The Public Health, Security and Bioterrorism Preparedness and Response Act (P.L. 107-188), passed in June 2002, amends the Safe Drinking Water Act to require all public water suppliers serving populations greater than 3,300 to complete Vulnerability Assessments (VAs) and to develop or modify Emergency Response Plans (ERPs). The legislation affects more than 8,000 community water systems (CWSs) nationwide. Small CWSs are encouraged, but not required, to follow the same planning and management activities. Any increased security measures implemented in the wake of the terrorist attacks will serve to boost public confidence and ensure uninterrupted operation of safe drinking water supplies.
VAs are intended to identify potential threats, assess the critical assets of the system, evaluate the likelihood and consequences of an attack, and develop a prioritized set of system upgrades to increase security. Once completed, VAs must be submitted to the EPA on a schedule based on system size (Table 1). A CWS that fails to complete a VA will be in violation of the Clean Water Act.
Emergency Response Plans must detail response, recovery and remediation actions in the event of a contamination or flow disruption event. Many CWSs already have existing ERPs, and can modify existing plans to satisfy the new regulations. Systems must submit to EPA certification that they have completed the ERP (Table 1), but the ERP itself is not submitted to the agency.
Late last year, EPA administered $50 million in grants to 400 large CWSs to assist with the completion of the VA and ERP, and with design of improvements. Grant applications were solicited from public and private water systems, and grants up to $115,000 were awarded. The actual cost of realizing the requirements of the Bioterrorism Act for all CWSs is estimated to be $450 million. At this point, no additional money has been appropriated to aid the smaller CWSs in the VA and ERP process.
Sensitive information and communications regarding physical and cyber security is maintained by the newly formed (December 2002) Water Information Sharing and Analysis Center (WaterISAC), and is managed by the Association of Metropolitan Water Agencies (AMWA) also launched in December 2002. Access to the Water ISAC is strictly limited to water utilities. Information will be gathered from utilities (e.g., security incident reports), federal law enforcement, and intelligence, public health and environment agencies. The Water ISAC will provide a link between utilities and federal agencies and to provide access to research and other resources for improving security and planning for emergencies.
The Vulnerability Assessment
A complete and thorough Vulnerability Assessment is likely to be a hefty document, even for a smaller water system, due to extensive information and analysis requirements. The purpose of the VA is to guide the CWS in the characterization of the system, evaluation of susceptibility to potential threat and identification of threat reduction or mitigation activities. At the completion of the VA, the CWS will have a well-defined set of action items aimed at protection of the water supply.
EPA has developed some general guidelines concerning the content and the level of detail in the VA, including six key elements that must be addressed (see table 2). For each element, approximately 10 pages of text should be included in a main document, with details and analyses presented in appendices. A stand-alone executive summary, which should not contain specific details of the utilities so that it is appropriate for public release, should accompany the report. The remainder of the document is granted national level 'secret' status, and is available only to designated individuals with security clearance. Document security on the state level varies by state. Many states have changed their Freedom of Information Act (FOIA) laws to exempt VAs (see http://www.amwa.net/security/FOIA.pdf for additional information).
The VA can be conducted using any appropriate methodology, provided that six key elements are addressed. Several methodologies exist to facilitate the development of the VA. Three of these have been reviewed and approved by the EPA:
RAM-W - Based on existing Sandia methodology, developed by Sandia and American Water Works Association Research Foundation (AWWA-RF). It is primarily designed for larger CWSs with a focus on the extensive data collection effort required. The methodology is licensed by AWWA, and a training course must be completed to use it.
VSAT - Developed by Water Education Foundation, initially for wastewater facilities, modified to cover small to medium sized water utilities. This software is available only to public and private water utility staff.
Security Vulnerability Self-Assessment Guide - Developed by Association of State Drinking Water Administers. This checklist methodology is suitable for small utilities.
Once submitted, it is not yet clear what level of review and/or comments on a VA will be provided to the CWS by the EPA, although revisions and resubmissions are not expected. Nor is it yet clear how authority will be exercised over the submitted VAs, who will have authority, or how the authority will be delegated.
The Emergency Response Plan
The Emergency Response Plan must contain information detailing how the CWS will respond to a particular incident. The goal of the ERP is to outline specific system actions appropriate for each type of incident, as well as communication procedures, requests for emergency aid and public notification. A good ERP will minimize potential confusion and shorten required time for restoration of normal system operations. Ideally, the execution of the actions detailed in the ERP will prevent any interruption of drinking water supply. Existing ERPs can be modified to include response to intentional acts, if they are not already addressed.
To date, the EPA has not issued any requirements or guidelines for the development or modification of the ERPs. However, A letter of certification of the completion of the ERP must be sent to EPA no later than six months after the completion of the VA. EPA has made available a standardized certification form that can be used by the CWS. Like the VA, authority and regulation over the ERP is undefined at this time.
Once a CWS has completed its assessed, critical assets identified, and potential threats recognized, a strategy must be developed to reduce the risk to the system. Risk reduction activities can be grouped into three general categories:
1) Increased physical security surrounding water supply systems,
2) Redundancy design in the system, and
3) Source water protection and monitoring.
The size of the CWS, the likely threats and the current level of risk of the CWS will dictate what combination of these activities is appropriate. However, these measures may be useful and wise to implement, even without a federal mandate.
The most expedient and potentially less costly actions for protecting a water supply system consist of installing or enhancing a physical security system, including fences, exterior and interior sensors, alarm assessment and communication and entry control. The risk of cyber threat can be reduced by increasing security in the Supervisory Control and Data Acquisition (SCADA) System used for utility monitoring and operation and remote communication. SCADA security can be tightened by either hardware or software enhancements by IT professionals.
Increased physical security will reduce some risk associated with a potential threat. Another level of safety can be achieved by including and/or increasing redundancy in the system (e.g., multiple pump stations and treatment plants, and/or overlapping distribution systems). Designing redundancy into a water supply system may fit in with existing expansion plans. With sufficient redundancy, a utility can quickly recover from the loss of a single asset by redirecting intake or distribution lines.
Source water protection and early warning monitoring systems could alert operators of any change in water quality in sufficient time to prevent contamination and disruption of the public water supply. Early water monitoring requires a long-term baseline of water quality data to understand typical parameter ranges. When observed water quality parameters are outside expected values, warning signals can be transmitted, increased sampling and testing can be conducted, and the system operation adjusted appropriately. In addition to a well designed monitoring system, an inventory of system hydrology (including reservoir residence times, dilution rates, flow-stage relationships, etc.) will allow for rapid assessment and decision making in the event of contamination.
A Watershed Protection
A watershed protection program begins with a resource assessment and the development of a management strategy to ensure safe drinking water. An effective management strategy may include water quality and ecological sampling, pollutant loading studies, evaluation of potential sources of contamination, assessment of potential impacts to human health and ecological resources, development of measures to reduce the potential for contamination, and design and implementation of a contaminant monitoring system. These management strategies provide water quality protection from both natural and manmade contamination events, as well as better management of raw water quality, augmentation of water supply, protection of natural resources and cost savings in treatment operations.
An early-warning wellhead protection monitoring network can help to ensure groundwater aquifer protection. Based on ENSR's experience in protection of subsurface water supplies, development of a wellhead protection monitoring network typically involves the set up and application of groundwater flow and particle path models, analysis of model results to assess groundwater flow pathways, and superposition of groundwater flow path information onto maps of known and potential contamination threats. Such methodology can be applied to determine optimal well locations in monitoring well networks and to assess intentional contamination threats to groundwater supplies.
Bottled Water Regulations
The bottled water industry is also feeling the effects of recent security legislation. By definition, the industry falls under the jurisdiction of the Food and Drug Administration (FDA), and is subject to food provisions of the Bioterrorism Act. Specifically, all facilities that manufacture, process, pack or hold food for consumption in the U.S. must be registered with the FDA. The purpose of FDA registration is to facilitate rapid alert of industries and/or facilities that may be the target of a specific threat. The FDA has proposed regulations to address the provisions of the Act, which include the following:
Provision for registration of multiple facilities from one location;
Requirement of contact information for all food facilities, though a corporate position may be responsible for multiple locations;
All food facilities that manufacture, process pack or hold food products or ingredients must be registered by December 12, 2003; and
No registration prior to October 29, 2003. FDA anticipates that the electronic registration system will be operational by October 12, 2003, but specifies a contingency in case the electronic system is not available.
FDA regulations are currently in the public comment period, and are expected to be finalized in the spring or early summer 2003.
Water Security in a Changed Nation
Since the terrorist attacks and the increased emphasis on Homeland Security, a shifted paradigm of national security and vulnerability awareness has emerged. Many of the measures necessary to safeguard our water supply are already in practice as a consequence of addressing unintentional pollution. We must now also consider intentional acts of contamination in the protection of our drinking water supply. Often water supply protection modifications can be accomplished cost-effectively using experienced water supply engineers and scientists with an understanding of the requirements and the most suitable strategy and technology to effect these changes and upgrades.
About the Author
Marcia Greenblatt, Ph.D., has 7 years of experience in watershed and streamflow analysis, water quality, hydraulic and groundwater modeling, and fate and transport evaluations. She has completed the RAM-WSM training course from AWWA, and is licensed to apply the methodology.
Jack Donohue has more than 20 years of professional experience in groundwater resource and contaminant site characterization; mathematical modeling of hydrogeologic systems; groundwater monitoring system design; wellhead protection area determination; water resource protection planning; and environmental compliance.
Ken Wagner, Ph.D., has 27 years of experience in aquatic systems assessment and management and the rehabilitation of lakes and river systems. Dr. Wagner manages and participates substantively in water resources projects relating to water supply, recreational lakes, storm water runoff, and wastewater discharges.
For additional information on protecting drinking water supply, contact Marcia Greenblatt at 978-589-3024, Jack Donohue at 603-524-8866, or Ken Wagner at (860) 429-5323, ext. 222.
Top Ten Ways to Protect Your Water Supply System from Threat
Prepare (or update) an emergency response plan. Make sure all employees help to create it and receive training on the plan;
Post updates emergency 24-hour numbers at your facilities in highly visible areas (pumphouse door, vehicles, office) and give them to key personnel and local response officials;
Get to know your local police and ask them to add your facilities to their routine rounds. Practice emergency response and public health officials.
Fence and lock your drinking water facilities and vulnerable areas (e.g, wellhead, hydrants, manholes, pumphouse, and storage tanks);
Lock all entry gates and doors and set alarms to indicate illegal entry. Do not leave keys in equipment or vehicles at any time;
Install good lighting around your pumphouse, treatment facility and parking lot;
Identify existing and alternate water supplies and maximize use of back flow prevention devices and interconnections;
Use your Source Water Assessment information to work with any businesses and homeowners that are listed as potential sources of contamination and lesson their threat to your sources;
Lock monitoring wells to prevent vandals or terrorists from pouring contaminants directly into ground water near your source. Prevent pouring or siphoning contaminants through vent pipes by moving them inside the pumphouse or treatment plants, or if that isn't possible, fencing or screening them; and
In case of an emergency, first call '911', then follow your emergency response plan.
From: EPA New England Office