NHB 1620.3C NASA Security Handbook


NASA                                        NHB 1620.3C, (PART 5)

HANDBOOK                         Effective Date  February 1, 1993

_________________________________________________________________



Responsible Office: JL



Subject:  NASA Security Handbook (PART 5 of 5)





PREFACE



APPENDIX M:   SECURITY LIGHTING





1.   REQUIREMENTS



     a.   Security lighting needs at each NASA Installation or

          facility depend on each situation and area to be

          protected.  Each situation requires careful study to

          provide the best visibility practical for security

          duties, such as identification of badges and people

          at gates, inspection of vehicles, prevention of

          illegal entry, detection of intruders outside and

          inside of buildings and other structures, and

          inspection of unusual or suspicious circumstances.



     b.   When such lighting is impractical, additional

          security posts, patrols, sentry dog patrols, or

          other security means may be necessary.



     c.   Lighting should not be used as a deterrent only.  It

          should be used on a perimeter fence line only where

          the fence is under continuous or periodic

          observation.



     d.   Lighting may be desirable for those sensitive areas

          or structures within the perimeter (property lines)

          that are under specific observation.  Such areas or

          structures include pier and dock areas, launch or

          test pads, vital buildings, storage areas, and

          vulnerable control points in communications, power,

          and water distribution systems.  In interior areas

          where night operations are conducted, adequate

          lighting of the area facilitates detection of

          unauthorized persons approaching or attempting

          malicious acts within the area.



2.   CHARACTERISTICS



     a.   Lighting is inexpensive to maintain and, when used

          properly, may reduce the need for security forces. 

          It may provide personal protection for security

          forces by reducing the advantages of concealment and

          surprise for a determined intruder.  Security forces

          thus relieved may be used to better advantage

          elsewhere.



     b.   Security lighting usually requires less intensity

          than work lighting, except for identification and

          inspection at portals and in emergencies.  Each

          Installation or facility presents its particular

          problem based on physical layout, terrain,

          atmospheric and climatic conditions, and protective

          requirements.  Data are available from the

          manufacturers of lighting equipment that will assist

          in designing a lighting system.  Included in these

          data are:



          (l)       Descriptions, characteristics, and

                    specifications of various incandescent,

                    arc, and gaseous discharge lamps;



          (2)       Lighting patterns of various luminaries;



          (3)       Typical layouts showing the most efficient

                    height and spacing of equipment; and



          (4)       Minimum protective lighting intensities

                    required for various applications.



3.   RESPONSIBILITY 



     a.   Each NASA security manager must determine perimeter

          lighting needs depending on the threat, perimeter

          extremities, surveillance capabilities, and the

          available security forces.  Protective lighting must

          be designed to effect the following:



          (l)       To discourage unauthorized entry;



          (2)       To detect intruders approaching or

                    attempting to gain entry into protected

                    areas;



          (3)       To operate continuously during periods of

                    reduced visibility; and



          (4)       To maintain and periodically test for use

                    during times of emergency, to include

                    standby lighting.



4.   PLANNING CONSIDERATIONS



     In planning a protective lighting system, the security

     manager must give specific consideration to the following

     areas:



     a.   Cleaning and replacement of lamps and luminaries,

          particularly with respect to costs and means (such

          as ladders and mechanical buckets), ensuring

          required equipment is available.



     b.   Advisability of including mercury and photoelectric

          controls.



     c.   The effects of local weather conditions on various

          types of lamps and luminaries.



     d.   Fluctuating or erratic voltages in the primary power

          source.



     e.   Requirement for grounding of fixtures and the use of

          a common ground on an entire line to provide a

          stable ground potential.



     f.   Establishment of a ledger to maintain a burning-time

          (80 percent) record based on the life expectancy of

          the lamp.  The ledger should contain the following

          as a minimum:



          (l)       Type and wattage of lamp;



          (2)       Area, facility, or utility pole used;



          (3)       Date of insertion; and



          (4)       Programmed date (based on life expectancy)

                    for extraction.



     g.    Security Areas



          (1)       All security areas should have protective

                    lighting on a permanent basis at perimeter

                    and access control points.  The lighting

                    must be positioned to prevent the

                    following:



               (a)       Temporarily blinding the guards with

                         glare.



               (b)       Silhouetting or highlighting the

                         guards.



          (2)       Lighting in these areas must be under the

                    control of the security force.



          (3)       The perimeter band of lighting must provide

                    a minimum intensity of .2 foot candles,

                    measured horizontally 15.24cm/6 inches

                    above ground level, at least 9.144m/ 30

                    feet outside the security area barrier. 

                    Lighting inside security areas should be of

                    sufficient intensity to enable detection of

                    persons in the area.  Lighting at entrance

                    control points must be of sufficient

                    intensity to enable guards to compare and

                    identify bearers and badges.



          (4)       Protective lighting systems should be

                    operated continuously during hours of

                    darkness.



          (5)       Protective lights should be used so that

                    the failure of one or more lights will not

                    affect the operation of remaining lights.



5.   PRINCIPLES OF PROTECTIVE LIGHTING



     Protective lighting should enable security force

     personnel to observe activities around or inside an area

     without disclosing their presence.  Adequate lighting for

     all approaches to an area not only discourages attempted

     unauthorized entry, but also can identify persons within

     the area.  However, lighting should not be used alone. 

     It should be used with other measures such as fixed

     security posts or patrols, fences, and alarms.  Other

     principles of protective lighting are listed below:



     a.   Good protective lighting is achieved by adequate,

          even light upon bordering areas, glaring lights in

          the eyes of the intruder, and relatively little

          light on security patrol routes.  In addition to

          seeing long distances, security forces must be able

          to spot an intruder who may be exposed to view for

          only a few seconds.  All of these abilities are

          improved by higher levels of brightness.



     b.   In planning protective lighting, higher brightness

          to contrast between intruder and background is an

          important consideration.  When the same amount of

          light falls on an object and its background, the

          observer must depend on contrasts in the amount of

          light reflected to discern an intruder's silhouette. 

          More light is needed to produce the same brightness

          around Installations and buildings with

          predominantly dark, dirty surfaces than when clean

          concrete, light brick, or grass predominate.  



     c.   When the intruder is darker than his background, the

          observer sees primarily the outline or silhouette. 

          Intruders who depend on dark clothing and even

          darkened face and hands may be foiled by using light

          finishes on the lower parts of buildings and

          structures.  Stripes on walls have also been used

          effectively because they provide recognizable breaks

          in outlines or silhouettes.

 

     d.   Two basic systems or a combination of both may be

          used to provide practical and effective lighting. 

          The first method is to light the boundaries and

          approaches.  The second is to light the area and

          structures within the general boundaries of the

          property.

          

6.   TYPES OF LIGHTING



     The type of lighting system to be used depends on the

     overall security requirements of the area concerned. 

     Lighting units of four general types are used for

     protective lighting systems: continuous, standby,

     movable, and emergency.



     a.   Continuous lighting (stationary luminary) is the

          most common protective lighting system.  It consists

          of a series of fixed luminaries arranged to flood a

          given area continuously during the hours of darkness

          with overlapping cones of light.  Two primary

          methods of employing continuous lighting are glare

          projection and controlled lighting:



          (1)       The glare projection lighting method is

                    useful where the glare of lights directed

                    across surrounding territory will not be

                    annoying nor interfere with adjacent

                    operations.  It is a strong deterrent to a

                    potential intruder because it makes it

                    difficult to see the inside of the area. 

                    It also protects the guards by keeping them

                    in comparative darkness and enabling them

                    to observe intruders at considerable

                    distances beyond the perimeter.  Glare

                    protection perimeter lighting may  be

                    inappropriate in some instances.



          (2)       Controlled lighting is best when it's

                    necessary to limit the width of the lighted

                    strip outside the perimeter because of

                    adjoining property or nearby highways,

                    railroads, navigable waters, or airports. 

                    In controlled lighting, the width of the

                    lighted strip can be controlled and

                    adjusted to fit the particular need, such

                    as illumination of a wide strip inside a

                    fence and a narrow strip outside; or

                    floodlighting a wall or roof.  But this

                    method of lighting often illuminates or

                    silhouettes security personnel as they

                    patrol their routes.



     b.   Standby lighting.  The layout of this system is

          similar to continuous lighting.  However, the

          luminaries are not continuously lighted, but are

          either automatically or manually turned on by the

          security force or alarm systems when suspicious

          activity is detected.



     c.   Movable lighting.  This type of system consists of

          manually operated, moveable searchlights that may be

          either lighted during hours of darkness or lighted

          only as needed.  The system normally is used to

          supplement continuous or standby lighting.



     d.   Emergency lighting.  This system may duplicate any

          or all of the above systems.  Its use is limited to

          times of power failure or other emergencies that

          render the normal system inoperative.  It depends on

          alternative power sources, such as installed or

          portable generators or batteries.



7.   OTHER LIGHTING



     a.   Fenced Perimeters



          (1)       Isolated fenced perimeters are fence lines

                    around areas where the fence is 30.48m/100

                    feet or more from buildings or operating

                    areas, and the approach area is clear of

                    obstruction for 30.48 m/100 feet or more

                    outside the fence and is not used by other

                    personnel.  Both glare protection and

                    controlled illumination are accepted for

                    these perimeters. Patrol roads and paths

                    should be kept unlighted.



          (2)       Semi-isolated fenced perimeters are fence

                    lines where approach areas are clear of

                    obstructio for18.288m/60 feet to 30.48m/100

                    feet outside the fence, and the general

                    public or Installation personnel seldom

                    have reason to be in the area.  Patrol

                    roads and paths should be kept in relative

                    darkness.



          (3)       Nonisolated fence perimeters are fence

                    lines immediately adjacent to operating

                    areas within the Installation or other

                    Installations, or to public thoroughfares,

                    where outsiders or Installation personnel

                    may move about freely in the approach area. 

                    The width of the lighted strip in this case

                    depends on the relative clear zone inside

                    and outside the fence.  It may not be

                    practical to keep the patrol area dark.



     b.   Building face perimeters consist of faces of

          buildings on or within 6.09m/20 feet of the property

          line or area to be protected, and where the public

          may approach the buildings.  Security forces may be

          stationed inside or outside the buildings.  Doorways

          or other insets in the buildings' face should

          receive special attention for lighting to eliminate

          shadows.



     c.   Active entrances for pedestrians and vehicles should

          have two or more lighting units with adequate

          illumination for recognition of persons and

          examination of credentials.  All vehicle entrances

          should have two lighting units positioned to

          facilitate complete inspection of passenger cars,

          trucks, and freight cars, as well as their contents

          and passengers.  Semi-active and inactive entrances

          should have the same degree of continuous lighting

          as the remainder of the perimeter, with standby

          lighting of sufficient illumination to be used when

          the entrance becomes active.  Gate houses at

          entrances should have a low level of interior

          illumination to enable guards to see better,

          increase their night vision adaptability and avoid

          making them targets.



          (l)       Open yards (defined as unoccupied land

                    only) and outdoor storage spaces should be

                    illuminated as follows:



               (a)       An open yard adjacent to a perimeter

                         should be illuminated in accordance

                         with the illumination requirements of

                         the perimeter.  Where lighting is

                         deemed necessary in other open yards,

                         illumination should not be less than

                         .2 foot candles at any point.



               (b)       Lighting units should be placed in

                         outdoor storage spaces to provide an

                         adequate distribution of light in

                         aisles, passageways, and recesses to

                         eliminate shadowed areas where

                         unauthorized persons may conceal

                         themselves.



          (2)       Piers and docks located on an Installation

                    should be safeguarded by illuminating both

                    water approaches and the pier area.  Decks

                    on open piers should be illuminated to at

                    least 1.0 foot candles and the water

                    approaches to at least .5 foot candles. 

                    The area beneath the pier floor should be

                    lighted with small wattage floodlights

                    arranged to the best advantage with respect

                    to piling.  Movable lighting capable of

                    being directed as required by the guards is

                    recommended as  part of the protective

                    lighting system for piers and docks.  The

                    lighting must not in any way violate marine

                    rules and regulations.  The U.S. Coast

                    Guard should be consulted for approval of

                    proposed protective lighting adjacent to

                    navigable waters.



          (3)       Critical structures and areas should be the

                    first consideration in designing protective

                    fencing and lighting.  Power, heat, water,

                    communications, explosive materials,

                    critical materials, delicate machinery,

                    areas where highly classified material is

                    stored or produced, and valuable finished

                    products need special attention.  Critical

                    structures or areas classified as

                    vulnerable from a distance should be kept

                    dark, and those that can be damaged close

                    at hand should be well lighted.  The

                    surroundings should be well lighted to

                    force an intruder to cross a lighted area,

                    and any walls should be lighted to a height

                    of 24.4384m/8 feet to facilitate silhouette

                    vision.



8.   WIRING SYSTEMS 



     Both multiple and series circuits may be advantageous in

     protective lighting systems, depending on the type of

     luminary used and other design features of the system. 

     The circuit should be arranged so that failure of any one

     lamp will not leave a large portion of the perimeter line

     or a major segment of a critical or vulnerable position

     in darkness.  Connections should be such that normal

     interruptions caused by overloads, industrial accidents,

     and building or brush fires will not interrupt the

     protective system.  In addition, feeder lines should be

     located underground to minimize the possibility of

     sabotage or vandalism from outside the perimeter.  The

     design should provide for simplicity and economy in

     system maintenance and should require a minimum of

     shutdowns for routine repairs, cleaning, and lamp

     replacement.  It is necessary in some instances to

     install a duplicate wiring system.



9.   MAINTENANCE



     a.   Periodic inspections should be made of all

          electrical circuits to replace or repair worn parts,

          tighten connections, and check insulation. 

          Luminaries should be kept clean and properly aimed.



     b.   Replacement lamps can be used in less sensitive

          locations.  The actuating relays on emergency lines,

          which remain open when the system is operating from

          the primary source, need to be cleaned frequently

          since dust and lint collect on their contact points

          and can prevent their operation when closed.



     c.   The intensity of illumination and specification for

          protective lighting for fences or other

          antipersonnel barriers should meet the minimum

          requirements.



10.  POWER SOURCES



     Power sources should meet the following criteria:



     a.   Primary - usually a local public utility.



     b.   Alternate - the following should be provided:



          (l)       Standby batteries or gasoline-driven

                    generators may be used.



               (a)       If cost-effective, a system should

                         start automatically upon failure of

                         outside power.



               (b)       Must ensure continuous lighting.



               (c)       May be inadequate for sustained

                         operations; therefore, additional

                         security precautions must be

                         considered.



               (d)       Tested to ensure efficiency and

                         effectiveness.  The frequency and

                         duration of the test depend on the

                         following factors:         



                     i.       Mission and operational factors.



                    ii.       Location, type, and condition of

                              equipment.



                    iii.      Weather (temperature affects

                              batteries very strongly).



          (2)       Located within a security area for

                    additional security.



          (3)       Generator or battery-powered portable

                    and/or stationary lights.



               (a)       For use in a complete power failure.



               (b)       Includes alternate power supply.



               (c)       Available at designated control points

                         for security personnel.



     c.   Security is a must.



          (l)       Starts at the points where feeder lines

                    enter the Installation or activity.



          (2)       Security emphasis goes to sources in terms

                    of mission essential/vulnerable activity.



          (3)       Continual physical security inspections of

                    power sources are required to determine

                    security measures and replacement of

                    equipment.







APPENDIX N:    ARREST AUTHORITY TRAINING CURRICULUM







SUBJECTS  LECTURE   EXAMPLE   TOTAL



Legal Studies33    2   35

     Constitutional Law  

     Criminal Law

     Title 18 U.S. Code

     Laws of Arrest & Detention

     Crimes Against Property

     Crimes Against Persons

     Jurisdiction

     Arrest Authority

     Probable Cause



Search & Seizure         6         2         8



Levels of Force          3                   3



Officer Ethics & Conduct      2                   2



Mechanics of Arrest           6         8          14

     Handcuffing Techniques

     Officer Survival & Safety

     Intermediate Force



Firearms Qualification        2         6           8



Psychology of Human Behavior       4                     4



Preliminary Interviews   2                     2



Terrorist Tactics        2                     2



TOTALS              60        18        78



ADMINISTRATIVE                                    10



GRAND TOTAL                                       88





The selected training contractor will be given latitude in the

formulation of courses to afford the Agency maximum benefit

from the expertise and experience of the instructors. One

concept of what courses should include, but not be limited to,

is as follows:



1.   LEGAL STUDIES



     This block of subjects will define, describe, and discuss

     various aspects of law as they directly apply to officers

     working within the framework of the Arrest Authority (AA)

     program.  The contractor will use the NASA Handbook (NHB)

     as a guide to an appropriate course of study.  The course

     will include two examinations on material presented.



2.   SEARCH AND SEIZURE



     This course will cover the concept, definition, and

     application of legal search without a warrant conducted

     incident to an arrest, and the proper control and

     inventory of property confiscated during that arrest.  It

     will include a 2-hour practical exercise on the safe and

     proper search of persons arrested.



3.   LEVELS OF FORCE



     This course will cover the different levels of force,

     such as Ordinary, Reasonable, and Deadly Force, and their

     application in compliance with NASA policies.



4.   OFFICER ETHICS AND CONDUCT



     This course will discuss the Law Enforcement Code of

     Ethics, the Federal Employees Code of Ethics, and the

     NASA Employees Code of Ethics and Conduct, as they apply

     to persons with AA.



5.   MECHANICS OF ARREST



     This course includes lectures and demonstrations of

     procedures and techniques necessary to effect a safe

     arrest.  It will cover subjects such as handcuffing,

     take-downs, control holds, and officer safety.  The 8-

     hour practical exercise and evaluation included gives

     students hands-on practice in these techniques.



6.   FIREARMS QUALIFICATION



     This course presents a 2-hour review of proper use of

     firearms and requires students to demonstrate their

     proficiency with handguns during a 6-hour practical

     exercise on a live-fire range.



7.   PSYCHOLOGY OF HUMAN BEHAVIOR



     The course discusses different types of human behavior

     and personalities, including their potential reactions to

     stressful and traumatic conditions.



8.   PRELIMINARY INTERVIEWS



     The course will cover the importance of knowing when and

     how  and who is to conduct an interview incident to an

     arrest and interviewing and report-writing techniques.



9.   TERRORIST TACTICS



     The course introduces the student to contemporary

     domestic terrorism threats from right- or left-wing

     groups or individuals and provides specifics of the

     domestic threat.



10.  PREREQUISITES



     a.   To preclude injury in strenuous portions of the

          course, students must report in top physical

          condition and maintain that level throughout the

          class.





     b.   Students must be completely proficient with handguns

          and have qualified in a federally accredited "live-

          fire" range program within the past 6 months.



     c.   Students should be trained thoroughly in the job

          specialty to which they will be assigned.



     d.   Because the course is short but intensive, full

          student cooperation is essential. Only persons

          willing and properly motivated to undergo this

          training should attend.  The Head Instructor will

          immediately remove from the course any student

          unwilling or unable to perform.



11.  MISCELLANEOUS



     a.   Class hours will be 50 minutes in length and will

          allow for breaks.



     b.   The normal workday will be 8:00 a.m. to 5:00 p.m. 

          Lunch breaks are 1 hour.



     c.   The first week of the course is a 6-day week with

          classes conducted on Saturday.



     d.   Indoctrination and "in processing" will be held the

          Sunday evening prior to the first Monday morning

          class.



     e.   Graduation is the last hour of the final day of the

          course.



     f.   Absences for reasons other than emergencies are not

          authorized. Students missing classes because of

          emergencies must make up the classes before

          graduating.



     g.   Successful completion of this course is required to

          receive AA. Students failing to complete the course

          may attend a subsequent course at the discretion of

          the funding Field activity and subject to

          availability of space in the class.  This course is

          designed to be "core" training required for everyone

          authorized with AA under the provisions of that

          program.  Additional training may be necessary to

          meet unique requirements for duty at a particular

          Field Installation.  That training is termed

          "Installation specific training" and is the

          responsibility of the Field Installation.







APPENDIX O:   HANDGUN QUALIFICATION COURSE





WEAPON    Revolver or Semiautomatic pistol

TARGETS   B-27 and B-34 silhouettes

TOTAL ROUNDS   60

SCORING   5 point system (maximum score 300)

QUALIFICATION  210 (70 percent)





Stage     I.   (3m/3-yard line) - 6 rounds total.



          1.   Draw and fire 2 rounds in 3 seconds (repeat

               twice).





Stage     II.  (6m/7-yard line) - 6 rounds total.



          1.   Draw and fire 2 rounds center mass, 1 round head

               in five seconds (repeat once).





Stage     III  (6m/7-yard line) - 6 rounds total.



          1.   With weapon in weak hand and in low ready

               position fire 2 rounds center mass with 1 hand

               in 4 seconds (repeat twice).





Stage     IV   (9m/10-yard line) - 12 rounds total.



          1.   Draw and fire 2 rounds in 4 seconds and come to

               low ready position.



          2.   Fire 2 rounds from the low ready position in 3

               seconds.



          3.   Draw and fire 2 rounds, reload and fire 2 rounds

               and reholster (revolvers - 12 seconds,

               semiautomatics - 10 seconds).



          4.        Draw and fire 2 rounds in 4 seconds and

                    come to the low ready position.



          5.   Fire 2 rounds in 3 seconds.





Stage     V    (14m/15-yard line) - 12 rounds total.



          1.   From standing to kneeling position, fire 2

               rounds in 5 seconds.



          2.   Same as above.



          3.   Standing, fire 2 rounds, reload, move to

               kneeling and fire 2 rounds and reholster

               (revolvers - 14 seconds, semiautomatics - 12

               seconds).



          4.   Standing, draw and fire 2 rounds in 5 seconds

               and come to low ready position.



          5.   Fire2 rounds in 3 seconds.





Stage     VI   (23m/25-yard line) - 12 rounds total.



          1.   Standing, draw and fire 2 rounds from left side

               of barricade in 5 seconds.



          2.   Standing, draw and fire 2 rounds from the right

               side of barricade in 5 seconds.



          3.   Standing to kneeling, fire 2 rounds from the

               left side of barricade, reload and fire 2 rounds

               from right side of barricade  (revolvers - 15

               seconds, semiautomatics - 12 seconds).



          4.   Standing to prone, fire 2 rounds in 10 seconds.



          5.   Same as paragraph 2 above.





Stage     VII  (46m/50-yard line) - 6 rounds total



          1.   Standing, fire 2 rounds from barricade in 8

               seconds.



          2.   Standing to kneeling, fire 2 rounds from

               barricade in 10 seconds.



          3.   Standing to prone, fire 2 rounds in 12 seconds.







APPENDIX P:    MISSING/STOLEN GOVERNMENT PROPERTY REPORT





1.   GOVERNMENT CUSTODIAN 



     (a)       Month/Year, e.g., 1/90. 



     (b)       NASA #., e.g., 129888. 



     (c)       Item, e.g., IBM Model 80 CPU. 



     (d)       Value, e.g., $5,800. 



     (e)       Source, e.g., Survey Rep. or telephone. 



     (f)       Value Recovered, e.g., $5,800. 



     (g)       Value Loss, e.g., $0.00. 

     

     (h)  Investigative Time, e.g., 10 man-hours. 



     (i)       Cumulative Value, e.g., 5,800. 



     (j)       Cumulative Value Recovered, e.g., $5,800. 



     (k)       Cumulative Value Loss, e.g., $0.00. 



     (l)       Cumulative Investigative Time, e.g., 10 man-

hours.



2.   BASE OPERATING CONTRACTOR CUSTODIAN



     (a)       Month/Year, e.g., 1/90. 



     (b)   NASA #., e.g., 134111.



     (c)       Item, e.g., Portable Power Generator. 



     (d)       Value, e.g., $9,000. 

     

     (e)       Source, e.g., Telephone or Survey Rep. 



     (f)       Value Recovered, e.g., $0.00. 



     (g)       Value Loss, e.g., $9,000. 



     (h)  Investigative Time, e.g., 3 man-hours. 



     (i)       Cumulative Value, e.g., 9,000. 



     (j)       Cumulative Value Recovered, e.g., $0.00 



     (k)  Cumulative Value Loss, e.g., $9,000. 

     

     (l)  Cumulative Investigative Time, e.g., 3 man-hours.



3.   INSTALLATION MONTH'S CUMULATIVE TOTALS



     (a)       Cumulative Value, e.g., $14,800. 



     (b)       Cumulative Value Recovered, e.g., $5,800. 



     (c)       Cumulative Value Loss, e.g., $9,000. 



     (d)       Cumulative Investigative Time, e.g., 13 man-

hours. 



     (e)       Investigative Time, e.g., 13 man-hours.







APPENDIX Q:   NASA SERIOUS INCIDENT REPORT FORMAT





TO:  J/Associate Administrator for Management Systems and

     Facilities

     J/Deputy Associate Administrator for Management Systems

     and Facilities

     JI/Director, Logistics, and Security Division

     JIS/Chief, NASA Security Office



FROM:     Installation Security Chief



SUBJECT:       NASA Threat and/or Incident Report



1.   Recipient evaluation of threat/incident criticality

     (SIGNIFICANT - IMPORTANT - ROUTINE).



2.   Date/Time report was received by NASA: 



3.   Report received from:  (Name-agency-location-telephone).



4.   Date/Time/Location of Incident:



5.   NASA Installations involved/impacted:



6.   Summary of Threat/Incident:  (Who-What-When-Where-Why-

     How).



7.   Responses to Threat/Incident:



     a.   Actions Completed:  (Including notifications made)

     b.   Action in Progress (Including notifications)

     c.   Actions Pending/Anticipated:  (Including

          notifications)



8.   Employment of Resources:



     a.   NASA (Security Office-IG-AIS Managers-Others)



     b.   Local, State, Federal Agencies



     c.   Note which agency has assumed

          control/responsibility.



9.   Coordination with NASA Public Affairs Office: 

     (Anticipated Media response/ interest).



10.  Actions for NASA Senior Management:



11.  Security comments/evaluation of report/recommendations.



PRIMARY POINT OF CONTACT:







APPENDIX R:   DATA ITEM DESCRIPTIONS (DID)



DATA ITEM DESCRIPTION - 1



TITLE:



SYSTEM ACQUISITION PROTECTION MANAGEMENT PLAN (SAPMP)



DESCRIPTION/PURPOSE:



Outlines and defines the contractor's System Acquisition

Protection Management Program (SAPMP).  The SAPMP describes

the methods used to (l) identify security requirements, (2)

synthesize and evaluate proposed solutions, and (3) provide

security inputs to the system acquisition process. Specific

paragraphs from the preparation instructions below may be

cited to satisfy limited program requirements.



APPLICATION/INTERRELATIONSHIP:



Security Vulnerability Analysis is used with this Data Item

Description (DID) when paragraphs 6b through 6g are cited.



PREPARATION INSTRUCTIONS:



The SAPMP shall include the following:



1.   Applicable Documents.   A list of documents that apply as

     a directive or guidance during execution of the SAPMP.  

     These documents include pertinent legal, regulatory, and

     other published or draft security contract requirements

     applicable to the system under development.  System

     acquisition protection requirements and objectives are

     drawn from these documents.



2.   Purpose.   Self explanatory.  Explain principles and

     approaches applied to the system acquisition protection

     program that are departures from these requirements.



3.   Organization.   Describe the organizational placement and

     manning of the contractor's security and acquisition

     protection management organization.  Use charts or

     diagrams to show organizational and functional

     relationships.



4.   SAPMP.   Describe the activities planned to satisfy

     system acquisition protection program objectives.  Use

     charts and/or diagrams to illustrate the program's

     functional interfaces, engineering and design

     requirements, activity milestones, management process,

     and levels of effort for each program phase.



5.   Program Data Flow.  Illustrate the manner in which basic

     program data flows.  Ensure the system acquisition

     protection organization maintains continuous review of

     all program efforts and makes inputs to decisionmaking

     processes.



6.   System Acquisition Protection Functions.   Describe the

     principal functions and specific tasks to be performed

     and their assignment within the system security and

     acquisition protection organization. Integrate all

     security disciplines tasked in the Statement of Work. The

     following security disciplines should be included as a

     minimum:



     a.   Establishing the Security Requirements and

          Objectives Baseline. Describe how security

          regulations and other program guidance will be

          identified, evaluated, and synthesized into a set of

          system acquisition protection requirements and

          objectives. Illustrate how these requirements and

          objectives will be used to measure the effectiveness

          of security system arrangements and how required

          policy revisions to NASA security programs will be

          processed.  Include applicable information,

          personnel, industrial, operations, product,

          communications, and physical security,

          survivability, anti-terrorism, and

          counterintelligence aspects.



     b.   Threat Analysis.  Describe how the threat analysis

          will be evaluated and integrated, along with

          adversary program objectives.



     c.   Conducting the Adversary Program Analysis and

          Constructing the Preliminary Threat Logic Tree.  

          Describe the technical and analytical methods used

          to identify criteria for success in adversary

          program objectives and to synthesize threat models.

          Scope system security technology research tasks and

          explain how this research will be documented.



     d.   Applying Threat Rejection Logic and Documenting the

          Initial Threat Logic Tree.   Describe how

          quantitative and qualitative values will be

          established for threats and countermeasures and the

          method used to document threat rejection logic.



     e.   Synthesizing Countermeasures.   Describe the process

          by which countermeasures will be synthesized. 

          Explain how this activity and the security system

          synthesis and evaluation task will be coordinated.



     f.   Adversary Vulnerability Measurement.   Describe

          fully the method used to identify and conduct

          quantitative and qualitative analysis of risks

          associated with each adversary program objective. 

          Include the application of candidate countermeasures

          and the manner in which preferred countermeasures

          will be selected and documented.



     g.   Computing and Constructing the Summary Threat

          Matrix. Describe how the completed Threat Logic Tree

          will be analyzed and system security effectiveness

          computed.  Include the method used to document the

          Summary Threat Matrix.



     h.   Integrating Security Functions with the System

          Engineering Process.   Describe the process by which

          security inputs will be applied to system functional

          design, requirements allocation, trade-off study,

          and design specification process.



     i.   Security System Synthesis and Evaluation.   Describe

          the method by which security system hardware,

          facilities, procedures, and personnel subsystems

          will be synthesized and evaluated.  Specify the

          scope and type of research to be conducted of

          existing material.  Include techniques to evaluate

          their applicability to security requirements.



     j.   Test and Evaluation.   Describe the process used to

          identify security test requirements and proposed

          test methods.



     k.   Configuration Control.   Describe the manner in

          which system security engineering efforts will be

          integrated with system configuration control

          activities.  Explain how proposed changes to the

          system will affect security efforts.



     1.   With Other Contractors.   Outline the methods by

          which system acquisition protection efforts of

          associate system contractors, subcontractors, and

          vendors will be integrated within the SAPMP.



     m.   System Installation and Check-out.   Describe how

          SAP, Industrial, and Product Security efforts will

          be coordinated to ensure no security vulnerability

          is created during system installation and check-out.



     n.   Product Security.   Describe how major system

          components/ products will be secured at the

          contractor's assembly plants. Explain the security

          manpower, facilities, equipment and procedures to be

          used.  Include product security interface with

          associate contractors, subcontractors, and vendors.



7.   Other.   Present any other information and

     recommendations determined necessary to satisfy the

     requirements of the Statement of Work.



DATA ITEM DESCRIPTION - 2



TITLE:



PRELIMINARY SYSTEM ACQUISITION PROTECTION CONCEPT (PSAPC)



DESCRIPTION/PURPOSE:



This Data Item Description (DID) is used by the contractor to

prepare the Preliminary System Acquisition Protection Concept

(PSAPC).



APPLICATION/INTERRELATIONSHIP:



Security Vulnerability Analysis is used with this DID when

paragraphs 5f through 5j are cited.



PREPARATION INSTRUCTIONS:



The PSAPC shall include the following information:



1.   Program Data



     a.   Title.  Include the complete PSAPC title.



     b.   Submitting Installation.  List the name and address

          of the NASA Center submitting the report and the

          name and telephone number of a project officer or

          point of contact.



     c.   Contract Citation.  Identify the contract number and

          date as listed by NASA.



     d.   Security Tasks.  Briefly describe major security

          tasks cited in the Statement of Work and related

          contract documents.



     e.   Distribution.  List the names and addresses of

          government organizations and contractors receiving

          copies of this concept.  If necessary, list them in

          an appendix and make reference to it here.



2.   System Concept



     a.   Description.  Briefly describe the system and its

          major components.  Cite separate configurations for

          initial operational capability (IOC) and full

          operational capability (FOC), if different.

     

     b.   Performance Requirements.  Cite the major

          performance and deployment criteria listed in the

          applicable Statements of Work and other related

          contract documents that affect security.



     c.   Reliability and Maintainability.  Identify security

          issues affecting system reliability, logistics

          reliability, availability, and maintainability.



     d.   System Survivability.  Show self-protection

          capabilities or subsystem designs that may enhance

          security (e.g., devices against tampering and

          spoofing, chemical or biological radiation hardness,

          nuclear hardness, nuclear and non-nuclear

          electromagnetic pulse hardness, and use of passive

          detection technology).



     e.   Preplanned Product Improvements.  Describe

          provisions or security implications for subsystem

          growth or improvements such as modifications and

          upgrades.



3.   Security Subsystem Employment Data



     a.   General Employment Description.  Describe how,

          where, when, and what security subsystems will be

          used and how they will be integrated with the

          system(s) they support.



     b.   Management Structure.  Describe the management data

          that must be exchanged.  Explain how security

          subsystems will be integrated into the management

          structure projected to exist when it is deployed.



     c.   Information Systems.  Identify other information

          that must be exchanged between this subsystem and

          other systems, subsystems or components.  Cite the

          expected length of each communication link,

          anticipated flow rate across each link, required

          availability of each link, and so forth.



     d.   Security Subsystem Standardization,

          Interoperability, and Commonality.  Describe

          requirements for joint interface and

          interoperability with existing systems and

          subsystems. Identify procedural and technical

          interface standards incorporated in subsystem

          design.



     e.   Operational Environment.  Describe climatic and

          atmospheric environmental effects and

          considerations.  If applicable, define the chemical

          and biological environment in which equipment must

          function.



4.   Security Subsystem Support



     a.   Maintenance Planning.  Outline the actions, support,

          and documentation necessary to establish maintenance

          concepts and requirements.  Include maintenance

          tasks to be accomplished for on-and-off-equipment

          maintenance; and NASA and contractor mix, workloads,

          and time phasing for depot maintenance.  Explain the

          management strategies for selecting and integrating

          contractor and government furnished equipment.



     b.   Manpower and Personnel.  Outline the projected

          manpower requirements envisioned to support this

          subsystem(s).  Include such items as civil service

          job-series codes and skill levels required and time-

          phased reporting.



     c.   Supply Support.  Show the proposed approach for

          providing initial support and acquiring,

          distributing, and replenishing inventory spares and

          repair parts.



     d.   Support Equipment.  Identify equipment required to

          support this subsystem(s).  Include ground handling

          and maintenance equipment, tools, metrology and

          calibration equipment, and related computer hardware

          and software.



     e.   Training and Training Devices.  Describe the

          training support concept from security subsystem

          design through deployment. Identify the office

          responsible for developing and conducting each phase

          of training.  Show inventory items and training

          devices by projected type, number, use, and

          locations required. Outline initial and recurring

          training requirements by location, type, specialty,

          and fiscal year.



     f.   Computer Resources Support.  Define special computer

          program documentation, related software, source

          data, facilities, hardware, etc., required for

          subsystem support.



     g.   Facilities.  Specify facility, shelter, and housing

          external to system-designed survivability features.



     h.   Packaging, Handling, Storage, and Transportation. 

          Describe the requirements, resources, processes,

          procedures, design considerations, and methods to

          ensure security subsystems are properly preserved,

          packaged, handled, and transported.



     i.   Related Support Factors.  Describe those pertinent

          support factors, considerations, or requirements not

          covered elsewhere, but deemed important to the

          effectiveness of the security system.



5.   General Provisions for System Security.  Address the

     following security issues relative to overall system

     deployment and operation:



     a.   Threat Assessment.  Address security threats to the

          system for design, development, and production at

          IOC and throughout its projected life.  Include

          foreign government capabilities, peace and wartime

          threats, and system-unique vulnerabilities.  Make

          reference to government threat documents.  In

          addition, cite requirements for threat analysis and

          security vulnerability assessments.



     b.   Security Force and Procedural Requirements.  These

          apply to operations in support of the physical

          security program.



     c.   Security Personnel, Facility, and Equipment

          Requirements.  Expressed in the quantities, type,

          and configuration necessary to support the system

          when deployed.



     d.   Emergency Security Response Planning.  Reflects the

          general design of the security force posture

          calculated to produce the greatest invulnerability

          to terrorism, sabotage, overt, and covert

          penetration.  It is supported by the threat and

          vulnerability assessments cited in 5a, above.  In

          addition, briefly describe how a security reporting

          and alerting system will be implemented.



     e.   Security Priorities for all Applicable Systems and

          Components. Include security priorities for all

          operational phases, including maintenance.  Explain

          how waivers, exceptions, and variances to security

          criteria will be identified, submitted, approved,

          and corrected.



     f.   Security Requirements from Related Security

          Disciplines. Include applicable information,

          personnel, product, industrial, operations,

          communications and electronic security and

          survivability, anti-terrorism and

          counterintelligence aspects.



     g.   Facility and Equipment Requirements.  The following

          items   are incorporated into the system to support

          system security: 



          (l)       The security control facility, surveillance

                    and control facility, security force

                    response facility, and entry control

                    facilities.



          (2)       Barrier systems and warning signs.



          (3)       Alarm annunciation and display equipment.



          (4)       Security force armament and duty equipment.



          (5)       Security force communications.  Include

                    fixed, portable and landline requirements.



          (6)  Interior and exterior intrusion detection

               systems.



     h.   Personnel Standard.   Identifies security force

          requirements for normal operations.



     i.   Security Force Logistics and Material Requirement. 

          Includes vehicles and associated equipment, special

          purpose equipment, training aids, tool kits,

          nonstandard armament, and so forth.



     j.   System Entry Control Requirements for All Restricted

          Areas. Includes:



          (l)       General criteria and unique requirements

                    for entry control.



          (2)       Qualification requirements for the various

                    categories of people who must enter.



          (3)  Personnel clearance and investigative

               requirements.



          (4)  Special training or briefing and debriefing

               requirements.



          (5)       Authentication and duress code techniques

                    and procedures.



          (6)       Dispatch Control Procedures.  Unattended or

                    minimally staffed locations.



          (7)       Description.   Badge system, emergency

                    procedures, and personnel escort

                    requirements.



DATA ITEM DESCRIPTION - 3



TITLE:



SECURITY VULNERABILITY ANALYSIS



DESCRIPTION/PURPOSE:



Provides the result of contractor's actions in quantitatively

and qualitatively defined system security functional

requirements and residual security vulnerabilities.  It will

be classified no lower than Secret NOFORN or Secret Restricted

Data, as applicable.



APPLICATION/INTERRELATIONSHIP:



This Data Item Description (DID) contributes to the

survivability/ vulnerability analyses.  It contains the

content preparation instructions for data generated under NASA

Management Instruction                                .



PREPARATION INSTRUCTIONS:



1.   The contractor will prepare a report summarizing the

     security vulnerability analysis, including the threat

     analysis, adversary program analysis, and the adversary

     vulnerability measurement process.  The report will

     include, as a minimum:



     a.   A preface with narrative description of the system.

          Information concerning each form of external overt

          or covert method of penetration against the system

          considered during system development.



     b.   Threat models in Threat Logic Tree format showing

          their transition from preliminary to initial Threat

          Logic Trees and thereafter into Summary Threat

          matrix form.



     c.   Rationale used for threat rejection in developing

          the initial Threat Logic Tree.



     d.   An evaluation of the conditional probabilities for

          achieving each adversary program objective.



     e.   An assessment of security vulnerabilities related to

          information, personnel, industrialization,

          operations, communications, physical, computer and

          product security, and TEMPEST.



DATA ITEM DESCRIPTION - 4



TITLE:



ADVERSARY PROGRAM ANALYSIS



DESCRIPTION/PURPOSE:



This Data Item Description (DID) is used by the contractor to

quantitatively describe how potential adversaries may attack

the system.



APPLICATION/INTERRELATIONSHIP:



This DID contains the content preparation instructions for

that data generated under the task described by 4c(2)(a) of

Attachment 1, NASA Management Instruction 2410.7.



PREPARATION INSTRUCTIONS:



1.   The adversary program analysis will include:



     a.   Development of adversary program scenarios. 

          Information resulting from the threat analysis

          (conceptual phase) will be used as the basis for the

          scenarios.  For each program objective, the

          contractor should describe a set of approaches (a

          scenario) that potential adversaries could use to

          accomplish that objective.



     b.   Adversary success criteria should be estimated.  The

          estimates will be prerequisites for system

          vulnerabilities.



     c.   Adversary models shall be synthesized and used as a

          basis for evaluating security technologies and

          accomplishing trade-off analysis.



DATA ITEM DESCRIPTION - 5



TITLE:



SYSTEM/SUBSYSTEM SPECIFICATION



DESCRIPTION/PURPOSE:



The System/Subsystem Specification (SS) is a technical

document prepared for systems personnel that provides

environment and design elements to provide guidance to the

program design effort.



APPLICATION/INTERRELATIONSHIP:



An SS may be prepared to guide the development of large

projects.  If the system breaks down readily into subsystems,

this document may be used to prepare individual subsystem

specifications.



PREPARATION INSTRUCTIONS:



The System/Subsystem Specification shall meet the content and

format requirements of NASA Management Instruction 2410.7 and

NASA Handbook 2410.1.



DATA ITEM DESCRIPTION - 6



TITLE:



SYSTEM ACQUISITION PROTECTION STANDARD



DESCRIPTION/PURPOSE:



This Data Item Description (DID) is used to implement NASA

systems acquisition protection program operations and

procedures and as the basis for NASA security workforce,

facility, and equipment authorizations.



APPLICATION/INTERRELATIONSHIP:



In this section, explain that the proposed system acquisition

protection standard is submitted through the program office

(or designated manager) for transmittal to NASA HQ/JIS. 

Explain further that the program office requires the proposed

standard no later than 12 months before the system initial

operating capability (IOC). 



PREPARATION INSTRUCTIONS:



This section directs the contractor to prepare and document a

proposed system acquisition protection standard.  Explain that

this standard must reflect the results of analyses and

decisions made during the execution of the SAP portion of the

Statement of Work (SOW).  Explain further that its contents

must be organized and captioned according to the following

format:



1.   Cover Page.   On this page, give the title of the system,

     state the purpose of the standard, and list the contents

     of the standard, the office of primary responsibility

     (OPR), and the distribution of the standard.



2.   Chapter l-Security Priorities and Concepts.   This

     Chapter briefly describes the system and its planned

     operational environment.  It specifically identifies

     system characteristics that generated special safety

     requirements for the protection of operating,

     maintenance, and security personnel.  It also includes a

     classification statement if necessary.



3.   Chapter 2-General Provisions for Standards.  This Chapter

     covers the following Provisions for Standards:



     a.   Security requirements that apply to normal day-to-

          day aerospace security support.



     b.   Resource applicability, which gives the basis for

          funding, equipment, staffing, and personnel actions.



     c.   Security posture design, which reflects the general

          design of the force posture calculated to produce

          the greatest invulnerability to overt or covert

          attack.  It is supported and based on the

          vulnerability analysis.



     d.   Priority resources.



     e.   Personnel security.



     f.   Physical security and facility requirements, which

          detail the physical security facilities that are

          incorporated into the system.  For example, this

          section describes:



          (l)       The central security control building.



          (2)       Personnel and vehicle entry control

                    facilities.



          (3)       Barrier systems.



          (4)       Restricted area signs.



          (5)       Alarm annunciation and data display

                    equipment.



          (6)       Ordnance for aerospace security forces.



          (7)       Security communications.



          (8)       Intrusion detection systems.



     g.   Standards for security of priority resources, which

          contain facility, personnel, equipment, and

          procedural standards that apply to management

          systems designated as priority resources.



     h.   Manpower standard, which identifies and justifies

          security personnel requirements based on optimum

          environmental and normal system operating

          conditions.  The operating activity identifies local

          variations in site layout and in climatic

          conditions, which need not be treated in this

          section.



     i.   Security logistics support, which justifies

          logistical and material support.  Subparagraphs to

          this section identify requirements for:



          (l)       Vehicles (type, number, and use).



          (2)  Communications (radio [fixed, portable, remote,

               or vehicular], telephone, landline, etc.).



          (3)  Specialized equipment (tool kits, training aids,

               etc.).



     j.   Security entry control procedures, which describe

          how to enter restricted areas that contain critical

          system components and facilities.  These procedures

          include ways to physically control entry into

          critical facilities at remote or unattended sites,

          and ways to control the information individuals need

          to gain entry. Personnel who have a need to enter

          must positively identify themselves, by means of

          secure communications, to the agency that is

          monitoring security of the facility.  If they

          properly identify themselves, then the monitoring

          agency will operate the entry system by remote

          control or will give entering personnel the

          information they need to operate mechanical entry

          control systems at the site.  However, if personnel

          do not properly identify themselves, then the

          security reaction system will respond, which may

          mean that selective or controlled penalty techniques

          are imposed. 



          These procedures may also rely on built-in

          deterrence capabilities of the facility.  Security

          entry control procedures also include:



          (l)  General criteria and unique requirements for

               entry control.



          (2)  Qualification standards for the various

               categories of personnel who need to enter or to

               have access.



          (3)  Personnel clearance and investigative

               requirements for such personnel.



          (4)       Special training or briefing and debriefing

                    requirements. Personnel deployed in support

                    of the system are trained to recognize,

                    report, and respond properly to alarms.

                    Training programs for all categories of

                    personnel within the personnel subsystem

                    include security procedures based on the

                    premise that an attack can take place at

                    any time.



          (5)       Code and duress code techniques and

                    procedures.



          (6)       Dispatch control procedures (apply to only

                    unattended sites) that make sure that both

                    the right and the need for persons to enter

                    and to have access have been officially

                    established and that personnel who are

                    dispatched possess the material or

                    knowledge needed to gain entry or access at

                    their destination.



          (7)       Emergency procedures.



          (8)       Badge systems in effect.



          (9)       Personnel escort requirements.



     k.   Security force reaction procedures, which tell how

          the security force or the expanded force will react

          under normal or emergency conditions to security

          alarms or other situations that need a response. 

          The measure of effectiveness of any response is

          whether or not the threat is eliminated, and the

          secure environment is preserved or restored.  To

          achieve this goal, these procedures tell how to

          respond to violations of system parts that are

          vulnerable to attack.  Before developing these

          procedures, determine the following conditions:



          (l)  The inherent vulnerabilities of the system.



          (2)  The probable nature and effect of attacks on the

               system.



          (3)  Who will decide when to initiate a response,

               notify the control agency, and monitor the

               situation.



          (4)  Whether or not the responding elements are

               thoroughly familiar with the extent of their

               authority to use force, to challenge, and to

               take into custody persons who violate the

               security of the system.



          (5)  How civil law enforcement and investigative

               agencies can help.  Is the relationship between

               responding elements and the local population

               clearly set?



          (6)  If armed mobile response forces are needed.



          (7)  Where the resources available for immediate

               response are currently located and what

               communications they have for getting response

               directions.



          (8)  Whether or not a central agency must be set up

               to control and direct security response

               procedures.



          (9)  If the control agency will have detailed alarm

               information in time to respond effectively.



          (10)      If the response force can use all vehicles

                    (on land, at sea, or in the air).



     l.   The security reporting and alerting system, which

          details an effective high-speed security reporting

          and alerting communications network that permits a

          substantial counteraction against widespread

          coordinated enemy clandestine operations.  This

          system is associated with priority resources.  This

          section should specify how each level of management

          will collect, transmit, display, store, and evaluate

          information.



     m.   The waivers, exceptions, and variances, which detail

          an effective system for identifying, submitting and

          approving, or correcting deficiencies that could not

          be corrected during the full-scale engineering

          development phase.



     n.   Planning, which covers details for day-to-day

          operations in support of the system.  This section

          provides general guidelines for the system security

          plan, center security regulations, and combined

          operating instructions.  The centers security plan

          serves as a basis for developing effective NASA

          system security operations at centers and sites

          where such resources to be protected are located. 

          It defines basic objectives and depicts the general

          design of the operations.



     o.   Inspections, which detail security evaluation

          criteria and procedures and set up minimum

          acceptable time and performance criteria for

          security exercises and tests.  These inspections are

          used to evaluate the effectiveness of each

          activity's security program.



4.   Chapter 3-Security Response Actions.   This chapter

     covers the means by which the security force adjusts to a

     situation or event that necessitates enhancement of or a

     dramatic change to the normal security posture.  These

     situations or events may be actual or anticipated hostile

     ground actions, air attack, natural disaster, civil

     disturbances, political tensions, or terrorists' attacks. 

     This Chapter includes formal planning criteria and

     minimum security requirements, which may consist of

     additional security facilities, equipment, and personnel.



5.   Chapter 4-Other Essential or Unique Security Elements.  

     This Chapter covers all essential system-unique

     requirements not covered elsewhere.  It identifies

     program-essential unique facilities and equipment and

     support requirements and established security

     requirements for these resources.







         APPENDIX S:  DATA ITEM DESCRIPTION (DID) FORMAT



DATA ITEM DESCRIPTION



1.   Title



2.   Identification No.



3.   Approval Date 



4.   Office of Primary Responsibility (OPR)/(MMDDYY)

     Action Officer/Phone Number



5.   Concurrences (Office Codes)



6.   Approval Limitation



7.   Preparation Instructions



8.   Distribution/Distribution Statement







                APPENDIX T:  OPSEC PLANNING GUIDE



1.   BACKGROUND



     a.   The President signed the National Security Decision

          Directive (NSDD) establishing the National

          Operations Security (OPSEC) Program on January 22,

          1988.  The NSDD requires each executive department

          and agency assigned or supporting national security

          missions with classified or sensitive activities to

          establish a formal Operations Security (OPSEC)

          program.



     b.   The responsibility for the development,

          implementation, and maintenance of the OPSEC program

          rests with the head of each executive department or

          agency.  The NSDD requires heads of executive

          departments and agencies to assume the following

          responsibilities:



          (1)       Establish organizational OPSEC programs;



          (2)  Issue, as appropriate, OPSEC policies,

               procedures, and planning guidance;



          (3)       Designate departmental and agency planners

                    for OPSEC; and



          (4)       Advise the National Security Council (NSC)

                    on OPSEC measures required of other

                    executive departments and agencies to

                    achieve and maintain effective operations

                    or activities.



     c.   Each OPSEC program is to have the following common

          features:



          (1)       Specific assignment and responsibility for

                    OPSEC direction and implementation.



          (2)       Specific requirements to plan for and

                    implement OPSEC in anticipation of and,

                    where appropriate, during departmental or

                    agency activity.



          (3)       Direction to use OPSEC analytic techniques

                    to assist in identifying vulnerabilities

                    and to select appropriate OPSEC measures.



          (4)       Enactment of measures to ensure that all

                    personnel, commensurate with their

                    positions and security clearances, are

                    aware of hostile intelligence threats and

                    understand the OPSEC process.



          (5)       An annual review and evaluation of OPSEC

                    procedures in order to assist in the

                    improvement of OPSEC programs.



          (6)  Provision for interagency support and

               cooperation with respect to OPSEC programs.



               Note:  The NSDD also directs the establishment

               of the Interagency OPSEC Support Staff (IOSS) to

               act as a consultant to executive departments and

               agencies in establishing OPSEC programs, and

               OPSEC surveys, and analyses.



2.   NATIONAL OPSEC PROGRAM OBJECTIVES



     a.   Implement an OPSEC program within the department or

          agency in satisfying NSDD requirements and instruct

          subordinate organizations on their responsibilities

          within the departmental or agency program.



     b.   Create a departmental or agency program with

          sufficient flexibility to allow each subordinate

          organization to establish a program suitable to its

          structure and mission.



     c.   Provide awareness and training programs to ensure

          all personnel, commensurate with their position and

          security clearances, are aware of the adversaries'

          capabilities and understand the OPSEC process. 

          Ensure that heads of subordinate organizations

          implement awareness and training that is relevant to

          their assigned missions and, where possible, use

          case studies or lessons-learned as key instructional

          tools.



     d.   Ensure that OPSEC is addressed from initiation

          through all planning, programming, and budgeting

          actions.



     e.   Designate an OPSEC Program Manager for the

          department or agency and ensure that each

          subordinate organization designates an individual as

          the OPSEC Coordinator and establishes sufficient

          work groups to maintain the program.



     f.   Identify those areas, activities, functions, data,

          or information about an activity or facility of the

          department or agency deemed most important to keep

          from an adversary, i.e., core secrets, critical

          information, sensitive operations.



     g.   Identify adversaries who could use the critical

          information for their benefit or to the detriment of

          the departmental or agency mission.



     h.   Identify key questions likely to be asked by

          adversaries about department or agency intentions,

          capabilities, or activities so they can obtain

          answers critical to their operational effectiveness.



     i.   Identify detectable actions and information from

          open sources that can be interpreted or pieced

          together by an adversary to derive critical

          information about departmental or agency activities

          or operations.



     j.   Understand the adversaries' (hostile intelligence

          threat) capabilities, i.e., ability to collect

          indicators through observation, infiltration,

          bribery, or conventional intelligence collection

          means such as signals intelligence, human

          intelligence, and imagery intelligence.



     k.   Be aware of countermeasures that can be used to deny

          the adversaries the critical information.



     1.   Prioritize OPSEC initiatives, including surveys,

          implementation of countermeasures or other OPSEC

          activities, based on the relative importance of the

          activity or operation, the sensitivity of the

          information involved, and the capabilities of the

          adversaries.



     m.   Understand the department's or agency's overall

          OPSEC posture, that is, the extent to which OPSEC is

          integrated into all of the departmental or agency

          activities.



     n.   Be aware of problems encountered in establishing and

               sustaining the department or agency OPSEC

          program.



3.   PROGRAM ELEMENTS-COMPONENT LEVEL



     a.   Issue a component directive that implements NSDD 298

          and the department or agency directive.



     b.   Ensure that all component personnel, commensurate

          with their positions and security clearances, are

          aware of the hostile intelligence threat and

          understand the OPSEC process.



     c.   Delegate, as appropriate, authority to plan, direct,

          and implement OPSEC measures to the operations

          element or that equivalent element of the component

          primarily responsible for the accomplishment of the

          component's overall mission, and designate an

          official in that element as the OPSEC Coordinator

          for the component.  This normally should not be the

          security or other support element.



     d.   Require each element of the component to designate

          an individual whose responsibilities include

          specific requirements to plan for and implement

          OPSEC prior to, during, and after the execution of

          operations and other activities that influence the

          effectiveness of the component's mission.



     e.   Require each element to identify core secrets,

          critical information, and sensitive operations to be

          protected from the adversary intelligence threat.



     f.   Require each element to follow OPSEC planning

          guidance, taking into account those aspects of their

          activities or operations that should be protected in

          light of friendly and adversary goals, estimated key

          adversary questions, probable adversary knowledge,

          desirable and harmful adversary appreciations, and

          pertinent adversary intelligence threats.



     g.   Require elements to use systematic OPSEC analysis

          developed for OPSEC surveys to identify

          vulnerabilities and select appropriate OPSEC

          measures to support specific organizational missions

          and activities.



     h.   Establish a sufficient number of OPSEC work groups,

          with multidisciplined and cross-component

          representation, to perform the necessary support

          functions required for an effective OPSEC program. 

          The working groups should develop and set priorities

          for the component's OPSEC program objectives, meet

          on a regular basis, and maintain records of

          meetings.



     i.   Require elements to provide a report at least

          annually on the OPSEC posture of the element and

          OPSEC activities carried out.



     j.   Require the official designated as the OPSEC

          Coordinator for the component to perform the

          following tasks:



          (1)       Develop componentwide OPSEC policy,

                    guidance, and instructions.



          (2)       Publish an OPSEC planning guide that

                    establishes minimum standards for

                    conducting OPSEC activities.



          (3)  Represent the head of the component at the

               departmental or agency level on OPSEC-related

               matters.



          (4)       Manage the componentwide OPSEC program by

                    performing the following tasks:



               (a)       Planning and programming technical and

                         other OPSEC support for the elements,

                         including the conduct of OPSEC

                         vulnerability assessments of

                         componentwide or multielement

                         activities.



               (b)       Analyzing vulnerabilities detected in

                         the course of componentwide or

                         multielement assessments and

                         recommending potential countermeasures

                         as appropriate.



          (5)       Oversee the component OPSEC program by

                    performing the following tasks:



               (a)       Establishing and chairing a work group

                         to coordinate in the componentwide

                         OPSEC program. Ensuring that the work

                         group represents appropriate program

                         offices and field elements to provide

                         an active forum to discuss and assess

                         generic and specific OPSEC concerns.



               (b)       Coordinating with field elements on

                         OPSEC matters and providing assistance

                         as requested.



               (c)       Assessing the effectiveness of the

                         componentwide OPSEC program by

                         performing periodic reviews.



          (6)       Operate the componentwide office of record

                    for OPSEC plans and program files to assist

                    in developing an active OPSEC program for

                    component operations and other activities.



          (7)       Develop and maintain an OPSEC plan that

                    includes, at a minimum, goals, milestones,

                    and a timetable.



          (8)       Advise the head of the component of the

                    status of the component's OPSEC program,

                    including plans, developments innovations,

                    problems, and solutions.



     k.   Require the official in charge of training to

          establish OPSEC awareness and training programs to

          ensure that all employees are aware of their

          adversaries' capabilities and understand the OPSEC

          process.



SAMPLE DIRECTIVE



DATE:



NUMBER:



DIRECTIVE:



SUBJECT:  Operations Security Program (cite NASA Installation)



REFERENCE:     National Security Decision Directive 298,

               "National Operations Security Program," dated

               January 22, 1988.



A.   PURPOSE



     This Directive establishes the operations security

     (OPSEC) program, provides policy, assigns

     responsibilities, and implements reference.



B.   APPLICABILITY



     1.   This Directive applies to (cite NASA Installation)

          (hereafter referred to collectively as elements).



     2.   The (cite NASA Installation) OPSEC program shall be

          applied to contractors when it has been determined

          that such measures are necessary for the adequate

          protection of critical or sensitive information,

          activities or operations of the (cite Installation),

          its elements directly or indirectly associated with

          a specific contract.



C.   DEFINITIONS



     1.   Operations Security (OPSEC).  A systematic and

          analytic process by which the U.S. Government and

          its supporting contractors can deny to potential

          adversaries information about capabilities and

          intentions by identifying, controlling, and

          protecting evidence of the planning and execution of

          sensitive activities and operations.



     2.   Critical Information.  Information that must be

          protected from loss to keep an adversary from

          gaining a significant operational, economic,

          political, or technological advantage and prevent

          adverse impact on friendly mission accomplishment.



D.   POLICY



     1.   In accordance with reference, each element shall

          establish a formal OPSEC program with the following

          common features:



          a.   Specific assignment of responsibility for OPSEC

               direction and implementation;



          b.   Specific requirements to plan for and implement

               OPSEC in anticipation of and, where appropriate,

               during element activity;



          c.   Use of OPSEC analytical techniques to assist in

               identifying OPSEC vulnerabilities and to select

               appropriate OPSEC measures; and



          d.   Measures to ensure that all personnel,

               commensurate with their positions and security

               clearances, are aware of hostile intelligence

               threats and understand the OPSEC process.



          e.   Requirement for an annual review and evaluation

               of this OPSEC program to determine its

               effectiveness in the preceding year and to

               develop recommendations on improvements for the

               next year and the longer term.  The annual

               report shall be submitted to the Chief, NASA

               Security Office for review and approval.



          f.   Provisions for cross element and interagency

               support and cooperation with respect to OPSEC

               programs.



     2.   The Chief, NASA Security Office must be advised on

          OPSEC measures required of other NASA Installations

          or other departments and agencies of the U.S.

          Government to achieve and maintain effective

          operations or activities.



     3.   OPSEC is a management responsibility.  Supervisors

          at all levels are responsible for maintaining their

          organization's OPSEC program.



     4.   Authority to plan, direct, and implement OPSEC

          measures may be delegated, as appropriate, to the

          operation's unit or an equivalent unit of the

          element primarily responsible for the accomplishment

          of the element's overall mission.  This normally

          should not be the Installation Security or other

          support unit.



     5.   OPSEC must be addressed from initiation of all

          planning, programming, and budgeting actions.



E.   RESPONSIBILITIES



     1.   The (cite title) for (cite element) is hereby

          appointed as (cite NASA Installation) OPSEC Program

          Manager and shall perform the following tasks:



          a.   Develop OPSEC policy, guidance, and

               instructions.



          b.   Publish an OPSEC planning guide that establishes

               minimum standards for conducting OPSEC

               activities.



          c.   Provide representation at agency level on OPSEC-

               related matters.



          d.   Operate the office of record for OPSEC plans and

               program files.



          e.   Develop and maintain an OPSEC plan that

               includes, at a minimum, goals, milestones, and a

               timetable.



          f.   Advise the Installation Director of the status

               of the (cite NASA Installation) OPSEC Program,

               to include plans, developments, innovations,

               problems, and solutions.



          g.   Manage the (cite NASA Installation)-OPSEC

               Program by performing the following tasks:



               (l)       Planning and programming technical and

                         other OPSEC support for the elements,

                         including the conduct of OPSEC

                         vulnerability assessments of (cite

                         Installation)-wide or multi-element

                         activities.



               (2)       Analyzing vulnerabilities detected in

                         the course of  (cite NASA

                         Installation)-wide assessments, and

                         recommending potential countermeasures

                         as appropriate.



          h.   Conduct oversight of the OPSEC Program by

               performing the following tasks:



               (l)       Establishing and chairing a working

                         group to manage the  OPSEC Program. 

                         The working group should be composed

                         of members from all major elements

                         and, as appropriate, support elements,

                         and provide an active forum to discuss

                         and assess generic and specific OPSEC

                         concerns. The working group should

                         develop and set priorities for the

                         OPSEC program objectives, meet on a

                         regular basis, and maintain records of

                         meetings.



               (2)       Coordinating with all elements  on

                         OPSEC matters and providing assistance

                         as requested.



               (3)       Assessing the effectiveness of the

                         OPSEC program by performing periodic

                         reviews.



     2.   Installation Directors shall perform the following

          tasks:



          a.   Designate an individual whose responsibilities

               shall include specific requirements to plan for

               and implement OPSEC prior to, during and after

               execution of operations and other activities

               that impact on mission effectiveness.



          b.   Identify its core secrets, critical information

               and sensitive operations that must be protected

               from the adversary intelligence threat.



          c.   Follow NASA Security Office OPSEC planning

               guidance taking into account those aspects of

               activities or operations that should be

               protected in light of friendly and adversary

               goals, estimated key adversary questions,

               probable adversary knowledge, desirable and

               harmful appreciations, and pertinent adversary

               intelligence threats.



          d.   Use systematic OPSEC analysis developed for

               OPSEC surveys to identify vulnerabilities and

               select appropriate OPSEC measures to support

               specific missions and activities.



          e.   Establish OPSEC working groups, with

               multidisciplined and cross representation, to

               perform the necessary support functions required

               for an effective OPSEC program.



          f.   Provide a report at least annually on the OPSEC

               posture and the OPSEC activities of the

               Installation.



     3.   The ICS shall perform the following tasks:



          a.   Establish training programs that will ensure

               that all employees understand the OPSEC process

               and are aware of the adversaries' intelligence

               capabilities.



          b.   Provide technical OPSEC training to those

               individuals who are involved in the conduct of

               OPSEC surveys.







            APPENDIX U:  OPERATION SECURITY GLOSSARY



1.  DEFINITIONS



Acceptable Level of Risk.  The level at which an Automated

Information System (AIS) is deemed to meet the minimum

requirements of applicable security directives as determined

by an assessment made by the appropriate designated approving

authority (National INFOSEC Glossary, October 1988).



Access Control Mechanism.  Hardware or software features,

operating procedures, management procedures, and various

combinations of these designed to prevent unauthorized access,

and to permit authorized access to information within an

automated system (National INFOSEC Glossary, October 1988).



Acoustical Intelligence (ACOUSTINT).  Intelligence information

derived from analysis of acoustic waves radiated either

intentionally or unintentionally by the target into

surrounding medium (Glossary of Intelligence Terms and

Definitions, June 1989).  NOTE:  In Naval usage, the acronym

ACINT is used and usually refers to intelligence derived

specifically from analysis of underwater acoustic waves from

ships and submarines.  The technical and intelligence

information derived from foreign sources that generate waves.



Administratively Controlled Information.  Privileged but

unclassified material bearing designations such as FOR

OFFICIAL USE ONLY or LIMITED OFFICIAL USE to prevent

disclosure to unauthorized persons (Glossary of Intelligence

Terms and Definitions, June 1978).



Administrative Security.  The management constraints and

supplemental controls established to provide an acceptable

level of protection for data (National INFOSEC Glossary,

October 1988).  NOTE:  Synonymous with procedural security.



Adversary.  Those individuals or organizations that must be

denied critical information to maintain friendly mission

effectiveness.



Agent.  A person who engages in clandestine intelligence

activity under the direction of an intelligence organization

but who is not an officer, employee, or co-opted worker of

that organization (Glossary of Intelligence Terms and

Definitions, June 1989).



Appreciations.  Personal conclusions, official estimates, and

assumptions about another party's intentions, capabilities,

and activities used in planning and decisionmaking.



1.        Desired Appreciations.  Adverse personal conclusions

          and official estimates, valid or invalid, that

          result in adverse behaviors and official actions

          advantageous to friendly interests and objectives.



2.        Harmful Appreciations.  Adverse personal

          conclusions, official estimates, or assumptions,

          valid or invalid, that result in adverse behaviors

          and official actions harmful to friendly interests

          and objectives (JCS MOP 199, March 1989).



Assessment.  An analysis of the threat to or the

vulnerabilities of a telecommunications or automated

information processing system or activity (National INFOSEC

Glossary, October 1988).



Audit.  The independent review and examination of records and

activities to test for adequacy of system controls, to ensure

compliance with established controls, to ensure compliance

with established policy and operational procedures, and to

recommend any indicated changes in controls, policy, or

procedures (National INFOSEC Glossary, October 1988).  NOTE: 

An audit may be conducted by personnel responsible to the

management of the organization being audited (internal) or by

an organization independent of the one being audited (external).



Automated Data Processing.  See automated information systems.



Automated Information Systems.  Systems that collect, create,

prepare, or manipulate information in electronic form for

purposes other than device control or telecommunications

(National INFOSEC Glossary, October 1988).  NOTE:  Includes

computers, word processing systems, other electronic

information handling systems, and associated equipment.  



Automated Information Systems Security.  The totality of

security safeguards used to provide a defined level of

protection to an automated information system and data handled

by it (National INFOSEC Glossary, October 1988).  NOTE:  See

telecommunications and automated information systems security.



Carve-out.  A classified contract issued in connection with an

approved Special Access Program in which the Defense

Investigative Service has been relieved of inspection

responsibility in whole or in part under the Defense

Industrial Security Program (DoD Directive 5200.lR,

Information Security Program Regulation).



Category.  A restrictive label that has been applied to

classified or unclassified data as a means of increasing the

protection of the data by further restricting access to the

data (National INFOSEC Glossary, October 1988).   NOTE: 

Examples include Sensitive Compartmented Information (SCI),

Proprietary Information (PROPIN), and NATO Information. 

Individuals are granted access to special category information

only after being granted formal access authorization.



Categories of Data.  In the context of perception management

and its constituent approaches, data obtained by adversarial

individuals, groups, intelligence systems, and officials are

categorized in two ways:



1.        Information.  A compilation of data provided by

          secret or open sources that would provide a

          substantially complete picture of friendly

          intentions, capabilities, or activities.



2.   Indicators.  Data derived from open sources or from

     detectable actions that adversaries can piece together or

     interpret to reach personal conclusions or official

     estimates concerning friendly intentions, capabilities,

     or activities.



     NOTE:  For OPSEC purposes, actions that convey indicators

     exploitable by adversaries, but that must be carried out

     regardless, to plan, prepare for, and execute activities,

     are called "observable" (JCS MOP l9g, March 1989).



Classified Information.  Official information regarding the

national security that has been designated Top Secret, Secret,

or Confidential in accordance with Executive Order 12356

(National INFOSEC Glossary, October 1988).



Communications Cover.  The concealing or altering of

characteristic communications patterns to hide information

that could be of value to an adversary (National INFOSEC

Glossary, October 1988).



Communications Deception.  Deliberate transmission,

retransmission, or alteration of communications to mislead an

adversary in his interpretation of the communications

(National INFOSEC Glossary, October 1988).



Communications Intelligence (COMINT).  Technical and

intelligence information derived from interception of foreign

communications by other than the intended recipients; it does

not include the monitoring of foreign public media or the

interception of communications obtained during the course of

counterintelligence investigations within the United States. 

COMINT includes the fields of traffic analysis, cryptanalysis,

and direction finding (Glossary of Intelligence Terms and

Definitions, June 1989).



Communications Profile.  An analytic model of communications

associated with an organization or activity (National INFOSEC

Glossary, October 1988).  NOTE:  The model is prepared from a

systematic examination of communications content and patterns,

their reflections, and the COMSEC measures applied.



Communications Security (COMSEC).  Measures taken to deny

unauthorized persons information derived from

telecommunications of the U.S. Government concerning national

security, and to ensure the authenticity of such

telecommunications (National INFOSEC Glossary, October 1988). 

NOTE:  COMSEC includes cryptosecurity, emission security,

transmission security, and physical security of COMSEC

material and information.  See also telecommunications and

automated information systems security.



Communications Security Monitoring.  The act of listening to

or recording telecommunications transmissions of a U.S.

organization to provide material for analysis to determine the

degree of security being provided to those transmissions

(National INFOSEC Glossary, October 1988).



Communications Security Survey.  The organized collection of

COMSEC and communications data relative to a given operation,

system, or organization (National INFOSEC Glossary, October

1988).



Compartmentation.  Formal system of restricted access to

intelligence activities, such systems established by and/or

managed under the cognizance of the Director of Central

Intelligence to protect the sensitive aspects of sources,

methods, and analytical procedures of foreign intelligence

programs (Glossary of Intelligence Terms and Definitions, June

1989).  NOTE:  See also decompartmentation.



Compromise.  The exposure of classified official information

or activities to persons not authorized access thereto, i.e.,

unauthorized disclosure (Glossary of Intelligence Terms and

Definitions, June 1989).  NOTE:  See classified information.



Compromising Emanations.  Unintentional data-related or

intelligence-bearing signals emitted from telecommunications

or information processing equipment or systems (National

INFOSEC Glossary, October 1988).  NOTE:  If intercepted and

analyzed, compromising emanations can disclose classified or

sensitive unclassified information transmitted, received, or

processed by equipment or system.  Also referred to as

TEMPEST.



Computer Security (COMPUSEC).



1.        The protection resulting from all measures designed

          to prevent deliberate or inadvertent unauthorized

          access, disclosure, acquisition, manipulation,

          modification, or loss of information in a computer

          system.



2.        The computer-driven aspects of automated information

          system security encompassing the mechanisms and

          techniques that control access to or use of the

          computer or information stored in it.  



3.        The technical, administrative, and programmatic

          means to ensure  correct, timely, and accountable

          delivery of appropriate information to authorized

          customers to ensure accountable delivery of

          appropriate information to authorized customers

          through automation.  See also automated information

          systems security (Glossary of Intelligence Terms and

          Definitions, June 1989).



Computer Security Technical Vulnerability Reporting Program

(CSTVRP).  A program that focuses on technical vulnerabilities

in commercially available hardware, firmware, and software

products acquired by the Department of Defense (DoD) (National

INFOSEC Glossary, October 1988).  NOTE:  CSTVRP provides

reporting, cataloging, and discreet dissemination of technical

vulnerability and corrective information to DoD components on

a need-to-know basis.  



Confidentiality.  The concept of holding sensitive data in

confidence, limited to an appropriate set of individuals or

organizations (National INFOSEC Glossary, October 1988).



Confidential Source.  Any individual or organization that has

provided, or that may reasonably be expected to provide,

information to the United States on matters pertaining to the

national security with the expectation, expressed or implied,

that the information or relationship, or both, be held in

confidence (DoD Directive 5200.lR Information Security Program

Regulation).



Confinement.  The prevention of the leaking of sensitive data

from a program (National INFOSEC Glossary, October 1988).



Controlled Information.  Information conveyed to an adversary

in a deceptive operation to evoke desired appreciations (JCS

PUB 18, Dec.  1982).



Counterintelligence.  Information gathered and activities

conducted to protect against espionage, other intelligence

activities, sabotage, or assassinations conducted for or on

behalf of foreign powers, organizations, persons, or terrorist

activities, but not including personnel, physical, document,

or communications security programs.  See foreign

counterintelligence (Glossary of Intelligence Terms and

Definitions, June 1989).



Critical Information.  Information that must be protected from

loss to keep an adversary from gaining a significant

operational, economic, political, or technological advantage,

and prevent adverse impact on friendly mission accomplishment.



Cryptanalysis.  The operations performed in converting

encrypted messages to plain text without initial knowledge of

the algorithm and/or key employed in the encryption (National

INFOSEC Glossary, October 1988).



Cryptology.  The science and activities that deal with hidden,

disguised, or encrypted communications (National INFOSEC

Glossary, October 1988).  NOTE:  Cryptology includes COMSEC

and COMINT.



Deception Means.  Methods, resources, and techniques that can

be used to convey or deny information:



1.   Administrative Means.  Resources, methods, and techniques

     designed to convey or deny oral, pictorial, documentary,

     or other physical evidence.



2.        Physical Means.  Activities and resources used to

          convey or deny selected information.  (Examples: 

          military operations, including exercises,

          reconnaissances, training activities, and movement

          of forces; the use of dummy equipment and devices;

          tactics; bases, logistic actions, stockpiles,

          maintenance, and repair activities; and test and

          evaluation activities.)



3.   Technical Means.  Military material resources and their

     associated operating techniques used to convey or deny

     selected information through the deliberate radiation,

     reradiation, alteration, absorption, or reflection of

     energy; the emission or suppression of chemical

     biological odors; and the emission or suppression of

     nuclear particles (JCS PUB 18, Dec.  1982).



Declassification.  Removal of official information from the

protective status afforded by security classification; it

requires a determination that disclosure no longer would be

detrimental to national security (Glossary of Intelligence

Terms and Definitions, June 1989).



Decompartmentation.  The removal of materials, information or

products from a compartmented system without altering them to

conceal sources, methods, or analytical procedures (Glossary

of Intelligence Terms and Definitions, June 1989).



Detectable Actions.  Physical actions or entities that can be

observed, imaged, or detected by human senses or by active and

passive technical sensors, including emissions that can be

intercepted (JCS MOP 199, March 1989).



Direction Finding (DF).  A procedure for obtaining bearings on

radio frequency emitters with the use of a directional antenna

and a display unit with an intercept receiver or ancillary

equipment (Glossary of Intelligence Terms and Definitions,

June 1989).



Disclosure.  The authorized release of classified information

through approved channels (Glossary of Intelligence Terms and

Definitions, June 1989).



Eavesdropping.  The unauthorized interception of information-

bearing emanations through the use of methods other than

wiretapping (National INFOSEC Glossary, October 1988).



Economic Assessment.  A detailed study of security measures,

their technical and operational feasibility, and their

associated costs and benefits (National INFOSEC Glossary,

October 1988).  NOTE:  Economic assessments aid in planning

and selecting security measures.



Economic Intelligence.  Intelligence regarding foreign

economic resources, activities, and policies including the

production, distribution, and consumption of goods and

services, labor, finance, taxation, and other aspects of the

international economic system (Glossary of Intelligence Terms

and Definitions, June 1989).



Electro-optical Intelligence (ELECTRO-OPTINT).  Intelligence

information derived from the optical monitoring of the

electromagnetic spectrum from ultraviolet (0.01 micrometers)

through far (long wavelength) infrared (1,000 micrometers)

(Glossary of Intelligence Terms and Definitions, June 1989). 

NOTE:  Also see optical intelligence.



Electronic Intelligence (ELINT).  Technical and intelligence

information derived from foreign noncommunications

transmissions by other than the intended recipients. 

Technical and intelligence information derived from foreign

noncommunications electromagnetic radiations emanating from

other than atomic detonation or radioactive sources (Glossary

of Intelligence Terms and Definitions, June 1989).



Electronics Security (ELSEC).  The protection resulting from

all measures designed to deny unauthorized persons information

of value that might be derived from the interception and

analysis of noncommunications electromagnetic radiations, such

as radar (National INFOSEC Glossary, October 1988).



Emissions Security (EMSEC).  The protection resulting from all

measures taken to deny unauthorized persons information of

value that might be derived from the interception and analysis

of compromising emanations from crypto-equipment, automated

information systems, and telecommunications systems (National

INFOSEC Glossary, October 1988).



Energy Intelligence.  Intelligence relating to the technical,

economic, and political capabilities and programs of foreign

countries to engage in development, utilization, and commerce

of basic and advanced energy technologies.  This includes the

location and extent of foreign energy resources and their

allocation; foreign government energy policies, plans, and

programs; new and improved foreign energy technologies; and

economic and security aspects of foreign energy supply,

demand, production, distribution, and utilization (Glossary of

Intelligence Terms and Definitions, June 1989).



Espionage.  Intelligence activity directed toward the

acquisition of information through clandestine means and

proscribed by the laws of the country against which it is

committed (Glossary of Intelligence Terms and Definitions,

June 1989).



Essential Elements of Friendly Information (EEFI).  Key

questions about friendly intentions and military capabilities

likely to be asked by opposing planners and decision makers

(JCS PUB 18, Dec.  1982).



Essential Secrecy.  Adversary unknowns or uncertainties about

specific factual friendly intentions, capabilities, and

activities vitally needed by adversaries for them to plan and

act effectively so as to guarantee failure or unacceptable

consequences for friendly mission accomplishment.



Exploitation.  The process of obtaining intelligence

information from any source and taking advantage of it for

intelligence purposes.  NOTE:  Also see source (Glossary of

Intelligence Terms and Definitions, June 1989).



Foreign Counterintelligence (FCI).  Intelligence activity,

with its resultant product, intended to detect, counteract,

and/or prevent espionage and other clandestine intelligence

activities, sabotage, international terrorist activities, or

assassinations conducted for or on behalf of foreign powers,

organizations, or persons; it does not include personnel,

physical, document, or communications security programs

(Glossary of Intelligence Terms and Definitions, June 1989).



Foreign Government Information.  Information that is: 



     1.   Provided to the United States by a foreign

          government or governments, an international

          organization of governments, or any element thereof

          with the expectation, expressed or implied, that the

          information, the source of the information, or both,

          are to be held in confidence; or 



     2.   Produced by the United States pursuant to or as a

          result of a joint arrangement with a foreign

          government or governments or an international

          organization of governments, or any element thereof,

          requiring that the information, the arrangement, or

          both, are to be held in confidence (DoD 5200.lR

          Information Security Program Regulation).



Foreign Instrumentation Signals (FIS).  Electromagnetic

emissions associated with the testing and operational

deployment of non-U.S.  aerospace, surface, and subsurface

systems that may have either military or civilian application;

it includes but is not limited to the signals fromtelemetry,

beaconry, electronic  interrogators, tracking/fusing/

arming/command systems, and video data links (Glossary of

Intelligence Terms and Definitions, June 1989).



Foreign Instrumentation Signals Intelligence (FISINT). 

Technical and intelligence information derived from intercept

of foreign instrumentation signals (Glossary of Intelligence

Terms and Definitions, June 1989).



Foreign Material (FORMAT) Intelligence.  Intelligence derived

from the exploitation of foreign equipment, subsystems,

components, or other material (Glossary of Intelligence Terms

and Definitions, June 1989).



Friendly.  Those individuals or organizations involved in the

specific sensitive operation or activity who have a need-to-

know.



Geographic(al) Intelligence.  Foreign intelligence dealing

with the location, description, and analysis of physical and

cultural factors of the world (e.g., terrain, climate, natural

resources, transportation, boundaries, population

distribution) and their changes through time (Glossary of

Intelligence Terms and Definitions, June 1989).



Hostile Cognizant Agent.  A person who is authorized access to

classified or sensitive unclassified information and who

intentionally makes that information available to a member of

a hostile intelligence service or other group whose goals are

inimical to the interests of the United States Government or

its allies (National INFOSEC Glossary, October 1988).



Hostile Threat Environment.  An area that contains known

threats over which one possesses little or no control

(National INFOSEC Glossary, October 1988).  NOTE:  Some

diplomatic facilities and tactical military units may be

located in a hostile threat environment.  



Human Intelligence (HUMINT).  A category of intelligence

information derived from human sources (Glossary of

Intelligence Terms  and  Definitions, June 1989).



Human Source.  A person who wittingly or unwittingly conveys

by any means information of potential intelligence value

(Glossary of Intelligence Terms and Definitions, June 1989).



Imagery.  Representations of objects reproduced electronically

or by optical means on film, electronic display devices, or

other media (Glossary of Intelligence Terms and Definitions,

June 1989).



Imagery Intelligence (IMINT).  The products of imagery and

photographic interpretation processed for intelligence use

(Glossary of Intelligence Terms and Definitions, June 1989).



Imagery Interpretation (II).  The process of locating,

recognizing, identifying, and describing objects, activities,

and terrain represented by imagery; it includes photographic

interpretation (Glossary of Intelligence Terms and

Definitions, June 1989).



Imitative Communications Deception.  Introduction of deceptive

messages or signals into an adversary's telecommunications

signals (National INFOSEC Glossary, October 1988).



Inadvertent Disclosure.  Accidental exposure of sensitive

information to a person not authorized access (National

INFOSEC Glossary, October 1988).  NOTE:  This may result in a

compromise or a need-to-know violation.



Indicator.  An event, observation, or value used to measure an

abstract concept.  An item of information that reflects the

intention or capability of a potential enemy to adopt or

reject a course of action.  An action-specific, generalized,

or theoretical-that an enemy might be expected to take in

preparation for an aggressive act (Glossary of Intelligence

Terms and Definitions, June 1989).



Information and Indicator Sources.  Data, material, and

actions that provide information and indicators.  The sources

are categorized as follows:



1.   Secret Sources.  Friendly personnel, documents, material,

     etc., possessing classified or sensitive information.



2.   Open Sources.  Oral, documentary, pictorial, and physical

     materials accessible to the public, or overt contacts

     with adversary parties.



3.   Detectable Actions.  Physical actions or entities that

     can be observed, imaged, or detected by active or passive

     sensors.  Also includes emissions that can be

     intercepted.



Information Security (INFOSEC).  The discipline covering the

protection of classified national security information by the

application of the rules and procedures established by

Executive Order 12356.  It includes classification,

declassification, marking, mandatory review, oversight, etc. 

The procedures pertaining to both communications security and

computer security (Glossary of Intelligence Terms and

Definitions, June 1989).



Information Systems Security.  The protection afforded

information systems to preserve the availability, integrity,

and confidentiality of the systems and the information

contained within the systems.  Such protection is the

application of the combination of all security disciplines

that will at a minimum include:  COMSEC, TEMPEST, COMPUSEC,

personnel security, industrial security, resource protection,

and physical security (Glossary of Intelligence Terms and

Definitions, June 1989).  NOTE:  Others define this as

INFOSEC.  See also telecommunications and automated

information systems security (TIASS).



Infrared Imagery.  A likeness or impression produced as a

result of sensing electromagnetic radiations emitted or

reflected from a given target surface in the infrared portion

of the electromagnetic spectrum (Glossary of Intelligence

Terms and Definitions, June 1989).



Intelligence Cycle.  The processes by which information is

acquired and converted into intelligence and made available to

customers.  There are usually five steps in the cycle:



1.        Planning and Direction.  Determination of

          intelligence requirements, preparation of a

          collection plan, issuance of orders, requests to

          information collection entities, and a continuous

          check on the productivity of collection entities.



2.   Collection.  Acquisition of information or intelligence

     information and the provision of this to processing

     and/or production elements.



3.        Processing.  Conversion of collected information

          and/or intelligence information into a form more

          suitable for the production of intelligence.



4.        Production.  Conversion of information or

          intelligence information into finished intelligence

          through the integration, analysis, evaluation,

          and/or interpretation of all available data and the

          preparation of intelligence products in support of

          known or anticipated customer requirements.



5.   Dissemination.  Timely conveyance of intelligence in

     suitable form to customers (Glossary of Intelligence

     Terms and Definitions, June 1989).



Intelligence Information.  Information of potential

intelligence value concerning the capabilities, intentions,

and activities of any foreign power, organization, or

associated personnel (Glossary of Intelligence Terms and

Definitions, June 1989).



Intelligence Life.  The length of time during which

information remains important enough to protect (National

INFOSEC Glossary, October 1988).



Intelligence System.  Any formal or informal system to manage

data gathering, to obtain and process the data, and to provide

reasoned judgments to decision makers as a basis for action. 

The term is not limited to intelligence organizations or

services, but includes any system in all its parts that

accomplishes the listed tasks.



Intrusion Detection System (IDS).  A system designed to detect

and signal the entry of unauthorized persons into a protected

area, such as security alarms, sensor systems, or video

systems (National INFOSEC Glossary, October 1988).



Laser Intelligence (LASINT).  Technical and intelligence

information derived from laser systems; it is a subcategory of

electro-optical intelligence (Glossary of Intelligence Terms

and Definitions, June 1989).



Limited Access Area.  An area in which uncontrolled movement

of persons would allow access to classified information, but

in which such access is prevented by escort or other internal

restrictions or controls (National INFOSEC Glossary, October

1988).



Low Probability of Detection (LPD).  Measures used to hide or

disguise intentional electromagnetic transmissions (National

INFOSEC Glossary, October 1988).



Manipulative Communications Deception.  The alteration or

simulation of friendly telecommunications for the purpose of

deception (National INFOSEC Glossary, October 1988).  NOTE: 

May consist of any or all of the following:  establishment of

bogus communications structures, transmission of deception

messages, expansion or creation of communications schedules on

existing structures to display an artificial volume of

messages.  



Meaconing.  A system for receiving radio beacon signals and

retransmitting them on the same frequency to confuse

navigation and cause inaccurate bearings to be obtained by

beacon users (National INFOSEC Glossary, October 1988).



Meaconing, Intrusion, Jamming and Interference (MIJI).  A

collective name for all of the types of jamming or other

interference that may be used against electromagnetic

equipment or systems (National INFOSEC Glossary, October

1988).



Measurement and Signature Intelligence (MASINT).  Scientific

and technical intelligence information obtained by

quantitative and qualitative analysis of data (metric, angle,

spatial, wavelength, time dependence, modulation, plasma, and

hydromagnetic) derived from specific technical sensors for the

purpose of identifying any distinctive features associated

with the source emitter or sender and to facilitate subsequent

identification and/or measurement of the same (Glossary of

Intelligence Terms and Definitions, June 1989).



Medical Intelligence (MEDINT).  Medical scientific, technical,

and biological intelligence that assesses and predicts

technological advances of medical significance to include

defense against chemical, biological, and radiological

warfare; it applies to both tactical and strategic planning

and operations, including military and humanitarian efforts

(Glossary of Intelligence Terms and Definitions, June 1989).



National Computer Security Assessment Program (NCSAP).  A

program designed to evaluate the interrelationship of

empirical data of computer security infractions and that of

critical systems profiles, while comprehensively incorporating

information from the Computer Security Technical Vulnerability

Reporting Program (National INFOSEC Glossary, October 1988). 

NOTE:  Assessments build threat and vulnerability scenarios

that are based on a collection of facts from relevant reported

cases.  Such scenarios are a powerful, dramatic, and concise

form of representing the value of loss experience analysis.



National Security Information.  Classified information related

to the national defense or foreign relations of the United

States (National INFOSEC Glossary, October 1988).



Need-to-Know.  The necessity for access to, knowledge of, or

possession of specific information required to carry out

official duties (National INFOSEC Glossary, October 1988).



Nuclear Intelligence (NUCINT).  Intelligence derived from the

collection and analysis of radiation and other effects

resulting from radioactive resources (Glossary of Intelligence

Terms and Definitions,     June 1989).



Nuclear Proliferation Intelligence.  Foreign intelligence

relating to:



1.        Scientific, technical, and economic capabilities and

          programs and the political plans and intentions of

          non-nuclear weapon states or foreign organizations

          to acquire nuclear weapons and/or to acquire the

          requisite special nuclear materials and to carry on

          research, development, and the manufacturing of

          nuclear explosive devices; and



2.        The attitudes, policies, and actions of foreign

          nuclear supplier countries toward provision of

          technologies, facilities, or special nuclear

          materials that could assist non-nuclear weapon

          states or foreign organizations to acquire or

          develop nuclear explosive devices (Glossary of

          Intelligence Terms and Definitions, June 1989).