Innovating the Future of Aviation Security. July 19, 2016

Similar documents
Advanced Integrated Passenger and Baggage Screening Technologies

STATEMENT OF JOHN ROTH INSPECTOR GENERAL U.S. DEPARTMENT OF HOMELAND SECURITY BEFORE THE COMMITTEE ON OVERSIGHT AND GOVERNMENT REFORM

THE EQUIPMENT THE SOLUTION THE CHALLENGE THE THREAT

Cisco Services for IPTV

Department-wide Systems and Capital Investment Program

Agency for State Technology

State of Oregon. State of Oregon 1

Kangas Cybersecurity strategy

The Transportation Security Administration Does Not Properly Manage Its Airport Screening Equipment Maintenance Program

PREMIER SERVICES MAXIMIZE PERFORMANCE AND REDUCE RISK

Release of the Draft Cybersecurity Procurement Language for Energy Delivery Systems

International Civil Aviation Organization ASSEMBLY 38TH SESSION EXECUTIVE COMMITTEE

FFIEC Cybersecurity Assessment Tool

Five best practices for deploying a successful service-oriented architecture

Project Type Guide. Project Planning and Management (PPM) V2.0. Custom Development Version 1.1 January PPM Project Type Custom Development

Department of Veteran Affairs. Fred Catoe Office of Cyber and Information Security AAIP Project Manager March 2004

Risk Management Framework (RMF): The Future of DoD Cyber Security is Here

The PNC Financial Services Group, Inc. Business Continuity Program

How To Implement Itil V3

FAA Cloud Computing Strategy

GOVERNMENT USE OF MOBILE TECHNOLOGY

LDAP Authentication Configuration Appendix

SafeNet Licensing Solution Design Workshop

STATEMENT THOMAS P. MICHELLI CHIEF INFORMATION OFFICER U.S. IMMIGRATION AND CUSTOMS ENFORCEMENT DEPARTMENT OF HOMELAND SECURITY REGARDING A HEARING ON

Eastern Illinois University information technology services. strategic plan. January,

DEPARTMENT OF HOMELAND SECURITY

Microsoft Active Directory Project

Your Software Quality is Our Business. INDEPENDENT VERIFICATION AND VALIDATION (IV&V) WHITE PAPER Prepared by Adnet, Inc.

Introduction to PAS 127:2014 Checkpoint security screening of people and their belongings Guide

Project Charter and Scope Statement

System/Data Requirements Definition Analysis and Design

IoT & SCADA Cyber Security Services

Comprehensive European Security Approaches: EU Security Programmes. Robert HAVAS EOS Chairman of the Board

Enterprise Security Tactical Plan

Achieving Strategy with IT projects through Business Process Change

Information Technology Services Project Management Office Operations Guide

SECTION C: DESCRIPTION/SPECIFICATIONS/WORK STATEMENT

U.S. Office of Personnel Management. Actions to Strengthen Cybersecurity and Protect Critical IT Systems

Corporate Overview. MindPoint Group, LLC 8078 Edinburgh Drive, Springfield, VA Office: Fax:

Agency Services. Moving Ahead. Agency Services Road Map

Cybersecurity Enhancement Account. FY 2017 President s Budget

SOFTWARE ASSET MANAGEMENT Continuous Monitoring. September 16, 2013

Project, Program & Portfolio Management Help Leading Firms Deliver Value

State of South Carolina Policy Guidance and Training

System Development Life Cycle Guide

April 15, The Honorable Phil Scott The Office of the Lieutenant Governor 115 State Street Montpelier, Vermont Dear Lt.

Establishing A Multi-Factor Authentication Solution. Report to the Joint Legislative Oversight Committee on Information Technology

Conducting Security System Site Surveys

SAP ERP Upgrade Checklist Project Preparation

Central Agency for Information Technology

Experience the commitment WHITE PAPER. Information Security Continuous Monitoring. Charting the Right Course. cgi.com 2014 CGI GROUP INC.

Task Order 006 Project Plan: Increment 2C Objective 1: Plan and Define

HHSN W 1 QSSI - Quality Software Services, Inc

Auditing the Software Development Lifecycle ISACA Geek Week. Mike Van Stone Sekou Kamara August 2014

Symantec Control Compliance Suite Standards Manager

VICNET is G-Cloud7 GOV UK Supplier VISIT DIGITAL MARKET PLACE VICNETCLOUD VICNET CLOUD MIGRATION SERVICES

CANADIAN AIR TRANSPORT SECURITY AUTHORITY. Summary of the. 2012/ /17 Corporate Plan. 2012/13 Capital Budget. 2012/13 Operating Budget

ALM/Quality Center. Software

Cisco Network Optimization Service

WHITE PAPER: STRATEGIC IMPACT PILLARS FOR EFFICIENT MIGRATION TO CLOUD COMPUTING IN GOVERNMENT

Qlik UKI Consulting Services Catalogue

Table of Contents CYBER SECURITY STRATEGIC PLAN VERSION 1.0

Cybersecurity Framework. Executive Order Improving Critical Infrastructure Cybersecurity

Defining a Secure Mobile Framework Architecture at DHA

BELL LABS ADVISORY SERVICE FOR SMART GRID NETWORK TRANSFORMATION STRATEGIC PLANNING FOR THE MODERNIZATION OF UTILITY COMMUNICATIONS NETWORKS

Cisco and VMware Virtualization Planning and Design Service

NICE and Framework Overview

Risk Management Primer

FREQUENTLY ASKED QUESTIONS

IG ISCM MATURITY MODEL FOR FY 2015 FISMA FOR OFFICIAL USE ONLY

The Convergence of IT Operations

state of south dakota Bureau of Information & Telecommunications Provide a Reliable, Secure & Modern Infrastructure services well-designed innovative

CDC UNIFIED PROCESS JOB AID

SDLC- Key Areas to Audit in IT Projects ISACA Geek Week /21/2013. PwC

Information Technology Strategic Plan

AFCEA Aberdeen Luncheon. Army Common Operating Environment (COE) Update. March 11, 2015

FY Strategic Plan

ORIGINAL PLAN DATE: MARCH 1, 2012 REVISION DATE: REVISION:

A Secure and Open Solution for Seamless Transit Systems

Enhanced Funding Requirements: Seven Conditions and Standards

SYSTEMS SECURITY ENGINEERING

Certified Identity and Access Manager (CIAM) Overview & Curriculum

Real Property Portfolio Optimization

Dynamic Service Desk. Unified IT Management. Solution Overview

Technology Lifecycle Management. A Model for Enabling Systematic Budgeting and Administration of Government Technology Programs

Section 6. Governance & Investment Roadmap. Executive Governance

Information Security Management System for Microsoft s Cloud Infrastructure

Migrating to Windows 7 - A challenge for IT Professionals

SECTION C: DESCRIPTION/SPECIFICATIONS/WORK STATEMENT Article C.1 Introduction This contract is intended to provide IT solutions and services as

The SIA Standards Roadmap describes the strategies for achieving the mission and enhancing stakeholder participation.

IT Standards & Contract Management

How To Create A Single Sign On For Blackboard

Small Business. Leveraging SBA IT resources to support America s small businesses

United Nations Industrial Development Organization

Patch and Vulnerability Management Program

Management Consulting: Improving Organizational Performance and Delivery of Quality Service

NATIONAL CREDIT UNION ADMINISTRATION OFFICE OF INSPECTOR GENERAL

A Mock RFI for a SD-WAN

Transcription:

Innovating the Future of Aviation Security July 19, 2016 1

Innovating the Future of Aviation Security Workshop Topics Cybersecurity Cybersecurity Requirements; Technical Solutions Innovation Operational Improvements; New Technologies; Innovation Task Force (ITF) System Architecture Update on Implementation of OSC System Architecture; Priorities for Fiscal Year 2017; TSE Connectivity Deployment & Logistics Planning Guidelines and Design; Checkpoint Design Guide System Architecture 1 2 3 4 Deployment and Logistics 1 2 3 Innovation 1 2 3 4 Cybersecurity The Office of Security Capabilities safeguards our nation s transportation systems through the qualification and delivery of innovative security capabilities and solutions. 1 2 Standards & Security Passenger Screening 3 4 3 4 Standards & Security Updates to Detection Standards Passenger Screening LCCE Revision Updates; Passenger Screening Experience Test & Evaluation New Qualification Process; Third Party Testing Update Checked Baggage Recap and Acquisition Plans Checked Baggage 1 2 3 Test & Evaluation 2 3 Alignment to Strategic Five-Year Technology Investment Plan Themes: 1 Enhancing Core Mission Delivery by Focusing on Systemof-Systems 2 Integrating Principles of Risk-Based Security in Capabilities, Processes, and Technologies 3 Streamlining Acquisitions, Requirements, and Test and Evaluation Processes 4 Increasing Transparency in Engagement with Stakeholders to Enable Innovation 2

Lifecycle of a Capability OSC is building a culture of innovation and developing a system-of-systems approach to support next generation curb-to-gate solutions and allow for the rapid demonstration and deployment of emerging technologies to improve passenger satisfaction, enhance detection, and increase efficiencies. Innovation Incorporate new technologies and processes into TSA operations to improve efficiency and effectiveness. Cybersecurity Complete studies and analyses that cover both operational and technical cybersecurity challenges. Security Technology Integrated Program (STIP) Enablement Connect Transportation Security Equipment (TSE) to a shared network by enabling STIP. System-of-Systems Define the future state of system architecture to support interoperability and connectivity. Common Standards Establish common standards for TSE and user interfaces to support program integration and increase transparency for stakeholders. Updated Detection Standards Develop new primary passenger screening detection requirements with input from industry and DHS groups. Deploy and Sustain Coordinate deployments, maintain fielded technologies, and make recommendations for redesign efforts. Test and Evaluation Enhance System Qualification Process and establish the Engineering Requirements Review Board (ERRB). Checked Baggage Upgrade existing technologies and maintain capabilities to support a system-of-systems approach. Checkpoint Implement new lifecycle cost estimates (LCCEs) focused on maintenance of existing TSE in the near term and the development of future capabilities longer range. Program Initiation and Integration Align the checked baggage and checkpoint programs to support system architecture. New Technologies Partner with DHS S&T and industry to develop new technologies for screening, identity verification, and information technology (IT) security. 3

Cybersecurity TSA/OSC is developing a set of cybersecurity capabilities for endpoint devices and the network to mitigate known cybersecurity risks and allow authorizing officials to weigh against compliance requirements, enabling a risk mitigation approach to TSE cybersecurity. Initiatives Credential Authentication Technology (CAT) Cybersecurity Remediation Johns Hopkins University Applied Physics Lab (JHU/APL) Study Perform Developmental Test & Evaluation (DT&E) of the STIP system and conduct assessments of cyber threats to checkpoint operations and equipment (e.g., CAT) Cybersecurity Market Research Identify solutions for potential proofs of concepts (PoC) to allow TSEs to reconnect to TSANet Impact Assessments will enhance TSA cybersecurity through identification of potential cybersecurity threats, providing TSA with an increased level of awareness of the threat environment to support risk-based security initiatives Identifying enterprise-level cybersecurity solutions will allow OSC to buy-down risk and conduct comprehensive security solution assessments DHS Cybersecurity Requirements 1. Operating System (OS) Currency/ Security Patching 2. OS Hardening 3. Anti-Virus (AV) Updates 4. Personal Identity Verification (PIV) Compatibility 5. Security Scanning Support 6. Technical Obsolescence 7. Security Operations Center (SOC) Monitoring 8. Plan of Action & Milestones (POA&M) Support 9. Vendor Information System Security Officer (ISSO) Designation

Innovation Task Force In the upcoming year, TSA is investing in people, process, and technology innovation through the Innovation Task Force. In coordination with industry, airports, airlines, and other stakeholders, the long-term goal of these innovation initiatives is to increase operational effectiveness and efficiency. Initiatives Current initiatives leading to increased technology effectiveness and efficiency are the following: DHS S&T Screening at Speed Emerging Technology Demonstrations Executable Strategic Plan for Innovation Initiatives Impact A vision for a future screening experience that includes higher throughput, increased detection, and passenger experience Next-generation technology that increases TSA and aviation partners range of possibilities, rather than bounding that range An innovative environment that fosters emerging capabilities and collaboration across stakeholders People solutions, process improvements, and technology advancements support OSC s innovation initiatives and enable a future screening experience for passengers. People

Pilot at ATL Atlanta International Airport (ATL) is the pilot innovation lane, allowing TSA to refine the process to establish and operate an innovation lane. TSA continues to develop and refine the broader ITF program based on the ATL pilot. ATL Overview Partnering with Delta, MacDonald Humfrey, Rapiscan, and Atlanta Airport Authority Assessing MacDonald Humfrey Automated Screening Lane, commonly referred to as a bin return system Cross-TSA IPT developing processes to execute ATL innovation lane March April May 3/18 5/2: MH Software Development 2016 5/24: Go-Live 3/18: Stakeholder Kick-off Meeting 5/3 5/13: TSIF Testing 5/6: ATL Infrastructure Updates; MH System Delivered to ATL 5/15: Lanes Fully Operational 5/15 5/23: TSO Training and Checkpoint Finalization

ATL Wins Identified critical path to expedite delivery in less than 9 weeks Kicked off IPT and enabled coordination across TSA and external stakeholders Developed processes and documentation to drive future ITF site stand-ups and installations 2016 Go- Live

Automated Screening Lane System Demonstration

System Architecture The OSC System Architecture program supports the integration of technology, data, and processes to enable expanded implementation of risk-based security through the development of an integrated and modularized security screening system. Interface and Standards Analysis Identify and assess key interfaces and evaluate standards such as DICOS Common GUI Displays Develop EDS and AT common display standards Common Data and Interface Standards Document standard postprocessed image data format Common Algorithms Develop 3rd party dynamic risk-based algorithms Common Data and Interface Standards for Non-Imaging Modalities Document standard postprocessed data format System of Systems Current capabilities integrated into initial baseline Architecture Definition Define the current and future state of business, data, application, and technology architectures System Architecture Program Initiation Socialize principles and vision with programs, partners, and industry Cybersecurity Solution Proof of Concept Implementation and Migration Planning Conduct detailed implementation analysis, migration planning, and project prioritization Initial TSE Connectivity Program Alignment and Business Reengineering Assess and reengineer relevant organizational processes Architecture Testbed Implement physical system architecture testbed Requirements and Standards Program Initiatives Architecture Development Cybersecurity Milestone Implementation Governance Govern the overall implementation and deployment process Key New capabilities procured through a system of systems approach with updates to the hardware and software baseline Cybersecurity is a requirement for full System of Systems capability Documentation Testing Deployment 9

Deployment and Logistics OSC s Deployment and Logistics Division (DLD) provides airports with efficient and effective security capabilities for checked baggage and checkpoint screening options, communicates with internal and external stakeholders to coordinate deployment, and maintains all fielded TSE throughout its lifecycle. Initiatives Provide guidance for checkpoint redesign efforts at airports to prepare checkpoints for next generation technologies and capability Activities demonstrations Create and maintain checkpoint design guides through DLD that that allow for integration relate of new TSE Maintain the Deployment Interactive Viewer of Equipment (DIVE) to industry Impact Checkpoint design guides can emphasize best practices for designing screening system layouts that allow the integration of future capabilities Desired DIVE enables TSA to view current deployments and incorporate future Outcomes capabilities into airport planning, easing the path to system integration for new TSE / Benefits 10

Checked Baggage The OSC Checked Baggage Technologies Division (CBTD) has outlined a path forward in order to meet TSA s goal to improve security effectiveness through a system-of-systems technological approach. By establishing agreed-upon pathways, interdependencies, and supporting roles, CBTD is working to achieve targeted future state objectives. Initiatives Develop and deploy enhanced threat detection algorithms Develop and deploy CT80DR+ Upgrade Kit Enhance alarm resolution Activities capabilities Upgrade networks and enhance focus on IT security Develop Threat Image Projection that relate Maintain the Planning Guidelines and Design Standards (PGDS) through cooperation between CBTD to industry and DLD Impact TSA will procure and deploy TSE (EDS and ETD units) to maintain 100% screening compliance Current projects with executed Letters of Intent or Other Transactional Agreements will be fulfilled Desired Upgraded networks will enhance IT security, allowing for STIP Outcomes enablement / Benefits 11

Test and Evaluation OSC s Test and Evaluation Division (TED) provides test and evaluation and lifecycle matrix support services to the OSC program offices, TSA field elements, and other TSA/DHS stakeholders. TSA is improving TSE acquisitions by engaging with the Original Equipment Manufacturer (OEM) earlier in the development process, resulting in more mature TSE. Initiatives System Qualification Process Enhancements o Earlier and more frequent involvement with the OEM during Design and Development of TSE Activities o Third Party Testing Program Engineering Requirements Review Board (ERRB) Development that relate to industry Impact System Qualification Process Enhancements could decrease failures, delays, and costs resulting from the iterative cycle of test, fix, and retest ERRB will provide a forum for key Desired stakeholders to review and approve functional requirements prior to Outcomes finalizing relevant acquisition documentation / Benefits 12

Passenger Screening Program The Checkpoint Solutions and Integration Division (CSID) Passenger Screening Program (PSP) LCCE document provides a structured accounting of all associated checkpoint TSE cost elements. The LCCE accounts for all PSP activities and helps prioritize maintenance and improvements to currently deployed TSE based on the establishment of future programs. PSP LCCE Overview FY17 FY18 FY19 FY20 FY21 FY22 FY23 FY24 FY25 FY26 Relative Funding Trends PSP (Legacy TSE) PC&I Sustain, maintain, and improve deployed capabilities (including recapitalization) through FY20 PSP (Legacy TSE) O&M Operate and maintain fielded equipment New Programs (New Checkpoint Capabilities) Establish New new Programs programs (New to provide Checkpoint systems Capabilities) based on future checkpoint capability needs, focusing Establish on new a holistic programs approach to provide and moving systems away based from on future specific checkpoint technology capability based requirements needs, focusing on a holistic approach and moving away from specific technology based requirements As TSA moves towards full implementation of System Architecture, activities for deployed systems will decrease while funding and resources will be increasingly focused on future capabilities. 13

Standards and Security Due to constantly evolving security threats facing multiple DHS components, TSA is reviewing requirements and detection standards and updating processes to protect against threats facing the nation while enabling enhanced future technologies. Initiatives Aligning testing processes to allow technology and algorithms to be submitted for certification in addition to qualification Revising detection standards and requirements for Advanced Technology/Automated Personnel Security System, Explosives Detection System, Explosives Trace Detector, Bottled Liquids Scanner, Advanced Imaging Technology (AIT), and Enhanced Metal Detector to provide security against an adaptive and improvising adversary Enhancing checkpoint design recommendations Impact Certified technology and algorithms can be submitted to ITF for demonstration and will encourage mature TSE and technical capability Revised detection standards will require technologies to be recertified in order to be deployed Industry will need to consistently innovate through development of algorithms and technologies to meet new standards Updated checkpoint design recommendations allow for demonstration of enhanced future capabilities 14

OSC High-Level Initiative Timeline Short-term (6-12 months) Deploy vetted technologies and improve existing processes Define and initiate system architecture projects Finalize requirements for nextgeneration technologies Finalize checkpoint technologies LCCE Deploy additional AIT machines Recap ETD machines Deploy CAT Conduct cybersecurity proof-ofconcept and market research Establish new qualification processes Align program regimens Implement ITF with 4 airlines in 10+ airports Mid-term (1-2 years) Develop innovative solutions and capabilities Partner with DHS S&T Screening at Speed Invest in emerging technologies Enhance algorithms for ultra false acceptance rates Implement IT security requirements Network TSE through STIP Integrate RBS with checked baggage Define common standards for TSE and interfaces Assess OSC s future operating model Long-term (2-10 years) Create a holistic curb-to-gate screening approach Implement system architecture Deploy walk-through, standoff trace detection, next-generation X-Ray, and high resolution trace detection Fully implement biometrics Deploy dynamic and risk management algorithms Fully integrate risk in passenger and baggage screening Create a seamless passenger experience Enhance screening and detection through stream of commerce and improvised threat characterization Demonstrate future concepts 15

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information