Critical Infrastructure Research and Development Advancement Act of 2013

The Critical Infrastructure Research and Development Advancement Act of 2013 is a bill that would require the United States Department of Homeland Security (DHS) to transmit to the Congress a strategic plan for research and development efforts addressing the protection of critical infrastructure and a report on departmental use of public-private consortiums to develop technology to protect such infrastructure. The bill also would direct the Government Accountability Office (GAO), within two years of enactment, to evaluate the effectiveness of clearinghouses established by DHS to share technological innovation.

The bill was introduced into the United States House of Representatives during the 113th United States Congress.

Background
The U.S. CIP is a national program to ensure the security of vulnerable and interconnected infrastructures of the United States. In May 1998, President Bill Clinton issued Presidential directive PDD-63 on the subject of Critical Infrastructure Protection. This recognized certain parts of the national infrastructure as critical to the national and economic security of the United States and the well-being of its citizenry, and required steps to be taken to protect it.

This was updated on December 17, 2003, by President Bush through Homeland Security Presidential Directive HSPD-7 for "Critical Infrastructure Identification, Prioritization, and Protection". The directive describes the United States as having some critical infrastructure that is "so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety."

Provisions of the bill
This summary is based largely on the summary provided by the Congressional Research Service, a public domain source.

The Critical Infrastructure Research and Development Advancement Act of 2013 or the CIRDA Act of 2013 would amend the Homeland Security Act of 2002 to direct the United States Secretary of Homeland Security, acting through the Under Secretary for Science and Technology, to transmit to Congress: (1) a strategic plan to guide the overall direction of federal physical security and cybersecurity technology research and development efforts for protecting critical infrastructure, including against all threats; (2) a report on the utilization of public-private research and development consortiums by the United States Department of Homeland Security (DHS) for accelerating technology development for critical infrastructure protection; and (3) updates every two years.

The bill would require such plan to include: (1) an identification of critical infrastructure security risks and any associated security technology gaps that are developed following performance of a risk/gap analysis; (2) a set of critical infrastructure security technology needs that is prioritized based on risk and gaps identified; (3) an identification of laboratories, facilities, modeling, and simulation capabilities that will be required to support the research, development, demonstration, testing, evaluation, and acquisition of such security technologies; (4) an identification of current and planned programmatic initiatives for fostering the rapid advancement and deployment of security technologies for critical infrastructure protection; and (5) a description of progress made with respect to each critical infrastructure security risk, associated security technology gap, and critical infrastructure technology need identified in the preceding strategic plan transmitted.

The bill would require such report to: (1) focus on aspects of critical infrastructure protection that are predominantly operated by the private sector and that would most benefit from rapid security technology advancement; and (2) include a summary of the progress and accomplishments of on-going consortiums for critical infrastructure security technologies, a prioritized list of technology development focus areas that would most benefit from a public-private research and development consortium, and a proposal for implementing an expanded research and development consortium program.

The bill would direct the Under Secretary for Science and Technology, in coordination with the Under Secretary for the National Protection and Programs Directorate, to designate a technology clearinghouse for rapidly sharing proven technology solutions for protecting critical infrastructure. Requires all technologies shared through the clearinghouse to include a set of performance and readiness metrics to assist end-users in deploying effective and timely solutions relevant for their critical infrastructures. Requires: (1) DHS's Privacy Officer to annually review the clearinghouse process to evaluate its consistency with fair information practice principles; and (2) the Comptroller General (GAO), within two years after the enactment of this Act, to conduct an independent evaluation of the effectiveness of and report to Congress on such clearinghouse and the centralized federal clearinghouse for information relating to technologies established under such Act.

Congressional Budget Office report
''This summary is based largely on the summary provided by the Congressional Budget Office, as ordered reported by the House Committee on Homeland Security on October 29, 2013. This is a public domain source.''

The Congressional Budget Office (CBO) estimates that implementing H.R. 2952 would have discretionary costs totaling less than $500,000 in each of fiscal years 2014 and 2015. Enacting the legislation would not affect direct spending or revenues; therefore, pay-as-you-go procedures do not apply.

The bill would require the Department of Homeland Security (DHS), within 180 days of the bill’s enactment, to transmit to the Congress a strategic plan for research and development efforts addressing the protection of critical infrastructure and a report on departmental use of public-private consortiums to develop technology to protect such infrastructure. The bill also would direct the Government Accountability Office (GAO), within two years of enactment, to evaluate the effectiveness of clearinghouses established by DHS to share technological innovation. Based on the cost of similar activities, CBO estimates the DHS and GAO reports required by H.R. 2952 would cost less than $500,000 annually in 2014 and 2015, assuming availability of appropriated funds.

H.R. 2952 contains no intergovernmental or private-sector mandates as defined in the Unfunded Mandates Reform Act and would not affect the budgets of state, local, or tribal governments.

Procedural history
The Critical Infrastructure Research and Development Advancement Act of 2013 was introduced into the United States House of Representatives on August 1, 2013 by Rep. Patrick Meehan (R, PA-7). The bill was referred to the United States House Committee on Homeland Security and the United States House Homeland Security Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies. The bill was reported (amended) on January 9, 2014 alongside House Report 113-324. On July 28, 2014, the House voted to pass the bill in a voice vote.

Debate and discussion
Rep. Meehan, who introduced the bill, said that "as threats to our critical infrastructure evolve, we rely increasingly on cutting-edge technologies to effectively secure our power grids, wastewater facilities, transportation and communication systems." According to Meehan, this bill "will help to ensure that our nation's efforts to combat terrorism and cyber threats in the 21st Century are not bogged down by outmoded and bureaucratic processes." Meehan also called the bill a "bipartisan accomplishment" arguing that "we identified a problem - barriers that prevented the department from acquiring the best equipment available to protect the homeland - and we worked together to solve it."