CBRN Defense of U.S. Military

Installations and Facilities

Al Mauroni

August 2005

Introduction

Since the attempt by a religious cult in Oregon in 1984 to influence a local election by poisoning a salad bar with salmonella, the U.S. government has been alert to the possibility of terrorists using chemical, biological, radiological, and nuclear (CBRN) hazards in the United States. In 1995, the Aum Shinrikyo cult used sarin nerve agent in the Tokyo subways to kill 12 people, injure about 900 and send another 4,000 “worried well” to the hospitals. This latter event kicked off a number of governmental efforts to examine and prepare for terrorist CBRN incidents. Yet, prior to 2001, commanders of U.S. military installations and Department of Defense (DoD)-owned or leased facilities had been curiously unmoved by these incidents, with the possible exceptions of increasing awareness of suspicious packages and powders and establishing mail screening procedures.

Without question, the military anticipates the possible use of chemical and biological (CB) warfare agents during combat operations against adversarial nations. Indeed, DoD spends more than a billion dollars a year now to research, develop, and acquire CBRN defense equipment to ensure that its forces can survive and sustain combat operations in a contaminated environment. DoD has supported the emergency responders of more than 100 cities with domestic preparedness training and equipment to respond to CBRN terrorism. Why, then, have military installations and facilities not acted to better protect themselves against possible terrorist CBRN incidents, knowing that any incident could have severe consequences given their obvious vulnerabilities?

On the surface, the answer is easy – U.S. military installations and facilities have limited resources and personnel, and so have to prioritize how they develop and budget antiterrorism programs carefully. Because installation commanders and their staff shape these programs, their actions focus on immediate local threats to the people that live and work at their posts. The threat from conventional terrorists, using guns, knives, explosives, and kidnappings, seem much more credible than the relatively low probability that a terrorist group will attempt to create a mass casualty incident with CBRN hazards. Similar to emergency response planners in cities across the nation, most installation staffs focus on the immediate threats that they can mitigate, and rely on federal assets outside their base for the “unthinkable” impact of a terrorist CBRN incident.

Events on and after September 11, 2001, changed that mindset. The anthrax incidents in October-November 2001 killed 5 people out of 22 infected, causing tens of thousands of potentially exposed people to seek treatment with antibiotics. Suddenly, the possibility of a mass casualty event on a military installation did not seem so remote. The antiterrorism community that had grown up in the 1990s always knew that a “weapons of mass destruction” (WMD) threat was possible (if not probable), but the community was unprepared to address it. Similarly, the CBRN defense community, focused on preparing military forces for combat operations in contaminated environments, was equally unprepared to address these new antiterrorism concerns. It would take the Office of the Secretary of Defense (OSD) leadership to force a near-term solution, developing an installation preparedness focus for CBRN terrorism, onto the services.1 However, lacking any concrete analysis or operational concepts and not willing to wait, DoD’s execution of this effort has been clumsy and costly. This report examines the process that has evolved over the last 10 years (focusing on the last 5) and offers recommendations on how DoD can refine and improve the process by which installations prepare themselves for terrorist CBRN incidents.

1

Developing A Response To Terrorist CBRN Incidents

In April 2003, OSD directed a new defense initiative to harden military installations and DoD-owned or leased facilities from potential terrorist CBRN attacks and to develop adequate responses against such incidents.2 The importance of this direction should not be understated for two reasons: first, because the Defense Department transferred more than a billion dollars from conventional antiterrorism programs between 2004 and 2009 to this effort;3 and second, because this effort is causing people to question whether terrorist use of CBRN hazards is necessarily a WMD event. The decision to transfer such a large sum of money from high probability, low consequence conventional threats to low probability, high consequence unconventional threats sets a precedent. While the popular rhetoric about terrorist WMD capabilities continues, the direction to take concrete (albeit limited) measures in preparation for these incidents is forcing a more mature examination of the threat.

Many homeland defense initiates, who are faithful to the “terrorist WMD incident” term, envision terrorist organizations using large amounts of weaponized CB warfare agents, radiological isotopes, and suitcase nuclear bombs. These have been received from adversarial nations via the “global terrorist network” to create mass casualty events in the middle of major metropolitan cities. At least some people are recognizing that the term “terrorist WMD incident” does not accurately address what may be the most credible scenario; terrorists using single small-scale exposures of CBRN hazards (to include toxic inhalation hazards and radiological dispersal devices) to create panic and not a mass casualty event. Not only does this view make sense historically and operationally, it is only fiscally responsible to address the most realistic threats, rather than the worst-case scenarios.

Antiterrorism activities at military installations and facilities during peacetime address a unique requirement that is very different than the traditional combat operations executed by military units during wartime. Both are protection-oriented, but most people understand that they are unique operations. By correlation, CBRN defense executed within antiterrorism programs and CBRN defense performed within combat operations are also two unique areas. Table 1 illustrates some of the differences in policy, threat, assumed risk, weapon systems, and funding. Despite these clear differences, when one brings up the issue of responding to terrorist CBRN incidents, people look instinctively to the passive defense experts for equipment and procedures because that is where the majority of acquisition funding, doctrine, and training is today. For instance, when Congress directed the DoD to offer courses in responding to terrorist CBRN incidents to state and local emergency responders, Army headquarters turned to the U.S. Army Chemical and Biological Defense Command (CBDCOM), the technical experts in developing CB defense military equipment, instead of military antiterrorism experts.4 This approach is fundamentally flawed and must be corrected.

2

Issues Passive Defense Antiterrorism

Who is in charge of developing OSD policy?

DASTD(CBD), ASD(HA), and DUSD(TSP/CP)*

ASD(SO/LIC) and ASD(HD)**

What is the threat? NBC weapons affecting a large area on the battlefield

Improvised CBRN hazards affecting a small area within an urban center

Who is the target? Military service members, healthy and trained, between 18 and 50

Military service members and untrained civilians, including the very young and very old

When and where is the attack?

During military combat operations on the battlefield

At any time and at any location – all across the nation.

What is the allowable risk?

High risk for CBRN exposure; emphasis is on mission accomplishment over long-term health and safety

Very low risk for CBRN exposure, expectation is that military should strive for zero risk for noncombatants

What equipment is used by the responders?

Military specs designed for acute exposure, keeps the service member alive

NIOSH*** specification, protects against long-term chronic exposure

Who funds the purchase of the equipment?

OSD through the DoD CB Defense Program

Services and installation commanders

Notes* Deputy Assistant to the Secretary of Defense for CB Defense (DATSD[CBD]), Assistant Secretary of Defense for Health Affairs (ASD[HA]), and Deputy Undersecretary of Defense for Technology Security Programs and Counterproliferation (DUSD[TS/CP]).** Assistant Secretary of Defense for Special Operations and Low Intensity Conflict (ASD[SO/LIC]), Assistant Secretary of Defense for Homeland Defense (ASD[HD]).*** National Institute for Occupational Safety and HealthTable 1. Comparison of Passive Defense and Antiterrorism

Military CBRN defense equipment is expensive and designed specifically for use by military service members in high-risk situations during relatively limited periods of engagement, where one has a good idea of where the enemy is and what that enemy has in the way of agents and delivery systems. Military commanders do not debate funding expensive CB defense equipment as they consider ways to diminish the impact of CB weapons and ensure the success of the mission. On the other hand, antiterrorism efforts at a military installation continue throughout the year, addressing protection of noncombatants and combatants alike, and compete with standard base operations for funds. Because antiterrorism funding is limited, installation commanders must address the more probable threats first. This is basic risk management. To be successful, one must examine the terrorist threat and an installation’s vulnerabilities, identify what defensive capabilities are required, and how these capabilities should be executed, given limited personnel and funding and large populations and territory. One cannot just take military CBRN defense equipment, drop it on an installation and declare success. Yet some have this view.

3

I am not going to address DoD’s development and fielding of the WMD Civil Support Teams and how DoD intends to work CBRN defense issues with the Department of Homeland Security (DHS) and Department of Health and Human Services (DHHS). Technically, antiterrorism programs for military installations within the United States are identified as part of DoD’s homeland defense efforts. I intend to focus on those efforts aimed at improving preparedness at military installations (domestic and overseas) as antiterrorism programs, and not address those civil support and other homeland defense efforts aimed at protecting U.S. civilians and non-military critical infrastructure.

There are just too many ongoing CBRN defense efforts in homeland security, and successfully analyzing all these efforts could justify a book. How the U.S. Government intends to execute CBRN defense efforts under homeland security should be very similar to how the military intends to execute CBRN defense under antiterrorism, but of course the former dwarfs the latter. Billions of dollars are being thrown at homeland security for the purpose of biological defense in particular.5 The current and future U.S. budget can not ensure that every U.S. citizen will be protected from a terrorist CBRN incident despite current DHS and DoD initiatives. The best that the U.S. Government can do is interdict terrorist organizations prior to the use of CBRN hazards, harden certain critical infrastructure to improve its defense, and ensure that the response to a terrorist CBRN incident is prompt and adequate.

Similarly, commanders cannot assure the entire installation population that, through their antiterrorism efforts, the people will always be safe from CBRN hazards. The focus of antiterrorism efforts on installations continues to be on conventional threats. Few installations, if any, undertake annual threat and vulnerability analyses for CBRN hazards, often because they do not understand (or have not determined) the threat or because the solutions rely on expensive technological applications.6 Maintaining very expensive and specialized equipment to protect an entire installation’s population throughout the year requires levels of personnel and funding that are just not sustainable, save perhaps by the largest and most important installations. Yet the impression is that “something” must be done.

U.S. citizens do expect that military service members deploying to combat operations will be provided fully with CBRN defense capabilities (witness the public reaction to Gulf War illnesses). Protecting 100 percent of a deployed military force from the immediate lethal effects of CBRN hazards is an achievable goal. The population to be protected is much smaller, and this protection is intended for a limited timeframe against a known quantity of NBC weapons. While there may be a common technological approach to providing CBRN defense capabilities and DoD expertise in both passive defense and antiterrorism efforts, the protected population, concepts of operation, timeframe of protection, and specialized equipment are very different.

Military Antiterrorism Concepts

It is DoD policy to protect service members, civilian employees, family members, facilities, and their equipment from terrorist acts.7 This concept, known as force protection, includes the requirements of combating terrorism, physical security, operations security, and personal protective services. The formal scope of force protection addresses “actions taken to prevent or mitigate hostile actions against DoD personnel (including family members), resources, facilities, and critical information.”8 Force protection does not include those actions taken to defeat enemy forces or to protect against accidents, weather, or disease, which leaves the threats of terrorism, crime, and espionage remaining. Combating terrorism is the overall term used to address those

4

actions taken to oppose terrorism in any situation. It can be broken into the areas of counterterrorism – those offensive measures taken to prevent, deter, preempt, and respond to terrorism – and antiterrorism – those defensive measures used to reduce the vulnerability of individuals and property to terrorist attacks. The military used to call this latter effort antiterrorism/force protection (AT/FP), but given some confusion between addressing antiterrorism and the larger scope of force protection, that term has been dropped.9 The term “installation preparedness” is often used to address those measures developed for installations and facilities, as opposed to antiterrorism efforts designed to protect military units in the field.

The military has a detailed strategy that discusses how the DoD intends to combat terrorism. Similar to homeland security, the DoD is not the lead federal agent for combating terrorism. In cases of domestic terrorism, DoD supports actions initiated by the Department of Justice (DoJ) or DHS; for overseas terrorism, the Department of State is the lead federal agency. While the Assistant Secretary of Defense for Special Operations and Low Intensity Conflict (ASD[SO/LIC]) has the lead responsibility for policy and program oversight on combating terrorism, he focuses primarily on overseas terrorism issues while the Assistant Secretary of Defense for Homeland Defense (ASD[HD]) is the lead for domestic terrorism and installation preparedness issues. U.S. Special Operations Command has the charter to conduct most of the military’s counterterrorism missions, although other special military task forces can be formed to respond to terrorism situations as required. In 1996, following the Khobar Towers incident in Saudi Arabia, the Secretary of Defense designated the Chairman of the Joint Chiefs of Staff as the principal advisor and focal point for AT/FP issues. That same year, the Chairman designated a Deputy Director for AT/FP under J-3 (Operations) to address joint concepts and assist the services and combatant commands in developing antiterrorism measures.10 Each military service and combatant command develops and implements antiterrorism programs unique to its specific forces and respective geographical areas, given the authorities and resources available.

To be clear, the services execute antiterrorism procedures at their respective bases, but combatant commands have responsibility and authority for force protection of U.S. military installations in their geographic area. There are a number of DoD, joint, and service directives, instructions, and guidelines on how these military commanders should conduct their antiterrorism programs. But in the end, the installation commander judges the overall terrorist threat, determines the allowable risk, and develops appropriate defensive measures to protect his or her personnel within that area of responsibility.

A few important qualifications should be mentioned. Each installation commander is responsible only for what happens within his area of responsibilities, that is, within the installation’s gates or behind a facility’s doors. Because weather-driven CBRN hazards do not respect geographic boundaries, some say any response to terrorist CBRN incidents must involve a plan to address off-post civilian casualties and to support off-post emergency response capabilities. DoD does not have any responsibility to fund the protection of these civilians or the off-post emergency response capability addressing terrorist CBRN hazards, largely because of lack of authority and money. DoD officials have no authority off-post, and given the direction of the National Response Plan, the authority to plan for disasters and to issue state and local grants to develop response capabilities clearly resides in DHS. While military commanders can use available installation resources to aid local communities in the event of emergencies, they can only plan and request funds for antiterrorism efforts addressed specifically for the installation.11 There is a very practical reason for this.

5

Counting the many hundreds of military installations and facilities across the country, any modest attempts to augment off-post emergency response capabilities around these installations would quickly run into the billions of dollars. Identifying what is a proper CBRN response capability and a normal emergency response capability would be very difficult and very political. It is difficult to see OSD leadership agreeing to this diversion of funds to a low probability, high consequence event that does not directly support military operations. The Army’s funding of emergency response operations around its eight chemical weapons stockpile sites, known as the Chemical Stockpile Emergency Preparedness Program (CSEPP), offers a possible precedent to suggest DoD might pay for at least a part of those off-post emergency response capabilities.12

A mature antiterrorism program includes risk management, planning, training and exercises, resource generation, and annual program reviews. Each installation has a different set of parameters against which to address antiterrorism concerns. Installations can range from huge tracts of land and tens of thousands of personnel on the post to a few buildings within a city block, with all kinds of variations on land size, population, and critical functions. U.S. Transportation Command regulations state that large ships can be treated as military facilities under certain regulations and directives.13 Some installations have emergency response units such as firefighters and police, but many rely heavily on off-post emergency responders to manage larger incidents and emergencies. The question becomes, are military installations and facilities prepared to continue operations in the presence of CBRN hazards or to restore their installation to pre-incident conditions following a terrorist CBRN incident? Typically, installation protection and assessment of those efforts have focused on conventional, rather than CBRN, terrorist attacks.14

The general terrorist threat can take a number of forms. Terrorists can use assassination, arson, bombings, hostage taking, kidnapping, or hijacking to threaten military and government civilians. Terrorists can seize or attack government buildings, fire missiles at ships and aircraft, sabotage critical infrastructure, or just voice their threats through hoaxes. Most attackers use some kind of hand-held weapon or explosive. They can also threaten to use CBRN hazards against military or civilian targets. With all these different threats, commanders must assess the risks to their area of responsibility, determine and prioritize any vulnerabilities, and allocate personnel and funds within resource limitations.

To assist these commanders, the Defense Threat Reduction Agency (DTRA) executes a program called the Joint Staff Integrated Vulnerability Assessment (JSIVA) to assess the preparedness of military installations and facilities worldwide.15 The JSIVA teams assess an installation’s intelligence collection and dissemination capabilities, physical security measures, infrastructure support and structural vulnerabilities, response to terrorist incidents, and managing the consequences of a terrorist incident. This assessment purports to address WMD response capabilities in addition to conventional terrorism incidents, although prior to 1999, few, if any, military installations were criticized for having little to no capability to respond to terrorist CBRN incidents.

For most of the 1990s, addressing the possibility of terrorist CBRN incidents was a low priority. Despite the potential impact of a terrorist CBRN event such as the Aum Shinrikyo’s use of the sarin nerve agent in the Tokyo subway, military commanders disregarded this issue for several reasons. First, the probability of an attack by terrorists, criminals, or spies, using conventional tools like handguns, explosives, and knives, was much higher than the probability of a terrorist group using CBRN hazards. At best, national intelligence assessments rated terrorist

6

CBRN interest as “limited” and largely relegated to the possibility that a group would use industrial chemicals as weapons.16 The Federal Bureau of Investigation often states that it assesses no terrorist organizations within the United States as planning to use CBRN hazards, although the chance of a “lone gunman” always exists.17 Even with the potential high consequences of the massive use of a CBRN hazard, the risk numbers did not justify spending scarce installation funds to address a potential threat that had never been employed successfully against a military installation or facility. The many anthrax hoaxes seen in the late 1990s were directed against unprotected government buildings or private organizations (health care providers, churches, etc.) rather than military installations. Better to count on someone arresting the terrorists first rather than to waste money and time on equipment that would never be used.

Second, there were few tools to assess the potential effects of a small single exposure of CBRN hazards employed as a result of a terrorist attack against a military installation, as opposed to assessing the effects of a few Scud missiles with chemical warheads against an air base. It is much easier to address known and more probable threats, such as unauthorized people trying to enter a military base with handguns or bombs. Much less clear was the exact nature of the CBRN terrorist threat and what options existed to respond effectively to these incidents. No CBRN defense specialists were located on military installations to assist antiterrorism planners in installation defense (nor is there any rush today to remedy this shortfall). One may assess one’s installation and determine that, while an installation may be vulnerable to CBRN hazards, no credible terrorist CBRN threat exists, and therefore there is very little risk. And what would the potential consequences of a single small release of CBRN hazards be on a huge military installation? No one really knows. At best, the installation emergency responders might pull together some commercial hazardous material (HAZMAT) suits and detectors in the rare event that their people might be called upon to respond to a deliberate or accidental industrial chemical accident. If someone found an unexploded, improvised CBRN device, they would call the Army’s Technical Escort Unit to disarm and remove it.18

Third, the increasing interest from the executive and legislative branches in addressing the potential threat of CBRN terrorism is focused on the impact on the general public rather than on military installations, facilities, or critical infrastructure sites. That does not suggest that military installations are less vulnerable than cities; rather, that no trends suggest an increased threat of terrorist use of CBRN hazards against military installations, and therefore there was no need to shift scarce funds from known, current threats. Any new, unfunded antiterrorism initiatives would have to be headed by DoD and federal agencies far above the installation level and not independently developed and implemented by each installation. Bioterrorism specifically became an issue seen more and more as a national security risk and something far beyond any one installation’s scope or capabilities to address. The limited funds and expertise available for antiterrorism efforts were focused on addressing conventional terrorism threats against specific installations given that the leadership direction and money was there, with a nod toward the need to address WMD threats.

It is not as if the services had never thought of the possibility of CBRN terrorist incidents occurring at their military installations. Merely because CBRN terrorist incidents were low probability events did not completely erase the concern that one high consequence incident, however remote the odds, might cause considerable turmoil especially at certain high-value installations with vital command and control elements or critical power projection assets. But other than talking about the CBRN hazard threat, not much was actually done. In 1999, Deputy Secretary of Defense John Hamre directed the services to improve and enhance their emergency

7

responder capabilities at 15-20 military installations.19 ASD(SO/LIC) would oversee the execution of this effort. This office was responsible for direction and supervision for policy; program planning and execution; allocation and use of resources for both DoD combating terrorism activities and for domestic incidents involving the release of CBRN material or high-yield explosives.

This was not a very substantial defense effort. The services invested $27.6 million at 24 installations to procure specialized, commercial HAZMAT response equipment for the installation firefighters and security forces.20 Across the four services, funds spent on DoD antiterrorism programs between 2000 and 2004 averaged between $5 and $6 billion annually, largely for physical security equipment and salaries for security forces and technicians (following September 11, 2001, annual costs jumped to about $7 billion annually).21 The effort, while small, started the antiterrorism community thinking more seriously about requirements and training needed to improve their ability to respond to CBRN terrorist incidents, but other than developing a WMD annex for antiterrorism procedures, little was done in terms of concrete improvements in preparedness.

While all antiterrorism efforts had a basis in joint doctrine, each service executed an antiterrorism program for its installations and facilities, including buying what it wanted, training its own service-unique security and response forces, and developing distinct and service-unique concepts of operation. One of the few commonalities was the mandate that emergency responders at military installations had to use the same NIOSH-certified equipment as emergency responders in cities. Meanwhile, the DoD CB defense community had been jointly developing CBRN defense doctrine and equipment for military applications for several years, but was not involved in evaluating commercial equipment for emergency responders.22 The DoD CB defense community had never really coordinated with the antiterrorism community, and vice versa, a situation that would lead to some interesting conversations as the two communities learned each other’s particular lingo and peculiar concepts.

Installation Preparedness Evolves

After September 11, 2001, installation commanders across all four services were requesting CB detectors, protective suits, collective protection systems, and medical countermeasures to prepare their installations for any potential CBRN terrorist incidents, despite the lack of intelligence indications of any such attacks. As they lacked funds to add additional antiterrorism capabilities to the installations, they turned to other sources. In general, installation commanders procure antiterrorism equipment using funds from their parent services and from a special program run by the J-3, Deputy Director for Force Protection.23 These procurements are justified through threat and vulnerability assessments of their installations, prioritizing the most vulnerable gaps to justify the desired additional equipment and manpower. Threat and vulnerability assessments prior to September 2001 had not indicated CBRN terrorist incidents as a high enough priority to compete with conventional antiterrorism requests, such as guard dogs, security cameras, and jersey barriers. The installations lacked trained personnel to man the detectors, employ collective protection systems or decontaminate buildings and equipment, even had they gotten the military equipment. In addition, each installation had its own concept for how it thought the CB defense equipment, designed for warfighting units on a battlefield, should be employed for the purposes of antiterrorism on a military installation.

8

The flood of incoming requests for CBRN defense equipment from military installations was directed to the DoD CB Defense Program. Initially, the OSD comptroller refused to fund these requests (since all military CB defense equipment was addressed under a single OSD program line)24 until the Deputy Assistant to the Secretary of Defense for Chemical and Biological Defense (DATSD[CBD]), as the USD(AT&L) designated representative for the program, could confirm who was paying for the equipment and who was approving the unconventional requests. Stopping the flow of needed equipment was not an acceptable solution, so the J-5/Nuclear and Counterproliferation (Nuc&CP) Branch, in conjunction with DATSD(CBD), hosted an intense, week-long joint working group (with participation from the

1 OSD directed the USD(AT&L) to fund and develop CBRN defenses for 600 installations and facilities in the Defense Planning Guidance for FY 2004, dated April 2003.2 Defense Planning Guidance for FY 2004, dated April 2003. 3 Program Decision Memorandum 501C, dated November 2003.4 See the DoD report to Congress on the DoD Domestic Preparedness Program at http://www.defenselink.mil/pubs/domestic/toc.html for details.5 The FY 2003 President’s Budget included $5.9 billion for defending against biological terrorism (see http://www.csbaonline.org/4Publications/Archive/U.20020208.FY_2003_Budget_Req/U.20020208.FY_2003_Budget_Req.htm). Also see CRS, “Homeland Security and Counterterrorism Research and Development: Funding, Organization and Oversight,” June 20, 2003, available at http://www.acs.org/portal/a/ContentMgmtService/resources?id=c373e9f64a61647a8f6a4fd8fe800100. 6 This is my personal assessment based on discussions by military and civilian antiterrorism experts and briefings presented at the 2002 J-34 AT/FP annual conference.7 DoD Instruction 2000.14, DoD Combating Terrorism Program Procedures, dated June 15, 1994.8 The original definition of force protection is in Joint Publication 3-07.2, Joint Tactics, Techniques, and Procedures for Antiterrorism, dated March 17, 1998. The newer definition is in Joint Publication 1-02, DoD Dictionary of Military and Associated Terms, dated June 9, 2004.9 This change was formalized in DoD Directive 2000.12, DoD Antiterrorism (AT) Program, dated August 18, 2003.10 BG Jonathan Cofer, “Force Protection at the Joint Staff Level,” Military Police, March 2002. Available online at http://www.findarticles.com/p/articles/mi_m0IBW/is_2002_March/ai_86128041. The former Deputy Director for AT/FP is now called the Deputy Director for Force Protection. 11 See Army Regulation 525-13, Military Operations: Antiterrorism, dated January 4, 2002, and Army Regulation 500-51, Support to Civilian Law Enforcement, dated July 1, 1983. Also see http://www.hood.army.mil/corpssja/Disaster%20Relief%20Requests.htm for practical implementation of this statement.12 See FEMA program information on the Army-FEMA CSEPP at http://www.fema.gov/preparedness/csepp.shtm. 13 The official JP 1-02 definition of a facility is “A real property entity consisting of one or more of the following: a building, a structure, a utility system, pavement, and underlying land.” Certainly a ship has one or more of those qualities, although it is not on land. TRANSCOM regulation on large ship = facility is… .

9

four services, Joint Staff, and OSD) to develop some immediate “back-of-the-envelope” solutions and a common approach to improving DoD installation preparedness for terrorist CBRN incidents.

In the first week of October 2001, the joint working group broke into two distinct cells. One would develop a standardized template to identify a package of CBRN defense equipment for a typical military installation. The second would attempt to establish a prioritized list of military installations against which the standardized package would be applied. The concepts group relied heavily on the Army staff and the Joint Program Office for Biological Defense (JPO-BD) in the development of a concept featuring a network of CB detectors that might be emplaced on an installation and tied into the installation’s emergency operations center (EOC). The concept would also add a limited number of protective suits and masks for essential 14 BG Jonathan Cofer, Congressional testimony to the House Armed Services Committee on June 14, 2001, “DoD’s Role in Combating Terrorism and Force Protection Lessons Learned Since the Attack on the U.S.S. Cole.” Available at http://commdocs.house.gov/committees/security/has165240.000/has165240_0f.htm.15 DoD guidelines require that each installation have a higher headquarters antiterrorism and force protection assessment at least every three years. DTRA helps installations meet this requirement through the JSIVAs. See description of the JSIVA program at http://www.dtra.mil/toolbox/directorates/cs/programs/assessments/joint_staff.c

fm. 16 See GAO/NSIAD-99-163, Combating Terrorism: Need for a Comprehensive Threat and Risk Assessments of Chemical and Biological Attacks, September 1999. See also DOJ Assessment of the Increased Risk of Terrorist or Other Criminal Activity Associated with Posting Off-Site Consequence Analysis Information on the Internet, April 18, 2000. Also see CIA’s online booklet, “Terrorist CBRN: Materials and Effects,” at http://www.cia.gov/cia/reports/terrorist_cbrn/terrorist_CBRN.htm. 17 See testimony of Louis Freeh, FBI Director, before the Senate Committees on Appropriations, Armed Services, and Select Committee on Intelligence, dated May 10, 2001 (available at http://www.fbi.gov/congress/congress01/freeh051001.htm). “The trend toward high-profile, high-impact attacks comes at a time when interest is growing among both international and domestic terrorist groups in acquiring weapons of mass destruction (WMD ). Currently, there is no credible information that a terrorist group has acquired, developed, or is planning to use chemical, biological, or radiological agents in the United States. However, there has been an increase in the number of cases or incidents involving use or threatened use of such agents in the United States.”18 Current installation protection practices as described in the J-34 Installation Antiterrorism Program and Planning Tool, Volumes I and II, and WMD Appendix to the AT/FP Planning Template, dated November 1998.19 Program Decision Memorandum I, 1999, directed the Services to enhance their emergency response capabilities on installations through this pilot program. Frank Lane, ASD(SO/LIC), “CBRNE Consequence Management Initiatives,” presentation to J-34 AT/FP Conference, February 2002, slides.20 Ibid.21 See cost data in GAO-03-14, “Combating Terrorism: Actions Needed to Guide Services’ Antiterrorism Efforts at Installations,” November 2002, p. 14.22 While the U.S. Army was executing the DoD Domestic Preparedness Program for the 120 cities and did some testing of commercial equipment, this was not connected to or funded by the DoD CBRN Defense Program’s efforts for military requirements. The organizations were related but not directly supportive.

10

personnel that might have to work through the hazard’s duration (none for the general population) and some medical countermeasures, to include a package of vaccines and atropine kits. The group recognized that some level of collective protection systems for certain critical sites (such as the installation EOC and any VIP offices) and decontamination would be required, but it seemed too hard to sketch out even a rough estimate of collective protection and decontamination requirements within the time available. Essentially this was a replication of the warfighting model of contamination avoidance and protection fit to a generic installation, with no validation as to how effective the package would be.

The final proposed protection package would consist of the following equipment, assuming an average, moderate-sized installation: 4 remote chemical detectors, 20 point chemical detectors, 12 biological detectors, four Portable Biological Agent Samplers, 2 PCR devices for sample analysis, 1,267 medical post-attack protection kits (including antibiotics but not vaccines), individual protection ensembles for 118 persons, and $500,000 of basic equipment for a 12-member installation support team. As each installation would have unique characteristics, there would be modifications to this template. The working group developed three options, based primarily on how quickly an installation would receive the CB detector arrays (the most expensive part of the package). Option 1 was to cover individual and medical protection at 530 installations, but deploy CB detector arrays and installation support teams at only 100 installations, and only 6 biodetection systems (versus 12) at each of those 100 bases, at a cost of approximately $702 million.25 Option 2 would cover all of option 1 efforts and add another 6 biodetection systems to the first 100 installations (for a total of 12) and deploy chemical detectors and 6 biodetection systems each to another 180 installations. The cost of executing option 2 would nearly double the overall costs to about $1.47 billion. Option 3 would cover all of option 2 efforts and expand the fielding of CB detectors, to include 12 biodetection systems per installation, to all 530 installations. Total costs of the third option were estimated at $3.05 billion. This did not include the costs accrued each year due to operations and maintenance of the CB defense equipment, which would increase the total costs of the three options to $962 million, $2.2 billion, and $4.3 billion (respectively) over a five-year budget period (FY03-07). It also did not address the costs of additional manpower, training, or installation costs associated with adding these capabilities to the installations. These were seen as service Title 10 issues.

JPO-BD, with the vocal support of the medical community, added a $250 million package of additional issues to the installation preparedness proposal. This included procurement of 50 million doses of smallpox vaccine ($147 million), 1 million doses of botulinum toxin vaccine ($24 million), research and development funds to accelerate research into the next generation anthrax vaccine ($7 million), upgrading the fixed biodetectors at 23 overseas sites in

23 The J-3’s program is the Combating Terrorism Readiness Initiative Fund (CbT RIF). See CJCSI 5261.01, Combating Terrorism Readiness Initiative Fund, dated July 1, 2001. 24 This is a result of congressional legislation – Public Law 103-160 directed the consolidation of the four services’ CBRN defense programs into a single OSD budget line. As a result, OSD took the four services’ research, development and acquisition funding from their budgets for this purpose. The services must procure their own consumable items (except for protective suits and vaccines) and use their own fund for operations and training.25 It was felt that twelve JPS would offer a 90 percent chance of detection, while six JPS would offer 60 percent chance of detection. The latter option was deemed as the minimally acceptable risk. This was based on an earlier exercise called NISUS ENDEAVOR.

11

U.S. Central Command and U.S. Pacific Command ($28 million), expansion of the critical reagents program that produced chemical assays for the biological detectors ($10 million), and general engineering and logistics support costs to execute the efforts ($34 million). Most of the items in this laundry list had absolutely nothing to do with the analytical efforts of the Joint Staff-led group, but was deemed “a good thing” to add to the package with the overall goal of increasing overall DoD biodefense efforts.

The installation prioritization cell had an interesting challenge: it was tasked to develop a standard grading process against which all four services would agree to assess and prioritize 652 identified DoD installations that might receive CBRN defense equipment. This was necessary, as the Defense Critical Infrastructure Program was reluctant to share its classified list of unprioritized defense assets, which included installations, facilities, and specific buildings. Contractor facilitators developed a grading scale that identified three major criteria; the total population (including military, civilians, contractors, and dependents), vulnerability (specific to CBRN hazards, installation response capability, and local threat conditions), and criticality (number of commands, symbolic value, and militarily critical nodes).26 The criteria were scaled on a percentage basis and weighted. The four services quickly gathered the required data for their installations and came together to discuss how they graded each installation, in an attempt to ensure that each service had, at the least, used the same criteria fairly in their prioritization process. The geographic combatant commands were polled to identify those critical domestic and overseas installations that ought to be considered.

Most of the submitted data were guesses by the service members. Not enough time existed to conduct a thorough data collection effort, but at least it was transparent to all that the four services had rated their installations using similar criteria. The idea was to then collapse the four services’ lists together and propose, as a starting point only, one DoD installation priority list that would rank the most important installations requiring CB defense capabilities. This list did not, however, include installations owned by defense agencies outside the four services (such as the Pentagon or Defense Logistics Agency facilities). It was understood that this list was preliminary and only intended to start a process toward a more refined and defendable process. When this process and draft priority list was brought back to the Joint Staff-led group, its members decided not to forward the results of the installation cell due to the fear that the general/flag officer ranks and OSD would quickly focus on and become argumentative over the results of the draft priority list, instead of focusing on the procurement of the CB defense equipment.

The following week, the J-5/Nuc&CP branch chief, presented the results of the joint working group to the Joint Requirements Board, the two-star general officer panel that previewed and critiqued all material prior to submission to the Joint Requirements Oversight Council (JROC).27 While the Army representatives generally supported the presentation, the Air Force and Navy representatives were uncomfortable with the concept and the costs, and the Marine Corps representative was noncommittal. The J-5/Nuc&CP branch chief was directed to change his JROC briefing from a decision brief to an information brief (meaning the service chiefs would not be forced to commit to the concept or funding). When the JROC met to review

26 Credit is due to Peter Steen of Analytic Services, Inc, for his development of a sound methodology and facilitation between the four services in developing prioritized lists of installations. While a necessary step, it was deemed too difficult at that time to sell a prioritized list to the four star officers, who were continuously looking for ways to protect their military installations from the event of a BRAC commission.

12

the brief, the four-star officers balked at the potential costs, and decided to not support the effort further. The joint working group had done its best to provide an analytical process within a very short timeframe, with the understanding that many DoD agencies were maneuvering to submit emergency budget packages in light of the fact that “a plane was sticking out of the side of the Pentagon,” as one Army officer wryly stated. Proposing billions of dollars to develop an admittedly limited defensive capability against the relatively low probability of a terrorist CBRN incident on all military installations was not seen as realistic, especially given the less-than-rigorous analysis that the group had rushed through and lack of a validated operational concept for using CBRN defense equipment on installations.

OSD decided they did not want to give up on the idea. The DATSD(CBD) and DUSD(TSP/CP) worked with OSD Program Analysis and Evaluation (PA&E) to bring up the installation protection issue at the Program Review Group, a group chaired by the Director, Program Analysis and Evaluation (PA&E), and including OSD principal deputies and assistant secretaries, the services’ budgeting chiefs, and the Joint Staff’s director for J-8 (Force Structure, Resources and Assessment). In addition, ASD(SO/LIC) proposed a second initiative aimed at increasing the capabilities of the installation emergency responders. The ASD(SO/LIC) proposal would add $1.8 million per installation for procurement, training, and exercises targeted for the emergency responders, in an approach similarly phased as the CBRN defense equipment proposal. Their target was to fully fund this effort at 480 installations over the FY 03-07 budget, at a cost of $1.2 billion. Alternatives included reduced efforts at 160 or 320 installations at costs of $416 million and $832 million, respectively.28

In the process of preparing the cost estimates, OSD(PA&E) then cut out the medical countermeasures and protective suits and masks from the proposal, stating that these military CB defense items ought to come out of the DoD CB Defense Program’s budget.29 This reduced the cost slightly, but not significantly, given the conservatively small numbers of medical and nonmedical protection measures identified in the initial proposal. This decision was made against

27 The JROC is a council of four-star general or flag officers from each of the Services, designated by their military department secretaries to advise the Chairman on military capabilities, acquisition programs, and other defense issues. The Vice Chairman usually chairs the JROC meetings. The JRB was the board of two-star general or flag officers from each of the Services, designated by their respective JROC permanent member. The JROC Secretary chaired the JRB. The JRB assists the JROC in carrying out its duties and responsibilities, to include overseeing the requirements generation process, reviewing issues and briefings prior to final JROC review, and nominating topics for JROC consideration. The JRB was replaced by the Joint Capabilities Board in 2003.28 The discrepancy between the joint working group’s phased approach of 100, 180, and 530 and the ASD(SO/LIC) phased approach of 160, 320, and 480 is difficult to understand, as one would imagine that both groups were working against the same list of military installations. It is indicative of the CBRN and the antiterrorism communities lack of understanding of each other’s concepts and failure to work closely together, a situation that still exists to some degree today.29 At the time, the PA&E was Dr. Stephen A. Cambone. The Deputy Director was Vice Admiral Stanley Szemborski, formerly of the J8 (Resources, Force Structure and Assessments), Joint Staff. Both received direct briefings on all CBRN defense issues, and were keenly interested, but were not willing to increase CBRN defense at the cost of other priorities, especially not without solid and in-depth analysis.

13

the strong objections of the Joint Staff and services. While the services do submit their total warfighting requirements to the DoD CB Defense Program, they had never considered CBRN defense requirements within their antiterrorism programs. The DoD CB Defense Program could not address the equipment requirements for two major conflicts, let alone installation preparedness, but this rationale was lost against the OSD(PA&E). When the OSD(PA&E) staffed the three options to the Program Review Group on November 20, 2001, its members also balked at the proposed costs, but directed that a pilot program might be initiated to better develop the concept, capabilities required, and associated costs. On November 27, the Defense Review Board reviewed the installation preparedness efforts, and developed Program Budget Decision (PBD)-289, which created the Joint Service Installation Pilot Project (JSIPP).30

JSIPP would use the concept of operations and equipment outlined in the very rough, back-of-the envelope estimates developed by the October joint working group, placing CB defense equipment on nine diverse installations (three each for the Army and Air Force, two for the Navy, and one for the Marine Corps). The intent was to run a 1-year program starting in Fiscal Year (FY) 2003, with approximately $5 million per base spent on CB defense equipment and $1.5 million spent on emergency responder equipment and training per installation. Following the release of PBD-289 in December 2001, ASD(SO/LIC) initiated discussions with the services on which nine installations would receive the equipment. ASD(SO/LIC) lobbied the service staffs to pick one large, one medium, and one small installation within the United States, to allow for a variety of concepts and lessons learned to emerge within a controllable environment.31 Simultaneously, ASD(SO/LIC) initiated the development of DoD guidelines addressing how installations should develop and train their first responders to respond to CBRNE incidents. These guidelines would not be completed until December 2002. Not content with the limited effort, the DUSD(TSP/CP) would continue to lobby (unsuccessfully) for the necessary funding and emplacement of CB defense equipment at 100 military installations in FY 2003.

During this installation preparedness discussion, the group was stymied in that no OSD guidance existed for the procurement and use of protective suits and masks and medical countermeasures by noncombatants on military installations. While DoD had guidance for procuring and using vaccines for noncombatants supporting military combat operations, no similar policy addressed the use of protective equipment during domestic terrorism scenarios. Vice Chief of Staff of the Army General John Keane sent a memorandum to OSD requesting

30 PBD-289, dated December 10, 2001. The Program Review Group (PRG) decided to pursue a smaller increase in FY 2003 than the $576 million contained in Phase I of the Issue Paper to support protection at 100 bases, and defer a more in-depth review of the issue until POM-04. The alternative utilizes much of the methodology contained in the Issue Outline on what equipment a nominal chemical-biological force protection package would contain. However, the alternative recommends funding a chemical-biological force protection package at 9 installations (assuming 3 per Service) in FY 2003 to support a “CONUS Pilot Protection Project” as recommended by the PRG.31 The services were eventually allowed to choose their own state-side installations, trying to comply with ASD(SO/LIC)’s guidance on choosing one small, one medium, and one large installation. The installations included Fort Gordon, Fort Lewis, and Fort Campbell; Robins Air Force Base, Pope Air Force Base, and Barksdale Air Force Base; Naval Surface Warfare Center (Dahlgren), Navy Region Southwest (San Diego), and Camp Lejeune.

14

guidance on this matter. This issue fell to ASD(SO/LIC) to address; a formal DoD memorandum would be released in September 2002 (about nine months later).32

While debate continued about how to address installation preparedness, OSD policymakers were working on the Defense Planning Guidance for FY 2004. In April 2002, instructions within the guidance directed the Under Secretary of Defense for Acquisition, Technology, and Logistics (USD[AT&L]) to develop a plan to fund and deliver CB defense equipment for 600 military installations over a six-year period, at 100 installations a year, between 2004 and 2009.33 During the drafting of the Defense Planning Guidance, all the services and the Joint Staff protested that it was premature to initiate this prior to JSIPP’s lessons learned being identified. They said that the impact of trying to field CB defense equipment at that rate would have a negative impact on the fielding of equipment to military units, given the small industrial base of the CBRN defense sector. These protests went unheeded, and the language was adopted. Through the summer, OSD, the Joint Staff, and the services developed options on how to implement this direction, using the untested JSIPP model (which was largely copied from the one-week crash effort in October 2001) as a guide to develop a funding profile.

Essentially there were three alternatives. Option one was to comply with the guidance to outfit 600 installations (the OSD policy option), which would run at least $3.7 billion for CB defense equipment and $5 billion in operations and maintenance costs. Option 2, proposed by USD(AT&L), would outfit 185 installations, starting with 5 in FY04 and ramping up to 50 each in FY07-09, which would run about $1.2 billion for CB defense equipment and $1 billion in operations and maintenance costs. The third option, proposed by OSD(PA&E), would develop a tiered equipment approach where not all installations would receive the same package; there would be a minimal, low, intermediate, and full package depending on a set of criteria, such as the critical nature of the installation, its population, its potential risk, or its proximity to large population centers. No immediate cost was associated with this approach, as it would depend on the methodology and assumptions used in prioritizing installations and deciding which ones should get what level of protection.

To develop this third option in more detail, the DATSD(CBD) turned to the Army Program Executive Office for Chemical and Biological Defense (PEO-CBD)34 to generate an acquisition strategy for implementing a tiered protection approach. Now, there was no joint concept of operation for this effort, JSIPP had not been started, and the antiterrorism community had not been engaged for their views. This effort was not coordinated with the Defense Critical Infrastructure Program, which was being implemented and refined separately, or any other defense planning office involved in conventional antiterrorism efforts. U.S. Northern Command was still being stood up and was not a player at all, nor was U.S. Joint Forces Command.

To top it all off, OSD(PA&E) would personally define the criteria used to prioritize all military installations in this effort. The criteria would include those installations at greatest risk from terrorism; those with largest population on the base; those closest to major population centers; those with large command and control nodes; and those critical to the early generation of combat power. All installations with base populations more than 300 would be counted.35

32 This was a memorandum signed by DepSecDef Paul Wolfowitz on September 5, 2002, discussed later in the text.33 Defense Planning Guidance for FY 2004, dated April 2002. 34 Army Secretary Tom White had restructured the PEO/PM structure across the service in 2002. He combined JPO-BD, the Project Manager for NBC Defense Systems, and the Product Manager for Smoke and Obscurants into the Army PEO-CBD. This later became the basis for the Joint PEO for CB Defense.

15

Despite vocal dissention, the PA&E action officer laid these criteria out to then Director for PA&E Stephen Cambone and obtained his approval without considering any recommendations for change. Most of these criteria were poorly thought out and untested. There was no way to determine which installations were “at greatest risk” to terrorism, unless one was prepared to say that those overseas installations were somehow more at risk because of proximity to adversarial nations. That viewpoint was entirely subjective after September 11, 2001.

The population-based metrics would not favor the Air Force, since their air bases were much less populated than many Army and Marine Corps bases. The factor of proximity to major population centers boded ill for many Army bases that were distant from such cities. While this was a poor set of criteria, few wanted to press the issue with the PA&E without knowing how the results might pan out for each service. Better to wait and see how the services fared with the overall process prior to protesting the illogic of the prioritization methodology.

The Army PEO-CBD developed an acquisition strategy that used the untested JSIPP model and a draft defense instruction for how emergency responders should address CBRN response.36 It assumed that all DoD installations would be divided up into three prioritized tiers – those installations critical to accomplishing the national military strategy; those non-power projection installations and facilities that provided combat service support (such as supply depots); and other installations that did not provide direct support to the national military strategy, such as research and development sites. It outlined a Level A that would establish a basic emergency preparedness capability for all installations, using military and commercial equipment, and a number of analytical laboratories to provide regional technical support to analyze and identify CBRN hazards. This would cost about $1.5 million per installation. Level B would add an installation detection and mitigation capability by adding CB point detectors, decontamination equipment, and medical material, increasing the cost per installation to about $5.2 million. Level C would significantly increase the installation’s preparedness by adding more protective equipment, standoff detectors, medical surveillance capabilities, mass casualty care, and pharmaceutical stocks. This would cost $8.5 million per installation.

For purposes of developing a budget, the Army PEO-CBD assumed that there would be 50 Tier I installations, 100 Tier II installations, and 450 Tier III installations. Tier I would get top priority (Level C), Tier II would get Level B capabilities, and everyone else would get Level A. There was no formal development of a joint concept of operation or even joint deliberations over whether a detector-centric, passive defense based approach to CBRN defense was applicable to installation preparedness for terrorist CBRN incidents. The Joint Staff and services had little to no time to review this acquisition strategy; it was accepted by DATSD(CBD) and immediately adopted by OSD(PA&E) to model the costs for alternative three. The problem was that every installation wanted Level C, the best protection possible (especially if OSD was paying). Numerous policy issues still were outstanding: how people on the installation would receive adequate protection, whether the operations and maintenance costs were reasonable, or even if this approach would reasonably reduce the number of potential casualties in a given terrorist CBRN incident. It was a pencil mark on the wall, a wedge in the defense budget, and that was all OSD(PA&E) needed to complete its cost analyses.

35 The standard for an installation to have an antiterrorism program is 300 individuals working or living there. See DoD Instruction 2000.16, DoD Antiterrorism Standards, dated June 14, 2001, p. 29. 36 DoD Instruction 2000.18, Department of Defense Installation Chemical, Biological, Radiological, Nuclear and High-Yield Explosive Emergency Response Guidelines, dated December 4, 2002.

16

At a later meeting, OSD set the goal at addressing 200 installations over six years, starting with 15 installations in 2004 and ramping up to 50 installations by 2009. Why 200 installations? There appeared to be a natural break around the 180-200 point in the Joint Staff’s prioritized list of 530 installations as to the most critical and populated installations; also, it made a nice round number. OSD would take $1 billion from the four services’ antiterrorism budgets over a six-year period, which would have been directed toward critical “conventional” antiterrorism efforts, and direct the DoD CB Defense Program to execute what would become known as the Installation Protection Program.37 Another $600 million would be provided for installation emergency responder equipment and training, its implementation to be overseen by ASD(HD).38

Mr. Cambone also directed that the program address 185 installations within the United States in the first four years, and only 15 overseas military installations in the latter years.39 The PA&E made it very easy for the services; each service would receive a certain number of installations each year over the 6-year timeframe, corresponding with the amount of antiterrorism funds taken out of its respective budget (thus neatly circumventing any arguments over who had the most critical or vulnerable bases and therefore higher priorities). The Army had 62 installations on the list, the Air Force had 64, the Navy had 59, the Marine Corps had 9, and three defense agencies had 6.40 In anticipation of taking on this mission, the Army PEO created a Project Manager (PM) Guardian office in October 2002, which would oversee the Installation Protection Program as well as the development and acquisition of WMD Civil Support Team equipment. This office would formally stand up in October 2003.41

During this rush to define and obtain funding for the effort, there was still no approved concept for using CBRN defense equipment on U.S. military installations and facilities. JSIPP was behind schedule, and the antiterrorism community was still not engaged. This would not be so bad if past efforts or studies had addressed WMD threats on installations, but other than developing special annexes to conventional terrorist plans that basically reiterated threat agent information, no such material existed. But the money had to be programmed and budgeted for a start in 2004, and the installations had yet to be named – those were the priorities.

Managing Installation Preparedness Efforts

37 Program Decision Memorandum I issued in fall of 2002 - Added $1,533M from FY04-FY09, $1,493 in Procurement (CB Installation Force Prot $1040M, JBPDS $456M, JCAD -$3M) and $40M in RDT&E (Techbase Non Med for Agent Fate). Conducted $95M zero sum move in FY04-FY09 from various programs to programs supporting Non Traditional Agent medical and non medical RDTE.38 Ibid. 39 It was explained off-line that this was both politically motivated and would be easier to implement, given the more fully developed relationships between installation and off-post emergency responders.40 OSD(PA&E) did request and receive the Defense Critical Infrastructure Program’s list of installations, from which that office determined that six defense agencies needed to be on the 200-installation list. This included the Pentagon, which had already received a heavy investment of tens of millions of dollars specifically for CBRN defense efforts (resulting in the CBRN Directorate of the Pentagon Force Protection Agency).41 See DoD CBRN Defense Program Annual Report to Congress, May 2004, pp. 79-80. Available at http://www.acq.osd.mil/cp/nbc04/2004cbrndpreport.pdf.

17

The DATSD(CBD) chose the Defense Threat Reduction Agency (DTRA) CB Directorate to manage the JSIPP effort. DTRA’s objectives for the program included equipping the nine installations with different levels of CB detection equipment, enhancing installation emergency response capabilities with CB defense equipment and training, collecting data and refining concepts of operation for CB defense of installations, and providing recommendations on resource requirements (personnel, equipment, logistics support) to support further installation preparedness efforts. The effort would be limited by the urgency to “do something quickly” and by the funding, leading to a focus on detection systems and responder equipment. The services had negotiated what installations would participate in the project with ASD(SO/LIC) in the summer of 2002 (see Table 2).

Army Air Force Navy/Marine CorpsTier I (small)

Fort Gordon, GA Pope AFB, NC Dahlgren Naval Base, VA

Tier II (medium)

Fort Lewis, WA Barksdale AFB, LA (none)

Tier III (large)

Fort Campbell, KY Warner-Robins AFB, GA

San Diego Naval Base, CACamp Lejeune, NC

Table 2. DoD Bases Chosen for JSIPP42

DTRA performed initial assessments of the nine installations and reported on their capabilities by October 2002. Based on a list of 53 emergency response areas identified by the four services, each installation was baselined to identify the potential increase of capabilities that might result as a function of this pilot project. These capabilities were largely grouped under the headings of detection, personal protection, decontamination, treatments, explosive ordnance disposal, command and control, security, and rescue operations (although the funding was limited largely to addressing only detection and emergency response capabilities). DTRA proposed to develop an equipment list, procure the equipment, work with the nine installations on their concepts of operation and standard operating procedures, deliver and install the equipment, train the installation personnel, conduct installation exercises, and then develop the lessons learned that would be transitioned to the larger 200-installation effort. They would install biological detectors, air samplers, point chemical detectors, installation emergency response equipment, a medical surveillance system, and a laboratory analysis capability that included PCR analysis equipment (see Table 3). The equipment would be operated around the clock, maintained by contractor logistics support.

CB Detection Equipment

Emergency Response Equipment CONOPS and Training

Tier I (small)

None Self-contained Toxic Environmental Protective Outfits

Improved Toxicological Agent Protective suits

AN/PDR-77 radiac setPatient CB Litter

Yes

Tier II (medium)

15 air samplers20 chem detectorsAnalysis LaboratoryCmd and Control

Interface

Yes

42 Ibid, p. 79.

18

Decontaminant foamSorbent Decon SystemModular Mass Casualty Decon

SystemMedical chemical defense countermeasuresGeneral HAZMAT equipment

Tier III (large)

6 biodetectors15 air samplers20 chem detectorsAnalysis LaboratoryCmd and Control

Interface

Yes

Table 3. Equipment Chosen for JSIPP Installations43

Site surveys for the six installations to receive CB detectors took place between April and July 2003. The actual installation of the equipment would take place between August and the end of December 2003, with a final report in November and documentation of the lessons learned in 2004. The schedule had slipped somewhat due to the time required for assessments, development of installation plans, and scheduling times with the installations. Based on an assessment of the installations, the JSIPP team placed detectors near critical areas and throughout the installations, tying them to the installation command posts. Each installation commander addressed their concept differently, even those within the same service, which required a good amount of discussion with each commander as to how to execute the effort. The services noted that adding equipment without developing a joint concept of operations did not significantly improve their capabilities. Placing military CB detectors on an installation called for some construction, communications and power availability, and security planning, and most installations did not have a good feel for where the detectors ought to be located for maximum effectiveness.

No modeling was done to optimize the placement of CB detectors, in large part due to unknown variables such as how much agent a terrorist might release, where a terrorist would release the agent (on- or off-post), and what the accepted level of risk and response should be. Also, there was no funding available to conduct such studies or develop appropriate modeling tools. That is to say, no one had done the requisite threat and vulnerability analysis for a CBRN incident prior to determining the allocation and placement of the detectors. Given the lack of precedent for this effort, this is perhaps to be expected, but there was absolutely no way to assess if the multi-million dollar defense program had really improved installation preparedness at all.

The detectors had some false positives, but overall, far less than what DTRA planners had anticipated, considering the large range of potential interferents in the environment. The cost for biological detection sampling and analysis, averaging about $150 per sample, were kept down by only conducting one sample analysis per day (not a very realistic constraint). Most installations agreed that there was a greater return on value from the CBRN defense equipment given to emergency responders than the CB detector network. All of the equipment except for the laboratories will stay on the installations, and now the installation commanders must pay for their operations and maintenance costs. These costs might be more manageable (and the overall concept more executable) if the services had developed a flexible Force Protection Condition (FPCON) structure to raise and lower the usage of CBRN defense equipment, but addressing this issue was not part of this project. The results of this pilot project were still being analyzed, even as the next phase – the 200 installation effort – was being initiated.

Simultaneously, another directorate of DTRA was running an initiative called Unconventional Nuclear Weapons Defense (UNWD), which was a collaborative effort with the Department of Energy (DOE) to provide detection and defense against unconventional nuclear

43 John Connell, DTRA briefing to Combatant Commands, titled “Joint Service Installation Pilot Project (JSIPP) Program Presentation” on June 11, 2003, slides.

19

threats (such as radiological dispersal devices and improvised nuclear weapons).44 UNWD was to test technologies to detect, analyze, and classify the presence of nuclear material and interface with existing response and warning systems. These efforts would test portal detectors that could sense nuclear material within vehicles or ships as well as hand-held monitors and remote sensors that might allow early warning of transportation of nuclear materials prior to their arrival to a base. This effort was run at four installations: Kirtland Air Force Base, New Mexico; Camp Lejeune, North Carolina; Fort Leonard Wood, Missouri; and Naval Submarine Base (King’s Bay), Georgia.

This program was a particular favorite of Dr. Stephen Younger, then director of DTRA, and Dr. Dale Klein (ATSD(NCB)), but the level of funding required (up to $4 million per base) and perceived lower risk probability of a radiological incident stunted its momentum. At the least, this project demonstrated several technologies and approaches to developing radiological defense capabilities that had not been addressed by JSIPP and the 200-installation protection program. The challenge would be convincing OSD and the services that these efforts should be funded with the same priority and emphasis as other antiterrorism efforts. While there has been increasing concern across the country about the potential impact of radiological dispersal devices, OSD was not persuaded to increase funding to the 200-installation program to include this effort.

Observing the increased antiterrorism efforts at military installations, Congress added a section to the National Defense Authorization Act for FY 2003,45 titled “Comprehensive Plan for Improving the Preparedness of Military Installations for Terrorist Incidents.” This language tasked the Secretary of Defense to develop a strategy for improving installation preparedness against terrorist incidents, including attacks involving the use or threat of use of WMDs. In addition to developing an installation preparedness strategy, Congress wanted to see a performance plan outlining the schedule, process of improving the installations, and evaluation measures for the program. In addition, Congress wanted DoD to submit an annual report for this effort in the years 2004-06.

ASD(HD) has the responsibility for writing this annual report, and it addresses all CBRNE antiterrorism efforts, not just CBRN defense. The report prominently mentioned JSIPP and the 200-installation program, as the programs represented a very large and visible effort that had captured congressional attention. The report also addressed the WMD Civil Support Teams, noting the congressional directive to increase the number from 32 to 55 teams (called out in PL 107-314) and the intent to field 12 teams in 2004 and 11 teams in 2005.46

Developing a CBRN Defense Construct

In early September 2002, Defense Deputy Secretary Paul Wolfowitz released a memorandum to address General Keane’s earlier question on what DoD policy was for protecting noncombatants during CBRN incidents.47 It was DoD policy that all personnel at U.S. military installations and

44 Statement of Mr. Michael Evenson, DTRA, to the House Homeland Security Committee on June 21, 2005. Available at http://hsc.house.gov/files/TestimonyEvenson.pdf.45 Public Law 107-314, signed on December 2, 2002.46 I point out the WMD CSTs included in the report to show that DoD tends to include antiterrorism efforts conducted at U.S. military installations and facilities along with homeland security efforts conducted to support federal response to terrorist CBRN incidents against the general public.

20

DoD-owned or leased facilities would be provided “appropriate protection” from CBRNE attacks, that installations would respond to these attacks with trained and equipped emergency responders, and that installations should be able to continue critical operations during an attack and resume essential operations after an attack. It was not clear, however, what “appropriate protection” meant. The memorandum tasked the Chairman of the JCS to develop a DoD-wide concept of operations for installation preparedness against CBRNE attacks and DoD standards for CBRNE defense. Simultaneously, the Joint Staff was directed to facilitate and standardize the prioritization of the 200 installations across the six-year period, using the OSD(PA&E)’s criteria, and to develop standards that “rationalized” AT/FP and CBRN defense of military installations. All this was to be accomplished by the Joint Requirements Office (JRO) for CBRN Defense, a new agency within the Joint Staff’s J-8 directorate, between January and June 2003 to ensure that the JPEO’s Project Manager (PM) Guardian office had a basis for developing a sound acquisition strategy to execute the $1 billion in funding for CB defense equipment and field $600 million in emergency responder equipment and training.

Easier said than done. Every service chief became intimately involved with the prioritization effort because of the implication that an installation on the priority list would be seen as critical to the defense effort and therefore another measure to protect it from the Base Realignment and Closure (BRAC) process. Each service and a few defense agencies were tasked to identify and submit the installation data to the JRO, to be used in a “rack and stack” exercise to prioritize the list of installations. Each service knew that it would not lose its annual quota of installations, but wanted to ensure the installations it viewed as critical would be high on the list. To achieve closure in time, the focus was on finalizing the list of 15 installations that would receive funding in FY 2004 and a tentative list for the 20 installations scheduled for FY 2005, and general concurrence on what other bases were on the 200 base list. The geographical combatant commands were not pleased with the limited participation they were allowed, particularly the focus on installations within the United States that seemingly ignored overseas military installations critical to their operations. In the end, the JRO delivered four prioritized lists (one per service) of installations to which everyone agreed, a list that would be reviewed annually to allow the services a chance to change their prioritization of bases.48

The development of DoD CBRNE standards was a bit more difficult. In December 2002, DoD released its instruction on installation CBRNE emergency response guidelines (DoD Instruction 2000.18). While this instruction focused on what the installation emergency responders should do for terrorist CBRN incidents, it had no guidance on how installations should incorporate other CBRN defense equipment into their antiterrorism programs. A directive that outlined the minimum capabilities was required to protect personnel and critical base assets in the event of a terrorist CBRN incident, such as how to protect noncombatants, how to maintain critical operations during an attack, and how to resume post-incident operations. The JRO, in developing the installation preparedness standards, had two courses of action: to develop a stand-alone CBRN defense memorandum from the Chairman of the Joint Chiefs of Staff, or to “ghost-write” inserts for ASD(SO/LIC) for the current DoD directive for antiterrorism standards (DoD directive 2000.16, which had not been updated since June 2001). Action officers at ASD(HD) and ASD(SO/LIC) didn’t like either approach. ASD(HD) wanted the JRO to include

47 DepSecDef memorandum, “Preparedness of U.S. Military Installations and Facilities Worldwide Against Chemical, Biological, Radiological, Nuclear, and High-Yield Explosive (CBRNE) Attack,” dated September 5, 2002.48 COL Sandra Wood, Joint Staff briefing to Joint Installation Protection Working Group, June 2003, slides.

21

joint defensive capabilities against terrorist use of high-yield explosives (which did not exist) and direct the services on how to execute their installation programs in detail. ASD(SO/LIC) insisted that any terrorist CBRN defense-specific guidance be inserted as an appendix to their directives, rather than integrated into the directives (preserving the focus on conventional antiterrorism).

The question of whether to integrate CBRN defense-specific force protection condition actions with the current force protection condition (FPCON) levels caused a great deal of controversy. The services did not want a separate list of CBRN Defense Conditions and FPCONs because that might confuse people. OSD resisted the idea of developing new tasks that might be incorporated into the existing FPCONs. The only common ground was accepting that the entire CBRN defense capability would be either all on or all off, which (considering the heightened security concerns post-9/11) could be very expensive to maintain throughout the year. Little progress was made in developing new CBRN standards for over a year, and the antiterrorism directives remain absent of any CBRN defense-specific language.

Development of a joint concept of operation was similarly difficult, first because the Joint Staff traditionally did not develop concepts of operations, which are very specific instructions from a commander on how to execute a particular operation. Usually the services and combatant commanders developed concepts of operations for specific operations under their authority. The Joint Staff’s JRO would develop a general, DoD-wide concept of employment that allowed installations flexibility rather than a specific directive on how the services would implement procedures and deploy their equipment. The challenge in developing this joint concept was two-fold; first, it had to acknowledge that there were different-sized installations and facilities that could accommodate (and sustain) different levels of CBRN defense equipment, and second, it had to define what criteria of personnel would receive specific forms of protection. It avoided the controversial discussion on how to execute various levels of force protection conditions specific to CBRN hazards by deferring the discussion to another year.49 To smoothly integrate CBRN defense into an antiterrorism lingo, the JRO used an Army “four-S” concept – sense, shape, shield, and sustain – to identify specific CBRN defense capabilities required (see Figure 1).50 This concept is very similar to the current Protection Joint Functional Capability and its tenets of detect, assess, decide/warn, defend, and recover. The intent was to ensure that CBRN defense technologies, concepts, and subject-matter expertise, developed for military combat operations, could be applied to antiterrorism by changing military combat-specific language to more applicable definitions.

49 None of the services’ or OSD offices’ representatives could agree on either adding specific CBRN defense instructions to the FPCONs or developing a separate standard. So the resulting guidance could be interpreted as initiating full CBRN defense measures for any level of terrorist threat (very expensive) or not using any CBRN defense measures (not very practical). Or whatever the installation commander wanted to do.50 This concept is addressed in Joint Publication 3-40, “Joint Doctrine for Combating Weapons of Mass Destruction,” dated July 2004.

22

Figure 1. Joint Concept for CBRN Defense of Military Installations and Facilities51

Second, the JRO adopted the tiered approach that the Army PEO had initiated, but expanded it to more specifically address military installation and facilities that had differing characteristics and abilities to sustain CBRN defense capabilities throughout the year. There were five installation classes. Class 1 included very large installations or facilities with more than 15,000 personnel or those designated as critical due to their mission profile. These were all expected to have installation emergency responders. Class 2 included those installations and facilities that hosted between 2,000-15,000 personnel, had an inherent emergency response capability, but were not necessarily critical to the military’s warfighting mission. Class 3 included those installations and facilities that hosted between 2,000-15,000 personnel but did not have an inherent emergency response capability, relying instead on off-post responders. Class 4 installations and facilities had between 300 and 2000 personnel, were not designated as critical, and also lacked inherent emergency response capabilities. Class 5 included those military installations and facilities that had less than 300 personnel, to include DoD-owned or leased merchant vessels and strategic airlift.52

The intent of this classification was to acknowledge that, while the large installations might be able to employ various CB detectors throughout its property, install collective protection in critical buildings, and issue medical countermeasures and protective masks to its population, the smaller installations should not be held to that same standard. If installation emergency responders were present, outfitting their personnel with CBRN defense equipment might be more important than fielding multiple CB detectors, which could added as resources permitted. The top priority was protecting the general population that worked or lived on the installation or facility. Expensive standoff detectors were the last resort. Smaller installations had to have the flexibility to emplace less than a full family of defense systems (see Figure 2).

52 U.S. TRANSCOM insisted on this class 5 inclusion, noting rightly that refugees could claim political asylum on large ships as “U.S. facilities.”

1. Protect People2. Maintain Installation Critical Mission3. Restore Essential Installation Functions

Shape Shield SustainSense

Stand-off Detection

Reconnaissance

Point Detection

Medical Surveillance

Hazard/Decision Spt

Mass Alert Capability

Integrate w/Civil InfoSystems

Prot. Ensembles

Fixed Site Coll Pro

Personnel Decon

Med Pretreatments

Inst. Emerg. Response

Mobile/Trans. Coll Pro

Operational Decon

Medical Diag/Treatment

Support from Fed/State/Local

Thorough Decon

Logistics

Define Parameters of

the Hazard

Detect and Identify Immediate

Hazards

Provide Info toDecision MakersAnd Threatened

Populace

Protect All People with AppropriateProtection

Initiate ResponseThrough Inst.

Emerg. Responders

Restore ServicesAnd Protect Infrastructure

(Consq. Mgmt)

CBRN Defense of Installations

23

Figure 2. Tiered Protection Strategy.

Lacking any OSD guidance other than the Wolfowitz memorandum of September 2002, the JRO developed interim standards that defined “appropriate protection.”53 Those personnel deemed essential to performing critical military missions required protection that would support mission continuity for up to 12 hours. This might mean protective suits and masks, or it might mean collective protection systems. All other personnel should be provided protection or procedures necessary to survive a CBRN incident. This meant evacuation measures first and shelter-in-place second, as opposed to issuing everyone protective masks and suits. If an installation commander wanted masks for his/her population, based on higher risks (such as being based in a high risk theater such as South Korea or Qatar), that was his/her option assuming that commander could pay for it.

Perhaps not as clear was the understanding that all the general guidelines for antiterrorism, spelled out in joint publications and DoD directives and instructions, still applied. That is to say, services and combatant commands had responsibilities to evaluate intelligence on terrorist intentions and to pass on those intelligence indicators to their installation commanders. The general defensive concepts within antiterrorism – to include threat analysis, threat and vulnerability assessments, information security, operational security, personnel security, physical security, crisis management planning, tactical response, training and education, and public affairs planning - had to be conducted for all forms of terrorism. This “four-S” concept merely identified specific CBRN defense aspects of increasing preparedness for the installation. It is a case of augmenting, not replacing, current antiterrorism concepts.

This concept was accepted by the services, combatant commands, and most OSD agencies as a rational and executable overarching concept that could be implemented by the antiterrorism community. The final draft was completed in June 2003 and sent from the Director of the Joint Staff to the Deputy Defense Secretary’s office, but was intercepted and held up by ASD(HD), whose action officer wanted more details imposed on the services, more explanation about joint explosives defenses (which still don’t exist), and many other minor changes. This staffing action resulted in more than 24 months delay in approving the joint concept of operations. For the PM Guardian office, this delay was a welcome reprieve, since they did not like the joint concept either. For one, it offered a different approach than the standard passive defense strategy, in which every installation should receive a full package of detectors, protective equipment, medical countermeasures, and decontamination equipment. The JRO’s concept troubled many traditional CB defense acquisition specialists that believed a family of systems was required to provide full CBRN defense protection, and any gaps might result in mission 53 Joint Chiefs of Staff, “DoD Concepts of Operation for Chemical, Biological, Radiological, Nuclear, and High-Yield Explosive (CBRNE) Defense Supporting US Military Installation and Facility Preparedness,” approved by the Joint Protection Functional Concept Board and signed by the Director of the Joint Staff on April 6, 2004. This concept is still being staffed at the OSD level for signature as of August 2005.

Large and/or Critical Inst. Inst. w/ Emerg. Resp. Inst. w/o Emerg. Resp. Small Inst/Facilties

SENSE-1

SENSE-2

SHAPE

SHIELD-1

SHIELD-2

SUSTAIN

DESIRED

REQUIRED

REQUIRED

REQUIRED

REQUIRED

REQUIRED

REQUIRED

REQUIRED

REQUIRED

REQUIRED

REQUIRED

DESIRED

REQUIRED

REQUIRED

PROVIDED BY EXTERNAL FEDERAL, STATE, AND LOCAL AGENCIES (AND HOST NATION AS APPLICABLE)

REQUIRED

Facilities/Vessels

24

failure. The CB defense community did not see, or was not comfortable with, the fact that antiterrorism programs called for a process that allowed a level of risk into the equation because of limited funding. There was no formal requirements document to authorize the procurement of military CB defense equipment, and this joint concept did not provide specific technical parameters to select fielded military and commercial defense equipment.

The PM Guardian did need some sort of a requirements document, based on direction to their office from the acting DATSD(CBD), Brigadier General Pat Nilo.54 By normal acquisition guidelines, any new defense acquisition effort required an initial capabilities document generated by the user community that identified the desired parameters against which acquisition experts would develop and test equipment. The problem was that this was not a normal defense acquisition project, in that the intent was to use military and commercial equipment that already existed. There was no research and development effort, and therefore creating a standard “capability-based” requirements document did not make sense. The normal generation of a joint requirements document entails performing an analysis and coordinating with the four services to draft such a document, a process that could easily take 4-8 months.

Given that there was no new equipment being developed and JSIPP served as an experiment, it seemed much more reasonable to treat this area as a joint experimentation effort, which is executed to recommend changes to existing joint resources when such changes are not associated with a new defense acquisition effort.55 While the services’ action officers agreed with this approach, the PM Guardian did not accept this and convinced the Joint Staff to provide it an “urgent needs statement” for installation protection. The Joint Staff signed off on a generic eight-page memorandum in December 2003 that allowed the PM Guardian flexibility to develop a traditional acquisition strategy using a more “passive defense” oriented concept developed by their office. The PM Guardian intended to negotiate with each individual installation as to the particulars of the standard package of equipment delivered, but it would closely mirror the “passive defense” family of systems.

The PM Guardian required the services of a contractor to act as the lead systems integrator to field the equipment to the 200 installations. The initial estimate was that about a third of the $1 billion allocated to the Installation Protection Program would go to implementation costs, leaving about $3 million per installation for equipment and training. The PA&E estimate for the 200-installation effort had not considered management costs to manage and execute the program, but the PM Guardian office believed that OSD would plus up the project in later years to ensure a full CBRN defense capability at all DoD installations (that was, if OSD felt it was still a priority). PM Guardian awarded a three-year, $117 million contract to a team led by SAIC in late April 2004 to start the effort.56 With the delays in developing a joint concept of employment, DoD standards, a requirements document, the acquisition strategy, and contract award, none of the 15 installations scheduled to receive CBRN defense equipment in 2004 were outfitted in that year (all have slipped to 2005 dates).

The PM Guardian office has since estimated that their proposed acquisition strategy will raise estimated costs from $5 million to $9 million per installation. This would allow for

54 Brigadier General Pat Nilo, former commandant of the U.S. Army Chemical School, was selected to act in this position when Dr. Johnson-Winegar resigned her post in May 2003.55 See CJCSI 3180.01, “JROC Programmatic Processes for Joint Experimentation and Joint Resource Change Recommendations,” dated October 31, 2002.56 See http://www4.army.mil/ocpa/read.php?story_id_key=5906 for the announcement.

25

additional equipment to be added, such as radiacs and laboratory analysis systems, in addition to exercises and training. Their solution: cut back the number of installations from 200 to 150 or less, slip the schedule, and ask OSD for more funding. Using the Joint Staff’s draft concept of operations and adjusting the equipment packages seem not to be options. Despite this rocky start, in late 2004 OSD proposed 75 more installations (to be named at a later date) to receive CBRN defense equipment in FY 2010 and 2011.

A U.S. Government Accountability Office (GAO) report released in August 2004 identified two major obstacles that impeded DoD’s ability to implement installation preparedness efforts.57 The first was, while there were numerous organizations involved in installation preparedness efforts, the two major players – ASD(HD) and U.S. Northern Command – were still in the process of defining their roles and responsibilities. Because of this, there was no comprehensive plan with focused and measurable actions to achieve long-term goals (the GAO likes to see strategic plans)58. Second, there was a general agreement that there was no focal point having the appropriate authority and responsibility to integrate overall installation preparedness improvements among the many organizations involved, and this has adversely affected DoD’s ability to effectively plan and manage these improvements ASD(HD) has since stated that it is the focal point for all installation preparedness issues.

This lack of organization was primarily responsible for a delayed submission of the annual DoD report to Congress on improving installation preparedness for preventing and responding to terrorist attacks. In large part, the failure to promptly develop a comprehensive plan and report on long-term goals was due to the lack of ability to obtain agreement on its content, definitions of installation preparedness, and specific language in the report. The GAO had adroitly dodged the issue of how the failure to merge CBRN defense and antiterrorism concepts was causing unforeseen challenges (other than the obvious connection that too many people were in charge).

Recommendations

A number of known issues remain unaddressed by this program; for instance, whether anyone has evaluated the motivations and intent of terrorist groups to attack military installations rather than more unprotected and vulnerable public centers. Given a terrorist group’s finite resources and clandestine infrastructure, what is more likely to be a target? No one has conducted the logical assessments to confirm this threat actually exists – rather, it was assumed that terrorists are and will continue to seek out WMD materials to attack military targets, both within the United States and overseas, as opposed to determining whether this approach is actually part of the terrorists’ grand strategy. Second, it is assumed that all installations across the nation are

57 GAO-04-855, Combating Terrorism: DoD Efforts to Improve Installation Preparedness Can Be Enhanced with Clarified Responsibilities and Comprehensive Planning (Washington, DC: Government Accountability Office, August 2004). 58 The GAO also called for a “results-based management framework” for DoD antiterrorism efforts in 2002. See also GAO-03-14, “Combating Terrorism: Actions Needed to Guide Services’ Antiterrorism Efforts at Installations,” November 2002, p. 16 – “To improve the effectiveness of the services’ antiterrorism efforts, we recommend that the Secretary of Defense direct the Secretaries of the Army, Navy, and Air Force to adopt and effectively communicate a results-oriented management framework, consistent with DoD’s overall antiterrorism strategy, to guide each service’s antiterrorism efforts.”

26

equally at risk, therefore all must be hardened. The failures to tie into the Defense Critical Infrastructure Program and rather politically game the prioritization process to get a leg up on the BRAC process are mistakes. Third, the programming and planning process by which this program was budgeted, given the lack of an operational concept or any precedent, was both rushed and without consideration for practical execution of such a large acquisition effort. This has been a knee-jerk, post-9/11 panicked reaction that needs a careful assessment and evaluation against other defense priorities.

Nothing emphasizes the failure of this effort more than the actions from OSD in late 2005. After nearly two years, the PM Guardian outfitted one base with its complement of equipment and training, instead of 35. OSD abruptly decided to strip two-thirds of the funding from the $1.6 billion effort and reallocate it to a biomedical research initiative.59 This reduced the installation program to fielding a limited set of equipment to the installation emergency responders of about 100 bases. Ironically, that minimal level of fielding was what the Joint Staff concept suggested to begin with. Such a radical change of direction and programming cannot be associated with success.

The many technical, operational, and resource challenges inherent to this program have only emphasized the need for DoD to develop a truly joint antiterrorism effort that can successfully integrate CBRN defense with the threat of high-yield explosives. Right now, the two communities persist in taking stovepipe approaches to the challenge rather than developing a common protection concept. Finding the solution will require a strong understanding and integration of CBRN defense, antiterrorism, and risk management practices. U.S. Northern Command must get engaged in this process and provide that leadership.

We need to take a hard look at several operational issues.60 While the Joint Staff has led the way in discussing CBRN defense capabilities and concepts, we need to review the antiterrorism program to identify what specific CBRN defense capabilities DoD installations and facilities can afford to maintain for the long haul. A vital first step is answering questions about the nature and scope of the terrorist CBRN threat and the true impact on personnel and operations. Using the Joint Staff’s concept of operations would be a good first step to ensure that installations can implement a common level of installation preparedness. Developing an FPCON equivalent for CBRN defense measures that would enable the installations to sustain flexible levels of preparedness should begin immediately. Additionally, we need to discuss how much DoD should pay for CBRN defense capabilities of installations and the ability of installations to share their planning, interoperability, and capabilities with off-post emergency responders.

Certainly the services and combatant commands must assume some responsibility for programming and budgeting funds to address CBRN defense for antiterrorism efforts. Currently, the public law that created the DoD CB Defense Program is being interpreted to say that the services must obtain their CBRN defense equipment only through this single OSD-funded program line. To the services, that means they do not have to procure any CBRN defense equipment other than consumable items. That public law was developed to address military combat operations, not antiterrorism, and this direction must be changed to address new realities of addressing this threat. Given the large number of military installations and facilities and the

59 Program Decision Memorandum III, December 15, 2005. 60 These ideas should be attributed to Colonel (retired) Rick Jackson and his presentation titled “The Future of Installation Protection” given at the CINC NBC Defense Program Review in May 2002. Any errors in translating his ideas to this paper are my own.

27

potential cost of implementing a full CBRN installation preparedness effort, any increases in funding the OSD program line will only be taken from the services anyway.

The standardization of CBRN defense equipment and training being implemented for state and local emergency responders under DHS and DOJ should be replicated for military emergency responders (or perhaps they could use the same equipment and training). There has to be a tie-in of those federal capabilities that will respond to back up installations in their response to terrorist CBRN incidents and that will take the responsibility to remediate and restore installations to pre-incident conditions. None of these ideas are particularly revolutionary or difficult, but to be successful, it will require cooperation, patience, and above all, common sense.

Summary

Certainly the threat of terrorist CBRN incidents is real, and military installations and facilities should develop reasonable and appropriate plans to protect and respond to such incidents. The fact that they had not done so prior to 2001 is shameful but not an excuse to ignore the necessary analysis required to substantiate the execution of plans and budgets with respect to other, more probable threats. One immediate step ought to be the recognition that small, single scale exposures to CBRN hazards are the most credible event, as opposed to worst case scenarios of large area coverage and mass casualty events.

The OSD and Joint Staff have forced the services to grapple with this issue by some of the most effective tools available – taking money from the services’ antiterrorism funds and developing joint concepts from the top-down to guide the execution of this effort. Those kind of things will get people’s attention. However, the antiterrorism community and CBRN defense community remain stovepiped in their approaches to preparing installations for future terrorist CBRN incidents. No evidence suggests that the antiterrorism community has recognized the need to incorporate CBRN defense equipment and concepts into their practices. Similarly, no evidence indicates that the CBRN defense community has determined that the square peg that is military CBRN defense equipment and passive defense concepts do not fit into the round hole of installation preparedness.

While initial steps in developing joint concepts and identifying lessons learned are encouraging, more from OSD and U.S. Northern Command will be required to bring the two communities together and to execute a cost-effective and reliable installation preparedness program. Much remains to be done, if the threat of CBRN terrorism is really more credible than the services have historically observed.

28

Endnotes

51 Al Mauroni, “CBRN Defense of US Military Installations and Facilities,” USANCA NBC Report, Spring/Summer 2005, p. 8.

29