DHS takes cross-sector view to infrastructure protection R&D
- By Alice Lipowicz
- Aug 19, 2005
The Homeland Security Department is taking a cross-sector approach to protecting the nation's critical infrastructure in a new national R&D plan
released this week.
Rather than examining critical infrastructure by sector, as has traditionally been done?including agriculture, financial services, energy, water, health care, etc. ?the National Plan for Research and Development in Support of Critical Infrastructure Protection establishes nine themes that aim to support all sectors, encompass physical and cyber security concerns and be integrated with other national-security strategies.
The plan is organized around the themes of:
- Detection and sensor systems
- Protection and prevention
- Entry and access portals
- Insider threats
- Analysis and decision support systems
- Response, recovery and reconstitution
- Emerging threats
- Advanced architectures and system design, and
- Human and social issues.
The plan, available on the department's Web site, is introduced with a letter dated April 8, 2005, from Secretary Michael Chertoff and John H. Marburger III, the director of the White House's Office of Science and Technology Policy. The plan itself is labeled with the date 2004 and described as a "baseline" for 2005 planning efforts.
The 96-page national R&D plan also is "the first annual version of the research and development road map" required under Homeland Security Presidential Directive 7: Critical Infrastructure Identification, Prioritization and Protection, Chertoff and Marburger wrote. The directive identified 17 critical infrastructure sectors to be addressed.
The new plan states that it departs from past efforts that have been primarily organized by sector. It recognizes that many different sectors are vulnerable to the same threats, and that interconnections between sectors must be addressed as well.
"The use of a sector-based plan for examining operational issues is not appropriate for R&D, as it tends to create artificial repetition and loss of opportunity for integration," the plan said.
The plan's new approach also includes evaluating interconnections between sectors and incorporating efforts to reduce vulnerabilities into future system designs.
It identifies eight major R&D priorities, including improvements to sensors, risk modeling and analysis systems, physical and cyber security systems to detect and deter intrusions, large-scale situational awareness systems, secure architectures and human-technology interfaces.
The plan outlines three long-term goals:
- A national common operating picture for critical infrastructure
- A next-generation computing and communications network with security "designed-in" rather than added after-the-fact and
- Resilient, self-diagnosing and self-healing physical and cyber infrastructure systems.
The detailed document catalogues ongoing R&D efforts at federal agencies, describes the roles of government and private agencies and discusses the integration of the R&D plan with other national plans. It offers many research and development goals under each of the nine themes.
"There many challenges in developing a document of this scope, which crosses so many federal agencies and involves such a broad set of topics," Chertoff and Marburger wrote. "Developing relationships across agencies and disciplines is critical to protecting our infrastructure."
Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.