Collaboration, cooperation secure emergency response capability.
Although industry shoulders the ultimate responsibility for the health and well-being of the U.S. telecommunications infrastructure, the federal government is working to ensure the continued operation of systems that touch almost every aspect of life—from emergency services to economic stability. Key among the government’s concerns are the security and reliability of the systems on which national security and emergency preparedness depend.
The relative soundness of communications systems has created a reliance on them that in some ways has become one of the greatest information age vulnerabilities. The terrorist attacks of September 11 boldly illustrated this point. The good news is that, despite confusion and congestion, emergency personnel were able to respond to calls for help and most businesses were able to continue operating. But the attacks also demonstrated that a government that relies so heavily on commercial systems must find ways to ensure that connections will be available under all conditions. Today’s world of asymmetric threats intensifies this requirement.
Because an estimated 95 percent of the government’s national security and emergency preparedness (NS/EP) communications are carried over commercial networks, federal agencies are keenly interested in their security. Several organizations have been established during the past 40 years to cultivate a strong relationship between the commercial sector and the government. Initially, these groups were concerned with telephone communications. But as the Internet became a primary communications means and wireless technologies became common place, these organizations broadened their scope.
Over the years, the need for industry and government cooperation instigated the formation of several organizations that include representatives from both sectors. In 1984, the National Coordinating Center for Telecommunications (NCC) was launched to assist industry and government in the initiation, coordination, restoration and reconstitution of NS/EP communications. Today, the NCC, which is collocated with the National Communications System (NCS) in Arlington, Virginia, includes full-time industry and government representatives who serve as liaisons with their parent organizations. The departments of State, Defense, Justice and Commerce as well as the Federal Emergency Management Agency, General Services Administration and Federal Communications Commission present the government’s interests. Industry members include AT&T, Cisco Systems, Lockheed Martin and the U.S. Telecom Association.
The NCC is the lead organization in the nation’s information sharing and analysis center (ISAC) for telecommunications. The NCC-ISAC facilitates voluntary collaboration and information sharing among its participants, which include both government and industry members. Its participants gather information on vulnerabilities, threats, intrusions and anomalies. The center then uses an information sharing and analysis system to evaluate the data. The system provides advanced automation, analysis, modeling, data fusion and correlation processes to support the near-real-time exchange of critical information about vulnerabilities and threats that could affect the telecommunications infrastructure. Although the system facilitates sharing of information, the source of the data is not revealed to members.
The NCS is one of the major organizations responsible for the viability of the NS/EP communications infrastructure. It comprises more than 20 federal departments and agencies, and its mission has evolved over the decades from the initial vision of linking federal agencies to becoming a major player in critical infrastructure protection in the information age. Lt. Gen. Harry D. Raduege Jr., USAF, director of the Defense Information Systems Agency, heads the NCS.
Fred Herr, chief of the operations division, Office of the Manager, National Communications System (OMNCS), points out that the mission changed as the use of information technology expanded. “Because these same networks carry communications critical to the operation of other critical infrastructure—for example, financial services and transportation—the economic well-being of the country depends on them,” he says.
One of NCS’ focus areas is providing NS/EP communications capability in all-hazards environments. These range from cable cuts to nuclear war and include natural disasters, terrorist attacks and cyberattacks.
“NCS programs such as the Government Emergency Telecommunications Service [GETS] and Telecommunications Service Priority [TSP] system ensure that government NS/EP communications needs get priority if there are problems in the network,” Herr continues.
GETS provides federal, state and local government NS/EP users with a ubiquitous switched voice and voice-band data communications service. It was developed in response to a White House tasking to provide emergency access and specialized processing in local and long-distance telephone networks. The public switched network (PSN) is the backbone for the service, and GETS can be accessed through the Federal Telecommunications Service, the Diplomatic Telecommunications Service and the Defense Information System Network. It is maintained in a constant state of readiness that maximizes the use of all available telephone resources in the event of congestion or outages caused by emergency, crisis or war, Herr explains.
Users must provide a personal identification number to enter the system. As a result, only authorized users can gain access to GETS features, protecting against fraud.
GETS calls use enhancements to the PSN’s interconnecting paths between switches. Numerous switch failures in the PSN could occur without disrupting GETS calls. A high-probability-of-completion identifier is carried across the signaling network and triggers priority features such as trunk queuing and trunk reservation. An exemption from restrictive network management controls helps to speed priority messages past network congestion.
The TSP is the regulatory, administrative and operational system that authorizes priority treatment of NS/EP telecommunications services. Users include the national security leadership and warning systems. In addition, priority is given to communications from organizations that support public health, safety, law enforcement and the national economic posture. A federal organization can sponsor state, local and foreign governments as well as commercial companies so they can obtain TSP restoration or provisioning priority.
The OMNCS uses various technologies to monitor the status of the PSN. To analyze different operational aspects of the telecommunications network, the OMNCS developed the Network Design and Analysis Capability (NDAC), which allows the NCS to review the operations of the PSN, including Internet protocol (IP), Internet telephony and next-generation packet switched IP networks under various conditions. It also can detect and help mitigate damage caused by accident or attack.
NDAC software comprises tools, models and telecommunications databases that analysts use to assess network performance, conduct modeling and simulation tasks, and visualize network topologies. It is a combination of technology, databases and published material. Microsoft’s Internet Information Server, Macromedia’s ColdFusion and Oracle’s LECMap are the technical components. Databases that are used include the Enhanced Microwave Environmental Link File and the Federal Communications Commission’s Outage Database. Publications such as the Roaming Implementation Service Guide and the Local Exchange Routing Guide also furnish data. In addition to assessing the current status of the networks, NDAC examines how emerging technologies would affect the PSN and specifically how they would change future NS/EP requirements.
Baseline information about a normal operating PSN can be compared to data gathered in stressed conditions to determine reliability, interoperability and survivability characteristics. For example, a comparison of priority call treatment can help predict GETS increased call completion probability and establish end-to-end connectivity benefits provided to NS/EP users. The viability of NDAC relies on up-to-date commercial provider input about carrier facilities.
The NCS also is developing two new capabilities that are not dependent on public networks so communications can be maintained if the PSN is not available, Herr reports.
“The Alerting and Coordinating Network was developed by Bellcore, the predecessor to the National Telecommunications Alliance, for the regional Bell operating companies to coordinate among themselves and with their vendors in the event of significant network problems. When the National Telecommunications Alliance went out of business at the end of 2000, the NCS took over the Alerting and Coordinating Network as a backup communications capability through which we could contact the carriers and major vendors,” Herr explains.
The NCS also is developing the Cyber Warning Information Network in response to a tasking from the National Security Council. Its mission is to provide a way to communicate cyberwarnings to and share information among government and private sector organizations.
Herr points out that NS/EP support plans are not limited to the obvious means of communication. The Shared Resources High Frequency Radio Program (SHARES) provides the federal emergency response community with a single interagency message handling system for the transmission of information. “SHARES is made up of a network of high frequency radio users throughout the United States who voluntarily pass NS/EP messages if the public network communications capabilities are not available,” Herr relates.
Participation in SHARES is open to all federal departments and agencies as well as their designated affiliates on a voluntary, noninterfering basis. More than 280 emergency planning and response personnel participate in the program. Sixteen federal, state and industry organizations contribute resources, which include 1,068 high frequency radio stations and more than 226 frequencies.
Although at times building a relationship between industry and the government can be challenging, the issue of telecommunications infrastructure security and reliability appears to be so critical for both parties that each realizes that cooperation is essential. Mark Kusiak, technical director, government customer team, Lucent Technologies Incorporated, Columbia, Maryland, reports that his company is very comfortable engaging in discussions on the topic of security with the government.
“We view security as a multilevel challenge. Telecommunications service providers have to take a holistic approach to security to make sure each of the network layers is protected. Providers are doing a good job, but it’s not perfect. It’s an ongoing challenge as threats evolve. That’s why we encourage a multilevel survivability/security approach,” Kusiak states.
Wireless communications has opened the door to two additional vulnerabilities. First, people have come to rely on cellular telephones. “For instance, we’ve become accustomed to having our calls go through, and there are times when the emergency call has to go through. The notion is prioritization, and we don’t have that with wireless today,” Kusiak notes. GETS provides this capability for wired systems, and government and industry are working to extend it to the wireless world.
A lack of quick geolocation capabilities is the second vulnerability of wireless technologies. Kusiak points out that wired 911 emergency response technologies provide the operator with the caller’s location. This capability is not as simple with wireless telephones, so emergency responders may not have immediate access to the information they need to locate a victim. On September 11, Kusiak says radio frequency and triangulation techniques were used to help find cellular telephones in the rubble. Research currently is underway to fine-tune the technologies necessary to enhance this capability on cellular telephones.
David Johnson, spokesman for AT&T Global Services, Bedminster, New Jersey, says network security and reliability are the top two priorities at his company. Both physical and network security have been stepped up since the terrorist attacks, he reports. Despite any firm’s best efforts, the possibility of intrusions and disruption of service still exists, he adds.
To address this issue, Johnson emphasizes that every company should have a crisis management plan. “Any company, regardless of its business specialty, needs to have redundancy built into its telecommunications systems so, if something happens, it has data backed up and a telecommunications backup,” he says.
“Step back and look at your operations. Ask the question, ‘What happens if an explosion occurs or if data or files are compromised?’ You have to do this ahead of time. Determine where each person in your organization reports and what he or she does just like on a ship when General Quarters is sounded. Because when a crisis hits, it’s not the time to try to decide what should be done,” Johnson says. Companies should practice this plan three or four times a year, he recommends.
Crises do not necessarily come in the form of terrorist attacks, Johnson stresses. Something as mundane as a bulldozer accidentally digging up a cable could cause a major disruption of service. However, he concedes that more catastrophic events are on the minds of many company officials today. “As someone said about the terrorist attacks, ‘This is not a one-act play,’” Johnson shares.
Additional information on the National Communications System is available on the World Wide Web at www.ncs.gov.