NHB 1620.3C NASA Security Handbook
NASA NHB 1620.3C, (PART 5)
HANDBOOK Effective Date February 1, 1993
_________________________________________________________________
Responsible Office: JL
Subject: NASA Security Handbook (PART 5 of 5)
PREFACE
APPENDIX M: SECURITY LIGHTING
1. REQUIREMENTS
a. Security lighting needs at each NASA Installation or
facility depend on each situation and area to be
protected. Each situation requires careful study to
provide the best visibility practical for security
duties, such as identification of badges and people
at gates, inspection of vehicles, prevention of
illegal entry, detection of intruders outside and
inside of buildings and other structures, and
inspection of unusual or suspicious circumstances.
b. When such lighting is impractical, additional
security posts, patrols, sentry dog patrols, or
other security means may be necessary.
c. Lighting should not be used as a deterrent only. It
should be used on a perimeter fence line only where
the fence is under continuous or periodic
observation.
d. Lighting may be desirable for those sensitive areas
or structures within the perimeter (property lines)
that are under specific observation. Such areas or
structures include pier and dock areas, launch or
test pads, vital buildings, storage areas, and
vulnerable control points in communications, power,
and water distribution systems. In interior areas
where night operations are conducted, adequate
lighting of the area facilitates detection of
unauthorized persons approaching or attempting
malicious acts within the area.
2. CHARACTERISTICS
a. Lighting is inexpensive to maintain and, when used
properly, may reduce the need for security forces.
It may provide personal protection for security
forces by reducing the advantages of concealment and
surprise for a determined intruder. Security forces
thus relieved may be used to better advantage
elsewhere.
b. Security lighting usually requires less intensity
than work lighting, except for identification and
inspection at portals and in emergencies. Each
Installation or facility presents its particular
problem based on physical layout, terrain,
atmospheric and climatic conditions, and protective
requirements. Data are available from the
manufacturers of lighting equipment that will assist
in designing a lighting system. Included in these
data are:
(l) Descriptions, characteristics, and
specifications of various incandescent,
arc, and gaseous discharge lamps;
(2) Lighting patterns of various luminaries;
(3) Typical layouts showing the most efficient
height and spacing of equipment; and
(4) Minimum protective lighting intensities
required for various applications.
3. RESPONSIBILITY
a. Each NASA security manager must determine perimeter
lighting needs depending on the threat, perimeter
extremities, surveillance capabilities, and the
available security forces. Protective lighting must
be designed to effect the following:
(l) To discourage unauthorized entry;
(2) To detect intruders approaching or
attempting to gain entry into protected
areas;
(3) To operate continuously during periods of
reduced visibility; and
(4) To maintain and periodically test for use
during times of emergency, to include
standby lighting.
4. PLANNING CONSIDERATIONS
In planning a protective lighting system, the security
manager must give specific consideration to the following
areas:
a. Cleaning and replacement of lamps and luminaries,
particularly with respect to costs and means (such
as ladders and mechanical buckets), ensuring
required equipment is available.
b. Advisability of including mercury and photoelectric
controls.
c. The effects of local weather conditions on various
types of lamps and luminaries.
d. Fluctuating or erratic voltages in the primary power
source.
e. Requirement for grounding of fixtures and the use of
a common ground on an entire line to provide a
stable ground potential.
f. Establishment of a ledger to maintain a burning-time
(80 percent) record based on the life expectancy of
the lamp. The ledger should contain the following
as a minimum:
(l) Type and wattage of lamp;
(2) Area, facility, or utility pole used;
(3) Date of insertion; and
(4) Programmed date (based on life expectancy)
for extraction.
g. Security Areas
(1) All security areas should have protective
lighting on a permanent basis at perimeter
and access control points. The lighting
must be positioned to prevent the
following:
(a) Temporarily blinding the guards with
glare.
(b) Silhouetting or highlighting the
guards.
(2) Lighting in these areas must be under the
control of the security force.
(3) The perimeter band of lighting must provide
a minimum intensity of .2 foot candles,
measured horizontally 15.24cm/6 inches
above ground level, at least 9.144m/ 30
feet outside the security area barrier.
Lighting inside security areas should be of
sufficient intensity to enable detection of
persons in the area. Lighting at entrance
control points must be of sufficient
intensity to enable guards to compare and
identify bearers and badges.
(4) Protective lighting systems should be
operated continuously during hours of
darkness.
(5) Protective lights should be used so that
the failure of one or more lights will not
affect the operation of remaining lights.
5. PRINCIPLES OF PROTECTIVE LIGHTING
Protective lighting should enable security force
personnel to observe activities around or inside an area
without disclosing their presence. Adequate lighting for
all approaches to an area not only discourages attempted
unauthorized entry, but also can identify persons within
the area. However, lighting should not be used alone.
It should be used with other measures such as fixed
security posts or patrols, fences, and alarms. Other
principles of protective lighting are listed below:
a. Good protective lighting is achieved by adequate,
even light upon bordering areas, glaring lights in
the eyes of the intruder, and relatively little
light on security patrol routes. In addition to
seeing long distances, security forces must be able
to spot an intruder who may be exposed to view for
only a few seconds. All of these abilities are
improved by higher levels of brightness.
b. In planning protective lighting, higher brightness
to contrast between intruder and background is an
important consideration. When the same amount of
light falls on an object and its background, the
observer must depend on contrasts in the amount of
light reflected to discern an intruder's silhouette.
More light is needed to produce the same brightness
around Installations and buildings with
predominantly dark, dirty surfaces than when clean
concrete, light brick, or grass predominate.
c. When the intruder is darker than his background, the
observer sees primarily the outline or silhouette.
Intruders who depend on dark clothing and even
darkened face and hands may be foiled by using light
finishes on the lower parts of buildings and
structures. Stripes on walls have also been used
effectively because they provide recognizable breaks
in outlines or silhouettes.
d. Two basic systems or a combination of both may be
used to provide practical and effective lighting.
The first method is to light the boundaries and
approaches. The second is to light the area and
structures within the general boundaries of the
property.
6. TYPES OF LIGHTING
The type of lighting system to be used depends on the
overall security requirements of the area concerned.
Lighting units of four general types are used for
protective lighting systems: continuous, standby,
movable, and emergency.
a. Continuous lighting (stationary luminary) is the
most common protective lighting system. It consists
of a series of fixed luminaries arranged to flood a
given area continuously during the hours of darkness
with overlapping cones of light. Two primary
methods of employing continuous lighting are glare
projection and controlled lighting:
(1) The glare projection lighting method is
useful where the glare of lights directed
across surrounding territory will not be
annoying nor interfere with adjacent
operations. It is a strong deterrent to a
potential intruder because it makes it
difficult to see the inside of the area.
It also protects the guards by keeping them
in comparative darkness and enabling them
to observe intruders at considerable
distances beyond the perimeter. Glare
protection perimeter lighting may be
inappropriate in some instances.
(2) Controlled lighting is best when it's
necessary to limit the width of the lighted
strip outside the perimeter because of
adjoining property or nearby highways,
railroads, navigable waters, or airports.
In controlled lighting, the width of the
lighted strip can be controlled and
adjusted to fit the particular need, such
as illumination of a wide strip inside a
fence and a narrow strip outside; or
floodlighting a wall or roof. But this
method of lighting often illuminates or
silhouettes security personnel as they
patrol their routes.
b. Standby lighting. The layout of this system is
similar to continuous lighting. However, the
luminaries are not continuously lighted, but are
either automatically or manually turned on by the
security force or alarm systems when suspicious
activity is detected.
c. Movable lighting. This type of system consists of
manually operated, moveable searchlights that may be
either lighted during hours of darkness or lighted
only as needed. The system normally is used to
supplement continuous or standby lighting.
d. Emergency lighting. This system may duplicate any
or all of the above systems. Its use is limited to
times of power failure or other emergencies that
render the normal system inoperative. It depends on
alternative power sources, such as installed or
portable generators or batteries.
7. OTHER LIGHTING
a. Fenced Perimeters
(1) Isolated fenced perimeters are fence lines
around areas where the fence is 30.48m/100
feet or more from buildings or operating
areas, and the approach area is clear of
obstruction for 30.48 m/100 feet or more
outside the fence and is not used by other
personnel. Both glare protection and
controlled illumination are accepted for
these perimeters. Patrol roads and paths
should be kept unlighted.
(2) Semi-isolated fenced perimeters are fence
lines where approach areas are clear of
obstructio for18.288m/60 feet to 30.48m/100
feet outside the fence, and the general
public or Installation personnel seldom
have reason to be in the area. Patrol
roads and paths should be kept in relative
darkness.
(3) Nonisolated fence perimeters are fence
lines immediately adjacent to operating
areas within the Installation or other
Installations, or to public thoroughfares,
where outsiders or Installation personnel
may move about freely in the approach area.
The width of the lighted strip in this case
depends on the relative clear zone inside
and outside the fence. It may not be
practical to keep the patrol area dark.
b. Building face perimeters consist of faces of
buildings on or within 6.09m/20 feet of the property
line or area to be protected, and where the public
may approach the buildings. Security forces may be
stationed inside or outside the buildings. Doorways
or other insets in the buildings' face should
receive special attention for lighting to eliminate
shadows.
c. Active entrances for pedestrians and vehicles should
have two or more lighting units with adequate
illumination for recognition of persons and
examination of credentials. All vehicle entrances
should have two lighting units positioned to
facilitate complete inspection of passenger cars,
trucks, and freight cars, as well as their contents
and passengers. Semi-active and inactive entrances
should have the same degree of continuous lighting
as the remainder of the perimeter, with standby
lighting of sufficient illumination to be used when
the entrance becomes active. Gate houses at
entrances should have a low level of interior
illumination to enable guards to see better,
increase their night vision adaptability and avoid
making them targets.
(l) Open yards (defined as unoccupied land
only) and outdoor storage spaces should be
illuminated as follows:
(a) An open yard adjacent to a perimeter
should be illuminated in accordance
with the illumination requirements of
the perimeter. Where lighting is
deemed necessary in other open yards,
illumination should not be less than
.2 foot candles at any point.
(b) Lighting units should be placed in
outdoor storage spaces to provide an
adequate distribution of light in
aisles, passageways, and recesses to
eliminate shadowed areas where
unauthorized persons may conceal
themselves.
(2) Piers and docks located on an Installation
should be safeguarded by illuminating both
water approaches and the pier area. Decks
on open piers should be illuminated to at
least 1.0 foot candles and the water
approaches to at least .5 foot candles.
The area beneath the pier floor should be
lighted with small wattage floodlights
arranged to the best advantage with respect
to piling. Movable lighting capable of
being directed as required by the guards is
recommended as part of the protective
lighting system for piers and docks. The
lighting must not in any way violate marine
rules and regulations. The U.S. Coast
Guard should be consulted for approval of
proposed protective lighting adjacent to
navigable waters.
(3) Critical structures and areas should be the
first consideration in designing protective
fencing and lighting. Power, heat, water,
communications, explosive materials,
critical materials, delicate machinery,
areas where highly classified material is
stored or produced, and valuable finished
products need special attention. Critical
structures or areas classified as
vulnerable from a distance should be kept
dark, and those that can be damaged close
at hand should be well lighted. The
surroundings should be well lighted to
force an intruder to cross a lighted area,
and any walls should be lighted to a height
of 24.4384m/8 feet to facilitate silhouette
vision.
8. WIRING SYSTEMS
Both multiple and series circuits may be advantageous in
protective lighting systems, depending on the type of
luminary used and other design features of the system.
The circuit should be arranged so that failure of any one
lamp will not leave a large portion of the perimeter line
or a major segment of a critical or vulnerable position
in darkness. Connections should be such that normal
interruptions caused by overloads, industrial accidents,
and building or brush fires will not interrupt the
protective system. In addition, feeder lines should be
located underground to minimize the possibility of
sabotage or vandalism from outside the perimeter. The
design should provide for simplicity and economy in
system maintenance and should require a minimum of
shutdowns for routine repairs, cleaning, and lamp
replacement. It is necessary in some instances to
install a duplicate wiring system.
9. MAINTENANCE
a. Periodic inspections should be made of all
electrical circuits to replace or repair worn parts,
tighten connections, and check insulation.
Luminaries should be kept clean and properly aimed.
b. Replacement lamps can be used in less sensitive
locations. The actuating relays on emergency lines,
which remain open when the system is operating from
the primary source, need to be cleaned frequently
since dust and lint collect on their contact points
and can prevent their operation when closed.
c. The intensity of illumination and specification for
protective lighting for fences or other
antipersonnel barriers should meet the minimum
requirements.
10. POWER SOURCES
Power sources should meet the following criteria:
a. Primary - usually a local public utility.
b. Alternate - the following should be provided:
(l) Standby batteries or gasoline-driven
generators may be used.
(a) If cost-effective, a system should
start automatically upon failure of
outside power.
(b) Must ensure continuous lighting.
(c) May be inadequate for sustained
operations; therefore, additional
security precautions must be
considered.
(d) Tested to ensure efficiency and
effectiveness. The frequency and
duration of the test depend on the
following factors:
i. Mission and operational factors.
ii. Location, type, and condition of
equipment.
iii. Weather (temperature affects
batteries very strongly).
(2) Located within a security area for
additional security.
(3) Generator or battery-powered portable
and/or stationary lights.
(a) For use in a complete power failure.
(b) Includes alternate power supply.
(c) Available at designated control points
for security personnel.
c. Security is a must.
(l) Starts at the points where feeder lines
enter the Installation or activity.
(2) Security emphasis goes to sources in terms
of mission essential/vulnerable activity.
(3) Continual physical security inspections of
power sources are required to determine
security measures and replacement of
equipment.
APPENDIX N: ARREST AUTHORITY TRAINING CURRICULUM
SUBJECTS LECTURE EXAMPLE TOTAL
Legal Studies33 2 35
Constitutional Law
Criminal Law
Title 18 U.S. Code
Laws of Arrest & Detention
Crimes Against Property
Crimes Against Persons
Jurisdiction
Arrest Authority
Probable Cause
Search & Seizure 6 2 8
Levels of Force 3 3
Officer Ethics & Conduct 2 2
Mechanics of Arrest 6 8 14
Handcuffing Techniques
Officer Survival & Safety
Intermediate Force
Firearms Qualification 2 6 8
Psychology of Human Behavior 4 4
Preliminary Interviews 2 2
Terrorist Tactics 2 2
TOTALS 60 18 78
ADMINISTRATIVE 10
GRAND TOTAL 88
The selected training contractor will be given latitude in the
formulation of courses to afford the Agency maximum benefit
from the expertise and experience of the instructors. One
concept of what courses should include, but not be limited to,
is as follows:
1. LEGAL STUDIES
This block of subjects will define, describe, and discuss
various aspects of law as they directly apply to officers
working within the framework of the Arrest Authority (AA)
program. The contractor will use the NASA Handbook (NHB)
as a guide to an appropriate course of study. The course
will include two examinations on material presented.
2. SEARCH AND SEIZURE
This course will cover the concept, definition, and
application of legal search without a warrant conducted
incident to an arrest, and the proper control and
inventory of property confiscated during that arrest. It
will include a 2-hour practical exercise on the safe and
proper search of persons arrested.
3. LEVELS OF FORCE
This course will cover the different levels of force,
such as Ordinary, Reasonable, and Deadly Force, and their
application in compliance with NASA policies.
4. OFFICER ETHICS AND CONDUCT
This course will discuss the Law Enforcement Code of
Ethics, the Federal Employees Code of Ethics, and the
NASA Employees Code of Ethics and Conduct, as they apply
to persons with AA.
5. MECHANICS OF ARREST
This course includes lectures and demonstrations of
procedures and techniques necessary to effect a safe
arrest. It will cover subjects such as handcuffing,
take-downs, control holds, and officer safety. The 8-
hour practical exercise and evaluation included gives
students hands-on practice in these techniques.
6. FIREARMS QUALIFICATION
This course presents a 2-hour review of proper use of
firearms and requires students to demonstrate their
proficiency with handguns during a 6-hour practical
exercise on a live-fire range.
7. PSYCHOLOGY OF HUMAN BEHAVIOR
The course discusses different types of human behavior
and personalities, including their potential reactions to
stressful and traumatic conditions.
8. PRELIMINARY INTERVIEWS
The course will cover the importance of knowing when and
how and who is to conduct an interview incident to an
arrest and interviewing and report-writing techniques.
9. TERRORIST TACTICS
The course introduces the student to contemporary
domestic terrorism threats from right- or left-wing
groups or individuals and provides specifics of the
domestic threat.
10. PREREQUISITES
a. To preclude injury in strenuous portions of the
course, students must report in top physical
condition and maintain that level throughout the
class.
b. Students must be completely proficient with handguns
and have qualified in a federally accredited "live-
fire" range program within the past 6 months.
c. Students should be trained thoroughly in the job
specialty to which they will be assigned.
d. Because the course is short but intensive, full
student cooperation is essential. Only persons
willing and properly motivated to undergo this
training should attend. The Head Instructor will
immediately remove from the course any student
unwilling or unable to perform.
11. MISCELLANEOUS
a. Class hours will be 50 minutes in length and will
allow for breaks.
b. The normal workday will be 8:00 a.m. to 5:00 p.m.
Lunch breaks are 1 hour.
c. The first week of the course is a 6-day week with
classes conducted on Saturday.
d. Indoctrination and "in processing" will be held the
Sunday evening prior to the first Monday morning
class.
e. Graduation is the last hour of the final day of the
course.
f. Absences for reasons other than emergencies are not
authorized. Students missing classes because of
emergencies must make up the classes before
graduating.
g. Successful completion of this course is required to
receive AA. Students failing to complete the course
may attend a subsequent course at the discretion of
the funding Field activity and subject to
availability of space in the class. This course is
designed to be "core" training required for everyone
authorized with AA under the provisions of that
program. Additional training may be necessary to
meet unique requirements for duty at a particular
Field Installation. That training is termed
"Installation specific training" and is the
responsibility of the Field Installation.
APPENDIX O: HANDGUN QUALIFICATION COURSE
WEAPON Revolver or Semiautomatic pistol
TARGETS B-27 and B-34 silhouettes
TOTAL ROUNDS 60
SCORING 5 point system (maximum score 300)
QUALIFICATION 210 (70 percent)
Stage I. (3m/3-yard line) - 6 rounds total.
1. Draw and fire 2 rounds in 3 seconds (repeat
twice).
Stage II. (6m/7-yard line) - 6 rounds total.
1. Draw and fire 2 rounds center mass, 1 round head
in five seconds (repeat once).
Stage III (6m/7-yard line) - 6 rounds total.
1. With weapon in weak hand and in low ready
position fire 2 rounds center mass with 1 hand
in 4 seconds (repeat twice).
Stage IV (9m/10-yard line) - 12 rounds total.
1. Draw and fire 2 rounds in 4 seconds and come to
low ready position.
2. Fire 2 rounds from the low ready position in 3
seconds.
3. Draw and fire 2 rounds, reload and fire 2 rounds
and reholster (revolvers - 12 seconds,
semiautomatics - 10 seconds).
4. Draw and fire 2 rounds in 4 seconds and
come to the low ready position.
5. Fire 2 rounds in 3 seconds.
Stage V (14m/15-yard line) - 12 rounds total.
1. From standing to kneeling position, fire 2
rounds in 5 seconds.
2. Same as above.
3. Standing, fire 2 rounds, reload, move to
kneeling and fire 2 rounds and reholster
(revolvers - 14 seconds, semiautomatics - 12
seconds).
4. Standing, draw and fire 2 rounds in 5 seconds
and come to low ready position.
5. Fire2 rounds in 3 seconds.
Stage VI (23m/25-yard line) - 12 rounds total.
1. Standing, draw and fire 2 rounds from left side
of barricade in 5 seconds.
2. Standing, draw and fire 2 rounds from the right
side of barricade in 5 seconds.
3. Standing to kneeling, fire 2 rounds from the
left side of barricade, reload and fire 2 rounds
from right side of barricade (revolvers - 15
seconds, semiautomatics - 12 seconds).
4. Standing to prone, fire 2 rounds in 10 seconds.
5. Same as paragraph 2 above.
Stage VII (46m/50-yard line) - 6 rounds total
1. Standing, fire 2 rounds from barricade in 8
seconds.
2. Standing to kneeling, fire 2 rounds from
barricade in 10 seconds.
3. Standing to prone, fire 2 rounds in 12 seconds.
APPENDIX P: MISSING/STOLEN GOVERNMENT PROPERTY REPORT
1. GOVERNMENT CUSTODIAN
(a) Month/Year, e.g., 1/90.
(b) NASA #., e.g., 129888.
(c) Item, e.g., IBM Model 80 CPU.
(d) Value, e.g., $5,800.
(e) Source, e.g., Survey Rep. or telephone.
(f) Value Recovered, e.g., $5,800.
(g) Value Loss, e.g., $0.00.
(h) Investigative Time, e.g., 10 man-hours.
(i) Cumulative Value, e.g., 5,800.
(j) Cumulative Value Recovered, e.g., $5,800.
(k) Cumulative Value Loss, e.g., $0.00.
(l) Cumulative Investigative Time, e.g., 10 man-
hours.
2. BASE OPERATING CONTRACTOR CUSTODIAN
(a) Month/Year, e.g., 1/90.
(b) NASA #., e.g., 134111.
(c) Item, e.g., Portable Power Generator.
(d) Value, e.g., $9,000.
(e) Source, e.g., Telephone or Survey Rep.
(f) Value Recovered, e.g., $0.00.
(g) Value Loss, e.g., $9,000.
(h) Investigative Time, e.g., 3 man-hours.
(i) Cumulative Value, e.g., 9,000.
(j) Cumulative Value Recovered, e.g., $0.00
(k) Cumulative Value Loss, e.g., $9,000.
(l) Cumulative Investigative Time, e.g., 3 man-hours.
3. INSTALLATION MONTH'S CUMULATIVE TOTALS
(a) Cumulative Value, e.g., $14,800.
(b) Cumulative Value Recovered, e.g., $5,800.
(c) Cumulative Value Loss, e.g., $9,000.
(d) Cumulative Investigative Time, e.g., 13 man-
hours.
(e) Investigative Time, e.g., 13 man-hours.
APPENDIX Q: NASA SERIOUS INCIDENT REPORT FORMAT
TO: J/Associate Administrator for Management Systems and
Facilities
J/Deputy Associate Administrator for Management Systems
and Facilities
JI/Director, Logistics, and Security Division
JIS/Chief, NASA Security Office
FROM: Installation Security Chief
SUBJECT: NASA Threat and/or Incident Report
1. Recipient evaluation of threat/incident criticality
(SIGNIFICANT - IMPORTANT - ROUTINE).
2. Date/Time report was received by NASA:
3. Report received from: (Name-agency-location-telephone).
4. Date/Time/Location of Incident:
5. NASA Installations involved/impacted:
6. Summary of Threat/Incident: (Who-What-When-Where-Why-
How).
7. Responses to Threat/Incident:
a. Actions Completed: (Including notifications made)
b. Action in Progress (Including notifications)
c. Actions Pending/Anticipated: (Including
notifications)
8. Employment of Resources:
a. NASA (Security Office-IG-AIS Managers-Others)
b. Local, State, Federal Agencies
c. Note which agency has assumed
control/responsibility.
9. Coordination with NASA Public Affairs Office:
(Anticipated Media response/ interest).
10. Actions for NASA Senior Management:
11. Security comments/evaluation of report/recommendations.
PRIMARY POINT OF CONTACT:
APPENDIX R: DATA ITEM DESCRIPTIONS (DID)
DATA ITEM DESCRIPTION - 1
TITLE:
SYSTEM ACQUISITION PROTECTION MANAGEMENT PLAN (SAPMP)
DESCRIPTION/PURPOSE:
Outlines and defines the contractor's System Acquisition
Protection Management Program (SAPMP). The SAPMP describes
the methods used to (l) identify security requirements, (2)
synthesize and evaluate proposed solutions, and (3) provide
security inputs to the system acquisition process. Specific
paragraphs from the preparation instructions below may be
cited to satisfy limited program requirements.
APPLICATION/INTERRELATIONSHIP:
Security Vulnerability Analysis is used with this Data Item
Description (DID) when paragraphs 6b through 6g are cited.
PREPARATION INSTRUCTIONS:
The SAPMP shall include the following:
1. Applicable Documents. A list of documents that apply as
a directive or guidance during execution of the SAPMP.
These documents include pertinent legal, regulatory, and
other published or draft security contract requirements
applicable to the system under development. System
acquisition protection requirements and objectives are
drawn from these documents.
2. Purpose. Self explanatory. Explain principles and
approaches applied to the system acquisition protection
program that are departures from these requirements.
3. Organization. Describe the organizational placement and
manning of the contractor's security and acquisition
protection management organization. Use charts or
diagrams to show organizational and functional
relationships.
4. SAPMP. Describe the activities planned to satisfy
system acquisition protection program objectives. Use
charts and/or diagrams to illustrate the program's
functional interfaces, engineering and design
requirements, activity milestones, management process,
and levels of effort for each program phase.
5. Program Data Flow. Illustrate the manner in which basic
program data flows. Ensure the system acquisition
protection organization maintains continuous review of
all program efforts and makes inputs to decisionmaking
processes.
6. System Acquisition Protection Functions. Describe the
principal functions and specific tasks to be performed
and their assignment within the system security and
acquisition protection organization. Integrate all
security disciplines tasked in the Statement of Work. The
following security disciplines should be included as a
minimum:
a. Establishing the Security Requirements and
Objectives Baseline. Describe how security
regulations and other program guidance will be
identified, evaluated, and synthesized into a set of
system acquisition protection requirements and
objectives. Illustrate how these requirements and
objectives will be used to measure the effectiveness
of security system arrangements and how required
policy revisions to NASA security programs will be
processed. Include applicable information,
personnel, industrial, operations, product,
communications, and physical security,
survivability, anti-terrorism, and
counterintelligence aspects.
b. Threat Analysis. Describe how the threat analysis
will be evaluated and integrated, along with
adversary program objectives.
c. Conducting the Adversary Program Analysis and
Constructing the Preliminary Threat Logic Tree.
Describe the technical and analytical methods used
to identify criteria for success in adversary
program objectives and to synthesize threat models.
Scope system security technology research tasks and
explain how this research will be documented.
d. Applying Threat Rejection Logic and Documenting the
Initial Threat Logic Tree. Describe how
quantitative and qualitative values will be
established for threats and countermeasures and the
method used to document threat rejection logic.
e. Synthesizing Countermeasures. Describe the process
by which countermeasures will be synthesized.
Explain how this activity and the security system
synthesis and evaluation task will be coordinated.
f. Adversary Vulnerability Measurement. Describe
fully the method used to identify and conduct
quantitative and qualitative analysis of risks
associated with each adversary program objective.
Include the application of candidate countermeasures
and the manner in which preferred countermeasures
will be selected and documented.
g. Computing and Constructing the Summary Threat
Matrix. Describe how the completed Threat Logic Tree
will be analyzed and system security effectiveness
computed. Include the method used to document the
Summary Threat Matrix.
h. Integrating Security Functions with the System
Engineering Process. Describe the process by which
security inputs will be applied to system functional
design, requirements allocation, trade-off study,
and design specification process.
i. Security System Synthesis and Evaluation. Describe
the method by which security system hardware,
facilities, procedures, and personnel subsystems
will be synthesized and evaluated. Specify the
scope and type of research to be conducted of
existing material. Include techniques to evaluate
their applicability to security requirements.
j. Test and Evaluation. Describe the process used to
identify security test requirements and proposed
test methods.
k. Configuration Control. Describe the manner in
which system security engineering efforts will be
integrated with system configuration control
activities. Explain how proposed changes to the
system will affect security efforts.
1. With Other Contractors. Outline the methods by
which system acquisition protection efforts of
associate system contractors, subcontractors, and
vendors will be integrated within the SAPMP.
m. System Installation and Check-out. Describe how
SAP, Industrial, and Product Security efforts will
be coordinated to ensure no security vulnerability
is created during system installation and check-out.
n. Product Security. Describe how major system
components/ products will be secured at the
contractor's assembly plants. Explain the security
manpower, facilities, equipment and procedures to be
used. Include product security interface with
associate contractors, subcontractors, and vendors.
7. Other. Present any other information and
recommendations determined necessary to satisfy the
requirements of the Statement of Work.
DATA ITEM DESCRIPTION - 2
TITLE:
PRELIMINARY SYSTEM ACQUISITION PROTECTION CONCEPT (PSAPC)
DESCRIPTION/PURPOSE:
This Data Item Description (DID) is used by the contractor to
prepare the Preliminary System Acquisition Protection Concept
(PSAPC).
APPLICATION/INTERRELATIONSHIP:
Security Vulnerability Analysis is used with this DID when
paragraphs 5f through 5j are cited.
PREPARATION INSTRUCTIONS:
The PSAPC shall include the following information:
1. Program Data
a. Title. Include the complete PSAPC title.
b. Submitting Installation. List the name and address
of the NASA Center submitting the report and the
name and telephone number of a project officer or
point of contact.
c. Contract Citation. Identify the contract number and
date as listed by NASA.
d. Security Tasks. Briefly describe major security
tasks cited in the Statement of Work and related
contract documents.
e. Distribution. List the names and addresses of
government organizations and contractors receiving
copies of this concept. If necessary, list them in
an appendix and make reference to it here.
2. System Concept
a. Description. Briefly describe the system and its
major components. Cite separate configurations for
initial operational capability (IOC) and full
operational capability (FOC), if different.
b. Performance Requirements. Cite the major
performance and deployment criteria listed in the
applicable Statements of Work and other related
contract documents that affect security.
c. Reliability and Maintainability. Identify security
issues affecting system reliability, logistics
reliability, availability, and maintainability.
d. System Survivability. Show self-protection
capabilities or subsystem designs that may enhance
security (e.g., devices against tampering and
spoofing, chemical or biological radiation hardness,
nuclear hardness, nuclear and non-nuclear
electromagnetic pulse hardness, and use of passive
detection technology).
e. Preplanned Product Improvements. Describe
provisions or security implications for subsystem
growth or improvements such as modifications and
upgrades.
3. Security Subsystem Employment Data
a. General Employment Description. Describe how,
where, when, and what security subsystems will be
used and how they will be integrated with the
system(s) they support.
b. Management Structure. Describe the management data
that must be exchanged. Explain how security
subsystems will be integrated into the management
structure projected to exist when it is deployed.
c. Information Systems. Identify other information
that must be exchanged between this subsystem and
other systems, subsystems or components. Cite the
expected length of each communication link,
anticipated flow rate across each link, required
availability of each link, and so forth.
d. Security Subsystem Standardization,
Interoperability, and Commonality. Describe
requirements for joint interface and
interoperability with existing systems and
subsystems. Identify procedural and technical
interface standards incorporated in subsystem
design.
e. Operational Environment. Describe climatic and
atmospheric environmental effects and
considerations. If applicable, define the chemical
and biological environment in which equipment must
function.
4. Security Subsystem Support
a. Maintenance Planning. Outline the actions, support,
and documentation necessary to establish maintenance
concepts and requirements. Include maintenance
tasks to be accomplished for on-and-off-equipment
maintenance; and NASA and contractor mix, workloads,
and time phasing for depot maintenance. Explain the
management strategies for selecting and integrating
contractor and government furnished equipment.
b. Manpower and Personnel. Outline the projected
manpower requirements envisioned to support this
subsystem(s). Include such items as civil service
job-series codes and skill levels required and time-
phased reporting.
c. Supply Support. Show the proposed approach for
providing initial support and acquiring,
distributing, and replenishing inventory spares and
repair parts.
d. Support Equipment. Identify equipment required to
support this subsystem(s). Include ground handling
and maintenance equipment, tools, metrology and
calibration equipment, and related computer hardware
and software.
e. Training and Training Devices. Describe the
training support concept from security subsystem
design through deployment. Identify the office
responsible for developing and conducting each phase
of training. Show inventory items and training
devices by projected type, number, use, and
locations required. Outline initial and recurring
training requirements by location, type, specialty,
and fiscal year.
f. Computer Resources Support. Define special computer
program documentation, related software, source
data, facilities, hardware, etc., required for
subsystem support.
g. Facilities. Specify facility, shelter, and housing
external to system-designed survivability features.
h. Packaging, Handling, Storage, and Transportation.
Describe the requirements, resources, processes,
procedures, design considerations, and methods to
ensure security subsystems are properly preserved,
packaged, handled, and transported.
i. Related Support Factors. Describe those pertinent
support factors, considerations, or requirements not
covered elsewhere, but deemed important to the
effectiveness of the security system.
5. General Provisions for System Security. Address the
following security issues relative to overall system
deployment and operation:
a. Threat Assessment. Address security threats to the
system for design, development, and production at
IOC and throughout its projected life. Include
foreign government capabilities, peace and wartime
threats, and system-unique vulnerabilities. Make
reference to government threat documents. In
addition, cite requirements for threat analysis and
security vulnerability assessments.
b. Security Force and Procedural Requirements. These
apply to operations in support of the physical
security program.
c. Security Personnel, Facility, and Equipment
Requirements. Expressed in the quantities, type,
and configuration necessary to support the system
when deployed.
d. Emergency Security Response Planning. Reflects the
general design of the security force posture
calculated to produce the greatest invulnerability
to terrorism, sabotage, overt, and covert
penetration. It is supported by the threat and
vulnerability assessments cited in 5a, above. In
addition, briefly describe how a security reporting
and alerting system will be implemented.
e. Security Priorities for all Applicable Systems and
Components. Include security priorities for all
operational phases, including maintenance. Explain
how waivers, exceptions, and variances to security
criteria will be identified, submitted, approved,
and corrected.
f. Security Requirements from Related Security
Disciplines. Include applicable information,
personnel, product, industrial, operations,
communications and electronic security and
survivability, anti-terrorism and
counterintelligence aspects.
g. Facility and Equipment Requirements. The following
items are incorporated into the system to support
system security:
(l) The security control facility, surveillance
and control facility, security force
response facility, and entry control
facilities.
(2) Barrier systems and warning signs.
(3) Alarm annunciation and display equipment.
(4) Security force armament and duty equipment.
(5) Security force communications. Include
fixed, portable and landline requirements.
(6) Interior and exterior intrusion detection
systems.
h. Personnel Standard. Identifies security force
requirements for normal operations.
i. Security Force Logistics and Material Requirement.
Includes vehicles and associated equipment, special
purpose equipment, training aids, tool kits,
nonstandard armament, and so forth.
j. System Entry Control Requirements for All Restricted
Areas. Includes:
(l) General criteria and unique requirements
for entry control.
(2) Qualification requirements for the various
categories of people who must enter.
(3) Personnel clearance and investigative
requirements.
(4) Special training or briefing and debriefing
requirements.
(5) Authentication and duress code techniques
and procedures.
(6) Dispatch Control Procedures. Unattended or
minimally staffed locations.
(7) Description. Badge system, emergency
procedures, and personnel escort
requirements.
DATA ITEM DESCRIPTION - 3
TITLE:
SECURITY VULNERABILITY ANALYSIS
DESCRIPTION/PURPOSE:
Provides the result of contractor's actions in quantitatively
and qualitatively defined system security functional
requirements and residual security vulnerabilities. It will
be classified no lower than Secret NOFORN or Secret Restricted
Data, as applicable.
APPLICATION/INTERRELATIONSHIP:
This Data Item Description (DID) contributes to the
survivability/ vulnerability analyses. It contains the
content preparation instructions for data generated under NASA
Management Instruction .
PREPARATION INSTRUCTIONS:
1. The contractor will prepare a report summarizing the
security vulnerability analysis, including the threat
analysis, adversary program analysis, and the adversary
vulnerability measurement process. The report will
include, as a minimum:
a. A preface with narrative description of the system.
Information concerning each form of external overt
or covert method of penetration against the system
considered during system development.
b. Threat models in Threat Logic Tree format showing
their transition from preliminary to initial Threat
Logic Trees and thereafter into Summary Threat
matrix form.
c. Rationale used for threat rejection in developing
the initial Threat Logic Tree.
d. An evaluation of the conditional probabilities for
achieving each adversary program objective.
e. An assessment of security vulnerabilities related to
information, personnel, industrialization,
operations, communications, physical, computer and
product security, and TEMPEST.
DATA ITEM DESCRIPTION - 4
TITLE:
ADVERSARY PROGRAM ANALYSIS
DESCRIPTION/PURPOSE:
This Data Item Description (DID) is used by the contractor to
quantitatively describe how potential adversaries may attack
the system.
APPLICATION/INTERRELATIONSHIP:
This DID contains the content preparation instructions for
that data generated under the task described by 4c(2)(a) of
Attachment 1, NASA Management Instruction 2410.7.
PREPARATION INSTRUCTIONS:
1. The adversary program analysis will include:
a. Development of adversary program scenarios.
Information resulting from the threat analysis
(conceptual phase) will be used as the basis for the
scenarios. For each program objective, the
contractor should describe a set of approaches (a
scenario) that potential adversaries could use to
accomplish that objective.
b. Adversary success criteria should be estimated. The
estimates will be prerequisites for system
vulnerabilities.
c. Adversary models shall be synthesized and used as a
basis for evaluating security technologies and
accomplishing trade-off analysis.
DATA ITEM DESCRIPTION - 5
TITLE:
SYSTEM/SUBSYSTEM SPECIFICATION
DESCRIPTION/PURPOSE:
The System/Subsystem Specification (SS) is a technical
document prepared for systems personnel that provides
environment and design elements to provide guidance to the
program design effort.
APPLICATION/INTERRELATIONSHIP:
An SS may be prepared to guide the development of large
projects. If the system breaks down readily into subsystems,
this document may be used to prepare individual subsystem
specifications.
PREPARATION INSTRUCTIONS:
The System/Subsystem Specification shall meet the content and
format requirements of NASA Management Instruction 2410.7 and
NASA Handbook 2410.1.
DATA ITEM DESCRIPTION - 6
TITLE:
SYSTEM ACQUISITION PROTECTION STANDARD
DESCRIPTION/PURPOSE:
This Data Item Description (DID) is used to implement NASA
systems acquisition protection program operations and
procedures and as the basis for NASA security workforce,
facility, and equipment authorizations.
APPLICATION/INTERRELATIONSHIP:
In this section, explain that the proposed system acquisition
protection standard is submitted through the program office
(or designated manager) for transmittal to NASA HQ/JIS.
Explain further that the program office requires the proposed
standard no later than 12 months before the system initial
operating capability (IOC).
PREPARATION INSTRUCTIONS:
This section directs the contractor to prepare and document a
proposed system acquisition protection standard. Explain that
this standard must reflect the results of analyses and
decisions made during the execution of the SAP portion of the
Statement of Work (SOW). Explain further that its contents
must be organized and captioned according to the following
format:
1. Cover Page. On this page, give the title of the system,
state the purpose of the standard, and list the contents
of the standard, the office of primary responsibility
(OPR), and the distribution of the standard.
2. Chapter l-Security Priorities and Concepts. This
Chapter briefly describes the system and its planned
operational environment. It specifically identifies
system characteristics that generated special safety
requirements for the protection of operating,
maintenance, and security personnel. It also includes a
classification statement if necessary.
3. Chapter 2-General Provisions for Standards. This Chapter
covers the following Provisions for Standards:
a. Security requirements that apply to normal day-to-
day aerospace security support.
b. Resource applicability, which gives the basis for
funding, equipment, staffing, and personnel actions.
c. Security posture design, which reflects the general
design of the force posture calculated to produce
the greatest invulnerability to overt or covert
attack. It is supported and based on the
vulnerability analysis.
d. Priority resources.
e. Personnel security.
f. Physical security and facility requirements, which
detail the physical security facilities that are
incorporated into the system. For example, this
section describes:
(l) The central security control building.
(2) Personnel and vehicle entry control
facilities.
(3) Barrier systems.
(4) Restricted area signs.
(5) Alarm annunciation and data display
equipment.
(6) Ordnance for aerospace security forces.
(7) Security communications.
(8) Intrusion detection systems.
g. Standards for security of priority resources, which
contain facility, personnel, equipment, and
procedural standards that apply to management
systems designated as priority resources.
h. Manpower standard, which identifies and justifies
security personnel requirements based on optimum
environmental and normal system operating
conditions. The operating activity identifies local
variations in site layout and in climatic
conditions, which need not be treated in this
section.
i. Security logistics support, which justifies
logistical and material support. Subparagraphs to
this section identify requirements for:
(l) Vehicles (type, number, and use).
(2) Communications (radio [fixed, portable, remote,
or vehicular], telephone, landline, etc.).
(3) Specialized equipment (tool kits, training aids,
etc.).
j. Security entry control procedures, which describe
how to enter restricted areas that contain critical
system components and facilities. These procedures
include ways to physically control entry into
critical facilities at remote or unattended sites,
and ways to control the information individuals need
to gain entry. Personnel who have a need to enter
must positively identify themselves, by means of
secure communications, to the agency that is
monitoring security of the facility. If they
properly identify themselves, then the monitoring
agency will operate the entry system by remote
control or will give entering personnel the
information they need to operate mechanical entry
control systems at the site. However, if personnel
do not properly identify themselves, then the
security reaction system will respond, which may
mean that selective or controlled penalty techniques
are imposed.
These procedures may also rely on built-in
deterrence capabilities of the facility. Security
entry control procedures also include:
(l) General criteria and unique requirements for
entry control.
(2) Qualification standards for the various
categories of personnel who need to enter or to
have access.
(3) Personnel clearance and investigative
requirements for such personnel.
(4) Special training or briefing and debriefing
requirements. Personnel deployed in support
of the system are trained to recognize,
report, and respond properly to alarms.
Training programs for all categories of
personnel within the personnel subsystem
include security procedures based on the
premise that an attack can take place at
any time.
(5) Code and duress code techniques and
procedures.
(6) Dispatch control procedures (apply to only
unattended sites) that make sure that both
the right and the need for persons to enter
and to have access have been officially
established and that personnel who are
dispatched possess the material or
knowledge needed to gain entry or access at
their destination.
(7) Emergency procedures.
(8) Badge systems in effect.
(9) Personnel escort requirements.
k. Security force reaction procedures, which tell how
the security force or the expanded force will react
under normal or emergency conditions to security
alarms or other situations that need a response.
The measure of effectiveness of any response is
whether or not the threat is eliminated, and the
secure environment is preserved or restored. To
achieve this goal, these procedures tell how to
respond to violations of system parts that are
vulnerable to attack. Before developing these
procedures, determine the following conditions:
(l) The inherent vulnerabilities of the system.
(2) The probable nature and effect of attacks on the
system.
(3) Who will decide when to initiate a response,
notify the control agency, and monitor the
situation.
(4) Whether or not the responding elements are
thoroughly familiar with the extent of their
authority to use force, to challenge, and to
take into custody persons who violate the
security of the system.
(5) How civil law enforcement and investigative
agencies can help. Is the relationship between
responding elements and the local population
clearly set?
(6) If armed mobile response forces are needed.
(7) Where the resources available for immediate
response are currently located and what
communications they have for getting response
directions.
(8) Whether or not a central agency must be set up
to control and direct security response
procedures.
(9) If the control agency will have detailed alarm
information in time to respond effectively.
(10) If the response force can use all vehicles
(on land, at sea, or in the air).
l. The security reporting and alerting system, which
details an effective high-speed security reporting
and alerting communications network that permits a
substantial counteraction against widespread
coordinated enemy clandestine operations. This
system is associated with priority resources. This
section should specify how each level of management
will collect, transmit, display, store, and evaluate
information.
m. The waivers, exceptions, and variances, which detail
an effective system for identifying, submitting and
approving, or correcting deficiencies that could not
be corrected during the full-scale engineering
development phase.
n. Planning, which covers details for day-to-day
operations in support of the system. This section
provides general guidelines for the system security
plan, center security regulations, and combined
operating instructions. The centers security plan
serves as a basis for developing effective NASA
system security operations at centers and sites
where such resources to be protected are located.
It defines basic objectives and depicts the general
design of the operations.
o. Inspections, which detail security evaluation
criteria and procedures and set up minimum
acceptable time and performance criteria for
security exercises and tests. These inspections are
used to evaluate the effectiveness of each
activity's security program.
4. Chapter 3-Security Response Actions. This chapter
covers the means by which the security force adjusts to a
situation or event that necessitates enhancement of or a
dramatic change to the normal security posture. These
situations or events may be actual or anticipated hostile
ground actions, air attack, natural disaster, civil
disturbances, political tensions, or terrorists' attacks.
This Chapter includes formal planning criteria and
minimum security requirements, which may consist of
additional security facilities, equipment, and personnel.
5. Chapter 4-Other Essential or Unique Security Elements.
This Chapter covers all essential system-unique
requirements not covered elsewhere. It identifies
program-essential unique facilities and equipment and
support requirements and established security
requirements for these resources.
APPENDIX S: DATA ITEM DESCRIPTION (DID) FORMAT
DATA ITEM DESCRIPTION
1. Title
2. Identification No.
3. Approval Date
4. Office of Primary Responsibility (OPR)/(MMDDYY)
Action Officer/Phone Number
5. Concurrences (Office Codes)
6. Approval Limitation
7. Preparation Instructions
8. Distribution/Distribution Statement
APPENDIX T: OPSEC PLANNING GUIDE
1. BACKGROUND
a. The President signed the National Security Decision
Directive (NSDD) establishing the National
Operations Security (OPSEC) Program on January 22,
1988. The NSDD requires each executive department
and agency assigned or supporting national security
missions with classified or sensitive activities to
establish a formal Operations Security (OPSEC)
program.
b. The responsibility for the development,
implementation, and maintenance of the OPSEC program
rests with the head of each executive department or
agency. The NSDD requires heads of executive
departments and agencies to assume the following
responsibilities:
(1) Establish organizational OPSEC programs;
(2) Issue, as appropriate, OPSEC policies,
procedures, and planning guidance;
(3) Designate departmental and agency planners
for OPSEC; and
(4) Advise the National Security Council (NSC)
on OPSEC measures required of other
executive departments and agencies to
achieve and maintain effective operations
or activities.
c. Each OPSEC program is to have the following common
features:
(1) Specific assignment and responsibility for
OPSEC direction and implementation.
(2) Specific requirements to plan for and
implement OPSEC in anticipation of and,
where appropriate, during departmental or
agency activity.
(3) Direction to use OPSEC analytic techniques
to assist in identifying vulnerabilities
and to select appropriate OPSEC measures.
(4) Enactment of measures to ensure that all
personnel, commensurate with their
positions and security clearances, are
aware of hostile intelligence threats and
understand the OPSEC process.
(5) An annual review and evaluation of OPSEC
procedures in order to assist in the
improvement of OPSEC programs.
(6) Provision for interagency support and
cooperation with respect to OPSEC programs.
Note: The NSDD also directs the establishment
of the Interagency OPSEC Support Staff (IOSS) to
act as a consultant to executive departments and
agencies in establishing OPSEC programs, and
OPSEC surveys, and analyses.
2. NATIONAL OPSEC PROGRAM OBJECTIVES
a. Implement an OPSEC program within the department or
agency in satisfying NSDD requirements and instruct
subordinate organizations on their responsibilities
within the departmental or agency program.
b. Create a departmental or agency program with
sufficient flexibility to allow each subordinate
organization to establish a program suitable to its
structure and mission.
c. Provide awareness and training programs to ensure
all personnel, commensurate with their position and
security clearances, are aware of the adversaries'
capabilities and understand the OPSEC process.
Ensure that heads of subordinate organizations
implement awareness and training that is relevant to
their assigned missions and, where possible, use
case studies or lessons-learned as key instructional
tools.
d. Ensure that OPSEC is addressed from initiation
through all planning, programming, and budgeting
actions.
e. Designate an OPSEC Program Manager for the
department or agency and ensure that each
subordinate organization designates an individual as
the OPSEC Coordinator and establishes sufficient
work groups to maintain the program.
f. Identify those areas, activities, functions, data,
or information about an activity or facility of the
department or agency deemed most important to keep
from an adversary, i.e., core secrets, critical
information, sensitive operations.
g. Identify adversaries who could use the critical
information for their benefit or to the detriment of
the departmental or agency mission.
h. Identify key questions likely to be asked by
adversaries about department or agency intentions,
capabilities, or activities so they can obtain
answers critical to their operational effectiveness.
i. Identify detectable actions and information from
open sources that can be interpreted or pieced
together by an adversary to derive critical
information about departmental or agency activities
or operations.
j. Understand the adversaries' (hostile intelligence
threat) capabilities, i.e., ability to collect
indicators through observation, infiltration,
bribery, or conventional intelligence collection
means such as signals intelligence, human
intelligence, and imagery intelligence.
k. Be aware of countermeasures that can be used to deny
the adversaries the critical information.
1. Prioritize OPSEC initiatives, including surveys,
implementation of countermeasures or other OPSEC
activities, based on the relative importance of the
activity or operation, the sensitivity of the
information involved, and the capabilities of the
adversaries.
m. Understand the department's or agency's overall
OPSEC posture, that is, the extent to which OPSEC is
integrated into all of the departmental or agency
activities.
n. Be aware of problems encountered in establishing and
sustaining the department or agency OPSEC
program.
3. PROGRAM ELEMENTS-COMPONENT LEVEL
a. Issue a component directive that implements NSDD 298
and the department or agency directive.
b. Ensure that all component personnel, commensurate
with their positions and security clearances, are
aware of the hostile intelligence threat and
understand the OPSEC process.
c. Delegate, as appropriate, authority to plan, direct,
and implement OPSEC measures to the operations
element or that equivalent element of the component
primarily responsible for the accomplishment of the
component's overall mission, and designate an
official in that element as the OPSEC Coordinator
for the component. This normally should not be the
security or other support element.
d. Require each element of the component to designate
an individual whose responsibilities include
specific requirements to plan for and implement
OPSEC prior to, during, and after the execution of
operations and other activities that influence the
effectiveness of the component's mission.
e. Require each element to identify core secrets,
critical information, and sensitive operations to be
protected from the adversary intelligence threat.
f. Require each element to follow OPSEC planning
guidance, taking into account those aspects of their
activities or operations that should be protected in
light of friendly and adversary goals, estimated key
adversary questions, probable adversary knowledge,
desirable and harmful adversary appreciations, and
pertinent adversary intelligence threats.
g. Require elements to use systematic OPSEC analysis
developed for OPSEC surveys to identify
vulnerabilities and select appropriate OPSEC
measures to support specific organizational missions
and activities.
h. Establish a sufficient number of OPSEC work groups,
with multidisciplined and cross-component
representation, to perform the necessary support
functions required for an effective OPSEC program.
The working groups should develop and set priorities
for the component's OPSEC program objectives, meet
on a regular basis, and maintain records of
meetings.
i. Require elements to provide a report at least
annually on the OPSEC posture of the element and
OPSEC activities carried out.
j. Require the official designated as the OPSEC
Coordinator for the component to perform the
following tasks:
(1) Develop componentwide OPSEC policy,
guidance, and instructions.
(2) Publish an OPSEC planning guide that
establishes minimum standards for
conducting OPSEC activities.
(3) Represent the head of the component at the
departmental or agency level on OPSEC-related
matters.
(4) Manage the componentwide OPSEC program by
performing the following tasks:
(a) Planning and programming technical and
other OPSEC support for the elements,
including the conduct of OPSEC
vulnerability assessments of
componentwide or multielement
activities.
(b) Analyzing vulnerabilities detected in
the course of componentwide or
multielement assessments and
recommending potential countermeasures
as appropriate.
(5) Oversee the component OPSEC program by
performing the following tasks:
(a) Establishing and chairing a work group
to coordinate in the componentwide
OPSEC program. Ensuring that the work
group represents appropriate program
offices and field elements to provide
an active forum to discuss and assess
generic and specific OPSEC concerns.
(b) Coordinating with field elements on
OPSEC matters and providing assistance
as requested.
(c) Assessing the effectiveness of the
componentwide OPSEC program by
performing periodic reviews.
(6) Operate the componentwide office of record
for OPSEC plans and program files to assist
in developing an active OPSEC program for
component operations and other activities.
(7) Develop and maintain an OPSEC plan that
includes, at a minimum, goals, milestones,
and a timetable.
(8) Advise the head of the component of the
status of the component's OPSEC program,
including plans, developments innovations,
problems, and solutions.
k. Require the official in charge of training to
establish OPSEC awareness and training programs to
ensure that all employees are aware of their
adversaries' capabilities and understand the OPSEC
process.
SAMPLE DIRECTIVE
DATE:
NUMBER:
DIRECTIVE:
SUBJECT: Operations Security Program (cite NASA Installation)
REFERENCE: National Security Decision Directive 298,
"National Operations Security Program," dated
January 22, 1988.
A. PURPOSE
This Directive establishes the operations security
(OPSEC) program, provides policy, assigns
responsibilities, and implements reference.
B. APPLICABILITY
1. This Directive applies to (cite NASA Installation)
(hereafter referred to collectively as elements).
2. The (cite NASA Installation) OPSEC program shall be
applied to contractors when it has been determined
that such measures are necessary for the adequate
protection of critical or sensitive information,
activities or operations of the (cite Installation),
its elements directly or indirectly associated with
a specific contract.
C. DEFINITIONS
1. Operations Security (OPSEC). A systematic and
analytic process by which the U.S. Government and
its supporting contractors can deny to potential
adversaries information about capabilities and
intentions by identifying, controlling, and
protecting evidence of the planning and execution of
sensitive activities and operations.
2. Critical Information. Information that must be
protected from loss to keep an adversary from
gaining a significant operational, economic,
political, or technological advantage and prevent
adverse impact on friendly mission accomplishment.
D. POLICY
1. In accordance with reference, each element shall
establish a formal OPSEC program with the following
common features:
a. Specific assignment of responsibility for OPSEC
direction and implementation;
b. Specific requirements to plan for and implement
OPSEC in anticipation of and, where appropriate,
during element activity;
c. Use of OPSEC analytical techniques to assist in
identifying OPSEC vulnerabilities and to select
appropriate OPSEC measures; and
d. Measures to ensure that all personnel,
commensurate with their positions and security
clearances, are aware of hostile intelligence
threats and understand the OPSEC process.
e. Requirement for an annual review and evaluation
of this OPSEC program to determine its
effectiveness in the preceding year and to
develop recommendations on improvements for the
next year and the longer term. The annual
report shall be submitted to the Chief, NASA
Security Office for review and approval.
f. Provisions for cross element and interagency
support and cooperation with respect to OPSEC
programs.
2. The Chief, NASA Security Office must be advised on
OPSEC measures required of other NASA Installations
or other departments and agencies of the U.S.
Government to achieve and maintain effective
operations or activities.
3. OPSEC is a management responsibility. Supervisors
at all levels are responsible for maintaining their
organization's OPSEC program.
4. Authority to plan, direct, and implement OPSEC
measures may be delegated, as appropriate, to the
operation's unit or an equivalent unit of the
element primarily responsible for the accomplishment
of the element's overall mission. This normally
should not be the Installation Security or other
support unit.
5. OPSEC must be addressed from initiation of all
planning, programming, and budgeting actions.
E. RESPONSIBILITIES
1. The (cite title) for (cite element) is hereby
appointed as (cite NASA Installation) OPSEC Program
Manager and shall perform the following tasks:
a. Develop OPSEC policy, guidance, and
instructions.
b. Publish an OPSEC planning guide that establishes
minimum standards for conducting OPSEC
activities.
c. Provide representation at agency level on OPSEC-
related matters.
d. Operate the office of record for OPSEC plans and
program files.
e. Develop and maintain an OPSEC plan that
includes, at a minimum, goals, milestones, and a
timetable.
f. Advise the Installation Director of the status
of the (cite NASA Installation) OPSEC Program,
to include plans, developments, innovations,
problems, and solutions.
g. Manage the (cite NASA Installation)-OPSEC
Program by performing the following tasks:
(l) Planning and programming technical and
other OPSEC support for the elements,
including the conduct of OPSEC
vulnerability assessments of (cite
Installation)-wide or multi-element
activities.
(2) Analyzing vulnerabilities detected in
the course of (cite NASA
Installation)-wide assessments, and
recommending potential countermeasures
as appropriate.
h. Conduct oversight of the OPSEC Program by
performing the following tasks:
(l) Establishing and chairing a working
group to manage the OPSEC Program.
The working group should be composed
of members from all major elements
and, as appropriate, support elements,
and provide an active forum to discuss
and assess generic and specific OPSEC
concerns. The working group should
develop and set priorities for the
OPSEC program objectives, meet on a
regular basis, and maintain records of
meetings.
(2) Coordinating with all elements on
OPSEC matters and providing assistance
as requested.
(3) Assessing the effectiveness of the
OPSEC program by performing periodic
reviews.
2. Installation Directors shall perform the following
tasks:
a. Designate an individual whose responsibilities
shall include specific requirements to plan for
and implement OPSEC prior to, during and after
execution of operations and other activities
that impact on mission effectiveness.
b. Identify its core secrets, critical information
and sensitive operations that must be protected
from the adversary intelligence threat.
c. Follow NASA Security Office OPSEC planning
guidance taking into account those aspects of
activities or operations that should be
protected in light of friendly and adversary
goals, estimated key adversary questions,
probable adversary knowledge, desirable and
harmful appreciations, and pertinent adversary
intelligence threats.
d. Use systematic OPSEC analysis developed for
OPSEC surveys to identify vulnerabilities and
select appropriate OPSEC measures to support
specific missions and activities.
e. Establish OPSEC working groups, with
multidisciplined and cross representation, to
perform the necessary support functions required
for an effective OPSEC program.
f. Provide a report at least annually on the OPSEC
posture and the OPSEC activities of the
Installation.
3. The ICS shall perform the following tasks:
a. Establish training programs that will ensure
that all employees understand the OPSEC process
and are aware of the adversaries' intelligence
capabilities.
b. Provide technical OPSEC training to those
individuals who are involved in the conduct of
OPSEC surveys.
APPENDIX U: OPERATION SECURITY GLOSSARY
1. DEFINITIONS
Acceptable Level of Risk. The level at which an Automated
Information System (AIS) is deemed to meet the minimum
requirements of applicable security directives as determined
by an assessment made by the appropriate designated approving
authority (National INFOSEC Glossary, October 1988).
Access Control Mechanism. Hardware or software features,
operating procedures, management procedures, and various
combinations of these designed to prevent unauthorized access,
and to permit authorized access to information within an
automated system (National INFOSEC Glossary, October 1988).
Acoustical Intelligence (ACOUSTINT). Intelligence information
derived from analysis of acoustic waves radiated either
intentionally or unintentionally by the target into
surrounding medium (Glossary of Intelligence Terms and
Definitions, June 1989). NOTE: In Naval usage, the acronym
ACINT is used and usually refers to intelligence derived
specifically from analysis of underwater acoustic waves from
ships and submarines. The technical and intelligence
information derived from foreign sources that generate waves.
Administratively Controlled Information. Privileged but
unclassified material bearing designations such as FOR
OFFICIAL USE ONLY or LIMITED OFFICIAL USE to prevent
disclosure to unauthorized persons (Glossary of Intelligence
Terms and Definitions, June 1978).
Administrative Security. The management constraints and
supplemental controls established to provide an acceptable
level of protection for data (National INFOSEC Glossary,
October 1988). NOTE: Synonymous with procedural security.
Adversary. Those individuals or organizations that must be
denied critical information to maintain friendly mission
effectiveness.
Agent. A person who engages in clandestine intelligence
activity under the direction of an intelligence organization
but who is not an officer, employee, or co-opted worker of
that organization (Glossary of Intelligence Terms and
Definitions, June 1989).
Appreciations. Personal conclusions, official estimates, and
assumptions about another party's intentions, capabilities,
and activities used in planning and decisionmaking.
1. Desired Appreciations. Adverse personal conclusions
and official estimates, valid or invalid, that
result in adverse behaviors and official actions
advantageous to friendly interests and objectives.
2. Harmful Appreciations. Adverse personal
conclusions, official estimates, or assumptions,
valid or invalid, that result in adverse behaviors
and official actions harmful to friendly interests
and objectives (JCS MOP 199, March 1989).
Assessment. An analysis of the threat to or the
vulnerabilities of a telecommunications or automated
information processing system or activity (National INFOSEC
Glossary, October 1988).
Audit. The independent review and examination of records and
activities to test for adequacy of system controls, to ensure
compliance with established controls, to ensure compliance
with established policy and operational procedures, and to
recommend any indicated changes in controls, policy, or
procedures (National INFOSEC Glossary, October 1988). NOTE:
An audit may be conducted by personnel responsible to the
management of the organization being audited (internal) or by
an organization independent of the one being audited (external).
Automated Data Processing. See automated information systems.
Automated Information Systems. Systems that collect, create,
prepare, or manipulate information in electronic form for
purposes other than device control or telecommunications
(National INFOSEC Glossary, October 1988). NOTE: Includes
computers, word processing systems, other electronic
information handling systems, and associated equipment.
Automated Information Systems Security. The totality of
security safeguards used to provide a defined level of
protection to an automated information system and data handled
by it (National INFOSEC Glossary, October 1988). NOTE: See
telecommunications and automated information systems security.
Carve-out. A classified contract issued in connection with an
approved Special Access Program in which the Defense
Investigative Service has been relieved of inspection
responsibility in whole or in part under the Defense
Industrial Security Program (DoD Directive 5200.lR,
Information Security Program Regulation).
Category. A restrictive label that has been applied to
classified or unclassified data as a means of increasing the
protection of the data by further restricting access to the
data (National INFOSEC Glossary, October 1988). NOTE:
Examples include Sensitive Compartmented Information (SCI),
Proprietary Information (PROPIN), and NATO Information.
Individuals are granted access to special category information
only after being granted formal access authorization.
Categories of Data. In the context of perception management
and its constituent approaches, data obtained by adversarial
individuals, groups, intelligence systems, and officials are
categorized in two ways:
1. Information. A compilation of data provided by
secret or open sources that would provide a
substantially complete picture of friendly
intentions, capabilities, or activities.
2. Indicators. Data derived from open sources or from
detectable actions that adversaries can piece together or
interpret to reach personal conclusions or official
estimates concerning friendly intentions, capabilities,
or activities.
NOTE: For OPSEC purposes, actions that convey indicators
exploitable by adversaries, but that must be carried out
regardless, to plan, prepare for, and execute activities,
are called "observable" (JCS MOP l9g, March 1989).
Classified Information. Official information regarding the
national security that has been designated Top Secret, Secret,
or Confidential in accordance with Executive Order 12356
(National INFOSEC Glossary, October 1988).
Communications Cover. The concealing or altering of
characteristic communications patterns to hide information
that could be of value to an adversary (National INFOSEC
Glossary, October 1988).
Communications Deception. Deliberate transmission,
retransmission, or alteration of communications to mislead an
adversary in his interpretation of the communications
(National INFOSEC Glossary, October 1988).
Communications Intelligence (COMINT). Technical and
intelligence information derived from interception of foreign
communications by other than the intended recipients; it does
not include the monitoring of foreign public media or the
interception of communications obtained during the course of
counterintelligence investigations within the United States.
COMINT includes the fields of traffic analysis, cryptanalysis,
and direction finding (Glossary of Intelligence Terms and
Definitions, June 1989).
Communications Profile. An analytic model of communications
associated with an organization or activity (National INFOSEC
Glossary, October 1988). NOTE: The model is prepared from a
systematic examination of communications content and patterns,
their reflections, and the COMSEC measures applied.
Communications Security (COMSEC). Measures taken to deny
unauthorized persons information derived from
telecommunications of the U.S. Government concerning national
security, and to ensure the authenticity of such
telecommunications (National INFOSEC Glossary, October 1988).
NOTE: COMSEC includes cryptosecurity, emission security,
transmission security, and physical security of COMSEC
material and information. See also telecommunications and
automated information systems security.
Communications Security Monitoring. The act of listening to
or recording telecommunications transmissions of a U.S.
organization to provide material for analysis to determine the
degree of security being provided to those transmissions
(National INFOSEC Glossary, October 1988).
Communications Security Survey. The organized collection of
COMSEC and communications data relative to a given operation,
system, or organization (National INFOSEC Glossary, October
1988).
Compartmentation. Formal system of restricted access to
intelligence activities, such systems established by and/or
managed under the cognizance of the Director of Central
Intelligence to protect the sensitive aspects of sources,
methods, and analytical procedures of foreign intelligence
programs (Glossary of Intelligence Terms and Definitions, June
1989). NOTE: See also decompartmentation.
Compromise. The exposure of classified official information
or activities to persons not authorized access thereto, i.e.,
unauthorized disclosure (Glossary of Intelligence Terms and
Definitions, June 1989). NOTE: See classified information.
Compromising Emanations. Unintentional data-related or
intelligence-bearing signals emitted from telecommunications
or information processing equipment or systems (National
INFOSEC Glossary, October 1988). NOTE: If intercepted and
analyzed, compromising emanations can disclose classified or
sensitive unclassified information transmitted, received, or
processed by equipment or system. Also referred to as
TEMPEST.
Computer Security (COMPUSEC).
1. The protection resulting from all measures designed
to prevent deliberate or inadvertent unauthorized
access, disclosure, acquisition, manipulation,
modification, or loss of information in a computer
system.
2. The computer-driven aspects of automated information
system security encompassing the mechanisms and
techniques that control access to or use of the
computer or information stored in it.
3. The technical, administrative, and programmatic
means to ensure correct, timely, and accountable
delivery of appropriate information to authorized
customers to ensure accountable delivery of
appropriate information to authorized customers
through automation. See also automated information
systems security (Glossary of Intelligence Terms and
Definitions, June 1989).
Computer Security Technical Vulnerability Reporting Program
(CSTVRP). A program that focuses on technical vulnerabilities
in commercially available hardware, firmware, and software
products acquired by the Department of Defense (DoD) (National
INFOSEC Glossary, October 1988). NOTE: CSTVRP provides
reporting, cataloging, and discreet dissemination of technical
vulnerability and corrective information to DoD components on
a need-to-know basis.
Confidentiality. The concept of holding sensitive data in
confidence, limited to an appropriate set of individuals or
organizations (National INFOSEC Glossary, October 1988).
Confidential Source. Any individual or organization that has
provided, or that may reasonably be expected to provide,
information to the United States on matters pertaining to the
national security with the expectation, expressed or implied,
that the information or relationship, or both, be held in
confidence (DoD Directive 5200.lR Information Security Program
Regulation).
Confinement. The prevention of the leaking of sensitive data
from a program (National INFOSEC Glossary, October 1988).
Controlled Information. Information conveyed to an adversary
in a deceptive operation to evoke desired appreciations (JCS
PUB 18, Dec. 1982).
Counterintelligence. Information gathered and activities
conducted to protect against espionage, other intelligence
activities, sabotage, or assassinations conducted for or on
behalf of foreign powers, organizations, persons, or terrorist
activities, but not including personnel, physical, document,
or communications security programs. See foreign
counterintelligence (Glossary of Intelligence Terms and
Definitions, June 1989).
Critical Information. Information that must be protected from
loss to keep an adversary from gaining a significant
operational, economic, political, or technological advantage,
and prevent adverse impact on friendly mission accomplishment.
Cryptanalysis. The operations performed in converting
encrypted messages to plain text without initial knowledge of
the algorithm and/or key employed in the encryption (National
INFOSEC Glossary, October 1988).
Cryptology. The science and activities that deal with hidden,
disguised, or encrypted communications (National INFOSEC
Glossary, October 1988). NOTE: Cryptology includes COMSEC
and COMINT.
Deception Means. Methods, resources, and techniques that can
be used to convey or deny information:
1. Administrative Means. Resources, methods, and techniques
designed to convey or deny oral, pictorial, documentary,
or other physical evidence.
2. Physical Means. Activities and resources used to
convey or deny selected information. (Examples:
military operations, including exercises,
reconnaissances, training activities, and movement
of forces; the use of dummy equipment and devices;
tactics; bases, logistic actions, stockpiles,
maintenance, and repair activities; and test and
evaluation activities.)
3. Technical Means. Military material resources and their
associated operating techniques used to convey or deny
selected information through the deliberate radiation,
reradiation, alteration, absorption, or reflection of
energy; the emission or suppression of chemical
biological odors; and the emission or suppression of
nuclear particles (JCS PUB 18, Dec. 1982).
Declassification. Removal of official information from the
protective status afforded by security classification; it
requires a determination that disclosure no longer would be
detrimental to national security (Glossary of Intelligence
Terms and Definitions, June 1989).
Decompartmentation. The removal of materials, information or
products from a compartmented system without altering them to
conceal sources, methods, or analytical procedures (Glossary
of Intelligence Terms and Definitions, June 1989).
Detectable Actions. Physical actions or entities that can be
observed, imaged, or detected by human senses or by active and
passive technical sensors, including emissions that can be
intercepted (JCS MOP 199, March 1989).
Direction Finding (DF). A procedure for obtaining bearings on
radio frequency emitters with the use of a directional antenna
and a display unit with an intercept receiver or ancillary
equipment (Glossary of Intelligence Terms and Definitions,
June 1989).
Disclosure. The authorized release of classified information
through approved channels (Glossary of Intelligence Terms and
Definitions, June 1989).
Eavesdropping. The unauthorized interception of information-
bearing emanations through the use of methods other than
wiretapping (National INFOSEC Glossary, October 1988).
Economic Assessment. A detailed study of security measures,
their technical and operational feasibility, and their
associated costs and benefits (National INFOSEC Glossary,
October 1988). NOTE: Economic assessments aid in planning
and selecting security measures.
Economic Intelligence. Intelligence regarding foreign
economic resources, activities, and policies including the
production, distribution, and consumption of goods and
services, labor, finance, taxation, and other aspects of the
international economic system (Glossary of Intelligence Terms
and Definitions, June 1989).
Electro-optical Intelligence (ELECTRO-OPTINT). Intelligence
information derived from the optical monitoring of the
electromagnetic spectrum from ultraviolet (0.01 micrometers)
through far (long wavelength) infrared (1,000 micrometers)
(Glossary of Intelligence Terms and Definitions, June 1989).
NOTE: Also see optical intelligence.
Electronic Intelligence (ELINT). Technical and intelligence
information derived from foreign noncommunications
transmissions by other than the intended recipients.
Technical and intelligence information derived from foreign
noncommunications electromagnetic radiations emanating from
other than atomic detonation or radioactive sources (Glossary
of Intelligence Terms and Definitions, June 1989).
Electronics Security (ELSEC). The protection resulting from
all measures designed to deny unauthorized persons information
of value that might be derived from the interception and
analysis of noncommunications electromagnetic radiations, such
as radar (National INFOSEC Glossary, October 1988).
Emissions Security (EMSEC). The protection resulting from all
measures taken to deny unauthorized persons information of
value that might be derived from the interception and analysis
of compromising emanations from crypto-equipment, automated
information systems, and telecommunications systems (National
INFOSEC Glossary, October 1988).
Energy Intelligence. Intelligence relating to the technical,
economic, and political capabilities and programs of foreign
countries to engage in development, utilization, and commerce
of basic and advanced energy technologies. This includes the
location and extent of foreign energy resources and their
allocation; foreign government energy policies, plans, and
programs; new and improved foreign energy technologies; and
economic and security aspects of foreign energy supply,
demand, production, distribution, and utilization (Glossary of
Intelligence Terms and Definitions, June 1989).
Espionage. Intelligence activity directed toward the
acquisition of information through clandestine means and
proscribed by the laws of the country against which it is
committed (Glossary of Intelligence Terms and Definitions,
June 1989).
Essential Elements of Friendly Information (EEFI). Key
questions about friendly intentions and military capabilities
likely to be asked by opposing planners and decision makers
(JCS PUB 18, Dec. 1982).
Essential Secrecy. Adversary unknowns or uncertainties about
specific factual friendly intentions, capabilities, and
activities vitally needed by adversaries for them to plan and
act effectively so as to guarantee failure or unacceptable
consequences for friendly mission accomplishment.
Exploitation. The process of obtaining intelligence
information from any source and taking advantage of it for
intelligence purposes. NOTE: Also see source (Glossary of
Intelligence Terms and Definitions, June 1989).
Foreign Counterintelligence (FCI). Intelligence activity,
with its resultant product, intended to detect, counteract,
and/or prevent espionage and other clandestine intelligence
activities, sabotage, international terrorist activities, or
assassinations conducted for or on behalf of foreign powers,
organizations, or persons; it does not include personnel,
physical, document, or communications security programs
(Glossary of Intelligence Terms and Definitions, June 1989).
Foreign Government Information. Information that is:
1. Provided to the United States by a foreign
government or governments, an international
organization of governments, or any element thereof
with the expectation, expressed or implied, that the
information, the source of the information, or both,
are to be held in confidence; or
2. Produced by the United States pursuant to or as a
result of a joint arrangement with a foreign
government or governments or an international
organization of governments, or any element thereof,
requiring that the information, the arrangement, or
both, are to be held in confidence (DoD 5200.lR
Information Security Program Regulation).
Foreign Instrumentation Signals (FIS). Electromagnetic
emissions associated with the testing and operational
deployment of non-U.S. aerospace, surface, and subsurface
systems that may have either military or civilian application;
it includes but is not limited to the signals fromtelemetry,
beaconry, electronic interrogators, tracking/fusing/
arming/command systems, and video data links (Glossary of
Intelligence Terms and Definitions, June 1989).
Foreign Instrumentation Signals Intelligence (FISINT).
Technical and intelligence information derived from intercept
of foreign instrumentation signals (Glossary of Intelligence
Terms and Definitions, June 1989).
Foreign Material (FORMAT) Intelligence. Intelligence derived
from the exploitation of foreign equipment, subsystems,
components, or other material (Glossary of Intelligence Terms
and Definitions, June 1989).
Friendly. Those individuals or organizations involved in the
specific sensitive operation or activity who have a need-to-
know.
Geographic(al) Intelligence. Foreign intelligence dealing
with the location, description, and analysis of physical and
cultural factors of the world (e.g., terrain, climate, natural
resources, transportation, boundaries, population
distribution) and their changes through time (Glossary of
Intelligence Terms and Definitions, June 1989).
Hostile Cognizant Agent. A person who is authorized access to
classified or sensitive unclassified information and who
intentionally makes that information available to a member of
a hostile intelligence service or other group whose goals are
inimical to the interests of the United States Government or
its allies (National INFOSEC Glossary, October 1988).
Hostile Threat Environment. An area that contains known
threats over which one possesses little or no control
(National INFOSEC Glossary, October 1988). NOTE: Some
diplomatic facilities and tactical military units may be
located in a hostile threat environment.
Human Intelligence (HUMINT). A category of intelligence
information derived from human sources (Glossary of
Intelligence Terms and Definitions, June 1989).
Human Source. A person who wittingly or unwittingly conveys
by any means information of potential intelligence value
(Glossary of Intelligence Terms and Definitions, June 1989).
Imagery. Representations of objects reproduced electronically
or by optical means on film, electronic display devices, or
other media (Glossary of Intelligence Terms and Definitions,
June 1989).
Imagery Intelligence (IMINT). The products of imagery and
photographic interpretation processed for intelligence use
(Glossary of Intelligence Terms and Definitions, June 1989).
Imagery Interpretation (II). The process of locating,
recognizing, identifying, and describing objects, activities,
and terrain represented by imagery; it includes photographic
interpretation (Glossary of Intelligence Terms and
Definitions, June 1989).
Imitative Communications Deception. Introduction of deceptive
messages or signals into an adversary's telecommunications
signals (National INFOSEC Glossary, October 1988).
Inadvertent Disclosure. Accidental exposure of sensitive
information to a person not authorized access (National
INFOSEC Glossary, October 1988). NOTE: This may result in a
compromise or a need-to-know violation.
Indicator. An event, observation, or value used to measure an
abstract concept. An item of information that reflects the
intention or capability of a potential enemy to adopt or
reject a course of action. An action-specific, generalized,
or theoretical-that an enemy might be expected to take in
preparation for an aggressive act (Glossary of Intelligence
Terms and Definitions, June 1989).
Information and Indicator Sources. Data, material, and
actions that provide information and indicators. The sources
are categorized as follows:
1. Secret Sources. Friendly personnel, documents, material,
etc., possessing classified or sensitive information.
2. Open Sources. Oral, documentary, pictorial, and physical
materials accessible to the public, or overt contacts
with adversary parties.
3. Detectable Actions. Physical actions or entities that
can be observed, imaged, or detected by active or passive
sensors. Also includes emissions that can be
intercepted.
Information Security (INFOSEC). The discipline covering the
protection of classified national security information by the
application of the rules and procedures established by
Executive Order 12356. It includes classification,
declassification, marking, mandatory review, oversight, etc.
The procedures pertaining to both communications security and
computer security (Glossary of Intelligence Terms and
Definitions, June 1989).
Information Systems Security. The protection afforded
information systems to preserve the availability, integrity,
and confidentiality of the systems and the information
contained within the systems. Such protection is the
application of the combination of all security disciplines
that will at a minimum include: COMSEC, TEMPEST, COMPUSEC,
personnel security, industrial security, resource protection,
and physical security (Glossary of Intelligence Terms and
Definitions, June 1989). NOTE: Others define this as
INFOSEC. See also telecommunications and automated
information systems security (TIASS).
Infrared Imagery. A likeness or impression produced as a
result of sensing electromagnetic radiations emitted or
reflected from a given target surface in the infrared portion
of the electromagnetic spectrum (Glossary of Intelligence
Terms and Definitions, June 1989).
Intelligence Cycle. The processes by which information is
acquired and converted into intelligence and made available to
customers. There are usually five steps in the cycle:
1. Planning and Direction. Determination of
intelligence requirements, preparation of a
collection plan, issuance of orders, requests to
information collection entities, and a continuous
check on the productivity of collection entities.
2. Collection. Acquisition of information or intelligence
information and the provision of this to processing
and/or production elements.
3. Processing. Conversion of collected information
and/or intelligence information into a form more
suitable for the production of intelligence.
4. Production. Conversion of information or
intelligence information into finished intelligence
through the integration, analysis, evaluation,
and/or interpretation of all available data and the
preparation of intelligence products in support of
known or anticipated customer requirements.
5. Dissemination. Timely conveyance of intelligence in
suitable form to customers (Glossary of Intelligence
Terms and Definitions, June 1989).
Intelligence Information. Information of potential
intelligence value concerning the capabilities, intentions,
and activities of any foreign power, organization, or
associated personnel (Glossary of Intelligence Terms and
Definitions, June 1989).
Intelligence Life. The length of time during which
information remains important enough to protect (National
INFOSEC Glossary, October 1988).
Intelligence System. Any formal or informal system to manage
data gathering, to obtain and process the data, and to provide
reasoned judgments to decision makers as a basis for action.
The term is not limited to intelligence organizations or
services, but includes any system in all its parts that
accomplishes the listed tasks.
Intrusion Detection System (IDS). A system designed to detect
and signal the entry of unauthorized persons into a protected
area, such as security alarms, sensor systems, or video
systems (National INFOSEC Glossary, October 1988).
Laser Intelligence (LASINT). Technical and intelligence
information derived from laser systems; it is a subcategory of
electro-optical intelligence (Glossary of Intelligence Terms
and Definitions, June 1989).
Limited Access Area. An area in which uncontrolled movement
of persons would allow access to classified information, but
in which such access is prevented by escort or other internal
restrictions or controls (National INFOSEC Glossary, October
1988).
Low Probability of Detection (LPD). Measures used to hide or
disguise intentional electromagnetic transmissions (National
INFOSEC Glossary, October 1988).
Manipulative Communications Deception. The alteration or
simulation of friendly telecommunications for the purpose of
deception (National INFOSEC Glossary, October 1988). NOTE:
May consist of any or all of the following: establishment of
bogus communications structures, transmission of deception
messages, expansion or creation of communications schedules on
existing structures to display an artificial volume of
messages.
Meaconing. A system for receiving radio beacon signals and
retransmitting them on the same frequency to confuse
navigation and cause inaccurate bearings to be obtained by
beacon users (National INFOSEC Glossary, October 1988).
Meaconing, Intrusion, Jamming and Interference (MIJI). A
collective name for all of the types of jamming or other
interference that may be used against electromagnetic
equipment or systems (National INFOSEC Glossary, October
1988).
Measurement and Signature Intelligence (MASINT). Scientific
and technical intelligence information obtained by
quantitative and qualitative analysis of data (metric, angle,
spatial, wavelength, time dependence, modulation, plasma, and
hydromagnetic) derived from specific technical sensors for the
purpose of identifying any distinctive features associated
with the source emitter or sender and to facilitate subsequent
identification and/or measurement of the same (Glossary of
Intelligence Terms and Definitions, June 1989).
Medical Intelligence (MEDINT). Medical scientific, technical,
and biological intelligence that assesses and predicts
technological advances of medical significance to include
defense against chemical, biological, and radiological
warfare; it applies to both tactical and strategic planning
and operations, including military and humanitarian efforts
(Glossary of Intelligence Terms and Definitions, June 1989).
National Computer Security Assessment Program (NCSAP). A
program designed to evaluate the interrelationship of
empirical data of computer security infractions and that of
critical systems profiles, while comprehensively incorporating
information from the Computer Security Technical Vulnerability
Reporting Program (National INFOSEC Glossary, October 1988).
NOTE: Assessments build threat and vulnerability scenarios
that are based on a collection of facts from relevant reported
cases. Such scenarios are a powerful, dramatic, and concise
form of representing the value of loss experience analysis.
National Security Information. Classified information related
to the national defense or foreign relations of the United
States (National INFOSEC Glossary, October 1988).
Need-to-Know. The necessity for access to, knowledge of, or
possession of specific information required to carry out
official duties (National INFOSEC Glossary, October 1988).
Nuclear Intelligence (NUCINT). Intelligence derived from the
collection and analysis of radiation and other effects
resulting from radioactive resources (Glossary of Intelligence
Terms and Definitions, June 1989).
Nuclear Proliferation Intelligence. Foreign intelligence
relating to:
1. Scientific, technical, and economic capabilities and
programs and the political plans and intentions of
non-nuclear weapon states or foreign organizations
to acquire nuclear weapons and/or to acquire the
requisite special nuclear materials and to carry on
research, development, and the manufacturing of
nuclear explosive devices; and
2. The attitudes, policies, and actions of foreign
nuclear supplier countries toward provision of
technologies, facilities, or special nuclear
materials that could assist non-nuclear weapon
states or foreign organizations to acquire or
develop nuclear explosive devices (Glossary of
Intelligence Terms and Definitions, June 1989).