![Page 1: Federal Aviation Administration NAS Enterprise Information System Security (NEISS) Vic Patel, FAA ICAP, ACP WG-I May 28 th – 30 th 1](https://reader038.vdocuments.mx/reader038/viewer/2022110303/55154a1b55034685568b5232/html5/thumbnails/1.jpg)
Federal AviationAdministration
NAS Enterprise Information System Security (NEISS)
Vic Patel, FAAICAP, ACP WG-IMay 28th – 30th
1
![Page 2: Federal Aviation Administration NAS Enterprise Information System Security (NEISS) Vic Patel, FAA ICAP, ACP WG-I May 28 th – 30 th 1](https://reader038.vdocuments.mx/reader038/viewer/2022110303/55154a1b55034685568b5232/html5/thumbnails/2.jpg)
2Federal AviationAdministration
ICAO ACP WG IBucharest, May 28th to 30th
Agenda
• Why do we need NEISS
• NEISS described
• Current status/activities
• Future plans
![Page 3: Federal Aviation Administration NAS Enterprise Information System Security (NEISS) Vic Patel, FAA ICAP, ACP WG-I May 28 th – 30 th 1](https://reader038.vdocuments.mx/reader038/viewer/2022110303/55154a1b55034685568b5232/html5/thumbnails/3.jpg)
3Federal AviationAdministration
ICAO ACP WG IBucharest, May 28th to 30th
Introduction• The NAS Enterprise Information Systems
Security (NEISS) Program– Seeks to implement a NAS Security Architecture that
is based on Enterprise or “Common” Controls rather than the current system-by-system controls
– All NAS and NextGen Programs interface to and use the Common Controls to gain the mitigation benefits
– The five Common Controls that comprise NEISS
![Page 4: Federal Aviation Administration NAS Enterprise Information System Security (NEISS) Vic Patel, FAA ICAP, ACP WG-I May 28 th – 30 th 1](https://reader038.vdocuments.mx/reader038/viewer/2022110303/55154a1b55034685568b5232/html5/thumbnails/4.jpg)
4Federal AviationAdministration
ICAO ACP WG IBucharest, May 28th to 30th
Changing Environment Increases Cyber Security Risks to the NAS
Today’s NASLimited inter-connectivity
Greater use of Internet Protocol (IP) and greater connectivity within the NAS requires an effective Enterprise Information System Security Architecture
Greater use of Internet Protocol (IP) and greater connectivity within the NAS requires an effective Enterprise Information System Security Architecture
• Planned NAS improvements
– Moving to net-centric operations
– Moving from custom to commercial software
• Cyber threats on the increase
• Planned NAS improvements
– Moving to net-centric operations
– Moving from custom to commercial software
• Cyber threats on the increase
NextGenSignificant inter-connectivity
Cyber risk
ExternalNAS
Sensors
ExternalNAS
Sensors
Externalusers
Externalusers Aviation
PartnerNetworks
AviationPartner
Networks
IPSWIM
SWIM
IPServices
IPServices
Externalusers
Externalusers
IP
![Page 5: Federal Aviation Administration NAS Enterprise Information System Security (NEISS) Vic Patel, FAA ICAP, ACP WG-I May 28 th – 30 th 1](https://reader038.vdocuments.mx/reader038/viewer/2022110303/55154a1b55034685568b5232/html5/thumbnails/5.jpg)
5Federal AviationAdministration
ICAO ACP WG IBucharest, May 28th to 30th
Potential Impacts to NAS Are Serious
• Major disruption of NAS services possible
– Malware can enter the NAS accidently
– The NAS can be targeted
• Disruption can cause substantial economic loss
• Loss of public confidence in the NAS
• NAS disruption can interfere with logistical support of military missions
![Page 6: Federal Aviation Administration NAS Enterprise Information System Security (NEISS) Vic Patel, FAA ICAP, ACP WG-I May 28 th – 30 th 1](https://reader038.vdocuments.mx/reader038/viewer/2022110303/55154a1b55034685568b5232/html5/thumbnails/6.jpg)
6Federal AviationAdministration
ICAO ACP WG IBucharest, May 28th to 30th
The Threat• Cyber exploitation activity has
– Grown more sophisticated– More targeted – And more serious
• The intelligence community has concluded that nation states– Have the technical capabilities to
• Target and disrupt elements of the US information infrastructure
• Collect intelligence information for future use against the US
• StuxNet – Specifically targeted an Industrial Control System similar to NAS
![Page 7: Federal Aviation Administration NAS Enterprise Information System Security (NEISS) Vic Patel, FAA ICAP, ACP WG-I May 28 th – 30 th 1](https://reader038.vdocuments.mx/reader038/viewer/2022110303/55154a1b55034685568b5232/html5/thumbnails/7.jpg)
7Federal AviationAdministration
ICAO ACP WG IBucharest, May 28th to 30th
The Challenge
It’s hard to keep them out
When they get in, it’s hard to find them
When we find them, it’s hard to get them out
![Page 8: Federal Aviation Administration NAS Enterprise Information System Security (NEISS) Vic Patel, FAA ICAP, ACP WG-I May 28 th – 30 th 1](https://reader038.vdocuments.mx/reader038/viewer/2022110303/55154a1b55034685568b5232/html5/thumbnails/8.jpg)
8Federal AviationAdministration
ICAO ACP WG IBucharest, May 28th to 30th
What Can We Do?
• Lay a solid foundation – Develop core Enterprise Solutions that position the NAS to deal with an
ever increasing problem
• Be agile– Develop techniques and approaches useful for defending and
countering cyber attacks
– Developing and enforcing Enterprise Solutions that can quickly adapt to the changing threat environment and apply to all NAS systems
• Be resilient– Adopt approaches for continued operations during cyber attacks
• Understand the threat– Characterize the NAS cyber threat environment
– Identify tools, techniques, and procedures used by adversaries
![Page 9: Federal Aviation Administration NAS Enterprise Information System Security (NEISS) Vic Patel, FAA ICAP, ACP WG-I May 28 th – 30 th 1](https://reader038.vdocuments.mx/reader038/viewer/2022110303/55154a1b55034685568b5232/html5/thumbnails/9.jpg)
9Federal AviationAdministration
ICAO ACP WG IBucharest, May 28th to 30th
The Plan:NAS Enterprise Information System Security
•NAS ISS architecture was developed to provide a foundational cyber infrastructure for NAS enterprise security beginning now and continuing through NextGen
•Doable in five years- Enterprise-wide solutions- Minimal end-system changes- Expand existing program solutions where applicable
•Flexible and Scalable - Security solutions can vary over time.
•NAS ISS architecture will allow:- Improvements in security technology- New security features
![Page 10: Federal Aviation Administration NAS Enterprise Information System Security (NEISS) Vic Patel, FAA ICAP, ACP WG-I May 28 th – 30 th 1](https://reader038.vdocuments.mx/reader038/viewer/2022110303/55154a1b55034685568b5232/html5/thumbnails/10.jpg)
10Federal AviationAdministration
ICAO ACP WG IBucharest, May 28th to 30th
01101
01101
The NAS ISS Architecture
Identity & Key Management
Internal Policy Enforcement
Incident Detection and Response
Certified Software Management
External Boundary Protection
T&E
Crown Jewels
Secured NASSecured NAS
Keep the bad stuff out
Protect the softwaresupply chain
If they get in, find themand deal with it
Know whom you’re talking to
Minimize damage and don’t let it spread
![Page 11: Federal Aviation Administration NAS Enterprise Information System Security (NEISS) Vic Patel, FAA ICAP, ACP WG-I May 28 th – 30 th 1](https://reader038.vdocuments.mx/reader038/viewer/2022110303/55154a1b55034685568b5232/html5/thumbnails/11.jpg)
11Federal AviationAdministration
ICAO ACP WG IBucharest, May 28th to 30th
NEISS Design Principles
•Create a Cyber Security Infrastructure
• Enterprise wide
• Monitor NAS data flows
• Apply cyber security controls to data flows
•Majority of implementation involves infrastructure, rather than end-systems
•Modify enterprise controls, as new threats & controls warrant it
• Ongoing R&D effort
• Present controls represent 5 year timeline Minimize the damage once
in and don’t let it spread!
Identity & Key Management
Internal Policy Enforcement
Incident Detection and Response
Certified Software
Management
External Boundary Protection Know who’s who
Keep the bad stuff out
When they get in, find themand deal with the problem
Only approved software
Secured NAS
![Page 12: Federal Aviation Administration NAS Enterprise Information System Security (NEISS) Vic Patel, FAA ICAP, ACP WG-I May 28 th – 30 th 1](https://reader038.vdocuments.mx/reader038/viewer/2022110303/55154a1b55034685568b5232/html5/thumbnails/12.jpg)
12Federal AviationAdministration
ICAO ACP WG IBucharest, May 28th to 30th
Under the Hood:What’s Happening in NEISS
![Page 13: Federal Aviation Administration NAS Enterprise Information System Security (NEISS) Vic Patel, FAA ICAP, ACP WG-I May 28 th – 30 th 1](https://reader038.vdocuments.mx/reader038/viewer/2022110303/55154a1b55034685568b5232/html5/thumbnails/13.jpg)
13Federal AviationAdministration
ICAO ACP WG IBucharest, May 28th to 30th
Why a NAS Enterprise Information System Security (ISS) Architecture Is Needed (I)
• Growing and evolving cyber security threats– Cyber terrorism, cyber crime, cyber vandalism, cyber espionage, cyber war
• Evolution to support and enable NextGen – Increased levels of network connectivity (from point-to-point to net-centricity)– Newer technologies (satellite-based surveillance and navigation)– Increased complexity from interoperability needs (legacy systems and
NextGen implementation)
• Security is based around individual systems– Non-uniform security, the weakest link paradigm applies– Costly to implement
– Individual system security never intended to mitigate the advanced threats
![Page 14: Federal Aviation Administration NAS Enterprise Information System Security (NEISS) Vic Patel, FAA ICAP, ACP WG-I May 28 th – 30 th 1](https://reader038.vdocuments.mx/reader038/viewer/2022110303/55154a1b55034685568b5232/html5/thumbnails/14.jpg)
14Federal AviationAdministration
ICAO ACP WG IBucharest, May 28th to 30th
Why a NAS Enterprise Information System Security (ISS) Architecture Is Needed (II)
• Architecture Provides– Uniform and enterprise cyber security capabilities– Layered cyber security capabilities (defense-in-depth)– Robust, resilient, agile and scalable cyber security capabilities
– Incremental approach
![Page 15: Federal Aviation Administration NAS Enterprise Information System Security (NEISS) Vic Patel, FAA ICAP, ACP WG-I May 28 th – 30 th 1](https://reader038.vdocuments.mx/reader038/viewer/2022110303/55154a1b55034685568b5232/html5/thumbnails/15.jpg)
15Federal AviationAdministration
ICAO ACP WG IBucharest, May 28th to 30th
Why a NAS Enterprise Information System Security (ISS) Architecture Is Needed (III)
NEISS will be responsible for the implementation of the NAS EA ISS roadmap
• Benefits– Protect the NAS from malware and advance cyber threats
Organized crime, terrorist organizations, foreign governments
– Provide better opportunities to leverage net-centric services for security
– Greater network connectivity, newer technologies, greater complexity
– Provide uniform enterprise cyber security capabilities• Reduce complexity, weakest link paradigm
– Reduce implementation costs• One enterprise implementation vs. each system’s implementation
![Page 16: Federal Aviation Administration NAS Enterprise Information System Security (NEISS) Vic Patel, FAA ICAP, ACP WG-I May 28 th – 30 th 1](https://reader038.vdocuments.mx/reader038/viewer/2022110303/55154a1b55034685568b5232/html5/thumbnails/16.jpg)
16Federal AviationAdministration
ICAO ACP WG IBucharest, May 28th to 30th
External Boundary Protection (EBP)
AddedApplication
Gateway
EBP consolidates all NAS level security controls that are applied to data that transit the NAS security boundary
![Page 17: Federal Aviation Administration NAS Enterprise Information System Security (NEISS) Vic Patel, FAA ICAP, ACP WG-I May 28 th – 30 th 1](https://reader038.vdocuments.mx/reader038/viewer/2022110303/55154a1b55034685568b5232/html5/thumbnails/17.jpg)
17Federal AviationAdministration
ICAO ACP WG IBucharest, May 28th to 30th
External Boundary Protection (EBP)
FTI MATRIX
![Page 18: Federal Aviation Administration NAS Enterprise Information System Security (NEISS) Vic Patel, FAA ICAP, ACP WG-I May 28 th – 30 th 1](https://reader038.vdocuments.mx/reader038/viewer/2022110303/55154a1b55034685568b5232/html5/thumbnails/18.jpg)
18Federal AviationAdministration
ICAO ACP WG IBucharest, May 28th to 30th
External Boundary Protection (EBP) Status
• Developing AMS artifacts supporting EBP• Working with SWIM and FTI to implement
early capability centered around the NAS Enterprise Security Gateway (NESG)
• Conducting the Operational Safety Assessment
• Future Activities:– Transition strategy– Governance– Guidance– FY13 Legacy NAS
transition candidates
![Page 19: Federal Aviation Administration NAS Enterprise Information System Security (NEISS) Vic Patel, FAA ICAP, ACP WG-I May 28 th – 30 th 1](https://reader038.vdocuments.mx/reader038/viewer/2022110303/55154a1b55034685568b5232/html5/thumbnails/19.jpg)
19Federal AviationAdministration
ICAO ACP WG IBucharest, May 28th to 30th
Identity and Key Management (IKM)
The IKM capability allows users and machines to be identified and provides key services for authentication, confidentiality, integrity, and non-repudiation; wherever these functions are needed.
![Page 20: Federal Aviation Administration NAS Enterprise Information System Security (NEISS) Vic Patel, FAA ICAP, ACP WG-I May 28 th – 30 th 1](https://reader038.vdocuments.mx/reader038/viewer/2022110303/55154a1b55034685568b5232/html5/thumbnails/20.jpg)
20Federal AviationAdministration
ICAO ACP WG IBucharest, May 28th to 30th
Identity and Key Management (IKM) - cont• Status: Actively Developing Requirements• Implementer: SWIM• Accomplishments:
– Defined IKM requirements in SWIM S2 FPR, – OSA data collection complete, – Leading implementation of IKM in SWIM Segment 1+
• Future Activities: Implement in test bed the four phase approach regarding integration with legacy systems.
• Issues: – Need clarity on allocation of some IKM functions, including Security Token Service– Selection of early adopters– Policy/Standards needed
![Page 21: Federal Aviation Administration NAS Enterprise Information System Security (NEISS) Vic Patel, FAA ICAP, ACP WG-I May 28 th – 30 th 1](https://reader038.vdocuments.mx/reader038/viewer/2022110303/55154a1b55034685568b5232/html5/thumbnails/21.jpg)
21Federal AviationAdministration
ICAO ACP WG IBucharest, May 28th to 30th
Internal Policy Enforcement (IPE)
IPE mitigates the impact of security incidents within the NAS by dividing NAS systems and networks into enclaves and providing internal boundary protection (IBP) security mechanisms at the boundaries between enclaves.
![Page 22: Federal Aviation Administration NAS Enterprise Information System Security (NEISS) Vic Patel, FAA ICAP, ACP WG-I May 28 th – 30 th 1](https://reader038.vdocuments.mx/reader038/viewer/2022110303/55154a1b55034685568b5232/html5/thumbnails/22.jpg)
22Federal AviationAdministration
ICAO ACP WG IBucharest, May 28th to 30th
Internal Policy Enforcement (IPE) - cont
• Status: Engineering new environment• Implementer: NEISS• Accomplishments: Defined Enclave Environment• Future Activities:
– Prototype IPE in test bed.
– Implement IPE in legacy environment utilizing a four step approach.
– Solicit support from different lines of business to test IPE design in and design secondary network for data transmission if enclave is compromised.
• Issues: Concern with cost for possible secondary form of data transmission.
![Page 23: Federal Aviation Administration NAS Enterprise Information System Security (NEISS) Vic Patel, FAA ICAP, ACP WG-I May 28 th – 30 th 1](https://reader038.vdocuments.mx/reader038/viewer/2022110303/55154a1b55034685568b5232/html5/thumbnails/23.jpg)
23Federal AviationAdministration
ICAO ACP WG IBucharest, May 28th to 30th
Certified Software Management (CSM)
Potential Reference Model Based on SWIM SOA Potential Reference Model Based on SWIM SOA Software Acquisition/VerificationSoftware Acquisition/Verification
ScanBuildVerify
DigitalSignature
(IKM)
Authentication CheckHave vendor sign software
Integrity scan(Veracode)
per order1370.109
EBP
Progress/FUSERepository
Off-lineRepository
Internet
VerificationReport
TestRepository
SWIMWiki
Release & snapshot
Project ObjectModel
SWIMProductionRepository
Available forDownload
Located inMaintenance Enclave
Located in DMZ
The Certified Software Management capability ensures that malware does not enter the NAS via the software supply chain. CSM authenticates the source of the software, controls it’s entry into the NAS, provides secure retrieval, transfer, and integrity guarantee utilizing the IKM capability.
![Page 24: Federal Aviation Administration NAS Enterprise Information System Security (NEISS) Vic Patel, FAA ICAP, ACP WG-I May 28 th – 30 th 1](https://reader038.vdocuments.mx/reader038/viewer/2022110303/55154a1b55034685568b5232/html5/thumbnails/24.jpg)
24Federal AviationAdministration
ICAO ACP WG IBucharest, May 28th to 30th
Certified Software Management (CSM) Status
• Actively developing requirements• Implementer: SWIM
– Augments existing CM process.– CSM will add
• Authentication Check - Vendor will Digitally sign software to be downloaded.• Integrity scan - Per order 1370.109 Software Assurance Policy• Digital Signature - Utilizing IKM to Digitally sign software approved for
distribution.
• Accomplishments:– Functional Analysis– Use cases– Started safety OSA
• Future Activities:– Determine process to authenticate with COTS SOA software provider
![Page 25: Federal Aviation Administration NAS Enterprise Information System Security (NEISS) Vic Patel, FAA ICAP, ACP WG-I May 28 th – 30 th 1](https://reader038.vdocuments.mx/reader038/viewer/2022110303/55154a1b55034685568b5232/html5/thumbnails/25.jpg)
25Federal AviationAdministration
ICAO ACP WG IBucharest, May 28th to 30th
Incident Detection and Response (IDR)
NAS cyber security incident reporting, communications, monitoring, and maintenance
![Page 26: Federal Aviation Administration NAS Enterprise Information System Security (NEISS) Vic Patel, FAA ICAP, ACP WG-I May 28 th – 30 th 1](https://reader038.vdocuments.mx/reader038/viewer/2022110303/55154a1b55034685568b5232/html5/thumbnails/26.jpg)
26Federal AviationAdministration
ICAO ACP WG IBucharest, May 28th to 30th
Incident Detection and Response (IDR)
• Status: Policy Development
• Update of CONUSE and Functional Analysis Documents
• Implementer: NEISS IDR
• Accomplishments:• CEMWG was established to formalize/combine process of handling
NAS cyber events • Drafted IDR Policy and SOP • OSA draft complete
![Page 27: Federal Aviation Administration NAS Enterprise Information System Security (NEISS) Vic Patel, FAA ICAP, ACP WG-I May 28 th – 30 th 1](https://reader038.vdocuments.mx/reader038/viewer/2022110303/55154a1b55034685568b5232/html5/thumbnails/27.jpg)
27Federal AviationAdministration
ICAO ACP WG IBucharest, May 28th to 30th
Incident Detection and Response (IDR)
Future Activities: • Completion of Policy and SOP • Continuous update of the supporting documents as we evolve • Validation of SOPs
• Issues:• AMS process time – Training and resources needed • Technology – Tech changes and advancements • Use of automated tools for data and traffic flows to detect anomalies
![Page 28: Federal Aviation Administration NAS Enterprise Information System Security (NEISS) Vic Patel, FAA ICAP, ACP WG-I May 28 th – 30 th 1](https://reader038.vdocuments.mx/reader038/viewer/2022110303/55154a1b55034685568b5232/html5/thumbnails/28.jpg)
28Federal AviationAdministration
ICAO ACP WG IBucharest, May 28th to 30th
Governance and Policy
SUBJ:National Airspace System (NAS) Enterprise Information System Security Architecture 1. Purpose of This Notice. This notice establishes the requirements for use of FAA National Airspace System (NAS) Enterprise Information System Security Architecture for National Airspace System (NAS) systems, including NAS performance-based service contracts. It also establishes the requirements for use of NEISSA enterprise common controls that provide security services to multiple NAS systems.
Establishing policy, procedures, roles and responsibilities for implementing the NAS Enterprise Information System Security (NEISS) Architecture
![Page 29: Federal Aviation Administration NAS Enterprise Information System Security (NEISS) Vic Patel, FAA ICAP, ACP WG-I May 28 th – 30 th 1](https://reader038.vdocuments.mx/reader038/viewer/2022110303/55154a1b55034685568b5232/html5/thumbnails/29.jpg)
29Federal AviationAdministration
ICAO ACP WG IBucharest, May 28th to 30th
Governance and Policy - cont
• Status: Actively Drafting Policy– Extending Notice JO 1370.44 to include enterprise ISS and current NIST guidance – Working with FAA’s CIO Offices on incorporating ISS in AMS life cycle
• Accomplishments: Annotated outline
• Future Activities: – First full draft expected early January 2011
– Identify and integrate Enterprise ISS in JRC checklist
• Issues: Balancing specificity and clarity against length
![Page 30: Federal Aviation Administration NAS Enterprise Information System Security (NEISS) Vic Patel, FAA ICAP, ACP WG-I May 28 th – 30 th 1](https://reader038.vdocuments.mx/reader038/viewer/2022110303/55154a1b55034685568b5232/html5/thumbnails/30.jpg)
30Federal AviationAdministration
ICAO ACP WG IBucharest, May 28th to 30th
NEISS Challenges• Disposition of the NAS Enterprise ISS
requirements– Need a way to resolve and approve changes (particularly deletion)
and implementation of NEISS requirements• Conveying an understanding of the NEISS
– Threat/risk motivation – Understanding capabilities– Programs need to be clear on when and how to adapt to NEISS
• Schedule, Funding, Requirements • ISS architecture governance
– What are the Rules (Policy)?– Who are the Gatekeepers?
• Establishing NEISS priority and importance – Urgency– Early funding
• Coordinating across the many stakeholders– Nearly everyone in the NAS/NextGen is a stakeholder– All need attention
![Page 31: Federal Aviation Administration NAS Enterprise Information System Security (NEISS) Vic Patel, FAA ICAP, ACP WG-I May 28 th – 30 th 1](https://reader038.vdocuments.mx/reader038/viewer/2022110303/55154a1b55034685568b5232/html5/thumbnails/31.jpg)
31Federal AviationAdministration
ICAO ACP WG IBucharest, May 28th to 30th
![Page 32: Federal Aviation Administration NAS Enterprise Information System Security (NEISS) Vic Patel, FAA ICAP, ACP WG-I May 28 th – 30 th 1](https://reader038.vdocuments.mx/reader038/viewer/2022110303/55154a1b55034685568b5232/html5/thumbnails/32.jpg)
32Federal AviationAdministration
ICAO ACP WG IBucharest, May 28th to 30th
Backup Slides
![Page 33: Federal Aviation Administration NAS Enterprise Information System Security (NEISS) Vic Patel, FAA ICAP, ACP WG-I May 28 th – 30 th 1](https://reader038.vdocuments.mx/reader038/viewer/2022110303/55154a1b55034685568b5232/html5/thumbnails/33.jpg)
33Federal AviationAdministration
ICAO ACP WG IBucharest, May 28th to 30th
NEISS Implementation Alternatives*
Alternative Alt #1 - Distributed Alt #2 - Centralized Alt #3 - Hybrid
Description ISS capabilities assigned to selected existing NAS programs
Single entity to manage, implement and maintain enterprise cyber security controls
Centralized entity to manage, implement and maintain SOME of the enterprise cyber security controls
Benefits •Takes advantage of selected NAS program domain knowledge and experience
•Could minimize impact on current organizational structure
•May reduce time delay and new program start-up costs by using existing NAS programs infrastructure and organization
•Focus on securing NAS, clear responsibility and accountability
•Increased ability to define priorities, manage, and coordinate NEISS implementation
•Synergies with other enterprise programs (data center consolidation, enterprise services, etc)
•May reduce impact and resistance to organizational changes
•Increased flexibility to take advantage of program domain knowledge (distributed) or focus on cyber security (centralized)
Risk, Issues, Challenges
•NEISS implementation will depend on selected NAS programs
•Increased levels of management and coordination across programs
•Potential security accountability gap
•Selected NAS programs will need to acquire cyber security skills
•Requires a significant organizational and cultural change
•Requires additional infrastructure, environment, and funding stream for new program office
•Blend of Risks, Issues, Challenges from Distributed and Centralized alternatives
*Complete details provided in the NEISS Concept of Operations, v0.5