Difference between revisions of "TSA Logistics"

Latest revision as of 13:38, 13 May 2022

Full Title or Meme

This is a use case of Supply Chain Management.

Context

• The US Transportation Security Agency maintains three warehouses with materiel that is needed to keep the US safe^[1] known as the TSA Logistics Centers (TSALCs).
• Much of this information can be found in the Supply Chain Assessment of the Transportation Industrial Base" Freight and Logistics February 2022 from the Supply Chain Disruptions Task Force.
  • The Infrastructure Law (BIL) created an opportunity to modernize the critical, but outdated, infrastructure our supply chains depend on every day.
  • The goal was to bring more of our supply and production capacity in the United States, rather than outsourced abroad.

Goals

• 21 Support public and private sharing of cyber-incident data to enhance supply chain cybersecurity, including providing supply chain stakeholders' access to cybersecurity tools and education that allow them to improve their cybersecurity posture in concert with partners and freight facilities. (CISA, DOE, DoD)
• 22 Develop a National Transportation System Security and Resilience Plan. USDOT and the Department of Homeland Security (DHS) should work with States to identify major natural- and human-caused threats to the transportation system’s performance, define institutional structures for planning for and responding to disruptions, and identify mitigation strategies in a national plan. This will include studying the need for Federal funding to support security infrastructure development.
• 32 Encourage greater standardization and foster interoperability of data among States and between the multimodal transportation networks and the private sector. Standardized data, end-to-end visibility, security, and privacy are all increasing concerns from supply chain practitioners. Real-time information that can be received, interpreted, and acted on by parties throughout a supply chain allows for efficiencies that can increase effective throughput capacity without new physical infrastructure.
• 34 Partner and collaborate with government agencies and the private sector to establish a national supply chain forensics/monitoring program and develop analytical tools to monitor supply chains for impending threats or security issues. Identify and apply methods to appropriately classify maps, lists, essential industries, and other information on critical goods and their supply chains to prevent disclosure to U.S. adversaries. This effort should be supported by the Department of Commerce in partnership with DHS and the National Geospatial Intelligence Agency.
• 51 & 58 Track hazardous material and employee risk assessment. (49 CFR 1572)

Programs

• Security in supply chain is concerned primarily with resilience. (Section 3.4)
• “Benefits and Needs for an Integrated Approach to Cyber-Physical Security for Transportation” ^[2] "Physical security system technologies and designs must include cybersecurity protections similar to those used in other IT systems and be monitored for intrusions as other IT networks are. Organizations need to treat physical security technologies as part of their IT networks, and ensure that cybersecurity is part of system design, management, and operations."

Solutions

• Like the DoD the DHS defines Intrusion Detection Systems (IDS) to operate within a data processing domain. In other words, it is the responsibility of the data processor to find all problems. See, for example the Surface Transportation Cybersecurity Toolkit, mostly point the private companies back to reports published by CISA.
• The reporting of intrusions to CERT or CVE are somewhat random occurrences, many are from security firms that scan for intrusions externally.
• Major platform that handle data for consumers also have large security departments that scan the data in their domain that includes their customers.
• External scans for intrusions are limited to a very few companies, like VeriClouds.com.
• A report by RAND for the Air Force described cybersecurity for the supply chain as starting at the design phase and followed through till the part was shipped. This completely ignore threats that are initiated long after the design is long complete and support systems must still function to keep the equipment running.

Towards Resilience

• A resilient system continues to run even when unexpected events occur. This requires monitoring the results in the field and not a reliance on reports that may be years old. Unlike existing solutions that depend on the source to report problems, including cybersecurity problems, resilient solutions need to examine the threat landscape continuously to determine when and where new exploits are discovered.
• The most obvious source of unexpected exploits is Internet of Things where devices are deployed with no consideration on the evolution of new threats in the Ecosystem.

References

1. ↑ TSA Employee Stories, TSA supply chain strong amidst COVID-19 (2020-05-29) https://www.tsa.gov/about/employee-stories/tsa-supply-chain-strong-amidst-covid-19
2. ↑ . Zimmerman and M. G. Dinning (November 2017) “Benefits and Needs for an Integrated Approach to Cyber-Physical Security for Transportation,” In Transportation Systems Resilience: Preparation, Recovery, and Adaptation, Transportation Research Circular E-C226, Transportation Systems Resilience Section, Standing Committee on the Logistics of Disaster Response and Business Continuity, Standing Committee on Emergency Evacuations, Standing Committee on Critical Transportation Infrastructure Protection, Transportation Research Board, Washington, DC: National Academies Transportation Research Board, pp. 15-21. http://onlinepubs.trb.org/onlinepubs/circulars/ec226.pdf