The Next-Generation Incident Command System (NICS)
Transcript of The Next-Generation Incident Command System (NICS)
The Next-Generation Incident
Command System (NICS)
Paul Breimyer, Ph.D.
15 NOV 2013
UNCLASSIFIED
UNCLASSIFIED
Supported by Dr. Robert Griffin DHS Science & Technology
NICS - 2
• Program Overview
• NSTIC* Pilot
• Demonstration
Outline
* NSTIC = National Strategy for Trusted Identities in Cyberspace
NICS - 3
MIT Lincoln Laboratory
Westford, MA
Socorro, NM
Kwajalein, Marshall Islands
Lexington, MA
Mission
Technology in Support of National Security
Main Roles
• System architecture engineering
• Long-term technology development
• Rapid system prototyping and transition
Orlando, FL
NICS - 4
Disaster Management Capability Shortfalls Persist
Hurricane Sandy (2013)
Hurricane Katrina (2003)
9/11 (2001)
Gulf Oil Spill (2010)
Significant Need For A Common Integration Platform
NICS - 5
Homeland Disaster Response
Technical Challenge: Organize, coordinate, and command the
efforts of dozens of agencies and thousands of responders
1 10 100 1K 10K 100K
1
2
3
4
5
6
7
Number of Responders
Co
mm
an
d L
evels
*
Resource
Challenges
Command
& Control
Challenges
“Extreme Events”
Medical
Response
Train
Wreck
Massive
Earthquake
HazMat
Scale
Co
mp
lex
ity
*Assumes 5 person span of command
(nominal Incident Command System standard)
• Safety
• Rescue
• Restore order
• Protect property
First Responder Mission
• State All-Risk/All-Hazard agency
• Significant scope of responsibility
• Forward-leaning agency
Partnership with
CAL FIRE (Since 2007)
• Complexity
• Scale
• Harsh Environments
Challenges
Wildland
Fire
Fire
Siege
NICS - 6
NICS Vision
Capability Gap:
Multi-organizational collaboration is severely hampered by a lack of shared
situational awareness; Contributing factors:
- Vendor market motivated to fragment FR users and organizations
- Uneven capabilities across organizations
- Costs exclude many organizations
- Organizations use different tools
Approach:
Develop a national platform that:
- Encourages vendor participation (i.e., “Apps” Model with Open
Standards)
- Is as inexpensive as possible
- Is scalable at a national level
- Provides a common platform in support of NIMS ICS
- Provides a platform to develop and evaluate novel capabilities
NICS is building a common platform available at a
national scale
NICS - 7
NICS System Overview
Emergency
Operations Centers External Data
• Satellite Imagery
• Weather
• Historical Maps
• Geographic Information System
Tactical Aerial Surveillance
Imagery
Mobile
Displays &
Collaboration
Police Hazmat National Guard
Fire Medical DoD FEMA Coast Guard
Citizen
Reporting
Distributed
Servers
GPS
Tracking
Reports
NICS - 8
NICS: Web-Based Collaborative Online Environment
Challenge: Provide distributed situational awareness for Tired-Dirty-Hungry Responders
Approach: Develop simple, web-based collaborative online situational awareness interface
• Picture is worth 1,000 words
• Improves essential human
communication: sketch,
gesture, speech
• Incidents
• Maps & Data
• Real-Time Collaboration
• Text Chat
• Field Reports
• Apps
• Tired-Dirty-Hungry Interface
…
NICS - 9
California Testbed Status
• Organic NICS User Group
Forming (200+ organizations)
• Annual NICS User Conference:
27-28 Feb 2013, Riverside, CA
─ 60+ Organizations:
─ Fire, Law, Medical,
OES/OEM/EMA, Private
Industry, Utilities, NGOs,
Tribal Partners, etc.
Notable 2013 Incidents
NICS - 10
Recent NICS Highlights
Ventura CA “Springs” Fire
MAY 2013 (~30K acres)
“Nemo” Blizzard
FEB 2013
“Rim” Fire in Yosemite, CA
SEP 2013 (~235K acres)
“NICS turns 12 Hours into 12 Minutes” - NICS Users’ Group tagline
(Attributed to CAL FIRE Chief Marc Hafner)
• Primary information system in EOC for
CAL FIRE Incident Management Team
and partners
• Rapid integration of multiple sensor
platforms
• First method for UAV data
dissemination
• Leveraged by Statewide Incident
Management Team (IMT)
• Integrated Real-Time IR sensor SA led
to protection of critical infrastructure
asset
• Employed by MA NG for resource
management and SA
• Main display in Joint Operations
Center
• Used to coordinate with MA EMA
NICS - 11
Third Party “App” Integration
DARPA sponsoring
Metron Inc. to integrate
with NICS; 23 CA orgs
online
CA Utility provider
integrating weather
station data into NICS
DeLorme modified their
flagship hand-held GPS
product to interface
with NICS
…
First Responders Driving Industry to
Open Interfaces for NICS Compatibility
App Store
NICS - 12
NICS Evolution
Limited Objective
Experiment Riverside, CA
All Hazards Response
2009 2010 Today National Guard • MA Joint Operations Center
• HQ and other states (in discussion)
• DHS S&T continues as technical innovation sponsor
• Technical vision developed through broad engagement
across the Homeland Protection enterprise
- First Responders, National Guard, USCG, FEMA, …
Fire Department of New York • ‘Higher Command’ SA
Emergency Management Agencies • California, Massachusetts
• FEMA: HSEEP-EP
Broad CA Use
• CAL FIRE ‘Operationalizing’ • Statewide, San Diego node
• Diverse operations
Wildfire Response
US Coast Guard • Mobile
applications
NICS - 13
• Program Overview
• NSTIC* Pilot
• Demonstration
Outline
* NSTIC = National Strategy for Trusted Identities in Cyberspace
NICS - 14
NSTIC* AXN Pilot - Overview
Pilot Program Outcome: Implement a user-centric online Identity Ecosystem and demonstrate an Attribute
Exchange Trust Framework using the ID Dataweb (IDW) Attribute Exchange Network (AXN)
Project Approach: • Demonstrate online attribute exchange operations and basic features of an attribute exchange trust framework
– User, AP, IdP, and RP interfaces and process/data flows
– Legal, policy, and technical interoperability, security, and scalability
– Business and market monetization models
– Assessor roles and processes
Project Objectives: • Simplify AP, RP, and IdP participation, deploy new online services and demonstrate asset monetization via the IDW
AXN platform using:
– Real-time AP online verification services
– Out of band verification services – SMS to device, device IDs, Postal mail AP service - PIN code mail piece
• Live user data from commercial and government RPs
• RP billing (monthly) and AP/IdP transaction/payment statements
• Commercial contracts and Terms of Service that transition pilots to commercial operations
NSTIC Pilot Use Case Scenarios: • Basic Use Case scenarios will initially be limited to key identity attributes: Name, e-mail, Address, Telephone
Number (NEAT) and sending one-time passwords via SMS to a mobile device
• Increasingly complex and advanced Use Cases will include additional attributes, interoperability between an OpenID
or SAML credential, CAC/PIV card credentials, and identity linkage to end-user devices
• For each RP Use Case: Free market trial of verified attribute services for 180 days or 50,000 users, whichever
occurs first
© 2013 Criterion Systems, Inc. Proprietary and Confidential Page
14 Criterion Systems, Inc. retains ownership of its proprietary information in this presentation.
* NSTIC = National Strategy for Trusted Identities in Cyberspace
NICS - 15
An Example User Experience
The consumer has or creates a username and password with an Identity Provider, Google.
The consumer browses to a new web site for the first time to create an account.
The web site is part of an industry Trust Framework and asks the user if they would like to use their Google Identity to access the site.
The user gives permission for the Attribute Exchange Network to verify their information using real-time and out of band methods.
Attribute Provider (e.g., LexisNexis, Experian) responds and verifies the user’s information including age.
The site authenticates the user with the verified user information, and the user makes a purchase with their new account relationship.
The user goes to a new site, creates a new account using their verified attributes, and completes a purchase with their new account.
The web site needs to verify the users age. The user asserts their attribute information including age at the web site.
The user securely manages their information shared with each account via the Attribute Exchange Network.
© 2013 Criterion Systems, Inc. Proprietary and Confidential Criterion Systems, Inc. retains ownership of its proprietary information in this presentation.
NICS - 16
The Identity Ecosystem
Trust Framework
The rules regarding Identity Management in a specified Industry or Eco-system. These rules define how the various providers interoperate in terms of business, legal, technical and privacy guidelines.
Relying Parties (RP)
Relying parties are channels/web sites that would like to to enable consumers to use their existing Identity Provider credentials to gain access. Examples include any website, mobile app that requires a login.
Identity Providers (IDP)
Entities that issue persistent Identity credentials and support verification of the name, address, email and telephone number of a user. Examples include Google, Facebook, AOL, Verizon, AT&T, Department of Homeland Security, etc.
Attribute Providers (AP)
Third parties that can provide or verify information about a user. Examples include credit bureaus, federal / state licensing commissions, relying parties who have collected profile information, etc.
Attribute Exchange Network (AXN)
The network that facilitates the exchange of information between RP’s, IDP’s and AP’s based upon the business rules and market model that can operate within the guidelines of a Trust Framework.
© 2013 Criterion Systems, Inc. Proprietary and Confidential Criterion Systems, Inc. retains ownership of its proprietary information in this presentation.
NICS - 17
NICS AXN Interaction
NICS Login
Page &
RP
NICS Credentials NICS IDP
3rd Party RPs
Attribute Exchange Network (AXN)
Authorization
Decision
User
Attributes
= NICS Component
= AXN Component
IDPs APs
NICS
Access
Yes
No
RP = Relying Parties
IDP = Identity Providers
AP = Attribute Providers
User &
Session
Tokens
User
Attribute
Request
NICS
Token
Manager
Legend
Send:
NICS - 18
• Program Overview
• NSTIC* Pilot
• Demonstration
Outline
* NSTIC = National Strategy for Trusted Identities in Cyberspace