Below is the uncorrected machine-read text of this chapter, intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text of each book. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.
76 ACC Technology Twenty-first century technology, which is at the heart of virtually all airport operations, in almost every instance, either produces communication as a byproduct of its core function or has been developed specifically as a communications tool. Similarly, technology is the funda- mental tool in an ACC. Although many decisions go into developing or expanding an ACC, no decision is likely to have as much of an effect on the success of the initiative as the selection and implementation of the technology necessary to achieve the goals of airport management when it decided to proceed with an ACC project. In developing its ACC approach, the airport operator will have three primary considerations. First, choosing the proper technology or extending legacy technology is one of the biggest chal- lenges in producing a successful ACC project. An ACC is no different than any other technol- ogy project and should be approached in that manner, with one exceptionâThe ACC, itself, is viewed as a system. A proper ACC IT system architecture will show many subsystem com- ponents, integrated to work in a concerted fashion to channel data into a central repository, convert it into information, and provide outputs on which decisions can be made by airport management. Second, the underlying infrastructure on which the ACC operates is of equal importance to the communication technology. Infrastructure considerations include the network on which all of the applications are transmitted, as well as the data center and related telecommunication rooms. The ACC receives information from a range of sources and transmits information to designated users within and, often, beyond the ACC. A properly functioning communication network ensures rapid and reliable transmission of data, is resistant to compromise, is secure, has redundancy, and is conducive to rapid fault detection and repair. Although the range of network-related technology issues dealing with implementing a communications network (e.g., bandwidth analysis, commu- nications security, network topology, transmission protocols, reserve capacity, and transmission media) are beyond the scope of this Guidebook, they must be addressed to establish an effective ACC communication environment. The passive infrastructure that includes the data center, tele- communication rooms, fiber and cable, and all of their supporting elements (e.g., backup power, redundant paths, and proper environmental controls) are an essential for ensuring the ACC oper- ates effectively. Third, a substantial amount of data will flow into the ACC. Sorting through that data and con- verting it to actionable information in a timely manner will be one of the greatest challenges to the ACC personnel. Conversely, it is not possible to implement applications to capture all of the data necessary for decision-making in an airport. Information will still flow from non-technology sources. Absorbing all of the information is perhaps the greatest challenge in a modern ACC. Airport and ACC management must be acutely sensitive to managing this avalanche of data from the day the ACC opens and throughout the life of the ACC. S E C T I O N 7
ACC Technology 77 All of the best practices in developing a technology application should be applied to the ACC as a whole. These include the following: â¢ Developing a functional requirements document (FRD) â¢ Creating an ACC systems architecture â¢ Choosing the right products for the ACC environment â¢ Customizing and modifying applications â¢ Integrating applications â¢ Performing system and user testing â¢ Training users â¢ Implementing â¢ Operating and maintaining In this Guidebook, Section 4 describes the role of the CONOPS. The CONOPS may serve as the FRD for all technology decisions in smaller, less complex ACCs. In larger ACCs with more complexity and the integration of many airport organizations, developing a full FRD based on the CONOPS, but with more detail for each ACC function is recommended. Each ACC function will have been outlined in the CONOPS with its data requirements, inputs, and outputs. These functional descriptions will help determine the technology needed for the ACC. 7.1 Establishing a Communications Infrastructure In recent years, significant developments in communications technology have occurred that affect ACC design, including â¢ Stricter and more extensive security measures. â¢ Emergence of an information-centric model for airport operations that connects all stake- holders and can deliver content-sensitive information over both wired and wireless links. â¢ Integration of sensor data, alarm data, video imagery, and geographic information to enhance operations management. â¢ Greater situational awareness capability to enhance the ACCs ability to manage both normal operations and incidents. â¢ Integration of intrusion-detection, access control, CCTV, and other security functions with the airport IT network and cable plant, along with an increased emphasis on network security. â¢ The dominance of IP-based communications, which have or are rapidly replacing older RS-485 and similar standards. â¢ The need for ACC designs that are compatible with legacy IPv4 products and will provide for compatibility with IPv6 products coming to market. â¢ Development of converters to permit the reuse of legacy protocol and communications physi- cal cabling. â¢ Continuing performance improvements in digital equipment and software so that video and voice can effectively and practically be transmitted over a network. 7.2 Communications Infrastructure Relationships A networked ACC must provide a secure environment for interconnecting various stake- holders. Figure 7-1 illustrates some of the relationships that can be involved, including domains outside of the network (e.g., trunked analog radio systems used for public safety radio voice traffic); PABX (private automatic branch exchange)-based wired telephony; cellular telephony, which may be used for airport functions, but which connects many off-airport stakeholders and
78 Guidance for Planning, Design, and Operations of Airport Communications Centers first responders; and the Internet, which may be used for remote access to network resources and workgroup messaging. Figure 7-2 illustrates the functions which the ACC should be capable of delivering and the user groups that need them. This model assumes a shared airport IT environment, but it also applies to private networks where the private network interfaces to the shared IT network for more complete coverage. The ACC communications network transmits information, including data, voice, and video communications, from various sources. It is a good practice to share information with other stake- holders involved in normal operations and incident management within the required security Figure 7-1. Communication relationships. Figure 7-2. Communication services.
ACC Technology 79 protocols. Identifying what information is required by each party and how to best provide for information sharing (including identification and authorization) are major tasks when the ACC is designed. An effective communications network ensures rapid and reliable transmission of data, is resistant to compromise, has redundancy, and is conducive to rapid fault detection and repair. Several technology issues are relevant to implementing the communication network: band- width analysis, communications security, network topology, communication redundancy, transmission modes or protocols, reserve capacity, and transmission media. ACC communications integrated with other subsystems should be selected to ensure that the ACC operator is provided with a multimedia (i.e., voice, data, and video) presentation of information. Communications technologies should provide reliable and scalable support to diagnose and resolve system problems that may arise during the lifetime of the ACC. Communications systems can be network-based (to operate over a LAN/wide area network (WAN) or private network) or less sophisticated (using communication protocols that require point-to-point connections using twisted-pairs of cables). Interfaces between system components should be fully compatible withâand supported byâthe communications architecture selected. Downstream compatibility between ACC system components is desirable to enhance the maximum life of the investment. 7.3 Challenges Caused by New Technologies Modern technology provides vastly improved capabilities and far more information than was historically found in airport operation centers. These new technologies also bring additional challenges to achieving information absorption and situational awareness in ACCs: â¢ The vast array of new technologies introduced to the airport environment since the beginning of the security/technology convergence era in the 1990s means that todayâs ACC operator may need to operate many more systems than their 1990s predecessors. Because each of these systems has its own unique interface and method of operation, this represents challenges for both the operator, in using the systems effectively, and management staff who must train operators and provide technical support for these systems. â¢ The sheer number of new sensors, devices, and cameras can cause information overload for the operator. With some airports managing thousands of surveillance cameras and door access devices, the total number of alarms and events that occur daily can easily become an overload on sensory input, which, in turn, results in inadequate attention to those inputs that demand immediate action. â¢ It can be difficult to achieve situational awareness, given the challenges of associating large numbers of alarms with cameras, locations, and staff resources in todayâs large airports. For example, for an operator to understand a situation accurately, they must be able to under- stand where alarms and events are occurring in the airport, know which video surveillance cameras will provide the best view of the relevant area(s), and know where staff is in relation to the location to dispatch effectively. In large airports that cover millions of square feet of floor space, operators are challenged to grasp geographical locations quickly and correlate them with nearby facilities and activities. Information overload can serious degrade situational awareness. Approaches that have proven effective include â¢ Helping the operator focus. When possible, limit the number of systems each operator must use so they can focus on those systems. By creating operational roles for staff, they can focus
80 Guidance for Planning, Design, and Operations of Airport Communications Centers more closely on specific systems, rather than being a âgenericâ operator working on many sys- tems at once. Staff should still be cross-trained to be able to use all systems that may be required in the event of role change or emergency. â¢ Striving to prevent nuisance alarms. In many ACCs, some alarms and alerts occur frequently, but are either false alarms or are caused by inappropriate settings in systems. Although opera- tors learn to ignore these alarms, they do subconsciously affect operators, distracting them and causing them to become less sensitive to alarms and alerts overall. Assess alarm/alert settings in all systems to ensure that nuisance alarms are minimized. â¢ Leveraging new technologies. New technologies (e.g., physical security information man- agement [PSIM] systems) can be used to aggregate data on alarms, locations, and resources can help provide a complete âevent pictureâ for the operator and counter information overload. â¢ Adding staff. Additional staff whose sole responsibility is to monitor systems, enter data, and receive information, can free airport operational staff to perform their primary roles. 7.4 Technology Design Considerations The first and, likely, most important factor to consider is that the ACC probably will be a com- bination of new systems and the extension of legacy systems. This will require careful examina- tion of all legacy systems being considered for the ACC in terms of their functionality, usefulness, ease of integration into a new environment, the quality of their data, and their acceptance by their current user groups. 7.4.1 Technology Design Process The functions of the ACC are of equal or greater importance than its form, although form is an essential part of the design process. Examination of ACCs in place makes clear that the functional aspect of the ACC is heavily dependent on the quality of the technology systems that support it. Technology is woven into the fabric of the modern ACC. As a result, proper ACC design requires a technology designer as part of the team from the beginning. Just as architects and engineers are indispensable in the design process, technology designers are crucial to the suc- cess of an ACC design. The time to engage the technology designer is at the beginning of the project. Because the facility is so highly dependent on technology, it is essential to have the services of the technol- ogy designer from the beginning stages to help the owner make strategic decisions early. These early decisions significantly affect the success of the project. Consider an ACC project where the technology designer was brought in at the start and discovered problems that required redesign. The space allocated to the data center was insufficient, and the placement of the large-format video displays was inappropriate for the available power and cabling. By addressing these issues, hundreds of thousands of dollars and months of wasted time were saved. Creating an effective ACC that integrates multiple new and legacy systems and provides information to which the airport has not likely had access in the past is a complex technology undertaking and should be considered as such by airport management. The following recom- mendations are critical to an effective ACC technology environment: â¢ Engage the existing airport IT department to the greatest extent possible and from the begin- ning of the project. IT department staff will likely have the best understanding of the legacy systems, the airportâs communication network, security considerations, and other factors important in successfully completing the ACC project.
ACC Technology 81 â¢ Include technology experts, internal or external, as an essential part of the design team in addi- tion to architects and engineers and engage them early in the design process. â¢ Upgrade, if necessary, networked communications systems in order to transmit information rapidly, reliably, and securely with redundancies for analysis and action, especially with regard to alert and alarm information. â¢ Employ standards recognized by certified communications and computer network organizations. â¢ If not already present in the airport, consider the interoperability and flexibility advantages of Voice over Internet Protocol (VoIP) on shared networks. â¢ Look for the latest technology innovations, such as interconnected wired and wireless links for information delivery; integration of sensor, alarm, video and geographic data; IT net- work integration with security functions; Internet Protocol-based communications; legacy and future product compatibility through converter use; and the use of mobility where it is appropriate. All of these innovations can enhance situational awareness. 7.4.2 Technology Best Practices The following best practices are critical in designing the ACC system architecture and should be used wherever feasible: â¢ Standards-Based Open Architecture. Open systems are those that conform to open specifi- cations for interfaces, services, and supporting formats. An open specification, or standard, is a public specification maintained by an open public consensus process to accommodate new technology over time and is consistent and compatible with existing standards. Using a standards-based Open Architecture in the ACC will allow easier integration of airport systems as they are introduced into the ACC environment. Heavily customized software or software that cannot be customized to fit the airportâs needs will be difficult to incorporate into ACC operations. â¢ Interoperability. Interoperability is a measure of how well one or more elements of the ACCâparticularly its technologyâcan work with other systems and components. Ideally, interoperability should occur in a plug-and-play context (i.e., without having to modify elec- trical and mechanical interfaces or write software patches) and should be implemented using tested, proven open standards. Interoperability is primarily an issue of communications among system components. It is increasingly important that technology systems, both legacy and new designs, are linked over facility information networks. â¢ Legacy System Integration. Most airports have existing systems and supporting infrastructure. The two most prevalent types of legacy systems are physical access control systems (PACS) and video management systems. These systems typically have well-defined interfaces that allow access to system data. An ACC can use these assets by integrating with the published interfaces. During the design process, identify what legacy systems should be integrated with the ACC and the extent of the integration desired (e.g., just accept data from the legacy system or have full control of the legacy system) and provide the necessary documentation (including interface specifications and equipment locations) followed by development of a progressive plan for early integration of critical legacy systems. 7.5 ACC System Architecture A system architecture is the conceptual model that defines the functionality, processes, structure, and expectations and provides a graphical, as well as written, description of a system structure. An architecture description is a formal document and representation of a system,
82 Guidance for Planning, Design, and Operations of Airport Communications Centers organized to illustrate how the system operates, how its components interact, and the expected business benefit for each application in the environment. An ACC system architecture will com- prise several system components, including legacy systems and new systems that will work in concert to create a system in itself. A fully developed ACC system architecture will include all of the following: â¢ The fundamental organization of the ACC system, as illustrated by the components con- tained, their relationships to each other and to the environment, and the functional require- ments governing their design and functionality. â¢ A graphical representation of the ACC system, including a mapping of functionality onto existing and planned hardware and software components, how the software architecture and the hardware architecture interrelate, and the staff interaction with each of these components. â¢ The relation of all system components to each of the airport organizations or functions that are functioning in the ACC. Often referred to as a âline-of-businessâ in the system architec- ture world, each aspect of airport management and operations should be included in the ACC system architecture. â¢ A description of the design, function, and data of each component of the ACC. If a legacy system, the documentation should include the same information used when the component was initially acquired by the airport, focusing on those aspects of the component that have particular relevance to the mission of the ACC. â¢ A description of the design and function of current hardware and software that supports the networking capabilities of the ACC, a description of long-range plans and priorities for future purchases, and a plan for upgrading and/or replacing dated equipment and software. â¢ The most important, top-level, strategic decisions about the future structure of the ACC. Although small or even medium-sized airports may not develop a full-blown ACC system architecture, the components described above should be developed to the extent corresponding to the sophistication of the ACC. Upon initial review, developing an ACC system architecture may seem like considerable work; however, most airports will find that the building blocks of a usable ACC system archi- tecture have already been created. Using documentation developed during the acquisition of each ACC-bound legacy system is a good start. Network design, layout, and the physical layout have probably been developed by the airportâs IT department. The physical location of data centers and telecommunication rooms is well known and probably been graphically defined. The CONOPS provides the basis for the functionality to be contained in the ACC. All of these disparate artifacts combine to create a solid foundation for an ACC system architecture. 7.6 ACC Applications Virtually any applications existing in the airport in the current environment, as well as a host of new systems, are candidates to be included in the ACC. The systems chosen for placement in the ACC environment should reflect consideration of the following questions: â¢ Foremost, does the application provide operational or critical communications necessary for the ACC to fulfill its mission? â¢ Does the application have the functionality to integrate with other ACC systems efficiently and effectively? (Older applications, particularly those with proprietary software, may not be easily integrated with other ACC applications.)
ACC Technology 83 â¢ Is the data contained within the legacy application of sufficient quality that, if incorporated into the ACC, it will provide ACC personnel with accurate, timely, and relevant information? â¢ Is the application slated for replacement in the near future due to obsolescence? (If so, it may be better to conduct the replacement of the application specifically with the ACC in mind.) Various types of applications that should be considered for integration into the ACC system design (either wholly or tangentially) are discussed in the following subsections. 7.6.1 Airport Operations If the airport operator chooses to manage airport operations from the ACC, it will need sup- port applications to provide the information necessary to effectively control airport operations. The following systems are used in managing and operating the airport and are candidates for communicating directly to the ACC or providing the ACC an information feed: â¢ Airport Operational Database (AODB). The Airport Operational Database (AODB) is the âAirport Information Centerâ and is the central database or repository for all operative sys- tems and provides all flight-related data accurately and efficiently in a real-time environment. The Airport Operational Database (AODB) is the âAirport Information Centerâ and is the central database or repository for all operative systems and provides all flight-related data accurately and efficiently in a real-time environment. The AODB is the primary repository of data related to flight operations and the airport systems that support airport operations. An AODB is created from many sources. The AODB acts as a data warehouse, storing and disseminating data from many of the airportâs applications, and provides the focal point for integration of applications throughout the airport environment. If the airport operator has decided to use its ACC for airport operations, the AODB probably will be at the heart of the overall ACC system architecture. â¢ Resource Management System (RMS). A resource management system is the primary tool for managing an airportâs most important resources and is the focal point for managing an airportâs operation. The RMS provides for the management of non-mobile resources such as airline ticket counters, gates, and baggage assets, as well as kiosks operating in both common use self-service (CUSS) mode and dedicate-use mode. RMS is a primary component of an airportâs common use system and enables airport per- sonnel to handle routine tasks effectively and efficiently. In most cases, RMS is directly con- nected to the airport operational database (AODB). â¢ Gate Management System (GMS). A GMS is the primary manager of gates and assigns and allocates passenger and freight flights to specific gates, assigns catering for remote stands, and assigns jetways, gate lounges, buses, and other services. Gates can be common use (shared) or dedicated (assigned to one airline). Depending on the functionality of the ACC, a GMS may be a core application for consideration as part of the ACCâs technology foundation. â¢ Ticket Counter Management System. When not handled by an RMS, an airport may have a separate management system that assigns ticket counters to airlines. â¢ Baggage Carousel Management System. This system may be included as a sub-module in the RMS or as a standalone application, depending on the airportâs technology environment. It assigns baggage carousels to airlines for their incoming flights. â¢ Common Use Passenger Processing Systems (CUPPS). CUPPS is an internationally recog- nized software application that allows for the provisioning of a shared airport operational platform supporting all resident airlines on a single set of common devices. This includes workstations, boarding pass and ticket printers (ATB), bag tag printers, boarding gate readers, and other devices that may be shared by airlines. CUPPS allows flexibility in the allocation of airport resources (e.g., ticket counters and gates) to individual airlines. CUPPS may also
84 Guidance for Planning, Design, and Operations of Airport Communications Centers include IP telephony configuration for the user airlines and may extend to visual display units and other airline signage systems. With CUPPS, virtually all of an airportâs interactions with an airline can be managed centrally from the ACC. â¢ Security Checkpoint Monitoring Applications. An increasingly valuable application to have in the ACC is security checkpoint monitoring. Using technologies such as Wi-Fi, Bluetooth, video analytics, and even social media (or a combination of any of the four), an ACC can have direct surveillance on checkpoint status, especially during peak periods when lines can grow to be unmanageable. The application also provides a way to help manage other airport assets affected by passenger throughput. 7.6.2 Baggage Handling Systems It is not likely that baggage handling will be coordinated out of an ACC; however, there may be instances when it is important to have an information feed from the central baggage handling console to the ACC for ACC personnel to have firsthand familiarity with ongoing issues. 7.6.3 Flight Operations Several systems could provide useful communication to the ACC including the following: â¢ Visual Docking Guidance System (VDGS). Where the VDGS is integrated with the airport CUPPS or AODB, it will provide valuable data to the ACC. The VDGS provides pilots with aircraft parking assistance, which is crucial in climates where weather affects flight arrivals. â¢ Daily Operations Log and Emergency Checklists. This system, typically used by an airport duty officer for managing airport operations, includes access to emergency checklists in the event of a ground, air, or other operational incident. This system can be automated in situ- ational awareness management software (see below). For an ACC with substantial operational control, this system will be a critical component of the ACCâs architecture. â¢ Runway Monitoring and Surface Movement Systems. This application monitors aircraft and vehicle movement. Depending on the ACC functionality, it is useful for ACC personnel to be aware of all movement on an airfield. Where these systems are used, special video output screens should be set up so that movements can easily be monitored. â¢ Noise Monitoring System. This application provides flight path data along with a measure- ment of aircraft noise along its path. If an ACC receives inquiries from the public regarding noise, this is valuable information to have in order to provide an immediate response. â¢ Weather Monitoring and Forecasting Systems. These applications provide all of the weather information needed by an ACC to understand the current weather conditions, as well as projecting potential operational problems as a result of weather conditions. For example, an ACC with responsibility for de-icing operations will have better insight into the potential for planning the use of de-icing bays and de-icing trucks. â¢ Runway Surface Monitoring Systems. Such systems can direct personnel to deal with foreign object debris or, through sensors embedded in the runway, determine the presence of ice or standing waterâall of which may affect airport operations. 7.6.4 Landside Operations Although landside operations encompass various activities away from flight operations, they can greatly affect or be affected by what is happening on the airfield. For those ACCs engaged in not only acting as a communication node, but also using the information gathered to make airport management decisions, the following systems will be of use to ACC personnel:
ACC Technology 85 â¢ Parking Systems. Although it is unlikely that an ACC will manage a parking operation, having insight about parking availability, lane control issues (e.g., backups on entry or departure), and other parking-related functions may be of use to ACC personnel. If the airport has a specific Parking Space Management System (PSMS), a direct feed to the ACC could be beneficial. â¢ Surface Vehicle Monitoring System (SVMS). Similar to airfield operations, it may be useful for ACC personnel to have situational awareness of airport vehicles landside. A direct feed from the SVMS could be valuable in high traffic or emergency situations. 7.6.5 Airport Communication Systems The most critical airport communications are those systems whose primary functions are delivering communications throughout the airport environment. These systems may reside on the airportâs IP network or, in the case of analog telephone systems, on external resources provided by local carriers. Especially for the former, airport management must properly plan for the load of these systems on its network because they can easily saturate a weak network, especially when emergency communications rise to a level far greater than with normal opera- tions. Although these systems are not considered specifically ACC systems, because they are used throughout the airport, they are of vital importance to the ACC and the ACC system architecture must provide special consideration for the ACC to ensure that proper resources are available at all times during normal, as well as irregular operations and emergency situations. â¢ Email. Email is a critical communication tool for airport operations. Though its timeliness may be debatable, it remains an essential tool. Although the ACC is no different than any other node in the email infrastructure, the airport may want to establish some general email addresses for various ACC functions or the ACC that can be used as repositories for email whose desti- nation is a function and not a person. â¢ Trunked Radio, Land Mobile Radio. The ACC will likely need direct access to any radio sys- tem being operated in the airport and should have its own console. Trunked radio systems, typically operating in the 800-MHz band, enable dispatchers to communicate orally with the field units and for field units to communicate orally with other field units over portable and mobile radios. To support an ACC, additional radio dispatch consoles will be required. The new consoles should support radio communications on the airport trunked radio system, as well as various mutual-aid channels to support regional interoperability. â¢ Automated Configuration Management Tool. An automated configuration management tool should be used as part of the radio configuration. This tool should track changes to the system architecture, including new or removed equipment and updated software. Complex user groups can be set up for a single user to monitor and communicate with multiple user groups to satisfy specific operational parameters. The airportâs radio system may also be part of a larger city, county, or state system. This is an essential communication tool, particularly during emergency situations that extend outside the boundaries of the airport. â¢ VoIP. In technical terms, VoIP technology treats a voice call as a data transmission. The net- work sees a âpacketâ of voice in the same way as data and transmits it over a LAN instead of through a traditional private branch exchange (PBX) analog phone system. When a call is sent to a location internal to the LAN, it stays under the control of the data network. When a call is sent to an external location (off the LAN), the call is routed to an outside line or trunk. Using the full capability of a VoIP can greatly enhance internal and external ACC communications. Too often, VoIP is installed and the users receive little or no training. It is good to train all ACC personnel so that they can take advantage of all functionality. â¢ Centrex and Private Branch Exchange Phones (PBX). Although most airports have implemented VoIP (which provides voice transmission over a data network), the airport
86 Guidance for Planning, Design, and Operations of Airport Communications Centers should maintain a sufficient number of analog phones in the event the network suffers a major outage. 7.6.6 Airport Safety and Security Systems Perhaps the most common applications found in an ACC are those dealing with security and public safety. Additional information on the operations of the public safety and security function are provided later in this Guidebook. Applications that may be part of the ACC system architecture are as follows: â¢ Command and Control Center (C&C) Systems. The C&C system manages and coordinates an airportâs response to all varieties of incidents. The C&C system is integrated with numer- ous other systems and aggregates data from all of them to provide actionable information to management. When developing the ACC system architecture, special attention should be paid to the interaction between the C&C system and other airport applications. â¢ Mobile Command Post Systems. These field-based mobile sub-units of the C&C Center duplicate the functionality available in the primary C&C Center and are used during emer- gency situations. The mobile command systems provide the ACC with a clearer picture of what is happening in a different geographic part of the airport. â¢ Video Surveillance Systems. The âeyesâ of the ACC are typically an integrated video surveil- lance system, using various cameras distributed throughout the airport property. CCTV is an integral part of monitoring physical security for any airport. The CCTV system is a collec- tion of cameras with varying functionalityâpan, tilt, and zoom capability, infrared, and high definition. Each of these cameras can provide data to the ACC for security, management, and operational purposes. The ACC may have a separate viewing room for public safety cameras and will likely have large-screen displays for airfield, roadway, and terminal monitoring. From an ACC perspective, a highly functional video management system (VMS) is essen- tial. In larger airports where the number of cameras can easily exceed a thousand, managing them is impossible without a VMS. If an airport operator is considering the purchase of a new VMS, the operator should consider the needs of the ACC when making an acquisition deci- sion. An important tool in the VMS is video analytics. Video analytics can be used for a host of safety, security, and operational situations. The CONOPS is likely to have identified scenarios where video analytics can add considerable value to situational awareness. â¢ Physical Access Control Systems (PACS). The PACS controls staff and vehicle access to secure and sterile areas throughout the airport. PACS are controlled by federal regulations and are a critical component in airport security. The PACS should be operated from the ACC or the ACC should receive all PACS alarms. Some PACS can integrate with CCTV systems to bring up a video feed for a door and geographic location. At larger airports, PACS alarms may sound almost endlessly, especially if there are many doors. PACS configuration in the ACC might be to show only alarms for doors directly onto the airfield or other critical locations. â¢ Badging Systems. Badging systems provide for airport ID cards that integrate with the access control system. Badging systems are not likely to be found in an ACC, but access to the ACC should be carefully monitored so that only authorized personnel are allowed to enter and leave the ACC. Before the ACC is opened, it should be decided who will have access to the system. Typically, this is considered to be role-based access control, permitting only certain personnel in specific functions with the access to enter. â¢ Perimeter Intrusion-Detection Systems (PIDS). These systems detect alarms and initiate responses for breaches of perimeter security. PIDS may include microwave systems, sensors in the fence, CCTV, infrared detection, and other technologies. PIDS, along with fences and walls, are the first line of defense on the airportâs edges. The ACC should be able to monitor all activity that has been registered on the PIDS. Establishing a PIDS workstation in the ACC
ACC Technology 87 is not difficult. If the ACC also contains a security operations center (SOC), this application is certain to be included. 7.6.7 Emergency Response and Notification Systems When an emergency unfolds at an airport, two major streams of communication are likely to occur. The first stream includes the communication to emergency responders; the second includes information and directions to the greater public. Both communications streams are likely to be governed by codes, described in standards, and involve best practices as described in the following sections. 7.6.8 Public Emergency Communications Systems The diverse population and airport environment combine to pose many potential challenges when communicating emergency messages to the public. The population will include the travel- ing public, airport employees, airline employees, tenants, and various vendors and contractors. This varied population will be have different agendas whether individuals are business travelers, international families on vacation, part-time retail employees, or contractors performing work. These individuals will need audible and visual messages in various media and perhaps multiple languages. The airport environment may be unfamiliar to the traveling public who may not understand where to go, particularly for unfamiliar events. Also employees may be familiar with only certain parts of the airport. Although a significant portion of the ACC resources will be devoted a central terminal area, most airports are self-responding with an onsite PSAP which will involve response to all parts of the airport campus. In addition to these challenges, the airport campus will have various types of systems, software and hardware will not all be the same age, and their will be different levels of coverage. Consult ACRP Research Report 170: Guidebook for Preparing Public Notification Programs At Airports for excellent information on this topic. The ACC needs to take a holistic view of signaling and informing the public during emergen- cies so as to ensure accurate, consistent, and timely information is provided. The ACC may have access to the following communications systems or methods: â¢ Fire alarm â¢ Public address â¢ Digital signage â¢ Television â¢ Radio â¢ SMS text messaging â¢ Live audio feeds â¢ Automated voice calls â¢ Faxes â¢ Emails â¢ Web postings â¢ Desktop notifications â¢ Social media alerts Although not always feasible, the ACC should strive to simplify the process to a single stream using a unified emergency communications system. This will allow the airport to more accurately anticipate, plan, and minimize response time based on common or anticipated emergencies. The central part of the unified communications system is an interface to initiate either preprogrammed or ad hoc emergency communications with any of the above systems and methods.
88 Guidance for Planning, Design, and Operations of Airport Communications Centers For example, initiation of a partial or full terminal evacuation, if it does not happen on site via a fire command center, would be initiated to trigger the fire alarm system visual strobes, voice evacuation announcement (through fire alarm or paging, depending on the locality), textual messages through digital signage and television systems. Based on the programming, the same written and spoken message would be distributed to the correct subsystems for the correct por- tions of the buildings. Following the evacuation, the airport operator will need a way to inform the public that it is safe to reenter the terminal, how to do so, and (potentially) why the event occurred. Depending on whether or not an EOC was activated, direction will come to the ACC which can lean on the single interface to initiate a preprogrammed all-clear signal, potentially including ad hoc information. From the system perspective, the keys to design are to understand what could be used for the single interface, applicable code requirements and interfaces to other systems for message distri- bution, including use of text-to-speech conversion and protocol compatibility. Codes related to the application of these systems are typically adopted at the state, local, and airport level and may include NFPA 72, âNational Fire Alarm and Signaling Code,â which includes requirements for emergency communications systems (e.g., voice evacuation, distributed recipient systems, wide area systems, and mass communication systems); and NFPA 1221, âStandard for the Installation, Maintenance, and Use of Emergency Services Communications Systems,â which includes requirements for public emergency services communications systems and facilities. Although the systems allow communication to occur, the airport and emergency response plan may be the greatest inputs to the system. Airport input will involve not only the local authority having jurisdiction, fire department, and public safety, but also management, IT, facilities main- tenance, and, in some cases, public relations and legal departments. All of the groups that may be called to the EOC should have input, because they will rely on the ACC to distribute public communications in an emergency. Methods for public safety-related communication include â¢ CAD. This technology for dispatching law enforcement personnel or emergency services can either be used to send messages to personnel in the field (through a mobile data terminal [MDT]) and/or used to store and retrieve data (e.g., radio logs, field interviews, client infor- mation, and schedules). A dispatcher may also provide call details to field units over a two- way radio. CAD typically consists of a suite of software packages used to initiate public safety calls for service and dispatch and maintain the status of responding resources in the field. An ACC may have a CAD workstation solely for monitoring airport activity. Depending on the airportâs law enforcement arrangement (internal or external), placement of the CAD within the ACC is likely to be based on current guidelines and procedures. â¢ Fire Suppression & Alarm Systems. These systems detect smoke and/or heat and initiate an alarmed response to the airportâs C&C center. Irrespective of where the main alarms are sounded, fire suppression and alarm systems are an important tool for ACC operations to be able to monitor fire and smoke events as such events usually affect other airport opera- tions. In the case of smoke and/or heat detection, these systems should interface with the audio and visual paging notification system. â¢ The Emergency Response System. These methods and systems coordinate an airportâs response to major incidents such as air crashes (both on and off the airport), terrorist and criminal activity, and other incidents such as fatal wrecks or accidents involving staff, passengers, or members of the public. This system should also integrate with natural disaster responses and fires. 7.6.9 Airport Facilities and Maintenance Systems Airport facilities departments play an important role in operational readiness. Facility- and application-related technology can provide important data and situational awareness to the ACC.
ACC Technology 89 7.6.10 Building Management Systems (BMS) Building management is a key component of intelligent building design, where several sub- systems tightly integrate so that they can operate with much greater efficiency, anticipating changes in weather and adjusting for the number of people in a given location, and so forth. Managing the physical environment from the ACC allows airport management to meld facility status with other ongoing operational considerations (e.g., reduced flight activity, weather anomalies, or even emergency situations). BMS manage the electromechanical systems in a facility, including security, lighting, cooling, heating, and ventilation. These are also known sometimes as HVAC systems. Unlike typical business applications, a BMS will rely on embedded sensors and other devices for input to the system. Such devices include thermostats, fire detection sensors, and sprinklers. BMS use IP for data transport so the airportâs campus LAN can be used for inter- connecting building systems. â¢ Electric Power, HVAC, and Lighting. All modern infrastructure technology likely has a control center for its management. For newer systems operated on an IP network, feeding alarm sensors to the ACC provides the ACC with immediate situational awareness on critical events in the airport. In older facilities, supervisory control and data acquisition (SCADA) systems are more likely to be foundâthese are more difficult to integrate into the ACC sys- tem architecture. SCADA systems are often âhard-wiredâ directly to a control center, typi- cally in a maintenance facility, and it is difficult to have additional feeds go to other locations. â¢ Computerized Maintenance Management Systems (CMMS). CMMS is software used to schedule and record operation and preventive/planned maintenance activities associated with facility equipment. The CMMS can generate and prioritize work orders and schedules for staff to perform periodic/planned equipment maintenance, as well as to log and schedule âtroubleâ calls. Upon completion of a work order, performance information, such as the date work was performed, supplies/inventory, and staff-hours expended, typically is loaded into the CMMS for tracking, to support future operations/planning. Integrating a CMMS with a GIS gives the airport and the ACC a spatial view of what maintenance operations are occur- ring in the airport at any one time. The CMMS also can be used to track maintenance trouble spots over time. Having access to this information could be valuable in an ACC as airport management tries to balance a wide range of activities that could be occurring in the same place simultaneously. In some ACCs, the maintenance call takers are part of the ACC, giving even more insight into existing maintenance issues. â¢ Moving Walkways and Elevator Monitoring Systems. Most modern conveyance systems identify problems before they occur. These systems detect deteriorating components and inter- mittent anomalies and note the small issues that might go undetected until they cause service. Typically, diagnostic software monitors elevators and walkways continuously and sends data to a central console in a machine room. These systems are also capable of sending similar infor- mation over a network to off-site locations, which could include an ACC if the ACC needs to manage potential conveyance issues. â¢ Geographic Information System (GIS). A critical function of any ACC is the ability to associ- ate incoming data blocks with a spatial identification. Knowing âwhereâ is as important in an airport environment as knowing âwhatâ and âwhen.â For this purpose, an airport must con- sider how to fully incorporate its GIS capability into its ACC. A GIS is a computer application designed to capture, store, and display information related to geographic coordinates in or around the airportâs location. GIS is used to depict various data points that are spatially con- nected, on one visual display, so the user can more easily see, analyze, and understand patterns and relationships. With GIS technology, airport management can compare the locations of different activities to discover how they relate to each other. For example, using GIS, the same display could depict ongoing construction activity with the location of active concessionaires
90 Guidance for Planning, Design, and Operations of Airport Communications Centers to determine the effect on terminal business. Increasingly, GIS is used to depict the airport environment in 3-dimensional images. This type of display can greatly assist airport manage- ment in understanding its physical environment and how the environment has changed over time. Having GIS information available in the ACC is essential for ensuring that decisions from the center reflect the most accurate and illustrative information possible. 7.7 Airport Technology Infrastructure Systems All of the applications used by the ACC will ârideâ on the backbone of the airportâs network. The ACCâs data-at-rest and data-in-motion will reside/flow in the airportâs data centers and telecommunication rooms. The technology infrastructure can easily be overlooked by airport management, because, for the most part, the infrastructure is not visible (except for the data center and telecommunication rooms), but the technology infrastructure is critical. 7.7.1 Passive Infrastructure The airportâs passive infrastructure refers to its physical network, including all of the physical rooms that house network and data processing and storage equipment. The network aspects of the passive infrastructure are the assets referred to in OSI Layer 1, which consists of the basic networking hardware transmission technologies of a network. It is unnecessary to delve deeply into this topic; however without the necessary resources at this level, the ACC has little chance of being a successful initiative and airport management is wise to ensure that the necessary com- ponents are robust, scalable, and redundant. Details follow: â¢ Structured Cabling System (Passive Infrastructure). The primary purpose of this system, also known as the passive infrastructure, is to provide the physical media that allows for the interconnectivity of all airportwide communications systems. More specifically, this inter- connectivity is accomplished through the use of fiber-optic and/or copper cabling routed between each of the communications rooms throughout the airportâs premises and from the telecommunications rooms to the user workstations. The telecommunications rooms, located throughout the airport, serve as the distribution points for the end users of various airport systems. Examples of such airport systems include telephone sets, courtesy phones, pay telephones, security, multi-user flight information display system (MUFIDS) monitors, light-emitting diode (LED) devices, CUPPS, CUSS terminals, building management system control units, administrative network workstations, wireless access points, and information kiosks. All of these systems are served from the telecommuni- cations rooms; therefore, it is good practice to properly account for the co-location of these sys- tems when planning cable routing, component placement, power, cooling, and similar future requirements. The cabling routed between communication rooms is known as âbackboneâ cabling, whereas the cabling to user workstations is âstationâ or âhorizontalâ cabling. â¢ Cable Management System (CMS). Managing the passive infrastructure is an essential compo- nent of the communications infrastructure. A CMS provides a cable asset database for tracking cable terminations and users. Organizations generally move, add, or change at least 30% of communications cabling each year. Eighty percent of the time and cost of such changes is spent in rediscovering cables. Therefore, a CMS provides a return on investment by greatly reducing MAC costs and resource usage. 7.7.2 Network Systems Network Systems provide the bandwidth over which various communication systems dis- tribute and share data. Bandwidth refers to the amount of data that can be transmitted over a
ACC Technology 91 given network segment during a specific period. The advent of reliable, secure Virtual Local Area Network (VLAN) technology and gigabit speeds for bandwidth allow airports to provision a single LAN that cost-effectively serves all of its communications systems needs. â¢ LAN. LANs are typically confined to single buildings or small groups of buildings on campuses such as those at airports. The networking technology implemented determines which data transmission methods can be implemented and the upper limit of the speeds available for transmission. Therefore, the choice of networking technologies in a LAN design is critical to developing an overall system that supports existing (legacy) systems, as well as future systems and applications. The current âstandardâ for backbone applications is 10-GB Ethernet. An ACC can be network-based to operate over a LAN/WAN or over a private network. ACC communications should be scaled for the size and complexity of the system. Operational requirements for voice, data, and video services should be established in the CONOPS well before system design begins. Selection of system architecture and system technologies should ensure that the design will meet current requirements and be scalable for future requirements and will perform reliably over its lifetime and that support will be readily available to diagnose and resolve system problems that may arise. Translating system architecture into a design should address data integrity, data security, full connectivity and security among all system components, appropriate system monitoring and diagnostics, and growth potential. Where system components are supplied by different vendors, the design specifications must provide for proper integration, and post-installation testing must validate that all components are properly integrated and realize the required performance. The system provider should also be contractually bound to support, maintain, and ensure that all components are properly integrated. â¢ Wi-Fi (Multi-Frequency Antenna, Radio Spectrum Management Systems). When airport communications include wireless elements, planning for an ACC must also consider FCC rules and regulations. The FCCâs rules and regulations are in Title 47 of the Code of Federal Regu- lations (CFR). The FCC regulates broadcast stations, amateur radio operators, and repeater stations, as well as commercial broadcasting operators who operate and repair certain radio- telephone, television, radar, and Morse code radio stations. Under FCC rules, certain devices, commonly known as unlicensed devices, are exempt from regulation and may be freely used, so long as they conform to technical standards established in Part 15 by the FCC. For wireless LANs operating in the Wi-Fi bands of 3 GHz and 5 GHz, peak power and radiated signal strength limits have been established that limit wireless coverage. In addition to commercial cellular and wireless LAN services, other types of commercial services widely used for everyday non-critical communications generally fall into one of the following categories: â Specialized Mobile Radio (SMR) may provide mobile dispatch and data communications services. Users of SMR systems can communicate between single radios or simultaneously to a group of users. Interoperability within the SMR service falls under the âsingle system strategy.â Unfortunately, interoperability outside of the service may be limited due to the lack of common standards and protocols, which is further compounded by the fact that SMR systems are licensed across three different frequency bands (220 MHz, 800 MHz, and 900 MHz). â Mobile Satellite Service offers digital broadcast capability, which allows the dispatcher to speak to a single user, a group of users, or all network users. Users can, in turn, communi- cate with members in predefined talk groups. Users within a talk group can communicate via a one-way group call or through standard two-way communication. Interoperability is provided only between users of the system or to individuals connected to the public switch telephone network.
92 Guidance for Planning, Design, and Operations of Airport Communications Centers â¢ Metropolitan Area Network (MAN)/Wide Area Network (WAN). A MAN is a computer network larger than a LAN, covering an area of a few city blocks to the area of an entire city, and possibly including the surrounding areas. The WAN provides the connectivity from the LAN on a campus to points outside the campus, such as data centers in other cities. Typically, todayâs WANs use technology similar to LAN-based switches. However, a WAN connection, unless properly configured and managed, could introduce delays and instability, which could affect the user through the reliability or latency of a connection. Airports do not generally have to develop WANs because most of the airport applications and systems will only com- municate at the campus level through the LAN. â¢ Virtual Private Networks (VPN). In virtual private networks, the equivalent of a closed user group, users gather together by virtue of some common characteristics over a common domain. This network can run on dedicated equipment or through a shared infrastructure provider such as a Telco. VPNs provide a secure environment that allows individual groups of users to share data. â¢ Network Management Systems. Network management is a critical function. It is either reac- tive or proactive. Reactive presupposes a user reports a fault and then a technician is dispatched. Proactive means that the IT asset is monitored (for which bandwidth needs to be allocated), and the watching agent intervenes without a user calling in the fault. This requires definition of an operations support model with links to customer and vendor service levels. Many vendors offer network management systems. â¢ Network Security Management. An airport should implement layered security solutions with firewalls and intrusion-detection/intrusion prevention (IDP/IPS) systems at the edge of and inside the network. The airport should also implement industry-recommended practices in virus protection and patch management. Security typically already exists at a device level (e.g., workstation), application level (i.e., log-on password), and at a network level. The most vulnerable parts of a network are the interconnections, whether they be VPN connections or wireless access points. Good network design and careful management will mitigate intrusion and unauthorized entry. Several third-party companies can assist in the intrusion-detection arena. Physical security plays a large part in the overall network security plan. Networking equipment should be in rooms that are physically secure. 7.7.3 Network Design This Guidebook is not intended to provide a full discussion of the network requirements for an ACC. However, the design of the network on which an ACC will conduct its critical functions must have certain attributes, and airport management must ensure that the network meets the following general requirements: â¢ Performance. A well-designed network shows consistently high performance in application response time, the variation in response time, and other performance parameters. â¢ Resilience. The network should provide a resilient platform for the applications it supports. A highly specified network might have to meet an availability target of 99.99% or higher for all applications. Ideally, the failure of any one link or networking device should not result in the loss of sessions or services. Switches and other network devices should have hot-swappable blades and power supplies. Automatic failover to an alternate path should occur within a time interval short enough to minimize the effect on existing sessions. This interval can be defined as the span between when a network topology change (such as the loss of a link) occurs and each device on the network becomes aware of the change. Well-designed networks are char- acterized by consistently low convergence times. â¢ Scalability. A scalable network can support growth to a projected set of functions and/or capacity over a stipulated period without having to be radically redesigned and with minimum
ACC Technology 93 obsolescence of core equipment. A scalable network can handle the addition of users, network nodes, and sites, as well as new applications with increased bandwidth needs. Vendors should be required to describe how the projected functions and/or capacity levels will be achieved and the resulting effect on any proposed systems. The network design should permit the addition of new nodes and users with the addition of a new section or block to an existing structure that serves as the core or backbone of the network. 7.7.4 Network Standards Standards are essential for communication systems and computer networks to function prop- erly. In the United States, the following standards are applicable for airports (the appendixes provide a more detailed list): â¢ The Institute of Electrical and Electronic Engineers (IEEE) publishes standards for network- ing architectures, such as Ethernet networks; for network devices, such as a network switch or a wireless access point; and for various electrical power, communications, and other equip- ment and systems. â¢ The Telecommunications Industry Association (TIA) publishes standards for telecommuni- cation facilities and the cable plants that serve them, in addition to other standards. â¢ The Internet Engineering Task Force (IETF) publishes standards for protocols and devices that operate over the Internet, including protocols for routing datagrams and VoIP. â¢ The American National Standards Institute (ANSI) publishes a wide range of standards and often jointly publishes telecommunication standards with the TIA. ANSI and its largely European counterpart, the International Standards Organization (ISO), also publish com- plementary standards or cross reference their standards. â¢ The National Institute of Standards and Technology (NIST) publishes standards and guide- lines, known as Special Publications, for facility, communication, and network security that are mandatory for federal agencies, unless exempted in PL 107-296, The Homeland Security Act. U.S. airports are generally not obligated to follow NIST standards, but these documents are a significant resource for airports in modeling their own security programs, especially for wireless network security. 7.7.5 Performance The operating environment must ensure that existing systems maintain their access security for the local environment while they are interconnected to the central or regional center. Provi- sions for the networking environment must include local, regional, and/or centralized manage- ment and control of the ACC via the network infrastructure. Prioritization of traffic, preferably developed from an operational analysis prepared during the CONOPS, must be designed into the proposed network infrastructure. Mission-critical traffic should be identified and afforded the highest level of availability, redundancy, and resiliency in network resources. The ACC availability goal in a shared IT network environment should be at least 99.9%. For most ACC applications, this will require IT network availability of 99.99% or higher, depending on the network architecture and the network resources required to support the ACC. When this level of network availability is not possible, the ACC design should focus on ways of attaining close to zero downtime for critical security functions, including information flow to incident responders. Average, minimum, and maximum response time goals, to be determined during the require- ments process, must be maintained throughout the operations period of the network, including periods of moves, adds, and changes which affect database records.
94 Guidance for Planning, Design, and Operations of Airport Communications Centers The network should be sized to have enough excess operating capacity to maintain the initial operating traffic parameters (to be determined) and accommodate sustained peak loads during download/upload of information without effect on operational response times. In addition, there must be reserved capacity for traffic reroutes during the failure of an interconnecting node within the network. Priority reserved capacity (outside of the excess capacity for peak operations) is required for emergencies to allow multiple locations to be accessed from a central command center to coordinate database lookup and updates. When services are provided by common carriers, such as telephone service, arrangements should be made for priority access during emergencies, par- ticularly for cellular services. Access to a WAN by a commercial telecommunications and network service provider should include both guaranteed minimum bandwidth and guaranteed surge bandwidth. The guaran- tees of bandwidth should be set forth in a written Service Level Agreement (SLA) with the service provider to ensure sufficient bandwidth, network availability, and a secure data transfer. 7.7.6 Bandwidth Management Issues When airport video surveillance systems are networked, special design consideration must be given to such issues as transmission bandwidth over the network, network headroom allow- ances, and video storage (including imagery resolution and frame rate, storage duration, and permissions for accessing and viewing stored imagery). Network architecture may involve both centralized and edge-based assets. Determining the bandwidth requirements for the ACC is essential in technology planning during the design phase. CCTV is a heavy user of bandwidthâtodayâs CCTV systems support hi-definition visual images at frames-per-second speeds, which generate large files. These images can seriously affect network throughput if the network architecture has not been designed properly. An equally critical aspect of CCTV image size relates to the amount of storage needed to maintain images to meet airport, local, and state requirements for data retention. Most large CCTV systems require petabytes of storageâoften exceeding the amount of storage needed for all other airport systems. 7.7.7 Mobility Remote or mobile communications technology should be part of the integrated command center concept. Incidents often happen in the absence of key personnel, during holidays, late at night, or when a person with critical skills is on vacation. During an incident, key personnel may not be able to respond to the emergency command center. When response time is critical for reducing risk or preventing an incident from becoming a major disruption, remote communica- tions can provide access by key decisionmakers. 7.8 Workstation Design Section 5.7 of this Guidebook discussed the ergonomic and furniture requirements of func- tional workstations. This section provides further recommendations on the most appropriate ACC configurations. The workstation is the most important aspect of ACC design and special care must be given its layout. ACC personnel are likely to be seated at a workstation for most of their working hours, and comfort and utility are critical to ensuring that personnel can focus on the subject matter, rather than their surroundings. Recommendations for the workstation configuration follow.
ACC Technology 95 7.8.1 Proper Work Surface Setup â¢ The work surface should be installed/adjusted to be approximately 25â³ to 34â³ high for seated work and to fit a range of operator sizes (ensure that adjustments can be made easily). â¢ The space beneath the work surface should have sufficient room above the legs to allow for a range of body postures. The knee well should be at least 30â³ wide by 19â³ deep. â¢ The work surface should have adequate space for equipment (e.g., monitor, telephone, sta- pler, and tape dispenser) to be close to the user so as to minimize bending, flexing, or twisting of arms, wrists, or hands. â¢ A matte finish on the work surface is ideal to reduce light reflection. â¢ The keyboard and mouse should be placed together on a platform at least 28â³ wide, directly in front of the user and directly beneath the monitor. â¢ The keyboard and mouse platform should move easily (i.e., side to side, up and down, and in and out) and lock securely in place. â¢ The height of the keyboard/mouse platform should allow the userâs hands to rest lightly on the keyboard and mouse with forearms using the chair armrests for support. 7.8.2 Keyboard & Mouse Adjustments â¢ The keyboard height should allow straight wrists and a 90-degree angle between the upper arm and the forearm (angle should adjust by 20 degrees up or down for individual preference and periodic adjustment). â¢ The keyboard height and angle should be adjustable (reverse slope). â¢ The keyboard and mouse should have a wrist rest and/or mouse rest available for support when taking mini-breaks. â¢ The standard keyboard should be replaced with an alternative keyboard (split-key) and alter- native mouse (trackball or touchpad) if personnel develop musculoskeletal disorders. â¢ The keyboard should be able to support âshort-cut softwareâ (macros). 7.8.3 Peripheral Items â¢ Peripheral items that are used most frequently should be placed closest to the user so that these items can be conveniently and comfortably reached. â¢ In-line document holders should be used and should sit between the keyboard/keyboard tray and screen and be aligned with usersâ body midlines so that operators can look down to see documents and raise their eyes to see their screens. â¢ Screen-mounted document holders should be used. Each holder should be positioned to the same side of the screen as the dominant eye of the user. â¢ Freestanding document holders should be used. Each holder should be positioned next to the side of the screen and angled slightly so that it follows a curve from the side of the screen. â¢ To reduce the stress in an operatorâs neck, a headset may help reduce stretching and improp- erly holding of the phone. â¢ Materials should be stored in accessible areas (between 15â³ and 48â³ above floor). â¢ Storage areas should allow 30â³ Ã 48â³ clear maneuvering space and accommodate right or left-hand access. â¢ Deep storage should have âlazy susanâ carousels and pull-out shelves or drawers with full- extension ball-bearing slides. â¢ Stored materials should have labels facing out with instructions, symbols, or color coding. â¢ It may also be beneficial for each user to have their own keyboard and mouse to prevent the spread of germs in shared workstations. At the least, cleansing wipes should be available.
96 Guidance for Planning, Design, and Operations of Airport Communications Centers 7.9 Managing ACC Video Output There are many ways to display information in an ACC, and all available options should be evaluated for the particular requirements of the ACC during the design phase of the project. Depending on the physical size and layout, the ACC may have a video wall, separate video dis- play screens arrayed throughout the facility, video monitors on each workstation (in some cases multiple monitors), or, more likely, some combination of all three. How best to position monitors depends on ACC functions, personnel, and the organizations represented within the ACC. 7.9.1 Workstation Monitors A detailed evaluation of the configuration of operator workstations is essential in designing the ACC. The final configuration will vary depending on the functions assigned to each station, as well as displays for groups within the ACC who perform supervisory functions or who are present as third-party participants or as observers. A typical operator workstation will have multiple monitors capable of displaying information based on schedules of permissions. At least two monitors should be providedâone for the dis- play of real-time information and one for event or incident assessment. When several cameras are to be monitored, a third display will enable an operator to access cameras from a schedule and/or to monitor event and incident logs. Regardless of the display selection, all monitors should be equally capable of fulfilling all assigned functions to provide redundancy. Choose monitors with appropriate resolution, dot pitch, brightness, and contrast to reduce eye strain and increase comprehension. Carefully consider the design of large-format visual dis- plays, such as multi-panel video walls, including sightlines from operator stations, lighting, and screen resolution and flicker. Designing for large-format displays requires a cross-disciplinary approach that includes an understanding of technology and ergonomics as well as traditional architectural/engineering concepts. Video wall panels should be individually addressable so that multiple feeds can be displayed simultaneously, including streaming video. The following factors are relevant to selecting the number, placement, and quality of monitors: â¢ Size. The cost for large flat panel monitors has dropped dramatically in recent years, allow- ing ACCs to provide larger and higher quality monitors. Consider investing in large units that will help reduce eye strain and provide greater detail when viewing video. â¢ Number of screens. Place primary work screens directly in front of users, with secondary screens to the sides. If possible, use dedicated screens for primary systems, which allows oper- ators to use secondary applications (e.g., email and word processors) while keeping primary systems displayed. â¢ Image quality. Size is not the only attribute that makes a monitor easy to view. An ACC should have monitors with above-average dot pitch (smaller is better), brightness, and contrast ratio of monitors. These characteristics affect image quality, reduce eye strain, and make details appear more pronounced when viewing video surveillance feeds. â¢ Viewing angle. According to the Human Factors and Ergonomics Society ANSI/HFES 100-20073, the center of the visual display screen should be 15 to 25 degrees below hori- zontal eye level. During work periods, display screens should not be more than 35 degrees off axis (i.e., from the userâs predominant line of sight) while the user is gazing straight ahead. Also, the entire visual area of a visual display terminal workstation, including items other than the display (such as the keyboard), should be between 0 degrees (horizontal eye height) and 60 degrees below eye height.
ACC Technology 97 7.9.2 Video Walls Although some ACCs may choose to use large wall-mounted displays, the trend is to use a video wall. A video wall consists of multiple panels arranged according to the dimensions of the ACC and associated viewing distances. Available monitor technologies include liquid crystal dis- play (LCD) panels, LED arrays, digital light processing (DLP) tiles, and rear-projection displays. Each technology has advantages and disadvantages (related to panel size, resolution, brightness, contrast, flicker, glare, power consumption, reliability and maintenance, and life cycle cost). Video wall configurations typically begin with 2-ft-vertical by 3-ft-horizontal monitors and can expand to many times these numbers, subject to wall area, power and cooling, aesthetics, and budgetary constraints. Video walls provide a degree of flexibility that cannot be achieved with individual monitors, provided that such flexibility is included in their design. For example, each panel or segment could be individually addressable, from any operator workstation, to permit one event to be stitched across the entire video wall, or multiple events to be displayed on individual panels simultaneously. 7.9.3 Display Options The selection of a display format is driven by the application. A 4:3 aspect ratio display will generally show more area in the vertical dimension than a 16:9 aspect ratio display. An indoor application, such as hallway monitoring, may benefit from a 4:3 display. An outdoor area, where horizontal coverage may drive the application, might benefit from a 16:9 display. The term âdisplay resolutionâ is usually understood to mean pixel dimensions (i.e., the num- ber of pixels in each dimension). This is not the same as pixel density (i.e., the number of pixels per unit distance or area), which is a proper indication of display resolution. In digital video, display resolution is generally given in pixels per inch. In analog video, if the screen is 10 inches high, then the horizontal resolution is measured across a square 10 inches wide and is expressed as lines per picture height (e.g., NTSC TVs can typically display 486 lines of âper picture heightâ horizontal resolution, which is equivalent to 648 total lines of actual picture information from left edge to right edge). Considerations related to large-format video displays include the following: â¢ Large-format video displays are invaluable in communicating information to a large group of people quickly and effectively. Rather than needing to get attention by making an announce- ment in the ACC, messages, images, documents, and video can easily be distributed to the group by using large-format video displays. This allows effective communication without disruption of disparate activities. â¢ ACCs are increasingly using large video walls composed of multiple display units arranged as a single display. The question of using LCD screens vs. video cubes when building a video wall has a large effect on cost and visual accuracy. With the drop in cost of LCD screens in recent years, it is sometimes compelling to use them to reduce costs, but their drawbacks may make them unacceptable in mission-critical video walls. LCD screens have a border (also known as a bezel) around each screen. When multiple LCDs are tiled together to form a single large display, the bezels present issues. The bezels are a âdead spaceâ in the wall and cause issues when displaying an image that spans multiple screens. â¢ Video cubes provide a near-seamless video wall (with tiny borders as small as 1 mm) and can be serviced in place by replacing parts. LCDs, by contrast, are rarely serviceable in place and ordinarily need to be removed and either replaced or sent for servicing, either of which considerably disturb activities in the ACC for lengthy periods. Video cubes offer the highest possible quality and are the preferred choice if the budget permits.
98 Guidance for Planning, Design, and Operations of Airport Communications Centers â¢ Whether the ACC has a video wall or LCDs scattered around the space, the ACC will need a control system to feed imagery to the displays. Ideally, the video control system will be able to display video from various sources, including â Video feeds from the video management system. The video wall should be able to display video feeds, both live and recorded. â Video from television feeds. News and other information from broadcast, cable, and satel- lite television is often crucial for achieving situational awareness of remote situations. â Documents. Staff should be able to share documents electronically instead of printing them. â Computer screens. Staff should be able to share views of software applications. â¢ Determining where a large-format video display should be located is not as simple as finding empty wall space. It is crucial to understand sight lines, refraction, light levels, and acoustic attributes (e.g., sound transmission and ambient noise management). For example, placing a display in the wrong location could result in glare and reflection from windows or inability for some staff to see details on the screen. â¢ Traditional design techniques, such as floor plans, elevations, and sketched renderings, have proven ineffective in understanding all of these aspects, thus requiring the use of more advanced techniques like 3D digital modeling and full-scale mockups/simulations to assess the effect of display placement adequately. 7.10 External Communications The ACC will have direct connections to various systems external to the airport. These vital communication links provide critical information to airport management and the ACC. These links are likely to flow into the ACC through the Internet, so the ACC needs a strong, redundant Internet connection. If the ACC is relying on the existing airport connection, airport manage- ment must ensure that the existing connection will meet the needs of the ACC, both during regular operations and emergency situations. 7.10.1 Internet Access and the World Wide Web Broadband Internet access to the World Wide Web and email is vital for ACC participants, especially during emergencies, for communicating with external agencies when traditional wire or radio links are unavailable. Internet access will be essential for participants in the EOC, who in many instances will be representing other agencies in remote locations and will need to access their home networks. The Internet is a massively redundant network and proved its worth during the events of September 11, 2001, and during major hurricanes, tornadoes, and other weather phenomena in recent years. There are several ways to provide Internet service in the ACC. The ACC is expected to be a node on the airport IT network and network routers can be provisioned for accessing the Internet. It is also possible to connect the ACC to the Internet independently of the airport IT network. Internet security and network protection are major concerns. Both local and remote access will be involved for non-airport persons participating in the ACC. 7.10.2 News/Weather Feeds Satellite and CATV cable feeds should be provided to allow news and weather TV channels to be displayed on the wall display monitors in the ACC and the EOC. Each console position will be able to listen to selected audio on their headsets. If satellite and/or cable feeds are provided,
ACC Technology 99 the potential to include broadband access (at least on the cable feed), which would be routed differently from the telephone lines into the ACC, should be examined. 7.10.3 Interoperability ACC links to other agencies may involve local, regional, and state assets (e.g., EOCs, police and fire, and fusion centers) as well as federal agencies (e.g., TSA, CBP, and FEMA) with whom interoperable communications will be necessary. The extent of voice, data, and video streaming interfacing will vary with each organization. Typically, wired and wireless modes of communi- cations will be involved, including trunked radio systems for regional interoperability. Some of these modes may be secured by encryption. 7.10.4 Social Media and Social Network Monitoring Technology can be used to track smart phone locations at an airport and, via each phoneâs unique address, to analyze social media messages in real time. Airport use cases include assessing traveler satisfaction and providing retail alerts that may be relevant to travelers based on their social media messages. 7.11 Organizations Operating in the ACC Although any airport organization may be located in the ACC, the most common are public safety, airport operations (including landside and terminals), facilities management, and the IT department. Each of these entities will have special technology considerations if included in the ACC organization. 7.11.1 Public Safety Operations Some ACCs double as Security Operations Centers (SOCs). The configuration and function- ality of the SOC will depend on (1) how its roles and relationship with responder dispatch and incident management functions are defined in the CONOPS, and (2) how the SOC is staffed and trained to perform these functions. At many airports, and particularly when incident response is primarily the duty of municipal or county police departments, dispatch and incident manage- ment may be performed in a separate Police Dispatch Center. Either arrangement is workable with the proper information flow, but proper information flow should be a primary objective of the SOC system design. Figure 7-3 depicts the interrelationships between an SOC and critical security functions, such as identity management, access control, intrusion detection, and video surveillance. The SOC general design considerations include sufficient space and support facilities for per- sonnel and IT equipment to facilitate rapid access and dispatch to all physical points of the property. Secondary, or backup, SOC facilities may only require mission-critical capabilities and need not be configured with video walls and other full-service equipment. Additional services generally associated with public safety and first response (e.g., first aid stations, lost-and-found departments, public announcement [PA] systems, and paging services) are often supported via public access facilities. When an ACC includes an airport Police or security operation (e.g., a SOC or a PSAP), a CAD system will often be necessary. The CAD assists operators in responding to an incident and dispatching the correct resources to its location, especially when the volume of activity can easily overwhelm even the best operators. An event that occurs anywhere on the airport will cause
100 Guidance for Planning, Design, and Operations of Airport Communications Centers Figure 7-3. Integrated communications for airport security system.
ACC Technology 101 some form of notification to a call taker and/or dispatcher. This notification may be a telephone call via 911 from any telephone on the airport, from the security system indicating a perimeter breach, a fire alarm from any building on airport, or from airport operations. The CAD system should be designed to provide prompt transaction response time, so that even during times of maximum load on the system there will be no user-discernible degra- dation of response time or the systemâs ability to process data. The CAD system should also provide online, real-time support to enhance the operational environment for the police, fire, and EMS services. Operator interfaces should allow dispatchers to access remote data and systems (even when they are on separate systems located at the airport or at another state or federal location) and should support VCIN, NCIC, E911, voice radio, mapping, CCTV, videocamera and digital video recording systems, access control systems, and entry and fire alarm systems. CAD workstations should support the following operational functions: â¢ Call Taker â¢ Police Dispatch â¢ Fire Dispatch â¢ Supervisory Functions â¢ Fire Supervisor â¢ Police Station â¢ Fire Station â¢ System Manager 7.11.2 Airport Operations Airport operations may be conducted directly from the ACC. Operations and communica- tions have a natural nexus and airports may find that their ACC will take on far more than simply communications and will eventually be the central management point for the entire airport. This is especially important when the airport is either totally or partially common use. Airport managers and airline tenants are constantly searching for ways to improve the effi- ciency of their operations and the services they deliver to customers. Airport operators focus on adding flights (and airlines) and maximizing the use of their facilities. For terminal facilities, the metrics are passengers per gate per day (i.e., utilization) and revenue per gate per day. The concept of the common use facilities that has evolved to satisfy these metrics is described in detail in ACRP Synthesis 8: Common Use Facilities and Equipment at Airports (2008). Common use facilities may include â¢ Passenger paging systemsâboth audible and visual. â¢ Multi-user flight information display systems (MUFIDS). â¢ Multi-user baggage information display systems (MUBIDS). â¢ Gate management systems (GMS), including common use terminal equipment (CUTE). â¢ Ticket counters, including common use self-service (CUSS) kiosks. â¢ Local departure control systems (LDCS). â¢ Airport operational database (AODB) systems. â¢ Common use baggage sorting systems. â¢ Baggage reconciliation systems, including the use of radio-frequency ID (RFID) devices. This list is not exhaustive, but it demonstrates the effect that technology has on implementing airport common use policies and programs and the challenges introduced when each tenant may have different non-standard legacy systems and unique data requirements.
102 Guidance for Planning, Design, and Operations of Airport Communications Centers Airports that operate preferential or exclusive use gates may also benefit from placing airport operations in the ACC, though interaction with the airline will be far less routine. 7.11.3 Facilities Management Facilities management/maintenance is a likely candidate for inclusion in an ACC because so much of the daily activity in an airport is either conducted by the facility group or their actions affect other airport operations. ACC information gathering is often incomplete if the data pro- vided from this airport organization is not included. The most likely facility management function for inclusion in an ACC is the maintenance call center. Using the ACC as a one-stop call center for maintenance issues, IT concerns, general public inquiries, and so forth provides valuable insight into and situational awareness of the airportâs most important activities. The maintenance call center will likely feed the information received via calls into a CMMS and, as a result, provides the ACC with valuable information on airport issues, activities, potential bottlenecks, complaints, and so forth. 7.11.4 IT Organization Locating some elements of the IT department in the ACC is prudent and potentially prescient, especially in case of a major emergency. IT services can range from simple desktop support (if the ACC is large enough to warrant dedicated staff) to placement of a network operations center (NOC) or an information security operations center (ISOC). If simple desktop support is provided, help desk technicians/desktop support should under- stand that ACC calls take priority and need to be handled immediately whenever possible. Additionally, helpdesk technicians should report immediately to the ACC in any emergency situation. A small cache of emergency IT supplies (e.g., replacement PCs, boards, drives, cables, keyboards, pointing devices (mice), monitors and a printer) should be located near IT helpdesk personnel. It may be useful to have additional VoIP handsets and headsets available. An air- port is most vulnerable to an IT failure during an irregular operation or an emergencyâwhen additional stress or unanticipated usage is put on communications technology, a critical failure is more likely. Having IT personnel available during these situations may make the difference between a minute of downtime and several hours. A more extensive involvement of the IT department in the ACC is having the airportâs NOC or SOC physically housed in the ACC. At first, the concept may seem foreign to most airport managers, but almost every aspect of airport operations relies on the IT infrastructure. Having an understanding of network or IT security issues as they are happening is important to having total situational awareness at an airport. Moreover, as cybersecurity incidences continue to increase in all sectors, including the air transport industry, it is prudent to consider how an airport operator will handle such an incident. There are many parallels between handling a phys- ical security incident and a cybersecurity incident and the airport operator needs to be aware of those areas where the similarities can facilitate response. (Further discussion on cybersecurity is provided later in this Guidebook.) A NOC (also known as a network management center) is one or more locations from which network monitoring and control, or network management, is exercised over a LAN. NOCs can be a simple workstation for small networks or extensive monitoring locations for more complex networks. So as to avoid degraded service, NOC personnel monitor the airportâs networks for conditions that may require special attention. Having a NOC in an ACC can enhance situational awareness and response to network or system outages.
ACC Technology 103 In addition to monitoring internal and external networks, NOCs can monitor social networks to get an early awareness of disruptive events. Like an ACC, large NOCs are designed with several rows of desks facing a video wall that shows details of general network performance, alarms, and outages. If airport management decides to include a NOC in its ACC, the NOC could double as the ACCâs data center and telecommunications facility. An ISOC is a dedicated site where enterprise information systems (e.g., websites, applications, databases, data centers and servers, networks, desktops, and other endpoints) are monitored, assessed, and defended. A help desk is a resource intended to provide the customer or end user with information and support related to an airportâs products and services, usually by troubleshooting problems and providing guidance about desktop computers, airport applications, phone issues, and mobile devices. The IT help desk can be located in an ACC. Given that IT issues often are first discovered through help desk calls or inquiries, having that information resident in the ACC could enhance airport situational awareness. 7.12 Situational Awareness Software Situational awareness involves understanding the relationships of events and information relative to an airportâs point of view in both time and space. In an emergency, data develops in real time, and data that is not available when a decision needs to be made is not of any use at all. An airport operator may want to consider situational awareness software that can continually monitor multiple events and coordinate, categorize, assess, track, prioritize, and assign appro- priate response resources while simultaneously reviewing developing events for relevant patterns, trends, and correlations so that any resulting information can be consistently modified to sup- port regulatory requirements and forensic analysis. The resulting analysis can be used to guide adjustments in policies and procedures. Selecting sensor systems with standard interface proto- cols will enable evolving predictive algorithms to be deployed to assist operators in preventing incidents. In seeking to attain situational awareness, remember that detection is not meaningful without assessment; assessment is not meaningful without response; and response is not mean- ingful without resolution. Ultimately, prevention is the desired goal, which may be achieved at any point during the awareness cycle. The ACC should facilitate an optimal level of situational awareness. ACC design must bal- ance operational processes and procedures, technological capabilities, budget and space limita- tions, regulatory guidelines, and other considerations into a cohesive utility that can include command and control functions for activities in various operations centers (e.g., AOCs, EOCs, and ICPs). Even for small airports, operators who are removed from the scene in an ACC may have difficulty quickly understanding where an event is happeningâthis is true for several reasons. One reason is that multiple systems often have different naming conventions. Few airports have implemented all their technology at one timeâMany airports have technologies from multiple eras, implemented over decades. One effect of this multi-generation implementation is that locations, alarms, and other assets can have different names in different systems. Another chal- lenge is that being able to mentally correlate information and visualize it in a geospatial context varies widely from person to person. To address these challenges, many ACCs use technology to correlate information from mul- tiple systems to create a single âincident packageâ of data that is normalized for the alarm. For example, since the 1990s, OâHare International Airport has combined alarms with maps and
104 Guidance for Planning, Design, and Operations of Airport Communications Centers video feeds to provide ACC operators with a clear picture of the location and the incident. By combining these resources into an information-rich incident package, operators have the best possible view of the event, which helps them assess what is happening and respond faster and more effectively. 7.13 System Test, Verification, and Validation The ACC should be considered as a system and all best practices for system design, acquisi- tion, development, and implementation should be followed. One of the most critical aspects of the system lifecycle is proper testing before the ACC goes âlive.â ACC testing activities may take various forms and include system test plan development, system test procedure development, system qualification testing (SQT) and/or factory acceptance testing (FAT), site installation test- ing (SIT), and operational testing (OT). ACC acquisition and installation should include a system test plan that should describe the approach to verifying all system requirements, including the test scenarios to be executed. ACC testing should â¢ Ensure that the new ACC meets specified operational and functional needs and capabilities, and â¢ Verify that the ACC is operationally ready to be handed over to and operated by the users. An overall system test method should include the following steps: â¢ Determine the overall goal(s) of the test, including the device(s) to be evaluated and the test location(s). â¢ Identify the operational, functional, environmental, and measurable parameters that need to be evaluated to define the success or failure of the devices. â¢ Prepare, for the userâs approval, a test plan that sets forth measurable parameters for scenarios of operational conditions and that scales the testing according to the available resources and time. The operational conditions to be tested should include â Conditions representing the normal range of operating parameters, â Abnormal conditions, and â Deliberate attempts to fool and/or defeat the system. â¢ Develop a baseline of relevant operational and functional data on existing test site(s) prior to the installation of new device(s). â¢ Install the new device(s), verify their continuity and, if appropriate, include their network connectivity, and verify that all devices are set in the appropriate mode and are to be operated in the appropriate conditions for testing. â¢ Conduct the tests in accordance with the approved test plan. â¢ Analyze the results, particularly with respect to the baseline data and to the specified perfor- mance and functional requirements, across the range of test conditions. 7.14 Technology Security Securing the technology used in the ACC is of critical importance. As the airport operator becomes more reliant on the ACC, the corresponding systems that provide the ACC with data become more important. These systemsâ continued confidentiality, integrity, and availability (the CIA triad often cited in cybersecurity discussions) is of paramount importance and every step necessary to ensure the successful operation of the systems and applications should be taken. There are some basic steps an airport operator can take to help ensure the highest level
ACC Technology 105 of security possible. Section 8.7 of this Guidebook discusses creating a Facility Security Plan focused on the security of the ACCâs physical presence. A similar approach to system and appli- cation security is also highly recommended. Even for small and medium-sized airports, security begins with security governance. As either a component of the Facility Security Plan or as a standalone initiative, ensuring proper security controls is an essential element in system security. The intent of security governance is to guarantee that the appropriate information secu- rity activities are being performed to ensure that risks are appropriately reduced, system security investments are appropriately directed, and airport management has visibility into the security program. (Technology security will likely be part of a larger airport technology security effort so this Guidebook primarily touches on those elements related directly to an ACC and provide a few best practices.) For both physical and cybersecurity, IT security governance begins with a risk assessment where threats, vulnerabilities, effects, likelihood, and mitigation efforts are considered and doc- umented. Without a thorough risk assessment, applying security measures is often ineffective and misplaced. Once the risk assessment is completed, the ACC, or the airport, will have carried out its due diligence and due care in providing for technology security. 7.14.1 Physical Security The physical security for ACC systems and applications should already be in place; however, the following points should be considered while the ACC is being planned and designed: â¢ The data center and telecommunications rooms where ACC systems and applications reside must be protected. These areas must be physically secure with limited access and in environ- mentally conducive settings. â¢ There should be a plan for replacing hardware before it fails so that disruption of availability is reduced as much as possible. â¢ External third parties should have limited access to airport hardware and software resources and, where appropriate, such resources should be tightly controlled. â¢ Camera equipment, access control mechanisms, radio antennas, and other data gathering endpoints must be maintained, protected, and upgraded as necessary. 7.14.2 Cybersecurity Because of the computer-based architecture of todayâs security systems and the intercon- nected nature of the Web-based world, all systems must be secured against cyber threats. Cyber- security is far too complex to cover in detail in this document; however, ACC facility designers should create a plan for cybersecurity that addresses design challenges such as firewalls, virus detection, intrusion detection, and identity management. A trusted outside organization or another airport team should test the cyber defenses established by the airport security team. A major flaw in testing your own network security is a tendency to limit the test to the new systems and not consider other major vulnerabilities. The extent of threats to communication systems is illustrated by techniques exploited by the Stuxnet attack on the SCADA systems that controlled some nuclear centrifuges in the Middle East. The attacking software used multidisciplinary exploitation techniques to achieve a specific result on a particular target. By their nature, ACCs communicate with numerous external sys- tems, each of which may be exposed to different cyber threats, so cyber threats can come from multiple sources.
106 Guidance for Planning, Design, and Operations of Airport Communications Centers Modern operating systems contain some countermeasures for cyber threats running at ele- vated privilege levels, including requiring that digital signatures on software must be checked before the software is loaded for execution. Cyber-attack authors subvert this countermeasure by obtaining (most likely through physical exploitation) digital certificates that contain valid credentials used to sign software that can then be loaded onto the operating system. Making the necessary information available to the appropriate peopleâand only to those peopleâinvolves cultural, technological, and operational changes in a dynamic environment. Airports should recognize that such an approach is likely to challenge some cultural barriers to trust and data sharing within an organization. NISTâs Special Publication SP 800-37, âGuide for Applying the Risk Management Framework to Federal Information Systems,â addresses changing risk identification and system certification from a static, procedural activity to a more dynamic activity that promotes effective management of information security risks in the face of increasingly complex threats, vulnerabilities, and mission objectives. 7.14.3 Cybersecurity Vulnerabilities Common cyber threats include â¢ Authorized individuals failing to log off or re-secure their access points or computers, making undetectable unauthorized access available by others. â¢ Authorized individuals gaining access to portions of the network they are not authorized to access. â¢ Unauthorized individuals gaining access to the network from computers or systems that nor- mally allow access only to authorized individuals, either by âhackingâ or by using an autho- rized individualâs passwords or access codes (which, in turn, suggests a need for stronger password protocols). â¢ Unauthorized individuals gaining access to the network from computers or systems on prem- ises or in restricted areas that normally do not allow access. â¢ Unauthorized individuals gaining access through external connections such as Wi-Fi modems or wire-taps. â¢ Cat-5 access ports available for local use that are not disconnected when authorized use is concluded, thus exposing the network to external access. Similar to physical security, network/data/information security is based on understanding these and other vulnerabilities and agreeing which of them can be mitigated. Regardless of what the threats are, there are at least three levels of control: â¢ Administrative Control. The security system applications and network should support the airportâs own security standards, policies, and procedures, including password policies. â¢ Logical Control. Use software and data (e.g., passwords, network- and host-based firewalls, network intrusion systems, access control lists, and data encryption techniques) to monitor and control access to information and computing systems. â¢ Physical Control. Monitor and control the telecommunications rooms where equipment and infrastructure are located. Use access control systems to secure areas critical to the airport network. Use of metal keys to access telecom rooms does not (1) offer accountability of who entered or when, (2) track key assignments, or (3) validate the personâs permissions. Although there is significant flexibility in selecting requirements from the NIST SP 800-53 Security Catalog, IT technology makes it challenging to select suitable measures and imple- ment them cost-effectively in a way that is also compatible with staff resources and skills. For example, netcentric architectures (e.g., user-oriented architectures and cloud computing) can introduce subsystems that may not be part of the larger system throughout all stages of the life
ACC Technology 107 cycle. Including a subsystem may require reassessment of the security risks to an airportâs IT network using the designated controlsâthis is a continuing process driven by the need to cope with evolving threats. 7.15 Privacy and Other Legal Considerations Some elements of the ACC, such as video surveillance and the massive amount of data that it generates, raise legal considerations that affect system planning, design, and operational use patterns. From the placement of cameras, to the safeguarding and retention of the data collected, to the access, use, and dissemination of that data, security system planners and designers must satisfy requirements imposed by federal, state, and local laws. These require- ments can vary significantly by jurisdiction, so airport counsel perform a legal review of the planned systems. Legal considerations generally address the following questions: â¢ What information can be collected? â¢ Who has access to data once it is collected and how is the data being shared/used? 7.15.1 Data Collection The principal concern is privacy protection. As a general rule, under both federal and state law (although some state privacy protection law is becoming more restrictive), there is little or no protection against observation of conduct that occurs in a public place. For surveillance systems configured for surveillance of only public areas, it is unlikely there will be any significant legal concerns. Where surveillance systems are in areas that adjoin private areas (e.g., private property adjoin- ing an airport perimeter) or near public areas where there is some expectation of privacy (e.g., in a terminal concourse near a restroom), efforts should be made to restrict the ability of CCTV operators to observe those areas by means such as restrictions on video camera coverage or using software that blocks the views of concern. 7.15.2 Data Storage and Use Data storage and use of data issues that might affect ACC planning and design include privacy protections; records retention requirements; Freedom of Information Act (FOIA) requirements; and Sensitive Security Information (SSI) regulations: â¢ Privacy Protection. A growing body of law suggests that data compilations may have unique requirements for protection for which systems are necessary to ensure that data is safeguarded and only used for appropriate purposes. ACC design should provide for the control of internal permissions and authorizations for access to data and permission for activities such as copying and disseminating data. â¢ Records Retention. In most jurisdictions, state and local laws regulate a public bodyâs activities with respect to disposition of public records; some treat surveillance data as constituting a public record required to be retained in accordance with an established schedule. Therefore legal retention requirements for video data may be substantially longer (or shorter) than called for in the airportâs CONOPS. Planners and designers should be mindful that retention requirements can be changed by the external body setting the retention schedule, so system design and storage requirements may have to be modified to accommodate such change.
108 Guidance for Planning, Design, and Operations of Airport Communications Centers â¢ FOIA Requirements. As with record retention requirements, FOIA requirements may be imposed through state and local laws that require the airport operator to make certain data that is not governed by exemptions accessible. The existence of FOIA provisions has impli- cations for system design with respect to what data is recorded and stored, how it can be retrieved, and the length of its retention. â¢ SSI Regulations. TSA regulation of SSI concerning airports under the provisions of 49 CFR 1520 raises significant issues with respect to safeguarding video information. Some, if not all, video data raises potential security concerns, and video systems must be configured to ensure that such data is properly identified and safeguarded. This includes permissions and authori- zations with respect to access, use, and dissemination of video data. ACC personnel training should include awareness and handling of SSI issues.