Office of Infrastructure Protection (OIP) Strategic Drivers HSPD-5 HSPD-7 HSPD-8 The Homeland Security Act of 2002 established an Assistant Secretary for Infrastructure Protection, with responsibility for assessing vulnerabilities of key resources and critical infrastructures and developing a comprehensive national plan. In 2006, P.L. 109-295, Section 550 directed regulation of high risk chemical facilities. HSPD-9 National strategies for Homeland Security, Cyber Security, and Physical Protection of CI/KR provided high level goals and priorities for the Office of Infrastructure Protection HSPDs 5-9 & 19 provide inter-related and focused policy guidance in the areas of incident management, critical infrastructure protection, and national preparedness. HSPD-7 is a central policy driver of IP plans and programs Secretary’s 2 nd Stage Review “ 2SR” established the Preparedness Directorate, which aligns IP with other DHS preparedness partners The 2005 hurricanes affirmed the Preparedness Directorate’s important mission and IP’s central role in preparedness HSPD-19
OIP’s Vision, Mission, and Goals
A safe, secure, and resilient national infrastructure through public and private partnerships.
Lead the coordinated national effort to reduce the risk to our critical infrastructures and key resources posed by acts of terrorism, as well as enable national preparedness, timely response and rapid recovery in the event of an attack, natural disaster or other emergency .
Understand and share risk and other information about terrorist threats and other hazards to our national CI/KR.
Build and sustain effective CI/KR partnerships and coordination mechanisms.
Build and implement a sustainable, national CI/KR risk-management program.
Ensure efficient use of resources for KI/KR risk reduction.
Provide a foundation for continuously improving national CI/KR preparedness.
Promote an OIP culture of organizational excellence and a quality work environment that value and support our workforce.
Mission Vision Goals
NIPP Operational Framework
As the operational framework for IP activities, the NIPP will:
Detail the national architecture we will use to protect our CI/KR sectors (governance, information sharing, risk analysis, protective measures, and performance measurement)
Provide a clear division of labor between IP and our Federal State, local, tribal, and private sector partners
Form the basis for a risk-based CI/KR protection requirements determination and prioritization process
Inform the annual Federal budget process in the IP mission area
Physical Physical Human Cyber Assess Risks (Consequences, Vulnerabilities & Threats) Implement Protective Programs Measure Effectiveness Prioritize Identify Assets, Systems, Networks, and Functions Set Security Goals The NIPP’s risk management framework establishes the process for combining consequence, vulnerability, and threat information to produce a comprehensive, systematic, and rational assessment of national or sector risk that drives CI/KR risk reduction activities. Continuous improvement to enhance protection of CI/KR
OIP Structure HITRAC
Chemical Security Compliance Division
Implement chemical sector security legislation
Regulate security activities for chemical industry
Oversee inspector cadre
Review chemical site security plans, conduct inspections, and audit sites
Infrastructure Information Collection Division
Infrastructure information Collection Program
Infrastructure Critical Asset Viewer
National Infrastructure Inventory
Infrastructure Analysis & Strategies Division*
National Infrastructure Simulation & Analysis Center
Strategic Homeland Infrastructure Risk Assessment
Tier 1 & 2 Analysis
Committee on Foreign Investment in the US Support
CI/KR Protective Security Coordination Division
Protective Security Advisor
Buffer Zone Protection Program
Office for Bombing Prevention
Site Assistance Visits
CI/KR Contingency Planning and Incident Management Division
National Infrastructure Coordinating Center
Readiness/Continuity of Operations
Incident Management Support
CI/KR Partnership and Outreach Division
National Infrastructure Protection Plan Program Management Office
NIPP Education & Awareness
Protected Critical Infrastructure Information
National Infrastructure Advisory Council
Critical Infrastructure Warning Information Network
Homeland Security Information Network-Critical Sectors
- - - - - - - - - - - -
Sector Specific Agencies
Office of the Assistant Secretary for Infrastructure Protection *Note: The Infrastructure Analysis & Strategy Division represents a partnership between OIP and the Critical Infrastructure Threat Analysis Division within the Office of Intelligence and Analysis. This partnership, named HITRAC, is led by M.Smislova (I&A) and B.Wales (OIP) serves as D.Director.
IICD’s Vision, Mission, and Goals
Provide the DHS enterprise solution for the collection and sharing of infrastructure data
Create more relevant infrastructure information
Develop persistent awareness of the nations infrastructure (support to the NICC)
Enable timely decisions to protect, secure, analyze, and restore the nations infrastructure
Enable informed actionable decisions to protect, secure, analyze, and restore the nations infrastructure
Lead the Department’s efforts to provide standardized, relevant, and customer-focused infrastructure information to homeland security partners.
Ensure infrastructure information collection processes, procedures, and tools support the implementation and sustainment of a comprehensive risk-management program
Develop an infrastructure information collection management process to coordinate requirements to support our mission partners and customers.
Provide leadership, collaboration, and support in establishing partnership within the infrastructure information management community .
Ensure appropriate open access to OIP CI/KR infrastructure information
Instill discipline in the design and implementation of processes and technologies to collect infrastructure information
Provide a work environment that values and encourages our workforce and drives organizational excellence
Mission Vision Goals
IICD Organization Roles & Responsibilities Administrative Assistant Division Director Deputy Division Director
Mission Management: Develop policies and procedures for the submission and dissemination of infrastructure data
Requirements Management: Establish and implement a Requirements Process and approval board to consolidate and prioritize information and intelligence requirements. Defines ‘what’ to collect
Collection Management: Establish and implement a process for collection of information based on requirements and available resources; identify sources of industry-accepted information. Defines ‘how’ to collect data.
Establish data format standards to facilitate information collection, exchange, and dissemination
Coordinate with external partners (SASSD, PSCD) to disseminate information and ensure requirements are met
Provides capability and functionality requirements, and data standards to for tool design and development.
IT/System support to ensure coordination and integration of projects with DHS-level IT requirements. Includes
Certification & Accreditation
Approval Board (EAB, ERB)
Project Evaluation and Assessment supports PMs and COTRs is managing contract costs and schedules, establishing performance-based metrics and milestones, and coordinating with DHS PA&E to achieve project approvals
Business Support Team: Develops division funding requirements for out-years and implements procurement actions.
Human Resource support to ensure personnel vacancies are filled with qualified applicants; coordinates professional development and training courses for employees.
Policy Support: Field external information requests and assists in developing strategic guidance/ vision
IICP Program Management Office Information Management Branch Mission Support Branch
Manage development of the Geospatial tools to support DHS’ Infrastructure Protection, Security, and Restoration mission areas.
Provide PM support for iCAV.
Provide geospatial services to IP:
Contract GA Support - (ESRI)
Collaborate with the DHS GMO to establish geospatial data format standards to facilitate information collection, exchange, and dissemination
Identify and prioritize capability and functionality requirements for tool development.
Project Task Managers and COTRs manage program and contract schedules and costs using EVMS.
Develop and implement procurement actions to enable tool development.
Geospatial Program Office
Manage infrastructure information collection programs and the projects to development and maintain their respective technology components:
Help Desk Support
Develop a process-oriented approach for tools requirements and align with data classifications and policies specified by the Information Management Branch
Manage the integration of infrastructure information collection tools and all investment documentation requirements
Develop and implement procurement actions to enable tool development.
Support the technological development of IICP tools and integration with project management disciplines, including EVMS.
D S s
Overview of Risk Analysis CONSEQUENCE (C) (a.k.a. Criticality) – Estimate of what could happen to people, the economy, national psyche, or mission capability VULNERABILITY (V) Estimate of how easy or difficult it would be to successfully attack the asset and, in so doing, yield the most severe consequences THREAT (T) Application of threat to the asset, in terms of enemy Capability and Intent, well-informed by both consequence & vulnerability values “ [W]e cannot protect every single person against every single threat at every moment and in every place. We have to, with our finite resources and our finite number of employees, we have to be able to focus ourselves on those priorities which most demand our attention. And that means we have to focus on risk. And what does that mean? It means we look to consequence, it means we look to vulnerability, and it means we look to threat.” Secretary Chertoff, July 25, 2005
Infrastructure Information Collection Program (IICP)
Collects, catalogs, and maintains standardized and quantifiable risk-related infrastructure information to enable the execution of national risk management.
IICP will integrate at least four existing projects to reduce duplication and facilitate information collection through the implementation of a distributed architecture
Automated Critical Asset Management Systems (ACAMS)
Web-based tool enabling collection of infrastructure and risk information from
Owners/operators, law enforcement and first responders at State and Local level
Implementation of sector specific methodologies into tools to support within sector risk analysis and the collection of asset information
National Asset Database (NADB)
Repository of infrastructure information
IICP Planned Capabilities
A focused CI/KR information management system in which quantifiable variables required for risk analysis, CIP planning, and decisions are collected, consolidated, and presented to inform DHS leadership and other CIP partners
Capabilities and Functions:
Integrates existing collection processes
Drive asset information collection through standard risk methodologies
Data standards established for information collected
Incentives to CI/KR owners and operators to submit information on their assets
Infrastructure data is accessible via a common graphics user interface
Infrastructure data is accessible to meet the mission requirements of DHS components and inform long term CIP strategic planning
Establish requirements-based Collection Management process
Geospatially enabled with integration into iCAV
Constellation / ACAMS
Constellation/ACAMS is a web-enabled system focused at the state and local level for the collection and effective use of asset data, protection information, and incident response and recovery plans pertaining to infrastructure.
Purpose to facilitate the identification, prioritization and collection of CI/KR assets.
Focus on collecting and communicating necessary local information required by incident commander both pre-incident (protection plans, operational guides) and post-incident (response, recovery)
Program capabilities include:
Comprehensive Training program
Open source information and news feeds (Constellation)
Library of vulnerability and risk assessments and reports
Information to support strategic planner and tactical commanders
ACAMS Tools and Capabilities
A core asset management system that implements a database for critical asset information focusing on the unique requirements and information needs of first responders
Vulnerability and consequence scoring tools that aid the user’s subjective analysis of criticality
An integrated information portal, Constellation, tying together critical assets data and reporting about the current threat environment
A complete reporting capability to answer both local and national-level data calls on critical assets
Automated generation of Buffer Zone Protection Plans (BZPPs)
Automated generation of pre-incident operational plans for local police and first responders
Electronically available resources for first responders, such as the Field Operations Guide (FOG) and the Response Information Folder (RIF)
Integrated Geospatial Information System for use in collection process and analysis
Constellation/ACAMS Incorporates these Principles in an Information System for Identifying, Prioritizing and Cataloging Critical Assets – Focusing on the Information Needed by First Responders:
Inventory Process Asset Management Questionnaire Stage Initial Assessment Visit Highly Critical Assets Non - Critical And Uncategorized Assets Small Number of Critical Sites – Highly Detailed High Number of Sites - Only Basic Information Collected
Constellation / ACAMS
System is operational in CA, with a limited pilot expansion that began in October 2006.
Representatives from 25 States have attended training
“ Train the Trainer” curriculum under development
National roll-out will facilitate future data calls or DHS information requests to State and Local jurisdictions.
System integration with IICP capabilities will enable more efficient analysis for determination of inclusion of infrastructures in the Tier One/ Two program
Trained by State – near future 480 36 12 34 5 12 4 15 4 10 51 DC (48) MD (9) MA (35) 7 1 1 3 2 CT (4) 9 4 24 10 5 DE (7) 5 5 5 5 769 Trained by AUG 07
Using a distributed architecture, the IDW evolves from the National Asset Database (NADB) to integrate independent databases
Provides for a more robust and complete data set
Reduces duplication of effort and distributes information maintenance
Primary repository of the knowledge necessary to implement risk-informed infrastructure and resource protection activities
The IDW contains:
A comprehensive catalogue of the assets that comprise the Nation’s infrastructure
All pertinent information about those assets (e.g. address, facility type, owner’s name and phone number, consequence and vulnerability information)
These items can be quickly searched in a variety of manners to support rapid identification of those assets of greatest interest or at the greatest risk depending on the circumstances
Establishing a collection management process to collect infrastructure information based on stakeholder requirements
Integrated Data Warehouse (IDW)
The IDW is not simply a list of our nation’s “most critical” assets and resources
Risk is dynamic, and thus what is “critical” today may not necessarily be “critical” tomorrow. Accordingly, an all-encompassing inventory is required.
The IDW is not static. It is a continually evolving system to support the Department’s risk analysis in a changing threat environment.
DHS is actively seeking additional assets from other Federal agencies, State and Local governments, and other entities for inclusion into the NADB
DHS is not excluding any asset from the IDW
Every asset that a state, territory, federal agency, or private sector member provides will be entered into the database upon request
The IDW will display all available information held within existing databases once integrated
The IDW: What It Is Not
Sources of Information
DHS is employing a multi-pronged approach to populate the IDW with data about the nation’s infrastructure and resources:
Formal data calls to States and Territories
Identification and integration of existing federal agency databases
National Inventory of Dams (NID)
Risk Management Plan (RMP)
Incorporation of information collected as part of other DHS initiatives, such as:
Automated Critical Asset Management System (ACAMS)
Risk Analysis and Management for Critical Asset Protection (RAMCAP)
Site Assistance Visits
Buffer Zone Protection Plans
Collection of voluntary private sector and industry input
Procurement of commercial and private databases
Homeland Security Infrastructure Program (HSIP)
Information not received as part of other DHS initiatives is validated for accuracy
Risk Analysis and Management Technology Implementation (RAM-TI)
The RAM-TI program are tools for private sector owners and operators to assess facility risk through standard methodologies and common metrics to enable cross-sector risk comparisons.
Risk Analysis and Management for Critical Asset Protection (RAMCAP) to assess complex infrastructures
Vulnerability Self Assessment Tool (ViSAT) methodologies and standards to assess non-complex infrastructures.
Sector –specific methodologies as identified by the SSA (JATT, RAM-W)
Five RAMCAP Technical Specification documents written for:
Commercial Nuclear Power
Nuclear Spent Fuel
Two RAMCAP Technical Specification documents in development:
Dams, Locks and Levees / Water Sector
Integrated Common Analytical Viewer (iCAV)
Enhanced with a Services Oriented Architecture (SOA) approach, iCAV provides a consistent geospatial context for viewing threat, asset and vulnerability information.
Based on ESRI Products, iCAV is a web-enabled, DHS-owned analytical Geospatial tool
In partnership w/ NGA, data is licensed to “Homeland Security / Homeland Defense Partners”
Permitting state and local users access to iCAV provides a common view of geo-referenced information and helps reduce inconsistencies
Web services deployed from iCAV allow integration with other SOA-enabled system
i CAV provides the capability to permit or restrict access to specific layers of data based on a variety of criteria including user, location as well as business rules presented by remote systems
Providing operational, situational and strategic awareness capabilities for Preparedness, Response & Recovery supporting the Homeland Security Mission
iCAV Users / Integration
Federal Situational Awareness
National Asset Information
Local Law Enforcement
DHS – Multi Component
Event & Activity Data
State EOC/Fusion Centers
State monitored activities
Local First Responders
Response/Recovery Resource Coordination
Geospatially Integrate DHS Databases
Integration of DHS Databases
Master Watch Control Log
NGA, USGS, FEMA Web Mapping Services
Additional Integration w/ Sensors, Data and Video
Establish Inter-system Governance
Define rules to expand our ability to share data
Defined user profiles
Establish Initial Identity Management Capability
iCAV system leverages the authentication capabilities of the Homeland Security Information Network (HSIN).
A single sign on for ease of use
iCAV Viewer showing full global view. Critical Infrastructure Categories in left hand column
NBIS Lite Integration NBIS - Bio-surveillance data on H5N1 detection based on open source information.
LENS Integration - Regional US View showing locations of completed Buffer Zone Protection Plans, Comprehensive Reviews, Site Assistance Visits and other PREP/OIP/RMD products.
Clicking a BZPP Icon launches LENS showing the actual reports for that particular asset.
Hurricane support - Hurricane data obtained from NOAA resulting in a forecast cone for Alberto, 2006
Hurricane data for Alberto overlaid with Nuclear Power Plants. Used to produce impact reports.
Real time video integration – iCAV showing locations of static video cameras as well as UAV video feeds
Clicking a camera icon retrieves and displays the video from the source camera or UAV
NOC COP integration - iCAV integrated as the Geospatial platform for the DHS National Operating Center COP
IICP System Current State
A coherent plan to move forward with system integration
Includes functional requirements for systems integration
IICS End State FY08 (IOC) Enterprise Service Bus Core messaging and interaction services are provided by a single set of integrated components Geospatial Viewer Supports multi-perspective, multi-device location-based end user interfaces. Common, interoperable geospatial functionality is packaged as discrete services which can be reused across the Department Process Management Utility services are invoked in a particular sequence to provide meaningful location-based business functionality Utility Services Common, interoperable tool functionality is packaged as discrete services which can be reused across Federal, State and Local governments and sectors System Integration Access to DHS and HLS enterprise geospatial applications and data sources is provided via standards-based interfaces NOC COP ViSAT Sector RAT State VAT Others Services Analytical Tools PDA DAMS / RAM-W Enterprise Coverage Repositories Ops Data
Infrastructure Situational/Strategic Awareness
Lexis Nexis Sector DB LENS Imagery Elevation NICC NOC COP USACE GIS-Analysis/Mapping (iCAV) (Unclas/Secret/Top Secret) Future integration – Development by DHS, NGA, National Labs etc Threat iCAV - Current Implementation ACAMS LandScan HSIP Gold Enterprise Infrastructure Data Warehouse Orchestration Transformation Security Management Transport Presentation Smooth user feel, easily downloadable products, and role based
Common Graphics User Interface
Single Sign On to multiple tools
Secure Web Based Portal
Google like search/categorization
Timeline Apr May Jun Sep FY07 Aug Jul Oct FY08 Sep FY08 1
Replicate ACAMS (PSC)
Establish IICS dev sys.
SECURITY MD 1400 Customer Engagement Policy Development 15
IICP Next Steps
IICP System Integration
Plan completed by 18 May 07
Immediate implementation 1 Jun 07
Work with DHS components, States, SSAs to identify additional data integration and utilization requirements
iCAV System Enhancement
Fully implement a Services Oriented Architecture (SOA) fulfilling mission requirement for collaboration