, ed. R.G. 
        Anthony, vol. 69, Supplement 1, pp. 49--94, Marcel Dekker, 
        Inc., New York, 2002.

    Ms. Jackson Lee. I would like to thank all of the witnesses 
for their testimony. And I remind each Member that he or she 
will have 5 minutes to question the panel.
    Let me also make note of the fact I think the point that 
was expressed by one of the witnesses regarding the potential 
overhaul of the CFATS process and requiring industry to start 
all over again, but I think it is important to note we are 
having this hearing for the very reason to hear the broad 
perspective, but as well that the draft bill is envisioned to 
go into effect when CFATS sunsets. And frankly, we envision it 
to extend CFATS with minor changes, and not really a complete 
overhaul.
    I think there are reasons to improve CFATS, and this 
legislative initiative will make that effort and will work 
toward that goal. That is why we are having this hearing, to 
ensure that we have the right approach.
    I will now recognize myself for questions, and I would 
appreciate, since my questions are long, your brief answers, 
and brief and thorough if that is a good combination. I do want 
to, Colonel Stephan, start really with the comment that was 
made again by one of our witnesses, I believe Mr. Miller, 
giving you more resources, and I assume more personnel, which 
certainly is troubling and of great concern. And so my first 
question to you, and then I am going to follow it up--I am 
going to give the first question and the second question 
together, and then you can answer.
    Appendix A, the list of covered chemicals and their 
amounts, was finally released on November 2nd and published in 
the Federal Register on November 20th. The regulations require 
facilities that contain chemicals on the list above a given 
threshold amount to complete a Top-Screen. Tell us how the Top-
Screen works; how many Top-Screen submissions have you had to 
date, and how many do you expect; and how long does it take 
your office to process a Top-Screen submission and inform the 
submitter whether or not they fall under CFATS?
    Start with the first question. Do you have enough 
resources, and do you have enough personnel? And convince us of 
that as we move toward the expanded responsibility that CFATS 
is giving your division.
    Colonel Stephan. Yes, ma'am. Thank you. At least we will 
get one of the easy ones off the table as we start.
    The resource piece has to involve, of course, a multiyear 
commitment on the part of this administration and the next 
administration, as well as this Congress and the Congress that 
will follow.
    The problem that I have as the implementer of the CFATS 
regulation is that with the authority that was provided last 
year in the 2007 Appropriations Act, not a whole bunch of new 
additional resources was provided in concert with that new 
authority. Thankfully, through the appropriators, we received a 
$12 million supplemental appropriation that I received access 
to at the end of August of this year. So a total of around $22 
million has been dedicated to this effort for fiscal year 2007.
    Of course, the Department budget submission requests 
additional moneys for 2008, and we have just gone through the 
Department-level budget discussions for 2009. And the 
Department at the Secretary's level is very convinced that this 
program needs additional resources in terms of both personnel 
and people. I think----
    Ms. Jackson Lee. So, Colonel, what you are saying is you do 
not have enough resources. You would need more people and more 
money.
    Colonel Stephan. I don't. I need resources to continue in 
the flow, to mean fiscal year 2008 and 2009 and beyond. 
Assuming we are going to continue this authority in some venue 
or some means beyond the sunset in October 2009, I need 
continued resources.
    Ms. Jackson Lee. You need resources now?
    Colonel Stephan. Yes, ma'am, and I would love to get the 
continuing resolution situation resolved so that I can get 
complete access to my 2008 budget submission or whatever 
Congress is going to give me in terms of resources.
    Ms. Jackson Lee. And we look forward to the administration 
cooperating with the Congress so we could move the CR. But in 
essence you are saying that you don't have enough resources.
    Let me jump you now to the explanation on the Top-Screen 
question. Thank you.
    Colonel Stephan. Yes, ma'am. In terms of the issuing of the 
Appendix A on November 20th, together with the completion of 
the 100 or so Top-Screens that we received through the 
accelerated piece of this first part of the program, phased 
implementation, we have 16,852 facilities that have registered 
to complete the on-line process. And in hand now as of this 
morning, I have 1,818 complete Top-Screen analyses. This 
process will close out on the 22nd of January of 2008, and it 
will take us somewhere within 30 to 45 to 60 days to complete 
the analysis of the Top-Screen data as it has rolled in through 
that 60-day window.
    Then we will begin a Site Vulnerability Assessment process, 
with the majority of the herd that kicked into motion with the 
November 20th Appendix A release. We are beginning with the 100 
facilities that have begun implementation in an accelerated 
manner the SVA, or the Security Vulnerability Assessment 
process now, and that we expect to take about another 2 to 3 
months before we have the first tranche of 100 ready for----
    Ms. Jackson Lee. Let me thank you. It looks as if I have 
some follow-up, but let me quickly go to Mr. Miller to tell me 
his experience in dealing with DHS, but in particular has his 
BASF facilities completed Top-Screen? Have you received a 
response from DHS telling you your facilities--whether or not 
they are covered? Was the Top-Screen process straightforward 
and understandable, and did you need assistance from DHS? You 
might want to expand. I think you raised a question about 
resources and personnel. Mr. Miller.
    Mr. Miller. Thank you, Chairwoman Jackson Lee.
    The point of the comment about resources, clearly our 
experience with DHS, and we have been working with them back 
when it was a voluntary program and also leading up to the 
regulatory program, has been that we see very clearly that 
considering the size of the chemical industry in the United 
States, they do not have enough manpower, they do not have 
enough resources to do the job that needs to be done here.
    Ms. Jackson Lee. This is your perception now or when you 
were interacting with them?
    Mr. Miller. It has been continual. It is a situation much 
like private industry. We are always asked to do a lot with 
little resources, and we have seen that within DHS. They have 
done an admirable job of getting where they are now with the 
resources they have, but clearly they need more.
    In response to the question regarding the Top-Screen 
process, we very deliberately waited until the final Appendix A 
came out. We initially thought we might go ahead and submit 
some Top-Screens with the first Appendix A, but we decided to 
wait. So we have now submitted Top-Screens, and I don't have a 
final count or a current count on the number of sites that I 
have had submit so far, but we are doing that on a daily basis. 
The Top-Screens are being submitted.
    To my knowledge, we have not gotten any direct feedback yet 
on what tier we might wind up in, or whether we are regulated 
or not. I haven't seen that on a daily basis. But we are 
submitting those.
    As far as the responses and so forth with DHS, when we do 
have questions, and we have had some questions come up, it has 
been very helpful to be able to call the help desk. And they 
have been very responsive in either saying, you know what, I 
don't have an answer to that, we will escalate it and get back 
to you on the question. And so that has happened a number of 
times for my project manager that I have got dealing with the 
Top-Screen submission. And we are getting the responses back 
from them, but sometimes it is taking some time to get it, and 
I think that is a resource issue with them.
    Ms. Jackson Lee. Thank you very much, Mr. Miller.
    Quickly, Mr. Setley, I think it is important to involve 
workers, and my question is have your workers been involved in 
meaningful vulnerability assessments, and have they been 
involved and included in developing security plans since they 
are directly involved? In essence, they are the front-liners in 
this whole effort.
    Mr. Setley. Thank you, Chairwoman.
    It has been my experience, and we cover--the area I 
currently direct covers the entire Northeast, Mr. Sondermeyer's 
wonderful New Jersey, where I must say we have had marvelous 
experience with a lot of cooperative employers and involvement 
of the workers on all levels in the security plans as well as 
on the floor worker health and safety issues. So certainly New 
Jersey is a shining dime we point to, quite honestly.
    But on the whole, we have not had the--I will call it the 
employer buy-in for worker involvement, because the employers 
are very reticent to acquiesce what they perceive as their 
power, if you will. Certainly the authority and the onus for 
providing the workplace is clearly regulatorily understood; 
however, any time an employer is asked by their workers or 
their workers' agent, the union, to share that responsibility, 
they are reticent.
    Ms. Jackson Lee. So any legislation should work hard to 
improve that relationship and clearly involve well-trained 
chemical security employees in the process.
    Mr. Setley. Yes, ma'am. Yes.
    Ms. Jackson Lee. You think that would make for a safer 
approach?
    Mr. Setley. Yes. It is my experience, and I can't say it as 
well as you did, but having the employer and the employees work 
as a team, that synergy is the most effective for security and 
worker health and safety.
    Ms. Jackson Lee. All right. My time has expired. And I am 
delighted to yield 5 minutes to the distinguished Chairman of 
the full committee Mr. Thompson.
    Mr. Thompson. Thank you very much.
    Following up on this line of questioning, Mr. Stephan, 
correct me if I am wrong. You say you have about 16,000 
applications for Top-Screens.
    Colonel Stephan. Sir, we have about 16,000 folks that have 
registered through the on-line process to begin the process, 
and we have gotten approximately 1,800 completed assessment 
products in hand now from those facilities.
    Mr. Thompson. Okay. Given your deadline for--you have a 
deadline, I think, of about a year out?
    Colonel Stephan. Sir, we have a deadline for submission of 
the Top-Screen data to us that is January 22nd, 2008. So in 
less than 60 days from now.
    Mr. Thompson. But you don't have a deadline on completing 
the applications, approving the applications?
    Colonel Stephan. We expect it is around the October/
November time frame next year, 2008. We will be able--outside 
the hundred or so facilities that we have parsed out in a very 
special focused accelerated effort to begin the process of 
inspecting the Tier I facilities and Tier II facilities 
associated with this program. About a year from now we will 
have the consequence assessments done, the site vulnerability 
assessments done, the security plans done and approved by DHS, 
and we will begin the first round of significant inspection 
activity.
    Mr. Thompson. What can we assure companies like BASF 
Corporation that the experience they received for this process 
won't be the standard operating procedure going forward?
    Colonel Stephan. So that it won't be?
    Mr. Thompson. Mr. Miller talked about how cumbersome, how 
inflexible and the communication and some other things 
associated with the application.
    Colonel Stephan. Sir, I heard him say exactly the opposite. 
I heard him say it was a very flexible process where we have 
been responsive to his concerns as well as the concerns of the 
industry. We established a 1-800 number help line. We get 
immediate feedback to industry. I think we have attempted to 
make this as user friendly as possible. I will let my colleague 
explain further.
    Mr. Thompson. Mr. Miller, can you help me out? You 
described the process based on the chairwoman's questions.
    Mr. Miller. Yeah, let me try to clarify that. We went 
through the registration process with all of the sites that we 
felt would fall under the new Appendix A and we began our top-
screen process. And I think where I may have been less than 
clear is that when we did run into issues, when we ran into 
some questions, we used the help desk at the 800 line to call 
in and the response generally was very quick. Either they had 
an answer or they were going to escalate it. Sometimes it took 
a little longer than we would like to get that response back. 
But I think it merely is a situation where they might not have 
the right person to answer the question at that given time 
considering the size of the effort here. And it takes some time 
to find out or to research the answer to the question and get 
back to us.
    So I didn't intend for it to sound like a total indictment 
of the lack of response. Certainly they have been responsive 
and we have worked with them over the last few years in working 
through this. But I continue to see that they have the need for 
more resources to make sure that things are flowing smoothly, 
especially as things move along, because things will get a lot 
more complicated. Right now we are just doing somewhat of an 
inventory.
    Mr. Thompson. And I guess I was kind of moving into that 
direction for the benefit of the committee, is to see again, 
Mr. Stephan, whether or not you feel you have the complement of 
staff necessary to manage this.
    Colonel Stephan. The first year of this effort, 2007, has 
been a rate development year and planning year. We had 
sufficient resources to do that. Now with the Department's 2008 
submission and what you will see from us in 2009 is the 
requirement to boost the resources up to various levels of 
intensity to account for now between the next phase of the 
process, which is in analyzing the top-screens, the 
consequences piece, doing the very technically complex 
vulnerability assessments by site and the very collaborative 
planning not just with the security planning and plan 
development, not just with the sites and the facilities, but 
also with State and local government partners. We have put in 
our budget request to the appropriators, a logical, reasoned 
increase so that I can get field staff in place, headquarters 
management staff in place, additional resources to provide 
additional analysis, so forth and so on. If those requests are 
honored, I feel that I will have the resources I need to push 
the program forward. Again, a multiyear commitment is required 
from Congress and the administration, both this one and the 
next to move this thing forward.
    Mr. Thompson. And I think the members of this committee 
have already seen--it appears that the administration is going 
to submit a budget just the opposite of that for Homeland 
Security and so I think we will have a challenge, Madam 
Chairman, going forward, needing what has been established from 
the staff and then resource standpoint if, in fact, the 
President's initiative to reduce the Homeland Security budget 
is approved.
    And if I might--if you would indulge me for another minute. 
Mr. Setley, the workers who you have who work in these plants 
and those regulations that impact them, does your contract call 
for those workers to be involved in doing security 
vulnerability assessment or development for facility security 
plans at all?
    Mr. Setley. Not specifically. I have no contract language 
that would specifically speak to the issue of plant security. 
However, we have as pretty much a pro forma issue of health and 
safety language which would be a joint committee of management 
and labor generally shared by management.
    Mr. Thompson. And that is the point. We generally have a 
health and safety committee, but I think we have to go an 
additional step and start talking about security. And the 
reason I say this is we had similar experiences with rail, if 
committee members remember. Generally, it is about a 15, 20-
minute video and a pamphlet. And that is to your security 
training. And so we had to step in as Members of Congress and 
mandate additional training for workers from a security 
standpoint, not safety. And so many people tried to tie 
security and safety as one. And I think what we are looking at 
is making sure that the workers are involved in it, but also 
that--but it is from a security perspective and not a health 
and safety--health and safety is important, but this is the 
other layer that goes with that.
    Mr. Setley. Certainly labor would be happy to see any kind 
of regulatory control and enforcement of that type of language.
    Mr. Thompson. Thank you. I yield back, Madam Chair.
    Ms. Jackson Lee. Mr. Chairman, Mr. Mannan would like to 
respond to one your questions.
    Mr. Mannan. Thank you, Madam Chairwoman.
    Ms. Jackson Lee. And perhaps as the chairman asked a number 
of questions, refer us to the question you are responding to.
    Mr. Mannan. Yes. First, I want to respond to the question 
of the resources. While Colonel Stephan and Mr. Miller have 
shed some light on the resources currently available to DHS to 
deal with current regulations, my concern is that if the IST 
options and the proposed act are implemented, given what I 
know, it is my humble opinion that there are no--not adequate 
technical resources as the numbers to deal with the IST issues 
that might come up both from the point of view of analyzing 
those IST issues as well as enforcing them.
    The second issue I wanted to refer to was with regard to 
one of the questions that has been raised, is the issue of 
employees. While I think consultations of employees and 
involving employees is very important and should be done, but 
it should be done carefully. There is a two-edged sword there, 
and one of the issues we deal with in anti-terrorism issues is 
the insider threat. In my own testimony I provided some 
statements as to the threat from not only al-Qa'ida but 
mutations of the organization of al-Qa'ida and their 
associations with organizations that may have ideological or 
different view, but maybe anti-establishment and may develop a 
collaboration with al-Qa'ida type organizations. So insider 
threat is an issue that is something that we need to be aware 
of.
    Mr. Thompson. You are correct and one of the panelists 
talked about information protection as a real issue. And I 
agree with you to some degree. We absolutely have to keep many 
of the things that we know that are involved in these 
facilities as secret as we can and not allow them to get into 
the public domain, if you please, because that then enhances 
the vulnerability of that particular facility if that breach 
occurs. I agree with you.
    Thank you.
    Ms. Jackson Lee. Thank you very much, Mr. Mannan. I think 
that was an important insight. I am delighted to yield 5 
minutes to the distinguished gentleman from New Jersey, Mr. 
Pascrell.
    Mr. Pascrell. Thank you, Madam Chair, Mr. Chairman. Colonel 
Stephan, would you say that New Jersey is the model that you 
would suggest the Federal Government move towards in responding 
to the risk factors contained in the chemical industry at 
large?
    Colonel Stephan. Sir, I have a great relationship with the 
Office of infrastructure Protection under the Homeland Security 
Adviser's supervision in New Jersey, And I would say overall in 
terms of infrastructure protection they have a model program 
for the Nation bar none. However, there are differences, very 
crucial differences between this Federal CFATS regime and the 
State regime. I, in fact, think that the Federal regime--I 
don't want to use the word ``tougher,'' but I think it is more 
comprehensive and more demanding than the New Jersey State 
regime. We have a very unprecedented level of risk analysis 
here, vulnerability assessments, collaborative planning, 
inspections for compliance and some fairly stiff, heavy 
financial penalties and the possibility of a cease operations 
order that do not exist in the New Jersey statute.
    Mr. Pascrell. But none of those actions have been taken 
against any company?
    Colonel Stephan. We are in the beginning phases of 
implementing this program.
    Mr. Pascrell. This is 6 years later. This is 6 years later. 
Mr. Sondermeyer, how many people do you have working in what--
if I read correctly in your testimony, you have direct access 
to Richard Canas. Richard Canas is the Director of Homeland 
Security; is that correct?
    Mr. Sondermeyer. Yes, he is, sir.
    Mr. Pascrell. You have direct access if I am looking at 
this correctly. And you undertake your preparedness to the 
Domestic Security Preparedness Task Force.
    Mr. Sondermeyer. Yes.
    Mr. Pascrell. And how many personnel do you have that work 
specifically on the chemical industry in the State of the New 
Jersey? Which surprisingly has been very cooperative with the 
Department. Isn't that interesting? Even though you have 
stricter standards than the rest of the country, most of the 
country, you have tremendous, God bless you, cooperation; is 
that correct?
    Mr. Sondermeyer. Yes, it is correct. We have had tremendous 
cooperation.
    Mr. Pascrell. How many people do you have working for you?
    Mr. Sondermeyer. Dedicated to chemical facilities security? 
None.
    Mr. Pascrell. You don't have anybody?
    Mr. Sondermeyer. Not dedicated. This is function----
    Mr. Pascrell. It is shared. Is this a shared--I mean, who 
checks out all of the chemical factories, the two-mile stretch 
of the turnpike, for instance, which has been called by the 
FBI, et cetera, et cetera, who does that work?
    Mr. Sondermeyer. It is a collaborative effort. The Homeland 
Security program itself under Director Canas is about--I think 
the staff is about 200, 250 people, but that deals with the 
intelligence and critical infrastructure and planning. The 
State agencies like the DEP were assigned responsibilities to 
organize and implement a program for sectors that we normally 
work with, chemical, petroleum, water, wastewater, dams, 
pharmaceutical, biotechnology and nuclear. So that is sort of 
our purview. I am sorry I am not being really clear. We don't 
have any dedicated staff that are funded----
    Mr. Pascrell. They are shared staff?
    Mr. Sondermeyer. All shared staff. But we do the 
inspections. So we have inspected all the chemical facilities 
for compliance with the standards and the best practices 
between three, six, seven times.
    Mr. Pascrell. I don't quite understand how 30 personnel can 
cover the entire country of thousands of chemical facilities. 
And in the center part of your question, Mr. Chairman, to the 
witnesses, we are not serious about this. We don't have a sense 
of urgency here. I mean, it doesn't make sense. We have got 
2,000 that are compliant and have basically submitted what they 
were supposed to submit in terms of this tiered sense of risk 
that we have developed here. And we are concerned that one 
State in the Union, which has attempted to be the pioneer in 
this area where there are a lot of chemical facilities, which 
is spending time to develop this inherently safer technology, 
we are concerned that that State has taken action that is 
working and yet why if those standards are working, why should 
they be applied to the other chemical facilities throughout the 
rest of the country? I don't understand.
    I have got a question to you, Mr. Sondermeyer. I want to 
ask you if you have read the draft of the Chemical Facility 
Anti-Terrorism Act.
    Mr. Sondermeyer. Yes, sir.
    Mr. Pascrell. Do you feel that the draft provides enough 
certainty to preserve the States rights? You referred to this 
before in the vague statement that--I am trying to get in your 
testimony where you referred to that vague part of the legis--
what was that last sentence?
    Mr. Sondermeyer. It is section, sir, 21.07.
    Mr. Pascrell. 21.07. You referred to--you specifically 
picked out that phrase. Would you repeat the phrase?
    Mr. Sondermeyer. Certainly. It is unless the State 
regulation requirement or standard of performance would 
conflict with the purposes of this title.
    Mr. Pascrell. Now, that could mean anything, couldn't it?
    Mr. Sondermeyer. That is our concern, sir, that--the first 
part of the paragraph is very good and it seems to be clear on 
the preemption issue and it seems to undo it with that language 
which really isn't very clear.
    Mr. Pascrell. Madam Chairwoman, Mr. Chairman, I think that 
that phrase is critical to what I know you all are trying to 
do. And this is nothing new. You said this last year and the 
year before. And I think that that phrase needs to be 
clarified. In fact it should be removed. It should be removed 
altogether maybe, because on that hook you are going to see 
more conflict in what we are trying to do on this committee, 
both sides of the aisle, than anything else that I can find in 
the draft or in the bill. Forget this is simply a repetition of 
what is already there. This is nothing new. And I think that is 
a way out. Do you see it as a way out, Colonel Stephan?
    Colonel Stephan. Sir, I see no inherent conflict at this 
point in time between any regulation and authority that the 
State of New Jersey has on the----
    Mr. Pascrell. But the phrase that Mr. Sondermeyer referred 
to seems to be--it is like the door is opened so wide that you 
can drive, you know, a couple of Mack trucks through it. Do you 
agree with that?
    Colonel Stephan. Sir, I don't agree with that because we--
--
    Mr. Pascrell. So you like that phrase?
    Colonel Stephan. We have very carefully considered that 
phrase inside this language, inside our rule. It is very 
carefully explained in terms of our view regarding State 
preemption. It is not field preemption. It is specific conflict 
preemption. And we see that the State regulatory authorities 
and programs can and should be and are in fact at this point 
very complementary to the thing we are trying to do at the 
Federal level.
    Mr. Pascrell. Madam Chair, can I just continue with one 
question?
    Ms. Jackson Lee. One more question.
    Mr. Pascrell. Thank you. Colonel, then, you would keep that 
phrase exactly as it is, correct?
    Mr. Stephan. Sir, I would have to see that phrase in front 
of me. I don't want to make an open-ended statement with a 
document that I do not have in front of me.
    Mr. Pascrell. I think this whole hearing is much more than 
one phrase. But to me getting these facilities throughout the 
United States to comply, to work together, the workers, the 
companies is very important. They have been cooperative from 
what I have seen in the State of New Jersey. Gee, who would 
have thought? But it is possible. But if you open this door, if 
you open this door, you are simply going to get a lot of 
confusion, a lot of conflict and not resolution.
    Madam Chair, I ask that you pay particular attention to 
this. Thank you.
    Ms. Jackson Lee. I thank the gentleman for exploring that. 
His time has expired. It is now my pleasure to yield to the 
distinguished gentlelady from New York, Ms. Clarke, for 5 
minutes.
    Ms. Clarke. Thank you very much, Madam Chair. And this is a 
hearing of paramount importance, particularly to our region. 
And, Assistant Secretary Stephan, I just wanted to follow up on 
a question that Chairman Thompson raised with you just to get 
some more clarity. Have you been able to do any approximation 
or contingency plans on how to compensate for any financial 
shortfalls you may have notwithstanding, you know, what you are 
required to do in building out your Department's 
infrastructure, one, and two, given the limited resources, have 
you done any projections on the cost for human resource 
requirements going forward?
    Colonel Stephan. Yes, Madam. Again, we have fiscal year 
2008 budget up for consideration on the Hill, as you know. We 
are hoping to get that full accessibility of that funding as 
quickly as possible. We have just gone through the 2009 
budgeting process at the Department level, and I think you 
would be very happy in this particular area with the support 
the Secretary and the executive branch has put into this 
particular mission focus, chemical site security going into the 
2009 process. We have completed a manpower requirement study 
based upon an initial universe of potentially 5,000 facilities 
shredding out within a Tier I through IV construct and have 
that information available in briefing format to provide to you 
at your request, ma'am.
    Ms. Clarke. I think that is some of what we are trying to 
get to the bottom of here today. We don't want this issue to 
sort of linger out there and then God forbid, you know, we are 
not prepared for something that could occur in any region of 
our Nation because, you know, we are still in the planning 
process. I think it is very important that you share that with 
this committee as soon as possible so that we can be advocates, 
you know, in the upcoming fiscal years to make sure that what 
is required we hold the line on. And we hope that you will be 
really open and honest about that. Our mandate is really a 
nonpartisan mandate. It is one that the American people expect 
of us, given our experiences, and I can tell you as a New 
Yorker I am really, really interested in making sure that we 
get this right.
    Mr. Sondermeyer, based on your regulatory experience in New 
Jersey, do you feel that DHS has an appropriate number of 
personnel to handle oversight of chemical security nationwide?
    Mr. Sondermeyer. Thank you for the question. Before I 
wasn't as clear perhaps as I could have been in terms of 
resources. We don't have dedicated resources in New Jersey. But 
just by example, just for the piece that our department has 
been involved with, the sectors that I mentioned, chemical and 
petroleum being part of that, we probably had about 200 people 
engaged in that effort. Again, not in a dedicated function, but 
as part of their job. So if the number used before of 40 or 
whatever that number is of people that are going to be out 
inspecting, that does seem to be from our own experiences a low 
number.
    Ms. Clarke. And you pretty much had to be creative and sort 
of build out a new purview for your current workforce to 
embrace in order to make sure those pieces are covered; is that 
correct?
    Mr. Sondermeyer. That is exactly right. We took existing 
individuals, in particular working in our Toxic Catastrophe 
Prevention Act program and give them a new responsibility which 
was an add-on function and a critical one to implement the best 
security practice oversight that we have done. So we built 
those responsibilities into their existing inspections. And it 
has worked, I think, as well as it could. It has worked well.
    Ms. Clarke. And do you feel this is the future of what 
those positions would hold or are you looking to us at the 
Federal level to really create a dedicated and committed 
workforce to deal specifically with this? I think this 
definitely has to be State collaboration. But at the same time, 
you know, as your workforce ages, will that be something that 
becomes a best practice for your employees, or do you feel like 
there is something that is missing and you are just basically 
holding the line with what you have?
    Mr. Sondermeyer. Yeah, it is a great question. I do think 
as we evolve in the program, even with our program, and as we 
work hopefully seamlessly with the Federal Government and DHS, 
we do need to expand our technical expertise on security. The 
folks that we have were not trained in security. They are 
trained to do environmental protection work. We can only do 
assessments to verify things were done. We are not doing, as an 
example, detailed lighting plans to make sure the street lights 
have enough lumens, that it is secure in that particular area. 
We need to have that kind of expertise over time, particularly 
for the most critical infrastructure sites, to make sure that 
we get it right. And we do not as a State government currently 
have that expertise. We are trying to build it within our 
central security organization, which is our Office of Homeland 
Security and Preparedness.
    But we are a distance from having that level of expertise. 
It is a great question.
    Ms. Clarke. Thank you very much. Madam Chair, I yield back.
    Ms. Jackson Lee. I thank the distinguished gentlelady. In 
Mr. Pascrell's absence, we will explore the language that he 
has pointed out, and I think he raises an important question, 
to be able to discern what the purpose of those words are so 
that we don't dumb down the responsibilities or the 
achievements that a State has made.
    Mr. Sondermeyer, I have a few more questions. Let me just 
pose this question for you. I think the point you are making is 
that--as great a work you are doing, there are gaps just 
because of the nature of the structure that the State of New 
Jersey has. You are out front on tapping in for the need for 
chemical security but in essence in terms of elements that you 
are able to oversee because of expertise, the Federal 
Government's role would be helpful, be complementary, 
particularly if they focused on some of the hard core security 
issues that you might not be able to directly address; is that 
correct?
    Mr. Sondermeyer. Very well put, Chairwoman, yes.
    Ms. Jackson Lee. So the approach we should look at is this 
very important, firm complementary relationship and certainly 
the Federal Government should have sufficient staff to build up 
on that security aspect of it. Is that your----
    Mr. Sondermeyer. Yes. And again the last policy point I 
made about the delegated authority concept of letting us be the 
agent for the Federal Government. We are running the program 
now and as we mesh these things together, it would be great if 
we could have that kind of collaborative relationship. We do it 
in environmental law every day. It works well under a very 
structured work plan which is called a performance partnership 
agreement we have with the United States Environmental 
Protection Agency. I think that is a model for how that 
collaboration you are bringing up could work well.
    Ms. Jackson Lee. So we should look to language in this 
legislation that might create State and Federal partnership in 
States that may be sufficiently far ahead which may help 
Colonel Stephan's resource and personnel issue that he has to 
address?
    Mr. Sondermeyer. Precisely.
    Ms. Jackson Lee. What do you think about outside auditors 
or those private entities that contractually would provide 
oversight, again adding additional staff to this process?
    Mr. Sondermeyer. That certainly can be a positive thing to 
do, sort of the independent third party assessor that would 
come in, and it is something that might have to augment in the 
absence of sufficient staff at the Federal level to perform 
those functions. That would be, I think, a way that you could 
go, yes.
    Ms. Jackson Lee. Most chemical plants are--find themselves 
at least in a sometimes massive way and limited way in 
populated areas.
    Mr. Sondermeyer. Absolutely.
    Ms. Jackson Lee. New Jersey certainly is in a dense urban 
area, near I-95 as well. So there is quite a bit of ingress and 
egress of traffic. And certainly in my State in Texas in a 
number of our--well, our complete refinery area there are 
surrounding neighborhoods. What is your thought about including 
language that would insist or require through DHS that there be 
neighborhood evacuation plans and training plans that 
incorporates the surrounding facilities? It may be businesses, 
they may be residential, they may be, if you will, traffic 
centers. What is your thought about that as an addendum to our 
efforts?
    Mr. Sondermeyer. Certainly appropriate as it would be 
framed out and there was a lot of discussions about worker 
involvement which we think is critically important and we have 
involved the program. I think, neighborhood knowledge and 
involvement is also important and I would say, Chairwoman, as a 
potential example to look at would be the structure that is in 
place through the Nuclear Regulatory Commission, evacuation and 
off site contact, and if the slightest thing happens at a 
nuclear plant there is an immediate requirement for a public 
disclosure and we do have four nuclear plants in New Jersey. So 
we do have a little bit of experience with that.
    That might be the model, Chairwoman, of what I think you 
are driving at. That could be something that could be 
replicated to give that kind of involvement and forewarning in 
evacuation planning.
    Ms. Jackson Lee. Very good. Colonel Stephan, you as part of 
the CFATS regulation; your office created a new class of 
protected information called chemical terrorism vulnerability 
information. As you know, we as a committee and frankly in 
light of recent incidents that have occurred with the whole 
umbrella of overprotected information, though we certainly 
don't want to expose sensitive information to the general 
public, I want to raise the concern that this proliferation of 
new classes of nonclassified for protected information may 
raise problems with trying to secure America. Explain why you 
feel it is necessary, feel this new class of information is 
necessary. What are the main differences between CPI and SSI, 
which is the designation of information used under MTSA? And 
have you received comment from State and local authorities as 
well as the private sector about whether CVI serves as an undue 
obstacle to the necessary sharing of information?
    Colonel Stephan. We created this new information protection 
regime, this category called CVI, for the simple reason as 
follows. We are requiring now for the very first time a very 
comprehensive and detailed set of information be provided us 
from the private sector. Consequence information, vulnerability 
information and very, very unique security plans. Many aspects 
of this information will have to appropriately be shared with 
State and local government partners, law enforcement and 
emergency managers. We strongly feel that there is not any 
existing security information, security protection regime that 
affords the appropriate level of protection given the 
incredible detail of this very sensitive vulnerability and 
security information coming into us. Our requirement to share a 
lot of it with the appropriate State and local officials just 
doesn't exist anywhere.
    Secondly, in terms of judicial proceedings, in terms of 
enforcing this regulation or cases that come to courts, SSI or 
sensitive security information and that regime, there is a lot 
of leeway that a judge has in terms of how to protect that 
information and what to do with it. In the statute that 
provides us the implementing authority for this regulation, 
CFATS were specifically required in those kinds of proceedings 
to have an information regime in place, information sharing 
regime in place that treats the information as if it were 
classified information. So because of the level of detail, the 
incredible number of detailed data bytes that will be coming in 
to us, our requirement to share them collaboratively with State 
and local partners, we have got to have more protection than 
any current regime offers.
    Also in terms of your point about have we received 
information, yes, we have received information, good things and 
bad things about the CVI program, from both the private sector 
and State and local governments. We have a working group with 
the private sector through our Chemical Sector Coordinating 
Council that is focused on helping us get the right balance 
between information protection and information sharing. And he 
is of use on the industry side. And on the State and local 
government side, the State of Michigan Homeland Security 
Adviser, Brigadier General Mike McDaniel, is spearheading a 
State and local task force which is co-chaired by the State of 
New Jersey, coincidently Sherry Black of the Infrastructure 
Protection Office there, to help us figure out how we are going 
to implement CVI protocols with respect to State and local 
government partners, law enforcement, Homeland Security 
advisers and emergency managers.
    Ms. Jackson Lee. Colonel, I know that your intent is good 
and your efforts are to be commended. But there is a long 
history of denying State and local governments the right kind 
of information or the information that they need to ensure the 
security of the homeland. Frankly, this committee is probably 
unified in its opposition to overclassifying. And we have just 
had, you know, an experience with a discovery of what probably 
should have been well-known information, obviously outside of 
the realm of this committee, but a destruction of the CIA of 
very important information and destruction of tapes that 
commented on that information or indicated information that 
this Congress might have needed for better decision making.
    Let it be clear that we are going to take a very close look 
at overclassification of information that will be important to 
securing the homeland, particularly in this area of chemical 
security. So I hope the intent of our efforts here in this 
committee will impact on you and I know that you are mentioning 
requirements that you have and we may look at those 
requirements because we think we are blocking cooperation as 
opposed to helping it.
    Mr. Miller, did you want to have a question or comment on 
that, the classifying of additional information?
    Mr. Miller. Thank you, Chairman Jackson Lee. I agree in a 
lot of--in respect to what Colonel Stephan has said regarding 
protection of information. The issues that we have with the 
guidance that has been provided and how to go about handling 
CVI classified information has to do with, for example, if my 
chairman comes in and says so what are we doing about security 
at a particular facility that is a regulated facility. Under 
the current regulation and under my reading of the guidance 
that has been provided, I cannot provide him that direct 
information without him having to go on-line and take an on-
line training course on how to handle and properly manage this 
type of information and then sign a nondisclosure agreement 
with the Department of Homeland Security that says he won't 
disclose this information to unauthorized parties. Believe me, 
that is a tremendous hurdle for someone that is as busy as our 
chairman of our companies are when I can sit down with him and 
discuss this with him and enlighten him on what we are doing at 
a particular facility, which I feel I am currently handicapped 
on doing right now.
    Ms. Jackson Lee. Because of this CVI?
    Mr. Miller. That is correct.
    Ms. Jackson Lee. I think the record should reflect that we 
do have a difference of opinion, Colonel. And I believe that 
the difference of opinion that the committee has is not to 
expose sensitive material but it is to question the process of 
declaring CVI material and how that impacts actually industry, 
States, local government in doing their job of securing the 
facilities in their area. So that is something we are going to 
have under advisement and express concern either through a 
legislative fix or otherwise.
    Dr. Mannan, let me just raise the question. I think the 
academic involvement--and you have raised some interesting 
concerns about how we approach the training of employees in 
making sure that we train them but provide protection to the 
flow of information that might be detrimental in the hands of 
others and we don't represent that employees are terrorists. We 
represent that we want to be as detailed in how we handle 
material and balance it by not overclassifying information as 
well. But I also believe the academic partners are important as 
relates to new technology, as it relates to new practices, best 
practices.
    So I raise the question of a thought of adding to the 
legislation what we call chemical security centers of 
excellence that might be placed on academic--on campuses that 
would focus on how we improve security, how do we analyze 
information. And they would not be analyzing information 
received by DHS as much as they would be giving a roadmap and 
plan for how you do it more effectively, how you train 
personnel, how do you work with local and State governments. 
What would be your thought about that kind of addition to the 
legislation?
    Mr. Mannan. I am totally in complete support of something 
like that. As I mentioned in my oral testimony, this problem 
requires the collaborative work of all stakeholders, and 
academia should be a complete part of it. I would daresay that 
academia has not done enough up to this point. But I think a 
little prodding by the government might help in that direction.
    I mentioned some of the things that we could do, for 
example, building resilient engineering systems, building self-
healing plants, learning from nature in terms of biopneumatics. 
Also in my written testimony there are other examples of things 
like--for example, before 9/11, we never designed chemical 
plants or the chemical infrastructure with terrorism in mind. 
That never entered the equation. I think research definitely 
needs to be conducted as to how we would design the whole 
infrastructure with terrorism in mind. And that should have two 
objectives. One, how would it impact new plants and, two, how 
would it impact existing plants? In fact, one of the other 
things we need to consider is that when we do permit new plants 
should we consider things like prevention of significant 
vulnerability, similar to air type of acts where we look at 
prevention of significant deterioration of air emissions. So I 
think I am on the same wave-length as you are in that respect.
    Ms. Jackson Lee. Thank you. And as I listen to you, I know 
that we have provisions for fencing in the legislation. Make 
note of it. And the thought of safer technology, virtual 
fencing, as we build new chemical plants and new refineries, we 
should move to the next level or in the revising of a chemical 
plant's security infrastructure through this legislation should 
virtual fencing be part of an option of how you secure these 
plants. And that, then, includes a whole new component of 
staffing, which is a staffing constituency on site that 
monitors in a more scientific manner the ingress and egress and 
things going on inside the plant and outside the plant.
    I frankly believe--Mr. Sondermeyer, you are shaking your 
head. Is that something that would be worthy of consideration?
    Mr. Sondermeyer. Yes. And certainly in New Jersey we have 
tried to integrate that type of forethinking analysis. As an 
example, we are developing a new Giants stadium up in our 
Meadowlands complex. And as part of that, we did require 
compliance with our best standards for Homeland Security. And I 
think it is an excellent point. We really should be--any new 
facilities we are building, they should be built with security 
in mind as the professor is recommending as well.
    Ms. Jackson Lee. Funny you should say that. We look forward 
to having an infrastructure protection hearing on large venues 
such as the stadium. And you or one of your representatives 
from the State of New Jersey may be back in front of us again. 
Thank you very much.
    I want to take this time to give an opportunity for the 
distinguished gentlelady from New York to ask a few questions.
    Ms. Clarke. Thank you, Madam Chair. Professor Mannan, I 
wanted to just sort of follow up on what the chairwoman has 
stated to you or has raised as a concern. You speak extensively 
about the importance of research and the creation of new 
technology in securing chemical infrastructure. Do you get a 
sense that DHS is doing enough to support such research? Are 
there additional Federal assets outside of DHS that you have 
identified that can facilitate and accelerate a support system 
and is there more that we should be doing?
    Mr. Mannan. That is a loaded question. I will try to answer 
it as best I can. The short answer is that we are not doing 
enough, both from the government perspective as well as from 
the universities. Universities are probably notoriously slow in 
moving and changing the research direction. But I think 
government can play a very dominant role in making that change. 
I can guarantee you if programs become available where they 
will support research like this, you wouldn't imagine how many 
professors will change their research goals and missions. That 
would happen overnight, whether or not DHS has done enough in 
funding some of these research.
    Again, the short answer is no. The reason I believe it is 
that DHS--I consider research like this at two or three levels. 
The first level is guards, guns and gates, background checks, 
putting up blockages, looking at lightings and things like 
that. Those are the short-term issues. The long-term issues are 
looking at these types of process changes and long-term 
research issues like terrorism risk and plants, robust control 
systems like even if some terrorists were to take over a plant, 
the control system would be hard to compromise, things like 
that.
    Those kinds of things have not been funded. The other 
government agencies that I have been disappointed with in terms 
of funding and driving this kind of research are the agencies 
like National Science Foundation, National Institutes of 
Health, as well as NIOSH. I think they could be doing a lot 
more in driving this research. And I do like the idea of the 
chairwoman, funding centers of excellence in terms of these 
areas.
    Ms. Clarke. Thank you very much. Mr. Setley, what type of 
collaboration do you feel must be established with the workers 
in the industry and how should it be integrated into CFATS 
regulatory process?
    Mr. Setley. Thank you, by the way, for the question. It 
would be our position in labor that the workers be intimately 
involved in the formulation of any and all security plans, 
first and foremost because it is where they work. They are 
going to be the ones first and most dramatically impacted by 
anything that happens. Rarely do people attack plants when they 
are empty. The workers are going to be there, the workers know 
where to hide the bomb. Those are the folks who need to be 
involved and anything in a regulatory matter that requires that 
is something that is going to be very beneficial not only to 
the worker, but ultimately to the companies and communities 
surrounding any of the plants.
    Ms. Clarke. Do you feel that the voices of the workers have 
been taken into account thus far?
    Mr. Setley. Not as much as I would like.
    Ms. Clarke. And what do you think that we can do to sort of 
amplify that?
    Mr. Setley. I think what we can do, we should all be doing, 
is making requirements, not suggestions, requirements for all 
of the stakeholders. I keep hearing the word ``stakeholders'' 
and certainly the workers are a stakeholder in the chemical 
plant. Requiring that the stakeholders are involved, not 
suggesting. We have to move away from hope to a point where we 
have actual concrete language that we can point to say it is a 
requirement and not a suggestion.
    Ms. Clarke. Thank you. Mr. Sondermeyer, as the DHS chemical 
facility anti-terrorism standards are beginning to be 
implemented, is there anything you feel DHS should be doing 
differently? How well is DHS coordinating with your State?
    Mr. Sondermeyer. I do believe as the Colonel represented 
earlier, we do work very well together and particularly we have 
worked well together on critical infrastructure protection. I 
do think there are some elements of the bill that are 
critically important. One of them was the discussion we had on 
access to information and confidentiality, and I am very 
heartened that we have a State and local work group working 
together actively to make sure that the CVI issue does not take 
a turn that does not result in sharing of information. If we 
don't share information with the State partner, you know, we 
are not effectively working together. As I did mention, the 
whole collaboration through a delegated authority we think is 
something that is important so that we can work better 
together. Because that is a concern that I have, that we go 
down a road where we are not properly connected and we are--and 
I think the chairwoman had perhaps used the term in her opening 
statement of not reinventing the wheel--to not reinvent the 
wheel so that we are working closely together, collaboratively 
for efficient government for such an important topic as 
homeland security.
    Ms. Clarke. Thank you, Madam Chair.
    Ms. Jackson Lee. Thank you, Ms. Clarke. Mr. Pascrell, do 
you want to ask one or two more questions?
    Mr. Pascrell. Thank you.
    Ms. Jackson Lee. Thank you.
    Mr. Pascrell. Mr. Sondermeyer, the chemical sector best 
practices standards I failed to mention when I was asking the 
question the first time. These are not mandatory, are they?
    Mr. Sondermeyer. They are mandatory.
    Mr. Pascrell. They are mandatory in the State of New 
Jersey?
    Mr. Sondermeyer. They are mandatory in the State of New 
Jersey for a universe of approximately 157 facilities that 
report under certain SIC or NIA codes.
    Mr. Pascrell. And the rest had simply asked for an 
evaluation, those other chemical facilities? Or was it 
mandatory for every chemical facility in New Jersey?
    Mr. Sondermeyer. Sadly it is very confusing. The base 
program for implementing best security practices is applicable 
to all 450 recognized DCPA, or discharge prevention facilities 
in our State. The standards which go further and are mandatory 
are applicable for 157 facilities. And 45 of the 157 were 
required to do the----
    Mr. Pascrell. But the inherently safer technologies is not 
mandatory?
    Mr. Sondermeyer. Mandatory to do the review, not mandatory 
to implement the findings.
    Mr. Pascrell. Now, New Jersey passed the Toxic Catastrophe 
Prevention Act in 1986. In April of this year, the Department 
of Environmental Protection proposed amendments to that act to 
require all companies subject to the program to evaluate the 
potential of incorporating inherently safer technology at their 
facility. I think it is worth noting, as you have said in your 
testimony, that in New Jersey the inherently safer technologies 
requirement under the chemical sector best practices standards 
represents a practicability test as I see it. It is not 
mandatory that a covered facility implement IST, only that they 
evaluate it. From your experience implementing a program in New 
Jersey, do you feel that there is a cost/benefit relationship 
to performing IST analysis?
    Mr. Sondermeyer. Thank you. I would say, as I said earlier 
in my remarks, that from our experiences working very 
cooperatively with the chemical industry, that IST analysis is 
really a good business practice. So there is a cost/benefit 
analysis element to it. It makes sense from the company's 
perspective to evaluate inherent safety and to make appropriate 
changes for economic reasons.
    We talked a lot about worker safety, which is of critical 
importance. They look out for their employees and of course 
from our perspective as a DEP regulatory compliance. So we do 
think that there is a cost/benefit analysis positive to 
performing the analysis. And as you referenced, sir, the 
rulemaking that we proposed in April really takes the 
requirement for inherently safer technology, which it has 
already done for the chemical plants. And we feel so strongly 
from our experience, we seek to expand it, to involve food 
processing facilities, water treatment facilities, wastewater 
plants and some energy facilities.
    Mr. Pascrell. How many times do you meet with Mr. Canas to 
go over what you find at these chemical facilities? He is the 
head of Homeland Security in the State of New Jersey. What kind 
of regular meetings do you have with him?
    Mr. Sondermeyer. My response would be that our relationship 
is pretty much seamless. It is an unusual program. We don't 
have dedicated resources. But to directly answer your question, 
I in my title as the Chief of Staff, Director of Operations am 
with folks from Director Canas' office every other week. Every 
2 weeks we have a structured meeting to coordinate.
    Mr. Pascrell. Will the new CFATS regulations require those 
facilities to make significant security upgrades, and my second 
question is without identifying the facility, the facility's 
name or location, can you describe the security measures your 
facilities are putting in place? Could you give us an idea of 
what they are doing to make the place safer? Because we know if 
one of these things goes off in terms of the volatility of the 
chemicals we have got a natural disaster.
    Mr. Sondermeyer. Right. Yeah.
    Mr. Pascrell. Or a very unnatural disaster.
    Mr. Sondermeyer. Right. I think it is fair to say that the 
measures put in place are very comprehensive and sweeping. It 
is hard to answer really specifically because each plant is 
different. And that is why the site specific vulnerability 
assessment is so critical. So you look at each individual 
circumstance. Target hardening certainly has been done across 
the board in terms of fencing and scanning and bollards and 
whatever target elements are put in place, cyber security 
protocols, which is of critical importance.
    We had some experiences in New Jersey where a system went 
down for a few days. It paralyzes you. Cyber security is very 
critical. Badging and credentialing, background checks, you 
know, who can access, who can't access, who is looking at the 
Sparkletts water person or the Purolator courier delivery 
person. All these elements have been part of the best practices 
that we adopted that they had to evaluate and come up with 
schedules for implementing.
    Mr. Pascrell. Madam Chairwoman, can I ask one more question 
of Mr. Miller?
    Ms. Jackson Lee. Mr. Pascrell, if you can be very quick on 
that last question. And then if Mr. Miller--please abbreviate 
your answer.
    Mr. Pascrell. Could you be as nonspecific as I asked Mr. 
Sondermeyer to be in terms of the facilities under your 
jurisdiction?
    Mr. Miller. Well, first of all, Congressman Pascrell, we 
have got a limited number of facilities in New Jersey and we do 
have a presence there. So anything--I have got to be very 
careful about not getting real specific about what we have done 
at our facilities. I will concur with Mr. Sondermeyer, that the 
measures that he mentioned we do in fact have. I will say that 
we also helped write the best security practices that are in 
place there.
    Mr. Pascrell. I think that is important that you mention 
that.
    Mr. Miller. But I also will point out that in the 
inspections that were done in reaction to the IST requirements, 
the focus tended to be because he has already said that their 
people were trained on the DEP side, that the focus tended to 
be on what type of evaluation we did related to IST and the 
focus was not as heavy on what kind of security measures we had 
in place. From a security professional, that is a concern of 
mine, that the focus moves from the overall security posture 
that we have in place as opposed to focusing on one particular 
security measure.
    Mr. Pascrell. I think that is significant what you just 
said in that we need to be doing more things in terms of the 
security rather than talk about the safety aspect of this whole 
situation. I think that is very important that you mentioned 
that.
    Thank you very much. Thank you for all your testimony. 
Thank you.
    Ms. Jackson Lee. The gentleman's time is expired. I thank 
Mr. Pascrell. He made a very, very key, if you will, 
distinction that defines the Homeland Security Committee and 
Department. And that is the idea of security and, Mr. Pascrell, 
it seems that when we discuss this issue there is an enmeshing 
or a fudging of the safety security definition and many people 
will wonder why our additional oversight because they say we 
are safe. But safety is not security. And frankly I believe it 
is important that the conclusion of this hearing, and there may 
be a need for another hearing to indicate that we are going to 
have legislation, the focus will be on security. And the idea 
will not be to stifle the productivity and growth of the 
industry. But it is to recognize that the chemical and refining 
industry many times are located in the seat of population, they 
remain vulnerable because they are old, their equipment is old, 
and we hope that this oversight will be taken as a positive 
step, one, to look to 21st century technology to provide a 
vehicle for academic institutions, to begin to assess cutting 
edge technology that will be helpful to the industry and, as 
Mr. Setley has said, to make chemical security employees on the 
frontline providing security in those areas. And as I am 
continuously concerned with surrounding neighborhoods, to let 
them not be acted upon, but to have them act with us in 
securing their neighborhoods.
    And finally, Colonel, as I started out this hearing, we 
thank you for your service. There has been a decided 
improvement and recognition of your commitment to the security 
of America. It is our responsibility as members of this 
committee to in essence turn the lights on, pull the covers 
back and pronounce the need for more resources and more 
personnel and not run from it and not hide from it and ask this 
administration if they recognize that you have the needs that 
you have. We will be the voice because we have to be the voice 
for the people. And frankly I believe that there is a great 
need to be able to bolster your department for the many 
infrastructure needs that we are going to be addressing that 
are now still in the eye of the storm. And certainly you don't 
have the resources to cover that gamut. We don't want to give 
the details to those who are our enemies, but we want to be 
prepared to be in front of the enemies and not behind them.
    So we thank you for your testimony, all of you. Certainly, 
Mr. Sondermeyer, we thank you for representing in essence the 
States and their work and we look forward to working and 
collaborating with them. Mr. Miller, send the word out to the 
industry that we are not foes, but we need to be allies in the 
war against terror and the idea of securing the homeland. I 
thank the witnesses for their valuable testimony and the 
members for their questions. The members of the subcommittee 
may have additional questions for the witnesses, and we will 
ask you to respond expeditiously in writing to those questions.
    In addition, I ask for unanimous consent that these 
testimonies and reports be entered into the record, Synthetic 
Organic Chemical Manufacturers Association report entitled 
Chemical Security New Jersey, completed by the Maxwell School 
at Syracuse University. Dr. Mannan, there goes the academic 
report.
    [The information follows:]

                             For the Record

                            Submitted to the

                     U.S. House of Representatives

                     Committee on Homeland Security

 Subcommittee on Transportation Security and Infrastructure Protection

                                   On

U.S. Department of Homeland Security's Chemical Facility Anti-Terrorism

     Standards (CFATS) and Other Related Chemical Security Matters

                              Prepared by

     William E. Allmond, IV, Director, Government Relations, SOCMA

                                  with

    Jeffrey Gunnelfsen, Senior Manager, Government Relations, SOCMA

                           DECEMBER 12, 2007

I. Introductory Comments
    SOCMA appreciates the opportunity to submit this testimony 
regarding the implementation of the U.S. Department of Homeland 
Security's (DHS) Chemical Facility Anti-Terrorism Standards (CFATS) and 
other related chemical security matters. Our goal is to provide you 
with a description of the effects of the Agency's new chemical security 
standards are having on the specialty and batch chemical manufacturing 
sector. We also want to share our position on the use of inherently 
safer technology (IST), as well as our opinions on the Department's 
staffing and resources.
    About SOCMA. Approximately 90 percent of SOCMA's members are small 
businesses, according to Small Business Administration definitions. 
While commodity chemicals make up most of the production volume in the 
global marketplace, specialty and batch chemicals make up most of the 
diversity (the number of different chemicals) in commerce. As a 
condition of membership in SOCMA, chemical companies must subscribe to 
our environmental, health, safety, and security management system, 
ChemStewards. This self-imposed program requires companies to develop 
systematic approaches to environmental and chemical risk management 
with independent, third-party verification.

    II. The Unique Nature and Role of Specialty and Batch Chemical 
Manufacturing Sector
    Specialty and batch chemicals are essential ingredients and 
building blocks for the manufacture of almost everything produced in 
the United States. Specialty and batch chemicals perform very specific 
functions, based largely on their molecular structures, giving them 
unique physical and chemical properties. Without these substances, 
nylon would not be strong enough to use for seatbelts, medicine would 
revert back to what it was in the 1800s, and our armed forces would not 
have the equipment and supplies necessary to defend our country.
    Specialty batch chemicals have complex chemistries and narrowly 
focused applications, and are typically produced batch-by-batch in 
reaction vessels. Batch processes are very different from the 24 hours-
a-day, 7 days-a-week continuous operations that produce commodity 
chemicals. Since continuous processes employ continuous feeds and 
yields, the production volume is usually far greater than for batch 
processes. The main difference, however, is that a batch process, 
incorporates the chemical reaction (and yields the desired product), 
has a distinct beginning and end for each batch. As a result, the 
products that are stored onsite also change on a continual basis.
    Batch producers are necessarily flexible, and they can make many 
different products during any given production year. Their business is 
driven by customer demand, and many chemicals are made on short notice. 
As a result, the types and quantities of chemicals onsite at a batch 
manufacturing facility often change from week to week or even day to 
day, leading to similarly frequent changes in the risk profile of the 
facility. Because of the differences in processing and variable 
production schedules, another distinct feature among specialty and 
batch chemical producers is the variability of risk at production and 
storage sites. This ever-changing risk profile can be a challenge for 
risk managers, but it also provides opportunities to continually review 
the chemistries for novel and safer approaches. Conveniently, frequent 
changes in the risk profile also makes it that much harder for a 
potential terrorist to know what chemicals are on site and in what 
quantities at any one time. The inherent variability of batch 
manufacturing can actually make these sites less attractive as a target 
of terrorists.

III. Implementation of CFATS and Path Forward
    With the November 20, 2007, Federal Register publication of 
Appendix A to the Chemical Facility Anti-Terrorism Act standards, the 
chemical security regulations are finally being implemented. It is 
premature to judge today how well the implementation of the standards 
is or will unfold. Nevertheless, there has been progress made that is 
worth noting, in addition to concerns with the direction of the 
standards going forward.
    The approach taken by the Department in promulgating the standards 
is the right approach. The Department kept the potentially regulated 
community engaged during the development process rather than seeking 
input only after the fact. Instead, DHS carefully took into 
consideration how important it is to know who is handling dangerous 
chemicals, and limiting regulations to the highest risk chemicals at 
the sites that pose the highest security risk to the nation. It would 
have been far too easy to make one-size-fit-all regulations. The 
practical, risk-based standards that emerged mandate robust, 
accountable actions with stiff penalties for non-compliance.
    An important point to understand is that the industry did not wait 
for federal standards before taking actions to secure their facilities. 
Millions of dollars have been invested following 9/11 to implement 
additional security measures above and beyond those that are put in 
place in accordance with normal operating procedures at a chemical 
facility. In 2002, SOCMA and its members developed a comprehensive, 
asset-based security vulnerability assessment methodology (SVA) and 
voluntarily completed assessments years prior to CFATS. The methodology 
was eventually recognized by the Center for Chemical Process Safety 
(CCPS) as a recommended methodology. Additionally, SOCMA members have 
been required to integrate security practices into their management 
system, ChemStewards, which is mandated by SOCMA.
    Some other security achievements prior to CFATS finalization that 
are especially noteworthy include the Chemical Industry Site Security 
Guidelines, that SOCMA cosponsored in 2001 to serve as a temporary, but 
timely, compilation of security best practices. SOCMA has also 
sponsored numerous well-attended conferences and web-based seminars 
since 2001, which have established a higher degree of attention to 
chemical plant and chemical transportation security following 9/11. 
SOCMA helped lead the development of the Chemical Sector Coordinating 
Council, which assembles the various sectors of the industry to discuss 
priority security issues and provides a forum to exchange information 
about threats and vulnerabilities with DHS and other key Federal and 
State government agencies.
    These examples only scratch the surface in listing the activities 
and achievements made by the industry to better secure their facilities 
and products. The bottom line is SOCMA and its members took and 
continue to take the initiative in addressing chemical security 
challenges. DHS's new security standards will complement many of these 
achievements and provide for additional safeguards where necessary.
    The biggest concern we have about the implementation of CFATS is 
the possibility of having the requirements altered by Congress in mid-
stream before the standards expire. The single fact that the standards 
expire within a short window of time after being promulgated is 
difficult enough--though not impossible--for members, particularly from 
a planning and implementation perspective. On the other hand, the 
limited timeframe given to the implementation of CFATS further 
underscores why Congress should resist calls from special interest 
groups to revise the standards now. SOCMA urges Congress to not delay 
further the implementation of this important set of regulations. While 
we are confident that our members are prepared to comply with the 
standards, the extent of security commitments by other facilities 
subject to CFATS is unknown. These standards provide unified 
regulations and will go a long way towards holding covered facilities 
accountable. We look forward to working with Congress in the future to 
re-authorize the CFATS.

    IV. SOCMA's General Position on IST and the Commonwealth of New 
Jersey's Inherently Safer Technology (IST) Review Under its Toxic 
Catastrophe Prevention Act (TCPA)
    SOCMA members covered by New Jersey's chemical security rules 
report that the rules have not been overly burdensome. However, they 
also report that inspections conducted by the State focus 80 percent on 
a site implementation of IST and only 20 percent on actual security 
regulatory compliance. Since many sites in New Jersey are also subject 
to Federal rules, such as the Environmental Protection Agency (EPA)'s 
Risk Management Program (RMP) and the Occupational Safety and Health 
Administration (OSHA)'s Process Hazard Analysis (PHA) regulations, in 
addition to state rules, one could question the priority of the New 
Jersey security program.
    The New Jersey ``prescriptive order'' did not go through due 
process (notice and comment) and rulemaking, denying the regulated 
community the opportunity to comment on the rule and resulting in a 
number of issues and gaps that could have been easily avoided or 
otherwise addressed.
    IST is only one of many methods for potentially reducing risk and 
vulnerability. Vulnerability assessments should consider the 
feasibility of a multitude of methods that would improve security while 
achieving the optimum balance of vulnerability reduction cost 
effectiveness. From our members' experience in New Jersey, as stated 
previously, the focus of the vulnerability assessments was entirely on 
IST to the point of essentially neglecting all other methods of 
improving security. Since IST has long been an integral part of 
designing a facility and regular plant health assessments, the newly 
required New Jersey vulnerability assessments audits were of very 
little value because of its narrow focus. The New Jersey security 
process could be greatly improved by broadening the scope to include 
the entire available spectrum of physical security tools and processes.
    SOCMA recognizes that employee awareness, knowledge and assistance 
may be necessary in identifying and effectively managing security-
related scenarios. However, employee inclusion throughout the entire 
vulnerability assessment process adds little security expertise and 
raises concerns regarding the protection of Security Sensitive 
Information (SSI) or Chemical-terrorism Vulnerability Information (CVI) 
discussed during the process. Furthermore, the protection of security 
information (non-disclosure) provisions in the prescriptive order and 
under New Jersey law are insufficient and fall short of federal 
information protection standards for security related information
    On a federal level, SOCMA believes that the DHS has a useful role 
to play in encouraging the private sector to incorporate IST as a means 
to reduce security risks at chemical facilities wherever possible. 
However, we do not support regulatory measures that mandate IST. Such 
mandates are unnecessary and, in some cases, would fall short of their 
intended purposes.
    Supporters of regulatory IST measures within the context of 
chemical security either ignore industry's commitment to this every day 
process safety measure or they misunderstand its purpose. In the name 
of security IST is being used to support environmental agendas and not 
security. IST is an established chemical engineering philosophy that 
was launched by the industry in the late 1970s. Its goal is to use 
traditional engineering, chemistry, and other scientific concepts to 
reduce the risks associated with chemical processing. Risk and safety 
are often used in the same context, but the two actually have an 
inverse relationship: as risk is reduced, safety is increased. Since 
its inception, IST has been ingrained as a normal part of the 
engineering discipline in the chemical industry.
    The main goal of IST is to reduce risks to health and the 
environment, similar to the goals of pollution prevention (P2) and risk 
management in general. The idea is to tie risk reduction to lower 
operating costs, which is fairly straightforward in the chemical 
industry. The costs associated with handling materials classified as 
hazardous have increased substantially over the past 20 years. The 
economic incentives for reducing the use of hazardous chemicals include 
reducing the likelihood of accidents among laboratory and processing 
workers, cheaper transportation and disposal costs, discounted 
insurance rates and fewer regulatory requirements. Obviously, it is in 
a chemical companys best financial interest to handle less hazardous 
substances; it reduces costs, which helps maximize profits. The concept 
of risk reduction, practiced through IST, P2 and other environmental 
management systems, is an important feature of the business model 
employed by chemical producers. The same principle applies for those 
who use, store or distribute chemicals. In many ways IST is already 
built into the chemical supply chain.
    The pilot phase in research and development (R&D) typically 
attempts to replicate the bench-scale results at a slightly larger 
scale. The process (i.e., chemical reaction and necessary equipment) is 
reviewed in detail and tweaked accordingly. The R&D phase may continue 
and include trial usage at the customer's site, to check product 
performance, ensure that the product can be used safely and make sure 
that there are no unaccounted risks. IST does not stop at the R&D 
phase, however. This approach is also applied when full-scale 
production begins, to double-check findings from earlier studies. If 
changes in production are made at some point in the future, the review 
process is conducted all over again to see what impacts the changes 
will make.
    IST approaches are based on fundamental, long-standing engineering 
and chemistry principles. The concepts associated with IST work because 
they identify opportunities to maximize yields, reduce wastes and 
reduce risk, which, in turn, reduce cost and maximizes profit--the most 
powerful driver in business. Even if the conditions in the market place 
change, such as new regulations or restrictions, the fundamental driver 
for business decision-making will continue to be the maximization of 
profit. IST uses fundamental engineering and chemistry principles that 
fit well into the chemicals business model.
    Despite its fundamental importance, IST is one of the most 
misunderstood concepts in commercial chemistry. While it seems self-
explanatory, the term as used in chemistry and engineering may be 
misleading to non-scientists. Many non-scientists have been led to 
believe that the only way to ensure safe chemical manufacturing or 
achieve pollution prevention is by reducing the amount of hazardous 
substances used in chemical manufacturing and processing. Application 
of IST, however, follows basic, scientific principles, and is bound by 
the laws of physics; a simple reduction in the use of hazardous 
chemicals is rarely possible within the confines of a particular 
chemical reaction or process. When such reductions are possible, they 
often result in the transfer of risk to other points in a chemical 
process or the supply chain, without actually reducing it. To place the 
current IST debate in context, this discussion will begin with an 
illustration of the limitations of substitution in the field of 
chemistry, and then move to an explanation of why reducing a hazard in 
a process does not necessarily reduce the overall risk.
    Like IST, chemistry is also bound by the laws of physics. These 
physical laws place restrictions on what can and cannot be done when 
trying to make a chemical. For instance, a molecule (i.e., a chemical) 
is made up of atoms (e.g., sodium, carbon, chlorine, etc.) that are in 
specific locations or positions on the molecule. In organic chemistry, 
the goal is to take the atoms from one molecule and move them to 
locations on another, different molecule so that the target molecule 
takes on a specific function or behavior.
    The laws of physics dictate if, how and when those atoms can be 
moved. To achieve certain critical structural changes, reactive 
chemicals must be used, and many are by their very nature hazardous, 
e.g., toxic, flammable, etc. In light of these constraints, scientists 
seeking to achieve certain chemical changes are often left with few 
alternatives. Where hazardous chemicals are used, they are highly 
regulated by EPA, OSHA, the Department of Transportation (DOT) and 
other agencies, and appropriately managed by chemists in universities, 
government and industry. Scientists usually cannot produce the 
materials that make our standard of living possible without using very 
specific chemicals. Making medicine is a good example.
    Often, it takes multiple steps to make medicine. Each step in the 
process carefully moves atoms from one molecule to locations on another 
molecule. Eventually, the scientist will obtain the desired chemical 
that performs a precise medicinal function. The movement of these 
atoms, from one molecule to another, is a chemical reaction and can 
only take place using certain materials. The chlorine atom, for 
instance, when it is located on a specific part of a molecule, allows 
these steps to take place. One common misconception, though, is that 
any chlorine atom will do. That is not the case. Chlorine atoms take on 
different behaviors, or physical properties, depending on the atoms to 
which they are attached.
    Table salt consists of the sodium (Na) and chlorine (Cl) atoms, 
which make up the chemical sodium chloride (NaCl). The chlorine atom 
used to make medicine, on the other hand, often comes from phosgene 
(COCl2) or phosphorous trichloride (PCl3). Phosgene, for example, has 
one carbon atom bonded to one oxygen atom and two chlorine atoms, 
giving the chlorine atoms very specific characteristics. The sodium 
atom that is attached to the chlorine atom in table salt, however, 
gives the chlorine a different nature. The very specific nature of the 
chlorine atom in phosgene is critical to its fundamental role in 
pharmaceutical manufacturing and minimizes the formation of potentially 
toxic by-products that would otherwise contaminate the medicine. By 
contrast, to use the chlorine in table salt in the drug manufacturing 
process would require the application of electrical energy to the salt, 
resulting in the formation of chlorine gas, which is corrosive and 
poisonous by inhalation. At that point, it is no longer table salt; it 
has been converted into a compound (chlorine) with similar hazards to 
the phosgene and achieving that conversion required the introduction of 
additional risks. The complex chemistry associated with making medicine 
has well-defined physical boundaries and requires the use of reactive 
chemicals. That is why, generally, medicine is not made from table 
salt.
    IST is a conceptual and often complex framework that covers 
procedures, equipment, protection and, when feasible, the use of less 
hazardous chemicals. Its premise is that if a particular hazard can be 
reduced, the overall risk associated with a chemical process will also 
be reduced. In its simplicity, it is an elegant concept; however, 
reality is not always that simple. A reduction in hazard will reduce 
overall risk if, and only if, that hazard is not displaced to another 
time or location, or does not magnify another hazard. If the hazard is 
displaced, then the risk will be transferred or increased, not reduced. 
In science, risk is dependent on the circumstances and surroundings of 
a hazard. A simple reduction in hazard will not necessarily result in a 
reduction of overall risk. IST decisions, therefore, are and should be 
based on overall risk, not simply on inherent hazards.
    Here are several examples of how seemingly simple reductions in 
hazard may affect overall risk:
Reducing the amount of a chemical stored on site
    A manufacturing plant is considering a reduction in the volume of a 
particular chemical stored on site. The chemical is used to manufacture 
a hazardous precursor to a critical nylon additive, which is sold to 
another company and used to make seat belts stronger. Because it is a 
critical component for nylon strength, and seatbelt production cannot 
be disrupted, the production schedule cannot change. If the amount 
stored on site is reduced, the only way to maintain the production 
schedule is to increase the number of shipments to the site. This leads 
to more deliveries (an increase in transportation risk), more transfers 
of chemical from one container to another (an increase in transfer 
risk) and, since there is now a greater chance that production could be 
disrupted by a late shipment, there is an increase in economic risk.

    Substituting Sodium Hypochlorite for Chlorine
    Some people point to the Blue Plains water treatment plant in 
Washington, DC, as a prime example of how easy it is to substitute 
sodium hypochlorite solution for chlorine gas as a wastewater 
disinfectant. Unfortunately, several important facts are usually 
missing from these explanations. First, the conversion was not an 
overnight process; in fact, the substitution began prior to September 
11, 2001, and included costly retrofitting to the plant to accommodate 
the substitution. Secondly, the District of Columbia is in a different 
situation financially than other municipalities, in that it often 
receives federal funding to make such expensive changes possible. Also, 
it takes a large amount of sodium hypochlorite to achieve the same 
sanitizing effects as chlorine. But the most important fact missing 
from this story is that it takes chlorine to make sodium hypochlorite. 
The facilities producing the hypochlorite must now use and store vast 
quantities of chlorine in very few locations to keep up with the 
increased demand. There are only a handful of sodium hypochlorite 
producers in the United States, which means that more and more chlorine 
will have to be concentrated in a few locations to keep up with demand. 
The ultimate result of this is a huge increase in risk at chemical 
facilities that produce hypochlorite and, since water treatment plans 
typically use 1-ton cylinders, a somewhat modest reduction in overall 
risk.
    As noted earlier, the philosophical movement of IST was born in the 
chemical industry during the late 1970s and is routinely practiced by 
chemical engineers. It can be argued that this approach, along with the 
concept of P2, led to the establishment of environmental management 
systems, which provide a systematic way to manage environmental, health 
and safety risks. At no time during the evolution of IST were the 
founders thinking about applications in chemical site security. In 
fact, practitioners of IST, i.e., chemical engineers, to this day 
consider IST strictly an environmental, health and safety approach.
    Only recently have some people sought to connect the concept of IST 
to security; and, they are typically not engineers, nor do they 
practice IST. In fact, most do not have the technical background to 
fully grasp the concepts and principles that comprise IST. Further, 
they misunderstand that IST is a risk-based concept and not a hazard-
based concept.
    To SOCMA's knowledge, only one study has been conducted to attempt 
to connect the concept of IST to security. In April of 2006, the Center 
for American Progress published a report, Preventing Toxic Terrorism, 
How Some Chemical Facilities Are Removing Danger to American 
Communities, which claims that 284 chemical facilities have substituted 
hazardous materials for less hazardous products. It is easy to 
misinterpret this report. Just the title alone is misleading, because 
it uses the term ``chemical facilities,'' when, in fact, approximately 
90 percent of the study facilities are related to utilities, not 
chemical plants. Most of the facilities in the study are related to 
water treatment (about 75 percent), agriculture (almost 10 percent) and 
electricity (about 5 percent). Out of the 16 manufacturers that 
responded, only 6 were in the chemical or allied products industries. 
Most of those 6 make formulations, which are mixtures of chemicals, but 
those companies do not actually produce the chemicals. The IST methods 
applied were as follows:
         3 moved operations or storage to another location
         1 changed from rail shipments to pipeline distribution
         1, a chemical wholesaler, provided no explanation of 
        what was done
         Only 1 company actually implemented IST; but, in 
        reality, it was an engineering and process change more than a 
        chemical substitution
    This study has little to do with chemistry or chemical 
manufacturing. It primarily concerns the substitution of products used 
by water and electricity providers, and farmers.
    In most cases presented in the report, chlorine was substituted 
with sodium hypochlorite solution. As was previously pointed out, it 
takes chlorine to make hypochlorite bleach; therefore, the few bleach 
manufacturers will have to have much more chlorine on hand, 
concentrated in very few places, to keep up with the ever-increasing 
demand for hypochlorite solution. This not only transfers the risk, but 
concentrates it and magnifies it--due to more chlorine being needed at 
the bleach manufacturing sites. Also, commercial grade hypochlorite 
solutions present very well-known risks as well.
    The prefix ``hypo'' indicates that the compound has as much 
chlorine as is physically possible and needs a specific substance to 
prevent the chlorine gas from being released out of the hypochlorite 
solution. Hypochlorites by their very nature are unstable compounds, 
which is why we do not see a dry form of sodium hypochlorite, and will 
release copious amounts of chlorine gas under easy-to-achieve 
conditions. I would argue that there are more incidents involving the 
release of chlorine from hypochlorites than releases from actual 
chlorine vessels, such as rail cars and cylinders.
    The only example in the report of IST being used at an actual 
chemical facility was the substitution of oleum with sulfur trioxide. 
Oleum, also known as fuming sulfuric acid, is simply sulfuric acid with 
an excess of sulfur trioxide added. The sulfur trioxide is the chemical 
consumed in the process, and is much more dangerous than the sulfuric 
acid. The company chose to manufacture and consume the sulfur trioxide 
on-site, rather than having it delivered in concentrated sulfuric acid. 
This is an excellent example of IST, because the transportation and 
transfer risks were reduced, and waste was minimized. These changes 
will probably pay for themselves and reduce overall costs for the 
company in the long run. In the context of security, however, is there 
a significant amount of risk reduction? It could be argued that the 
answer is no. Although oleum releases sulfur trioxide fumes, it does so 
at a rate that is much slower than a release of pure sulfur trioxide 
from a pressurized cylinder or rail car. Because of the slow release of 
sulfur trioxide gas from the oleum, a release would be fairly easy to 
control compared to a release of liquefied or pressurized sulfur 
trioxide.
    IST uses chemistry and engineering principles to enhance safety and 
reduce risk. Chemistry and engineering must follow the laws of physics, 
significant risk reduction is very difficult to achieve, without 
transferring the risk to something--or someone--else.
    Congress already created a law to ensure that full consideration is 
given to the same concepts and principles that make up IST: The 
Pollution Prevention Act. There are also components of IST built into 
the EPA's Risk Management Program, under the Clean Air Act, and the 
Process Safety Management regulations at OSHA. IST is an environmental, 
health and safety approach, and not a panacea for security.
    Members of the industry support the concept of using inherently 
safer technologies whenever possible for more than economic reasons. 
They have a big motivating factor: their own safety. Scientists spend 
hours each day in laboratories and manufacturing facilities that use 
and produce chemicals. It is difficult to imagine that any scientist 
would not want to work under the safest conditions possible.
    With all of these economic and safety incentives in place, the 
question becomes: Why do chemical companies still use hazardous 
materials? The laws of physics are a much larger determining factor in 
selecting process materials than anything else. No federal program 
mandating IST or P2 will change how these processes are run in any 
significant way. Instead, such a program would result in government 
micromanagement of the design and engineering at individual facilities, 
would impose burdensome paperwork requirements on the regulated 
community, would duplicate certain key requirements of other federal 
and state regulatory programs, could slow chemical production 
activities, and could lead to manufacturers moving production overseas. 
Forcing implementation of IST could be quite costly. As the cost of 
doing business in the U.S. increases, manufacturers will seek 
opportunities to relocate to lower-cost regions, taking much needed 
manufacturing jobs with them.

V. CVI
    SOCMA generally supports the level of information protection 
provided for under CFATS CVI provisions. Most military, industrial 
security, law enforcement and intelligence professionals agree that the 
protection of information that could be exploited by adversaries is 
paramount to a security program. SOCMA's biggest concern is the lack of 
a notification procedure to alert facilities that CVI may have been 
disclosed to an unauthorized party. A facility certainly has a need to 
know if sensitive information pertaining to its site has been 
disclosed.
    Additionally, some uncertainty exists with managing facility 
security information that is now classified as CVI. When the U.S. 
Department of Transportation adopted its sensitive security information 
(SSI) designation several years ago, there was widespread confusion 
over how to adequately restrict access to documents that were once 
openly available to employees and how to convincingly communicate this 
to employees who were subsequently restricted because they were not 
authorized users.

VI. DHS Staffing/Resources
    SOCMA would like to recognize DHS for the good work that they have 
done in a limited amount of time and with limited resources. They have 
created a sensible security program that is risk based, recognizing 
that not all chemical sites are the same nor will they all have the 
same hazards or pose the same risks. SOCMA does request that Congress 
provide additional resources to the DHS CSCD to ensure the program can 
continue to fulfill its mission.

VII. Conclusion
    Compliance with the U.S. Department of Homeland Security's Chemical 
Facility Anti-Terrorism Act standards is now underway. It is too early 
to judge how well the implementation of the standards will unfold. 
Nevertheless, it is certain that statutory changes to the standards 
before they expire will undermine the implementation. Attempts to 
mandate product substitutions as a means to reduce security risks 
should be avoided. Current standards are appropriately based on risk, 
not hazards. There are numerous well-established State and Federal 
regulations that industry must currently follow that adequately mandate 
process safety, pollution prevention, and process hazard analysis. In 
conclusion, the current standards need to be allowed to be implemented, 
CVI needs to be further explained, and IST is not the solution to 
chemical site security.

    Ms. Jackson Lee. And with that, hearing no further 
business, hearing no objection to the submission of these 
particular documents and then hearing no further business, the 
committee stands adjourned. Thank you again. Happy holiday to 
all.
    [Whereupon, at 12:05 p.m., the subcommittee was adjourned.]

                                 
