Over the years, Fermilab has developed an integrated set of policies and procedures, compatible with federal and state regulations and laws, that guide the way we do business. While you are an experimenter at Fermilab, you must learn and follow the policies and procedures weíve established. We have collected in this chapter the key policies and procedures that every user must know. When you register, you will be asked to sign a statement that you have read this chapter and agree to comply with its provisions.
ES&H Policies
Good environment, safety and health (ES&H) policies have always been fundamental to Fermilab. The Fermilab ES&H Manual (FESHM) describes Fermilabís ES&H program. The Fermilab Radiological Control Manual, part of the FESHM, describes Fermilabís radiation safety program. Reference copies of both these documents are available in the ES&H Section, all division and section offices, and on the Internet, http://eshdbsrv.fnal.gov/FESHM/ or http://eshdbsrv.fnal.gov/FRCM/
Working Safely at Fermilab
All Fermilab employees and users are responsible for protecting themselves and the environment. This fundamental principle is essential for our work today, for our future and for the future of Fermilab. Each user is accountable to the head of the experimentís host divisionóeither the Beams or the Particle Physics Divisionófor the safe design and operation of experimental apparatus. The division head is responsible for the safety of all activities in the division. The laboratory director is ultimately responsible for safety at Fermilab. If you do not follow Fermilabís ES&H policies, you may be denied use of Fermilab facilities.
Most Fermilab divisions and sections have their own ES&H staff to provide technical support. Those that donít have their own ES&H staff have access to ES&H staff in the ES&H Section. The division staff may include a senior safety officer (SSO), a radiation safety officer (RSO), and an environmental protection officer (EPO). Each division and section also has a liaison within the Fermilab ES&H Section. This liaison provides support to the division or section if it is needed. You should find out who are your host division or section ES&H staff and make sure to ask them about your ES&H concerns.
The laboratory ES&H Section provides labwide support in ES&H. Both the Fire Department and Security are part of the ES&H Section. The head of the laboratory ES&H Section has the authority, delegated by the laboratory director, to stop any unsafe or hazardous activity, including experimental activities. Senior safety officers in the divisions and sections have authority to stop unsafe activities, and the Beams Division Operations crew chiefs have authority to stop unsafe beam-related or enclosure-access activities.
If you know of conditions that may be ES&H violations, you have the responsibility to report the conditions to your spokesperson or to ES&H staff. If you believe an assigned task is a hazard to personnel or the environment, you should not perform the task, but instead notify your supervisor and notify the division ES&H group. You should file complaints about ES&H violations either with the ES&H Section or, if more formal action is needed, with the DOE (see FESHM Chapter 1070).
Environment Safety & Health Requirements for Experiments
As a user, you will work with the ES&H staff of your division and with the ES&H Section staff. The ES&H staff will help you review your procedures and equipment for potential hazards.
The spokesperson for every Fermilab experiment must obtain all the necessary review approvals before operation of the experiment begins. The Particle Physics Division calls this an ìOperational Readiness Clearance,î the Beams Division calls it an ìOperational Permit.î Experiments within accelerator enclosures need both Particle Physics Division and Beams Division reviews and approvals.
These experimental aspects require review and approval before an experiment can operate:
Environment, Safety and Health Resources for Experimenters
In addition to the resources of the division ES&H staff, the Fermilab ES&H Section staff has areas of particular expertise that you may want to use. Examples are: instruments and techniques for monitoring radiation; distribution and management of radioactive sources; and transporting and disposing of both radioactive and non-radioactive hazardous waste. Also, the ES&H Sectionís Activation Analysis Laboratory (AAL) provides services to characterize radioactivity and helps calibrate beam current monitors.
Basic Safety
There are some basic rules that you should know for working safely at Fermilab. Keep in mind that this is not a comprehensive list of ES&H requirements. You can obtain more detailed ES&H information from Fermilab ES&H staff and the Fermilab ES&H Manual.
Radiation Safety
Training and badges. Consult your division ES&H staff to find out what radiation safety training you need. You must wear your radiation badge when you enter a radiation area. You must have current radiation training to wear a radiation badge. You can get a temporary badge at the Comm Center (WHGNX). Contact the Dosimetry Program Manager (ext. 3642, dosimetry@fnal.gov) and apply for a permanent badge if you plan to stay at Fermilab for six months or more.
Radioactive sources. Fermilab has an inventory of radioactive sources for loan to experimenters. Strict controls are in place for radioactive source usage. No one is allowed to use a radioactive source without at least Radiation Worker I Training and Radioactive Source Training (contact the ES&H Section source physicist, WH7E). No one may bring radioactive sources onto the Fermilab site or remove them from the site without receiving prior authorization from the Fermilab Senior Radiation Safety Officer, head of the ES&H Section.
Interlocks. While an accelerator is operating, an electronic enclosure interlock system keeps people out of the area where radiation rates rise to harmful levels. Tampering with any part of the enclosure interlock system is forbidden and may lead to dismissal from the laboratory or denial of access to the site for nonemployees.
Controlled access. Controlled accessóentry without breaking the interlocksóis possible in most of the beam enclosures. Only authorized people who have had appropriate training may enter areas under controlled access conditions, and they may enter only under specifically prescribed conditions. Users may become qualified to make a controlled access only after authorization by the division ES&H staff.
Generating, Managing and Disposing of Radioactive Waste. Users must manage and dispose of all radioactive waste according to division, Fermilab and DOE regulations. The experimenter who generates the waste has the responsibility to take steps to minimize the radioactive waste produced. Remove any equipment not needed in beam areas before startup. Any material to be removed from a beamline enclosure (including an enclosure in an experimental hall) must be measured for radioactivity. Contact the Beams Division ES&H Group if you need help from a radiation technician. Consult your radiation safety officer or ES&H staff about proper disposal procedures.
Electrical Safety
Do not work on electrical equipment unless it is disconnected or until it has been de-energized by use of ìlock and tagî (LOTO) procedures discussed in the Fermilab ES&H Manual.
The laboratory discourages the use of extension cords, cube taps and other forms of ìtemporary wiring.î
All portable electrical equipment and power tools must be adequately grounded or double-insulated when connected to a power source.
Hazardous Materials Safety
Read hazard warning labels on containers to find out how to handle a chemical or other material safely. If the container has no label, do not use the material until you know what it is and how to handle it.
You can find detailed information on the hazards of a product on Material Safety Data Sheets (MSDS). To locate MSDS, contact your division ES&H staff or see the nearest ìRight to Knowî posting station.
Store flammable solvents such as methanol and acetone in safety cans and flammable-storage cabinets. Specific regulations govern the use of hazardous chemicals in radiation areasótalk to your ES&H staff.
Personnel Protective Equipment
You must wear safety shoes when there is a risk of foot injury. You may charge safety shoes to your experiment budget.
Contact your division ES&H staff to obtain and properly use a respirator to control the inhalation of toxic materials such as dusts, fumes and solvent vapors.
You may obtain prescription safety eyeglasses through the ES&H Section, WH7NE; you may charge them to your experimentís budget. Both the stockroom and division ES&H staff supply non-prescription safety eyewear.
You must wear hearing protection whenever the noise may rise above the standard of 85 dBA. Such areas are posted. You can get various types of hearing protection devices from the Fermilab stockroom, division ES&H staff and the ES&H Section.
Laboratory ES&H
ES&H Training. The spokesperson is responsible for ensuring that experimenters receive all the required training that applies to their jobs. Experimental conditions dictate course requirements. You must ensure that your own training is both complete and current. You may determine your current training status by running an Individualized Training Plan (ITP)óaccessible through the ES&H Sectionís Home Page on the Internet, ES&H Home Page/Train Database/Reports. Also, the division ES&H staff can help you determine the courses you need to take. Some common courses that experimenters may need are:
Lasers. You must register all lasers brought to the laboratory with the ES&H Section before use. Other laser requirements may include training and eye examinations.
Ladders and Scaffolding. All ladders and scaffolding used at the laboratory must meet the prescribed ANSI and OSHA standards in their construction and use. Never use metal ladders for electrical work or in areas where there is any possible contact with live electrical parts.
Crane or Forklift Operation. Any experimenter who intends to operate a crane or forklift must have the required training and authorization. You can arrange crane or forklift training through your division ES&H staff.
Confined Spaces. You must have training and a written permit from the division safety officer before you enter a confined space. Typical examples of confined spaces include manholes, tanks, pipes, sump pits, and Cerenkov counters.
Oxygen Deficiency Hazards. You must have current medical approval and authorized oxygen deficiency hazard training before you may enter areas posted as oxygen deficient hazard (ODH) areas. Contact your division ES&H staff for more information.
Traffic. Fermilab traffic regulations conform to those of the State of Illinois as prescribed in Rules of the Road. Violation of traffic regulations may provoke disciplinary action. Vehicle accidents are among the leading causes of injury at the laboratory.
Firearms and Hunting. Fermilab has a general prohibition against bringing firearms or any other weapons on site without the explicit written approval of the Director. Hunting and trapping are strictly prohibited.
Protecting the Environment
At Fermilab, our policy is to conduct research with respect for the environment. High environmental standards are fully compatible with accomplishing critical research. Here, we give a few basic environmental rules. Youíll find more information about environmental standards in the Fermilab ES&H Manual, Chapter 8000 (http://eshdbsrv.fnal.gov/FESHM/ ). If you have questions, contact your division ES&H staff, or call the ES&H Section Environmental Protection Group at extension 2565.
Division ES&H staffs must review all purchases of chemicals or transport of chemicals to the laboratory. To reduce environmental impact: buy only as much of a hazardous material as you actually need, choose less toxic or less hazardous alternatives whenever you can, and use or find a user for what you buy so that it does not become a waste.
If you have waste chemicals that must be disposed of, arrange disposal through your division waste coordinator.
Be aware that the construction, installation, operation or modification of any air pollution source may require a permit. This includes any source of airborne radionuclides.
Tours, Visitors and Minors in Experimental and Operating Areas
Potential health and safety hazards exist throughout the laboratoryóhigh voltages, oxygen deficient atmospheres, explosive gases, toxic chemicals, heavy rigging, complex machinery and radiation. Delicate, carefully aligned apparatus necessary for the operation of the experimental program is vulnerable to damage. For these reasons, experimenters must follow the rules governing the admission of visitors to experimental areas.
Normally only registered experimenters and Fermilab employees have access to experiments. All tours with more than five visitors must be approved by the division head. Tours with me than 10 require prior completion of a Facilities Request Form. Tours into any radiation area or high radiation area are strongly discouraged and must be approved by the appropriate division SSO and the division head. Additional requirements for tours in these areas are given in the Fermilab Radiological Control Manual. Tours of experimental halls and pits for experiments that are in operation or standby mode must have the approval of the spokesperson, physicist in charge, or liaison physicist in addition to the above requirements. Tours of experimental halls in completed or decommission mode may be arranged through the building manager.
Every user and Fermilab employee who has a visitor has the responsibility to know and follow Fermilab ES&H practices and procedures for the visit.
Children at Fermilab
Everyone under 18 years old, including children of employees, visiting scientists and DOE employees, must be continuously supervised by an adult while visiting Fermilab. Children may be permitted in certain office areas designated by the responsible division or section head, subject to approval by the division or section head.
Children can visit public and office areas. In general, they cannot visit laboratory areas, e.g. beamline enclosures, experimental halls, counting rooms, portakamps (except those used exclusively for offices) and non-office areas of assembly buildings. On a case-by-case basis, the division head may give permission for properly escorted children to visit specific laboratory areas for a specified length of time. You must get permission before allowing children to visit a laboratory area.
Substance Abuse
Fermilab fully supports state and federal laws concerning the drug-free workplace. Registered Fermilab users, (users who obtain a Fermilab ID,) are expected to comply with Fermilab drug and alcohol use policies and are subject to laboratory disciplinary actions for drug or alcohol abuse. Article 30 of the Fermilab Personnel Policy Guide, Fitness for Duty, states that disciplinary action will be taken for unauthorized consumption of alcohol or being under the influence of alcohol at the work site. Any use, sale, purchase, transfer, or possession of illegal drugs is prohibited. Article 28 describes substance abuse assistance programs and Article 20 describes the laboratory disciplinary procedures. The Fermilab Personnel Policy Guide is available at http://fnalpubs.fnal.gov/policyguide/cover.html
Policies and Rules to Protect Fermilab Computers
Introduction
The communications needs for research and planning require a broad openness in our systems. Our main concerns are protecting data and systems critical to the operations of the laboratory in pursuit of its mission.
Fermilabís continuing policy puts its first line of defense at the individual responsible for the data and the local system manager.
Roles
The Director has delegated overall responsibility for computer security and related matters to the Associate Director for Information and Technology (ADIT). The Computer Protection Program Manager (CPPM) reports to the ADIT in this area, and is the laboratoryís principle point of contact with external organizations (DOE, FBI, etc.) on computer security. The Computing Division Head is an important part of computer security management and generally participates in critical decisions and policy formulation.
Scope
Fermilabís Computer Security Policy covers Fermilab systems, whether on-site and connected directly to the Fermilab network, or on- or off-site and connected to the Fermilab network by the telephone system or other means. The policy and rules described here cover these systems no matter who is the owner or the method of connection to the network.
Fermilab employees and registered users (who have been issued an ID number) are responsible for their own actions under the computer security policy, as well as for the actions of any person who they permit to access a Fermilab system.
Appropriate Use
Fermilabís single mission is science and the laboratoryís stated policy is to maintain an open scientific environment where the free exchange of ideas is encouraged and protected. We want there to be unhindered freedom to use computers within a wide area, but this area is surrounded by extremely high walls. We cannot always describe exactly where those boundaries lie, because the technology is changing rapidly and because the walls may shift with shifts in the publicís tolerance and areas of scrutiny. Those who use Fermilabís computers and networks will have to use judgment and common sense when they operate near the edges of acceptable use.
Examples of activity that may bring an employee or user near or past the walls of acceptable usage and incur serious disciplinary repercussions (or, in certain cases, criminal sanctions) are:
Questions of proper or improper use of computers are normally management rather than technical issues and should be dealt with in the normal course of supervisory oversight. The Computer Security Plan includes the necessity of rapid response investigation of incidents involving extreme behavior, as well as preventive monitoring where there is reasonable cause.
Rules
The Computer Security Plan provides a minimal set of rules which will be enforced. They address incident reporting, protection of system and network integrity, prohibitions against unauthorized activities, ethical behavior, etc. They address matters serious enough that the laboratory is willing to enforce disciplinary measures for first offenses, such as suspending employees or barring users from laboratory facilities.
Incident Reporting
All employees and users are required to immediately report any suspicious incidents involving the security of Fermilab computers or networks, including apparent attempts at unauthorized access. Incidents should be reported to the Feynman Computing Center 24x7 Customer Support Help Desk at 630-840-2345, or to the system manager if immediately available. System managers are expected to report incidents immediately which do not have a simple explanation based on normal routine operation of the system. If there is clearly no urgency, incidents may be reported by email to computer_security@fnal.gov.
Incidents which must be reported include computer- or network-related activity, internal or external to Fermilab, that may impact Fermilabís mission through, for example, the possibility of: loss of data; denial of services; compromise of computer security; unauthorized access to data that Fermilab is required to control by law, regulation, or DOE orders; investigative activity by legal, law enforcement, bureaucratic, or political authorities, or a public relations embarrassment.
All reported incidents will be investigated by the Fermilab Computer Incident Response Team (FCIRT), appointed by the ADIT. The Head of FCIRT may assume full administrative control of affected system(s) until the incident is resolved, and may call on other technical experts for priority assistance.
Employees and users must not disclose information resulting from a computer security incident without authorization. The head of the FCIRT and the ADIT, in consultation with the head of the Computing Division and the Public Information Office, will determine specific information to be disclosed to employees, users, other organizations, and the public.
Unauthorized and Malicious Access and Actions
All employees and users are forbidden to attempt unauthorized entry to computer systems or accounts, or to attempt unauthorized damage, alteration, or deletion of data (including software). Individuals are implicitly authorized to access accounts in their own name, and to alter or delete data in those accounts. They may also access files which are enabled for reading for a class of individuals including the person attempting to access them. The burden of proof of authorization rests with the person attempting to access an account; possession of a password is not proof of authorization.
All employees and users are forbidden to attempt to cause denial of computing or network services at Fermilab. Serious negligence that results in service denials will be treated as any other negligence that results in equivalent damage to the laboratory mission.
Ethical Behavior
All employees and users are required to use the same basic standards of ethical behavior (in regard to fraud, forgery, plagiarism, harassment, libel, etc.) when computers are involved as the laboratory requires when computers are not involved. The same disciplinary consequences for violation will be imposed.
Restricted Central Services
Certain central services may only be implemented by authorized Computing Division personnel. These include: news groups; routing, bridging, or tunneling (including multicast); addressing and naming; external access connections (except via telephone modem); and, network time. Future restricted services may include external mail and mail exploders or reflectors and will be publicly announced.
Security and Cracker Tools
A ìsecurity toolî is a tool with the capability to systematically probe, or otherwise gather information about, a system or network in order to discover security vulnerabilities. A ìcracker toolî is a tool with the capability to systematically exploit security vulnerabilities in order to attempt unauthorized access, destruction or theft of data, denial of service, or other unauthorized activities. The use of any tool as a security or cracker tool or the possession of any tool whose principal capability is as a security or cracker tool by employees and users is limited to the specific tools, time frame, and purpose, in explicit written authorization signed by the ADIT or CPPM.
System Managers
Employees and users who have root/system/administrator password access to three or more systems or to a major clustered system are required to register with the CPPM (via the web form at http://miscomp.fnal.gov/sysadmindb) so they may be reached to provide assistance during a computer security incident response. They will be asked to maintain a list of all systems for which they have such access. All system managers will be expected to follow sound system security guidelines as developed by the Computing Division.
System managers may access all ìsystemî accounts and files on systems for which they have responsibility. ìSystemî accounts and files are those not specifically assigned to an individual. In the course of normal system maintenance activities they may disable the computer or its network connections and they may work with an individualís account or files with the following restrictions: they may not physically (in the human sense) read or inspect the data or information in them (except for files enabled for reading by a class of individuals, including the person attempting to read them), and they may not change or delete files in a way that precludes recovering the original data. A person has ìsystem manager responsibilityî if a) he/she is registered in the System Manager Data Base for that system or b) the system is assigned as an individual computer or workstation to the person (and registered in the sensitive item data base if applicable).
Division/Section Rules
Divisions and sections may establish security rules or guidelines for systems under their management. These may be enforced by disabling access for a user who is in violation.
Critical Systems
Computer security incidents involving certain systems could seriously impact the laboratoryís science programmatic operations. Such systems may be designated ìcritical systemsî and may be subject to additional computer security policies and procedures, beyond those described here.