The White Elephant - Chemical Facilities as Soft Targets of Attack

By Luke Bencie

Chemical facilities are soft targets of attack.  According to the Center for Chemical Process Safety (CCPS), every facility must engage and implement a comprehensive physical protection program. The decision to implement a physical protection program at a chemical facility, regardless of the elements employed, is made out of the realization that there is a threat, which must be controlled. The design of a physical protection system must first consider the range of events potentially confronting the site or asset to be protected then consider what the consequences of loss or compromise would be and what it might take to deter and prevent such acts from occurring. Once installed and operational, the system must be constantly reviewed to determine if changing threats impact the system now in place.  

What initially follows is an executive overview from the American Institute of Chemical Engineers Guidelines for Analyzing and Managing the Security Vulnerabilities of Fixed Chemical Sites.

Prior to September11th, threats from terrorist attacks on a chemical installation were considered to be so unlikely that they were not generally included in security plans or in safety and security analyses, except in special circumstances. In light of the possible new threat of malicious acts involving chemicals, and the determination of the terrorists, these threats must be included as credible when assessing chemical facility risks. The very high consequence events that are possible from malicious acts at chemical sites must now be considered in the design and operation of these sites immediately as well as on an ongoing basis.  The challenge is to assess and manage this risk, and to define an appropriate level of security. The first step in managing the issue is to identify and analyze the potential vulnerabilities that each site faces. It is important to understand the differential risk posed by the new realities of potential terrorism.

Webster’s Dictionary defines the word “consequence” as:  “Something produced by a cause or necessarily following from a set of conditions.”

The consequences of a security event involving a chemical facility are more often negative than positive.  Per the recommendation of the Center for Chemical Process Safety (CCPS), the questions to be answered in a Security Vulnerability Assessment (SVA), which pertain to the consequences of a security event include, but are not limited to:

• What specific malevolent chemical security threat does the entire business enterprise or a given site face that might lead to catastrophic events, such as a release of chemicals to the community or theft of hazardous materials with an intent to weaponize them?
• What factors are present that might lead an adversary to find a particular target more attractive than another?
• What vulnerabilities in the security system could be exploited to undertake an attack?
• How significant could the effects of the incident become?
• Are the existing countermeasures sufficient given the threat?
• What enhanced countermeasures are appropriate?
• At what point is supplemental security provided under federal or state auspices required? 
• Source: CCP