Noblis has extensive experience across critical infrastructure domains, including telecommunications and computer networks, energy, water, health, transportation, and law enforcement. This knowledge is critical as we apply technology and systems engineering processes to the problem of securing the nation’s critical infrastructures.
Integrated Vulnerability Assessment/Public-Private Joint Exercises
Each department and agency of the federal government is required to assess vulnerabilities and to protect its critical infrastructures. DoD has been among the first to respond to this requirement. It is actively engaged in identifying DoD-owned assets (e.g., facilities, systems, services) and supporting infrastructures—both military and civilian—that are critical to the execution of the National Military Strategy. DoD is also developing integrated vulnerability assessment processes that build upon existing force protection, nuclear command and control/surety, information security assurance, and infrastructure assurance programs at the Joint Staff, service, and defense agency levels.
Over the last two years, a series of demonstration projects and working groups have progressively explored how to answer these questions. The demonstration projects have sought to integrate critical infrastructure protection (CIP) concerns into existing assessment protocols, break down barriers to information-sharing, reach out to other federal agencies in assessing commercial infrastructure dependencies, and investigate how to exchange sensitive and proprietary information with major infrastructure providers. Noblis has supported the DoD Critical Infrastructure Protection Directorate in its CIP policy and integration roles.
Agricultural Risk
The threat of biological warfare is most often considered to be against human health, to cause widespread sickness and death in the population. Humans, however, are not the only targets for biological weapons. Attacks on plant and animal targets, which may not affect humans directly, may have significant economic consequences. The deliberate introduction of a disease or pest into a U.S. livestock or crop industry could drive food prices up, halt valuable exports, and ultimately cost taxpayers billions of dollars to rebuild the industry.
While many possible risk mitigation strategies exist, selection and investigation of these strategies must be prioritized so those that are implemented are the most cost effective. Risk assessment is a tool to prioritize alternatives and identify control points in a system where risk mitigation is most important. This paper discusses the application of risk assessment to the introduction of a pest or disease into an agricultural industry.
As a part of our internally funded research and its technical support to national security agencies, Noblis has developed an analysis model that uses the process of acquiring a threat capability—such as the ability to develop and deliver a biological attack—to organize raw data into an evolving picture and a knowledge repository.
The USDA has a need to prioritize agricultural infrastructure areas that should be protected from potential threats and to enhance response capabilities. Noblis is exploring solutions through in-house initiatives to determine the applicability of our risk assessment and modeling expertise to the agricultural area and through a partnership with Harvard University. As a part of our internally funded research and its technical support to national security agencies, Noblis examined building a risk assessment tool for studying foreign disease/pest introduction to U.S. agriculture. We chose one agricultural sector (beef cattle) and one foreign disease/pest (rinderpest) as a case study. The case study has shown that the vulnerabilities of an agricultural sector to terrorism can be assessed with a risk-based methodology. The methodology successfully identified some preliminary areas of vulnerability for the introduction of rinderpest to the beef cattle industry. This methodology may be appropriate for evaluating risk of other diseases/pests in various agricultural sectors.
Agricultural Command Center
Part of the mission of the U.S. Department of Agriculture’s Animal and Plant Health Inspection Service (APHIS) is to protect America's animal and plant resources by safeguarding them from exotic invasive diseases and pests. In addition to accidentally or naturally occurring diseases, the intentional introduction of disease, as a form of bio-terrorism, is a concern. APHIS is establishing an APHIS Emergency Operations Center (AEOC) that will serve as its centralized facility for conducting emergency operations. The AEOC is intended to provide a flexible, yet coordinated and integrated structure for interaction and communication among various parties when responding to emergency situations.
Noblis assisted APHIS in developing the initial set of operating requirements for the AEOC. The operational requirements that were developed and implemented addressed the response to plant and animal disease outbreaks, as well as AEOC activities during normal operations. Development of the requirements included integrating AEOC equipment and support tools with actual operations, developing a process for operating the facilities, and determining the training requirements for staff and emergency team participants, including transferring of information to and from the AEOC.
NOAA Hazard Communication
Noblis has extensive experience and subject matter expertise in emergency and disaster planning, including the conduct of and participation in the testing of civilian and military emergency operations plans.
We have recently helped develop an interagency National Hazards Information Strategy, prepared under the leadership of the National Oceanic and Atmospheric Administration. The strategy works from the bottom up, is focused on the user, is collaborative in nature, builds on what works and is already in place, and seeks to add value to the user mission. The strategy provides a practical and cost-effective way to facilitate a more effective use of information critical to reducing the loss of lives and property from disasters. Several collaborative projects have been initiated under the strategy with disaster community partners, such as assessing the needs and opportunities to improve the use of information technology within the operating activities of the wild land fire community.
Application of Geospatial and Wireless Technologies to Emergency Management
The key to effective emergency management decision making, especially during response and recovery phases, is timely and accurate situation and resource information. Much of the information needed to manage natural or man-made disasters has a distinctive geographic or locational component. This is evidenced by the high reliance on maps, imagery and map-derived products in use by the emergency management community and by the commensurate growth in geographic information systems (GIS).
Delivery of geospatial information over the Internet has gone from a concept to a reality during the last five years. The next step is to extend this capability to mobile computing.
As a part of our internally funded research, this project would demonstrate the integration of Web-based geospatial technologies (GIS and global positioning systems [GPS]) and wireless technologies to support the mobile computing needs of the emergency management community. Conceptually, this project would serve disaster-related information over the Internet to emergency management and emergency services personnel in the field. These data would include maps, imagery, and the results of modeling and simulations needed to support decision-making. Field personnel would be equipped with devices that would be used for both downloading information and for providing near-real time updates that would be used by the on scene incident commander, the emergency manager and analysts in conducting response and recovery activities.
Cyber Security
Noblis has experience across the full spectrum of information security, including assessment of security vulnerabilities through penetration testing and intrusion detection and management and technical and management approaches to correcting vulnerabilities. We have also facilitated enhanced security architectures to improve network and information integrity. Our work in information security includes examples of innovative approaches that make technologies—such as Public Key Infrastructure (PKI)—more widely available to protect networks and the information transmitted across them. Our research on PKI bridging technology is now the standard for integrating multiple-vendor solutions at the federal level. This research could also provide an essential component of an accelerated national strategy for cyber security and better authentication of critical transactions.