TR2 July 6, 2011

*Master Security has received a $39.2 million contract from the Department of Homeland Security to provide protective security officer services to the Federal Protective Service at various locations in Northern Virginia. The contract is a total small business set aside. The company will provide and maintain all management, supervision, manpower, training, equipment, supplies, licenses, permits, certificates, insurance, pre-employment screenings, reports, and files necessary to accomplish the protective security officer services.

*Basic Contracting Services, Inc., a small New Mexico-based contractor, has received an $8.5 million contract from the Department of Homeland Security Federal Protective Service to provide security officer services in Tacoma, Wash. The company also provides security guard services for other federal customers, including the Navy.

*The Department of Homeland Security Science and Technology Directorate has increased the ceiling value and extended the period of performance on a contract with Eastport Analytics, Inc., for upgrades and support to the company’s analytical toolkit software system to allow ingestion of additional law enforcement data sets into the operational system. The original one-year contract was for $844,000 and was supposed to end this month but has been increased by $500,000 and will conclude in June 2012. The toolkit is used by the Federal Air Marshal Service Investigations Division. The software capability will provide air marshals with proactive capabilities to detect trends, patterns and clusters of unusual activity so that they can better prevent and disrupt plots and threats to U.S. commercial aviation flights.

*Science Applications International Corp. [SAI] has received a $9 million cost-plus-fixed-fee contract from the Army for research in the detection of insider threats based on sensor data from routine activities of members of a group, and possibly social networks. Work is expected to be completed by May 2013.

Processes and technologies currently exist to begin implementing a risk-based approach to airport checkpoint security that is focused on looking for bad people, not just bad things, according to a leading association that is helping to drive an international push for improving the checkpoint experience for travelers without compromising security.

For the past 18 months or so the International Air Transport Association (IATA) has been exploring how to bring changes to the checkpoint and last month it unveiled a mock-up of an intelligence-driven checkpoint of the future that differentiates the level of screening passengers would experience based on risk (TR2, June 8).

The intelligence component of the future checkpoint begins with the pre-screening of passengers using data about them that governments already require from airlines. Additional data would also be gathered from passengers who voluntarily submit information in the hope that they will be cleared as low-risk flyers and therefore are subject to minimal screening at the checkpoint.

In its mock-up of a future checkpoint, IATA divides the screening experience into known traveler, normal and enhanced security lanes. Known travelers are those who volunteer certain information to permit governments to make more informed background checks and would receive expedited access at the checkpoint while passengers that are either randomly selected or considered to be higher risk would receive a higher level of screening at the enhanced lane. Most passengers are expected to go through the normal screening lane.

IATA’s checkpoint of the future has 27 components, most of which are available today, but “the fact of the matter is when you strip the technology away, there are a lot of processes that we can use today” at the checkpoint to implement risk-based screening, Perry Flint, a spokesman for IATA, tells TR2. U.S. Customs and Border Protection already permits expedited entry into the U.S. through trusted traveler programs such as Global Entry, NEXUS and SENTRI and Dutch customs are using Privium, so “we’re just saying let’s try to figure out how to use it at the checkpoint,” Flint says.

“And we don’t think that’s an entirely big leap either,” he says.

Implementing these process changes–which involves differentiating travelers according to risk–could speed throughput overall at checkpoints by about 35 percent, IATA believes.

The checkpoint mock-up displayed by IATA at its Annual General Meeting in Singapore last month incorporates biometric verification–in this case a biometric-enabled passport– at the entrance to the security lanes. Flint says the biometric could be embedded in some other type of document but the essential point is the technology is ready, “we just have to figure out how to take advantage of it at the checkpoint.”

While IATA’s checkpoint plan relies heavily on the use of background checks and various detection technologies, it continues to rely on human involvement, particularly for behavioral analysis. IATA is putting “a lot of effort” into understanding what is meant by behavioral analysis and making sure that privacy rights are respected, Flint says.

Walk Through Lanes

While IATA believes that most of the technologies already exist to adequately screen people and their belongings–although it has to be used with the idea of looking for bad people and not just bad things–some technology is still further out in terms of being usable at checkpoints. Stand-off explosives detection, whether it’s some sort of vapor detection, X-Ray, millimeter wave or something else, is about five to seven years out, Flint says.

Stand-off detection systems will be one of the “linchpins” that enable people to keep walking through a checkpoint without having to stop, Flint says.

In the U.S. the Transportation Security Administration (TSA) is actively exploring how it will go about implementing some sort of risk-based screening at airport checkpoints. The agency, working with the Airline Pilots Association and the Air Transport Association, will be implementing trials later this month or in early August at two airports to expedite screening of airline pilots at checkpoints.

The KnownCrew program will have trials at O’Hare International Airport in Chicago and Miami International Airport. Final details and security protocols are being worked out but it will basically allow a quick check by Transportation Security Officers of the pilot against individual airline pilot crew databases to make sure there is nothing new in the database that would raise a red flag about a particular pilot.

This fall TSA is also expected to begin pilot testing risk-based concepts for passengers at select airport checkpoints with the aim of expanding these efforts throughout 2012 if all goes well.

Internationally, 19 countries working under the umbrella of the United Nation’s International Civil Aviation Organization are also working toward checkpoint of the future concepts.

In Asia, particularly China and India, there is an increasing number of airline passengers and new airports being built so it is imperative that countries find new ways of doing passenger screening that maintain security while accommodating higher throughputs.

“This is a real world issue that governments have and they’re not going to be able to put it off,” Flint says.

Rather than having to rely on the intelligence community as is currently the case to defend against unforeseen cyber attacks, a Senate panel is telling the Defense Department it needs to have its own capabilities for discovering these ‘Zero-Day’ attacks.

In a report accompany its mark-up of the FY ’12 DoD Authorization Bill, the Senate Armed Services Committee (SASC) says that advanced discovery capabilities developed within the National Security Agency (NSA) over the years are unlikely to be shared widely across government, or even to defend private critical infrastructure, because of their classified nature.

Therefore, SASC wants the “Secretary of Defense to develop and implement a strategy to acquire advanced threat discovery capabilities to complement current cybersecurity systems that depend heavily on advanced knowledge of specific attacks,” says the report, which was issued last week.

The report says that current defenses against cyber attacks typically require advanced knowledge of the attack signatures but new attacks, which have never been seen before and are known as zero-day attacks, take a lot of time and manpower to discover, and the results are not reliable. The NSA and other intelligence agencies have developed capabilities here with “remarkable results,” but these means alone are not reliable enough to protect DoD, federal civilian and private critical infrastructure networks, SASC says.

So rather than rely on a defense model based on classified means to detect unknown attacks, SASC says that “It is essential for network defenders to have their own means for independently discovering new attacks by examining the behavior and impact of attackers and their tools on the traffic flowing across the defended networks and their endpoint targets.”

Zero-day attacks are not as rare as they once were, so it is a “worthy goal” to develop means for non-signature-based intrusion detection, a government official tells TR2.

To obtain these discovery tools, SASC recommends that DoD, the Department of Homeland Security and the rest of government turn to the commercial sector. This will reduce their dependence on NSA and boost competition, the report says.

SASC notes that the Defense Information Systems Agency is already using a commercial capability to detect previously unknown threats as they pass into a network, but this capability hasn’t been upgraded to keep pace with the rapid rise in network traffic the past several years. Moreover, and this seems to be a common theme in any discussion about cyber security, the report says the lack of a trained analytic workforce with cyber skills hinders the ability to discover zero-day attacks.

Not all is lost though.

“One path to coping with this shortfall is to ‘outsource’ the function,” SASC says. The report points out that at congressional direction DoD has been conducting a number of pilot projects, including one for outsourced managed security services.

The report says managed security services are already available to government agencies through the General Services Administration’s Networx contract. Currently four companies- –AT&T [T], CenturyLink [CTL], Sprint [S] and Verizon [VZ]–have been selected under Networx to provide managed security services on the Managed Trusted Internet Protocol Services program, which includes behavior-based and forensic discovery capabilities. SASC says that more can be done on this program.

As long as the proposed solutions to be pilot-tested are based on open sources and open standards, then the recommendation by SASC is a good one, the government official says.

The report also points to the Host-Based Security System (HBSS) that is being deployed by DoD for endpoint protection includes an open framework that allows new capabilities to be added. As such, it recommends that commercially-developed HBSS-compatible systems that are supposed to stop unknown malware from infecting computers and to detect and remediate attacks that have succeeded be tested in realistic environments to see if they will be useful and cost-effective for DoD.

Such technologies “should also materially improve the ‘transparency” of the DoD network security situation, the lack of which is consistently cited by the Commander of U.S. Cyber Command as a serious deficiency,” SASC reports.

Oceanit Laboratories, Inc., a small Hawaiian science and engineering firm, and the Univ. of Virginia’s Dept. of Computer Science, have developed a small, low-power routers that can be carried in a dispenser on a firefighter’s belt and automatically drops the routers whenever the firefighter steps behind concrete or beyond radio range. The Wireless Intelligent Sensor Platform for Emergency Responders (WISPER) was developed and demonstrated through funding provided by the Department of Homeland Security Science and Technology branch through the Small Business Innovative Research program. WISPER contains a two-way digital radio, antenna and three-volt lithium battery and the throwaway routers are one-inch square and a half-inch thick. The routers are waterproof and heat resistant up to 500 degrees Farenheight. WISPER allows an incident commander to track the movement of the firefighters in a building, tunnel or forest fire for the and for vital signs–such as body temperature, blood pressure and pulse–to be relayed back to the base station. As routers are dropped from a canister they arrange themselves into a network. If a router gets kicked down a stairwell or fire hosed under a couch, the network will automatically reconfigure. Oceanit and UVA demonstrated WISPER for DHS in March at a Federal Emergency Management Agency office, with three researchers wearing the system as they moved through the building. DHS says in every test the signals remained strong, even at up to 150 feet. The routers’ use the low-power communications protocol ZigBee to pass radio signals. The system automatically warns firefighters if the dispenser is running low. DHS is developing the routing technology because currently when firefighters enter a building their analog radios have trouble penetrating debris and concrete and even a GPS satellite signal won’t follow. DHS S&T says the SBIR project has been successful and is looking for someone in the private sector to produce the routers in volume.

Lockheed Martin [LMT] has launched Palisade, a cyber security tool that offers advanced threat detection and forensics for the utility and energy industries. The company says that Palisade gives network security analysts enterprise-wide visibility, awareness and alerting to effectively identify and mitigate cyber security threats. “As the smart grid is implemented, utilities are being challenged by regulators and customers to ensure the security of new digital energy management systems,” says Rich Mahler, cyber security senior manager with Lockheed Martin Energy Solutions. American Electric Power [AEP] says it has worked with Lockheed Martin’s cyber security team with its smart grid roll out.

Implant Sciences Corp. [IMSC] says it has signed agreements with end-user sites in the U.S., Asia and South America to test its new Quantum Sniffer QS-B220 bench-top explosives and narcotics trace detector in operational environments in both airport security and air cargo screening applications. Implant says the new system, which was introduced in May, is receiving a good response from its potential user community.

Raytheon [RTN] says its Controlled Impact Rescue Tool (CIRT), which uses shock waves that enable rescuers to breach concrete structures faster than existing techniques, is now available to first responders via the General Services Administration contract schedule. The CIRT is capable of penetrating concrete walls up to four times faster than traditional methods such as drilling, chipping or sawing, Raytheon says. The device concentrates force in a local area to minimize collateral damage and potential destabilization of the surrounding structure. The two-person portable CIRT was developed under the Department of Homeland Security Science and Technology rapid technology application program. Raytheon recently completed a series of CIRT training demonstrations with the Hawaii and Virginia National Guards. The copanmy also recently sold a CIRT to the Yonkers, N.Y., Fire Department.

Video analytic software developer PureTech Systems, Inc., has released a software application for use on Android devices such as smart phones that allows first responders and other security personnel to take a picture of an event or scene and have that information sent remotely to the PureActive command and control as geographically- based alarm. PureActiv is an automated outdoor surveillance security management platform that provides real-time alarms and video.”The first responder application is designed to allow security or safety personnel to quickly document the situation with a photo, provide a quick explanation of the event and submit the information, along with associated latitude, longitude and time stamp metadata, directly to the main command and control system,” says Eric Olson, PureTech’s vice president of Marketing. “The resulting alarm is then immediately available on the enterprise security system, with all the typical functionality, including the ability to process the alarm, redirect a camera and review it later as part of a database search.”

Booz Allen Hamilton [BAH], SRA International [SRX], Science Applications International Corp. [SAI] and The Analysis Corp. have been selected to compete for awards under a potential $900 million indefinite delivery, indefinite quantity Technology and Systems Engineering contract to support the Joint Improvised Explosive Device Defeat Organization (JIEDDO) Counter-IED Operations Integration Center (COIC). The COIC requires continued support to conduct research and experimental development, provide analytical, technical and operational assistance, and deliver required capabilities to allow it to execute its mission. The contract has a two-year base period and three one-year options.

The Army Joint Program Executive Office (JPE) for Chemical and Biological Defense (CBD), Force Protection Systems has selected seven companies to complete for task orders under a potential $248.5 million indefinite delivery, indefinite quantity contract for the Entry Control Point Phase 3 program. Under the contract, Alutiiq, LLC, American Science and Engineering [ASEI], Bering Straits Information Technology, LLC, Kazi Investment Group, LLC, OSI Systems [OSIS] Rapiscan Systems division, Raytheon [RTN] and Smiths Detection, will compete for work for providing ruggedized, commercial-off-the-shelf non-intrusive inspection systems to U.S. forces in Afghanistan. Rapiscan says that under the award the Army may purchase multiple products and services, including the company’s Eagle cargo and vehicle inspection products and its Secure 1000 whole body imager. AS&E says that the award also includes Entry Control Point hardware sets that include day/night cameras, command and control stations, environmentally protected work stations, biometric systems, barriers and protective shelters. The contract has a three-year base period and a two-year option. There is a 35 percent small business goal for the contract.

PASSUR Aerospace, Inc. [PSSR] has received a $2.9 million contract extension from the Federal Aviation Administration (FAA) to continue providing air traffic management and aviation security solutions in support of the FAA’s joint role with the Transportation Security Administration (TSA). PASSUR uses its national network of surveillance systems, which includes extended coverage of air traffic in airspace corridors updated every 4.6 seconds, its integrated database of live and historical flight and airspace information, flight behavior algorithms, flight and airspace visualization technology, and collaborative information dashborards for instant alerts and decision support. “PASSUR’s extensive surveillance, data processing, flight and air space analytics, real-time decision support, and business intelligence capabilities are key assets for the mission of air space security,” says G.S. Beckwith Gilbert, the company’s chairman.

The Transportation Security Administration (TSA) plans to conduct a Technical Forum with Original Equipment Manufacturers to provide participants an opportunity to learn about the agency’s future vision for the Passenger Screening Program for transportation security equipment. The objective of the event is to share information so OEMs may better align their research and development efforts with TSA’s long-term vision and goals. Discussion topics at the forum include current and future initiatives, SPAWAR Next Generation Checkpoint Design, operational trends and challenges at the checkpoint, people screening and carry-on baggage portfolio updates and more. The forum is open to OEMs that have already been approved by the agency to have access to Sensitive Secure Information. The forum was originally slated for July 13 but TSA has postponed the event due to a conflict with an aviation security conference the same date and will reschedule. Sol. No. PSP_Technical_Forum. Contact: Margaret Costa, [email protected].

The Transportation Security Administration (TSA) Office of Transportation Threat Assessment and Credentialing plans to issue a Request for Proposal for operations and maintenance (O&M) of the TTAC Operations and Computing Environment. A potential five-year indefinite delivery, indefinite quantity contract is planned. Sol. No. HSTS02-11-R- TTC722_Synopsis. Contact: Victor Martinez, 571-227-2218, [email protected].

Immigration and Customs Enforcement (ICE) has issued a Request for Information (RFI) to acquire contractor services to design, develop, integrate and implement a Student & Exchange Visitor Information System (SEVIS) II solution in support of the Office of the Chief Information Officer and the Department of State. Only small businesses may reply. SEVIS II will be a web-based application comprised of over 1,000 screens with no less than 370 different workflows. It will also be required to migrate the data from the current SEVIS system hosted at a DHS Data Center. A contract is expected to be awarded by November and be worth $30 million to $40 million over three years. Sol. No. SEVIS_II_RFI. Respond by July 5. Contact: Milan Jovanovic, contract specialist, 202-732-2597, [email protected].

The Transportation Security Administration (TSA) has issued a Request for Proposals for a commercial-off-the-shelf fingerprint system that has a store and forward, and results distribution components. The store and forward component provides the backend services to systems and applications that require fingerprint-based background checks for TSA. These systems send their transactions to the results distribution component as emails. The store and forward component then forwards the transactions to the FBI biometric database for potential matches with criminal records and generate status sheets. The current process for meeting this requirement expires in November and must be replaced to avoid a gap in operations. Sol. No. HSTS03-11-R-CIO485. Respond by July 6. Contact: Yague Ngom, contract specialist, 571-227-2252, [email protected].

The Transportation Security Administration (TSA) has issued a Request for Proposals (RFP) as a small business set-aside for a commercial-off-the-shelf law enforcement database access (LEDA) that provides access to the FBI National Crime Information Center (NCIC) and the National Law Enforcement Telecommunications System (NLETS). NCIC and NLETS provide the data required to vet individuals for various jobs that may pose a security threat. The LEDA is message switch developed specifically to support law enforcement and criminal justice information exchange systems. The current contract for meeting this requirement ends in November. Sol. No. HSTS03-11-R-CIO486. Respond by July 6. Contact: Yague Ngom, contract specialist, 571-227-2252, [email protected].

The U.S. Citizenship and Immigration Service (USCIS) has issued a Request for Information (RFI) about how it can more effectively receive and respond to a wide array of customer inquiries, which amount to about four million annually through various modes. The agency also receives between six and seven million applications annually for immigration benefits. The current USCIS customer model is a traditional call center setting whereby staffers first access and obtain general information through an automated interactive voice response system. The agency is not wedded to the current call center model and wants to learn of, and consider, the newest, most innovative models of customer service. USCIS plans to use the information it obtains to shape future requirements with the goal of implementing new customer service models. Sol. No. CSDRFI. Respond by Aug. 1. Contact: Ralph Koehring, contracting specialist, 802-872-4645, [email protected].

The Department of Homeland Security (DHS) Federal Network Security (FNS) Branch is inviting industry leaders in Domain Name System (DNS) and Wireless Local Area Networks (WLAN) to participate in a technical exchange discussion on July 18 in Northern Virginia. To support federal agency cyber security operational compliance, DHS has collaborated with agency partners to draft reference architectures DNS infrastructure and WLANs. Each reference architecture is a pragmatic guide that enables agencies to implement efficient, secure DNS and WLAN solutions. FNS wants feedback from industry on the two reference architectures. No procurement actions are planned relative to the content of the meeting. Sol. No. DHS. Respond by July 13. Registration: https://register.mitre.org/industryday/. Contact: FNS Branch, [email protected].