RCA and APM Update. Latetia Henderson, APM Austin Gould, RCA Keith Goll, RCA

Transcription

1 RCA and APM Update Latetia Henderson, APM Austin Gould, RCA Keith Goll, RCA 1

2 Non-Materiel Materiel Capability Lifecycle RCA functions primarily in the early stages of capability development and acts as the Lead Business Authority (LBA) to validate that the user s need is met. RCA Functions (Primary) RCA Secondary/LBA Functions Capability Analysis Capability Analysis Report Mission Need Statement Concept of Operations Operational Requirements Document Detailed Specification Capability Developed Capability Fielded (Asset/System) Post Implementation Review Operational Analysis Asset/System APM Secondary/Key Stakeholder APM Functions (Primary) Technology Innovation and Demonstrations Responsible Office Secondary/Key Stakeholder Responsible Office Functions (Primary) Materiel Solutions: APM executes the acquisition program. RCA, as the LBA, acts as the primary end-user advocate of the capability throughout ALF activities. Non-Materiel Solutions: RCA works with the responsible Office to address the capability gap (e.g., Training, procedures, policy, etc.) 2

3 APM Overview APM delivers innovative capabilities to support Transportation Security Officers in the field and drive TSA s mission to secure the Nation s transportation systems. Test and Evaluation Division Technology Infrastructure Modernization Program Division Mission Support Division APM At a Glance Acquisition Management Functional Division APM Deployment and Logistics Division Consists of over 160 employees in seven divisions Acquisition Management Outreach Division Checked Baggage Technologies Division Checkpoint Solutions and Integration Division Manage TSA s Level 1, 2, and 3 acquisition programs, including: Set performance requirements for Transportation Security Equipment (TSE) Test, qualify, deploy, and manage the deployed TSE fleet Provide test and evaluation services to DHS stakeholders Conduct independent analyses of acquisition programs to provide assessment and recommendations to the Component Acquisition Executive (CAE) Develop, implement, and maintain the agency s cost estimation capability for acquisition programs Manages approx. $1B in acquisition program funds Checked Baggage Technologies Division (CBTD) Mission Scheduling and Notification System (MSNS) Checkpoint Solutions and Integration Division (CSID) Modernization, Performance Management Information System (PMIS) Maintains a fleet of over 14,000 deployed TSE Security Technology Integrated Program (STIP) Technology Infrastructure Modernization Program (TIM) Provides Acquisition Directive expertise to program managers 3

4 RCA Overview Perform gap analysis. Develop requirements to close identified gaps. Develop and enhance capabilities. Serve as the lead business authority for the agency. Provide decision making support to TSA. Manages $124M portfolio Employs 100 full time employees 4 Completed more than 15 pilots and demonstrations across Aviation and Intermodal Security spaces Completed 64 reviews & 15 technical documents for DHS as TSA s requirements development shop and JRC gatekeeper

5 RCA Recent Successes Enhanced Accessible Property Screening Pilot yielded 156% detection improvement Computed Tomography 15 deployed by end of calendar year Biometrics 5 Biometric pilots at 5 airports Signed joint memo with CBP Threat Response PEDs Powders Innovation Demonstrations ASL lanes at 14 airports BAA - identified over 175 innovative solutions Detection Standards 6 created/updated/ managed (APSS, AIT, EDS, ETD, BLS, and EMD) Detection at Range (DaR) Tested with >10 mass transit end users over past 2 years Enables law enforcement to identify concealed objects 5

6 APM FY18 Initiatives APM s ultimate goal is to implement a dynamic and adaptable communications infrastructure that facilitates the transfer of data between TSE, TSA Data Centers, and TSA Operational Stakeholders. Connectivity Security Technology Integrated Program (STIP) creates a web of interconnected TSE that ties back to a centralized control point. STIP will use DOMAIN to develop and deploy the endpoint connectivity solution, and will secure the endpoint with a combination of software (firewalls) and secure system architecture. Credential Authentication Technology CAT provides enhanced tools in one machine to enable the ability to detect real, fake, counterfeit, and fraudulent IDs, at a cost efficient price. CAT relies on network connection to Secure Flight (SF) via STIP to receive passenger flight and vetting information. Lease vs Buy Analysis Cybersecurity Working with key stakeholders to define Federal Information Security Management Act (FISMA) boundaries and applicable cyber requirements, obtain Authority to Operate (ATO) and manage compliance, and ensure all procurement packages through the Information Technology Acquisition Review (ITAR) process Computed Tomography In order to address emerging and evolving threats, TSA is committed to rapidly developing and deploying CT to the checkpoint. The end goal of this effort is an eventual replacement of all ATs with CTs. TSA is exploring new acquisition approaches to more quickly and efficiently deploy TSE while increasing the pace of security innovation. enhancing operations, and improving customer experience. Security Customer Experience Operations 6

7 RCA FY18 Initiatives APSS Development Risk Analysis Expand Capability Requirements Innovation Demos System Architecture Biometrics Mature TSCAP International Engagement S&T Partnership 7

8 Notional APM FY19 Budget Landscape APM FY19 Budget Total*: $732M PC&B: $30M / 4% Maintenance: $282M / 39% Capital Fund $250M Maintenance $282M Other Transactional Agreements (OTAs) Checked Baggage Technology Procurements Includes carryover funds Checkpoint and Checked Baggage Maintenance Support OTAs: $96M Technology Procurements: $155M PSP Maintenance: $81M EBSP Maintenance: $200M Capital Fund: $250M / 34% Program Funding $170M PC&B $30M Checkpoint Technology Deployment Procurements STIP Maintenance/Pilots Algorithm Development and Professional & Engineering Technology Enhancements Contract Support Test and Evaluation Travel, Training, Supplies Program Funding: $170M / 23% Checked Baggage: $27M Checkpoint: $143M *Information presented may change based on final appropriations and/or TSA priorities 8

9 Traditional Barriers to Quicker Acquisition Focus Areas 1 Technology and Industry Limitations: Technology essentially a COTS product and not readily available to meet requirements without lengthy development cycles. Market share is often limited, restricting access to best available. 5 Workforce Proficiency: Much of acquisition workforce does not possess necessary experience (e.g. scheduling, subject matter expertise, IT, etc.). High attrition, vacancy rates, and low engagement compound issues. 2 Organizational Interdependencies: Integrated responsibilities with other offices (e.g. RCA, OTD, OSO, OIT, OSO) introduces risk and opportunities for confused lines of responsibility. 6 Reactive Nature: Program frequently in the position of catching up with operator/threat. Changing priorities/ nice to haves frequently take precedence over identified needs (e.g. scope creep). 3 4 Fluid Enterprise Strategic Focus and Mission Needs: Changes to mission and strategic focus influences program level decision making and prioritization. Clear Functional Requirements: Successfully testing and making necessary trade-offs to deliver capability relies on a foundation of complete and straightforward requirements Risk Averse: Challenge of balancing trade-offs for rapid action, innovation and risks (e.g. policy, cyber security, certification/operational testing, etc.) Complicated Governance: DHS oversight carries similar aversion to risk and with additional focus on process; interpretation of policy can limit flexibility. Technical Debt: Historical development /deployment /issues have created scar tissue that impedes future progress. 9

10 APPENDIX 10

11 TSAM Overview The TSAM tailors DHS acquisition policy to the specific needs of TSA, including opportunities for flexibility and methods of acceleration, by clearly defining a repeatable, transparent, end-to-end acquisition process that operates synchronously with TSA business processes and the Administrator s Intent. TSAM Structure Sections Acquisition Manual Intent R&Rs Phases Methods of Acceleration Processes/ Reviews Enclosure TSAM Value Aligns to Administrator s Intent 2.1: Improve the speed to decision and 2.2: Reduce the time to field solutions, through a repeatable end-to-end process Incorporates acquisition best practices from DHS AD-102, Coast Guard Major Systems Acquisitions Manual (MSAM), and CBP Program Lifecycle Process (PLP) Guide Implements Pre-Need Phase and ADE-0 to synchronize TSA s CIP, PPBE, RAP, capability gap identification/prioritization, and acquisition strategy to a calendar-driven basis with field input Fosters intelligent trade offs in risk through Methods of Acceleration such as agile project management, ALF IPTs, and IMS accelerators Provides a structured process to transition ITF demonstrations to a PoR that is AD-102 compliant and has organizational buy in from DHS PARM 11 TSAM Implementation (six months to complete implementation) Championship TSAM: TSA Administrator Implementation: CAE, RCA/APM AAs TSA Business Process: CFO, CIO Ownership TSAM: CAE Implementation: RCA/APM DDs/Staff Accountability: Performance Plans Implementation Plan Singular Plan: CAE, RCA, APM Engagement: stakeholders not as recipients, but as invested participants

12 Emergent Acquisitions Working with PARM and using JIDO as a model, we designed a TSA-tailored Emergent Operational Need (EON) acquisition process to serve as a middle path between AD-102 and UON. Emergent Operational Need (EON) Acquisition Lifecycle Emergent Operational Need (EON): identified by the TRG, from intelligence or through developments in the field or in the transportation arena, which, if not addressed in a two-year timeframe, could lead to loss of life or become an urgent need. EON Request E1 Analyze and Select E2 Obtain Produce, Deploy, and Support As needed Six months 18 months One month One month EON Implementation Implementing the EON process would require: Approval of a TSA EON IPT to serve as a task force for EON analysis and development Expedient reviews by the JRC, PARM, DHS and TSA CFOs, an ARB, and the CAE Accepting risk in the form of minimum viable product (MVP) style acquisition documentation EON Execution Executing the EON process would result in: Improved speed to decision through increased leadership oversight and accelerated reviews Reduced time to field solutions through accelerated analysis and an empowered workforce Defining a middle path to acquisitions that is transferrable to the traditional AD-102 path 12

13 Connectivity APM s ultimate goal is to implement a dynamic and adaptable communications infrastructure that facilitates the transfer of data between TSE, TSA Data Centers, and TSA Operational Stakeholders. STIP Cybersecurity Security Technology Integrated Program (STIP) creates a web of interconnected TSE that ties back to a centralized control point, which allows for greater transparency and control over field operations, enhanced data flows, and increased automation. STIP will use DOMAIN to develop and deploy the endpoint connectivity solution, and will secure the endpoint with a combination of software (firewalls) and secure system architecture. STIP Future Deployment The Cyber Risk Framework supports APM s cybersecurity mission and goals via three domain areas: Secure: Enhance controls to protect against threats & comply with cybersecurity standards & regulations Vigilant: Detect violations & anomalies through better situational awareness across the environment Resilient: Establish the ability to quickly return to normal operations & repair damage to the business Phase 1: Pilot at IAD Implementation of National Institute of Standards and Technology (NIST) and DHS security controls allow TSEs to securely connect to the network. Technical security and process engineering supports secure endpoint deployment. Phase 1: Pilot at IAD Airport Phase 2: Extension to CAT X Airports Phase 3: Wide-Scale Deployments to US airports A cybersecure environment enables remote monitoring, diagnosing, troubleshooting TSE which allows TSA to address equipment issues and manage configurations. 13

14 Credential Authentication Technology (CAT) and Computed Tomography (CT) CAT The current ability to detect REAL, fake, counterfeit, & fraudulent IDs relies on a manual process to authenticate various forms of ID presented by passengers, airport/airline personnel, and officers at security checkpoints or exit lanes. CT In order to address emerging and evolving threats, TSA is committed to rapidly developing and deploying CT to the checkpoint. The end goal of this effort is an eventual replacement of all ATs with CTs. CAT provides those enhanced tools in one machine, at a cost efficient price. CAT relies on network connection to Secure Flight (SF) via STIP to receive passenger flight and vetting information. CAT enhances the TSO s ability to: Accurately verify passengers identity documents (ID) Accurately validate passengers flight reservation status Accurately verify Secure Flight passenger s vetting status Timeline: ADE-2A in FY19Q2 to support beginning of deployment in FY19Q3 for Pre-Check TSA is pursuing a dual-track approach to field CT systems by FY 2019 and to enable CT systems to achieve a higher Accessible Property Screening System (APSS) detection standard. Short-term strategy: Executing the AT/CT project under the Advanced Technology (AT) program Conducting qualification testing (QT) in Q3 and operational testing (OT) in Q4 FY18 Long-term strategy: Standing-up a separate APS Program to work towards an improved algorithm, connectivity, and full cyber protections, and seek ADE-2a by Q2FY19 14

15 Lease Versus Buy Analysis Objectives TSA is exploring new acquisition approaches to more quickly and efficiently deploy TSE while increasing the pace of security innovation. enhancing operations, and improving customer experience. Security Customer Experience Operations Approach Engage airlines, airports, vendors, and potential third-party financing providers to more fully understand: Current market options for leasing arrangements and their implications Environmental or policy barriers and high-level mitigation options Develop a quantitative cost and qualitative benefits case for arrangements (including incentives and parameters) suited to specific TSE types 15

16 16

17 RCA Future State ACCOMPLISHMENTS Where we are today? FUTURE FOCUS Where we are going? INDUSTRY NEEDS How industry can help? Computed Tomography (CT) development Finalize TSA Biometrics Strategy Raise Global Security Baseline with emerging threats Develop, test, and deploy checkpoint CT Implement System Architecture Create Identity Verification roadmap to guide TSA investments Improve technology transitions and acquisitions processes Mature requirements development processes to create testable, detailed requirements Provide technical expertise Grow organizational risk assessment capabilities Improve capability development and analysis Mature existing gap analysis processes Provide system engineering support 17