National Academies Press: OpenBook

Transformation in Wireless Connectivity: Guide to Prepare Airports (2023)

Chapter: Chapter 3 - Planning and Implementation Guidelines

« Previous: Chapter 2 - Decision-Making Tool and Methods
Page 109
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 109
Page 110
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 110
Page 111
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 111
Page 112
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 112
Page 113
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 113
Page 114
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 114
Page 115
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 115
Page 116
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 116
Page 117
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 117
Page 118
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 118
Page 119
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 119
Page 120
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 120
Page 121
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 121
Page 122
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 122
Page 123
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 123
Page 124
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 124
Page 125
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 125
Page 126
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 126
Page 127
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 127
Page 128
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 128
Page 129
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 129
Page 130
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 130
Page 131
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 131
Page 132
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 132
Page 133
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 133
Page 134
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 134
Page 135
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 135
Page 136
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 136
Page 137
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 137
Page 138
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 138
Page 139
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 139
Page 140
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 140
Page 141
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 141
Page 142
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 142
Page 143
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 143
Page 144
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 144
Page 145
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 145
Page 146
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 146
Page 147
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 147
Page 148
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 148
Page 149
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 149
Page 150
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 150
Page 151
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 151
Page 152
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 152
Page 153
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 153
Page 154
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 154
Page 155
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 155
Page 156
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 156
Page 157
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 157
Page 158
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 158
Page 159
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 159
Page 160
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 160
Page 161
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 161
Page 162
Suggested Citation:"Chapter 3 - Planning and Implementation Guidelines." National Academies of Sciences, Engineering, and Medicine. 2023. Transformation in Wireless Connectivity: Guide to Prepare Airports. Washington, DC: The National Academies Press. doi: 10.17226/27064.
×
Page 162

Below is the uncorrected machine-read text of this chapter, intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text of each book. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.

109   C H A P T E R 3 Planning and Implementation Guidelines 3.1 Leadership and Organizational Structure This section discusses organizational leadership and processes for the deployment and manage- ment of wireless services and infrastructure in an airport. It identifies different responsibilities to be carried out by the individuals with defined “personas,” or archetypes, who will be most effec- tive for promoting change. Pitfalls that could impede the organization’s attempts to innovate and evolve are also highlighted. An airport system has many stakeholders and multifaceted businesses that are influenced by economic, political, and regulatory pressures and constraints. Integrating all these systems, many of which are rapidly evolving with the emergence of new technologies, requires airports to reimagine themselves as being more than simply a pit stop. Change is challenging, especially for organizations such as airports that have well-established practices and do not frequently experience significant disruption. When technological innova- tions are incongruent with these practices, institutional inertia acts as a barrier to change. Over- coming this inertia requires a clear and compelling value proposition paired with champions at multiple levels within an organization working together to achieve buy-in across the organiza- tion. Innovation takes time to realize benefits and may even temporarily reduce performance during the early phases of adoption; creating a broad foundation of support is a powerful and effective approach to overcoming these challenges. Therefore, it is essential to understand and clearly define the various roles and their related personas to ensure that airport operators give themselves the best chance to adapt to, adopt, and evolve into a key component of the trans- portation system of the future. 3.1.1 Personas and Roles 3.1.1.1 The Learning Persona Airport managers with a learning persona should be matched to job profiles and roles that require continued education and related training to ensure that up-to-date approaches, tech- niques, technologies, and processes are being applied in their roles. Developing this persona will help create and/or adapt customized training that fits the personnel and the requirements of the job profile. Understanding the details and potential evolution of the job profile will help airports develop formal and consistent training programs. Some examples of the roles that fit the learning persona are the following: • Airport Planning Manager. Responsible for oversight of all internal and external planning efforts. The Airport Planning Manager/Director administers FAA regulations; develops and manages programs related to facility planning, capital improvement projects, federal grant

110 Transformation in Wireless Connectivity: Guide to Prepare Airports management, environmental planning, security requirements, and noise abatement; coordi- nates assigned activities with other divisions, departments, and outside agencies; and provides highly responsible and complex administrative support to the Airport Executive Director. The Airport Planning Manager is responsible for translating the vision of the airport director and board into a short and long-term plan for future development. • Marketing and Communications Manager/Director. Responsible for writing and produc- ing news releases, advertisements, brochures, and other marketing materials and serving as the airport’s around-the-clock media contact. The Marketing and Communications Manager/ Director is responsible for implementing and managing all marketing efforts to promote the airport and coordinating airport lease arrangements with tenants (including wireless con- nectivity packages) while working closely with upper management and other departments to increase the airport’s customer base and revenues. 3.1.1.2 The Visionary Persona Airport managers with a visionary persona have the traits of a leader with a clear vision of the future of the organization. These leaders may have to develop a vision that fits the cur- rent mission of the organization or one that will move the organization in a new direction that will support future goals and objectives. Their vision may not always be accepted or successful; regardless, the ability to see the big picture, be innovative, take and absorb risks, and convince their organizations and stakeholders about their plans is critical to their success. Some examples of the roles that fit the visionary persona are: • Airport Executive Directors. These individuals are typically responsible for leading and directing the organization toward developing and achieving the overall mission, strategy, and annual goals for the efficient operation of the airport. They are the stewards of both the airport and its community assets. Airport Managers/Executive Directors display visionary tendencies; they must evaluate existing and future resources and work with various avia- tion and non-aviation stakeholders to develop the goals and strategies needed to achieve the long-term vision for the airport. • Executive Management/Board of Directors. While the Airport Executive Director imple- ments the goals and strategies needed to achieve the long-term airport vision, the Execu- tive Board consists of several individuals who collaborate to develop the goals and vision for the airport consistent with the needs of the local community. These individuals, usually local leaders and aviation stakeholders, as well as senior airport management, analyze various opportunities and issues facing the airport and the community to establish a long-range vision and plan for airport development. This often includes identifying marketing efforts, infrastructure improvements, and employment needs. 3.1.1.3 The Organizing Persona Airport managers with an organizing persona get things done. They understand the lay of the land and know how to navigate within the organization and coordinate with various personnel to achieve their mission in support of a project, program, or the entire organization. Leaders with the organizing persona are driven to achieve success by working hard, being flexible, and collaborating to break down silos. Like leaders with the visionary persona, those with the orga- nizing persona can motivate and inspire. Some examples of the roles that fit managers with the organizing persona are: • Airport Operations Manager. Directs the processes and activities of frontline airport employees and contractors and supports executive leadership in overseeing a brand or depart- ment of an airport to ensure maximum performance. The Airport Operations Manager is also responsible for the airport’s overall operating performance, customer satisfaction, safety, budgets, and vendor relations; they also coordinate with Airport Engineering and Planning

Planning and Implementation Guidelines 111   Departments on airport construction and land development. As such, the Airport Operations Manager is responsible for identifying and implementing new revenue generation or cost savings initiatives. • Director of Engineering. Responsible for the management of all technical, financial, and business administration of airport projects from design through implementation to ensure projects are completed on time and within budget. The Director of Engineering oversees all project design issues, constructability, standards and specifications, code compliance, scoping, design review, and technical data management. The Director of Engineering develops and administers all the specifications for construction, repair, replacement, and renovation projects including specifications, permits, project schedules, cost analysis, and purchasing/ bid processes. They are also responsible for selecting, awarding, and executing contracts and for communicating the airport’s needs to staff and contractors. This role is often specific to engineering domains. For example, a Director of Information Technology or Chief Infor- mation Technology Officer will perform these roles for all IT projects in the airport. • Airport Property Development and Leasing Manager. Responsible for the negotiation, approval, and execution of processes and agreements to support commercial property devel- opment with external and internal stakeholders and tenants. This position oversees the planning, directing, and management of revenue-generating real estate, including lease nego- tiations and non-airline tenant and utility property management (i.e., facility management, boundary integrity, and utility/rights-of-way). • Director of Facilities and Maintenance. Oversees the maintenance of buildings and grounds. These individuals manage landscaping, building repairs, construction, renovations, and ordering of supplies for organizations’ facilities. Facilities directors oversee various personnel, such as repair staff, maintenance workers, supply managers, and landscapers, among others. In addition, facilities directors organize and set up furniture and workstations, manage the budget for a facility’s repairs and maintenance, relocate offices and workstations as needed, and communicate with contractors. 3.1.1.4 The Building Persona Staff with a building persona have traits of both the learning and organizing personas to drive the mission of the organization or team forward. They are usually on the front line at an airport and directly engage with customers. These staff can achieve excellence but can also pose a risk if not hired into appropriate positions or if not correctly trained and mentored. Some examples of the roles that fit the building persona are: • End user (airport and airline staff, TSA, and CBP). Responsible for the day-to-day opera- tions of any airport. Although TSA and CBP are under the jurisdiction of the federal govern- ment, they still perform critical security and safety functions to support airport and airline operations. Airline and airport staff are responsible for implementing and overseeing the tasks necessary to support their leadership’s strategic vision. • IT Services Administrator. Responsible for designing, implementing, monitoring, and managing the LANs and WANs to ensure maximum uptime for the user community. This position interfaces with technology users and manages a team of network administrators to execute technical tasks. In larger organizations, this position can be divided into specialized IT areas, such as security and wireless. The IT Services Administrator reports to the Director of Information Technology or a similar officer and assumes their duties when requested. • Network Administrator. Responsible for maintaining and administering the airport com- puter networks. Their primary duties include maintenance of computer networks, hardware, software, and other related systems; performing disaster recovery operations; and protect- ing data, software, and hardware from attacks. These individuals work closely with network users to identify potential issues and fix existing problems. Network Administrators should

112 Transformation in Wireless Connectivity: Guide to Prepare Airports have a strong understanding of network infrastructure and network hardware, as well as be able to implement, administer, and troubleshoot network devices including wireless access points (WAPs), routers, switches, and controllers. 3.1.2 Traits and Skills of Actors Involved in the Provision of Wireless Networks at the Airport 3.1.2.1 Innovation Wireless transformation is driven by teams willing to embrace innovation in the way infor- mation is communicated among stakeholders, with the goals of achieving higher reliability and efficiency and creating new opportunities for cost-saving or revenue generation. Innovative leaders can promote technological and operational change by promoting a shared vision for the future. Innovative organizations need leaders acting as “change agents” who implement transforma- tions in both internal and external processes, support staff and tenants throughout the change, and monitor the success of change implementation. Change agents must account for heightened uncertainty, the high speed of technological change, the demands of a changing workforce, and quick changes in customer expectations. New opportunities must be evaluated and captured quickly. Change management starts at the top; namely, with individuals in management positions. Managers with the visionary persona should lead the overall vision and strategy, with close sup- port from those in the airport with the learning and organizing personas to involve the entire organizational culture, encourage new thinking at all layers, and leverage formal and informal solutions existing in the organization. Transformative leaders must also consider potential resis- tance to change coming from individuals or groups and from systems or processes that are out- dated or fail to fit current business conditions. Involving all layers of the organization maximizes listening and constructive feedback to identify those points that may be barriers to change. The following traits and abilities are key in change management agents: • Awareness of risk and value in the airport environment. Innovators are risk-takers and need to consider both the positive and negative outcomes of changes. Change agents should have in-depth knowledge of airport operations and focus on services that emphasize creating value. They need to understand the big picture, pursue continual service improvement, and have a strong sense of self-accountability. To attain this level of awareness, they should be able to collaborate with their peers, and delegate when needed, to effectively execute innovative ideas. • Risk management. Capture dependable inputs, thoroughly designed activities, and value- added outputs to properly define a process with a clear purpose. The risk management pro- cess typically includes risk identification, information gathering, measurement, evaluation, mitigation, and monitoring of those risks. • Problem-solving and critical thinking. Use knowledge, facts, and data to make informed decisions that have a positive impact on short- and long-term goals. They should be able to quickly identify, investigate, and map out complex problems and implement solutions within a reasonable period. • Creativity and initiative. Work independently to develop ideas and a course of action. To do so, they need to think laterally and imaginatively and connect ideas to resources and processes. They also must maintain flexible viewpoints and have the capability to explore new ideas. • Adaptability and capacity to learn. Accept and adjust to technological changes, business goals, operational and regulatory requirements, expectations, trends, strategies, and pro- cesses. For this, they need the aptitude and desire to quickly adapt their skill sets to techno- logical advances and regulatory requirements.

Planning and Implementation Guidelines 113   3.1.2.2 Leadership and Organizational Engagement Some key factors to support organizational development and acceptance of new technologies involve stakeholder engagement. This includes airport staff but also external contractors and tenants that benefit from the transformation. Key engagement drivers include confidence in leadership, commitment, a positive outlook on the future, meaningful collaboration, and rela- tionships with peers. Effective leadership is required to foster engagement in the stakeholder community when capabilities and services are transformed through new technology. Leadership and communi- cation are key skills within an airport to be able to effectively express ideas, vision, and data to individuals and groups including partners, stakeholders, and influencers. Communicating well allows staff in leadership positions to create and maintain good relationships, inspire people, present new opportunities, and even lead recruitment processes better. The ability to communi- cate effectively with different types of individuals including employees, management, consumers, and others will drive engagement and organizational visions for the future. Because the aviation field is so strongly regulated and influenced by governmental and mili- tary traditions, the hierarchical approach to leadership has traditionally been dominant. How- ever, because of globalization and employee activism, the changing roles of government and corporate roles, as well as high expectations by both employees and customers, leadership is shifting to inclusive models. Inclusive leadership focuses on team building, asking for feedback, and delegating tasks and projects to employees and stakeholders. Inclusive leadership helps orga- nizations adapt to diverse customers, markets, ideas, and talent. Inclusive leaders tend to have the following traits and skills: • Team building skills. Inclusive leaders articulate an authentic commitment to common goals, challenge the status quo, hold others accountable based on clearly defined responsibilities, and make inclusion a personal priority. They demonstrate an open mindset, curiosity, and empathy with those around them. They empower others, pay attention to the diversity of thinking and psychological safety, and focus on team cohesion. They are also modest about their capabilities and create space for others to contribute. • Organizational awareness. Effective leaders make the effort to learn about blind spots and flaws in the system and are attentive to cultural and organizational challenges. They effec- tively manage conflicts by fostering the best ideas and constructive interactions and can make decisions when needed to achieve established goals. They are also able to provide training, motivation, and directions to optimize productivity and promote organizational growth. • Communication and persuasion skills. Transformative leaders use written and verbal com- munication tools to clearly explain goals, set expectations, and solve conflicts. They show emotional intelligence to maximize interactions with others, are active listeners, use reason- ing skills to present facts, and negotiate compromises that please both sides. This combination of traits makes them able to influence attitudes and behaviors, and prompt others to act. 3.1.2.3 Technical Skills Some leaders with the organizing persona (IT Directors) or building persona (IT Service Administrators) must have technical competencies to understand the technology and be able to deploy and configure systems and effectively communicate the indicators that are relevant for planning and decision-making. They must be skilled in wireless standards, design, and protocols. This includes knowledge of designing system configurations, documenting and managing the installation of a new network, and maintaining and upgrading existing systems as necessary. At this level, the necessary skills are: • Analytical thinking, ability to organize information logically and to sequence procedure steps, and strong communication skills to convey specifications and expectations properly.

114 Transformation in Wireless Connectivity: Guide to Prepare Airports • Planning and organizational skills, time and deadline management, and effective collabo- ration, especially when working within a large team. Business acumen is very desirable, to facilitate the translation of strategic and managerial goals, with technical requirements and capabilities. • Adaptability and ability to quickly learn new technologies, security threats and features, regulations, and safety guidance. This is especially important to maximize the capabilities of wireless networks because the use of new features may require the configuration of system components, and at times replanning. Both IT Service Administrators and Network Administrators must be proficient in handling day-to-day tasks related to the setup, maintenance, and troubleshooting of wireless networks. They provide back-office support for the communication systems, including wireless networks, to ensure that safety and business-critical systems can effectively communicate to support airport operations. The personnel who maintain these systems must have the following core skills for analyzing, designing, and optimizing wireless networks: • Applied RF theory skills, including link budget analysis, system dimensioning for coverage and capacity, site deployment identification and evaluation, zoning analysis, and support. • Knowledge of wireless protocols, electrical circuit design, and extensive knowledge of net- work analyzers, amplifiers, and signal generators. This includes also understanding regulatory requirements. • Test and troubleshooting skills, including proficiency with test equipment, and aptitude to understand and analyze technical KPIs, identify root causes, and solve problems. • Ability to collaborate in a team environment and work under pressure. 3.1.3 Wireless Technology Transformation in the Airport Organization For the implementation of a wireless transformation project at a large facility such as an air- port, the three main organizational are promotion, planning, and operation. 3.1.3.1 Promoting the Network The critical component to promoting any network is having a proper understanding of the airport services (life safety, business-critical, entertainment, and branding) provided by the net- work infrastructure. Airport leaders (those with the vision, organizing, and learning personas) must ensure that network infrastructure aligns with the vision, mission, and goals of the orga- nization. To achieve this: 1. Leadership should promote a culture where stakeholders understand the value of the network and the services it provides. Collaboration should be encouraged among leadership, IT pro- fessionals, and stakeholders (end users). 2. IT Managers should document and plan technology challenges, wish list items, and continual service improvements. Improvement documentation is very useful to bring teams together to identify requirements and solutions. (Example: “Is a wireless survey needed to strengthen connectivity to Wi-Fi or cellular services?”) 3. Continuous discussions should address the ability to use network services to generate rev- enue, reduce operating costs, and increase availability to stakeholders. (Example: A shared tenant service provides access to high-capacity communication systems and offers a suite of telecommunication services. How can wireless access services be included in that formula to maximize the reduction in operating costs for tenants and distribute the costs among tenants and airport operations?) Even after a wireless network has started operations, all stakeholders should periodically be briefed on the network’s capabilities. This initiative will generate ideas

Planning and Implementation Guidelines 115   for changes to existing services or for new services that will provide value and help monetize the network infrastructure. In this step, transformative leadership is crucial, supported by other roles such as IT Direc- tors, planners, and marketing. Leaders need to maintain the support from management and stakeholders and promote the achievement of goals with words and deeds. These goals should reflect shared needs, which help shape a vision and mobilize commitment between the airport and stakeholders. 3.1.3.2 Planning the Network An organization’s technology must be aligned with its long-term strategic plan, goals, and objectives. Thus, an airport’s executive managers (who have visionary personas) must recognize the critical role of technology in laying the foundation for and enabling its strategic direction and operational goals. This recognition is essential to implementing a successful long-term tech- nology plan. Strategic planning is then done by the managers with organizing and learning personas to identify the goals and strategies necessary to accomplish, monitor, evaluate, and improve an asset such as a wireless network. It also requires planning the essential components, such as personnel, facilities, and systems that will handle future growth. These essential components directly affect each other, and proper network planning will help mitigate future resource issues. Network planning, performed by managers with organizing and building personas, entails determining the topology and capacity of a network to meet the growth requirements of the business. Implementing high-performance networks can be costly, and assessing the current environment, performing a needs assessment, and creating ROI goals allow for a clear under- standing and documentation of the requirements. During network planning, future network needs must also be considered and aligned with the mission, vision, values, and objectives of the organization. All identified goals must be measurable and define expectations during planning, solution selection, implementation, training, optimization, and maintaining the network. The goals, along with information about why and how they were defined, must be communicated to all stakeholders. The network plan is the organization’s central driving document. Financial and personnel resources must be allocated accordingly. The plan should include cascading goals structured to assist the organization in aligning it with its existing goals and support management and team members in achieving them. Within the network plan, performance management is a useful process to assist an organization in following its strategic plan. This includes assessing network requirements, budgeting, documenting the plan, training, implementation, expansion, and tech- nical support. Adequate planning of wireless networks should take into consideration several factors: • Business drivers such as low operating costs or rapid ROI and long-term goals. This includes customer requirements and metrics to measure success in meeting them. • RF network design and planning, including propagation modeling, design criteria, and traffic analysis. This includes foreseen scalability challenges when responding to network growth and changes. Spectrum regulation should be well evaluated, including estimated evolutions, to plan for long-term changes in frequency planning. • Technical support and training requirements, and network management, including cyber- security planning and recovery, to ensure business continuity. KPIs should be defined for performance monitoring of both technical and business objectives. • Software, hardware, and system requirements and procurement, which includes technical and funding requirements for design options (e.g., passive and active DAS) and site surveys to

116 Transformation in Wireless Connectivity: Guide to Prepare Airports identify equipment volumes and locations. Equipment co-location requirements for multiple wireless operators must be well understood and reflected in the network plan. • Space requirements for location and powering of wireless sites. This includes site-build verification and acceptance analysis, building regulations, and potential leasing/zoning restrictions. 3.1.3.3 Operating the Network Once the wireless network is planned and implemented, the airport IT Services Administra- tors work closely with network administrators to maximize the time when the network is oper- ating above the target performance. Together, they are typically responsible for performing the following functions: • Deploying, configuring, and upgrading wireless network solutions and ensuring that the net- work is optimized to support business and customer requirements. • Using tools to evaluate, test, and tune wireless network infrastructure, including routers, switches, virtual private networks (VPNs), firewalls, and other ancillary devices. This may include the provision of RFs to monitor link performance for reliability and throughput. • Collaborating with the network security administrator to evaluate vulnerabilities and threats, troubleshoot security problems, and adhere to established security standards. • Procuring network equipment and overseeing managed service providers and subcontractors supporting the operations and maintenance of the network. • Arranging scheduled upgrades according to control process procedures and updating wire- less network equipment to the latest firmware releases. • Reporting wireless network status to key stakeholders. In addition, network operation is closely related to continuous improvement cycles. Perfor- mance indicators allow airports to evaluate the value proposition of the network and how well it covers current and future business objectives. IT Directors and airport planners are respon- sible for monitoring strategic plans and updating them to optimize the execution of business objectives (such as customer requirements) and propose an augmentation of capabilities for future requirements and applications. This activity should be anchored in the airport organiza- tion structure in the form of periodic performance reviews and audits, which may be used to reinforce and direct future change. 3.1.4 Airport Organizational Structures for Wireless Transformation To successfully manage the decisions regarding the planning and operation of wireless infra- structure and services in an airport, appropriate organizational structures should be in place. A generic organizational structure for IT management functions is depicted in Figure 31. The implementation of this structure for wireless systems is subject to variations according to the availability of resources, consolidation of functions, and level of engagement of the airport. Some of the represented functions may be provided by an IT department internal to the airport, by an external contractor providing managed services for the airports, or by a hybrid model of collaboration of airport staff and contractors in the same team. • The IT Director (also called IT Officer, IT Administration Office, or similar titles) oversees and maintains all aspects of the wireless infrastructure, including service level, resource and supplier management, and risk management. The IT Director maintains the strategy and pro- cesses in place for service continuity, budgeting and accounting for IT services, communica- tion and documentation management, continuous improvement and alignment with airport management strategy, and customer relationship management. This office usually interfaces

Planning and Implementation Guidelines 117   with supporting functions from other teams in the airport organization, such as planning and operations, property development and lease management, facilities and maintenance, and marketing. Each of the functions managed by the IT Director is usually overseen by an IT Services Administrator. • The Infrastructure Project or Program Management Office manages all program goals, objectives, and interdependencies and coordinates and manages IT projects through their life cycle. It manages program and project budgets, resource management, service requests, and shared tenant services. • The IT Infrastructure Operations Office manages all hardware, software, and networking components, together with network management and security. It implements the security access protocols, control process management, and incident and problem management to monitor and maintain the performance of the networks in line with the service level managed for the customers. • The IT Infrastructure Architecture Office manages all design and implementation of the IT infrastructure and related functions such as security and performance management. It is responsible to set up the tools and processes for service continuity and availability. This includes recovery of security-related issues and required upgrades in the infrastructure. • The IT Service Desk is the central communication point for all IT-related issues, incident and problem management, cybersecurity monitoring, service request and control process, network monitoring and service reporting, communication management, and maintenance of the service level and resources of the network. It is still common to see airports establishing divisions between internal and external wireless service providers following traditional IT practices, especially maintaining internal departments Figure 31. Airport organizational structure involved in wireless network management. Supporting functions are departments at the same level as the IT director.

118 Transformation in Wireless Connectivity: Guide to Prepare Airports for office and operational areas and third-party vendors for passenger areas. However, this does not necessarily apply to wireless networks due to their extensibility and scalability. Many of the functions indicated in the organizational structure for wireless systems can be provided by third-party vendors. There are in general three categories of vendors, each suited for different specific tasks: • Suppliers are vendors who provide materials, equipment, products, or specialized services. These are acquired via Purchase Orders or material authorization. Wireless service providers fit into this category. More details on suppliers are in Section 3.4 Telecommunications Infra- structure Management. • Third-Party Support comprises vendors who provide offsite technical support and guid- ance on equipment, software, and system application support, such as software release and upgrades, and equipment failure support. These are engaged via support agreements, and product/service terms and conditions. • Contractors are vendors who provide on-site labor-type services in support of specific proj- ects, service requests, or incident activities. Engaging with contractors is aligned with specific objectives or time durations, and is usually done via purchase orders, work authorizations, airport identifications, or other specific agreements. Figure 32 shows typical IT tasks managed by contractors. Engaging with vendors for the provision of IT resources has advantages and disadvantages (Table 26). Generally, vendor engagement is dependent on the scope of services, the resources available by the entity, and the defined procurement policies. • Network Planning Engineer • Network Design Engineer • Network Management • Network Security • Data Center Operations • IT Incident Management • Project Execution • Quality & Assurance • Installation • Shared Tenant Services • Tier I Technician • Tier II Technician IT Infrastructure Operations Infrastructure Project / Program Management IT Infrastructure Architecture IT Service Desk Contractor Managed Services Figure 32. Typical IT tasks managed by contractors.

Planning and Implementation Guidelines 119   Smaller airports have fewer staff members. This makes budget management and procurement processes leaner and more reliant on expertise provided by external sources. Mid-size and large airport hubs, in contrast, tend toward more stable long-term ownership planning and capital- ization of resources. This, in turn, defines the level of engagement of the airport toward IT in general and wireless networks specifically (see Section 1.4 for details on engagement levels and associated business models). As wireless networks are a distinct access infrastructure, they can be integrated within the airport network while being deployed and operated by a different party, sometimes on a national or global scale. This gives flexibility to airports, ranging from entirely owning and operating the wireless network, to completely relying on a third-party provider system, to using hybrid solutions such as leasing parts of the IT infrastructure to wireless providers fol- lowing established cost and revenue-sharing formulas. In general, airports should work with external vendors if they have limited capital resources and prefer to pay for wireless access networks as OPEX, on a subscription or a usage basis. Also, if the airport does not intend to maintain a workforce of experts in technology and regu- lations in-house (e.g., relating to radio spectrum), they should rely on established vendors who can provide this expertise and lower risks associated with compliance and performance of the system. A good practice is to maintain pre-established vendor pools under a predetermined dollar value, allowing pre-qualification of vendors and facilitation of efficient procurement of goods and services. Goods and services exceeding the vendor pool threshold can then be solicited publicly or identified by sole source selection. 3.2 Technology Transition Planning This section discusses best practices in planning for the evolving technology environment of wireless technologies. It starts with a discussion of lifecycles for wireless technologies and then addresses the execution of airport operational planning in line with specific aspects of wireless technologies. Finally, it presents funding options and formulas and provides recommendations and best practices for financial planning for this type of service. 3.2.1 Management of the Wireless Network Life Cycle Managing the life cycle of the wireless network is challenging because typically it includes multiple coexisting network interfaces with different timelines for technology evolution, infra- structure and device refresh, equipment cost and availability, and deployment time, and it must coexist with all the airport functions that operate on their own—often longer—timescales. Although there is considerable variation in size, complexity, and use of wireless networks across airports, airports should consider some common factors to develop an effective approach to life cycle management. Advantages Disadvantages Experience and expertise in network architecture, management, and monitoring Controlled operational expenses Customized services Guaranteed service levels Standardized business methods and data regulatory compliance Centralized point of contact Indirect physical site response Support costs for outsourced services Limited scope of services Need to build trust and security and contractually guarantee service levels Table 26. Advantages and disadvantages of external vendors.

120 Transformation in Wireless Connectivity: Guide to Prepare Airports Deploying a wireless network is no longer a one-off investment in one technology to address a well-defined task (e.g., voice communications among staff) expected to last for a given number of years. Planning, deploying, upgrading, and expanding wireless networks has become a dynamic process, with a continuous change in performance, capacity, and technologies used. This is because the way wireless networks are used continues to change: • New use cases, services, and applications are added over time (e.g., the addition of AR/VR and UAVs). • Adoption and traffic load for each function increases (e.g., more video surveillance cameras). • Requirements become more demanding (e.g., higher video resolution, more sophisticated sensors, and higher security protection). Because new technologies and solutions become available to meet the growing demand from the wireless infrastructure and the equipment prices tend to decline, it is often cost-effective and more efficient to expand the network gradually, rather than to deploy an overprovisioned network designed to meet the long-term capacity and performance requirements. In this con- text, scalability, flexibility, and upgradability are valuable features to consider when choosing a technology, vendor, and solution. 3.2.1.1 Aligning Performance and Coverage Requirements with Technology Timescale Not only do the performance and coverage requirements change; but it is also difficult to cap- ture the requirements at the aggregate network level (i.e., for the combined set of applications, services, and use cases) and how they change over time. Yet, it is necessary to track and predict network requirements as part of the life cycle management to ensure that the network is not overprovisioned but able to perform as needed. This can be done by: • Keeping track of the applications and services supported by the network, the traffic they gen- erate, and challenges in supporting them (e.g., congestion, insufficient coverage, and network disruption) to monitor when the network approaches capacity and needs to be updated. • Forecasting the increase in traffic load and the evolution of requirements due to existing and new applications and services, assessing how this will affect the network, and predicting when a network upgrade will be necessary. • Keeping track of the technology evolution to decide which upgrade solution is the best one to meet the new requirements [e.g., when it is time to move to 5G or 6G in cellular, or when/whether it is necessary to support network slicing or higher order multiple-input, multiple-output (MIMO)]. Wireless networks use multiple technologies, devices, and management tools. The timescale for each of them is different, and airport technical managers need to keep track of all of them and how they interact and plan according to their needs. Managers should also be aware that some stakeholders will use their own wireless systems in the airport, indicating the need to plan for space and spectrum compatibility. The availability of a new generation of a technology does not necessarily mean that the organization should adapt to it. In some cases, legacy technolo- gies may be preferable for some time as new technologies become more mature, cheaper, and better supported in-terminal devices. For instance, the limited availability of devices, especially for IoT applications, may slow down the adoption of technology such as Wi-Fi 6 or 5G. At the other extreme, support for and availability of terminal devices may become an issue for legacy technologies and may lead the airport to consider a network overhaul. Also, the organization may not need the improved performance of the new technology. For instance, the transition to Wi-Fi 6 and 5G is happening at approximately the same time, but the adoption of the new technologies does not have to follow the same timeline. Some airports may want to upgrade to Wi-Fi 6 but may not be in a hurry to adopt 5G or vice versa. At the same time,

Planning and Implementation Guidelines 121   low-power IoT networks may not need upgrading because they have been shown to provide the connectivity the airport needs. Timescales for wireless tend to be shorter than for other types of infrastructure, and the pace and frequency of updates and new versions are accelerating. The lifespan of a mobile phone is 2 to 3 years, much shorter than that of many avionics, for instance. At the same time, the lifespan of sensors is considerably longer (10 or more years), and hence, sensors must use a network access interface that will be supported throughout that period. As a result, when choosing a wireless technology and its evolution, airports must ensure that the lifespans of terminal devices and the infrastructure are a good match and that the devices will be supported as needed. This is not a trivial task, as device vendors typically do not have control over the support for the infrastructure access technology, and the vendors who provide the access equipment may not be able or will- ing to commit to supporting the technology for a specific period. Organizations need to address these issues with vendors to protect their investments. The refresh cycle also varies across technologies and their use. For instance, a legacy LMR system may not need to be upgraded if the airport plans to move to a new network, but a heavily used Wi-Fi network may need to be refreshed to reduce congestion. The refresh cycle for Wi-Fi is typically 3 to 4 years, given that Wi-Fi is a rapidly evolving technology, whereas low-power IoT networks have longer refresh cycles. As a result, airports must plan network upgrades separately for different technologies. Ballpark estimates for the number of years for the refresh cycle for each technology family are depicted in Figure 33. The refresh cycle does not necessarily affect the entire network. Thanks to backward compat- ibility, a Wi-Fi refresh of the APs does not require the adoption of new terminal devices; how- ever, adding a 5G in-building network to an existing 4G network requires the adoption of new 5G devices if access to the 5G network is needed. If airports use virtualized network components, the refresh cycles for software and hardware are separate and follow different timescales. Software upgrades are increasingly done at very short intervals, as software continues to improve. This is also encouraged by subscription models, in which airports pay for the software license every year 0 5 10 15 20 25 30 35 Wi-Fi Cellular & cellular LPWAN AeroMACS PAN RFID Zigbee Unlicensed LPWAN LMR Figure 33. Comparative estimates of the refresh cycle (years) for wireless technology types.

122 Transformation in Wireless Connectivity: Guide to Prepare Airports and get all the incremental upgrades; in this case, the refresh cycle becomes a continuous activity. Major upgrades that require complete reinstallations may be necessary every 5 to 10 years. Hard- ware upgrades vary according to the type of equipment but should occur every 4 to 5 years. Some equipment vendors have started to offer hardware-as-a-service options, which are like leasing programs. In this case, the life cycle evolution is included in the program and may allow the airport to manage the transition more smoothly. 3.2.1.2 Procurement and Cost Performance Evolution The wide range of technologies and solutions and the wide range of requirements make the procurement process complex, but also create an opportunity for airports to learn more about the options available and how multiple wireless technologies can complement or conflict with each other. Although this will prolong the process, a deep-dive Request for Interest, perhaps done in collaboration with other airports, may be useful to get sufficient guidance for preparing a well-defined Request for Proposal, with precise and realistic requirements, and to have a pre- liminary assessment of the type of performance the airport can expect with the available funding. As a technology matures and is more widely adopted, costs decrease and performance improves. Although it is impossible to precisely predict the pace of these changes, airports can factor in the impact of technology evolution on life cycle management. For instance, if equip- ment costs are expected to decrease rapidly, the airport should try to deploy a small and scalable network at the beginning and gradually expand it as demand grows. Airports can expect the cost of equipment of infrastructure and devices to decrease by 10% to 20% per year for new technologies, with the costs flattening out as the technology matures over time. 3.2.1.3 Training and Culture A crucial factor in the successful deployment of a wireless network is the adoption by employees of the services it provides. A network may work flawlessly, but if employees are not trained to use it, do not find it useful, or see it as a threat to their roles and jobs, it will remain underused. Training employees is the first step to ensuring that the wireless network will be used as planned. Employees need to be trained on how to use both applications and devices. In many cases, they will also benefit from knowledge about the network; for example, what the network can do for them, where they may see a lack of coverage, and how to recognize network problems. Because the network continues to evolve and new use cases are added, training for IT staff and all staff using wireless applications should also be considered an ongoing activity that expands over time. Training can be offered by the airport (e.g., the IT department providing training to the staff in other departments), or through vendors and third-party organizations (e.g., certifica- tion programs). Culture is equally important in establishing an environment where employees do not feel that the technology advances will threaten their roles or their jobs. Training will help create a culture that supports technological innovation, but training alone is not sufficient. Management should present and discuss its approach to the adoption of wireless technologies and how this will affect airport operations and staff. Specifically, the wireless network is shared among different units and groups of users, and this may require the establishment of guidelines on how network resources should be allocated and how the different organizational silos should work more closely with each other. 3.2.2 Operational Planning for Wireless Technologies Operational planning is required to help develop a strategy to guide organizations in meeting their mission and goals. Airports similarly use operational planning to identify and establish

Planning and Implementation Guidelines 123   steps for implementing various improvements, such as procurement of wireless technologies, to support safe and efficient operations. As such, technology planning efforts establish an action plan for airports to support current and future services. Such technology planning allows airport sponsors to explore various funding options to meet forecast demand for wireless technologies. Airports use various mechanisms to plan for future development, but the most comprehensive medium is the airport master plan. Publicly funded airports, as part of their grant assurance requirements, must provide a 20-year airport master plan to their state DOT and FAA every 5 to 10 years to identify and justify all major infrastructure requirements and requests. Airports use the master planning process to evaluate alternative development scenarios considering existing and forecast demand, operational needs and opportunities, and anticipated funding. This includes evaluating environmental, safety, security, socioeconomic, operational, maintenance, and design criteria in conjunction with the community and airport sponsor’s vision for future growth. An airport’s technology roadmap would use the airport master plan’s vision and goals to iden- tify existing technologies as well as new or expanded technologies to support airport growth. Further, including technology infrastructure improvements in both the airport master plan and layout plan will provide a comprehensive written and graphical scheme for future airport development. 3.2.2.1 Innovation-Driven Wireless Strategy The rapid pace of development of wireless technology demands continuous exploration of technologies and their applications to stay up to date. Early identification of new technologies and applications allows airports to efficiently use their resources while improving their ability to compete for federal and state funding. Establishing periodical reviews for the exploration of technologies (including wireless) and their use cases allows airports to make recommendations for related improvements as part of their master plan, capital improvement, and implementation programs. Although many technology applications are developed and provided to airports by third- party vendors, these may not always fit with the realities of a specific airport. Having the airport staff participate in developing technology applications may foster innovations that can poten- tially improve airport operations and services. There are three main approaches for airports to engage with innovation: • Local community. Airports with strong ties with local businesses and educational institu- tions can leverage specific resources and align with their specific goals. Engaging with such local stakeholders can yield common benefits in the form of improved connectivity, which in turn generates more productivity and builds a stronger community. Smart cities, present usually at larger urban scales, are another example where IoT and connectivity initiatives can extend to the airport as part of the metropolitan area. Innovating with local communities usually involves setting up proofs of concept (i.e., small-scale operational implementations of new technologies or services) and making local stakeholders test them to demonstrate their value and promote buy-in. It is necessary to give a limited time to proof-of-concept testing and convey a sense of urgency to potential testers to avoid delays. • Innovation lab. Airports can establish themselves as a catalyst for new technology applications by engaging with startups of national or international projection to propose and explore new technology concepts using the airport as a test bed. This option only requires airport staff to coordinate with the different institutions, making it a cost-effective approach to innovation. However, proper engagement is required to ensure the airport can leverage the laboratory results achieved (e.g., in the form of a proof of concept) and obtain a competitive advantage. Examples of this approach are Innovation Hubs at San Diego and Vancouver International airports.

124 Transformation in Wireless Connectivity: Guide to Prepare Airports • Innovation department. The airport sponsor can also establish an office dedicated to the proposal and exploration of new airport technological use cases. This option requires hiring additional staff, which makes it more expensive than an independent innovation lab. Still, this option allows for greater control over developments and Proofs of Concept while keeping innovation activities in the hands of airport staff. Because airports vary in size, operations, and location, their goals and motivations, along with preferred innovation methods, are likely to differ substantially. Case studies developed in Chap- ter 2 confirm this trend. However, all airports, whether large commercial hubs or small general aviation airports, have at least one shared goal, which is to support the safety and security of aviation operations. Table 27 highlights some of the different motivations and methods airports may apply for integrating technology based on their level of operations. 3.2.2.2 Operational Planning for Funding Purposes According to the current Airport Improvement Program Handbook, FAA Order 5100.38D (FAA 2019), issued in February 2019, certain planning elements such as the IT master plan or analysis, asset management planning, business plans, and rates and charges analysis are not eligible for federal grant funding. Using airport improvement program (AIP) funds for ineligible projects would violate grant assurances and jeopardize future funding opportunities. Therefore, it is important for airport sponsors when evaluating the costs of incorporating vari- ous technologies into airport infrastructure or other improvement projects to work with their FAA Airport District Office program manager to determine whether recommended technol- ogy upgrades would be eligible for FAA airport improvement funds. If not, alternative funding sources should be identified. Operational planning can also support long-term financial planning in terms of cost alloca- tion. Traditionally, wireless technologies are included as part of the IT infrastructure budget. This approach makes sense for a core communications infrastructure that supports all systems including radio access networks. However, as the share of wireless communications increases with other IT resources, the budget allocated for wireless infrastructure deployment and opera- tions needs to adapt accordingly. An emerging approach in IT is to consider resources as OPEX- based on-time-based subscriptions or contracts with suppliers. This method fits the wireless technology life cycle, as this type of technology evolves quickly, and changes to the system are expected to happen relatively often. OPEX-based budgeting would relieve CAPEX and reduce the financial risk of investments. Airport type Motivations to innovate Methods to innovate Primary large hub/medium hub Ensure high connectivity performance Scale up IT systems and service offer Strong brand Innovation lab Innovation department Local community (smart city) Primary small hub/non-hub Find formulas to balance connectivity capabilities and cost Generate value for tenants and the local community Use of airport spaces in collaboration with the local community (education, private sector) Local community (smart city, education, industrial park) Non-primary/general aviation Provide targeted value for tenants and co-located businesses efficiently Optimize connectivity at variable user demand Local community (smart city, industrial park) Table 27. Airport technology motivations and methods.

Planning and Implementation Guidelines 125   A complementary approach is to assign wireless technology developments and budgeting to specific operations. As wireless technologies enable use cases that provide value propositions for airport applications, the deployment of these technologies can be allocated and distributed among the teams or business units using them. Distributing the cost of wireless infrastructure can alleviate budgeting constraints because the resources needed for the wireless infrastructure would originate from the budgets of several airport applications. Because funding for wireless and other related technologies is limited, airport sponsors must evaluate the long-term vision of development compared to existing resources, short- and long- term costs, benefits, and potential funding options to support potential technology improvements. Still, by incorporating wireless technology recommendations as part of the infrastructure and operational improvements, airport sponsors can work with technology vendors, financial insti- tutions, and existing and potential tenants to develop an overall plan for airport and community growth. This will allow the airport operator to demonstrate need and investment opportunities to third-party investors, and to structure the best combination of capital and operational expense formulas in the budgeting cycles. 3.2.2.3 Operational Planning to Forecast Demand The deployment of wireless technologies and associated upgrades is not a one-off investment. Unlike other large infrastructure projects, such as a runway extension or major rehabilitation, network investments including planning, deployment, upgrading, and expansion of both wire- less technology and infrastructure involve continuous investment. This is especially true of wireless technologies, where user demand and technology capabilities change quickly. Airport managers and staff must work with technology experts to identify existing and future demands to identify infrastructure, equipment, training, and personnel requirements. Therefore, airport management must implement a planning strategy that balances demand, resources, and long- term needs to support safe and efficient growth. Further, airports compete to attract tenants, operations, and passengers in addition to federal and state grant funding for airport projects. Forecasting demand can help the airport stay ahead of the game in terms of customer service and air development services, providing an advantage over competing airports. Just as they need to evaluate new sustainable techniques for improving airfield pavement reha- bilitation and lighting upgrades, airport planners need to identify opportunities where wireless technologies could be used to support multiple airport systems including, but not limited to, baggage systems, airport security and passenger screening, airport maintenance, airfield man- agement, airport lighting and power systems, traffic management, noise, air quality, and waste management. However, unlike some large infrastructure projects, such as parking garage con- struction, pavement rehabilitation, and airport terminal improvements, which require long lead times for development and construction and can be planned well in advance, some technologies, including wireless, evolve at a much faster rate. Therefore, technology improvements identified as part of the long-term airport planning process must support evolution and scalability. The system should be capable of performing proof-of-concept testing and supporting growing service demand. However, although an airport typically completes a master plan approximately every 5 to 7 years depending on demand and infrastructure needs, effective airport planning is continu- ous and requires evaluating airport processes and resources against user demands and needs. Although technology improvements require a shorter lead time, airport operators can still develop a 3-to-5-year planning timeline where technology could support the practical imple- mentation of ideas to expand or establish new products and services.

126 Transformation in Wireless Connectivity: Guide to Prepare Airports 3.2.3 Financial Planning of Wireless Technologies Airports have long understood how to manage and fund physical assets, such as terminals, real estate, and runways, and there is well-documented guidance regarding budgeting cycles, project prioritization, and funding, as well as the management of airport physical assets. However, histori- cally, airports were advised to proceed with caution regarding investment in new technologies. It was often recommended that airports wait until technology matured and consumer/user demand substantially increased to justify the investment. However, the impact of COVID-19, additional airport infrastructure operational monitoring (e.g., proactive HVAC systems monitoring, social distancing, touchless systems, and mobile ordering and payments), new infrastructure development, and demand for consumer data by retailers and airlines are driving airports to invest in wireless technologies. Further, given the pace of consumer demand and user requirements, most airports’ wireline network infrastruc- ture would be strained by demand. Thus, by creating expanded wireless connectivity with the acquisition of consumer data, wireless networks will provide airports with additional nonaero- nautical revenue streams and provide cost savings from more efficient allocation and use of existing resources. 3.2.3.1 Investment Options for Wireless Infrastructure in Airports Because deploying wireless technology is no longer a one-time investment, wireless tech- nology providers are developing different financing strategies for airports to support the planning, deployment, upgrading, and expansion of wireless networks. Some of these orga- nizations also provide airport employee training and system monitoring services. Because wireless networks use different technologies and devices, the timescale for adopting these tech- nologies will also vary. As a result, airport sponsors must evaluate the costs associated with the installation of the initial wireless technology infrastructure as well as the day-to-day operating costs. Like those of a typical business, airport costs can be split into two categories: CAPEX and OPEX. Airport operators can manage wireless network infrastructure directly or via delegated entities or via different types of hybrid management approaches to provide services needed to support user demand. Thus, given the level of airport engagement combined with the cost of procure- ment, maintenance, and the need to monitor and upgrade wireless systems more often than traditional fixed assets, wireless providers offer various financing options. For the level of airport engagement (i.e., whether the airport sponsor owns, plans, and/or runs the network), three broad financing categories were identified. Depending on the service provider, the needs and wants of the airport sponsor, user demand, and other considerations, various financing arrangements can be established. Further, when deciding which option to pursue, the airport sponsor needs to consider the following questions: • Are enough funds available to purchase the equipment and pay for the infrastructure, or will outside financing be needed? • Are the number of personnel and amount of internal expertise sufficient to manage wireless services at the airport (i.e., What level of control do you want over the technology?) • What is the acceptable length of the contract commitment with the technology provider? Who is responsible for maintenance and upgrades to the equipment and infrastructure? • Even if the funding is available, which would be preferable: a long-term lease agreement with the technology provider or a “pay as you go agreement”? • Who are this infrastructure and network for? Airport users only or will the services also cover other airport tenants (e.g., business park tenants)? How would this service be included in the lease agreements?

Planning and Implementation Guidelines 127   • Are some tenants required to establish their own wireless network or service agreements? How would they coordinate with you regarding infrastructure improvements to support development? How would these services be included in the lease agreements? • How will the wireless agreement(s) impact cost and staffing needs? Is there any flexibility in the contract terms? • Will the proposed wireless service agreements affect the airport’s federal or state grant assur- ance requirements? Table 28 provides a broad overview of potential wireless funding agreements as well as the airport sponsor’s anticipated level of likely engagement. It is important to note that, although these options generally show that the same wireless services could be used for airport opera- tions, tenants as well as passengers, this is not required. For example, at both the Brussels Airport (BRU) and Helsinki-Vantaa Airport (HEL), the airport sponsor established a private network specifically for airport operations while wireless services to tenants and passengers are provided through a different system via a common carrier. This illustrates just one of many flexible arrangements that airports can pursue when installing and upgrading their wireless network. As systems and technologies continue to evolve, variations in business agreements will become typical. Airports will need to evaluate which option best serves their needs considering available capital improvement funding, operating revenues and expenses, available staff, procurement require- ments as well as proposed technology and innovation goals. As technology matures, performance Investment Options Engagement strategy Examples Option 1 CAPEX Model. Airport operator, using airport funds, bonds, or loans, pays for all physical infrastructure and equipment. Airport operator has complete control. All revenue generated returns to the airport operator. Airport is responsible for funding all system updates, including hardware and software, staffing, training, and other related services. Provider Airport owns, plans, and operates a wireless network. Airport uses the network to increase revenue generation and attract new business. Large commercial airports with substantial capital and operational funds and/or easy access to outside funding. Airports have substantial wireless infrastructure in place and are looking to expand. Airports support extensive passenger or cargo operations and/or critical security infrastructure. Option 2 OPEX Model. Airport operator establishes long-term lease agreement with a wireless service provider. Airport uses monthly operating revenues to pay for services. Technology provider is responsible for all equipment, monitoring, maintenance, staff training, and system upgrades. Airport operator may provide some existing infrastructure as part of the lease agreement. Agreement may include negotiated discounts. Hands-off The technology company owns and operates the network. The airport leases all services and equipment. Airport and technology company share costs and revenues per the long-term lease agreement. Useful for smaller regional or general aviation airports with limited capital funding options and low upfront costs. Airports with limited staff. Airports with no or limited wireless infrastructure. Provides the airport operator flexibility to adjust services and resources by need and availability. Option 3 Hybrid Model. This option is a combination of Options 1 and 2. The airport, through various capital improvement funding options, would buy and install all the initial equipment and infrastructure needed to support wireless technology. The airport may also have some staff assigned through the IT department to monitor the day-to- day wireless system operations. However, some equipment, training, and maintenance, as well as other services to support the technology, would be addressed under an annual lease or service agreement with the wireless provider. Under this option, like in Option 2, some equipment may be provided at a reduced cost based on the type and length of the service agreement. Private network owned by airport operator. Public network service provided by a neutral host (DAS). Negotiated agreement for cost and revenue sharing. Public cellular DAS. In this case, the airport shares some CAPEX with a neutral host for infrastructure and service activation; after that, the mobile carrier pays for the service, and there are no airport OPEX. Suitable for most commercial passenger airports and large GA airports. Dedicated IT staff to monitor the system. Airport operators and/or tenants work with wireless providers on system management and expansion. Table 28. Airport funding options for wireless systems.

128 Transformation in Wireless Connectivity: Guide to Prepare Airports improves and the costs for equipment and infrastructure are anticipated to decrease. Depending on demand and the long-term technology outlook for the airport, management will want to consider overall costs and demand. As costs decrease, it may be more cost-efficient for an airport to initially deploy a small, scalable network and expand as demand grows. 3.2.3.2 Federal Funding Options for Wireless Investments Typical airport funding for eligible capital improvement projects consists of a combination of federal AIP grants and state DOT grants, as well as a combination of airport revenues (aero- nautical and nonaeronautical), bonds, and loans. Projects may be eligible for FAA AIP funding if they comply with the requirements outlined in FAA Order 5100.38D, Airport Improvement Pro- gram Handbook (2019). In addition, airport sponsors should review FAA Order 5190.6B, Airport Compliance Manual, specifically Part V, Financial Responsibilities, when setting up agreements with both wireless providers and airport tenants. Although a project may be eligible, a grant may not be forthcoming. The availability of federal or state grants depends on federal and state budgets, airport needs nationwide, demand, and the priority of projects likely to be pursued (i.e., a safety project is more likely to receive funding than capacity demand projects). The current Airport Improvement Program Handbook does not provide any funding for wire- less and other related technology improvements. This also includes the development of an IT master plan or analysis either as part of the traditional airport master plan or as a stand-alone document. However, given the impact of the COVID-19 pandemic and the demands for new technology to support consumer demand and safe airport operations, there are discussions regarding includ- ing potential federal and state funding to address required airport technology improvements. Therefore, airports should be proactive and identify as well as justify potential technological improvements in case funding becomes available as part of the FY2022 FAA Reauthorization Act. Therefore, airports could look for alternative funding sources through creative public-private partnerships to advance their technology agenda in the near term. 3.2.3.3 Partnership Models for Technology Investments As noted, airport operating revenues consist of a combination of aeronautical and nonaero- nautical sources. However, as the COVID-19 pandemic effectively illustrated, forces beyond an airport’s control can cause substantial budgetary shortfalls in operating revenues and expenses. Even without the pandemic, airport revenues and expenses can fluctuate from year to year based on such factors as the price of fuel, aircraft operational demand, number of tenants, design and construction costs, maintenance fees, and others. Therefore, some level of outside funding is usually needed to support substantial airport infrastructure and equipment upgrades. Given the critical need for airport technology improvements, sponsors must establish technol- ogy collaborations with industry, airport users, and other stakeholders to match physical assets and financing solutions to create mutual value. Several partnership models were identified that could be used to support technology development. These models depend on need, available financing, and the airport’s goals: • Value-based collaborations. Airports include various valuable assets including property, passenger and tenant data, concessions data, infrastructure as well as operating equities. Also, major airports provide brand recognition from which companies with creative tech- nologies could benefit. These live operational environments provide technology companies the opportunity to test solutions and capabilities at reduced financial costs for both the

Planning and Implementation Guidelines 129   company and the airport itself. For example, TSA’s Innovation Task Force used this model with the San Diego International Airport (SAN) Innovation Lab to develop new capabilities at a reduced cost. • Joint investments/partnerships. Public-private partnerships are widely used in aviation for airport infrastructure, build-operate-transfer type, and other types of concessions. This is not different for wireless networks, where the maintenance, operation and upgrade of specialized network infrastructure are more efficiently managed by a technology or service provider. There are three main formulas for public-private partnerships in wireless networks at airports: – Outsourcing specific functions as a service (as an IT supplier; see Section 3.4.2.1). – Allowing a private entity to install their own assets in the airport to provide their own service (e.g., mobile carrier). This could be funded by the service provider in the form of lease fees paid to the airport. Sometimes, however, the wireless provider takes over the management of certain airport assets in addition to installing their own assets, which is a hybrid model closer to the concession approach. – Granting a temporary concession to develop and operate a certain facility or infrastructure owned by the airport. This is the typical case of the neutral-host model (used for DAS and, increasingly, private wireless networks). In this model, the third-party provider incurs part or all of the cost of the new infrastructure, in exchange for receiving part of or all the revenues (e.g., fees from mobile carriers participating in DAS). Public-private partnerships are usually structured for the long term, although in the case of rapidly changing wireless technologies, it is recommended to align them to technology life cycles (10–15 years). Financing comes partly from the private sector but requires payments from the public sector and/or users over the project’s lifetime. The public partner (i.e., the airport sponsor) must focus on defining and monitoring the objectives and regulatory com- pliance. Risks are distributed between the public and private partners through a process of negotiation. However, because of the novel technology, it is highly recommended that the airport sponsor obtains the support of specialized legal counsel on potential liability issues and ensures buy-in from regulators (FAA and state DOT). • Sponsorships and branding. Airport passengers provide valuable opportunities for compa- nies to market their wireless services. The traditional advertising framework provides market- ing space for various goods and services. For example, an electric automobile company could pay for charging stations at the airport in exchange for their branding on those stations. The result is that the company benefits from the advertising and the airport completes needed work without financial cost. Similar partnerships that provide a material benefit to a com- pany in exchange for services or products at the airport can advance technology agendas with reduced near-term costs. • Asset monetization. Asset monetization involves converting specific assets to provide eco- nomic value. As noted, airports have several valuable assets. Although airport use of physical assets for monetization is well-established, airports, to date, have not fully leveraged the value of data acquisition and management. The effective use of data collection obtained from various sources can provide an additional source of nonaeronautical revenues to support airport operations and development. Airports that have real-time passenger wait time systems can package and license access to this data for airlines, TSA, tourism organizations, and even concessionaires who are all looking for data to understand and improve passenger flow. By recording these airport assets, new and expanded opportunities for nonaeronautical revenue could be established. Ultimately, this circular model allows near-term technology invest- ments to generate revenue, which then can be used to justify continued investment as well as long-term development. This model also provides near-term performance-based returns for investors.

130 Transformation in Wireless Connectivity: Guide to Prepare Airports 3.2.3.4 Wireless Development and Funding Process Given the current funding environment and ongoing need for wireless and related technolo- gies, airports could take the following steps, as illustrated in Figure 7: • Build a technology roadmap. Airports should identify the specific functional requirements needed to support stakeholder, employee, and passenger technology demands. Establish a specific, time-based technology plan including preliminary cost estimates and justification which will allow management to focus on the capabilities and technologies needed to advance the airport’s ultimate development. Further, by developing a technology roadmap, manage- ment can prioritize development that ultimately may be eligible for traditional funding. • Create an airport financing plan. Based on your unique operating environment, existing partnerships, and the technology roadmap, an airport should develop a clear financial plan to identify the most effective funding options, stakeholder requirements, and different types of partnerships required as well as expected initial investments and returns over the project life cycle(s). By establishing a clear financial plan, airports can identify and justify technology investments. • Identify partners and an implementation plan. Once the technology roadmap and financing plan are complete, the next step involves identifying, establishing, and soliciting partnerships/ collaborations with individuals and organizations to support the installation, upgrade, and/or expansion of needed technologies. Working with stakeholders and wireless providers will allow airport management to align proposed technological improvements with the existing and planned airport environment. The last step requires airport management to establish a program management team to monitor and control the overall technology program including measuring and tracking ROIs. 3.3 Spectrum Management This section discusses the mechanisms of managing spectrum, legally and efficiently, to ensure appropriate capacity and minimize interference. The regulatory regime of spectrum bands is a key factor for an airport to consider when assessing the suitability of wireless technology to meet the requirements of specific applications or use cases. For instance, private cellular networks may meet all the requirements for many applications, but airports are unlikely to be able to use or even control that spectrum. On the other hand, airports have access to unlicensed bands such as the 5-GHz band, but so does everyone else, and congestion and interference may limit the usefulness of those bands. Regulation determines the availability or usefulness of technology and, in many cases, creates specific requirements that airports must satisfy in order to use many spectrum assets. In addi- tion, regulatory and standardization compliance, as well as optional or mandated certification, creates an additional set of limitations and protections that airports must be aware of and con- sider when adopting wireless technology. Although each band has its own specific regulatory framework (e.g., power limitations), there are three types of spectrum regimes: • Licensed spectrum. Allocated to a single user, commonly through a public auction, and, in the United States, covers a specific area (e.g., cellular bands) or a specific link (some micro- wave bands). • Unlicensed spectrum. Available for everyone to use, but typically allowed a lower power limit to reduce the impact of interference and to encourage spectrum reuse. Because everyone can use it as desired, congestion and interference are common in areas with high-traffic density. • Shared spectrum. Unlike licensed spectrum, shared spectrum can be used by multiple users, but unlike unlicensed spectrum, shared spectrum availability to different users is variable. If there are incumbent users who have spectrum access rights, they typically retain priority access, but they are required to let other users use the spectrum when they do not need it.

Planning and Implementation Guidelines 131   3.3.1 Unlicensed Spectrum Table 29 indicates the spectrum management tasks when operating in unlicensed bands. Multiple spectrum bands are unlicensed; notably, the 900 MHz and 2.4 GHz ISM bands and the 5-GHz Unlicensed National Information Infrastructure (U-NII) bands in the United States. A diverse selection of products exists in each unlicensed band. Many of these products use fun- damentally different, and incompatible, radio transmission protocols. Interference is inevitable. One FCC rule for products operating in an unlicensed spectrum is that they must be capable of accepting all interference from other unlicensed devices while not causing any interference in the licensed spectrum. This has led many products to use a listen-before-talk transmission pro- tocol to implement autonomous “sharing.” But some devices operate in the unlicensed spectrum without regard to other spectrum users. Wireless devices using unlicensed spectrum can connect to a wireless network or function as an unsecured point-to-point connection. Without proactive measures, anyone can use any device in any one of multiple transmission configurations. In most venues today, overlapping Wi-Fi networks are operated by the venue and by tenants. In most cases, both the venue and the tenant rely on the built-in network controller function to coordinate their channel usage in a mutually beneficial manner. This may be sufficient when all networks are small, the security requirements are not extreme, and the number of users is low. However, each network makes its own optimization decisions independent of the others, which results in continually changing network configurations. The role of the venue manager in unlicensed spectrum management is directly related to how reliably the devices/applications must perform. If all applications are considered non-essential, best-effort, then no action is required. If any application is essential, the manager must take proactive measures to minimize competing, and conflicting, users within the operational foot- print of the venue. In these cases, the venue manager should develop a master plan that accounts for all potential wireless network users within the venue’s footprint and finds a way to ensure all parties comply with the plan. The latter is probably only possible if the spectrum management plan is a condition of each tenant’s lease agreement with the venue. For large, complex, deployments involving the venue and multiple tenants, the only reliable optimization is to revert to a preplanned “static” assignment of the channels in a reuse plan. For the example of Wi-Fi, the minimum channel reuse plan requires four channels. Wi-Fi at 2.4 GHz only has three channels and will experience co-channel interference with only one deployed net- work. Wi-Fi at 5 GHz has at least 21 channels, easily supporting multiple networks. The tradeoff involves the choice of more small channels for reliable operation instead of fewer large channels with greater speed. 3.3.1.1 Wi-Fi The most widely used unlicensed band technology is Wi-Fi, using the ISM band 2.4 GHz and the U-NII 5-GHz band, in addition to the 6-GHz band (in the United States, this spectrum is shared with cellular in outdoor environments; see Section 3.3.1.3) and 60-GHz band. In the Wi-Fi PAN Cellular Sigfox LPWAN RFID, NFC Spectrum Ensure equipment is certified by FCC to conform to regulations. Vendors Ensure interoperability if multiple vendors are used. Operators na Set up an agreement with Sigfox. na na Note: na = not applicable. Table 29. Spectrum management tasks when operating in unlicensed bands.

132 Transformation in Wireless Connectivity: Guide to Prepare Airports future, the ISM 900 MHz band is also expected. Everyone can use these bands, without a license or coordination of access with other users. Both the infrastructure (e.g., APs) and the devices (e.g., phones) must comply with 47 CFR Part 15, and vendors must obtain certification from FCC. Wi-Fi uses a listen-before-talk mechanism that allows different users to share the spectrum, but that also reduces the efficiency and reliability of the spectrum and creates interference. Air- ports can deploy Wi-Fi throughout their real-estate footprint, and most do already, but tenants can do that too. Some venues try to arrange with their tenants to manage Wi-Fi coexistence or share networks to limit the impact of interference and congestion. Given that they have control over the real estate, airports may also be able to limit the ability of tenants and third parties to install Wi-Fi infrastructure or extract revenues from it. To ensure that Wi-Fi equipment complies with the standards and performs according to industry standards, airports should check if the equipment selected has been certified by the Wi-Fi Alliance and for which certification programs (e.g., security, voice over Wi-Fi, roaming, video optimization, or traffic management). The Wi-Fi Alliance has a publicly available data- base of certified products and the features they support. If the airport wants to establish roam- ing relationships with mobile operators, it should ensure that the network can support WBA OpenRoaming. 3.3.1.2 Personal Area Network (PAN) PANs, such as Bluetooth, use the ISM 2.4-GHz unlicensed band that Wi-Fi uses. PANs trans- mit at lower power than Wi-Fi, but any airport can freely deploy them. At the same time, because PANs are widely adopted and traffic is primarily between mobile devices, airports cannot control the use among passengers, tenants, and staff, and therefore have little control over potential inter- ference among PAN devices. At the same time, the low-power levels ensure that the technology has a limited impact on technologies such as Wi-Fi in the same band. The Bluetooth SIG and the Zigbee Alliance are responsible for the standardization of the technologies and interoperability across vendors, and, although they keep a list of devices and define multiple features that devices may or may not support, they do not have a certification program. In this case, airports can check with the vendor or solution provider about standard conformance. 3.3.1.3 Cellular: 4G and 5G in Unlicensed Bands 4G and 5G equipment can also use unlicensed bands, typically the 5-GHz band, and the 6 GHz and 60 GHz bands in the future. LAA and 5G new radio unlicensed (NR-U) can be used in these bands within the regulatory framework for these bands and in accordance with 3GPP stan- dards. However, commercial equipment availability, especially for 5G equipment, is still limited. From a regulatory perspective, the 4G and 5G equipment is treated like Wi-Fi. Wireless pro- viders in an airport do not need to get any license, although they need to ensure with the vendor that the equipment is certified. When operating in an unlicensed spectrum, 4G and 5G equip- ment must be able to coexist with existing infrastructure (mostly Wi-Fi) and use listen-before-talk algorithms that will negatively impact performance and reliability. Congestion and interference are also more difficult to manage than in networks using licensed spectrum. 3.3.1.4 Unlicensed LPWAN Spectrum in the 900 MHz band used by LPWAN such as LoRaWAN and Sigfox use unlicensed spectrum regulated under 47 CFR Part 15, Radio Frequency Devices, as is Wi-Fi and Bluetooth. To use these technologies, airports do not need to get a license or authorization. They only need to ensure that the equipment they plan to use has received FCC certification.

Planning and Implementation Guidelines 133   In addition, the LoRa Alliance runs a certification program to ensure compliance with LoRaWAN specifications and maintains a database of certified products that airports can use to verify that the equipment they plan to use has been certified for the U.S. market. LoRaWAN uses open specifications developed by the LoRa Alliance, so any vendor can join the ecosystem and have its equipment certified. Sigfox also uses an unlicensed spectrum, but it is a proprietary technology, so airports must use an existing Sigfox network or work with Sigfox to deploy a private Sigfox network within the premises. Sigfox also operates a certification program to ensure that devices and modules comply with Sigfox’s specifications. 3.3.1.5 RFID and NFC These technologies also use unlicensed spectrum, regulated under 47 CFR Part 15, using the ISM bands. Airports need to ensure that the equipment they plan to use is certified by FCC and conforms to the Part 15 regulations, including the strict power limitations. The NFC Forum manages a certification program for NFC devices. 3.3.2 Licensed spectrum Table 30 indicates the spectrum management tasks when operating in licensed bands. Licensed spectrum requires significant effort to develop the regulations by which it will be used. FCC typically opens a Notice of Proposed Rule Making (NPRM) in response to multiple requests to use (or share) a given spectrum. The NPRM involves multiple iterations of public comment on the suitability of the spectrum for the new purpose, the technical requirements for the new use, the geographic coverage and time duration of each license, the methods by which licenses will be made available (typically some form of auction), how any incumbent users will be relocated to different spectrum (or protected by a sharing mechanism), and how new license holders must cooperate to avoid interference. Although the initial process is long, it is thorough and ultimately leaves little open to interpretation. Consequently, the venue manager’s role in spectrum optimization of the licensed spectrum should be virtually nonexistent, except as a user of the network or for influencing the adequate coverage of the facilities. 3.3.2.1 Cellular: 4G and 5G (Excluding CBRS) Almost all the spectrum used in cellular networks is licensed to a single operator in channels of varying bandwidth and for a specific area. Spectrum can be allocated in paired channels (one for downlink and one for uplink traffic) using frequency-division duplex or in single channels (with uplink and downlink traffic transmitted in the same channel) using time-division duplex TDD. The spectrum is awarded by FCC through auctions and is usually allocated to network operators that need it for wide-area coverage. It is difficult for airports to win licenses for these spectrum bands because they have mostly been allocated; they can be very expensive and available only for areas much bigger than the airport itself. Although an airport can lease spectrum in the secondary market from a licensee, Operators Use a public network or enter an arrangement with a spectrum holder to sub-lease spectrum (e.g., via a neutral host). Enroll with FirstNet; sign up for plans. Cellular 4G/5G FirstNet Table 30. Spectrum management tasks when operating in licensed bands.

134 Transformation in Wireless Connectivity: Guide to Prepare Airports in practice this is an unlikely scenario, as airports are high-traffic venues and operators need the spectrum for their public networks. However, airports can—and already do—use public networks for connectivity within their premises, for instance for staff communications and some IoT and other airport-specific ser- vices. Tenants also use cellular public networks in the same way. Airports may get dedicated access to these in-building- or venue-based networks to support specific services and appli- cations using SLA-based contracts. In the future, network slicing will increase the ability to allocate network resources to specific users and applications, thus indirectly allowing airports to have reserved access to licensed spectrum, but without needing a license. In these cases, the service provider is responsible for meeting all the regulatory requirements, and the airport is not involved in spectrum management. Increasingly, operators may want to install their infrastructure (e.g., DAS or small cells) in air- ports, using their own equipment or through a neutral host. DAS, small cells, and other neutral-host networks typically use licensed spectrum that has been allocated to a mobile or other network operator and that the airport does not control or operate. In this case, the neutral host or the entity that operates the network must get permission from the spectrum licensee to operate the network. Neutral hosts usually have relationships with operators that cover this, and the operator retains control of which spectrum assets are used at each location and how they are used (e.g., DAS or small cells). Because in most cases these networks are used to carry the operator’s traffic, the operator ultimately pays for the network infrastructure and operations. In most DAS networks, multiple mobile carriers participate in the network and share some of the equipment, but each uses its spectrum to carry its traffic. Although this reduces the differ- entiation among carriers (i.e., they share the network footprint and transport), it also results in cost savings and reduced complexity. In this case, each carrier deploys its own RAN to generate the signal source and allows the neutral host to deploy the DAS capable of operating the carrier’s spectrum. The two parties coordinate spectrum use to avoid interference between the indoor DAS or small-cell infrastructure and the outdoor macro cells. In these cases, the airport provides the real-estate footprint for the network, and thus, it does not need spectrum licenses. The operators or neutral hosts need to obtain from the mobile carrier the right to distribute the operator-provided signals with the real-estate footprint and comply with the relevant regulations. 3.3.2.2 Cellular: FirstNet FirstNet is a nationwide network dedicated to public safety that AT&T deployed. Airports can use the FirstNet network by enrolling and signing up for service plans for the devices that need access to FirstNet. The airport does not have control over the network and is not responsible for spectrum management. However, if the airport needs an in-building- or venue-specific network to complement the existing one, it may explore the deployment of an on-premises network (e.g., using small cells or DAS) with FirstNet. FirstNet also offers devices that work with the network. 3.3.3 Shared and Reserved Spectrum Table 31 indicates the spectrum management tasks when operating in shared and reserved spectrum. The regulatory framework for shared spectrum is based on full coordination through central- ized spectrum allocation systems. With a shared spectrum there is very little chance of interfer- ence, even with multiple networks deployed within the same venue footprint. However, without proactive intervention, all the available channels will likely be fully utilized over time.

Planning and Implementation Guidelines 135   The roles of the venue manager for shared and reserved spectrum are to develop a master plan that accounts for all potential users of the spectrum within the venue’s footprint and to find a mechanism to ensure all parties comply with the plan. The latter role is only possible if the CBRS spectrum management plan is a condition of each tenant’s lease agreement with the venue. 3.3.3.1 Cellular: CBRS In the United States, 4G and 5G networks can also be deployed in shared spectrum using CBRS in the 3550- to 37000-MHz band. This is the best opportunity for airports to deploy pri- vate networks using 4G and 5G technology. The regulatory framework for CBRS is technology neutral, so other technologies can also be deployed in the band; however, except for some pro- prietary solutions, all the hardware uses 3GPP-based technologies (4G and 5G). The CBRS regulatory framework was designed to increase the use of the spectrum and afford users such as enterprises access to cellular spectrum, alongside licensed use. The approach FCC has chosen for CBRS is innovative and may be fine-tuned over the next few years, but it is also more complex than that for the licensed and unlicensed bands. CBRS establishes a three-tier system for access. Incumbents (military, satellite, and fixed wire- less access operators) retain the rights to use the spectrum that they have acquired in the past, and they have priority over any other user. However, their use of the band is very limited, both geographically and in terms of traffic volumes. The second tier is reserved for PAL users, which have obtained licenses to use the spectrum through an FCC auction in 2020. The licenses are for 10 years and are renewable, and they are assigned on a per-county basis. Airports can identify the PAL users in their areas from FCC’s public database. If the spectrum allocated to them is not used by incumbents, they have priority access to their channels. Wireless operators have obtained licenses for most of the PAL channels. The third tier is open to all users, through GAA. At a minimum, 80 MHz of the band is reserved for GAA. Spectrum channels not used by the incumbent or PAL are also open to GAA, which works like unlicensed spectrum. In addition, there are exclusion areas (e.g., around satellite ground stations and military areas) where CBRS use is limited to the incumbents located there. Airports—if they control the real estate they occupy—have access to at least 80 MHz of spec- trum, and up to 150 MHz if no incumbent or PAL uses the spectrum, provided that the airport is not within an exclusion zone. Airports may also be able to coordinate access to CBRS with PALs by leveraging their control over who can install equipment within the premises. Other entities (e.g., tenants) also have access to the GAA spectrum and can deploy their own CBRS networks if the airport allows them to install the equipment within the venue. In this case, the CBRS net- works must coexist and share the available spectrum. To simplify CBRS adoption in enterprise and other private networks, all SAS vendors have been working with equipment vendors to integrate SAS connectivity into citizens broadband radio service devices (CBSDs). CBRS users do not need to deal directly with an SAS; in fact, they are not expected to, and, instead, they can simply select an SAS provider when they deploy the network and then pay a monthly fee to cover the SAS service. Because most vendors have CBRS 6 GHz AeroMACS P25/TETRA Spectrum Unless the airport has PALs, use GAA (unlicensed). Indoor—unlicensed. Outdoor—authorization process is not defined yet. Authorization process is not defined yet. Application to FCC for new networks. Equipment FCC certification, recommended OnGo certification. FCC certification. FCC certification, recommended WiMAX Forum certification. FCC certification, check product compliance to P25. Table 31. Spectrum management tasks when operating in shared and reserved spectrum.

136 Transformation in Wireless Connectivity: Guide to Prepare Airports relationships with more than one SAS, a CBRS user can use the same SAS even with equipment from different vendors or change the SAS without changing the equipment. Although it does not require a license, GAA requires users to register their equipment and its location, and use of the spectrum is dynamically granted by an SAS. Federated Wireless, Google, and CommScope operate SASs and they have partnered with equipment vendors so that users such as airports do not need to establish a direct relationship with an SAS and instead use the built-in options if they so choose. The SAS monitors the demand for spectrum use across the three tiers of users and assigns spectrum access rights on a near-real-time basis to users who request access. As a result, an airport that operates the only GAA network within its perimeter and is not within an exclusion zone will have reliable access to 80 MHz of spectrum, and up to 150 MHz when the PALs do not use the spectrum. If tenants have their own CBRS network, the SAS will allocate spectrum access to the airport and tenants, and they will have to share the spec- trum among them. Work is still ongoing to determine how the spectrum will be shared among multiple GAA users at the same location. When deploying a CBRS network, airports must ensure that the equipment has received the Wireless Innovation Forum (WInnForum) certification, which covers compliance with FCC regulations, adherence to WInnForum specifications, and the ability to coordinate access with an SAS. This certification is independent of the access technology chosen, so it is required for 4G, 5G, and proprietary solutions. In addition, CBRS coverage in outdoor deployments is limited by authorized transmit power from the radio station and the device. CBRS equipment is limited by FCC to a lower transmit power than other cellular networks, requiring more stations to cover the same area. There are chances that this will be revised, and higher power categories may be permitted in the short term. The OnGo Alliance (previously known as the CBRS Alliance) offers a second certification program specific to 3GPP technologies (i.e., 4G and 5G) that covers interoperability and perfor- mance. It ensures that the CBRS network can connect to users or IoT devices, at the expected levels of performance, across all certified device and infrastructure vendors. Both the WInnForum and the OnGo Alliance maintain databases of approved CBRS equipment and devices. In addi- tion, the airport must rely on certified professional installers for equipment installation and commissioning. Installer certification is managed by the WInnForum. 3.3.3.2 6-GHz Band FCC introduced a new regulation in April 2020 for the 6-GHz band that makes the band unlicensed in indoor environments (thus greatly increasing the spectrum available to Wi-Fi and subjecting it to a regulatory regime like that of the 5-GHz band), but shared in outdoor environ- ments, to accommodate the access rights of incumbent users. Low-power equipment can be used in indoor environments on an unlicensed basis. In this case, airports can deploy Wi-Fi 6e or other technologies using 6 GHz (5G NRU, for instance, in the future) indoors with low power by simply choosing compliant equipment (e.g., certified by FCC and by Wi-Fi Alliance under the Wi-Fi 6e certification program). If using outdoor and/or standard power equipment, the airport must ensure that the equip- ment uses AFC control. This ensures that the equipment does not interfere with the incum- bent use of the spectrum. The specifications for AFC are still in progress. The spectrum-sharing arrangement is different from that of CBRS. No licensed access comparable to PAL in the CBRS band is allowed, so spectrum-sharing is less complex because there are only two tiers of users (i.e., incumbent and unlicensed). Because legacy use in the 6-GHz band is fixed, unlike in the

Planning and Implementation Guidelines 137   CBRS band, AFC mechanisms will be different from those used by a CBRS’s SAS, so spectrum use assignment does not need to be dynamic, as it is for CBRS. These restrictions do not apply if the airport is an incumbent spectrum user for fixed micro- wave links. In this case, the airport must follow the power restrictions and other requirements according to its licensing terms. 3.3.3.3 AeroMACS FCC has reserved the 5000–5030 MHz band for aeronautical fixed communications on a primary basis, allowing airports to have priority access to these bands, in line with a global and harmonized allocation of the band by the ITU. Spectrum rights will be allocated to aeronautical users, but the requirements for airports to use this band are still under evaluation. It is not yet clear whether FCC will issue licenses to AeroMACS users, or, more likely, will have a more streamlined process to authorize users. Although AeroMACS has been trialed in the United States, it is not possible to deploy AeroMACS to airport-wide networks until FCC issues the relevant regulation. Once an airport has received the authorization to use AeroMACS and is ready to select the vendor(s), it should make sure the equipment has been certified by the WiMAX Forum, which has developed a certification program (WiMAX Forum-certified—AeroMACS) to ensure stan- dard adherence and interoperability. 3.3.3.4 Land Mobile Radio (LMR) P25 and TETRA use the same spectrum bands, but P25 is the technology primarily used in the United States. (TETRA is a European standard and it is used globally, including by some agencies in the United States.) P25 is mostly used by public-safety, security, and public services, but the use is not strictly restricted to these entities. Federal funding for LMR networks may require the adoption of P25. Airports can coordinate the use of P25 devices and networks with their safety units, such as police and fire departments, to improve access, if needed, or to extend access to a wider set of users if a network is already in place. If airports want to deploy a network, they need to apply to FCC for the band they intend to use (e.g., 150 MHz, 700 MHz, or 800 MHz), and this is usually done with an external engineering consultant. The U.S. Department of Homeland Security (DHS) runs a Project 25 Compliance Assessment Program (P25 CAP) that verifies equipment’s compliance with the P25 specifications from the Telecommunications Industry Association standard. Vendors can submit their equipment to the program, but they are not required to do so. Access to P25 and FirstNet networks may be combined if hybrid devices, which support both P25 and LTE, are used. Airports need to ensure that the devices work with the vendors and net- work operators (e.g., FirstNet). 3.3.4 Application-Specific Spectrum Use For some wireless applications, such as UAVs or security cameras, airports may decide to adopt a solution that relies on a network that may be proprietary to the solution vendor, a public network, or a network operated by the airport. In any of these cases, the operator must ensure that these applications comply with spectrum regulations and, where relevant, have received the required or the desired certification. In addi- tion to satisfying regulatory requirements, compliance with regulations and standards is crucial for the coexistence of technologies and to minimize and manage interference.

138 Transformation in Wireless Connectivity: Guide to Prepare Airports 3.3.5 Looking Ahead: The Future of Spectrum Regulation Spectrum is a limited resource that is increasingly in demand. To meet increasing connectivity needs, FCC and other regulators worldwide are changing their approach to spectrum policy by: • Increasing the efficiency of spectrum use and maximizing spectrum reuse by expanding spectrum-sharing and introducing more dynamic spectrum-sharing regimes. This allows incumbent users to retain access to their spectrum assets and other users to use the spectrum where and when the incumbents do not need it. • Facilitating the use of licensed, unlicensed, and shared spectrum in private networks operated by (or on behalf of) enterprises and venue owners, by allocating more spectrum to unlicensed use; expanding and encouraging spectrum-sharing arrangements; and allocating specific bands to enterprises, public entities, and verticals or use cases (e.g., AeroMACS). • Moving to allocations in higher frequencies, where bands are wider but signal reach is shorter, to increase the capacity density of wireless connectivity. These regulatory changes will make it easier for airports to have access to the spectrum to (1) connect people (including staff, tenants, and passengers); (2) support services and IoT appli- cations; and (3) accommodate the high-traffic loads, low-latency transmission, and high security that airports need. 3.4 Telecommunications Infrastructure Management This section describes best practices for managing the telecommunications infrastructure sup- porting wireless services. Methods for radio planning are discussed, together with processes and best practices for equipment procurement, installation and maintenance, and compliance with regulations. 3.4.1 Radio Planning Radio planning involves the determination of the number and type of wireless access stations, together with the location of such stations and their configuration (e.g., power limits). Although radio planning is a specific and complex task that depends on the propagation and traffic charac- teristics of the covered space and should be carried out as a specific study by a dedicated specialist, this section gives general guidelines on the radio planning process. 3.4.1.1 Space Characteristics in the Airport Each space to be covered by wireless services has its own characteristics. Below is a description of the areas in the airports that are candidates for service by wireless coverage. Terminal concourse Location. Indoor Radio propagation. NLOS, LOS (open spaces) User density. Dense, very dense (at gathering points like gates, concessions, or queues) User mobility. Stationary, mobile (pedestrian) The terminal concourse space holds the facilities used for landside and airside procedures related to the passenger. This includes passenger processing, checkpoints, and airport experi- ence services (shopping and dining). Concourse spaces are confined within buildings but are usually open, with high ceilings and few walls, which often allows for near LOS radio propaga- tion. This space holds passenger crowds, where users expect mobile connectivity through their devices (bring your own device; BYOD) for information and entertainment. Crowds are variable, but gathering points are well-defined: gates, concessions, and checkpoint queues. An increasing

Planning and Implementation Guidelines 139   number of stationary wireless devices is also present in the concourse to provide passenger services, tenant operation, sensing, and facility management. Ceilings and walls usually make optimal mounting locations for the terminal, with little addi- tional infrastructure required. The infrastructure density will need to consider the bandwidth requirements and frequency of operation. Depending on the radio’s frequency of operation, the environment may impact the propagation in different ways. The mmWave 5G frequency bands (5G DAS) will be more impacted by the environment around them and will have a shorter overall range compared with the lower frequencies and will require a higher density of transmitting stations. People movers/moving walkways, trains, buses Location. Indoor Radio propagation. NLOS, LOS (open spaces) User density. Dense, very dense (on trains and buses; linearly dispersed on walkways) User mobility. Stationary (people relative to vehicle or conveyance), mobile (e.g., people and vehicles relative to the airport). Because of the size of most airports, passengers, crews, and airport workers are moved through and between terminals using various means, such as moving sidewalks, trains/monorails, buses, and trams. On all conveyances, users expect uninterrupted wireless connectivity. Trains, monorails, buses, and trams all have high densities of people, in localized clusters, with people and devices entering and leaving the conveyances at a rate of hundreds to thousands per hour. On moving sidewalks and “people movers,” people and devices enter and exit spatially dis- persed parts of the airport; while on the sidewalk or mover, people are distributed according to a straight line, a statistical spread that is biased by the time of day, the scheduling and operation of flights, and support operations. Traveling passengers use BYODs; aircrews, airport staff, and workers may have BYODs or airline or airport-specific communication devices. The conveyances themselves use wireless systems for monitoring, control, and communica- tions; many current bus and train systems and some rail systems use human operators. However, 5G and other wireless systems will offer low-latency, high data bandwidth communications to support remote or autonomously piloted transport systems. Because transport systems must be intrinsically reliable, safe, and secure, the supporting wireless systems and infrastructure must be reliable, safe, and secure. Office spaces Location. Indoor Radio propagation. NLOS User density. Medium, dense User mobility. Stationary Airports have areas restricted to staff and used to host office facilities. These spaces are more enclosed than the terminal concourse and include corridors, working areas, and storage rooms. Thus, direct radio LOS is infrequent. Staff members use mobile and fixed wireless devices for personal and professional communications. The number and density of users are low and pre- dictable. Stationary wireless devices for sensing and facility management are also present here. Airports also contain office spaces for tenants, which can be in the main airport building or secondary buildings. Baggage/cargo areas and hangars Location. Indoor Radio propagation. NLOS, LOS (open spaces) User density. Sparse User mobility. Stationary, mobile (pedestrian)

140 Transformation in Wireless Connectivity: Guide to Prepare Airports Large, covered spaces are used for cargo shipment hold or baggage and to store aircraft that are unused or under maintenance. These spaces can be found both in the main airport building and other secondary buildings. These spaces usually have a low density of mobile users, although some heavy applications such as AR-based maintenance and repair can be used. These spaces often contain large-scale networks of sensors for asset tracking (e.g., baggage tag identification), sensing (e.g., temperature monitoring), and facility management (e.g., belt control). The infrastructure will have to accommodate moving asset tracking as well as a changing environment, as the baggage and cargo will always be moving. Apron Location. Outdoor Radio propagation. NLOS, LOS (open spaces) User density. Medium, dense User mobility. Stationary, mobile (pedestrian, vehicular) The apron or ramp is the airfield space near the boarding gates at the terminal concourse. Radio propagation is usually open but is easily blocked by obstacles such as boarding bridges, the terminal building, or aircraft. In this space, aircraft are subject to ground support operations during a turnaround. Usually, many staff and vehicles move around the surface near aircraft to perform these activ- ities, carrying mobile devices for communication or specific ground handling operations (e.g., baggage tagging). In addition, stationary wireless devices such as sensors, video cameras, and aircraft EFBs are active in this space. Unlicensed spectrum wireless technologies such as Wi-Fi can cover these spaces, but it is usual to find blind spots due to moving obstacles (e.g., aircraft wings and moving vehicles obstructing the line of sight). Parking, FBO, maintenance, and de-icing areas Location. Outdoor Radio propagation. NLOS (if sight blocked by moving aircraft), LOS User density. Sparse, medium User mobility. Stationary, mobile (pedestrian, vehicular) The airfield has designated areas for special aircraft operations, such as aircraft de-icing, hold- ing parking, and maintenance, and FBO operations such as fueling or cargo transportation. These areas are usually in direct line of sight, except where an aircraft blocks the sight. Variable numbers of staff and vehicles move around this surface to perform these activities. Stationary wireless devices in this area can include aircraft sensors, remote video cameras, and lighting systems. Runways/taxiways Location. Outdoor Radio propagation. NLOS (if sight blocked by moving aircraft), LOS User density. Sparse User mobility. Stationary, mobile (vehicular) Most areas of the airfield are dedicated to aircraft movement through taxiways and runways. These areas are usually in direct line of sight, except where an aircraft blocks the sight. Mobile users in these areas are restricted to aircraft (equipped with devices such as EFBs) and, in mainte- nance or emergency situations, other vehicles. Stationary wireless devices in this area can include taxiing guidance, aircraft sensors, remote video cameras, and lighting systems. The users inside aircraft on runways/taxiways are in difficult NLOS conditions where the signals can only come through the windows of the aircraft. Depending on where the users are

Planning and Implementation Guidelines 141   sitting in the aircraft, and the orientation of the aircraft with respect to the serving tower, the signal can be very weak. If the sensors on the plane must connect to the network before takeoff or after landing, there may be NLOS cases where the sensors are blocked by the actual aircraft. 3.4.1.2 Site Surveys Airports usually exist in locations with prior wireless and radio spectrum usage. Radio spec- trum and users are not static in time or location. Over the lifespan of an airport, the radio spectrum, licensing, users, and technologies will change. Therefore, airport planning, design, operation, and maintenance must anticipate and address the dynamic RF environment. Potential issues that may arise are: • Radio systems (e.g., AM/FM/TV, 5G cellular, radar/guidance, safety, and point-to-point two-way radio) operating in a spectrum near the spectrum of airport wireless or CNS systems may cause overload or interference. Adequate RF protection of equipment, in addition to proper spectrum usage planning, can mitigate interference with systems detected during a site survey. • Some radio systems, especially in CNS and disaster recovery applications, are licensed by FCC as high-power user equipment and will likely jam any lower-power system operating in the same or contiguous spectrum. • Noncommunication systems such as public announcement systems, motors, electric lights, and microwave ovens can emit spurious signals in the spectrum used by wireless systems. Adequate isolation of these systems usually solves this type of issue. To mitigate these problems, the spectrum should be surveyed before planning and design, during construction, and as a part of airport operation, management, and maintenance. The steps to be carried out in a spectrum site survey are: 1. Identify, by user identification and interview, the external spectrum that is used and may interfere or overlap with planned airport systems. 2. Develop a radio spectrum baseline for security monitoring and geolocating current or future interferers. 3. Characterize the radio spectrum baseline at the airport to enable on-site RF system failure detection and mitigation (e.g., look for radio emissions indicating wireless and electronics systems that require maintenance, repair, and replacement). 4. Monitor RF spectrum during airport operation to quantify the level of interference caused by external sources that may affect wireless devices and systems within the airport radio spec- trum baseline. It is also recommended to consider extreme RF events that are not easily detected in a site survey but are known to occur. These events, although rare, may cause large partial or total dis- ruptions of the wireless service. Examples of these events are as follows: • Solar, natural, or manufactured loss of RF services such as solar flares, coronal ejection, and high-power radio systems that disrupt/terminate satellite-based services (e.g., GPS, Iridium, and satellite-based Wi-Fi). • Weather events such as snow, fog, and rain that can affect the propagation quality of higher frequencies. • Lightning and electronic warfare weapons that can cause localized disruption/termination of very local RF systems (localized GPS, wireless sensor communications, cellular user devices and base stations, and guidance-navigation systems). • Kinetic events such as windstorms, tornadoes, and air and ground vehicle crashes into RF infrastructure.

142 Transformation in Wireless Connectivity: Guide to Prepare Airports During radio network planning, these events can be mitigated by redundancy in the radio access systems with automatic switchover and procurement of hardened RF systems (intrinsic EM safety and recovery). Though these practices increase the upfront installation costs, they reduce long-term maintenance expenses. 3.4.1.3 Radio Site Selection The selection of locations for wireless access stations (e.g., Wi-Fi APs, cells, and DAS antennae) will need to account for the throughput requirements, number of mobile users/devices, number of stationary devices, installation environment, and frequency of operation before installation. The main tradeoff to consider during site selection is the size of the covered area versus the traffic capacity serviced in that area. Radio coverage is a function of available signal power. Low-frequency bands have larger cov- erage areas compared with high-frequency bands due to lower path loss for a given distance and lower penetration loss through building materials. Throughput per base station is a function of the ratio of signal-strength to noise-and-interference level and frequency bandwidth allocated for a channel. The higher the signal-to-noise-and-interference ratio, the more data can be sent in less time. Also, the higher the bandwidth, the more data can be sent in a given period. However, the wider bandwidth also increases the noise and interference levels. A proper design is required to optimize the throughput. Capacity is a function of throughput and the number of users sharing the same channel from a base station. Small-size cells provide higher capacity in areas with high user densities, together with other benefits such as enhanced battery life and reduction of power consumption. However, more small cells are needed to cover a given area compared with large (also called macro) cells. Ideally, a radio network should integrate small and macro cells to deliver high per-user capacity and network coverage as needed in different areas. This approach also may improve the perfor- mance of the network by offloading traffic generated in hot spots. RF planning is relatively straightforward for outdoor spaces such as an airfield, where signal quality is an inverse function of the distance from the receiver to the radio station transmitter. However, detailed radio planning is critical for indoor spaces. Indoor spaces allow for designs in isolated environments; however, radio model predictions can be affected by microscopic aspects such as reflections and multipath. This is expected to become more extreme soon, as new com- binations of materials are used in airport buildings and higher frequency bands are used. Good indoor radio models include RF parameters depending on materials and shapes and also based on actual measurements. When executing radio planning and measurements, co-channel interference is a parameter that should be monitored. Co-channel interference appears when radio devices emit some power in frequencies near their operating channel, which in turn reduces the ability to communicate for devices operating in those channels. A typical case observed in airports is a degraded cell signal at the airfield (e.g., when passengers are in the aircraft) caused by a high density of DAS antennae in the terminal, transmitting in the same band. Another high-profile case is the poten- tial interference of mobile carrier 5G cellular signal in the C-band over airport CNS systems (radio altimeters) using a contiguous frequency. Usual good practices are to deploy radio stations of potentially competing wireless technologies at distances, or frequencies, separated enough to mitigate the effect of co-channel interference. For instance, agreements can be established with mobile carriers covering the airfield to avoid the frequencies used by the terminal DAS or by radio altimeters. Another technique involves planning the directionality of the radio station antennae (when not 360 degrees, or omnidirectional) to point competing devices in different directions. Finally, the procurement of devices equipped with filters that minimize co-channel interference

Planning and Implementation Guidelines 143   is always a good practice, if the potential additional cost can be assumed, or the performance of interfering technology can be reduced. Radio mounting sites can be initially selected based on the geometry of the buildings and deployment locations. Additional site surveys can be conducted in areas with complex location geometry, where the prediction of coverage may be difficult. After the deployment, further opti- mization may be necessary using the actual network. Usual mounting heights for radio equipment are 6 to 20 feet for indoor spaces and 15 to 40 feet for outdoor spaces, where cells are larger. A higher site location provides a larger coverage area. However, the site location cannot be arbitrarily high. Higher locations create larger coverage from a site, reducing capacity per user and increasing the potential for interference with nearby sites. Sites must be selected so that coverage is maximized while coverage overlap is minimized. An emerging source of interference is largely being created by the need to support separate networks in the same space on different (noncontiguous) frequency bands. As a result, antennae for different wireless systems are often placed close together. Strong RF signals can create inter- modulation products that can degrade the performance of the neighboring system. These issues are well known in military settings, where many RF sources are often crowded together on aircraft and ships. The same problems are starting to emerge in airport systems. The criteria for infrastructure selection will mostly depend on the application, devices, cost, and environment. It is important to consider how long the infrastructure technology will be in use. Sometimes, legacy wireless systems are installed in the selected infrastructure. Embedding radios in existing infrastructure (such as light fixtures) allows for hiding the radio from public view, but space may be limited. If the radio standards used in legacy infrastructure are supported by the user devices, they may coexist with the new infrastructure being deployed if they are in a different frequency. The legacy radio and the new radio will interfere with each other if they use the same or contiguous frequency and transmit at high power. This issue may be detected during the site survey. 3.4.1.4 Core Infrastructure The core infrastructure constitutes the communications resources (cables and network com- ponents) supporting the network functions in the RAN and transport network. In a typical installation (except in IoT technologies such as LPWAN, PAN, or RFID), a radio station needs power and a connection to the transport network. These are not always available in the best location for the AP. Autonomous solutions exist for power (e.g., solar panels) but are limited to devices with low-duty cycles. IoT devices are designed for low-power consumption and thus can rely on batteries that can last years before being recharged or replaced. Wiring is a more complex issue because the problem is not only the availability of connectivity but rather the capacity of available connections. The transport infrastructure depends on the physical wire technology, which is included in the overall IT strategy of the airport. The proper support of wireless networks should be considered when dimensioning the capacity of the back- bone network and planning for scaling up to support future demand increases. There are two families of infrastructure wiring technology: • CATx (copper-based Ethernet cable). Supports Gbps, with ensured traffic of Mbps per end- point; less expensive but requires upgrades and CAPEX when future technologies become available. • Optical fiber. Supports Tbps, with ensured traffic of Gbps per endpoint; more expensive, but future-proof.

144 Transformation in Wireless Connectivity: Guide to Prepare Airports Recent, more capable wireless access networks, such as 5G and Wi-Fi 6/6E, are encountering limitations in current backbone network technologies. CATx infrastructure incurs the risk of bottlenecks appearing in the backbone network that limit the end-to-end capacity of the wireless service. Consequently, deployments may be delayed or interim solutions must be found (such as 5G NSA using 4G core infrastructure), which cap the capacity benefits of the new technologies. To respond to the new requirements of wireless access networks, the general trend is to expand backbone infrastructure in businesses and venues to deploy optical fiber up to the radio station. Another industry trend with potential interest for airports is the use of wireless technologies to support the transport network. Some of these technologies are also wireless access technologies addressed in this guide, while others are technologies specifically designed for transport, also called fixed wireless access (Figure 34). The use of wireless transport is a cost-effective solution for large coverage areas because it avoids the deployment of fiber over long distances and mini- mizes the marginal cost of adding new devices in remote areas. However, these technologies are less capable than fiber and should be correctly dimensioned to ensure they meet the needs of the expected users in the covered area. Figure 34. Wireless technologies for transport network.

Planning and Implementation Guidelines 145   A very important aspect to consider when designing the core infrastructure is the ability to share infrastructure among networks. There are two categories of shared infrastructure: • Shared hardware equipment like network components and cable is usually shared per net- work segment in corporate IT systems implementing IP networks. That is the case for all wire- less technologies analyzed in this guide, except LMR. However, for RAN equipment itself, networks are physically separate and technology-dependent and offer little room for sharing resources. One exception is DAS, which are designed to share equipment called “headend” that processes the radio signals for participating mobile carriers and distributes them. This is by far the costliest part of the installation and is a cost that should be properly dimensioned during the planning phase for the number of subscribers to be served. • Virtualized equipment comprises network functions implemented by software for commodity, commercial off-the-shelf computing equipment. This approach offers the benefits of lower CAPEX and OPEX, faster deployment of new services, and increased network efficiency. Virtualization in transport networks is relatively mature, while virtual RAN (vRAN) is still in the initial stage due to its complexity. However, virtualizing RANs eventually provides higher network efficiency gains, especially to facilitate coordination among cells, for example, for interference mitigation. vRAN also allows network functions to be hosted in the cloud, with the associated maintenance benefits. From another perspective, an emerging trend in wireless core infrastructure is interoper- ability. Deploying RAN equipment that supports open interfaces enables multivendor systems, with associated benefits in cost-efficiency and flexibility. The O-RAN Alliance and the Telecom Infra Project (TIP) OpenRAN are working together to promote the disaggregation of radio pro- cessing functions in RAN. This allows vendors to concentrate on parts of the network within their range of expertise, while the smaller pieces have lower barriers to entry, thus broadening vendor diversity. Open RANs do not necessarily have to be vRAN, although it is expected that many will be. Other formulas targeting wireless service providers to share resources are shared spectrum (focused on increasing overall spectrum utilization), neutral-host deployment models (distributing public cellular signal through DAS and soon likely to interface with private cellular networks), and OpenRoaming (seamless access across Wi-Fi and cellular networks). 3.4.2 Procurement, Installation, and Maintenance of Wireless Systems Before procuring any wireless infrastructure, it is important to understand the planning phases for deploying a robust infrastructure that can quickly adapt to technology evolution and growth in demand. The planning phase should consume most of the project time, and at a mini- mum, should include the following activities and resources: • Gathering requirements may be the most challenging part of deploying wireless infrastruc- ture. Compiling an accurate number of devices and how they will be used will help determine the number of APs, utilization, coverage, and capacity required. • Consulting stakeholders will also yield abundant information that will help define the requirements and indicate what they expect from the infrastructure, from using one or two wireless devices to having a completely wireless environment. • During the planning phase, auditing the current network infrastructure will assist in defin- ing budgetary requirements. In addition, auditing the existing infrastructure will assist in determining infrastructure requirements before implementation, such as cabling require- ments or network device capacity. • Performing a wireless site survey will ensure the support of a minimum data rate or through- put. The goal of implementing a wireless infrastructure is to provide adequate signal coverage

146 Transformation in Wireless Connectivity: Guide to Prepare Airports throughout the environment. A wireless site survey will relate the required performance to a value and detect RF and electromagnetic interference coming from other sources that could degrade the performance. 3.4.2.1 Supplier Strategy Suppliers can accommodate a wide variety of network requirements and licensing and host- ing arrangements. Suppliers can provide services for standard and nonstandard equipment from procurement through installation, implementation, and support. There are four main types of suppliers: • Value-added reseller (VAR). An IT product manufacturer supplies IT products to VARs that sell directly to consumers. VARs sell the products and incorporate certain added features and/or services. For example, to purchase products directly from Cisco, a company will need to engage in Cisco’s Channel Partner Program to become a VAR. One of the advantages of using a VAR is the potential for increasing repeat business because of the other services they provide. A VAR can also act as an IT service provider, IT system integrator, or both. One of the most significant disadvantages is the lack of control of costs for the products. Manufac- turers try to offset this by offering specialized discounts to their VARs, allowing VARs to gain greater control of the prices they can charge their customers. • Electrical low-voltage contractor. These contractors specialize in installing, maintaining, and repairing low-voltage equipment, components, and systems. Examples of low-voltage components and systems include CCTV, cable and digital television, fiber optic networks, LANs and WANs, and fire and security alarm systems. • IT service provider. An IT service provider is a vendor that provides solutions and services to end users and organizations. An IT service provider usually does not require the purchase of products from an IT product manufacturer. Instead, they focus on the implementation, management, and operations of the products. However, the IT products may also be bundled into the service being provided. Examples of services offered by these providers include system/ service hosting, cloud-based services, storage, and software as a service (SaaS). • IT system integrator. An IT system integrator implements enterprise-wide IT applications within an organization. They manage the deployments through the entire life cycle, includ- ing software, hardware, networks, and hybrid IT installations. They also play a pivotal role in analyzing, identifying, designing, and integrating the solution the IT application is being designed for. IT system integrators primarily deal in the deployment and integration of wire- less functionality to the enterprise network. Regarding supplier diversity, the airport can adopt a strategy of using a single supplier or of using multiple suppliers; both strategies have advantages and disadvantages. In most cases, organizations avoid using a single supplier due to the risks of the supplier experiencing financial, sourcing, or inventory issues. However, maintaining relationships with multiple suppliers has its own set of challenges. A specific case is a two-vendor model, where the airport establishes separate arrangements with the network provider and with a second vendor that monitors the network performance and recommends improvements. This neutral entity reduces the airport’s dependency on the owner of the technology, who may be interested in minimizing their main- tenance costs. The pros and cons of each option are illustrated in Table 32. Negotiation with suppliers should be approached holistically by establishing a performance- based framework. To assist in building this framework, there needs to be a full understanding of the business and supplier drivers and objectives, successful relationship management, the defini- tion of positive outcomes for both parties, and the creation of an evaluation and assessment plan. This includes cost management, communication, customer support, timely deliverables, quality of products and services, and reduction of risk in the supply chain. ACRP Legal Research Digest 43:

Planning and Implementation Guidelines 147   Legal Considerations for Telecommunications at Airports provides complementary guidance on the management of wireless technology and service suppliers at airports (Cusson 2021). 3.4.2.2 Procurement and Installation Processes The procurement process is the overall framework, and the purchasing process focuses on obtaining goods and services. Formalizing the purchasing process mitigates rogue spending, fraud, theft, and other pitfalls. When defining the purchasing process, it is also important to: • Create an efficient and effective buying process with successful supplier relationship manage- ment supported by clearly defined SLAs. • Optimize supply chain management and sourcing. • Optimize procurement cycles. • Ensure accurate audit trails. • Define a process that can be applied across the organization. SLAs establish the objectives of the relationship between the airport and its wireless service suppliers. SLAs are derived from customer requirements set in the procurement process and formalized in the contract between the airport authority and the provider. An SLA sets expecta- tions for all parties, procedures for verification and enforcement, and sufficient detail to derive implications for electronic equipment purchase and network architecture. The SLA should detail specific expectations of the service performance for different types of applications (e.g., passenger, operation, safety-critical), and involve the department responsible for the applica- tion. Provisions for emergency or backup communications in irregular operations should be included in the SLA, including the potential reduction of certain services for the prioritization of others. ACRP Legal Research Digest 43: Legal Considerations for Telecommunications at Air- ports provides comprehensive guidance over SLA for telecommunication services in airports (Cusson 2021). The automation of the procurements process leads to efficiency and streamlining of the pro- cess, which will allow procurement teams to focus on more important aspects of the procure- ment life cycle. Historically, the processes have not been automated due to the number of users and systems involved. There are several advantages to automating the process which will opti- mize purchase requests, approvals, and order placement and mitigate delays. Single supplier Multiple suppliers Advantages Simplified relationship management. Administrative cost reduction. Leverage volume to influence pricing. Efficiency in integrations of systems and services. Improved project/inventory control to meet requirements. Mitigates the impact of the loss of a supplier. Leveraging competition to reduce costs. Managing inventory fluctuations and disruptions with choice of suppliers. Two-vendor model: independent providers of network and monitoring functions. Disadvantages Negative impact on an organization’s reputation. Negative impact on market competitiveness. Product inventory availability. Supplier dependence. Information sharing is less straightforward and can present risks. Insufficient competitiveness between suppliers due to lower volumes. Supplier responsiveness, due to the suppliers’ stake, is in the buyer’s business. Longer delays in contract negotiation, management, and execution. Table 32. Advantages and disadvantages of single supplier versus multiple supplier strategy.

148 Transformation in Wireless Connectivity: Guide to Prepare Airports Within the realm of inventory management, maintaining spare parts is unavoidable and should be defined in a sensible, efficient, and practical manner. A well-defined spare parts management system increases support personnel’s productivity, reduces unplanned downtime, and positively impacts finances. When defining a parts management plan, some of the things to consider are compiling a comprehensive parts list, prioritizing spare parts, procurement lead time definition, proactive maintenance, automating monitoring processes, and implementing security measures. IT asset management provides complete visibility into the IT infrastructure inventory and helps organizations improve infrastructure efficiency and performance. IT asset management involves an in-depth understanding of: • Existing systems and equipment. • Locations of the components and how they are used. • Costs. • Deployment dates. • End of support/end-of-life dates. • Impact on services. Wireless equipment installation needs to be performed by IT-certified specialists. Some tech- nology or spectrum-specific certifications may be also needed (e.g., CBRS certification). For complex wireless access technologies, equipment suppliers also provide radio planning and installation services. For consumer-oriented systems such as IoT, the user is responsible for the location and configuration of the equipment following directed manuals. In all cases though, personnel with knowledge of the existing wireless and backbone communication infrastructure at the airport must participate in the installation (either airport IT staff or an IT integrator). This is important to ensure the right access configuration for wireless users to the enterprise and visitor services in the network, with the appropriate security access rights and application traffic configurations. Notably, wireless systems depend not only on wireless infrastructure but also on building structures in the covered space. Walls in concourses can be constructed with materials that either block or pass RF and wireless signals, often blocking desired signals and creating blind spots. This will be an increasing issue as systems move to 5G mmWave; the propagation of 28- to 44-GHz signals will be significantly different from the lower frequency (sub-6 GHz) 5G and other wireless signals. However, it is also possible to use the design of the walls to establish or isolate RF spaces, which can mitigate interference and improve overall wireless system operations. These building techniques are understood for acoustic engineering and abatement and security applications; for example, the design of RF-shielded facilities (sensitive compartmented information facilities). When incorporated during the design and initial construction, acoustic, security, RF, and other technologies can be incorporated at a modest expense (compared to later upgrade). 3.4.2.3 Equipment Maintenance Network maintenance involves those tasks that network administrators perform periodi- cally for the upkeep of the network. Many of the maintenance requirements and recommenda- tions come from the manufacturers of the products. To properly define a maintenance plan, it is important to prioritize the products by the services provided. Once prioritized, a preventive maintenance schedule can be created to balance the manufacturer and business requirements. They are best controlled by defining daily, weekly, and monthly maintenance plans. Some other considerations when defining a maintenance process should include but are not limited to: • Testing high availability (HA) configurations. • Developing configuration and change management processes.

Planning and Implementation Guidelines 149   • Maintaining robust network inventory. • Maintaining an accurate configuration management database (CMDB). • Development of automated configuration compliance checks. • Proactive network monitoring. • Periodic security release reviews. • Robust capacity planning. It is cost-effective and very desirable to perform RF maintenance and testing of wireless systems in airports. A properly defined maintenance plan will assist in the reduction of down- time. Tracking equipment uptime and downtime is best performed by a network management system. Properly defining scheduled maintenance tasks and time frames in the network manage- ment system will exclude them from the calculations. Preventive maintenance helps to identify weaknesses in the IT infrastructure and provides an opportunity to correct these weaknesses before they are allowed to break, causing damage to the rest of the system. Because proactive maintenance is often done on critical assets important to production, no solution exists other than pausing normal production operations until the repairs/inspections/upgrades are done. Preventive maintenance includes testing backups on a scheduled basis to ensure the data is secure, backed up, and duplicated on and off site for maximum protection. This can also assist with maintaining the systems, so security vulnerabilities are identified as they occur and not as they are exploited. To properly plan scheduled maintenance, it is important to communicate changes with all stakeholders and define scheduled maintenance windows. It must be noted that network performance oversight requires the dedication of personnel resources with adequate skills. When an airport commits to owning and directly maintaining a wireless network to target complete control of the system, personnel with specific radio planning and wireless networking monitoring expertise is required. This becomes a challenge as these are highly specialized and costly resources, which in addition need to be regularly trained to be up to date with changes in technology. Another hidden cost is the liability risk, as the air- port IT department becomes fully responsible for maintaining the system up and running. On the other side, a hands-off approach where different airport stakeholders maintain their own networks removes this cost, but the potential for interference is greater. A common solution is to rely on third-party providers to run and maintain the system on behalf of the airport. This approach balances the responsibility and need for expertise, while the airport authority can retain visibility on the network performance and direct decisions on configuration and upgrades required. 3.4.3 Regulations and Standards Applicable to Wireless Infrastructure 3.4.3.1 Electronic Equipment The Radio Technical Commission for Aeronautics (RTCA) is a standards association devel- oping common specifications for the use of electronic equipment in aviation. Some of RTCA’s standards affect radio equipment deployed in airports to support wireless use cases or tech- nologies described in this guide (Table 33). In addition, FCC requires multiple channels to implement Dynamic Frequency Selection (DFS) and transmit power control measures to avoid the potential for interference with other radar systems that share their frequencies. The belief that the DFS channels should be avoided to protect radar is a misunderstanding of the FCC’s intentions. The FCC wants to see the spectrum used effectively. The DFS and transmit power control mechanisms are designed to give adequate protection to radar systems.

150 Transformation in Wireless Connectivity: Guide to Prepare Airports 3.4.3.2 Installation and Construction in Airports Per 14 CFR Part 77, Safe, Efficient Use, and Preservation of the Navigable Airspace, airports that receive federal funds are obligated by their grant assurances to identify and mitigate hazards to navigable airspace at their airport. Construction or alteration of objects on or around an air- port can have adverse impacts on operations; therefore, any person/organization who intends to sponsor any construction or alteration, permanent or temporary, on or near an airport must file a Notice of Proposed Construction (i.e., Form 7460-1) to FAA Airports Division online at https:// oeaaa.faa.gov/. Airport owners and operators should assure that all improvements are evaluated and approved by FAA before the commencement of work. Under 14 CFR Part 77 § 77.9, any construction or alteration located on a public-use airport or heliport regardless of height or location must submit a Notice of Proposed Construction to FAA. This includes facilities that would not only physically impact runway approach minimums, runway protection zones, and obstacle-free zones, but also those facilities where the transmitting frequency could impact the operating frequencies of airport or aircraft systems, both crewed and uncrewed. This includes, but is not limited to: RTCA standard Relevance DO-221–Guidance and Recommended Requirements for Airport Surface Movement Sensors Guideline for installation and operation of sensors located in airport taxiways. Relevant for specification of performance requirements if sensors communicate via wireless systems. DO-230A–Standards for Airport Security Access Control Systems Introduces Access Control Systems' purpose, scope, goals, operational requirements, system performance, access media, and hardware. Limitations on wireless interfaces may affect the suitability of access control applications. DO-345/346–Aeronautical Mobile Airport Communications System (AeroMACS) Specifies communication profile and minimum performance requirements for AeroMACS system and operation in airports. DO-155–Airborne Low-Range Radar Altimeters Guideline for airborne low-range radar altimeters, essential for safe takeoff and landing at airports. RTCA Paper No. 274-20 assesses the 5G interference impact on such altimeter operations. Work is ongoing to publish updated DO-155 recommendations. Table 33. Relevant RTCA standards. Airport sponsors failing to comply with 14 CFR Part 77 provisions are subject to a Civil Penalty under Section 902 of the Federal Aviation Act of 1958 as well as the temporary or permanent cessation of federal and state transportation funds. Therefore, it is recommended that at least 3 months before the planned construction or installation of fixed or temporary facilities that the Airport sponsor or representative submit the required paperwork and coordinate with the FAA. Under optimal conditions, it takes FAA approximately 45 business days to render a decision and • Antennae • AWOS/ASOS • Buildings/structures • Elevated signs • Electric charging stations • Cellular and wireless systems • Solar panels and wind turbines • Fences • Light fixtures • NAVAID owned or operated by the FAA • Counter UAV detection and/or mitigation equipment (if approved for use at the airport) • National Weather Service facilities • Power and cable lines • Radio • Roadways • Storage tanks • Towers • Construction equipment • Staging areas • Stockpiles of construction or other related materials

Planning and Implementation Guidelines 151   provide comments. If the application is denied, applicants should work with FAA to determine an alternative solution, which could take up to 1 year. Antennae, towers, pole structures, and other equipment associated with wireless infrastructure must not be in the runway safety area, according to FAA Engineering Brief 79A. The structures and equipment must comply with FAA object clearing requirements according to AC 150/5300-13A Airport Design Chapter 306, Object Clearing; and 14 CFR Part 77. If the structure is deemed to be a potential hazard to air navigation, obstruction lighting and marking applies according to AC 70/7460-IL, Obstruction Marking and Lighting. According to AC 150/5300-13A, Airport Design, FAA has strict design guidelines via stan- dards and orders for the design and construction of the infrastructure that houses communica- tion equipment and the placement of underground communication and power cables. Details can be obtained by contacting FAA Technical Operation Offices. The following are related references: • Specification FAA-C-1217, Electrical Work, Interior. • Specification FAA-C-1391, Installation and Splicing of Underground Cables. • Standard FAA-STD-019, Lightning and Surge Protection, Grounding, Bonding and Shielding Requirements for Facilities and Electronics Equipment. • AC 150/5370-10H, Standard Specifications for Construction of Airports. The installation and construction must follow airport construction rules and regulations (federal, state, and local). For 14 CFR Part 139 airports, the airport needs to submit a con- struction safety phasing plan (CSPP) to FAA for review and airspace determination according to AC 150/5370-2 Operational Safety on Airports during Construction. This is mandatory for projects funded by AIP grants. It is not required but is recommended for non-certified airports. The installation/construction contractor needs to develop a Safety Plan Compliance Document (SPCD) that details how the contractor will comply with the CSPP. CSPP and notification of construction activities (Form 7460-1) should be submitted online at https://oeaaa.faa.gov/oeaaa/external/portal.jsp. A Safety and Phasing Plan Checklist is provided in AC 150/5370-2 Appendix 3. Airports also must file Form 7480-1 with FAA when the installation/ construction happens at the airport. 3.4.3.3 Safety and Security Personnel associated with the wireless infrastructure at commercial service airports, both installation and operation, must comply with rules and procedures specified in the Airport Secu- rity Program according to 49 CFR 1542, Airport Security. This would include, but is not limited to, criminal history records check (CHRC), TSA security threat assessment (STA), and other credentialing requirements. According to FAA Advisory Circular (AC) 150/5200-37, Introduction to Safety Management Systems (SMS) for Airport Operators (FAA 2007), SMS include risk assessment, safety assess- ment, safety assurance, safety policy, safety promotion, and safety risk control, among other elements. Introduction and implementation of new wireless infrastructure systems should follow the safety assessment processes/procedures and acceptable mitigation methods established by the airport’s SMS and specified in the airport’s SMS manual (if applicable). For example, if the wire- less system is to be used for taxiing guidance, the SMS process would include identifying any potential hazard from lost wireless signal or other malfunction, assessing and analyzing the associated risks, and specifying measures to mitigate the risks. These elements would include personnel, hardware, software, information, procedures, facilities, and services.

152 Transformation in Wireless Connectivity: Guide to Prepare Airports 3.4.4.4 Impact on Environment and Human Health Wireless providers are required to comply with FCC environmental rules, including 47 CFR § 1.1307 and 47 CFR § 1.1311 (i.e., “environmental information to be included in the environ- mental assessment [EA]”). They are required to review their proposed actions for environmental consequences. If their proposed action falls within one of the categories listed in 47 CFR Part 1 Subpart I § 1.1307, § 1.1308(a) requires the provider to consider the potential environmental effects from its construction of antenna facilities or structures and disclose those effects in an EA and file the review with FCC. FCC provides a checklist for EA. Wi-Fi equipment emits RF electromagnetic fields, which is a type of non-ionizing radiation. An RF electromagnetic wave has both an electric and a magnetic component (electric field and magnetic field). Volts per meter (V/m) could be used to express the strength of the electric field, and amperes per meter (A/m) could be used to express the strength of the magnetic field. A com- monly used unit for characterizing the total electromagnetic field is power density. Power density is defined as power flow per unit area and is commonly expressed in terms of watts per square meter (W/m2), milliwatts per square centimeter (mW/cm2), or microwatts per square centimeter (µW/cm2). FCC exposure limits are depicted in regulation FCC 96-326. Measurements made near typical cellular installations, especially those with tower-mounted antennae, have shown that ground-level power densities are thousands of times less than FCC limits for safe exposure. This makes it very unlikely that the public could be exposed to RF levels exceeding those in the 47 CFR Part 1 guidelines. For 5G, there is also a lack of evidence on the environmental and health impacts of 5G (Miller et al. 2019). FCC does not routinely monitor the exposure levels at the sites of transmitters. In addition, FCC does not routinely perform RF exposure investigations unless there is a reasonable expectation that FCC exposure limits may be exceeded. When cellular antennae are mounted at rooftop locations, ambient RF levels could be greater than those typically encountered on the ground. Such levels might become an issue for main- tenance or other personnel working on the rooftop. Exposures exceeding the guidelines levels, however, are only likely to be encountered very close to, and directly in front of, the antennae. In such cases, precautions such as time limits can avoid exposure exceeding the guidelines. Indi- viduals living or working within the building are not at risk. 3.5 Cybersecurity Planning This section presents a cybersecurity planning guide for wireless technology at airports. It illustrates the increasing cybersecurity threats associated with the adoption of wireless and smart technologies at airports, overviewing the extended attack surfaces and describing the counter- measures to be considered when deploying more wireless and smart technologies in the airport. Although many aspects of cybersecurity are associated with wireless and smart technologies, the issue is still under the broad protection structure of airport cybersecurity and airport security in general. ACRP Report 140: Guidebook on Best Practices for Airport Cybersecurity (Murphy et al. 2015) provides comprehensive guidelines: It defines cybersecurity in airports and explains why airport cybersecurity is a subject of growing importance, describes how to address the cyber- security needs of an airport, identifies the vulnerabilities in airport systems, and specifies the countermeasures that should be maintained to respond to the attacks exploiting such vulner- abilities. In addition to outlining the overall security approach at the airport, ACRP Report 140 reviews the primary requisite activities following the NIST Framework for Improving Critical Infrastructure Cybersecurity (NIST 2018) (i.e., identify, protect, detect, respond to, and recover from cybersecurity attacks). For airport managers seeking general guidelines for airport cyber- security, ACRP Report 140 is recommended.

Planning and Implementation Guidelines 153   Through real-time monitoring, control, and analytics, smart airports empowered by wire- less sensor networks dramatically improve their performance in all aspects of their operations, enabling remote access to services and promoting interoperability. One legitimate concern associ- ated with this improvement is that the airports’ operational reliability can be greatly affected by cyberattacks on airport infrastructure. Limited computational and power capacities of wireless sensors and devices make it more difficult to shield them against cyberattacks, and some IoT devices have inherent security flaws by design. At a more basic level, it is reported that many users of such smart devices do not change the default credential settings, deteriorating security protec- tion. In an airport built on a web of wireless sensors and actuators, the potential for damage and the cascading effect that cyberattacks can introduce on operational reliability is highly significant. Broadly described, the risks in the operational reliability of airport systems and subsystems can be categorized into four areas: • Operational maintenance. For example, compromising a runway health scanning sensor network may lead to an aircraft accident. • Operational efficiency. For example, compromising and disabling the self-check-in system can cause extreme commotion in the airport check-in process. • Operational management. For example, attacking the RFID luggage locators can lead to pre- cipitation of productivity; compromising video surveillance may allow unauthorized entry. • Services augmentation. For example, attacking the Wi-Fi- or Bluetooth-based devices for indoor airport navigation can degrade rather than upgrade services for passengers). In the aviation industry, safety is an ultimate requirement, and no technology can be adopted if it compromises safety. No wireless and smart technologies that outstrip the security capabili- ties of the airport and airlines should be adopted regardless of their efficiency and productivity. However, as wireless technologies and IoT systems are widely adopted in the aviation and airport industry, the attack surfaces exponentially grow, and concerns for cybersecurity challenges are rapidly increasing. The recommendations and best practices identified in ACRP Report 140 are fully applicable to wireless networks and services in an airport. Wireless communications are an integral part of IT systems. Thus, airport managers should dedicate effort and resources to maintain an inventory of assets to be protected and their vulnerabilities, implement policies for data use and protection, continuously train staff, and put in place systems for monitoring and responding to threats in the network. Wireless systems introduce a new surface of attack through the radio interface. Because wire- less technology is based on the premise that wireless devices are everywhere and have omnidirec- tional coverage, wireless technology is highly vulnerable to reception and monitoring. Likewise, hostile transmitters, either spoofing or jamming, can be detected, localized, and countered in a way that removes them from the network. Another specific aspect of wireless networks relates to the consolidation of the wireless market into a national or global scope of service providers (mobile carriers and neutral hosts), which affects the security governance of the system. The control and management of some wireless systems can fall outside the scope of enterprise IT. Therefore, the protection of the attack surface and affected assets is controlled by another party, which has clear benefits but requires an align- ment of the security policies to those of the service provider. 3.5.1 Security Challenges in Wireless Technologies Despite its unquestionable benefits, the increasing adoption of wireless connectivity exposes airport operations to rapidly evolving cybersecurity risks. The significance of such risks intensifies

154 Transformation in Wireless Connectivity: Guide to Prepare Airports with the associated trend of BYOD, e-Enabled aircraft, and GateLink systems between airports and airplanes that could cause cascading disruptions to multiple stakeholders. The highly con- nected smart technologies make cybersecurity central to airport operations. The adoption of smart technologies alters the dynamic of airport operations by introducing the associated wireless subsystems regulated by interconnected smart sensors and actuators that continuously and efficiently respond to various environmental triggers. However, such augmen- tation of remote management capabilities evolves together with new types of security threats, increasing the susceptibility to attackers. The five main attack surfaces for wireless systems at airports are discussed below. 3.5.1.1 Radio Interface Wireless networks operate in RF, which creates a new potential security attack surface. In con- trast to wireline networks, wireless networks do not have a confined physical layer of communi- cation; thus, any device within the radio coverage range can, if able to decode the communication protocol used, potentially receive and respond to other devices in the network. A malicious device can scan wireless communications in the environment for reconnaissance. If the attacker obtains access to the network (or has it as an insider attacker), it can use net- work sniffing to identify components, resources, and protections in the network. This includes resources that are not wireless because once the attacker is in the IP network via the wireless interface, they may be able to access other subnetworks if unimpeded. Ultimately, obtaining access to data channels that organizational staff use to transmit information allows the attacker to collect or modify sensitive operational information. Wireless interfaces are also vulnerable to jamming attacks. In jamming, an attacker interferes with wireless communications. Jamming is done by emitting a high-power signal in the fre- quency channels used for communication in the targeted wireless interface. All these attacks can be carried out by small, portable (backpack-size) open-source wireless base stations able to capture radio signals in a coverage area and decode certain wireless technol- ogy protocols. 3.5.1.2 Bring Your Own Device (BYOD) BYOD practices, where passengers use their devices to connect to the internet either on the ground or during flight, pose a threat to airport operation systems. This design introduces the attack surfaces by which adversaries can exploit the passengers’ devices to bypass security mea- sures and compromise internal networks and system devices. Airports are also notorious for having fake free Wi-Fi hotspots that attempt to gain unauthorized access to passengers’ personal information. By allowing employee BYODs and USB dongles to connect to enterprise and airport opera- tions services, airports become more vulnerable to malware attacks. Employees’ devices infected with malware may become vectors of malicious attacks enabling adversaries to access operational systems. Such incidents took place at Vienna Airport in 2016. Like that of any other organization, the airport operation center is a target of common cyber- security threats performed via USB, botnet, social networks, cross-site scripting Web, spear- phishing, and insider threats. Phishing, a form of social engineering, is typically carried out by spoofing (email or SMS) that tricks the recipients to enter information (e.g., a password or other data that can be used for authorization clearance) at a fake website (i.e., pharming site) that mas- querades as the known, legitimate one, followed by a privilege escalation attack to take control over hosts. The degree of damage can vary depending on the level and type of privileges of the compromised target and the motivation of attackers (i.e., ransom, data breach, or terrorism).

Planning and Implementation Guidelines 155   Insider attacks are malicious actions performed by legitimate network users with certain access privileges. They may be disgruntled employees, contractors, consultants, agency staff, or temporary staff. An action performed by a person who inadvertently causes harm also can be considered a subcategory of an insider attack. The intruders attempt to perform privilege escala- tion to gain higher-level permissions, bypassing the proper authorization channel by exploiting misconfigurations, bugs, weak passwords, and other website vulnerabilities. Importantly, insider attack is often adopted as a key infiltrating method for Advanced Persistent Threat (APT), which is a sophisticated, systematic cyberattack program that continues for an extended period, often orchestrated by a well-funded malicious group. The intention of APT attacks that exploit insiders’ accounts is to monitor network activities and steal critical data such as airport vulnerabilities and operation data or passengers’ personal information, the loss of which may cause serious consequences or severe penalties. In a denial-of-service (DoS) attack, adversaries acquire attacking sources such as a network of infected machines (botnet) with which to generate a massive number of service requests to freeze the servers that use the IP addresses owned by the target airport. When the attack is suc- cessful, data critical to airport operation will not be updated (e.g., weather forecast data used for guiding aircraft), or dedicated networks of Airport Operation Centers can be disturbed and become unavailable. 3.5.1.3 Airport Asset Tracking, Monitoring, and Control Small- to middle-range wireless technologies such as RFID, Bluetooth, and Zigbee commu- nicate with the sensors connected to the specialized assets (e.g., ground handling and refueling equipment) to maximize operational efficiency. Attack on these wireless networks, manipulat- ing the sensors, or spoofing the positions could seriously damage such command-and-control operations as baggage handling, aircraft maintenance, and automated equipment monitoring systems on the runway. RFID, adopted in the luggage handling process, promotes efficiency by reducing lost luggage and mishandling. A centralized software-based system regulates the handling system, and its processing information can be accessed through a web-based or a handheld interface. Adversaries may target the network and control system and shut down the conveyor belts through a DoS attack or re-direct potentially dangerous luggage to be loaded on an aircraft by manipulating the screening system (e.g., a false negative alarm). Because RFID chips tend to have limited encryp- tion and storage resources, they can be vulnerable to cloning (copying the data to an attacker’s chip), eavesdropping, spoofing, or deactivation attack. The security threats to Bluetooth include eavesdropping, man-in-the-middle (MITM), and DoS attacks. The attacker may intercept the BLE pairing process, generate encryption keys, and eavesdrop and manipulate communication messages between devices. Also, the availability of Bluetooth systems can be breached by DoS attacks where the adversary floods the system with constant retransmission of negative acknowledgment or by battery exhaustion attack by increas- ing the target’s power consumption. Sensor networks that optimize the janitorial system (e.g., temperature control, automatic flushing of airport restroom) and staff management (e.g., informing janitorial staff of equipment damages for swifter repairs) can also be a new type of attack surface. Adversaries may tamper with the sensors that can activate or disable the functions of janitorial devices such as toilets, faucets, and hand dryers and misinform the janitorial staff. Wireless state-of-health indicators (such as smart thermostats, occupation monitors, lighting monitors, and other building process sensors) can be monitored to determine the occupancy and operational status of rooms, buildings, facilities, and systems; this pattern-of-life information

156 Transformation in Wireless Connectivity: Guide to Prepare Airports can reveal intelligence on facility occupancy, vacancy, and even monitoring, and enable a hostile adversary to plan incursions, attacks, or distractions. Replacing the conventional inspection for monitoring the airfield environment, airports adopt wireless monitoring equipment such as RFID chip-based tarmac heat sensors, aircraft movement monitoring and guidance sensors, remote environmental monitoring stations, and drones that use light-based detection technologies relying on Zigbee, Bluetooth, or LPWAN for communication to control platform. Attacks that target these monitoring systems using drones, MITM, or data spoofing can have catastrophic consequences leading to severe accidents involving landing aircraft. IoT-based lighting systems enhance operational efficiencies by connecting runway lighting to control on-and-off and monitor failures. But it can enable the adversary to turn the runway lights as well as the building lights on or off, disable them, or exploit them in a massive distributed DoS attack. Such an attack can start by plugging in a single infected bulb within a low-power network such as Zigbee in an airport and then spread to the entire area within minutes. LPWAN is used for real-time monitoring and predictive maintenance of long-range airport equipment that does not require constant communication between the nodes and the cloud backend, such as smart parking, asset tracking (e.g., wheelchairs), environmental monitoring and aircraft movement, and real-time energy monitoring and uninterrupted power supply (UPS) for an existing SCADA system. LPWAN can be susceptible to a DoS attack through an inten- tional interference such as a jamming replay attack, where the adversary can monitor traffic to intercept authentication data, or an energy depletion attack, which can drain the batteries of the devices and lead to rapid network-wide energy expenditure and shutdown of the whole network. 3.5.1.4 Check-in Kiosks, Automated Electronic Gates, and Perimeter Surveillance Passenger checkpoints such as eGates scan electronic passports and match biometric data (e.g., facial recognition and fingerprint) obtained. eGates also maintain connections to biometric databases for further verification of passengers and cross-reference against blacklists. An adversary may attempt to compromise the system to steal sensitive passenger information, launch a DoS to disable the system, or instigate a man-in-the-middle attack (MITM) to bypass the verification process for malicious purposes. Physical access to airport perimeters is restricted using RFID-based key cards, NFC, smart- phone apps, or smart cards or monitored by IoT-based security applications. These IoT applications along with network-enabled sensors and IP cameras can be the target of spoofing attacks, video loop attacks, and DoS attacks. Wireless links, used by perimeter security and access sensors (gate access sensors, infrared (IR) or RF occupancy sensors, road/path/floor pressure, or inductive sensors), are susceptible to RF packet insertion to cause false alarms; the false alarms can cause security monitors to ignore activity or deactivate monitoring, and miss actual intrusion alarms. Wireless surveillance systems relying on RFID, CCTV, and various LPWAN sensor network connections are increasingly interconnected with other systems, further increasing the attack surfaces. Weak network security in such surveillance networks may allow adversaries to exploit software vulnerabilities to gain unauthorized access, upload malware, and monitor airports’ infrastructure or inject compromised data leading to a catastrophic impact on airport safety. The self-service check-in infrastructures shared by multiple airlines and third parties through remote management functionalities are often running on common software, operating systems, and firmware systems. With the adoption of IoT technologies, these systems are no longer air- gapped. This results in increased attack surfaces through which adversaries may penetrate the network and escalate their privileges to manipulate the behavior of connected machines and SCADA equipment (e.g., baggage handling, air conditioning, and power distribution). Attackers can

Planning and Implementation Guidelines 157   then infect other interconnected systems, potentially cascading the effect on the secure opera- tion of airside and landside. Such incidents took place in the United States in 2011 and in an Iran airport in 2018. 3.5.1.5 Vulnerabilities of Devices That Use GPS/Global Navigation Satellite Systems Many wireless sensors and systems use GPS or global navigation satellite system (GNSS) satel- lites for time reference and location determination. These vulnerabilities are often highlighted in moving aircraft and ground vehicles, where GPS disruption can lead to catastrophic conse- quences. However, any remote sensor, monitor, or computer system that uses GPS/GNSS receivers is susceptible to jamming and signal spoofing, causing a loss of time and location information, or causing a device to act as if its time and location are some other time or some other place. GPS spoofing hardware is now available that is small, compact, and easily concealable, enabling a hostile agent to enter an area and disrupt GPS/GNSS operations. Some transactional systems may detect time and location discrepancies, but either go off-line or reboot in response; this behavior can cause service disruption. 3.5.2 Mitigation Actions and Countermeasures This section describes categories of actions that can be taken to counter actions committed with malicious intention over wireless networks in an airport environment. These countermeasures include preventive actions in the wireless network design to protect communications, mecha- nisms to detect and stop attacks, and actions to mitigate effects and recover. 3.5.2.1 Cyber-Physical Protection Cyber-physical protection is the activity by the IT organization (airport authority or third- party operator) to position information system components within the facility to minimize potential damage from physical and environmental hazards (e.g., flooding, fire, tornadoes, earth- quakes, hurricanes, acts of terrorism, vandalism, electromagnetic pulse, electrical interference, and electromagnetic radiation) and to minimize the opportunity for unauthorized access. For this purpose, the organization considers the location of physical entry points where unauthorized individuals, although not granted access, might nonetheless be close to the infor- mation system, thereby increasing the potential for unauthorized access to organizational com- munications using wireless sniffers. Physical and data security procedures, processes, and technology must be implemented and managed for all cyber-related systems and activities, especially aspects of airport operations that use networked computer systems: ATC, airline commercial operation and logistics, all flight operations, physical security systems, and others. Cyber security will be applied differently across the different segments of airport operations; specifically, traveling public, aircraft operational segments, airlines, airport logistics and secu- rity, and airport vendors. Because segments will have physical, RF, and cyber overlap, sharing and isolation of segments must be considered. Table 34 shows a general classification of security levels according to the airport area. 3.5.2.2 Isolation of Wireless Networks Wireless network segments in an organization are easily identifiable because they use a spe- cific access interface for users. Consequently, it is possible to isolate them through physical layer separation between segments of wireless channels, multi-factor authentication, independent

158 Transformation in Wireless Connectivity: Guide to Prepare Airports end-to-end encryption, hidden SSID, and network access control policies. Such policies establish user access authorization policies (e.g., allowlists), usage restrictions according to user privilege role, and enforcement of software requirements by connected devices. Implementing isolation policies will limit devices to accessing resources in the network unless they comply with the organization’s defined policy. This includes the antivirus protection level, system update level, and device configuration. This, in turn, will isolate risky BYOD users, includ- ing employees and visitors, but more generally, any infected host machine inside the network. While a noncompliant device is being health-checked for any potential infection and cleared, it is only allowed to access resources that can resolve any issues. By nature, wireless signals can radiate beyond the intended coverage area. Reducing the com- munications range by careful network planning, power limiting, or using smart antennae limits the attack surface to a smaller space. Thus, short-range communication technologies such as BLE, RFID, or Zigbee are less accessible and more secure than longer-range technologies such as Wi-Fi or cellular. Other communication parameters can be designed to mitigate against security attacks by means of redundancy. More than one independent technology (e.g., Wi-Fi and cellular), different frequency bands, and different modulations can be used for back-channel authentication, message transmission, and as an alternative wireless link in jamming situations. In addition, the operating organization should minimize the number of wireless equipment communication ports by disabling and physically monitoring unused services and restricting the use of external media drives or wireless connections. All unused, physically accessible ports on IT and IoT devices should be controlled and restricted, if not disabled. For use cases requiring very high availability or affecting national security (e.g., CBP control), replacing wireless with wireline interfaces should be considered. This separation of hardline interconnections between public and non-public systems will increase the costs of installation and maintenance. Finally, certain wireless services rely on third-party organizations with nationwide coverage and large-scale IT systems. These organizations operate carrier-grade communication systems, with top-level control software, system redundancy, and certified practices for network security. Making use of these operators as a subscriber greatly simplifies the management of network security without the burden of managing IT security for the organization. 3.5.2.3 Protection Against BYOD Attacks Public wireless guest Wi-Fi networks, to which BYOD visitors connect, should limit the autho- rized ports and services strictly to web traffic (port 80) to authorized sites. Other ports may be opened for encrypted website information [e.g., secure sockets layer (SSL)], virtual private network (VPN), and remote desktop connections; however, the more ports available, the more vulnerabilities. Wireless system providers at airports should conduct regular patching of all sys- tems and port control through firewalls, and network segmentation with an alternative internet connection and secondary IP range should be used. Segment Accessibility Public Open Aircraft operations Secured, highest level Airline management/administration Secured, commercial level Airport logistics Secured, highest level Security Secured, highest level Public-facing vendors Secured, commercial level Airport support vendors Secured, commercial level Table 34. Levels of cyber-physical access in airport segments.

Planning and Implementation Guidelines 159   In addition, default administrator credentials to the APs in this network should be changed. To prevent the increase of attack surface from complimentary Wi-Fi networks, any devices or services that the airport hosts for internal use should use either Ethernet solutions or indepen- dently secured Wi-Fi networks not connected to the open Wi-Fi network provided for the pas- sengers. This way, successful attacks on the public Wi-Fi network do not infiltrate the airport’s private network. Strong control measures, firewalls, and access restrictions for BYOD on airport critical systems and SCADA should be imposed. Airport enterprise networks should be protected with pre-shared key (PSK) systems such as Wi-Fi Protected Access (WPA2), strong passphrases, and Advanced Encryption Standard (AES). Network I/O to SCADA devices, systems, and networks should be protected by unique entrance keys and encrypted data channels. A major form of cyberattack mitigation is the Wireless Intrusion Detection System (WIDS) or Wireless Intrusion Protection System (WIPS). These systems monitor all incoming traffic and automatically detect any potential DoS attacks through volumetric protection. There are two deployment models for these systems: • Wireless stations (e.g., Wi-Fi APs) may have built-in WIDS/WIPS functionality running at the same time as network connectivity functions. • Dedicated sensors may provide the monitoring and detection system, while wireless stations focus on network protection based on monitoring data. Mobile Device Management (MDM) systems are combinations of on-device applications, corporate policies and PKI certificates, and network infrastructure that administer the con- figuration and access of mobile devices in a network. More recently, this type of system has evolved into unified endpoint management (UEM), which expands the scope to administer all enterprise-connected devices including desktop computers, printers, IoT devices, and wearables within a single interface. These systems allow administrators to segregate data traffic, secure cor- porate communications, enforce corporate policies and device configurations, perform device updates, and monitor the behavior and location of connected devices. Implementing a PKI can make this process more manageable and secure. Keys and certificates are issued from a central corporate Certificate Authority (CA). Each key is unique to the device and PKI enables easy rotation of keys and certificates regularly. Expired certificates have caused reputational damage for telecom providers in the past, with mass outages leaving customers unable to access the internet or make voice calls. MDM and UEM systems are implemented on the premises or in the cloud and usually use third-party products. The organization is responsible for establishing lists of controlled devices, defining allowed mobile code and required software updates, defining restrictions of usage and access, setting up policies to restrict unauthorized actions, and monitoring and enforcing the proper usage and authorized location of devices. As a mitigation action against insider attacks, effective user access management should be in place, such as adopting multi-factor authentication and restricting the use of utility programs that may override application controls. Outbound data flow, along with systems log files, should be closely monitored to detect anomalies that could be the trace of an APT attack. It is impor- tant to ensure that all employees, temporary staff, and contractors are granted the lowest level of privilege needed to perform their authorized duties. Active, continuous intrusion detection, and service attack monitoring of wireless systems, especially safety and security systems, should be in place. Monitoring should include capabilities for geolocation of wireless sources for predictive maintenance, identification of failures, identifi- cation and localization of RF interferers, jammers, and uncooperative/hostile sources.

160 Transformation in Wireless Connectivity: Guide to Prepare Airports Awareness training and maintaining security standards on BYOD are essential. All the soft- ware patches should be applied on time, and audit systems on log files are important to identify unauthorized changes and malicious software. A combination of technological (e.g., multi-factor authentication, anti-spoofing control), process (e.g., forensic analytic capabilities), and people- oriented (e.g., anti-social engineering awareness training, regular practices with simulated phishing exercises to maintain organizational alertness) approaches are necessary. 3.5.2.4 Protection of Data, Monitoring, and Surveillance Systems Data protection practices should be in place for confidential information transmitted over wireless networks. The level of confidentiality of the information should be defined by a data protection policy according to privacy protection (e.g., passenger location), business secrets (e.g., financial or contractual data), security (e.g., surveillance footage), or safety (e.g., airfield operations) reasons. All systems should implement end-to-end encryption with regular key updates and distribu- tion over physically- or network-secured channels. VPN, HTTPS, or AES256 should be used on data streams with mobile devices. No surveillance system should be connected directly to the internet by adopting VPN and nonstandard network ports for remote access. For all devices and sensors, default passwords should not be used, and unused services and ports must be disabled. Also, the physical security of remote devices and sensors must be ensured. PKI certificates, while their initial deployment can be more complex, provide strong proof of identity and full credential life cycle management between managed monitoring and surveillance devices and data servers. As mitigation, it is recommended to maintain the legacy systems as redundant system backup in case of an attack. 3.5.2.5 Next-Generation Wireless Networks Security features and threats to wireless security both evolve rapidly. Thus, periodic security testing is essential to maintain a high level of protection. Wireless penetration testing is a method to obtain detailed information on vulnerabilities in wireless networks. It consists of an identi- fication of the existing networks and connected devices, the level of security they implement, and potential vulnerabilities. There are two main types of penetration testing: • External penetration (“black hat”) tests are performed from outside the company network perimeter. They focus on identifying ways a hacker can enter the system through wireless networks and how quickly they can infiltrate the inner resources of the network. • Internal penetration (“white hat”) tests are performed from inside the company perimeter. They focus on the types of damage a hacker or an insider can do once already inside, including ways they can control the entire system. In addition to performing penetration tests, airports must do contingency planning and regu- larly practice incident response and active communication of anomalous activity to all stake- holders (e.g., IT staff, management, and law enforcement) to maintain common awareness of potential threats and prepare for potential implementation of countermeasures and mitigations. Though they have security protections, current wireless networks, 4G and earlier, are still vul- nerable to hackers for a range of illegal activities, such as locating users, intercepting messages with open data, and instigating DoS attacks. The initial 5G networks built over the 4G infrastruc- ture (5G NSA), are bound to have similar security issues as the current 4G networks. Beyond this, 5G introduces an additional level of security challenges through its inherent technology evolution to support multilevel services, multiple device types, and flexible network architec- ture. The new paradigms of 5G with these security challenges include open RAN architecture (O-RAN), network slicing, virtualization, and cloud-native and service-based architecture.

Planning and Implementation Guidelines 161   5G has adopted many security functionalities to address and protect against many of these security threats, but the full extent of 5G security will not be achieved until the 5G SA (stand- alone) networks with no 4G dependency are deployed. These 5G security features include new mutual authentication capabilities, enhanced subscriber identity, and additional security mecha- nisms. 5G provides improved confidentiality and integrity of user and device data through uni- fied authentication across networks, enhanced privacy protection, and other features. Other wireless technologies introduce security features in the access network and do not require specific core security in the enterprise architecture. Wi-Fi 6 enables WPA3 certification, which includes more robust encryption algorithms and enhanced key management. AeroMACS offers device-embedded security with PKI certificates. Other technologies targeted to IoT, such as PAN and LPWAN, have less robust built-in security features and need to rely on other types of access limitations. AeroMACS PKI provides digital certificates to aircraft, ground devices, and servers for strong device-to-device authentication. This mechanism provides the foundation for application autho- rization, access control, and data confidentiality. A single Root CA system provides a highly secure, trusted, and globally interoperable PKI. Aviation-specific PKIs and X.509 certificates will be essential parts of the total security solutions for transport networks of ATC/AOC traffic. 3.5.3 External Guidance for Cybersecurity Protection The NIST Framework for Improving Critical Infrastructure Cybersecurity (NIST Framework) indicates that organizations that manage critical infrastructures should consider leveraging external guidance obtained from federal government departments and agencies, Informa- tion Sharing and Analysis Centers (ISACs), Information Sharing and Analysis Organizations (ISAOs), existing maturity models, or other sources to assist in determining their desired tier (NIST 2018). In the NIST Framework, an organization’s level of external participation (i.e., how well it understands its role in the larger ecosystem, how well it collaborates and shares informa- tion with external entities, and how well it is aware of its cyber supply chain risks) is so important as to be one of the three main criteria for tier selection of an organization along with the other more obvious two criteria (i.e., levels of risk management process and integrated risk manage- ment programs). The NIST Framework adopts the term cyber supply chain risk management to refer to a set of organizational activities necessary to manage cybersecurity risk associated with external parties. It appropriately suggests that cyber supply chain risk management should address both the security impact of external entities (e.g., technology vendors) on an organization (e.g., airport) and the security impact of an organization (e.g., airport) on external parties (e.g., external information systems and law enforcement agencies). When implementing a cyber supply chain risk management process, airports should pro- actively engage the many external entities that could be a great source of help. In other words, air- ports do not have to pursue cybersecurity protection alone; they can get various types of support from a growing number of agencies, organizations, companies, and information forums. Airports should connect with the increasing number of external resources (e.g., SANS Insti- tute), agencies (e.g., FBI, DHS, DOD, CISA, and ICS-CERT), consultancies (e.g., InfraGard), companies, and forums for improving their cybersecurity capabilities. FBI agents assigned to each airport can be an important conduit to cybersecurity resources. The DHS Cybersecurity and Infrastructure Security Agency provides training and funding resources to assist airports in improving their cybersecurity.

162 Transformation in Wireless Connectivity: Guide to Prepare Airports Recent cybersecurity incidents and threats highlight the need for comprehensive cyber- security across all sectors. DOD is leading federal cybersecurity implementation through the Cybersecurity Maturity Model Certification (CMMC) process. Although CMMC was initially a DOD initiative in the early stages of implementation, other federal agencies such as FAA will likely implement CMMC or similar regulations and require all stakeholders to obtain CMMC. Airports and associated stakeholders should anticipate achieving CMMC Level 3 certification or a similar cybersecurity framework certification to meet federal regulations in the next 5 to 10 years. Airport Council International (ACI) is one of many good training resources. It regularly updates its handbook and training programs on cybersecurity best practices and case examples illustrating cybersecurity self-assessment tools and airport-specific solutions that can be cus- tomized for the unique risk exposures at different airports. FAA coordinates with DOD, DHS, and industry to address cyber risks across the aviation ecosystem. The Air Traffic Organization (ATO) is the operational arm of the FAA responsible for safe and efficient air navigation services for the entire airspace. The ATO Cybersecurity Group (ACG) provides support for the safety of the National Airspace System cyber operation and ensures that ATO is aligned with FAA’s overall cyber strategy. ACG maintains strong partnerships that focus on timely cybersecurity informa- tion sharing and cross-agency security enhancement across the entire aviation ecosystem. The IATA, through its Security Advisory Council (SAC), seeks to develop an industry-wide aviation cybersecurity strategy. Collaborating with ICAO, states, and many industry stakeholders, SAC keeps track of emerging cybersecurity threats, regulatory policies, standards, compliance, and technological innovations.

Next: References »
Transformation in Wireless Connectivity: Guide to Prepare Airports Get This Book
×
 Transformation in Wireless Connectivity: Guide to Prepare Airports
Buy Paperback | $101.00
MyNAP members save 10% online.
Login or Register to save!
Download Free PDF

The main wireless applications at airports—passenger connectivity and airport staff communications—are imposing increasing demands on wireless capacity. Demand for passenger mobile connectivity is skyrocketing as high-speed-capable devices proliferate, and passengers require enhanced connectivity either for work or entertainment during dwell times, including location-based services for a custom travel experience.

The TRB Airport Cooperative Research Program's ACRP Research Report 242: Transformation in Wireless Connectivity: Guide to Prepare Airports is intended as a resource for airports as they navigate through the existing taxonomy of wireless technologies and their use cases.

ACRP WebResource 15: Assessment Tool for Transformation in Wireless Connectivity is an assessment tool that supports the methodology outlined in the report. It provides a dynamic interface to input the current status of the wireless technology implementation at an airport and to input the intended goals regarding the development of the airport’s wireless infrastructure/use cases and generates a report that comprehensively compares the indicated current and target statuses.

Supplemental to the report is a PowerPoint presentation that can be used by airport decisionmakers on proposed solutions.

READ FREE ONLINE

  1. ×

    Welcome to OpenBook!

    You're looking at OpenBook, NAP.edu's online reading room since 1999. Based on feedback from you, our users, we've made some improvements that make it easier than ever to read thousands of publications on our website.

    Do you want to take a quick tour of the OpenBook's features?

    No Thanks Take a Tour »
  2. ×

    Show this book's table of contents, where you can jump to any chapter by name.

    « Back Next »
  3. ×

    ...or use these buttons to go back to the previous chapter or skip to the next one.

    « Back Next »
  4. ×

    Jump up to the previous page or down to the next one. Also, you can type in a page number and press Enter to go directly to that page in the book.

    « Back Next »
  5. ×

    To search the entire text of this book, type in your search term here and press Enter.

    « Back Next »
  6. ×

    Share a link to this book page on your preferred social network or via email.

    « Back Next »
  7. ×

    View our suggested citation for this chapter.

    « Back Next »
  8. ×

    Ready to take your reading offline? Click here to buy this book in print or download it as a free PDF, if available.

    « Back Next »
Stay Connected!