The Office of Acquisition Program Management (OAPM) at the Transportation Security Administration (TSA) oversees acquisition programs that deliver security screening technologies to airports. OAPM manages over $415 million in acquisition funds and a fleet of over 15,000 security screening devices. It is pursuing several initiatives, such as breaking the Passenger Screening Program into separate programs and establishing connectivity between security equipment. OAPM is also focused on rapidly deploying new technologies like Computed Tomography scanners and transitioning projects like the Technology Integrated Program into formal acquisition programs.

1. Office of Acquisition Program
Management Overview
Ron Gallihugh
Deputy Assistant Administrator
March 2018

2. OAPM Overview
Values
Focused - We are relentlessly committed to our security mission and our duty to provide operational solutions
Accountable - We accept full responsibility for every action we take, and we answer to the frontline, our peers, and our
stakeholders
Transparent - We openly share information to ensure the most optimal solutions are identified
Entrepreneurial - We take initiative and manage calculated risks to accomplish our mission
Mission
We will efficiently provide effective mission capabilities by developing and leveraging a diverse, expert
corps of professionals across the acquisition program lifecycle. We will be committed to open and
transparent collaboration with all stakeholders to achieve the best possible outcomes.
Vision
Focus Areas
• Define OAPM’s roles, responsibilities, and operating
models & socialize with all stakeholders
• Define & execute a workforce development strategy,
including hiring, staff empowerment, and succession
planning
• Develop a framework to drive focus on priorities,
performance, and efficiencies
• Drive stakeholder integration and coordination
Strategic Priorities
• Aggressively field enhanced capabilities
• Build an experienced and engaged workforce
• Promote organizational alignment and
collaboration
• Mature portfolios
We deliver innovative, mission-driven capabilities required by the frontline to safeguard America’s
transportation system.
2

3. OAPM Overview
OAPM delivers innovative capabilities to support Transportation Security Officers in the field, and drive TSA’s mission to secure the
Nation’s transportation systems.
What We Do
 Manage TSA’s Level 1, 2, and 3 acquisition programs:
 Currently this includes the Electronic Baggage Screening Program
(EBSP), Passenger Screening Program (PSP), and Security
Technology Integrated Program (STIP), Mission Scheduling and
Notification System (MSNS) Modernization, and Performance
Management Information System (PMIS)
 In the future, this will include the Technology Integrated
Modernization Program (TIM)
 Set performance requirements for Transportation Security Equipment
(TSE) and test, qualify, deploy, and manage the deployed TSE fleet
 Provide test and evaluation services to DHS stakeholders
 Conduct independent analyses of acquisition programs to provide assessment
and recommendations to the Component Acquisition Executive (CAE)
 Develop, implement, and maintain the agency’s cost estimation capability
for acquisition programs
 Coordinate the donation of equipment to other entities to support common
detection capabilities
OAPM
Acquisition
Management
Functional
Division
Acquisition
Management
Outreach
Division
Checked
Baggage
Technologies
Division
Checkpoint
Solutions and
Integration
Division
Deployment
and Logistics
Division
Mission
Support
Division
Test and
Evaluation
Division
OAPM At-A-Glance
Consists of over 160
employees in seven
divisions
Manages more than
$415 M in acquisition
program funds
Maintains a fleet
of over 15,000
deployed TSE
Provides Acquisition
Directive 102-01 expertise
to program managers
3

4. Current OAPM Organization
Checked
Baggage
Technologies
Division
Mission Support
Division
Test and
Evaluation
Division
Acquisition
Management
Functional Division
Acting DD:
Alex Tsurikov
Deployment and
Logistics Division
DD: Pete McVey
Checkpoint
Solutions and
Integration
Division
Acquisition
Management
Outreach
Division
Acting DD:
Lidet Makonnen
Executive
Assistant
Kiana Robinson
Executive
Advisors
Robyn Peters
Paul Ross
Assistant Administrator
Latetia Henderson
Deputy Assistant Administrator
Ron Gallihugh
Budget and
Finance
Planning,
Performance &
Data
Management
Human
Resources
Procurement
Coordination
Passenger
Screening
Program
Planning
Portfolio
Equipment
TSIF Test
Operational
Evaluation and
Quality
Assurance
T&E Operations
and
Infrastructure
Western Region
Central Region
Eastern Region
Operations
Integrated
Logistics
Support
Cost Estimation
Technical
Expertise
Checked Baggage
Technologies
Division
Acting DD:
Scott Bruner
Mission Support
Division
Division Director
(DD):Jennifer
Bryant
Test and Evaluation
Division
DD: Andy Lee
Checkpoint Solutions
and Integration
Division
DD: Mario Wilson
Budget and
Finance
Planning,
Performance &
Data
Management
Human
Resources
Procurement
Coordination
Passenger
Screening
Program
Security
Technology
Integrated
Program
Planning
Portfolio
Equipment
System
Optimization
Support
As of: February 2018
4

5. Future OAPM Organization
Executive
Assistant
Executive
Advisors
Assistant Administrator
Deputy Assistant Administrator
Test and Evaluation
Division
Executive Director for
Screening Systems
Mission Support
Division
Executive Director for
Mission Application
Technology Integrated
Modernization
Program Division
Mission Scheduling
and Notification
System Division
Checkpoint Solutions
and Integration
Division
Security Equipment
Connectivity Division
Checked Baggage
Technologies Division
Deployment and
Logistics Division
Performance
Management
Information System
Division
Electronic Time and
Attendance System
Division
Acquisition
Management Outreach
Division
Cost Estimating
Division
As of: February 2018
5

6. AD-102 Lifecycle Framework
As of: February 2018
6
6

7. OAPM FY18 Objectives
Tactical Objectives
1. TIM: Ingest TIM with formal program management assignment and
operations under OAPM within FY18
2. Checkpoint:
1. CAT: Deployment of CAT to TSA Pre✓® lanes in FY18
and to Standard Lanes in FY19
2. AT: Be prepared to field AT Tier 2 by end of FY18
3. ETD: Be prepared to field Detection Standard 6.2
capability for ETD by FY19 end
4. AIT: Be prepared to field AIT wideband capability by FY19
end
3. Checked Baggage:
1. HME: Achieve 50% of bags able to be screened by HME
algorithm by FY19 end
2. EDS: Reduce false alarm by half by FY20 end.
4. CT: Rapidly test and be prepared to procure CT systems by FY18
end
5. ASL: Establish ASL as a program of record with technology ready
for acquisition in FY19
Strategic Objectives
1. TSE Connectivity: Initiate the first pilot of STIP integrated
systems at Dulles Airport to connect and secure equipment
across OAPM screening programs
2. Program Transition: Expedite the time to field new capabilities
by implementing ingestion points into formal acquisitions
process
3. Testing Evolution: Implement Third Party Testing and future
process/capability enhancements to reduce the cost and time to
field new capabilities
4. Industry Engagement: Develop an engagement strategy to
proactively align with industry on future investment strategies
and ongoing acquisition initiatives
5. Planning: Successfully plan, prioritize, and execute OAPM’s
budget by integrating cost, schedule, and performance data
through project-based budgeting/execution, the maturation of
IMS, and project prioritization
As of: February 2018
7
7

8. The Checkpoint Solutions and Integration Division is pursuing a path to breakup PSP into separate programs. The current PSP structure
results in the potential of a breach for the entire program when one technology experiences costs, schedule, or performance issues.
PSP
Advanced
Imaging
Technology
(AIT)
Advanced X-
Ray
Technology
(AT)
Bottle Liquid
Scanner
(BLS)
Explosive
Trace
Detection
(ETD)
Walkthrough
Metal Detector
(WTMD)
Credential
Authentication
Technology
(CAT)
Boarding Pass
Scanners
(BPS)
Past Program Current Technology Programs
Passenger Screening Program Transition
Primary Passenger
Screening
AIT, CAT
Accessible Property
Screening
AT, ASL, ETD, CT
Legacy PSP
BLS, BPS, WTMD
As of: February 2018
8
8

9. PSP Status of Funding
Highlights PPA Breakdown
Passenger Screening Program (PSP)
• Advanced Technology (AT) X-Ray
• Advanced Imaging Technology (AIT)
• Bottle Liquid Scanner (BLS)
• Boarding Pass Scanner (BPS)
• Credential Authentication Technology (CAT)
• Explosive Trace Detection (ETD)
• Walk Through Metal Detector (WTMD)
Security Technology Integrated Program (STIP)
• Operations and Sustainment
• Machine Learning Project
Test and Evaluation Division
• TSIF Testing & Operations
• Operational & Acceptance Testing
Deployment and Logistics Division
• Deployment of Screening Equipment
• Movement of Screening Equipment
Mission Support Division (MSD)
• Salaries
• Travel, Training, & Supplies
• iShare Development and Sustainment
Office of Requirements and Capabilities Analysis (ORCA)
• Innovation Task Force (ITF)
• Requirements Analysis Division (RAD)
• Intermodal Division (IMD) $ Thousands
As of 09/30/2017
DLD
17%
TED
12%
MSD
10%
PSP
23%
STIP
9%
IMD
4%
RAD
21%
ITF
4%
CHECKPOINT PPA BREAKDOWN
Checkpoint PPA Total: $129.9M
As of: February 2018
9

10. PSP Status of Funding
Fiscal Year (FY) FY18 FY19 FY20 FY21 FY22
Difference (%) between
January 2017 and October 2017
-31.8% -26.9% -26.8% -26.7% -26.5%
*Does not include maintenance costs
$118,292 $120,239 $122,216 $124,222 $126,260
$80,696
$87,903 $89,495 $91,109 $92,749
FY2018 FY2019 FY2020 FY2021 FY2022
FY17 Baseline Budget Reduced Budget
As of: February 2018
10

11. Priority Description
1. Critical Program Operations
Management
Staffing and other critical program costs
2. Critical Maintenance Sustainment of Transportation Security Equipment (TSE) after deployment
3. Screening Equipment
Procurement and deployment of TSE and associated ancillary equipment
needed for airport operations
4. Emerging Threats Urgent projects to quickly address new threats and vulnerabilities
5. Planned Threat Detection Enhancements
Development of planned, incremental enhancements in support of threat
detection capabilities
6. Recapitalization of Equipment Upgrade or replacement of TSE that have reached their end of useful life
7. TSE Capability Enhancements
Development and deployment of TSE system-level enhancements in support
of operational efficiencies
8. TSA-Initiated Equipment Moves
Movement of checkpoint screening equipment in support of TSA-initiated
activities
9. Airport-Initiated Equipment Moves
Movement of checkpoint screening equipment in support of airport-initiated
activities
PSP Funding Priorities
11

12. Credential Authentication Technology
As of: February 2018
112

13. Computed Tomography
TSA has determined an immediate need to procure and deploy Computed Tomography (CT) systems at
high-risk airports. TSA is pursuing a dual-track approach to field CT systems by Fiscal Year (FY) 2019
and to enable CT systems to achieve a higher Accessible Property Screening System (APSS) detection
standard:
To enable the rapid qualification and deployment of CT units:
• Execute AT/CT project under the Advanced Technology (AT) program.
• Begin qualifying CT systems and begin Qualification Testing in FY18.
• Achieve ADE-3 by Q1FY19.
• Begin deployment of 145 CT systems in early FY19; ongoing planning to increase from 145.
Short-Term “AT/CT” Strategy
Long-Term “APSS” Strategy
Concurrently, TSA will stand-up a separate APSS Program to work towards an improved
algorithm and seek ADE-2a by FY19:
• Develop improved algorithms working towards the APSS detection standard to improve upon
current detection.
• Ongoing APSS algorithm development and full requirements/need will be built out under official
program.
The end goal of these tracks is an eventual one-for-one replacement of ATs
with CTs over the next seven to eight years.
As of: February 2018

14. Priority Description
1. Program Operations and Management
 Manage the program (includes staffing, training, equipment testing, and other program
support costs)
2. Equipment to Ensure 100% Screening
Compliance
 Procure and deploy Transportation Security Equipment (TSE) to maintain 100%
screening compliance
3. Critical Operational Projects
 Execute unforeseen and urgent projects to quickly remedy unacceptable safety issues or
security vulnerabilities
4. Fulfillment of Existing Obligations
 Fulfill projects with executed Letters of Intent (LOIs) or Other Transactional
Agreements (OTAs)
 Purchase and install equipment required for those projects
5. Threat Detection Capability
Development
 Develop threat detection algorithms
 DOES NOT include the deployment of these capabilities
6. Recapitalization or Upgrade of
Equipment Due for Useful Life
Replacement
 Replace or upgrade aging machines that have reached the end of useful life
 Deploy new threat detection algorithms and Risk Based Security (RBS) capabilities
 Upgrade network equipment in support of capability enhancements
7. System-Level Capability and
Operational Efficiencies (SLCOE)
 Develop and deploy EDS system improvements to increase EDS lifespan, create
efficiencies, and decrease alarm rates
8. Airport-Level Capability and
Operational Efficiencies (ALCOE)
 Install new in-line systems
 Implement Checked Baggage Inspection Systems (CBIS) improvements to facilitate
Planning Guidelines and Design Standards (PGDS) compliance
 Implement CBIS infrastructure enhancements to enable RBS capabilities
9. Reimbursement of Systems Completed
without a TSA Funding Agreement
 Reimburse airport operators who had a reasonable expectation of reimbursement for
costs incurred while developing and/or deploying in-line systems in the absence of an
LOI or OTA funding agreement with the Transportation Security Administration (TSA)
EBSP Funding Priorities
As of: February 2018
14

15. CBTD
82%
$205M
STIP
1%
$2.5M
DLD
10%
$25M
TED
7%
$17.5M
FY17 EDS PPA Capital Funds ($250M)
Source: OSC FY17 Spend Plan
CBTD
84%
$210M
DLD
10%
$25M
TED
6%
$15M
FY18 EDS PPA Capital Funds ($250M)
Source: OAPM FY18 Project Based Budget - 10/24/2017
As of: February 2018
EBSP FY Breakdown – Capital Funds
15

16. CBTD
37%
$6.9M
DLD
23%
$4.3M
MSD
14%
$2.6M
TED
26%
$4.9M
EBSP Projected Proportion
FY18 EDS PPA Discretionary Funds ($18.7M)*
Source: OAPM FY18 Project Based Budget - 10/24/2017
CBTD
10%
$8.3M STIP
6%
$5M
DLD
4%
$3.3M
IMD
28%
$23.2M
MAD
16%
$13.3M
MSD
27%
$22.4M
TED
9%
$7.4M
FY17 EDS PPA Discretionary Funds ($82.9M)
Source: OSC FY17 Spend Plan
*Does not include MAD, IMD, STIP, and $16M of staff salary funding.
As of: February 2018
EBSP FY Breakdown – Discretionary
16

17. Cybersecurity
Projects Path Forward
The Security Technology Integrated Program (STIP) was established to provide safer and faster communication of
data collected from Transportation Security Equipment (TSE) devices to the TSA Network (TSANet). However,
following the Office of Personnel Management (OPM) breaches in June 2015, TSEs were disconnected from
TSANet. To address security concerns, DHS/TSA mandated nine requirements that must be met, for legacy
devices, prior to reconnecting to TSANet.
Background:
Current State:
Each TSE device is transforming into distinct programs; therefore, how cybersecurity is implemented and
documented for these devices will change.
• The devices will fall under distinct security boundaries and will no longer be able to leverage STIP’s security
documentation and Authority to Operate (ATO).
• TSE programs will have to implement cybersecurity requirements to connect to STIP and to obtain an ATO for
new system boundaries.
• Each program must adhere to Federal Information System Modernization Action (FISMA) requirements to ensure
a compliant and secure cyber posture.
Although each program will have a process to meet established requirements
and become compliant, protecting the endpoint remains an ongoing challenge.
A secure endpoint is paramount to cybersecurity:
• The endpoint is categorized as each individual device located at
the checkpoint.
• Safeguard the data from breaches and losses during disruptions
• Protect the device from unauthorized use
Additionally, as programs identify their boundaries, complying with FISMA
regulations will create more challenges for program compliance as programs
will be implementing these new requirements for the first time.
To remediate the current challenge, certain cybersecurity measures will occur:
• Develop System Security Plan (SSP): to establish system requirements,
configurations, roles and responsibilities, identify what security controls to
implement
• Map National Institute of Standards and Technology (NIST) Security
Control: to perform a mapping of the nine mandated DHS/TSA
requirements to NIST security controls for each TSE in order to pave the
way for compliance with NIST standards at the TSE level
• Initiate Repeatable Authority to Operate (ATO) Process: to adhere to the
six-step Risk Management Framework process, which is designed to build
information security capabilities into the system beginning with risk
categorization and ending with continuously monitoring security controls to
measure effectiveness
• Aggressive Approach for Plan of Action & Milestone (POA&M)
Closure: to eliminate outstanding risks and vulnerabilities affecting the
system, and finalize Office of Inspector General (OIG) POA&M
recommendations to enhance the cybersecurity posture
Overview
As of: February 2018
17

18. Technical Challenges
Phase
FY18 FY19 FY20 FY21 FY22
Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4
ITAR
1. Develop tailored ITAR process & add
to Acquisition Plan
Planning
2. Initiate working group & define scope
of effort
3. Request & obtain resources (ISSOs)
Discovery
4. Define and map FISMA boundaries
& applicable cyber controls
5. Incorporate cyber into program
requirements
Executing
6. Conduct security audit
7. Manage compliance (continuous
monitoring)
OIT and OAPM developed an MOU to manage cyber compliance with the Federal Information Technology Acquisition Reform Act (FITARA).
MOU Principles Goal
Manage IT-designated programs, and the imbedded
IT elements of non-IT designated programs of
record, to ensure the IT investments of TSA meet
cybersecurity requirements.
Key Stakeholders
Cyber Compliance Roadmap
1. Work with OIT and STIP to define Federal Information
Security Management Act (FISMA) boundaries and
applicable cyber requirements
2. Obtain Authority to Operate (ATO) and manage compliance
3. Submit all procurement packages through the Information
Technology Acquisition Review (ITAR) process
• OIT’s Enterprise Architecture Division (EAD)
• OIT’s Information Assurance Division (IAD)
• IT/Cyber Working Groups
• Information System Security Officers (ISSOs)
• OAPM’s STIP Program Manager
Key
With leadership support, this milestone
may be condensed
Current Date
ATO
Milestone
• Cybersecurity capabilities are limited by current EDS architecture
• Additional requirements will need to be met and security reviews will be required when: (1) identified during continuous monitoring, (2) systems begin connecting to the STIP network, and (3) new
legislation is enacted
As of: February 2018
Cybersecurity

19. • Cybersecurity compliance for non-traditional TSEs, since many were not
built with security as a priority
• DOMAIN contract is currently in transition, leading to uncertainty and
delays in the connectivity development timeline
• A gap in technical skills to effectively, and at full value, communicate
technical intentions with the Integrator
• Funding for concurrent deployment is a concern, since it directly affects
connectivity forecasts
Projects
• Secure DOMAIN contract, which will enable DME exercises to move
forward
• Use DOMAIN pilot phase to define the connectivity model process for all
TSEs (legacy and new)
• Secure funding for machine deployment, as well as for scaling O&M
support services
Path Forward
Each TSE and endpoint has different requirements and standards. As such, the development, modernization, and
enhancement (DME) to existing legacy systems will need new interfaces to be developed to establish their
respective communication protocols, data standards, network and data exchange formats.
Development,
Modernization, and
Enhancement
Deployment
Overview
Connectivity
In order to physically implement and deploy devices at airports, O&M support services must be scaled up to
accommodate the additional devices. In addition, as new endpoints are connected, the infrastructure to support the
increased load must be evaluated and improved as necessary, as existing infrastructure may not be able to handle
the new levels of connected devices.
As of: February 2018
19

20. 0
2000
4000
6000
8000
10000
12000
14000
16000
FY19 FY20 FY21 FY22 FY23 FY24
NumberofTSE
Connectivity Date
STIP-TSE Connectivity Forecast
AIT AIT-2 ASL CAT ETD(CSID) WTMD CT ETD(CBTD) EDS
IAD Pilot
As of: February 2018
TSE Connectivity Forecast
20

21. T&E Enhancement Initiatives
Where We
Are Today
Inconsistent levels of system maturity and the inability of TSE to meet defined
requirements have led to a cyclical “test-fix-retest” loop, resulting in acquisition delays
and increased costs.
Minimized Delays
Creates standardized
processes for engaging
vendors throughout the
acquisition lifecycle to
address potential issues
early on.
Expedited Testing
Uses existing data to
augment test events and
potentially reduce the total
amount of test runs required.
Increased Capacity
Expands testing capacity
by further integrating
agency efforts with
industry and government
partners.
Opportunities to Enhance
Testing
1. External Testing
Expedite/supplement TSA
testing by accepting
vendor and/or Third Party
Agent test data.
The Potential Impacts
3. Modeling & Simulation
(M&S)
Use accredited M&S to
augment live testing and
support evaluations that
cannot be assessed in a live
environment.
2. Data Sharing
Avoid duplication by
leveraging existing test data
through data sharing
agreements with
international government
entities.
4. Adaptable Testing
Flexible testing processes
that allows for a better
understanding of system
capabilities prior to entering
formal OT.
As of: February 2018
21

22. As of: February 2018
Industry Engagement
22