Thursday, March 31, 2011

Quick Look Report on the Executive Summit for Small Vessel Stakeholder Leadership meeting

The Department of Homeland Security has issued a Quick Look Report on the Executive Summit for Small Vessel Stakeholder Leadership meeting held on March 11, 2011, in Arlington VA, on the release of the Small Vessel Security Implementation Plan. This Report can be found at http://www.dhs.gov/xlibrary/assets/small-vessel-security-executive-summit-report-03112011.pdf.

RADM Paul Zukunft, USCG Assistant Commandant for Marine Safety, Security and Stewardship, described the plan as “a guide for future action” and offered examples of how it would be implemented locally. The plan has a detailed strategic overview, with a layered defense approach containing flexibility to match local requirements. Progress has already been made “to advance interagency operations (centers, and interdiction) and improve coordination between stakeholders.” Area Maritime Security Committees will play a big role in advancing partnership with the localities involved in small vessel security.

More interesting points from the Quick Look Report: during a panel discussion between. Sean Moon, Transportation and Cargo Policy, DHS Office of Policy Development; Mr. Jeff Hoedt, Chief, Office of Boating Safety, USCG; and Mr. Daniel Piscopo, Trusted Traveler Programs, CBP, Mr. Moon stated that “the effort has affected the International Maritime Organization’s small vessel security guidelines and the plans of allied nations.” Moon also stated that another essential part of the plan is “a method to track actions so that the Secretary will know what is happening and what needs to happen to make the plan a success.”

From the Coast Guard, Mr. Hoedt “stated that the USCG approach would be to promote mandatory education of boaters about the threats and measures for safe operation of pleasure craft. The boating community can expect attention to uniform education standards at the federal level that will stress the rules about security zones and vessel ownership documentation.” He indicated that almost all states and territories maintain electronic records of vessel identification, “effectively providing a foundation for a national database.” The USCG has no plans for incorporating RFID as the mian means for vessel identification. The report states that a participant in the audience emphasized the need for support of America’s Waterways Watch and that the participant suggested a number of ways to increase the use of AWW.

Mr. Piscopo described the CBP Small Vessel Reporting System (SVRS), http://www.cbp.gov/xp/cgov/travel/pleasure_boats/boats/svrs.xml.operators of small pleasure vessels, arriving in the United States from a foreign port or place to include any vessel which has visited a hovering vessel or received merchandise outside the territorial sea, are required to report their arrival to CBP immediately. This system “enables people to enroll online, facilitates an interview process, and grants approval to pre-file float plans. “ It has been extensively beta-tested, and currently has 6,700 members. It is now available in Florida and Puerto Rico but is expected to soon be implemented on the northern border with a subsequent national roll-out. CBP wants the system to be “available on a free and voluntary basis in time for the Memorial Day holiday.”

Another interesting remark was noted in the report by Robert Gauvin, USCG Office of Vessel Activities, who stated that “advances in positioning system technology were being explored to integrate automatic identification system (AIS) and emergency position-indicating radio beacon (EPIRB) capabilities, making them less expensive and jointly supportive for safety and security.”

During RADM Zukunft’s closing remarks, he stated that the intent is to take advantage of existing technologies, such as Watchkeeper and commercial off-the-shelf hardware and software. (WatchKeeper: an information management system that coordinates and organizes port security information to help the Coast Guard and its port partners make the best use of their resources to keep America’s ports safe. From http://www.uscg.mil/acquisition/newsroom/pdf/CG9newsletterMar11.pdf)”

Monday, March 21, 2011

Small Vessel Security - Expanded HIN Rulemaking Withdrawn

On February 11, 2011, in Federal Register Volume 76, Number 29, the Coast Guard announced its decision to not initiate a rulemaking addressing an expanded hull identification number (HIN) for recreational vessels. The Coast Guard had requested comments on the costs and benefits of expanding the existing 12-character HIN in order to provide additional information identifying vessels, and received 29 comments. The Coast Guard made its decision based on consideration of the comments received as well as the challenges from data uncertainty in describing, estimating, and quantifying potential costs and benefits of such a rulemaking. The Federal Register notice stated, In addition to seeking information from the public on an expanded HIN proposal, the Coast Guard also performed its own evaluation of the potential costs and benefits of such a proposal. The Coast Guard found a lack of available data regarding potential costs and benefits.

The notice states in conclusion: “ At this time, the Coast Guard has decided that it is in the best interest of the public and the boating safety community to focus its attention and devote its resources to other regulatory actions. If the Coast Guard decides in the future to reconsider an expanded HIN, we will provide notice in a new Federal Register publication.”

The National Association of State Boating Law Administrators, NASBLA, is among the groups supporting the expanded HIN, stating that it will aid law enforcement officers in quick identification of correctly registered vessels by the type of vessel, hull material, length of vessel, propulsion and fuel type. Through use of the added characters, including a check or verifying digit, our officers on the water will be better able to properly identify suspicious vessels in and around security zones.”

The National Marine Manufacturers Association, which describes itself as “a powerful voice for the recreational boating industry,” is among the groups opposing the expanded HIN, stating that the expanded HIN would “ impose excessive costs on boat builders, and the marine industry as a whole including marine bankers, dealers and distributors and yield no improvement to boating safety.”

Sunday, March 20, 2011

PAC 01-11, Voluntary Use of TWIC Readers

On March 15, 2001, the U. S. Coast Guard issued Policy Advisory Council (PAC) Decision 01-11, ``Voluntary Use of TWIC Readers.'' Because the readers are still in the pilot stage, facility owner/operators who received grant funding have been reluctant to move forward with purchasing readers. This PAC was issued to give more guidance in purchasing and installing TWIC readers and systems. Below are some points to consider from the PAC.

In discussing the three-pronged card verification, the PAC states:

(1) Regarding Identity verification, the current requirement for identify verification is to compare the photo on the TWIC to the person at the access point (33 CFR 104.265(c)(1)(i), 105.255(c)(1)(i)), or 106.260(c)(1)(i)).

In accordance with 33 CFR §101.130, the Coast Guard determines that a biometric match using a TWIC reader from the TSA list of readers that have passed the Initial Capability Evaluation (ICE) Test (available at: http://www.tsa.gov/assets/pdf/twic_ice_list.pdf ) to confirm that the biometric template stored on the TWIC matches the fingerprint of the individual presenting the TWIC meets or exceeds the effectiveness of the identity verification check.

2. Regarding card validity, the current requirement for card validity is visual inspection to check that the TWIC has not expired (33 CFR 104.265(c)(1)(ii), 105.255(c)(1)(ii), or 106.260(c)(1)(ii)).

In accordance with 33 CFR §101.130, the Coast Guard determines that using a TWIC reader to check for card validity by either

(a) comparing the card’s internal Federal Agency Smart Card Number (FASC–N) to the TSA Cancelled Card List or

(b) using a Certificate Revocation List (CRL)

3. Regarding card authentication, the current requirement for card authentication is visual and/or physical inspection of various security features present on the card (33 CFR 104.265(c)(1)(iii), 105.255(c)(1)(iii), or 106.260(c)(1)(iii)).

In accordance with 33 CFR §101.130, the Coast Guard determines that card authentication with a TWIC reader to perform the CHALLENGE/RESPONSE protocol using the Card Authentication Certificate and the card authentication private key on the TWIC meets or exceeds the effectiveness of the card authentication.

Further:

4. Readers must be operated and maintained in accordance with manufacturer’s instructions, and operated by personnel trained in the use of the reader.

5. The plan must be amended to reflect the use of the reader.

6. PAC Decision 08-09, Incorporating TWIC into Existing Physical Access Control Systems - Change 1, remains valid for vessels or facilities with existing electronic physical access control systems as long as the systems can support a match between the local access card and the individual’s valid TWIC upon each entry.

7. Please note: this PAC is studded with warnings that any readers used that satisfy this PAC may not satisfy a subsequent rulemaking. And: “Any grandfathering or phase-in period considerations will be addressed in the rulemaking process, providing adequate opportunity for comment, but should in no way be inferred from this interim guidance. “ (My emphasis.)

Friday, March 18, 2011

DTOS 59-11-R-00307 Presolicitation Notice, Maritime Security Training

On March 11, MARAD posted a presolicitation notice for contractor services to assess maritime security training courses. The notice is posted in its entirety below.

The Maritime Security training course assessor (hereinafter "Contactor") shall act on behalf of MARAD and the USCG hereinafter (Government) to evaluate maritime security training courses proposed by training providers to ensure conformity with applicable Government requirements. The Contractor shall issue documents of compliance to training providers whose curricula, instructors, facilities, materials and method of instructions conform with applicable requirements. The Contractor shall maintain records that describe the scope of all evaluations performed and track the documents issued. The processes and procedures by which the Contractor performs these services shall be governed by a recognized Quality Standards System (QSS) that will be subject to periodic review by Government Officials. All responses SHALL BE COAST GUARD QSS CERTIFIED.

Responses are to be submitted to MARAD by April 15, 2011.

Some points to be noted include:

1. The contractor will be reviewing both MARAD and USCG security training courses.

2. The contractor needs to be QSS certified, which really narrows the scope. According to the USCG website(3/8/2010) at http://www.uscg.mil/nmc/faq/vso_rule_making.asp, the Coast Guard-approved QSS organizations are as follow: American Bureau of Shipping (ABS), Det Norske Veritas (DNV) and American Council of Education (ACE).

3. Who may be disqualified from responding? NVIC 97-9, Guidance on STCW Quality Standards Systems (QSS) for Merchant Mariner Courses or Training Programs, states, (5)(k), “Coast Guard-accepted QSS organizations must be completely independent of any organizations offering training. Coast Guard-accepted QSS organizations may not exercise direct or indirect managerial or financial control through contract or understanding over any training organization. Likewise, training organizations may not exercise direct or indirect managerial or financial control through contract or understanding over any Coast Guard-accepted QSS organization.”

(Thanks to John Bennett for calling this to my attention and resulting excellent discussion and Steven Sawhill of DNV for excellent discussion.)