The Transportation Security Administration (TSA) this month is completing a strategic document for 2013 to 2016 that maps out its goals in four key areas, including more rapidly getting new capabilities into the field to improve the overall effectiveness and efficiency of users, according to the head of the agency’s technology office.
The key goal areas include accelerating the process of delivering new capabilities to users, maturing business processes in order to make better investment decisions that support risk-based security, supporting risk-driven opportunities to provide effective and efficient security, and working with various partners through the capabilities life-cycle to increase mission effectiveness, says John Sanders, assistant administrator for the Office of Security Capabilities and Chief Technology Officer.
The goals document, which is in the final approval stages with a public release likely in July, is one of three strategic plans that TSA is working on as part of its strategic planning process. The other two are a research, development, test and evaluation (RDT&E) plan and a strategic workforce plan, Sanders says.
To more quickly field capabilities, TSA is considering among other things hosting prize competitions, within TSA and outside of the agency, to get ideas for this, Sanders says. The agency is also considering “grand challenges” in conjunction with the Department of Homeland Security Science and Technology Directorate, he says.
Getting capabilities into the hands of Transportation Security Officers more quickly is important for dealing with adversaries that are constantly adapting to the security environment, Sanders says.
TSA is also looking at ways to shorten its test and evaluation process, which sometimes takes up to 18 months to go through, Sanders says. While the process needs to ensure “effective and suitable” capabilities, Sanders says that using third parties in the process would lead to lower costs and help identify issues sooner in the process.
Sanders also says that in development testing, as opposed to testing leading to certification of a system, TSA plans to have a more transparent process by allowing vendors to be present so they can learn about issues and concerns.
As for more mature business processes, TSA wants to use analysis and data to better inform its decisions. For example, the agency is looking at a framework to better determine the right mix of spending and then conduct tradeoffs between capabilities.
To better focus its opportunities, TSA needs to better write its requirements, Sanders says. These requirements need to be written to enable industry to “innovate” and then bring these capabilities into the government faster, he says.
While the PreCheck program is currently TSA’s marquis risk-based security program, the agency is looking to bring risk-based security to things like checked baggage screening, air cargo, and behavior detection, Sanders says.
The fourth goal is about “standardization and the reduction of complexity,” Sanders says. For example, having a common graphical user interface for explosive detection systems to reduce training costs and allow TSOs to move between systems supplied by different vendors, he says.
This goal also entails having stronger collaboration with industry and international partners, Sanders says. In late June TSA was planning to host a threat briefing with some of its key vendors at the Secret level to ensure they are aware of the threat the agency is facing, he says.
R&D Strategy
Sanders spoke during a webinar hosted by the Homeland Security Advanced Research Projects Agency (HSARPA) to discuss TSA’s new R&D strategic plan. The plan was created in conjunction with HSARPA, which is working on R&D plans with each of the operational components of DHS (HSR, May 8). HSARPA is focused on developing solutions and capabilities that can be deployed within one to three years, says Paul Benda, director of the agency within S&T.
The Aviation Security R&D Strategy is broken into five areas, including risk-based security, checkpoint, checked baggage, behavioral-based screening, and emerging threat characterization.
For any of TSA’s risk-based security programs, the agency is interested in developing risk scores for individuals and being able to “map” that score to dynamically alter how an individual and their bags are screened, Benda says. That includes checked bags, he says.
Risk scoring isn’t easy, Benda says. Predictive analytics will be a key technology in helping to identify risk levels, he says. Ways to integrate risk assessments into the screening process are also important aspects of R&D here, Benda says.
TSA currently has a goal to get 50 percent of the population that travels by air into risk-based security programs by the end of 2014, Sanders says.
Improving throughput while maintaining security effectiveness is an important part of the checkpoint focus, Benda say. TSA staffing levels are expected to remain constant in the coming years even as air travel increases, he points out.
TSA will be relying on more effective screening algorithms and hardware that can be upgraded to detect evolving threats, Benda says. Seconds count in getting people through checkpoints and the agency wants systems that minimize passengers having to divest various items before they proceed through the screening lanes, he says. These systems also need to become more sensitive and be more selective, he adds.
In the area of checked baggage screening, HSARPA and TSA are looking for better ways to train TSOs, such as offering a capability similar to threat image projection used for training screeners using X-Ray systems to peer into carry-on bags at checkpoints, Sanders says. The agency is also looking for ways to decrease the number of manual inspections that have to be done on checked bags as well as the time it takes to resolve alarms on-screen.
HSARPA is also interested in technologies such as video analytics that can be used as a trigger for Behavior Detector Officers (BDO) to pay more attention to a passenger, Benda says.
Questions about the effectiveness of BDOs have been raised by the Government Accountability Office, members of Congress, and outside observers. Sanders says TSA’s behavior detection program is an “effective and integral” component to a layered security strategy.
Eric Houser, who heads the Explosives Division within HSARPA, says that S&T conducted a validation study of the program that recorded 90,000 encounters between BDOs and passengers. The results show that BDOs are nine times more likely than random measures to identify risk-related behaviors, he says.