1 John Hoyt Branch Chief, Knowledge Management Command, Control and Interoperability Division Science and Technology Directorate October 29, 2008 Knowledge Management

1 John Hoyt Branch Chief, Knowledge Management Command, Control and Interoperability Division Science and Technology Directorate October 29, 2008 Knowledge

Embed Size (px)

Citation preview


John Hoyt Branch Chief, Knowledge ManagementCommand, Control and Interoperability DivisionScience and Technology Directorate October 29, 2008

Knowledge Management


CNR Annual Program Status Review 8 February 2005

Command, Control and Interoperability


Vision Stakeholders have comprehensive, real-time, and relevant information to create and maintain a secure and safe Nation.

MissionThrough a practitioner-driven approach, the Command, Control and Interoperability Division (CID) creates and deploys information resources to enable seamless and secure interactions among homeland security stakeholders.


Command, Control and

Interoperability (CID)

Reconnaissance,Surveillance, and

Investigative Technologies

Cyber SecurityCommunication,

Interoperability and Compatibility

Knowledge Management


Basic/Futures Research

CID: OrganizationManaged by the Department of Homeland Security’s (DHS) Science and Technology Directorate, CID delivers on its mission through five thrust areas.


Knowledge Management Tools

• Develops tools and methods to process and analyze massive amounts of information that are widely dispersed and in multiple forms. • Works collaboratively to complement efforts in the intelligence, law enforcement, and homeland security communities.

• Provides knowledge management capabilities to reduce the risk of terrorist attacks and to prepare for and respond to natural and man-made disasters.


Planned Demos/Deliverables/Transitions• Deliverable 1: Conduct interstate photo sharing pilot with

North Carolina, South Carolina, Virginia law enforcement agencies – FY 2008-2009

• Deliverable 2: Evaluate handhelds and wireless federated query applications in integrated local, state, and Federal law enforcement information sharing environments (Automated Regional Justice Information System, AZLink) – FY 2008-2010

• Transition 3: Interconnect fragmented regional systems using existing public safety network infrastructure and non-proprietary software components – FY 2009-2012

Homeland Security Payoff• Improves ability of law enforcement and other emergency

agencies to protect U.S. citizens against terrorism, national disasters, and criminal acts

• Customers: Customs and Border Protection (CBP); Immigration and Customs Enforcement (ICE); 250 other local, state, and Federal law enforcement organizations via Nlets (International Justice and Public Safety Network), Automated Regional Justice Information System, and AZLink

• Stakeholders: Other law enforcement organizations

Product Description• Develop and evaluate information sharing technologies to

support cooperative efforts of local, state, and Federal government entities. Transitioned Regional Information Sharing and Collaboration products include temporal and criminal activity network visualization tools and wireless federated query applications

• Deliverable Type: New Technology

Regional Information Sharing and CollaborationEHC IS-FY09-01: Real-Time Data Processing and Visualization Gap: ISG-07-07v1 – Require on-demand management, analysis, and visualization of information in multiple forms and from diverse, distributed sources


Planned Demos/Deliverables/Transitions• Deliverable 1: Draft technical report for current and planned

state with recommended approach to follow-up work – FY 2008• Deliverable 2: Conduct market survey; provide improved tool

recommendations – FY 2008 • Deliverable 3: Develop NIEM tools requirements analysis – FY

2009• Deliverable 4: Design technology specifications for threat

assessment and mitigation exchange standards – FY 2010• Deliverable 5: Pilot information exchange standards and

protocols in development environments – FY 2011• Deliverable 6: Conduct impact study on current NIEM model;

recommend development strategy for element-level tagging – FY 2012

Homeland Security Payoff• Improves NIEM development tools to provide a more

robust information exchange process across the DHS enterprise

• Customers: DHS Chief Information Officer and Enterprise Data Management Office

• Stakeholders: DHS-wide users of NIEM and Information Exchange Package Documentation

Product Description• Support the Department of Homeland Security (DHS)

National Information Exchange Model (NIEM) implementation team with the identification, refinement, and evaluation of development tools and other technologies to support NIEM data model utilization across the homeland security community

• Deliverable Type: Technical Report, Requirements Generation

National Information Exchange ModelEHC IS-FY09-02: Threat Dissemination Standards

Gap: ISG-07-18av1 – Lack of standards and protocols for rapidly sharing information within sectors and across sectors to defeat terrorist threats


Planned Demos/Deliverables/Transitions• Deliverable 1: Deploy Critical Infrastructure Inspection

Management System (CIIMS) to the Maryland State Police and Los Angeles Police Department (LAPD) Aviation Support Division – FY 2008

• Deliverable 2: Develop functional requirements report for broader applications of CIIMS– FY 2008-2009

• Deliverable 3: Develop plan and recommendations report to evolve CIIMS for broader applications – FY 2009

• Deliverable 4: Evolve CIIMS to support the broader law enforcement community and function on other platforms (e.g., cars, boats, on foot) – FY 2010-2013

Homeland Security Payoff• Assists aerial law enforcement in protecting Critical

Infrastructure/Key Resources through structured monitoring, data collection, and information sharing within the local, state, and Federal intelligence communities

• Customers: Maryland State Police and LAPD• Stakeholders: Office of Infrastructure Protection and

National Protection and Programs Directorate (NPPD)

Product Description• Prototype information management system for law

enforcement aviation units to effectively manage critical infrastructure inspection prioritization, data collection, data storage, and intelligence interfacing

• Deliverable Type: New Technology, Requirements Generation

Critical Infrastructure Inspection Management SystemEHC IS-FY09-02: Threat Dissemination StandardsGap: ISG-07-18av1 – Lack of standards and protocols for rapidly sharing information within sectors and across sectors to defeat terrorist threats


Identity Management Testbed – Knowledge Products

Planned Demos/Deliverables/Transitions• Deliverable 1: Identity Management Test Bed established

at Johns Hopkins University Applied Physics Laboratory to test, pilot, and validate IdM concepts – FY 2008

• Deliverable 2: Test and evaluate emerging IdM technologies; topics include extensible access control markup language, access control, secure token service, fine grained authorization, and malicious internal user simulation – FY 2009-2014

Homeland Security Payoff• Enhances security of DHS information sharing

environments by improving authentication for persons, hardware devices, and software applications

• Customers: ICE, Transportation Security Administration, United States Coast Guard, DHS Office of Intelligence and Analysis (I&A), Federal Emergency Management Agency (FEMA)

• Memorandum of Understanding (MOU) Status: Signed

Product Description• Test, pilot, and validate an ongoing stream of technology,

process and policy concepts, and solutions related to an Identity Management (IdM) infrastructure.

• Based on the operational needs of components, provide guidance on synchronizing IdM approaches across DHS

• Deliverable Type: Knowledge Products

Gap: ISG-07-08v1 – Lack of scalable technologies, standards, and policies to manage identities, rights, and authorities in an organization's networks

EHC IS-FY09-03: Network Identity Management


Planned Demos/Deliverables/Transitions• Deliverable 1: Broaden Universal Markup Language

model of software – FY 2008• Deliverable 2: Analyze alternative methods to improve

SLOSH software system – FY 2008• Deliverable 3: Publish specification/design for

enhancements to SLOSH model and display program – FY 2008

• Deliverable 4: Update code – FY 2008• Deliverable 5: Enhance display program – FY 2009• Deliverable 6: Automate verification/validation process –

FY 2010

Homeland Security Payoff• 30% performance improvement of SLOSH model • Enables faster turn-around in surge height prediction

output, covering more specific landfall locations and incorporating forecasting updates more quickly into the emergency management decision process

• Customer: FEMA• Stakeholders: National Oceanic and Atmospheric


Product Description• Model and analyze the National Hurricane Center’s legacy

software for hurricane surge prediction to enable modernization and to improve the efficiency and capability of the Sea, Lake, Overland Surge Due to Hurricane (SLOSH) system

• Deliverable Type: Modeling and Simulation, Technical Reports, Technical Studies

Sea, Lake, Overland Surge Due to HurricaneEHC IS-FY09-05: Data Fusion TechnologiesGap: ISG-07-02v1 – Lack integrated technologies and standards for fusing data from multiple sensors to support threat identification and decision analysis


Emergency Operations Center


Planned Demos/Deliverables/Transitions• Deliverable 1: Develop Mid-Atlantic Region Requirements

Communications and Interoperability White Paper – FY 2008

• Deliverable 2: Develop Emergency Operations Center Resource Management Requirements-based White Paper – FY 2008

• Deliverable 3: Develop EOC Command and Control Requirements White Paper – FY 2008

• Deliverable 4: Develop Emergency Operations Analysis Paper – FY 2008

• Deliverable 5: Develop Emerging Requirement Analysis Papers – FY 2009-2010

Homeland Security Payoff• Provides and supports interoperability framework and

integrates multiple information sharing systems• Supports situational awareness and innovative exercise

concepts and exercise platforms• Customers: Local, state, and Federal EOCs

Product Description• Determine core EOC requirements, review solution

options, and produce an Emergency Management Operations Toolkit

• Deliverable Type: Requirements Generation

Gap: ISG-07-02v1 – Lack integrated technologies and standards for fusing data from multiple sensors to support threat identification and decision analysis

EHC IS-FY09-05: Data Fusion Technologies


Fusion Center Concept Pilot


Planned Demos/Deliverables/Transitions• Deliverable 1: Assess and prioritize IT tool requirements

with fusion centers– FY 2009• Deliverable 2: Evaluate current fusion center technologies

aligned with prioritized operational requirements – FY 2009

• Deliverable 3: Structured evaluation of the ability of existing GOTS/COTS tools to fill fusion center needs, with leave behind – FY 2009

• Deliverable 4: Identify gaps/needs for future R&D – FY 2009

Homeland Security Payoff• Establishes technical need/capability baseline that

improves the future development and integration of technologies within the fusion centers

• Customer: DHS I&A State and Local Fusion Center Program Office

Product Description• Conduct operational evaluation of current fusion center

technologies to baseline existing capabilities and needs• Develop catalogue of common fusion center tools for

information sharing, geospatial analysis, suspicious activity reporting, and case management requirements

• Deliverable Type: Knowledge Product

Gap: ISG-07-02v1 – Lack integrated technologies and standards for fusing data from multiple sensors to support threat identification and decision analysis

EHC IS-FY09-05: Data Fusion Technologies


Systems Integration and Engineering for Regional Awareness


Gap: ISG-07-02v1 – Lack integrated technologies and standards for fusing data from multiple sensors to support threat identification and decision analysis

EHC IS-FY09-05: Data Fusion Technologies

Planned Demos/Deliverables/Transitions• Deliverable 1: Identify functional requirements to establish

a 24/7 Federal Coordination Center (FCC) for the FEMA Office of NCR Coordination – FY 2008

• Deliverable 2: Develop operational checklist for the FCC’s first hour of operation – FY 2008

• Deliverable 3: Develop a Concept of Operations document that details how to use FCC technologies – FY 2009

• Deliverable 4: Develop Mission Blueprint with core system requirements, future technical requirements, and recommendations of technical needs for Response Coordination Centers – FY 2009-2010

Homeland Security Payoff• Ensures that incident information, including situational

awareness and resource status information, is shared across local, regional, state, and Federal organizations

• FEMA has obligated funding for this project: $150K in FY 2008 and $300K in FY 2009

• Customer: FEMA Office of the NCR

Product Description• Establish capabilities to support end-user situational

awareness and interoperability-related needs through the facilitation of incident management and policy coordination within the National Capital Region (NCR)

• Deliverable Type: Technical Studies, Technical Report, Requirements Generation


Multiple Visualization Initiative


Planned Demos/Deliverables/Transitions• Deliverable 1: Analyze requirements; review applicable

GIS standards – FY 2009• Demo 1: Conduct proof of principal for Google and MS

Virtual Earth integrated environment – FY 2009• Demo 2: Expand proof of principal to other visualization

environments – FY 2009• Demo 3: Demonstrate data interoperability at all levels of

selected GIS environments – FY 2009• Transition Path: Other

Homeland Security Payoff• Demonstrates the ability to share geographic information

through an open standards-based solution, independent of the type of GIS products used

• Customer: NPPD• TTA Status: Pending

Product Description• Demonstrate an open standards-based information

sharing solution for multiple visualization (Geospatial Information System [GIS]) environments

• Deliverable Type: Requirements Generation, New Technology

EHC IS-FY09-08: Law Enforcement and Intelligence Sensor FusionGap: ISG-07-02cv1 – Comprehensive sensor fusion between law enforcement and intelligence partners in support of the Common Operational Picture (COP) for threat identification and decision analysis


Community Safeguard


Planned Demos/Deliverables/Transitions• Deliverable 1: Analyze requirements – FY 2009• Deliverable 2: Conduct technology survey; develop

recommended implementation plan for select technologies – FY 2009

• Demo 3: Establish functional, integrated pilot at Beverly Hills Police Department (CCTV, ALPR, Digital Dashboard) – FY 2009

• Demo 4: Demonstrate additional data sources integration (AVL, Radio Over Wireless Broadband) – FY 2010

Homeland Security Payoff• Demonstrates visualization technologies, information

sharing protocols, and communications standards in a GIS context to improve situational awareness and incident response

• Customer: Beverly Hills Police Department• Memorandum of Agreement Status: Draft with Beverly

Hills Police Department

Product Description• Pilot a range of technologies integrated with a GIS.

Technologies include: Smart Closed Circuit television (CCTV), Automatic License Plate Recognition (ALPR), digital dashboard, infrastructure inspection, Automatic Vehicle Locator (AVL), and link analysis software

• Deliverable Type: Requirements Generation, New Technology

EHC IS-FY09-08: Law Enforcement and Intelligence Sensor FusionGap: ISG-07-02cv1 – Comprehensive sensor fusion between law enforcement and intelligence partner in support of COP for threat identification and decision analysis


Keeping Schools Safe


Planned Demos/Deliverables/Transitions• Deliverable 1: Analyze requirements – FY 2009• Deliverable 2: Conduct technology survey; develop

recommended implementation plan for select technologies – FY 2009

• Demo 1: Conduct proof of principal for selected technologies at Space and Missile Defense Command Integration lab – FY 2009

• Demo 2: Conduct field demonstration of operational school environment – FY 2009

Homeland Security Payoff• Identifies areas where added technology will provide

timely information to decision makers and senior officials in the school system

• Customer: Alabama Department of Education• Stakeholders: Other state and local educational and public

safety organizations

Product Description• Optimize the application of current technologies to existing

school safety procedures. Consists of a requirements capture effort, technology assessment of applicable school safety technologies, proof of principal in an integration lab, and final demonstration

• Deliverable Type: Requirements Generation, New Technology

EHC IS-FY09-08: Law Enforcement and Intelligence Sensor FusionGap: ISG-07-02cv1 – Comprehensive sensor fusion between law enforcement and intelligence partners in support of COP for threat identification and decision analysis


Threat Probability Distribution Mapping


Homeland Security Payoff• Provides actionable intelligence and the ability to

synthesize data across the agency for improved situational awareness and critical decision making

• Correlates existing law enforcement data with hypothesized threat scenarios

• Anticipates national security threats• Customer: DHS I&A State and Local Fusion Center Office

Product Description• Demonstrate the ability to discern patterns and inter-

relationships between factors or events; counteract threats and identify trends in terrorist or criminal Tactics, Techniques, and Procedures

• Deliverable Type: Decision Support Tool, Situational Awareness, and Response Technology

EHC IS-FY09-09: Cross Target Threat Awareness

Planned Demos/Deliverables/Transition• Deliverable 1: Design analytic techniques and pattern

recognition concept of operations and technical architecture – FY 2009

• Deliverable 2: Synthesize predictive analytics and spatial terrain for pre-determined data sets (consequence modeling) – FY 2009

• Deliverable 3: Deploy trained analysts to fusion centers for operational Predictive Analytics Cell – FY 2009

• Transition 4: Conduct operational tests and evaluations; transition to customers – FY 2010

Gap: IS-07-03v1 – Lack of technologies for correlating information regarding terrorist attack attempts across potential targets to create broad terrorist threat awareness


Data Privacy and Policy Technology


Planned Demos/Deliverables/Transitions• Deliverable 1: Assess policy tool and scenario – FY 2009• Deliverable 2: Identify/develop process to identify policy

impediments to information sharing in a multi-information flow (local, state, Federal, and private sector) environment – FY 2009

Homeland Security Payoff• Proposes a process for identifying policy impediments to

information sharing • Customers: Program Manager – Information Sharing

Environment, DHS I&A State and Local Fusion Center Program Office

• MOU Status: Draft with S&T

Product Description• The Massachusetts Institute of Technology (MIT) data use

policy evaluation tool analyzes policies associated with data from disparate sources and provides feedback on policy issues

• Use MIT tool and scenarios to evaluate a state/urban area fusion center’s information sharing policy guidelines for products developed using local, state, Federal, and private sector data

• Evaluate whether local, state, Federal, or private sector policies impact information sharing by a fusion center

• Deliverable Type: Knowledge Product

Gap: ISG-07-12v1 – Need to protect U.S. citizens’ data to ensure compliance with intelligence oversight and privacy regulations

EHC IS-FY09-10: Data Privacy Protection Technology


Data Privacy Preserving Technology


EHC IS-FY09-01: Cross-Agency Information DistributionGap: ISG-07-12v1 – Need to protect U.S. citizens’ data to ensure compliance with intelligence oversight and privacy regulations

Planned Demos/Deliverables/Transitions• Deliverable 1: Generate privacy tool requirements – FY

2009• Deliverable 2: Develop privacy tool system – FY 2009• Deliverable 3: Test and evaluate privacy tool system – FY


Homeland Security Payoff• Provides DHS analysts with the ability to use U.S. citizens’

data to ensure compliance with intelligence oversight and privacy regulations

• Customer: DHS I&A• Stakeholders: DHS Privacy Office

Product Description• Identify, validate, and prioritize engineering and

technology • Develop a tool/coding capability that can be inserted into

existing systems and automate privacy rule sets• Identify and tag Personally Identifiable Information


CUI Implementation Framework Test and Evaluation


EHC IS-FY09-11: Secure Multilevel Information Dissemination

Gap: IS-07-29v1 – Advanced techniques are required to support distribution of intelligence products to local, tribal, state, and industrial homeland security mission partners

Planned Demos/Deliverables/Transitions• Demo 1: Include CUI element in Golden Phoenix training

event – FY 2008• Demo 2: Include CUI element in Dam Sector exercise –

FY 2008• Deliverable 1: Conduct comparative scenario-based

exercises to evaluate implementation of the CUI framework – FY 2008-2009

• Deliverable 2: Provide CUI implementation support; conduct multilevel security technology pilots – FY 2010 -2013

Homeland Security Payoff• Enables secure, accurate, timely, thorough distribution of

DHS-developed intelligence products to external homeland security partners

• Improves coordinated threat assessment and mitigation activities

• Customers: NPPD, CBP, DHS Office of Security

Product Description• Assess capabilities of Controlled Unclassified Information

(CUI) producers/consumers to meet safeguarding requirements and estimate costs of addressing safeguarding shortfalls

• Evaluate the CUI framework and the applicability/clarity of specified dissemination instructions across multiple types of CUI information, communication channels, and end-user communities

• Deliverable Type: Knowledge Products, New Technology


Symbology Standardization Support

Planned Demos/Deliverables/Transitions• Deliverable 1: Survey and formally document DHS

symbology requirements; provide implementation recommendations – FY 2009

• Deliverable 2: Implement recommendations – FY 2010

Homeland Security Payoff• Builds a common symbology base for use across the DHS

enterprise• Customers: DHS Office of the Chief Information Officer,

Office of Applied Technology

• Terms of Agreement Status: Signed

• Stakeholders: All DHS components

Product Description• Survey and document DHS symbology requirements for

the Geospatial Management Office. Currently, only point symbols in an emergency response context exist for DHS

• Deliverable Type: Technical Services

EHC IS-FY09-06: Maritime and Law Enforcement Information Sharing Protocols

Gap: ISG-07-02dv1 – Poor Infrastructure in place to effectively share information that would build the collective situational awareness between maritime, law enforcement, and intel partners


Generalized Data Driven Analysis and Integration

Planned Demos/Deliverables/Transitions• Transition 1: Implement Everest visualization tool, LeadTrack

proximity query, and Student and Exchange Visitor Information System data cube – FY 2008-2009

• Transition 2: Integrate handheld access, anomaly detection, and cube-to-link analysis; rollout to field – FY 2009-2010

• Transition 3: Conduct spatial/temporal trend analysis – FY 2010-2011

• Transition 4: Conduct entity extraction from reports, trend visual analytics, semi-automatic view discovery – FY 2011-2012

• Transition 5: Conduct entity disambiguation, deploy analysis to field, integrate multi-directional tool – FY 2012-2013

Homeland Security Payoff• Enables discovery of hard-to-find or previously

undiscovered relationships across ICE enterprise data repositories

• Improves field personnel resource management capabilities

• Customer: ICE• Stakeholders: Office of Operations Coordination, United

States Coast Guard

Product Description Develop link analysis, relational data cube, geo-spatial

visualization, and statistical analysis technology components for the ICE Pattern Analysis and Information Collection System (ICEPIC)

Deliverable Type: New Technology


EHC IS-FY09-01: Real Time Data Processing and Visualization Gap: ISG-07-07v1 – Require on-demand management, analysis, and visualization of information in multiple forms and from diverse, distributed sources


Mission-Based Analysis of Departmental SAR

Planned Demos/Deliverables/Transitions• Deliverable 1: Develop SAR component and enterprise

technical capability reports – FY 2008-2009• Deliverable 2: Leverage analysts/analytic software for

cross-component SAR analysis – FY 2009 • Transition 1: Develop enterprise SAR technical proof-of-

concept – FY 2009• Deliverable 3: Create SAR “Virtual Fusion” Cell – FY

2010-2011• Transition 2: Extend SAR Pilot to support major cities (LA,

Miami, Chicago, Boston) – FY 2012-2013

Homeland Security Payoff• Sustains a capability that recognizes, tracks, and

accurately assesses the significance of patterns and trends in suspicious activity reports

• Enables DHS law enforcement personnel to rapidly report, review, and analyze SARs

• Customer: DHS I&A, Office of Operations Coordination• Stakeholders: Law enforcement entities

Product Description Evaluate existing Suspicious Activity Reporting (SAR)

methodologies and provide a mission-based assessment for an integrated and more effective approach to sharing and analyzing SAR data

Demonstrate an enterprise SAR analytics Proof-of-Concept

Deliverable Type: Knowledge Products, Technical Evaluation Graphic

EHC IS-FY09-04: Suspicious Activity Reporting Gap: IS-054 – Lack of visibility, in real time, across agencies of specific encounters of individuals on watch lists and other suspicious activities


Text/Data Analytics with Geospatial Extension

Planned Demos/Deliverables/Transitions• Deliverable 1: Develop IN-SPIRE™/Assessment Wall –

FY 2008• Deliverable 2: Assess requirements (Geospatial/Location

extraction from text and architectural approaches) – FY 2009

• Demo 3: Pilot system with integrated geospatial/text analytics visualizations – FY 2009

• Deliverable 4: Transition text analysis/geospatial capability to production environment – FY 2010

Homeland Security Payoff• Supports ICE requirements for improved text analysis

capabilities and information sharing in a geospatial context. Supports technology need for integrated text and data analysis techniques

• Customer: ICE

• Stakeholders: CBP, DHS I&A, United States Secret Service

Product Description• Refinement and deployment of unstructured text and data

analytics technologies to support ICE Document Exploitation missions and unstructured text sources. Pilot IN-SPIRE™/Assessment Wall at ICE; demonstrate integration of text analysis within Geospatial contexts

• Deliverable Type: New Technology

EHC IS-FY09: Integrated Data Processing and Analysis

Gap: ISG-07-025 – Require single, scalable framework for analysis of structured, unstructured and streaming data