Operators of dams, hydroelectric facilities and power transmission systems in the United States can make their sites a less attractive target to terrorists by using new security assessment processes.ALBUQUERQUE, New Mexico, US, 2001-12-28 [SolarAccess.com] The new methods have been developed by the Interagency Forum on Infrastructure Protection, a team of government dam owners, transmission system operators and anti-terrorism experts, plus representatives of the FBI, Army Corps of Engineers, Bonneville Power Administration, Bureau of Reclamation, Sandia National Laboratories, Lawrence Livermore National Laboratory and others. The processes, called RAM-DSM for ‘Risk Assessment Methodology for Dams’ and RAM-TSM for ‘Risk Assessment Methodology for Transmission,’ take operators and security managers through an examination of each facility’s unique situation, its potential adversaries, vulnerabilities, consequences of attack, and existing security measures. To develop RAM-D and RAM-T, IFIP conducted assessments on four dams and a regional transmission system. The guidelines provide cost-benefit analyses of possible security upgrades, using methodologies based on many formal risk-assessment tools and techniques used by Sandia to protect U.S. nuclear weapons facilities. Sandia is a Department of Energy research and development lab with expertise in the physical security of national facilities and infrastructures. “This is much more than a checklist,” says project leader Rudy Matalucci. “It begins with the events you don’t want to happen, identifies who might want to do it and what their resources are, and quantifies how much risk reduction you get with each given upgrade. It is a way to help facility owners make decisions about how to balance the need for security with other considerations.” Dam operators could use RAM-D to determine where to place sensors, cameras or lights, or whether to invest in walls, barriers, higher fences, better doors, extra training or improved policies. The methodology includes worksheets for evaluating existing security features, equations for calculating risk, and a proprietary fault-tree analysis tool for identifying vulnerabilities.