Lee Harvey Oswald and 9/11

Oswald

Lee Harvey Oswald robbed my parents of their youth.

In a similar way, 9/11 and the destruction of the World Trade Centers may have robbed the rest of us (even those of us now in our 60s) of our youth.

When Oswald killed John F. Kennedy, he also killed – or at least damaged – the “youthful outlook” of the “Greatest Generation” – those who had survived the Great Depression and put their “youth” on hold to fight World War II.   That generation – which included my parents – came back to peacetime, after WWII, and immediately married, had kids (lots of kids – the Baby Boomers) and got engaged in work and business.   This generation saw Kennedy as a hero.   He was, indeed, a bonafide war hero from PT-109.  But he also had an eloquence and a youthful outlook on the world symbolized by his goal to put a man on the moon and his speeches including “ask not what you can do for your country …” and “the torch has been passed to a new generation of Americans”.

Oswald killed all that.

And afterward, of course, my own generation would not “trust anyone over 30”;  the nation became bogged down in the Vietnam War;  and my parents became “old fogies”.  Bill Flanagan on CBS Sunday Morning eloquently described the disillusionment which followed November 22, 1963.

Something similar occurred, I fear, after September 11, 2013.    For over 230 years, the United States survived on isolationism.  We were separated from Europe and Asia by vast oceans as well as centuries in time.  The United States was the “young democracy” on the globe.  Sure, we lived in fear of nuclear Armageddon during the Cold War.   But “bombs dropping invisibly from the sky” is an abstract concept.  And, of course, that nuclear war never happened.

September 11, 2001, changed all that.

The war came to our shores.

Americans died – by the thousands – in Manhattan.

And, I think, to a great extent, the “youthful outlook” of the generations who remember 9/11 died also.

Now we have a National Security Agency which tracks our phone calls and our social media and probably tracks our email and web browsing.   We’ve built a giant security apparatus worthy of George Orwell’s 1984.  Our drones strike at people around the world.   We fear the Chinese have completely cyber-infiltrated our government systems and private businesses.  Every time we go through a TSA line at an airport we are personally reminded that terrorists live among us.   We’ve wasted trillions of dollars and tens of thousands of lives (including the lives of the dismembered) on foreign wars in Afghanistan and Iraq.   Every month another mass-shooting born of mental illness and despair seems to occur. And we are constantly reminded that our passwords are not secure, our financial information is not secure, and our very identities may be stolen.

I have great cause for hope, as well.  There’s a whole generation growing up now who do NOT remember 9/11.  The wars are winding down (although the debt they left us has not).  We’ve got a vigorous non-profit sector of hackers (in the good sense of the term) who are building applications from open source and demanding open government data.   A whole set of technologies is sprouting which will enrich our lives:   network-connected glasses, autonomous vehicles, tablet and smartphone computers, and other wonders yet to be unveiled.

Lee Harvey Oswald robbed a generation of its youth.  9/11 robbed more generations of our youth.  Can our next generation perhaps live out its dreams?

FirstNet Business Plan: Mission Impossible?

How can FirstNet possibly pay for its initial construction, subsequent network enhancements and long-term operations? While extremely challenging, there is a way.

The Spectrum Act of 2012, which created the First Responder Network Authority, specifically requires that the nationwide public-safety broadband communications network that FirstNet is building pays for its own long-term operational costs. It also requires that any income derived from the network is used to fund improvements and operations.

This is going to be extremely difficult to accomplish, and some may think it to be impossible.

But there is a way …

(read the rest of this blog post at Urgent Communications here)

Cyberhacked – Again

In the face of continuing breaches, what are Governments to Do?

The depressing news made headlines in Washington State and nationwide last week – the Washington State Courts systems had been hacked, and about 160,000 social security numbers and the information from a million driver’s licenses was potentially exposed to hackers. This announcement was almost coincident with the news of $45 million stolen from the world’s cash machines, a problem with weak security in several private banks.

Plenty of similar news abounds – South Carolina’s Department of Revenue had a data breach which affected 6.4 million businesses and residents and has cost the state $25 million, so far. The State of Utah had the personal information (social security numbers, healthcare information, etc.) of 780,000 residents compromised in 2012. Indeed, 21 million people have had their health records lost or stolen or breached in the last three years, and millions more have been victims of identity theft, loss of credit card or personal financial information, and similar issues. Even law enforcement is not immune, as the Salt Lake City police department itself was hacked and information lost in early 2012, and the Honolulu Police Department revealed a breach this past week as well.

Believe me, these reports are just the tip of the iceberg in terms of lost or breached data in government and the private sector.

What’s a government to do?

I have several practical suggestions:

1. Hang together, don’t hang separately.

In every government, departments are silos. Each department wants to assert its independence from the others and manage its own data, technology and IT systems. At another level, there are three branches of government – judicial, legislative and executive. For the Federal government these are the federal courts (e.g. U.S. Supreme Court), Congress and the President. Each branch asserts its independence from the others. And, of course, cities are independent of their counties who are independent of their states and everyone mistrusts the Federal government.

When it comes to cybersecurity, this is bullshit.

The “bad guys” are incredibly well-organized. Bad actors could be a criminal syndicate, as in the ATM hack earlier this week, or Anonymous, or even nation-states. Several national governments – China, Israel and the United States – are widely cited as developing cyber weapons.

To respond to these threats, cyber defense teams have to work together, ignoring their organizational silos. There might be separate teams in separate branches or departments, but they need to support each other, probe vulnerabilities in each others’ systems, and actively share information. Every government should have cross-agency cyberincident response teams and forensic investigation teams which are activated at a moment’s notice whenever an incident – even a single infected computer – occurs.

2. Actively use private sector resources.

Many private companies will handle credit card processing, perform vulnerability scans, and do risk assessments. They’ll even manage a network on behalf of a government. No government should be doing its own credit card processing or holding/securing citizen credit card information. At the very least governments can contract with private companies to scan their networks and websites for vulnerabilities, do audits of internal systems, and similar work. Private companies will have much more expertise than most governments can hope to hire directly.

3. Consider the “cloud”.

Amazon, Microsoft, Google, and a number of other companies offer to store data or manage applications at their data centers and sites, in their “cloud”. These companies have teams of information security experts to protect this data. Governments should actively think about using such services. One problem is contractual – most cloud providers want to limit their liability in case a breach occurs. Unfortunately, I’m not aware of contract language with a cloud provider which would satisfy all of a government’s concerns about breaches and loss of personal information, and I encourage your comments about this.

However, another alternative is for one government to create and host cloud services for others, again using joint cyber protection and response teams. Such a technique might also address other concerns such as the need for backgrounding data center employees for CJIS or HIPPA compliance.

4. Use hackers.

Every state has a major university. A friend of mine, CISO at a university, has described the school as having “35,000 potential hackers”. Governments could create special relationships with their colleges and universities to employ students and student interns in a wide variety of tasks to manage, monitor and audit/probe their government systems. This technique has the added advantage of helping to train these students – give them practical skills necessary to solve the shortage of information security workers.

There are, undoubtedly, many other protection techniques governments should adopt. A major problem in my experience, however is complacency. “Our techniques are working.” “It can’t happen here.” “We passed a cyber security audit last year.” Again, such complacency is bullshit. Cyber attacks, vulnerability discovery and the application software we use changes too rapidly.

This underscores the most important of my suggestions – the first one – working together. Too often we government employees put our department first, or believe we “work for the xxx independent branch of government”, not the governor or mayor or legislature or (fill in the blank). Maybe we’re afraid of losing our jobs or fear what the results of an audit might disclose.

In the face of the attacks above, this attitude, this culture absolutely must change. We all work for the citizens of our city or our state, who entrust us with their sensitive data. And we absolutely must cooperate much more to safeguard that information.

After all these data breaches, have we learned our lessons?

Sadly, I doubt it. I expect that, over the next 12 months, I’ll be tweeting and reporting further breaches and potential losses of citizen information.

When will we really learn?

(Full disclosure:  I now work for the State of Washington.  However I have no “inside” knowledge of the breach at the State of Washington Courts.)

– Can a City be Hacked to its Knees?

The New York Times had the audacity to research and write a story critical of Chinese Prime Minister Wen Jiabao’s family.    In return for its journalism, the Chinese government apparently unleashed a four-month long hacker attack against the Times stealing, among other data, every one of its employees’ passwords.  This effort was apparently searching for the sources for the story.  Ars Technica has a short, frightening, account of the hack.   And, of course, the Chinese government succeeded – would people crticial of the regime dare to talk to the New York Times now, knowing its technology can be hacked?

There are many related and frightening stories – the Wall Street Journal was attacked, a power station in the United States has been offline for three weeks due to an attack based on a USB drive, and, of course, Anonymous (or someone) has been hard at work with denial of service and web defacing attacks on banks and government agencies.

Could a City, County or State government be subject to a similar attack ?

A few years ago, when I was CIO in Seattle, I would have dismissed the notion out of hand.  A City government does not hold the secrets to making a nuclear weapon in its digital vaults, nor do cities have active networks of foreign spies (with the possible exception of my friends in the Big Apple) whose identity needs to be uncovered by foreign powers.

Today I feel exactly the opposite.

Cyberwar is real.  Cyberwar is happening today, even as I’m writing this.   And the New York Times attack is only the latest.

The evidence is everywhere.  Nation-states (and perhaps others) are creating malware with the express purpose of attacking other nations or private company.  Stuxnet is one example, as is the malware which fried 30,000 computers at ARAMCO in Saudi Arabia.   Many governments have been compromised with malware to steal money from their accounts by stealing finance officers passwords.

Why would anyone – other than a criminal botnet out to hack finances and bank accounts – target a City or County or State government?

The New York Times attack highlights the reasons clearly.

Suppose a Mayor or Governor publicly opposed allow trainloads of coal to pass through their city or state, in order to be loaded onto ships, sent to China, and used to power the Chinese electrical grid.  Wouldn’t such opposition essentially constitute economic warfare and potentially provoke a cyber response?

Suppose a Mayor or County Executive, hoping to combat a rash of gun violence, initiates programs for a network of video surveillance cameras and gunshot detection technology (read:  microphones) in a City.   Could that provoke Anonymous or a similar organization?

Defacing a City or County website is bad.   Stealing taxpayer money from government bank accounts is worse.   Compromising SCADA systems to shut down a water supply or electric grid is dangerous.  But we haven’t yet seen the worst potential attacks, such as bringing down a 911 telephone network or freezing a police or fire computer-aided dispatch system or perhaps crashing a public safety radio network.

And these overt acts pale by comparison to covert actions which may be occurring undetected – systematically compromising and falsifying utility bills, or hacking into and changing criminal and court records.    We have no evidence such covert acts have ever occurred, but given the myriad of different levels of government and many repositories for the information, such databases must represent a juicy and lucrative target for criminal networks, Anonymous and even nation states.

All these potential threats indicate cities, counties and states cannot be complacent, but rather need active cyber security programs, preferably in cooperation with other agencies.

Yes, Dorothy, a City could be hacked to its knees.   Worse yet, it might not be discovered for months or even years after the act.

– Why don’t Cops Use Smart Phones?

Responders’ Smart Phones – Click to see more

Every teenager – including some of us 50 and 60 year old teenagers – seems to have a smart phone these days.  I’m writing this on an airplane, and I just finished an intense, 20 minute “Angry Birds” session on my HTC Android smart phone (yes, it was in “airplane” mode!).   And I’m almost a Luddite when it comes to apps and smart phones.

But many people young and old commonly use their smart phones or tablet computers to do interesting, productive activities such as:

• listen to public safety two-way radio;
• take meeting notes using Evernote or One Note;
• watch episodes of TV series using Hulu;
• read books and newspapers;
• take photos or videos and text message them around the world.

Gee, some people even use their smart phones to actually make voice telephone calls!?

So why don’t cops and firefighters, emergency medical technicians and electrical lineworkers, public works and transportation department employees, and a whole other host of critical and important government workers use smart phones in their daily jobs?

Of course these public safety workers DO use smart phones. Often they use their PERSONAL smart phones to do some part of their job. But rarely do governments give their workers smart phones – other than BlackBerrys for email, that is – to officially do their jobs and become much more productive.  In fairness, that’s not because Mayors and County Executives and Governors are unsupportive, or government CFOs are enny-pinching.

We don’t give government workers these important tools for two basic reasons:

• The apps don’t exist;
• There is no guarantee of priority access to commercial cell phone networks.

In terms of the “apps”, most governments use a relatively small set of applications from a few vendors – there are records management systems, computer-aided dispatch systems, utility billing systems, work management systems, etc.  And many of the vendors of those systems only recently have built them to accept even web-browser access. The terms and conditions for our (government’s) use of such software explicitly says we’ll only use the software with vendor approved configurations, or the vendor won’t give us support.  And most vendors for these government-specific systems don’t make a version of their application which runs on a smart phone, whether it is a Windows Phone 7, Apple iPad or Iphone, or  Google Android.

Software companies:  Get on the stick and write smart phone apps for your software. ‘nuf said.

More importantly, government workers presently have to use commercial mobile networks for their smart phones. And on those networks, public safety and critical infrastructure workers have no priority. That means your teenager (even if she’s 50 years old) has the same priority as a cop or firefighter or electrical lineworker responding to a major incident or emergency.

Do you want that emergency medical technician responding to YOUR heart attack to have priority access – wirelessly and in real time – to your medical history, and to the emergency room doctors at the level 1 trauma center, and to a video conference with your cardiologist?  Of course you  do!

During a robbery, when you or your employees are being held up at gunpoint, don’t you want the responding cops to be able to see the video of  your store – including the images of the perpetrators, in real time as they respond?  And have passers-by snapping photos and video of the perps to send to 911 centers using next generation 911 technologies?  Of course you do!

When your electrical power is out, or your water is interrupted, don’t you want that utility worker to have access to all the diagrams and network configurations so they can accurately pinpoint where the outage is and rapidly fix it?  Well, of course you do.

If, all of a sudden, a kid in your child’s high school goes crazy and brings a gun to that school, taking teachers and students hostage, don’t you want responding cops and firefighters to have access to the video cameras with interior views of the school, and to the school’s building plan showing all the exits, and maybe even to the GPS on the cell phone used by the kid with the gun so they can see his (they are all boys, alas) exact position in the school? Obviously we do.

But the blunt fact of the matter is this:  At the same time you are having a heart attack, or your business is being robbed, or your electricity fails, or a school lockdown occurs – everyone who has a cell phone within a mile of the incident may be texting and calling and tweeting and sending photographs to their loved ones, and the commercial cellular networks will be overloaded.

That’s why we don’t give cops and firefighters smart phones.  Because – besides the fact that safe, secure, apps don’t exist – when responders most need their smart phones, the cell phone networks will be overloaded and fail them.

Is there a way out of this dilemma?  “Of course there is!”

Several bills are pending in Congress today which would allocate wireless spectrum for priority use by police, firefighters, emergency medical techs – and also by electrical lineworkers, public works employees and transportation workers .  Those same bills would auction other spectrum for use by carriers, producing almost $26 billion in revenue to both reduce the federal government deficit and to build a nationwide public safety network which responders could use – with priority over all other users and uses.

Then those first and second responders could use smart phone applications every day, confident that the network will be available, no matter what nearby teenagers are doing.

But, like so much else in this year of 2011, Congress is in deadlock. Some brave Senators and Representatives such as Jay Rockefeller
and Kay Bailey Hutchison (with Senate Bill S.911) and Peter King and Maria Cantwell and Dave Reichert do step up to the plate, led by Vice President Joe Biden.  They all support creation of a nationwide public safety wireless broadband network.   At the same time, many others in Congress stall and block the work, while people needlessly are hurt or die.

Why don’t cops and firefighters use smart phones?  Because some in Congress would rather play politics, argue endlessly, and pinch funding than give our responders the tools they need to save lives and protect property every day, as well as during future disasters.

With the 10th anniversary of the September 11th World Trade Center disaster just a month away, does this dithering make sense?   Of course it doesn’t.

– Bin Laden changed Gov’t Tech

Osama Bin Laden’s death is a welcome event for most people, especially in the United States. Yet his life profoundly changed the direction of information technology as it is used in City, County, State and the Federal government. Indeed, my own life is vastly different than it would have been if the World Trade Center towers had not been destroyed on September 11, 2001.

The most visible effect for most Americans, of course, is our two wars in Afghanistan and Iraq. Even there, the effect is distant from the majority of us: relatively few families have friends or relatives who serve in the military. (A notable exception – reservists and the National Guard – I have a friend in the Seattle Parks Department who has been activated three times, once each for Afghanistan, Iraq and Djibouti,and now has been notified of an upcoming fourth deployment).

Of course anyone using airports notices the “new” fedgov bureaucracy, the Transportation Security Administration and its wide variety of high and low technologies from “spread ‘em” millimeter wave body scanners to “feel ‘em up” intrusive body pat-downs.

But Bin Laden’s war on the United States changed much more in the way we live and govern our cities and counties and states.

After September 11th, the threat of terrorist attacks took a prominent place alongside earthquakes and hurricanes as a potential disaster. Now we worry about “dirty” bombs, and nuclear weapons smuggled in aboard ships and bio-attacks (remember the anthrax delivered to Congress?). In Seattle, we’ve done vulnerability analyses on likely targets such as the Space Needle, Microsoft headquarters, Boeing plants and Washington State ferries. Indeed, you can often see Coast Guard fast attack craft zooming alongside ferries. And traffic barriers and bollards protect buildings which may be targets.

Most visibly from a technology point of view, interoperable communications for first responders has taken center stage. In the World Trade Center attacks, New York City police officers in the buildings received the radioed notice to evacuate, but firefighters – operating on different radio channels – did not, and many of them died as a result. Many meetings have been held and much legislation proposed, but as of this writing – almost ten years later – we have few concrete improvements in interoperability. Notably, the Obama Administration has proposed a $12 billion grant program, financed by the sale of spectrum, to build a nationwide interoperable public safety wireless broadband network. http://www.cioupdate.com/news/article.php/3922331/Obama-Looks-to-Drive-RD-Wireless-Broadband.htm Whether Congress has the ability stop its internal bickering and actually enact legislation for this program is an open question. Nevertheless some cities and states, such as Charlotte, Harris County (Houston), Mississippi and the Los Angeles and San Francisco regions, are boldly building the first of these new, vital, networks.

Other changes include a new Fedgov Department, Homeland Security, to improve our readiness to combat terrorist threats. It’s initial steps to help us prepare for terrorist attacks include not only the TSA, but also the ill-conceived color-coded terrorism threat level (i.e. nuclear urine yellow) system. Recently, TSA and air marshal programs, fast FEMA responses, and Coast Guard interdiction of threats have allowed DHS to come into its own.

Whole grant funding programs have sprung into being as well, for example the Urban Area Security Initiative (UASI). UASI is funding thousands of programs to help harden vulnerable targets, equip first responders with personal protective equipment, and conduct exercises and training to improve our ability to withstand both terrorist events and disasters.

In the Seattle area, we’ve built a secure fiber network to interlink the seats of Government and Emergency operations Centers in central Puget Sound. Seattle – and many other cities and counties – have invested local funds to construct new, state-of-the-art 911 centers and emergency operations centers. Concerned about cybersecurity threats, we’ve hardened our control networks which manage the electricity and water grids. Indeed, the whole field of cybersecurity and information technology security now has new life confronting not just terrorist threats, but the very real problems created by hackers, phishers and identity thieves. With the help of homeland security dollars, we here in Seattle are building a cyber event logging system which will help correlate cyber security events across the Puget Sound Region.

Is America safer now than in 2011, especially given Bin Laden’s death? I don’t know. But I do know we are somewhat better prepared to meet disaster and terrorist acts. We have disaster preparedness plans and we exercise them. We are a more connected society with wired and wireless networks, and we are keenly aware of potential cyber security threats. We are more vigilant.

But we have a lot – a LOT – more to do. President Obama, Vice-President Biden and their Chief Technology Officer Aneesh Chopra have shown great leadership in boldly proposing to fund a new public safety broadband wireless network. The FCC has granted waivers to 20 cities, regions and states to build these networks. Courageous leaders in Congress such as Senators Rockefeller, Hutchison, McCain and Lieberman, and Representatives Peter King and Benny Thompson, are proposing legislation to finally build the nationwide networks first responders need to meet the challenge not just of terrorist events but also the daily incidents and disasters. Even the New York Times has endorsed these efforts.

Will their leadership overcome the naysayers in Congress and elsewhere?

For the sake of the nation, for the health and safety of every one of our citizens, I hope it does.

– Why Don’t Cops just use Cell Phones?

The National Plan

Police officers and firefighters carry $5000 radios.  Local and state governments spend hundreds of millions of dollars to build public safety radio networks.  Yet, today, cell phone networks seem to be everywhere, most people carry a mobile phone and many of us think paying $199 for an iPhone is expensive.  

Why can’t cops and firefighters and emergency medical technicians (EMT) use cell phones like everyone else?   A Washington State legislator from Seattle recently public argued for this approach in his blog.  And, at first, this appears to be a simple way for governments to save a lot of taxpayer dollars.

Here are a few reasons public safety officers need their own dedicated networks:

1. Priority.  Cellular networks do not prioritize their users or traffic.   A teenager’s cell phone has the same priority as a cell phone used by a police officer or, for that matter, the BlackBerry used by President Obama.  We’ve all experienced “no circuits available” or “network busy” when using a cell phone.  When I’m being assaulted or have been injured in an automobile accident or even have had my house burglarized, the last thing I want is to have the network be “busy” so a police officer or EMT couldn’t be dispatched.   Public safety needs dedicated frequencies where police officer sand firefighters have priority and even, perhaps, exclusive rights to for use, without calls being clogged by the public.
2. Reliability.  Seattle’s public safety radio network, part of the larger King County-wide 800 megahertz public safety radio network, handles more than 60,000 police, fire  and emergency medical calls every day.  It operated last year with 99.9994% reliability – that’s about 189 seconds of downtime out of more the than 31 million seconds which composed the year 2009. On the average, only about five out of the 60,000 calls were delayed for any reason, and even then the average delay was about two seconds.  What cell phone network has that kind of reliability?   How many times have you experienced “no service” or “call dropped” with your cell phone?   Do we want firefighters who are reviving a heart attack victim and talking to the emergency room on the radio to all-of-a-sudden have their call dropped?  Or should police officers lose service when drunk drivers clog the roads and bars are closing at 2:00 AM because a cell phone company decides to do maintenance because “no one uses the network then”?
3. Disasters.  Even small disasters cause cell phone networks to collapse.   In Seattle, we’ve had swat team actions or car accidents which have shut down a freeway.   Suddenly cell phone service abruptly ceases in that area because EVERYONE is on their phone.  A few years ago a rifleman was loose and shooting people in Tacoma Mall.  Responding police and EMTs had communications because they had dedicated networks and frequencies, but again cell phone networks were overloaded and down.   In a larger disaster such as an earthquake or hurricane (with associated evacuation of large cities), commercial networks will be overloaded or jammed for days by people trying to escape the affected areas. Do we want police and fire departments – or even transportation, electric utilities and public works departments – to be trying to use those same networks while they are are responding to the disaster? I don’t think so.
4. Talk-around. A key feature of most government-operated networks is something called talk-around or simplex or “walkie-talkie” mode. In this mode, individual radios talk directly to each other, without using a radio or cell tower. This is very important at incident scenes – firefighters commonly use it at the scene of a fire, because the radios will operate at the scene even if there isn’t a tower nearby. But this NEVER a feature of cellular phone networks. If the cell tower is down or out of range, that cell phone in your hands is a useless lump of plastic. But the radios of publicsafety officers still work and will talk to each other even without the tower.
5. Ruggedness. No firefighter in his/her right mind would fight a fire using a cell phone for communications. The heat, water and ruggedness of the environment would quickly destroy the device. Yet most public safety radios will survive being dropped repeatedly on the ground or being immersed in water for 30 minutes or more. No standard cell phone can survive the rigorous work of firefighting or policing.

Are there problems with the current dedicated public safety networks? Absolutely. The use proprietary technologies, for example “Project 25“. Theoretically all “Project 25” radios work on any “Project 25” radio system. But only a few of those are deployed around the nation. These proprietary technologies are one reason the radios cost up to $5,000 each.

Representative Carlyle, in his blog, proposes that we deploy “Tetra” radios for public safety. While Tetra is common in some parts of the world, it is not used at all in the United States. This is a dangerous proposal, because it means Tetra networks we buy would not work with the equipment used by any other government or telecommunciations carrier anywhere in the United States. If called to respond to a diaster overseas, we could talk to firefighters in Hong Kong or the police in Ireland, however.

Another problem we face is the small market – the total market for public safety is perhaps 10,000,000 radios which are replaced, say, once every 10 years. On the other hand, the cell phone market is huge – 260 million cell phones replaced every two years in the United States alone. The economies of scale means consumers will have a lot more choice, and their cell phones will be relatively cheap.

So is there some way to reduce the sky-high cost of these dedicated public safety networks while at the same time not endangering cops, firefighters, EMTs and the public in general?

Absolutely. The FCC, in its national broadband plan, and the federal Department of Commerce, with its forward-thinking grant program for broadband, are lighting the way for a new public safety network which will be more robust, national in scope, and interoperable. By “interoperable” I mean the new public safety equipment will probably operate almost anywhere in the nation, wether on a dedicated government network or on a commercial cell phone network. Here are some features of the new networks:

• The FCC and major public safety organizations have called for the new public safety networks to be built using a fourth generation (4G) technology called LTE – long-term evolution. Not coincidently, this is the same technology which will be used by the major cell phone companies Verizon and AT&T when they construct their 4G networks. The commercial networks will operate on different frequencies than the public safety networks, but they will all be built in same general area of the wireless spectrum – the 700 megahertz (MHz) band.
• Because they are all using the same technology (LTE) and are in a similar slice of radio spectrum (700 MHz) potentially they will all interoperate. That means that public safety officers will use the government networks and frequencies when they are within range, but could “roam” to a commercial network if necessary. So cops and firefighters will have the best of both worlds – coverage from dedicated government networks and coverage from multiple private carriers. The FCC is even considering rules which would require the commercial companies to give public safety priority on the commercial LTE networks.
• Because everyone – consumers, cops, firefighters and even general government workers such as transporation and utilities – are all using LTE, constructing the networks can be much cheaper. Commercial telecommunications carriers could put government antennas and equipment at their cell sites, and vice-versa. Perhaps the network equipment at the cell site, or even the central switches could be shared as well. Public safety will still be using its own frequencies and have priority, but could share many other network elements.
• And the radios used by individual public safety officers or placed in police vehicles and fire trucks can be much cheaper as well. Because manufacturers are all making equipment for the same technology – LTE – it could cost just a few hundred dollars. Again, there will be specialized and ruggedized devices for firefighters and others working in punishing environments, but the “innards” – the electronics – will be much less expensive.
• Next, we have to get all first and second resopnders to use the same or common networks. Here in Washington State, for example, we have multiple overlapping and duplicate networks. City and County police and fire in the region have one network, each electric utility (e.g. Seattle City Light) have another network. Transportation departments have their own networks (e.g. Seattle Transportation and Washington State Transportation each have their own separate network). The Washington State Patrol has its own separate network. The State Department of Natural Resources has its own network. Fish and Wildlife has its own network. And federal government agencies (FBI, cutoms and immigration) have their own networks. This is patently stupid and expensive. As we build these new fourth generation LTE networks, we need to build a single network with lots of sites and a lot of redundancy and hardening to withstand disasters. And everyone – first and second responders from all agencies – should use it.
• Finally, and perhaps most importantly, all the networks will be nationally interoperable. The lack of communciations interoperability was a major finding of the Commission which investigated the September 11th World Trade Center attack. But with these new networks, a Seattle police officer’s 4th generation LTE device will also work on New York City’s LTE network or New Mexico’s :LTE network or on any Verizon or AT&T network anywhere in the nation. As disasters happen anywhere in the United States, and first and second responders are rushed to the scene of the disaster, they can take their communications gear with them and it will work.

The City of Seattle is one of a handful (about 20) forward-thinking governments leading the way to deploy these new networks. Seattle’s public safety LTE network, hopefully launched with a federal stimulus grant, will eventually expand throughout the Puget Sound region and across the State of Washington. The State of Oregon also has authority and a grant request to build an LTE network, and we are working with Oregon to make sure our networks work with each other seamlessly.

Is all of this a pipe dream? I don’t think so. A number of public and private companies, governments and telecommunciations carriers and equipment manufacturers are working together to realize it. Many of them are in the Public Safety Alliance. In the Federal government, the FCC is working with the National Institute of Standards and the Departments of Commerce and Homeland security are providing grant funding. It will take a lot of work and many years to realize this network.

But when it is finished, we’ll have public safety networks which work to keep us safe, and consumer networks which work to keep us productive and linked to our friends and families. These networks will be separate yet connected. They will be built from common technologies. And they will be less expensive for taxpayers than the networks we have today.

– PITS Computing

Non-Computing Fads

There are fads and trends in information technology, just like in the world of clothing or hairstyles. One of the latest fads is pie-in-the-sky computing (PITS), otherwise as “cloud computing” or software-as-a-service – SAAS (pronounced as in “sassy”).

But I’ll call it pie-in-the-sky (PITS) computing, just to be different and even a bit contrary.

PITS computing is only the latest in a long line of sea-changes in IT. Electronic data processing (EDP – now there’s an old term) was the very first of these trends, appearing on the scene in the 1950s and 1960s. EDP was a world of punch cards and paper tape. EDP was the era of “glass house” data centers and a computer “priesthood”. Computers were far too expensive and esoteric for normal human beings to comprehend or touch. So there was a “priesthood” of specially anointed and trained computer specialists whose job was the programming, care and feeding of the electronic monsters.

But the development of computing technology continued relentlessly. Along came mainframe computing (green-screen). personal computing, local-area-network computing, client-server computing and Internet or web computing.

Each one of these phases was driven by some significant technological advance. The development of microchips and the Intel 8088 processor, for example, drove the personal computing trend. (Thank you Intel and IBM!) The development of Ethernet standards drove networking which allowed individual computers to talk to each other.

And then computing, of course, became part of the mainstream culture. Any human being in a developed country knows “windows” doesn’t refer to that wonderful device for seeing through walls, the “glass window”, but rather the portal into the world of computers, an operating system developed and marketed by Microsoft. And almost no one thinks of the “web” as a home for spiders or the “net” as a tool for catching fish or butterflies.

In this context, PITS is the latest fad in computing and technology. PITS is driven by the appearance of more-or-less ubiquitous and reliable high speed networking. Networks today, thanks to fiber optic cable, the router/switch revolution (thank you Cisco) and advances in wireless (wi-fi and 3G telecomm networks), are virtually everywhere. Or at least everywhere where human beings live and companies and governments do significant business.

And these networks are reliable. The wired networks almost never go down, although the signal can get weak or strange with wireless. In my house for example, our Wi-Fi network connected to a wired DSL Internet connection has 105 megabits per second of throughput. Yet my commercial telecomm provided cell phone only works at a certain specific spot in the kitchen in front of the microwave!

Most enterprises now operate with giant central servers which store data and applications. At the City of Seattle, for example, we have computer aided dispatch systems which reside on central servers at a “highly secret” police department location. The police data resides there, but cops on the street can access criminal records and license plate information which reside not only in Seattle but also on the other side of the nation or even on another continent.

Our water utility manages pumps and valves and dams and reservoirs across the entire county and up into the Cascade mountains. City Light, our electrical utility, manages an electrical grid which spans the entire state of Washington.

We all routinely use the web to find information and read the news. But we also increasingly use it to store spreadsheets or photos or documents on our own websites or using servers such as Google apps. Microsoft is embracing the trend, with its Office 2010 now available “for free” in a PITS cloud.

So if Microsoft Office can be in a “cloud” somewhere on the Internet, why can’t our payroll system or e-mail system or financial management system be halfway across the State in a data center in Grant County, Washington (next to giant hydroelectric dams to supply the power) or even halfway across the United States, well outside the Seattle earthquake disaster zone?

Of course the applications and data can be almost anywhere. In the past, I’ve been skeptical of PITS / cloud computing because I didn’t trust the networks to stay up in a disaster, and I was concerned about the security of information stored in a non-descript data center in a distant location outside my personal control.

But with today’s reliable networks, the network is not the issue. And major companies like Microsoft or Amazon or Google handle the management and security better than most governments or small businesses. Furthermore, as demonstrated by the World Trade Center disaster, the data could actually reside in multiple different locations around the nation, increasing our ability to withstand a disaster like that 8.0 magnitude earthquake.

It will be a while before we in government embrace PITS, because the loss of control is a big cultural change for governments and many large companies to swallow. Just like people were concerned when their data moved off their desktop computers to a server, and servers moved out of the closet on the same floor to a centralized computer center in the government complex, so it will take us some time to embrace having those computers in an unnamed nondescript but super-secure location, possibly right next to the bunker where Vice-President Dick Cheney hung out after September 11th.

But embrace it we will.

– A Peek at the National Broadband Plan

Broadband Wireless

On January 26th Admiral Jamie Barnett of the FCC spoke about the National Broadband Plan, which is now due out on March 17^th (and I understand New York City, Boston and other cities with large Irish-American populations plan to have parades in honor of the plan that day, too!)

As a CTO, I’m so immersed in technology that I’m not sure “broadband” means anything to the average American (if an “average” American exists).   Certainly most Americans are now at least aware of the Internet and use technology in their lives, even if that tech is nothing more than a cell phone or ATM.   But all you have to do is watch the security lines at any airport and see all the laptops and luggables and cell phones and DVD players and other associated smart lumps of plastic dumped on the scanner lines to know that tech is ubiquitous in most people’s lives.

A significant fraction of people know about broadband and what it means.   In Seattle, some 84% of homes have an Internet connection, 75% have something faster than dial-up and 88% have a computer at home.  Of course Seattle’s got a reputation as a city of high tech folks (an image Bill Gates, Steve Ballmer and I work hard to polish).   But even nationwide 79% of homes have an Internet connection and 63% are faster than dial-up.  The source for these stats is here.  

These are numbers are hard to fathom when one considers the web didn’t exist 20 years ago,  and most people probably thought “Internet” had something to do with basketball, volleyball, tennis or another “net-centric” sport.

Admiral Barnett heads the Homeland Security and Public Safety Bureau at the FCC.   He’s charged with making wireless spectrum available to government in general and specifically to the law enforcement, firefighting and emergency medical agencies who keep the public safe.   He spoke at the Winter Summit of Association of Public Safety Communications Officials on January 26th, and gave us a glimpse of what the National Broadband Plan will contain. 

Admiral Barnett’s remarks centered on wireless spectrum for use by first responders.  About 10 Megahertz is available nationwide for public safety, but the license for that is held by a  single nationwide organization.     Yet most police, fire and emergency medical agencies are operated by cities and counties.    Given this paradoxical situation, 17 states and cities have requested waivers from the FCC to use that spectrum in their local areas to immediately create networks for their use.  

And why is the spectrum required?   These new wireless networks hold promise that cops in police vehicles can see videos of crimes in progress as they race to crime scenes, or rapidly access building plans, images and video.  Have a peek at a  report prepared by PTI and APCO here for more uses.  

According to Admiral Barnett, those waivers may be granted later this year so we can get started building the network.  The FCC is very interested in public-private partnerships to build the networks because many jurisdictions don’t have funds to construct such networks for themselves.  Luckily, commercial cell phone carriers like Verizon and AT&T, and companies like Motorola and Alcatel-Lucent have signed on in support of this plan, and are developing new networks including  LTE (long term evolution) for not only their own networks but also for public safety use.   This means public safety agencies could use a network built and funded by taxpayers (more resilient, better priority, less costly) for most of their work, but could roam only the commercial carriers’ networks when necessary.   This is in stark contrast to today’s networks, where police/fire radios are incompatible with the cell phone networks.  The best of both worlds!

It looks like the FCC will encourage these partnerships in its plan. 

The FCC also knows that funding will be required to construct these networks.   Admiral Barnett understands funding is required not just to build the networks, but to operate them.  Besides public-private partnerships, the FCC is floating the idea of an Emergency Response Interoperability Center (ERIC) to pushing forward on a national public safety wireless network.  We’ll hear more about this on February 10^th.

Finally, Barnett said  “next generation 911” will also be recognized in the national broadband plan.   Right now, the only way to get information to a 911 center is to … well … telephone 911!    But many citizens’ cell phones have the capability to do text messages, take photos and video.   Yet 911 centers have little or no capability to accept such media, which can be critical to rapidly apprehending perpetrators and rendering aid to victims.   We higher-speed land line fiber optic networking between 911 centers and other public safety and government facilities too, and I hope that will be in the Plan.

Twenty years ago, very few people knew of the Internet or Web.   Now it is an indispensible part of most people’s lives and a vital component of our HomeCity security and public safety.  But we need more network SPEED, both wired and wireless.  The National Broadband Plan could be, with a bit of vision by the FCC, a roadmap to the future of the nation.

– UASI, Bureaucracy and Terror

Homeland InSecurity

This week I was, in turn, amused, maddened and fasincated by disaster. I had the opportunity to do both leadership and followership as officials from the “Seattle Urban Area” considered projects to submit for grant funding from the fedgov Department of Homeland Insecurity.

This whole process is a look into the little-known culture of “homeland insecurity” which has blossomed over the last 7 years.

Let me say, right at the beginning, that September 11th, 2001, was a horrific event and a real wake-up call for the United States. We’ve been taught the same lesson we learned on December 7th, 1941 – two huge oceans do not make for a nation secure from the enemies of our way of life. My somewhat humorous tone in this blog is not meant to make light of the serious threats we face.

But what is our major response? Pretty typically, we create a giant bureaucracy, slosh a lot of political rhetoric and some money around, and get prepared to fight … the last war.

The major bureaucracy is, of course, the Department of Homeland Security, or Insecurity, as I’ve named it, because it heads an industry and set of programs based upon the fear and feelings of insecurity of the American People. DHS is really a myriad of individual bureaucracies and programs, sometimes working at cross-purposes and often duplicating effort.

But I stray from the subject – the Urban Area Security Initiative (UASI), usually pronounced You-Ah-Zee. In 2009 about $1.8 billion will be granted to urban areas through a series of programs as shown here. The UASI grants are made to “urban areas”, a carefully defined (by the fedgov) set of metropolitan areas which share vulnerabilities and threats. The “Seattle Urban Area” is the City of Seattle, its surrounding King County, and the counties to the north and south. The Seattle urban area is eligible for $11 million, more or less, of that $1.8 billion pie.

Now $11 million may sound like a lot of money, and it is. But think about the Seattle Urban Area – a population of 3 million people, two major ports (Seattle and Tacoma) into which ships with nuclear bombs or bioterrorism agents or chemical weapons could sail, three major military bases (Naval Station Everett, McChord Air Force Base, Fort Lewis), and vulnerability to a potential magnitude 8.0 earthquake. We probably have 12,000 cops and firefighters (Seattle alone has 2,200), each of which needs radios and hazmat gear and training. All of a sudden, $11 million doesn’t sound like a lot, and it isn’t.

Its also a little amazing that places like Vermont and Wyoming – not exactly your typical terrorist or disaster targets – get $6 million each. But that’s the reality of politics in our 2009 world with two senators from every state and a lot of dollars to be allocated.

Each year, a group of officials from the emergency management, law enforcement, firefighting, public health and technology disciplines – the officials responsible to prepare the region for disasters and terrorist events – get together to consider projects for UASI funding. We did that this week in the Seattle Urban Area. We have a strategy to guide us but it is still a give-and-take to determine which projects are most importnat to the region.

I lead the subgroup of technical and operational staff responsible to consider and prioritize interoperable communications projects. These are the networks and systems which allow first, second and third responders to communicate with each other and with their dispatch centers to prepare for and respond to disasters large and small. They include handheld and vehicle-mounted radios, computer and telephone systems, and fiber optic networks.

Small disasters are the ones which occur every day – such as when I fell off my bicycle, shattered my arm and called 911 for help. The large ones are the fires, landslides, earthquakes, and (God forbid) terrorist events which may afflict our region.

Finding projects which prepare us for those disasters and which fit into $11 million is daunting. In the past we’ve procured fireboats and helicopters and personal protective equipment. We’ve found money for training our responders, buying radios and for public outreach and disaster preparedness campaigns. It is hard work to winnow 100 proposed projects and $40 million in needs down to a dozen or so projects with $11 million or so, but we mostly did it this week. In future blog entries I’ll talk about some of those projects – the ones I can reveal without making us more vulnerable to terrorists (and that is most of them).

In the meantime, I’m just proud of the emergency managers, fire and police officials, and technical staff I was able to spend time with this week, prioritizing projects to keep the Seattle urban area safe.

And I’m tired!