DHS Tackles Emergency Communications Interoperability
Just as methodical programs to improve emergency communications interoperability are building up speed, new technologies threaten to derail the entire effort. Emergency responders find that new mobile systems bring valuable capabilities, such as enhanced data access, and they embrace these technologies eagerly. But the advanced communications systems often do not mesh with each other as well as traditional broadband radio links, and their innovative approaches pose new challenges.
Ensuring communications interoperability in emergency response also is complicated by differences among the organizations involved in the effort, homeland security experts say. State authorities, local police and fire departments, the National Guard, the federal government and nongovernmental organizations (NGOs) all could be key players in response and recovery operations. Almost all of them are silos when it comes to their communication systems, and achieving interoperability purely by technological solutions is not an option for planners.
Now, as growth in mobile communications is complicating interoperability efforts, the solution may depend more on humans than on technology. U.S. Department of Homeland Security (DHS) officials have increased their focus on training emergency response communicators in processes to follow when answering the call for an emergency. Ultimately, a major emergency response may require the presence of a new type of chief information officer (CIO).
One problem in confronting interoperability is a tendency to focus on an individual agency, says Ronald Hewitt, director of the Office of Emergency Communications (OEC) within the DHS Office of Cybersecurity and Communications (CS&C). When a major event occurs, all the involved parties bring different equipment and procedures to the table. This changes the solution from just one of technology.
He emphasizes that interoperability “is a people issue.” Operability is a technology issue, but making those technologies work together puts the onus on the human factor. “Have [responders] worked together before the incident to develop standard operating procedures on how to use the equipment that will be at that incident?” he asks. “Have [responders] trained and exercised together or jointly … to ensure achieving interoperability when it is needed most?”
Hewitt is a retired U.S. Coast Guard rear admiral who served as its assistant commandant for command, control, communications, computers and information technology and chief information officer. He likens his challenges at the DHS to those he faced in the Coast Guard, where he confronted communications silos built up by different service elements over the years.
But unlike the Coast Guard, the DHS OEC does not have umbrella control of its communications. The office deals with diverse federal agencies, along with state and local governments and NGOs. The OEC must help steer these organizations into actions that lead to interoperability, in part, by clarifying standards and improving training.
These efforts largely depend on each responding organization and the processes it uses during an incident, Hewitt continues. Where the U.S. Defense Department uses the Joint Operation Planning Execution System (JOPES), the DHS uses the Incident Command System (ICS), which is part of the National Incident Management System (NIMS). The ICS has no J-6 equivalent, he points out. The DHS’ logistics section chief has a communications unit that is viewed largely as a technology element.
Operating under the OEC is SAFECOM, which is the advisory body to the DHS for interoperability issues. SAFECOM comprises government organizations and public safety associations, and it examines potential configurations for emergency communications. A SAFECOM task force recently issued a recommendation on future organizational aspects.
The OEC works with the Federal Emergency Management Agency (FEMA) on program management for communications. Hewitt relates that the OEC has trained nearly 10,000 communications unit leaders among emergency responders throughout the country on processes to follow in an emergency, which he describes as a key to attaining interoperability.
For some time, the training focus has been on land mobile radio (LMR). The training ensures that responders know which frequency plan is in use and the options to be employed—whether encryption is applied, for example. Hewitt emphasizes that LMR use is a standard operating procedure rather than just a technology strategy. This is all part of the communications unit curriculum for OEC training, he states.
The approach has paid dividends, Hewitt adds. Now, emergency responders using LMRs arrive on the scene with common naming channels in plain language instead of numerical code. They know which frequencies to use and how to work their communications in a complementary fashion.
The threat to this approach is budgetary. When state and local governments must cut spending, they often put training or exercises as one of the first items on the chopping block. This severely hampers emergency responders from working together with their counterparts at other organizations bearing new technologies, Hewitt notes.
Incorporating new technologies threatens to undo this carefully constructed climb toward interoperability. “What we see as the wild, wild West now is more of the mobile piece,” Hewitt offers. “We haven’t integrated broadband into the course, but that is being worked right now.
“What we’re seeing is that every agency brings their own applications,” he continues. “Even though they could be doing similar functions, they’re using different data standards, processes, icons and securities. So, there is very little interoperability on the data side right now.”
Emergency responders must develop common operating procedures to use technology effectively, and then train and exercise jointly. “The lanes are governance, standard operating procedures, training, and exercises and usage,” Hewitt says.
“You do not want to be exchanging business cards at the incident,” he continues. “It’s too late. And with broadband, it’s way too late because people are coming with different applications.”
An emergency is not the place to be downloading apps, as responders have no time to train on their use, Hewitt points out.
The OEC’s communications unit, which once focused exclusively on LMRs, is now looking at broadband Long Term Evolution (LTE) technology and LMRs. One challenge is that mobile LTE units may come with different applications that take awhile to load to achieve commonality, unlike LMRs, which can be reprogrammed quickly. More preplanning is needed to use broadband in emergency response, Hewitt adds.
Cybersecurity is an omnipresent concern with any communications, and the OEC is working it into its new curriculum for both LMR and broadband, Hewitt notes. The OEC is addressing this issue with the CS&C, but it remains difficult. Much of LMR is analog, while broadband is digital. And as public safety support entities such as 911 centers migrate to digital technologies, they are encountering greater cyber threats.
The National Cybersecurity and Communications Integration Center, which falls under the CS&C, provides incident response and serves as a point of cyber and communications incident integration. The center takes the lead for FEMA’s Emergency Support Function No. 2 (ESF2), or communications restoration, as with September’s Hurricane Maria in Puerto Rico. And a communications information sharing and analysis center has all the different public communications carriers and service providers, including high frequency and satellite. This center looks at what needs to be provided in a disaster, and it controls recovery through the ESF2 processes, Hewitt explains.
If the OEC can achieve extensive interoperability among the different types of emergency responders, that connectivity could open the door to privacy concerns—especially with different government organizations involved. Hewitt allows that the OEC “is in the infancy stage” when it comes to privacy rights. It is still battling the problem of incompatible applications, he says, and the lack of an application programming interface (API) before a response effectively precludes widespread connectivity among different apps during a disaster. When data becomes more widely available, the privacy issue will become more important, he says.
When it comes to working with industry, a key to effective broadband applications interoperability will be standards. Hewitt emphasizes a great need for them in this area. Government and industry are working on standards for broadband applications, and this partnership holds the key to application interoperability. “If we don’t look at interoperability from the beginning, we’re going to end up with every agency owning different applications that aren’t interoperable—and that will cost lives and property,” he states.
“At the same time, we don’t want to hold back innovation,” Hewitt adds. “It’s a delicate balance. Let them drive innovation but still be able understand that even though you have features that are beyond these others, the core needs to be interoperable.”
Most DHS communications technology efforts with industry revolve around the First Responder Network Authority, or FirstNet. Hewitt is delegated as a board member to the organization, which is working to bring broadband to first responders. The DHS effort with FirstNet focuses largely on interoperability, he notes.
As communications technologies advance, emergency responders will need to be more skilled at managing them. Hewitt says he believes that the best solution may be to have at least one person on-site serving as a CIO. “Unfortunately, public safety does not have CIOs,” he says. Many times, a police or fire department designates its most technically knowledgeable member as a CIO equivalent.
That approach neither accounts for all the other types of communications systems that appear at an event nor works for effective cybersecurity. As public safety activities become more digitized, their systems become more vulnerable to malware. “My biggest fear is [that] we are moving to a network of networks—everything is interconnected through the Internet—that can be taken down,” Hewitt says. Several areas already have had 911 networks crash through internal errors that had nothing to do with adversarial action, he relates.
“We are looking at … having an incident management team that could plug right in,” Hewitt says, adding that this takes place for urban search and rescue. Some aspects of the ICS provide teams that can be requested through mutual assistance agreements. In the future, information technology teams would arrive on-site, run a help desk and set up networks, he adds.
For now, the OEC is tackling challenges as they come. Hewitt explains that the office is struggling to keep up with the migration to broadband. As FirstNet, Next Generation 911—the nationwide upgrade of 911 to digital or IP-based systems—and new capabilities come online, the OEC must ensure that public safety organizations both are equipped with the right gear and practice proper cyber hygiene.
The OEC also is examining how the Internet of Things will feed data to emergency responders. The potential for obtaining important data is high, but many issues remain. The challenge of too much data is present, as with other endeavors, and the OEC is working with the Defense Department on how to incorporate input from new types of sensors into the decision-making process.