This is the accessible text file for GAO report number GAO-10-128 entitled 'Aviation Security: DHS and TSA Have Researched, Developed, and Begun Deploying Passenger Checkpoint Screening Technologies, but Continue to Face Challenges' which was released on October 29, 2009. This text file was formatted by the U.S. Government Accountability Office (GAO) to be accessible to users with visual impairments, as part of a longer term project to improve GAO products' accessibility. Every attempt has been made to maintain the structural and data integrity of the original printed product. Accessibility features, such as text descriptions of tables, consecutively numbered footnotes placed at the end of the file, and the text of agency comment letters, are provided but may not exactly duplicate the presentation or format of the printed version. The portable document format (PDF) file is an exact electronic replica of the printed version. We welcome your feedback. Please E-mail your comments regarding the contents or accessibility features of this document to Webmaster@gao.gov. This is a work of the U.S. government and is not subject to copyright protection in the United States. It may be reproduced and distributed in its entirety without further permission from GAO. Because this work may contain copyrighted images or other material, permission from the copyright holder may be necessary if you wish to reproduce this material separately. Report to Congressional Requesters: United States Government Accountability Office: GAO: October 2009: Aviation Security: DHS and TSA Have Researched, Developed, and Begun Deploying Passenger Checkpoint Screening Technologies, but Continue to Face Challenges: GAO-10-128: GAO Highlights: Highlights of GAO-10-128, a report to congressional requesters. Why GAO Did This Study: Since fiscal year 2002, the Transportation Security Administration (TSA) and the Department of Homeland Security (DHS) have invested over $795 million in technologies to screen passengers at airport checkpoints. The DHS Science and Technology Directorate (S&T) is responsible, with TSA, for researching and developing technologies, and TSA deploys them. GAO was asked to evaluate the extent to which (1) TSA used a risk-based strategy to prioritize technology investments; (2) DHS researched, developed, and deployed new technologies, and why deployment of the explosives trace portal (ETP) was halted; and (3) DHS coordinated research and development efforts with key stakeholders. To address these objectives, GAO analyzed DHS and TSA plans and documents, conducted site visits to research laboratories and nine airports, and interviewed agency officials, airport operators, and technology vendors. What GAO Found: TSA completed a strategic plan to guide research, development, and deployment of passenger checkpoint screening technologies; however, the plan is not risk-based. According to TSA officials, the strategic plan and its underlying strategy for the Passenger Screening Program were developed using risk information, such as threat information. However, the strategic plan and its underlying strategy do not reflect some of the key risk management principles set forth in DHS’s National Infrastructure Protection Plan (NIPP), such as conducting a risk assessment based on the three elements of risk—threat, vulnerability, and consequence—and developing a cost-benefit analysis and performance measures. TSA officials stated that, as of September 2009, a draft risk assessment for all of commercial aviation, the Aviation Domain Risk Assessment, was being reviewed internally. However, completion of this risk assessment has been repeatedly delayed, and TSA could not identify the extent to which it will address all three elements of risk. TSA officials also stated that they expect to develop a cost-benefit analysis and establish performance measures, but officials could not provide timeframes for their completion. Without adhering to all key risk management principles as required in the NIPP, TSA lacks assurance that its investments in screening technologies address the highest priority security needs at airport passenger checkpoints. Since TSA’s creation, 10 passenger screening technologies have been in various phases of research, development, test and evaluation, procurement, and deployment, but TSA has not deployed any of these technologies to airports nationwide. The ETP, the first new technology deployment initiated by TSA, was halted in June 2006 because of performance problems and high installation costs. Deployment has been initiated for four technologies—the ETP in January 2006, and the advanced technology systems, a cast and prosthesis scanner, and a bottled liquids scanner in 2008. TSA’s acquisition guidance and leading commercial firms recommend testing the operational effectiveness and suitability of technologies or products prior to deploying them. However, in the case of the ETP, although TSA tested earlier models, the models ultimately chosen were not operationally tested before they were deployed to ensure they demonstrated effective performance in an operational environment. Without operationally testing technologies prior to deployment, TSA does not have reasonable assurance that technologies will perform as intended. DHS coordinated with stakeholders to research, develop, and deploy checkpoint screening technologies, but coordination challenges remain. Through several mechanisms, DHS is taking steps to strengthen coordination within the department and with airport operators and technology vendors. What GAO Recommends: GAO recommends, among other things, that TSA (1) conduct a risk assessment and develop a cost–benefit analysis and performance measures for passenger screening technologies, and (2) to the extent feasible, ensure that technologies have completed operational tests and evaluations before they are deployed. DHS concurred with the recommendations; however, its implementation plans do not fully address six of the eight recommendations in the report. View [hyperlink, http://www.gao.gov/products/GAO-10-128] or key components. For more information, contact Steve Lord at (202) 512-8777 or lords@gao.gov. [End of section] Contents: Letter: Results in Brief: Background: TSA Has Taken Actions to Prioritize Investments in Passenger Checkpoint Screening Technologies, but Lacks a Risk-Based Strategy: Ten New Checkpoint Screening Technologies Are in Various Phases of RDT&E, Procurement, and Deployment, but ETP Deployment Has Been Halted: DHS Is Addressing Coordination and Collaboration Challenges with Stakeholders to Research, Develop, and Deploy Checkpoint Screening Technologies: Conclusions: Recommendations for Executive Action: Agency Comments and Our Evaluation: Appendix I: Objectives, Scope, and Methodology: Appendix II: Comments from the Department of Homeland Security: Appendix III: GAO Contact and Staff Acknowledgments: Figures: Figure 1: TSA Passenger Checkpoint Screening Functions: Figure 2: NIPP Risk Management Framework: Figure 3: Status of Six Checkpoint Screening Technologies that Had Initiated Procurement and/or Deployment as of September 2008: Abbreviations: ADRA: Aviation Domain Risk Assessment: AMS: Acquisition Management System: ATSA: Aviation and Transportation Security Act: DHS: Department of Homeland Security: ETP: explosives trace portal: FAA: Federal Aviation Administration: IED: improvised explosive device: IPT: Integrated Product Team: MOU: memorandum of understanding: NIPP: National Infrastructure Protection Plan: PSP: Passenger Screening Program: RDT&E: research, development, test and evaluation: RMAT: Risk Management and Analysis Toolset: S&T: Science and Technology Directorate: TSA: Transportation Security Administration: TSL: Transportation Security Laboratory: TSO: Transportation Security Officer: [End of section] United States Government Accountability Office: Washington, DC 20548: October 7, 2009: The Honorable James L. Oberstar: Chairman: Committee on Transportation and Infrastructure: House of Representatives: The Honorable Bennie G. Thompson: Chairman: Committee on Homeland Security: House of Representatives: The Honorable Jerry F. Costello: Chairman: Subcommittee on Aviation: Committee on Transportation and Infrastructure: House of Representatives: Commercial aircraft have long been a target of terrorism at the hands of hijackers and suicide bombers. The Transportation Security Administration (TSA), the agency with primary responsibility for securing the nation's civil aviation system after the September 11, 2001, terrorist attacks, has identified the need for improved technology to detect explosives and other threat items at airport passenger screening checkpoints to strengthen the nation's defenses against acts of terrorism. From fiscal years 2002 through 2008, over $795 million has been invested by TSA and the Department of Homeland Security (DHS) for the research, development, test and evaluation (RDT&E), procurement, and deployment of checkpoint screening technologies. TSA has implemented a multilayered system of security to protect commercial aviation--the most publicly visible layer being the physical screening of passengers and their carry-on items at airport screening checkpoints. TSA's passenger checkpoint screening system--located at all airports regulated by TSA--is comprised of three elements: (1) the personnel, or screeners, responsible for conducting the screening of airline passengers and their carry-on items; (2) the procedures screeners are to follow to conduct screening; and (3) the technology used during the screening process. Collectively, these elements--the people, process and technology--help to determine the effectiveness and efficiency of passenger checkpoint screening.[Footnote 1] We previously reported that TSA had made efforts to enhance its passenger checkpoint screening system by strengthening screener training, measuring the performance of screeners and the screening system, and modifying screening procedures to address terrorist threats.[Footnote 2] Within DHS, the Science and Technology Directorate (S&T) and TSA have responsibilities for researching, developing, and testing and evaluating new technologies, including airport checkpoint screening technologies. Specifically, S&T is responsible for the basic and applied research and advanced development of new technologies, while TSA, through its Passenger Screening Program (PSP), identifies the need for new checkpoint screening technologies, provides input to S&T during the research and development of new technologies, which TSA then procures and deploys.[Footnote 3] In 2004, we reviewed DHS's investments in the research and development of technologies to secure the transportation sector, including aviation, and found that DHS needed to strengthen the management of its research and development efforts.[Footnote 4] In October 2007, we testified that a key challenge related to securing the homeland involves allocating resources based on risk.[Footnote 5] DHS and TSA leadership have identified that risk-informed considerations will be a cornerstone of departmental and agency policy. In particular, DHS's National Infrastructure Protection Plan (NIPP) stated that TSA should be considering risk management principles when allocating funding for the research and development of security technologies. According to the NIPP, security strategies should be informed by, among other things, a risk assessment that includes threat, vulnerability, and consequence assessments, information such as cost-benefit analyses to prioritize investments, and performance measures to assess the extent to which a strategy reduces or mitigates the risk of terrorist attacks. In response to your request, this report provides the results of our review of DHS's efforts, through S&T and TSA, to research, develop, and deploy emerging screening technologies for use at airport passenger checkpoints by addressing the following questions: (1) To what extent has TSA developed a risk-informed strategy to prioritize investments in the research and development of passenger checkpoint screening technologies; (2) What new passenger checkpoint screening technologies has DHS researched, developed, tested and evaluated, procured, and deployed since its creation, and why did TSA halt the first technology deployment that it initiated--the explosives trace portal (ETP); and (3) To what extent has DHS coordinated the RDT&E, procurement, and deployment of passenger checkpoint screening technologies internally and with key stakeholders, such as airport operators and technology vendors? This report is a public version of a restricted report (GAO-09-21SU) that we provided to you earlier this year. In this report in three cases we provide updates regarding the Aviation Domain Risk Assessment (ADRA), the NIPP, and the number of ETPs in airports.[Footnote 6] DHS and TSA deemed some of the information in the restricted report to be sensitive security information, which must be protected from public disclosure. Although this report omits that information, such as specific details associated with the methods and results of testing during the research and development of the ETPs, it addresses the same questions as the restricted report. Also, the overall methodology used for both reports is the same. To determine the extent to which TSA developed a risk-informed strategy to prioritize investments in the research and development of new checkpoint technologies, we analyzed program documents, including TSA's August 2008 strategic plan for checkpoint technologies, technology project plans, and budget documents. We also compared TSA's strategic plan and DHS's responses regarding their efforts to develop a risk- informed strategy for their research and development investments with DHS's guidance on using risk management principles to prioritize investments and allocate resources. To determine what new passenger checkpoint screening technologies DHS has researched, developed, tested and evaluated, procured, and deployed, and the reasons why TSA halted the first technology for which it initiated deployment--the ETP, we analyzed TSA's strategic plan, TSA's PSP documentation, technical and operational requirements for new technologies, laboratory test reports, and testing data from operational pilots. Additionally, we interviewed TSA and S&T officials to obtain information on current technologies being researched, developed, and deployed, and conducted site visits to the Transportation Security Laboratory (TSL) and Tyndall Air Force Base to observe testing of new checkpoint technologies. We visited the TSL because that is where S&T tests and evaluates transportation technologies, including checkpoint screening technologies. We visited Tyndall Air Force Base because technologies to detect bottled liquids explosives were being tested there. We also interviewed TSA headquarters officials and senior TSA officials from the airports where TSA had initially deployed or planned to deploy the ETPs, including 29 Federal Security Directors, 1 Deputy Federal Security Director, and 5 Assistant Federal Security Directors for Screening.[Footnote 7] We chose these officials because they are the senior TSA officials in charge of security and managing TSA's role in deploying new technologies at the airport. We also visited nine airports and selected these locations based on the technologies that had been deployed or were being tested on site, their geography, size, and proximity to research and development laboratories. Of the nine airports we visited, the ETPs had been deployed or were to be deployed to all of them and other new checkpoint screening technologies were undergoing pilot demonstrations or testing at two of them. We visited four airports on the east coast, three airports on the west coast, and two airports located in the west and southwestern regions of the United States. We selected these locations because they represented small-, medium-, and large-sized airports and different regions in the United States. To determine the extent to which TSA coordinated and collaborated internally and with key external stakeholders--airport operators and technology vendors--on the RDT&E, procurement, and deployment of checkpoint technologies, we analyzed program documents, including a memorandum of understanding (MOU) between S&T and TSA. Additionally, we interviewed S&T and TSA officials, seven checkpoint technology vendors, and airport operators[Footnote 8] and other officials at 40 airports where ETPs had initially been or were to be deployed. Because we selected a nonprobability sample of airports to visit and officials to interview there, we cannot generalize the results of what we learned to airports nationwide. However, the information we gathered from these locations--insights based on observing airport operations and on perspectives of officials who were involved with DHS's efforts to operationally test, evaluate, and deploy checkpoint technologies-- could only be obtained through direct observation or from officials stationed at these select sites where technologies were being deployed and tested. We also selected a nonprobability sample of 8 out of the 157 total requirements for the ETP to determine whether some of its key requirements had been tested prior to procuring and deploying the machines.[Footnote 9] In addition, we reviewed S&T's and TSA's coordination and collaboration activities and compared them to TSA program guidance and leading practices for collaborating agencies regarding communication, planning, and federal coordination internally and with external stakeholders.[Footnote 10] Appendix I contains additional information on the objectives, scope, and methodology of our review. We conducted this performance audit from June 2006 through April 2009, with some updated information as of September 2009 as previously disclosed, in accordance with generally accepted government auditing standards. Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objectives. We believe that the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objectives. Results in Brief: TSA completed a strategic plan in August 2008, which identified a strategy to invest in the RDT&E, procurement, and deployment of passenger checkpoint screening technologies; however, the plan and its underlying strategy are not risk informed. TSA's strategy does not incorporate some key risk management principles--a risk assessment, cost-benefit analysis, and performance measures--as required by the NIPP. To guide investments in checkpoint screening technologies, TSA officials stated that they consider risks to the checkpoint by analyzing threat information and other factors. However, this approach does not address all three risk elements required by the NIPP, which specifies that risk assessments are to be based on threat, vulnerability, and consequence assessments. Officials stated that they have drafted the Aviation Domain Risk Assessment (ADRA), a risk assessment of the entire aviation sector, including the passenger checkpoint, which is to include an assessment of all three risk elements. TSA officials anticipated finalizing the ADRA in February 2008, but have postponed its completion multiple times. As of September 2009, officials expected completion of the ADRA by the end of calendar year 2009, but could not identify the extent to which the ADRA would address risks to the checkpoint. Therefore, we could not determine when the ADRA will be completed, to what extent it will incorporate all three elements of a risk assessment, and whether it will identify and assess risks to the checkpoint. In addition, TSA officials stated that they have not yet conducted a cost-benefit analysis to set priorities for the PSP, or established performance measures that assess how deployed technologies have reduced or mitigated risk, as required by the NIPP. Officials acknowledged that a cost-benefit analysis and performance measures should be completed; however, they could not provide timeframes for completing them. Without incorporating these DHS risk management principles into the PSP strategy, TSA cannot ensure that it is targeting the highest priority security needs at checkpoints; measure the extent to which deployed technologies reduce the risk of terrorist attacks; or make needed adjustments to its PSP strategy. S&T and TSA have placed 10 new checkpoint screening technologies in various phases of RDT&E, procurement, and deployment, but halted the deployment of the ETP due to performance problems and high installation costs. TSA has initiated, but not yet completed, deployments of 4 of the 10 technologies; initiated procurements, but not yet deployed, 2 more technologies, including the Whole Body Imager; and has 4 additional technologies, including a shoe scanner, in research and development. In 2006, TSA deployed 101 ETPs to airports, the first deployment of a checkpoint technology initiated by the agency.[Footnote 11] The ETP was deployed even though TSA officials were aware that tests conducted during 2004 and 2005 on earlier ETP models suggested they did not demonstrate reliable performance in an airport environment. Furthermore, the ETP models that were subsequently deployed were not first tested to prove their effective performance in an operational environment, contrary to TSA's acquisition guidance, which recommends such testing. As a result, TSA lacked assurance that the ETP would meet its functional requirements in airports. TSA officials stated that they deployed the machines without resolving these issues to respond quickly to the threat of suicide bombers. After being deployed, the ETPs broke down frequently and were more expensive to maintain than expected, according to TSA officials. TSA continued to use them at checkpoint lanes even though TSA could not identify whether ETPs were more effective than existing screening procedures. In the future, using validated technologies would enhance TSA's efforts to improve checkpoint security. DHS S&T and TSA share responsibilities related to the RDT&E, procurement, and deployment of checkpoint screening technologies, and have coordinated and collaborated with each other and key external stakeholders; however, coordination and collaboration challenges remain that DHS is addressing. The Homeland Security Act of 2002 and the Aviation and Transportation Security Act, which established DHS and TSA, respectively, each address the need for coordination and collaboration with stakeholders. S&T and TSA coordination efforts include a 2006 memorandum of understanding for using the TSL, and the establishment of the Capstone Integrated Product Team for Explosives Prevention in 2006 to help DHS, TSA, and the U.S. Secret Service to, among other things, identify priorities for explosives prevention. However, S&T and TSA officials stated that some technology projects were delayed because TSA had not consistently communicated clear requirements to S&T to test technologies, and S&T had not consistently communicated to TSA about projects at the TSL or the time frames to complete them. According to S&T and TSA officials, coordination and collaboration between them has improved since the summer of 2007. TSA has also taken steps to build partnerships with airport operators and technology vendors, such as by hosting conferences with them; however, the agency has not established a systematic process for coordinating with these stakeholders related to passenger checkpoint technologies. For example, 11 of 33 airport operators[Footnote 12] and 4 of 7 vendors we interviewed told us that TSA had not solicited or shared information with them regarding checkpoint technology needs and priorities. TSA officials acknowledged the need to improve relationships with external stakeholders. According to TSA officials, an Industry Outreach Manager was hired in 2007 and a draft communications plan to provide guidance and a more systematic process to coordinate with these stakeholders is being reviewed, but no completion date could be provided. To help ensure that DHS's S&T and TSA take a comprehensive, risk- informed approach to the RDT&E, procurement, and deployment of passenger checkpoint screening technologies, and to increase the likelihood of successful procurements and deployments of such technologies, in the restricted version of this report, we recommended that TSA conduct a complete risk assessment, including threat, vulnerability and consequence assessments, that would apply to the PSP; develop cost-benefit analyses to assist in prioritizing investments in new checkpoint technologies; develop quantifiable performance measures to assess the extent to which investments in research and development have mitigated the risks of a terrorist attack; determine if changes need to be made to the PSP strategy as a result of the risk assessment, cost-benefit analyses, and performance measures; to the extent feasible, ensure that operational testing has been successfully completed before deploying checkpoint technologies to airports; and evaluate the benefits and costs of the ETPs currently being used in airports in order to determine whether it is cost effective to continue to use the machines. In written comments on our report, DHS stated that it agreed with our recommendations and identified actions planned or underway to implement them. While DHS is taking steps to address our first and second recommendations related to conducting a risk assessment and cost-benefit analysis, the actions DHS reported TSA had taken or plans to take do not fully address the intent of the remaining recommendations. DHS also provided us with technical comments, which we considered and incorporated in the report where appropriate. In particular, we clarified the wording of a recommendation which originally stated that TSA should develop quantifiable performance measures to assess the extent to which investments in checkpoint screening technologies mitigated the risks of a terrorist attack. We altered the wording to state that performance measures should be developed to assess progress towards security goals. Background: TSA's airport passenger checkpoint screening system is comprised of three elements: the (1) personnel, or screeners, responsible for operating the checkpoint, including the screening of airline passengers and their carry-on items; (2) standard operating procedures that screeners are to follow to conduct screening; and (3) technology used during the screening process. Collectively, these elements determine the effectiveness and efficiency of passenger checkpoint screening. In strengthening one or more elements of its checkpoint screening system, TSA aims to balance its security goals with the need to efficiently process passengers. We previously reported that TSA had made progress in enhancing its passenger checkpoint screening system by strengthening screener training, measuring the performance of screeners and the screening system, and modifying screening procedures to address terrorist threats and efficiency concerns.[Footnote 13] We made recommendations to DHS designed to strengthen TSA's efforts to train screeners, modify screening standard operating procedures, and measure the performance of the checkpoint screening system. DHS generally agreed with our recommendations and TSA has taken steps to implement them. Passenger Checkpoint Screening Process: Passenger screening is a process by which screeners inspect individuals and their property to deter and prevent an act of violence or air piracy, such as the carriage of any unauthorized explosive, incendiary, weapon, or other prohibited item onboard an aircraft or into a sterile area.[Footnote 14] Screeners inspect individuals for prohibited items at designated screening locations. TSA developed standard operating procedures and the process for screening passengers at airport checkpoints. Figure 1 illustrates the screening functions at a typical passenger checkpoint. Figure 1: TSA Passenger Checkpoint Screening Functions: [Refer to PDF for image: illustration] The following are indicated on the illustration: Video surveillance: Physical barriers (walls/partitions): Walk-though metal detector (passenger screening function): X-ray screening (passenger screening function): Manual or ETD searches[A] (passenger screening function); Only if passenger is identified or randomly selected for additional screening or if screener identifies a potential prohibited item on X-ray: Hand-wand or pat-down (passenger screening function); Only if passenger is identified or randomly selected for additional screening because he or she met certain criteria or alarmed the walk-through metal detector. Source: GAO and Nova Development Corporation. [A] Explosives trace detection (ETD) machines detect small amounts of explosives on or in passenger's carry-on items. ETDs work by detecting vapors and residues of explosives. Human operators collect samples by rubbing bags with swabs, which are chemically analyzed to identify any traces of explosives material. [End of figure] Primary screening is conducted on all airline passengers prior to entering the sterile area of an airport and involves passengers walking through a metal detector and carry-on items being subjected to X-ray screening. Passengers who alarm the walk-through metal detector or are designated as selectees--that is, passengers selected for additional screening--must then undergo secondary screening,[Footnote 15] as well as passengers whose carry-on items have been identified by the X-ray machine as potentially containing a prohibited item. Secondary screening involves additional means for screening passengers, such as by hand-wand, physical pat-down or, at certain airport locations, an ETP, which is used to detect traces of explosives on passengers by using puffs of air to dislodge particles from their body and clothing into an analyzer. Selectees' carry-on items are also physically searched or screened for explosives traces by Explosives Trace Detection (ETD) machines.[Footnote 16] In addition, DHS S&T and TSA have deployed and are pursuing additional technologies to provide improved imaging or anomaly detection capacities to better identify explosives and other threat objects. Roles and Responsibilities for the RDT&E, Procurement, and Deployment of Checkpoint Screening Technologies: DHS and TSA share responsibility for the screening of passengers and the research, development, and deployment of passenger checkpoint screening technologies. Enacted in November 2001, the Aviation and Transportation Security Act (ATSA) created TSA and charged it with the responsibility of securing civil aviation, which includes the screening of all passengers and their baggage.[Footnote 17] ATSA also authorized funding to accelerate the RDT&E of new checkpoint screening technologies. The Homeland Security Act of 2002, enacted in November 2002, established DHS, transferred TSA from the Department of Transportation to DHS and, within DHS, established S&T to have primary responsibility for DHS's RDT&E activities, and for coordinating and integrating all these activities.[Footnote 18] The Intelligence Reform and Terrorism Prevention Act of 2004 (Intelligence Reform Act), enacted in December 2004, directed the Secretary of Homeland Security to give high priority to developing, testing, improving, and deploying checkpoint screening equipment that detects nonmetallic, chemical, biological, and radiological weapons and explosives, in all forms, on individuals and in their personal property.[Footnote 19] Until fiscal year 2006, TSA had primary responsibility for investing in the research and development of new checkpoint screening technologies, and was responsible for developmental and operational test and evaluation of new technologies.[Footnote 20] However, during fiscal year 2006, research and development functions within DHS were consolidated, for the most part, within S&T.[Footnote 21] After this consolidation, S&T assumed primary responsibility for funding the research, development, and developmental test and evaluation of airport checkpoint screening technologies. S&T also assumed responsibility from TSA for the Transportation Security Laboratory (TSL) which, among other things, tests and evaluates technologies under development. TSA, through the PSP that was transferred from the Federal Aviation Administration (FAA) to TSA, continues to be responsible for identifying the requirements for new checkpoint technologies; operationally testing and evaluating technologies in airports; and procuring, deploying, and maintaining technologies. This transfer of responsibility from TSA to S&T did not limit TSA's authority to acquire commercially available technologies for use at the checkpoint. DHS and TSA's Processes for the RDT&E, Procurement, and Deployment of Checkpoint Screening Technologies: S&T and TSA's RDT&E, procurement, and deployment efforts are made up of seven components: basic research, applied research, advanced development, operational testing, procurement, operational integration, and deployment. S&T is responsible for conducting basic and applied research, and advanced development, including developmental test and evaluation. TSA is responsible for conducting operational test and evaluation, operational integration, procurement and deployment of new technologies, including checkpoint screening technologies. These seven components are described below. * Basic research includes scientific efforts and experimentation directed toward increasing knowledge and understanding in the fields of physical, engineering, environmental, social, and life sciences related to long-term national needs. * Applied research includes efforts directed toward solving specific problems with a view toward developing and evaluating the feasibility of proposed solutions. * Advanced development includes efforts directed toward projects that have moved into the development of hardware and software for field experiments and tests, such as acceptance testing.[Footnote 22] * Operational test and evaluation verifies that new systems are operationally effective, supportable, and suitable before deployment. * Operational integration is the process employed to enable successful transition of viable technologies and systems to the field environment. * Procurement includes the efforts to obtain a product or service. [Footnote 23] * Deployment is a series of actions following the determination that the product meets its requirements and is accepted by the program manager and integrated product team; designated locations are configured for product integration into the screening operating system and the installed product passes site acceptance tests; and logistics support is in place and all users are trained to use the product. RDT&E, Procurement, and Deployment Funding for Checkpoint Screening Technologies: Over $795 million has been invested by DHS and TSA during fiscal years 2002 through 2008 for the RDT&E, procurement, and deployment of checkpoint screening technologies. During this time, over $91 million was invested in the RDT&E of checkpoint technologies and about $704 million was invested in the procurement and deployment of these technologies. From fiscal years 2002 through 2005, TSA was responsible for the RDT&E of checkpoint technologies; however, TSA officials could not identify the amount of funding the agency invested for these purposes during those years. After fiscal year 2005, TSA invested $14.5 million for test and evaluation of checkpoint technologies, but did not fund the research and development of these technologies because responsibility in general for research and development funding was transferred from TSA to S&T beginning in fiscal year 2006. Therefore, during fiscal years 2006 through 2008, S&T invested $77.0 million in the RDT&E of checkpoint screening technologies. All of the approximately $704 million for the procurement and deployment of checkpoint screening technologies from fiscal years 2002 through 2008 was invested by TSA because the agency has been responsible for procurement and deployment of these technologies since it was created. Applying a Risk Management Approach to Checkpoint Technology Investments: Risk management is a tool that policy makers can use to help ensure that strategies to develop protective programs and allocate resources target the highest priority security needs. This information helps officials determine which security programs are most important to develop and fund, given that it is not possible to protect the country against all threats because of limited resources. Law and related policy, including the Intelligence Reform Act, the Implementing Recommendations of the 9/11 Commission Act of 2007 (9/11 Commission Act), and Homeland Security Presidential Directive 7, provide that federal agencies with homeland security responsibilities are to apply risk-informed principles to prioritize security needs and allocate resources. Consistent with these provisions, DHS issued the National Strategy for Transportation Security in 2005 that, among other things, describes the policies that DHS is to apply when managing risks to the security of the U.S. transportation system. Further, in June 2006, DHS issued the NIPP, which provides a risk management framework to guide strategies to develop homeland security programs and allocate resources to them.[Footnote 24] According to the NIPP, its risk management framework consists of six phases that help to identify and assess risks and prioritize investments in programs, as illustrated in figure 2. The NIPP designated TSA as the primary federal agency responsible for coordinating critical infrastructure protection efforts within the transportation sector. Figure 2: NIPP Risk Management Framework: [Refer to PDF for image: illustration] Set Security Goals: Identify Assets, Systems, Networks, and Functions: Assess Risks: Prioritize: Implement Protective Programs: Measure Effectiveness. Source: DHS. [End of figure] A risk-informed strategy to develop and invest in critical infrastructure protection, according to the NIPP, begins with setting security goals. Setting security goals involves defining specific outcomes, conditions, end points, or performance targets that collectively constitute an effective protective posture. Once security goals are established, decisionmakers are to identify what assets or systems to protect and identify and assess the greatest risks to them, that is, the type of terrorist attack that is most likely to occur and that would result in the most severe consequences. Risk of a terrorist attack, according to the NIPP, is to be assessed by analyzing consequences of an attack; the threat--that is, the likelihood of an attack; and the extent to which an asset or a system, in this case the transportation system, is vulnerable to this type of attack.[Footnote 25] The potential consequences of any incident, including terrorist attacks and natural or manmade disasters, is the first factor to be considered in a risk assessment. In the context of the NIPP, consequence is measured as the range of loss or damage that can be expected in the event a terrorist attack succeeds. A consequence assessment looks at the expected worst case or reasonable worst case impact of a successful attack. A threat assessment is the identification and evaluation of adverse events that can harm or damage an asset and takes into account certain factors, such as whether the intent and capability to carry out the attack exist. A vulnerability assessment identifies weaknesses or characteristics of an asset or system, such as its design and location, which make it susceptible to a terrorist attack and that may be exploited. This analysis should also take into consideration factors such as protective measures that are in place which may reduce the risk of an attack and the system's resiliency, that is, ability to recover from an attack. Once the three components of risk--threat, vulnerability, and consequence--have been assessed for a given asset or system, they are used to provide an estimate of the expected loss considering the likelihood of an attack or other incident. According to the NIPP, calculating a numerical risk score using comparable, credible methodologies provides a systematic and comparable estimate of risk that can help inform national and sector-level risk management decisions. To be considered credible, the NIPP states that a methodology must have a sound basis; be complete; be based on assumptions and produce results that are defensible; and specifically address the three variables of the risk calculus: threat, vulnerability, and consequence. The methodology should also be comparable with other methodologies to support a comparative sector or national risk assessment. To be comparable, a methodology must be documented, transparent, reproducible, accurate, and provide clear and sufficient documentation of the analysis process and the products that result from its use. The next steps in the DHS risk management framework involve establishing priorities for program development based on risk assessments; implementing these protective programs; and measuring their effectiveness by developing and using performance measures. Identifying and assessing risks helps decisionmakers to identify those assets or systems that are exposed to the greatest risk of attack and, based on this information, prioritize the development and funding of protective programs that provide the greatest mitigation of risk given available resources. The NIPP notes that because resources are limited, risk analysis must be completed before sound priorities can be established. To determine which protective measures provide the greatest mitigation of risk for the resources that are available, the NIPP directs policy makers to evaluate how different options reduce or mitigate threat, vulnerability, or consequence of a terrorist attack. To do so, the NIPP states that cost estimates are combined with risk- mitigation estimates in a cost-benefit analysis to choose between the different options. The last step in the NIPP, measuring the effectiveness of security programs by developing and using performance measures, provides feedback to DHS on its efforts to attain its security goals. Performance metrics are to be developed and used to affirm that specific goals and objectives are being met or to articulate gaps in the national effort or supporting sector efforts. Performance measures enable the identification of corrective actions and provide decisionmakers with a feedback mechanism to help them make appropriate adjustments in their strategies for protecting critical infrastructure. TSA Has Taken Actions to Prioritize Investments in Passenger Checkpoint Screening Technologies, but Lacks a Risk-Based Strategy: While TSA completed a strategic plan for the PSP in August 2008 that identifies a strategy for researching, developing, and deploying checkpoint screening technologies, the plan and the strategy were not developed based upon all of the key risk management principles outlined in DHS's NIPP. For instance, TSA has not conducted a complete risk assessment for the PSP, conducted a cost-benefit analysis to prioritize investments, or developed performance measures to assess the extent to which the risk of attack has been reduced or mitigated by investments in technologies. While the agency is currently reviewing a draft of the Aviation Domain Risk Assessment (ADRA), as of September 2009, the ADRA had not been finalized. Officials expect it to be finalized by the end of calendar year 2009. TSA officials could not provide an expected completion date. Therefore, we could not determine when TSA will complete it or to what extent it will be consistent with DHS's risk management framework. TSA officials acknowledged the importance of a cost-benefit analysis and performance measures to guide technology investments, and stated that they intend to develop them, but could not identify when they would be completed. Until TSA completes these activities, the agency lacks assurances that the PSP strategy addresses the highest priority needs and mitigates the risk of an attack. Further, TSA lacks information to adjust its strategy, if needed. TSA Completed a Strategic Plan for the PSP that Identifies Goals and Objectives: TSA completed a strategic plan in August 2008 that identifies a strategy and establishes goals and objectives for the PSP, and submitted the plan to congressional committees in September 2008. [Footnote 26] However, TSA officials stated that the NIPP was not used as guidance in developing the plan. Instead, the officials stated that the specific requirements for a strategic plan, as outlined in the Intelligence Reform Act and 9/11 Commission Act, were used as guidance to construct the plan. The strategic plan identifies three broad trends that have been observed in the types of threats that TSA faces. First, interest in catastrophic destruction of aircraft and facilities has increased, in contrast to hijacking and hostage-taking that characterized the majority of earlier attacks. Second, the range of encountered weapons has expanded, many not previously recognized as threats, nor detected by the technologies that were deployed. Third, terrorists have attacked "soft" airport targets, including airport lobbies, in other countries. To address these challenges, TSA's strategic plan identifies that the agency's strategy is to utilize intelligence; partner with law enforcement, industry partners, and the public; and implement security measures that are flexible, widely deployable, mobile, and layered to address the nation's complex open transportation network. According to the plan, TSA is in the process of implementing and evaluating a fundamental shift in strategy for the security checkpoint that encompasses the critical elements of people, process, and technology. In addition, the plan states that implementing a new security approach called Checkpoint Evolution,[Footnote 27] which started in the spring 2008, will bring the most significant changes that have occurred in passenger screening since the airport security checkpoint was first established in the 1970s. TSA's strategic plan identifies that the key component of TSA's strategy related to security checkpoints is to improve security effectiveness and resource utilization at the checkpoints. Also, the PSP manager stated that a goal of the PSP strategy is to achieve full operating capability by the dates discussed for each checkpoint screening technology listed in the strategic plan. To meet these goals, the PSP strategic plan identifies three strategic objectives: (1) improve explosive detection capability, (2) improve the behavior detection capability of Transportation Security Officers (TSO), and (3) extend the layers of security throughout the passenger journey. The first objective, improving explosive detection capability, involves combining new technology with procedures that emphasize an element of unpredictability to improve explosive detection capability and prevent would-be attackers from knowing the TSA security process. The second objective, improving the behavior detection capability of TSOs, involves shaping the checkpoint environment to better support and enhance behavior detection capabilities by enabling TSOs to engage a larger number of passengers more frequently throughout the checkpoint queue using informal interviews and SPOT; improving the observation conditions for TSOs trained in SPOT by enhancing the contrast between passengers exhibiting signs of travel stress and those intending to do harm to other passengers, aircraft, or the airport; and providing communications tools for enhanced coordination between TSOs trained in SPOT. The third objective, extending the layers of security throughout the passenger journey, involves enabling additional layers of non- intrusive security beyond the checkpoint and into public spaces; increasing the interaction between TSOs and passengers to provide more opportunities to identify irregular behaviors far ahead of the potential threat reaching the checkpoint; and partnering with airlines, airports, and the private sector to reduce vulnerabilities in soft target areas. TSA had been directed on multiple occasions to provide strategic plans for explosives detection checkpoint technologies to congressional committees. The Intelligence Reform Act mandated that TSA provide a strategic plan that included, at a minimum, a description of the current efforts to detect explosives on individuals and in their personal property; operational applications of explosive detection equipment at airport checkpoints; quantities of equipment needed to implement the plan and a deployment schedule; funding needed to implement the plan; measures taken and anticipated to be taken to provide explosives detection screening for all passengers identified for additional screening; and recommended legislative actions, if any. [Footnote 28] The Intelligence Reform Act mandated that such a strategic plan be submitted to congressional committees during the second quarter of fiscal year 2005. According to TSA officials, a strategic plan was developed and delivered to congressional committees on August 9, 2005, in satisfaction of the statutory mandate. However, the 9/11 Commission Act, enacted August 3, 2007, reiterated a requirement for a strategic plan that TSA was mandated to submit in accordance with the Intelligence Reform Act. Specifically, the 9/11 Commission Act required that the Secretary of Homeland Security issue a strategic plan addressing its checkpoint technology program not later than 30 days after enactment of the 9/11 Commission Act (that is, by September 3, 2007) and required implementation of the plan to begin within 1 year of the act's enactment.[Footnote 29] In response to the 9/11 Commission Act, TSA provided to Congress the Aviation Security Report: Development of a Passenger Checkpoint Strategic Plan, September 2007.[Footnote 30] Finally, Division E of the Consolidated Appropriations Act, 2008, enacted on December 26, 2007, required that the Secretary of Homeland Security submit a strategic plan for checkpoint technologies no later than 60 days after enactment of the Act (that is, by February 25, 2008), and further restricted the use of $10,000,000 appropriated to TSA for Transportation Security Support until the Secretary submitted the plan to the Committees on Appropriations of the Senate and House of Representatives.[Footnote 31] As a result of the mandate for a strategic plan and the funding restriction in the 2008 Consolidated Appropriations Act, TSA officials told us that they interpreted this legislative language to mean that congressional committees considered TSA's aviation security report in September 2007 to be incomplete and insufficient. After approximately 12 months had elapsed since a strategic plan had been mandated in the 9/11 Commission Act, in August 2008 TSA completed its revised strategic plan and delivered it to the committees in September 2008, which TSA officials stated meets the mandate for a strategic plan in the 9/11 Commission Act, as well as the mandate for a strategic plan in the appropriations act. As previously discussed, the Intelligence Reform Act included requirements for a deployment schedule, and descriptions of the quantities of equipment and funding needed to implement the plan. [Footnote 32] However, our analysis of TSA's August 2008 strategic plan indicates that the strategic plan could include more complete information about these requirements. For example, although TSA provided some deployment information for each emerging checkpoint technology listed in the strategic plan--such as the total quantity to be deployed, expected full operating capability date, and types or categories of airports where the equipment is to be deployed--it does not include a year-by-year schedule showing the number of units for each emerging technology that is expected to be deployed to each specific airport. Regarding information on the funding needed to implement the strategic plan, it includes a funding profile for each fiscal year from 2007 through 2009. However, a number of the emerging technologies are not expected to reach full operating capability until fiscal year 2014. TSA officials stated that they have derived notional (that is, unofficial) quantities to be deployed on an annual basis for each technology through its respective full operating capability date, but the officials stated that the funding profile in the strategic plan does not reflect the funding needed for these future quantities because the funding that will be appropriated for them after fiscal year 2009 is unknown. According to the officials, to implement the strategic plan in the years beyond fiscal year 2009, the agency intends to use a year- by-year approach whereby the quantities to be deployed in a particular year, and the funding needed for that year, would not be officially identified prior to the budget request for that year. TSA officials stated that they used risk to inform the August 2008 strategic plan and the PSP strategy identified in it. Although TSA may have considered that risk to some degree, our analysis does not confirm that these efforts meet the risk-based framework outlined in the NIPP. Specifically, TSA has not conducted a risk assessment or cost-benefit analyses, or established quantifiable performance measures. As a result, TSA does not have assurance that its efforts are focused on the highest priority security needs, as discussed below. TSA Has Not Conducted a Risk Assessment to Inform Its PSP Strategy, but Is Finalizing an Assessment and Developing Information that May Help Guide PSP Efforts: TSA has not conducted a risk assessment that includes an assessment of threat, vulnerability, and consequence, which would address passenger checkpoint screening; consequently, the PSP strategy has not been informed by such a risk assessment as required by the NIPP. Agency officials stated that they prepared and are currently reviewing a draft of a risk assessment of the aviation domain, known as the ADRA, which is expected to address checkpoint security and officials expect it to be finalized by the end of calendar year 2009; however, its completion has been delayed multiple times since February 2008. Therefore, it is not clear when this assessment will be completed. The ADRA, when completed, is to provide a scenario-based risk assessment for the aviation system that may augment the information TSA uses to prioritize investments in security measures, including the PSP. However, officials could not provide details regarding the extent to which the ADRA would assess threat, vulnerability, and consequence related to the passenger checkpoint. In 2004, we recommended that the Secretary of Homeland Security and the Assistant Secretary for TSA complete risk assessments-- including a consideration of threat, vulnerability, and consequence-- for all modes of transportation, and use the results of these assessments to help select and prioritize research and development projects.[Footnote 33] TSA and DHS concurred with the recommendation, but have not completed these risk assessments. Because TSA has not issued the ADRA or provided details regarding what it will entail, and because it is uncertain when the ADRA will be completed, it is not clear whether the ADRA will provide the risk information needed to support the PSP and TSA's checkpoint technology strategy. In the meantime, TSA has continued to invest in checkpoint technologies without the benefit of the risk assessment information outlined in the NIPP. Consequently, TSA increases the possibility that its investments will not address the highest priority security needs. Although TSA has not completed a risk assessment to guide its PSP, officials stated that they identify and assess risks associated with the passenger screening checkpoint by relying on threat information, vulnerability information from Threat Image Projection (TIP) scores, limitations of screening equipment identified during laboratory testing, covert tests, and expert judgment to guide its investment strategy in the PSP.[Footnote 34] Specifically, TSA's Office of Intelligence produces civil aviation threat assessments on an annual basis, among other intelligence products. These assessments provide information on individuals who could carry out attacks, tactics they might use, and potential targets. TSA's most recent aviation threat assessment, dated December 2008, identifies that terrorists worldwide continue to view civil aviation as a viable target for attack and as a weapon that can be used to inflict mass casualties and economic damage. It also concluded that improvised explosive devices (IED) and hijackings pose the most dangerous terrorist threat to commercial airliners in the United States. The assessment identifies that these devices may be concealed on persons, disguised as liquids, or hidden within everyday, familiar objects such as footwear, clothing, toys, and electronics. The threat assessment further identifies that terrorists have various techniques for concealing explosives on their persons. In addition to the annual civil aviation threat assessment, the Office of Intelligence prepares for TSA's senior leadership team and other officials a (1) daily intelligence briefing, (2) tactical intelligence report that is produced one to four times per week, (3) weekly field intelligence summary, (4) weekly suspicious incident report, and, when necessary, (5) special events update, for example, during major political events. However, according to the NIPP, relying on threat information is not sufficient to identify and assess risks. Rather, threat information, which indicates whether a terrorist is capable of carrying out a particular attack and intends to do so, is to be analyzed along side information on vulnerabilities--weakness in a system that would allow such an attack to occur--and on the consequences of the attack, that is, the results of a specific type of terrorist attack, according to the NIPP. TSA officials stated that, to guide the PSP, they also rely on programs in place that are designed to assess vulnerabilities at airport checkpoints. To identify vulnerabilities at airport checkpoints, TSA officials stated that TSA analyzes TIP scores, known limitations of screening equipment based on laboratory testing, and information from its covert testing program. TSA conducts national and local covert tests, whereby individuals attempt to enter the secure area of an airport through the passenger checkpoint with a prohibited item in their carry-on bags or hidden on their person. Officials stated they use these sources of information to identify needed changes to standard screening procedures, new technology requirements, and deployment strategies for the PSP. When a checkpoint vulnerability is identified, officials stated that TSA's Office of Security Technology engages other TSA stakeholders through the PSP's Integrated Project Team process [Footnote 35] to identify and develop necessary technology requirements which may lead to new technology initiatives. Officials credited this process with helping TSA identify needed changes to standard screening procedures and deployment strategies for new technologies. For example, according to a TSA official, a technology was developed as a result of tests conducted by GAO that found that prohibited items and components of an IED might be more readily identified if TSA were to develop new screening technologies to screen these items.[Footnote 36] Although TSA has obtained information on vulnerabilities at the screening checkpoint, the agency has not assessed vulnerabilities (that is, weaknesses in the system that terrorists could exploit in order to carry out an attack) related to passenger screening technologies that are currently deployed. The NIPP requires a risk assessment to include assessments of threat, vulnerability, and consequence. TSA has not assessed whether there are tactics that terrorists could use, such as the placement of explosives or weapons on specific places on their bodies, to increase the likelihood that the screening equipment would fail to detect the hidden weapons or explosives. Although TIP scores measure how effectively screeners identify prohibited items, they do not indicate whether screening technologies currently deployed may be vulnerable to tactics used by terrorists to disguise prohibited items, such as explosives or weapons, thereby defeating the screening technologies and evading detection. Similarly, TSA's covert testing programs do not systematically test passenger and baggage screening technologies nationwide to ensure that they identify the threat objects and materials the technologies are designed to detect, nor do the covert testing programs identify vulnerabilities related to these technologies. We reported in August 2008 that, while TSA's local covert testing program attempts to identify test failures that may be caused by screening equipment not working properly or caused by screeners and the screening procedures they follow, the agency's national testing program does not attribute a specific cause of the test failure. [Footnote 37] We recommended, among other things, that TSA require the documentation of specific causes of all national covert testing failures, including documenting failures related to equipment, in the covert testing database to help TSA better identify areas for improvement. TSA concurred with this recommendation and stated that the agency will expand the covert testing database to document test failures related to screening equipment. Moreover, TSA officials stated that it is difficult to attribute a test failure to equipment, because there is a possibility that the threat item used for the test was not designed properly and, therefore, should not have set off the equipment's alarm. TSA officials also stated that it is difficult to identify a single cause for a test failure because covert testing failures can be caused by multiple factors. As a result, TSA lacks a method to systematically test and identify vulnerabilities in its passenger and baggage screening equipment in an operational airport setting. Consequently, TSA officials do not have complete information to identify the extent to which existing screening technologies mitigate vulnerabilities at the passenger checkpoints, so that they can incorporate this information into the agency's security strategy, as required by DHS guidance. TSA's ADRA, once completed, is to cover the entire aviation domain and include three parts--assessments of over 130 terrorist attack scenarios to determine whether they pose a threat to the aviation system; an assessment of known vulnerabilities or pathways within the aviation system through which these terrorist attacks could be carried out; and an assessment of consequences of these various types of terrorist attacks, such as death, injury, and property loss. TSA officials stated that, through the use of expert panels, the ADRA will evaluate these threat scenarios to assess the likelihood that terrorists might successfully carry out each type of attack on the aviation system, and the likelihood and consequences of these various scenarios will be prioritized to identify the most pressing risks that need to be addressed. In the case of the passenger screening checkpoint, according to officials, TSA will be examining all security measures that a terrorist must breach in order to carry out a specific type of an attack, such as carrying an IED on board an aircraft and detonating it midflight. However, officials could not explain or provide documentation identifying the extent to which the ADRA will provide threat, vulnerability, and consequence assessments in support of the PSP. In addition, the completion date for the ADRA has been delayed multiple times. Because the ADRA has not been finalized and TSA has not described how the ADRA will address the passenger checkpoint, we could not determine the extent to which it will incorporate information on checkpoint vulnerabilities, including vulnerabilities associated with screening technologies and standard operating procedures.[Footnote 38] In addition to the ADRA, TSA and DHS S&T are developing other information that could inform their identification and assessments of risks to the aviation transportation system. Specifically, TSA and S&T are reviewing the scientific basis of their current detection standards for explosives detection technologies to screen passengers, carry-on items and checked baggage. As part of this work, TSA and S&T are conducting studies to update their understanding of the effects that explosives may have on aircraft, such as the consequences of detonating explosives on board an in-flight aircraft. Senior TSA and DHS S&T officials stated that the two agencies decided to initiate this review because they could not fully identify or validate the scientific support requiring explosives detection technologies to identify increasingly smaller amounts of some explosives over time as required by TSA policy. Officials stated that they used the best available information to originally develop detection standards for explosives detection technologies. However, according to these officials, TSA's understanding of how explosives affect aircraft has largely been based on data obtained from live-fire explosive tests on aircraft hulls at ground level. Officials further stated that due to the expense and complexity of live-fire tests, FAA, TSA, and DHS collectively have conducted only a limited number of tests on retired aircraft, which limited the amount of data available for analysis. As part of this ongoing review, TSA and S&T are simulating the complex dynamics of explosive blast effects on an in-flight aircraft by using a computer model based on advanced software developed by the national laboratories. TSA believes that the computer model will be able to accurately simulate hundreds of explosives tests by simulating the effects that explosives will have when placed in different locations within various aircraft models. Officials estimated this work will be completed in 3-to 4-month increments through 2008 and 2009. Officials further stated that the prototype version of the model was validated in the late summer of 2008, and that the model is currently being used. TSA and S&T officials stated that they expect the results of this work will provide a much fuller understanding of the explosive detection requirements and the threat posed by various amounts of different explosives, and will use this information to determine whether any modifications to existing detection standards should be made moving forward. TSA Has Not Completed a Cost-Benefit Analysis to Help Establish Risk- Based Priorities and Guide Its Investment Strategy: TSA has not completed a cost-benefit analysis to prioritize and fund the PSP's priorities for investing in checkpoint technologies, as required by the NIPP's risk management framework. According to the NIPP, policy makers who are designing programs and formulating budgets are to evaluate how different options reduce or mitigate threat, vulnerability, or consequence of a terrorist attack through a cost- benefit analysis that combines cost estimates with risk-mitigation estimates.[Footnote 39] However, in addition to lacking information on risks to the screening checkpoint, TSA has not conducted a cost-benefit analysis of checkpoint technologies being researched and developed, procured, and deployed. Such a cost-benefit analysis is important because it would help decisionmakers determine which protective measures, for instance, investments in technologies or in other security programs, will provide the greatest mitigation of risk for the resources that are available. One reason that TSA may have difficulty developing a cost-benefit analysis for the PSP is that it has not developed life-cycle cost estimates of each screening technology the PSP is developing, procuring, or deploying. This information is important because it helps decisionmakers determine, given the cost of various technologies, which technology provides the greatest mitigation of risk for the resources that are available. TSA officials prepared a PSP lifecycle cost estimate in September 2005, but this estimate does not include cost estimates for all technologies currently being researched, developed, tested and evaluated, procured and/or deployed, such as the Advanced Technology Systems, a technology to screen carry-on items that TSA is currently procuring. TSA was subsequently instructed by DHS Joint Requirements Council[Footnote 40] to complete lifecycle cost estimates for the PSP; in December 2005, the council reviewed the PSP and approved it to proceed to the Investment Review Board for an annual review and potential approval of the PSP's fiscal year 2006 procurement strategy. However, the council expressed concern about several issues that should be resolved prior to the Investment Review Board's review, including the need for complete lifecycle cost estimates for the checkpoint screening technologies that were to be developed and procured. TSA officials acknowledged that completing lifecycle cost estimates are important and stated that they have not prepared a lifecycle cost estimate since the council recommended that such an estimate be developed due to lack of staff. These officials further stated that TSA hired four full-time equivalent staff in fiscal year 2008, and two additional full-time equivalent staff are expected to be hired in the fall of 2008. The officials anticipate that these staff will help prepare lifecycle cost estimates. However, the officials did not provide a timeframe for the completion of the estimates. Although TSA officials identified the technologies they are procuring and deploying, TSA officials could not provide us with information on their priorities for the research and development of checkpoint screening technologies or the processes they followed to develop these priorities. According to S&T officials, TSA provided priorities for near-term applied research and development projects to the S&T Capstone Integrated Product Team (IPT) for Explosives Prevention.[Footnote 41] This IPT establishes priorities for research projects to be funded by S&T during the fiscal year. S&T officials stated that they rely on TSA and other members of the IPT to use a risk-based approach to identify and prioritize their agencies' or offices' individual research and development needs prior to submitting them for consideration to the IPT. However, TSA officials stated they did not submit priorities for research and development to S&T. Without cost-benefit or other analysis to compare the cost and effectiveness of various solutions, the agency cannot determine whether investments in the research and development of new checkpoint technologies or procedures most appropriately mitigate risks with the most cost-effective use of resources. In addition, without knowing the full cost of the technologies that the PSP is developing, procuring, or deploying, TSA could potentially invest in a technology in which the cost outweighs expected benefits. TSA Lacks Measures to Evaluate the Extent to Which the PSP Reduces the Risk of Terrorist Attacks: TSA's strategy for the PSP does not have a mechanism--such as performance measures or other evaluation methods--to monitor, assess, or test the extent to which investments in new checkpoint technologies reduce or mitigate the risk of terrorist attacks. The NIPP requires that protective programs be designed to allow measurement, evaluation, and feedback based on risk mitigation so that agencies may re-evaluate risk after programs have been implemented and take corrective action if needed, such as modifying existing programs to counter new risks or implementing alternative programs. The NIPP identifies three types of performance measures--descriptive, process/output, and outcome measures--that can help gauge the effectiveness of protective programs. [Footnote 42] Although the NIPP requires that protective programs be designed to allow measurement, evaluation, and feedback based on risk mitigation, TSA has not identified quantifiable measures of progress which would allow the agency to assess the PSP's overall effectiveness. TSA officials stated that they do not have overall performance measures but are currently developing performance goals and measures for the overall program. However, the officials could not provide a time frame for their completion. In September 2004, we recommended that TSA complete strategic plans for its research and development programs which contain measurable objectives.[Footnote 43] Without measures to monitor the degree to which the TSA's investments in the research, development, and deployment of new screening technologies reduce or mitigate terrorist threats, the agency is limited in its ability to assess the effectiveness of the PSP or the extent to which it complements other layers of security at the checkpoint. Ten New Checkpoint Screening Technologies Are in Various Phases of RDT&E, Procurement, and Deployment, but ETP Deployment Has Been Halted: Since TSA's creation in 2001, 10 new checkpoint screening technologies, including the ETP, have been in various phases of RDT&E, procurement, and deployment, but TSA halted deployment of the ETP due to performance problems and high installation costs. Of the 10 technologies, TSA has initiated deployments for 4 of them, including the ETP and a Bottled Liquids Scanner, but TSA has not deployed any of the 4 technologies to airports nationwide. TSA also initiated procurements of two technologies, including the Whole Body Imager; however, deployment of these two technologies has not begun yet. Four checkpoint technologies are in research and development, such as a shoe scanning device. In June 2006, 6 to 11 months after TSA began to deploy the ETPs to airports, the agency halted their deployment due to performance problems--the machines broke down more frequently than specified by the functional requirements and the machines were more expensive to install and maintain in airports than expected. Because TSA did not follow its acquisition guidance that recommends technologies be tested and evaluated in an operational setting prior to procurement and deployment, the agency lacked assurance that the ETPs performed as required by the system's requirements. Although TSA officials were aware that tests conducted on earlier ETP models during 2004 and 2005 suggested that they did not operate reliably in an airport environment and that the ETP models that were subsequently deployed to airports had not been tested in an operational environment to prove their effectiveness, TSA deployed the ETPs to airports beginning in July 2005 for the Smiths Detection ETP and beginning in January 2006 for the General Electric ETP without resolving these issues. TSA officials stated that they deployed the ETPs to respond quickly to the threat posed by a potential suicide bomber after suicide bombings had been carried out onboard Russian airliners in 2004. TSA officials stated that they plan to continue to use the 90 ETPs currently deployed to airports. Because the ETPs were deployed without resolving their performance problems and validating all of the functional requirements, the ETPs have not been demonstrated to increase security at the checkpoint. In the future, using validated technologies would enhance TSA's efforts to improve checkpoint security. S&T and TSA Investments in RDT&E Resulted in the Procurement or Deployment of Six New Checkpoint Technologies: As a result of S&T and TSA investments in the RDT&E of checkpoint screening technologies since TSA's creation in 2001, six new screening technologies are being procured and/or deployed, while four checkpoint screening technologies are currently in the research and development phase.[Footnote 44] Based on S&T and TSA RDT&E efforts, the agency has initiated deployments of four technologies--the ETP, Fido PaxPoint Bottled Liquids Scanner, Advanced Technology Systems, and Cast and Prosthesis Scanner--three of which originated as commercial-off-the- shelf technologies or commercial-off-the-shelf technologies that TSA modified for use as checkpoint screening devices.[Footnote 45] However, TSA has not completed the deployment for all of these four technologies to airports nationwide. TSA officials stated that they did not deploy additional checkpoint screening technologies because they were primarily focused on deploying explosives detection systems to screen checked baggage, as mandated by ATSA. TSA has also initiated procurements of two additional technologies--Automated Explosives Detection System for Carry-on Baggage and Whole Body Imager--but has not deployed either of them yet. Figure 3 describes the status of the six checkpoint screening technologies for which TSA has initiated procurement and/or deployment. Figure 3: Status of Six Checkpoint Screening Technologies that Had Initiated Procurement and/or Deployment as of September 2008: [Refer to PDF for image: table with illustrations for each technology] Technology: Explosives Trace Portal (ETP); Illustration source: GAO; Description: Detects traces of explosives on a passenger by using puffs of air to dislodge particles from the passenger's body and clothing that the machine analyzes for traces of explosives. Used for secondary screening; Status of Operational Testing: Completed for earlier models, but not for models ultimately deployed. We discuss this in more detail later in the report; Status of Procurement: TSA procured 207 ETPs. In June 2006, TSA halted further procurement due to high installation and maintenance costs and performance issues. One hundred and sixteen of the procured units remain in storage; Status of Deployment to Airports: TSA deployed 101 portals to 36 airports during fiscal years 2005 and 2006. In June 2006, TSA halted further deployment due to performance, maintenance, and installation issues. Since June 2006, TSA has removed 11 ETPs from airports due to maintenance issues and placed them in a warehouse for storage. Technology: Bottled Liquids Scanner; Illustration source: ICx Technologies, Inc.; Description: Hand-held or table-top units that screen for liquid explosives by detecting vapors of certain chemicals. Used for secondary screening; Status of Operational Testing: Completed for ICx Nomadics Fido PaxPoint model, which is a type of hand-held device. Laboratory and operational tests are ongoing for hand-held and/or table-top Bottled Liquids Scanner devices; Status of Procurement: TSA procured 215 Fido PaxPoint units during fiscal year 2007 and 79 Smiths Detection Sabre 4000 units during fiscal years 2007 and 2008. TSA planned to procure up to 750 hand-held and/or table-top units in late fiscal year 2008. TSA increased its planned procurement for fiscal year 2008 as a result of supplemental appropriations received in fiscal year 2007 and appropriations available in fiscal year 2008. Forty-one Smiths Detection units are at TSA headquarters or in a warehouse in case they are needed for rapid deployment; Status of Deployment to Airports: TSA deployed 200 Fido PaxPoint units from July 2007 to January 2008. TSA deployed 38 Smiths Detection Sabre 4000 units from July 2007 through December 2007, and 30 units are currently in the process of being deployed. TSA plans to deploy a total of 1,300 units at all category X through category IV airports.[A] Full operating capability is planned for fiscal year 2011. Technology: Advanced Technology Systems; Illustration source: Rapiscan Systems, Inc. © 2009.; Description: Intended to improve capability to detect threat items, such as explosives. The units will replace the Threat Image Projection Ready X-ray machines used at airports for primary screening of carry-on items; Status of Operational Testing: Completed; Status of Procurement: TSA procured 250 units during fiscal year 2007. Due to the availability of supplemental funding, appropriations available in fiscal year 2008, and the need to expedite procurement of these systems, the fiscal year 2008 planned procurement was 582 units, of which 250 units have been procured. In fiscal year 2009, TSA plans to award a contract to enhance current units; Status of Deployment to Airports: From April 2008 to June 2008, 204 units were deployed to 12 airports, and about 287 additional units were planned to be deployed by the end of fiscal year 2008. For units deployed in fiscal year 2008, TSA plans to upgrade them in the field to incorporate the enhancements under the contract to be awarded in fiscal year 2009. TSA plans to deploy up to a total of 2,325 units at every checkpoint lane in all category X through category IV airports. Full operating capability is planned for fiscal year 2014. Technology: Cast and Prosthesis Scanner; Illustration source: CastScopeTM.; Description: Provides a two-dimensional image of the area beneath a cast or inside a prosthetic device. The device operates similarly to the whole body imager, but for localized regions of a passenger's body. Intended for use as a secondary screening device; Status of Operational Testing: Completed; Status of Procurement: TSA procured 34 units during fiscal year 2007. Planned procurement was reduced from 40 to 34 units due to a system maintenance cost increase. Due to a change in priorities, planned procurement of 75 units in fiscal year 2008 was canceled because funds were redirected to procure additional units of Advanced Technology Systems and Whole Body Imagers. TSA has no plans to procure additional units in the future; Status of Deployment to Airports: Deployment of 34 units to 10 airports began in July 2008 with the deployment of 5 units; the remaining units were expected to be deployed by the end of September 2008. Technology: Automated Explosives Detection System for Carry-on Baggage[B]; Illustration source: Analogic Corporation; Description: Creates a three-dimensional image of carry-on items to detect explosives and non-metallic weapons. Being considered as a secondary screening device[C]; Status of Operational Testing: Expected to be completed in September 2009; Status of Procurement: TSA procured 20 units during fiscal year 2007 for operational testing. TSA had no plans to procure any units in fiscal year 2008; Status of Deployment to Airports: Deployment to checkpoints at category III and IV airports is expected to begin after operational testing has been completed in September 2009. Technology: Whole Body Imager; Illustration source: American Science & Engineering, Inc. © 2006; Description: Scans passengers by producing a two-dimensional, full-body computer-generated image that reveals object anomalies underneath clothing, including plastic explosives and concealed metallic, non- metallic, ceramic and plastic objects. TSA is evaluating the feasibility of using this system as a primary and secondary screening device[D]; Status of Operational Testing: Expected to be completed in fiscal year 2009; Status of Procurement: TSA leased 15 units in fiscal year 2007 for operational testing. Due to the availability of fiscal year 2008 appropriations, 135 units were planned for procurement in fiscal year 2008, of which 47 have been procured. In fiscal year 2009, TSA plans to award a contract for enhanced units; Status of Deployment to Airports: Deployment of 150 units is expected to begin in fiscal year 2010. For units deployed in fiscal year 2008 for testing, TSA plans to upgrade them in the field to incorporate the enhancements under the contract to be awarded in fiscal year 2009. TSA plans to deploy a total of 878 units at all category X through category IV airports. Full operating capability is expected in fiscal year 2014. Source: TSA and S&T. [A] TSA classifies the commercial airports in the United States into one of five security risk categories (X, I, II, III, and IV). In general, category X airports have the largest number of passenger boardings, and category IV airports have the smallest. Categories X, I, II, and III airports account for more than 90 percent of the nation's air traffic. [B] Although this technology has an automated detection capability, TSA is not testing the automated detection function in an operational environment. [C] Research and development of this technology is continuing, specifically, to develop a computed tomography (CT) X-ray for carry-on baggage. This technology will permit fully-automated inspection of passenger baggage as opposed to the TSA screeners having to interpret the results of the baggage screening process. Operational testing of the CT X-ray technology is to be completed in fiscal year 2009. [D] Research and development of this technology is continuing, specifically, to develop passive terahertz (THz) and active gigahertz (GHz) technologies to improve detection performance and reduce operational costs of commercially available systems. Operational testing of the THz and GHz technologies is to be completed in fiscal years 2009 and 2010, respectively. [End of figure] According to TSA's August 2008 strategic plan for checkpoint technologies, there are several other ongoing efforts in addition to the technologies discussed in figure 3.[Footnote 46] S&T and TSA are researching and developing a shoe scanning device that is to conduct automated weapons and explosive detection without requiring passengers to remove their footwear. TSA plans to award a contract in fiscal year 2010, with full operating capability in fiscal year 2015. TSA plans to deploy 1,300 units at all category X through category IV airports. TSA also has two ongoing efforts related to boarding pass and credential authentication, according to the agency's strategic plan. Starting in 2007, TSA assumed responsibility from airline contractors for travel document checking, which is currently conducted manually. TSA plans to replace the manual system with an automated one. Specifically, the Boarding Pass Scanning System is expected to verify the authenticity of a boarding pass at the checkpoint and enable the use of paperless boarding passes by the airlines. In addition, the Credential Authentication Technology System is planned to be an automated system that authenticates identification presented by passengers and airport employees. According to TSA, the agency plans to eventually combine both of these authentication systems in a single travel document checking system. TSA plans to award a contract for these two systems in fiscal year 2009, with full operating capability expected in fiscal year 2014. TSA plans to deploy a total of 878 units to replace the existing document verification tools at all category X through category IV airports. Another ongoing effort identified in TSA's strategic plan is the Next Generation ETD. This system is planned to replace legacy ETD systems and to be able to identify a larger range of explosives. Specifically, this system is expected to have enhanced explosive detection capability in terms of sensitivity and the ability to detect new threats, as well as other improvements over legacy systems, which are expected to produce lower lifecycle costs. TSA plans to deploy 1,500 units at all category X through category IV airports. TSA also has two additional efforts to assess possible technologies. One effort is called Standoff Detection, which is intended to display images to detect anomalies concealed under passengers' clothing. TSA plans to conduct an operational utility evaluation of test article units during fiscal year 2009 to evaluate the technology's feasibility within checkpoint screening operations. According to TSA, this technology would assist the agency in applying layered security prior to the checkpoint in soft target areas, such as airport lobbies, to improve early awareness of a potential explosive threat. If the technology proves effective in the checkpoint operation, TSA plans to award a contract in fiscal year 2010, with full operational capability expected by fiscal year 2014, and to deploy 351 units to every checkpoint at category X and category I airports. The other effort is called Explosives Characterization for Trace (Chemical-based) Detection. This effort includes the research and development of trace signatures, detection, and physical properties of explosives to improve the detection and performance of deployed explosives trace detection technologies. TSA Procured and Deployed ETPs without Assurance that They Would Perform as Intended in an Operational Setting: During 2004 and 2005, prior to deployment of the ETPs, TSA conducted a series of acceptance tests (that is, laboratory tests) of the General Electric and Smiths Detection ETPs that suggested they had not demonstrated reliable performance. Specifically, in 2004, TSA conducted acceptance tests on early models of the General Electric and Smiths Detection ETPs to determine whether the ETPs met key functional requirements. Subsequently, in 2004 a General Electric ETP model was field tested at five airports to determine how well the ETP performed in an operational environment. A Smiths Detection ETP model was also field tested at an airport in 2004. Based on initial test results, both vendors of the ETPs modified the machines, and TSA conducted further laboratory testing. The modified General Electric ETP was tested from December 2004 through February 2005. During the January 2005 to May 2005 time frame, both the General Electric and Smiths Detection ETP models were tested. Even though tests conducted during 2004 and 2005 of the General Electric and Smiths Detection ETPs suggested they had not demonstrated reliable performance, TSA deployed the Smiths Detection ETP and General Electric ETP to airports starting in July 2005 and January 2006, respectively, without resolving identified performance issues.[Footnote 47] Further, TSA did not test all 157 of the ETP's functional requirements prior to procuring and deploying the General Electric and Smiths Detection ETP models. Instead, TSA tested the ETP models against a subset of the functional requirements. According to TSA's System Development Life Cycle Guidance, testing of a system is to be conducted to prove that the developed system satisfies its requirements in the functional requirements document. TSA officials could not identify the specific requirements that were tested or the reason(s) that all of the requirements were not tested. A TSA official stated that TSA had intended to resolve problems regarding the ETPs' performance after they had been deployed, but TSA officials could not explain how these problems were to be resolved. Officials further stated that they worked for over 1 year during 2006 and 2007 with the ETP vendors to correct reliability and maintenance issues after the ETPs were initially deployed, but could not resolve them. Furthermore, according to S&T officials, when TSA conducted limited field tests, the ETP manufacturers provided different configurations from those used during the laboratory tests. According to officials, once this was discovered, it took more than 6 months for the ETP manufacturers to recreate the configurations that had passed the laboratory tests. TSA officials stated that, during this 6-month period, the agency decided to award a sole source contract to General Electric to procure its ETP. Regarding the reliability of the ETPs, of the 101 ETPs (71 from General Electric and 30 from Smiths Detection) that were originally deployed to 36 airports, the General Electric ETP did not meet the system requirement for operational availability due to frequent breakdowns. Both vendors' ETPs were also more expensive to maintain than expected, according to the TSA Chief Technology Officer serving during this period. The functional requirements document requires the ETP to be operationally available 98.38 percent of the time. However, the General Electric ETPs were not always able to meet this requirement. TSA officials could not provide information on the operational availability of the Smiths Detection ETPs. For the General Electric ETPs, from January through May 2006, they were operationally available an average of 98.05 percent of the time, although the ETPs met the operational availability requirement for 2 months during that period. Furthermore, TSA's operational requirements specify that the ETP should function for a minimum of 1,460 hours between critical failures. A critical failure means that an ETP fails to operate and must be repaired as soon as possible. However, the TSA Chief Technology Officer at the time stated that the ETPs operated at a much lower average number of hours before a critical failure occurred because, for example, the dirt and humidity of some airport environments adversely affected the equipment. Specifically, from January 2006 through May 2006, the General Electric ETPs operated for an average of 559 hours before a critical failure, which means that these ETPs operated on average 38 percent of the time that they were required to operate before a critical failure occurred. TSA officials could not provide information on the mean time between critical failures for the Smiths Detection ETPs. TSA officials stated that they tested the ETPs in several airports for several months prior to deployment, but data from these tests did not identify a problem with mean time between critical failures. One reason for this, a TSA official stated, was that not enough data were collected during the field tests. As usage of the ETPs increased, officials stated that they discovered the ETP was not meeting operational availability requirements. The ETPs also required replacement filters and other consumables more often than expected, according to officials, which drove up maintenance costs. According to TSA officials, because of a variance in operational availability hours among the deployed ETPs, maintenance problems, and the high cost of ETP installation at airports, in June 2006, the agency halted the deployment of the ETP to additional airports and stopped the planned purchase of additional ETPs. TSA officials plan to continue to use the 90 ETPs currently deployed to airports. However, without validating that the ETPs meet their functional requirements, TSA officials do not have assurance that it is worthwhile to continue to use the ETPs in light of the cost to maintain and operate them. In addition, TSA officials are considering what to do with the ETPs that were procured and are currently in storage. As of April 2009, 116 ETPs were in storage.[Footnote 48] TSA did not follow the Acquisition Management System (AMS) guidance or a knowledge-based acquisition approach before procuring the ETPs, which contributed to the ETPs not performing as required after they were deployed to airports. Specifically, AMS guidance provides that testing should be conducted in an operational environment to validate that the system meets all functional requirements before deployment. In addition, our reviews have shown that leading commercial firms follow a knowledge-based approach to major acquisitions and do not proceed with large investments unless the product's design demonstrates its ability to meet functional requirements and be stable.[Footnote 49] The developer must show that the product can be manufactured within cost, schedule, and quality targets and is reliable before production begins and the system is used in day-to-day operations. As discussed earlier in this report, TSA officials told us that they deployed the ETP despite performance problems because officials wanted to quickly respond to emergent threats. However, TSA did not provide written documentation to us that described the process used at the time to make the decision to deploy the ETP or the process that is currently used to make deployment decisions. Using Validated Technologies Would Enhance TSA's Efforts to Improve Checkpoint Security: TSA has relied on technologies in day-to-day airport operations that have not been demonstrated to meet their functional requirements in an operational environment. For example, TSA has substituted existing screening procedures with screening by the Whole Body Imager even though its performance has not yet been validated by testing in an operational environment. In the future, using validated technologies would enhance TSA's efforts to improve checkpoint security. Furthermore, without retaining existing screening procedures until the effectiveness of future technologies has been validated, TSA officials cannot be sure that checkpoint security will be improved.[Footnote 50] DHS Is Addressing Coordination and Collaboration Challenges with Stakeholders to Research, Develop, and Deploy Checkpoint Screening Technologies: DHS S&T and TSA coordinated and collaborated with each other and key stakeholders on their research, development, and deployment activities for airport checkpoint screening technologies, and DHS is taking actions to address challenges and strengthen these efforts.[Footnote 51] Because S&T and TSA share responsibilities related to the RDT&E, procurement, and deployment of checkpoint screening technologies, the two organizations must coordinate with each other and external stakeholders, such as airport operators and technology vendors. For example, in accordance with provisions of the Homeland Security Act and ATSA, S&T and TSA are to coordinate and collaborate with internal and external stakeholders on matters related to technologies and countermeasures for homeland security missions. S&T and TSA signed an MOU in August 2006 that establishes a framework to coordinate their work at the TSL, which tests and evaluates technologies under development. S&T also established a Capstone IPT for Explosives Prevention in 2006 to bring S&T, TSA, and U.S. Secret Service leadership together to identify gaps in explosives detection capability; prioritize identified gaps; review relevant, ongoing S&T programs; and develop capabilities to meet identified needs. However, inconsistent communication and the lack of an overarching test and evaluation strategy have limited S&T's and TSA's ability to coordinate effectively with one another. To coordinate with the aviation community, S&T and TSA have hosted industry days and conference calls to discuss new technologies with airport operators and technology vendors. Although TSA has taken actions to build partnerships with airport operators and vendors, it has not established a systematic process to coordinate with them related to checkpoint screening technologies. However, TSA officials stated that they are in the beginning stages of establishing a systematic process. S&T and TSA Are Addressing Coordination and Collaboration Challenges with Each Other on New Checkpoint Screening Technologies, but Challenges Remain: S&T and TSA have taken actions to coordinate and collaborate with each other related to the RDT&E of checkpoint screening technologies, such as by communicating priorities and requirements for technologies and working with each other on the Capstone IPT for Explosives Prevention. However, S&T and TSA coordination and collaboration were not always effective due to inconsistent communication and the lack of an overarching test and evaluation strategy. The Homeland Security Act assigned responsibilities within the department for coordinating and integrating the research, development, demonstration, testing, and evaluation activities of the department, as well as for working with federal and private sector stakeholders to develop innovative approaches to produce and deploy the best available technologies for homeland security missions. The act further assigned S&T with responsibility for coordinating with other appropriate executive agencies in developing and carrying out the science and technology agenda of the department to reduce duplication and identify unmet needs. ATSA had also assigned TSA with coordination responsibilities, including the coordination of countermeasures with appropriate departments, agencies, and instrumentalities of the U.S. government. [Footnote 52] S&T and TSA have taken several actions to coordinate and collaborate on their research and development activities related to checkpoint screening technologies. First, to coordinate the transition of the TSL from TSA to S&T, minimize disruption of work, and prevent duplication of effort, S&T and TSA signed an MOU that defines the roles and responsibilities for the research and development of homeland security technologies, including checkpoint screening, and establishes a framework for how to coordinate their work. Additionally, S&T created the Capstone IPT for Explosives Prevention, which is co-chaired by the Assistant Secretary for TSA and the Director of the U.S. Secret Service, to identify and prioritize capabilities needed to detect explosives; review relevant, ongoing S&T programs; and develop capabilities to meet the identified needs. The IPT was first convened in December 2006 to identify research and development priorities for explosives detection technologies at airport checkpoints as well as for other transportation modes, and has met periodically since then. According to TSA officials, the Capstone IPT has enabled TSA to establish a clear understanding with S&T of TSA's needs for technology solutions that meet stringent detection thresholds and throughput requirements to support the aviation sector. Additionally, the officials stated that the Capstone IPT has given TSA a better collective understanding of the technology needs of other DHS components, which will help DHS identify technology solutions that can be combined to benefit multiple users. Finally, to follow through on the priorities established by the Capstone IPT for Explosives Prevention, S&T officials stated that they established project-level IPTs, including one for airport checkpoints and one for homemade explosives. S&T officials stated that they are working with TSA on these project-level IPTs to try to meet the needs identified by the Capstone IPT. TSA officials further stated that they have PSP IPTs or working groups to coordinate on technology projects, establish program goals and objectives, and develop requirements and time lines. These groups meet on a weekly basis, according to TSA officials. In April 2008, S&T dissolved the IPT for explosives detection and replaced it with two separate IPTs, a transportation security IPT, chaired by TSA and a counter-IED IPT, chaired by the Office of Bombing Prevention within the National Protection and Programs Directorate and the United States Secret Service. Coordination and collaboration efforts between S&T and TSA have helped in identifying checkpoint screening solutions. For example, S&T and TSA officials collaborated on a hand-held vapor detection unit called the Fido PaxPoint. After the August 2006, discovery of the alleged plot to detonate liquid explosives on board commercial air carriers bound for the United States from the United Kingdom, S&T and TSA worked together to identify, develop, and test screening technologies to address this threat. According to TSA officials, S&T learned that the Department of Defense had developed a handheld unit that could detect vapors from explosives. S&T modified the Department of Defense handheld unit, resulting in the Fido PaxPoint unit to screen liquids and gels at airport checkpoints for explosives, and S&T helped TSA test and evaluate the device.[Footnote 53] Although S&T and TSA have taken steps to coordinate and collaborate with one another, inconsistent communication and a lack of an overarching test and evaluation strategy have contributed to coordination and collaboration challenges. Specifically, communication between S&T and TSA related to S&T's basic and applied research efforts and TSA's efforts to modify commercially available technologies has been lacking at times. For example, TSA officials stated that early in the TSL's transition to S&T (that is, during fiscal year 2006), TSA did not receive information from S&T regarding which of TSA's research and development needs S&T would fund, which projects related to airport checkpoint technologies were underway at the TSL, or the time frames to complete those projects. TSA officials stated that, without this information, TSA was unable to determine whether its work on modifying commercially available technologies for screening passengers and carry- on items unnecessarily duplicated S&T's research and development efforts, although TSA officials were not aware of any duplication that occurred. An S&T official further stated that TSA had not consistently fulfilled its responsibility to provide clearly defined functional requirements for the equipment to be developed by S&T and tested by the TSL, nor has TSA consistently given sufficient notice to the TSL of TSA testing requests. Under the S&T and TSA MOU, TSA has retained responsibility to establish requirements for equipment certification and qualification and acceptance testing. Specifically, an S&T official at the TSL stated that TSA had inadequately defined the functional requirements and allowed too little time for testing several checkpoint screening technologies, including the Advanced Technology Systems, Enhanced Metal Detector II, and Bottled Liquids Scanner. A TSL official acknowledged that when the TSA was responsible for the TSL, the agency had not consistently developed requirements prior to testing or certification of equipment as required by the DHS guidance.[Footnote 54] In another example, as previously mentioned in this report, TSA is developing new certification standards and functional requirements for screening technologies, and is working with national laboratories to validate data on aircraft vulnerabilities and generate new computer models to help TSA develop requirements for explosives detection. According to the TSA Chief Technology Officer in 2007, the TSL has custody of the aircraft vulnerability data, but TSL officials had refused to release the data to the national laboratories as requested by TSA. Although the TSL later provided 32 of the 46 requested reports, TSA officials estimated that the TSL's refusal to release all of the reports had delayed the effort to develop new certification standards and technology requirements by about 1 month. The officials added that most of TSA's requests to S&T and the TSL had involved similar problems and that, although the MOU provides a framework for coordination, these types of problems are related to day-to-day operations and will have to be resolved as situations arise. According to S&T and TSA officials, senior-level management turnover at S&T and TSA contributed to these communication difficulties, as well as an S&T reorganization which began in August 2006 with the arrival of a new Under Secretary for Science and Technology. S&T officials further stated that, prior to the establishment of the PSP working groups, there was no mechanism for S&T and TSA to communicate information about priorities, funding, or project timelines. However, through the working groups, S&T officials stated that S&T and TSA are beginning to achieve regular communication and interaction at the working level, which allows for information to be shared in a mutually beneficial way. S&T and TSA officials also stated that communication with each other has improved since the MOU was signed in August 2006 and, in particular since the summer of 2007, although officials from both organizations stated that further improvement is needed. According to S&T officials, the TSL's independent test and evaluation division and TSA have developed an effective working relationship for several programs, including the Whole Body Imager and Advanced Technology Systems. In addition, S&T officials stated that TSA has come to better understand the processes involving the Capstone IPT and identifying capability needs. According to TSA officials, the agency is in the process of determining whether a position within its Office of Security Technology should be established as a liaison with S&T to improve coordination between S&T and TSA. If the position is created, the TSA liaison would coordinate and collaborate with S&T officials on technology projects by assessing the science that supports the technologies. The MOU specifies that S&T and TSA will coordinate activities, including developing an integrated, overarching test and evaluation strategy for projects to ensure that test and evaluation functions are not duplicative, adequate resources are outlined and secured for these functions, and activities are scheduled to support the overall project master schedule. However, an overarching test and evaluation strategy for checkpoint technologies has not been developed. The lack of this strategy has presented coordination and collaboration challenges between S&T and TSA, and has resulted in the delay of some technologies. For example, a TSL official stated that the TSL could not accommodate TSA's request to test the Advanced Technology Systems, in part, because TSA officials had not provided sufficient advance notice of their testing needs. TSA officials said they were working with S&T to develop a project master schedule for the Advanced Technology Systems. S&T and TSA officials stated that they plan to develop a test and evaluation strategy to define a coordinated technology transition process from S&T to TSA by outlining key responsibilities and criteria to initiate field evaluations of technologies, but officials could not tell us when the test and evaluation strategy would be completed. DHS Is Using Several Approaches to Strengthen Coordination and Collaboration with Airport Operators, Technology Vendors, and Other Federal Agencies: DHS, through S&T and TSA, coordinates with airport operators, private sector partners, such as technology vendors, and other federal agencies on matters related to research and development efforts. This coordination and collaboration between TSA and airport operators and technology vendors is important because the agency relies on airport operators to facilitate the deployment of equipment for testing and day- to-day operations, and on vendors to develop and manufacture new screening equipment.[Footnote 55] However, TSA does not have a systematic process to coordinate with external stakeholders related to checkpoint screening technologies, but TSA officials stated that the agency has developed a draft communications plan, which is being reviewed. Although TSA does not have a systematic process to coordinate with technology vendors, airport operators, and other stakeholders related to the RDT&E, procurement, and deployment of checkpoint screening technologies, agency officials stated that they plan to develop and implement such a process. Specifically, TSA officials stated that they have developed a draft communications plan, which is being reviewed, that will document the communications process. However, TSA could not provide an expected completion date for the plan. Although such a plan should help in providing consistency to the agency's coordination efforts, without knowing the specific activities the plan will include or when it will be implemented, we cannot determine the extent to which the plan may strengthen coordination. In addition, in September 2007, TSA hired an Industry Outreach Manager within its Office of Security Technology to improve relationships with airport operators and communication with internal TSA stakeholders related to screening technologies, including checkpoint technologies. In general, the Industry Outreach Manager is the communications liaison for the Office of Security Technology stakeholders and customers to exchange ideas, information, and operational expertise in support of the office's mission and goals, and to provide cutting-edge technologies in the most efficient and cost-effective means possible. In addition to these steps, in January 2007, S&T created a Corporate Communications Division to coordinate on a wide variety of science and technology efforts with public and private sector stakeholders. This office is in the process of developing a tool to assess the effectiveness of its outreach efforts to industry stakeholders. The AMS guidance recommends that TSA coordinate with airport operators to work out all equipment installation issues prior to deployment. According to TSA officials, the role of the airport operator is essential in ensuring that solutions under development are suitable for use in an airport environment, taking into consideration all logistical and operational constraints and possibilities. As described earlier, provisions of the Homeland Security Act address the need to coordinate research and development efforts to further homeland security missions, and reinforce the importance of coordinating and collaborating with airport operators. TSA sponsors monthly conference calls with airport operators to discuss issues of general interest and, according to S&T officials, S&T has conducted pilot studies with airport operators. However, according to many of the 33 airport operators we interviewed, [Footnote 56] TSA's coordination on the priorities for and deployment of checkpoint screening technologies has been inconsistent. Specifically, of the 33 airport operators we interviewed, 8 had only positive comments about TSA's coordination and 16 expressed only concerns regarding TSA's coordination efforts, while 9 expressed both positive comments and concerns. Eleven of the 33 airport operators told us that TSA had not shared information with them regarding checkpoint technology needs and priorities. For example, an airport operator stated that TSA provided specifications for new screening technologies with sufficient lead time for the airport, which was building a new checkpoint at the time, and that TSA had numerous coordination meetings with airport officials to determine space constraints, power requirements, and other factors. However, this same airport operator expressed a desire for more coordination by TSA in the agency's selection of the technologies to be pilot tested at this airport. Another airport operator stated that, when TSA asks for volunteers to participate in checkpoint screening technology pilot programs, it is difficult to agree to participate because TSA does not clearly communicate the program's goals or the capabilities of the technology in the pilot program. According to airport operators at another airport, TSA officials told them that they would have the latitude to select the ETP from either of two vendors on the TSA contract for purchase. According to the airport officials, after they selected equipment from one of the vendors because it would fit into the physical layout of the airport's checkpoint, TSA told the airport officials that particular ETP vendor was no longer under contract with TSA. As a result, airport officials stated that they had to redesign the checkpoint, including raising the ceiling, to accommodate the other vendor's ETP. Senior officials in TSA's Office of Operational Process and Technology, the office responsible for the development and implementation of security technologies across several modes of transportation, subsequently agreed that coordination with airport managers and other stakeholders could be improved. According to TSA officials, coordinating with technology vendors is essential in order to determine what technology platform would be appropriate and capable of providing the required detection and throughput capabilities. S&T and TSA have conducted outreach efforts to coordinate with technology vendors. For example, S&T officials stated that they have hosted forums known as industry days and attended conferences to discuss types of technologies needed to be developed and the department's priorities for research and development. S&T officials also stated that they make presentations at technology-related conferences, symposia, and exhibits, highlighting the work conducted by S&T. At every industry day and conference, officials said, airport security and checkpoint screening technologies have been discussed. In addition, TSA has coordinated with technology vendors through industry days, individual meetings, and conferences. For example, TSA officials stated that TSA held industry days with technology vendors to provide a forum to communicate information to potential vendors on specific technology testing and procurement efforts, and to allow vendors to ask questions regarding technology projects and TSA expectations. Despite these outreach efforts, of the seven vendors we interviewed who had contracted with TSA to provide checkpoint screening technologies, officials from five vendors expressed concerns about the agency's ability to coordinate with them on current or future needs for checkpoint technologies. Officials from four of the seven vendors stated that TSA had not communicated a strategic vision for screening technologies that will be needed at the checkpoint in the future, and that TSA did not effectively and clearly communicate standards and requirements for technologies to vendors. For example, just as TSL officials commented that TSA did not always provide clear and quantifiable requirements to conduct tests of screening technologies, vendors stated that TSA had not communicated effectively about its future needs, such as the operational requirements for an advanced, integrated checkpoint screening system.[Footnote 57] Therefore, a vendor official stated that some of them had taken the initiative to develop integrated screening technologies in the hope that TSA will eventually request this type of integrated system. TSA did not express an opinion regarding the specific concerns raised by the technology vendors, but a senior TSL official stated that TSA should sponsor better briefings for vendors after the agency announces its intentions to develop new technologies. The official stated that these briefings could provide vendors with an opportunity for open dialogue with TSA and clarification of TSA's needs for new technologies. According to a vendor, without adequate coordination and communication from TSA, the vendors' ability is limited in deciding how best to invest their resources to develop new checkpoint screening technologies. In addition to coordinating and collaborating with airport operators and technology vendors, S&T and TSA coordinate and collaborate on the department's RDT&E efforts with other federal agencies through participation in the Technical Support Working Group, which is co- chaired by the Departments of Defense and State. The Technical Support Working Group is the U.S. national forum that identifies, prioritizes, and coordinates interagency research and development of technologies to combat terrorist acts, including explosives detection technologies. S&T also coordinates with the national laboratories on homeland security research.[Footnote 58] Specifically, S&T's Office of National Laboratories coordinates homeland security-related activities and laboratory-directed research conducted within the Department of Energy's national laboratories. According to an S&T senior official, S&T has worked with the national laboratories to supplement S&T's research and development of explosives detection technologies by tasking the national laboratories to conduct basic research on the characteristics of homemade explosives. Conclusions: Researching, developing, testing and evaluating, procuring, and deploying checkpoint technologies capable of detecting ever-changing threats to the commercial aviation system is a daunting task. Although TSA has recently produced a strategic plan that identified a strategy for the PSP, neither the plan nor the agency's strategy for researching, developing, and deploying checkpoint technologies was informed by some key risk management principles, including a risk assessment, cost-benefit analysis, and performance measures. Without conducting a risk assessment that includes all three elements of risk- -threat, vulnerability, and consequence--and completing a cost-benefit analysis to guide the PSP strategy, TSA has limited assurance that its strategy targets the most critical risks and that it invests in the most cost-effective new technologies or other protective measures. Further, without developing performance measures that assess the extent to which checkpoint screening technologies achieve the PSP's security goals and thereby reduce or mitigate the risk of terrorist attacks, TSA is limited in its ability to determine the success of its strategy and make needed adjustments. Even though TSA has not implemented a risk- informed strategy to ensure that its investments target the most pressing security needs, the agency has moved forward in investing in new checkpoint screening technologies. Despite limited progress in the RDT&E, procurement, and deployment of new checkpoint screening technologies during the first few years that S&T and TSA had responsibilities related to these technologies, more recently, the organizations have made progress as reflected by the number of technologies for which procurement and deployment has been initiated. TSA faced challenges with the first new technology that it procured and deployed--the ETP. In the interest of protecting the homeland, it is understandable that TSA may, at times, not follow all established guidance in an effort to deploy technologies quickly to address urgent threats and vulnerabilities. However, deploying the ETP despite unresolved performance concerns identified during testing of earlier ETP models, as well as failing to ensure that ETP models that were ultimately deployed had passed operational testing, increased the risk that the machines would not perform as intended, resulting in a questionable security benefit. TSA did not follow AMS guidance that recommended operational testing of a new technology prior to deployment because it is more cost effective to resolve performance issues then. While TSA deployed the ETPs to provide a much-needed capability to automatically screen higher risk passengers at airport checkpoints, relying on the ETPs could have resulted in airport checkpoints being more vulnerable given the ETPs' performance problems and lack of operational testing. Also, relying on the ETPs to screen these particular passengers instead of existing screening procedures may not enhance airport checkpoint security because TSA does not know if ETP screening provides an improved detection capability compared to existing screening procedures. Moreover, it is risky to substitute any new technology for existing screening procedures before the technology has been proven to be effective through operational testing. Although TSA is trying to deploy new technologies to address immediate threats, the problems associated with the development and deployment of the ETPs may be repeated with other technologies unless TSA adheres to testing guidance and makes decisions using a knowledge-based acquisition approach. Finally, it is not clear whether it is worthwhile to continue to use the ETPs currently deployed to airports due to the costs associated with maintaining the machines in good, operational condition. Recommendations for Executive Action: To help ensure that DHS's Science and Technology Directorate (S&T) and Transportation Security Administration (TSA) take a comprehensive, risk- informed approach to the RDT&E, procurement, and deployment of airport passenger checkpoint screening technologies, and to increase the likelihood of successful procurements and deployments of such technologies, in the restricted version of this report, we recommended that the Assistant Secretary for TSA take the following eight actions: * Conduct a complete risk assessment, including threat, vulnerability, and consequence assessments, which would apply to the PSP. * Develop cost-benefit analyses to assist in prioritizing investments in new checkpoint screening technologies. * Develop quantifiable performance measures to assess the extent to which investments in research, development, and deployment of checkpoint screening technologies achieve performance goals for enhancing security at airport passenger checkpoints. * After conducting a complete risk assessment and completing cost- benefit analyses and quantifiable performance measures for the PSP, incorporate the results of these efforts into the PSP strategy as determined appropriate. * To the extent feasible, ensure that operational tests and evaluations have been successfully completed before deploying checkpoint screening technologies to airport checkpoints. * Evaluate whether TSA's current passenger screening procedures should be revised to require the use of appropriate screening procedures until it is determined that existing emerging technologies meet their functional requirements in an operational environment. * In the future, prior to testing or using all checkpoint screening technologies at airports, determine whether TSA's passenger screening procedures should be revised to require the use of appropriate screening procedures until the performance of the technologies has been validated through successful testing and evaluation. * Evaluate the benefits of the Explosives Trace Portals that are being used in airports, and compare the benefits to the costs to operate and maintain this technology to determine whether it is cost-effective to continue to use the machines in airports. Agency Comments and Our Evaluation: We provided a draft of our restricted report to DHS for review and comment. On April 7, 2009, DHS provided written comments, which are presented in Appendix II. In commenting on our report, DHS stated that it agreed with our recommendations and identified actions planned or underway to implement them. While DHS is taking steps to address our first and second recommendations related to conducting a risk assessment, the actions DHS reported TSA had taken or plans to take do not fully address the intent of the remaining six recommendations. In its comments, DHS stated that it concurred with our first recommendation that a risk assessment should be developed for the PSP and that TSA has two efforts currently underway to do so. Completion of TSA's first effort--the Air Domain Risk Analysis (ADRA)--is expected in the winter of 2009. DHS commented that TSA's second effort is the Risk Management and Analysis Toolset (RMAT), a model to simulate the potential of some technologies to reduce the risk of certain threat scenarios which will apply specifically to the passenger screening process. DHS reported that it expects initial results from RMAT to be available during the second quarter of 2009. DHS further stated that TSA has made resource allocation and technology decisions that were informed by consideration of risk (including threat, vulnerability, and consequence), although not by comparative assessments of these three elements. However, as we reported, TSA has not conducted a risk assessment for the PSP, and it is unclear to what extent the ADRA would provide risk information needed to support the PSP. Until such a risk assessment is developed and integrated into TSA's strategy for the PSP, TSA continues to invest in checkpoint technologies without the benefit of a risk-informed strategy and increases the possibility that its investments will not address the highest-priority security needs. DHS also concurred with our second recommendation that it develop cost- benefit analyses. DHS commented that TSA is developing an approach for selecting cost-effective technologies by developing life-cycle cost estimates and using the RMAT tool to determine how technologies balance risk (based on current threats) with cost. TSA's decision to collect cost and benefit information is a positive first step. Irrespective of how TSA collects data on the costs and benefits of technologies, it is important, as we reported, that TSA conduct cost-benefit analysis of each checkpoint technology that it invests in that weighs the costs and benefits of technologies relative to the costs and benefits of other solutions. Such analysis is important because it helps decision-makers determine whether investments in technologies or in other security programs will provide the greatest mitigation of risk for the resources that are available. DHS concurred with our third recommendation that TSA develop quantifiable performance measures to assess the extent to which TSA's investments in checkpoint screening technologies make the checkpoint more secure, the key mission of the program. DHS commented that it currently collects quantifiable performance attributes for all potential acquisitions with regards to metrics, such as detection, false alarm rate, and operational availability and plans to use information on machines' attributes as measures of the PSP's overall effectiveness as a program. However, these actions will not fully address our third recommendation. First, information collected on potential acquisitions prior to their deployment may not reflect their performance in an operational environment; consequently, relying on information about technologies' attributes rather than measuring the effectiveness of deployed technologies to secure the checkpoint will likely have limited value in terms of measuring the effectiveness of the PSP as a program. Second, as we reported, the ETP example illustrates that TSA did not collect information on the ETP's performance attributes such as operational availability during laboratory testing prior to procurement and did not collect data on the ETP's detection capabilities during tests in an operational environment. This raises questions about the completeness of data TSA collects on technologies prior to acquisition and deployment. We could not verify that TSA collects such information on other technologies because TSA did not provide documentation to support this comment. As TSA moves forward in developing performance measures, it is important that these measures reflect not only efficiency of the technologies to process passengers but the effectiveness of technologies and other countermeasures to make the checkpoint more secure and thereby reduce the risks posed by those most pressing threat scenarios that will be identified once TSA completes its risk assessment. In addition, DHS concurred with our fourth recommendation that it develop a PSP strategic plan that reflects the risk assessment, cost benefit analysis, and performance measures. DHS commented that TSA plans to combine results from the RMAT tool and lifecycle cost estimates for possible technology solutions that strike a balance between risk and efficient use of funding. DHS also stated it will use RMAT to develop proxy measures and general "what-if" analysis and risk insights. However, these actions alone will not satisfy the intent of this recommendation. While it is possible that proxy measures could be developed to assess the extent to which TSA's investments in the research and development of technologies have achieved program goals of making the checkpoint more secure, to fully address this recommendation, TSA must also conduct a risk assessment that addresses the PSP, develop quantifiable measures that clearly assess the PSP's progress towards its security goals, and revise its strategic plan accordingly. DHS concurred with our fifth recommendation that before deploying technologies to airport checkpoints, the technologies should successfully complete testing and evaluation and stated that TSA is taking action to implement a formal testing process. DHS commented that TSA has prepared a Test and Evaluation Master Plan (TEMP) that describes a new formal testing process that is consistent with DHS's new acquisition directive. However, the TEMP does not address the intent of this recommendation. We deleted from this public report our evaluation of why the TEMP does not address the intent of this recommendation, because TSA determined our evaluation to be sensitive security information. Further, DHS agreed with our sixth and seventh recommendations that TSA evaluate whether its screening procedures should be revised to require the use of appropriate procedures until it can be determined that emerging technologies or future technologies that may be developed meet all of their requirements in an operational environment. However, DHS's comments suggest that it does not intend to implement these recommendations. DHS commented that the performance of machines is always measured and confirmed in the laboratory setting prior to operational field testing. However, we disagree that laboratory testing is sufficient to address this recommendation. We deleted from this public report our evaluation of why laboratory testing alone does not address the intent of this recommendation, because TSA determined our evaluation to be sensitive security information. DHS stated that TSA implemented our eighth recommendation that the agency evaluate the benefits of the ETP, such as its effectiveness, and conduct a cost-benefit analysis to determine whether the technologies should remain in use at airports. However, we disagree that TSA has implemented this recommendation. DHS commented that two actions fulfilled this recommendation: TSA's current program management reviews in which costs are periodically discussed with vendors and the laboratory testing of the ETP's detection capabilities. To fully address this recommendation, a cost-benefit analysis and tests of the ETP's effectiveness to detect explosives in an operational environment are required. As we reported, TSA has not conducted cost-benefit analyses, which, as noted earlier, should compare costs and benefits of alternative solutions. Discussions of maintenance costs with vendors on a periodic basis do not constitute a cost-benefit analysis. Based on DHS's written comments, we deleted a reference to the 2004 OMB PART review in a footnote because of updated information from OMB's 2008 PART review. DHS also provided us with technical comments, which we considered and incorporated in the report where appropriate. In particular, we clarified the wording of a recommendation which originally stated that TSA should develop quantifiable performance measures to assess the extent to which investments in research, development, and deployment of checkpoint screening technologies have mitigated the risks of a terrorist attack. We altered the wording to state that performance measures should be developed to assess progress towards security goals. As agreed with your offices, unless you publicly announce the contents of this report, we plan no further distribution for 45 days from the report date. At that time, we will send copies of this report to the Secretary of Homeland Security, the Assistant Secretary of the Transportation Security Administration, and appropriate congressional committees. If you or your staffs have any questions about this report, please contact me at (202) 512-8777 or LordS@gao.gov. Contact points for our Offices of Congressional Relations and Public Affairs may be found on the last page of this report. GAO staff who made major contributions to this report are listed in appendix III. Signed by: Stephen M. Lord: Director Homeland Security and Justice: [End of section] Appendix I: Objectives, Scope, and Methodology: This report addresses the following questions: (1) To what extent has the Transportation Security Administration (TSA) developed a risk- informed strategy to prioritize investments in the research and development of passenger checkpoint screening technologies? (2) What new passenger checkpoint screening technologies has the Department of Homeland Security (DHS) researched, developed, tested and evaluated, procured, and deployed since its creation, and why did TSA halt the first technology deployment that it initiated--the Explosives Trace Portal (ETP)? (3) To what extent has DHS coordinated the research, development, test and evaluation (RDT&E), procurement, and deployment of passenger checkpoint screening technologies internally and with key stakeholders, such as airport operators and technology vendors? To determine the extent to which TSA has developed a risk-informed strategy to prioritize investments in the research and development of passenger checkpoint screening technologies, we analyzed program documents, TSA's August 2008 strategic plan for checkpoint technologies, TSA's September 2007 report on the development of a strategic plan, technology project plans, and funding. We also compared TSA's strategic plan and DHS's responses regarding their efforts to manage their research and development investments, with DHS's guidance from the National Infrastructure Protection Plan on how to utilize risk management principles to target funding. To determine the extent to which DHS researched, developed, tested and evaluated, procured, and deployed new checkpoint screening technologies since its creation, and to identify why TSA halted deployment of the ETP, we analyzed TSA's strategic plan for checkpoint technologies, TSA's Passenger Screening Program (PSP) documentation, including information on the status of technologies being researched, developed, tested and evaluated, procured, and deployed. Regarding the ETPs, we analyzed the functional requirements for the system, contracts with General Electric and Smiths Detection, and test reports for acceptance tests, regression tests, and operational tests. We also reviewed ETP deployment schedules and documentation on operational availability and mean time between critical failure, and interviewed TSA officials about the reasons that the ETP deployment was halted. We also compared the ETP test approach used by S&T and TSA to the Acquisition Management System (AMS) guidance and knowledge-based acquisition best practices. [Footnote 59] We also interviewed TSA and S&T officials to obtain information on current investments in the research, development, and deployment of checkpoint technologies, and conducted site visits to the Transportation Security Laboratory in Atlantic City, New Jersey, and Tyndall Air Force Base, Florida, to observe testing of new checkpoint technologies. We visited the TSL because that is where S&T tests and evaluates technologies, including checkpoint screening technologies. We visited Tyndall Air Force Base because technologies to detect bottled liquids explosives were being tested there. Additionally, we analyzed TSA's passenger screening standard operating procedures and interviewed various TSA headquarters officials, 29 Federal Security Directors, 1 Deputy Federal Security Director, and 5 Assistant Federal Security Directors for Screening, and visited nine airports where the ETPs had been or were to be deployed or new checkpoint screening technologies were undergoing pilot testing. We chose these officials because they are the senior official at the airport in charge of security and manage TSA's role in deploying new technologies at the airport. We selected these nine locations based on the technologies that had been deployed or were being tested, their geography, size, and proximity to research and development laboratories. Of the nine airports we visited, the ETPs had been or were to be deployed to seven of them, and other new checkpoint screening technologies were undergoing pilot demonstrations or testing at two of them. We visited four airports on the east coast, and three airports on the west coast, and two airports located in the west and southwestern regions of the United States. To determine whether the ETP's requirements had been tested prior to procuring and deploying them, we selected a non-probability sample of 8 out of the 157 total requirements. We selected the 8 requirements because they were related to some of the ETP's key functionality requirements, including operational effectiveness, operational suitability, and passenger throughput. To determine the extent to which DHS has coordinated and collaborated on the RDT&E, procurement, and deployment of passenger screening technologies internally and with key stakeholders, we analyzed program documents, including an August 2006 memorandum of understanding between TSA and S&T for the management of the Transportation Security Laboratory (TSL). Additionally, we interviewed Department of State officials, TSA and S&T officials, seven checkpoint technology vendors, and airport operators[Footnote 60] and other officials at airports where ETPs were initially deployed. Because we selected nonprobability samples of airports to visit and officials to interview, we cannot generalize the results of what we learned to airports nationwide. However, the information we gathered from these locations and officials provided us with insights and perspectives on DHS's efforts to operationally test and evaluate, and deploy checkpoint technologies that could only be obtained from officials stationed at locations where the technologies had been tested or deployed. We reviewed the Acquisition Management System, the Aviation and Transportation Security Act, the Homeland Security Act of 2002, and the Intelligence Reform and Terrorism Prevention Act and identified requirements and guidance for coordination and collaboration among S&T, TSA, and other stakeholders. We also reviewed S&T's and TSA's coordination activities and compared them to TSA program guidance and GAO's recommended coordination practices regarding agency coordination with external stakeholders. [Footnote 61] We conducted this performance audit from June 2006 through April 2009 in accordance with generally accepted government auditing standards. Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objectives. We believe that the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objectives. [End of section] Appendix II: Comments from the Department of Homeland Security: U.S. Department of Homeland Security: Washington, DC 20528: October 6, 2009: Ms. Cathleen A. Berrick: Managing Director, Homeland Security and Justice Team: U.S. Government Accountability Office: 441 G Street, NW: Washington, DC 20548: Dear Ms. Berrick: Thank you for the opportunity to comment on the draft report: DHS and TSA Have Researched, Developed, and Begun Deploying Passenger Checkpoint Screening Technologies, but Continue to Face Challenges (GAO- 09-21). The Transportation Security Administration (TSA) appreciates the U.S. Government Accountability Office's (GAO) work in planning, conducting, and issuing this report. In its report, GAO recommends that TSA improve its analysis of technologies prior to deployment through increased use of risk- management principles and cost-benefit analyses. TSA agrees that there are opportunities for improvement in the deployment of passenger checkpoint technologies and will continue to take steps to advance the testing, deployment, ongoing performance measurement, and stakeholder outreach as each relates to these technologies. The Passenger Screening Program has embraced the challenge to design and engineer passenger screening as an integrated network of technologies, human factors, and processes to minimize the risk of terrorist attack, using an approach that accounts for the strategic, tactical, and operational realities of the airport environment. As a strategy, the proactive approach builds upon lessons learned from hard intelligence, airport security operations, and TSA organizational experience. The goals of TSA's security initiatives are to improve explosives detection capability by combining new technology with advanced procedures, establish a cadre of trained behavior detection officers, and incorporate unpredictability into screening measures to thwart terrorist plans. In each operational environment, be it at the checkpoint, in the queues, or in conversations with passengers, TSA created approaches designed to detect and contain risks to minimize catastrophic loss of life or property. Today, TSA implements passenger checkpoint screening through a risk- informed approach that integrates a variety of sensors, devices, and techniques into a threat detection and response network. This integrated, network-centric approach considers operational requirements to maximize passenger throughput, minimize the number of operating personnel, and protect privacy, all within the constrained footprint of the checkpoint. This proactive approach relies on an optimized, integrated, mix of networked systems to deter known threats through the passenger screening checkpoint. TSA's Risk-Informed Strategy: While TSA recognizes that additional risk-informed management initiatives should and will be undertaken, current security technology initiatives have been developed based on an assessment of what TSA believes to be the most cost-effective way of reducing risk across the entire aviation system. TSA has made resource allocation and technology decisions that were informed by considerations of risk (including threat, vulnerability, and consequence), although not by explicit formal comparative assessment of risk, including threat, vulnerability, and consequence (TVC). This approach was appropriate at TSA's previous level of maturity, and through this process, the Agency gained important insights that have become guiding principles for risk management decisions. These principles include a deep appreciation for uncertainty and for the limits of what can be known. TSA cannot predict every attack vector in the aviation domain; therefore, our strategy reflects a bias against rigid prioritization and narrow, inflexible solutions that can be overcome by dynamic, adaptive adversaries. TSA continues to focus on developing capabilities that are flexible and adaptable, that cut across risks and threats, and that contain elements of randomness or unpredictability to inject uncertainty into adversaries' planning process. These principles have informed many of TSA's operational and technology decisions in the last few years. As this work has progressed, TSA has also pursued a formal TVC risk analysis as important decision inputs into future strategy development. TSA has nearly completed a range of formal, comparative, scenario-based TVC risk analyses. The results will be used—along with other factors, such as cost, feasibility, statutory requirements, and privacy—to inform decisions about strategy, operations, and technology development across TSA's aviation security responsibilities, including the Passenger Screening Program (PSP). At the strategic level, TSA is updating the initial Air Domain Risk Analysis (ADRA), an action item stemming from Homeland Security Presidential Directive 16, with final completion expected in November 2009 and approval expected in the fourth quarter of calendar year 2009. The initial ADRA will compare high-level risks to and through the checkpoint with other high-level risks (e.g., risks involving aviation infrastructure and general aviation) across the domestic U.S. air domain. High-level countermeasures are also evaluated to identify their aggregate, cross-cutting risk-reduction potential across the portfolio of risks. The ADRA will also include a view of risks that originate internationally. At a more granular level, TSA has been developing the Risk Management and Analysis Toolset (RMAT). RMAT is an agent-based, high-detail simulation model of the commercial aviation security regime, and can be used to model specific risk scenarios (for example, specific types and sizes of explosives) and the risk-reduction potential (across the portfolio of risks) of specific technologies or other countermeasures. The model accounts for dynamic, adaptive adversaries by incorporating intelligence analysis to model the adversary's decision processes and using that as the threat input, rather than using a direct, static estimation of a threat vector. This initial set of scenarios is keyed to the actionable decision- support needs of TSA leadership in the near term. The initial RMAT outputs are expected to be available to offer insights to TSA leaders in the second quarter of calendar year 2009. As RMAT data sets and capabilities grow, a larger range of high-detail risks can be modeled; and the effectiveness of a greater range of potential countermeasures can be evaluated. These improved formal tools for understanding risk in a comprehensive and comparative way—explicitly considering comparative TVC—will offer additional insights and support to TSA leaders making decisions in aviation security, including in the PSP. These tools, and formal risk analysis generally, offer the additional effect of challenging accepted assumptions and surfacing hidden assumptions, providing another benefit to the decision process. Finally, formal comparative TVC risk analyses do not replace, but rather complement and enhance, TSA's principles of risk management described previously. Together they will enable TSA leaders to make decisions on aviation security that are more effective, more flexible, more traceable, and more defendable. Measuring Performance: TSA conducts a range of threat and vulnerability assessments relative to the checkpoint to select, prioritize, and determine the effectiveness of operational and technology investments. At the field level, Federal Security Directors (FSDs) conduct various types of testing and assessment of operations of their checkpoints. TSA also conducts Joint Vulnerability Assessments (JVAs) in collaboration with the Federal Bureau of Investigation (FBI) at airports on a regular basis. The results of JVAs help provide understanding of common vulnerabilities and trends. On a national level, TSA's Office of Inspection conducts covert testing of checkpoint operations (Red Team testing). This method of measuring the checkpoint's effectiveness, both operationally and technologically, against a simulated attack can identify vulnerabilities that may be specific to one airport or common across the system. Covert tests serve both as a measure of vulnerability that can help inform investment decisions and a reality- based measure of effectiveness of existing operational and technology investments. TSA collaborates with GAO to review Red Team results based on threat injects conducted at checkpoints. In addition, TSA continually monitors field equipment performance data such as Mean Down Time (MDT), Operational Availability (OA), Mean Time to Repair (MTTR), and throughput. TSA recognized that it needed a more systematic, nationwide framework to assess the effectiveness of the screening process and to identify areas to focus our resources in training and technology. To this end, TSA instituted a comprehensive program to measure screening performance called the Aviation Screening Assessment Program (ASAP). ASAP is aggressively focused on improving recognition of Improvised Explosive Devices (IEDs), and TSA has performed thousands of covert assessments at airports across the country. Through ASAP, we are assessing our performance every day in every aspect of the screening process. Findings from ASAP are reported directly to TSA leadership, who use these performance metrics to make strategic decisions within the screening environment. These decisions include the type of equipment TSA purchases to the type of training TSA delivers to our Transportation Security Officers (TSOs). In addition, TSA recognizes the value of measuring program progress by developing core program metrics. Through TSA's participation in the Office of Management and Budget (OMB) Program Assessment Rating Tool (PART), the Agency measures both long-term and annual performance metrics. Along with the Reliability, Maintainability, Availability (RMA) metrics, PSP calculates the Operational Availability of Passenger Screening Equipment, the Cost per Bag Screened, and the Ratio of Bags Screened to Passenger Screener Full-Time Equivalent (FTE) Expended. In addition, TSA includes key performance parameters in all technology specifications and tests the technology against those measures. These measures reflect different facets of the purpose of PSP. Contrary to footnote 43 of the draft GAO report, the most recent review (2008) of PSP by OMB through the PART ranked the program as "Effective." Testing and Evaluation Strategy for New Technologies: TSA is in the process of improving the already robust Testing and Evaluation (T&E) paradigm to ensure that operational effectiveness and suitability of candidate security technology systems are evaluated prior to deployment. Employing the concept of independent and integrated T&E in support of acquisition decisions and other program reviews, this process leverages data from multiple developmental and operational testing sources, accredited vendor data, modeling and simulation, and other special analyses (as required), in accordance with T&E and systems engineering principles and best practices, to streamline T&E requirements while still providing a credible and comprehensive evaluation product. The system-specific integrated T&E strategy addresses technical and operational requirements, considering the contributions of people, processes, and technologies, to provide a single portrait of anticipated mission capabilities for decision makers. TSA is also active in the U.S. Department of Homeland Security (DHS) T&E Council, which will lead to implementation of best practices for T&E across DHS. TSA has prepared a Test and Evaluation Master Plan (TEMP) for the PSP program and is implementing a formal testing process specified in the TEMP, consistent with DHS's new Acquisition Directive 102. The TEMP establishes a framework that provides an overview of the testing processes followed for all PSP technologies to ensure products meet our specifications, are safe, and operationally effective. The test and evaluation strategy is consistent with the program acquisition strategy. All PSP technology projects follow this testing process, which includes, at a minimum, qualification test and evaluation (QT&E) conducted by the DHS Directorate for Science & Technology (S&T) and operational test and evaluation (OT&E) conducted by TSA. While QT&E tests equipment in a lab setting to validate its operational effectiveness, OT&E tests the product in an airport setting to validate its operational suitability. Recognizing that Initial Operational Testing and Evaluation (IOT&E) principles mandate examining system detection performance in the field environment, TSA's Office of Security Technology (OST) recently implemented a process to better coordinate realistic threat portrayal with our developmental/technical testing partners. Starting with a common threat baseline, we have developed a process to evaluate system performance (considering operators, systems under test, and concepts of operations) against both active threat agents in a laboratory environment, as well as threat surrogates covertly inserted in the stream of commerce, to better understand the system detection performance envelope. Threat surrogates employed for OT&E purposes have undergone a rigorous verification, validation, and accreditation (VV&A) process to ensure that stimulants not only generate appropriate threat signatures (and equivalent responses) relative to the technologies of interest, but also can be strongly correlated back to the active threat and appropriate segment of the threat space for the system of interest. As much of our operational testing is conducted in active environments, in situations where security decisions are being made with systems under test (to most realistically demonstrate operational performance), test design and execution is structured to ensure that test conduct does not degrade the current security posture within the venue. Depending on the specific test, TSA may employ redundant processes and technologies to minimize potential security risks prior to operational test execution. It should also be noted that detection effectiveness, as per TSA testing strategy, is always measured and confirmed in the laboratory setting prior to operational testing in the field. Transportation Security Integration Facility Testing (TSIF): TSA has completed the construction of a state-of-the-art facility permitting emerging technologies to be tested for extended periods of time while simulating a variety of operational conditions. This facility will allow TSA to evaluate future maintenance needs and the most efficient operational configurations of new equipment while avoiding disruption to the flow of passengers at checkpoints. The TSIF began operations in January 2009. Explosives Trace Portal (ETP) Testing and Deployment: In response to a growing concern that terrorists may try to destroy an airplane by packing explosives on their person, TSA tested, procured, and deployed ETP technology from 2004 to 2006. TSA followed its standard technology development process for the ETP, which includes requirements development, testing, procurement, and deployment. TSA and the DHS S&T followed a formalized testing process, including laboratory and field testing, from April 2004 to January 2006, to validate the effectiveness and suitability of ETPs prior to full-scale deployment. QT&E testing of two vendors' submissions was completed by the Transportation Security Laboratory (TSL) in 2004, confirming the ETP technology was effective in detecting explosives in accordance with TSA's technical detection standards. TSA proceeded with airport operational assessments by fielding five General Electric (GE) ETP systems in 2004 During the field evaluations, TSA assessed the suitability of the system and the Portal Quality Control (PQC) patches, to evaluate the quality of the patches and the application process in a checkpoint environment. As the GAO report noted, the PQC patch performed unfavorably in the February 2005 tests. The test report also indicated that a combination of factors, including the method of testing, environmental conditions, the undetermined shelf life of PQC patches, and the possible variance between levels of explosive materials in the PQC patch, which could have affected detection performance. It is important to note that detection effectiveness was established at the TSL in 2004 and that the PQC assessment demonstrated that the airport assessments did not accurately represent the ETP detection performance, since the reliability of the quality control items was unconfirmed in the field. The ETPs were further tested by S&T at Idaho National Engineering and Environmental Laboratory (INEEL) in 2005 using methods that were not available to the TSL at that time (live explosives). The testing at INEEL was presented to TSA by S&T as part of developmental data collection effort for research and development purposes. The INEEL test administrator who conducted the test was not authorized to perform qualification testing on the ETPs, nor was it considered as part of the detection effectiveness assessment. The performance of the ETPs during this testing was not assessed against the established standards. S&T and TSA proceeded to further assess modified ETP systems from December 2004 to February 2005, reviewing software modifications performed by the vendor. The February 2005 review concluded that the requirements for detection were met by the modified ETP systems. TSA proceeded with another round of airport operational assessments from April to May 2005 to further validate operational suitability. Field test results demonstrated satisfactory performance, indicating the equipment was ready for full-scale deployment. In April 2006, TSA began deploying ETPs to airports. Additional Testing: In 2006, TSA initiated another round of laboratory testing of the ETP to evaluate its operational effectiveness. During April and May of 2006, INEEL conducted testing on both vendor submissions that revealed deficiencies in reliable performance. Once these test results were received, along with exhibited performance issues with the fielded units, TSA's Office of Acquisitions formally notified the ETP vendor in June 2006 that TSA would not deploy any additional ETPs until the performance issues were addressed. Remaining delivery units were diverted to the TSA warehouse until improvements could be completed and verified. TSA received a reasonable level of assurance from the vendor that these issues could be successfully addressed. After working with vendors for several months, it was determined that the ETP technology could not be enhanced, and vendors chose not to make additional upgrades. Consequently, TSA did not purchase any further units. TSA determined it was beneficial to keep the existing fielded units in place, since they were effective at detecting explosives when the performance reliability issues did not interfere. Reliance on New Technologies: As has been described, TSA follows a strict testing process for all technologies before they are fully deployed. It should also be noted that detection ability, as per TSA testing strategy, is always measured and confirmed in the laboratory setting prior to operational testing in the field. For example, in the case of Whole Body Imagers (WBIs), the TSL Independent Test and Evaluation Division (IT&E) has conducted a series of laboratory tests evaluating their performance. The WBI is currently being evaluated against established criteria of threat detection, passenger throughput, and operational availability. In contrast to the ETP, the WBI provides the capability to detect a wider range of threats, including metallic and nonmetallic explosives threats. IT&E has performed five lab assessment-quality test series of WBIs with various devices and/or operational procedures starting in February 2007 and continuing to the present. These tests compare TSO performance while using WBI devices to that of a manual pat-down process. In the event of a WBI alarm, current Standard Operating Procedures (SOPs) require a minimum of a pat-down. All test results indicate the WBI technology is an effective alternative to the pat-down process. Stakeholder Coordination and Collaboration: TSA appreciates GAO's conclusion that collaboration with S&T; our external stakeholders, including technology vendors; and our airport staff is an essential element to the successful testing, evaluation, and deployment of checkpoint technologies. TSA also values the relationships that have been fostered with industry stakeholders throughout the aviation and security technology communities. While TSA has taken measures to increase coordination with S&T through the development of a Memorandum of Understanding (MOU), the Capstone Integrated Product Team (IPT), and the associated PSP working group, the findings in GAO's report further highlight the need to increase the level of formal coordination with S&T. TSA has participated in several American Association of Airport Executives conferences. TSA also hosted an airport symposium in the fall of 2007, in which it shared its vision for the future with airport operators and the public. TSA's OST regularly participates in outreach conferences to discuss the technologies available for passenger and baggage screening. To better focus its efforts in this regard, TSA has established a new position on checkpoint stakeholder outreach. In addition, TSA partners with DHS to host technical interchange meetings and industry days where Original Equipment Manufacturers are invited to discuss future requirements for various technologies. These efforts should ultimately reduce costs and development time as vendors work to meet TSA's screening requirements. TSA also makes every effort to effectively coordinate and collaborate with our airport field staff. During deployment of passenger screening technologies, TSA meets weekly with airports to discuss plans, status, and any issues that arise. TSA has also initiated a TSO focus group in which OST periodically meets with a select group of TSOs to gather their input on new technology and process requirements for passenger screening. As part of TSA's OT&E testing conducted for all equipment, TSA gathers input from airport operators and TSOs to ensure the equipment is functioning effectively in an operational environment. Additional outreach for feedback and input will be implemented for the FSD and their staff as appropriate. General Conclusion: To protect the security of the traveling public, TSA must be flexible and able to adapt quickly to changes in terrorist tactics. This overarching objective is reflected in every research and development (R&D) and technology deployment decision made by the Agency. TSA will continue to strive toward optimizing technological investments based on thorough R&D analysis and risk-management principles, as well as the collaborative testing and evaluation of new technologies. Recommendation 1: Conduct a complete risk assessment, including threat, vulnerability, and consequence assessments, which would apply to the PSP. Concur: TSA concurs and has initiated approaches that identify risks at both the strategic and detailed level. At the strategic level, TSA is updating the initial ADRA. Final completion is expected in November 2009 and approval is expected in fourth quarter of calendar year 2009. At a more detailed level, TSA has been developing the RMAT, an agent- based, high-detail simulation model that can be used to model specific risk scenarios (for example, specific types and sizes of explosives). The RMAT also can be used to model the risk-reduction potential (across the portfolio of risks) of specific technologies or other countermeasures (for example, a specific piece of equipment deployed in a given percentage of locations). The RMAT tool will be used to generate reports that apply specifically to the passenger screening process and will allow PSP to perform analysis at a level not previously available while not disrupting real world checkpoint operations. Recommendation 2: Develop cost-benefit analyses to assist in prioritizing investments in new checkpoint screening technologies. Concur: TSA concurs and is incorporating an approach that combines those risks identified in the RMAT tool with detailed Life Cycle Cost Estimates (LCCEs) to make an informed decision on screening technologies that balances levels of risk (based on current threats) with cost-effective procurement projections of available technologies. In addition, as multiple technologies are implemented and overlapped at the checkpoint, the RMAT scenario can be revisited to model the possible effect of the new systems. Recommendation 3: Develop quantifiable performance measures to assess the extent to which investments in research, development, and deployment of checkpoint screening technologies achieve performance goals for enhancing security at airport passenger checkpoints. Concur: TSA understands the importance of developing quantifiable performance measures to ensure that investments support goals and enhance security at the checkpoint. TSA already collects quantifiable performance attributes for all potential acquisitions with regard to metrics, such as detection, false alarm rate, and operational availability. These attributes serve as the baseline against which new technology submissions are evaluated and tested. TSA will work to compare and integrate technology performance measures with those included in the PART and to determine what measures improve checkpoint security when overlapped with multiple systems. Recommendation 4: After conducting a complete risk assessment and completing cost-benefit analyses and quantifiable performance measures for the PSP, incorporate the results of these efforts into the PSP strategy as determined appropriate. Concur: TSA concurs and will, upon availability, combine results from the RMAT with LCCEs for possible technology solutions that strike a balance between both risk and efficient use of funding. TSA believes that the RMAT process provides highly valuable insights into capability and risk priorities. However, because of the fundamental uncertainty associated with a dynamic terrorist risk, RMAT and the use of proxy measures cannot be assumed to represent risk reduction measures and will instead be used to provide proxy measures and general "what-if' analysis and risk insight. The projected performance of these technologies will be compared against the long term performance metrics for PSP as established by the most recent PART (2008) in order to ensure linkage between goals and technology implementations. Recommendation 5: To the extent feasible, ensure that operational tests and evaluations have been successfully completed before deploying checkpoint screening technologies to airport checkpoints. Concur: TSA has prepared a Test and Evaluation Master Plan (TEMP) for the PSP program and is implementing a formal testing process specified in the TEMP, consistent with DHS's new Acquisition Directive 102. The TEMP establishes a framework for incorporating phased-oriented test and evaluation activities that facilitate the acquisition process. All PSP technology projects follow this testing process, which includes, at a minimum, QT&E conducted by the TSL and OT&E conducted by TSA. OT&E tests the product in an airport setting to validate its operational suitability. TSA has established a robust T&E paradigm to ensure that candidate security technology systems are evaluated for operational effectiveness and suitability prior to deployment. Recommendation 6: Evaluate whether TSA's passenger screening procedures should be revised to require use of appropriate screening procedures such as pat downs where emerging technologies, including the ETPs and whole body imagers, are currently being used at airports, until it is determined that the machines can meet all of their explosives detection requirements in an operational environment. Concur: TSA was informed by the TSL that all Atlantic-1 requirements for the ETP were met prior to the pilot testing of machines in the field. The use of the ETP at the checkpoint does not prevent nor prohibit the TSO from exercising judgment and performing additional screening procedures, such as a pat-down, when they feel that it is warranted. In addition, as per current SOP guidance, a pat-down is required for ETP alarm resolution. TSA will complete a review of the explosives trace portals to determine if they are cost-effective and operationally feasible to continue using in airports. For WBI, the TSL IT&E has conducted a series of laboratory tests evaluating the performance of whole body imagers. IT&E performed more than five lab assessment quality test series of WBIs (with various devices and/or operational procedures) starting in February 2007 and continuing to present. These tests have compared TSO performance while using WBI devices to that of a manual pat-down process. Also, in the event of a WBI alarm, current SOPs require a minimum of a pat-down. All results indicate the WBI technology is an effective alternative to the pat-down process. Recommendation 7: Evaluate all future checkpoint screening technologies prior to testing or using them at airports to determine whether appropriate passenger screening procedures, such as pat downs, should remain in place until the performance of the technologies has been validated through operational test and evaluation. Concur: TSA will continue to follow its formal test and evaluation process to ensure all checkpoint screening technologies are operationally effective prior to testing or using them in airport settings. Recommendation 8: Evaluate the benefits, such as the explosives detection effectiveness and deterrent effect, of the ETPs that are being used in airports, and compare the benefits to the costs to operate and maintain this technology to determine whether it is cost- effective to continue to use the machines in airports. Concur: TSA has already implemented this recommendation through a current and ongoing process of evaluation for the ETP that includes periodic Program Management Reviews (PMRs) with the vendor during which cost-related items are discussed. The detection effectiveness of the ETP has been established in multiple lab tests, but TSA does not feel that deterrence is a measurable quality. TSA has already begun making progress implementing GAO's recommendations. This progress demonstrates our commitment to continual improvement to ensure the security of the traveling public. Thank you for the opportunity to provide comments to the draft report. Sincerely yours, Signed by: Jerald E. Levine: Director: Departmental GAO/0IG Liaison Office: [End of section] Appendix III: GAO Contact and Staff Acknowledgments: GAO Contact: Stephen M. Lord, (202) 512-8777 or LordS@gao.gov: Staff Acknowledgments: In addition to the contact named above, Robert Goldenkoff, Acting Director; E. Anne Laffoon and Steve Morris, Assistant Directors; and Joseph E. Dewechter, Analyst-in-Charge, managed this assignment. Carissa Bryant, Chase Cook, Orlando Copeland, Neil Feldman, and Ryan MacMaster made significant contributions to the work. Charles Bausell, Jr., Richard Hung, and Stanley Kostyla assisted with design, methodology, and data analysis. Michele Mackin assisted with acquisition and contracting issues. Sally Williamson, Linda Miller, and Kathryn Godfrey provided assistance in report preparation, and Thomas Lombardi provided legal support. [End of section] Footnotes: [1] TSA screeners are known as Transportation Security Officers and perform a variety of duties related to security and protection of air travelers, airports, and aircraft. TSA further oversees the operations of private sector screeners at airports participating in TSA's Screening Partnership Program. [2] GAO, Aviation Security: Screener Training and Performance Measurement Strengthened, but More Work Remains, [hyperlink, http://www.gao.gov/products/GAO-05-457] (Washington, D.C.: May 2, 2005); and Aviation Security: Risk, Experience, and Customer Concerns Drive Changes to Airline Passenger Screening Procedures, but Evaluation and Documentation of Proposed Changes Could Be Improved, [hyperlink, http://www.gao.gov/products/GAO-07-57SU] (Washington, D.C.: March 7, 2007). [3] In this report, we define basic research as including all scientific efforts and experimentation directed towards increasing knowledge and understanding; applied research as including all efforts directed toward--the solution of specific problems; advanced development as including all efforts directed toward projects that have moved into the development of hardware; and operational testing as verification that new systems are operationally effective, supportable, and suitable. [4] GAO, Transportation Security R&D: TSA and DHS Are Researching and Developing Technologies, but Need to Improve R&D Management, [hyperlink, http://www.gao.gov/products/GAO-04-890] (Washington, D.C.: September 30, 2004). [5] GAO, Transportation Security: Efforts to Strengthen Aviation and Surface Transportation Security Are Under Way, but Challenges Remain, [hyperlink, http://www.gao.gov/products/GAO-08-140T] (Washington, D.C.: October 16, 2007). [6] In the April 2009 restricted version of this report, we reported that, as of September 2008, TSA officials could not provide an expected completion date or identify the extent to which the ADRA would address risks to the checkpoint. In this public report on pages 7, 18, and 22, we updated this information and stated that, as of September 2009, TSA officials expected the ADRA to be completed by the end of 2009, but could not identify the extent to which the ADRA would address risks to the checkpoint. Also, in the restricted version of this report, we reported that the NIPP was issued in 2006. In this public report on page 15, we updated this information and stated that DHS issued a new version of the plan in 2009. Furthermore, in the restricted version of this report, we reported that, as of April 2009, TSA had 90 ETPs at airports and 116 ETPs in storage. In this report on page 39, we updated this information and stated that, as of September 2009, 22 ETPs were at airports and no ETPs were in storage. [7] A Federal Security Director is the ranking TSA authority responsible for the leadership and coordination of TSA security activities at TSA-regulated airports. [8] TSA defines "airport operator" as any person who operates an airport serving an aircraft operator or foreign air carrier required to have a security program under 49 C.F.R. parts 1544 or 1546. See 49 C.F.R. § 1540.5. [9] We selected the eight requirements because they were related to some of the ETP's key functionality requirements, including operational effectiveness, operational suitability, and passenger throughput. [10] GAO, Results-Oriented Government: Practices That Can Help Enhance and Sustain Collaboration among Federal Agencies, [hyperlink, http://www.gao.gov/products/GAO-06-15] (Washington, D.C.: October 21, 2005). [11] TSA deployed the ETPs from January to June 2006. Since June 2006, TSA removed 11 ETPs from airports due to maintenance issues and placed the ETPs in a warehouse for storage. [12] We interviewed 46 airport operators, but 13 of them did not express an opinion about whether TSA had shared or solicited information regarding research and development needs and priorities for checkpoint technologies. [13] See [hyperlink, http://www.gao.gov/products/GAO-05-457] and [hyperlink, http://www.gao.gov/products/GAO-07-57SU]. We found that TSA had initiated actions designed to enhance screener training; however, screeners sometimes encountered difficulty accessing and completing training due to technological and staffing constraints. We also found that TSA had implemented and strengthened efforts to collect screener and checkpoint performance data through covert testing and a screener recertification program. We further reported that TSA modified standard operating procedures based on risk information, airport staff experiences, and complaints and concerns made by the traveling public, but that TSA could strengthen data collection and analysis to assist in determining whether proposed procedures would achieve their intended purpose. [14] Sterile areas are generally located within the terminal where passengers are provided access to boarding aircraft and access is controlled in accordance with TSA requirements. Access is controlled by screeners--either Transportation Security Officers employed by TSA or nonfederal screeners at airports participating in TSA's Screening Partnership Program--at checkpoints where screening is conducted of individuals and carry-on baggage for weapons, explosives, and other prohibited items. Screeners must deny passage beyond the screening location to any individual or property that has not been screened or inspected in accordance with measures and procedures in place at that checkpoint. If an individual refuses inspection or the inspection of any item, that person or item may not be allowed to enter the sterile area or to board an aircraft. [15] A nonselectee passenger who alarms the walk-through metal detector on the first pass is offered a second pass. If the passenger declines the second pass through, the passenger must proceed to additional screening. If the nonselectee passenger accepts the second pass and the machine does not alarm, the passenger may generally proceed without further screening. [16] Passengers are also screened by Behavior Detection Officers under the Screening of Passengers by Observation Techniques (SPOT) program and by Travel Document Checkers. SPOT is an additional layer of security using behavior observations and analysis techniques to identify potentially high-risk individuals based on deviations from environmental baselines. Behavior Detection Officers are tasked with detecting individuals exhibiting behaviors that indicate they may be a threat to aviation and/or transportation security. Travel Document Checkers are specially trained screeners who are positioned in front of the checkpoint to check passengers' boarding passes and identification in order to determine the authenticity of these documents. [17] See Pub. L. No. 107-71, 115 Stat. 597 (2001). [18] See Pub. L. No. 107-296, § 302, 116 Stat. 2135, 2163-64 (2002). [19] See Pub. L. No. 108-458, § 4013(a), 118 Stat. 3638, 3719-20 (2004) (codified at 49 U.S.C. § 44925(a)). [20] Developmental testing is conducted to assist in the development and maturation of a system or subsystem to verify the status of technical progress and certify readiness to enter initial operational testing. Operational testing verifies that new systems are operationally effective, supportable, and suitable before deployment. [21] DHS undertook to coordinate and integrate most of its research, development, demonstration, testing, and evaluation activities in accordance with section 302(12) of the Homeland Security Act. [22] Acceptance testing consists of testing conducted to determine whether a system or, in this case, technology satisfies its acceptance criteria, such as specification requirements, and to enable the customer to determine whether to accept the system or technology. [23] According to TSA officials, depending on the requirements of the sought-after technology and how it will be used, S&T and TSA first try to identify commercial-off-the-shelf (COTS) equipment that meets identified requirements without having to modify it. If COTS equipment is identified but must be modified to meet TSA's needs, it would only be used if it could be modified within a reasonable cost and time frame. If COTS equipment cannot be identified or cannot be modified to meet TSA's requirements within a reasonable cost or time frame, S&T would try to develop a new technology for TSA. [24] DHS, National Infrastructure Protection Plan (Washington, D.C.: June 2006). In 2009, DHS issued an updated plan that replaced the one issued in 2006. [25] DHS has adopted an all-hazards mission, which includes both natural disasters and terrorism. The department uses the NIPP to assess risk for both; however, in the context of this report, we are focusing on terrorism. The NIPP provides that for some critical infrastructure sectors, assessing system risk is more appropriate. [26] Passenger Checkpoint Screening Program Strategic Plan, Aviation Security, Report to Congress in Response to Conference Report 109-699 to the Fiscal Year 2007 Department of Homeland Security Appropriations Bill, August 2008. [27] According to TSA, Checkpoint Evolution is a new security approach that involves many different elements to secure the checkpoint including continuously adapting security procedures to improve passenger security. [28] See 49 U.S.C. § 44925(b). [29] See Pub. L. No. 110-53, § 1607, 121 Stat. at 483. [30] The strategic plan mandated by the Intelligence Reform and 9/11 Commission Acts was to be submitted to the Senate Commerce, Science, and Transportation Committee and the House of Representatives Transportation and Infrastructure Committee. [31] See Pub. L. No. 110-161, Div. E, 121 Stat. at 1844, 2053 (2007) (referencing H.R. Conf. Rep. No. 109-699, at 138 (Sept. 28, 2006), which had initially directed TSA to develop and submit this plan to the committees). [32] See 49 U.S.C. § 44925(b)(2). [33] [hyperlink, http://www.gao.gov/products/GAO-04-890]. [34] The Threat Image Projection (TIP) system places images of threat objects on the X-ray screen during actual operations and records whether screeners identify the threat object. TIP is designed to test screeners' detection capabilities by projecting threat images, including guns and explosives, into bags as they are screened. Screeners are responsible for positively identifying the threat image and calling for the bag to be searched. Once prompted, TIP identifies to the screener whether the threat is real and then records the screener's performance in a database that could be analyzed for performance trends. Low performance makes the screening process vulnerable to terrorist attempts to smuggle such materials onto aircraft. [35] TSA manages the PSP, in part, through an Integrated Product Team (IPT), which is led by the PSP, but draws its members from across TSA, including the Office of Security Operations and the Office of Acquisitions. [36] The work related to the tests conducted by GAO contains classified material and the results of these tests are not publicly available. [37] GAO, Transportation Security: TSA Has Developed a Risk-Based Covert Testing Program, but Could Better Mitigate Aviation Security Vulnerabilities Identified Through Covert Tests, [hyperlink, http://www.gao.gov/products/GAO-08-958] (Washington, D.C.: August 8, 2008). [38] The ADRA is part of TSA's efforts to meet the requirements of Homeland Security Presidential Directive 16 (HSPD-16), which requires the DHS Secretary, in coordination with the Secretaries of State, Defense, Commerce, and Transportation, the Attorney General, and the Director of National Intelligence, to prepare a National Strategy for Aviation Security that provides an overarching national strategy to optimize and integrate governmentwide aviation security efforts. The national strategy and its supporting plans are to use a risk-based approach to ensure that national resources are allocated to security efforts with the greatest potential to prevent, detect, defeat, or minimize the consequence of an attack, taking into consideration threat, vulnerabilities, and probable consequences of an attack. The Secretaries of Homeland Security and Transportation are also to lead, in conjunction with the Secretaries of State, Defense, and Energy, and the Attorney General, an interagency effort, in consultation with appropriate industry representatives, to develop and execute a risk- based implementation plan for the continued reduction of vulnerabilities within the Aviation Transportation System. [39] According to the NIPP, investments in protective programs should be prioritized based on a cost benefit analysis that weighs the cost, time, and other characteristics of potential solutions, along with the potential that these various investments in countermeasures will reduce or mitigate threat, vulnerability, or consequence of an attack. [40] The role of the DHS Joint Requirements Council is, among other things, to manage investment portfolios and review projects to identify cross-functional requirements and applications. [41] In April 2008, S&T dissolved the IPT for explosives detection and replaced it with two separate IPTs, a transportation security IPT, chaired by TSA and a counter-IED IPT, chaired by the Office for Bombing Prevention within the National Protection and Programs Directorate and the United States Secret Service. [42] Descriptive measures are used to understand sector resources and activities, such as the number of facilities in a jurisdiction. Process/output measures are used to measure whether specific activities were performed as planned, tracking the progression of a task, or reporting on the output of a process, such as inventorying assets. Outcome measures track progress towards a strategic goal by beneficial results rather than level of activity. In addition to the NIPP, the Government Performance and Results Act of 1993 provides, among other things, that federal agencies establish program performance measures, including the assessment of relevant outputs and outcomes of each program activity. According to the Office of Management and Budget (OMB), performance goals are target levels of performance expressed as a measurable objective, against which actual achievement can be compared. Performance goals should incorporate measures (indicators used to gauge performance); targets (characteristics that tell how well a program must accomplish the measure), and time frames. [43] In [hyperlink, http://www.gao.gov/products/GAO-04-890], we recommended that the Secretary of Homeland Security and the Assistant Secretary for TSA complete strategic plans containing measurable objectives for DHS's and TSA's transportation security research and development programs. DHS stated that it had completed a strategic plan and that TSA was developing a strategic plan that outlined measurable objectives. However, TSA has not yet completed a risk-based plan that outlines measureable objectives. TSA's August 2008 strategic plan for the PSP states that each technology is assessed in the laboratory and in the field using key performance measures, which are reported to senior management, so a decision about whether to acquire the technology can be made. However, these measures apply to the performance of individual, specific technologies against their functional requirements before they are deployed, whereas the NIPP guidance refers to performance measures that assess the effectiveness of a program as a whole to mitigate risk and improve security. [44] Some of the technologies that have initiated deployments or procurements are continuing in research and development to do follow-on work. For example, the Bottled Liquids Scanner and Advanced Technology Systems continue to be enhanced. [45] Commercial-off-the-shelf technology is a product or service that has been developed for sale, lease, or license to the general public and is currently available at a fair market value. The product or service can sometimes be modified, which can save time and money compared to researching, developing, and producing a product from scratch. [46] TSA submitted a strategic plan for the PSP to congressional committees in September 2008. In the plan TSA identified several new technologies that the agency had not previously identified to us. Because we did not receive this strategic plan until toward the end of our review in September 2008, we did not conduct detailed assessments of these particular technologies. [47] According to TSA, the specific methods and results of testing of the ETPs during the research and development phase are sensitive security information protected from disclosure pursuant to 49 C.F.R. § 1520.5(b). As a result, the relevant sections are described in the restricted version of this report. [48] TSA originally deployed 101 ETPs to airport checkpoints, and had 90 ETPs at airports and 116 ETPs in storage at the time we issued our restricted April 2009 report. After issuance of our restricted report, TSA stated that 22 ETPs were at airports and no ETPs were in storage as of September 2009. [49] GAO, Best Practices: Using a Knowledge-Based Approach to Improve Weapon Acquisition, [hyperlink, http://www.gao.gov/products/GAO-04-386SP] (Washington, D.C.: January 2004). [50] According to TSA, our evaluation of TSA's use and validation of airport screening technologies is sensitive security information protected from disclosure pursuant to 49 C.F.R. § 1520.5(b)(9)(v). As a result, the relevant sections are described in the restricted version of this report. [51] S&T is responsible for conducting basic and applied research, and advanced development, including developmental test and evaluation. TSA is responsible for conducting operational test and evaluation, operational integration, procurement and deployment of new technologies, including checkpoint screening technologies. [52] In accordance with provisions of the Homeland Security Act and ATSA, the S&T's Explosives Division and TSA should coordinate with one another and other stakeholders, including the commercial aviation community and DHS components, to facilitate the research, development, and deployment of checkpoint screening technologies. TSA should also coordinate countermeasures to protect civil aviation with appropriate federal departments and agencies. See 49 U.S.C. § 114(f)(4). The S&T Explosives Division develops technical capabilities to detect, interdict, and lessen impacts of nonnuclear explosives used in terrorist attacks against mass transit, civil aviation, and critical infrastructure. [53] Even though TSA officials stated that the Fido PaxPoint was determined to be effective, the data collection process for it has been extended to ascertain its operational suitability, specifically, how sustainable and maintainable it is. TSA could not provide information to us on the status of this data collection process. [54] DHS Investment Review Process Management Directive 1400. This directive was replaced in November 2008 by an Interim Acquisition Directive (102-01). [55] We focused our work on TSA's coordination and collaboration with airport operators and technology vendors, and not on S&T's coordination and collaboration with these external stakeholders, because TSA is responsible for procuring and deploying checkpoint technologies. [56] We selected a nonprobability sample of 40 airports and obtained the views of 46 operators at these airports regarding coordination with TSA. Thirteen of the 46 airport operators did not express an opinion about coordination for and deployment of checkpoint screening technologies. See appendix I for more information on how we selected these airports. [57] Section 4014 of the Intelligence Reform Act required TSA to "develop and initiate a pilot program to deploy and test advanced airport checkpoint screening devices and technology as an integrated system at not less than 5 airports in the United States" by March 31, 2005. See Pub. L. No. 108-458, § 4014, 118 Stat. at 3720. According to TSA, the only advanced checkpoint screening technology available to TSA at that time was the ETP, and TSA initially conducted pilot tests at five airports and later expanded the tests to 16 airports. TSA officials stated that the agency submitted a strategic report to Congress on August 9, 2005, Detection Equipment at Airport Screening Checkpoints, in satisfaction of this requirement in the Act. [58] The Homeland Security Act addresses the need for DHS to work with federal laboratories and the private sector, among others, to develop innovative approaches to produce and deploy the best available technologies for homeland security missions. See Pub. L. No. 107-296, § 102(f)(5), 116 Stat. at 2143-44. [59] See [hyperlink, http://www.gao.gov/products/GAO-06-257T]. [60] TSA defines an "airport operator" as any persons, who operates an airport serving an aircraft operator or foreign air carrier required to have a security program under 49 C.F.R. parts 1544 or 1546. See 49 C.F.R. § 1540.5. [61] GAO, Results-Oriented Government: Practices That Can Help Enhance and Sustain Collaboration among Federal Agencies, [hyperlink, http://www.gao.gov/products/GAO-06-15] (Washington, D.C.: October 21, 2005). [End of section] GAO's Mission: The Government Accountability Office, the audit, evaluation and investigative arm of Congress, exists to support Congress in meeting its constitutional responsibilities and to help improve the performance and accountability of the federal government for the American people. GAO examines the use of public funds; evaluates federal programs and policies; and provides analyses, recommendations, and other assistance to help Congress make informed oversight, policy, and funding decisions. GAO's commitment to good government is reflected in its core values of accountability, integrity, and reliability. Obtaining Copies of GAO Reports and Testimony: The fastest and easiest way to obtain copies of GAO documents at no cost is through GAO's Web site [hyperlink, http://www.gao.gov]. Each weekday, GAO posts newly released reports, testimony, and correspondence on its Web site. To have GAO e-mail you a list of newly posted products every afternoon, go to [hyperlink, http://www.gao.gov] and select "E-mail Updates." Order by Phone: The price of each GAO publication reflects GAO’s actual cost of production and distribution and depends on the number of pages in the publication and whether the publication is printed in color or black and white. Pricing and ordering information is posted on GAO’s Web site, [hyperlink, http://www.gao.gov/ordering.htm]. Place orders by calling (202) 512-6000, toll free (866) 801-7077, or TDD (202) 512-2537. Orders may be paid for using American Express, Discover Card, MasterCard, Visa, check, or money order. Call for additional information. To Report Fraud, Waste, and Abuse in Federal Programs: Contact: Web site: [hyperlink, http://www.gao.gov/fraudnet/fraudnet.htm]: E-mail: fraudnet@gao.gov: Automated answering system: (800) 424-5454 or (202) 512-7470: Congressional Relations: Ralph Dawn, Managing Director, dawnr@gao.gov: (202) 512-4400: U.S. Government Accountability Office: 441 G Street NW, Room 7125: Washington, D.C. 20548: Public Affairs: Chuck Young, Managing Director, youngc1@gao.gov: (202) 512-4800: U.S. Government Accountability Office: 441 G Street NW, Room 7149: Washington, D.C. 20548: