(Slide 1)
(Slides are approximately 300 Kbytes each)

I'm Joan Woodard, vice president of Sandia National Labs of the Energy, Information, and Infrastructure Technology Division.

(Slide 2)

It’s my pleasure to welcome you to the workshop on Surety Science and Engineering. This is somewhat of an experiment today. I was talking to the staff of the Academy and realized that this is the place where experiments are conducted. The experiment today is to test the concept of Surety Science and Engineering and, in particular, its applicability to a number of high consequence systems and situations in the country.

We have invited you to be a part of that experiment through the workshop and the breakout sessions that will be conducted. This morning we will give you a little bit more background on the information we sent you. First I’ll give you a short introduction to the concept of surety and our goals for this workshop today. Then we’ll be moving on with definitions and information from Pace VanDevender, and then into our technology presentation.

As is always the case with something like surety, there are many examples that occur day to day. The USA Today headlines this morning are about the hurricane that just hit the Caribbean Islands. The front-page story notes that in Puerto Rico 80 percent of the homes are without water, highlighting the challenge of maintaining sure systems in the face of normal and abnormal environments. I similarly had a challenge this morning of a different type as I got into a taxicab at the Capitol Hilton with a driver who had been in Washington D. C. for only one week. As we wandered around one side of the White House and the other, I also discovered the importance of surety in high-consequence situations.

Let me introduce the concept of Surety Science and Engineering. First of all, I think surety is important because it is the mechanism by which we hand off to future generations the systems, infrastructures, and well-being of our world. Surety definitely looks towards sustainable solutions for 21^st century.

(Slide 3)

Surety, to quote from our brochure, "is a level of confidence that a system will operate exactly as planned in both expected and unexpected circumstances." In fact, it is the foundation for many national problems where service and addressing national issues are extremely important.

Surety has three basic attributes, again highlighted in the brochure. These are reliability in normal environments, safety in abnormal environments, and security and use control in malevolent environments. These apply to the intended operation or non-operation not just of nuclear weapons but of situations like structures in the face of malevolent attacks. As I mentioned about the headlines this morning, it doesn’t take much surfing the Web (Slide 4) to find headlines from recent events that highlight some aspects of the tragedies that underscore the need for surety. From the New York Times Web site today are stories of hackers that did a fair amount of destruction; school security problems throughout the country; and the SwissAir crash and the challenge of sorting through the issues associated with aviation safety, in particular in new and aging systems.

Part of the purpose today is to invite you to think about the applications of surety and how one can improve Surety Science and Engineering for the challenges and complexities that are before us. There are two aspects of complexity. One is the engineering complexity of advanced systems as they are developed for many applications. The second is the complexity that comes from the global issues and threats that surround us.

(Slide 5)

This map illustrates the use and the siting of nuclear power facilities in many countries throughout Asia. The aspirations of countries to acquire nuclear power and weapons capabilities, as well as chemical-biological weapons, and the economic complexities of interconnected infrastructures throughout the world, adds to this overall complexity and demands advancements in Surety, Science and Engineering.

(Slide 6)

The conceptual history of the three parts of surety has its roots in specific events in nuclear weapons and other areas. The first step was in 1949 when Harry Truman sent the letter to the Western Electric division of AT&T, asking them to step up to the challenge of managing what was to become Sandia National Laboratories. Part of the rationale behind that challenge was to find an industrial operation engineering company that was known for high reliability of engineering systems. In 1964 an accident at Palomares illustrated the importance of safety of nuclear weapons in abnormal environments. Beyond reliability was the additional challenge of dealing with accidents was added to the engineering design requirements. The use and deployment of weapons in forward positions, such as Germany, illustrated that the importance of security was much higher than in the past. Over time these three elements of surety wove together to create the overall engineering requirements. In turn, these led to the onset of the development of the design practices that are the foundation of surety today.

(Slide 7)

There are many tools that are involved in surety. These are some that come to mind in thinking about the protection of infrastructures, physical security systems, sensors, intelligent agent based control systems, modeling and simulation, risk assessment tools, and information security. We’re finding in some aspects of infrastructure that there are roles in three areas: federal, industry, and national labs and universities.

In the national role, the federal government has responsibility for the detection, prosecution, and maintenance of our national interest in the security and reliability of infrastructures. There is an important industrial role for day-to-day operation, dealing with insider threats to infrastructures, for example. There are roles for national labs, universities, and other agencies in helping to bring the data together in areas where, for example, there is concern about proprietary aspects of data. The concept of all three of these groups–in fact, four when the academic community is included–coming together to apply surety tools and work issues such as infrastructure is part of what we’re doing today.

(Slide 8)

Over time, in working in areas like nuclear weapons and nuclear reactor safety, a number of best practices have been identified. Our inventory at Sandia Labs highlighted that there are on the order of 19 best practices for design to insure safety, reliability, and security and use control. We are proposing and contributing in this experiment today the notion that those 19 best practices can be thought about in terms of four levels and eight approaches to surety. Pace VanDevender will go into much more detail on this and the overall contributions to solutions to many of these national challenges.

(Slide 9)

Let me just remind you briefly about the definitions of the four levels, because they will be very important throughout the discussions today. The four levels have applicability and can be thought about in two dimensions: as increasing consequences demand a higher required level of surety, moving from one level to the other may be demanded. Level 1, represents the simple–actually I shouldn’t even use the word simple because often standard engineering practices are very complex– but level 1 represents the concept of using standard engineering practices and testing designs to insure the reliability of the system. Insurance, warrantees, and replacements provide the risk management at this level.

Level 2, which is referred to as proactive human intervention, represents the concept of a step up, where through training and discipline of the human element involved is how we maintain a higher level of surety. Examples here are training and certification in commercial aviation and in the military infrastructure.

The third level is described as positive measures from science and engineering. Here the concept is that additional engineered systems add a level of surety to the system. From our brochure are examples such as the active and passive cooling systems in nuclear reactors.

Level 4 uses the laws of nature and mathematics. It is represented by building in surety based on designs that use the laws of physics to permit and preclude operations. Modern nuclear weapons fall into this category of level 4 surety.

These four levels will apply to many of the discussions today. We are conducting this experiment today to test whether the four levels represent a useful methodology, concept, and framework to think about surety.

(Slide 10)

The perfection–if you can use that word–or at least the advancement of the concept of Surety Science and Engineering is going to require partnership. That partnership will be among those that have the resources and the capability. The academic community, private and public laboratories, federal agencies, and industry have major national problems that demand in high consequence systems, that demand this kind of approach in methodology.

One subject that will be discussed in a technical talk and a breakout session today is the concept of establishing an Institute of Surety Science and Engineering. The models are institutes in existence today that foster the interaction in the community for interdisciplinary areas, an example being the International Combustion Research Institute. Here combustion research is very important for many industries and applications, and the source capability comes from many areas such as academic departments and laboratories. An institute provides the mechanism or the framework in which the community can get together and further advance the capability and methodology. So one part of this experiment that we are testing today is the concept of an institute.

(Slide 11)

So now to the task or the steps in the experiment today. The task before us is, first of all, learn the methodology, to learn the concepts and framework that we are proposing in Surety Science and Engineering. These are presented in the briefings, through a tour of the central exhibit out in the Great Hall, and through the technical presentations that will be conducted this morning. These will be very brief but will give you highlights and, in the framework of these four levels, applications of Surety Science and Engineering.

During the lunchtime hour, we will begin the breakout sessions. At that point each of the breakout sessions will review its specific area. It will review the concept of Surety Science and Engineering generally as well as the framework that we’re proposing today. It will decide where in the hierarchy of systems to focus on improving surety tools and capabilities; decide on the current level; what is the needed level for the future; and then optionally identify some specific recommendations that could be brought forth. One of the concepts is that the target audience might be in fact to the 106^th Congress.

At that point, we will reconvene in this room and go through a very quick feedback from each of the breakout sessions. The goal is to actually put the information together in a proceedings that will then be part of the foundation as we move forward in promoting this area of Surety Science and Engineering.

(Slide 12)

The workshop results from today will be used as part of the decision as to whether to go ahead in February with a workshop or actually an exhibit and presentation to Congress. So part of the experiment is in fact to make a decision about what is the next steps that are appropriate in trying to continue to highlight and push for the advancements necessary in the area of Surety Science and Engineering that will address national problems.

I would like to introduce Dr. Pace VanDevender. Pace is currently the Chief Information Officer of Sandia National Laboratories, responsible for the information infrastructure and its surety at Sandia. Prior to that he was the director of the Strategic Surety Sciences Center. In that role has led the development of many of the concepts that we’re going to be talking about today.

Questions and Comments || Acknowledgment and Disclaimer