Upload
others
View
14
Download
0
Embed Size (px)
Citation preview
Latetia Henderson, APM
Austin Gould, RCA
Keith Goll, RCA
RCA and APM Update
1
Capability Lifecycle
❑ Materiel Solutions: APM executes the acquisition program. RCA, as the LBA, acts as
the primary end-user advocate of the capability throughout ALF activities.
❑ Non-Materiel Solutions: RCA works with the responsible Office to address the capability
gap (e.g., Training, procedures, policy, etc.)
Operational
Analysis
Asset/System
Capability
Analysis
Capability
Analysis
Report
Mission
Need
Statement
Concept
of
Operations
Operational
Requirements
Document
Detailed
Specification
Capability
Developed
Capability
Fielded
(Asset/System)
Post
Implementation
Review
RCA Functions (Primary) RCA Secondary/LBA Functions
APM Functions (Primary)
Ma
teri
el
No
n-M
ate
rie
l
Responsible Office Functions (Primary)Responsible Office Secondary/Key Stakeholder
2
Technology Innovation and Demonstrations
RCA functions primarily in the early stages of capability development and acts as the Lead Business
Authority (LBA) to validate that the user’s need is met.
APM Secondary/Key Stakeholder
APM OverviewAPM delivers innovative capabilities to support Transportation Security Officers in the field and drive TSA’s
mission to secure the Nation’s transportation systems.
• Set performance requirements for Transportation Security Equipment
(TSE)
• Test, qualify, deploy, and manage the deployed TSE fleet
• Provide test and evaluation services to DHS stakeholders
• Conduct independent analyses of acquisition programs to provide
assessment and recommendations to the Component Acquisition
Executive (CAE)
• Develop, implement, and maintain the agency’s cost estimation
capability for acquisition programs
Consists of over 160
employees in seven
divisions
Manages approx. $1B in
acquisition program
funds
Maintains a fleet of
over 14,000
deployed TSE
Provides Acquisition
Directive 102-01 expertise to
program managers
• Checked Baggage
Technologies Division
(CBTD)
• Checkpoint Solutions
and Integration Division
(CSID)
• Security
Technology
Integrated Program
(STIP)
• Mission Scheduling
and Notification
System (MSNS)
• Modernization,
Performance
Management Information
System (PMIS)
• Technology
Infrastructure
Modernization
Program (TIM)
• Manage TSA’s Level 1, 2, and 3 acquisition programs, including:
APM At a Glance
APM
Acquisition
Management
Functional
DivisionAcquisition
Management
Outreach
Division
Checked
Baggage
Technologies
Division
Checkpoint
Solutions and
Integration
DivisionDeployment
and Logistics
Division
Mission
Support
Division
Test and
Evaluation
Division
Technology
Infrastructure
Modernization
Program
Division
3
RCA Overview
4
Perform gap
analysis.
Develop
requirements to close
identified gaps.
Serve as the lead
business authority
for the agency.
Develop and
enhance
capabilities.
Provide decision
making
support to TSA.
Manages $124M
portfolio
Employs 100 full time
employees
Completed more than
15 pilots and
demonstrations across
Aviation and Intermodal
Security spaces
Completed 64 reviews
& 15 technical
documents for DHS as
TSA’s requirements
development shop and
JRC gatekeeper
Threat Response
• PEDs
• Powders
RCA Recent Successes
5
Innovation Demonstrations
• ASL - 135 lanes at 14
airports
• BAA - identified over 175
innovative solutions
Detection at Range (DaR)
• Tested with >10 mass transit
end users over past 2 years
• Enables law enforcement to
identify concealed objects
Enhanced Accessible
Property Screening
• Pilot yielded 156%
detection improvement
Biometrics
• 5 Biometric pilots at 5
airports
• Signed joint memo
with CBP
Computed Tomography
• 15 deployed by end of
calendar year
Detection Standards
• 6 created/updated/
managed
• (APSS, AIT, EDS,
ETD, BLS, and EMD)
• TSA is exploring new acquisition approaches to more quickly and efficiently deploy TSE while increasing the pace of security
innovation. enhancing operations, and improving customer experience.
• CAT provides enhanced tools in one machine to enable the
ability to detect real, fake, counterfeit, and fraudulent IDs, at a
cost efficient price. CAT relies on network connection to Secure
Flight (SF) via STIP to receive passenger flight and vetting
information.
APM’s ultimate goal is to implement a dynamic and adaptable communications infrastructure that facilitates the transfer of data
between TSE, TSA Data Centers, and TSA Operational Stakeholders.
Connectivity
• Working with key stakeholders to define Federal Information
Security Management Act (FISMA) boundaries and applicable
cyber requirements, obtain Authority to Operate (ATO) and
manage compliance, and ensure all procurement packages
through the Information Technology Acquisition Review (ITAR)
process
Cybersecurity
Credential Authentication Technology
Computed Tomography
Lease vs Buy Analysis
• Security Technology Integrated Program (STIP) creates a web
of interconnected TSE that ties back to a centralized control
point.
• STIP will use DOMAIN to develop and deploy the endpoint
connectivity solution, and will secure the endpoint with a
combination of software (firewalls) and secure system
architecture.
• In order to address emerging and evolving threats, TSA is
committed to rapidly developing and deploying CT to the
checkpoint. The end goal of this effort is an eventual
replacement of all ATs with CTs.
OperationsSecurityCustomer
Experience
APM FY18 Initiatives
6
RCA FY18 Initiatives
7
Expand Capability
Requirements
Biometrics
Innovation
DemosRisk Analysis
System
ArchitectureMature TSCAP S&T Partnership
International
Engagement
APSS
Development
Notional APM FY19 Budget Landscape
APM FY19
Budget Total*: $732M
• Checkpoint Technology
Procurements
• Algorithm Development and
Technology Enhancements
• Test and Evaluation
• Deployment
• STIP Maintenance/Pilots
• Professional & Engineering
Contract Support
• Travel, Training, Supplies
PC&B
$30M
Capital
Fund
$250M
Maintenance
$282M
Program
Funding
$170M
• Checkpoint and Checked
Baggage Maintenance
Support
PC&B:$30M / 4% Maintenance:
$282M / 39%
Program Funding: $170M / 23%
Checked Baggage: $27M Checkpoint: $143M
Capital Fund:$250M / 34%
OTAs: $96M
Technology
Procurements:
$155M
PSP Maintenance:
$81M
EBSP
Maintenance:
$200M
• Other Transactional Agreements
(OTAs)
• Checked Baggage Technology
Procurements
• Includes carryover funds
*Information presented may change based on
final appropriations and/or TSA priorities
8
Traditional Barriers to Quicker Acquisition
9
Technical Debt: Historical development
/deployment /issues have created “scar tissue” that
impedes future progress.
Organizational Interdependencies: Integrated
responsibilities with other offices (e.g. RCA, OTD,
OSO, OIT, OSO) introduces risk and
opportunities for confused lines of responsibility.
Fluid Enterprise Strategic Focus and Mission
Needs: Changes to mission and strategic focus
influences program level decision making and
prioritization.
Technology and Industry Limitations:
Technology essentially a COTS product and not
readily available to meet requirements without
lengthy development cycles. Market share is often
limited, restricting access to “best” available.
Clear Functional Requirements: Successfully
testing and making necessary trade-offs to
deliver capability relies on a foundation of
complete and straightforward requirements.
Reactive Nature: Program frequently in the position
of catching up with operator/threat. Changing
priorities/”nice to haves” frequently take precedence
over identified needs (e.g. scope creep).
Risk Averse: Challenge of balancing trade-offs for
rapid action, innovation and risks (e.g. policy, cyber
security, certification/operational testing, etc.)
Workforce Proficiency: Much of acquisition
workforce does not possess necessary experience
(e.g. scheduling, subject matter expertise, IT, etc.).
High attrition, vacancy rates, and low engagement
compound issues.
Complicated Governance: DHS oversight carries
similar aversion to risk and with additional focus on
process; interpretation of policy can limit flexibility.
Focus Areas
1
2
3
4
5
6
7
8
9
APPENDIX
10
TSAM Overview
The TSAM tailors DHS acquisition policy to the specific needs of TSA, including opportunities for flexibility and
methods of acceleration, by clearly defining a repeatable, transparent, end-to-end acquisition process that
operates synchronously with TSA business processes and the Administrator’s Intent.
Sections
Enclosure
Acquisition
Manual Intent
R&Rs
Processes/
Reviews
Phases
Methods of
Acceleration
TSAM Structure TSAM Value
Aligns to Administrator’s Intent 2.1: Improve the
speed to decision and 2.2: Reduce the time to field
solutions, through a repeatable end-to-end process
Fosters intelligent trade offs in risk through
Methods of Acceleration such as agile project
management, ALF IPTs, and IMS accelerators
Incorporates acquisition best practices from DHS
AD-102, Coast Guard Major Systems Acquisitions
Manual (MSAM), and CBP Program Lifecycle
Process (PLP) Guide
Implements Pre-Need Phase and ADE-0 to
synchronize TSA’s CIP, PPBE, RAP, capability gap
identification/prioritization, and acquisition strategy to
a calendar-driven basis with field input
Provides a structured process to transition ITF
demonstrations to a PoR that is AD-102 compliant
and has organizational buy in from DHS PARM
TSAM Implementation(six months to complete implementation)
Championship
TSAM: TSA Administrator
Implementation: CAE, RCA/APM AAs
TSA Business Process: CFO, CIO
Ownership
TSAM: CAE
Implementation: RCA/APM DDs/Staff
Accountability: Performance Plans
Implementation Plan
Singular Plan: CAE, RCA, APM
Engagement: stakeholders not as
recipients, but as invested participants
11
Emergent AcquisitionsWorking with PARM and using JIDO as a model, we designed a TSA-tailored Emergent Operational Need
(EON) acquisition process to serve as a middle path between AD-102 and UON.
EON Request
Analyze and SelectObtain
Produce, Deploy, and Support
E1 E2
As needed Six months 18 months
One month One month
Emergent Operational Need (EON) Acquisition Lifecycle
Emergent Operational Need (EON): identified by the TRG, from intelligence or through developments in
the field or in the transportation arena, which, if not addressed in a two-year timeframe, could lead to loss
of life or become an urgent need.
EON Implementation EON Execution
Implementing the EON process would require: Executing the EON process would result in:
Accepting risk in the form of minimum viable
product (MVP) style acquisition documentation
Expedient reviews by the JRC, PARM,
DHS and TSA CFOs, an ARB, and the CAE
Approval of a TSA EON IPT to serve as a task
force for EON analysis and development
Improved speed to decision through increased
leadership oversight and accelerated reviews
Defining a middle path to acquisitions that
is transferrable to the traditional AD-102 path
Reduced time to field solutions through
accelerated analysis and an empowered workforce
12
Connectivity
• Security Technology Integrated Program (STIP) creates
a web of interconnected TSE that ties back to a
centralized control point, which allows for greater
transparency and control over field operations, enhanced
data flows, and increased automation.
• STIP will use DOMAIN to develop and deploy the
endpoint connectivity solution, and will secure the
endpoint with a combination of software (firewalls) and
secure system architecture.
APM’s ultimate goal is to implement a dynamic and adaptable communications infrastructure that facilitates the transfer of data
between TSE, TSA Data Centers, and TSA Operational Stakeholders.
STIP
• The Cyber Risk Framework supports APM’s
cybersecurity mission and goals via three domain areas:
• Implementation of National Institute of Standards and
Technology (NIST) and DHS security controls allow
TSEs to securely connect to the network.
• Technical security and process engineering supports
secure endpoint deployment.
• A cybersecure environment enables remote monitoring,
diagnosing, troubleshooting TSE which allows TSA to
address equipment issues and manage configurations.
Secure: Enhance controls to protect against threats & comply with cybersecurity standards & regulations
Vigilant: Detect violations & anomalies through better situational awareness across the environment
Resilient: Establish the ability to quickly return to normal operations & repair damage to the business
Cybersecurity
Phase 1:
Pilot at IAD
STIP Future Deployment
Phase 1:
Pilot at
IAD
Airport
Phase 2:
Extension to
CAT X
Airports
Phase 3:
Wide-Scale
Deployments
to US airports
13
Credential Authentication Technology
(CAT) and Computed Tomography (CT)
Accurately verify passengers’ identity documents (ID)
Accurately validate passengers’ flight reservation
status
Accurately verify Secure Flight passenger’s vetting
status
The current ability to detect REAL, fake, counterfeit, &
fraudulent IDs relies on a manual process to authenticate
various forms of ID presented by passengers, airport/airline
personnel, and officers at security checkpoints or exit lanes.
CAT provides those enhanced tools in one machine, at a
cost efficient price. CAT relies on network connection to
Secure Flight (SF) via STIP to receive passenger flight and
vetting information.
TSA is pursuing a dual-track approach to field CT
systems by FY 2019 and to enable CT systems to
achieve a higher Accessible Property Screening
System (APSS) detection standard.
In order to address emerging and evolving threats, TSA
is committed to rapidly developing and deploying CT to
the checkpoint. The end goal of this effort is an eventual
replacement of all ATs with CTs.
CAT enhances the TSO’s ability to:Short-term strategy:
• Executing the AT/CT project under the
Advanced Technology (AT) program
• Conducting qualification testing (QT) in Q3 and
operational testing (OT) in Q4 FY18
Long-term strategy:
• Standing-up a separate APS Program to work
towards an improved algorithm, connectivity,
and full cyber protections, and seek ADE-2a by
Q2FY19
CTCAT
Timeline:
• ADE-2A in FY19Q2 to support beginning of
deployment in FY19Q3 for Pre-Check
14
Lease Versus Buy Analysis
TSA is exploring new acquisition approaches to more quickly and efficiently deploy TSE while increasing the pace of security
innovation. enhancing operations, and improving customer experience.
Objectives
OperationsSecurityCustomer
Experience
Approach
• Engage airlines, airports, vendors, and potential third-party financing providers to more fully understand:
• Current market options for leasing arrangements and their implications
• Environmental or policy barriers and high-level mitigation options
• Develop a quantitative cost and qualitative benefits case for arrangements (including incentives and parameters) suited to
specific TSE types
15
16
RCA Future State
• Develop, test, and deploy checkpoint CT
• Implement System Architecture
• Create Identity Verification roadmap to guide TSA investments
• Improve technology transitions and acquisitions processes
• Mature requirements development processes to create testable, detailed requirements
Where we are today?
ACCOMPLISHMENTS
• Computed Tomography (CT) development
• Finalize TSA Biometrics Strategy
• Raise Global Security Baseline with emerging threats
FUTURE FOCUS
Where we are going?
• Provide technical expertise
• Grow organizational risk assessment capabilities
• Improve capability development and analysis
• Mature existing gap analysis processes
• Provide system engineering support
INDUSTRY NEEDSHow industry can help?
17