[Senate Hearing 110-1058]
[From the U.S. Government Publishing Office]



                                                       S. Hrg. 110-1058
 
   OVERSIGHT OF FEDERAL EFFORTS FOR RAIL AND SURFACE TRANSPORTATION 
                                SECURITY

=======================================================================



                                HEARING

                               before the

                         COMMITTEE ON COMMERCE,
                      SCIENCE, AND TRANSPORTATION
                          UNITED STATES SENATE

                       ONE HUNDRED TENTH CONGRESS

                             FIRST SESSION

                               __________

                            JANUARY 18, 2007

                               __________

    Printed for the use of the Committee on Commerce, Science, and 
                             Transportation





                  U.S. GOVERNMENT PRINTING OFFICE
38-932                    WASHINGTON : 2010
-----------------------------------------------------------------------
For sale by the Superintendent of Documents, U.S. Government Printing 
Office Internet: bookstore.gpo.gov Phone: toll free (866) 512-1800; DC 
area (202) 512-1800 Fax: (202) 512-2104  Mail: Stop IDCC, Washington, DC 
20402-0001




       SENATE COMMITTEE ON COMMERCE, SCIENCE, AND TRANSPORTATION

                       ONE HUNDRED TENTH CONGRESS

                             FIRST SESSION

                   DANIEL K. INOUYE, Hawaii, Chairman
JOHN D. ROCKEFELLER IV, West         TED STEVENS, Alaska, Vice Chairman
    Virginia                         JOHN McCAIN, Arizona
JOHN F. KERRY, Massachusetts         TRENT LOTT, Mississippi
BYRON L. DORGAN, North Dakota        KAY BAILEY HUTCHISON, Texas
BARBARA BOXER, California            OLYMPIA J. SNOWE, Maine
BILL NELSON, Florida                 GORDON H. SMITH, Oregon
MARIA CANTWELL, Washington           JOHN ENSIGN, Nevada
FRANK R. LAUTENBERG, New Jersey      JOHN E. SUNUNU, New Hampshire
MARK PRYOR, Arkansas                 JIM DeMINT, South Carolina
THOMAS R. CARPER, Delaware           DAVID VITTER, Louisiana
CLAIRE McCASKILL, Missouri           JOHN THUNE, South Dakota
AMY KLOBUCHAR, Minnesota
   Margaret L. Cummisky, Democratic Staff Director and Chief Counsel
Lila Harper Helms, Democratic Deputy Staff Director and Policy Director
              Margaret Spring, Democratic General Counsel
             Lisa J. Sutherland, Republican Staff Director
          Christine D. Kurth, Deputy Republican Staff Director
             Kenneth R. Nahigian, Republican Chief Counsel


                            C O N T E N T S

                              ----------                              
                                                                   Page
Hearing held on January 18, 2007.................................     1
Statement of Senator Carper......................................    63
Statement of Senator Inouye......................................    50
Statement of Senator Klobuchar...................................    61
Statement of Senator Lautenberg..................................     1
Statement of Senator McCaskill...................................    56
Statement of Senator Pryor.......................................     3
Statement of Senator Smith.......................................    58
Statement of Senator Stevens.....................................     2
Statement of Senator Thune.......................................     3

                               Witnesses

Barrett, Thomas J., Vice Admiral (Ret.), USCG; Administrator, 
  Pipeline and Hazardous Materials Safety Administration, DOT....    24
    Prepared statement...........................................    26
Berrick, Cathleen A., Director, Homeland Security and Justice 
  Issues, GAO....................................................    30
    Prepared statement...........................................    31
Boardman, Hon. Joseph H., Administrator, Federal Railroad 
  Administration, DOT............................................    11
    Prepared statement...........................................    13
Canas, Hon. Richard L., Director, Office of Homeland Security and 
  Preparedness, State of New Jersey..............................    46
    Prepared statement...........................................    47
Hawley, Hon. Edmund S. ``Kip'', Assistant Secretary, 
  Transportation Security Administration, DHS....................     4
    Prepared statement...........................................     5
Hill, Hon. John H., Administrator, Federal Motor Carrier Safety 
  Administration, DOT............................................    21
    Prepared statement...........................................    22

                                Appendix

Inouye, Hon. Daniel K., U.S. Senator from Hawaii, prepared 
  statement......................................................    75
McCain, Hon. John, U.S. Senator from Arizona, prepared statement.    75
National School Transportation Association, prepared statement...    76
Response to written questions submitted by Hon. Daniel K. Inouye 
  to:
    VADM Thomas J. Barrett.......................................   102
    Cathleen A. Berrick..........................................   105
    Hon. Joseph H. Boardman......................................    97
    Hon. Edmund S. ``Kip'' Hawley................................    79
    Hon. John H. Hill............................................    98
Response to written questions submitted by Hon. Frank R. 
  Lautenberg to:.................................................
    VADM Thomas J. Barrett.......................................   103
    Hon. Joseph H. Boardman......................................    97
    Richard L. Canas.............................................   106
    Hon. Edmund S. ``Kip'' Hawley................................    89
Response to written questions submitted by Hon. Mark Pryor to:
    VADM Thomas J. Barrett.......................................   104
    Hon. Edmund S. ``Kip'' Hawley................................    94
    Hon. John H. Hill............................................    99
Rockefeller IV, Hon. John D., U.S. Senator from West Virginia, 
  prepared statement.............................................    76


   OVERSIGHT OF FEDERAL EFFORTS FOR RAIL AND SURFACE TRANSPORTATION 
                                SECURITY

                              ----------                              


                       THURSDAY, JANUARY 18, 2007

                                       U.S. Senate,
        Committee on Commerce, Science, and Transportation,
                                                    Washington, DC.
    The Committee met, pursuant to notice, at 10:05 a.m. in 
Room SR-253, Russell Senate Office Building. Hon. Frank R. 
Lautenberg, presiding.

        OPENING STATEMENT OF HON. FRANK R. LAUTENBERG, 
                  U.S. SENATOR FROM NEW JERSEY

    Senator Lautenberg. Welcome all, we're going to get started 
and I first welcome all of you to the hearing. I've been asked 
to conduct the hearing this morning by Senator Inouye who is 
detained for other things, and I'm pleased to do it. It's an 
odd assignment for a freshman.
    [Laughter.]
    Senator Lautenberg. Anyway, people look at my face and 
they'll know I'm not a freshman.
    And I'm pleased to sit alongside Senator Stevens, with whom 
I've worked for many years. Unaccustomed as I am to having 
Senator Stevens sit at the right of me, but we're--I'm pleased 
to be here with him.
    Today we're going to be discussing legislation to provide 
adequate security protections for rail and highways. And we all 
know about the billions of dollars dedicated to aviation 
security every year. But, we're neglecting the security of our 
surface transportation systems.
    At the outset, I'd like to recite a few facts that we ought 
to consider. More people travel through Penn Station in New 
York City in a day than those who use the three major airports 
in the same day. That's the volume of traffic that we're 
talking about. Every day over 11 million people ride rail in 
this country. And prior to 9/11, the two major terrorist 
attacks on our Nation came in the form of truck bombs: the 
first attack on the World Trade Center was in 1993, and in 
1995, the Oklahoma City bombing killed 168 people.
    In September 2006, the Senate added provisions to the SAFE 
Port Act, to improve rail, pipeline, hazmat, truck and bus 
security. But, the House removed these important provisions and 
replaced them with a measure on Internet gambling.
    We now have an opportunity to finally enact these 
provisions, and close the lingering security holes. Two weeks 
ago, Senators Inouye, Stevens, and many of us on this 
committee, introduced the Surface Transportation and Rail 
Security Act of 2007, also known as the STARS Act.
    The STARS Act included $1.2 billion for rail and surface 
transportation security. The bill will improve the safety of 
passengers, and protect us against cargo attacks--cargo used 
for attacks on our society--as they travel by train, truck or 
bus, and improve the security of pipelines as well.
    So, I'm hopeful that the Committee will act quickly on this 
important security legislation, as it had already been approved 
by the Senate in the last Congress.
    To go over a few housekeeping matters, the hearing's going 
to operate under the policy adopted by Chairman Inouye, Vice 
Chairman Stevens. Senators will be allowed seven minutes for 
the first round of questions, up to two minutes of which may be 
used for a brief opening statement. And if time permits, 
members may ask a second round of questions.
    And that--Chairman Inouye is scheduled to arrive here soon, 
and he'll take back his earned chair.
    So, I now turn the floor over to Senator Stevens, for any 
opening statement he wants to make.
    Senator Stevens?

                STATEMENT OF HON. TED STEVENS, 
                    U.S. SENATOR FROM ALASKA

    Senator Stevens. Well, thank you very much, Mr. Chairman.
    I do welcome all of these witnesses and Mr. Hawley; it's 
nice to have you. I offered you a bunk in case we have another 
one next week, but 2 days in a row is heavy duty.
    But, I do think it's very appropriate that we take a long 
look at improving the security of ground transportation, 
particularly rail and pipeline. And I'm interested in hearing 
from each one of you about the ways you guess we can enhance 
security.
    Accidents like the train derailment that we've just learned 
of in Kentucky, on Tuesday, that sparked a chemical fire 
demonstrate the difficulties in securing and ensuring safety of 
surface transportation. I do hope that we can study that 
unfortunate accident. As I understand that local interstate 
highways were closed down for 11 hours, and the National Guard 
troops were called in to assist local officials. And, 
apparently there are still fires burning this morning. Nothing 
really good comes out of such incidents, but we can certainly 
try to learn from them. So, I hope that some of you may have 
some comments concerning that.
    I do appreciate what you all do to try and deal with the 
problem of having a balance between security measures and their 
affect on the traveling public.
    One of the no-nos, I guess, I shouldn't even mention is, is 
that the air transportation passengers are paying substantially 
for their security. I haven't heard anyone mention how we're 
going to pay for the security of ground transportation. I think 
it must be addressed by this committee.
    Thank you very much.
    Senator Lautenberg. All right, thank you very much.
    Senator Thune?

                 STATEMENT OF HON. JOHN THUNE, 
                 U.S. SENATOR FROM SOUTH DAKOTA

    Senator Thune. Mr. Chairman, I too, want to thank you for 
holding the hearing, and I look forward to hearing what our 
distinguished panelists have to say and appreciate their being 
here in what I know are very busy schedules to give us an 
update on the work that they are doing to help ensure our 
surface transportation systems are safe and secure.
    And as, of course, Secretary Hawley knows--because he was 
here yesterday--we took a look at the aviation end of this. But 
obviously rail and other surface transportation is where the 
bulk of the freight in this country is moved, and obviously we 
have been blessed--knock on wood--that we haven't had attacks 
on trains and buses and subways in this country like other 
countries have experienced, but that should not impact our 
diligence when it comes to preparing for possible attacks on 
this part of our transportation infrastructure as well. So, we 
have to focus on aviation, but we also have to focus on surface 
transportation. We can't neglect either.
    And, I hope that the Department of Homeland Security and 
the Department of Transportation, along with other relevant 
agencies, are up to that task. I know they're working very hard 
at it, and if they need anything from Congress, I hope that 
they will inform us of that here today. Because obviously, we 
want to make sure that you all have everything you need to do 
your jobs, and so, I will look forward to hearing the testimony 
and posing some questions later on.
    Thank you, Mr. Chairman.
    Senator Lautenberg. Senator Pryor?

                 STATEMENT OF HON. MARK PRYOR, 
                   U.S. SENATOR FROM ARKANSAS

    Senator Pryor. Thank you, Mr. Chairman.
    I want to join the chorus of Senators who are thanking you 
and the leadership of this committee for doing this very 
important--obviously a very important--sector for our Nation's 
economy.
    So, I want to thank the witnesses for being here today, and 
I look forward to hearing what they have to say.
    Thank you.
    Senator Lautenberg. Thank you.
    Now, I'd like to welcome our witnesses. We've got six 
members of the panel, so we'll try to deal with it in 
appropriate form to get as much as we can from each of the 
witnesses.
    We have six excellent witnesses, Kip Hawley, who is the 
Assistant Secretary for Transportation Security, the head of 
TSA. He joined us yesterday, we welcome him again today; Joe 
Boardman, the Administrator of the Federal Railroad 
Administration; Mr. John Hill, who's the Administrator of the 
Federal Motor Carrier Safety Administration; and, Admiral 
Thomas Barrett, formerly with the Coast Guard, and we welcome 
him--he's the Administrator of the Pipeline and Hazardous 
Material Safety Administration; and, Cathleen A. Berrick, who's 
the Director for Homeland Security and Justice Issues at the 
GAO; and, I especially want to welcome a colleague from New 
Jersey, Richard Canas, he's the Director of the Office of 
Homeland Security and Preparedness for the State of New Jersey. 
He does a good job.
    Thank you for traveling down to Washington today, Director 
Canas, I appreciate the local perspective that you're going to 
bring to today's hearing.
    And I want to thank all of you for joining us, and I will 
now ask you to present the summary of your testimony. I would 
appreciate it if you can complete your summaries within a 5-
minute objective.
    Director Hawley?

          STATEMENT OF HON. EDMUND S. ``KIP'' HAWLEY,

          ASSISTANT SECRETARY, TRANSPORTATION SECURITY

        ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY

    Mr. Hawley. Thank you very much. Good morning, Mr. 
Chairman, Mr. Vice Chairman and members of the Committee.
    I'm please to appear before you today to talk about TSA's 
efforts at reducing terrorist risks to surface transportation.
    It's a pleasure to join my colleagues here today. And to 
save time for discussion, I'm going to summarize my testimony 
into four major points.
    And they are: Number one, at TSA we look at the 
transportation system as a network. Aviation, rail, highway, 
transit, pipeline, ferries are all parts of the network, and we 
have efforts tailored to each one of them, individually, but 
it's important to know that we recognize that America's 
transportation network, as a whole, is important to the 
national economy and national well-being. And as an end in 
itself, we take security measures for that entire network.
    And second, as we discussed yesterday, our security 
strategy is based on connecting multiple, flexible layers--many 
of them apply to the entire transportation system. A plot 
that's broken up in its early stages--especially before it 
comes to this country--is the best rail security, the best 
transit security, best pipeline security, best for everybody. 
So, efforts directed at supporting and connecting with others 
in the Government of the United States, as well as our foreign 
partners, help all parts of the transportation network.
    My third point is, that we take advantage of all the work 
that was done before 9/11, even if it wasn't originally done 
for security. This panel here, now, this morning, represents 
that point.
    TSA isn't reinventing the wheel. DOT has been working 
transportation safety issues for a long time. And many of those 
measures form a very solid security foundation. Our job is to 
link up with the safety activities, and add value on top of 
that where there are particular security-specific needs.
    Intelligence-sharing, vulnerability analysis, technology 
sharing, and our Visible Intermodal Protection Response (VIPR) 
teams are an example of that value-add.
    Fourth, and finally, Secretary Chertoff has a risk-based 
strategy for DHS, and we follow that at TSA and apply it here, 
in surface transportation. We have completed risk assessments 
of surface transportation, and identified our top priorities 
based on threat, vulnerability and consequence.
    And they are--the top two--(a) high density passenger 
transit systems in urban areas with underwater or underground 
tunnels; and, (b) highly toxic chemicals in rail cars that are 
standing, unattended, in high-risk urban areas.
    Our mitigation measures include Federal grant priority for 
the passenger systems--$171 million in Fiscal Year 2007, and a 
total of about $550 million since 9/11--and an innovative and 
immediate risk reduction approach to freight rail with 
quantifiable and verifiable performance standards.
    And, I'd be happy to answer any questions during the 
discussion. Thank you.
    [The prepared statement of Mr. Hawley follows:]

    Prepared Statement of Hon. Edmund S. ``Kip'' Hawley, Assistant 
         Secretary, Transportation Security Administration, DHS
    Good morning Chairman Inouye, Vice Chairman Stevens and Members of 
the Committee. I am pleased to appear before you today to talk about 
our efforts in the field of rail and surface transportation security at 
the Transportation Security Administration (TSA). I would like to 
highlight some of the important steps that TSA and the Department of 
Homeland Security (DHS) are taking in partnership with the Department 
of Transportation (DOT), and our transportation network partners. Many 
of these important security steps are built upon and fortified by a 
solid safety foundation that has been developed over the years by our 
transportation partners and DOT.
Raising the Security Baseline of an Interconnected Network
    As we continue to strive to improve the security of these vital 
transportation systems, we must not forget the principles that make 
them viable and efficient. Many of these systems were designed with 
mobility and ease of access as an enabling fundamental underlying their 
operational success. Our security efforts must work within the 
framework of these systems and not hamper them. That inherent openness 
and mobility also presents us with our greatest security challenge.
Intelligence
    Non-linear risk drives everything we do. Instead of focusing on 
predicting the next attack, TSA takes a flexible approach and uses a 
risk-based methodology to address risk.
    TSA pursues a layered approach to security in transportation, 
including passenger transit, highway, pipeline, and rail security. This 
approach starts by leveraging the work of other U.S. Government 
entities that take place way beyond the doors of TSA and even beyond 
the soil of the United States through effective gathering, analysis, 
and dissemination of intelligence. As detailed below, we do this by 
working collaboratively with the transportation and shipper industries, 
as well as with state and local officials.
    The recent disruption of the terror plot in the United Kingdom and 
of the developing plot targeting underwater tunnels connecting New York 
and New Jersey illustrate the necessity of this approach. The best 
defense is one that prevents the terrorists from ever entering the 
United States. TSA complements other efforts by creating visible, 
unpredictable deterrence environments to disrupt terrorists' planning 
capabilities and operational launching of their missions. For example, 
our aviation system security measures provide a significant barrier to 
entry for potential terrorists coming to our country. Our government's 
investments and improvements in terrorism watch lists, border security 
and intelligence networks significantly impact surface transportation 
security.
Network Approach and Strategy
    To effectively address transportation security, we employ a network 
approach. The overall transportation system is a network. It has 
intersections and junctions; and while each transportation mode has its 
own security challenges, there are common vulnerabilities and 
mitigation strategies. In an effort to use our security resources 
efficiently, we work closely with transportation networks to leverage 
our security impact and determine risk-based priorities.
    As we effectively leverage our resources and set security 
priorities, TSA implements a comprehensive strategy that applies a 
common methodology across all transportation networks, regardless of 
mode. That strategy is simple and straightforward. It consists of five 
elements:

   Assess industry threat, vulnerability, and consequence;

   Develop baseline security standards;

   Assess actual security status against baseline security 
        standards;

   Develop plans to close gaps between actual status and 
        baseline security standards; and

   Develop enhanced systems of security.

    Next, let me discuss how this strategy works in practice for the 
freight rail, passenger rail and rail transit, highway (trucking) and 
pipeline industries.
Industry Threat Vulnerability and Consequence Assessments (TVC)
    The purpose of threat, vulnerability and consequence assessments is 
to focus efforts on and highlight risk areas. Since September 2001, 
many Federal agencies and industry partners have been involved in 
significant efforts to identify the highest risk areas for our security 
focus. Those efforts have centered on analyzing threats, assessing 
vulnerabilities and calculating consequences of potential terrorist 
attacks. Based upon this large body of work and our ongoing analysis, 
TSA determines the highest areas of risk for each mode of 
transportation so that we can properly focus on risk mitigation 
efforts.
    Freight Rail-TVC. Over the past several years, TSA has completed a 
number of freight rail corridor assessments in high threat urban areas. 
The point of the corridor assessments is to focus on high risk areas 
and determine the vulnerabilities. We have completed regionally based 
assessments in New Orleans, LA; Washington, DC; Houston, TX; Buffalo, 
NY; Cleveland, OH; and several cities in New Jersey including Newark, 
Elizabeth and Perth Amboy. We are currently assessing Los Angeles, CA 
and plan to visit additional urban areas in 2007. The results of the 
initial six assessments demonstrated recognizable trends and risks. We 
identified railcars loaded with toxic inhalation hazard materials (TIH) 
sitting unattended as the highest risk potential as a terrorist target. 
While these shipments represent less than 1 percent of all rail 
shipments, if attacked they could create an airborne hazard and 
potentially endanger the lives of people living and working in those 
communities.
    Passenger Transit-TVC. (Amtrak falls within our passenger transit 
division.) In assessing security in this area TSA is building upon a 
base of knowledge derived from 37 assessments of readiness to prevent, 
detect, deter, and respond to terrorist incidents, conducted by the 
Federal Transit Administration (FTA) and the Federal Railroad 
Administration (FRA). TSA has a 100 person Surface Transportation 
Security Inspection (STSI) force that is updating these earlier 
assessments and conducting additional field rail and passenger transit 
readiness assessments. TSA has utilized its inspection force to conduct 
assessments over the past year and a half and will continue to conduct 
these assessments in partnership with the rail industry and DOT.
    The extensive field work conducted by TSA and FTA/FRA in 
conjunction with the industry has been utilized to set our priorities 
and identify industry baseline standards. TSA and FTA/FRA assessments, 
in addition to in-house risk analysis, focus on passenger transit 
operating procedures and high risk/high consequence assets.
    Highway (Trucking)-TVC. TSA has been assessing the security risks 
of motor carriers through the Corporate Security Review (CSR) program, 
another form of assessment of industry readiness and vulnerabilities. 
Based up on our analysis we are focused on Toxic Inhalation Chemicals 
(TIH) and hazardous chemicals of concern, which include explosives, 
flammables and other poisonous materials.
    Pipeline-TVC. Through the CSR program for pipelines, TSA has 
identified a number of pipeline systems that pose the highest security 
risk. TSA will also conduct a pipeline infrastructure study to identify 
the highest risk pipeline assets.
Baseline Standards
    The purpose of baseline standards is to create measurable risk 
reduction targets.
    Freight Rail Baseline Standards. Because the potential risk posed 
by unattended TIH rail cars in high threat urban areas was identified 
as the highest risk area in rail, TSA developed a risk reduction goal 
of reducing the objectively-measured risk of TIH cars in high threat 
urban areas by 25 percent per year, starting in 2007. That risk factor 
takes into account car hours, the population of urban areas and the 
proximity to residential and commercial structures.
    TSA has also identified 24 other focus areas as security action 
items for the rail industry to begin to address. The actions items were 
released to the industry in June and November 2006. The action items 
focus on security awareness training, security focused inspections, 
suspicious activity reporting, control of sensitive information and 
employee identification. TSA is assessing conformity with the security 
action items to evaluate how implementation of the action items reduces 
objectively measured risk.
    Passenger Transit Baseline Standards. Based upon extensive 
assessments, in-house risk analysis performed at TSA and dialogue with 
the industry, TSA has developed baseline standards for the industry 
derived from six fundamental principles. Those principles are:

   Protect high risk/high consequence underground/underwater 
        assets and systems;

   Protect other high risk/high consequence assets and systems 
        identified in vulnerability assessments;

   Use visible, unpredictable deterrence;

   Plan and conduct awareness and response training for key 
        personnel;

   Plan and conduct emergency drills and exercises; and

   Plan and conduct public awareness and preparedness 
        campaigns.

    Highway (Trucking) Baseline Standards. TSA has been working closely 
with a number of chemical shippers to develop a series of baseline 
security standards for both TIH and hazardous chemicals of concern. 
Those standards will address specific areas such as vehicle tracking, 
vehicle attendance, vehicle alarm systems, truck cab access controls, 
locking fifth wheel on tank trailers and security route and stop areas.
    Pipeline Baseline Standards. TSA has been conducting corporate 
security reviews targeting the top 100 pipeline operators. From the 
results of these reviews, TSA has developed a series of security 
standards based upon the best operating practices of those companies. 
The pipeline standards address areas including security plans, employee 
security training, access controls and physical access security and 
employee background investigation.
    Assess Security Status. The purpose of assessing security status is 
to determine how individual operations compare to the baseline 
standards. The assessment procedures vary depending upon transportation 
mode. Assessments in rail and passenger transit are conducted by TSA's 
field inspector force, while highway and pipeline assessments are 
conducted by TSA's subject matter experts in each network management 
division. The assessments are structured to target key areas of concern 
and to capture essential data to evaluate current practice versus 
baseline standards.
    Freight Rail Status. In order to evaluate the security baseline in 
freight rail, TSA in cooperation with the rail industry is developing a 
comprehensive database driven system to identify the specific locations 
where TIH risk is the highest. TSA inspectors will verify attended/
unattended status and proximity to high risk structures. In addition to 
identifying high risk locations, the database will give TSA the ability 
to identify TIH cars in near real time. This capability will allow us 
to more effectively respond to emerging threat situations.
    Further, TSA inspectors have conducted field interviews with key 
rail management and personnel. Over 2,600 interviews have been 
completed, focused on employee security awareness, security procedures 
and systems to locate and protect TIH cars.
    Passenger Transit Status. The TSA inspector force has been 
conducting assessments of passenger rail transit systems (both commuter 
rail and other transit systems, including Amtrak). In addition to the 
TSA assessments, we expect self-assessments from the 50 largest transit 
agencies to be completed by the end of January 2007. TSA inspectors 
will then verify and confirm the assessment results. While the data 
gathered to date is preliminary, it does indicate varying security 
status among systems. Once data is confirmed by inspectors, we will 
have a much clearer understanding of how passenger transit systems 
compare to the six fundamental security principles and guide our plan 
to help us close those gaps.
    Highway (Trucking) Status. TSA conducts highway corporate security 
reviews and assessments. Those assessments are targeted at companies 
hauling TIH and other hazardous chemicals of concern. TSA will compare 
actual practice to baseline standards.
    Pipeline Status. TSA will use its ongoing corporate security review 
process to determine the implementation of baseline standards. TSA will 
continue to work with individual companies to improve their security 
status.
    Closing Gaps. Once assessments have identified the gaps in actual 
practice versus baselines standards, TSA develops action plans to close 
the gaps and takes steps where necessary to close the gaps in all 
modes. We have a variety of capabilities at our disposal including 
industry agreements, voluntary measures, security directives, and 
regulatory action. TSA works with the Office of Grants and Training 
(G&T) through the Infrastructure Protection Program (IPP) grants 
program to enable transit agencies and other surface transportation 
entities to apply for Federal funding to address the highest identified 
risks.
    Freight Rail-Close Gaps. In order to reduce the gaps between actual 
practice and baseline standards, TSA pursued a two-pronged approach. We 
issued a Notice of Proposed Rulemaking (NPRM) on December 21, 2006, 
which includes several provisions to strengthen the security of the 
Nation's freight rail systems in the highest threat urban areas. The 
proposed rule establishes incident reporting procedures, codifies TSA's 
inspection authority, requires rail company security coordinators, and 
most importantly creates a positive chain of custody from beginning to 
end which requires secure handoffs when cars change hands.
    While the proposed rule provides a number of important security 
initiatives, TSA was not satisfied with the timeframe of rulemaking 
alone. Risk reduction has a time component and we wanted to reduce the 
risk faster than rulemaking would allow. As a result, we reached an 
agreement with the rail industry to reduce unattended TIH standstill 
car time in high threat urban areas beginning in early 2007. A 
comprehensive database will be used to identify highest priority risk 
reduction opportunities and working in conjunction with TSA, the rail 
carriers will develop site-specific action plans to reduce or remove 
the TIH risks. In addition to reducing the TIH risks, TSA will work 
with rail carriers to improve the security performance in the security 
training and security procedures baseline. TSA is also developing an 
improvised explosive device (IED) training course for rail employees to 
be available in the second quarter of 2007.
    Passenger Transit-Close Gap. The strategies to close security gaps 
start with high risk/high consequence assets.
    As we know, an attack on underground, underwater, and other 
critical infrastructure can dramatically increase the consequences of 
an attack by magnifying the actual impact, complicating the response 
efforts and substantially prolonging the recovery time.
    We must be focused on minimizing high consequence risks. TSA, in 
partnership with G&T, intends to leverage the Transit Security Grant 
Program funds to focus on reducing risk and increasing security 
capabilities in State and local transit systems with the most risk. We 
are engaged in research to expand our understanding of the 
vulnerabilities and the consequences of terrorist attacks on our 
critical infrastructure. We are partnering with the National 
Laboratories to complete assessments of a prioritized list of transit 
tunnels and are pursuing mitigation solutions with our industry 
partners now.
    While transit agencies cannot harden every entry point, nor screen 
every passenger coming into busy stations, they can deploy visible, 
unpredictable mobile teams that disrupt terrorists' planning 
capabilities and provide high levels of security. We are accomplishing 
this by expanding our canine program and leveraging our security 
network to create surge capacity with Visible Intermodal Protection 
Response (VIPR) Teams.
    VIPR Teams, consisting of Surface Transportation Security 
Inspectors (STSIs), canine teams, Federal Air Marshals (FAMs), and 
advanced screening technology, provide TSA the ability to leverage a 
variety of resources quickly and effectively. These deployments are 
designed to raise the level of security in any mode of transportation 
across the country in heightened security environments. The teams work 
with local security and law enforcement officials to supplement 
existing security resources, provide deterrent presence and detection 
capabilities, and introduce an element of unpredictability to disrupt 
potential terrorist planning activities. More than 25 VIPR exercises 
have been conducted at key commuter and regional passenger rail 
facilities, and more are planned throughout 2007.
    Explosives detection canine teams are being trained, certified, and 
deployed by TSA to passenger transit systems. Since late 2005, TSA's 
National Explosive Detection Canine Team Program has worked in 
partnership with passenger transit systems to train, certify, and 
deploy 53 explosives detection canine teams to 13 major systems in a 
risk-based application of resources. Forty of these teams are currently 
in place and the other 13 are projected for training, certification, 
and deployment in the coming months.
    I want to emphasize that our STSI workforce and the canine teams we 
fund for passenger transit are just the point of the spear. There are 
literally thousands of transit and rail law enforcement and security 
officers on duty night and day to provide security where they are 
needed for these segments of the transportation network. Furthermore, 
each rail and passenger transit system makes a deliberate and strategic 
decision when they develop their annual budgets as to where they should 
apply their revenues to close security vulnerabilities. This approach 
creates a more effective network of local security rather than 
deploying a far greater Federal workforce to perform these same 
functions.
    Since the security of these systems is a shared responsibility 
among Federal, State, and local partners, the Administration has 
provided significant resources to bolster these security efforts since 
9/11. Funds from DHS grants programs may be used for planning, 
training, exercises, equipment, and other security enhancements. DHS 
has provided roughly $18 billion in awards to State and local 
governments for programs and equipment that help to manage risk.
    In addition to visible unpredictable deterrence, TSA believes that 
training for key personnel is essential to rail as its baseline of 
security. There are numerous passenger transit training courses 
available today. TSA is working with FTA to identify the specific type 
of training required for employees (i.e., train operators, station 
managers, and control system personnel, among others) in order to 
provide guidance to systems.
    TSA and G&T are using the Infrastructure Protection Program (IPP) 
grants program to drive improvement in the six security fundamental 
areas mentioned earlier, including training for key personnel, drills 
and exercises and public awareness and preparedness.
    The $175 million IPP security grant program is the centerpiece of 
DHS's interagency strategy to close gaps in operator security status 
and baseline standards. Within the transportation sector the program 
covers transit, inter-city buses, and trucking security. For purposes 
of the IPP, ``transit'' includes Amtrak, which is eligible for $8.3 
million, and commuter ferry systems that are eligible for $7.8 million. 
The IPP transit grant guidance emphasized the six fundamentals and we 
expect to direct transit grants awards based on our system assessments 
and security fundamental baselines. We use the grants program to close 
the gaps at high risk properties.
    Highway (Trucking)-Close Gaps. TSA is working on a number of 
strategies to close gaps in performance versus actual standards. We are 
currently considering a number of voluntary incentive programs and 
regulatory options.
    Pipeline-Close Gaps. TSA has had an extensive working relationship 
with the pipeline industry. TSA has prepared an employee security 
awareness training program for all pipeline employees, worked with 
operators to prepare or improve security plans, conducted site specific 
visits to evaluate security practices, and developed risk mitigation 
strategies for high risk assets. This cooperative relationship has 
resulted in improved conformity to baseline standards.
Enhanced Systems of Security
    The final part of our strategy is to enhance the systems of 
security. As we take actions to close gaps, we also need to improve 
security technology and practices that many of these technologies apply 
to multiple modes of transportation.
    DHS is developing a number of screening techniques and technologies 
which may be implemented or deployed quickly to systems facing a 
specific threat, or in support of major events such as National Special 
Security Events (NSSEs). Pilot programs to test these technologies are 
already underway in several major American cities.
    Through the DHS Science and Technology (S&T) Directorate's Rail 
Security Pilot (RSP), DHS has field tested the effectiveness of 
explosives detection techniques and imaging technologies in partnership 
with the Port Authority of New York and New Jersey.
    The Systems Support Division (SSD) of G&T has conducted operational 
tests to evaluate manufacturer claims on ballistic resistant trash 
receptacles and published a report of its findings to help ensure mass 
transit systems, among others, have the facts needed to guide critical 
procurement decisions. Similarly, SSD has published a closed circuit 
television (CCTV) technology handbook to provide a reference point on 
current CCTV technologies, capabilities and limitations.
    Finally, we maintain mobile security equipment, which can fit into 
two standard size shipping containers, for rapid deployment for use in 
screening and detection at any major system in the country should the 
need arise.
    In addition to technologies that may apply primarily to passenger 
modes, TSA is working closely with a number of parties to develop 
advanced railcar tracking systems with geofenced event-notification 
capabilities. TSA is also cooperating in efforts to develop next-
generation hazardous materials rail cars designed to better withstand 
terrorist attacks and operating accidents.
    TSA is working with selected hazardous material carriers to test 
truck tracking and control technologies. We are also in the early 
stages of security technology applications to the pipeline industry. 
Two specific areas TSA is involved in are blast mitigation and unmanned 
aerial surveillance vehicles.
Presidential Action and TSA's Objectively Measured Risk Reduction 
        Process
    On December 5, 2006, the President issued Executive Order 13416, 
which builds upon the improvements made in surface transportation 
security since September 11, 2001, specifically actions taken under 
Homeland Security Presidential Directive 7, ``Critical Infrastructure 
Identification, Prioritization, and Protection'' (HSPD-7). Executive 
Order 13416 requires the strengthening of our Nation's surface 
transportation systems by the facilitation and implementation of a 
comprehensive, coordinated, and efficient security program. As the 
Federal official with principal responsibility for protecting surface 
transportation infrastructure, Secretary Chertoff has the lead in 
implementing this policy in coordination with the Secretary of DOT and 
the heads of other relevant agencies. The order sets deadlines for key 
security activities including security assessments of each surface 
transportation mode and an evaluation of the effectiveness and 
efficiency of current Federal Government surface transportation 
security initiatives. We continue to build upon current security 
initiatives to develop a comprehensive transportation systems sector 
specific plan, as defined in the National Infrastructure Protection 
Plan (NIPP). The five-part strategy cited earlier in my testimony is 
meeting the requirements of the Executive Order.
Annexes to DHS-DOT Memorandum of Understanding
    Three annexes to a September 2004 Memorandum of Understanding 
between DHS and DOT have been completed and signed, evidencing the 
close and continuous cooperation between TSA and DOT to leverage 
resources.
    The first, between TSA and the Federal Railroad Administration 
(FRA), memorializes how we will coordinate our programs and initiatives 
at an agency level to better secure passenger and freight railroad 
transportation, and improve stakeholder relationships, and to include 
assisting railroads in prioritizing assets and addressing current and 
emerging threats and vulnerabilities. While TSA is responsible for rail 
security and FRA is responsible for rail safety, the annex provides 
detailed operational guidance to enable the two agencies to avoid 
duplication and maximize efficiency and cooperation in their planning, 
inspection, training and enforcement activities.
    The second annex is between the Pipeline and Hazardous Materials 
Safety Administration (PHMSA) and TSA. This annex delineates our 
respective roles and responsibilities regarding pipelines and hazardous 
materials transportation security. It discusses sharing data and 
compliance information between the agencies, coordinating research and 
regulatory activities, providing joint public information and emergency 
response materials, collaboration in inspection and enforcement 
activities, and sharing technical support and budgets.
    The third annex is between the Federal Transit Administration (FTA) 
and TSA. It similarly provides for close and continuous cooperation 
between the two respective agencies in matters relating to security of 
the Nation's transit systems.
    Together, these annexes allow much more efficient use of the 
government's time and money, while maximizing the value of what these 
agencies can achieve for industry and the traveling public.
Summary
    TSA has a clear strategy to address surface transportation 
security. That strategy focuses first on identifying areas of high risk 
and then establishing baseline security standards to address those 
risks. Once baseline standards are established, we assess the actual 
status of security in the transportation industries, and in close 
coordination with stakeholders, devise strategies for bringing actual 
practices up to the standards we have established. Finally, we are 
developing advanced systems of security through a coordinated research 
and development program, to further enhance security beyond the 
baseline standards. In furtherance of this strategy, I have established 
an Office of Transportation Sector Network Management specifically to 
address the cross-cutting issues that affect all aspects of the 
transportation sector as a unified whole. They are implementing this 
strategy through cooperation with stakeholders where appropriate, 
regulation and inspection where necessary, and through the distribution 
of grants to assist the industry to implement these objectives we have 
set forth.
    I understand that the Committee is considering new legislation to 
address further security measures for surface transportation. The 
Department and TSA look forward to working cooperatively with the 
Committee as we have done since you first took up the Aviation and 
Transportation Security Act (ATSA) in 2001. We appreciate your 
leadership in this area and the support that you have given to TSA.
    Thank you for this opportunity to inform you of our efforts in 
freight rail, commuter rail and other transit, trucking and pipeline 
security. I would be happy to answer any questions that you might have.

    Senator Lautenberg. Thank you.
    Mr. Boardman?

 STATEMENT OF HON. JOSEPH H. BOARDMAN, ADMINISTRATOR, FEDERAL 
                  RAILROAD ADMINISTRATION, DOT

    Mr. Boardman. Mr. Chairman, Mr. Vice Chairman, members of 
the Committee, thank you for having me here this morning.
    I'm here representing Secretary Peters, and my oral 
testimony this morning will be focused on FRA's working 
relationship with TSA, and our efforts in the passenger 
railroad security area.
    In September of 2004, DOT and DHS entered into a Memorandum 
of Understanding concerning their respective roles on security 
issues. The MOU notes that DHS has primary responsibility for 
security, in all modes of transportation, but also recognizes 
that DOT has responsibilities in the area of transportation 
security.
    TSA and FRA have signed an annex to that memo of agreement, 
concerning coordination of the two agencies on rail security 
matters. The annex provides for close cooperation between two--
the two agencies on railroad security regulations, legislation, 
research and development, inspection activities, and response 
to threats on railroad security.
    The agreement provides that if an FRA inspector observes a 
significant security issue, the information will be provided to 
TSA and the railroad. And, similarly, if a TSA inspector 
observes a significant rail safety issue, the information will 
be provided to FRA and the railroad.
    In addition to coordinating day-to-day railroad 
inspections, FRA has assisted TSA in conducting security 
assessments in high-threat, urban-area rail corridors carrying 
significant volumes of TIH materials; and in developing the 27 
voluntary security action items that the railroads have agreed 
to implement to improve security on rail movements of TIH 
materials.
    FRA has one full-time employee addressing rail security 
matters, and all of our 71 hazmat inspectors and specialists, 
along with 17 State inspectors devote a portion of their time 
to reviewing railroad shipper and security plans for compliance 
with FMSA's security regulations.
    FRA's Security Director works on a daily basis with 
Government agencies and the railroad industry to facilitate 
communication on security issues, and also participates in 
security training, reviews security plans, and performs other 
activities to promote rail security.
    Today at FRA, personnel have reviewed more than 6,000 
security plans, and conducted over 4,000 inspections for 
compliance with security training requirements of the FMSA 
regulations.
    In 2007, FRA will work with the American Short Line and 
Regional Railroad Association to provide hazmat security 
training, and conduct security reviews at approximately 125 
short-line railroads, and conduct at least 15 security training 
sessions for rail labor organizations, as well as four sessions 
at the FBI Academy on railroad security and emergency response 
for law enforcement personnel.
    FRA will explore leveraging the National Labor College, 
George Meany Training Campus, to assist in providing security 
awareness training for railroad employee, who are not receiving 
the security training under FRA's Emergency Preparedness 
Regulation, or the FMSA security regulation.
    FRA requires each railroad that operates intercity or 
commuter passenger train service, or hosts that operation of 
such service, to adopt and comply with written emergency 
preparedness plans prepared by the FRA. The regulation requires 
railroads providing passenger service to periodically conduct 
full-scale passenger train emergency simulations, and conduct a 
debriefing and critique session after actual simulated 
passenger train emergencies.
    The FRA will continue monitoring passenger railroads for 
compliance with this regulation, and will attend each full-
scale simulation, and follow-up review session such as the one 
that's scheduled for Long Island Railroad this March with the 
New York City Fire Department.
    In 2003, the FRA initiated a review of existing passenger 
train safety needs. This lead to an emergency systems NPRM in 
August 2006. Emergency communications is one of the main 
focuses of this particular NPRM. Under the proposal, all 
existing passenger cars will be required to be equipped with 
public address systems by 2012, that provides a means for a 
crew member to communicate to all train passengers in an 
emergency situation. And all new passenger cars would be 
required to be equipped with intercom systems that provide a 
means for passengers and crew members to communicate with each 
other in an emergency situation.
    The proposed rulemaking would also enhance requirements for 
emergency window exits in passenger cars, and mandate that all 
passenger cars--including existing cars--have rescue windows 
for emergency responder access.
    FRA is in the process of preparing the final rule, and we 
expect to do so by the middle of the year.
    Moreover, a separate regulatory proposal is also in 
development, focusing on passenger car emergency signage, low 
location exit path marking and emergency lighting. This 
proposal is expected to be published by the end of 2007. 
Complementing this regulation, Amtrak and commuter railroads 
have instituted their own security plans and conduct security 
training. FRA assisted in the development of its security plan, 
and specifically--in coordination with Amtrak's Inspector 
General--FRA contracted with RAND Corporation to conduct a 
systematic review and assessment of Amtrak's security posture, 
corporate strategic security planning, and programs focusing on 
the adequacy of preparedness for combating terrorist threats. 
FRA's Security Director is currently working with Amtrak to 
implement the recommendations of that RAND study.
    FRA inspectors conducted basic security reviews of Amtrak 
and commuter railroad security, both after the 2004 train 
bombings in Madrid, and with TSA inspectors after the 2005 
transit bombings in London. In both cases, FRA inspectors and 
TSA inspectors were deployed immediately after the bombings to 
assess the security posture of passenger railroads, based on a 
checklist of major security criteria.
    Together, DOT, TSA and the rail industry are helping to 
ensure that security initiatives and programs are directed at 
potential threats to the Nation's railroad network. And as rail 
employers, employees and others responsible for security are 
prepared to identify and address such threats, FRA looks 
forward to working with this committee in furthering the safety 
and security of our Nation's railroad network, and including 
the drafting of safety and security legislation.
    Thank you very much.
    [The prepared statement of Mr. Boardman follows:]

     Prepared Statement of Hon. Joseph H. Boardman, Administrator, 
                  Federal Railroad Administration, DOT
    Chairman Inouye, Vice Chairman Stevens, and other members of the 
Committee, I am pleased to be here today to testify, on behalf of the 
Secretary of Transportation, about the security of our Nation's 
passenger and freight railroad network and the efforts that the 
Department of Transportation (DOT) is making to enhance rail safety and 
security. The Federal Railroad Administration's (FRA) primary mission 
is to promote the safety of the U.S. railroad industry and to reduce 
the number and severity of accidents and incidents arising from 
railroad operations. Our railroad safety mission necessarily includes 
our involvement in railroad security issues. The U.S. Department of 
Homeland Security (DHS) and its Transportation Security Administration 
(TSA) have primary responsibility for transportation security, with FRA 
providing support in the railroad sector. FRA works closely with TSA 
and the railroad industry on a daily basis in addressing railroad 
security and safety issues, participates in the Government Coordinating 
Council for Rail, and contributed its expertise to the National 
Strategy for Transportation Security and the National Infrastructure 
Protection Plan.
    My testimony today will provide some background on FRA's railroad 
safety program, describe the role that FRA plays in railroad security, 
and discuss railroad safety and security initiatives. We stand ready to 
work with the Committee in furthering the safety and security of our 
Nation's railroad network.
Overview of the Railroad Industry
    The U.S. railroad network is a vital link in the Nation's 
transportation system and is critical to the economy, national defense, 
and public health. Passenger and freight railroads operate over 170,000 
route miles of track and employ over 232,000 workers. The rail system 
is diverse and expansive. Security risks are inherent in its supporting 
infrastructure, as well as in the people and products moving through 
it. Most of the larger railroads have their own police force, and they 
are supplemented by State and local law enforcement.
     Amtrak, the Alaska Railroad Corporation, and commuter railroads 
provide passenger rail service to more than 500 million passengers 
yearly. Passenger operators face many challenges in their efforts to 
provide a secure public transportation environment. By definition, the 
systems are open, providing numerous points of access and egress 
leading to high passenger turnover and making them difficult to monitor 
effectively. Amtrak, for example, operates as many as 300 trains per 
day serving over 500 stations in 46 States, and Amtrak trains use 
tracks owned by freight railroads except for operations in the 
Northeast Corridor and in Michigan.
    Privately-owned freight railroads connect industries and businesses 
with each other across the country and with markets overseas, moving 42 
percent of all intercity freight, measured in ton-miles, including 67 
percent of the coal used by electric utilities to produce power, and 
chemicals used in manufacturing and water purification. Seven Class I 
railroads haul over 90 percent of the rail cargo in the U.S., with the 
remaining 10 percent being transported by 30 regional railroads and 
over 500 local railroads. Typically railroads move about 1.7 to 1.8 
million carloads of hazardous materials (hazmat) yearly, with roughly 
105,000 of these carloads being toxic inhalation hazard (TIH) 
materials, such as chlorine and anhydrous ammonia. Over 64 percent of 
TIH materials are currently transported by rail. The railroads have an 
outstanding record in moving all goods safely. The vast majority of 
hazardous materials shipped by rail every year arrive safely and 
without incident, and train accidents involving a release of hazardous 
materials that causes death are infrequent and rare, even while rail 
traffic volumes have increased steadily. As discussed below, DOT has an 
aggressive and comprehensive action plan to address the root causes of 
hazmat accidents, to examine and improve the integrity of rail tank 
cars used to transport hazmat, and to improve the railroads' hazmat 
security plans. In addition, DOT's Pipeline and Hazardous Materials 
Safety Administration (PHMSA) annually provides grant funds to States 
and Indian tribes to assist in the development, improvement, and 
implementation of hazmat emergency response plans, and to train 
emergency responders to respond to hazmat accidents and incidents; 
details on this program are contained in PHMSA's website (http://
hazmat.dot.gov).
    Maintaining a safe and secure railroad transportation system is 
essential, and safety and security issues are being jointly addressed 
by the industry, DOT, and TSA.
FRA's Railroad Safety Program
    FRA is the DOT agency charged with carrying out the Federal 
railroad safety laws. The laws provide FRA, as the Secretary's 
delegate, with very broad authority over every area of railroad safety. 
In exercising that authority, the agency has issued and enforces a wide 
range of railroad safety regulations. Several of FRA's rules have been 
developed with specific consideration of security concerns. For 
example, FRA's January 2002 final rule barring most extraterritorial 
dispatching of U.S. railroad operations is based in part on the 
agency's concerns about the security of foreign dispatching facilities. 
Similarly, FRA's rule on passenger train emergency preparedness, 
discussed more fully below, requires carriers to prepare plans that 
deal with criminal as well as accidental events. While most of FRA's 
rules are focused on the safety of railroad operations and not 
explicitly based on security concerns, they also necessarily have some 
bearing on security. For example, a railroad inspector performing an 
inspection required by an FRA safety regulation could potentially 
uncover a hazardous condition that was intentionally caused by 
terrorist activity. Similarly, Federal passenger and freight equipment 
standards are intended to ensure that the equipment can withstand 
forces of derailments and collisions, whether caused by accidents or 
deliberate acts, thereby helping to protect passengers, employees, and 
surrounding communities.
    In addition, FRA enforces in the rail mode of transportation the 
Hazardous Materials Regulations, which are promulgated by PHMSA. These 
regulations include requirements that railroads and other transporters 
of hazmat, as well as shippers, have and adhere to security plans and 
also train their employees involved in offering, accepting, or 
transporting hazmat on both safety and security matters, as discussed 
more fully below.
    To address the key safety issues facing the railroad industry, in 
May 2005, DOT and FRA launched an aggressive and ambitious National 
Rail Safety Action Plan with the following strategy:

   Target the most frequent, highest-risk causes of accidents;

   Focus FRA's oversight and inspection resources more 
        precisely; and

   Accelerate research efforts that have the potential to 
        mitigate the largest risks.

    FRA's plan includes initiatives in several areas: reducing human 
factor-caused train accidents, the largest category of train accidents; 
acting to address the serious problem of fatigue among railroad 
operating employees; improving track safety; improving emergency 
preparedness and enhancing hazmat safety, including evaluating and 
improving the integrity of tank cars used to transport hazmat; and 
improving highway-rail grade crossing safety. One of the primary 
elements of the Action Plan is the implementation of a National 
Inspection Plan, which uses sophisticated trend analysis to ensure that 
FRA is properly allocating its inspectors so that they are directing 
their efforts on areas of greatest safety concern. A summary of the 
steps FRA has taken in implementing the Action Plan is attached to my 
statement.
    Though the Action Plan is focused on rail safety, rail security 
will also be improved. In particular, enhancements to hazmat safety and 
emergency preparedness will result in enhancements to rail security.
FRA's Role in Railroad Security
    FRA's involvement in railroad security predates the terrorist 
attacks on September 11, 2001. From October 1995 (when a deliberate act 
of vandalism caused a fatal Amtrak derailment near Hyder, Arizona) 
through March 2006 (when the USA PATRIOT Improvement and 
Reauthorization Act of 2005 was enacted), FRA helped develop and worked 
with Congress to secure the enactment of Federal criminal legislation 
to deter and punish more effectively terrorist attacks against 
railroads and mass transportation systems. Additionally, in 1998 FRA 
issued a regulation requiring passenger railroads to prepare, and 
secure FRA approval of, plans to address emergencies, including 
security threats, to train employees on the plan, and to conduct 
emergency simulation drills, as noted above and discussed more fully 
below. FRA will be exploring leveraging the National Labor College, 
George Meany Training Campus, to assist in providing security awareness 
training for railroad employees who are not receiving security training 
under FRA's emergency preparedness regulation or PHMSA's security 
regulation.
    Since the September 11 terrorist atrocities, FRA has been actively 
engaged in the railroad industry's response to the terrorist threat. 
The railroads have developed their own security plans, and FRA has 
worked with the railroads, rail labor, and law enforcement personnel to 
develop the Railway Alert Network, which permits timely distribution of 
information and intelligence on security issues. Working with DOT's 
Federal Transit Administration (FTA), we have participated in security 
risk assessments on commuter railroads, and we have conducted security 
risk assessments of Amtrak as well. FRA's security director works on a 
daily basis with government agencies and the railroad industry to 
facilitate communications on security issues, and also participates in 
security training, reviews security plans, and performs other 
activities to promote rail security. For example, FRA intends to 
conduct at least 15 security training sessions for rail labor 
organizations in 2007, as well as four sessions at the FBI Academy on 
railroad security and emergency response for law enforcement personnel.
    In September 2004, DOT and DHS entered into a memorandum of 
understanding (MOU) concerning their respective roles on security 
issues. The MOU notes that DHS has primary responsibility for security 
in all modes of transportation but also recognizes that DOT has 
responsibilities in the area of transportation security. The MOU 
reflects the agencies' shared commitment to a systems risk-based 
approach and to development of practical solutions, recognizing that 
each agency brings core competencies, legal authorities, resources, and 
expertise to the railroad mission. The MOU requires early coordination 
between the parties on the development of regulations affecting 
security. Separate annexes have been signed concerning the 
implementation of the Homeland Security Council's recommendations 
concerning TIH materials, and concerning the coordination between FRA 
and TSA, FTA and TSA, and PHMSA and TSA on security matters.
    The FRA-TSA annex provides for close cooperation between the two 
agencies on railroad security regulations, legislation, research and 
development, inspection activities, and response to threats to railroad 
security in order to maximize passenger and freight railroad security 
while minimizing disruptions to railroad operations to the extent 
practicable. The agreement provides that if an FRA inspector observes a 
significant security issue, the information will be provided to TSA and 
the railroad; similarly, if a TSA inspector observes a significant rail 
safety issue, the information will be provided to FRA and the railroad. 
FRA has one full-time employee addressing rail security matters, and 
all of our 71 hazmat inspectors and specialists, along with 17 State 
inspectors, devote a portion of their time to reviewing railroad and 
shipper security plans for compliance with PHMSA's security regulations 
discussed below.
Freight Railroad Security
    Railroads have voluntarily developed and adopted security plans 
based on comprehensive risk analyses, and the national intelligence 
community's best practices, that address the security of not only 
hazmat but of freight in general. The Association of American Railroads 
(AAR) has established guidance for the major freight railroads in the 
form of a model strategic security plan. The railroad industry has also 
developed a detailed protocol (AAR Circular OT-55-I) on recommended 
railroad operating practices for transportation of high-risk hazardous 
materials (including TIH). FRA, PHMSA, and TSA have jointly worked with 
the railroad industry to build upon the railroads' security efforts 
through vulnerability assessments, development of voluntary security 
action items, and rulemakings. Additionally, FRA has arranged a 
conference to permit railroads and chemical shippers to discuss routing 
options for the movement of TIH materials, as explained more fully 
below.
    A special focus for FRA and DOT, collectively, is the security of 
hazmat transported by rail. A major initiative has been PHMSA's March 
2003 regulation requiring each shipper and carrier of significant 
quantities (placardable amounts) of hazmat to adopt and comply with a 
security plan. See 49 CFR  172.800 et seq. Under the PHMSA regulation, 
security plans must include an assessment of security risks and 
appropriate countermeasures or mitigation strategies, or both, to 
address those risks. The plans must, at a minimum, address three 
specific areas: the security of company personnel; unauthorized access 
to company property; and the security of hazmat shipped or transported 
by the company from its origin to its destination. To assist railroads 
that transport hazmat and shippers that offer hazmat for transportation 
by rail to comply with this regulation, particularly small- and medium-
sized companies, PHMSA developed a program on how to write and 
implement security plans for their companies.
    FRA recognizes that railroad and shipper employees' awareness and 
understanding of the PHMSA regulation and procedures governing the safe 
and secure transportation of hazmat shipments are critical. Therefore, 
PHMSA's regulation provides for safety and security training for 
employees engaged in the transportation of hazmat. Specifically, each 
shipper and carrier of significant quantities of hazmat is also 
required to conduct two types of security training for its employees: 
security awareness training that provides an awareness of risks 
associated with hazmat transportation and methods designed to enhance 
hazmat transportation security, and in-depth security training 
concerning the company's security plan and its implementation. These 
training requirements are also recurrent; employees must receive the 
required training at least every 3 years. To date, FRA personnel have 
reviewed more than 6,105 security plans (including plans for shippers 
by rail and the plans for all Class I freight railroad carriers) and 
conducted 4,054 inspections for compliance with the security training 
requirements. Moreover, FRA's security director is currently working 
with the American Short Line and Regional Railroad Association to 
provide hazmat security training and conduct security reviews at 
approximately 125 short line railroads in 2007.
    In April 2004, DHS and DOT took specific actions to improve the 
security of rail shipments of TIH materials. As part of this 
initiative, DHS and DOT, in cooperation with the railroads, are 
assessing the vulnerabilities of High Threat Urban Areas (HTUAs) 
through which TIH materials move by rail in significant quantity. These 
assessments helped result in the railroads agreeing to voluntarily 
implement 27 Security Action Items designed to improve the security of 
rail movements of TIH materials. The Action Items address system 
security and access control (i.e., practices affecting the security of 
railroads and their property), as well as en-route security (the actual 
movement and handling of railcars containing TIH materials), 
particularly in HTUAs. Full implementation of the Action Items is 
expected to raise the security baseline for the transportation of TIH 
materials. Implementation of the first 24 Action Items had begun when 
they were announced in June 2006, and implementation of the remaining 3 
Action Items dealing with HTUAs had also been initiated when they were 
announced on November 21, 2006.
    In August 2004, DOT and TSA published a notice and request for 
comments in the Federal Register asking for input on aspects of TIH 
rail shipments, the DOT security program requirement, and the need for 
additional regulation. Following review and consideration of the 
comments received, PHMSA, in consultation with FRA and TSA, published a 
notice of proposed rulemaking on December 21, 2006, to revise current 
requirements for the safe and secure rail transportation of hazmat. See 
71 FR 76833. Likewise, TSA concurrently proposed enhancements to rail 
security requirements. See 71 FR 76852. Specifically, PHMSA's proposal 
would require railroads to--

   compile annual data on specified hazmat rail shipments;

   use the data annually to analyze safety and security risks 
        along rail transportation routes where those materials are 
        transported and one possible alternative to each route;

   utilize the analyses in selecting the safest and most secure 
        commercially practicable routes the carrier is authorized to 
        operate over in transporting these materials;

   address the security risks associated with shipments delayed 
        in transit or temporarily stored in transit as part of their 
        security plans;

   notify consignees if there is a significant unplanned delay 
        affecting the delivery of certain types of hazardous material;

   work with shippers and consignees to minimize the time a 
        rail car containing certain types of hazardous materials is 
        placed on track awaiting pick-up or delivery or transfer from 
        one carrier to another;

   notify storage facilities and consignees when rail cars 
        containing certain types of hazardous materials are delivered 
        to a storage or consignee facility; and

   conduct security visual inspections at ground level of rail 
        cars containing hazardous materials to inspect for signs of 
        tampering or the introduction of an improvised explosive device 
        (IED).

    PHMSA and FRA will hold two public meetings, one on February 1, 
2007, in Washington, D.C., and the second on February 9, 2007, in 
Dallas, Texas, to obtain oral comments on the proposed requirements.
    DHS has provided funding to the Railroad Research Foundation, a 
nonprofit organization devoted to sustaining a safe and productive 
railroad industry, to develop a Web-based tool to calculate rail route 
specific hazmat risks, and assist in route selection decisions. This 
tool would be available to rail carriers in performing route analysis, 
and to DOT, TSA, and government emergency planners.
    In late 2005, FRA granted a request by the AAR and the American 
Chemistry Council to convene a section 333 conference to discuss ways 
to minimize security and safety risks flowing from the transportation 
by rail of TIH materials. Section 333 of title 49 of the United States 
Code authorizes the FRA Administrator, as delegate of the Secretary of 
Transportation, to convene conferences at the request of one or more 
railroads to address coordination of operations and facilities of rail 
carriers in order to achieve a more efficient, economical, and viable 
rail system. Persons attending a section 333 conference are immune from 
antitrust liability for any discussions at the conference, and can also 
receive immunity for any resulting agreements that receive FRA 
approval. The conference has been carefully structured to minimize 
antitrust concerns involving the chemical manufacturers and shippers. 
The conference provides the railroads and chemical manufacturers and 
shippers with the opportunity to meet and discuss approaches to reduce 
the amount of TIH materials moved by rail, and to enhance the safety 
and security of TIH materials that are moved. FRA, PHMSA, and 
representatives from the Department of Justice, the Federal Trade 
Commission, TSA, and the Surface Transportation Board (STB) are 
participating in these discussions. The initial efforts of the 
conference are focused on chlorine and anhydrous ammonia rail transport 
because they represent over 80 percent of all TIH rail shipments. FRA 
has met with the rail carriers to discuss modeling and routing options. 
Further meetings with the rail carriers, as well as separate meetings 
with the chlorine and anhydrous ammonia shippers, are planned for early 
this year. In some instances, the projects agreed to at the conference 
may need the approval of the STB in order to be implemented.
    While we must remain ever vigilant to secure hazmat shipments on 
our Nation's railroads, for the sake of railroad employees and the 
public whom we all serve, it bears emphasizing that the vast majority 
of hazmat shipments arrive at their destinations safely. Considering 
just chlorine, for example, since 1965 (the earliest data available) 
there have been at least 2.2 million tank car shipments of chlorine--
only 788 of which were involved in accidents (0.036 percent of all the 
shipments). Of those accidents, there were 11 instances of a 
catastrophic loss (i.e., a loss of all, or nearly all) of the chlorine 
lading (0.0005 percent of all the shipments). Of the 11 catastrophic 
losses, four resulted in fatalities (0.00018 percent of all the 
shipments). For all hazardous materials, in the 12 years from 1994 
through 2005, hazardous materials released in railroad accidents 
resulted in a total of 14 fatalities. While one death is obviously too 
many, the record of transporting these commodities is very good, and we 
believe the initiatives underway will further improve upon that record.
Passenger Railroad Security
    As discussed earlier, in the area of passenger railroad security, 
FRA requires each railroad that operates intercity or commuter 
passenger train service or that hosts the operation of such service to 
adopt and comply with a written emergency preparedness plan approved by 
FRA. See 49 CFR Part 239. The regulation makes clear that an 
``emergency'' includes a security-related situation. Each plan must 
address employee training and qualification, and provide for both 
initial and recurrent training. Additionally, each railroad must 
establish and maintain a working relationship with emergency responders 
on its line by taking measures such as developing and making available 
a training program on the plan and inviting the emergency responders to 
participate in emergency simulations. The regulation requires railroads 
providing passenger service to periodically conduct full-scale 
passenger train emergency simulations (with actual equipment and 
simulated victims) and conduct a debriefing and critique session after 
actual or simulated passenger train emergency situations. FRA will 
continue monitoring passenger railroads for compliance with this 
regulation and attend each full-scale simulation and follow-up review 
session, such as one scheduled by the Long Island Rail Road for March 
with the New York City Fire Department.
    In 2003, under the auspices of FRA's Railroad Safety Advisory 
Committee (RSAC), FRA initiated a review of existing passenger train 
safety needs and programs for the purpose of developing any necessary 
recommendations on actions to advance the safety of passenger rail 
service. The RSAC is a forum for developing recommendations to FRA on 
rulemakings and other safety program issues, and it includes 
representatives from all of the rail industry's major groups, State 
representatives, the National Transportation Safety Board (NTSB), and 
other stakeholders. As part of this effort, the Passenger Safety 
Working Group was established, as well as four smaller task forces, 
notably the Emergency Preparedness Task Force. The Emergency 
Preparedness Task Force is specifically devoted to consideration of 
passenger train emergency preparedness issues, and includes 
representatives from railroads, rail labor organizations, the NTSB, 
FTA, and TSA. Its efforts helped lead to the issuance of proposed 
enhancements and additions to FRA's regulations for passenger train 
emergency systems (emergency systems NPRM). See 71 FR 50276; August 24, 
2006.
    Emergency communication is one of the main focuses of the emergency 
systems NPRM. Under the proposal, all existing passenger cars would be 
required to be equipped with a public address system by 2012 that 
provides a means for a crewmember to communicate to all train 
passengers in an emergency situation, and all new passenger cars would 
be required to be equipped with an intercom system that provides a 
means for passengers and crewmembers to communicate with each other in 
an emergency situation. An intercom system could be vital in enabling a 
passenger to quickly alert a crewmember of a security threat, and the 
crewmember in turn could contact the appropriate authorities to obtain 
emergency assistance and use the train's public address system to 
provide any necessary direction to passengers. The proposed rulemaking 
would also promote passenger and employee safety in an emergency 
situation--whether resulting from an accidental or an intentional act--
by enhancing requirements for emergency window exits in passenger cars 
and mandating that all passenger cars, including existing cars, have 
rescue windows for emergency responder access. FRA is in the process of 
preparing the final rule, which is expected to be issued by the middle 
of this year. Moreover, a separate regulatory proposal is also in 
development within the Emergency Preparedness Task Force, focusing on 
passenger car emergency signage, low-location exit path marking, and 
emergency lighting. The proposal will be based on American Public 
Transportation Association (APTA) standards for passenger safety, will 
augment current Federal requirements, and is expected to be published 
by the end of 2007.
    Complementing FRA's regulations, Amtrak and commuter railroads have 
instituted their own security plans and conduct security training. FRA 
assisted Amtrak in the development of its security plan. Specifically, 
in coordination with Amtrak's Inspector General, FRA contracted with 
the RAND Corporation to conduct a systematic review and assessment of 
Amtrak's security posture, corporate strategic security planning, and 
programs focusing on the adequacy of preparedness for combating 
terrorist threats. FRA's security director is currently working with 
Amtrak to implement the recommendations of the RAND study. APTA is also 
leading commuter railroads in the development of voluntary industry 
standards for passenger rail safety and security.
    FRA inspectors have conducted basic security reviews of Amtrak and 
commuter railroad security both after the 2004 train bombings in Madrid 
and after the 2005 transit bombings in London. In both cases, FRA 
inspectors were deployed immediately after the bombings to assess the 
security posture of passenger railroad facilities based on a checklist 
of major security criteria. In the aftermath of the London bombings, 
FRA worked closely on these security reviews with TSA's new rail 
security inspectors. TSA focused primarily on urban rapid transit 
lines, while FRA inspectors concentrated on commuter and intercity 
passenger operations; in some situations, inspectors from the two 
agencies worked jointly. FRA will continue to support TSA in responding 
to rail security threats.
    In partnership with FTA, FRA also participated in security risk 
assessments on the ten largest commuter railroads and contributed the 
funding for security risk assessments on three of these railroads. In 
addition, FRA participated in FTA's ``best practices tool kit'' 
initiative, contributing our knowledge of commuter rail operations, 
infrastructure, and organization to ensure that the recommended 
security enhancement measures were sound and feasible in a railroad 
environment. FRA staff worked closely with many of the railroads that 
receive FTA grant funding, to plan and assist in the development and 
implementation of security simulations and drills. FRA also devoted 
staff with both railroad knowledge and facilitation skills to the 17 
FTA-sponsored workshops across the country (called ``Connecting 
Communities'') to bring together commuter railroads, emergency 
responders, and State and local government leaders so that they might 
better coordinate their security plans and emergency response efforts.
Research and Development
    FRA conducts and supports research, development, and demonstration 
projects related to rail safety and rail security through its Office of 
Research and Development, in cooperation with DHS. Both theoretical and 
applied research on a wide range of issues has led to impressive 
results and tangible technology and process improvements.
    A recent example of the application of FRA's research efforts to 
both rail safety and security is the Passenger Rail Vehicle Emergency 
Evacuation Simulator, or ``Rollover Rig.'' This device, which began 
operation in 2006, can rotate a full-sized commuter rail car up to 180 
degrees to simulate passenger train derailment scenarios. The Rollover 
Rig is already enhancing the ability of researchers to test strategies 
for evacuating passenger rail cars and to evaluate the performance of 
emergency systems in the cars, such as emergency lighting, doors, and 
windows. In addition, first responders nationwide now have a unique 
training tool to practice effective passenger rail rescue techniques 
safely when a rail car is on its side. FRA developed the Rollover Rig 
at a cost of $450,000. New Jersey Transit Rail Operations donated the 
commuter rail car used by the Rollover Rig, and the Washington 
Metropolitan Area Transit Authority agreed to house, operate, and 
maintain the simulator at its emergency response training facility 
located in Landover, Maryland.
    We also continue to look for ways to improve tank car 
survivability, to reduce the likelihood that a tank car may be breached 
either by accident or by intentional act. PHMSA's and FRA's efforts to 
improve tank car survivability have a long and effective history. 
Working with the industry, all tank cars carrying hazardous materials 
now have top and bottom shelf couplers, and, as appropriate, tank cars 
are equipped with head shields, thermal protection, and skid protection 
for protruding bottom outlets. Tank cars carrying specific product 
groups, such as TIH and other particularly hazardous substances, are 
subject to additional requirements which became fully effective July 1, 
2006, after a 10-year phase-in period.
    Prior to the August 2005 enactment of Section 9005 of the Safe, 
Accountable, Flexible, Efficient Transportation Equity Act: A Legacy 
for Users (SAFETEA-LU), FRA had initiated tank car structural integrity 
research stemming from the circumstances of the 2002 derailment in 
Minot, North Dakota, involving the release of anhydrous ammonia from a 
tank car punctured during the derailment. Current research involves a 
three-step process to assess the effects of various types of train 
accidents (e.g., a derailment or collision) on a tank car. The first 
phase is development of a physics-based model to analyze the kinematics 
of rail cars in a derailment. The second phase is development of a 
valid dynamic structural analysis model; and the third phase is an 
assessment of the damage created by a puncture and entails the 
application of fracture mechanics testing and analysis methods. DOT's 
Volpe National Transportation Systems Center is doing the modeling work 
now, and FRA will dovetail this ongoing research with the requirements 
of Section 9005. FRA, in conjunction with PHMSA, hopes to develop new 
hazardous material tank car safety standards in 2008, and we are 
currently consulting with railroads, shippers, and car manufacturers 
and have solicited public comments to assist us in this effort. In this 
connection, FRA just signed a Memorandum of Cooperation with Dow 
Chemical Company, Union Pacific Railroad, and the Union Tank Car 
Company to participate in their Next Generation Rail Tank Car Project 
and advance rail tank car safety.
    Further, in September 2006, FRA awarded $200,000 to test sample 
tank car panels with various coatings to determine their ability to 
prevent penetration from small arms fire, as well as their ability to 
self-seal and, thereby, mitigate the severity of any incident. FRA 
developed the project in coordination with the AAR and DHS, which came 
up with the idea of applying to tank cars a protective coating like 
that used to enhance the armor protection of military vehicles in Iraq.
    FRA has other research and development projects underway related to 
rail security which we would be happy to discuss with Committee staff.
Conclusion
    FRA will continue to support TSA in carrying out its security 
responsibilities, and work with the rail industry to secure the 
Nation's freight and passenger railroad network. Together, DOT, TSA, 
and the rail industry are helping to ensure that security initiatives 
and programs are directed at potential threats to the Nation's railroad 
network and that rail employees and others responsible for its security 
are prepared to identify and address such threats.
Attachment
   Summary of the Steps FRA Has Taken To Implement Its National Rail 
                           Safety Action Plan
    In response to various rail safety concerns, including some recent 
major train accidents, such as Graniteville, SC, and the lack of 
substantial improvement in the train accident rate in recent years, 
Secretary of Transportation Norman Mineta launched the National Rail 
Safety Action Plan in May 2005. FRA has made real and substantial 
progress in bringing its aggressive and ambitious National Rail Safety 
Action Plan to fruition.
    To reduce the number of train accidents caused by human factors 
(the largest category of train accidents), FRA--

   Issued a proposed Federal rule in October 2006 that would 
        address top causes of human factor train accidents (such as 
        failing to return a track switch to its proper position, which 
        led to the Graniteville accident). The final rule is expected 
        to be issued in mid-2007.

   Implemented an ongoing research program to identify human 
        performance problems. Railroads, their employees, and FRA are 
        entering into agreements that permit the employees to report 
        unsafe events that do not result in a reportable accident but 
        could have done so, without the fear of discipline.

   Made available to railroads and their employees a fatigue 
        model that can assist them in developing crew scheduling 
        practices based on the best current science.

   Approved the first positive train control system capable of 
        automatically controlling train speed and movements to prevent 
        train collisions and other accidents--the system will be 
        installed on many BNSF Railway Company (BNSF) rail lines.

   Completed a pilot project, in partnership with BNSF, to 
        develop a low-cost system that electronically monitors, 
        detects, and reports a misaligned switch on mainline track 
        located in non-signaled track territory. BNSF plans expansion 
        of this and other similar systems on other non-signaled lines 
        of their company.
    To help prevent track-caused train accidents (the second-leading 
category), FRA--

   Developed an automated track inspection system that uses 
        high-resolution video to detect cracks in joint bars and that 
        can be deployed on a hi-rail vehicle to detect visible cracks 
        in joint bars without having to stop the vehicle. Testing 
        showed that the high-resolution video system detected visual 
        cracks that were missed by the traditional visual inspections. 
        The system was demonstrated to the railroads during Summer and 
        Fall of 2006.

   Issued a final rule requiring track owners to develop and 
        implement a procedure for the detailed inspection of rail 
        joints in continuous welded rail track.

   Contracted for the construction of two automated track 
        inspection vehicles, to be delivered in February and March, 
        which will bring FRA's fleet to five, allowing FRA to inspect 
        nearly 100,000 track-miles each year, which triples the present 
        capacity. This additional capability will permit FRA to inspect 
        more miles of major hazardous material (hazmat) and passenger 
        routes, while also having the ability to follow up more quickly 
        on routes where safety performance is substandard.

    To improve hazmat safety and emergency response capability, FRA 
improved emergency responders' timely access to hazmat information. As 
discussed in FRA's testimony today, FRA also accelerated its tank car 
structural research, hopes to issue new tank car performance standards 
in 2008, and has issued an NPRM on passenger train emergency systems.
    To strengthen FRA's rail safety inspection and enforcement program, 
FRA has made better use of data to direct FRA safety inspectors and 
other resources to where problems are likely to arise. FRA's new 
National Inspection Plan was fully implemented for all FRA safety 
disciplines in March 2006, and further training will be provided to FRA 
safety personnel on how to best use the data during the scheduled 
national technical conferences this year.
    To foster further improvements in highway-rail grade crossing 
safety, FRA--

   Built partnerships with State and local agencies by issuing, 
        in May 2005, and extensively distributing a safety advisory 
        describing the roles of the Federal and State governments and 
        of the railroads in crossing safety. The advisory also reminds 
        railroads of their responsibilities in relation to crossing 
        accident reporting and investigation and offers assistance to 
        local authorities in the investigation of crossing collisions 
        where information or expertise within FRA control is required 
        to complete the investigation.

   Aided the State of Louisiana in developing a crossing safety 
        action plan. This State has consistently ranked among the top 
        five with the highest number of crossing collisions and 
        fatalities. The State approved the plan in April 2006.

   Launched an ongoing public safety inquiry into safety at 
        private crossings.

    We would be glad to provide the Committee with additional 
information on the current status of FRA's implementation of the 
National Rail Safety Action Plan.

    Senator Lautenberg. Mr. Hill?

 STATEMENT OF HON. JOHN H. HILL, ADMINISTRATOR, FEDERAL MOTOR 
               CARRIER SAFETY ADMINISTRATION, DOT

    Mr. Hill. Thank you for inviting me today to discuss the 
Federal Motor Carrier Safety Administration's role in 
contributing to the security of truck and bus transportation on 
our highways.
    Following the tragic events of September 11, 2001, FMCSA 
recognized immediately the risk of terrorism associated with 
the transportation of hazardous materials.
    Within a month, the agency--along with our State partners--
began visiting all motor carriers that transport hazardous 
materials to ensure that they were aware of the potential 
vulnerability and basic security measures. In 7 months, State 
and FMCSA staff conducted over 30,000 security sensitivity 
visits on hazardous material carriers.
    FMCSA also worked with the Research and Special Programs 
Administration--now the Pipeline and Hazardous Materials Safety 
Administration--to develop regulations requiring hazardous 
materials and carriers and shippers to develop security plans 
and train their employees about hazardous materials security. 
Following implementation of this regulation, FMCSA took steps 
to educate both the industry, our field staff, and the State 
enforcement officials.
    The agency also developed procedures to check compliance 
with hazardous materials security regulations in what we call a 
Security Contact Review. To date, FMCSA has conducted over 
4,000 Security Contact Reviews, and we've assessed civil 
penalties against over 400 entities for failure to comply with 
the basic security regulations.
    In 2004, our agency promulgated regulations to require 
carriers of certain hazardous materials to obtain a hazardous 
materials safety permit. The program--applies to carriers that 
transport high explosives, high route-controlled quantities of 
radioactive materials, and materials that are toxic by 
inhalation hazard, and large quantities of liquefied natural 
gas.
    Currently, over 1,100 motor carriers have a current 
hazardous materials safety permit. The program is an example of 
an area where security overlaps with FMCSA's safety mission.
    FMCSA's primary security activities at this point involve 
the transportation of hazardous materials. We continue to 
ensure compliance with security training, and security plans, 
regulations through our Security Contact Review, and we take 
enforcement for non-compliance as warranted.
    We've met with TSA, and we work with them to ensure that 
their Corporate Security Review, conducted by their personnel, 
are not duplicative on the industry for the work that they're 
doing.
    Decisions regarding the routing of hazardous materials is 
one area FMCSA has identified as relating to security, in 
addition to the safety issues that were originally the impetus 
for the regulations.
    FMCSA has two sets of regulations governing the routing of 
hazardous materials: Standards for routing of non-radioactive 
materials, and requirements for routing of highway route-
controlled quantities of radioactive materials. Both parts 
contain sections setting out requirements States or Indian 
tribes must follow to establish, maintain and enforce hazardous 
material routing requirements.
    To establish routing designations or restrictions, the 
State or local government, or Indian tribe, must consider 13 
factors. Currently, security is not required to be a factor 
considered in making routing decisions, and as such, security 
is not covered in the FMCSA guidance regarding making routing 
decisions.
    Last year, FMCSA began a study to modify existing guidance 
materials to State and local government, and Indian tribes, in 
designating routes to ensure the safe and secure transportation 
of HM. And second, develop tools that will assist these 
entities in assessing security vulnerabilities of current and 
proposed hazardous materials routes. We expect to complete this 
study by the Fall of 2007.
    Finally, Mr. Chairman, in conclusion I want to say that as 
our Nation moves more to secure and protect our citizens from 
the threat posed by terrorism, it's important that we move 
deliberately and responsibly to secure our transportation 
systems without paralyzing them. That is what FMCSA has 
attempted to do since the tragic events of September 11, 2001, 
and what we will continue to endeavor to do as we support 
agencies inside and outside the Department on transportation 
security initiatives.
    We look forward to working with your committee and the 
other agencies present at the hearing today to implement this 
important piece of legislation.
    [The prepared statement of Mr. Hill follows:]

        Prepared Statement of Hon. John H. Hill, Administrator, 
            Federal Motor Carrier Safety Administration, DOT
Introduction
    Chairman Inouye, Vice Chairman Stevens, and Senators of the 
Committee, thank you for inviting me today to discuss the Federal Motor 
Carrier Safety Administration's (FMCSA) role in contributing to the 
security of truck and bus transportation on our highways. I am pleased 
to appear before you to describe FMCSA's outreach, education, research, 
enforcement and compliance programs that help improve our homeland 
security.
    Mr. Chairman, the Federal Motor Carrier Safety Administration was 
created in 1999 with the mission of improving the safety of trucks and 
buses operating on our Nation's roads. Safety remains the primary 
mission of our Agency--the primary function of our regulations and our 
programs. FMCSA also plays a role in the security of the truck and bus 
industries due to our familiarity with, and oversight of these 
industries and the close and sometimes overlapping relationship between 
safety and security. The proposed legislation touches directly on one 
of the areas where security concerns directly impact our existing 
regulations--the routing of hazardous materials.
Background
    Following the tragic events of September 11, 2001, FMCSA recognized 
immediately the risk of terrorism associated with the transportation of 
hazardous materials. Within a month, the agency, with our State 
partners, began visiting all motor carriers that transport hazardous 
materials to ensure they were aware of their potential vulnerability 
and discuss basic security measures. We felt these measures were 
critical as many of the companies in the trucking industry are small 
carriers with only a few trucks and lacking the resources to employ 
full-time security staff. In 7 months, State and FMCSA staff conducted 
over 30,000 Security Sensitivity Visits on hazardous materials 
carriers.
    FMCSA also began to take other steps to raise awareness about the 
security risks posed by the transportation of hazardous materials, and 
indeed the potential for terrorists to use the vehicles we regulate, 
trucks and buses, as pawns in their plans to inflict terror on our 
country. Despite the strictly safety mission given to the agency by the 
Congress, these measures were deemed justified and indeed critical, 
particularly before the creation of the Transportation Security 
Administration (TSA) and in the early days of that organization when 
they were rightly focused on aviation security.
    Among the steps FMCSA took was an outreach campaign aimed at 
raising security awareness in the trucking industry and outreach to the 
law enforcement community to make them aware of the potential use of 
trucks, particularly those transporting hazardous materials, as weapons 
of terrorism. To complement these outreach efforts, we created a 
training course called ``Trucks n' Terrorism'' to make law enforcement 
officials aware of indicators that should raise suspicions regarding 
the legitimacy of truck transportation. The agency also worked with the 
motorcoach industry to address security issues involving transportation 
of people including conducting a vulnerability assessment of the 
motorcoach industry and training to raise the security awareness of 
motor coach drivers and company officials.
    Additionally, FMCSA began a significant effort to test technologies 
that had the potential to improve security, particularly in regard to 
the transportation of hazardous materials. Many of these technologies 
such as satellite tracking of vehicles and emergency communication 
devices were already in use as tools to improve safety or efficiency. 
FMCSA's Hazardous Materials Field Operational Test demonstrated how 
these technologies could also be used to improve security and 
quantified the costs and benefits of these technologies. The Hazardous 
Materials Field Operational Test also piloted the concept of a public-
sector response system. FMCSA provided a copy of the report and its 
findings to the Department of Homeland Security in 2005. We are working 
with DHS on further development of this system.
    FMCSA also worked with the Research and Special Programs 
Administration (RSPA), now the Pipeline and Hazardous Materials Safety 
Administration (PHMSA) to develop regulations requiring hazardous 
materials carriers and shippers to develop security plans and train 
their employees about hazardous materials security. Following 
implementation of this regulation, FMCSA took steps to educate both the 
industry and our field staff and State partners. FMCSA worked with 
PHMSA, various industry associations, and the now established TSA to 
develop a booklet to assist hazardous materials motor carriers, 
particularly small businesses, in developing an effective security 
plan. Copies of this document were distributed to every hazardous 
materials carrier in the FMCSA database.
    To promote enforcement of the new regulation, FMCSA developed a 16-
hour training course to educate our field personnel and State partners, 
previously focused solely on safety issues, about basic security 
practices. The agency also developed procedures for checking compliance 
with hazardous materials security regulations in what we call a 
Security Contact Review. To date, FMCSA has conducted over 4,000 
Security Contact Reviews and assessed over 400 civil penalties for 
failure to comply with the hazardous materials security regulations.
    In 2004, FMCSA promulgated regulations to require carriers of 
certain hazardous materials to obtain a hazardous materials safety 
permit. This program applies to carriers that transport high 
explosives, high route-controlled quantities of radioactive materials, 
materials that are toxic by inhalation hazard, and large quantities of 
liquefied natural gas. Currently over 1,100 motor carriers have a 
current hazardous materials safety permit. The program is an example of 
an area where security overlaps FMCSA's safety mission. In promulgating 
this regulation, based primarily on safety concerns expressed in the 
legislation requiring this program, the agency did incorporate some 
basic security requirements. However, it should be made clear that 
while we developed a regulation that has some security requirements, it 
was not meant to be a comprehensive security regulation and the 
materials the agency chose to make applicable to this requirement were 
based on the legislative intent and safety considerations rather than 
an in-depth analysis of security risk.
FMCSA's Current Security Role
    Much of the security activity I have just described occurred 
before, or in the early days of the TSA. For the past few years, our 
Agency has been working with TSA to transfer the primary security 
responsibility for the truck and bus industries to TSA. This is not to 
say that we have abandoned any role in security. As recognized in 
Executive Order 13416, ``Strengthening Surface Transportation 
Security'' both Departments have responsibilities in the area of 
transportation security.
    FMCSA's primary security activities at this point involve the 
transportation of hazardous materials for which Congress gave the 
Department specific shared responsibility in the Homeland Security Act 
of 2002. FMCSA continues to ensure compliance with security training 
and security plan regulations through our Security Contact Reviews and 
take enforcement action for non-compliance as warranted. We have met 
with TSA to coordinate these visits to motor carriers with the 
Corporate Security Reviews conducted by TSA personnel to ensure there 
is not duplication of effort or unnecessary burden placed on the 
industry. We have also begun work to look at including security 
considerations in our long-standing regulations specifying procedures 
for States to follow when making hazardous materials routing 
distinctions.
    Our Agency also remains involved in consulting with DHS and TSA on 
various issues ranging from our joint regulations for background checks 
for drivers holding Commercial Driver's Licenses with hazardous 
materials endorsements, implementation of the REAL ID Act, to 
participation on panels to make decisions about security grants for 
motorcoach companies.
Hazardous Materials Routing and Route Plans
    As I mentioned earlier, decisions regarding the routing of 
hazardous materials is one area FMCSA has identified as relating to 
security in addition to the safety issues that were the original 
impetus for the regulations. FMCSA has two sets of regulations 
governing the routing of hazardous materials. Standards for the routing 
of non-radioactive hazardous materials (NRHM) and requirements for 
routing of highway route-controlled quantities (HRCQ) of radioactive 
materials (RAM). Both parts contain sections setting out requirements 
States or Indian tribes must follow to establish, maintain, and enforce 
HM routing designations.
    To establish routing designations or restrictions, a State or local 
government or Indian tribe must consider 13 factors such as population 
density, type of highway, type and quantities of HM, emergency response 
capabilities, exposure, terrain considerations, alternative routes, 
effects on commerce, delays in transportation, congestion, and accident 
history. FMCSA has developed guidelines for designating hazardous 
materials routes or preferred routes for highway route-controlled 
radioactive materials. Currently security is not required to be a 
factor considered in making routing decisions and as such, security is 
not covered in the FMCSA guidance regarding making routing decisions. 
Last year, FMCSA began a study to: (1) modify existing guidance 
materials to State and local governments and Indian tribes in 
designating routes to ensure the safe and secure transportation of HM; 
and (2) develop tool(s) that will assist the these entities in 
assessing the security vulnerabilities of current and proposed HM 
routes. We expect to complete the study by the Fall of 2007.
Conclusion
    Mr. Chairman, as the Nation moves to become more secure and protect 
our citizens from the threat posed by terrorism, it is important that 
we move deliberately and responsibly; to secure our transportation 
systems without paralyzing them. That is what FMCSA has attempted to do 
since the tragic events of September 11, 2001 and what we continue to 
endeavor to do as we support agencies inside and outside the Department 
on transportation security initiatives. We look forward to working with 
your committee and the other agencies present at this hearing today to 
implement this important piece of legislation.

    The Chairman. All right. Thank you very much, Mr. 
Administrator.
    And now, may I recognize Vice Admiral Thomas Barrett, 
Administrator of the Pipeline and Hazardous Materials Safety 
Administration.

  STATEMENT OF THOMAS J. BARRETT, VICE ADMIRAL (RET.), USCG; 
             ADMINISTRATOR, PIPELINE AND HAZARDOUS 
              MATERIALS SAFETY ADMINISTRATION, DOT

    Admiral Barrett. Chairman Inouye, Vice Chairman Stevens, 
distinguished members of the Committee, good morning. On behalf 
of Secretary Peters and myself, thank you for the opportunity 
to discuss security of transportation of hazardous materials, 
including pipeline security.
    First, however, I want to thank you for your leadership and 
support in passing the Pipeline Inspection, Protection, 
Enforcement and Safety Act of 2006, which the President signed 
into law last month. This will significantly improve pipeline 
safety, and we will implement the law aggressively.
    On today's subject, like the Committee, the Department 
strongly believes there are opportunities to improve surface 
transportation security for movement of hazardous materials. We 
follow a systems risk-based approach, recognizing that safety 
and security are related, and that significant safety and 
economic consequences can flow from security decisions. Our 
goal is complete safety, complete security without duplicating 
efforts, or excessively burdening commerce.
    We believe improvements are best developed using an 
enterprise approach to produce effective measures suited to the 
demands of an economy that depends on efficient movement of 
hazardous materials. These materials are essential to our 
citizens, are used every day across the Nation in farming, 
manufacturing, medical, pharmaceuticals, consumer products, and 
thousands of other applications that shape the quality of our 
lives.
    Much progress has been made since 9/11 to improve security 
of our transportation systems, with the active assistance and 
direction of the Congress. DOT modal administrations, including 
FMCSA, have strengthened our relationships with the Department 
of Homeland Security and TSA, specifically, to enhance 
hazardous materials security and transportation.
    In a recent annex to the MOU between DOT and DHS--which Kip 
Hawley and myself signed--we have established a joint working 
group to improve inter-agency coordination at the practical 
level on both transportation security and safety matters, 
recognizing that each agency brings core competencies, legal 
authorities, resources, and expertise to this shared mission.
    Enhancing security requires, as Mr. Hawley noted, that we 
start with the data, understanding the problems, identifying 
gaps; including gaps in understanding the risks, threats, 
vulnerabilities, likelihoods and consequences of incidents. Our 
joint working group is looking at how to leverage the 
information that each agency collects and possesses, to enhance 
our understanding of risks connected with hazardous material 
transportation, and bring that information to bear in an 
ongoing basis in all elements of our security and safety 
programs.
    Last month, PHMSA and FRA issued a notice of proposed 
rulemaking to upgrade requirements applicable to the safe and 
secure transportation of hazardous materials by rail. We 
propose requiring carriers to compile annual data on specified 
shipments of hazardous materials, use the data to analyze 
safety and security risks along routes, assess alternate 
routing options, and make decisions based on those assessments. 
We will hold public meetings in February to solicit public 
input on the proposal.
    We are also taking a close look at hazmat security plan 
requirements. TSA and PHMSA recently initiated a project to 
refine the list of hazardous materials for which security plans 
are required. We published an advanced notice of proposed 
rulemaking in September, hosted a public meeting in November, 
and expect to issue a notice of proposed rulemaking by early 
summer.
    We've also taken a careful look at access to PHMSA's 
National Pipeline Mapping System, which was removed from public 
access after 9/11. We have worked the issues with TSA, pipeline 
stakeholders, safety advocates and security experts, and 
developed an approach we believe will minimize risks, while 
satisfying legitimate public right-to-know concerns. And we 
expect to restore public access to the revised system in the 
next several months.
    We're also bringing a risk-based systems approach to our 
research related to security to the Hazardous Materials 
Cooperative Research Program, now in its first-year of program 
management by the Transportation Research Board of the National 
Academies.
    Like Congress, we focus on improving the ability of States 
and local governments to prepare for hazardous materials 
incidents, whatever their cause. We are proud of our 
partnerships with the National Association of State Fire 
Marshals, the International Association of Fire Chiefs, and the 
International Association of Firefighters. At the end of the 
month, with them, we will sponsor the next in a series of 
meetings of emergency responders, hazmat industry 
representatives and pipeline operators, to strengthen response 
capabilities and preparedness.
    As the Committee considers ways to improve transportation, 
we will be pleased to work with you to build on the substantial 
progress that has been made, including lessons that we have 
learned about the path to a comprehensive, systems risk-based 
approach.
    We do need flexibility to develop and implement solutions. 
Risk profiles, as you know, can change rapidly, and we must be 
able to be agile in addressing developments in safety and 
security. We believe the path forward is an enterprise approach 
that takes advantage of agency expertise, considers the 
perspectives of all stakeholders and the public, provides for 
regular reassessment and refinement as transportation risks, 
systems and technologies evolve.
    Mr. Chairman, I commend you and the members of this 
committee for your leadership on this important topic, and 
would be pleased to answer your questions.
    [The prepared statement of Admiral Barrett follows:]

  Prepared Statement of Thomas J. Barrett, Vice Admiral (Ret.), USCG; 
Administrator, Pipeline and Hazardous Materials Safety Administration, 
                                  DOT
    Chairman Inouye, Vice Chairman Stevens, Chairman Lautenberg, and 
distinguished members of the Committee, on behalf of the Secretary of 
Transportation, I want to thank you for the invitation to appear today.
    I would like to take a moment at the outset to commend the 
Committee for your leadership and support in passing the Pipeline 
Inspection, Protection, Enforcement, and Safety Act of 2006, Public Law 
109-468, which the President signed into law last month. The PIPES Act 
will save lives and foster economic growth by strengthening the 
pipeline safety program.
    The Pipeline and Hazardous Materials Safety Administration (PHMSA) 
is moving ahead to implement the new authority and fulfill the Act's 
mandates. We will keep the Committee informed of our efforts and 
progress.
    I appear before you today on another important subject: PHMSA's 
activities and role in enhancing hazardous materials transportation 
security.
    We understand the Committee is considering options to improve 
commercial surface transportation security, and we look forward to 
working with the Committee. Working in close coordination with the 
Department of Homeland Security (DHS), and with the Department of 
Transportation's (DOT's) Federal Railroad Administration (FRA) and the 
Federal Motor Carrier Safety Administration (FMCSA), we are moving 
forward in that effort on several fronts.
    When it comes to improving transportation security, we follow a 
systems risk-based approach, recognizing that safety and security are 
connected, and that significant safety and economic consequences will 
flow from our decisions. The success of our efforts over time lies in 
our ability to mitigate overall risk, while avoiding undue burdens on 
transportation systems, operators, and the public. Effective 
coordination within the Federal Government is essential to addressing 
security concerns in the way that the American public deserves.
    Improvement should be developed in a transparent manner, with the 
benefit of stakeholder input, to produce practical approaches suited to 
the demands of an economy that depends on the efficient movement of 
hazardous materials. We must focus and prioritize our efforts, 
preventing incidents that pose the greatest overall risk to the public, 
property, and the environment, and mitigating the consequences of 
incidents that cannot be prevented.
Multi-Modal Hazardous Materials Program
    Hazardous materials are essential to our citizens, and to our 
economy. These materials fuel automobiles, heat and cool our homes and 
offices, and are used in farming, medical applications, manufacturing, 
mining, and other industrial processes. More than 3 billion tons of 
regulated hazardous materials--including explosive, poisonous, 
corrosive, flammable, and radioactive materials--are transported each 
year.
    We oversee the safe and secure shipment of over 1.2 million daily 
movements of hazardous materials moving through the air; on the 
railroads, seas and waterways; and over the highways. Many of these 
shipments require transfer between modes. Programs that increase the 
security of highway infrastructure and intermodal transfer points are 
required to maintain the security and safety of these movements. 
Additionally, large volumes of hazmat are moved by pipelines out of the 
view of most Americans.
    These hazardous materials shipments frequently move through densely 
populated or sensitive areas where an incident could result in loss of 
life, serious injury, or significant environmental damage. Our 
communities, particularly the public and workers engaged in hazardous 
materials commerce, count on the safe and secure transport of these 
shipments.
Post-9/11 Hazmat Security Requirements
    With Congress' active assistance and direction, much progress has 
been made since 9/11 to improve the security of our transportation 
systems. Congress confirmed PHMSA's role in the Homeland Security Act 
of 2002, when it amended Federal law to clarify the agency's 
responsibility for the ``safety, including security,'' of hazardous 
materials transportation.
    In 2003, we amended the Hazardous Materials Regulations to require 
shippers and carriers of certain hazardous materials to develop and 
implement security plans. The regulations established a general 
baseline for the development and scope of plans, rather than a 
prescriptive list of specific security measures. Each security plan 
must include an individualized risk assessment and, at a minimum, 
address personnel security, unauthorized access, and en route security 
risks. Plans must be appropriate to the company's individual 
circumstances, considering the types and amounts of hazardous materials 
shipped or transported and the modes used for transportation. The 
regulation establishes a meaningful performance standard for security 
planning, while providing shippers and carriers with the flexibility 
necessary to develop security measures addressing their individual 
circumstances and operational environments.
    DOT-regulated pipeline operators are subject to different security 
planning standards, also requiring the development of site-specific 
security plans. Most pipeline operators follow a set of consensus 
guidelines that were jointly developed by PHMSA, pipeline operators, 
and State pipeline safety agencies following the 9/11 terrorist 
attacks. The security requirements governing operators of liquefied 
natural gas (LNG) facilities predate 9/11 and are enforced, along with 
our other LNG safety standards, by PHMSA and our State partners.
    As the Committee is aware, PHMSA also has been actively involved in 
government-wide security planning and coordination efforts led by DHS. 
In accordance Homeland Security Presidential Directives and Executive 
Orders, we regularly provide technical expertise and consultation on 
security initiatives with DOT partners in the areas of pipeline 
operations and hazardous materials transportation. We contributed to 
the recently-completed National Infrastructure Protection Plan and 
participate in the Government Coordinating Councils for the Rail, 
Highway, Chemical and Pipeline sectors.
The PHMSA-TSA Security Annex
    Most recently, PHMSA and the Transportation Security Administration 
(TSA) have established a joint working group to improve interagency 
coordination on transportation security and safety matters, and to 
develop and advance plans for improving transportation security. As you 
know, PHMSA and TSA signed an Annex to the Departmental Memorandum of 
Understanding (MOU) executed by DOT and DHS. The Annex recognizes TSA's 
lead role in transportation security and reflects the agencies' shared 
commitment to a systems risk-based approach and to the development of 
practical solutions, recognizing that each agency brings core 
competencies, legal authority, resources, and expertise to this shared 
mission.
    In entering into the Annex, PHMSA and TSA pledge to build on and 
not duplicate the various security initiatives and efforts already 
underway. At the same time, we thought it was important to outline the 
key program elements and approaches necessary to effective Federal 
action and to use that framework to identify specific areas for 
improvement.
    Enhancing security requires that we start with the data--
understanding the problem and identifying any gaps in existing 
solutions, including gaps in understanding the risks and consequences 
of incidents. PHMSA's technical staff has knowledge about hazardous 
materials and transportation systems that can and should be brought to 
bear in the Federal effort to enhance security.
    The joint agency working group established under the PHMSA-TSA MOU 
Annex is looking at ways to leverage the information that each agency 
possesses and collects. We are doing this in order to enhance our 
understanding of all risks connected with hazardous materials 
transportation and to bring that information to bear on an ongoing 
basis in all elements of our safety and security programs.
    Under Executive Order 13416 and as delineated in the Annex, PHMSA 
and TSA are looking for ways to improve standards, recognizing that 
solutions need to be tailored to risks and transportation needs, both 
of which will change over time. Enhancing transportation security does 
not necessarily mean that we must impose regulatory requirements. We 
must be open to the range of possible solutions, driven by information 
about systems risks and security gaps.
    Where it is appropriate to impose new standards, close coordination 
and consultation between the agencies--and active outreach with 
stakeholders--will help to ensure effective results. Better 
communication and outreach with affected stakeholders are important 
elements of the approach to enhancing transportation security reflected 
in the MOU Annex.
    Inspection and enforcement also present opportunities for 
improvement. PHMSA and TSA are looking for ways to maximize the use of 
Federal resources by cooperating in these efforts.
    Research and development are important parts of a coordinated 
Federal strategy. Our joint agency working group will put in place 
measures to ensure that we are making the best use of Federal resources 
by sharing research results and collaborating in the development of 
future projects.
Pending Improvements
    Working with our DOT colleagues and TSA, we continue to consider 
ways to enhance the transportation security of hazardous materials. 
Last month, PHMSA and FRA issued a notice of proposed rulemaking 
(NPRM), proposing to revise current requirements applicable to the safe 
and secure transportation of hazardous materials by rail. Specifically, 
we are proposing to require rail carriers to compile annual data on 
specified shipments of hazardous materials, use the data to analyze 
safety and security risks along rail routes, assess alternative routing 
options, and make routing decisions based on those assessments.
    The same notice proposes clarifications of the current security 
plan requirements to address en route storage, delays in transit, 
delivery notification, and additional security inspection requirements 
for hazardous materials shipments. We have planned two meetings in 
early February, one here in Washington and one in Dallas, to solicit 
public input on the rail security proposals.
    In consultation with the other DOT operating administrations and 
TSA, we also are taking a close look at the scope of our hazmat 
security plan requirements. In the 3 years since the requirements went 
into effect, we have gained experience evaluating security risks 
associated with specific hazardous materials and transportation 
environments and identifying appropriate measures to address those 
risks. In response to two industry petitions for rulemaking, PHMSA 
recently initiated a project to reconsider and refine the list of 
hazardous materials for which security plans are currently required. 
The industry petitioners asked PHMSA to amend the security plan 
regulations to create a distinction between hazardous materials that 
present a significant security risk while in transportation and the 
vast majority of hazardous materials that pose minimal security risks 
in transportation. To this end, we have initiated a rulemaking project, 
in cooperation with the DOT operating administrations and TSA; we 
published an ANPRM on September 21, 2006, and hosted a public meeting 
on November 30. We expect to issue a proposal by early Summer of 2007.
    As we refine our understanding of system risks, we've also taken a 
careful look at how we regulate access to PHMSA's National Pipeline 
Mapping System (NPMS). The NPMS is a comprehensive database including 
geospatial and other information about all PHMSA-regulated liquid and 
natural gas pipelines and their relationship to populated and unusually 
sensitive environmental areas. In the immediate aftermath of 9/11, we 
pulled the NPMS from the agency's website and restricted public access 
out of concern that information in the system could be used in planning 
or targeting a terrorist attack. In the meantime, we have taken a 
careful look at the nature and quality of publicly available 
information about pipeline facilities and the safety and security 
implications of providing public access. We have discussed the issues 
with DHS and all pipeline stakeholders, safety advocates, and security 
experts, and we have developed an approach that we believe will 
minimize risk, while satisfying legitimate public right-to-know 
concerns.
    I would like to mention that in the coming months, PHMSA will be 
rolling out changes to its NPMS website that will permit members of the 
public to access certain maps and data on a county-by-county basis. The 
level of detail accessible to the public will make the site useful for 
emergency response and local planning efforts, helping communities 
manage risks of development and other human activities near existing 
pipelines.
    Our decision to restore public access to NPMS data illustrates how 
a data-driven, systems risk-based approach improves risk mitigation. 
From a systems risk perspective, public access to information is 
desirable, because it facilitates environmental protection, emergency 
response, and safety-conscious land use planning. Further, this 
determination may pave the way for making NPMS data available in 
efforts to reduce other transportation risks. As we move ahead on the 
rail routing rulemaking, for instance, we will consider whether access 
to NPMS data concerning environmentally-sensitive areas may be useful 
in making safety and security conscious rail routing decisions.
    With Congress' support, a systems risk-based approach will be 
carried forward through the Hazardous Materials Cooperative Research 
Program, now in its first year of program management by the 
Transportation Research Board of the National Academies. Four initial 
research projects recently cleared the selection process. They are: (1) 
Hazmat Commodity Flow Guidance to States and Localities; (2) Enhanced 
Incident Data Quality for Root Cause Analysis; (3) Assessing Hazmat 
Emergency Response Capabilities; and (4) Emerging Technologies 
Applicable to Hazmat Transportation Safety and Security. PHMSA is 
closely monitoring the progress of that research.
    Finally, like Congress, we are focused on improving the ability of 
States and local governments to prepare for and respond to hazardous 
materials incidents, whatever their cause. PHMSA is proud of its 
partnerships with the National Association of State Fire Marshals, the 
International Association of Fire Chiefs, and the International 
Association of Fire Fighters. Each organization has assisted in 
capability building across the country.
    At the end of this month, PHMSA and the National Association of 
State Fire Marshals will co-sponsor another meeting of emergency 
responders, hazardous materials industry representatives, and pipeline 
operators. This joint effort covers a variety of initiatives intended 
to strengthen response capabilities and preparedness, including a 
recent PHMSA Advisory Bulletin on the appropriate response to ethanol 
spills and plans for the 2008 edition of the Emergency Response 
Guidebook (ERG). PHMSA publishes and distributes the ERG free of charge 
to the Nation's first responder community. For years, the ERG has been 
an important resource for first responders, providing critical guidance 
during the initial phase of a hazardous materials incident. For the 
first time, the 2008 ERG will be expanded to include a response section 
applicable to pipeline incidents.
Closing
    Like Secretary Peters, PHMSA takes very seriously our 
responsibility to ensure the safe and secure movement of hazardous 
materials across our transportation system. Although we recognize that 
there is always room for improvement, we believe that we have a strong 
regulatory framework in place for hazardous materials transportation 
security. Together with DHS, we seek to achieve the highest level of 
safety and security possible, while at the same time, minimizing the 
burden and associated cost.
    We look forward to working with the members of this Committee, the 
Congress and our stakeholders as we embark on a serious and open 
discussion with all interested parties to further enhance the safe and 
secure transportation of hazardous materials.
    Mr. Chairman, I commend you and the members of this Committee for 
your leadership on this very important topic. Thank you again for this 
opportunity today. I am happy to take your questions.

    The Chairman. Thank you very much Admiral Barrett.
    And now may I call upon Ms. Cathleen A. Berrick, Director 
of Homeland Security and Justice Issues, Government 
Accountability Office.

 STATEMENT OF CATHLEEN A. BERRICK, DIRECTOR, HOMELAND SECURITY 
                    AND JUSTICE ISSUES, GAO

    Ms. Berrick. Thank you, Mr. Chairman, Mr. Vice Chairman and 
members of the Committee for the opportunity to discuss the 
security of the Nation's surface transportation systems, and in 
particular, passenger rail.
    In addition to our passenger rail security work, GAO has 
recently initiated, or will soon initiate, reviews of 
additional surface transportation modes, including freight 
rail, commercial vehicles, and highway infrastructure. We 
expect to report on the results of that work later this year.
    Regarding passenger rail, my testimony today focuses on 
actions the Federal Government have taken to assess risks to 
the rail system, and security practices implemented by domestic 
and selected foreign rail operations.
    DHS, in conjunction with its grant-making authority, and 
DOT, have completed numerous risk assessments of passenger rail 
systems around the country, and have provided technical 
assistance and training to rail operators, among other efforts.
    DHS has also begun to develop an overall framework to help 
agencies and the private sector develop a consistent approach 
for analyzing and comparing risks to transportation and other 
sectors. TSA has also conducted risk assessments, and is 
establishing a methodology for analyzing and characterizing 
risks.
    However, although progress has been made, these risk-
assessment efforts have not yet been fully coordinated or 
completed. Until they are, it may be difficult to compare risks 
within the rail sector, and across different sectors, even 
outside of transportation, and allocate resources accordingly.
    After the 9/11 attacks, FRA and FTA took a number of 
actions to strengthen the security of rail systems, including 
providing security training to rail operators and technical 
assistance. TSA also issued security directives, and piloted 
explosive detection technology for use in the rail system, 
recently issued a proposed rule addressing passenger and 
freight rail security, and has implemented other security 
programs in partnership with FRA and FTA.
    However, some Federal and rail stakeholders question the 
feasibility of implementing and complying with the rail 
security directives, claiming that they were not always based 
on industry best practices, or conflicted with some safety 
requirements.
    Domestic and foreign passenger rail operators have also 
taken a range of actions to secure their systems. Most have 
implemented customer awareness programs, increased the number 
and visibility of security personnel, and upgraded security 
technologies.
    However, we also observed security practices among certain 
foreign rail systems, or their governments, that are not 
currently used--or used to the same degree--by domestic 
operators. These practices include: the random screening of 
passengers, and their bags, and the utilization of covert 
testing to help keep employees alert to security threats. We 
also found that certain foreign governments maintain a 
centralized clearing house of rail security technologies and 
best practices, which is not currently done to the same degree 
in the U.S. Based on our work, we recommended that TSA reassess 
established security requirements, and more systematically 
review and consider for use, security practices used by foreign 
countries.
    Regarding the security of all transportation modes, DHS and 
DOT signed an MOU intended to improve coordination of security 
and safety matters, and subsequently completed several related 
Annexes--a very important step in ensuring a coordinated 
Federal response to security.
    However, we found that DHS has been delayed in issuing its 
Transportation Sector Specific Plan and supporting plans, which 
are to identify TSA strategy for securing all transportation 
modes.
    The sector-specific plan is an important step needed to 
establish and clearly communicate the Federal Government's 
security strategy to all transportation stakeholders. Our 
ongoing work on commercial vehicle security has found that 
commercial vehicle operators are seeking information from the 
Federal Government on their role and strategy with respect to 
security. Our work has also shown that, despite several 
security efforts underway in this area, DHS is in the early 
stages of defining its security wall.
    In summary, we are encouraged by the increased Federal 
focus on the security of surface transportation modes, and 
moving forward, a clear strategy, strong Federal coordination 
and continued leadership will be needed to help ensure that 
actions and investments designed to enhance security are 
appropriately focused and prioritized.
    Thank you very much.
    [The prepared statement of Ms. Berrick follows:]

         Prepared Statement of Cathleen A. Berrick, Director, 
               Homeland Security and Justice Issues, GAO
    Mr. Chairman and members of the Committee:
    Thank you for inviting me to participate in today's hearing on 
Federal efforts to secure rail and surface transportation systems. 
Since September 11, 2001, TSA has focused much of its efforts and 
resources on meeting legislative mandates to strengthen commercial 
aviation security. However, TSA has recently placed additional focus on 
securing surface modes of transportation, particularly in the area of 
passenger rail security. Surface transportation, which includes 
passenger and freight rail, mass transit, highways, and pipelines, are 
inherently open and difficult to secure. One of the critical challenges 
facing these Federal agencies, and rail system operators they oversee 
or support, is finding ways to protect rail systems from potential 
terrorist attacks without compromising the accessibility and efficiency 
of rail travel. The Madrid commuter rail attacks in March 2004, London 
rail bombings in July 2005, and Mumbai, India train bombings just last 
year, highlight the vulnerabilities of passenger rail and other surface 
transportation systems and made clear that even when security 
precautions are put into place, these systems remain vulnerable to 
attack. While securing surface transportation systems is a daunting 
task--a shared responsibility requiring coordinated action on the part 
of Federal, state, and local governments and the private sector--it is 
important nonetheless to take the necessary steps to identify and 
mitigate risks to these systems.
    As we have reported previously, the sheer number of stakeholders 
involved in securing surface transportation modes, including passenger 
rail, can sometimes lead to communication challenges, duplication of 
effort, and confusion about roles and responsibilities. Regarding 
passenger rail security, key Department of Homeland Security (DHS) 
stakeholders with critical roles include the Transportation Security 
Administration (TSA), which is responsible for securing all modes of 
transportation, and the Office for Grants and Training (OGT), which 
provides grant funds to rail operators and conducts risk assessments 
for passenger rail agencies. Within the Department of Transportation 
(DOT), the Federal Transit Administration (FTA) and Federal Railroad 
Administration (FRA) have responsibilities for passenger and freight 
rail safety and security. In addition, public and private passenger 
rail operators also share responsibility for securing their systems.
    At the Federal level, another significant challenge related to 
securing passenger rail systems involves allocating resources based on 
risk. Within and among all modes of transportation, there is 
competition for resources, as Federal, state, and local agencies and 
transportation operators seek to identify and invest in appropriate 
security measures to safeguard these systems while also investing in 
other capital and operational improvements. Moreover, given competing 
priorities and limited homeland security resources, difficult policy 
decisions have to be made by Congress and the Executive Branch to 
prioritize security efforts and direct resources to areas of greatest 
risk within and among transportation modes and across other nationally 
critical sectors.
    In this regard, to help Federal decisionmakers determine how to 
best allocate limited resources, we have advocated, the National 
Commission on Terrorist Attacks Upon the United States (the 9/11 
Commission) has recommended, and the Intelligence Reform and Terrorism 
Prevention Act of 2004 provides that a risk management approach be 
employed to guide decisionmaking related to homeland security 
resources. A risk management approach entails a continuous process of 
managing risks through a series of actions, including setting strategic 
goals and objectives, assessing and quantifying risks, evaluating 
alternative security measures, selecting which measures to undertake, 
and implementing and monitoring those measures.
    My testimony today focuses on the progress Federal agencies and 
domestic passenger rail operators have made in setting and implementing 
security priorities in the wake of September 11, 2001, terrorist 
attacks, and the security practices implemented by foreign passenger 
rail operators. In particular, my testimony highlights three key areas: 
(1) the actions that DHS and its component agencies have taken to 
assess the risks posed by terrorism to the U.S. passenger rail system; 
(2) the actions that TSA and other Federal agencies have taken to 
enhance the security of the U.S. passenger rail system; and (3) the 
security practices that domestic and selected foreign passenger rail 
operators have implemented to mitigate risks and enhance security. My 
comments today are based on GAO's September 2005 report addressing the 
security of the U.S. passenger rail system and selected updates on this 
program obtained in January 2007.\1\ This report was based on work at 
DHS, DOT and Amtrak, as well as work that included 32 passenger rail 
operators in the U.S., and 13 passenger rail operators in 7 European 
and Asian countries. We conducted our work in accordance with generally 
accepted government auditing standards.
---------------------------------------------------------------------------
    \1\ GAO, Passenger Rail Security: Enhanced Federal Leadership 
Needed to Prioritize and Guide Security Efforts, GAO-05-851 
(Washington, D.C.: Sept. 9, 2005).
---------------------------------------------------------------------------
    We have been requested by the Chairman of the House Homeland 
Security Committee to conduct a follow-on review of passenger rail 
security, which we expect to initiate in the near future. In addition, 
we have been requested to assess the security of other surface modes of 
transportation--including freight rail, commercial vehicles and highway 
infrastructure--which we have underway or will initiate later this 
year.
In Summary
    The DHS Office of Grants and Training has developed and conducted 
risk assessments of passenger rail systems to identify and protect rail 
assets that are vulnerable to attack, such as stations and bridges. TSA 
has also begun to conduct risk assessments, including a threat 
assessment of mass transit and passenger rail and assessments of 
individual critical rail assets. While TSA has begun to establish a 
methodology for determining how to analyze and characterize the risks 
identified, the agency has not completed a comprehensive risk 
assessment of the U.S. passenger rail system. Until TSA completes this 
effort, the agency may be limited in its ability to prioritize 
passenger rail assets and help guide security investment decisions 
about protecting them. At the Department level, DHS has begun 
developing, but has not yet completed a framework to help Federal 
agencies and the private sector develop a consistent approach for 
analyzing and comparing risks to transportation and other critical 
sectors. Until this framework is finalized and shared with 
stakeholders, it may not be possible to compare risks across different 
sectors, prioritize them, and allocate resources accordingly.
    Before and after September 11, 2001, FTA and FRA undertook a number 
of initiatives to enhance passenger rail security, including conducting 
security readiness assessments, providing grants for emergency response 
drills and training, and developing security awareness programs for 
rail passengers and employees. In March 2004, after terrorist attacks 
on the rail system in Madrid, TSA issued security directives for 
passenger rail and mass transit. These directives were intended to 
establish standard protective measures for all passenger rail 
operators, including Amtrak. However, Federal and rail industry 
stakeholders have questioned the extent that these directives were 
based on industry best practices and expressed confusion about how TSA 
would monitor compliance with the directives. In the 15 months since 
the completion of our work on passenger rail security, TSA has reported 
taking additional actions to strengthen the security of the passenger 
rail system. For example, TSA has tested rail security technologies, 
developed training tools for rail workers, and issued a proposed rule 
in December 2006 regarding passenger and freight rail security, among 
other efforts. TSA has also taken steps to better coordinate with DOT 
regarding rail security roles and responsibilities. The memorandum of 
understanding between DHS and DOT has been recently updated to include 
specific agreements between TSA and FTA and FRA to delineate security-
related roles and responsibilities, among other things, for passenger 
rail and mass transit.
    Domestic and foreign passenger rail operators we contacted during 
our prior work on passenger rail security had taken a range of actions 
to secure their systems. Most had implemented customer awareness 
programs to encourage passengers to remain vigilant and report 
suspicious activities, increased the number and visibility of security 
personnel, increased the use of canine teams to detect explosives, 
enhanced employee training programs, upgraded security technology, 
tightened access controls, and made rail system design improvements to 
enhance security. We also observed security practices among certain 
foreign passenger rail systems or their governments that are not 
currently used by the domestic rail operators we contacted, or by the 
U.S. Government, which could be considered for use in the U.S. For 
example, some foreign rail operators randomly screen passengers or 
utilize covert testing to help keep employees alert to security 
threats, and some foreign governments maintain centralized 
clearinghouses on rail security technologies and best practices. While 
introducing any of these security practices into the U.S. rail system 
may pose political, legal, fiscal, and cultural challenges, they 
nevertheless warrant further examination. Since our report on passenger 
rail security was issued, TSA has reported taking steps to coordinate 
with foreign passenger rail operators and governments to identify 
security best practices.
    In our September 2005 report on passenger rail security, we 
recommended, among other things, that TSA establish a plan with 
timelines for completing its methodology for conducting risk 
assessments and develop security standards that reflect industry best 
practices and can be measured and enforced. These actions should help 
ensure that the Federal Government has the information it needs to 
prioritize passenger rail assets based on risk, and evaluate, select, 
and implement measures to help the passenger rail operators protect 
their systems against terrorism. In addition, we recommended that the 
Secretary of DHS, in collaboration with DOT and the passenger rail 
industry, determine the feasibility, in a risk management context, of 
implementing certain security practices used by foreign rail operators. 
DHS, DOT, and Amtrak generally agreed with the report's 
recommendations. As of January 2007, DHS had not provided a formal 
response indicating if or how it has implemented these recommendations.
Background
Overview of the Passenger Rail System
    Each weekday, 11.3 million passengers in 35 metropolitan areas and 
22 states use some form of rail transit (commuter, heavy, or light 
rail).\2\ Commuter rail systems typically operate on railroad tracks 
and provide regional service between a central city and adjacent 
suburbs. Commuter rail systems are traditionally associated with older 
industrial cities, such as Boston, New York, Philadelphia, and Chicago. 
Heavy rail systems--subway systems like New York City's transit system 
and Washington, D.C.'s Metro--typically operate on fixed rail lines 
within a metropolitan area and have the capacity for a heavy volume of 
traffic. Amtrak operates the Nation's primary intercity passenger rail 
service over a 22,000-mile network, primarily over freight railroad 
tracks. Amtrak serves more than 500 stations (240 of which are staffed) 
in 46 states and the District of Columbia, and it carried more than 25 
million passengers during FY 2005.
---------------------------------------------------------------------------
    \2\ The American Public Transportation Association compiled this 
Fiscal Year 2003 ridership data from FTA's National Transit Database. 
These are the most current data available. Rail transit systems in the 
District of Columbia and Puerto Rico are included in these statistics.
---------------------------------------------------------------------------
Passenger Rail Systems Are Inherently Vulnerable to Terrorist Attacks
    According to passenger rail officials and passenger rail experts, 
certain characteristics of domestic and foreign passenger rail systems 
make them inherently vulnerable to terrorist attacks and therefore 
difficult to secure. By design, passenger rail systems are open, have 
multiple access points, are hubs serving multiple carriers, and, in 
some cases, have no barriers so that they can move large numbers of 
people quickly. In contrast, the U.S. commercial aviation system is 
housed in closed and controlled locations with few entry points. The 
openness of passenger rail systems can leave them vulnerable because 
operator personnel cannot completely monitor or control who enters or 
leaves the systems. In addition, other characteristics of some 
passenger rail systems--high ridership, expensive infrastructure, 
economic importance, and location (large metropolitan areas or tourist 
destinations)--also make them attractive targets for terrorists because 
of the potential for mass casualties and economic damage and 
disruption. Moreover, some of these same characteristics make passenger 
rail systems difficult to secure. For example, the numbers of riders 
that pass through a subway system--especially during peak hours--may 
make the sustained use of some security measures, such as metal 
detectors, difficult because they could result in long lines that could 
disrupt scheduled service. In addition, multiple access points along 
extended routes could make the cost of securing each location 
prohibitive. Balancing the potential economic impacts of security 
enhancements with the benefits of such measures is a difficult 
challenge.
Multiple Stakeholders Share Responsibility for Securing Passenger Rail 
        Systems
    Securing the Nation's passenger rail systems is a shared 
responsibility requiring coordinated action on the part of Federal, 
state, and local governments; the private sector; and rail passengers 
who ride these systems. Since the September 11 attacks, the role of 
Federal Government agencies in securing the Nation's transportation 
systems, including passenger rail, have continued to evolve. Prior to 
September 11, FTA and FRA, within DOT, were the primary Federal 
entities involved in passenger rail security matters. In response to 
the attacks of September 11, Congress passed the Aviation and 
Transportation Security Act (ATSA), which created TSA within DOT and 
defined its primary responsibility as ensuring the security of all 
modes of transportation, though its provisions focus primarily on 
aviation security.\3\ The Act also gave TSA regulatory authority for 
security over all transportation modes, though its provisions focus 
primarily on aviation security. With the passage of the Homeland 
Security Act of 2002, TSA was transferred, along with over 20 other 
agencies, to the Department of Homeland Security.\4\
---------------------------------------------------------------------------
    \3\ Pub. L. 107-71, 115 Stat. 597 (2001).
    \4\ Pub. L. 107-296, 116 Stat. 2135 (2002).
---------------------------------------------------------------------------
    Within DHS, the Office of Grants and Training (OGT), formerly the 
Office for Domestic Preparedness (ODP), has become the Federal source 
for security funding of passenger rail systems.\5\ OGT is the principal 
component of DHS responsible for preparing the United States for acts 
of terrorism and has primary responsibility within the Executive Branch 
for assisting and supporting DHS, in coordination with other 
directorates and entities outside of the Department, in conducting risk 
analysis and risk management activities of state and local governments. 
In carrying out its mission, OGT provides training, funds for the 
purchase of equipment, support for the planning and execution of 
exercises, technical assistance, and other support to assist states, 
local jurisdictions, and the private sector to prevent, prepare for, 
and respond to acts of terrorism. OGT created and is administering two 
grant programs focused specifically on transportation security, the 
Transit Security Grant Program and the Intercity Passenger Rail 
Security Grant Program. These programs provide financial assistance to 
address security preparedness and enhancements for passenger rail and 
transit systems. During Fiscal Year 2006, OGT provided $110 million to 
passenger rail transit agencies through the Transit Security Grant 
Program and about $7 million to Amtrak through the Intercity Passenger 
Rail Security Grant Program.
---------------------------------------------------------------------------
    \5\ OGT originated within the Department of Justice's Office of 
Justice Programs in 1998 as the Office for Domestic Preparedness (ODP). 
Pursuant to the Homeland Security Act of 2002, ODP was transferred to 
DHS in March 2003. See Pub. L. 107-296,  403(5), 116 Stat. at 2178 
(codified at 6 U.S.C. 203(5)). In March 2004, the Secretary of Homeland 
Security consolidated ODP with the Office of State and Local Government 
Coordination to form the Office of State and Local Government 
Coordination and Preparedness (SLGCP). SLGCP, which reports directly to 
the DHS Secretary, was created to provide a ``one-stop shop'' for the 
numerous Federal preparedness initiatives applicable to state and local 
governments. Recently, SLGCP was incorporated under the Preparedness 
Directorate as OGT.
---------------------------------------------------------------------------
    While TSA is the lead Federal agency for ensuring the security of 
all transportation modes, FTA conducts safety and security activities, 
including training, research, technical assistance, and demonstration 
projects. In addition, FTA promotes safety and security through its 
grant-making authority. FRA has regulatory authority for rail safety 
over commuter rail operators and Amtrak, and employs over 400 rail 
inspectors that periodically monitor the implementation of safety and 
security plans at these systems.\6\
---------------------------------------------------------------------------
    \6\ FRA administers and enforces Federal laws and regulations that 
are designed to promote safety on railroads, such as track maintenance, 
inspection standards, equipment standards, and operating practices. FRA 
exercises jurisdiction over all areas of railroad safety pursuant to 49 
U.S.C.  20103.
---------------------------------------------------------------------------
    State and local governments, passenger rail operators, and private 
industry are also important stakeholders in the Nation's rail security 
efforts. State and local governments may own or operate a significant 
portion of the passenger rail system. Passenger rail operators, which 
can be public or private entities, are responsible for administering 
and managing passenger rail activities and services. Passenger rail 
operators can directly operate the service provided or contract for all 
or part of the total service. Although all levels of government are 
involved in passenger rail security, the primary responsibility for 
securing passenger rail systems rests with passenger rail operators.
Assessing and Managing Risks to Rail Infrastructure Using a Risk 
        Management 
        Approach
    Risk management is a tool for informing policymakers' decisions 
about assessing risks, allocating resources, and taking actions under 
conditions of uncertainty. In recent years, the President, through 
Homeland Security Presidential Directives (HSPDs), and Congress, 
through the Intelligence Reform and Terrorism Prevention Act of 2004, 
provided for Federal agencies with homeland security responsibilities 
to apply risk-based principles to inform their decisionmaking regarding 
allocating limited resources and prioritizing security activities. The 
9/11 Commission recommended that the U.S. Government should identify 
and evaluate the transportation assets that need to be protected, set 
risk-based priorities for defending them, select the most practical and 
cost-effective ways of doing so, and then develop a plan, budget, and 
funding to implement the effort.\7\ In addition, DHS issued the 
National Strategy for Transportation Security in 2005 that describes 
the policies the DHS will apply when managing risks to the security of 
the U.S. transportation system.\8\ We have previously reported that a 
risk management approach can help to prioritize and focus the programs 
designed to combat terrorism. Risk management, as applied in the 
homeland security context, can help Federal decisionmakers determine 
where and how to invest limited resources within and among the various 
modes of transportation.
---------------------------------------------------------------------------
    \7\ National Commission on Terrorist Attacks upon the United 
States, The 9/11 Commission Report: Final Report of the National 
Commission on Terrorist Attacks upon the United States (Washington, 
D.C.: 2004). The 9/11 Commission was an independent, bipartisan 
commission created in late 2002, to prepare a complete account of the 
circumstances surrounding the September 11, 2001 terrorist attacks, 
including preparedness for and the immediate response to the attacks. 
The Commission was also mandated to provide recommendations designed to 
guard against future attacks.
    \8\ The Intelligence Reform and Terrorism Prevention Act of 2004 
requires the Secretary of Homeland Security, working jointly with the 
Secretary of Transportation, to develop, prepare, implement, and 
update, as needed a National Strategy for Transportation Security and 
transportation modal security plans. Pub. L. 108-458,  4001, 118 Stat. 
3638, 3710-12 (codified at 49 U.S.C. 114(t)).
---------------------------------------------------------------------------
    The Homeland Security Act of 2002 also directed the Department's 
Directorate of Information Analysis and Infrastructure Protection to 
use risk management principles in coordinating the Nation's critical 
infrastructure protection efforts.\9\ This includes integrating 
relevant information, analysis, and vulnerability assessments to 
identify priorities for protective and support measures by the 
Department, other Federal agencies, state and local government agencies 
and authorities, the private sector, and other entities. Homeland 
Security Presidential Directive 7 and the Intelligence Reform and 
Terrorism Prevention Act of 2004 further define and establish critical 
infrastructure protection responsibilities for DHS and those Federal 
agencies given responsibility for particular industry sectors, such as 
transportation. In June 2006, DHS issued the National Infrastructure 
Protection Plan (NIPP), which named TSA as the primary Federal agency 
responsible for coordinating critical infrastructure protection efforts 
within the transportation sector.\10\ The NIPP requires Federal 
agencies to work with the private sector to develop plans that, among 
other things, identify and prioritize critical assets for their 
respective sectors. As such, the NIPP requires TSA to conduct and 
facilitate risk assessments in order to identify, prioritize, and 
coordinate the protection of critical transportation systems 
infrastructure, as well as develop risk-based priorities for the 
transportation sector.
---------------------------------------------------------------------------
    \9\ In 2006, DHS reorganized their Information Analysis and 
Infrastructure Protection division. The functions of the Directorate of 
Information Analysis and Infrastructure Protection were moved to the 
Office of Intelligence Analysis and Office of Infrastructure 
Protection.
    \10\ HSPD-7 directed the Departments of Transportation and Homeland 
Security to collaborate on all matters relating to transportation 
security and transportation infrastructure protection. In 2003, DHS 
designated TSA as the lead agency for addressing HSPD-7 as it relates 
to securing the Nation's transportation sector.
---------------------------------------------------------------------------
    To provide guidance to agency decisionmakers, we have created a 
risk management framework, which is intended to be a starting point for 
applying risk-based principles. Our risk management framework entails a 
continuous process of managing risk through a series of actions, 
including setting strategic goals and objectives, assessing risk, 
evaluating alternatives, selecting initiatives to undertake, and 
implementing and monitoring those initiatives. DHS's National 
Infrastructure Protection Plan describes a risk management process that 
closely mirrors our risk management framework.
    Setting strategic goals, objectives, and constraints is a key first 
step in applying risk management principles and helps to ensure that 
management decisions are focused on achieving a purpose. These 
decisions should take place in the context of an agency's strategic 
plan that includes goals and objectives that are clear and concise. 
These goals and objectives should identify resource issues and external 
factors to achieving the goals. Further, the goals and objectives of an 
agency should link to a department's overall strategic plan. The 
ability to achieve strategic goals depends, in part, on how well an 
agency manages risk. The agency's strategic plan should address risk 
related issues that are central to the agency's overall mission.
    Risk assessment, an important element of a risk-based approach, 
helps decisionmakers identify and evaluate potential risks so that 
countermeasures can be designed and implemented to prevent or mitigate 
the effects of the risks. Risk assessment is a qualitative and/or 
quantitative determination of the likelihood of an adverse event 
occurring and the severity, or impact, of its consequences. Risk 
assessment in a homeland security application often involves assessing 
three key elements--threat, vulnerability, and criticality or 
consequence. A threat assessment identifies and evaluates potential 
threats on the basis of factors such as capabilities, intentions, and 
past activities. A vulnerability assessment identifies weaknesses that 
may be exploited by identified threats and suggests options to address 
those weaknesses. A criticality or consequence assessment evaluates and 
prioritizes assets and functions in terms of specific criteria, such as 
their importance to public safety and the economy, as a basis for 
identifying which structures or processes are relatively more important 
to protect from attack. Information from these three assessments 
contributes to an overall risk assessment that characterizes risks on a 
scale such as high, medium, or low and provides input for evaluating 
alternatives and management prioritization of security initiatives. The 
risk assessment element in the overall risk management cycle may be the 
largest change from standard management steps and can be important to 
informing the remaining steps of the cycle.
DHS Has Taken Steps To Assess Risk to Passenger Rail Systems, but 
        Additional Work Is Needed To Guide Security Investments
    DHS component agencies have taken a variety of steps to assess the 
risk posed by terrorism to U.S. passenger rail systems. The DHS OGT 
developed and implemented a risk assessment methodology intended to 
help passenger rail operators better respond to terrorist attacks and 
prioritize security measures. Passenger rail operators must have 
completed a risk assessment to be eligible for financial assistance 
through the Fiscal Year 2007 OGT Transit Security Grant Program, which 
includes funding for passenger rail. To receive grant funding, rail 
operators are also required to have a security and emergency 
preparedness plan that identifies how the operator intends to respond 
to security gaps identified by risk assessments. As of January 2007, 
OGT had completed or planned to conduct risk assessments of most 
passenger rail operators. According to rail operators, OGT's risk 
assessment process enabled them to prioritize investments based on risk 
and are allowing them to target and allocate resources toward security 
measures that will have the greatest impact on reducing risk across 
their system.
    TSA has also begun to assess risks to the passenger rail system. 
TSA had completed an overall threat assessment for both mass transit 
and passenger and freight rail modes. TSA also conducted criticality 
assessments of nearly 700 passenger rail stations and had begun 
conducting assessments for other passenger rail assets such as bridges 
and tunnels. TSA plans to rely on asset criticality rankings to 
prioritize which assets it will focus on in conducting vulnerability 
assessments to determine which passenger rail assets are vulnerable to 
attack. For assets that are deemed to be less critical, TSA has 
developed a software tool that it has made available to passenger rail 
and other transportation operators for them to use on a voluntary basis 
to assess the vulnerability of their assets. Until all three 
assessments of passenger rail systems--threat, criticality, and 
vulnerability--have been completed, and until TSA determines how to use 
the results of these assessments to analyze and characterize the level 
of risk (high, medium, or low), it will be difficult to prioritize 
passenger rail assets and guide investment decisions about protecting 
them. Finalizing a methodology for assessing risk to passenger rail and 
other transportation assets and conducting risk assessments are also 
key steps used in producing the Transportation Sector Specific Plan 
(TSSP) required by HSPD-7.\11\ According to TSA, the TSSP and 
supporting plans for each mode of transportation have been completed 
and are currently being reviewed by DHS and the White House Homeland 
Security Council. As of January 2007, TSA had not completed a 
comprehensive risk assessment of the passenger rail system.
---------------------------------------------------------------------------
    \11\ HSPD-7 defines critical infrastructure protection 
responsibilities for DHS, sector-specific agencies (those Federal 
agencies given responsibility for transportation, energy, 
telecommunications, and so forth), and other departments and agencies. 
The Directive instructs Federal departments and agencies to identify, 
prioritize, and coordinate the protection of critical infrastructure to 
prevent, deter, and mitigate the effects of terrorist attacks.
---------------------------------------------------------------------------
    As TSA, OGT, and other Federal agencies, including DOT, move 
forward with risk assessment activities, DHS is developing a framework 
intended to help these agencies work with their stakeholders to assess 
risk. This framework is intended to help the private sector and state 
and local governments develop a consistent approach to analyzing risk 
and vulnerability across infrastructure types and across entire 
economic sectors, develop consistent terminology, and foster consistent 
results. The framework is also intended to enable a Federal-level 
assessment of risk in general, and comparisons among risks, for 
purposes of resource allocation and response planning. DHS has informed 
TSA that this framework will provide overarching guidance to sector-
specific agencies on how various risk assessment methodologies may be 
used to analyze, normalize, and prioritize risk within and among 
sectors. Because neither this element nor the framework as a whole has 
been finalized or provided to TSA or other sector-specific agencies, it 
is not clear what impact, if any, DHS's framework may have on ongoing 
risk assessments conducted by, and the methodologies used by, TSA, OGT, 
and others, and whether or how DHS will be able to use these results to 
compare risks and prioritize homeland security investments among 
sectors. Until DHS finalizes this framework, and until TSA completes 
its risk assessment methodology, it will not be possible to determine 
whether different methodologies used by TSA and OGT for conducting 
threat, criticality, and vulnerability assessments generate disparate 
qualitative and quantitative results or how they can best be compared 
and analyzed. In addition, coordinated risk assessments will help TSA 
and others avoid duplicative efforts and determine whether other 
agencies' risk assessment methodologies, and the data generated by 
these methodologies, can be leveraged to complete assessments required 
for the transportation sector.
Multiple Federal Agencies Have Taken Actions To Enhance Passenger Rail 
        Security
    In addition to the ongoing initiatives to enhance passenger rail 
security conducted by the FTA and FRA before and after September 11, 
2001, TSA issued security directives to passenger rail operators after 
the March 2004 terrorist attacks on the rail system in Madrid. However, 
Federal and rail industry stakeholders have questioned the extent that 
these directives were based on industry best practices and expressed 
confusion about how TSA would monitor compliance with the directives. 
Since the completion of our work on passenger rail security, TSA has 
reported taking additional actions to strengthen the security of the 
passenger rail system. For example, TSA has tested rail security 
technologies, developed training tools for rail workers, and issued a 
proposed rule in December 2006 regarding passenger and freight rail 
security, among other efforts. TSA has also taken steps to better 
coordinate with DOT regarding rail security roles and responsibilities. 
The memorandum of understanding between DHS and DOT had been recently 
updated to include specific agreements between TSA and FTA and FRA to 
delineate security-related roles and responsibilities, among other 
things, for passenger rail and mass transit.
DOT Agencies Led Initial Efforts To Enhance Passenger Rail Security
    Prior to the creation of TSA in November 2001, FTA and FRA, within 
DOT, were primarily responsible for the security of passenger rail 
systems. These agencies undertook a number of initiatives to enhance 
the security of passenger rail systems after the September 11 attacks 
that are still in place today. Specifically, FTA launched a transit 
security initiative in 2002 that included security readiness 
assessments, technical assistance, grants for emergency response 
drills, and training. FTA instituted the Transit Watch campaign in 
2003--a nationwide safety and security awareness program designed to 
encourage the participation of transit passengers and employees in 
maintaining a safe transit environment. The program provides 
information and instructions to transit passengers and employees so 
that they know what to do and whom to contact in the event of an 
emergency in a transit setting. FTA planned to continue this 
initiative, in partnership with TSA and OGT, and offer additional 
security awareness materials that address unattended bags and emergency 
evacuation procedures for transit agencies. In addition, FTA has issued 
guidance, such as its Top 20 Security Program Action Items for Transit 
Agencies, which recommends measures for passenger rail operators to 
implement into their security programs to improve both security and 
emergency preparedness. FTA has also used research and development 
funds to develop guidance for security design strategies to reduce the 
vulnerability of transit systems to acts of terrorism. In November 
2004, FTA provided rail operators with security considerations for 
transportation infrastructure. This guidance provides recommendations 
intended to help operators deter and minimize attacks against their 
facilities, riders, and employees by incorporating security features 
into the design of rail infrastructure.
    FRA has also taken a number of actions to enhance passenger rail 
security since September 11, 2001. For example, it has assisted 
commuter railroads in developing security plans, reviewed Amtrak's 
security plans, and helped fund FTA security readiness assessments for 
commuter railroads. In the wake of the Madrid terrorist bombings in 
March 2004, nearly 200 FRA inspectors, in cooperation with DHS, 
conducted inspections of each of the 18 commuter railroads and Amtrak 
to determine what additional security measures had been put into place 
to prevent a similar occurrence in the United States. FRA also 
conducted research and development projects related to passenger rail 
security. These projects included rail infrastructure security and 
trespasser monitoring systems and passenger screening and manifest 
projects, including explosives detection. Although FTA and FRA now play 
a supporting role in transportation security matters since the creation 
of TSA, they remain important partners in the Federal Government's 
efforts to strengthen rail security, given their role in funding and 
regulating the safety of passenger rail systems. Moreover, as TSA moves 
ahead with its passenger rail security initiatives, FTA and FRA are 
continuing their passenger rail security efforts.
TSA Issued Rail Security Directives, but Faces Challenges Related to 
        Compliance and Enforcement
    In May 2004, TSA issued security directives to the passenger rail 
industry to establish standard security measures for all passenger rail 
operators, including Amtrak.\12\ However, as we previously reported, it 
was unclear how TSA developed the requirements in the directives, how 
TSA planned to monitor and ensure compliance, how rail operators were 
to implement the measures, and which entities were responsible for 
their implementation. According to TSA, the directives were based upon 
FTA and American Public Transportation Association best practices for 
rail security. Specifically, TSA stated that it consulted a list of the 
top 20 actions FTA identified that rail operators can take to 
strengthen security. While some of the directives correlate to 
information contained in the FTA guidance, the source for many of the 
directives is unclear. Amtrak and FRA officials also raised concerns 
about some of the directives. For example, FRA officials stated that 
current FRA safety regulations requiring engineer compartment doors be 
kept unlocked to facilitate emergency escapes \13\ conflicts with the 
TSA security directive requirement that doors equipped with locking 
mechanisms be kept locked. Other passenger rail operators we spoke to 
during our review stated that TSA did not adequately consult with the 
rail industry prior to developing and issuing these directives.
---------------------------------------------------------------------------
    \12\ TSA issues security related regulations and directives 
pursuant to its 49 U.S.C.  114(1) rulemaking authority.
    \13\ See 49 CFR  238.235.
---------------------------------------------------------------------------
    With respect to how the directives were to be enforced, rail 
operators were required to allow TSA and DHS to perform inspections, 
evaluations, or tests based on execution of the directives at any time 
or location. TSA officials stated the agency has hired 100 surface 
transportation inspectors, whose stated mission is to, among other 
duties, monitor and enforce compliance with TSA's rail security 
directives. However, some passenger rail operators have expressed 
confusion and concern about the role of TSA's inspectors and the 
potential that TSA inspections could be duplicative of other Federal 
and state rail inspections. TSA rail inspector staff stated that they 
were committed to avoiding duplication in the program and communicating 
their respective roles to rail agency officials. According to TSA, 
since the initial deployment of surface inspectors, these inspectors 
have developed relationships with security officials in passenger rail 
and transit systems, coordinated access to operations centers, 
participated in emergency exercises, and provided assistance in 
enhancing security. We will continue to assess TSA's enforcement of 
rail security directives during our follow-on review of passenger rail 
security.
TSA Has Taken Other Actions To Strengthen the Security of the Passenger 
        Rail 
        System and Coordinate Its Efforts With Other Federal Agencies
    In January 2007, TSA provided us an update on additional actions 
they had taken to strengthen passenger rail security. We have not 
verified or evaluated these actions. These actions include:
    National Explosive Canine Detection Teams: Since late 2005, TSA 
reported that it has trained and deployed 53 canine teams to 13 mass 
transit systems to help detect explosives in the passenger rail system 
and serve as a deterrent to potential terrorists.
    Visible Intermodal Prevention and Response Teams: This program is 
intended to provide teams of law enforcement, canines, and inspection 
personnel to mass transit and passenger rail systems to deter and 
detect potential terrorist actions. Since the program's inception in 
December 2005, TSA reported conducting more than 25 exercises at mass 
transit and passenger rail systems throughout the Nation.
    Mass Transit and Passenger Rail Security Information Sharing 
Network: According to TSA, the agency initiated this program in August 
2005 to develop information sharing and dissemination processes 
regarding passenger rail and mass transit security across the Federal 
Government, state and local governments, and rail operators.
    National Transit Resource Center: TSA officials stated that they 
are working with FTA and DHS OGT to develop this center, which will 
provide transit agencies nationwide with pertinent information related 
to transit security, including recent suspicious activities, promising 
security practices, new security technologies, and other information.
    National Security Awareness Training Program for Railroad 
Employees: TSA officials stated that the agency has contracted to 
develop and distribute computer-based training for passenger rail, rail 
transit, and freight rail employees. The training will include 
information on identifying security threats, observing and reporting 
suspicious activities and objects, mitigating security incidents, and 
other related information. According to TSA, the training will be 
distributed to all passenger and freight rail systems.
    Transit Terrorist Tool and Tactics: This training course is funded 
through the Transit Security Grant Program and teaches transit 
employees how to prevent and respond to a chemical, biological, 
radiological, nuclear, or explosive attack. According to TSA, this 
course was offered for the first time during the Fall of 2006.
    National Tunnel Security Initiative: This DHS and DOT initiative 
aims to identify and assess risks to underwater tunnels, prioritize 
security funding to the most critical areas, and develop technologies 
to better secure underwater tunnels. According to TSA, this initiative 
has identified a list of 29 critical underwater rail transit tunnels.
    TSA has also sought to enhance passenger rail security by 
conducting research on technologies related to screening passengers and 
checked baggage in the passenger rail environment. TSA conducted a 
Transit and Rail Inspection Pilot. The pilot was a $1.5 million effort 
to test the feasibility of using existing and emerging technologies to 
screen passengers, carry-on items, checked baggage, cargo, and parcels 
for explosives. TSA officials told us that based upon preliminary 
analyses, the screening technologies and processes tested would be very 
difficult to implement on heavily used passenger rail systems because 
these systems carry high volumes of passengers and have multiple points 
of entry. However, TSA officials added that the screening processes 
used in the pilot may be useful on certain long-distance intercity 
train routes, which make fewer stops. Further, TSA officials stated 
that screening could be used either randomly or for all passengers 
during certain high-risk events or in areas where a particular 
terrorist threat is known to exist. For example, screening technology 
similar to that used in the pilot was used by TSA to screen certain 
passengers and belongings in Boston and New York rail stations during 
the 2004 Democratic and Republican national conventions. According to 
TSA, the agency is also researching and developing other passenger rail 
security technologies, including closed circuit television systems that 
can detect suspicious behavior, mobile passenger screening checkpoints 
to be used at rail stations, bomb resistant trash cans, and explosive 
detection equipment for use in the rail environment.
    More recently, in December 2006, TSA issued a proposed rule 
regarding passenger and freight rail security requirements. TSA's 
proposed rule would require that passenger and freight rail operators, 
certain facilities that ship or receive hazardous materials by rail, 
and rail transit systems take the following actions:

   Designate a rail security coordinator to be available to TSA 
        on a 24 hour, 7 day a week basis to serve as the primary 
        contact for the receipt of intelligence and other security 
        related information.

   Immediately report incidents, potential threats, and 
        security concerns to TSA.

   Allow TSA and DHS officials to enter and conduct 
        inspections, test, and perform other duties within their rail 
        systems.

   Provide TSA, upon request, with the location and shipping 
        information of rail cars that contain a specific category and 
        quantity of hazardous materials within 1 hour of receiving the 
        request from TSA.

   Provide for a secure chain of custody and control of rail 
        cars containing a specified quantity and type of hazardous 
        material.

    Public comments on the proposed rule are due in February 2007. TSA 
plans to review these comments and issue a final rule in the future.
    With multiple DHS and DOT stakeholders involved in securing the 
U.S. passenger rail system, the need to improve coordination between 
the two agencies has been a consistent theme in our prior work in this 
area. In response to a previous recommendation we made,\14\ DHS and DOT 
signed a memorandum of understanding (MOU) to develop procedures by 
which the two departments could improve their cooperation and 
coordination for promoting the safe, secure, and efficient movement of 
people and goods throughout the transportation system. The MOU defines 
broad areas of responsibility for each department. For example, it 
states that DHS, in consultation with DOT and affected stakeholders, 
will identify, prioritize, and coordinate the protection of critical 
infrastructure. The MOU between DHS and DOT represents an overall 
framework for cooperation that is to be supplemented by additional 
signed agreements, or Annexes, between the departments. These Annexes 
are to delineate the specific security related roles, responsibilities, 
resources, and commitments for mass transit, rail, research and 
development, and other matters. TSA signed annexes to the MOU with FRA 
and FTA describing the roles and responsibilities of each agency 
regarding passenger rail security. These annexes also describe how TSA 
and these DOT agencies will coordinate security related efforts, avoid 
duplicating these efforts, and improve coordination and communication 
with industry stakeholders.
---------------------------------------------------------------------------
    \14\ Transportation Security: Federal Action Needed to Help Address 
Security Challenges, GAO-03-843 (Washington, D.C.: June 2003).
---------------------------------------------------------------------------
U.S. and Foreign Rail Operators Have Taken Similar Actions To Secure 
        Rail Systems, and Opportunities for Additional Domestic 
        Security 
        Actions May Exist
    U.S. passenger rail operators have taken numerous actions to secure 
their rail systems since the terrorist attacks of September 11, 2001, 
in the United States, and the March 11, 2004, attacks in Madrid. These 
actions included both improvements to system operations and capital 
enhancements to a system's facilities, such as tracks, buildings, and 
train cars. All of the U.S. passenger rail operators we contacted have 
implemented some types of security measures--such as increased numbers 
and visibility of security personnel and customer awareness programs--
that were generally consistent with those we observed in select 
countries in Europe and Asia. We also identified three rail security 
practices--covert testing, random screening of passengers and their 
baggage, and centralized research and testing--utilized by foreign 
operators or their governments that were not utilized by domestic rail 
operators or the U.S. Government at the time of our review.
U.S. and Foreign Rail Operators Employ Similar Security Practices
    Both U.S. and foreign passenger rail operators we contacted have 
implemented similar improvements to enhance the security of their 
systems. A summary of these efforts follows.
    Customer awareness: Customer awareness programs we observed used 
signage and announcements to encourage riders to alert train staff if 
they observed suspicious packages, persons, or behavior. Of the 32 
domestic rail operators we interviewed, 30 had implemented a customer 
awareness program or made enhancements to an existing program. Foreign 
rail operators we visited also attempted to enhance customer awareness. 
For example, 11 of the 13 operators we interviewed had implemented a 
customer awareness program.
    Increased number and visibility of security personnel: Of the 32 
U.S. rail operators we interviewed, 23 had increased the number of 
security personnel they utilized since September 11, to provide 
security throughout their system or had taken steps to increase the 
visibility of their security personnel. Several U.S. and foreign rail 
operators we spoke with had instituted policies such as requiring their 
security staff, in brightly colored vests, to patrol trains or stations 
more frequently, so they are more visible to customers and potential 
terrorists or criminals. These policies make it easier for customers to 
contact security personnel in the event of an emergency, or if they 
have spotted a suspicious item or person. At foreign sites we visited, 
10 of the 13 operators had increased the number of their security 
officers throughout their systems in recent years because of the 
perceived increase in risk of a terrorist attack.
    Increased use of canine teams: Of the 32 U.S. passenger rail 
operators we contacted, 21 were using canines to patrol their 
facilities or trains. Often, these units are used to detect the 
presence of explosives, and may be called in when a suspicious package 
is detected. In foreign countries we visited, passenger rail operators' 
use of canines varied. In some Asian countries, canines were not 
culturally accepted by the public and thus were not used for rail 
security purposes. As in the United States, and in contrast to Asia, 
most European passenger rail operators used canines for explosive 
detection or as deterrents.
    Employee training: All of the domestic and foreign rail operators 
we interviewed had provided some type of security training to their 
staff, either through in-house personnel or an external provider. In 
many cases, this training consisted of ways to identify suspicious 
items and persons and how to respond to events once they occur. For 
example, the London Underground and the British Transport Police 
developed the ``HOT'' method for its employees to use to identify 
suspicious items in the rail system. In the HOT method, employees are 
trained to look for packages or items that are Hidden, Obviously 
suspicious, and not Typical of the environment.
    Passenger and baggage screening practices: Some domestic and 
foreign rail operators have trained employees to recognize suspicious 
behavior as a means of screening passengers. Eight U.S. passenger rail 
operators we contacted were utilizing some form of behavioral 
screening. Abroad, we found that 4 of 13 operators we interviewed had 
implemented forms of behavioral screening. All of the domestic and 
foreign rail operators we contacted have ruled out an airport-style 
screening system for daily use in heavy traffic, where each passenger 
and the passenger's baggage are screened by a magnetometer or X-ray 
machine, based on cost, staffing, and customer convenience factors, 
among other reasons.
    Upgrading technology: Many rail operators we interviewed had 
embarked on programs designed to upgrade their existing security 
technology. For example, we found that 29 of the 32 U.S. operators had 
implemented a form of closed circuit television (CCTV) to monitor their 
stations, yards, or trains. While these cameras cannot be monitored 
closely at all times, because of the large number of staff that would 
be required, many rail operators felt that the cameras acted as a 
deterrent, assisted security personnel in determining how to respond to 
incidents that had already occurred, and could be monitored if an 
operator had received information that an incident may occur at a 
certain time or place in their system. Abroad, all 13 of the foreign 
rail operators we visited had CCTV systems in place. In addition, 18 of 
the 32 U.S. rail operators we interviewed had installed new emergency 
phones or enhanced the visibility of the intercom systems they already 
had. As in the United States, a few foreign operators had implemented 
chemical or biological detection devices at these rail stations, but 
their use was not widespread. Two of the 13 foreign operators we 
interviewed had implemented these sensors, and both were doing so on an 
experimental basis. In addition, police officers from the British 
Transport Police--responsible for policing the rail system in the 
United Kingdom--were equipped with pagers to detect chemical, 
biological, or radiological elements in the air, allowing them to 
respond quickly in case of a terrorist attack using one of these 
methods.
    Access control: Tightening access control procedures at key 
facilities or rights-of-way is another way many rail operators have 
attempted to enhance security. A majority of domestic and selected 
foreign passenger rail operators had invested in enhanced systems to 
control unauthorized access at employee facilities and stations. 
Specifically, 23 of the 32 U.S. operators had installed a form of 
access control at key facilities and stations. All 13 foreign operators 
had implemented some form of access control to their critical 
facilities or rights-of-way.
    Rail system design and configuration: In an effort to reduce 
vulnerabilities to terrorist attack and increase security, passenger 
rail operators in the United States and abroad have been, or are now 
beginning to, incorporate security features into the design of new and 
existing rail infrastructure, primarily rail stations. For example, of 
the 32 domestic rail operators we contacted, 22 of them had removed 
their conventional trash bins entirely, or replaced them with 
transparent or bomb-resistant trash bins, as TSA instructed in its May 
2004 security directives. Foreign rail operators had also taken steps 
to remove traditional trash bins from their systems. Of the 13 
operators we visited, 8 had either removed their trash bins entirely or 
replaced them with blast-resistant cans or transparent receptacles.
    Many foreign rail operators are also incorporating aspects of 
security into the design of their rail infrastructure. Of the 13 
operators we visited, 11 had attempted to design new facilities with 
security in mind and had retrofitted older facilities to incorporate 
security-related modifications. For example, one foreign operator we 
visited was retrofitting its train cars with windows that passengers 
could open in the event of a chemical attack. In addition, the London 
Underground incorporates security into the design of all its new 
stations as well as when existing stations are modified. We observed 
several security features in the design of Underground stations, such 
as using vending machines that have no holes that someone could use to 
hide a bomb, and sloped tops to reduce the likelihood that a bomb can 
be placed on top of the machine. In addition, stations are designed to 
provide staff with clear lines of sight to all areas of the station, 
such as underneath benches or ticket machines, and station designers 
try to eliminate or restrict access to any recessed areas where a bomb 
could be hidden.
    Figure 1 shows a diagram of several security measures that we 
observed in passenger rail stations both in the United States and 
abroad.


Amtrak Faces Challenges Specific to Intercity Passenger Rail in 
        Securing Its System
    In our past work, we found that Amtrak faces security challenges 
unique to intercity passenger rail systems. First, Amtrak operates over 
thousands of miles, often far from large population centers. This makes 
its route system more difficult to patrol and monitor than one 
contained in a particular metropolitan region, and it causes delays in 
responding to incidents when they occur in remote areas. Also, outside 
the Northeast Corridor, Amtrak operates almost exclusively on tracks 
and in stations owned by freight rail companies. This means that Amtrak 
often cannot make security improvements to others' rights-of-way or 
station facilities and that it is reliant on the staff of other 
organizations to patrol their facilities and respond to incidents that 
may occur. Furthermore, with over 500 stations, only half of which are 
staffed, screening even a small portion of the passengers and baggage 
boarding Amtrak trains is difficult. Finally, Amtrak's financial 
condition has never been strong--Amtrak has been on the edge of 
bankruptcy several times.
    Amid the ongoing challenges of securing its coast-to-coast railway, 
Amtrak has taken some actions to enhance security throughout its 
intercity passenger rail system. For example, Amtrak initiated a 
passenger awareness campaign, began enforcing restrictions on carry-on 
luggage that limit passengers to two carry-on bags, not exceeding 50 
pounds; began requiring passengers to show identification after 
boarding trains; increased the number of canine units patrolling its 
system looking for explosives or narcotics; and assigned some of its 
police to ride trains in the Northeast Corridor. Also, Amtrak 
instituted a policy of randomly inspecting checked baggage on its 
trains. Last, Amtrak is making improvements to the emergency exits in 
certain tunnels to make evacuating trains in the tunnels easier in the 
event of a crash or terrorist attack.
Three Foreign Rail Security Practices Are Not Currently Used in the 
        United States
    While many of the security practices we observed in foreign rail 
systems are similar to those U.S. passenger rail operators are 
implementing, we identified three foreign practices that were not 
currently in use among the U.S. passenger rail operators we contacted 
as of September 2005, nor were they performed by the U.S. Government. 
These practices are as follows.
    Covert testing: Two of the 13 foreign rail systems we visited 
utilized covert testing to keep employees alert about their security 
responsibilities. Covert testing involves security staff staging 
unannounced events to test the response of railroad staff to incidents 
such as suspicious packages or setting off alarms. In one European 
system, this covert testing involves security staff placing suspicious 
items throughout their system to see how long it takes operating staff 
to respond to the item. Similarly, one Asian rail operator's security 
staff will break security seals on fire extinguishers and open alarmed 
emergency doors randomly to see how long it takes staff to respond. TSA 
conducts covert testing of passenger and baggage screening in aviation, 
but has not conducted such testing in the rail environment.
    Random screening: Of the 13 foreign operators we interviewed, 2 
have some form of random screening of passengers and their baggage in 
place. Prior to the July 2005 London bombings, no passenger rail 
operators in the United States were practicing random passengers or 
baggage screening. However, during the Democratic National Convention 
in 2004, the Massachusetts Bay Transportation Authority (MBTA) 
instituted a system of random screening of passengers.
    National government clearinghouse on technologies and best 
practices: According to passenger rail operators in five countries we 
visited, their national governments had centralized the process for 
performing research and development of passenger rail security 
technologies and maintained a clearinghouse of technologies and 
security best practices for passenger rail operators. No U.S. Federal 
agency has compiled or disseminated information on research and 
development and other best practices for U.S. rail operators.
    Implementing covert testing, random screening, or a government-
sponsored clearinghouse for technologies and best practices in the U.S. 
could pose political, legal, fiscal, and cultural challenges because of 
the differences between the U.S. and these foreign nations. Many 
foreign nations have dealt with terrorist attacks on their public 
transportation systems for decades, compared with the United States, 
where rail has not been specifically targeted by terrorists. According 
to foreign rail operators, these experiences have resulted in greater 
acceptance of certain security practices, such as random searches, 
which the U.S. public may view as a violation of their civil liberties 
or which may discourage them from using public transportation. The 
impact of security measures on passengers is an important consideration 
for domestic rail operators, since most passengers could choose another 
means of transportation, such as a personal automobile. As such, 
security measures that limit accessibility, cause delays, increase 
fares, or otherwise cause inconvenience could push people away from 
rail and into their cars. In contrast, the citizens of the European and 
Asian countries we visited are more dependent on public transportation 
than most U.S. residents and therefore may be more willing to accept 
intrusive security measures. Nevertheless, in order to identify 
innovative security measures that could help further mitigate 
terrorism-risks to rail assets--especially as part of a broader risk 
management approach discussed earlier--it is important to consider the 
feasibility and costs and benefits of implementing the three rail 
security practices we identified in foreign countries. Officials from 
DHS, DOT, passenger rail industry associations, and rail systems we 
interviewed told us that operators would benefit from such an 
evaluation. Since our report on passenger rail security was issued, TSA 
has reported taking steps to coordinate with foreign passenger rail 
operators and governments to identify security best practices. For 
example, TSA reported working with British rail security officials to 
identify best practices for detecting and handling suspicious packages 
in rail systems.
Conclusions
    In conclusion, Mr. Chairman, the July 2005 London rail bombings 
made clear that even when a variety of security precautions are put 
into place, passenger rail systems that move high volumes of passengers 
daily remain vulnerable to attack. DHS components have taken steps to 
assess the risks to the passenger rail system. However, enhanced 
Federal leadership is needed to help ensure that actions and 
investments designed to enhance security are properly focused and 
prioritized so that finite resources may be allocated appropriately to 
help protect all modes of transportation. Specifically, both DHS and 
TSA should take additional steps to help ensure that the risk 
management efforts under way clearly and effectively identify priority 
areas for security-related investments in rail and other transportation 
modes. TSA has not yet completed its methodology for determining how 
the results of threat, criticality, and vulnerability assessments will 
be used to identify and prioritize risks to passenger rail and other 
transportation sectors. Until the overall risk to the entire 
transportation sector is identified, TSA will not be able to determine 
where and how to target limited resources to achieve the greatest 
security gains. Once risk assessments for the passenger rail industry 
have been completed, it will be critical to be able to compare 
assessment results across all transportation modes and make informed, 
risk-based investment trade-offs. It is important that DHS complete its 
framework to help ensure that risks to all sectors can be analyzed and 
compared in a consistent way. Until this framework is complete, it will 
be difficult for agencies to reconcile information from different 
sectors to allow for a meaningful comparison of risk.
    Apart from its efforts to identify risks, TSA has taken steps to 
enhance the security of the passenger rail system. The issuance of 
security directives in 2004 was a well-intentioned effort, but did not 
provide the industry with security standards based on industry best 
practices. It is also not clear how TSA will enforce these directives. 
Consequently, neither the Federal Government nor rail operators can be 
sure they are requiring and implementing security practices proven to 
help prevent or mitigate disasters. While foreign passenger rail 
operators face similar challenges to securing their systems and have 
generally implemented similar security practices as U.S. rail 
operators, there are some practices that are utilized abroad that U.S. 
rail operators or the Federal Government have not studied in terms of 
the feasibility, costs, and benefits. In our September 2005 report on 
passenger rail security, we recommended, among other things, that TSA 
establish a plan with timelines for completing its methodology for 
conducting risk assessments and develop security standards that reflect 
industry best practices and can be measured and enforced. These actions 
should help ensure that the Federal Government has the information it 
needs to prioritize passenger rail assets based on risk, and evaluate, 
select, and implement measures to help the passenger rail operators 
protect their systems against terrorism. In addition, we recommended 
that the Secretary of DHS, in collaboration with DOT and the passenger 
rail industry, determine the feasibility, in a risk management context, 
of implementing certain security practices used by foreign rail 
operators. DHS, DOT, and Amtrak generally agreed with the report's 
recommendations, but as of January 2007, they have not told us what 
specific actions they are taking to implement them. We will continue to 
assess DHS and DOT's efforts to secure the U.S. passenger rail system 
during follow-on work to be initiated later this year.
    Mr. Chairman, this concludes my statement. I would be pleased to 
answer any questions that you or other members of the Committee may 
have at this time.
         Related GAO Products Released Since September 11, 2001
    Passenger Rail Security: Evaluating Foreign Security Practices and 
Risk Can Help Guide Security Efforts. GAO-06-557T. Washington, D.C.: 
March 29, 2006.
    Passenger Rail Security: Enhanced Federal Leadership Needed to 
Prioritize and Guide Security Efforts. GAO-06-181T, Washington, D.C.: 
October 20, 2005.
    Passenger Rail Security: Enhanced Federal Leadership Needed to 
Prioritize and Guide Security Efforts. GAO-05-851. Washington, D.C.: 
September 9, 2005.
    Transportation Security: Systematic Planning Needed to Optimize 
Resources. GAO-05-357T. Washington, D.C.: February 15, 2005.
    Rail Security: Some Actions Taken to Enhance Passenger and Freight 
Rail Security, but Significant Challenges Remain. GAO-04-598T. 
Washington, D.C.: March 23, 2004.
    Transportation Security: Federal Action Needed to Enhance Security 
Efforts. GAO-03-1154T. Washington, D.C.: September 9, 2003.
    Transportation Security: Federal Action Needed to Help Address 
Security Challenges. GAO-03-843. Washington, D.C.: June 30, 2003.
    Rail Safety and Security: Some Actions Already Taken to Enhance 
Rail Security, but Risk-based Plan Needed. GAO-03-435. Washington, 
D.C.: April 30, 2003.
    Transportation Security: Post-September 11 Initiatives and Long-
term Challenges. GAO-03-616T. Washington, D.C.: April 1, 2003.
    Mass Transit: Federal Action Could Help Transit Agencies Address 
Security Challenges. GAO-03-263. Washington, D.C.: December 13, 2002.
    Mass Transit: Challenges in Securing Transit Systems. GAO-02-1075T. 
Washington, D.C.: September 18, 2002.

    The Chairman. The next witness, the Director of the Office 
of Homeland Security and Preparedness, State of New Jersey, the 
Honorable Richard Canas.

       STATEMENT OF THE HON. RICHARD L. CANAS, DIRECTOR, 
  OFFICE OF HOMELAND SECURITY AND PREPAREDNESS, STATE OF NEW 
                             JERSEY

    Mr. Canas. Good morning, Chairman Inouye, and Vice Chairman 
Stevens, distinguished Senators. Thank you for asking me to 
testify on how, together, we can improve rail and surface 
transportation security.
    Current intelligence information clearly indicates 
terrorists' threat to mass transit, specifically, rail 
infrastructure, remains high.
    In New York and New Jersey region, the most densely 
populated area in the United States, there have been multiple, 
specific threats to rail and subway assets. Several terrorist 
plots have been thwarted since 9/11, and we continue to see 
numerous incidents of suspicious activity at, or near, New 
Jersey rail infrastructure. It is clearly one of the highest 
security priorities for us.
    New Jersey's rail system is complex. The state is home to 
five major public rail organizations, with an annual ridership 
exceeding 90 million passengers. Policing these systems is a 
daunting challenge, and since 9/11, one that has depleted our 
resources.
    On the freight rail side, New Jersey has 13 rail companies, 
connecting more than 900 miles of rail lines with large 
industries that require hazardous materials trucked, piped and 
freight-railed to them. The release of any of these toxic 
inhalation hazards, or TIH, would likely cause serious damage 
to nearby population and facilities.
    Shortly after 9/11, New Jersey began working with the 
transportation sector to develop industry best management 
practices for security. And in 2004, these were approved. The 
passenger rail sector in our state was the first in the transit 
industry to complete vulnerability assessments. We have also 
developed, this past year, a comprehensive transportation 
security strategy for New Jersey.
    But our progress has limits. There is a vast gap between 
what we need to do to enhance transportation security, and what 
funds we have to accomplish that task.
    We are also dependent on the security of our trucking 
industry, which critically needs to interact with a secure port 
environment. Once trucks leave the controlled access areas of 
our ports, they are part of the same open environment as rail.
    While waiting for the Federal Government to provide the 
needed funding for transportation security initiatives, our 
State has undertaken a number of actions in conjunction with 
rail, truck and bus carriers that operate in our state. 
Congress has since responded to the threats facing mass 
transit, rail, bus and ferry and these systems' overall 
vulnerability by authorizing transit security grants, which the 
Department of Homeland Security administers as part of its 
infrastructure protection program.
    And, we are very appreciative of that effort. But the 
freight--on the freight rail side there are funding gaps. For 
example, in 2004, TSA undertook a study of the North Jersey 
rail corridor, and followed that up with a comprehensive review 
of the same area in 2006.
    But these reviews were not accompanied by any DHS funding 
to address vulnerabilities. Nor has DHS, to this point, 
provided any funding to help bolster the secure movement and 
storage of hazardous material via freight rail.
    For these reasons, we strongly support the provisions of 
the draft legislation being considered by this committee that 
recognize the need for additional funding.
    Another requirement in our State is the real-time tracking 
of TIH cargo. New Jersey has seven major rail yards that handle 
TIH rail cars. Some of these are in our most populous urban 
areas. The rail companies need to share their tracking 
information with security agencies. DHS's recent draft freight 
rail regulations also recognizes this vital need. In this 
regard, our State has made progress with the freight rail 
industry, particularly CSX in obtaining this exclusive tracking 
capability. And I want to publicly commend them for that 
cooperation.
    We also wholly support the provision in the proposed 
legislation that calls for TSA to oversee all transportation-
related measures; heretofore, it has not always been clear 
which agency is responsible for this oversight.
    And we are also in agreement that Amtrak should remain a 
strong partner in regional efforts for developing critical 
vulnerability assessments along the corridor. At its stations, 
and in its tunnels, New Jersey's passenger rail systems run on 
the same tracks, and use the same stations as Amtrak.
    Mr. Chairman, New Jersey has taken many steps to protect 
its citizens and facilities, and we will continue down that 
track as fast as we can. Simply, because we must. But New 
Jersey can only go so far without adequate funding and without 
uniform standards applied to our sister states. Please note 
that when I speak of uniform standards, I'm talking about them 
as a floor--not as a ceiling. We want to remain and maintain 
our ability to exceed minimum uniform standards when we think 
it is in the best interests of our citizens' security.
    In closing, I want to thank the Chair and the Vice Chair, 
as well as of the members of the Committee for allowing me to 
testify. Transportation security is a critical issue that must 
be discussed and debated at the national stage, and again, I 
thank you for providing me that opportunity.
    [The prepared statement of Mr. Canas follows:]

        Prepared Statement of Hon. Richard L. Canas, Director, 
   Office of Homeland Security and Preparedness, State of New Jersey
    Good Morning Chairman Inouye, Vice Chairman Stevens and Senators. 
Thank you for asking me to testify on how together we can improve rail 
and surface transportation security. There is no question about the 
priority. I also want to express my gratitude to Senator Lautenberg for 
his unwavering commitment to transportation security, particularly rail 
security. I will be commenting briefly on several aspects of the 
proposed legislation that is before you, and I commend Chairman Inouye, 
Vice Chairman Stevens, and Senator Lautenberg for sponsoring ``the 
Surface Transportation and Rail Security Act of 2007,'' which 
recognizes the need for significant security enhancements.
    Current intelligence information clearly indicates that the 
terrorist threat to mass transit, specifically rail infrastructure, 
remains high. In recent years, terrorists have conducted numerous 
successful attacks on transit systems worldwide. Mumbai, London, and 
Madrid come readily to mind.
    In the New York/New Jersey region there have been multiple, 
specific threats to rail and subway assets. Several terrorist plots 
have been thwarted, including a much-publicized plot against the PATH 
system connecting New York and New Jersey, and two earlier plots 
directed at the New York City subway system. An individual charged in 
one of the earlier plots was sentenced recently to 30 years in prison. 
We continue to see numerous incidents of suspicious activity at or near 
New Jersey's rail infrastructure, including photography, videotaping, 
use of hand counters, placement of fake improvised explosive devices 
and trespassing.
    I would like to begin by providing a brief overview of New Jersey's 
surface transportation system and thus provide a picture of its 
magnitude and complexities. I will focus my first comments on both the 
passenger and freight rail sectors.
    The passenger rail sector in New Jersey consists of five major 
public rail organizations: New Jersey Transit, Port Authority Trans 
Hudson (PATH), Port Authority Transit Company (PATCO), Southeastern 
Pennsylvania Transit Authority (SEPTA) and Amtrak. Among these five 
systems, the annual ridership exceeds 90 million passengers. I've 
attached a more detailed list of the number of lines and their 
ridership to my testimony. The statistics are impressive indeed. On the 
other hand, these public and private passenger rail systems are 
depleted of resources. By that I mean they do not have enough officers, 
canine units, and technology to properly police and provide security 
for the heavy passenger loads they carry.
    On the freight rail side, New Jersey has 13 rail companies 
operating within our state. These include three Class I (CSX, Norfolk 
Southern and Conrail), two Class II and nine Class III railroads, which 
operate on more than 900 miles of railroad mainline. For those of you 
not familiar with New Jersey, I must remind the Committee that this 
activity takes place in the most densely populated state in the union. 
And that in this most densely populated state, our citizens live and 
work amidst a concentration of chemical, pharmaceutical, petroleum and 
other industries, a great number of which require hazardous precursor 
materials trucked, piped or freight-railed to them.
    New Jersey serves as both destination and a point of origin for 
hazardous materials, which are among the 43 million tons of material 
transported across our freight lines annually. The release of toxic 
substances from a rail car in northern New Jersey would likely cause 
serious damage to nearby populations and facilities.
    Shortly after 9/11, the state began working with the transportation 
sector to develop industry ``best management practices,'' and in 2004 
these were approved. These best practices were initiated in some cases 
prior to the Federal Government or TSA developing its industry best 
practices. The development of these standards and protocols involved 
working with the private sector, public transit agencies and the 
Federal Government. Meanwhile, the passenger rail sector in our state 
was the first to have the entire transit industry complete the 
vulnerability assessment using the U.S. Department of Homeland 
Security's (DHS's) Special Needs Tool Kit, a technical assistance 
program funded by DHS.
    But New Jersey did not stop there. When I became the Director of 
New Jersey's new Office of Homeland Security and Preparedness last 
March, Governor Corzine asked me to develop a comprehensive rail 
security strategy and to begin distributing limited state and Federal 
funds--based on risk.
    Our security forces have increased their presence and patrol of key 
installations to include specialized canine units. We have also 
increased the interoperability of emergency responders within subways, 
tunnels, rail yards and terminals. We have increased the number of 
``SMART'' closed-circuit television (CCTV) cameras and software at 
equipment yards where commuter rail coach cars and locomotives are 
stored. We have also initiated regional programs with the State of New 
York and the NY/NJ and Delaware River Port authorities to maximize the 
efforts of our limited resources. And finally, we are using scarce 
state funds to leverage security initiatives against investment 
justifications funded by DHS.
    But our progress has limits. There is a vast gap between what we 
need to do to enhance transportation security and what funds we have to 
accomplish that task. Rail, of necessity, operates in an open 
environment. Mass transit passenger rail, in particular, represents a 
soft target because it is in the business of moving as many people as 
possible as quickly and efficiently as possible.
    Congress has responded to the threat to mass transit and the 
system's vulnerability by authorizing Transit Security Grants, which 
the Department of Homeland Security administers as part of its 
Infrastructure Protection Program. We are very appreciative of that 
effort and believe we are using the funds to the best of our ability.
    Freight rail carriers also operate in an open environment and are 
required to transport and safeguard toxic inhalation hazards, or TIH, 
extremely hazardous materials that are the functional equivalent of 
chemical plants on rails. DHS has to this point, however, not targeted 
any similar funding to its Transit Security Grant Program to help 
bolster the secure movement and storage of these materials.
    Much more needs and must be done.
    We are also dependent on the security of our trucking industry, 
which critically needs to interact with a secure port environment and 
concomitant Federal funding. Once trucks leave the controlled access 
areas of our ports they are part of the same open environment as rail, 
buses and ferries and an inclusive strategy for them needs to be 
considered.
    Real-time cargo tracking of rail cars to monitor the movement of 
TIH cars on New Jersey tracks, yards or on sidings is another example. 
The rail companies need to share this tracking information with 
security agencies. In this regard, I cannot overstate the importance of 
fostering public/private partnerships to achieve our mutual goal of 
assuring a secure transportation system. I am pleased to report that 
our office has made some progress in this regard, particularly with the 
railroad company CSX. They have sought out a partnership, shared their 
insights on rail-based security threats, and even allowed us to have 
access to their tracking capability. And I want to publicly commend 
them for that. Leveraging this success, we intend to seek similar 
partnerships with other carriers.
    Another shortfall involves TSA. In 2004, TSA undertook a study of 
the North Jersey freight rail corridor. In 2006, TSA followed up with a 
Comprehensive Review of the same area. These were thorough and well 
thought out assessments with positive recommendations. But neither of 
these reviews by TSA came with any funding to address vulnerabilities 
that were identified.
    It is our hope that, as a result of the proposed legislation that 
this committee is considering, this situation will be set right, and 
that this committee will support providing funding necessary to close 
recognized security gaps.
    We also wholly support the provision in the proposed ``Surface 
Transportation and Rail Security Act of 2007'' that calls for oversight 
of all security measures by TSA. Heretofore, the agency responsible for 
oversight has not always been clear.
    And finally, the Northeast Corridor line, which connects New Jersey 
and New York under the Hudson River, handles more than 150,000 NJ 
TRANSIT and 35,000 Amtrak trips each and every day--relying on a 100-
year-old two-track railroad tunnel that provides limited capacity and 
no redundancy. The Access to the Regions Core Project, including a new 
commuter rail tunnel under the Hudson will double commuter rail 
capacity--providing critical system capacity enhancements, desperately 
needed transportation redundancy, and will be designed to include the 
latest security features. Moreover, the Amtrak tunnel that we use today 
is the only link from Boston to Washington for intercity trains, as 
well as for New York and New Jersey commuter trains.
    We are also in agreement that Amtrak should remain a strong partner 
in regional efforts for developing critical vulnerability assessments 
along the corridor, at its stations or within its tunnels. As you 
probably are aware, New Jersey's passenger rail systems run on the same 
tracks and use the same stations as Amtrak.
    In closing, I want to thank the Chair and Vice Chair, as well as 
all the members of the Committee, for allowing me to testify. New 
Jersey has taken many steps to protect its citizens and facilities by 
shoring up security on its passenger and freight rail systems. We will 
continue down that track as fast as we can simply because we must. But 
New Jersey can only go so far without adequate funding and without 
uniform standards applied to our sister states. That is why I find the 
very fact of today's hearing a positive and heartening development. 
Transportation security is a critical issue that must be discussed and 
debated on the national stage and, again, I thank you for providing 
that opportunity.
Attachment

                New Jersey Rail Transportation Fact Sheet
------------------------------------------------------------------------

------------------------------------------------------------------------
                               NJ TRANSIT

                             Rail Operations
------------------------------------------------------------------------
Rail Lines                                                            11
Directional Route Miles                                              951
Locomotives in Service                                               133
Revenue cars in service                                              900
Rail Stations                                                        162
Weekday ridership trips                                          236,900
Weekend ridership trips                                          142,100
------------------------------------------------------------------------
                          Light Rail Operations
------------------------------------------------------------------------
Light Rail lines                                                       3
Directional route miles                                              107
Light rail fleet                                                      72
Light rail stations                                                   52
Weekday ridership trips                                           45,050
Weekend ridership trips                                           42,700
------------------------------------------------------------------------
                   PATH (Port Authority Trans Hudson)

                Port Authority of New York and New Jersey
------------------------------------------------------------------------
Weekday Ridership passengers                                     215,115
2005 Passenger trips--million                                       60.7
Route miles--tunnel                                                  7.4
Route miles--surface                                                 6.4
------------------------------------------------------------------------
                 PATCO (Port Authority Transit Company)

                      Delaware River Port Authority
------------------------------------------------------------------------
Weekday Ridership passengers                                      34,000
Transit Car fleet vehicles                                           121
Track miles                                                         14.2
Stations                                                              13
------------------------------------------------------------------------
                                 AMTRAK
------------------------------------------------------------------------
Trains in Operation Daily                                            110
Total NJ station usage (annual boardings and alightings)       3,406,215
 
------------------------------------------------------------------------
           SEPTA (Southeastern Pennsylvania Transit Authority)
------------------------------------------------------------------------
2005 Annual Ridership--million                                       299
  R3 West Trenton annual passengers (2005)                     2,634,530
  R7 Trenton annual passengers (2005)                          2,852,245
Light rail routes                                                      9
Light rail vehicles                                                  159
Elevated subway routes                                                 2
Elevated subway vehicles                                             371
Regional rail routes                                                  13
Regional rail vehicles                                               349
------------------------------------------------------------------------
2003 Rail Freight Tonnage--42 million tons.


              STATEMENT OF HON. DANIEL K. INOUYE, 
                    U.S. SENATOR FROM HAWAII

    The Chairman. Thank you very much, Mr. Director.
    I'd like to ask Assistant Secretary Hawley a question. 
Recently, an Executive Order issued strengthening surface 
transportation security and that Executive Order requires the 
Department of Homeland Security and TSA to do some planning 
assessments and reporting that this committee has been 
advocating for some time.
    However, I'm concerned that your budget of $37 million this 
year will be insufficient. Do you believe your agency has 
enough funding to fulfill your responsibilities under this 
Executive Order?
    Mr. Hawley. I do in the current fiscal year for going 
forward in 2007. And I think a good example of that is how we 
took the TIH--the Toxic Inhalation Hazard--really dangerous 
chemicals, and instituted the security arrangement with the 
railroads that does not cost the Government, but has the effect 
of reducing the shipments that are standing still.
    So, an example of how that works is, rather than us having 
to pay for fences around cars, if we work with the railroads to 
make those cars not get into that area, that accomplishes the 
security objective without the Government having to pay for it.
    So, I think, on the rail/TIH side, those steps can be taken 
to implement security without significant Government funding.
    The Chairman. So you believe you have sufficient funds?
    Mr. Hawley. Yes, sir.
    The Chairman. And do you believe that the President will 
request supplemental funding?
    Mr. Hawley. Well, right now in the 2008 budget process--and 
we'll be back up here in a month to discuss that--but I think 
the priority that we give to the surface side and the aviation 
side are a lot closer in terms of our focus in the security 
measures than the budget dollars would indicate, simply because 
of the fact that we pay the salaries of all of the people in 
the TSA in the airports, whereas a lot of other people pay for 
it in the surface environment.
    The Chairman. You received $175 million for the Transit 
Security Grant Program, is that sufficient?
    Mr. Hawley. Yes, and it was--Secretary recently announced 
the 2007 allocations of that, and as I mentioned in my 
statement, that the risk assessment was done in surface 
transportation and the number one target, for us, in terms of 
funding and priority is urban, underground, high-density 
population passenger transit systems. And that's where the 
priority for that $171 million is going.
    The Chairman. Thank you very much.
    Director Berrick, do you believe that our Government is 
providing sufficient resources, personnel, regulations to 
adequately protect our Nation's surface transportation and rail 
systems?
    Ms. Berrick. In terms of whether or not sufficient 
resources are being provided, the first point I would make is 
DHS is--I'm sorry, closer? The first point I would make is, DHS 
is required to issue a Transportation Sector Specific Plan 
which, basically, will outline their strategy for securing all 
modes of transportation. They're also supposed to develop 
detailed annexes to that.
    Since that hasn't been issued, it's difficult to determine, 
long range, what their ultimate plans and goals are. So, until 
that's completed, I think it's difficult to identify whether or 
not the resources that they have are enough.
    Another point that we found during our work was, in 
conducting risk assessments, DHS in issuing grants had a pretty 
rigorous risk assessment methodology. Separate from that, TSA 
was also doing risk assessments, and separate from that, DOT 
was conducting risk assessments within passenger rail to see 
whether or not they were allocating the limited resources to 
the rail systems that were most in need. We found at the time 
that the three parties were not coordinating as much as they 
could, and they had not yet completed their efforts. So, we 
made recommendations that these efforts should be coordinated 
so they're not duplicating efforts, and also so that they can 
effectively compare risks, since there are limited resources 
right now, to make sure the money is going in the right places.
    The Chairman. Thank you very much, Director. I will submit 
the rest of my questions in the record, and submit it to you 
for your response.
    Senator Stevens?
    Senator Stevens. Thank you very much, Mr. Chairman.
    I'm reminded of the Exxon-Valdez spill. We had, at one 
time, taken the Appropriations Committee down to Valdez and the 
industry had shown us their response plan, and they had a 
series of boats out there. They actually had dumped about 40 
barrels of tennis balls, and they showed up how they could 
scoop those up, and how we were prepared for a spill.
    Several years went by, and we had the spill. People 
couldn't find the right equipment. Local communities weren't 
prepared. Their communications systems were not interoperable, 
and they had not had training of new people. They had not 
really exercised their plans.
    Congress has passed an Act that requires all of those 
things to be done now, and to prove that they've been done.
    I wonder about the transportation modes, now. And let me 
ask you, Ms. Berrick. First--it's my understanding that each 
one of these agencies has signed a memorandum of agreement that 
gives TSA the lead role with regard to security under the 
direction of DHS. Did you review that?
    Ms. Berrick. Yes, we did. And at the time we did our work--
we started about a year and a half ago--the MOU didn't exist. 
And we had made a recommendation earlier that the two parties 
develop an MOU. They did develop the MOU, since then they have 
developed annexes for specific transportation areas.
    Senator Stevens. Well, respectfully, it's not two parties, 
we've got at least five here.
    Ms. Berrick. Right. All of the annexes have not yet been 
signed. For example, there's no annex between TSA and the 
Federal Motor Carrier Safety Administration. But there are 
annexes between TSA and FRA, and TSA and FTA. So, we think 
that's a great----
    Senator Stevens. Doesn't that mean everyone in the whole 
surface transportation industry--is waiting for Homeland 
Security and TSA to do its job? I don't understand how far this 
MOU goes. Have they turned over the formulation of plans for 
security in their various areas to TSA and Homeland Security?
    Ms. Berrick. Well, I think the first problem in terms of 
the views of the transportation stakeholders was, they wanted 
to know that the Federal Government's role was. They were 
confused about what DOT was doing, what DHS was doing. So, I 
think the fact that the MOU was signed with these annexes is a 
great first step to be clear on what the roles and 
responsibilities are. And they do provide some good detail that 
had previously been concerns of stakeholders.
    The question now is the implementation of that MOU. The 
question is also, When is DHS going to issue this 
transportation sector-specific plan that's going to outline 
what their overall strategy is? Because there are still some 
questions among transportation stakeholders on what the long-
term strategy is, despite all of the efforts that TSA and FRA 
and FTA have underway. There's still that question, Where are 
we ultimately going, and what's our strategy?
    Senator Stevens. Well, do these agreements require 
cooperation of the communities along railroad lines, for 
instance, to be prepared to handle problems--should they 
develop--in their area? Is there interoperability of 
communications between the local people and these various 
Federal agencies? Is there interoperability as far as 
communications--between the Federal agencies themselves? Did 
you look into that?
    Ms. Berrick. I--not that specific issue. In terms of the 
MOU and the annexes, I don't believe it goes into that level of 
detail. There have been rules, and proposed rules--recently 
there's been a proposed rule on freight and passenger rail 
security that provides a lot more detail, and lays out what the 
requirements are for transportation security operators, but 
I'll have to defer to my colleagues on the level of detail 
related to that point.
    Senator Stevens. Well, I don't have time to ask each one of 
you questions. But, respectfully, let me tell you--we had 
plans. We had one of the best plans in the world for Valdez. It 
was dusty, the new people hadn't been trained, the equipment 
hadn't been inspected--I wonder if we're getting down to that 
detail. It's wonderful to make plans. But how are they 
executed, and who has the responsibility for compliance?
    We've just passed this Pipeline Security Act. We put the 
duty on an official, a high-level official, of every company to 
certify that the action had been taken to carry out the 
requirements of that Act. Now, has that been done in this area? 
Is there some responsibility on the people who are operating 
these systems to comply with all these plans? Or is it just 
coordination between the Federal agencies?
    Do you want to answer that, Mr. Hawley?
    Mr. Hawley. Yes, please. The Toxic Inhalation Agreement I 
just mentioned is enforced with inspectors--we have 100 surface 
transportation inspectors--and we now get the data. We talked 
about, where are these cars? We now are able to get within 5 
minutes where all the TIH cars are. And as part of the data we 
get, we are able to audit by the numbers, how much time is 
spent standing in places that we consider vulnerable. So, we 
actually have the actual data from the railroads, on which we 
can agree, and assess their performance against the agreement.
    Senator Stevens. OK, my time is up. Let me just say this in 
my state, 70 percent of the communities can be reached only by 
air. Every airline passenger pays $2.50 to get on an airplane, 
up to $5.00 on a one-way, up to $10 on a round-trip. Every 
single time we move from one city to another, we're paying 
that. I don't see anything at all, in these plans, that 
indicate the people that are using these transportation 
mechanisms are going to contribute towards this security. And I 
think you have to face up to that. Unless you face up to it, 
you're not going to have the money.
    Respectfully, Mr. Canas, you're not going to have money 
unless the passengers are willing to pay something for their 
security. You cannot rely on the taxpayer all over the country 
to support these rail systems.
    And I ride the Amtrak, I've seen the crowds in these 
stations, we all know that there's a substantial problem there. 
But we have to have some way to have people who use these 
transportation systems to contribute something towards their 
security.
    Thank you, Mr. Chairman.
    The Chairman. Thank you.
    Senator Thune?
    Senator Thune. Thank you, Mr. Chairman.
    I'd like to follow up on that question of the Senator from 
Alaska as well, because it seems to me, at least, that this is 
a big issue. And I want to maybe drill down a little bit 
further. But DOT has their hazmat carrier list, TSA has a No-
Fly List, FBI has their list, and it would make sense to me 
that if individuals are correctly on the No-Fly List, then that 
person probably shouldn't be authorized to transport hazardous 
material, either.
    And I guess, I would like to know--how close are the 
Federal agencies from being able to completely synch up their 
respective lists? And are there State lists that ought to be 
added to that, as well?
    And, Ms. Berrick if, I don't--that's something that you 
probed in your analysis?
    Ms. Berrick. Thank you. GAO has done reviews of the 
terrorist watch list, and have identified quality issues with 
the watch list, and we have reported at the Terrorist Screening 
Center who owns the Terrorist Screening Center database, the 
watch lists are extracted from that database. There are a lot 
of efforts underway doing data scrubs of the data to try to 
make sure there's no duplication, and really whittle down the 
list to make sure it's more accurate than what it is now.
    Their--they've made a lot of progress recently, they still 
have a long way to go. But in terms of your specific question 
on whether or not those lists are coordinated, we didn't look 
into that, specifically.
    Senator Thune. Anybody else care to comment on that?
    Mr. Hawley. I can comment on that.
    Senator Thune. Mr. Hawley?
    Mr. Hawley. They are coordinated, they are in one place--
the Terrorist Screening Center is the place in the U.S. 
Government where all terrorist-related watch lists are, and 
that is the place that we looked. It's the place where 
everybody in the community goes for watch list checking. There 
are different standards for whether somebody can get a 
Commercial Driver's License or a hazmat endorsement, or a 
pilot's license, or be able to fly, so there are different 
rules. But there's one place where everybody has lists, so we 
do not have the potential loophole that somebody has been 
identified over here, and then gets permission over here that 
they shouldn't get.
    Senator Thune. I know this is something that the health 
care world is trying to address. Different health care 
providers will have different software packages, but they are 
trying to figure out ways that they can communicate so patients 
have access to information. And if patients go to a clinic 
somewhere else than where they live, that their file could be 
pulled up. Stakes are obviously a lot higher here, because 
you're talking about security. And, so I'm glad to hear there's 
at least some central point where all of these lists get 
consolidated, where hopefully there's not the duplication that 
was talked about earlier.
    And I would ask this question of Mr. Hawley or Mr. Barrett, 
but--and that has to do with the mobile enrollment centers that 
are in place. I've heard from some drivers in South Dakota that 
there are still some troubles that they have, getting their 
hazardous material endorsement. And, I'm wondering if there is 
anything that can be done to expedite that process for truck 
drivers who live in rural areas.
    Mr. Hawley. I'm not familiar that there are problems in 
South Dakota--I think the system overall, at the national 
level, is performing a pretty quick turnaround. And, in fact, 
our success rate in terms of adjudicating disputes is very 
high. So I will, I'll go back and look at that, what the issue 
might be in South Dakota. There were some problems when it 
first started up, but I think every bit of data I've seen 
recently is that the program is operating well. But I will go 
back and check.
    Senator Thune. I would appreciate, maybe, if you'd take a 
look at that.
    And the final question I would direct to either Mr. Hawley 
or Mr. Boardman. Is there any information on how soon 
electronic tracking devices for cargo shipping containers will 
become affordable enough to be used on a widespread basis?
    Mr. Boardman. I don't think we have, Senator, the exact 
timeframe that we would put those sensing devices in. But we're 
making tremendous progress on the kinds of things that we could 
add to trains today.
    For example, on the pneumatic brake, electronic control and 
pneumatic braking--as each one of those coal trains, for 
example, were to be outfitted with that, there would be the 
ability, with the sensors that are available, to provide very 
specific and immediate information. So, there are a lot of 
pilot things that are going on at this point in time, and as 
you're aware, we can also do the rail side checking. But, we 
think the sensing devices are the better future for us.
    Senator Thune. Thank you, Mr. Chairman.
    Thank you, panel.
    The Chairman. Thank you very much.
    And next is Senator McCaskill.

              STATEMENT OF HON. CLAIRE McCASKILL, 
                   U.S. SENATOR FROM MISSOURI

    Senator McCaskill. A huge--oh, thank you.
    A huge percentage of our rail offices across this country 
are unmanned. And I know, from personal experience, how easy it 
is to buy a ticket on Amtrak over the Internet and, get on the 
train, and no one ever asks you who you are, no one ever 
touches your bag, no one ever checks to see if you are who you 
say you are. And, I know, because my kids travel all of the 
time on Amtrak in my State, and the station in suburban St. 
Louis is unmanned. So, you know, I--we go on the Internet, it's 
very easy and user-friendly, and my kids get on the train and 
off they go, and sometimes they get to the destination and no 
one ever says, ``Boo'' to them other than them giving the 
conductor the confirmation number off the Internet reservation.
    I think that it's fair to make the observation that so much 
of what we have done in the area of safety after the tragedy of 
9/11 is, in fact, reactive, as opposed to proactive. I think, 
me giving up my shampoo and my lip gel is a good example. And, 
the interesting thing about these unmanned stations and about 
the ease of travel without any kind of identification, any kind 
of checking is--it would be one thing if these were just 
traveling to unpopulated areas. I mean, those of us who 
represent rural areas would argue, we need to protect those 
areas, too. But this train goes through some of the most 
densely populated areas of St. Louis, and onto the very densely 
populated area of Chicago. And, it seems to me, that we are 
just waiting to be reactive again because of the complete 
ease--why would anyone go and try to wreak havoc with a 
terrorist activity having to go through a station such as the 
one in New York, maybe, that has Transit Authority Police 
everywhere, that maybe is doing random screenings, when all 
they've got to do is go on the Internet, hop on the train in 
Kirkwood, and a few hours later, they're in the middle of one 
of the most densely populated areas in America.
    Mr. Hawley. Senator, first of all, with Amtrak, we have a 
very close working relationship with Amtrak and we have done 
risk assessments, and actually there is a requirement for 
random I.D. checking. And we, in fact, do run operations with 
Amtrak. For instance, in October of 2005 in the New York threat 
where New York Transit Authority put their people in to raise 
the threat level, to Amtrak, we sent in Federal people to help 
so there would be a balanced security across the way.
    So, we have done risk assessment with Amtrak, we do in 
fact, do occasional personal screening and baggage screening, 
and we've run ten--what we call--VIPR Teams, which are visible 
and unpredictable teams of canines, Federal air marshals, 
inspectors, some undercover, some overt--that come up in random 
places that you would not expect, including less densely 
populated areas, to have that level of unpredictability.
    We ran ten of them at Amtrak in Fiscal Year 2006, and so 
far in 2007 we've run seven. So, we do have--and maybe you 
haven't seen that, and I understand it's not statistically way 
up there. But it is something that you cannot count out, that 
there will not be a Federal air marshal team, covert, somewhere 
in that Amtrak environment. We have a very close relationship 
with Chief Proctor, and Amtrak, we share secure communications, 
they have secure communications so we can talk--and do talk--at 
the secret level with them. So, there's more to it than meets 
the eye.
    Senator McCaskill. It seems so counter-balanced to me, 
though. It seems as if we have put so much on the airlines, and 
so little on mass transit, and with all of our focus on being 
energy independent and trying to do what we can to support mass 
transit because what it means to some other areas of public 
policy that are very important. It's ironic that people who 
have under gone hip replacement or knee replacement have their 
luggage gone through, for example--my mother had both of her 
knees replaced, she will never have a time that her carry-on 
baggage is not gone through in detail, but yet chances are 
really, frankly, like winning the lottery that you could get on 
a train in the United States of America and have any kind of a 
second glance, whatsoever.
    And also, if I could ask Mr. Hill about the NAFTA Super 
Highway--I'm concerned about safety issues as it relates to how 
it is going to actually be operated, and this may not be within 
your realm, but if you all have looked at this issue. You know, 
folks who live in Kansas City--the idea that these trucks are 
going to be originating in another country and are not going to 
have the kind of inspections, I think, most Americans expect at 
the border. What steps are being taken in this planning to 
assure safety issues as it relates to the NAFTA Super Highway?
    Mr. Hill. I thank you, Senator, for that question.
    There are really a couple of issues involved there. First 
of all, we have the infrastructure side which the Federal 
Highway Administration's trying to look at congestion relief 
and build major corridors that will allow for trade to move 
throughout our country.
    In terms of your specific question, in terms of the safety 
application--we are doing two or three things that I would just 
highlight to you. First of all, on the training of local police 
departments in and around the country, we've been working with 
the International Association of Chiefs of Police to better 
train--not just people who do truck inspections--but the 
regular road officers who will be seeing most of these 
vehicles. We've been putting together a training program with 
them, we have thirty-three states already involved in that 
training, and we're trying to make sure that they understand 
what trucks are supposed to be doing on the highway, and what 
kind of safety protocols apply to trucks.
    Having come from the state police environment, and having 
done that kind of work, I know that a lot of police officers 
are unfamiliar with that terminology and protocols. So, we're 
trying to make sure that they understand it, first of all.
    Second, we are working to make sure that all of the safety 
provisions are verified for any truck that comes into the 
country--right now they're limited to a border zone, a 
commercial zone of 20-25 miles, and those trucks are checked 
rigorously along the Southern border. I think last year we 
inspected 240,000 of the 940,000 vehicles that crossed at the 
southern border. So, we're making sure that we have a rigorous 
safety regime that's in place, and that we're following the 
requirements set forth in legislation and the 2002 
Appropriations Act that deals specifically with the items that 
we deal with--any trucks that come into the country that go 
beyond the commercial zone.
    Senator McCaskill. Thank you, Thank you very much.
    Thank you, Mr. Chairman.
    Senator Lautenberg [presiding]. Thanks very much.
    I'm going to call on Senator Smith who is the Ranking 
Member on our Subcommittee on Transportation.
    Senator Thune, you've already--OK.
    Senator Smith.

              STATEMENT OF HON. GORDON H. SMITH, 
                    U.S. SENATOR FROM OREGON

    Senator Smith. Thank you, Senator Lautenberg, and I look 
forward to working with you on this very important 
subcommittee. I enjoy our relationship, and I know it will 
continue in a constructive way, and this surface transportation 
issue is very important.
    Mr. Hawley, can you tell me off-hand, how many employees 
are there in TSA?
    Mr. Hawley. A little short of 50,000.
    Senator Smith. And what percentage of those work in air 
transportation versus surface transportation.
    Mr. Hawley. A very high proportion, close to, I'd say, the 
high forties.
    Senator Smith. The high forties----
    Mr. Hawley. Yes.
    Senator Smith.--working for air?
    Mr. Hawley. Yes.
    Senator Smith. So, sixty percent, fifty percent work--in 
air transportation?
    Mr. Hawley. Much more. Much more. It's--the bulk of it, the 
bulk of our budget is in air transportation, specifically 
paying the salaries of our TSOs. And that's because the model 
is different. We pay for salaries in aviation--transit systems 
and others pay for it in the other modes.
    Senator Smith. And, the air transportation is paid for 
through ticket fees, I assume.
    Mr. Hawley. Forty percent of it.
    Senator Smith. Forty percent of it. How many employees do 
you have working on surface transportation issues?
    Mr. Hawley. I'd say a little less than 1,000.
    Senator Smith. And the funding for the thousand employees 
comes from general revenues, or from the budget we allocate to 
you?
    Mr. Hawley. Principally, yes. We have a few user fees on 
some of our identity programs, but principally, general fund.
    Senator Smith. Did I understand you to say, then, that 
roughly 90 percent of your employees would be in airports?
    Mr. Hawley. Involved in that, yes, sir.
    Senator Smith. OK. How do you make the segregation between 
surface and air? Is it based just on the funding resources?
    Mr. Hawley. No----
    Senator Smith. Are we devoting enough security to rail?
    Mr. Hawley.--actually we are, we devote very close to the 
same attention on, at the top level, for aviation and transit, 
in the sense of connecting to try to prevent plots. Because 
plots will develop with a potential target in one, and then 
have it shift to the other. So, a lot of our effort is in 
connecting to the intel community, and the law enforcement 
community, generally, and then moving our assets around to try 
to cover plots that may start in one of these areas, and then 
move to another.
    Senator Smith. So, if you find out from Homeland Security 
or FBI or one of the law enforcement communities that the 
threat is shifting from airports to rail, you have the 
flexibility to be able to move the assets?
    Mr. Hawley. Yes, sir. I think you put your finger on a 
critically important thing. Our ability to move assets from the 
aviation community in short units, you know, small amounts of 
time so as to not divert from the system, but to be able to 
surge in other places, is critical to being able to supplement 
the effort already being done.
    Senator Smith. So, to Senator McCaskill's question about 
not seeing any security in rural rail communities--that's 
because you haven't received any evidence that there's a threat 
there?
    Mr. Hawley. Well, I think the role is different in that 
after 
9/11, the Congress--this committee--elected to create TSA and 
have Federal officers in the airports, whereas in the rest of 
the transportation environment, those are paid for by other 
entities. So, our job there is to connect with the people who 
are already there.
    Senator Smith. Well, would you come to us if you felt like 
the threat level was rising, to make sure we do have the needed 
rail security in place?
    Mr. Hawley. Yes, and that's very much part of our strategy, 
is to be able to react immediately, and for instance, we can 
move, literally, hundreds and even thousands of people in less 
than a day anywhere in the United States to be able to respond 
to a threat. So, we do, in fact, drill on that. And if there 
were to be a specific threat or some need to move, we can move 
very aggressively, very fast.
    Senator Smith. Do you feel the intelligence information 
you're getting is timely? Can move quickly enough to protect 
people traveling on rail?
    Mr. Hawley. Yes, sir. We participate every morning in the 
White House counter-terrorism call with all of the other 
members of the intelligence community. And we then 
operationalize it before, really, the day starts.
    Senator Smith. So, that intelligence gathering is pretty 
important for you to do your job?
    Mr. Hawley. Critical.
    Senator Smith. OK.
    Mr. Boardman, I'm very mindful--I travel the country and 
certainly in my state--that bridges and tunnels are a major 
safety and security concern on the freight rail system. Many of 
these structures are very old, and falling apart, and thus can 
cause significant safety or security concerns.
    My sense is we don't have a really good grip on it. And it 
is also my sense that the Federal Railroad Administration has 
only a handful of bridge inspectors, the States--for the most 
part--have neither the authority, or the money, or the 
resources, for inspection, nor do they have the money to make 
improvements. Now, I understand the reason for this is that 
most of these bridges are privately owned, and I'm just 
wondering if we're getting a handle on this, and if the States 
or you are working on this. Do you see this as a concern? And, 
I really want to know what the Federal Railroad Administration 
is doing to get ahead of the safety and security concerns over 
railroad bridges and tunnels. What are your plans?
    Mr. Boardman. I think, based on the, the particular hearing 
here in terms of security, one of the things that I think has 
happened with all bridges in all of the States--whether they 
are railroad bridges or whether they are highway bridges is--
there's a coordinating activity that Mr. Hawley talked about 
with local police, local law enforcement folks, and with State 
DOTs to look for those bridges that have threats or risks that 
we need to protect against. And so, in terms of the security 
end of things, it kind of comes under that umbrella of what 
he's looking----
    Senator Smith. And are you tied into the same intelligence 
information as Mr. Hawley?
    Mr. Boardman. Yes, we work on a regular basis, we have a 
full-time Security Director, and in my testimony I talked 
about--we had 71 different hazmat inspectors whose, part of 
their job is to look at the security plans. We're working 
with--not only with TSA on security, we're also working with 
all the railroad police. So, they also have their--all of the 
freight railroads--have their own police departments as well 
that are working on the security and safety issues.
    Senator Smith. Then, as to safety, Mr. Chairman, just a 
final follow-up.
    You know, you go into some tunnels and look at the ceiling, 
the tiles are falling, and you see cracks in the 
infrastructure, and you just think, ``I hope it holds until we 
get to the other end.'' What's being done to repair these, to 
reinvest in them? To secure them? Some of this infrastructure 
is really old and deteriorating.
    Mr. Boardman. I think they're, they're--all tunnels are 
inspected on a regular basis, and we do have older tunnels, as 
you're really talking about. Some of the tunnels are on a 
public transit system, for example, many of them in the 
Northeast, that are used both by commuter railroads, Amtrak, 
and with the freight railroads. And significant public dollars, 
both from the FTA and from Amtrak have been--and from TSA--are 
invested in those to make improvements.
    When you look at the private tunnels themselves--the ones 
owned by the freight railroads--it is the freight railroads' 
primary responsibility to make sure that those tunnels are safe 
and continue to be operable.
    Senator Smith. And that they're not shortchanging the 
inspection.
    Mr. Boardman. Well, I don't believe so. But, it's something 
I'll go back and check for you.
    Senator Smith. I appreciate it.
    Thanks, Mr. Chairman.
    Senator Lautenberg. Thanks.
    Senator Klobuchar has asked to be recognized and afterward, 
Senator Carper was able to wait his turn. I left the room 
because I was filling in for our colleague, Senator Johnson at 
the Budget Committee, so excuse my absence.
    Senator Klobuchar?

               STATEMENT OF HON. AMY KLOBUCHAR, 
                  U.S. SENATOR FROM MINNESOTA

    Senator Klobuchar. Thank you, Mr. Chairman.
    I come to the Senate as a former prosecutor, having managed 
an office of about 400 people, and having some sense of what 
you have to deal with, with priorities and balancing resources, 
and people, and brain power. And I know how difficult that can 
be. And so I come at this with that viewpoint as a manager.
    But also an understanding of how we have to be as 
sophisticated as the crooks that we are pursuing. And, in my 
line of work, they went from using crowbars to using computers. 
And certainly with the terrorists that you try to protect us 
from every day, and work on every day, you have to think of 
this idea of adaption--that you can't put crime or terror-
fighting systems into place, and then just put them on auto-
pilot. That we have to adapt to our changing environment.
    So, along those lines, the one question I'm going to ask, 
and I'll start with you, Mr. Hawley, is what efforts have been 
made to measure the threats and to prioritize them and to 
assess the potential methods for meeting the threats and 
strategies? Along the lines of, how you prioritize this and how 
you've changed along the last few years since 9/11, in terms of 
your strategy.
    Mr. Hawley. The first part of that is, we do a system-
overall network look to assure the sustainability of the 
network itself. So, whether it's the rail system, or the 
aviation, or whatever--but the total network.
    Just skipping right to the punch line--in this particular 
area is that toxic inhalation chemicals in rail that are left 
standing unattended is at the top of this list. There's also--
just under that, in the transit arena, in densely-populated 
areas--underground or underwater tunnels. So, those are number 
one and number two.
    So, that's the answer on the priorities. And on the point 
about the adaptive enemy--what we do is, in the surface arena, 
we have a baseline of the folks who operate it day-to-day and 
did operate it prior to 9/11. And we add to that, our TSA 
resources to provide an X-factor. And a specific example of 
that is we've created teams of Federal air marshals, air 
inspectors and other people at TSA both undercover, and not 
undercover, to run operations in ferries and transit systems 
in--basically anything you can imagine. And we now run them, on 
average, of more than one a week, around the country. And, so 
that is something that nobody knows outside of our world, where 
they're going to be, and that, we believe, adds a significant 
level of security, because you really can't be sure that at any 
point in the system there's not going to be some undercover 
Federal presence, in addition to everything else that's on top.
    Senator Klobuchar. OK, would anyone else like to talk a 
little about this?
    Admiral Barrett. Senator, I just want to comment. In the 
areas that we work, which are hazardous materials and 
pipelines, the approach we take is basically, our term is 
Integrity Management--basically keeping things in the 
containers, keeping things in the pipe.
    But the planning for that--we expect the operators to have 
a safety plan, augmented with the security plan we're talking 
about, expecting them to review it on a regular basis, and 
update it and target their efforts against the most significant 
risks.
    I think the way forward has to include regular 
reassessments of the risk profiles, and proper reaction to 
those both by the operators and by the Federal, State and local 
agencies that deal with it.
    So, I could not agree more with you, and I think, obviously 
here, we need the flexibility to be able to do that, and as the 
Committee and the Congress consider how to approach this issue, 
I would ask that you figure ways to build that in. And 
obviously, we'd be very glad to work with you on that. But I 
think you're absolutely right.
    Senator Klobuchar. OK, thank you.
    Mr. Hill. Senator, thank you for the opportunity to comment 
on that question.
    Having come from law enforcement and understanding, to some 
extent, the nature of the question--in our world, in the motor 
carrier area, we believe if you look around the world, that 
it's a vulnerability--it's been proven to be to be that case 
internationally. Our dilemma is, as a safety agency, we have a 
focus of trying to use our resources to meet certain safety 
goals, so what we've done is we've really focused it in the 
high-risk area of hazardous materials where we believe that 
that threat is less consequential.
    And, we've done a couple of things--we've tried to train 
law enforcement about what to look for. A lot of the things 
that we find in terms of interdictions or criminal activity, 
the people who you deploy for those vehicles do not understand 
the regulatory scheme that's required, so we give police 
officers the basic tools they need to identify those things. 
We've found an amazing number of those kinds of incidents 
already tied to terrorist-related activities.
    The second thing that we do is, we've been heavily involved 
with the permitting process and making sure that, to the extent 
in our safety mission we can address security, we require 
companies to understand there are security protocols. We don't 
specify what kind of plan they have to have, but we say, ``You 
have to have a plan in place,'' and then we verify compliance 
with it. Those are two areas that we've tried to engage in, in 
terms of the motor carrier industry within our safety purview.
    Senator Klobuchar. OK, anyone else? One more?
    Ms. Berrick. If I could just add quickly, one of the areas 
we always look at when we do our transportation security work 
is always in the context of risk assessments, and how is the 
Federal Government conducting these, and how is that driving 
resource decisions.
    In terms of surface transportation security, we found that 
there were a lot of good risk assessment efforts going on 
within--at the DHS level, and administering grants at TSA 
level, at FTA and FRA. The issue we talked about, in our work, 
was the need to coordinate these efforts, as they were all 
doing it a little bit differently. And even outside of the 
transportation sector, DHS was doing risk assessments a little 
bit differently. So, it was difficult to compare risks within 
the different modes, and across sectors, because they didn't 
have a common methodology and weren't consistent. So that--
we've made recommendations consistently along those lines, that 
these efforts should be coordinated, not duplicated, and they 
should be consistent as much as possible.
    Senator Klobuchar. Very good. One more?
    Mr. Boardman. Senator, I think my response fits very nicely 
into what you were just told, because we think, at the FRA, 
that our job in terms of security is really led by the TSA and 
their look at the risk threats. We absolutely agree with them 
on hazmat, and also the passenger rail issues.
    To add to it, though, that we think, and we know the TSA 
understands that, as we look at safety issues, they're 
intertwined together, safety and security. For example, if we 
are doing a safety risk assessment--and we know that track 
causes a third of our accidents, we know that human factors 
cause another third, and so we know what the causes of the 
accidents are, the particular area.
    But when we look at a track, whether that track breaks 
because of overuse or poor maintenance or it's a vandalism or 
it's something worse, it can be--we try to protect against 
that, or a standard against it, for safety, but it still fits 
into looking at how security impacts it. So, if we have a 
situation where we think there's something other than normal 
breakage, then we go to the FBI, we report it to the FBI, we 
report it to TSA, and we work with them.
    And the same way with, as we look at passenger rail 
transportation is that we're working hand-in-hand with TSA as 
they look at piloting and experimenting how they would look at 
screening baggage, making improvements along the entire system.
    There--in Amtrak there are over 500 stations in 46 States. 
And I think your associate Senator, who left us at this point 
in time, really understands that in many of those areas that 
are very small--their, it's their only linkage to public 
transportation and the risk assessment there is very different 
than it is at Penn Station.
    Senator Klobuchar. I understand. And, I just think the 
importance which you brought up of trying to coordinate this, 
across the transportation lines, is so important. I know we've 
done that a lot with law enforcement, and have had some very 
good results when we put the resources where we see the risks. 
Thank you.
    Senator Lautenberg. Thank you, Senator Klobuchar.

              STATEMENT OF HON. THOMAS R. CARPER, 
                   U.S. SENATOR FROM DELAWARE

    Senator Carper. Thanks, Mr. Chairman.
    To our witnesses, welcome, thank you for coming today for 
your service, and for responding to our questions.
    I'm going to ask my first question, then I'm going to make 
a brief statement and while I make the brief statement, you can 
think about how to answer the question, if you will.
    The question I'm going to ask deals with technology, and 
how it's better to use technology to protect us in our various 
sectors whether it's rail, interstate passenger air, whether 
it's transit, whether it's surface transportation, whatever, 
pipelines, whatever it might be. So, think about that.
    Senator Lautenberg remembers, and my Democratic colleagues 
remember--almost 2 weeks ago we had a one-day Democratic 
retreat on the Hill for Democratic Senators--and among our 
guests that day were former Senate majority leader, George 
Mitchell, and a former President, Bill Clinton. They spoke 
separately, and we had an opportunity to talk with them and to 
exchange ideas and to ask questions.
    Ironically, one of the things that both of them talked a 
good deal about with respect to, to terrorism, tamping down the 
threat of terrorism, wasn't so much the--what we're doing on 
these fronts.
    We talked about the Middle East, we talked about the need 
to get serious about a two-state solution in Israel between 
Israelis and the Palestinians. And they both pretty much said, 
to the extent that we don't make progress there, or they don't 
make much progress, ``it really heightens the threat of 
terrorist attacks against us here and around the world.''
    I thought there was a lot of wisdom with what they said. 
And while it's important for us to seriously engage in all of 
the areas that we're discussing here, I think it's also 
important for us to keep in mind that this is a--this battle is 
going to be one--many fronts--and the one that they brought to 
our attention is certainly a big one.
    About a--maybe a year and a half ago, I had lunch with 
President ABBAS, it was like 5 months after he'd been elected--
President of the Palestinians, Palestinian Authority. And he'd 
been in office 5 months, and he had lunch with several of us 
here on the Hill. One of the questions I asked him was, ``When 
do you think we ought to put a full-time envoy just to work on, 
focus on like a laser on getting a two-state solution in the 
Middle East?'' And he said, ``Five months ago.'' And that was 
in June of 2005. Five months after his election, we still 
haven't really engaged seriously.
    While it's important we do this, and spend a lot of money 
to try to protect ourselves and our people, it's also important 
that we attack on that front, as well. It's not the topic of 
today's hearing, but I always like to preface a conversation 
like this by reminding us that the best defense is a good 
offense, and that offense includes a diplomatic offensive.
    Having said that, let's go to my question--my question, 
again, was technology. We're aware of the technology that we're 
using every time we get on an airplane to try to make us safe--
let's talk about the technology that's being deployed with 
respect to, with the transit rail, whether it's interstate 
passenger rail, whether it's highways, whether it's our 
pipelines--I don't care who starts first.
    Mr., is it Canas?
    Mr. Canas. Yes, sir.
    Senator Carper. Mr. Canas, we'll go first to you.
    Mr. Canas. I thought I was going to leave unscathed, 
Senator.
    Senator Carper. You'll still be unscathed, I promise.
    Mr. Canas. No, I've been paying attention, because I did 
hear that DHS places a--underwater tunnels and urban 
populations on a high priority, and everybody knows we have 
four of them in our area, and so, we're very sensitive to that.
    But on the technology side, I just want to applaud other 
peoples' comments about putting more on the transit side, on 
the surface transit than on the air. Clearly, we're up to speed 
on air, we're not up to speed on the surface.
    We don't deploy our technology, it's pretty rudimentary, 
we're using canine units, we're using the lotto searches here 
to deter. But as far as the technology we've seen mainly from 
DHS-deployed in train stations and in bus stations, it still 
seems like it needs a lot of development before--and it sounds 
like it's very expensive.
    The latest, which we've deployed over the Exchange Plaza in 
Jersey City is extremely sophisticated and very well-received, 
except it requires two--at least two to five seconds for every 
passenger to go through there to be read. And that's enough to 
create a bottleneck that is unacceptable to ``mass transit.'' 
So, in that regard, I think the technology is a little bit 
behind--I don't know if it may exist, but we certainly welcome 
anything that would assist us in the mass transit security.
    Senator Carper. All right. Let's just come this way--I 
don't know if you have a--from GAO's perspective, I don't know 
if this is the--what you guys focus on.
    Ms. Berrick. Sure, I would like to make a point about 
technology, and I'll leave the specific programs to the panel 
members who are more knowledgeable about that.
    But, in terms of technology, we actually visited foreign 
countries in Europe and Asia to see the security practices they 
were using to secure their rail systems----
    Senator Carper. Which ones?
    Ms. Berrick. There were about 10 different countries. And I 
think tying that to the results might make that sensitive 
information, but I can provide that to you separately.
    Senator Carper. All right, thanks.
    Ms. Berrick. One of the areas that we found that was being 
used in some foreign countries, but isn't done here to the same 
degree in the U.S., is the government having a centralized 
clearinghouse of technologies. I mean, even if the Government 
wasn't pursuing the R&D itself, if it's something the private 
sector had done--at least they would have a listing of what 
they felt was effective, and they could point rail operators in 
the right direction, or in a direction related to good 
technologies that they should consider.
    Because one of the points we heard from rail operators in 
the United States was that they wanted to know more about 
technology. So, that was one of the practices we highlighted.
    In terms of another innovative-type technology----
    Senator Carper. Sounds like a pretty good idea.
    Ms. Berrick. Yes, yes. Another innovative-type technology 
that's being used in some foreign countries--we found one rail 
operator in the U.S. that was doing it, but not to a great 
degree--is what's called smart CCTV cameras. And this is where 
the camera--it doesn't have to be monitored by a person, but it 
will pick up anomalies or certain behavior. For example, if a 
boat were parked under a bridge, it would signal and alarm 
someone that they need to come look at the camera, because this 
is abnormal, or if someone drops off a bag and walks away, and 
doesn't take the bag with them.
    So, we've identified some of those innovative practices 
that are used in foreign countries that should be considered 
for use in the U.S.
    Senator Carper. Thank you.
    Admiral Barrett. Senator----
    Senator Carper. Admiral?
    Admiral Barrett. I--two comments. One, on a small scale 
we--under our Hazardous Materials Cooperative Research Program, 
which is run by the Transportation Research Board of the 
National Academies, we do have a project looking at emerging 
technologies that are applicable to hazmat safety and security. 
And we're monitoring that closely. But we're trying to engage 
the National Academies in terms of identifying technologies 
that may be emerging that can provide a benefit.
    And I think another indicator of the improving--and 
improved--coordination with TSA, with Mr. Hawley, the joint 
work group we've got set up--one of the target areas that we're 
looking at in that group is research and development, to kind 
of collectively figure out--given what we know about risks and 
system operation--where either agency might be well served to 
target research and development efforts in the technology 
areas.
    Senator Carper. Thanks.
    Mr. Hill?
    Mr. Hill. Thank you, Senator. Just one point--in your 
proposed legislation, you talked about the field operations 
test that was conducted by the Federal Motor Carrier Safety 
Administration, and I would just highlight to you, that's one 
example that we've been looking at, different technologies. The 
industry's quite vast, for example, 1.2 million hazmat loads 
move daily in this country just by surface transportation.
    And so, back in 2004, we tried to work very closely with 
DHS in developing some of these technologies in a field 
environment and see, what does work? We looked at everything 
from cargo tracking, to panic alarms, disabling technologies, 
things that would allow there to be some way to terminate the 
terrorist-related event if we saw it happening. And then we 
implemented a public-sector response center concept, where we 
worked with four States, so that the information from the 
technology was reported back to a center.
    We did that study, we found, very interestingly--the 
companies who adopted it found cost savings, in addition to the 
security features. In other words, it helped them do business 
better, it helped them keep track of their loads, and so they 
were able to manage the process. So, we think there are 
ancillary benefits to applying security technologies.
    And then last, I would say, that we work very closely by 
providing that with DHS, and they're continuing on with those 
kind of studies, and we're excited about being able to pursue 
that in this legislation.
    Senator Carper. Thanks.
    Mr. Boardman?
    Mr. Boardman. Thank you, Senator. I'm just going to tick 
off what we're doing technology-wise. It's--I think we have a 
real good list here, we do automatic track inspection, and 
we've got four cars out there now doing it.
    We're adapting that to the high railers for the freight 
operations which inspect cracks on joint bars. We have a new 
cooperative agreement, that we announced just this past week, 
with the Union Pacific Railroad, Dow Chemical and Union Tank 
Car to use the most modern technology for our new tank car 
standard that we expect to have in place by January of next 
year.
    We have an approval now of an operating positive train 
control with a freight railroad with BNSF's system being 
approved. We have a report that has been issued, and we've got 
a lot of support for electronic-controlled pneumatic brakes, 
which will make--not only improvements for us on safety--but 
it'll also be a security enhancement as well.
    We have--the railroad systems themselves, combining all of 
the radio systems into one operable, interoperable system.
    We have a transportation and technology center in Pueblo, 
Colorado that we meet--use extensively, and completed a crash 
energy management system, which will help us in survivability. 
We have a trio workforce today, where all of our inspectors in 
the field are being deployed with the highest technology that's 
available today for communication and inspection.
    And, I've just got a couple more, Mr. Chairman, we have----
    Senator Lautenberg. Well, if they are a couple quick ones, 
fine, but----
    Mr. Boardman. We have a--what I think is not necessarily a 
high-tech tech, but we have very good information today on 
fatigue management, and how we can work with railroads to have 
an alert operator, which is a key element of security.
    Thank you.
    Senator Carper. But other than that? But other than that?
    [Laughter.]
    Senator Lautenberg. Thank you very much, Senator Carper, 
thank you.
    Senator Carper. Mr. Chairman? Can I just say one quick 
thing in closing, very quickly?
    Mr. Canas said earlier there is a vast gap between what we 
need to do, and the resources with which we have to address 
these threats. And I think we've already heard today, just in 
the last 5 minutes, a pretty good demonstration of how we can 
better address those threats by using technology. And, frankly 
I'm encouraged by what I've heard.
    Senator Lautenberg. Thank you very much, Senator Carper. 
You and I have a very active, and deep interest in what happens 
with our rail systems, it's crucial to our states' functioning. 
So, we thank you for your participation.
    And I want to review a couple of things, and again, I'm 
sorry that I had to leave for a bit, but it was necessary. So, 
I'll just keep you a few minutes more, and watch my own clock 
as I do it.
    Mr. Hawley, your agency's proposal last month barely 
addressed the many security needs of passenger rail stations 
and critical infrastructure--bridges, tunnels, and I, frankly, 
can't figure out what--when we look at rail compared to 
aviation and, I think you said that 40-60 percent of the funds 
for security in aviation came from general funds of the 
Government. Was that correct?
    Mr. Hawley. For aviation?
    Senator Lautenberg. For aviation, yes. And that was 
something around $4.7 billion spent on security. And, here 
every day, about 5 times the number of people who fly get on 
trains. So, we're looking at a total imbalance here in terms of 
the funding that's available. I think that if we look at what 
goes to rail as a total of--between grants, and TSA, $37 
million, about $212 million. Compared to the numbers of people 
who get on a train, and we've heard about the inadequacy of 
lots of rail tunnels--I used to be a Commissioner of the Port 
Authority of New York and New Jersey before I came to the 
Senate, and one of the first things I did was have a personal 
inspection of the tunnels. I went through there--scary as it 
was, because those envelopes are really tight--and found all 
kinds of problems with locked doors for safety exits, et 
cetera, poor electrical systems, lights would go out very 
quickly, very easily, with antiquated systems.
    So, when we--I looked at where we're going, what's the 
justification? I think that you said you thought the funds that 
were available were adequate for rail, do I characterize what 
you said correctly?
    Mr. Hawley. For this year's budget----
    Senator Lautenberg. For rail security?
    Mr. Hawley.--for what we are doing. I'd like to elaborate 
on that when I get a----
    Senator Lautenberg. Yes, please do.
    Mr. Hawley. OK. So, the two top priorities and--as you 
mentioned--the underground tunnels would be number one, and the 
number two one is the toxic inhalation. And, so what we did, on 
the risk basis, was say, ``OK, those are the top two things, 
how do we get at them? And, where does the money come from?''
    And the first one, in the transit environment is the grant 
program. And, I'll come back to that in a second----
    Senator Lautenberg. Please do.
    Mr. Hawley.--because, I think you really wanted to get to 
the rail piece. And so, what we looked at--we said, ``OK, how 
do we attack this problem?'' And we said, ``What are we most 
worried about?'' And we said, ``It's the really bad TIH, when 
it gets in an urban environment, and when it stops and is 
unattended.'' So, we did all the risks, and we came down to and 
said, ``That is the piece we want to stop.'' Because, when it's 
moving, it's a hard target, it's unpredictable, et cetera, et 
cetera.
    Senator Lautenberg. How much was devoted to that, Mr. 
Hawley?
    Mr. Hawley. Well, I'm going to get to that----
    Senator Lautenberg. Please do, so that we can make this a 
short train ride.
    Mr. Hawley. Yes, sir. So what we did is we said to the 
railroads, ``How do we get those cars out of that situation? 
How do we make sure that there just aren't cars sitting in that 
situation?'' So, that is where we went, to work with the 
railroads to get them to keep their cars, either attended, or 
out of these high-threat areas. And that's not something where 
we have to spend Federal dollars to build fences, or whatever. 
But it does accomplish the security goal.
    Senator Lautenberg. Well, I'm not satisfied, very frankly 
with your answer. I don't see us focusing as much as we should 
on protecting our citizens in the country, by a long shot. We 
spent, so far, in Iraq, $300 billion, plus $100 billion more 
expected in the next few weeks, and that is not including the 
amounts that are spent for security throughout the country.
    You go to commercial buildings, you go to all kinds of 
places, where money is spent to protect security. And here, we 
have several billion people a year riding in passenger rail 
trains, and the money that we're spending is barely a blip on 
the screen. So, I think what's happening is we are not paying 
enough attention to this. And I hear you defend and support 
what you're doing, and I admire it. I know you work hard at the 
job. But, we just aren't meeting the test.
    And, when the question, Mr. Canas, came up--I understand 
from another Senator--about how these expenses were going to be 
met. Well, there are sources that are available, obviously, for 
other kinds of security. Why is one kind of security more 
important--in terms of lifesaving--than another? To do whatever 
we can?
    We--it's really quite interesting to see that the number of 
incidents that are directed against rail systems, ``Estimated 
one-third of terrorist attacks around the world repeatedly--
reportedly, sorry--target transportation.'' The majority of 
these attacks are against public transportation systems, 
including rail. The vulnerability of surface transportation 
sector is demonstrated.
    There was a Mineta Transportation Institute report that 
surface transportation systems were the target of more than 195 
international terrorist attacks between 1997 and 2000. What 
does that tell us? Have we been lucky that worse things haven't 
happened with our system over these years?
    So, I think we ought to get with the drill. For instance, 
Mr. Hawley, your Department failed to meet one of the few 
trucking security requirements of last year's SAFE Port Act. 
There was a 90-day deadline that was just passed, for the 
implementation of a program that required DHS to check the 
names of truck drivers with access to secure areas of the ports 
against the terror watch lists, and for citizenship status. Why 
wasn't it done?
    Mr. Hawley. The technical systems we talked about earlier 
in the hearing--some of the technical systems don't talk 
automatically to each other. And the approach that we're taking 
is that--rather than try to figure out who's driving into this 
port or that port--to look at the entire CDL, the Commercial 
Driver's License population and do a much broader threat 
assessment for that population, versus the more limited 
population. In other words, it costs more to try to separate 
out which ones are going to which port, than it is to do the 
entire set of the drivers.
    Senator Lautenberg. What comes first, Mr. Hawley--in this 
case, chicken/egg kind of reference--the safety of our delicate 
areas, good targets for terrorism? Or, to make a decision about 
whether or not it's going to include a large system that will 
cost less, and so forth, and meanwhile--I don't want to be the 
one that is to the citizens of the State of New Jersey, ``You 
live in the--those who live in the most dangerous two-mile 
stretch,'' or near the two-mile stretch that says the worst 
area for terrorists, the most inviting target area for 
terrorists--and it's largely chemicals and transportation to 
one another, and to say to them, ``Look, we're still devising a 
grand scheme.''
    I think, Mr. Hawley, when it's--when there's an instruction 
by the Congress, by the Senate to do something in 90 days that 
it's not sufficient to say, ``Well, we're looking at a larger 
system.'' At that time, you should have--I think someone should 
have said, ``It can't be done.'' So, let's not trifle with a 
deadline that has no significance. Just ignoring it is not 
satisfactory, as far as I'm concerned.
    Mr. Boardman, perhaps you can answer. When will the 
Administration request funding to address some of these rail 
tunnel improvements along the Northeast Corridor? We need to, 
to do it to safely evacuate people in the event--and I know 
you've discussed it with Senator Carper in some detail--but 
it'd be interesting to me to--we acknowledge that the problem, 
potentially, of enormous proportion exists there? But when will 
the Administration say, ``You know, we agree enough that we 
want to put some funds into that.'' What do we have to do to 
sound the alarm loudly enough to get some attention?
    Mr. Boardman. Senator, I understand the issue. And 
certainly with you being a member of the Port Authority Board 
in the past, and I myself have spent some time in the PATH 
tunnels and also the site access project.
    And, one of the things that I was impressed about as I 
worked on another issue for, just this past year, was the--
which was the commuter fee issue, if you remember that. And, 
looking at the investments that were being made by commuter 
railroads on the Northeast Corridor that were beneficial to 
Amtrak. And I think east-side access is a good example of the 
amount of money that the transit side of the DOT is actually 
putting in to finish off that project, and make those safety 
improvements.
    And New Jersey Transit is also making a significant 
investment in the tunnels under the Hudson River. I know they 
want to make a much more significant investment on the Trans-
Hudson Express Tunnels, which would be a--an entirely two 
different new tubes.
    Amtrak has funded about $500 million a year for capital, or 
at least that's the number that's used for capital. And we 
think that Amtrak can spend between $3 million and $5 million a 
year along the Corridor on capital improvements.
    Some of those tunnels that are along the Corridor are not 
in New York and New Jersey, but they're the Baltimore Tunnel 
and some of the other facilities, and they need substantial 
investments--not just for safety and health, but also for 
improvements--especially with the electrical system, and those 
kinds of things.
    I think--one of the things Mr. Hawley said earlier--and I'm 
not going to dump him back into the issue here--is that there 
are different models that are being used for the different 
systems that we operate under. And the transit model grew up 
very differently--and I grew up with it, with different 
committees, and how it was financed, and how it was going to be 
funded, from what Amtrak is funded, for inter-city rail. And I 
think that there has been a need, because of the demand--and 
you've identified it--to have them become more cooperative, 
especially in the Northeast Corridor, in order to meet the 
demands of the capacity, and to make the improvements.
    I think the Administration--the previous one, this one--
have been trying to make those investments, full-funding grant 
agreements, and other things, to make the improvements that are 
needed.
    Senator Lautenberg. I think they have to try harder, Mr. 
Boardman.
    I have several other questions, but I know you've been here 
a long time, and I greatly appreciate it.
    I would ask Admiral Barrett about the motor carriers and 
the--how well are they doing, complying with the security plan 
requirement of your hazardous materials rules?
    Admiral Barrett. Senator, I think they are doing better all 
of the time--I'll defer to John, he does more inspections there 
than I do--I think we did about 5,500 in the last couple of 
years, you've done a lot more than that. My sense is better 
that John, that you can----
    Senator Lautenberg. Mr. Hill?
    Mr. Hill. We check compliance with the security provisions 
through our compliance review process, so we don't really do 
that at the road side. So, we do a lot of roadside 
inspections--about 3 million a year--of which hazardous 
material are a portion of them. But the compliance review 
process is something that's a little bit more time-consuming.
    To answer your specific question: We did 4,000--we've done 
4,000 of those specific contact reviews to determine compliance 
with security. And we've issued about 10 percent rate of civil 
penalties. So, about 400 instances where they just failed to 
train their people in security awareness, or they have not put 
together a plan as they should.
    Senator Lautenberg. Once again, all these tasks are in 
front of us, and though it's difficult to cover them all, the 
fact of the matter is we have enormous responsibility. We 
talked about the terrorist threat, about the possibility of 
accidents from hazardous cargo, and we just have to do it, in 
good conscience, for the sake of our citizenry.
    Mr. Canas, you had a recent proposal to pre-empt States, 
localities and towns from protecting themselves for--from the 
risk of hazardous material shipments, and would require rail 
carriers to evaluate the current routes that they use, and 
only--and I quote you--``the next-most commercially practical 
routes.''
    Now, I've noticed that within a very short distance of this 
building, this Capitol, this--the center of Government, you see 
trains going by very closely. And I don't know what they're 
carrying, but I guess I'm looking at them now with a different 
view than I might have because of the recognition that 
hazardous materials are often carried there. And if someone 
wanted to have an attack where it could do a lot of damage, it 
would be right there--this proximity of the rail track to the 
Capitol is excessively close. So, what do we do about current 
routes, and alternatives?
    Mr. Canas. Well, as you know, Senator, New Jersey is an 
end-user for a lot of this TIH that's railed into our State, so 
it's not a question of re-routing in New Jersey. In this area, 
there is a question--probably other panelists can address 
better as to what the progress is on that.
    I would only comment this far, to say that we need to 
engage the private sector more in this--not only to address 
Senator Stevens' concern about who pays for some of this 
oversight--but also to, they have a lot of the tools already in 
place. They can tell us--if they wish to--where these TIH cars 
are at any given time, I'm told. Having this capability is 
extremely important for the security agencies. And, I'm also 
told by certain companies that they're prepared to share that.
    Knowing that, ahead of time, we can preposition our 
response. If we know that these cars--and we can spot-check--
are not along sidings, or in certain yards, then using the 
risk-based model, we apply our resources where we feel the risk 
is greater.
    So, having that ability, I believe, is extremely important.
    Senator Lautenberg. Yes. Mr. Boardman confirmed that, and 
your commentary--I would ask one last question, and mention 
that we're going to keep the record open for questions if we 
submit them--can submit them in writing to you.
    Mr. Canas, you're in charge of our State's homeland 
security efforts. How do you rate the support and cooperation 
you receive from TSA, Department of Homeland Security, and--be 
careful of your language in this response.
    [Laughter.]
    Mr. Canas. I--well, you know, Senator--with all due respect 
to my Federal colleagues here, I did spend almost 30 years in 
the Federal system, so it does sound like heresy when I said 
that I disagree with some of the comments. I think, for 
example, I heard that our intelligence is better, and getting 
better, and the information sharing. I think that's true--from 
the top down--I don't believe, however, that I agree that our 
risk-base should be determined by Federal intelligence. I 
worked with them a long time, and as good as they are, and as 
great as they are--they really can't tell us down at the local 
level what our needs are.
    I think that we're--right now, we're in the situation of 
home-grown terrorism, of lone wolves, even criminals, that can 
endanger us. And that type of information really has to be 
developed from the ground up. And DHS has a--I would rate them 
mixed. They've heard us with diffusion centers, they're sending 
people out to try to obtain local information to feed into the 
national hoppers, and I commend them for that. It's something 
we, of course, recognized--and anyone who's worked at the State 
and local level knows that all risks and all emergencies--like 
all politics--is local. And it starts at the local basis. We 
need to start there. And, I think, synthesizing that 
information is very important.
    So, I disagree that the information we're receiving from 
DHS is very germane to what we need inside the States to--so I 
think--but they've heard us, that's the good news.
    I can also attest that, I'm--our office is new in New 
Jersey, as well, so I sympathize with the growing pains that 
DHS and TSA have. They are a relatively new agency in the 
Federal system, and I think they get mixed marks, but it's a 
start-up. They've matured, I believe, they're--just the fact 
that this year they recognized that New Jersey and New York 
really have the same risk, which Secretary Chertoff recently 
announced. We've been saying it all along, this is good. They 
recognize we're contiguous areas.
    So, I see flashes of brilliance at times, and other times I 
see that we're stuck in the same old business.
    Senator Lautenberg. Did you want to sign where the flashes 
of brilliance are? I won't ask you that.
    We're going to be adjourning, I want to let the record 
reflect the statement that Senator McCain has put in--wants put 
in the record, and we'll see that that is done.
    The next Commerce Committee hearing will be at 10 a.m., on 
Wednesday, January 24 on the state of the airline industry, the 
potential impact of airline mergers, and industry 
consolidation.
    And, I want to thank all of you. While there is, perhaps, 
disagreement on subjects that, specific things--it doesn't mean 
that there isn't a deep appreciation, Mr. Hawley--and all of 
you--for the work you do, that you attempt to do--we've given 
you huge assignments. Our world was turned around a half a 
dozen years ago, and it's--we've got to react to reality. And 
in doing that, it's very hard, because I know each and every 
one of you is just as anxious to get the job done as I am. I 
hold no prior position.
    So, I thank you very much, this hearing is adjourned.
    [Whereupon, at 12:04 p.m., the hearing was adjourned.]
                            A P P E N D I X

 Prepared Statement of Hon. Daniel K. Inouye, U.S. Senator from Hawaii
    Last year, this Committee's bipartisan efforts strengthened the 
security of our Nation's ports and maritime vessels, with the passage 
of the SAFE Port Act, which began a new era in maritime security. 
Despite this monumental effort, we only completed a third of our job 
because the final version of the bill failed to include Senate-passed 
provisions to strengthen rail and surface transportation security.
    This Committee remains committed, through its leadership and 
expertise on these important issues, to enacting legislation this 
session that would strengthen the security of our railroads, trucks, 
intercity buses and pipelines.
    Toward this end, I, along with Vice Chairman Stevens, Senators 
Lautenberg, Rockefeller, Kerry, Dorgan, Boxer, Snowe, Pryor, Carper, 
and others, introduced S. 184, the Surface Transportation and Rail 
Security Act of 2007, also known as the STARS Act, on January 4, 2007. 
This bill includes the rail and surface transportation security 
provisions from the Senate-passed SAFE Port Act, offering Congress a 
second chance to enact a comprehensive transportation security bill.
    The Administration witnesses will testify this morning about S. 184 
as well as about their current efforts to strengthen surface 
transportation security in the void of Congressional direction. By 
bringing all the Federal agencies with significant responsibility for 
surface transportation security together at this hearing, the Committee 
is seeking to gain a complete understanding of what each agency has 
accomplished, and what remains to be done.
    The attacks on critical surface transportation systems in Madrid 
and London are a constant reminder of what can happen in our 
communities if we fail to act promptly and effectively. We must address 
the vulnerabilities and risks facing these systems here at home in a 
comprehensive and coordinated way before we become the next victim of a 
successful attack.
    The provisions in S. 184 were endorsed unanimously by the Senate in 
the 109th Congress, as well as by industry and labor. I look forward to 
working with all the members of the Commerce Committee, particularly 
Senators Lautenberg and Smith, the Chairman and Ranking Member, 
respectively, of the Surface Transportation and Merchant Marine 
Infrastructure, Safety, and Security Subcommittee, to perfect and enact 
this legislation as soon as possible.
                                 ______
                                 
   Prepared Statement of Hon. John McCain, U.S. Senator from Arizona
    Thank you Mr. Chairman. This Committee has the important 
responsibility of overseeing the security of our Nation's 
transportation system, including its railways. I think all of us on the 
Committee have repeatedly expressed our shared support for greater 
Federal attention and resources to rail and transit security, and I 
applaud the Chairman for holding today's hearing.
    Both Chairman Inouye and I introduced versions of rail security 
legislation on the opening day of the 110th Congress. While our bills 
may differ slightly, our goal is the same. The Senate has repeatedly 
approved rail security legislation, and I am confident we will again in 
the near future. Unfortunately, the House of Representatives has 
refused to act on rail security legislation during past Congressional 
sessions. I remain hopeful that rail security will be made a top 
priority for the 110th Congress and the Administration.
    Mr. Chairman. we have taken important steps and expended 
considerable resources to secure the homeland since 9/11. I think all 
would agree that air travel is safer than it was 5 years ago. During 
the last Congress. we addressed port security in a comprehensive 
manner. However, we have more to do when it comes to other 
transportation modes, a fact well documented by the 9/11 Commission. 
Unfortunately, only relatively modest resources have been dedicated to 
rail security in recent years. As a result, our Nation's transit 
system, Amtrak. and the freight railroads remain vulnerable to 
terrorist attacks.
    The Rail Security Act of 2007 that I introduced on January 4th 
along with Senators Snowe, Biden, and Lieberman would authorize over 
$1.2 billion dollars for rail security. More than half of this funding 
would be authorized to complete tunnel safety and security improvements 
at New York's Penn Station, which is used by over 500,000 transit, 
commuter, and intercity passengers each workday. The legislation would 
also establish a grant program to encourage security enhancements by 
the freight railroads, Amtrak, shippers of hazardous materials, and 
local governments with responsibility for passenger stations. It would 
help to address identified security weaknesses in a manner that also 
seeks to protect the taxpayers' interests.
    As I mentioned earlier, this Committee and the Senate has 
consistently supported rail security legislation. Most recently. rail 
security provisions were adopted last Fall as part of the port security 
legislation. But again, the House failed to allow these important 
security provisions to move ahead, and the provisions were stripped 
from the conference agreement. As a result, our rail network continues 
to remain vulnerable to terrorist attack. That is unacceptable, 
particularly after seeing the tragic attacks on rail systems in the 
cities of London, Mumbai, and Madrid, and the devastating consequences 
of those attacks.
    It is essential that we work to protect all the modes of 
transportation from a potential attack, and I hope the Committee will 
mark-up rail security legislation expeditiously. This issue is too 
important to transportation safety to be ignored and for that reason I 
call on Congress to pass rail security legislation as soon as possible.
                                 ______
                                 
          Prepared Statement of Hon. John D. Rockefeller IV, 
                    U.S. Senator from West Virginia
    Mr. Chairman, thank you for calling this very important hearing, 
and for shining a light on the crucial legislation a number of us 
cosponsored and introduced earlier this month, S. 184, the Surface 
Transportation and Rail Security Act of 2007, or the STARS Act.
    We know that we are a nation with enemies, and we know that because 
of our freedoms and our economy, we are a nation of targets. In the 
years since terrorists used one mode of transportation to wake us up to 
their sick motivations and evil designs, we have made strides to 
protect the people and assets associated with that mode, aviation. 
Despite the good, bipartisan work by this Committee in the years since 
September 11 to address the vulnerabilities of our passenger and 
freight rails, our ports and waterway facilities, and other elements of 
our transportation infrastructure, I am afraid that some in Congress 
and in the Administration have not been as diligent in protecting these 
other modes.
    If we are to take our responsibilities as Members of Congress 
seriously, we must make certain that the trucks, trains, pipelines, and 
barges carrying hazardous materials are made secure. We must demand 
action to protect our passenger rail and transit systems so that the 
tragedies we have witnessed in Madrid, London, and Mumbai are not 
replayed here. We must do what we can to protect our transportation 
systems from evil motives and opportunities that we would never have 
thought to imagine just a few years ago.
    It is important for these witnesses to be heard before this 
Committee, and it is even more important for the Committee to take 
quick action on the STARS Act. I look forward to voting it out of 
Committee, and anticipate its timely consideration by the full Senate.
                                 ______
                                 
  Prepared Statement of the National School Transportation Association
    The National School Transportation Association is concerned that 
the Nation's largest mass transportation fleet has been overlooked in 
Congress' efforts to secure our transportation system.
    Each weekday about 470,000 yellow school buses travel the Nation's 
roads, about one-third of which are privately owned. Our fleet is 2.5 
times the size of all other forms of mass transportation--transit, 
intercity buses, commercial airlines and rail--combined. During the 
school year we make more than 50 million passenger trips daily carrying 
the country's most vulnerable passengers--our children. Our exposure is 
far greater than public transportation's at 32 million trips daily, yet 
the school bus industry has received little attention and no funding at 
all from the Federal Government.
School Buses and Terrorism
    School buses have been targets of terrorists not only in countries 
such as Israel, Thailand, Yemen, and African countries, but also in 
Canada and the United States. So far, the attacks in this country have 
been domestic, but they illustrate the concerns of the industry--and 
indeed of the country:

   The most notorious case occurred 30 years ago when a gang of 
        armed men hijacked a school bus in California, taking 26 
        children hostage. The men forced the children and their driver 
        into a buried van and kept them underground for 16 hours, 
        demanding $5 million ransom.

   In 1995, a man claiming to have a bomb hijacked a school bus 
        with eleven special needs children in Miami. Police killed the 
        hijacker, who turned out to be unarmed.

   In 1996, a 15-year-old boy commandeered a school bus in Salt 
        Lake City and killed the driver. He later killed himself after 
        crashing into a home.

   In January 2002, a school bus driver in Pennsylvania 
        abandoned his regular route and took thirteen children on an 
        unauthorized trip to Washington DC. The driver, armed with a 
        rifle, eluded attempts to find the bus for 6 hours. Despite a 
        massive search by police, the bus wasn't found until the 
        hijacker turned himself in.

   In January 2006, an armed man hijacked a school bus in Los 
        Angeles County, California, forcing the driver at gunpoint to 
        drive 200 miles before the driver outwitted him and escaped.

    As Congress knows, buses are a common target of terrorists 
worldwide. The Federal Bureau of Investigation estimates that 40 
percent of attacks on transportation systems are aimed at buses. 
Additionally, schools in this country have been identified as potential 
terrorist targets, and TSA has issued warnings of potential terrorist 
interest in school buses. Buses carrying children are particularly 
popular targets, for there is little that human beings fear more than a 
threat to their children.
    School buses are iconic symbols of America and of America's unique 
educational system. As President Bush said in his Homeland Security 
Presidential Directive 7, it is the policy of the United States to 
protect our Nation's critical resources against terrorist attacks that 
could have psychological and symbolic impact and undermine the public's 
morale and confidence in our national institutions. An attack on school 
buses would have a damaging psychological effect on this country and 
would destroy confidence in the Nation's ability to protect our 
children. Despite the potential for devastating results if terrorists 
were systematically to target school buses in this country, the Federal 
Government has not included school transportation in its efforts to 
provide a secure public transportation system.
School Buses and Security
    Like public transit, school buses operate in an open environment. 
Routes are routinely published at the beginning of the school year and 
rarely change during the year. School buses make the same stops at the 
same time every day, making it very easy for anyone to intercept a bus. 
School bus stops are unprotected, and usually unattended by an adult.
    School buses in most states cannot be locked when students are on 
board; therefore they are vulnerable to penetration by outsiders. 
School bus drivers have no shield, compartment, or other protection; 
since they, unlike public transit or intercity bus drivers, are 
responsible for their passengers, they cannot be isolated from them.
    School bus operations vary greatly in their sophistication and 
their facilities, but the majority operate from unprotected bus yards, 
where prior to 9/11, the biggest concern was vandalism. Industry 
officials estimate that bus fleets are grounded on an average of once a 
week by vandals. While these incidents are usually the result of 
student pranks rather than serious attempts to cause death or injury, 
they show how easily a terrorist could access school buses either to 
use as mobile improvised explosive devices (IEDs) or to implement a 
hijacking.
    In many communities across the country, school buses are the only 
form of mass transportation available for evacuation of large 
populations. Security of the school transportation system is important 
not only to protect the students who ride buses daily, but also to 
ensure that we are ready and able to respond to critical incidents 
elsewhere in our communities. Many fleets participate in emergency 
planning with local government for everything from police responses to 
nuclear plant evacuation planning. School buses from New York, New 
Jersey, and Connecticut played an important role in both evacuating 
people from the impact area in Manhattan on 9/11 and transporting 
critical workers into the area during the search and recovery period. 
This is part of a long tradition of service in times of disaster, 
whether natural or manmade.
    Officials in New Orleans have been criticized for not incorporating 
the school bus fleet into their emergency plans prior to and during 
Hurricane Katrina. Buses that could have been used to transport 
residents to safety were instead trapped under water. We all are aware 
of the consequences in that instance of the failure to recognize the 
importance of the local school bus fleet.
    For the past 4 years, the three national school transportation 
associations, the National Association of Pupil Transportation (NAPT) 
which represents primarily public school officials who operate or 
oversee student transportation in local districts; the National 
Association of State Directors of Pupil Transportation Services 
(NASDPTS) which represents primarily state government officials 
responsible for school transportation; and the National School 
Transportation Association (NSTA) which represents primarily school bus 
companies that provide student transportation under contract to public 
school districts have, worked with the Transportation Security 
Administration in trying to determine the security needs of the school 
bus industry. Despite our frequent requests, the agency has been unable 
to provide a comprehensive vulnerability assessment of school bus 
operations, as they have done for other modes. The industry has 
produced some materials, such as the National School Transportation 
Association's ``Top 25 Security Action Items for School Bus 
Operations'' and the National Association for Pupil Transportation's 
``Security Assessment Tool,'' and all three associations have posted 
security information on their websites. In addition, many individual 
operators have attended security forums at their own expense, and most 
are involved in their local emergency response planning activities.
    Last year the American Trucking Associations and the three national 
school bus associations collaborated to develop ``School Bus Watch,'' a 
training program derived from ``Highway Watch.'' In addition, we worked 
with Consolidated Safety Services, Inc. on a security awareness and 
training program funded by the Transportation Security Administration. 
While these programs provide welcome training to school transportation 
personnel, our industry still lags behind all other modes in asset 
protection. Fewer than 10 percent of school buses have global 
positioning systems (GPS) or other vehicle locator systems, fewer than 
half have surveillance cameras on board, and almost none have redundant 
or integrated communication systems.
School Buses and Funding
    School transportation is funded almost entirely by state and local 
government. The Federal Government provides no funding source for 
routine home-to-school transportation or school activity 
transportation. (In Fiscal Year 2003, the first Federal funds became 
available for school buses when the Environmental Protection Agency 
provided $5 million for grants to reduce diesel emissions as part of 
their Clean School Bus USA program.)
    As state governments are decreasing expenditures, a larger burden 
falls on municipalities to support school transportation. Some school 
districts have turned to parents to pay part of the cost of busing 
their children, and some have wrestled with the possibility of 
discontinuing school bus transportation entirely--knowing that such a 
move would not only present a hardship for many families and increase 
traffic and pollution around schools, but more importantly, would put 
students at much greater risk as they find less safe ways to get to 
school.
    In this economic climate, finding the means to make significant 
security improvements to school transportation systems is difficult if 
not impossible.
    Congress acknowledged the importance of school transportation in 
the USA PATRIOT Act, by specifically including school buses in the 
definition of mass transportation. But even though all other forms of 
mass transportation--airlines, rail, transit and intercity buses--have 
received Federal funding for security improvements, school 
transportation has received none.
    In the past 3 years, school bus operators have spent almost $12 
million annually on increased security training. But if we are to make 
significant improvements in school transportation security, we must go 
beyond training to capitol investments in facilities and equipment. 
Some of the priorities of the industry are:

        1. Electronic security devices for the bus, such as vehicle 
        tracking, secure communications, and video monitoring that 
        allow the driver to signal trouble, and allow sources outside 
        the bus to locate the vehicle and assess the nature of the 
        harmful activity.

        2. Robust and interoperable communications systems that allow 
        drivers and supervisors to signal and communicate with other 
        agencies, such as law enforcement, on a regional or state 
        level.

        3. Security for bus storage areas, including fencing, 
        electronic gates, lighting, and monitoring systems that 
        restrict access to buses and bus facilities and alert operators 
        to intruders.

    These are needs that neither school bus operators nor local boards 
of education can fund alone. If we are to provide security for the 25 
million children transported on school buses daily, we must have help 
from the Federal Government. In the past 4 years, Congress has provided 
security funding of $22 billion for commercial aviation, $876 million 
for ports and shipping, $387 million for public transit bus and rail, 
$51 million for trucking, $49 million for intercity bus, and $15.5 
million for Amtrak. The largest transportation system in the country, 
carrying its future, has received nothing. Our children deserve better.
                   Fiscal Notes--School Bus Security
    Assumptions:
    470,000 school buses nationwide
    15,000 school bus facilities nationwide
    7 percent of school buses currently have GPS or other vehicle 
locating systems
    2 percent of school buses currently have electronic student 
tracking systems
    42 percent of school buses currently have video surveillance 
systems
    14 percent of school buses currently have door locks
    85 percent of school buses currently have two-way communication, 
generally radios
    15 percent of communication systems are interoperable with other 
agencies
    49 percent of school bus parking facilities are fenced and lighted
    16 percent of school bus parking facilities have video monitoring
    8 percent of school bus parking facilities are monitored by a guard

                                  Costs
                          [dollars in millions]
------------------------------------------------------------------------

------------------------------------------------------------------------
GPS: $900/bus for hardware plus $30/month communication
 expense

  437,000 buses  $900                                            $393.3
  437,000  30  12                                           \1\ $157.3
Bus video surveillance: $2,500/bus
  272,600 buses  $2,500                                          $681.5
Two-way radios: $900/bus plus $3,000/base station
  70,500 buses  $900                                              $63.5
  2,250 stations  $3,000                                          $6.75
Facility fencing, lighting, gates: $100,000/25-bus facility
  7,650 facilities  $100,000                                       $765
Electronic monitoring of facilities: $6,000/facility
 (hardware)
  12,600 facilities  $6,000                                       $75.6
                                                            ------------
    Total capital expense                                         \2\ $2
------------------------------------------------------------------------
\1\ Annually.
\2\ Billion.

                                 ______
                                 
  Response to Written Questions Submitted by Hon. Daniel K. Inouye to 
                     Hon. Edmund S. ``Kip'' Hawley

    Question 1. The Department of Homeland Security was appropriated 
$175 million for this year's Transit Security Grant Program (TSGP). I 
understand that only $8 million of that total will be available for 
Amtrak, and that none of these funds will be awarded to freight 
railroads, despite being made explicitly eligible for such grants 
through the appropriations bill. We know that both Amtrak and our 
freight railroads have significant vulnerabilities. Can you explain why 
so little of this available funding is going to Amtrak and the freight 
railroads?
    Answer. The Department of Homeland Security (DHS) used a risk-
informed allocation model to evaluate the relative risk to the 
transportation systems. The Transit Security Grant Program (TSGP) risk 
formula is comprised of threat and vulnerability/consequences 
variables. The DHS risk assessment methodology considers critical 
infrastructure system assets, and characteristics that might contribute 
to their risk, such as: intelligence community assessments of threat; 
potentially affected passenger populations and the economic impact of 
attack. The relative weighting of variables reflects DHS's overall risk 
assessment and Fiscal Year (FY) 2007 program priorities (for example, 
presence of underwater and underground systems). Specific variables 
include unlinked passenger trips, number of underground track miles, 
number of underwater tunnels and location-specific intelligence 
community risk analysis. Amtrak was allocated $8.3 million based on its 
risk profile.

    Question 2. Did the Department complete the comprehensive 
transportation systems sector specific plan by December 31, 2006, as 
required by the Executive Order?
    Answer. The Transportation Sector-Specific Plan (TSSP) is part of 
DHS's National Infrastructure Protection Plan (NIPP). In June 2006, DHS 
signed the NIPP as the comprehensive Critical Infrastructure and Key 
Resources (CI/KR) planning framework required by Homeland Security 
Presidential Directive 7 ``Critical Infrastructure Identification, 
Prioritization, and Protection'' (HSPD-7). The transportation systems 
sector was one of 17 CI/KR sectors outlined in HSPD-7. The NIPP 
deadline for all 17 CI/KR sectors was December 31, 2006. On May 21, the 
Secretary announced the completion of all 17 sector specific plans 
(SSPs), of which the TSSP was one. Executive Order 13416, Strengthening 
Surface Transportation Security, also required the TSSP by December 31, 
2006 but placed an additional requirement of surface transportation 
modal plans 90 days after the TSSP was released. The modal plans were 
released together with the TSSP on May 21.

    Question 3. Will the President be requesting additional funding in 
the FY 2008 budget to reflect his policy, set forth in the Executive 
Order, that the ``security of our Nation's surface transportation 
systems is a national priority, vital to our economy, and essential to 
the security of our Nation.'' The current funding levels do not seem to 
reflect this sense of priority.
    Answer. The Executive Order states that surface transportation 
security is a priority, but it is a shared responsibility. The 
Transportation Security Administration (TSA) supports the President's 
Fiscal Year (FY) 2008 budget request. The budget request accurately 
reflects the funding necessary to carry out different approaches to 
different modes of transportation and includes funding in TSA's budget 
as well as in the budgets of other components.
    Surface transportation infrastructure is approximately 85 percent 
privately owned and operated, and receives security funding from 
multiple streams (e.g., operating revenue, State, local, private, as 
well as Federal funding). Surface transportation security is a shared 
responsibility among a variety of stakeholders, including State, local, 
and Federal agencies, and private owners and operators. As the 
Executive Order outlines, the appropriate role for the Federal 
Government includes assessing the security of the overall surface 
transportation system and developing guidelines and requirements to 
address high priority gaps, ensuring the effective sharing of surface 
transportation-related security information, assessing compliance with 
guidelines and requirements, and ensuring that Federal surface 
transportation research and development efforts for security are based 
on the needs of these systems and prioritized according to the ever 
evolving terrorist threats. The Federal Government also provided grants 
to these systems based on the priorities identified through assessments 
and threats.
    The rail and mass transit modes do not allow for the same type of 
approach used for aviation where sealing off an area of the airport to 
those who have been screened is feasible. Rail and mass transit systems 
operate over a broad geographic spread with numerous stations and 
transfer points providing the efficiency and fast-pace that are 
essential to moving thousands of passengers, particularly during daily 
rush hours. The point defense approach taken at the airports is neither 
practicable nor desirable for surface transportation. Rather, an 
integrated strategy, tapping the strengths of the Federal Government, 
State and local governments, and passenger rail and mass transit 
agencies, must be pursued.

    Funding comparisons should also include:

   The commitment of Federal funds to intelligence activities 
        to identify terrorists and detect their activities before they 
        can present a threat or achieve their objectives;

   The commitment of Federal funds to capital improvements of 
        passenger rail and mass transit systems that integrate security 
        enhancements;

   The availability to transit agencies to use 1 percent of 
        Federal Transit Administration grants for training and 
        exercises, approximately $40 million annually;

   The ability of states to allocate State Homeland Security 
        Grant program funds to rail and transit system security;

   Direct grants to transit providers under the transit 
        security and intercity bus security grant programs;

   The law enforcement agencies--either maintained by transit 
        agencies or provided by State or local government--providing 
        law enforcement and security services for passenger rail and 
        mass transit systems operating within and/or through their 
        respective jurisdictions; and

   Information sharing efforts that ensure security awareness 
        is maintained at the Federal, State and local, and transit 
        agency levels--such as the Public Transit portal of the 
        Homeland Security Information Network that is maintained and 
        operated at no cost to the transit community; the fee-funded 
        Information Sharing and Analysis Center maintained by the 
        American Public Transportation Association, now integrated into 
        the Public Transit portal of the Homeland Security Information 
        Network; and State and local intelligence fusion centers.

    Federal funding contributes to all of these efforts, and will 
continue to do so, as part of a comprehensive, integrated strategic 
approach aligning the efforts of a range of entities and programs at 
the Federal, State, and local government and transit agency levels.

    Question 4. In your testimony, you suggested that significant 
personnel could be shifted from TSA's aviation security force to help 
secure surface transportation systems. How many aviation security 
employees could be available at any given time for such work without 
impacting the security of our aviation system?
    Answer. The Transportation Security Administration (TSA) has 
undertaken several initiatives to increase our security footprint at 
the Nation's airports. These efforts include the Behavior Detection 
Program, the Airport Direct Access Screening Program, and the Bomb 
Appraisal Officer Program. Each of these programs requires a commitment 
of manpower beyond basic screening functions. TSA could support limited 
multi-modal contingency operations through the use of overtime, 
diversion of manpower from non-primary screening functions, and the use 
of non-Transportation Security Officer personnel (e.g., Aviation 
Security Inspectors). Specific availability of manpower would be 
heavily impacted by system requirements at a particular time (e.g., 
Holiday Operations) and airport security requirements resulting from a 
given Threat Condition.

    Question 5. In your written testimony, you discuss the work of the 
Surface Transportation Security Inspection (STSI) teams in assessing 
rail and transit systems. Is there enough funding through the 
Department's Transit Security Grant Program (TSGP) to fund improvements 
for all the risks and vulnerabilities that are identified through this 
program? If not, how are rail and transit system supposed to address 
these risks and vulnerabilities?
    Answer. The Department of Homeland Security (DHS) Transit Security 
Grant Program (TSGP) is currently the primary vehicle for providing 
funding assistance for security enhancements to public transportation 
agencies in the United States. The TSGP employs risk-based 
prioritization consistent with DHS policy. This approach applies TSGP 
resources to strengthen the security of the Nation's transit systems in 
the most effective and efficient manner.
    Through TSGP, DHS has thus far allocated $573 million to 60 of the 
Nation's mass transit and passenger rail systems in 25 States and the 
District of Columbia. The TSGP employs risk-based prioritization 
consistent with the Department's strategic framework articulated in the 
National Infrastructure Protection Plan (NIPP) and the Transportation 
Sector Specific Plan (TSSP). Rail transit systems have been divided 
into two tiers based on risk. Particular emphasis is placed on the 
passenger volume of the system and the underwater and underground 
infrastructure of the rail transit systems. Tier I systems apply for a 
portion of a regional allocation, either as individual agencies or as 
part of regional projects that mitigate the vulnerability of high-risk, 
high-consequence assets. Grants for systems in Tier II are 
competitively awarded based on the ability to reduce risk, cost 
effectiveness, and the ability to complete the proposed project with 
the funds awarded.
    Based on the results of security assessments conducted by the 
Transportation Security Administration's (TSA) Surface Transportation 
Security Inspectors (STSI) and prior assessments conducted by Federal 
entities and passenger rail and mass transit agencies, DHS has 
identified a set of risk-based priorities that it believes address the 
security needs of transit agencies and result in the overall 
enhancement of security in their systems. Eligible transit systems are 
encouraged to use TSGP funds to address the following risk-based 
priorities, as applicable:

        1. Protection of high risk/high consequence underwater/
        underground assets and systems;

        2. Protection of other high risk/high consequence assets and 
        systems that have been identified through system-wide risk 
        assessments;

        3. Use of visible, unpredictable deterrence;

        4. Targeted counter-terrorism training for key front-line 
        staff;

        5. Emergency preparedness drills and exercises; and

        6. Public awareness and preparedness campaigns.

    Area security assessment results indicate a need for more focused 
effort in security training for transit agency employees. Although an 
extensive Federal security training program has been implemented since 
9/11--17 security courses, more than 500 deliveries, and more than 
78,000 transit employees trained--the assessment results indicated wide 
variations in the quality of transit agencies' security training 
programs and an inadequate level of refresher or follow-on training. 
Well-trained employees are a security force multiplier for security 
efforts implemented by transit agencies. This year, to elevate the 
level of training, bring greater consistency, and assist agencies in 
developing and implementing training programs, TSA produced and 
disseminated a Mass Transit Security Training Program and made training 
a targeted priority for the TSGP.
    The program identifies specific types of training at basic and 
follow-on levels for particular categories of transit employees. 
Presented in a readily understandable matrix, it provides effective 
guidance to transit agency officials in building and implementing 
training programs for employees working in their systems. To support 
execution of such training programs, the Transit Security Grant Program 
offers pre-packaged training options agencies may obtain with grant 
funding. Agencies taking advantage of this program have their 
applications expedited for review and approval. This initiative aims to 
expand significantly the volume and quality of training for transit 
employees during 2007. Thus far, 21 agencies have applied for training 
under this initiative among the Tier II systems alone for Fiscal Year 
(FY) 2007 TSGP funding. Nine other transit agencies proposed training 
in their standard FY 2007 TSGP applications.
    Equipment acquisitions, drills and exercises, employee training 
programs, and public awareness programs that focus on mitigating these 
risks represent appropriate applications of TSGP funding. Transit 
systems may use TSGP funding to acquire equipment that applies 
technological solutions to security vulnerabilities, such as explosives 
detection systems and surveillance cameras. In order to assess and 
enhance the transit system's capability to respond under the variety of 
security scenarios that could reasonably be expected to occur on its 
operation, the emergency drill and exercise program should test 
operational protocols that the transit system plans to implement in the 
event of a terrorist attack (specifically, an improvised explosive 
device or chemical/biological/radiological/nuclear device), natural 
disaster, or other emergencies, and consist of live situational 
exercises involving various threat and disaster scenarios, table top 
exercises, and methods for implementing lessons learned.
    TSA believes current funding of the TSGP enables achievement of 
strategic priorities to enhance security in the passenger rail and mass 
transit mode. In addition, grants to State and local governments 
through the State Homeland Security Grant program and Urban Area 
Security Initiative are available for training, equipment, and 
exercises related to transportation security projects at the discretion 
of State and local homeland security leadership in coordination with 
their State and Urban Area Homeland Security strategies. Over $8.5 
billion have been awarded to State and local governments through these 
programs and an additional $1.3 billion will be awarded in FY 2007.

    Question 6. What was the total amount in grant funding requested by 
transit and rail systems in FY 2006 during the application process for 
the Department's Transit Security Grant Program (TSGP)?
    Answer. The total amount in grant funding requested by transit and 
rail systems in Fiscal Year 2006 was $151,445,422.

    Question 7. I understand that the current rail security guidelines 
issued by your Department last year are voluntary. How are railroads 
complying with these guidelines? Do you intend to make them mandatory?
    Answer. In June 2006, the Department of Homeland Security's (DHS) 
Transportation Security Administration (TSA) and the Department of 
Transportation's Pipeline and Hazardous Materials Administration and 
Federal Railroad Administration issued a set of Security Action Items 
for the rail transportation of toxic inhalation hazard materials. In 
October 2006, TSA began to measure the degree of implementation of 
these action items by the Nation's rail carriers. The initial 
measurements focused on the seven action items having the highest 
impact on security at the ground level. TSA Surface Transportation 
Inspectors visited over 150 individual rail facilities and interviewed 
over 2,700 front-line employees to determine how well the security 
action items were being applied in the field. The level of 
implementation was measured as either--High (3), Medium (2) or Low (1). 
In general, the level of implementation was rated as medium. An 
analysis of the individual interviews and inspector reports showed that 
the rail carriers had done a better than average job of educating their 
employees in security awareness and their role in the detection and 
deterrence of security-related events.
    At this time, TSA is in the process of evaluating the 
implementation of ten additional security action items. The results of 
these surveys will provide a factual knowledge base which will drive 
policy decisions. Several of the action items were deemed critical to 
freight rail security and have been incorporated into the Notice of 
Proposed Rulemaking that was issued by DHS/TSA in December 2006.

    Question 8. I understand that your recent Notice of Proposed 
Rulemaking (NPRM) on rail security requires that rail cars carrying 
certain hazardous shipments would have to be attended at all times 
during transit. Today, it is common practice for railroads to allow 
their trains to sit unattended while changing train crews. How would 
this proposed rule affect this practice?
    Answer. The proposed rule would eliminate this practice in High 
Threat Urban Areas (HTUA) and curtail it in areas that lead into HTUAs.
    The Transportation Security Administration's (TSA) analysis of the 
freight rail industry indicated that there is a security vulnerability 
in the practice of leaving unattended rail cars, and in some cases 
entire trains, carrying certain hazardous materials, for eventual 
pickup by either railroad carriers or by the consignees (receivers). 
TSA plans to address this vulnerability through the proposed chain of 
custody requirements in the Notice of Proposed Rulemaking (NPRM). The 
chain of custody provisions propose positive control and handoff of 
certain hazardous materials shipments at points where rail cars are 
initially received by the rail carrier, where they are interchanged 
with other railroads, and at the final point of delivery.
     Since the highest risk occurs when a rail car is in or near an 
area of high population density, TSA's proposed chain of custody would 
affect railroad carriers conducting transfers within HTUAs or transfers 
where rail cars may enter an HTUA. The rule also covers all shippers 
and receivers in an HTUA. TSA has proposed to secure the chain of 
custody of certain hazardous shipments throughout the rail supply 
chain.

    Question 9. What is the status of TSA's Transportation Sector 
Specific Plan (TSSP) and annexes for each mode of transportation? What 
has been the cause of TSA's delay in issuing these plans? Without these 
plans in place, how can we have confidence that the agency's security 
efforts are appropriately targeted?
    Answer. The Transportation Sector-Specific Plan (TSSP) is part of 
DHS's National Infrastructure Protection Plan (NIPP). In June 2006, DHS 
signed the NIPP as the comprehensive Critical Infrastructure and Key 
Resources (CI/KR) planning framework required by Homeland Security 
Presidential Directive -7 ``Critical Infrastructure Identification, 
Prioritization, and Protection'' (HSPD-7). The transportation systems 
sector was one of 17 CI/KR sectors outlined in HSPD-7. The NIPP 
deadline for all 17 CI/KR sectors was December 31, 2006. On May 21, the 
Secretary announced the completion of all 17 sector specific plans 
(SSPs), of which the TSSP was one. Executive Order 13416, Strengthening 
Surface Transportation Security, also required the TSSP by December 31, 
2006 but placed an additional requirement of surface transportation 
modal plans 90 days after the TSSP was released. The modal plans were 
released together with the TSSP on May 21.
    The plans were developed with extensive participation from and in 
partnership with the Government Coordinating Council and Sector 
Coordinating Councils. As partners in security, it was essential that 
the TSSP and modal plans were developed with their input.
    TSA utilizes the broad range of intelligence it receives, as well 
as the domain awareness gained through the risk-based assessments, to 
inform the development of strategies and programs to improve security 
in other modes of transportation and to prioritize and direct 
resources.

    Question 10. What steps has TSA taken to implement the 
recommendations made by the GAO in its September 2005 report on 
passenger rail security? Why has your agency not submitted the required 
letter to Congress detailing how you will implement these 
recommendations?
    Answer. The Transportation Security Administration (TSA) has 
implemented, or is in the process of implementing, the Government 
Accountability Office (GAO) recommendations in the September 2005 
report. Below are the GAO recommendations and TSA actions to address 
them.
    GAO Recommendation 1: Establish a timeline for completing the 
Department's framework for analyzing sector risks and ensure that the 
risk assessment methodologies used by sector-specific agencies are 
consistent with this framework.
    The National Infrastructure Protection Plan (NIPP) establishes the 
risk assessment framework for the protection of critical infrastructure 
and key resources. The Transportation Sector Specific Plan (TSSP) 
reflects a coordinated effort integrating Federal entities operating 
through Government Coordinating Councils (GCCs) with transportation 
stakeholders operating through Sector Coordinating Councils (SCCs). 
Modal annexes for passenger rail/mass transit and freight rail have 
been developed in a similar coordinated effort with the stakeholders in 
the respective modes. The risk management strategy for the TSSP and its 
modal annexes aligns with the NIPP framework.
    GAO Recommendation 2a: Establish a plan for completing its 
methodology for conducting risk assessments that includes timelines and 
addresses how it will work with passenger rail stakeholders and 
leverage existing Federal expertise in Department of Homeland Security 
components, including the Office for Domestic Preparedness, as well as 
the Department of Transportation modal administrations, including the 
Federal Railroad Administration and the Federal Transit Administration.
    At the operational level, TSA conducts security assessments under 
the Surface Transportation Security Inspection Program. The purpose of 
assessing security status is to determine how individual operations 
compare to the baseline standards. Assessments in rail and passenger 
transit are conducted by TSA's field inspector force. The assessments 
are structured to target key areas of concern and to capture essential 
data to evaluate current practice versus baseline standards.
    Through the Baseline Assessment and Security Enhancement (BASE) 
program, Surface Transportation Security Inspectors (STSIs) assess a 
transit system's security posture on the 17 Security and Emergency 
Preparedness Action Items, jointly developed and disseminated by TSA 
and FTA in coordination with the Mass Transit Sector Coordinating 
Council and Transit Policing and Security Peer Advisory Group. 
Particular emphasis is placed on the six core Transit Security 
Fundamentals that are also funding priorities under the Transit 
Security Grant Program. The BASE program aims to elevate security 
generally, expand TSA's awareness and understanding of security posture 
in the passenger rail and mass transit mode, enable more effective 
targeting of security programs and technical assistance to elevate 
security, and facilitate sharing of best security practices.
    As of April 20, 2007, TSA STSIs have completed BASE assessments on 
35 of the top 50 passenger rail and mass transit agencies by passenger 
volume. Assessments are in progress at six more of the top 50 systems. 
The ongoing effort aims to complete assessments on the Security Action 
Items of the top 50 transit agencies during Fiscal Year (FY) 2007. Work 
will commence on the transit agencies ranked 51 to 100 during FY 2007, 
continuing into FY 2008 for completion. Targeted follow-up assessments 
will measure progress in improving performance in implementation of the 
Security Action Items, particularly the six Transit Security 
Fundamentals.
    The information derived from the BASE assessments enables more 
effective targeting of security programs and technical assistance to 
elevate security. Through this process, TSA also identifies best 
security practices for sharing with the passenger rail and mass transit 
community, further enhancing security posture. The thorough review of 
security programs and procedures affords the systems assessed the 
opportunity to review the state of their security program and identify 
strengths and weaknesses. This information can guide the effective 
application of available security resources, focus collaborative 
efforts with TSA, and facilitate the preparation of funding requests 
through security grant programs.
    An example of the application of assessment results in prompt 
development of security programs is the training initiative under the 
Transit Security Grant Program (TSGP). BASE assessment results 
demonstrated a need for improvement in security training of front-line 
employees. TSA, in coordination with its Federal partners at the 
Department of Homeland Security (DHS) Office of Grants and Training and 
the Federal Transit Administration, developed the Mass Transit Security 
Training Program. The program identifies specific types of training at 
basic and follow-on levels for particular categories of transit 
employees. Presented in a readily understandable matrix, it provides 
effective guidance to transit agency officials in building and 
implementing training programs for employees working in their systems. 
To support execution of such training programs, the Transit Security 
Grant Program offers pre-packaged training options agencies may obtain 
with grant funding. Agencies taking advantage of this program have 
their applications expedited for approval to ensure funds are delivered 
within 90 days of submission. This initiative aims to expand 
significantly the volume and quality of training for transit employees 
during 2007. Thus far, 21 agencies have applied for training under this 
initiative among the Tier II systems alone for FY 2007 TSGP funding. 
Nine other transit agencies proposed training in their standard FY 2007 
TSGP applications.
    That is the objective--through regular reviews of security posture 
in light of prevailing threats, to ensure security resources at all 
levels--Federal, State, and local government, passenger rail and mass 
transit agencies--are applied in the most effective ways to deter, 
detect, and prevent terrorist attacks.
    GAO Recommendation 2b: Evaluate whether the risk assessment 
methodology used by the Office for Domestic Preparedness should be 
leveraged to facilitate the completion of risk assessments for rail and 
other transportation modes.
    To promote interagency coordination and information sharing on risk 
assessment activities and to bring the assessment methodologies within 
a consistent framework and leverage the existing methodologies, DHS, 
and its Federal partners have formed the Federal Risk Assessment 
Working Group, the Interagency Mass Transit Security Information 
Program, and the Risk Assessment Policy Group. These groups work 
together to coordinate Federal risk assessment activities and to 
promote consistency in risk assessment approaches. The National 
Preparedness branch of the Federal Emergency Management Agency, 
formerly the DHS Office of Grants and Training, has participated as 
well in the development of the BASE program.
    GAO Recommendation 3a: Develop security standards that reflect 
industry best practices that can be measured, monitored, and enforced 
by Transportation Security Administration rail inspectors and, if 
appropriate, by rail asset owners. This could be accomplished by using 
the rule-making process, with notice in the Federal Register and an 
opportunity for interested stakeholders to comment, to promulgate long-
term regulations that incorporate these standards.
Security and Emergency Management Action Items
    In addition to the two security directives issued by the TSA in May 
2004, TSA and the Federal Transit Administration (FTA), in coordination 
with other public and private security partners, have recently 
conducted a comprehensive update of the Security and Emergency 
Management Action Items issued by the FTA in the immediate aftermath of 
September 11. The newly enhanced action items are in part based on 
industry effective practices and represent a systematic and measurable 
approach to elevate baseline security posture and enhance security 
program management and implementation. The action items cover a range 
of areas including security program management and accountability, 
security and emergency response training, drills and exercises, public 
awareness, protective measures for Homeland Security Advisory System 
(HSAS) threat levels, physical security, personnel security, and 
information-sharing and security.
Threat Level Protective Measures
    The Threat Level Protective Measures, also issued recently by TSA 
and FTA, provides a comprehensive systems approach and framework for 
transit agencies to use in integrating their security and emergency 
management systems with DHS Homeland Security Advisory System's five 
color-coded graduated threat conditions. These protective measures are 
also based in part on transit and passenger rail providers' effective 
practices.
    Through the BASE program, STSIs review and monitor the 
implementation of the action items. This initiative aims to elevate 
security posture and readiness throughout the mass transit and 
passenger rail mode by implementing and sustaining measurable baseline 
security standards applicable to the operating environment and 
characteristics of mass transit and passenger rail systems.
Transit Security Fundamentals
    In its security assessments, TSA focuses particular attention on 
six Transit Security Fundamentals that provide the foundation for a 
successful security program. The fundamentals are:

        1. Protection of high-risk underwater/underground assets and 
        systems;

        2. Protection of other high-risk assets that have been 
        identified through system-wide risk assessments;

        3. Use of visible, unpredictable deterrence;

        4. Targeted counter-terrorism training for key front-line 
        staff;

        5. Emergency preparedness drills and exercises; and

        6. Public awareness and preparedness campaigns.

    TSA has distributed a self-assessment checklist to each of the top 
50 agencies covering six fundamental areas that provide the foundation 
for an effective security program. To date, 42 of the top 50 agencies 
have responded. The remaining eight are expected to report shortly. 
Expansion to the agencies ranked 51 to 100 will follow.
Tunnel Security Action Items
    To mitigate the potential catastrophic consequences of a terrorist 
attack against underwater transit and rail tunnels, the interagency 
Tunnel Risk Mitigation Working Group under the leadership of TSA issued 
the Tunnel Security Action Items in 2007. These recommended measures 
derive from the experience gained in Federal security assessments and 
the ongoing work to identify and prioritize tunnels and develop a 
strategic plan to mitigate risk. The interagency group is working 
closely with the transit industry to ensure the implementation of 
protective measures to mitigate risk in transit tunnels. TSA security 
assessments of passenger rail and mass transit agencies with tunnel 
infrastructure include review of protective measures implemented to 
mitigate risk.
Notice of Proposed Rulemaking
    TSA issued a Notice of Proposed Rulemaking (NPRM) in December 2006. 
Although it primarily focused on security in transporting toxic 
inhalation hazard material by freight rail carriers, the NPRM proposes 
some requirements for passenger railroad carriers, rail transit 
systems, and hosts of other passenger rail services. The proposed 
requirements include designation of a primary and at least one 
alternate Rail Security Coordinator to serve as the point of contact 
with TSA on security matters and communications and to provide 
oversight to the railroad carrier or rail transit system's compliance 
with security requirements and implementation of security initiatives. 
Additionally, in recognition of the vital importance of information 
indicating terrorist planning and preparation, the rule further 
requires all passenger rail carriers and rail transit systems to report 
potential threats or significant security concerns to TSA. The NPRM 
also details TSA's authority concerning inspection of facilities and 
operations of covered entities. This NPRM provided ample time for 
comment by stakeholders and the public at large. A public meeting was 
held on February 2, 2007, to provide further opportunity for comment. 
TSA is reviewing the comments received and making appropriate changes, 
if any, to the proposed rule. This proposed rule will further 
facilitate the BASE inspections and the review and monitoring of any 
future voluntary and/or required security standards TSA might put in 
place.
Standards Development
    The Federal Government is engaged with the American Public 
Transportation Association (APTA) Security Standards Policy and 
Planning Committee to develop security standards. The security 
standards development effort brings together security professionals 
from the public transportation industry, business partner 
representatives, and the Federal Government in a collaborative effort 
to develop consensus-based standards to enhance security in transit 
systems. Federal participants consist of the subject-matter experts 
from DHS Office of Grants and Training, TSA, FTA, and the Federal 
Railroad Administration. Public transportation stakeholder participants 
consist of members of the APTA Security Standards Policy and Planning 
Committee, officials from mass transit and passenger rail systems and 
industry businesses and research organizations. Working groups are 
established to focus on specific security areas and concerns, including 
mass transit and passenger rail systems, facilities and operations.
    Draft standards are developed in a format that is consistent with 
American National Standards Institute requirements and are posted for 
comment and then approved by consensus. Federal participation in the 
consensus-based efforts is effected through the GCC/SCC framework and 
Critical Infrastructure Partnership Advisory Council (CIPAC) process. 
The approved standards are then put forth as ``recommended practices'' 
and supported by the American Public Transportation Association for 
voluntary adoption by the transit industry.
    GAO Recommendation 3b: Set timelines for completing the memorandum 
of understanding modal agreements for rail, mass transit, and research 
and development, which both the Department of Homeland Security and the 
Department of Transportation have agreed to pursue.
    In September 2005, DHS and the Department of Transportation (DOT) 
executed an annex on public transportation to the Memorandum of 
Understanding (MOU) entered into the prior year by DHS and DOT. 
Pursuant to this annex, DOT and DHS agreed to coordinate their programs 
and services (including risk assessments, grants, training, exercises 
and technical assistance) to better assist transit agencies in 
prioritizing and addressing their current and emerging security-related 
needs. The areas of coordination identified in the annex include 
training courses; awareness programs, i.e., the Transit Watch; forums 
to encourage and facilitate communications and information-sharing, 
i.e., the Safety and Security Roundtables; drills and exercises; 
emergency preparedness and security forums, creating a comprehensive 
source for transit system officials to turn for information about 
available Federal security and preparedness resources (e.g., 
information on grant funding availability, training, technical 
assistance, and effective practices), risk assessment and security 
reviews, and interoperable communication. In support of the MOU annex 
implementation, eight working groups have been established under an 
Executive Steering Committee. The annual plan for 2007-2008 cooperation 
between the parties has been drafted and is currently undergoing 
interagency coordination. The interagency working groups continue to 
facilitate the implementation of a unified strategic approach to 
transit security. This approach aims to:

   Advance focused efforts to mitigate high consequence risk;

   Expand employment of random, unpredictable deterrence; and

   Elevate the security baseline by building security force 
        multipliers through training, drills and exercises, and public 
        awareness campaigns

    Public and private partners are working together to evaluate 
technology needs of Mass Transit and Passenger Rail industry and to 
develop and coordinate research and development as well as testing and 
evaluation of commercial off-the-shelf and other existing technologies. 
Under the Public Transportation Annex of the DHS/DOT MOU discussed 
earlier, TSA leads the Mass Transit Technology Project Management Team 
consisting of representatives from the Office of Grants and Training, 
FTA, and DHS's Science and Technology Directorate (S&T) (as 
applicable). This subgroup allows for coordination and sharing of 
ongoing work, discussion of stakeholder needs based on individual 
agency outreach through their programs, and leveraging of resources to 
expand the work done in technology by the agencies.
    Presently, a variety of technologies are on the market or being 
tested, such as intrusion detection, video surveillance, anomaly 
detection, and chemical/biological/radiological/nuclear detection. TSA, 
along with its public and private partners, is working to identify 
technology gaps and conduct research and development to provide 
technological solutions. This process between government and industry 
will aid in ensuring that a collaborative strategic process for 
technology research, development and deployment is maintained. The 
Federal partners are also harnessing the information gained from 
completed developmental testing and other use experience to provide the 
transit community a security technology information resource to guide 
procurement decisions.
    Through stakeholder tours of S&T's Transportation Security 
Laboratory, interagency informational tours, and other meetings, TSA 
and its Federal partners exchange information on planned research, 
development, testing, and evaluation efforts, projects, and needs and 
challenges with the stakeholders and scientific/technology community. 
The results are developed into broad requirements submitted to S&T for 
research and development. Furthermore, TSA participates in the 
Integrated Project Teams (IPT) held by S&T across a variety of critical 
infrastructure and potential threats. These IPTs provide a means to 
submit technology requirements for funding and coordinate requirements 
with other DHS internal stakeholders (i.e. Customs and Border 
Protection, U.S. Coast Guard) to eliminate duplication of effort and 
share experience and knowledge. TSA and industry representatives also 
participates in bi- and multi-lateral international meetings and 
working groups on technology that focus on sharing of information on a 
specific technology or broad technology needs and requirements. TSA and 
its partners are working on a plan to utilize Homeland Security 
Information Network (HSIN)-Public Transit Portal as the tool to provide 
government and the industry with a list of available technologies and 
products relating to the protection of mass transit and passenger rail.
    GAO Recommendation 4: To help strengthen the security of passenger 
rail systems in the United States and potentially leverage the 
knowledge and practices employed by foreign rail operators, we 
recommend that the Secretary of the Department of Homeland Security, in 
collaboration with the Department of Transportation and the passenger 
rail industry, take the following two actions:

   Evaluate the feasibility of establishing and maintaining an 
        information clearinghouse on existing and emergency security 
        technologies and security best practices used in the passenger 
        rail industry both in the United States and abroad.

   Evaluate the potential benefits and applicability--as risk 
        analyses warrant and as opportunities permit--of implementing 
        covert testing processes to evaluate the effectiveness of rail 
        system security personnel; implementing practices used by 
        foreign rail operators that integrate security into 
        infrastructure design; and implementing random searches or 
        screening of passengers and their baggage, pending the results 
        of an ongoing joint Federal and industry review of the impact 
        of random screening on passenger rail operators.

    Effective implementation and use of the HSIN is critical to the 
success of Federal information-sharing efforts. DHS established HSIN 
for stakeholders to use in the various SCCs. The network includes a 
Public Transit Portal, intended for use as an information-sharing and 
exchange resource for transit systems throughout the country. An often 
expressed concern of transit system security officials is the absence 
of a single source or ``one stop shop'' for Federal information on 
transit security. The Public Transit Portal on HSIN has been developed 
to meet this purpose as the gateway to Federal information updates and 
resources for the mode and information and material developed by the 
Public Transit Information Sharing and Analysis Center (ISAC). Feedback 
from mass transit and passenger rail systems will help ensure 
information products meet security needs. A concerted effort to 
populate the site with useful and timely information is ongoing.
    A key component of the portal is the Mass Transit Resource Center. 
The Resource Center provides a comprehensive database for the transit 
industry to access information on a broad spectrum of subjects 
pertinent to transit security, material not readily available in a 
consolidated format elsewhere. TSA uses the Portal to provide timely 
security alerts, advisories, and information bulletins to passenger 
rail and mass transit agencies. Technology updates constitute an 
important component of this resource. Overall, the Resource Center 
covers more than 20 subject areas of security interest to the public 
transportation community, reflecting the feedback received from 
stakeholders on the type of information they require to meet the 
security mission.
    Technology must be fully incorporated into the security operations 
of mass transit and passenger rail agencies. Presently, a variety of 
technologies are on the market or being tested, such as intrusion 
detection, video surveillance, anomaly detection, and chemical/
biological/radiological/nuclear detection. TSA, along with its public 
and private partners, is working to identify technology gaps and 
conduct research and development to provide technological solutions. 
The Federal partners are also harnessing the information gained from 
completed developmental testing and other use experience to provide the 
transit community a security technology information resource to guide 
procurement decisions. This resource will be a key component of the 
Public Transit Portal in the HSIN, meeting a specific requirement of 
Executive Order 13416, ``Strengthening Surface Transportation 
Security.''
    On the international front, TSA engages extensively with its 
foreign counterparts on rail and transit security matters with the aim 
of sharing and gleaning effective practices for potential integration 
in the domestic strategic approach. TSA conducts and maintains these 
efforts in collaboration and coordination with the Department of State, 
DHS component agencies, and other Federal agencies on projects 
involving transportation security within international and regional 
organizations.
    Engagement within the Group of 8 (G8) and with the European Union, 
the Asia Pacific Economic Cooperation, and the Mexican and Canadian 
governments fosters sharing of effective practices and technologies in 
mass transit and passenger rail security. The expanding cooperation in 
this area has culminated in creating an international working group on 
land transport security outside of any preexisting forum with 
preliminary focus on passenger rail and mass transit security. The 
United States will support this collaborative effort by providing 
information on most effective security practices and the effectiveness 
of security technologies.
    TSA also participates in the Rail and Urban Transport Working Group 
in support of technology information-sharing across five countries. The 
membership of this group consists of the United States, United Kingdom, 
Canada, France, and Israel. In this forum, technology and operational 
experts come together to share information on technology testing and 
evaluation projects.
    Through the Joint Contact Group, the United States and the United 
Kingdom engage in a bilateral cooperative effort to develop and 
promulgate best practices in rail and mass transit security, with the 
objective of developing security solutions applicable on a wider 
international basis. This group also explores opportunities to 
encourage broader private sector involvement in the protection of soft 
targets, such as through training of mass transit employees.
    Another international initiative focuses on vetting suspicious 
packages detected in transit systems. This joint effort, involving TSA 
STSIs, Los Angeles law enforcement representatives, and British 
security officials, will bring training, experience, and lessons 
learned to the American participants from a British program known as 
Hidden and Obviously Typical (HOT) of suspicious packages. This program 
enhances the ability of the trained personnel to identify indicators of 
security concerns with packages left unattended in transit and rail 
facilities and vehicles.
    TSA will continue a dynamic effort to engage with international 
counterparts, whether through bilateral arrangements or broader forums 
and working groups, and advance sharing of lessons learned and best 
practices to enhance security in passenger rail and mass transit 
systems.
    One of the six Transit Security Fundamentals discussed earlier in 
this response is the implementation of emergency preparedness drills 
and exercises. DHS funds transit agencies' conduct of and participation 
in drills and exercises as a priority under the TSGP. Through periodic 
drills and exercises, transit agencies test the effectiveness of 
security and emergency management plans and integration with regional 
security partners, such as law enforcement entities and State and local 
government agencies. Covert testing has potential value as part of an 
overall security engagement approach with particular transit agencies. 
TSA has developed proposals for this activity. Coordination for testing 
with a particular system is ongoing.

    Question 11. Why does the TSA rail security proposed rulemaking for 
hazardous materials rail shipments not include anhydrous ammonia rail 
shipments? The freight rail industry considers anhydrous ammonia as a 
Toxic-by-Inhalation-Hazard (TIH) substance, but I understand that TSA 
decided against including this chemical in the proposed rule.
    Answer. Anhydrous ammonia is covered by the proposed rule. In 
domestic transportation, the Hazardous Materials Regulations Table, 
column 8, Special Provisions, lists it as a 13. The 13 designation 
indicates that it shall be marked as ``inhalation hazard'' on each 
shipping paper. The Department of Transportation/Pipeline and Hazardous 
Materials Safety Administration considers anhydrous ammonia as a toxic 
inhalation hazard.

    Question 12. Your agency recently issued the final rule for the 
implementation of the Transportation Worker Identification Credential 
(TWIC) program in the maritime sector. Do you plan to roll this program 
out to the surface transportation sector in the future? If so, how 
would the program work for the trucking and rail industries?
    Answer. All of these components rely on state-of-the-art 
technology. Technology programs always require comprehensive testing, 
and the Transportation Worker Identification Credential (TWIC) is no 
different. Therefore, the Transportation Security Administration (TSA) 
is currently focused on a rigorous program to test TWIC in the maritime 
sector before it can be considered for use in other modes of 
transportation. The TWIC network has five components:

   The Pre-Enrollment website component allows workers to 
        schedule appointments and provide biographic information ahead 
        of time to make enrollment easier.

   The Enrollment workstation component captures a worker's 
        biometric and biographic information and submits the 
        information for security processing.

   The TWIC system includes components that route applicant 
        information for Security processing, store data, conduct data 
        integrity checks, and manage status on TWIC cards.

   The Screening Gateway component is a TSA enterprise asset 
        that conducts security threat assessments, working with the 
        Federal Bureau of Investigation, Citizenship and Immigration 
        Services, and TSA's Colorado Springs Operations Center. It is 
        important to note that the Screening Gateway is used across all 
        of TSA's vetting programs.

   Finally, the Card Production component electronically loads 
        an applicant's information onto a TWIC smart card and then 
        physically produces the card.

    All system components must work together to conduct and complete 
accurate and timely security threat assessments. Rigorous performance 
testing is the only way to ensure that TWIC is ready to be introduced 
on a large scale. The program must not negatively impact commerce--or 
people's livelihoods. After we have had an opportunity to assess 
operations in the maritime sector, we can make recommendations about 
whether it is appropriate to expand this program into other industries.
                                 ______
                                 
Response to Written Questions Submitted by Hon. Frank R. Lautenberg to 
                     Hon. Edmund S. ``Kip'' Hawley
    Question 1. Why didn't your agency's rail security proposal address 
the many security needs of passenger rail stations, and critical 
infrastructure like bridges and tunnels?
    Answer. The Transportation Security Administration (TSA) has acted 
on multiple fronts to address the security needs of passenger rail 
stations and critical infrastructure. TSA and its Federal partners at 
the Department of Homeland Security (DHS) and the Federal Transit 
Administration (FTA) have conducted numerous assessments in the rail 
and mass transit modes.

   In the aftermath of the 9/11 attacks, FTA completed 
        vulnerability assessments of 37 of the top 50 transit agencies 
        in the country, as measured by passenger volume. The 
        assessments provided information that enabled transit agencies 
        to undertake security enhancement activities with Federal 
        grants and other funding sources. Additionally, the assessment 
        approach and the results informed TSA's security programs, 
        including development of the Surface Transportation Security 
        Inspection Program and the Baseline Assessment for Security 
        Enhancement (BASE) program, discussed in more detail below.

   DHS Office of Grants and Training required assessments for 
        all grant recipients under the Transit Security Grant Program 
        (TSGP), covering more than 60 of the largest transit agencies 
        in the Nation.

   TSA has completed over 2,600 criticality assessments for 
        systems across the Nation, including 848 for rail systems and 
        1,778 for mass transit systems.

   50 Site Assistance Visits have been completed across the 
        Nation's mass transit, bus, tunnel, and terminal systems.

   132 Buffer Zone Protection Plans have also been completed.

   Through the Office of Grants and Training, the Department 
        has provided technical support to over 25 major transit 
        systems, as well as Amtrak, to assist these agencies in 
        developing risk management strategies to guide the expenditure 
        of scarce security dollars.

   In High Threat Urban Area (HTUA) rail corridors, DHS 
        components are conducting assessments where hazardous materials 
        may pose significant risks. Thus far, assessments have been 
        completed in high Toxic Inhalation Hazard (TIH) volume 
        metropolitan areas such as Northern New Jersey, Houston, and 
        New Orleans. These assessments review passenger operations in 
        the urban area rail corridors. The results lead to initiatives 
        to elevate security for all rail, passenger and freight, 
        operating in the corridors assessed. This program continues 
        with the objective of completing assessments of all HTUA rail 
        corridors throughout the country.

    Through the Surface Transportation Security Inspection Program 
(STSIP), TSA has deployed 100 inspectors, assigned to 19 field offices 
across the country, to provide support to our Nation's largest mass 
transit systems. These officials perform frequent inspections of key 
facilities including stations and terminals for suspicious or 
unattended items, among other potential threats. Through the Baseline 
Assessment and Security Enhancement (BASE) program, Surface 
Transportation Security Inspectors (STSIs) assess a transit system's 
security posture on the 17 Security and Emergency Preparedness Action 
Items, jointly developed and disseminated by TSA and FTA in 
coordination with the Mass Transit Sector Coordinating Council and 
Transit Policing and Security Peer Advisory Group. Particular emphasis 
is placed on the six core Transit Security Fundamentals. The BASE 
program aims to elevate security generally, expand TSA's awareness and 
understanding of security posture in the passenger rail and mass 
transit mode, enable more effective targeting of security programs and 
technical assistance to elevate security, and facilitate sharing of 
best security practices.
    TSA and FTA have coordinated to offer STSI support to conduct the 
required security audits and reviews by State Safety Oversight Agencies 
under title 49, Code of Federal Regulations, part 659. Through this 
initiative, which commenced in August 2006, STSIs have thus far 
assisted the state oversight agencies in audits conducted in the BART 
system (San Francisco-Oakland), New Jersey Transit (Newark subway) and 
the Port Authority Transit Corporation of Pennsylvania and New Jersey. 
TSA devoted a full day to discussing further development of this joint 
effort at the annual conference of State Safety Oversight Agencies 
sponsored by FTA in September 2006. Coordinating assessment activity to 
integrate BASE reviews with State Safety Oversight audits prevents 
``audit fatigue'' among affected transit agencies.
    STSIs also offer the Security Analysis and Action Program (SAAP), 
which constitutes a systematic vulnerability assessment of a mass 
transit or passenger rail system. The program utilizes several 
different tools to identify vulnerabilities based on specific 
scenarios, such as an improvised explosive device on a passenger train. 
SAAPs can be conducted on individual critical infrastructure facilities 
or entire rail systems, with particular emphasis on critical control 
points.
    Finally, inspectors review design plans for systems under 
construction. STSIs conducted such an assessment on the Phoenix rail 
transit system to assess the adequacy of its security design and 
recommend improvements that can be accomplished during the final stages 
of construction.

    Question 2. Your Department failed to meet one of the few trucking 
security requirements in last year's SAFE Port Act. That provision 
simply required the DHS to check the names of truck drivers with access 
to secure areas of ports against terror watch-list and for citizen 
status. Why wasn't it done? When will it be done?
    Answer. Section 125 of the Security and Accountability For Every 
Port Act of 2006 addresses a population on which no government entity, 
association, or industry organization maintains information. Generally, 
each port Terminal Operator has contracts with a number of 
transportation companies that provide drivers and trucks to transport 
containers from secure areas to staging areas. Neither the Terminal 
Operator nor the trucking companies know which drivers may enter a port 
on any given day or at all. Most trucking companies do not have all of 
the information necessary for the Transportation Security 
Administration (TSA) to successfully complete the vetting on each of 
their drivers to submit. There are over 500,000 trucking companies, 
many of which are independently owned and operated and tend to be 
highly transient with no single company affiliation.
    As there is no way to isolate the population covered by section 
125, TSA is evaluating other methods of compliance. TSA recently 
entered into a Memorandum of Understanding with the Department of 
Transportation's Federal Motor Carrier Safety Administration to obtain 
minimal biographic data on all 10 million Commercial Drivers License 
holders in the country to conduct name-based security threat 
assessments that are intended to identify those who might be on 
security watch lists or in the country unlawfully. We continue to 
explore various alternatives as to how we might best complete these 
assessments within current resources.

    Question 3. Of the $175 million Congress appropriated for rail and 
transit security grants this year, DHS has only made $8 million 
available to Amtrak, which carries 25 million passengers a year. Has 
TSA performed an assessment of Amtrak's security needs?
    Answer. The Transit Security Grant Program (TSGP) employs a risk-
based methodology to determine its funding priorities. This approach 
applies TSGP resources to generate the highest return on investment 
and, as a result, strengthen the security of the Nation's transit and 
passenger rail systems in the most effective and efficient manner. 
Funding priority is given to high-density rail transit systems with 
significant underground infrastructure and underwater tunnels. Based 
upon ongoing intelligence analysis, extensive security reviews, and 
Congressional direction, DHS has focused the bulk of its available 
transit grant dollars on the highest-risk systems in our country's 
largest metropolitan areas.
    TSA believes that the funds provided to Amtrak for Fiscal Year (FY) 
2007 will enable Amtrak to create a sustainable, risk-based effort for 
the protection of critical Amtrak infrastructure, including bridges and 
tunnels, from terrorism. A total of $8,309,537 was awarded to Amtrak 
through the FY 2007 TSGP: Amtrak Security Supplemental. These funds 
will help strengthen security along the major Amtrak corridors on the 
East and West Coasts, at the company's hub in Chicago, Illinois, and 
throughout its southeastern and southwestern service areas. In 
addition, risk and vulnerability assessments of the major corridors and 
stations are being conducted to identify, prioritize and mitigate 
specific vulnerabilities. The funds may be used by Amtrak for security 
projects in the Northeast Corridor (the National Capital Region, 
Philadelphia, New York City/Northern New Jersey and Boston), at its 
Chicago, Illinois, hub and in certain jurisdictions in the West Coast 
Service Area (Seattle, Portland, Sacramento, Oakland, San Jose, Los 
Angeles, and San Diego) and the southeastern and southwestern United 
States (Kansas City; St. Louis; Denver; Charlotte; Norfolk, Virginia, 
Area; Atlanta; Jacksonville; Ft. Lauderdale; Miami; Orlando; Tampa; 
Memphis; New Orleans; Oklahoma City; Dallas/Fort Worth; San Antonio; 
Houston; El Paso; and Tucson).

    Question 4. What work has TSA done to assess the security needs of 
the Nation's critical transportation infrastructure, including bridges 
and tunnels (both rail and vehicles)?
    Answer. The Transportation Security Administration's (TSA) Highway 
and Motor Carrier Division has ambitiously pursued the security 
assessment of the Nation's critical bridges and tunnels in a program 
that began more than 3 years ago. TSA's Corporate Security Review (CSR) 
program has conducted transportation security preparedness visits to 
State-level departments of transportation in 37 of the 50 states, both 
identifying critical structures and helping the stewards of those 
structures to identify and address security vulnerabilities. In 
addition, TSA's Highway and Motor Carrier program office has actively 
partnered with the U.S. Department of Transportation's (DOT) Federal 
Highway Administration (FHWA) to assist in blast modeling on highway 
structures and preparation of prospective ``hardening'' standards for 
new construction. We anticipate that by the close of 2007, all 50 
States will have been subjected to the interactive CSR visits. These 
programs have been widely acclaimed by the American Association of 
State Highway and Transportation Officials (AASHTO) as both helpful and 
popular with security specialists in each state. In 2007, we also 
anticipate a much closer review of the 11 international bridges that 
link the United States with our Western Hemisphere neighbors.
    In the passenger rail and mass transit mode, TSA has led a 
coordinated interagency effort on multiple fronts to assess the 
security needs of critical infrastructure. The programs and initiatives 
include the following:
Surface Transportation Security Inspection Program
    Under the Surface Transportation Security Inspection Program, TSA 
has deployed 100 inspectors. Assigned to 19 field offices throughout 
the United States, the inspectors cover the key rail and mass transit 
facilities in their regions. The program has focused on nationwide 
outreach and liaison activities with the rail industry and initiatives 
aimed at identifying the security needs of passenger rail and mass 
transit systems and enhancing their security posture. These efforts 
include assessment programs specifically intended to assist the 
agencies in identifying and mitigating their security gaps and 
elevating the security baseline throughout the mode.
    Through the Baseline Assessment and Security Enhancement (BASE) 
Program, inspectors review the implementation by mass transit and 
passenger rail systems of Security and Emergency Management Action 
Items, which were recently updated by TSA and the Federal Transit 
Administration. This initiative aims to elevate security posture 
throughout the mass transit and passenger rail mode by identifying gaps 
in the implementation of baseline security measures adaptable to the 
operating circumstances of any system. Additionally, the STSI Program 
offers the Security Analysis and Action Program (SAAP), which 
constitutes a systematic vulnerability assessment of mass transit or 
passenger rail systems. The program utilizes several different tools to 
identify vulnerabilities based on specific scenarios, such as an 
improvised explosive device (IED) on a passenger train. SAAPs can be 
conducted on individual critical infrastructure facilities or entire 
rail systems, with particular emphasis on critical control points.
Targeted Security Training Initiative
    The BASE assessment results indicate a need for more focused effort 
in security training for transit agency employees. Although an 
extensive Federal security training program has been implemented since 
9/11--17 security courses, more than 500 deliveries, more than 78,000 
transit employees trained--the assessment results indicated wide 
variations in the quality of transit agencies' security training 
programs and an inadequate level of refresher or follow-on training. 
Well-trained employees are a security force multiplier for security 
efforts implemented by transit agencies. To elevate the level of 
training generally, bring greater consistency, and assist agencies in 
developing and implementing training programs, TSA produced and 
disseminated a Mass Transit Security Training Program.
    The program identifies specific types of training at basic and 
follow-on levels for particular categories of transit employees. 
Presented in a readily understandable matrix, it provides effective 
guidance to transit agency officials in building and implementing 
training programs for employees working in their systems. To support 
execution of such training programs, the Transit Security Grant Program 
offers pre-packaged training options agencies may obtain with grant 
funding. Agencies taking advantage of this program have their 
applications expedited for approval to ensure funds are delivered 
within 90 days of submission. This initiative aims to expand 
significantly the volume and quality of training for transit employees 
during 2007.
Connecting Communities
    This is another initiative that helps TSA assess the security needs 
of mass transit and passenger rail systems by bringing the Federal 
transportation security partners together with State, local, and tribal 
government representatives and the local first responder community. 
This provides a forum (2-day workshops) to discuss security prevention 
and response efforts, identify gaps, and ways to work together 
effectively to prepare and protect their communities. These forums 
enhance information and intelligence sharing among partners in 
transportation security to facilitate prevention and ensure the 
capacity for rapid and flexible response and recovery to all-hazards 
events. TSA partners with the FTA on Connecting Communities. These 
forums also help clarify the role of Federal, State and local emergency 
management offices to facilitate efficient planning, preparedness and 
response coordination. In support of this regional engagement effort, 
area National Joint Terrorism Task Force representatives will provide 
presentations on their activities and coordination responsibilities.
Safety and Security Roundtables
    TSA, FTA, and the DHS Office of Grants and Training co-sponsored 
the fifth Transit Security and Safety Roundtable in December 2006. The 
roundtables bring together the security coordinators and safety 
directors from the Nation's 50 largest transit agencies and facilitate 
dialogue between the government, police and safety and security 
departments, and industry leaders on how best to address current 
transit safety, security and emergency management challenges. The 
roundtables provide a forum for mass transit and passenger rail safety 
and security officials to share effective practices and develop 
relationships to improve coordination and collaboration. Roundtables 
occur twice each year, generally in late spring and late fall.
Interagency Tunnel Risk Mitigation Working Group
    This interagency effort brings together subject matter experts from 
a range of relevant fields among DHS and DOT organizational elements to 
identify, assess, and prioritize the risk to mass transit and passenger 
rail systems in the United States with underwater tunnels and to assist 
transit agencies in planning and implementing protective measures to 
deter and prevent attacks and blast mitigation and emergency response 
strategies in the event of a terrorist attack and/or all hazards 
incident or event. Through regular meetings, this working group has 
developed mitigation strategies, engaged stakeholders, analyzed and 
applied the results of risk assessments, prepared statements of work 
for testing and modeling programs, and integrating the overall risk 
mitigation effort for a cohesive, coordinated, and effective approach. 
The initiative has:

        1. Identified and assessed risk to underwater tunnels.

        2. Prioritized tunnel risk mitigation based on risk to drive 
        grant funding to the most pressing areas.

        3. Developed strategies for funding future technology research 
        and development aimed at producing novel approaches to this 
        challenging problem.

        4. Produced and disseminated recommended protective measures 
        transit agencies may implement to enhance security with 
        available resources or through targeted grant funding.

    To advance this concerted effort, the Transit Security Grant 
Program has made projects to protect high risk underwater and 
underground assets and systems a top funding priority.

    Question 5. What are the top 10 rail security vulnerabilities which 
remain on the Northeast Corridor rail line?
    Answer. The top rail security priorities in the Northeast Corridor 
area, encompassing the multiple means of public transportation in 
operation, consist of the following:

   Obtain concurrence in the Boston, New York/New Jersey, 
        Philadelphia, and Washington, DC, regions on security 
        priorities for funding under the Transit Security Grant 
        Program.

   Hardening and security enhancement for passenger rail 
        tunnels.

   Integration of security into design and construction in all 
        passenger rail and mass transit capital improvement projects.

   Regional coordination of Federal, State, and local 
        authorities and passenger rail and mass transit agencies to 
        expand employment of the full range of available security 
        resources in random, unpredictable manner for maximum deterrent 
        effect.

   Implement joint security enhancement deployments of TSA 
        Visible Intermodal Prevention and Response teams on passenger 
        rail and mass transit systems throughout the Northeast 
        Corridor.

   Coordination of security and emergency response plan and 
        activities between Amtrak and mass transit and passenger rail 
        providers.

   Expanded security training for front-line employees, 
        consistent with the training program disseminated under the 
        Transit Security Grant Program.

   Completion Baseline Assessment for Security Enhancement 
        program reviews of the major passenger rail and mass transit 
        systems in the Northeast Corridor.

   Advance risk-based deployment of TSA-certified explosives 
        detection canine teams.

   Assess power grid infrastructure and work with affected 
        passenger rail systems to ensure security enhancements to 
        minimize threat of intentional acts to cut power and shut down 
        operations.

    Question 6. Will the Administration request enough security funding 
for Amtrak in the FY 2008 budget?
    Answer. The Transportation Security Administration (TSA) supports 
the President's Fiscal Year (FY) 2008 budget request. The 
Administration request for Amtrak funding is not under TSA's purview 
but that of the Department of Transportation.
    However, the Department of Homeland Security (DHS) leverages 
targeted security grants to close the gaps at high risk properties. 
Through the Transportation Security Grant Program (TSGP), TSA is 
driving improvement in the six security fundamental areas, including 
training for key personnel, drills and exercises and public awareness 
and preparedness. DHS has provided more than $573 million to date to 60 
of the country's rail mass transit, ferry, and intra-city bus systems 
in 25 states and the District of Columbia. Through the Intercity and 
Passenger Rail Security System, Amtrak is being provided $8.3 million 
in FY 2007 awards for security enhancements to intercity passenger rail 
security initiatives and coordination efforts with local and regional 
transit systems. Prior to this grant cycle, Amtrak has been awarded 
$13.6 million through this program.
                                 ______
                                 
     Response to Written Questions Submitted by Hon. Mark Pryor to 
                     Hon. Edmund S. ``Kip'' Hawley
    Question 1. Last year, Congress passed the Port Security 
Improvement Act of 2006 that requires the Secretary of Transportation, 
in conjunction with the Secretary of Homeland Security to issue 
regulations within 18 months to: (1) verify the legal status of 
licensed commercial drivers in the United States, (2) implement 
commercial driver's license and anti-fraud program, and (3) for the 
Secretary of Homeland Security to draft guidelines to improve 
compliance with Federal immigration and customs laws applicable to 
foreign-based commercial motor vehicles and their operators.
    What is the status of these regulations and guidelines?
    Have you given any thought as to how to accomplish these 
regulations and guidelines to reduce CDL fraud, verify the legal status 
of current CDL holders, and improve compliance with immigration and 
customs laws for foreign truckers?
    Answer. The Transportation Security Administration (TSA) recognizes 
that the primary statutory oversight of commercial drivers lies with 
the U.S. Department of Transportation and, as such, we defer to the 
Secretary of Transportation to address the primary issues of this 
question. TSA and the Department of Homeland Security, however, are 
actively involved in assisting our Federal colleagues with these tasks 
in a number of ways. First, TSA issued a rule early in 2003 to satisfy 
Section 1012 of the USA PATRIOT Act, which has vetted more than 2.5 
million commercial drivers who are authorized to carry hazardous 
materials. TSA is exploring ways to subject the remaining 10 million 
commercial driver's license (CDL) records to a name-based vetting 
process by TSA that is intended to identify those who might be on 
security watch lists or in the country unlawfully. In addition, the 
Department of Homeland Security has issued a notice of proposed 
rulemaking to initiate implementation of the ``Real ID Act'' passed by 
Congress in 2005 addressing security recommendations of the 9/11 
Commission. The rule, once final, will lead to identity verification of 
drivers in the United States in those States that implement the ``Real 
ID'' guidelines and can significantly cut down on license fraud. Since 
every CDL issued in the Nation is an enhancement of the State's base 
license, CDL security will be enhanced as well.

    Question 2. TSA has repeatedly testified that it uses a risk-based 
methodology for allocating resources. Yet, TSA has not completed a 
comprehensive risk assessment of the Nation's passenger rail system. 
Why has this assessment not been completed to date, and when can we 
expect it to be completed?
    Answer. The Transportation Security Administration (TSA) has looked 
across all modes of transportation and set risk-based priorities. These 
priorities are used to focus TSA's attention and resources on the most 
critical issues. TSA has conducted or participated in various risk 
analyses that compare risks across different transportation modes, 
including most recently the DHS Strategic Homeland Infrastructure Risk 
Assessment (SHIRA). Surface transportation, transit, and rail are 
currently high priorities for TSA, and TSA has been working 
continuously to update and expand its assessments of threats and 
vulnerabilities in the surface transportation sector. TSA uses these 
assessments in conjunction with our security partners in government and 
industry to mitigate risk by operationalizing intelligence and 
addressing vulnerabilities.
Headquarters Analysis
    TSA's layered approach to security seeks to identify and deter 
threats well before they reach the Nation's airports, railways, 
highways, mass transit, ports and pipelines. Transportation-specific 
intelligence is critical to TSA's overall risk-based security strategy, 
and its products provide a threat framework to prioritize security 
resources and operationalize intelligence. Two of TSA's operational 
programs have field units--the Office of Security Operations, which is 
responsible for both aviation Transportation Security Officers (TSO) 
screening and surface inspector operations, and the Office of Law 
Enforcement, which is responsible for the Federal Air Marshal Service 
(FAMS). These elements incorporate intelligence into their operations 
and plans on a daily basis, acting or deploying on the basis of the 
latest information.
    TSA also coordinates closely and shares information with other 
Department of Homeland Security (DHS) components, the intelligence and 
law enforcement communities, other government departments and agencies, 
such as the Department of Transportation (DOT), and the transportation 
industry. These security partners provide intelligence and, especially 
in industry, are often well-positioned to operationalize 
transportation-specific intelligence by adjusting their business or 
security operations.
    TSA's Office of Intelligence has produced classified and 
unclassified annual threat assessments for each transportation mode and 
the cargo/supply chain sector since 2004. These reports are 
disseminated throughout TSA, DHS, and private industry. Other Office of 
Intelligence products include:

   Transportation Intelligence Gazette

   Special Threat Assessments

   Weekly Field Intelligence Report

   Suspicious Incidents Report

   Intelligence Notes

   Transportation Situational Awareness Notes

    TSA is also conducting specific analyses related to underwater mass 
transit tunnels. In October 2006, an Underwater Tunnel Working Group 
was established consisting of members from various DHS and DOT 
entities. This interagency team has taken significant steps to identify 
vulnerabilities of underwater tunnels and implemented aggressive 
mitigation strategies to protect high-risk and high-consequence tunnel 
infrastructure in both the short and long term.
Field Assessments
    At the field level, TSA and its Federal partners at DHS and the 
Federal Transit Administration (FTA) have conducted numerous 
assessments in the rail and mass transit modes, described below:

   In the aftermath of the 9/11 attacks, FTA completed 
        vulnerability assessments of 37 of the top 50 transit agencies 
        in the country, as measured by passenger volume. The 
        assessments provided information that enabled transit agencies 
        to undertake security enhancement activities with Federal 
        grants and other funding sources. Additionally, the assessment 
        approach and the results informed TSA's security programs, 
        including development of the Surface Transportation Security 
        Inspection Program and the Baseline Assessment for Security 
        Enhancement (BASE) program, discussed in more detail below.

   DHS Office of Grants and Training required assessments for 
        all grant recipients under the Transit Security Grant Program 
        (TSGP), covering more than 60 of the largest transit agencies 
        in the Nation.

   TSA has completed over 2,600 criticality assessments for 
        systems across the Nation, including 848 for rail systems and 
        1,778 for mass transit systems.

   50 Site Assistance Visits have been completed across the 
        Nation's mass transit, bus, tunnel, and terminal systems.

   132 Buffer Zone Protection Plans have also been completed.

   Through the Office of Grants and Training, the Department 
        has provided technical support to over 25 major transit 
        systems, as well as Amtrak, to assist these agencies in 
        developing risk management strategies to guide the expenditure 
        of scarce security dollars.

TIH Rail Assessments
    TSA conducts vulnerability assessments of High Threat Urban Area 
(HTUA) rail corridors where toxic inhalation hazard (TIH) shipments are 
transported. Over the last year, detailed region-wide rail corridor 
assessments were completed in Houston, Buffalo, and northern New 
Jersey, and a fourth assessment is in the early stages of completion 
for the Los Angeles area. The HTUA corridor assessments provide site-
specific mitigation strategies and lessons learned as well as tactics 
that can be modified for use at the corporate or national level. HTUA 
corridor assessments supported the development of the Recommended 
Security Action Items (SAI) issued by DHS and DOT on June 23, 2006. 
These performance-based SAIs were developed to foster an enhanced 
security posture in the freight rail mode in general and specifically 
targeted the transport of TIH materials. These practices have been 
agreed to in binding commitments by the Nation's railways, and form the 
basis for pending regulation.
Surface Transportation Security Inspectors (STSI)
BASE Reviews
    TSA has deployed 100 inspectors, assigned to 19 field offices 
across the country, to provide support to our Nation's largest mass 
transit systems. Within the last year, the STSI program has conducted 
26 BASE reviews as part of a program to conduct security reviews of the 
50 largest transit systems nationwide. These officials perform frequent 
inspections of key facilities including stations and terminals for 
suspicious or unattended items, among other potential threats. The BASE 
process reviews security procedures put in place by a transit (rail and 
bus) system to assist in evaluating the performance of its security 
system.
    TSA and FTA have coordinated to offer STSI support to the conduct 
of required security audits and reviews by State Safety Oversight 
Agencies under title 49, Code of Federal Regulations, part 659. Through 
this initiative, which commenced in August 2006, STSIs have thus far 
assisted the state oversight agencies in audits conducted in the BART 
system (San Francisco-Oakland), New Jersey Transit (Newark subway) and 
the Port Authority Transit Corporation of Pennsylvania and New Jersey. 
TSA devoted a full day to discussing further development of this joint 
effort at the annual conference of State Safety Oversight Agencies 
sponsored by FTA in September 2006. Coordinating assessment activity to 
integrate BASE reviews with State Safety Oversight audits prevents 
``audit fatigue'' among affected transit agencies.
    Additionally, inspectors review design plans for systems under 
construction. STSIs conducted such an assessment on the Phoenix rail 
transit system to assess the adequacy of its security design and 
recommend improvements that can be accomplished during the final stages 
of construction.
Security Action Items (SAI)--Non-Regulatory Inspections
    To gain an understanding of the degree of implementation across the 
Nation, railroad carriers of TIH materials, DHS and DOT agreed to 
conduct SAI Implementation Surveys (SAIIS) of freight rail operations. 
These surveys are conducted by STSIs. The surveys are not compliance 
inspections, but rather assessments to determine the depth and degree 
of employee security awareness and security action item implementation. 
The results of the SAI Surveys will be reviewed and the data used to 
guide future policy decisions regarding the security of hazardous 
material rail shipments. Since October 2006, STSIs have conducted 165 
field site visits of freight railroad yards and facilities and 
interviewed 2,600 front-line railroad workers.
Security Analysis and Action Programs (SAAP)--Risk Assessments
    STSIs conduct Security Analysis and recommend an Action Program. 
SAAPs are full risk assessments of transit and rail systems. They are 
not compliance inspections. An SAAP assessment rigorously analyzes the 
likelihood and consequence of the threat stream matrix for the rail 
environment and analyzes the effectiveness of countermeasures to manage 
risk effectively. SAAPs leverage the DHS Vulnerability Identification 
Self Assessment Tool (VISAT).
    The STSI program has completed full SAAP assessments on the 
following rail systems:

   Virginia Railway Express

   Alaska Railroad

   Tri-Met (Portland, Oregon)
                                 ______
                                 
  Response to Written Questions Submitted by Hon. Daniel K. Inouye to 
                        Hon. Joseph H. Boardman
    Question 1. Your agency and the Transportation Security 
Administration (TSA) completed an annex to the existing Department of 
Homeland Security/Department of Transportation Memorandum of 
Understanding in September, 2006. Can you tell us how this agreement 
has changed the relationship between your two agencies?
    Answer. FRA and TSA have always had an excellent, cooperative 
working relationship. The annex on rail security has simply codified 
and enhanced that relationship. Prior to executing the rail security 
annex with TSA, the two agencies have coordinated on a number of 
projects. Since 2004, FRA has provided technical support and expertise 
to TSA for its ongoing security assessments of rail transportation 
corridors in High Threat Urban Areas. In 2006, FRA, TSA and PHMSA 
together drafted and issued to the rail industry a set of security best 
practices, known as Security Action Items, for the transportation of 
certain hazardous materials. FRA, TSA and PHMSA also coordinated 
closely on the two recently issued notices of proposed rulemaking 
(NPRM) on rail security, circulating drafts of the proposed rules among 
the three agencies. FRA has added TSA as a member of FRA's Railroad 
Safety Advisory Committee, the group that assists FRA in developing its 
safety regulations, in order to ensure that FRA's regulations advance 
both rail safety and security. From the time that DHS was created, FRA 
and TSA realized that close coordination was essential due to the great 
overlap between safety and security, and the two agencies have worked 
closely together since then.

    Question 2. Are FRA safety inspectors and TSA surface security 
inspectors undertaking rail inspections together as the Annex 
contemplates?
    Answer. FRA and TSA regularly consult on rail security matters and 
continue to leverage the skills and resources of each agency as needed. 
For example, FRA inspectors provide technical expertise and support to 
TSA during vulnerability assessments of rail transportation corridors 
in High Threat Urban Areas. The two agencies, in consultation with the 
rail industry, have also collaborated to issue a list of recommended 
Security Action Items for the rail transportation of toxic inhalation 
hazard materials. FRA and TSA are currently working together to assess 
the level of implementation of the Security Action Items across the 
industry.
                                 ______
                                 
Response to Written Questions Submitted by Hon. Frank R. Lautenberg to 
                        Hon. Joseph H. Boardman
    Question 1. The recent Administration proposal to preempt states, 
localities and towns from protecting themselves from the risk of 
hazardous materials shipments would require rail carriers to evaluate 
the current routes they use, and only ``the next most commercially 
practical'' routes. Why limit this analysis to only one contingency?
    Answer. On December 21, 2006, the Pipeline and Hazardous Materials 
Safety Administration (PHMSA) published a notice of proposed rulemaking 
(NPRM) proposing to require rail carriers to compile annual data on 
specified shipments of hazardous materials, use the data to analyze 
safety and security risks along rail transportation routes where those 
materials are transported, assess alternative routing options, and make 
routing decisions based on those assessments. PHMSA and FRA jointly 
drafted the NPRM, and coordinated closely with TSA in its development. 
The purpose of the proposal is to help minimize transportation system 
risk and societal risk. The proposal would require rail carriers to 
identify and collect data on all of the routes the carrier uses to 
transport certain high-risk hazardous materials. Specifically, each 
rail carrier would identify the rail line segments over which these 
commodities are transported. As the carrier deems appropriate, line 
segments could be aggregated into logical groupings, such as between 
major interchange points. The rail carrier selected line segment(s) are 
considered the route used for rail routing analysis. Within each route, 
the commodity data must identify the route location and total number of 
shipments transported. The rail carrier must then assess the safety and 
security risks associated with those routes. Rail carriers would also 
be required to identify and analyze the next most practicable 
alternative route, if any is available, over which they have authority 
to operate, for each of the primary routes identified.
    Unlike truck routing, with its web of interstate highways, toll 
roads, bypasses, and two-lane rural roads crisscrossing the country, 
within the rail system there are only a limited number of alternatives. 
The NPRM proposes to require rail carriers to analyze only the next 
most commercially practicable route because commercial and operating 
factors limit the number of routes available to a rail carrier. Even 
the largest rail carriers will have, at most, two or three possible 
routes between any two given points. As used in this proposal, 
``commercially practicable'' means that the route may be utilized by 
the railroad within the limits of the railroad's particular operating 
constraints and, further, that the route is economically viable given 
the economics of the commodity, route, and customer relationship. The 
question of commercial practicability must be reasonably evaluated by 
each rail carrier as a part of its analysis based on the specific 
circumstances of the route and proposed traffic. The NPRM also contains 
provisions requiring DOT access to data, route analysis, and route 
selection. This will provide DOT with basic oversight of, and insight 
into, route analysis performed by carriers. If the chosen route is 
found not to be the safest and most secure, commercially practical 
route, FRA may require use of an alternative route.

    Question 2. As the Secretary's representative on the Amtrak Board 
of Directors, will you ensure that the Administration requests 
sufficient funding for Amtrak's security needs in the FY 2008 budget?
    Answer. The FY 2008 budget request for Amtrak includes $800 million 
in direct subsidies and $100 million to fund a program of matching 
grants to the States to undertake capital investment projects for 
passenger rail services that States believe important. This direct 
subsidy amount includes $300 million for Amtrak's operating costs and 
$500 million for Amtrak's capital investments. This level of support is 
appropriate in providing Amtrak with the incentive to reduce costs, 
rationalize services and pursue innovations to make its services more 
efficient and effective. By making the hard choices necessary to reform 
its operations, Amtrak will be able to fund essential rail passenger 
service needs including the railroad's security needs.

    Question 3. Does the US DOT intend to fund Amtrak's security needs 
from the railroad's operating grant?
    Answer. Amtrak receives a grant for security enhancements from the 
Department of Homeland Security under the Infrastructure Protection 
Program grants. Amtrak will need to fund its highest-priority security 
needs from the resources available to the corporation, including the 
operating and capital grants from the Federal Government, revenues and 
other funding available to it.
                                 ______
                                 
  Response to Written Questions Submitted by Hon. Daniel K. Inouye to 
                           Hon. John H. Hill
    Question 1. Your agency has yet to sign a security annex with the 
TSA covering your respective roles for truck security. Are you working 
on such an annex now? If so, when will it be completed?
    Answer. No. Currently, there is no effort ongoing to develop such 
annex. Based on the Department-level Memorandum of Understanding (MOU), 
FMCSA and the Transportation Security Administration (TSA) continue to 
have a clear understanding of the security-related roles and 
responsibilities of each agency. This has been proven with the 
coordination of several security-related initiatives that have been 
developed over the last several years.

    Question 2. Is FMCSA involved with TSA's truck tracking pilot 
project to test the feasibility of a centralized truck tracking center 
and the Missouri pilot program to gather information on companies' 
ability to protect surface transportation assets? Can you give us a 
progress report on these pilot programs and describe your agency's 
involvement?
    Answer. FMCSA is involved in TSA's truck tracking pilot by 
providing subject matter expertise in the areas of examining existing 
and emerging technologies. With respect to the Missouri pilot, FMCSA 
coordinated with TSA's Highway Motor Carrier Programs office to 
facilitate the initiation of TSA's Corporate Security Reviews (CSRs). 
The specific progress on these pilot programs should be obtained from 
TSA's Highway Motor Carrier Programs.

    Question 3. In your testimony, you state that FMCSA has assessed 
over 400 civil penalties for failure to comply with the hazardous 
materials security regulations. Can you tell us what type of non-
compliance you have found and what more needs to be done to ensure 
motor carrier compliance with these important regulations?
    Answer. Carriers not in compliance with the hazardous materials 
security regulations generally have security plans in place but the 
plans are missing one or more of the components specified in the 
regulations (personnel security, unauthorized access, or en route 
security). Others fail to follow the actions in their security plan. 
Smaller carriers found to be in non-compliance are more likely than 
larger carriers to have no security plans in place. FMCSA has 
discovered security training as an area that requires more attention by 
motor carriers to reduce non-compliance. Civil penalties have been 
assessed for lack of security training as well as deficiencies in 
security plans. FMCSA minimizes non-compliance by providing 
recommendations and outreach materials.

    Question 4. Has adding security contract reviews and the other 
FMCSA security initiatives to your agency's list of responsibilities 
taken away from your resources for truck safety? Do you feel that TSA 
needs to take over some of the motor carrier security work, or perhaps 
reimburse your agency for the work it is now doing to ensure that your 
primary safety mission is accomplished?
    Answer. Following the tragic events of September 11, 2001, FMCSA 
shifted resources away from strictly truck safety activities to address 
security issues, particularly with respect to hazardous materials. 
FMCSA activities included conducting over 30,000 educational visits 
with hazardous materials carriers to raise their security awareness, 
developing security outreach for law enforcement, carriers and drivers, 
and investigating technologies that had the potential to improve 
security in the trucking industry. The agency also trained our field 
investigators on the security plan regulations for hazardous materials 
carriers and began conducting security compliance visits, called 
Security Contact Reviews.
    As the TSA has increased the scope of its activities with respect 
to commercial vehicle safety, FMCSA has transitioned to the role of 
providing TSA with our subject matter expertise regarding the truck and 
bus industries. While the agency does still devote resources to 
Security Contact Reviews, this is now done in conjunction with our 
safety visits, resulting in efficiencies for the agency and the motor 
carrier industry through fewer on-sight visits.
                                 ______
                                 
         Response to Questions Submitted by Hon. Mark Pryor to 
                           Hon. John H. Hill
    Question 1. Last year, Congress passed the Port Security 
Improvement Act of 2006 that requires the Secretary of Transportation, 
in conjunction with the Secretary of Homeland Security to issue 
regulations within 18 months to: (1) verify the legal status of 
licensed commercial drivers in the United States, (2) implement 
commercial driver's license and anti-fraud program, and (3) for the 
Secretary of Homeland Security to draft guidelines to improve 
compliance with Federal immigration and customs laws applicable to 
foreign-based commercial motor vehicles and their operators. What is 
the status of these regulations and guidelines?
    Answer. FMCSA plans to publish a Notice of Proposed Rulemaking 
(NPRM) addressing the SAFE Port Act provisions assigned to the agency 
by August 2007.

    Question 1a. Have you given any thought as to how to accomplish 
these regulations and guidelines to reduce CDL fraud, verify the legal 
status of current CDL holders, and improve compliance with immigration 
and customs laws for foreign truckers?
    Answer. The Security and Accountability For Every Port (SAFE Port) 
Act of 2006 requires FMCSA to issue regulations to implement the 
recommendations in the June 4, 2004, Department of Transportation (DOT) 
Office of the Inspector General (OIG) memorandum regarding legal status 
verification for CDL drivers. The Act also requires the agency to issue 
regulations to implement recommendations in the February 7, 2006, OIG 
report Oversight of the Commercial Driver's License Program. The Act 
requires the completion of rulemaking within 18 months of the date of 
enactment.
    The June 4, 2004, OIG memorandum entitled ``Need to Establish a 
Legal Presence Requirement for Obtaining a Commercial Driver's 
License'' (Control No. 2004-054), recommended that FMCSA establish a 
legal presence requirement for obtaining a CDL. The report said that 
all CDL applicants should demonstrate either citizenship or lawful 
permanent residence in the U.S. before a State may issue a CDL. The 
February 7, 2006, ``Report on Federal Motor Carrier Safety 
Administration Oversight of Commercial Driver's License Program'' 
(Report Number MH-2006-037) contains the following three broad 
recommendations to detect and prevent fraudulent testing and licensing 
activity in the CDL program:

        1. Direct the States to report on the final disposition of all 
        suspect drivers identified by the States. These disposition 
        reports should emphasize but not necessarily be limited to 
        instances where there is specific or direct evidence that the 
        driver participated in a fraudulent activity to obtain the CDL;

        2. Determine that State CDL programs are out of compliance, 
        under Federal regulations, if the State fails to impose 
        adequate internal controls to prevent fraud or fails to take or 
        propose necessary corrective action; and

        3. Impose sanctions, under Federal regulations, against those 
        States that fail to establish adequate fraud control measures 
        for their CDL programs.

    Prior to the enactment of the SAFE Port Act and in response to 
earlier statutory mandates (TEA-21 and SAFETEA-LU), previous OIG 
recommendations, and in order to increase uniformity in the CDL 
program, FMCSA had begun drafting a Notice of Proposed Rulemaking 
(NPRM) on Commercial Driver's License Testing and Commercial Learner's 
Permit Standards to address sixteen distinct issues in the CDL program. 
To effectively address the new SAFE Port Act provisions within the 
established statutory timetable, FMCSA will incorporate the 
requirements in this rulemaking.

    Question 2. I also understand that FMCSA is considering a ``pilot 
program'' to allow some long-haul Mexico-domiciled motor carriers to 
operate with full access throughout the United States. Under what 
authority can the Department propose and implement such a pilot 
program?
    Answer. The North American Free Trade Agreement (NAFTA), as 
implemented by Congress, requires the United States to allow Mexican 
trucks to operate on our highways. This is the Department's authority 
for implementing the cross-border commercial motor vehicle 
transportation pilot program.
    Prior to NAFTA's ratification, Congress imposed a moratorium on the 
issuance of new grants of operating authority to motor carriers 
domiciled in a contiguous foreign country or owned or controlled by 
persons of a contiguous foreign country (Section 6, Public Law 97-261). 
The legislation authorized the President to remove or modify the 
moratorium upon a determination that such action was in the national 
interest. The terms of NAFTA, Annex I, provide that the moratorium on 
licensing Mexican motor carriers to operate within the United States 
will be lifted by the President in phases. The President lifted the 
moratorium in 2002.
    Section 350 of the Fiscal Year 2002 DOT Appropriations Act (Public 
Law 107-87) prohibited the expenditure of appropriated funds for 
reviewing or processing applications by Mexico-domiciled carriers to 
operate beyond U.S. municipalities and commercial zones on the U.S.-
Mexico border until FMCSA undertook several specified actions. As the 
requirements of Section 350 have been addressed, FMCSA may process the 
applications of long-haul Mexico-domiciled carriers pursuant to FMCSA's 
authority to register motor carriers in 49 U.S.C.  13902(a).
    With the understanding of the Government of Mexico, FMCSA will 
initially process a limited number of applications to allow the agency 
to thoroughly and deliberately evaluate agency procedures and oversight 
plans.

    Question 2a. What are the specific features of this pilot program 
to allow Mexican trucks to conduct long-haul operations in the U.S.?
    Answer.

        1. A one-year pilot program.

        2. Up to 100 Mexican motor carriers will participate.

        3. Up to 100 U.S. carriers may also participate in the pilot 
        program.

        4. All Mexican participants must have basic safety management 
        controls in place.

        5. FMCSA will conduct safety audits and compliance in reviews 
        in Mexico to comply with Section 350 of the 2002 Appropriations 
        Act. All other Section 350 requirements will also be met.

        6. Participating Mexican motor carriers, commercial motor 
        vehicles, and drivers will be subject to all Federal Motor 
        Carrier Safety Regulations requirements while operating in the 
        United States.

        7. Participation is limited to non-hazardous property motor 
        carriers. No hazardous materials or passenger transportation is 
        authorized under the pilot program.

        8. Participating Mexican motor carriers will be monitored 
        throughout the duration of the project.

        9. FMCSA will have the ability to revoke or suspend provisional 
        operating authority during the program if Mexican carriers are 
        not operating safely.

        10. The Department is working closely with the Government of 
        Mexico on the program.

        11. After completion of the program, DOT will evaluate the 
        pilot program and make recommendations to the Secretary on next 
        steps.

    Question 2b. Do you see foreign (particularly Mexico) domiciled 
trucks and truck drivers as a greater security risk than U.S. carriers?
    Answer. FMCSA has no information that would indicate Mexican motor 
carriers or drivers will pose a greater security risk than U.S. motor 
carriers or drivers. Mexican commercial motor vehicles are more likely 
than their U.S. counterparts to receive an inspection from FMCSA or 
State inspectors. In addition, Mexican carriers crossing into the U.S. 
are required to undergo an examination by U.S. Customs and Border 
Protection.

    Question 2c. If foreign-based trucking companies are allowed to 
enter U.S. markets, will they be required to pay the same apportioned 
fuel taxes, registration fees, and other user fees that U.S. trucking 
companies are required to pay?
    Answer. Yes.

    Question 2d. Would these foreign carriers be required to register 
with the International Registration Plan (IRP) and the Internal Fuel 
Tax Agreement (IFTA) as U.S. carriers do to ensure their payment of 
state fuel taxes and registration fees?
    Answer. Yes. FMCSA has worked with the States and the IRP and IFTA 
programs to ensure their systems can accommodate Mexican motor 
carriers.

    Question 3. S. 184 requires TSA and DOT to develop a program to 
encourage the motor carriers transporting hazardous materials to equip 
their trucks with wireless communications technology that provides 
continuous communications, vehicle position and location and tracking 
capabilities, and an emergency broadcast capability. In Arkansas, we 
have J.B. Hunt Transport Services, one of the leading innovators in the 
use of information technology in the transportation sector. While I 
applaud J.B. Hunt for their leadership in this area, nationally there 
are still many small motor carriers that may not be able to afford this 
equipment. What are your views on these technologies and how would you 
envision these technologies working to improve security?
    Answer. FMCSA became aware of many technologies that could improve 
the safety, security, and efficiency of hazardous materials (HM) 
transportation after September 11, 2001. FMCSA completed an operational 
test (HM Op Test) that applied these technologies in the highway 
transportation of HM and documented the costs and benefits of these 
technologies. The HM Op Test demonstrated that deploying technologies 
such as wireless communications results in some security benefits for 
motor carriers. Further we were able to measure safety and efficiency 
benefits for the motor carriers employing these technologies. The 
results of the test were transmitted to the Transportation Security 
Administration in January 2005. Since the HM Op Test, FMCSA has been 
encouraging the industry to use these technologies.

    Question 3a. Do you consider requiring the installation of this 
wireless communications technology to be necessary?
    Answer. While FMCSA has examined these technologies in real-world 
environment, our test was limited and it is difficult to conclude the 
necessity to require the installation of the wireless communications. 
FMCSA believes that TSA's Hazmat Truck Security Pilot Program will 
yield additional information to guide this decision, but would defer to 
the Department of Homeland Security to determine if regulatory action 
is warranted.

    Question 3b. How should DOT encourage motor carriers to install 
this equipment?
    Answer. DOT has been encouraging the use of this equipment by 
presenting the results of our HM Op Test at a wide variety of industry 
and transportation research-related forums. We believe that calling 
attention to the efficiency benefits experienced through the use of 
technologies such as wireless communications will result in wider use 
of security technology, in addition to safety and security benefits.

    Question 3c. How will DOT address the interoperability of their 
equipment and the motor carriers' equipment?
    Answer. DOT will work with DHS to ensure any security technology 
required is compatible with the safety equipment already installed on 
commercial motor vehicles.

    Question 4. Commercial Drivers License holders are being required 
to go through multiple security screening programs. Drivers applying 
for a Hazardous Materials Endorsement (HME) must undergo a Security 
Threat Assessment. TSA issued a final rule implementing the 
Transportation Worker Identification Credential (TWIC) for maritime 
facilities and there is another screening process for truckers 
transporting air cargo. Each of these security requirements costs 
money.Do you plan to roll the TWIC program out to the surface 
transportation sector in the future? If so, how would the program work 
for the rail and trucking industries?

    Question 4a. How does the security screening for HME certification 
differ from TWIC?

    Question 4b. Can Commercial Drivers get one security certification 
that covers them all for intermodal transportation?
    Answer 4-4b. The security screening or background check 
requirements are a responsibility of the TSA. Therefore, TSA is 
uniquely qualified to respond to the specific questions and explain the 
relationship of its security screening requirements.

    Question 5. FMCSA's primary mission is to prevent truck accidents 
and improve truck and bus safety. FMCSA is additionally involved with 
truck security, undertaking what are known as Security Contract Reviews 
to assess truck security programs, and other security outreach and 
training activities. There is some concern that these additional 
security responsibilities take away from FMCSA's available truck safety 
resources.
    Has adding Security Contract Reviews and the other FMCSA security 
initiatives to your agency's list of responsibilities taken away from 
your resources for truck safety? Do you feel that TSA needs to take 
over some of the motor carrier security work, or perhaps reimburse your 
agency for the work it is now doing, to ensure that your primary safety 
mission is accomplished?
    Answer. Following the tragic events of September 11, 2001, FMCSA 
did shift resources away from strictly truck safety activities to 
address security issues, particularly with respect to hazardous 
materials. FMCSA activities included conducting over 30,000 educational 
visits with hazardous materials carriers to raise their security 
awareness, developing security outreach for law enforcement, carriers 
and drivers, and investigating technologies that had the potential to 
improve security in the trucking industry. The agency also trained our 
field investigators on the security plan regulations for hazardous 
materials carriers and began conducting security compliance visits, 
called Security Contact Reviews.
    As TSA has increased the scope of its activities with respect to 
commercial vehicle safety, FMCSA has been transitioning to a role of 
providing TSA with our subject matter expertise regarding the truck and 
bus industries. While the agency does still devote resources to 
Security Contact Reviews, this is now done in conjunction with our 
safety visits, resulting in efficiencies for the agency and the motor 
carrier industry.
                                 ______
                                 
  Response to Written Questions Submitted by Hon. Daniel K. Inouye to 
                         VADM Thomas J. Barrett
    Question 1. Admiral Barrett, can you tell us how well carriers are 
complying with the security plan requirement of your HM-232 rule? Is 
your agency, or other DOT modal agencies, taking enforcement actions 
against carriers who do not have plans or whose plans are insufficient?
    Answer. Yes. The largest hazardous materials carriers have 
developed security plans in accordance with the HM-232 requirements. 
The rate of compliance among smaller carriers is improving as companies 
understand and gain experience with the regulations. The HM-232 
regulations establish a general baseline for the development and scope 
of plans, rather than mandating a prescriptive set of specific security 
measures, that must be followed by companies that transport hazardous 
materials (hazmat) or offer hazmat for transportation in commerce. Each 
security plan must reflect an individualized risk assessment and, at a 
minimum, address personnel security, unauthorized access, and en route 
security risks. These rules were promulgated in 2003 and are enforced 
by PHMSA, the Federal Motor Carrier Safety Administration (FMCSA), and 
the Federal Railroad Administration (FRA). All three agencies address 
security plans in their inspections and take enforcement actions 
against hazmat carriers and offerors that have not developed plans or 
whose plans are insufficient. Most inspection and enforcement activity 
involving rail and motor carriers is conducted by FRA and FMCSA, 
respectively.

    Question 2. Your agency recently announced a proposed rule that 
would reduce the list of hazardous material of which carriers are 
required to develop security plans. If such a change was made, would 
this also impact the truck driver's hazardous materials endorsement or 
other hazardous materials safety processes required by the Department?
    Answer. No. We are not considering reducing the list of materials 
that are subject to the Department's general safety rules for hazardous 
materials transportation. Specifically, we are not considering relaxing 
the requirements (established under regulations promulgated and 
enforced by FMCSA) that truck drivers who transport placarded 
quantities of hazardous materials obtain a hazmat endorsement (HME) on 
their commercial driver's licenses. The HME requirement ensures that 
these individuals have the knowledge and training necessary to protect 
themselves, the public, and the environment from exposure to hazardous 
materials during transportation and in emergencies.
    Because of its scientific basis and wide acceptance in the 
transportation industry, the list of materials triggering the HME 
requirement provided a logical starting point for regulations intended 
to protect against transportation security risks posed by the 
intentional release of hazardous substances. The same triggering list 
was incorporated into the security plan rules adopted in 2003 and, by 
operation of law, as implemented in regulations issued by the 
Transportation Security Administration (TSA), is linked to the security 
background check requirement for truck drivers.
    As we have gained more experience with these new requirements, we 
believe it is time to consider narrowing the list of materials and 
quantities that trigger additional security-specific requirements, 
without changing the scope of our basic safety rules. Last fall, PHMSA 
issued an Advanced Notice of Proposed Rulemaking, in response to two 
industry petitions for rulemaking suggesting that the regulations 
should create a distinction between hazardous materials that ``present 
a significant security risk while in transportation and the vast 
majority of hazardous materials that pose no significant security risk 
in transportation.'' If adopted, such a change would apply only to the 
security plan requirements in 49 CFR Part 172, Subpart I. It would not 
change the HME regulations, and it would not affect other hazardous 
materials safety requirements in the HMR.
    PHMSA also has been working with FMCSA and TSA to evaluate the list 
of materials for which a driver security background check is required 
under existing law and regulations. As with the security plan 
requirement, we understand concerns that the triggering list may be 
broader than necessary to address security-specific risks. Because we 
are not considering any change in the scope of the HME requirement 
(which is incorporated by reference into the existing statutory 
mandate), any proposal to narrow the list of materials that require a 
background check would require legislative action.

    Question 3. Have you discussed the possible implications of further 
stratifying hazardous materials regulations based on security risk with 
the other DOT modal agencies?
    Answer. Yes. On transportation security issues we work very closely 
with the other modal agencies that enforce the HMR--FRA, FMCSA, and the 
Federal Aviation Administration (FAA)--in addition to TSA. Given their 
enforcement responsibilities and modal expertise, FRA, FMCSA, and FAA 
have an important voice in any decision about the scope of the HMR, 
including the current proposals to more narrowly target security-
specific risks.
                                 ______
                                 
Response to Written Questions Submitted by Hon. Frank R. Lautenberg to 
                         VADM Thomas J. Barrett
    Question 1. How well are motor carriers complying with the security 
plan requirement of your hazardous materials rule HM-232?
    Answer. Generally speaking, we believe the rate of compliance is 
good and improving. Overall, we find that most motor carriers, 
including the largest trucking companies, have plans in place that 
comply with the HM-232 rules. Where we find violations, these 
increasingly involve plans that do not contain all of the elements 
required under the rules, as opposed to situations in which the carrier 
has no plan in place.

    Question 2. What enforcement action is being taken involving this 
requirement? What actions have been taken against carriers who do not 
have plans or whose plans are insufficient?
    Answer. Where appropriate, PHMSA and FMCSA assess civil penalties 
against carriers and offerors that have not complied with the HM-232 
rules, whether by failing to adopt a plan altogether or by failing to 
address mandatory subjects in their security plans. Both agencies 
target civil enforcement based on risk and use inspections and other 
means to assist motor carriers in developing appropriate security 
plans. For example, during 2006 PHMSA cited 244 security violations in 
approximately 1,750 inspections for all activity types (shipper's, 
retesters, manufacturers, carriers and rebuilders); FMCSA cited 1,051 
security violations in approximately 6,000 inspections of motor 
carriers and shippers.

    Question 3. Your agency's recent proposal to preempt states, 
localities and towns from protecting themselves from the risk of 
hazardous materials shipments would require rail carriers to evaluate 
the current routes they use, and only ``the next most commercially 
practical'' routes. Why limit this analysis to only one contingency?
    Answer. In this rulemaking (Docket HM-232E), we have proposed a 
requirement that we believe will reduce the overall risks posed by the 
movement of certain hazardous materials by rail, without imposing an 
undue burden on transportation. Our proposed rule would require rail 
carriers that move certain high hazard materials to conduct a thorough 
analysis of the comparative risks of particular commodity movements via 
the carrier's selected routes and, in each case, the next most 
practicable alternative route over which it has authority to operate. 
This limitation on the required route analysis reflects a proposed 
balancing of interests and the inherent limitations on routing 
alternatives in the railroad industry. Unlike truck routing, with its 
web of interstate highways, toll roads, bypasses, and two-lane rural 
roads crisscrossing the country, within the rail system there are only 
a limited number of route alternatives. In addition to requiring 
carriers to identify and analyze routing alternatives, the NPRM also 
proposes to require rail carriers to grant DOT access to data, route 
analyses, and route selection. This would provide DOT with basic 
oversight of and insight into route analyses performed by carriers. If 
a chosen route is found not to be the safest and most secure 
commercially practicable route, DOT would be authorized to require use 
of an alternative route. As with all aspects of the proposal outlined 
in the NPRM, we will consider all comments in evaluating the adequacy 
of our proposal to limit the required route analysis to one comparative 
route.
                                 ______
                                 
     Response to Written Questions Submitted by Hon. Mark Pryor to 
                         VADM Thomas J. Barrett
    Question 1. PHMSA is responsible for the safe and secure 
transportation of hazardous materials by all modes of transportation. 
Under the Hazardous Materials Emergency Preparedness Grant Program, 
PHMSA issues grants to first responders to become better prepared to 
deal with hazardous material accidents. How much money does PHMSA grant 
for first responder preparedness?
    Answer. PHMSA is authorized under existing law to distribute 
approximately $27 million in Hazardous Materials Emergency Preparedness 
(HMEP) grants in FY 2007, and the Administration's budget proposed full 
funding of this program ($28.4, including administrative expenses). 
Under the FY 2007 continuing resolution, however, PHMSA is required to 
hold spending for this program at the level authorized and appropriated 
for FY 2006 ($14.3 million).
    The HMEP grants program provides Federal financial and technical 
assistance to states and Indian tribes to ``develop, improve, and carry 
out emergency plans'' within the National Response System and the 
Emergency Planning and Community Right-To-Know Act of 1986 (Title III), 
42 U.S.C. 11001 et seq. The grants are used to develop, improve, and 
implement emergency plans; to train public sector hazardous materials 
emergency response employees to respond to accidents and incidents 
involving hazardous materials; to determine flow patterns of hazardous 
materials within a state and between states; and to determine the need 
within a state for regional hazardous materials emergency response 
teams.
    Since 1993, PHMSA has awarded all states and territories and 45 
Native American tribes planning and training grants totaling $125 
million. These grants helped to: (1) train 1,843,000 hazardous 
materials responders; (2) conduct 7,545 commodity flow studies; (3) 
write or update more than 41,344 emergency plans; (4) conduct 9,452 
emergency response exercises; and (5) assist 18,907 local emergency 
planning committees. HMEP grants are funded through registration fees 
paid by hazmat carriers and offerors.
    Congress reauthorized the HMEP grant program in 2005 through the 
``Hazardous Materials Transportation Safety and Security 
Reauthorization Act of 2005'' (Title VII of the Safe, Accountable, 
Flexible, Efficient Transportation Equity Act--A Legacy for Users 
(SAFETEA-LU), P.L. 109-59, 119 Stat. 1144, August 10, 2005). 
Recognizing the need for increased attention and funding for the HMEP 
program, the Act increased the authorization level for this program 
from $14.3 million to approximately $28.4 million, beginning in FY 
2007.

    Question 1a. Is this a critical need that needs additional 
attention or is the right amount of funding available?
    Answer. HMEP grants serve a critical need in preparing communities 
and first responders for emergencies involving hazardous materials 
transportation. PHMSA believes the funding level authorized by the 
Congress in 2005--which would have doubled the size of the program to 
$28.4 million this year--was warranted. The Administration proposed to 
fund the program at its full authorized level this year; but the 
continuing resolution limits our spending to the FY 2006 program level 
($14.3 million).
    The HMEP training grants are essential for providing adequate 
training of persons throughout the Nation who are responsible for 
responding to emergencies involving the release of hazardous materials. 
An estimated 800,000 shipments of hazardous materials make their way 
through the national transportation system each day. It is impossible 
to predict when and where a hazardous materials incident may occur or 
what the nature of the incident may be. This potential threat requires 
state and local agencies to develop emergency plans and train emergency 
responders on the broadest possible scale.
    There are over 2 million emergency responders requiring initial 
training or periodic recertification training, including 250,000 paid 
firefighters, 850,000 volunteer firefighters, 725,000 law enforcement 
officers, and 500,000 emergency medical services providers. Due to the 
high turnover rates of emergency response personnel, there is a 
continuing need to train a considerable number of recently recruited 
responders at the most basic level. Volunteer fire fighters, the 
backbone of the Nation's rural hazmat response capability, typically 
have less than a 3-year service-turnover rate, making the need for 
hazmat response training among this group even greater. In addition, 
training at more advanced levels is essential to ensure emergency 
response personnel are capable of effectively and safely responding to 
serious releases of hazardous materials.
                                 ______
                                 
  Response to Written Questions Submitted by Hon. Daniel K. Inouye to 
                          Cathleen A. Berrick
    Question 1. Director Berrick, do you believe the Federal Government 
is providing sufficient resources, personnel, and regulations to 
adequately protect our Nation's surface transportation and rail 
systems?
    Answer. As we have reported, the Department of Transportation 
(DOT), Department of Homeland Security (DHS), and Transportation 
Security Administration (TSA) have all taken actions to strengthen the 
security of the Nation's passenger rail system and other surface 
transportation modes, including providing Federal grant funding to 
industry stakeholders to strengthen security. However, there are two 
critical steps that DHS and TSA need to complete before they or others 
can make a sound assessment of whether resources devoted to surface and 
rail transportation systems are sufficient--or more appropriately, are 
allocated to rail and surface transportation modes in a risk-based 
manner, recognizing that there is limited Federal funding to be 
allocated across many sectors and not any one sector or area can be 
made completely secure. First, until TSA completes a comprehensive risk 
assessment of the U.S. passenger rail system and other surface modes of 
transportation, it will be limited in its ability to determine whether 
the resources, personnel, and security efforts it directs toward these 
systems are appropriate given the relative risks. Second, until TSA 
issues the Transportation Sector Specific Plan (TSSP), as required by 
DHS' National Infrastructures Protection Plan and Executive Order 
13416, and issues supporting plans for each mode of transportation 
based of these risk assessments, the agency lacks a clearly 
communicated strategy with goals and objectives for securing the 
overall transportation sector, including passenger rail and other 
surface modes. Such a strategy is important so that transportation 
operators know what the Federal Government's role and strategy is with 
respect to security, as well as the role and actions expected of them. 
A strategy is also important so that Congress and others can review 
this strategy, raise any questions they may have with it, and 
ultimately hold DHS and TSA accountable for its implementation.

    Question 2. Director Berrick, do you have any ideas that you could 
share with the Committee regarding why it has taken so long for the DHS 
and the TSA to develop their ``transportation sector-specific plans''? 
Has this delay significantly held back these agencies' ability to 
prioritize and address rail and surface transportation security 
vulnerabilities and risks?
    Answer. We have not assessed the reasons for, or impact of, TSA's 
delay in issuing the TSSP, so we cannot comment on whether the delay 
has significantly affected TSA and other Federal efforts to prioritize 
and address rail and surface transportation security needs. According 
to TSA, the work that is needed to support the development of the plan 
has been conducted, and the plan is currently undergoing review before 
it can be issued. TSA also stated that it is moving forward with 
security efforts for surface transportation systems despite the lack of 
an issued plan. We will assess potential impacts that the lack of the 
TSSP has had on efforts to secure surface transportation systems during 
our ongoing reviews of commercial vehicle and freight rail security, as 
well as our planned follow-on review of passenger rail security. 
Although we haven't assessed the reasons for or impact of TSA's delay 
in issuing the TSSP, as mentioned in response to Question 1 above, such 
a strategy is important so that transportation operators know what the 
Federal Government's role and strategy--or ``end-state''--is with 
respect to security, as well as the role and actions expected of them. 
A strategy is also important so that Congress and others can review 
this strategy, raise any questions they may have with it, and 
ultimately hold DHS and TSA accountable for its implementation.
                                 ______
                                 
Response to Written Questions Submitted by Hon. Frank R. Lautenberg to 
                            Richard L. Canas
    Question 1. As the head of our State's homeland security efforts, 
how would you rate the support and cooperation you receive from the 
Transportation Security Administration and the Department of Homeland 
Security?
    Answer. As I know firsthand from my experience in N.J., 
establishing a new Department does not come without growing pains, and 
I believe this is the case with both DHS and the TSA. Our experience 
has been mixed. We've had some very expeditious and helpful responses 
for technical assistance and also had helpful answers from the Office 
of Grants and Training to help unravel the very complex grant process. 
On the other hand, sometimes DHS and TSA don't understand what state 
and local needs are. For example, at one point early on, DHS did not 
include NJ TRANSIT in Philadelphia's mass transit working group, 
because they were unaware that NJT ran trains and buses into 
Philadelphia. This had an impact on funding allocations within the 
region. Thankfully, this has been corrected.
    But there has been maturation. For instance, I was very encouraged 
by the regional approach that the Secretary and Department announced 
earlier this month regarding the Urban Area Security Initiative (UASI) 
grant program--in which they treated northern New Jersey and New York 
City as a contiguous region. Additionally, when we think these agencies 
may be off-base, we are not shy about making our needs known. And, 
though they may not always give us the answers we want, they are 
responsive.

    Question 2. Do you believe the Federal Government needs to do more 
to protect the surface transportation system from potential terrorist 
attack? If so, what would you specifically recommend?
    Answer. The surface transportation system is a large and diverse 
community and is not all at the same level of risk. You have roadways, 
bridges, tunnels, trucks, trains (passenger and freight), pipelines, 
motor coach and school buses.
    In New Jersey, for example, we have:

   6,337 roadways, bridges and tunnels;

   20,000 independent trucking companies that call N.J. home 
        through the international register;

   723 members of the New Jersey Motor Truck Association;

   About 1,000 miles of interstate and 400 intrastate high-
        consequence natural gas pipelines; and

   More than 100 motor coach companies.

    We have been working with DHS/TSA in each of these areas.
    The key, however, is risk. We strongly support DHS when its 
attention and funding are based on risk. To his credit, Secretary 
Chertoff has indicated repeatedly that addressing the highest risks is 
his priority.
    One of the things I would recommend to improve transportation 
security is to ensure that the private sector remains engaged and 
becomes a real partner--not from a regulatory standpoint--but from the 
ability to leverage homeland security investments. The private sector 
holds most of the critical infrastructure and they are making 
investments. But DHS must do a better job of including the private 
sector and leveraging their investments to maximize all of our security 
efforts.

                                  
