300 likes | 439 Views
Civil Information Awareness Program (CIAP). Linking Federal, State and Local Law Enforcement within a Total Information Awareness Grid. CIAP Overview. Emphasis on Local level, all source information fusion center focused on deriving HLS related actionable knowledge
E N D
Civil Information Awareness Program (CIAP) Linking Federal, State and Local Law Enforcement within a Total Information Awareness Grid
CIAP Overview • Emphasis on Local level, all source information fusion center focused on deriving HLS related actionable knowledge • Conduct Critical Infrastructure Vulnerability Analysis and Threat Assessments • Track Indications and Early Warning of Threat Activities • Provide on-going net-assessment and Threat Situation Awareness • Collaboration Link between Federal & State Information Centers and local LEA Full Spectrum Analysis and Production *Vulnerabilities *Indications and Warning *Situation Awareness
Requirements • “Through joint planning, clear communication, comprehensive coordination, mutual aid at all levels and increased information sharing, America ’s first responders can be trained and equipped to save lives in the event of a terrorist attack. President Bush, Securing the Homeland, Strengthening the Nation, 2002 • Intelligence sharing capability is the number one requirement of law enforcement agencies. NIJ Sponsored Survey of Law Enforcement Agencies • …need an information sharing capability Association of Police Chiefs report to DoJ • “the nation’s law enforcement community needs to be a team…focused on predictive intelligence.” Attorney General John Ashcroft • Establishment of new DHS…has identified a requirement for local level intelligence fusion centers as part of national strategy • Critical Infrastructure Vulnerability Assessment • Local level Information Coordination and Dissemination Centers The Technology Needed to Share Information is Already Here
Information Knowledge Emphasis on Local level, all source information fusion center focused on deriving HLS related actionable knowledge Field Ops CIAP Ops Center Products: Planning Tools Advisories Alerts Bulletins Open Source Data Citizen All Source Reporting What’s happening Context Decision Support Federal Info Products Local Operational Area Convert nebulous data to knowledge and actionable options
Process: Conduct Critical Infrastructure Vulnerability Analysis and Threat Assessments Identify Potential Targets Site surveys Define the site’s characterizations Evaluate the site’s physical security posture Evaluate Threats and Prepare Threat Models Correlate Threat to Vulnerabilities Define Indications and Early Warning Criteria Prepare Rapid Response Reference Products Local Database of Potential Target and Likely Threats used to Derive an Indications and Warning Process
Process: Track Indications and Early Warning of Threat Activities Define Specific Information Requirements (SIR) Define Named Areas of Interest NAI Correlate SIR, NAI with Reporting Source Open Reporting Channels using Information Awareness (IA) Net Plot, Record, Correlate and Assess Incoming Reports employing IA Database and Geospatial Information System (GIS) Display NAI Identify activities that provide evidence indicating the development of a potential incident
Process: Provide on-going net-assessment and Threat Situation Awareness • Conduct Detailed, Multi-Disciplined Assessment of Reports by comparing to Threat Models • Actual Situation Assessment Compared to Predicted Events • Identify Deviations and Update Assessment • Disseminate Alerts, Advisories or Bulletins as Appropriate • Update Rapid Response References as Appropriate BIO Chem Explosives RDD Cyber HAZMAT Response Personnel Constant Awareness of Threat Situation
Technologies • CIAP Portal Applications • Incident Management • GIS • Reporting • Chat • Video • VTC • Virtual EOC • San Diego Enterprise Portal • GIS • Work Flow Engine • Advanced Terabyte Search Engine • San Diego State University Vis Lab • CAL IT2 Infrastructure
End State: Collaboration Link between Federal & State Information Centers and local LEA Federal Information Center IA Net State Information Centers Local CIAP • Information Products Archive in Document Library • Imagery Archive • Collaboration Tools for Chat and VTC • Surveillance Video over TCP/IP • Voice over TCP/IP • Incident Management Application • Real-Time Reporting • Report Forms and GIS Mapping National Information Awareness Grid that Emphasizes Local Requirements
Proof of Concept • Domestic Emergency Response Information Service (DERIS) March, 2002 • Burning Man, August, 2002 • Super Bowl XXXVII, January, 2003 • Vulnerability Analysis and Threat Assessment Concept • Active Citizen Program • Indications and Warning/Situation Awareness Concept
Domestic Emergency Response Information Service (DERIS) • Demonstrated feasibility of portal based approach for LEA crisis response • Implements National Institute for Urban Search and Rescue standards for eXtreme Information Infrastructure (XII) • Prototype a common operational picture and provide real-time C2 for Joint Civil-Military Operations • LEA from Chicago, San Diego and Los Angeles utilized collaboration portal within context of a potential terrorist attack
Burning Man Event • Burning Man Event held annually • Spontaneous community of 25,000 people gathering to explore social phenomena • CIAP involvement • Established robust collaboration network in an austere environment • Employed DERIS portal tools as primary means for receiving, archiving and disseminating emergency management essential elements of information • Over four day period, implemented complex cultural analysis focused on the dynamics of an emergent community • Social Structure (caste, tribal, warlord) • Religion, Ethnic Groups • Evolving Economic Structure and Status • Political structure and stability • Language and Dialect • Reaction to intervening forces • Location and identification of key social facilities, etc • Implications Terrain and Weather • Developed Reach-back technique to interface with San Diego State University Sociology Lab and San Diego Data Processing Center’s GIS applications • Provided Situation Awareness Products describing community profile in real time • Integrated products and tools within 3-D virtual Emergency Operations Center • Employ advanced visualization techniques
Super Bowl XXXVII (Future) Phase IExercise and Evaluation Support • Special Event Readiness Level II • San Diego Police requested support from Federal Office for Domestic Preparedness (ODP) • CIAP participation…Review Local Vulnerability Analysis and Threat Assessments as basis for Tabletop and Functional Exercises • Identify potential critical infrastructure targets and target systems • Conduct site surveys, Define the site’s functional, physical and environmental characterizations, Evaluate the site’s physical security posture • Define the most likely and most dangerous threat, and Develop threat attack models and correlate with potential target vulnerabilities • Facilitate “Gaming” of Threat problem against Security Posture • Provide recommendations for security, indications and warning, response and mitigation resources
Target Sites Target Folders Target Sites Target Folders Target Sites Analysis Target Folders Site Specific Reports Anchored to DOD, ODP, SDNL Standards San Diego Target Site Surveys Target Folders 1. • Orientation Graphic • Site Characteristics Graphics • Site Findings Graphic Text based, but supported by amplifying images, plans, diagrams and maps Area Threat Assessment Threats Models Developed using DOD, ODP, SDNL Standards San Diego Threat Evaluation Analysis 2. Text based, but supported by amplifying images, plans, diagrams and maps • Doctrinal templates • Potential Threat Element Profile • *Image • *Description • *Existence, Capability, History, Intentions matrix • *Assessment -targets they may see attractive Graphic snapshots Of Potential Threat Elements Course of Action Related to Specific Sites Threat Integration Situation Templates Exercises and Gaming Situation Templates Situation Templates Situation Templates 3. • Sit-Temp roughs for gaming • Terrain Model • Refined Sit Temp Quad Chart • *Site Findings Graphic Extract • *PTE image and description • *Template of attack COA • *Recommendations & I&W Graphics and terrain model based.
Collect and Report Site Specific Reports Report Site Survey Facility X Collect Data per Playbook Vulnerability Analysis Playbook Initial Production Orientation graphic *Basic Site info Table *Working inward, identify KOCCOA elements *Potential Hazards *Amplifying data tables Site Characteristics graphics could take many forms but will illustrate Information collected on: *Operational Conditions, *Building Structure,*Intermodal links and Systemic Impact,*Procedures,*Equipment and Information *Historic Analysis,*Consequence and Severity Analysis *Security System Effectiveness Information and Product Refinement Process DOD, ODP, SDNL Vulnerability Analysis Protocols Analysis Review Orientation and Characteristics Graphics and identify vulnerabilities. DOD, ODP and SDNL protocols and evaluation checklists are used in conjunction with these graphics to key in on main limitations and opportunities provided by the lay of the land. 1 San Diego Target Site Surveys Final Production Site Findings Graphic will combine critical components of Orientation and Characteristic Graphics to Illustrate key analytical points that need to be brought to the customer’s attention. This will be a single graphic And will provide the basis for gaming during threat integration phase. Target Folder provides description of findings in narrative format
Collect and Report San Diego Threat Evaluation Threat Database Report • Detail Research • Interaction with LEA Threats Models Developed using DOD, ODP, SDNL Standards Initial Production Threat Model Graphics –Doctrinal Templates Illustrate how PTE conducts attacks Information and Product Refinement Process Evaluate PTE using DOD, ODP, SDNL Standards Analysis Correlate PTE Models to Target Site Findings Graphic to determine which sites fit PTE profile Final Production PTE Quad Charts provide a snapshot of PTE And the Potential targets attractive to the group 2 San Diego Threat Evaluation *Image *Description *Existence, Capability, History, Intentions matrix *Assessment -targets they may see attractive Area Threat Assessment
Initial Production Situation Templates are a graphic illustration of how a PTE would attack a specific target. Situation Templates are developed for each attack scenario for each target site. Initial Situation Templates illustrate R&S activity, C2 Activity, Infiltration Activity and Attack Activity. During Threat Integration’s initial production, Situation Templates are based on an analysis and need to be refined through exercises and gaming. Terrain Models facilitate exercises by providing true scale representation of target site. Table Top Exercise Series to refine Situation Templates and Help Security Personnel identify gas in their resources and procedures Detailed Analysis Evaluate and refine Situation Templates based on results of Gaming. Evaluate gaming and define I&W Information and Product Refinement Process SME Evaluation Final Production 3 Threat Integration Situation Template Quad Charts illustrate ML and MD attack scenarios *Site Finding Graphic Extract *PTE image and description *Template of attack COA *Recommendations & I&W
Information Knowledge Active Citizen Concept Field Ops CIAP Ops Center Products: Planning Tools Advisories Alerts Bulletins Open Source A Critical Component to CIAP Data Active Citizen All Source Reporting What’s happening Context Decision Support Federal Info Products Local Operational Area
Active Citizen Program Main Concept: Community based approach to empowering citizens as partners with law enforcement in the effort to protect their neighborhoods and communities. Issues: *Events of Sept 11th and subsequent investigations reveal that the terrorists easily integrated into American communities. *Americans are not aware of what indicators to look for. *No program currently exists to educate the American public about things to look for in pre-attack environments *No processes or programs exist to motivate Americans to inform law enforcement officials of suspicious activity. *Most terrorists will infiltrate into ethnically-friendly lower/middle class economic communities. *Most ethnic communities are suspicious of or non-cooperative with law enforcement programs. *Existing community-based programs are not compatible with the terrorist modus operandi. Active Citizen Program leverages the eyes and ears of the community to assist law enforcement
Active Citizen Program • Components: • Organizational and Operational Structure *ActCit Coordination Center *Cadre of trained citizen volunteers • Reporting Context *Provide citizens with specific information reporting requirements • Reporting Infrastructure *Internet based reporting portal *Hotline Phone Bank *Does not replace 911! • Information Fusion *Validate *Coalesce *Archive • Dissemination to Law Enforcement ActCit Coordination Center Coordination Center is not a law enforcement entity Neighborhood ActCit Teams Active Citizen Program leverages the eyes and ears of the community to assist law enforcement
Active Citizen ProgramPilot Implementation: • Establish Coordination Center *Space in County EOC or SDSU Viz lab *Broadband, Telephone and VTC • Establish Cadre Sample for initial implementation *Link with SDPD COPS program *Link with Sheriffs Neighborhood Watch • Reporting Architecture *PDA, Cell Phone, Wireless Service *Block marshal concept • Train and Exercise • Implement Small Scale Sample Implementation During Pilot
Pulling the CIAP Pieces Together Vulnerability Analysis + Threat Assessment + Active Citizen Indications and Warning Situation Awareness
Super Bowl XXXVII (Future) Phase IIEstablish CIAP Center is support of San Diego Multi-Agency Command (MAC) • Stand up CIAP Center to provide real-time information reporting and all source fusion in support of indications and warning and situation awareness for Super Bowl security CATIC-California Anti-Terrorism Information Center Fed State LEA DOC LA TEW LEA DOC OHS CATIC 18 Cities in SD County 18 Cities in SD County Real-Time Collaboration Tools Super Bowl CIAP Center IA Net IA Net ActCit Full Service VTC SDPD DOC SDSO DOC MIL SD MAC SD EOC SDPD DOC SDSO DOC MIL SD MAC SD EOC CIAP Portal Net Assessment Support And Production Reports Dissemination
Z Z 2 1 Concept of Operations for San Diego: Indications and Warning National Advisories and I&W From Federal Agencies FBI SIOC OHS FEMA State Anti Terrorism Information Coordination Advisories LA TEW Provides Net Assessment And Fusion Support LA TEW CATIC SDPD DOC SD Sheriff DOC MAC Y CIAC Military COCs County EOC Field Units ActCit Event Field X I&W flow into CIAP via Incident Reports from Field And Supporting DOCs
Z Z 2 1 Concept of Operations for San Diego: Situation Awareness Alerts, Advisories and Bulletins Disseminated for Common Operational Understanding FBI SIOC OHS FEMA LA TEW CATIC SDPD DOC SD Sheriff DOC MAC Y CIAC Military COCs County EOC Field Units ActCit Field Event X
Implementation Existing Technology NO new Boxes NO New Software NO Modifications to Architectures Portal Based Concept that uses “familiar” everyday type applications • Establish the Information Awareness Grid FAA SDPD DOC OHS Each Center requires only A username and password For each participant MAC Virtual Information Analysis Round-Table FBI SIOC CIAC SBU over VPN IA Net National Capabilities In Direct Support of Local Event in Real-time SD Sheriff DOC FEMA Military COCs Real time access to online Vulnerability assessment Products and planning tools CATIC Information County EOC LA TEW Subject Matter Experts Facilitates Existing Procedures Event
Implementation • Information from the event site Disseminated using Incident Management Application allowing all sites to view significant Incident Reports • Access to Planning Documents using Shared Document Library allows collaborative action planning • Information Requests Managed using Request For Information (RFI) Application • Collaboration Tools allow real-time interaction • GIS Tracking Tools • CIAP Functionality…Monitoring Events MAC CIAC Local Collaboration Coordinate Event Related Operations Ensure Readiness Posture SDPD DOC IA Net SD County EOC SD Sheriff DOC ActCit Coordination at Event Site
Implementation • Information from the event site Disseminated using Incident Management Application allowing all sites to view significant Incident Reports • Access to Planning Documents using Shared Document Library allows collaborative action planning • Information Requests Managed using Request For Information (RFI) Application • Collaboration Tools allow real-time interaction • CIAP Functionality…Monitoring Events OHS Link to vast Federal, State and Regional Information Resource Support SDPD DOC FBI SIOC MAC CIAC IA Net FEMA SD Sheriff DOC Military COCs CATIC LA TEW SD County EOC Subject Matter Experts
Implementation • Broadcast Alerts and activate EOC/DOC using Alert and Notification Application • Shared Document Library • Resource Lists • Planning Docs • Imagery • Mapping Graphics • GIS Plume Modeling • Situation Templates for Action Planning • CIAP Functionality…Alert and Notification MAC CIAC Cell Phone PDA SDPD DOC IA Net Voice and Text SD County EOC Pager SD Sheriff DOC Email ActCit Coordination at Event Site
Next Steps Law Enforcement Working Group Endorsement and sponsorship Federal, State and Local Agency participant endorsements Implement Active Citizen Coordination Implement CIAP operational components Implement CIAP architecture Pilot program in support of Super Bowl Develop Transition Concept