DHS Science & Technology Manufacturing Pilot Project Long Island Forum for Technology In partnership with Applied Science Foundation for Homeland Security (HomeTech) February 28, 2011
DHS Science & Technology Manufacturing Pilot Project Long Island Forum for Technology Applied Science Foundation for Homeland Security Agenda Schedule Topic Presenter 9:00 – 9:10 Welcome and Introductions Rich Rotanz 9:10 – 9:20 Project 1 Phase 1 – Gap Analysis Rich Rotanz Steering Committee Update 9:20 – 9:40 Project 1 Phase 2 – Regional Rich Balfour Common Operating Picture 9:40 – 10:00 Project 2 – WildCAT Anita D’Amico 10:00 – 10:10 Break 10:10 – 10:30 ASFHS Capabilities Rich Rotanz Bill Wahlig 10:30 – 11:00 Open Discussion/Questions/ All Action Summary 11:00 Adjourn
Gap Analysis – Background Contract: To investigate and assess developing and emerging technologies in situational awareness/common operating picture, and to identify and report on the gaps and other emerging issues. Methodology: Site visits and questionnaires of existing and emerging programs, First Responder workshops with accompanying manuals and questionnaires, followed up with phone and email dialogue, parallel with related literature review. Relative DHS Initiatives: (not limited too) National Incident Management System (NIMS); Target Capabilities List (TCL); the National Infrastructure Protection Plan; the National Strategy for Information Sharing; and the National Response Framework.
Gap Analysis Team – Steering Committee Composition: Members of the First Responder community. Formulate the construction of the project for the Gap Analysis Team Task: identify developed and emerging situational awareness technologies visit such sites [Virtual Alabama; Virginia VIPER; Texas A&M Dash-Board; FEMA Region 4 STORM; SeaHawk conduct an assessment as to their geographical locations who is / has developed the technology what is the intended purpose of such developing programs what is the current user base what is the technology platform what data is provided system use .
Gap Analysis Team – Steering Committee Gap Analysis Team’s assessments of sites were presented to the Steering Committee Committee assisted in identifying workshop locations where the assessments would be presented for further discussion with responder organizations of Tier 1, Tier 2, and non-UASI regions [NY; Washington DC; Dallas TX; Fargo ND] The workshop presentations: The baseline of technologies and capabilities used in the New York City (NYC) Emergency Operation Center, during the September 11, 2001 World Trade Center attacks, followed by a presentation of the assessments from the five site visits. Guided discussions to identify technologies, related policies, and emerging issues occurring in the respected workshop regions. At each workshop, attendees filed an anonymous questionnaire, which also provided areas for comments and recommendations.
Gap Analysis Findings Findings of the Analysis were sectioned into the following five categories of assessment and observations Technology Policy Education / Training Funding Facilities
Assessments & Observations Technology Situational awareness technology development is proceeding forward in various directions and goals, with no central oversight Scalable and adaptable technologies for managing large amounts of information are unavailable Report-by-exception triggers are not uniformly defined or integrated into situational awareness programs Middleware for interoperability is not standardized Standards, such as the Emergency Data Exchange Language (EDXL) and related subset standards are not uniformly considered, or part of development Symbology is not standardized
Assessments & Observations Policy A universal definition for situational awareness is not established Perception that data sharing policies are not available or are out of date Situational awareness data language needs to be standardized NIMS is not utilized universally
Assessments & Observations Education Awareness between DHS, the states, and that of local organizations to programs such the First Responder Community of Practice platform and ongoing research is not a regular occurrence Education programs on related technology and policies are not provided or available universally A repository of the technology being developed, technology programs with ongoing funding, and potential considerations of new technology is not available First Responders are not educated/trained in social networking communication Sharing of information between public and private sectors is not mandated
Assessments & Observations Funding DHS funding is not consistent regarding how funds are directed and apply requirements to current and/or developing standards such as those emanating from OASIS Research funding to assess situational awareness needs and standard applications and systems is too low Training and education in situational awareness and decision-making processes is underfunded and not always made available to all Facilities Linked operational backup facilities are not established for all Fully staffed personnel who can interpret and react to incidents for all disciplines are not always staffed 24/7 or available universally
Recommendations Situational awareness technologies Central oversight of situational awareness, and command and control technology development and research. The development of scalable and adaptable situational awareness technologies. The need for a situational awareness technology repository. Training and education of first responders on the use of situational awareness technologies. National Incident Management System (NIMS). Universal application of NIMS. Situational awareness technology development consistent with NIMS compliances and accountability.
Recommendations Social networking analysis technologies The development of social networking analysis technologies. Education for first responders on the application and use of social networking communication. Emergency Operation Centers and Fusion Centers Mandated sharing of data between the public and private sectors as indicated from the National Strategy for Information Sharing. The need for 24/7 personnel to interpret and react to situational awareness data.
ASFHS Regional Common Operating Picture (RCOP) Demonstration Project What is RCOP? – seamless virtual integration of all available data / imagery/ sensors and services for a given region – accessible in an interactive desktop browser. [Repeatable processes for Command Center; Common View; Mobile Delivery Methods; Remote Servers & Networks] Primary Focus – TRANSITIONING TO OPERATIONS “accelerate the transferof technology and ideas into market-driven products and systems” Primary Goal – DELIVERING OPERATIONAL PRODUCT “create, test, integrate, select, buy and commission operationally-driven solutions in the First Preventer / First Responder environment” Primary Methods – RCOP TECHNOLOGY TESTBED “virtual location for linking R&D with users and the real-world environment for validation testing”
Primary Focus -- TRANSITIONING TO OPERATIONS Transitioned DHS S&T SBIR technology into an operational RCOP system Go ‘Live” at ASFHS-- RCOP operating 24/7 (since 11/12/10) 3mos. Later -- resulted in contracted deployments for Nassau County Police; and Nassau County OEM WHY? (effective IPT and Commercialization Strategy) RCOP COUNTY – Nassau [OEM : video/sensors in parks & facilities; mobile command (preparing Contract)] [PDCN: integrating ShotSpotter, video cameras, vehicle locators (under Contract)] [IT/GIS: updated imagery and data; live link to web services;] RCOP TOWN – Oyster Bay [cameras in parks; tracking DPW vehicles; mobile emergency response;] RCOP COMMUNITY – Bethpage [ASFHS building; school campuses; fire/water districts; mobile network /WILDCAT] Remote RCOP CITY – Baltimore [live traffic Cameras; expanded imagery coverage; mobile sensors] Next: MTA/LIRR; Suffolk (PD & FRES); NYC (Command Center – Private Sector)
Primary Goal -- DELIVERING OPERATIONAL PRODUCT ASFHS unique relationship to Industry / Academia & First Responders Integrating DHS S&T Initiativesfor information sharing frameworks: UICDS (SAIC) & SIMON (SRI) & LDDRS (MIT) & vUSA initiative (NYS) National Commercialization Plan – current RCOP portals for L.I. (Nassau-Suffolk), NYC (Private Sector), NJ (MLS Stadiums), Baltimore (Visuality), Chicago (O’Hare Airport), Tampa (Port Security), Fort Hunter Liggett (Army Training), Global Streets Network Partner Commercialization Channels -- Direct Results of RCOP / ASFHS SRI International (Ports), Siemens (SmartGrid), Telephonics (Border), Northrop Grumman (LSI), FugroEarthdata (Imagery), Patton Electronics (Mobile Video), Benham Security (Private Sector), MSA (NYC Private Security), ATK (Military), Power Management (Facilities), Globecomm (Communications), Canada RDG2 (Rail Transportation – CTA / Bombardier), and a European distribution partner
Primary Methods -- RCOP TECHNOLOGY TESTBED DHS S&T UICDS Information Sharing Framework (with SAIC) transition of DHS CoE technologies for first responders can leverage the UICDS Core Pilot program being implemented at the ASFHS. DHS S&T SIMON Sensor Management Framework (with SRI International) SIMON is an enterprise-level service-oriented architecture that can be an important component for integrating DHS CoE sensor technologies into existing CONOPS for producing field-ready applications. DHS S&T LDDRS (with MIT LL) LDDRSprovides an information backbone that manages and distributes data, providing an additional collaborative framework that can be leveraged in the ASFHS environment. NYS Stony Brook University Research Stony Brook University has teamed with the ASFHS to provide the transition and commercialization for technologies in the areas of Robust Wireless Networks; High-Speed Database Access; and Video Analytics / Facial Recognition ID and Tracking. DHSALERT CoE (Northeastern University) Transitioning technologies in Video Tracking, Persistent Surveillance and Explosives Detection, targeting current deployments forNassau County OEM, and a project initiative with NYSDEC (and potentially Army Corp. of Engineers), and a PSI initiative with RDG2 (Canada) for transit surveillance.
DHS ALERT CoE (Boston University) Transitioning technologies in Video Analytics (anomalous behaviors)for transportation applications that can be adapted to specific needs of the NYC MTA Police. DHSALERT CoE (Siemens Corporate Research) Pedestrian Surveillance technology (IPSP hardware & software) being transitioned for field testing in an operational environment and readied for test deployments with Nassau County Police / MTA Police. DHS NTS CoE (Texas Southern University) PetroChemical Incident Locations (PILS) being adapted to the UICDS framework and integrated with deployed HazMat tracking solutions from GeoCommand for field testing with FDNY and local Fire Depts. DHSCCICADA CoE (Illinois University) Analytical Data Visualization technologies (initially for crime databases) being integrated into an operational environment for CONOPS application and access to ‘live’ datasets from Nassau County Police Dept. DHSCREATE CoE (University of Southern California / Stevens Institute) Risk Analysis for Port Security (PortSec) being integrated into the SIMON architecture currently deployed for the Port of Tampa (with the U.S. Coast Guard). DHS S&T Cell-All Program RCOP Command Center at ASFHS as a demonstration test-bed for the Cell-All sensor system demonstration – with opportunities to integrate candidate CoE technologies.
Important NEXT STEPS for RCOP COMMERCIALIZATION Private Sector Investment (2011 SBA Tibbetts Award) Continued DHS S&T support Full RCOP integration with UICDS, SIMON, LDDRS, vUSA, etc. Stimulate National Rollout through Regional Testbeds (RCOPs) DHS S&T BAA Topics: Border & Maritime Security; Transit System Surveillance Architectures; Standoff Detection of Explosives; Data Fusion Algorithms; Social Network Interaction; Simulation-based Incident Planning & Response; Information Sharing; Modeling & Analysis for Decision Support SBIR Phase II CoE Technology Transition Safety Act certification
Situational Awareness of Wireless Threats to Critical Infrastructure
Detecting 802.11 Wireless Threats Wireless Discovery Systems What they do Detect unauthorized wireless devices Detect suspicious attempts to break into critical networks using a wireless vector Two main types Wireless Intrusion Detection Systems (WIDS) - Stationery sensors Wardriving - Reaches beyond the perimeter, e.g. Kismet, NetStumbler, Flying Squirrel
Wireless Threats Are Local Perpetrators are nearby their target Local presence is required to detect a wireless threat Continuous monitoring is needed WIDS is expensive Wardriving is time consuming and not regular Lots of wardrive data is hard to analyze Immediate response to wireless threats is typically not achievable by a cyber security team
Project Goals Extend wireless monitoring near critical infrastructure to local physical security force Combine the physical presence of local security patrols with remote analysis by cyber analysts Simplify 802.11 wardriving and data analysis Alert & reportand rapidly respond to high-priority anomalies with local security forces Correlate threats across disparate locations and time
How WildCAT works… Remote Connectivity (Satellite, 3G, etc.) Suspicious Detections Instructions to Patrol Intruder Emits wireless signals Centralized Monitoring and Analysis Aggregates and fuses data from multiple facilities. Provides instruction to field patrols. Instrumented Patrol Car Detects intruder’s wireless emissions
What is WildCAT? Real-time analysis of wireless network activity Data automatically collected during normal security patrols Detections transmitted to central analysis center Alerts triggered by suspicious behavior automatically Alerts are reported to physical security forces Additional correlation and analysis across multiple locations
Analysis Center Monitoring system
Analysis workstation Investigate alerts Compare detections collected across multiple locations
MeerCAT: Base Technology for Analysis Post-hoc analysis of mobile wireless discovery Analyst “wardrives” local area usingKismet, NetStumbler, or Flying Squirrel Feeds data to MeerCAT when in office MeerCAT displays locations, connectionpatterns, channels, encryption, topology Reports time/behavior patterns of rogueand non-compliant authorized wireless access Ability to analyze multiple wardrives over time
How MeerCAT Works Lots of data to make sense of Reduce the data by filtering Look for suspicious activity Identify proximity of suspect to target Follow the suspect’s trail Assess the risk
In-Vehicle Display Notify patrol operators of potential threats Provide instructions on how to proceed Display a 2-dimensional map of where activity was discovered
Reporting System Generate reports showing results of detailed analysis Monthly status and trend reports in multiple formats
Benefits of WildCAT Consistent real-time detections increase odds of identifying malicious activity Identify vulnerabilities of devices quickly Alerts automatically generated if suspicious activity is detected Ability to tailor alert patterns to specific needs Installed in existing patrol cars Reduces man-hours involved in wardriving No human interaction once installed Reaches areas that a WIDS cannot Relatively low cost for the entire system
The Future Transition - Government Real-time monitoring, analysis, and reporting system securing Military bases Embassies Ports Transportation hubs Power plants Recognition of coordinated cyber attacks Flexible, easily deployed system
The Future Commercialization Potential Customers Physical Security Companies Large Retailers Medical Requires additional resources to Change Flying Squirrel to an open source wireless discovery software (Kisment, Netstubmler) Perform scalability testing Develop and implement a manufacturing plan Develop training and instructional materials and licensing agreements Establish a support infrastructure
Configure rules to detect suspicious activity Define suspicious behavior patterns that will trigger alerts in analysis center
Messaging system Send an image indicating where an alert occurred Relay a message to active patrol cars on how to proceed
Auto-generated PowerPoint reports
Auto-generated MS Word reports
Mission The multi-faceted mission of this Foundation facilitates the convergence of industry, academia and First Responder based operational research in a specially designed, self supporting facility. This triad of partners provides relevant, reliable, affordable cutting edge technology, tools and CONOPS in the form of systems solutions, hardware test-beds for new products, education, training and regional planning for all hazards. The Foundation will include as essential participants New York State’s research and economic development units, Centers of Excellence (CoEs) and Centers of Advanced Technology (CATs), and NYSTAR’s RTDC System along with the HLS user community and NYS companies.
Operations Hosting Regional Technology Companies, Agencies and Universities Partnering to Provide Technology / Education / Policy solutions for the First Responder Community Secure Facility
The Foundation 90,000 sq. ft. Facility including a Command & Control (C4-I) Facility Main computer/ communications consisting of satellite (CBand, VSAT), all band terrestrial (for first responders), dedicated cell network, fiber & WIFI connections to fixed and mobile platforms Broadband satellite connections to CONUS (Continental US) Modeling / simulation lab and digital theater, with touch tables for use as an ultra flexible and agile command center Auditorium for user conferences, broadband capabilities to link with other enabling organizations as part of a call center; back up EOC; COOG; AFO; JFO
The Foundation Research cells (20) Conference rooms (4) Administrative area Secured conference area and network elements for handling classified data integration, display and policy decisions Integration and demo center(s)
User Community Transition Enablers Requirements Purchasing Funding Agencies Company Investment AFFORDABLE READY FOR SERVICE PRODUCTS Living Laboratory Technology Resources Lab Testing Urban /Rural/Coastal Company R&D Laboratories “We make the Connections that Create Products all can agree on”
User Community Transition Enablers NY State’s RTDC NIST’s MEP Requirements Purchasing Funding Agencies Company Investment AFFORDABLE READY FOR SERVICE PRODUCTS Commercialization Field Testing Deployment Living Laboratory Technology Resources Access to US Manufacturers Lab Testing Urban /Rural/Coastal Company R&D Laboratories “We make the Connections that Create Products all can agree on”
Capabilities Perform and/or coordinate research for the first Responder Community I.E Social Network Analysis Repository functions Proposed / current / completed research HSEEP [Federal State Local Tribal Private Non Profit] Government Document Archives of Incidents, planned events, disasters, TSSRs Visualization lab for research and assisting decision makers Modeling and simulation tools to determine sensor layout, cost / performance and operational tradeoffs System Engineering Certificate and Degree Programs Cyber Security Visualization concepts Product evaluation, comparison analysis and writing of test specifications
Capabilities Multi-mode (wire, satellite, fiber, wireless, microwave) communication system network designs and cost tradeoff analysis Legacy database integration into new platforms Field testing of systems, sensor, communication links or new deployment / command scenarios Architecture and engineering services for civil design and construction of emergency centers Policy Analysis Certificate programs Degree / curriculum development Conferences and seminars Demonstrations
Next Steps for The Foundation Test Bed – Test and Integrate Various Technologies Repository of First Responder Research and Technology (proposed, current, and completed) Transitional Partner
Participants First Responder Steering Committee Resident Research Partners & Universities and Colleges (I.E John Jay College, Adelphi, Poly Tech, DRC, SUNY Albany, St Johns, etc NY State’s Economic Development Units & Centers of Excellence LIFT (Long Island Forum for Technology)
Resident & Associate Research Partners
Agency Residents Nassau County Office of Emergency Management Nassau County Executive Office Nassau County Department of Health Nassau County Police Commissioner MTA Police Department US Coast Guard Director of Homeland Security, NYS FBI NYS DEC TSA