Skip navigation
CLN bookstore

Tsa Procurement Specification for Body X-rays 2008

Download original document:
Brief thumbnail
This text is machine-read, and may contain errors. Check the original document to verify accuracy.
SENSITIVE SECURITY INFORMATION

TRANSPORTATION SECURITY
ADMINISTRATION
OFFICE OF SECURITY TECHNOLOGY
SYSTEM PLANNING AND EVALUATION

PROCUREMENT SPECIFICATION
FOR
WHOLE BODY IMAGER DEVICES FOR
CHECKPOINT OPERATIONS

u.s. Department of Homeland Security
Transportation Security Administration
601 South 12th Street
Arlington, VA 22202-4220

23 September 2008
FINAL, Version 1.02

u.s Department ofHomeland Security
Transportation Security Administration

Prepared By:
TSA Office of Security Technology

WARNING: This re~ord contains Sensitive
'. nff.lrmation that is controlled under 49 C.l!"R parts 15 and 1520. No part of this
record may be disclosed to PCl"$(>US without II "need to
.,
defined in 49 CFR parts 15 and 1520, except with the written
.
r the Secretary of Transportation. Un:lUthorized
plIrmission of the Administrator of the Transportation Security Admillls
relea,e may result in dvil penalty Qr "ther action. F". U.S. gove"nment .. g~ncles, pub""
e iii governed by;; U.S.C. 552 and 49
CFR parts 15 and 1520.

SENSITIYE SECURITY INFORMATION

I

1. Report No.

DHS/TSNOSTIENGIWBI-OOI

Technical Report Doenmentation Pa!!e
2. Government Accession No.

3. RecipicQ.t's Catalog No.

N/A

N/A

4. Title and Subtitle

5. Report Date

Procurement Specification for Whole Body Imager Devices for Checkpoint
Operations

6. PerformIng Organization Code

i. Author

8. Performing Organization Report No.

Office of Security Technology System Planning and Evaluation Group

DHS/TSNOST/ENG/WBI-OOI

23 Seotember 2008
TSA-16

9. Performing Or~anizationName and Address

10. Work Unlt No. (TRAIS)

Transportation Security Administration
Om.e of Security Technology
System Planning and Evaluation
h
601 Soutlllt Street
Arlinl/ton, VA 22202

N/A
11. Cnntl'act Or Grant No.

NlA

12. Sponsoring Agent)' Name and Address

13. T;ype of R<;lport and Period Co"'cred

N/A

FINAL
14. Sponsoring Agency Code

DHS/TSNOSTiENGI
15. Supplementary Notes

N/A
16. ,Abstract
This Procurement Speci1Ication establisht:s the technical requirements for the Vv'ho1e Body I:rnager hereinafter referred to as the vrm. Whole
Body Imaging (WBI) systems ate passenger screening technologies which use imaging technology such as backscatter XMray (BS) or millimeterwav~ nvrM'W,) to detect tJotential threat:> \hat may be hidden on a nassengcr Qr within their clvtlul1l2'
17. Key Words
18. Distribution Statement
This record contains Sensitive S~urity Information that is conttol1r;::d undt:t" 49
CFR parts 15 and 1520, No part of this record:may be disclosed to persons
without a "need to know", it;; defined in 49 CFRparts 15 and 1520, except with
the "'tritten permission of the Administrator of the Transportation Security
Administration or the Secretary of Transportation. Unauthorized release may
result in civil penalty or other action. For U,S. government agencies, public
disclosu.re is £!overned bv 5 U.S.c. 552 and 49 CFR l~arts 15 and 1520.
19. SecUrity ClassiC. (of tbis report)
20. Securit}' Cla8sif. (ofthis page)
22. Price
~~ No. QrPagcs

Unclassified

I

I

Unclassified

I

Renroduction of comnleted naOI:! authorized

WARNING: This record contains e ,.
eeur-it)' Information that is controlled under 49 CFR parts 15 and 152(). No part of this
record mny be dis,.::losed to p"rsons without a "0
w H , as defined in 49 CFR parts 15 and 1520, except with the written
permissioD of the Administrator of the TranspormtioD Secoril)·
.. atlon or the Secretary hf Transportation. {)nauthonzed
release may result in civil penalty or other action. For l,;o$. g<Jvernment agencies.,
',closure is governed by 5 U.S.c. 552 llnd 49
CFR parts 15 nnd 1520.

ii

SENSITIVE SECUftlnl' INFORMATION
DOCUMENT CHANGE HISTORY {b6
Version
0.01

Description - Author

Initial Dr

J
Date
2/26/07

0.02

3/7/08

0.03

3/10/08

0.04

3/12/08

0.05

3/14/08

0.06

3/28/08

0.07

4/14/08

0.08

4/21/08

0.09

5/12/08

0.10

Comments Draft

5/15/08

0.11

5/22/08

0.12

Updated detection requirements

6/10/08

0.13

Industry Comment Update

7/2/08

0.14

OSO comments update

8/14/08

0.15

Engineer team review

8/29/08

0.16

Formatting updates and detection requirement update

9/4/08

Finalized release

9/5/08

1.00

TTTT• • • • • TTTTTT• • • • • • • •

1.01

Updated RMA Section

9/22/08

1.02

Multiplexing requirement update/updated release

9/23/08

,YAR'lING: This record Mntains Sens
i . Information that Is controUed under 49 CFR parts 15 and 1520. No part of tbls
record may be disclosed to persons with()ut a "nee
." lIS defined in 49 eFR parts IS and 1520, except with the written
permission of the Administrator of the Transportation Security
tion or the $ec:fetary of Transportation. U~authorized
l'01e3$e rna)' result in civil pl1:11ally or other adion. For If.S. g<)vcl;'nment agencies,
. disclosure is governed by 5 U.S.c. 552 and 49
CFR parts lSand 1520.
iii

-sENSITIVE SECtfRlTY INF'ORMA'I'ION
NOTICE
This document is disseminated under the sponsorship of the U.S.
Department of Homeland Security in the interest of infonnation
exchange. The United States Government assumes no liability for the
contents or use thereof. The United States Government does not endorse
products or manufacturers. Trade or manufacturer1s names appear herein
solely because they are considered essential to the objective of this
report. This document does not constitute Transportation Security
Administration certification policy.

----

WARNING: This record cont;dQs Sensitive
. Information thllt Is controlled under 49 CFR parts 15 and 152U, No part of this
r~cord may be disclosed to persons without a "need 0
." as defined in 49 eFR parts 15 and 1520, except with the wl'itten
permission of the Administrat<>r of the Transportation Security A ' . ation or the Secretary of TrllDsportation. Unauthorized
relellse may Nsult in ~Ivil p~l1l11ty or oth"r action, For U.S. gov"rnment ~g.meies,
. isclosure i~ governed by 5 U.S.c. 552 and 49
eFR parts 15 and 1520.
iv

SENSITIVE SECURITY INFORMATION
TABLE OF CONTENTS
1.0

INTRODUCTION

1

1.1

1
1
1
1

1.4

BACKGROUND
SCOPE
SYSTEM DESCRIPTION
Major Components
DEFJNITIONS

2.0

APPLICABLE DOCUMENTS

2

2.1
2.2
2.4

GENERAL
GOVERNMENT DOCUMENTS
NON-GOVERNMENT DOCUMENTS
ORDER OF PRECEDENCE

2
2
2
3

3.0

REqUIREMENTS

4

1.2
1.3

1.3.1

2.3

1

TIER I REQUIREMENTS
System.......................................................................................
Eleetrical
3.1.3 Physical
3.1.4 Identification Markings
3.1.5 Environmental.............................................................................
3.1.6 Electromagnetic Compatibility
3.1.7 Human Factors
3.1.8 Regulatory
3.1.9 Reliability, Maintainability, and Availability
3.1.10 Safety
3.1.11 Security
TIER II REQUIREMENTS
3.2
3.2.1 System
3.3
TIER III REQUIREMENTS
3.3.1 System
OPTIONAL CAPABILITIES
3.4
3.4.1 Automated Threat Detection Marking
3.1
3.1.1
3.1.2

4
4
10
1I
11
11
12
13
14
14
16
17
17
17
18
18
18
18

.

.

4.0

VERIFICATION

19

4.1
4.1.1
4.1.2
4.1.3
4.1.4
4.1.5
4.1.6

TEST AND EVALUATION
Developmental Test and Evaluation (DT&E)
Qualification Testing
Operational Test and Evaluation (OT&E)
First Article Test and Evaluation (F AT&E)
Factory Acceptanee Test (FAT)
Site Aeeeptance Test (SAT)

19
19
19
19
19
19
19

4.1.7

Continuous Assessment

__ ,............................

..

~"

"

"

20

\VA.Rl'\'ING: This record conta.ins Sensitive Security Information that is l;ontrolle
del' 49 CFR parts 15 and 1520. No part of this
record may be dh:dQ$l;!d to persons without :a "need to know", liS defin
49 CFR parts 15 and 1520, except with the written
permission of the Adroinistrator of the Transportation Security A
istration or the Secretary (If Transportation. Unauthorized
nment llgendes, public disclosure is governed by S IT.S.c. 552 nnd 49
release IDay re:sult in civil penalt)" or other al'.:tion. FM U.S.
CFR parts 15 and 1520.
v

SENSIlIVE SECURITY INF'ORMATION
4.2
4.2.1
4.2.2
4.2.3
4.2.4
4.3

VERiFICATION METHODS
Analysis
Demonstration
Inspection
Tcs!..
VERiFICATION REQUIREMENTS TRACEABILITY MATRiX

20
20
20
21
21
21

5.0

ACRONyMS

33

APPENDIX A TECHNOLOGY SECURITY REQUIREMENTS

1

A.I
A.2
A.3
A.4
A5
A.6

2
2
2
2
3
4

INTRODUCTION
SCOPE
VENDOR REQUIREMENTS
REFERENCES
OS HARDENING/SECURITY REQUIREMENTS
SYSTEMS IT SECURiTY REQUIREMENTS

APPENDIX B FIELD DATA REPORTING SYSTEM REQUIREMENTS

1

APPENDIX C USER ACCESS LEVELS AND CAPABILITIES

1

APPENDIX D TSA OPERATIONAL POWER REQUIREMENTS

1

1.0

Introduction

1

2.0

Overview

1

3.0

Equipment

1

4.0

Measurement

1

5.0

Power Performance Data Acquisition and Requirements Analysis

1

5.1
5.2
5.3
5,4
5.5
5.6
5.7

BASELINE VOLTAGE AND CURRENT DISTORTION
.
POWER USAGE PROFILE AND POWER FACTOR
:
MAXIMUM INRUSH CURRENT RATIO
STEADY STATE CURRENT UNBALANCE
MAXIMUM LEAKAGE CURRENT
VOLTAGE SAG AND INTERRUPTION WITHSTAND PERFORMANCE..
UNINTERRUPTIBLE POWER SUPPLY

1
2
2
2
3
3
4

APPENDIX E WBI REPORTS

5

1.0

5

FDRS Report Display

vi

SENSlllvE SECURIlY INFORMATION
1.0

INTRODUCTION

1.1

BACKGROUND

The Department ofHome1and Security (DHS), Transportation Security Administration (TSA), presents
the Whole Body Imager (WBI) as a new device that is intended to be used to screen passengers.

SCOPE

1.2

This specification establishes the performance, design, and verification requirements for the WBI
systems.

1.3

SYSTEM DESCRIPTION

WBI systems are passenger screening technologies which use imaging technology to detect anomalies on
a passenger's body or within their clothing. The mission of the WBI is to effectively SCreen passengers at
airport checkpoints, while preserving the privacy of passengers.
The requirements within this Procurement Specification have been broken into a tiered system. The
vendor has the choice to meet the requirements of different tiers: Tier I encompasses the core
requirements that must be met; Tiers II and III describe stepped requirements that may be met. A higher
level system must meet all the requirements of the tier below it: for example, a Tier III system must meet
all Tier I, Tier II, and Tier III requirements. Requirements are denoted by the use of a bold, italic, shall.

1.3.1

Major Components

WBI systems consist of the following 11l4ior components:
•

Scanner

•

Image Operator Station

•

Screening Operator Station

1.4

DEFINITIONS

Anomaly
Downloading
Image Operator (10)
Screening Opcrator (SO)

Shall
Transportation Security
Officer (TSO)
Unloading
WBI System

Any undivested Ol1iects includilw explosives weapons and liquids.
Retrieving data or information from the WBI either locally or remotely.
The TSO responsible for reviewing the images and communicating to
the SO the alarm status for each passenger.
The TSO responsible for scanning and managing each passenger during
the WBI screening process.
Bolded, italicized "shalls" are requirements that the vendors' submitted
WBI must meet in accordance with the tier svstem.
Formerly known as Screeners or Operators, TSOs are the TSA
personnel who operate the airport security checkpoint and conduct
security screenin o of all persons and obiects entering the secure area.
Loading data or information into the WBI either locally or remotelY.
The combined performance of the WBI including the operator in the
1000.

WARNING: This reeord cont:UllS
'ecurity Information that is controJled under 49 CFR parts 15 and 1520. No part of this
reeCJl'd may be disdOl:ed to. persons without l\ ;'ne
." as defined in 49 CFR parts 15 llnd 1520. except with the written
permission of the Administrator of the Transportation Security A
.
n or the Secretary of Transportation. Unauthodzed
rcl~ase may result in civil penalty or other action. For U.S. government agencies, pu
CFR parts 15 and 1520.

I

e is governed by 5 U.S.C. 552 and 49

SENSIIlvE SECURII y INFORlVIA'l'ION
2.0

APPLICABLE DOCUMENTS

2.1

GENERAL

The documents listed in this section are referenced in this specification. While every eHbrt has been made
to ensure the completeness ofthis list, document users are cautioned that they must meet all requirements
of this specification, whether or not the applicable references are listed. The following specifications,
standards, handbooks, documcnts, and drawings of the exact revisions listed below form a part of this
specification to the extent noted herein.
2.2

GOVERNMENT DOCUMENTS

5 USC 552
29 CFR 1910.7

29 CFR 1910.1096
29 CFR 1910.1200
47 CFR 15
49 CFR 15
49 CFR 1520
49 CFR 1544.403
49 CFR 1544.405

DOTfFAAJCT-03/05
FIPS 197

2.3

Freedom of Information Act 1996
Occupational Health and Safety Administration (OSHA): Occupational
Safety and Health Standards; Definition and Requirements for a
Nationally Recognized Testing Laboratory, I January 2007
OSHA: Occupational Safety and Health Standards; Ionizing Radiation, I
Januarv 2007
OSHA: Occupational Safety and Health Standards; Toxic and Hazardous
Substances: Hazard Communication, I January 2007
Federal Communications Commission (FCC); Radio Frequency
Devices I October 2007
Transportation: Protection of Sensitive Security Infonnation, I Octobcr
2007
Transportation Security Administration (TSA); Protection of Sensitive
Security Information 1 October 2006
TSA; Airport Operator Security: Air Carriers and Commercial
Operators: Current Screeners, I October 2006
TSA; Airport Operator Security: Air Carriers and Commercial
Operators: New Screeners: Qualifications of New Screening Personnel,
I October 2006
Human Factors Design Standard for Acquisition of Commercial Off-theShelf, Non-developmental and Developmental Systems (2003).
Federal Information Processing Standard (FIPS) 197 Advanced
Encrvption Standard CAES)
TSA Security Technology Integrated Program (STIP) Business Rules
Document (BRO), 13Alj@st2007
TSA Security Technology Integrated Program (STIP) Transportation
Security Equipment (TSE), Interface Requirements Document (lRO),
Version 3.11, 14 April 2008
TSA WBI Classified Detection Appendix, Version 2.0, September 23,
2008

NON-GOVERNMENT DOCUMENTS

ANSI C63.16-1993
ANSIIHPS N43.l7-2002

Discharge Test Methodologies and Criteria for Electronic Equipment
(1993)
American National Standard "Radiation Safety for Personnel Security
Screening Svstems Usin<> X-rav."

\VARNING: This record contains Sens
i . Information that is controlled "odeI' 49 CFR parts 15 and 152(). NQ part of tbis
record mil}" be diselo.<;ed to pe-rsonlO without :a "nee
II as def'th.Qd in 49 CFR parts 1S: and IS20. cx<:~pt with the written
permission of the Administrator of the Transportation Sccurit)' Adml
.
or the Secretary of Transportation. Unauthorized
release rnSl)' rostdt in eivil penalty or other a~tioD. For U.S. government agendu, pub c
is governed by 5 IT.S.C. 552 and 49

CFR parts 15 and 1520.

2

SENSITIVE SECURITY INFORMA.TION
EN 55022

IEC 60068-2-64
lEe 61000-4-3
IEC 61000-4-4
IEC 61000-4-5
IEC 61000-4-6
IEC 61000-4-8
IEC 61000-4-11
IEC 61000-6-3

IEEE C95.l-2005
UL310
UL 61010-1

UL 61010A-1

2.4

Limits and Methods of Measurement of Radio Disturbance
Characteristics of Information Teehnology Equipment (Radiated Radio
Freauencv!RF) Emissions).
Environmental Testing, Part 2: Test Methods - Test Fh: Vibration,
Broad-band Random (Di!!ital Control) and Guidance, 28 May 1993
Testing and Measurement Techniques. Radiated, radio frequency,
electromametic field immunity test.
Testing and Measurement Techniques. Electrical fast transientlburst
immunity tes t
Testin" and Measurement Techniques. Surrye immunity test
Testing and Measurement Techniques. Immunity to conducted
dishlrbances, induced bv radio-frequencv fields.
Testing and Measurement Techniques. Power frequency magnetic field
immunity test.
Testin(! and Measurement Techniaues. Volta!!e dios and interruotions.
Electromagnetic Compatibility (EMC). Generic Standards. Emission
Standard for Residential, Commercial, and Light-industrial
Environments, 17 Julv 2006
Safety Leyels with Respect to Human Exposure to Radio Frequency
Electromagnetic Fields, 3 kHz to 300 GHz
Standard for Electrical Quick Connect Terminals. 27 May 2003
Safety Requirements for Electrical Equipment for Measurement,
Control, and Laboratory Use, Part 1: General Requirements, 12 July
2004
Electrical Equipment for Laboratory Use; Part 1: General Requirements,
30 January 2002
International Commission on Non-Ionizing Radiation Protection
(ICNIRP) Guidelines for Limiting Exposure to Time-Varying Electric,
Magnetic, and Electromagnetic Fields (up to 300 GHz). Health Physics
74 (4); 494-522' 1998

ORDER OF PRECEDENCE

In the event of a conflict between the text ofthis document and the references cited herein, the text of this
document takes precedence. Nothing in this document, however, supersedes national and state laws and
regulations unless a specific exemption has been obtained.

WARNING: This record contains Sensitive
ormation that is controlled under 49 eFR parts 15 and 1520. No part of this
~eeol'd may be disclosed to PQl'SOlHl without It "need to krio,
ned in 49 CFR varts 15 and 1520, except with the written
permission of the Administrator of the Transportation Security Administru 0
eeretury of Transportation. Unauthorized
release may result in chil penalt:f or other action. For U,S. govcnuu-ent agcndes, publl.c diselo$u
cd bJ:5 U.S.C. 5:52 nnd 49
CFR parts 15 and 1520.

SENSITIVE SECURiTY INFORMATION
3.0

REQUIREMENTS

3.1

TIER I REQUIREMENTS

3.1.1

System

3.1.1.1

Detection/Imaging

3.1.1.1.1

System Detection

The Concept of Operations for the WBI system encompasses a scenario in which an Image Operator (10)
reviews the WEI scanned image and determines if an anomaly is present. For this reason, detection
performance for the "WBI system" refers to perfonnance corresponding to the overall performance of
WBI imaging and the operator in the loop. The WBI shall (1) image passengers without requiring the
removal of clothing beyond outerwear. Detection performance requirements are as follows:

3.1.1.1.1.1

Explosives

3.1.1.1.1.2

Weapons

14(ml
The WB! System shall 3
of we a ons

3.1.1.1.1.3

Liquids

Other Anomalies

•

.......... """"............... ~~~~~~~~

3.1.1.1.2

_~~ ~~~~~B B~~~~n~~M~~~ ~~~~~ ~~

~

Privacy

TSA policy dictates that passenger privacy is maintained and protected during passenger screening. To
ensure passenger privacy safeguards arc in place, WBI systems win prohibit the storage and exporting of
passenger images during nonnal screening operations. When not being used for nonnal screening
operations, the capability to capture images ofnon~passengers for training and evaluation purposes is
needed. To ensure that image capturing maintains passenger privacy, the WEI will provide two distinct
modes of operation: Screening Modo and Test Mode as defined in 3.1.1.3,1.
During Screening Mode, the WEI shall (6) be prohibited from exporting passenger image data, including
via STIP. During Test Mode, the WEI shall (7) not be capable of conducting passenger screening.
The WBI shall (8) prohibit local storage of image data in all modes.
The WBI shall (9) employ 256-bit encryption for image data in accordance with Federal Infonnation
Processing Standard (FIPS) 197 Advanced Encryption Standard (AES).
WA

d contains Sensitiv<,l Secul'ity Infol'mlltilln tnat is controlled under 49 CFR parts 15 and 1520. No part of this
A "need to know", ns defined in 49 CPR parts 15 and 15:20, 'lxcept with the written
permission of the Administrator of the Transporm
dministtatioD 01' the Se~remry of Transportation. Unauthorized
release may result in civil penalty or other action. F<JI' U.S. !l<Jveromeot agen
.closure I. governed by 5 {1.S.C. 552 and 49
CFR parts 15 and 1520.
record may be disclosed to pe

4

SENSI fIVE SECURITY INFORMitTION
The \VBI shall (10) provide image filters to protect the identity, modesty, and privacy of the passenger.
Enabling and disabling of image filtering shall (11) be modifiable by users as defined in the User Access
Levels and Capabilities appendix.
The WBI shall (12) ensure that images viewed by the 10 are not viewable by the SO.

The WBI shall (13) provide a means for passengers to maintain a line of sight to their divested carry-on
items during the screening process.

Throughput Rate I Capacity

3.1.1.2

The WEI shall (14) have an imaging time of no greater than 10 seconds. Imaging time is defined from
when the scan is initiated until the image is ful1y projected onto the Image Operator Control Panel

(IOCP).
The WBI shall (15) be able to scan passengers with a height of up to at least 195 em. Passenger access to
the WBI imaging area shall (16) be no less than 85 em wide. The WBI shall (17) require passengers to be
no less than 8 em and no more than 120 em from the system in order to complete a scan.
The imaging area of the WEI shall (U~) be dimensioned so that a person, as defmed above, is able to
attain the required poses that the vendor deems necessary for optimal performance without bumping
against any part of the system.

3.1.1.3

General System

3.1.1.3.1

Modes of Operation

3.1.1.3.1.1

Screening Mode

The WBI shall (19) provide a Screening Mode. TheWBI Screening Mode shall (20) be the ~ormal mode
of operation for screening passengers for anomalies.

3.1.1.3.1.1.1 Multiplexing
The WBI system shall (21) provide a means to multiplex images, allowing up to 64 IOCPs to receive
images from up to 64 \VBI systems utilizing the network requirements set forth in section 3.1.1.3.6.

3.1.1.3.1.2

Test Mode

For purposes of testing, evaluation, and training development, the WBI shall (22) provide a Test Mode.
The \VB! Test Mode shall (23) be the sale mode of operation permitting the exporting of image data.
'\lBI Test Mode shall (24) be accessible as provided in the User Access Levels and Capabilities
appendix.
When in Test Mode, the WBI:

•

shall (25) allow exporting of image data in real-time;

•

shall (26) prohibit projection of an image to the IO station;

•

shall (27) provide a secure means for high-speed transfer of image data;

•

shall (28) allow exporting of image data (raw and reconstnwted)"

WAR.!.'\ING: This record contains Sens
curity Information that is contl'olled under 49 CFR parts 15 Jlnd 1520. No part of this
re~ord may be disdo.cd to persons without 11 "ne
" ow", as defined in 49 CFR part. 15 and 1520, except with the written
. 'strlltion or the Secrlltary of TransportathlD. Unauthorized
permission of the Administrator of the Transportation Security
release may re~mlt in civil pellalt~" Or other action. For U.S. government ... gcni<ic~, 'I'><oI1:tli,
eFR parts 15 and 1520.

SENSITIVE SEetJItlT"t INPO~IATION
3.1.1.3.2

Start-Up and Power-Down

The WBI SO station shall (29) have start-up and power-down procedures or functions at the Screening
Operator Station (see Section 3.1" 1.4.1 below) that shall (30), upon completion of start-up, display a login
window.
The \VBI 10 station shall (31) display a login window upon completion of SO Station start-up.
The WBI shall (32) provide messages to the SO and 10 that inform them of the system status.
3.1.1.3.2.1

Cold Start-up

The WBI shall (33) complete cold start-up procedures in five (5) minutes or less from a powered
off/shutdown mode. Powered off/shutdown mode is defined as a state in which a WBI has been turned off
or shutdown, but is still connected to a power source.
3.1.1.3.2.2

Sleep/Standby

The WEI shall (34) complete a Sleep/standby start-up procedure in three (3) minutes or less from
sleep/standby mode. Sleep/standby mode is defined as a power conserving state in which a \VBl has been
turned on but is not fully functional.
3.1.1.3.2.3

Login Process

The WEI 10 station shall (35) require no more than thirty (30) seconds to complete the login process. The
WBI SO station shall (36) require no more than thirty (30) seconds to complete the login process. The
login process is defined as the time from when the TSO enters user infOlmation and password to the time
the ISO is able to scan passengers.
3.1.1.3.2.4

Fault Reset

The ViTBI shall (37) have a fault reset time, after the fault has been corrected, of no more than two (2)
minutes from activation of the system fault reset to ready for operation.
3.1.1.3.2.5

Power~Down

The \VEl shall (38) complete a power-down procedure in five (5) minutes or less. Power-down is defined
as the transition from operational mode to shut-down mode.
3.1.1.3.3

Calibration

If the WBI employs a technology that requires recalibration over time, the system shall (39) employ a
calibration process that culminates in a visible notification to clearly indicate to the SO whether the WBI
system is correctly calibrated and ready/not ready to scan a passenger. The calibration process shall (40)
take place as necessary in order to keep the system accurate to its qualified detection tier. The WBI shall
(41) provide a message indicating to the operator that re-calibration is necessary and shall (42) not allow
passengers to be scanned by the system during the calibration process.
3.1.1.3.4

Emergency Stop

The WBI shall (43) include a physical emergency stop (E-Stop) button with protective guards to prevent
accidental initiation of an emergency stop. An E-Stop button shall (44) be located at the SOCP. When
an E-Stop button is enabled anywhere on the system, the E-Stop location shall (45) be identified on the
SO and 10 stations. Activation of the E-Stop button shall (46) render the WBI incapable of scanning
passengers.

WAR.'1ING: This record contains Sllnsitivll Sllcurity Information that is contl'olllld under 49 CF
s 15 and 1520. No part of this
rQcord may be dl.c1o~ed to persons wlth,')tit a "nj>ed to now", as ,lefined In 49 CF
• Hi and 1520, except witb the written
permission of the Administrator of the Transportation Security Admlnistra
the Secretary of Transportation. Unauthorized
release way result in civil penalty Or other action. For U.S. govcrnm
cndes, public disclosure is governed by 5 CS.C. 552 pnd 49
CFR parts 15 and 1520.
6

SENSITIVE SECURIT'l INfilOR1ffATION
3.1.1.3.5

Lock Down

The WBI system shall (47) have a lock-down mode so that when activated by the SO:
(a) No portion of the system shall (48) move under power.

(b) System shall (49) not allow any passengers to be screened.
(c) System shall (50) not emit scanning source radiation
(d) System shall (51) not disable the display nlonitor or any means of two-way communication.

3.1.1.3.6

Network Interface

The WBI system:
(a) Shall (52) possess an Ethernet network interface equipped with an RJ-45 connector.
(b) Shall (53) support fullJhalf duplex data rates of 10/100 mega-bits per second to support future

requirements.
(c) Shall (54) support Transmission Control Protocol/Internet Protocol (TCP/IP).
3.1.1.3.7

External Interface

3.1.1.3.7.1

SliP Interface

The VlBI shall (55) meet the requirements specified in the Security Technology Integrated Program
(STIP) Transportation Security Equipment (TSE), Interface Requirements Docwnent (IRD), Version
3.11, 14 April 2008 and STIP Business Rules Document (BRD), 13 August 2007.
The \VBI shall (56) comply with the levels ofacccss control as defined in the User Access Levels and
Capabilities appendix.
3.1.1.4

Operator Stations

3.1.1.4.1

Screening Operator Station (SO Station)

The SO station:
(a) shall (57) not interfere with the TSO's visual contact with passengers and their belongings, nor
should it impact a TSO's ability to view the front and back end of the unit.
(h) shall (58) have an activation button to initiate a scan. The activation button, if tethered to the
device, shall (59) provide a minimum of 3 meters of cable length so that the cord does not

interfere with the operator's activities.
(c) shall (60) provide a hard-wired, secure means of communication between 10 and SO. An
audible means shall (61) be provided to communicate anomaly presence and location. A visual
indicator shall (62) provide the SO with notification regarding passenger status. A green status
indicator shall (63) he used to denote when passenger is cleared. A red status indicator shall (64)
be used to denote when passenger requires secondary screening. The SO shall (65) be provided a
means to reset the status indicator. This 10/SO communication shall (66) not be discernible by
others.
3.1.1.4.2

Image Operator Station (10 Station)

The \VEl 10 station shall (67) include an Image Operator Control Panel (IOCP), which consists of the IO
console and any other necessary input devices.
WARNING:
d contains Sensitive Security InforDlation that is contl'olled under 49 CFR p:uts 15 and 1520. No part of tbis
record may be disclosed to
without a «u"",d to know", as defined in 49 CFR p3l"h 15 and 1520, except with the written
permission of the Administratol" of the r
don Security Administration Qr the Secretary of Transportation. Unauthorized
release may result in civil p,-,nalty or other action. }'(W
Illcn! agencies, public diselosurll is governed by S {f.S.C. 552 and 49
em part& 15 and ]520.

7

SENSITIVE SECURITY INFQRJVlATION
The 10 station shall (68) be operable at a distance up to 100m from the WEI system.

3.1.1.4.2.1

loep

The IOep:
(a) shall (69) pennit only authorized users to log on to the system.
(b) shall (70) provide a means to indicate clear or suspect status of a passenger.
(c) shall (71) provide all controls required for the 10 to view images.
(d) shall (72) provide image enhancement tools to have, at a minimum, the following image
processing capabilities, each selectable by a single keystroke to support image review:
(i) Reverse image contrast from full negative to full positive

(ii) Zoom from IX to 4X

3.1.1.4.2.2

loep Display Monitor

The IOCP shall (73) include one or more flat panel color displays each measuring a minimum of 17
inches diagonally.
Mounting for the flat panel displays shall (74) allow the display(s) to be placed directly in front ofthe
user when the user is in his or her nonnal working position. The monitors shall (75) be adjustable so that
the centers of the monitors range from 110 em La 160 em from the surface on which the operator is
standing.
These values are based on a seat height of 60 em and a viewing angle of 65 em. Note that the required
monitor heights can vary as a function ofseat height and viewing distance. A summary oftbe eye height,
viewing distance, and viewing angle variables used in determining momtar height are provided in the
figure below,
Viewing Distance

xin.

Eye Height
69.0 in.

Eye Height

30.0 in.

WAR.I'JING: This record conia

5th pe rcenti Ie

95th percentile

seated female

standing male

a:: 20 max.

.=

0

Center of monitor

lIsltlve SecUflt)' Information that is controlled under 49 eFR parts 15 a.nd 1520. No part of this

..ecl)rd Illa)' be d,.clMed II) p,,"on, Wl

"need to know", a, defined in 49 CFR parts 15 and H20, .,,,cept with tho> written

permission of the Administrator of the Trallspo

Seem'it)' Administration or the Secretary of Trllnsportation. Unauthorized

release may ",sult in civil penalty or other action. For U.S.
CFR parts 15 and 1520.

rnCQt

8

"g~llcie.,

public disclosure III governed by 5 U.S.C. 552 and 49

SENSITIVE SECURITY INFOR~IA'fION
3.1.1.4.2.3

Display Monitor Mounting

ros

The height and location of the IOCP, monitors, seat, and other controls with which
will interface
must be considered together, as they will comprise a single workstation from which the TSOs will
perform their screening tasks.
The monitors and IOCP shall (76) be easily accessible (visually or physically, as appropriate) from both
a standing and seated position within the workstation.
The display monitor mounting method:

(a) shall (77) allow operators to adjust height, tilt, and viewing angle without requiring the use of
tools.
(b) shall (78) allow for continuous adjustment or in increments of no more than 25 mm
(c) shall (79) enable adjustments to be accomplished by a single individual
(d) shall (80) be adjustable to allow a viewing distance from the eye to the display that is not less
than 330mm.
(e) shall (81) be adjustable so that the line of sight from viewer eye level to the center of the screen is
beh:veen 10° and 20° below horizontaL

(f) shall (82) have the capability to tilt displays up or down between _5° and +20°, in 5° increments
or continuously.
(g) sholl (83) be possible to swivel the display by a minimum of 20° to the left or right, in 5°
increments or continuously, to accommodate for varying ambient lighting conditions
(h) shall (84) allow the monitar(s) to be placed directly in front of the user when the user is in his or
her Donnal working position, whether seated and standing.

(i) shall (85) ensure that monitor positions are stable over time once a position has been set. There
should be no sagging, drooping, tilting, etc.

3.1.1.4.2.4

Operator Display

The monitor shall (86) display or indi~ate, at a minimum, the following:

(a) Current operational state of the WBI system.
(b) Present operational state of the scanner
(c) Critical system parameters which state the operation of the scanner and the complete WBI.

(d) Identification of the TO,
(e) System error messages and diagnostic results.
(f) WEI images.

3.1.1.4.2.4.1 Image Quality
The images shall (87) have the resolution necessary for the TSO at the 10 station to visually identify any
anomalies.
The flat panel display shall (88) have a manufacturer's luminance rating ::::: 150 edlm2.

WARNING: This re~
ontains S~nsitive Security Information that is contrQlled under 49 CFR paMs 15 lind 15l0. No paM of this
reeord Dlay be disd".ed to p
without II "nu..d to know", liS defined in 49 CFR parts 15 and 1520, except with the wri~J:l
permission of the Administrator of the
• ortation Securit)' Admiuish'ation Or the SecretaI')' of TranspoMation. Unauthorized
release rna)' result in <:ivil peoalty or other aetion.

CFR parts 15 and 1520.

U.s. government agencies, publie disclosure is gQveJ:"oed by 5 U.S.C. 552 ond 49

SENlSI'l'IvE SECURITY INFORMATION
3.1.1.4.2.4.2 Jitter and Motion Artifacts

The display monitor shall (89) exhibit no perceptible jitter or motion artifacts.
3.1.1.5

Field Data Reporting System

The \VBI:
(a) shall (90) ensure that all data recorded in the Field Data Reporting System (FDRS) is an accurate
record oftbe events required to be recorded, as specified in Appendix:5, and that all data in each
of the tables are captured and correlated throughout.
(b) shall (91) collect FDRS data related to system events specifically defined for WBI in the Security
Technology Integrated Program (STIP) Transportation Security Equipment (TSE) Interface
Requirements Document, Version 3.11, 14 April 2008, Section 2.4.1.
(c) shall (92) collect FDRS data as identified in Appendix B.

(d) shall (93) display FDRS reports identified in Appendix E on the 10 monitor.
(e) shall (94) provide User Access data according to the access levels defined in the User Access
Levels and Capabilities appendix.
(f) shall (95) make FDRS raw data available for downloading.
(g) shall (96) make FDRS data reports available for downloading,
(h) shall (97) provide internal storage so that data elements (as defmed in Appendix B) are stored for

a minimum of one (1) year without being overwritten.
3.1.1.5.1

Data Storagerrransfer

The WBI system shall (98) provide capabilities for data transfers via USB devices. These devices shall
(99) provide connectivity to download FDRS data as described in 3.1.1 j and to uploadldmvnload a user
database as defined in 3.1.11.2, A high capacity read/write drive shall (l00) be installed to pennit data
uploads and downloads, All necessary softv/are drivers and operating system services to support the data
collection devices shall (101) be preinstalled and preconfigured.
3.1.1.6

Operational Test Kit (OTK)

The vendor shall (102) provide an OTK that wiIi validate the WBI is operating as required.
3.1.2

Electrical

The \VBI:
(a) shall (103) be capable of operating on commercially available 110 VAC, 220 VAC, or 480 VAC
power at 60 Hz with a +/- 15% voltage tolerance and up to a +/- 10% variance in frequenoy, at no
more than 20 amp service for 110 VAC, 10 amp for 220 VAC, or 5 amp for 480 VAC.
(b) shall (104) route the power and data cables (if applieable) to floor level.

(c) shall (l 05) meet the input power requirements defined in Appendix D, TSA Operational Power
Requirements,
3.1.2.1

Uninterruptible Power Supply

The WBI system shall (106) include an UninternIptible Power Supply (UPS) to ensure automatic,
orderly, and safe shut-down ofWBI system equipment and to preserve data in the event ofloss of
WARNING:
rd contains Sensitive Security Information that is controlled under 49 eFR parts 15 and 1520. No part of this
record may be disclosed
ns with.,ut " "need to lmow"', 9S defined in 49 CFR parts 15 and 1520, except with the written
permission of the Administrator of t
S ortation Secudty Admilli~tratilJn or the Secretary of Tnm~portation. UDlluthonzed
.S. goverllmellt agencies, public disclQsure is governed by ;; U.s.C. SS2 and 49
Telease may result in civil penalty I,Ir other acti.;m.
CFR parts 15 and 1520.

10

SENSlIIvE SECORII i' INFORMAIION
electrical power. The UPS shall (107) provide an indicator to the operator when running on UPS power
and shall (108) provide an indicator to the operator when the UPS battery requires replacement.

3.1.3

Physical

3.1.3.1

Floor Loading

The total floor loading of the WEI system shall (109) not exceed 416.04 kg/m2 (85 Ibs/ft') based on the
actual foot print dimensions. The point load (concentrated load) shall (110) not exceed 453.59 kg over a
193.55 cm square (1,000 Ibs over a 30 in square) floor area. The vendor shall (111) indicate the number
of support legs and pad size including the maximum actual load in pounds-per-square·in (psi) per leg.

3.1.3.2

Scanner

3.1.3.2.1

Footprint

Thc WEI system footprint shall (112) be less than 4 square meters.

3.1.3.2.2

Orientation

The WEI system shall (113) be configurable so that passengers may face left or right in relation to the
entrance during scanning.

3.1.3.2.3

Height

The WEI system height shall (1 14) be less than 3 m.

3.1.3.2.4

Width

The \VBI system width shall (115) be no greater than 2.25 m.

3.1.4

Identification Markings

3.1.4.1

Identification Information

The WEI system shall (116) identify the following information (which shall (117) is located to be
readable without disassembly of any hardware):
(a) Manufacturer name.
(b) Model.
(c) Unique serial number.

3.1.4.2

Permanency and Legibility

Direct identification marking and identification plates, tags, or labels used shall (118) be as permanent as
the life expectancy of the item and shall (119) be capable of withstanding the environmental tests and
cleaning procedures specified for the item to which it is affixcd. Legibility shall (120) be understood to
mean that which allows ready human or machine readability, as applicable. Information contained on
identification plates shall (121) be displayed in a color that contrasts to the color of the surface of the
plate. Identification tag marking, when used, shall (122) be permanent to the extent required for use of the
item. The minimum text character height shall (123) be 2.54 mm (0.1 inch).

3.1.5

Environmental

3.1.5.1

Operational Environment

The WEI shall (124) be capable of operating between 0° and 32° Celsius (32 0 and 89.6° Fahrenheit) and
10% to 80% relative non~condensinghumidity, without affecting: pcrfonnance.
,

" . This record contains Sensitive Seeuri(y Information tbat is

record may be

permission of

IS

th~

creon:!! without a "need to Imow",

Administrator

0

AS

co~trolled

under 49 CFR parts 15 and 1520. No part of this

defined in 49 CFR puts 15 nod 1520, ll'xcept with the

Wl'ittl"h

ansportation Security Administration or the Secretary of Transportation. Unauthorized

release ma:y result in civil penalt)" or other action.

overnment agencies) publk disdosure is g<Jverned by 5 U.s.C. 552 nnd 49

CFR parts 15 and 1520.
11

SENSI1TVE 8ECBRITY INFOltJ\1lA I'ION
3.1.5.2

Storage Environment

The WBI system shall (125) be capable of storage between -7°C and 49 °C (19.4 of and 120.2 OF) and
10% to 98% relative, non-condensing humidity The WBI sholl (126) be capable of storage under these
conditions for not less than 12 months, without resulting in any temporary or pennanent degradation of
WEI performance or appearance.

3.1.5.3

Vibration Immunity

System function degradation resulting from low-frequency (low frequency vibration will be defined from
0.1 to 30 hertz) vibration typically stemming from airport terminal sources (e,g., aircraft
departures/landings, heavy foot traffic, electric carts, large heating, ventilation and air conditioning
(HVAC) systems, subfloor bag conveyors, and outdoor truck traffic) shall (127) be prevented by
compliance with IEC 60068·2-64, Environmental Testing. Part 2: Tests -- Test Fh: Vibration, Broadband
Random and Guidance, or equivalent test type.

3.1.6

Electromagnetic Compatibility

The WEI system:
(a) shall (128) comply with ANSI C63.16-1993, Discharge Test Methodologies and Criteria for
Electronic Equipment in the following aspects:
(i) Section 9.4 Contact Discharge at 2 kV and 4 kV.

(ii) Section 9.3 Air Discharge at 2 kV, 4 kV and 8 kV.
(iii) Assuming 8 to 10 equipment discharge test points plus coupling planes, positive and negative
discharge wavefonn polarities.
(b) shall (129) comply with lEe 61000-4-3, Testing and Measurement Techniques. Radiated, radiofrequency, electromagnetic field immunity test in the following aspects:

(i) 10 V/meter, 80 MHz to 1 GHz.
(ii) Four sides of Equipment Under Test (EUT), 1% steps, 2.8 sec. dwell. .AM Mod., 80%, 1 kHz.
(iii) Perfonnance Criteria A.

(c) shall (130) comply with IEC 61 000-4~4, Testing and Measurement Techniques. Electricalfast
transient/burst immunity test in the following aspects:
(i) Alternating Current (Ae) and Direct Current (DC) power ports at O.5kV, lkV, and 2kY.
(ii) Signal lines over 3 mat 0.25 kV, O.5kV and lkV.

(iii) Performance Criteria B.

Cd) shall (131) comply with LEC 61000-4-5 Testing and Measurement Techniques. Surge immunity
test in the following aspects:
(i) AC power port at 2kV line to earth, lkV line to line at 0,90 and 270 deg.
(Ii) DC power ports at 0.5 kV line to earth, 0.5 kV line to line.
(iii) Signal lines over 30 m at 1 kV line to earth.
(iv) Positive and negative polarity, 5 surges per mode of appearance.
(v) Perfonnance Criteria A.

ow ARc'iING:

This record contains Sensitive Security Information that is cnntrolled under 49
parts 15 and 1520. No part of this
record may be disdosed to persons without a «need to know", as defined in 49 C
llrts 15 llnd 1520, ""c"pt with th" written
pcrmissian of the Administrator of tbe TransportatioD Security Administrll'
1)1' the Secretnry of Transportation. 'Unauthorized
reI""•• may ...,sult in <:i,'ll penalty or other action. For U.S. gov"rnm
eneies, public disclQsure i. governed by :; U.S.C. 55Z and 49
CFR parh 15 and 1520.

12

SEN8J:fI,rE SECURITY INFORl\ltA fION
(e) shall (132) comply with IEe 61000-4-6, Testing and Measurement Techniques. Immunity to
conducted disturbances, induced by radio1requency fields in the following aspects:
(i) 10 Vnns, 150 kHz to 80 MHz.

(ii) Power ports and signal lines over 3 In, 1% steps, 2.8 sec. dwell.
(iii)Performance Criteria A.
(f)

~'hull (133)

comply with lEe 61000-4-8, Testing ~ind Measurement Techniques. Powerfrequency
magnetic field immunity test in the following aspects:

(i) 30 Aim, 50 or 60Hz.

(ii) Performance Criteria A.
(g) shall (134) comply with IEe 61000-4-11 Testing and Measurement Techniques. Voltage dips and
interruptions in the following aspects:
(i) 30% reduction for 0,5 periods (lO ms), Perfonnance Criteria B.
(ij) 60% for 5 periods (100 ms), Performance Criteria C.

(iii) 60% for 50 periods (1 sec), Perfonnance Criteria C.

(iv) 95% for 250 periods (5 sec), Performance Criteria C

3.1.6.1

Personal Electronic Devices

A Personal Electronic Device (PED) is defmed to include any PED, which in the user non-operational
mode utilizes electl"Onic circuitry to maintain computer clock and data storage functions. An unpowered
PED is defined to include any PED, including FLASH memory devices, which in the user nonoperational
mode utilizes electronic circuitry to maintain computer clock and data storage functions. The WBI system
vendor shall (135) provide a report indicating that the WBI system unit has, at a minimum, undergone
testing in accordance with the European Committee for Electro-technical Standardization (CENELEC)
Standard EN 55022, Limits and Methods of Measurement of Radio Disturbance Characteristics of
Information Technology Equipment (Radiated RF Emissions), or equivalent test type.

3.1.7

Human Factors

Note: Reference the human factors standards in DOTJFAAJCT-03/05 HF SID.OOl ~ Human Factors
Design Standard: Acquisition of Commercial Off-the-SbelfSubsystems, Non-Developmental Items, and
Developmental Systems (2003) for the following requirements.
All \VBI components with a user interface:

(a) shall (136) be operable by TSOs meeting personnel requirements specified in 49 Code of Federal
Regulations (CFR) Parts 1544.403 and 1544.405 in terms of auditory and visual acuity, dexterity,
English proficiency, and educational level (high school diploma, General Educational
Development (QED), or a combination of education and experience).
(b) shall (137) use a graphical user interface (QUI) that is viewable on the \VBl display monitor and

controlled through the IOCP.
(c) During utilization of the WEI:

em

WAR.'UNG: This record contains Sensitive Security Information t
• controlilld under 49
parts 15 and 15l0. No part of this
record may be disclosed to persons without a "need to
, as defined in 49 (,}<'R parts 15 lind 1520. except with the written
ecority Administration or tbe Secretary of Transportation. Unauthorized
permission of the Administrator of tbe Transport
relell'. rna)' result in civil penalt)· or other
n. For U.S. government lIgendes, publi~ disclosul"e is governed hy 5 lUte. 552 lind 49
CFR parts 15 nod 1520.
13

-SENSITIVE SECURIT"'lINFORMA'I'ION
(i) The system shall (138) take no more than one (1) second from the time that a soft key or icon

is selected to the time the action is complete, or the operator receives feedback that the soft
key or icon was successfully selected.
(ii) Labels, icons, and colors shall (139) be used consistently across displays.
(iii) Key strokes shall (140) not be buffered.
(iv) The system shall (141) display a message or icon (such as an hourglass icon) to indicate
when the system is busy processing an operator-initiated or machine-initiated command.
(v) If the same function keys or icons are available on more than onc screen, then those functions

shall (142) appear in the same location across screens.
(vi) The system shall (143) indicate when a function or mode has been activated or deactivated on
any screen or console. Functions are activated by command from the control panel. Modes
are changed via menu selection.
(vii)

Function keys and icons shall (144) be assigned a single function to the maximum extent

practicable.
If an action requires the use of an embedded menu system or a multistep process, then
there shall (145) be available at all times a menu selection, key, or icon that allows the
operator to cancel the last action or return to the starting position.

(viii)

3.1.7.1

Noise

Audible noise levels produced by the WEI shall (146) not exceed a time*weighted average of 70 dBA
within 1 m from the WBI system over a 5 minute period.
3.1.8

Regulatory

3.1.8.1

Electromagnetic Emission Safety

The WEI systemshali (147) comply with lEC 61000-6-3, Electromagnetic Compatibility (EMC).
Generic Standards: Emission Standard for Residential, Commercial, and Light~industrial Environments,
17 July 2006.
3.1.8.2

Emission Control

All WBI System radio frequency emissions shall (148) comply with 47 CFR 15, Radio Frequency
Devices.
3.1.9

Reliability, Maintainability, and Availability

3.1.9.1

Reliability

The WBI system shall (149) be designed to meet a minimum of 1000 hours Mean Time Between Critical
Failure (MTBCF) in an airport operational environment. This is calcuLated using a 16 hour duty day.
A oritical failure means that the system cannot be used operational/y. A failure that
prevents the equipment from performing its intended function is considered 8S a critical
failure.
A non-critical failure means that the system can still perform its intended function until the
next scheduled maintenance interval.

W.4.&'iIl"iG: This record contains Sensitive Security Information that is controlled un
record may be dlscl"".d to persons without .. "Rood to know",

CFR parts 15 and 1520.

14

d..fiRed In

eFR parts 15 and 1520. 1"0 part of this

FR part. 15 lind 1520, except with the written
permission of the Administrator of tbe Transportation Security Admini.
on or the Secretary of Transportation. Unauthorized
release may result in civil penalty or other action. }'Qr U.s. govern
agencle., publk di.c1o.ure is governed by 5l.:.S.C. 552 and 49
9S

SENSITIVE SECURITY INFO:R1VIA'I'ION
3.1.9.2

Maintainability

The WBI system shall (ISO) be designed to have a Mean Time To Repair (MTTR) of no! more than 4
hours_ MTTR is defined as follows:
MTTR = Total Aetive Corrective Maintenance Time I Number of Maintenance Actions
3.1.9.2.1

Maintenance Access

The WBI system shall (lSI) have a maintenance access capability that requires no more than 60.96cm
(24in) of external clearance distance for perfonning scheduled or unscheduled maintenance actions. The
maintenance doors shall (152) be either removable or sliding with a key lock and handles.
3.1.9.2.2

Scheduled (Preventive) Maintenance

The WBI system shall (153) have a Mean Time Between Maintenance Action (MTBMA) for scheduled
(preventive) maintenance of not less than seven (7) days. The maintenance manual shall (154) specify all
scheduled maintenance activities and the intervals ofperformance.
The WBI system shall (155) not require any custom tools for the performance of scheduled maintenance_
3.1.9.2.3

Unscheduled (Corrective) Maintenance

The WBI system:
Shall (156) be modular in design to allow easy removal and replacement of failed Line Replaceable Units
(LRUs).

(a) Must provide Built In Testing (BIT) diagnostic capabilities that:
(i) shall (157) initiate on power-up.
(ii) shall (158) monitor system health in a non-interference (background) mode during normal
operations.
(iii) shall (159) capture and report error and failure codes to the FDRS.
(b) Must provide Fault Isolation Test (FIT) diagnostic capabilities that:
(i) shall (160) be manually initiated by the TSO as a result of BIT or other system-generated
error.
(ii) shall (161) identify the failed LRU with at least 90% accuracy.
(iii)shall (162) be at least 98% accurate when isolating the failed component to one of three
LRUs.

(iv) shall (163) report the resultant error or failure codes to the user display and store the resultant
error or failure codes on the system for later retrieval as part of the FDRS.
3.1.9.3

Availability

The WBI system shall (164) demonstrate an inherent availability (Ail threshold of at least 99%.
Availability shall (165) be computed as:
Ai = [MTBF I (MTBF+MTTR)] *100%
Where MTBF is the Mean Time between Failures and MTTR is the Mean Time to Repair.

-----

MTBF = 1 I Failure rate

WARNING: This record con
iti'Vc Secnrit)' Information that is controlled under 49 CPR parts 15 and 1520. .1'\0 part of this
record may be di~dosed to persons withou
to know". lUI df'fined in 49 ern parts Hi llnd 1520, except with th", written
pcrmiillion of the Administrator of the Transportation cc
linistratia» or the Secretary of Transportation. Unauthorized
release ma;y result in civil penalty or otber Rction. For U.S. g()vernment agen,,;
·c disclosure i$ gJ>vcrocd by 5l:.S.C. 552 and 49
CFR parts 15 and 1520.

15

SENSITIVE SECURITY INFORMATION
Failure Rate - Nmnber of failures I Total Operating Hours
3.1.10

Safely

3.1.10.1

General

The WEI shall (166) not expose operators, passengers, or maintenance personnel to hot surfaces over
43.9 degrees Celsius (Ill degrees Fahrenheit).
3.1.10.2

Radiation

The WEI shall (167) comply with ANSIIHPS N43.17-2002 American National Standard - "Radiation
Safety for Personnel Security Screening Systems Using X-ray."
The WEI shall (168) comply with OSHA Standard, 29 CFR 1910.1096, Ionizing Radiation,
I January 2007.
The WEI shall (169) comply with Institute of Electrical and Electronics Engineers (IEEE), C95.1 - 2005,
Safety Levels with Respect to Human Exposure to Radio Frequency Electromagnetic Fields, 3 kHz to 300
GHz, revision ofC95.l-1991 (Active).
The WEI shall (170) comply with International Commission on Non-Ionizing Radiation Protection
(ICNIRP), Guidelines for Limiting Exposure to Time-Varying Electric, Magnetic, and Electromagnetic
Fields (Up to 300 GHz). Health Physics 74 (4): 494-522, April 1988.
3.1.10.3

Electrical Safety

The WEI:
(a) shall (l7l) comply with UL 61010-1, Safety Requirements/or Electrical EqUipment/or
Measurement, Control, and Laboratory Use, Part I: General Requirements, 12 July 2004.
(b) shall (172) comply with UL 61010A-l, Electrical EqUipment/or Laboratory Use, Part 1: General
Requirements, 30 January 2002.
(c) shall (173) comply with UL 310, Standard for Electrical Quick Connect Terminals,
27 May 2003.
These standards are applicable to electrical equipment used in the workplace and require approval or
certification by a National Recognized Test Laboratory (NRTL) listed by OSHA in 29 CFR 1910.7.
3.1.10.4

Ergonomic Safety

The WEI:
(a) shall (174) possess no sharp comers or edges that can puncture, cut, or tear the skin or clothing,
or otherwise cause bodily injury.
(b) shall (175) mount external wires, connectors, or cables in a manner which will prevent trip
hazard, disconnection or damage by operators and passengers through incidental contact.
(c) shall (176) possess no loose covers and cowlings.
3.1.10.5

Hazardous Materials

If hazardous materials are used in the WEI, they shall (177) be identified, including their location and
amount by weight or volume. A complete Material Safety Data Sheet (MSDS) shall (178) be developed
and provided to meet the requirements of29 CFR 1910.1200, OSHA Hazard Communication. The
WARNIN :

contains Sensitive Set:urit)< Information that is controlled under 49 CFR parts 15 and 1520. No part of tbis

record may be disclosed to l'
" hout a "'Med to know", $l.S defined in 49 eFR p:.trts 15 llnd 1520. except ,,,'jth the 'Wl'ittun
permission of the Administrator of the Traosp
.
ecurity Administration or the Secretary of Transportation. Unauthorized
release may result in civil penalty or other action. For U.s. gove
ndes, public disclosure is governed by 5lJ.S.C. 552 ;and 49
CFR parts 15 and 1520.

16

SENSITI¥:E SECIJRITY INFORMATION
hazardous materials ,5hall (179) be packaged or configured to not require the use ofpersonal protective
equipment (e.g., respiratory protection, eye and face protection, hand protection, protective clothing).
3.1.11

Security

3.1.11.1

Physical Security

The units are to be used in areas accessible to the public. The WBI system:
(a) shall (180) provide thlD means to physically protect its sensitive components and controls.
(b) shall (l81) possess highly visible tamper-evident seals or alarms on assemblies that contain

sensitive components!data.
3.1.11.2

Software Access

TheWBI:

(a) shall (182) allow user access, password protection, and capabilities per the User Access Levels
and Capabilities appendix.
(b) shall (183) have a user database with a minimum capacity of 10,000 users. A user database is

defined as the user ID and password combinations to access the system.
(c) shall (lR4) through the use ofa graphical user interface (GUI) or menu, allow the user to encrypt

and export a user database.
(d) shall (185) through the use of a aUI or menu, allow the user to import and decrypt a user
database.
3.1.11.3

Information Technology Security

The WBI system shall (186) address the technology security requirements set forth in Appendix A.

3.2

TIER II REQUIREMENTS

3.2.1

System

3.2.1.1

Detectionltmaging

3.2.1.1.1

System Detection

Detection performance requirements are as follows:
Explosives

3.2.1.1.1.2

Weapons

location

WARNING: This reeo
WI Sensitive Security Iu!ol.'nllttion that is controlled under 49 eFR PSl"ts 15 and 1520. No part o{ this
record may be disclosed to persons'
II "need to know", as defined in 49 ern parts 15 :md 1520, exeept witb tbe written
permission of the Administrator of the TranspOl"
curity Administration or the SecNtllry of Trllnspurtation. Unauthorized
release may result in civil penalty or other action. Fur U.S. gove
encies. public disclosure is governed by 5 US.C. 552 and 49
CFR parts 15 and 1520.
17

SENSITIVE SECURITY INF'ORMATION
3.2.1.1.1.3

Liquids

The WBI System shall (189) produce images to enable an operator to determine the presence and location
ofliquids,

3.3

TIER III REQUIREMENTS

3.3.1

System

3.3.1.1

Detection/Imaging

3.3.1.1.1

System Detection

Detection performance requirements are as follows:

3.3.1.1.1.1

3.3.1.1.1.2

Weapons
..

,

•

•

II

• • • • '"'

•

""

I

C'

C

I

II"

n

I

3.3.1.1.1.3

3.4

OPTIONAL CAPABILITIES

3.4.1

Automated Threat Detection Marking

The WBI system shall (193) provide an automated detection highlighting function in meeting the tiered
detection requirements.
Automated detection highlighting of anomalies shall (194) be coded red.
Automated detection highlighting shall (195) be bounded by a box indicating the location of the anomaly.
The WEI shall (196) provide a means for the 10 to toggle automated detection highlighting on and off.

WARNING: This record contains Sensitive S~ur
ormation that is controlled under 49 CFR parts 15 and 1520. No part of this
r~cord may he disclosed to persons without It "need to kii
defined in 49 CFR parts 15 and 1520, except with the written
permission of the Administrator of the Transportation Security AdlUl
.on or the Secl"-'tary C)f Transportation. Unauthorized
. ·.closure i. governed by :5 U.S.C, 552 and 49
relMse may I"<!sult bt cMI peno.lty or other action. For U.S. govemment agcndell, p
CFR parts 15 aDd 1520.

18

SENSI flV E SECURITY INF8RMAI'lQN

4.0

VERIFICATION

Unless otherwise specified within this document, verification will be accomplished through inspection,
test, demonstration, and analysis. To support compliance with the requirements in this specification,
inspection, test, demonstration, and analysis will be performed on a WBI that is representative of the
approved production design that has been placed under configuration control.
4.1

TEST AND EVALUATION

Use of the test and evaluation process will assure that a WBI has met the requirements of the WBI
specification, associated interface requirements and control documents, and algorithm description.
Requirements verification will be performed in accordance with the Contract Statement of Work (SO\\l)
and this Specification. All testing will be conducted according to Government-approved test plans, test
cases, and test procedures and will be witnessed by an authorized Government representative.
4.1.1

Developmental Test and Evaluation (DT&E)

Contractor DT&E testing comprises test and evaluation of the engineering design and developmental
process that is conducted by incrementally determining the degree to which functional engineering
specifications are attained. Verification will proceed from the unit level, through integrated verification of
functional areas and interfaces within the complete system, to the complete system, in as near an
operational configuration and environment as practical.
4.1.2

Qualification Testing

The Government will conduct testing to verify compliance to the requirements set forth in this

specification.
4.1.3

Operational Test and Evaluation (OT&E)

The Government will conduct OT&E on production~representative systems to assess operational
effectiveness and suitability when used by representative field TSOs in the intended operational
environment.
4.1.4

First Article Test and Evaluation (FAT&E)

An FAT&E will be performed, as directed by the Government, on the Contractor's first production model
to verify compliance with all technical contract requirements.
4.1.5

Factory Acceptance Test (FAT)

The Contractor will conduct an FAT at the factory on each system prior to delivery. FAT will verify that
each system is manufactured to the Government-approved product baseline, that each system complies
with technical contract requirements, and that no defects from the manufacturing process exist.
4.1.6

Site Acceptance Test (SAT)

The Contractor will conduct an SAT at the site on each system prior to its placement into operation. SAT
will verify that each system is properly installed and configured, and that no defects remain from the
transportation and installation processes.

WARNING: This record contains Sensitive
. Information that is controlled under 49 CFR parts 15 and 1520. No part of this
record may be disdos.::d to persons withnut a "need to
." s defined in 49 eFR parts 15 and 1520, except with the written
. n or the Secretttry of Transportation. Unauthorized
permission of the Administrator of tbe Transpnrtation Security Adnn
Nlease ma}' result in chil penaln' or other action. For U.s. government agencies, po
.
sure is goverOlld by 5 IJ.S.C. 552 and 49
eFR parts 15 and 1520.

19

SENSITIVE SECURB l' Il'iiFORMAlION
4.1.7

Continuous Assessment

The Government will perfonn continuous assessment of fielded WBI systems to verify operational
effectiveness, suitability, reliability, and availability of the equipment. Continuous assessment will
include collection of data from fielded WBr for the purpose of assessing field perfonnance over time.

4.2

VERIFICATION METHODS

All WEI development will undergo test and evaluation to verify that the WEI meets system specification
requirements. The verification methods (analysis, demonstration, inspection, and test) described below
are mandatory for WBI requirements verification.

4.2.1

Analysis

4.2.1.1

Hardware

Hardware analysis will encompass any or all of the following:
(a) Engineering analysis is an engineering design function comprising study, calculation, or
modeling of the known or potential failure modes and the reactions or interactions of the
specified parts, materials, and the design configuration with the known function, performance
and/or probable effeets of the operational environments. This analysis is customarily used to
verify margin when it is not desirable to test to failure.

(b) Similarity analysis is a method applied to end-items or components that are identical in
design and manufacturing processes to end-items or components that have previously been
qualified to equivalent or more stringent requirements. This method can be applied to
commercial, off-the-shelf/non-developmental item (COTSINDI) equipment for the same
manufacturer's models, based on tbe manufacturer's engineering specifications. For
COTSINDI equipment, the use of manufacturer's published materials that contain test
conformance information relating to materials construction, commercial reliability test data,
intemal performance capabilities, and environmental conditions (heat, power consumption,
etc.) are acceptable.
(c) Validation of records analysis is a metbod of verification wherein manufacturing records are
used to verify the compliance of concealed construction features or processes of
manufacturing (e.g., Contractor items). This method will be applied to COTS equipment for
the same manufacturer's models based upon the manufacturer's engineering specifications.

4.2.1.2

Software

Software analysis will encompass the processing of accumulated results and conclusions to provide proof
that the verification of requirements has been accomplished. The analytical results may be composed of
interpretation of existing infonnation or derived from lower level tests, demonstrations, analyses, or
examinations.

4.2.2

Demonstration

The demonstration method of verification is used to indicate a general "pass/fail" condition.

4.2.2.1

Hardware

Hardware demonstration will detennine, by observation, the qualitative characteristics of end-item or
component properties. Demonstration will require no special test equipment or instruction to verify
characteristics such as operational perfonnance, human engineering features, service, access features, and
transportability.
s record contains Sensitiyc Secu.ritJ Information that is controlled under 49 CFR pans 15 and 1520. No part of tbis
record may he disclOSE:
"thout a «o.::cd to know", as defined in 49 CFR parts 15 and 1520, except with the written
permission of the Administrator of the Transpo
Administration or the Secreta¥)' of Transportation. Unauthorized

20

SENSITIVE SECURITY INFORMATION
4.2.2.2

Software

Software demonstration will determine compliance ""ith requirements (e.g., the proper response at a site
as a result of a specified interrogation or command to be processed by the program) through observation
of functional operation. Demonstration will be used primarily for activities where data gathering is not
appropriate, such as display image verification.
4.2.3

Inspection

4.2.3.1

Hardware

Inspection ofhardware will comprise verifying physical characteristics to determine compliance with
requirements without the use of special laboratory equipment, procedures, items, or services. Inspection
will verify workmanship, physical condition, construction features, and docwnentfdrawing compliance.
For COTSfNDI hardware, use of manufacturer's published materials that contain test conformance
information such as commercial reliability test data, safety regulations, or other Government standards
and licensing, as applicable, are acceptable.
4.2.3.2

Software

Inspection will consist of an examination that comprises review of software source and object listings to
verifY compliance with software documentation, technical requirements, coding standards, and
verification of the implementation of required algorithms.
4.2.4

Test

4.2.4.1

Hardware

Hardware testing will verifY hardware performance during or after the controlled application of functional
and/or environmental stimuli. The test equipment required for verification will be calibrated and kept in
proper working condition. Any test hardware or software used will be documented, validated, and kept
under configuration control.
4.2.4.2

Software

Software testing will employ technical means, including evaluation of functional operation by use of
special equipment or instrumentation, software and/or simulation techniques, to determine compliance of
the system with requirements. Data derived from software testing will be reduced for analysis of
software/system performance under the test specified. Test equipment required for verification will be
calibrated and in proper working condition. Any test hardware or software will be documented, validated,
and under configuration control.
VERIFiCATION REQUIREMENTS TRACEABILITY MATRIX

4.3

The Verification Requirements Traceability Matrix (VRTM) shown in Table I defines the verification
method to be used to validate each WBI specification requirement. Formal verification tests will
encompass the following range of conditions, when applicable:
•

Normal data flow or condition.

•

Minimmn and maximum conditions.

•

Below minimum and above maximum conditions.

•

System failures and recovery.

\V ARNING: This record con
sltive Secllrit)· Information that lJi contl'olled unde.· 49 ern parts 15 and 1520. 1'0 part of tbl~
record may be disclosed to persons w.t
"need to know", as defined in 49 CFR parts 15 lind 1520, except with the written
permission of tbe Administrator of the TraDsporta
urlty Administration or the Secretary of Transportation. Unauthorized
release may result in civil penalty or other action. For {l.S. ~over
a cndes, public disclosure is goyerned by !ilf.S.C. 552 and 49
CFR part'& 15 and 1520.

21

SENSITiVE SECUttlTV IN'FORlVIAllON

TABLE I. Verification Rennirements Traceabilitv Matrix

-

Req.#

Paragraph
Number

Paragraph Title

FAT&E

FAT

SAT

1

3.1.1.1.1

System
Detection

D

D

D

2
3
4

31.1.1.1.1
31.1.1.1.2
31.1.1.1.3

A
A
A

X
X
X

X
X
X

Q-T
Q-T
Q-T

5

3.1.1.1.1.4

A

X

X

Q-T

6
7
8
9
10
II

3.1.1.1.2
3.11.1.2
3.1.1.1.2
3.1.1.1.2
3.1.1.1.2
3.1.1.1.2

Explosives
Weapons
Liquids
Other
Anomalies
Privacy
Privacy
Privacy
Privacy
Privacy
Privacy

D

X

X

D

X

X

D

X

X

I

X
X

X

12
13

3.1.1.1.2
3.1.1.1.2

Privacy
Privacy

14

3.1.1.2

15

D
D

D

D

X
D
D

I

D
I

Throughput
Rate I Capacity

T

X

X

3.1.1.2

Throughput
Rate I Capacity

1

X

X

16

3.1.1.2

Throughput
Rate I Capacity

I

X

X

17

3.1.1.2

Throughput
Rate I Capacity

D

X

X

18

3.1.1.2

I

X

X

19

3.1.1.3.1.1

D

X

X

20

3.1.1.3.1.1

D

D

X

21
22
23
24
25

3.1.1.3.1.1.1
3.1.1.3.1.2
3.1.1.3.1.2
3.1.1.3.1.2
3.1.1.3.1.2

D
D
D

X

D

D
D

D
D

D
D

X
X
X
X

Throughput
Rate I Capacity
Screening
Mode
Screening
Mode
Multiplexing
Test Mode
Test Mode
Test Mode
Test Mode

Remarks

I

WARNING: This

talns Sensitive Secur!!')' Information that is controlled under 49 CFR parts 1S and 1520. No part of tbis
a "need to know", as defined in 49 CFR parts 15 llnd 1520, except with the written
permission of the Administrator of the TraDsporta
rity Administration or the Secretary of Transportation. Unauthorized
record may be dis.dos:ed to perf;(jns

rltlease may result in civil penalt;r or other action. For U.s. governm

des, publie

di~clt'\lmre is

governed by 5 U.S,C. 552 and 49

CFR parts 15 and 1520.

22

-

SENSITIVE SECURITY INFORMAl ION
D
D

D
X

X
X

D

D

X

Start-up and
Power-Down

D

D

X

3.1.1.3.2

Start-up and
Power-Down

D

D

X

31

3.1.1.3.2

Start-up and
Power-Down

D

D

X

32

3.1.1.3.2

Start-up and
Power-Down

D

D

X

D
D
D
D
D
D
D
D
D
D
I
I
I
D
D
T
T
T
T

D
D
D
D
D
D
D
D
D
D
I
I
I
D
X
T
X
X
T

X
X
X
X
X
X
D
D
D
D
X
X
X
D
X
X
X
X
X

I

I

X

A

X

X

26
27

3.1.1.3.1.2
3.1.1.3.1.2

28

3.1.1.3.1.2

Test Mode
Test Mode
Test Mode

29

3.1.1.3.2

30

33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53

Cold Start-up
3.1.1.3.2.1
Sleep I Standby
3.1.1.3.2.2
Login Process
3.1.1.3.2.3
Login Process
3.1.1.3.2.3
3.1.1.3.2.4
Fault Reset
3.1.1.3.2.5
Power-Down
3.1.1.3.3
Calibration
3.1.1.3.3
Calibration
Calibration
3.1.1.3.3
3.1.1.3.3._- ......_.._..Calibration
_E-Stop
3.1.1.3.4
3.1.1.3.4
E-Stop
E-Stop
3.1.1.3.4
E-Stop
3.1.1.3.4
3.1.1.3.5
Lock Down
3.1.1.3.5
Lock Down
3.1.1.3.5
Lock Down
3.1.1.3.5
Lock Down
3.11.3.5
Lock Down
Network
3.1.1.3.6
Interface
Network
3.1.1.3.6
Interface

54

3.1.1.3.6

Network
Interface

A

X

X

55

3.1.1.3.7.1

STIP Interface

A

X

X

--_._._....

W AID
cord contains Sensitive Securit.,.. Information that is controlled under 49 CFR parts 15 and 1520. No part of this
recurd may be disdo&(: '0
ithout R «need to know", lUI defined in 49 CFR parts 15 ..nd 1520, o.'I;ccpt with the written

permission of the Administrator of the Tr9ll.
.
Secu.riQ' Admin.istration Qr the Secretary of' Transportation. Unauthorized
ule.ase may result in civil penalt)' or other 3l.:tion. For U.S. go,'e
<:fench~$, public dbdQ.$lue is g.. . "erned by S LS.C. 552 and 49

CFR parts 15 and 1520.

23

--

SENSII I vI!: SECURI'FY INFORMATION
X

X

SO Station

A
I

I

I

3.1.1.4.1

SO Station

I

I

X

59

3.1.1.4.1

SO Station

1

X

60

3.1.1.4.1

SO Station

I

X
X

X

61

3.1.1.4.1

SO Station

D

D

D

62

3.1.1.4.1

SO Station

D

D

D

63

3.1.1.4.1

SO Station

D

D

D

64

3.1.1.4.1

SO Station

D

D

D

65

3.1.1.4.1

SO Station

D

D

D

66

3.1.1.4.1

SO Station

D

D

D

67

3.1.1.4.2

IO Station

I

X

X

68

3.1.1.4.2

IO Station

D

X

X

69

3.1.1.4.2.1

IOCP

T

X

X

70

3.1.1.4.2.1

IOCP

D

X

X

71

3.1.1.4.2.1

IOCP

D

X

X

72

3.1.1.4.2.1

IOCP

D

X

X

73

3.LL4.2.2

IOCP Display
Monitor

I

X

X

74

3.1.1.4.2.2

IOCP Display
Monitor

I

I

I

75

3.1.1.4.2.2

IOCP Display
Monitor

I

I

I

76

3.1.I .4.2.3

D

D

D

77

3.1. 1.4.2.3

D

D

D

78

3.1.I.4.2.3

T

X

X

79

3.1.1.4.2.3

D

X

X

80

3.1. 1.4.2.3

T

X

X

56

3.1.13.7.1

STIP Interface

57

3.1.1.4.1

58

Display
Monitor
Mountino
Display
Monitor
Mountino
Display
Monitor
Mountino
Display
Monitor
MountinQ
Display
Monitor
Mountin a

--~~~
W.4.R.."JING: This record contam

C-C

. ·ve Securif.)· Information that is controlled under 49 eFR parts 15 and 1520. :Ko part of this

record may be disclosed to persons without

:1\

know'"'' as defined in 49 CFR parts 15 and

1520~

except with the written

permission of the Administrator of the Transportation Secul')
. 'stration or the S"t:rl.l:tary of Transportation. 1lnlluthorb:ed
. disclosure is governed by 5 U.S.C. 552 and 49
release m9Y result in civil penalt:r or other action. For U.S. govel'oment agenclc •

CFR parts 15 and 1520.

24

SENSITIVE SECURITY INFORl\IATION

T

X

X

T

X

X

T

X

X

D

D

D

I

I

I

I

I

I

I

I

I

X

X
X

I

X

X

Field Data
Reporting
System

D

X

X

3.1.1.5

Field Data
Reporting
System

D

X

X

3.1.1.5

Field Data
Reporting
System

D

X

X

81

3.1.1.4.2.3

82

3.1.1.4.2.3

83

3.1.1.4.2.3

84

3.1.1.4.2.3

85

3.1.1.4.2.3

86

3.1.1.4.2.4

87

3.1.1.4.2.4.\

88

3.1.1.4.2.4.1

89

3.1.1.4.2.4.2

90

3.1.1.5

91

92
.

Display
Monitor
Mountin"
Display
Monitor
Mountinl>
Display
Monitor
Mounting
Display
Monitor
Mountin"
Display
Monitor
Mountin"
Operator
Display
Image Quality

.

Image Quality
Jitter and
Motion
Artifacts

.

93

3.1.1.5

Field Data
Reporting
System

94

3.1.1.5

Field Data
Reporting
System

D

D

X

95

3.1.1.5

Field Data
Reporting
System

D

X

X

D

X

X

WARNlNG: This rcco
. s Sensitive Security Information that is controlled under 49 CFR parts 15 and 1520. No part of this
record may be disclosed to persons
II "'need to know", as defined in 49 eFR parts 15 :lind 1520, except with the written
permission of the Administrator of the Transpo.
'urity Administration or the Secretary of TranSpQTtanon. Unauthorized
release rna)' result in civil penalt~' or other action. For U.S. gover
odes. public disclosure is governed b~; :S (i.S.C. 552 and 49
eFR parts 15 and 1520.

25

SENSITIVE SECURITY INFORl\'1ATION

96

3.Ll.5

Field Data
Reporting
System

D

X

X

97

3.1.1.5

Field Data
Reporting
System

A

X

X

98

3.1.1.5.1

Data Storage I
Transfer

D

D

D

99

3.1.1.5.1

Data Storage I
Transfer

D

D

D

100

3.1.1.5.1

Data Storage I
Transfer

I

I

X

101

3.1.1.5.1

Data Storage I
Transfer

I

X

X

102
103
104
105

3.1.1.6
3.1.2
3.1.2
3.1.2

OTK
Eleetrical
Electrical
Electrical

D

X

T
D

X
X
D

D

T

X

X

106

3.1.2.1

Unintcrruptible
Power Supply

D

I

I

107

3.1.2.1

Uninterruptible
Power Supply

D

D

X

108

3.1.2.1

Uninterruptible
Power Supply

D

X

X

109
110
111
112

3.1.3.1
3.1.3.1

A

X
X
X
X
X
X
X
X
X

X

.

Floor Loading
Floor Loading
Floor Loading
Footprint
Orientation
Height
Width
ID Info.
ID Info.

D

I
I

X
X
X
X
X
X
X
X
X

A
A
I

114
115
116
117

3.1.3.1
3.1.3.2.1
3.1.3.2.2
3.1.3.2.3
3.1.3.2.4
3.1.4.1
3.1.4.1

118

3.1.4.2

Permaneney
and Legibility

A

X

X

119

3.1.4.2

Permanency
and Legibility

T

X

X

113

w~.a

I
I

,iii,.

.
Security Information that is controlled nnder 49 CFR part' 15 and 1520. No p.rt of thi,
record rna)' be disclo,~ed to persons witiiOih~ed to know", as defined in 49 eFR parts 15 and 1520, except with the \'l'l'itt"'D
permission of the Administrator of the Transportation
. . Administration or the Secretary of Transportation. UnauthQood
release may result in civil penalt)-° or other action. For U.S. governm
des. public disclosure is governed by 5 U.s.c. 552 and 49
CFR parts 15 and 1520.
26

SENSITIVE SECURITY INFORMATION
120

3.1.4.2

Permanency
and Legibility

A

X

X

121

3.1.4.2

Permanency
and Legibility

I

X

X

122

3.1.4.2

Permanency
and Legibility

A

X

X

123

3.1.4.2

Permanency
. and Legibility

I

X

X

124

3.1.5.1

Operational
Environment

A

X

X

C-C

125

3.1.5.2

Storage
Environment

A

X

X

C-C

126

3.1.5.2

Storage
Environment

A

X

X

C-C

127

3.1.5.3

Vibration
Immunity

A

X

X

C-I

128

3.1.6

Electromagnetic
Compatibility

A

X

X

C-I

129

3.1.6

Electromagnetic
Compatibility

A

X

X

C-I

130

3.1.6

Electromagnetic
Compatibility

A

X

X

C-I

131

3.1.6

Electromagnetic
Compatibility

A

X

X

C-I

132

3.1.6

Electromagnetic
Compatibility

A

X

X

C-l

133

3.1.6

Electromagnetic
Compatibility

A

X

X

C-l

134

3.1.6

Electromagnetic
Compatibility

A

X

X

C-l

135

3.1.6.1

PED

A

X

X

C-I

136

3.1.7

Hwnan Factors

A

X

X

137

3.1.7

Human Factors

D

X

X

138

3.1.7

Human Factors

T

X

X

139

3.1.7

Human Factors

1

X

X

140

3.1.7

Human Factors

D

X

X

141

3.1.7

Human Factors

1

X

X

WARI
l.'d contains Sensitive Seeurit)' Information that is controlled under 49 CFR parts 15 and 1520. I'."o part of this
record may be disclosed to
. Gut 9. "need to know", as defined in 49 CFR parts 1$ and 1520, except with the written
permission of the Administrator of the Transpo'
ucity Administration or the Secretary of Transportation. lJnauthorized
release may result in civil penalt~' or other action. For U.S. goverum
ublic disclosure is 20verned by 5 V.S.C. 552 and 49
CFR parts 15 and 1520.

27

--

SENSITIVE SECURITY INFORMATION

143

3.1.7

Human Factors

]

144

3.1.7

Human Factors

]

145

3.1.7

Human Factors

D

X
X
X
X

146

3.1.7.1

Noise

T

X

X

147

3.1.8.1

Electromagnetic
Emission Safety

A

X

X

C-I

148

3.1.8.2

149

142

3.1.7

Human Factors

]

X
X
X
X

A

X

X

c-]

3.1.9.1

Emission
Control
Reliability

A

X

X

C-C

150

3.1.9.2

Maintainability

A

X

X

C-C

151

3.1.9.2.1

Maintenance
Access

I

]

X

152

3.1.9.2.1

Maintenance
Access

]

X

X

153

3.1.9.2.2

Scheduled
Maintenance

A

X

X

154

3.1.9.2.2

Scheduled
Maintenance

A

X

X

ISS

3.1.9.2.3

Scheduled
Maintenance

A

X

X

156

3.1.9.2.3

Unscheduled
Maintenance

]

X

X

157

3.1.9.2.3

Unscheduled
Maintenance

D

X

X

158

3.1.9.2.3

Unscheduled
Maintenance

D

X

X

159

3.1.9.2.3

Unscheduled
Maintenance

D

X

X

160

3.1.9.2.3

Unscheduled
Maintenance

D

X

X

161

3.1.9.2.3

Unscheduled
Maintenance

T

X

X

162

3.1.9.2.3

Unscheduled
Maintenance

T

X

X

163

3.1.9.2.3

Unscheduled
Maintenance

D

X

X

1.64

3.1.9.3

Availability

A

X

X

C-C

,
cord contains Sensitive Securit)' Information that is controlled under 49 eFR parts 15 and 1520. No part of this
record may be disclose 0 p
" out a "need to know", as defined in 49 CFR parts 15 and 1520, except with the written
permission of the Administrator of the Transpor
. Administration or the Secretary of Transportation. Unauthorized

release rna:)' result in civil penalty or other action. For U.S. government a '
eFR parts 15 nnd 1520.
28

ic disclosure is governed by 5 LS.C. 552 and 49

SEl"SI'fIVE SECURITY INFORMATION
165

3.1.9.3

Availability

A

X

C-C

X

X
X
X

166

3.1.10.1

General

T

T

167

3.1.10.2

Radiation

A

168

3.1.10.2

Radiation

A

X

X

C-]

169

3.1I0.2

Radiation

A
A

X
X

C-]

Radiation
Electrical
Safety
Electrical
Safetv
Electrical
Safetv

X
X

170

3.1.10.2

17l

3.10.1.3

A

X

X

C-I

172

3.10.1.3

A

X

X

c-r

173

3.10.1.3

A

X

X

C-]

174

3.1I004

Ergonomic
Safety

I

I

X

175

3.1.1 004

Ergonomic
Safety

I

I

X

176

3.1I004

Ergonomic
Safety

T

X

X

I77

3.1.10.5

Hazardous
Materials

I

X

X

178

3.1.10.5

Hazardous
Materials

A

X

X

179

3.1.10.5

Hazardous
Materials

I

X

X

180

3.1Il.l

I

]

X

181

3.1.11.1

I

I

X

182

3.1.11.2

Software
Access

D

X

X

183

3. I.! 1.2

Software
Access

A

X

X

184

3.1I1.2

Software
Access

D

D

X

185

3.1I1.2

Software
Access

D

D

X

186

3.1.1 1.3

Info. Tech.
Security

A

X

X

187

3.2.U.U

Explosives

A

X

X

Physical
Security
Physical
Security

C-I

C-I

Q-T

WARNIN :
ontains Sensitive Security Information that is ccmtrolled under 49 CFR parts 15 and 1520. No part of this
record may be disclosed to pel'S
"need to know", as defined in 49 eFR parts 15 and 1520. except with thf: written
.
dministraticUl or tbe Secretary of Transportation. Unauthorized
permission of the Administrator of the Transporta 0
'j;' disclosure is governed by 5 ·V.S.C. 552 :lind 49
release may result in civil penaJt:r or other action. For U.S. government ag
CFR parts 15 and 1520.

29

SENSITIVE SECURITY INFORMATION
188

3.21.1.1.2

189

3.2.1.1.1.3

190

3.3.1.1.1.1

191

3.3.1.1.1.2

192

3.3.1.1.1.3

193

3.4.1

194

3.4.1

195

3.4.1

196

3.4.1

Weapons
Liquids
Explosives
Weapons
Liquids
Automated
Threat
Detection
Marking
Automated
Threat
Detection
Marking
Automated
Threat
Deteetion
Marking
Automated
Threat
Detection
Marking

Q-T
Q-T
Q-T
Q-T
Q-T

A
A
A
A
A

X
X
X
X
X

X
X
X
X
X

D

X

X

D

X

X

D

X

X

D

X

X

X

X

A

X

X

C-I

A

X

X

C·J

AppendixC
197

n1a

User Access
Levels and
Capabilities

A
Appendix D

Baseline
Voltage and
Current
Distortion
Baseline
Voltage and
Current
Distortion

198

5.1

199

5.1

200

5.2

Power Usage
Profile and
Power Factor

A

X

X

C-J

201

5.3

Maximum
Inrush Current
Ration

A

X

X

C-I

5.4

Steady State
Current
Unbalance

A

X

X

C-J

202

WARNING: This l'ec<lcd contains Sensitive Securit)' Information that is controlled under 49 CF'R parts 15 a
record may be disclOSed to persons without a "need to kno ."

.

parts

5 llnd 1520.

l"~C'~t

with the wJ:;'hte-n

permission of

ransporrntion Seeurit)' Administration or the Secretary of Transportation. Unautbol.'i:«>d

re ease may result in civil penalt)" or other
CFR parts 15 and 1520.

:acrinn~

For U.S. government agencill's. public disclosure is govcl'ocd b}' 5 U.s.C. 552 and 49

30

SENSITIV:E SECURITY INF9RMATION

203

5.4

Steady State
Current

A

X

X

C-I

A

X

X

C-I

Unbalance
204

5.4

Steady State
Current

Unbalance
5.4

Steady State
Current
Unbalance

A

X

X

C-I

5.5

Maximum
Leakage
Current

A

X

X

C-I

207

5.6

Voltage Sag
and Interruption
Withstand
Performance

A

X

X

C-I

208

5.7

A

X

X

C-I

D

X

X

D

X

X

205

206

Unmterruptible
Power Supply

A]>llendix E
FDRSReport
Display

209

1.0

210

1.0

211

1.1

10 Log Report

D

X

X

212

1.1

10 Log Report

D

X

X

213

1.1

10 Log Report

D

X

X

214

1.2

Event Report

D

X

X

215

1.2

Event Report

D

X

X

216

1.2

Event Report

D

X

X

217

1.2

Event Report

D

X

218

1.3

Access History

D

X

219

13

Access History

D

X

X
X
X

FDRS Report
Display

WARNING: This record contains Sensitive Security In or
hat is controlled under 49 CFR parts 15 and 1520. No part of this
record may be disclosed to persons without a "need to know", as e
. 49 CFR parts 15 and 1520, e.'l:cept with the written
permission of the Administrator of the Transportation Security Administration or
retary of Transportation. Unauthorized
....1."'. n"I)"

t'e~ult

In dvll p.nll.lf)" or other ""rion. For U.S. goveJ'nment agende" publ;" dis.Io.Ul·.

eFR parts 15 and 1520.
31

• n.d by ,5 I.tS-C- 552 and 49

SENSITIVE SECURI I'f INFORMATION
LEGEND 1

Remarks
See paragraph 4.2.1
See para,graph 4.2.2
See paragraph 4.2.3

Verification Methods
Analysis
Demonstration
D
Inspection
I
Not verifiable
NV
Test
T
Not aoplicable
X
A

See paragraph 4.2.4

LEGEND 2

c-c
C-I

Q-T

Certifications/Oualifications
Certification bv the Contractor
Certification by an independent evaluator (UL Listing or Equivalent is a certification
~rformed by Underwriter's Laboratories or eCluivalent independent agency)
Qualification by the Government (Transportation Security Laboratory)

W Alli"iING: This A'e<:ord contain~ Sensitive "
formation that is cOntrolled under 49 CFR parts 15 lind 1520. No part of tbis
rocoro may be di.do•• d to persons without" "need to
. de£lll"d in 49 CFR pnrts IS lOnd 1520, "xcept with tbe written
permission of the Administrator of the Transportation Security Admin ~
• or the Secretary of Transportation. Unauthorized
r..,leas", ma~' result in dvil pe"alty Qr other action, For {.J,S. government agencie., pu J
ure is gQYened by ;; {),S.C. 552 auu 49
CFR parts 15 and 1520.

32

SENSITIVE SECURll }' INFORMATION

5.0

AC
A;

ANSI
BIT

BRD
BS
C&A
CBEMA
CENELEC
CFR
COTS
DC
DHS
DISA
DPF
DOT
EMC
EN
E-Stop
EUT
FAA
FCC
FDRS
FIPS
FISMA
FIT

GED
Gill
Hi-SOC
HSAR
HVAC
ICNIRP
lD
IEC
IEEE
10
IOCP
IP
IRD
15S0

IT
ITIC
ITMRA

ITSEC

ACRONYMS

Alternating Current
Inherent Availability
American National Standards Institute
Built-In Test
Business Rules Document
Backscatter
Certification and Accreditation
Computer Business Manufacturers Association
European Committee for Electro-technical Standardization
Code of Federal Regulations
Commercial off the Shelf
Direct Current
Department of Homeland Security
Defense Information Security Agency
Displaced Power Factor
Department of Transportation
Electromagnetie Compatibility
European Standard
Emergency Stop
Equipment Under Test
Federal Aviation Administration
Federal Communications Commission
Field Data Reporting System
Federal Informatioll.:I'rQgeSsing Standard
Federal Information Security Management Aet
Fault Isolation Test
General Equivalency Diploma
Graphical User Interface
High Speed Operational Connectivity
Homeland Security Acquisition Regulation
Heating, Ventilation, and Air Conditioning
International Commission of Non-Ionizing Radiation Protection
Identification
International Electro-technieal Commission
Institute of Electrical and Electronics Engineers
Image Operator
Image Operator Control Panel
Internet Protocol
Interface Requirements Document
Information System Security Officer
Information Technology
Information Technology Industry Council
Information Technology Management Reform Act
IT Security

WAR.'\lNG: ThiS r
tainsSensitive Securit)' Information that is controlled under 49 C.FR parts 15 and 1520. No part of tbis
r€tcord may be di~d(J!;ed to rel"Son
a "need to know", 9.S defined in 49 CFR parts 15 llnd :l5:!O, exc:cpt with the written
permi.ssioh of the Administratur of the Transpor
udty Administrfltion or the Secretary or Transportation. Unauthorized
role9$(, rolA)' result in civil peoa.lty 01' ()thcr action. For V.S. govern
ndes, public:: dbdosure is governed bJ 5 U.S.C. 552 and 49
CFR parts 15 and 1520.

33

SENSITIVE SECURITY INFOR1\iATION

Pd
PED

Line Replaceable Unit
Millimeter Wave
Material Safety Data Sheet
Mean Time Before Failure
Mean Time Between Maintenance Actions
Mean Time To Repair
National Electrical Manufacturers Association
National Institute of Standards and Technology
National Recognized Test Laboratory
National Security Agency
Operator Control Panel
Operating Security
Occupational Safety and Health Administration
Operational Test Kit
Probability of Detection
Personal Electronic Device

PEa

False Alarm Rate

RF
RMS
SO

Radio Frequency
Root Means Square
Screening Operator
Standard
Security Technology Integrated Program
Transmission Control Protocol
Total Hannonic Distortion
Total Power Factor
Transportation Security Administration
Transportation Security Engineering
Transportation Security Laboratory
Transportation Security Officer
Underwriters Laboratory
Unintenuptible Power Supply
Universal Serial Bus

LRU

MMW
MSDS
MTBF
MTBMA
MTTR

NEMA
NIST
NRTL

NSA
OCP

as

OSHA
OTK

STD

STIP

Tep
IHD
IPF
TSA
TSE
rSL
ISO
UL

UPS
USB
VAC

Volts Alternating Current

WBI

Whole Body Imager

WARNING: This record contains Sensitive Security Information that'
ntrolled uuder 49 CFR parts 15 and 1520. No p"rt of this
..ecord may be disclo.ed to p(>l'sons without " "need to 1m
, ". defined in 49 CFR part< 15 and 1520, e:x"ept with the written
permission "f the Administrator of the TranslJorta .
ecurity Administration or the Secretary of Tnmsportation. Unautborized
release may result in civil penalty or other a . . For lJ.S. government agendes, l'ublie disclosure is governed by 5 U.S.C. 552 nnd 49

CFR parts 15 and 1520.
34

SENSITIVE SECURITY INFORMATION

APPENDIX A TECHNOLOGY SECURITY REQUIREMENTS

Preparedfor:
Transportation Security Administration
Security Transportation Deployment Office
January 2008

record~'io~njt'~i""~S~'c~n~"['t'~V~~~~I:n':Oirm~.ti~'o;n~tb~.~t~is~.~o~n;tl~'O;U;Cd~Ulnd!c[rj419iC~'FiR~p~a;r"'~·il~S~a~nd

record may be
dbcluscd to persons without
WARNING:
This

11

"'need to

.,.

$IS

defined in 49 CFR parts 15 and 1520. except
1520.with
1\"0 the
partwritten
of this

permisllion of the Administrator of the Transportation Security Admm

.

Qr the Secretary of Transportathm. llnlluthomed

release may result ill civil penalt:y or other action. For U.S. govCl;nmcnt lIgcndes,. pu 1
CFR parts 15 and 1520.

A-I

nre is goverr)cd hy 511.S.C. 552 aDd 49

-

SENSITIVE SECUIUTY INFORM'ATION
A.1

INTRODUCTION

Due to the TSA's plan for a secure network which will connect thc vast information systems of our
nation's airports, it is necessary to outline information security control requirements to ensure the network
is both secure and effective. In support of the Security Technology Integration Program (STLl') team's
work to achieve this goal through the High Speed Operational Connectivity (Hi-SOC) roll-out, the
Certification and Accreditation (C&A) Assessment team compiled these requirements in the form of an
IT Security (ITSEC) Requirements matrix which applies to all Transportation Security Equipment (TSE).
The points of contact for this effort are as follows:

~orroation System Security Officer (ISSO)
U.S. Transportation Security Administration
701 South 12 th Street
Arlington, VA 22202

.
Phone:. . ~
Email:
hs. ov

A.2

SCOPE

This document covers a subset of the security requirements mandated by DHS and TSA. The complete
set of IT Security requirements can be found in the TSA Management Directive 1400.3 and the DHS
National Security Systems Handbook 4300A This document was created to identify specific
requirements from the full set of sccurity requiremcnts that are directly applicable to the hardware and
software utilized for the TSE being designed and built

A.3

VENDOR REQUIREMENTS

Vendors shall configure their Operating System (OS) and application software by strictly following the
OS Secure Baseline Configuration Guides. All hardware and software systcms shall be secured based on
the TSA IT Security requirements which can be found in the TSA Management Directive 1400.3 and the
DHS National Security Systems Handbook 4300A
Technology Security Requirements are also included in section 6, which provides a guideline to assisting
an implementing the major security requirements. This document provides a reference of many of the
findings that have been identified in past security scans. These requirements are included as guideline
which TSE is required to meet all of the security requirements identified in 1400.3 and the 4300.A TSA
and DHS IT Security Requirements documents. Additionally, TSA will conduct preliminary security
scans (as needed and as requested) and quarterly security scans on the equipment that provides security
reports. This will help the vendor in meeting the security requirements.

A.4

REFERENCES

The following documents were utilized in the development of this set of Systems ITSEC Requirements
for Systems Developers & Administrators:
TSA MD 1400.3

Transportation Security Administration (TSA) Management
Directive No. 1400.3 - TSA Information Security Policy

DHS4300A

Department of Homeland Security Sensitive Systems Handbook
V3.2, October I, 2005

---

"YAR+~ING:

This recur

Sensitive Sf.!(:urity Information that is t'ontrol1ed under 49 CFR parts 15 and 1520. No part of this

record may be disclosed to persons w

ed to know", us defined in 49 CFR parts 15 and 1520, except with the written
Distrntion or the Secretary of Transportation. Unauthorized
other action. For U.S. government agen
. disclosure is govQr-ned by 5 V.S.C 552 Dnd 49
"

permission of the Administrator of the Transportation e '
release may result in civil penalty
CFR parts 15 and 1520.

(H.'

A-2

SENSITIVE SE€URI'f¥ INFORMATION
FIPS 140-2

Security Requirements for Cryptographic Modules ~ December 3,
2002 (Change Notice 2)

Pubtic Law 107-296

Homeland Security Act of 2002 - November 25, 2002

FISMA 2002

Federal Information Security Management Act (FISMA) of2002 November 25,2002

Public Law 104-106

Clinger~Cohen Act

of 1996 Lformerly, Information Technology

Management Reform Act (ITMRA)] - February 10, 1996

HSAR

Homeland Security Acquisition Regulation - December 2003

OS HARDENING/SECURITY REQUIREMENTS

A.5

Original Equipment Manufacturer (OEM) vendors should follow the OS Secure Baseline Configuration
Guides from the following sources and in the following order (i.e., if an as guide is not available under
source i. then go to source ii.):
1.

TSA
as Secure Baseline Configuration Guides available from TSA upon request are:
1.

HP-UX Server Secure Baseline
Linux Server Secure Baseline
Solaris Server Secure Baseline
4.
Windows 2000 Server Secure Baseline
5.
Windows 2003~XP Secure Baseline
Department of Homeland Security (DRS)
National Security Agency (NSA)
2.
3.

11.

iii.
iv.

v.

http://wwvi.nsa.gov/snac/index.cfm?MenuID=scgl 0,3.1
Defense Infonnation Security Agency (DISA)
http://iase.disa.mil/stig§/checkli~t!jp.dex. html
National Institute of Standards and Technology (NIST)
http://osrc.nisi. gOY/pcig/ci g. html

WARNING: This record contains Sens
urlty Information that is controlled under 49 eFR parts 15 and 1520. No part of tbis
record may be diSClosed tu persons without a n
ow", as d..tined in 49 CFR P:ilrts Hi lind 1520. except with the written
permission of the Administrator of the Transportation Securl •
inistration or the Secretary of Transportation. Unautborilllld
t:'clellse roay t:'esult in civil penalty or other action. For U.S. govcl'nment ag
.
ublie disclosure is governed by 5 U.S.c. 552 and 49
erR parts 15 llnd 1520.
A-3

SENSITIVE SECURIrY INFORMl.TION
A.6

SYSTEMS IT SECURITY REQUIREMENTS

*Reference nwnbers apply to this document only.
**A waiver is requested when a rcquirement cannot he met within a reasonable timeframe, hut can be fixed within a near-future timeframe (for
example,6 months to a year).

***An exemption is requested for a requirement that cannot reasonably he fixed ever.

This is something that will either be an unreasonable cost to
fix or fixing the issue would result in the equipment not working and there is no work-around for the fix.

Please fill in the matrix below for the following requirements. If a requirement has been met, please indicate Yes. If the requirement has
not been met, please indicate No and under the Notes section please fill out the reason why. If a requirement is Not Applicable, please
indicate this with Nt A and under the Notes section please fill out the reason why. If requirements cannot be met, please provide a detailed
explanation in either the waiver or the exemption sections of the matrix.
*Reference
Number

AC-t

AC-2

DHSorTSA
Reference
TSAMD
1400.3, v3.lJI,
Chapter 3,
Access Control Section 7
"Passwordsn
Section 3.2.1.
Parts A andL
TSAMD
1400.3, v3.IJI.
Chapter 3.
Access Control Section 7
Control
Category

HPasswordsl~

AC-3

Systems IT Security
Reouirement
Password length shall be a
minimum of eight (8)
characters and a maximum of
15 characters.

Met Requirement
YeslNo or NIA

Notes
No or NIA, Otber

**Waiver
Exolanation

**~Exemption

Exolanation

Passwords shaH contain at
least one of each of the
following: one alphabetic
uppercase, one alphabetic
lowercase, one numeric, and
one spcciai character.

Section 3.2.1.
PartB
Passwords shall not contain
TSAMD
1400.3, v3.IJI, any two identical consecutive
cbaracters.
Access Control Chapter 3.
Section 7
"Passwords"

WARNING: This record contains •.,c .
. ,J. formation that is controUed under 49 ern paris 15 and 1520. No part of tlJis r£cord mllY he disclosed to persons without a "need to
know", as defined in 49 CFR parts 15 and 1520~ cx:cept with the wn
. . ...rthe Administrator of the Tl'unsportntion Security Administrntion or the Secrefury of Transporrntion.
Unauthorized release may resliit in civil penalty or other action. For U.S. government agencies. pu...... .
vemed br5U.S.C. 552 and 49 CI"U parts 15 and 1520.
A-4

SENSITIVE SECURITY INFORMA.TION
*Reference
Nnmber

AC-4

Control
Category

DHSorTSA
Systems IT Security
Reference
Requirement
Section 3.2.1,
Parte
TSA MD
Passwords shal! not be the
1400.3, v3.1 - r1, same as the User ID.
Chapter 3,
Access Control Section 7

Met Requirement
YeslNo orNtA

Notes
No or NtA, Other

**Waiver
Explanation

***Exemption
ExPlanation

'~Passwords~'

AC-5

AC-6

Access Control

Access Control

AC-7

Access Control

AC-8

Access Control

I

Section 3.2.1,
PartK
TSAMD
1400.3, v3.lJI,
Chapter 3,
Section 7
"Passwords"
Section 3.2.2,
Part A
TSAMD
1400.3, v3.UI,
Chapter 3,
Section 7
uPasswords"
Section 3.2.2,
PartB
TSA MD 1400.3,
v3.JJ I, Chapter
3, Secticn 7
"Passwords"
Section 3.6, Part
A
TSAMD
1400.3, v3.J JI,
Chapter 3,
Section 7
"Passwords"
Section 3.6, Part
A

Passwords shall have a
maximum lifetime of 90 days.

Passwords shnll not be reused
for a minimum of6 password
change cycles.

Systems, applications and
network components
sometimes come with default
system accounts and
passwords (or no password).
The TSA requires that:
All default accounts shall be
removed from the system and
the default password must be
changed prior to placing the
system or device into service.

d contains Sensitive Security Information that is controlled under 49 ern parts: 15 and IS10. No part of thhl record may be disclosed to persons without a "need to
know'" as defined in 49 CFR parts 1 an
,
.
.
. ion of the Administrator of the Transportatiun Security Administration or the Secretary of TrnRsportation.
Unauthorized release may result in civil penalty or other action. For U.S. government agencies, pu Ie l '
::; 2 and 49 CFR pam 15 and 1520.
A·S

SENSITIVE SECf:fIUTY INFORMATION
*Reference
Number

AC-9

Control
Category

DHSor TSA

Reference

TSAMD
1400.3, v3.IJI,
Chapter 3,
Access Control Section 7

"Passwords"

AC-IO

Systems IT Security
Requirement
All system or root level
accounts shall have a
password assigned prior to
placement of the system or

Met Requirement
YesINo or N/A

Notes
No or N/A, Otber

**Waiver
Explanation

***Exemption
Explanation

device into service.

Section 3,6, Prot
A
All "guest" accounts shall be
TSAMD
1400.3, v3.1 _fl. removed from the system.
Chapter 3,
Access Control Section 7

"Passwords"

AC-ll

AC-12

AC-13

Section 3.6, Part
A
TSAMD
1400.3, v3.1 Jl,
Chapter 3,
Access Control Section 7
"Passwords"
Section 3.6, Part
A
TSAMD
1400.3, v3.l _fl,
Chapter 3,
Access Control Section 7
"Passwords"
Section 3.2,7,
Part A
TSAMD
1400.3, v3.1_fl.
Chapter 3,
Access Control Sel..'1ion 7
"Passwords"
Section
3,2.7,Part B

Operati ng systems and
applications shall be
configured to force users to
create strong passwords, as
defined in this document.

Personal passwords shaU be
authenticated each time a
claim of identity is made (e.g"
when fllogging onto lT an
interactive system).

Access passwords shall be
authenticated during the initial
request for access to protected
data,

WARNING: Tlli!~ record tontains Sen'iitwe
•
ation that is controlled under 49 CFR parts 15 and J520. No part of this ~ord may be disclosed to persons without a "ne(!d to
know". 11S defined in 49 CFR pnrts 15 and 1520~ except with the wn
• ,. n of the Administrator of the Transpurtation Security Admini9trntion or the Secretary of Transportation.
• osure is governed by 5 U.S.c. 552 and 49 CPR parts 15 and 1520.
Unauthorized release may result in civil penalty or otJlI;r action. For U.S. government ag('l1cl ,
A-6

SENSITIVE SECURIFY INFORMATION
*Reference
Number

AC-14

Control
Category

DHSorTSA
Reference
DHSMD4300,
v2.1 Chapter 5,
Access Control Section 5.6.5,

"Internet

AC-15

Systems IT Security
Reauirement
Firewalls shall be configured
to prohibit any protocol or
service that is not explicitly
permitted.

Met Requirement
YesJNo or NI A

Notes
No or NIA, Other

>l<*W-aiver

***Exemption

Explanation

Explanation

Security", Port B
DHSMD4300, Mobile code (e.g., ActiveX,
v2.1, Chapter 5, JavaScript) that has not!leen
Section 5.6.5,
reviewed and digitally
Access Control
'-'Internet
approved by an appropriate
Security'~, Part D TSA authority shall not be

used.

AC-16

AC-17

AC-18

DHS MD 4300,
v2.1
TSAMD
1400.3, v3.1 _rl,
Chapter 3,
Access Control
Section 11 b,
Section 3.3,Part
C; and Section
11 c, Section 3.4,
PartC
TSAMD
1400.3, v3.1 _1'1,
Chapter 4,
Section 2
Access Controi
HNetwork
Logical Access
Control" Section
3.2,Part A

Telnet shall not be used to
connect to any TSA computer.
A connection protocol such as
Secure Shell (SSH) that
employs secure authentication
(two f.ctur, encrypted, key
exchange, etc.) and is
approved by the Organization
Element shall be used instead.

Upon successful logon, the
tlser shall be notified of the
date and time of the last
successful logon using this
user identity and the number
of unsuccessful logon attempts
using this user identity since
the last successful logon.
Upon successfullogon~ a
TSA MD 1400.3, standard and approved
v3.tJl, Chapter warning message shall be
4} Seciion2
displayed. Minimum
Access Control
"Network LDgical requirements for this message
Access Control" shall be as follows:
Section 3.2,Part R

WARNING:
IS
itive Seeurity Information that is rontroIled under 49 CFR parts 15 and 1520. No part of this record may be disclosed to persons ",itlrout a "need to
know". us defined in 49 CFR parts 15 and 152 ,exec
.
crmission of the Administrator of the Trnnsportation Security Administration or tile Secretary of Transportation.
Unauthorized ..dease may result in civil penalty or otllcr action. For U.S. government age
..
re ill: owrncd by 5 U.S.c. 552 and 49 CFR parts 15 and 1520.
A-7

SENSITIVE SECURITY INFORMA I ION
*Reference
Number

Control
CateQorv

DHSorTSA
Reference

Systems IT Security
Requirement

Met Requirement
YesINo or N/A

Notes
No 01" N/A, Other

**Waiver
Exoianation

***Exemption
Explanation

SAMPLE WARNING MESSAGE,
'THIS IS AN UNCLASSIFIED
SYSTEM. This is a Government
information system. This system is
fOr the use ofauthorized users: find
unclassified processing only.
lndividuals Ll5ing this c:omputer
system without authority or in excess
of their authority are subject to Imving
aIt of their activities on this system
monitored and recorded by system
personnel. In the course of monitoring
individuals improperly using this
system. Of in the course ofsystem

maintenance. the activities of
nuthorized users may also be
monitored. Anyone using this system
expressly consents to such monitoring
and is advised that ifsuch monitoring
reveals possible evidence of criminal
activity or inappropriate use, such as
input ofclassified infonnation, system
personnel may provide the evidence of
such monitoring to TSA officials
and/or law enforcement officials.
depending on the nature of the
evidence revealed. Security
Violations will be issued to any user
processing Classified National
Securitv lnfonnation on this system."

Warning message shall be
TSAMD
1400.3, v3.lJ1, displayed until a specific user
AC-19

AC-20

Chapter 4,
action is taken.
Section 2
Access Control
"Network
Logical Access
Control" Section
3.2,Part B
Warning message shall include
TSAMD
1400.3, v3.1_rl, a warning that they have
Access Control
accessed a Government
Chapter 4,
Section 2
information system.

Unauthorized release may result in civil penalty or other action. For U.S. government agcncjes, PUudo;
A-&

.

.

•

bv 5 U.S.C. 551 and 49 CFR parts 15 and 1520.

SENSITIVE SECURITY INFORMATION
*Reference
Number

AC-21

AC-22

AC-23

AC-24

Control
CategorY

Access Control

Access Control

Access Control

Access Control

DHSor TSA
Reference
"Network
Logical Access
Cnntrol" Section
3.2,Part B
TSAMD
1400.3, v3. I_d,
Chapter 4,
Section 2
"Network
Logical Access
Control" Section
3.2,Part B
TSAMD
1400.3, v3.lJI,
Chapter 4,
Section 2
''Network
Logical Access
Control" Section
3.2,PartB
TSAMD
1400.3, v3.1_r1,
Chapter 4,
Section 2
«Network
Logical Access
Control" Section
3.2,PartB
TSAMD
1400.3, v3.1JI,
Chapter 4,
Section 2
"Network
Logical Access
Control" Section
3.3,PartA

Systems IT Security
RequIrement

Met Requirement
YeslNo or N/A

Notes
No or N/A, Other

**Waivl,'f
Explanation

***Exemption
Explanation

Warning message shall include
a warning that lIsage may be
monitored, recorded and
subject to audit

Waming message shall include
a warning that notifies users
that use indicates consent to
monitoring and recording.

Waming message shall include
a warning that notifies users
that unauthorized use is
prohibited and subject to
criminal and civil penalties.

All end user assets shall have
and employ session lock
capabilities in accordance with
TSA MD 1400.3, End User
Assets Policy.

WARNING: This record contains Sensitive Security Information that is oontToUed under 49 eFR parts 1S and 1520.
0 tbis reco-rd may be disclosed to persons without a "need to
Imow", as dcfintd in 49 CFR parts 15 and 1520, except with the written permission of the Administr
ransportation Seeurity Adminutration or tbe Secretary of Transportalion.
Unauthorized release may result in 'Civil penally or Gther aetiau. For U.S. gf.lvernment
' . u lie disclosure is governed by 5 U.S.C. 552 and 49 CFR parts 15 and 152Q.

A-9

SENSITIVE SECURITY INFORMATION
*Reference
Number

AC-25

AC-26

Control
Category

DHSorTSA

Reference

TSAMD
1400.3, v3.1 JI,
Chapter 4,
Section 2
Access Control
"'Network
Logical Access
Control" Section
3.4,Part A
TSAMD
1400.3, v3.1 _rl,
Chapter 4,
Access Control Section 3

Systems IT Security
ReQuirement
An end user assets shaH have

Met Requirement
YesINo or NtA

Notes
No or NtA, Other

"'*Waiver
Explanation

***Exemption
Explanation

and employ session inactivity
lockout capabilities in
accordance with TSA MD
1400.3, End User Assets
Policy.

Remote access shall require
identification and

authentication consisting of a

user identity and password and
shall not be connected to any
Access" Section other network aside from the
3, Parts D and J TSA network.
TSAMD
Split-tunneling or dual homing
1400.3, v3.IJI, shall not be permitted at any
Chapter 4,
time; only one connection is
allowed.
Access Control Section 3
;~Rernote

AC-27

"Remote

Access" Section
3, PartM
DHSMD4300,
v2.1, Chapter 4,
Section 4.6.2,
"Wireless
LANs Part A;
TSAMD
1400.3, v3.1JI,
Access Control
Chapter 4,
Section 4
H

,

AC-28

'~Wireless

Wireless communications
technologies are prohibited
from use within DHS unless
the DHS CISO specifically
approves the technology and
application.
[If the device is equipped with
wireless technology, this

requirement must be met and

Access" Section this technology MUST be
3, Part A

disabled on the device1

WARNING, This record ,ontains Sensiliv. Security Inl",·m,tion that i, controlled under 49

C~p"t

-----

01 thi, record may be di"losed to persons "ith,ut a "need to
know~', as defined in 49 CFR parts IS and 1520, except with the written. permission
ministrator of the Transportation Security Administration or the Secretary of Transportation.
UnautIl6ri:z~d release may result in civil penalty or other action. For U.s. go
ent agencies, public disclosure is governed by 5 U.S.c. 552 and 49 CFR parts 15 and 1520.
A·IO

SENSITIVE SECURITY INFORMATION
*Reference
Number

AC-29

AC-30

AC-31

AC-32

DHSorTSA
Reference
DHS MD 4300,
v2, I, Chapter 5,
Section 5.3,
Access Control "Identification
and
Authentication",
PartB
TSAMD
14003, v3,1 _rl,
Chapter 4,
Section 2
Access Control
''Network
Logical Access
Control" Section
3.7,PartA
Control
Cate,gory

Systems IT Security
Requirement
For IT systems requiring
authentication controls, the IT
system shall ensure that each
nser is authenticated before IT
system access occurs.

Met Requirement
YesINo or N/A

Notes
No or N/A, Other

**Waiver
Explanation

***Exemption
Explanation

Each system will be
configured to restrict a user or
process to the least privileges
or access required to perform
authorized tasks.

Unencrypted passwords shall
he transmined as ASCII
characters ifinterchanged
between TSA IT systems
within the TSA Wide Area
Network and shall be
TSAMD
transmitted separate from any
1400.3, v3.1 _fl,
identification ofintended use.
Chaptel'3,
Encrypted passwords and
Access Control Section 7
virtual passwords shall be
"Passwords"
transmitted either as a 64-bit
Section 3.2.6,
binary field in bit-oriented
PartC
communications, or as ASCII
representations of the
hexadecimal character set (i.e.,
the 16 characters in the set [09. AF] in character-oriented
communications).
TSAMD
VPN assets shall be
Access Control 1400.3, v3.1 _fl, automatically disconnected
from the TSA network after
Chapted,

-----

WARNING: This re-eord contains Sensitive Security Information that is controlled under ~parts 15 and 1520. No part of this record may be diseIDsed to persons without a "need to
know", as defined in 49 CFR parts 15 and 1520, ex«'!ptwith the written perm' . rUI tnc Administrator of the Trnnsportatlon Secnrity Adminktratlon or the Sceretary of Transportation.
Unauthorized release may result in dvil penalty or other action. F
~. g(Jvernmcnt :igenclc-s. public disclosure is governed by 5 U.S.c. 552 and 49 CFR p~rts 15 and 1520.

A-II

SENSITIVE SECURITY INFORMATION
*Reference
Number

Control
Caterrorv

DHSor TSA
Reference
Section lid
"VPN Security"
Section 3.2, Part
F

Systems IT Security

Met Requirement
YeslNo or NfA

Reauirement
thirty minutes of inactivity.

Notes
No or NfA, Other

**\Vaiver
Explanation

***Exemption
Exolanation

The user must then logon
again to reconnect to the
network. Pings or other

artificial network processes

AC-32

AU-I

used to keep the connection
onen are prohibited.
File Transfer Protocol (FTP)
shall not be used to connect to
or from any DRS computer.
FTP shall be disabled on the
device.

DHS4300A,
v3.2,
Chapter 5.0,
Access Control
Section 5.4.5,
"Network
Security", Part F
AU devices capable oflogging
TSAMD
1400.3, v3.IJl, shall have logging enabled at
all times.
C1lapter 4,
Audit and
Section to
Accountability
"Security Audit

Trails" Section
3, Prnt A

AU-2

AU-3

All successful and
TSAMD
unsuccessful attempts to
1400.3, v3.IJI,
access TSA networks, network
Cbapter4,
devices, software applications,
Audit and
Section 10
and systems shall be logged
Accountability
~<Security Audit
automatically to an approptiate
Trails" Section
log file hy the component's
3, PartC
logon process.
Audit trails shall contain at a
TSAMD
minimum, the idcutity ofeach
1400.3, v3.1 _rl,
user and device accessing or
,Chapter 4,
Audit and
attempting to access an
Section 10
information tcchnology (IT)
Accountability
"Security Audit
system or network component;
Trails" Section
the time and date of the access
3, Part D
and the logoff; activities that

~

C~"'t

------

~

WARNING: This r.cord oont.i.s S,nsitivc Security Information that co.troned uudcr 49
of .his r""onl may be disclosed ro persons with.ut a ''ueed to
kn<Jw", as defined in 49 CFR parts 15 and 1520, except witll the written permission of the Admi' ator of the Transportatil:m SfcurUy Administration or the Secretary of Transportadon.
Un81ltllOl'ized rclcasc may rEsult in civil penalty or other action, For U.S. govel'nment a
.. s public diselosllre is governed by 5 U.S.c. 552 and 49 eFR parts 15 and 1520.
A-12

SENSITIVE SECURIT}' INFORMATION
*Reference

Number

Control
Category

AU-4

Audit and
Accountability

AU-5

Audit and
Accountability

AU-6

Audit and
Accounlability

AU-7

Audit and
Accountability

AU-8

Audit and
Accountability

DHSorTSA
Reference

Systems IT Security
Requirement
mig/lt modify, bypass, or
negate IT seourity safeguards;
and security-relevant actions
associated with processing.
Individual audit trail records
TSAMD
1400.3, v3.1 Jl, shall specify the authenticated
Chapter 4,
identity oftlle individual or
Section 10
process generating the record.
"Secmity Audit
Trails" Section
3, rart J
TSAMD
Individual audit trail records
1400.3, v3.J - rl, shall specify the software or
Chapter 4,
system command used to
Section 10
initiate the event.
"Security Audit
Trails" Section
3, Part J
TSAMD
Individual audit trail records
1400.3, v3.1 _rl, shall be time stamped,
Chapter 4,
accurate to within a second or
Section !O
less ofthe TSA network time
"Security Audit reference, and include local
Trails" Section
time zone information.
3, Part J
TSAMD
Password files shall be
1400.3, v3.1 _rl, encrypted or hashed when
Chapter 4,
stored in logs.
Section 10
"Security Audit
Trails" Section
3, Part K
The information system shall
TSAMD
1400.3, v3.1 J 1, provide the capability to
Chapter 4,
ensure timt audit trails and
Section 10
audit 10l!S are Drotected against

Met Requirement
YeslNo or N/A

Notes
No or N/A, Other

**Waiver
Explanation

***Exemption
Explanation

WARNING: ThiS re
. sitivc Secllrlty Information that is controlled under 49 CFR parts 15 and 1520. No part of this record may be diS<':loscd to persons without a "nero to
l(Oow", ali defined in 49 CFR parts 15 and 15 • ex
.
'tten ermis!'.ion of the Administrator of the Transportation Security Administra(ion fir the Secretary of Transportntion.
.
bUc disclosure is governed by 5 V.S.c. 552 and 49 CFR parts 15 and 1510.
Unauthorized rdcase may result in civil penalty or other action. For U.S. gavern
A-13

SENSITIVE SECURITY INFORMATION
*Refcrence
Number

AU-9

Control
Category

DHS orTSA
Reference
"Security Audit
Trails" Se<:tion 3
l'artH
DRS Windows
Server
2003/Windows
XI'Secure
Audit and
Baseline
Aecountability
Configuration
Guide, Sectton 2
"Audit Trail

Systems IT Security
Requirement
unauthorized a'teration~ loss,

Met Requirement
Yes/No orN/A

Notes
No or NIA, Other

**\'laiver

Explanation

***Exemption
Explanatio"

unavailability, disclosure. or
destruction.
Auditing shall be implemented
in accordance with DHS
Secure Configuration Baseline
Guide for the information
system Operating System.

Controls"

IA-I

TSAMD
1400.3, v3.1 _rl,
Chapter I,

Identification
and

«General
Authentication Information
Security Policy",
Section 5.1.3.9

DHSMD4300,
v2.l, OJapter 5,
Section 5.8, '''Virus
Protection~', Part A

81-1

System and
Information
Integrity

SI-2

DHSMD4300,
v2.1, Chapter 5,
Information
Section 5.8, "Virus
lntegrity
. :' Protection", Part A
System and

i

The information system shall
provide the capability to
uniquely identi!)' and
authenticate users prior to each
network session. This includes
access to individua~ group,
and functional or service
accounts. The positive
identification must be verified
through strong authentication
methods (e.g., password,
biometric, token, certificate,
etc.).
The information system shall
implement antivirus software
at the desktop that is properly
configured to che<:k all files.
The information system shall
install updates to antivirus
software and signature files in
a timely and expeditious
manner without requiring the
end user to specifically request

the update.

~

WARNfNG: This record ~ontains Sensitive Security Informathm tbat is rontrolled un
9 CFR parts lS and 1520. No part oftbis record may be disclosed to persons without a "neEd to
kn()w", as defined in 49 CFR parts 1511lld 1520. c.xceptwith the written permis·" of the Administrator of tlte Transportation Securii}' Administration or the See.retnry ofTransportn(ion~
UnRnthoriwd nlease may result in civil penalty or other acti{jn. F'or U.S.
rnment aget1cics, public disclosure is gov-erne-d by 5 U.S.c. 552 and49 CFR parts 15 and 1520,
A-14

SENSITIVE SECURITY INFOR]\{:<AJION
*Referenee
Number

Control
Category

81-3

System and
Information
Integrity

DHSorTSA
Reference
TSAMD

Systems IT Security
Requirement
All initialization, shutdown,
1400.3, v3.lJI, and abort sequences and
Chapter 3,
scripts shall be configured to
ensure the network remains in
Section II
"Infrastructure
a secure state.
Asset Security"
Section 3, Part H

Met Requirement
YeslNo or NJ A

Notes
No or N/A, Other

**Waiver
Explanation

*Exemption
Explanation

>1<",

WARNING~ TillS retord contains Sensitive Secnrity Information that IS
lied uude]' 49 CFR parts 15 and 1520. No part oHllls record may be disdosed to persons without a "need to
ImolY", as defined in 49 CPR parts 15 and 1520, except with the written permissiun
Administrator of tbe Transportation Security Administratilm or the Secretary of Transporta!ioll.
Unauthorized release may result in dvU penalty or other action. fio. U.S. government agencies,
. disclosure is governed by 5 U.S£. 552 and 49 CFR PdTts 15 and 1520.

A-IS

SENSITIVE SECURITY INFOR~f*~feN
APPENDIX B FIELD DATA REPORTING SYSTEM REQUIREMENTS
DATA ELEMENTS
The data elements to be collected by the 'WEI system are described in the following five tables:

Title

Table

Content

I

Operator Log Information

Information for each 10 Session.

II

Information for each system event

III

System Event Infonnation
Access History Information

IV

Scan Information

Information for each scan completed by the WEI
System.

V

User Data File

User Data Information

Information for data and report access

.

TABLEI 0,perator Log In~ormatIOn.
Field Name

Field Description

Field Format

MACHlNE_ID

Identification
number of the WBI

String
(length = 8)

User_ID

Identification login
of the 10

String
(length = 15)

FirstName

IO First Name

String
(length = 15)

LastName

10 Last Name

String

Field Values/Comments
Upon contract award a
Contractor identifier will
be assigned by the
Government The field
fonnat is a total length of
eight (Contractor identifier
plus WBI System serial
number),

(length'" 15)
LoginTime

IO Login Time

String
(length = 19)

mm~dd-yyyy _hh:mm:ss

LogoutTime

IO Logout Time

String
(length = 19)

mm-dd-yyyy_hh:mm:ss

PaxCount

Number of
passengers scanned
during session

Integer

WARNING, This record contains Sensitive e
Information that is £Qntrolled under 49 eFR parts 15 and 1520. No part of this
record may be dis<:losed to persons withtlut a "ne"d t
", lls defined in 49 eFR parts 15 and 1520. except with the written
istration or the SecretaI'}' ()f Transportation. Unauthorized
permission of the Administrator of the Transportation Security
relcas<' rna)' re.ult h. civil penalt)· or nth.... lienon. For U.s. gov~rx..u.nt 1Ogel1
ublic disclosure is gov"rned hy :Ii lU;.e. 552 and 49
eFR parts 15 and 1520.

--

SEN~InVE

Field Name

SECURITY INFORM: ATION

Field Description

Field Format

Field Values/Comments

PaxSuspectCount

Number of
passengers suspect
during session

Integer

PaxClearCount

Number of
passengers cleared
during session

Integer

Affiliation

Company the 10
works for (TSA or
Contractor)

String
(length = 50)

SiteCode

FAA Airport Code

String
(length = 3)

Such as: SNA, BOS, EWR

SubsiteCode

Machine Location

String
(length = 20)

Example: "Terminall Lane
2"

WBIModelNo

Model Number of String
the WBI System
(length = 8)

WARNING: This rCl:ord c;:ontains Sensitive Sccurit)' Information tha

conu:oIled under 49 CFR parts 15 and 1520. No part of this

"",('ot'd m:ty he disclosed to persons without a "need to know''"
defIned in 49 CFR parts 15 and 1520. e~('ept witb the written
perml<;.sion of the Administrutor of the Transportation Secnr
Administration or the Secretary of Transportation. Unauthorized
release ma.y result in civil penalty or other action. For U.S. vernment agencies. public disclosure is governed by 5 U.S.C. 552 and 49
CFR parts 15 llnd 1520.

B-2

SENSITIVE SECURITY INFOR.1WATION
TABLEII . S~vst em Event I norma
£
ti on.

Field Name

Field Description

Field Format

Field Values/Comments

MACHINE_ID

Identification
String
number of the WBI
(length = 8)
System

Upon contract award a Contractor
identifier will be assigned by the
Government. The field format is a
total length of eight (Contractor
identifier plus serial number).

WBIModelNo

Model Number of String
the WBI System
(length = 8)

SitcCode

FAA Airport Code

String
(length = 3)

Such as: SNA, BaS, EWR

SubsiteCode

Machine Location

String
(length = 20)

Example: "Terminal I Lane 2"

SoftVers

WBI software
version
identification

String
(length = 10)

Contractor assigned software version
identification for the software
running on the WBI System

User_ID

Identification login
of the 10

String
(length = 15)

FirstName

10 Name

LastName

IOName

AccessLevel

Access Control
Level

String
(length

Affiliation

TO Affiliation

String
(length = 15)

Event_Time

At what time did the String
event occurred?
(length = 19)

mm-dd-yyyy_hh:mm:ss

Event

What event
occurred?

At a minimum, possible choices

String
(lcnRth = 15)
String
(length = 15)
I)

String
(length = 25)

include:

account creations,

modilY account,
machine fault resets,

10 logoff,
10 logon,
Operational mode change,

View reports,
download data,
software restart,
system errors,
system startup,

svstem shutdown.

s.ns~,ation

that i, controlled nndcr 49 eFR parts 1S and 1520. No part of thi,
tn.'tY b" disclosed to persons without a "need to kno
' defined in 49 CFR parts 15 and 1520, el':<:ept with the written
permission of the Administrator of the Transportation Seculity Adml .
non or the Secretary of Transportation. Unauthorized
release may result in civil penalty or other a<:tion. For U.S. government agencies,
lie dif'dosure is governed b" 5 U.S.C. 552 and 49
WARNING: Thi' re<ord contain'

J'1!!~l)I'd

CFR parts 15 and 1520.

SEN SI'I'IVE SECUltITY INFORM2\'fffiN"
TABLE III" ACCCSS H"IS t 00' I. norma
f<
ti on.
Field Name

Field Description

Field Fonnat

Field Values/Comments
Upon contract award a Contractor
identifier will be assigned by the
Government. The field format is a total
length of eight (Contractor identifier plus
serial number).

MACHINE_lD

Identification number String
(length = 8)
of the WBI SYSTEM

User ID

Identification login of String
(length = 15)
the 10

AccessLevel

Access Control Level

String
(length = 1)

Action

System action

Integer

Use
I =download files
2=cbange parameters
3=enter/modify users
4==view reports

ActionTime

Time action occurred

String
(length = 19)

mm-dd-yyyy_bh:mro: 5S

ReponType

Report type

Integer

Downloaded

Was the file
downloaded?

String

Use
1=10 Log Report
2=Event Log Report
3=Access History Report
Use
D=Downloaded

(length=l)

N=Not Downloaded

WARNING, This record contains Sensitive Security
non that is controlled under 49 eFR parts 15 and 1520. No part of this
record may be disclosed to persons without 0. "need to 1m"
/I defined ill 49 CFR p'lrts 15 dnd 1520, except with the written
pernlission of the Administrator of the Transportation Security A . . 't,ration or the Secretary (If TranSpol·tation. lJnauthorlzed
release mil)' result in civil ptll1alt)· or other action. For U.s. government "ll"n
CFR parts 15 and 1520.

SENSfHVE SECURiTY INFORMATION
TABLE IV Scan Information
Field Name

Field Format

Field Description

Field Values/Comments

MACHINE_ID

Identification
number of the WBI

String
(length = 8)

Upon contract award a
Contractor identifier will
bc assigned by the
Government. The field
format is a total length of
eight (Contractor identifier
plus WBI System serial
number).

SoftVers

WBI software
version
identification

String
(length = 10)

Contractor assigned
software version
identification for the
software rUlUling On the
WBT System

ImageStart

Date and time the
String
passenger scan starts
(length

mm-dd-YYYLhh:mm:ss
19)

ImageComplete

Date and time the
passenger scan
completes

String
(length = 19)

mm-dd-yyyy_hh:nnn:ss

IORespTime

Date and time the 10 String
decision is made
(length = 19)

mm-dd-yyyy_hh:mm:ss

TO Decision

Nature ofIO
response

String
(length

Use
C for Clear
S for Suspect

Identification login
of the 10

String
(length = 15)

User_ID

I)

'VARNING: This record contains Sensitive Security Infor ation that is controlled under 49 CFR parts 15 and 1~2o. No part of this

record may be dlscl<Jsed to persons without a 'Ineed to . QW". as defined in 49 CFR parts 15 and 1520, except with the written
permission of the Administrator of the l'raosportatio Securi~' Administration or the Secreta!')' of Tram,portation. Unauthorized
t'eleasll' mll;r result in civil penalty or other action. Fo li.S. government agencies. public disclosure is governed b~> 5 l).S.C. 552 and 49
CFR parts 15 and 1520.

B-5

SENSITIVE SECURITY INFORMATION

.

TABLE V User Data File
Field Name
FirstName

Field Format

Field Description

String
(length

TSOName

Field Values/Comments

15)

LastName

TSOName

String
(length = 15)

User_ID

Identification login of the
TSO

String
(length = 15)

Password

TSO Password

String
(length = 15)

Affiliation

TSO Affiliation

String
(length = 15)

AccessLevel

Access Control Level

String
(length = I)

Status

User Status

String
(length = I)

Use
I=active
O=inactive

StatusDate

Date current status was
activated

String
(length = 19)

mm-dd-yyyy_hh:mm:ss

is contJ'olled under 49 eFR parts 15 and 1520. No part 0:£ this
to know" as defined in 49 CFR parts 15 and 1520. except with the written

WARNING: This record contains Sensitive Securit)' Information tb
rcc:ord may be disdoS0d to persons

with~ut .It "n~ed

permission of tbe Administrator of the Transportation Sec
l"e1case

ma~:

~'Administration

or the Secretnry of Transportation. lJnauthorized

result in t;:i,vil penalty or other action. For Ii • government agencies, public disclosure is

CFR parts 15 and 1520.
)3-6

gov~l'ned

h)'" 5 TLS.C 552 :lnd 49

SENSITIVE SECURIJ;¥ INFORMATION
APPENDIX C USER ACCESS LEVELS AND CAPABILITIES

User access and associated capabilities, based on usemame, password, and user access level, shall (197)
be as outlined in the Access Control Levels Table.
Access Control Levels Table

User Access
Level

Z

User

Capabilities

Transportation
Security
Administration
Headquarters
Contractor
Maintenance
Technician (see Note

Logon and Logoff
Startup and Shutdown
EnablelDisable Image Filters
Access Test Mode
Export Raw Image Data in Test Mode
Modify Access Level Capabilities
UploadJDownload User Database
Create and Modify Accounts (All Users)
Download Data (see Note 1)
Set and Alter Passwords (All Users) (see Note 1)
Modify Baselined or Fielded Software (see Note 1)
Access Operating System
:tlQte I: Contractor Maintenance Technicians shall not set
or alter passwords and shall download data only without
alteration. Contractor "superuser" passwords will be
disabled by a Government representative after site
acceptance. Only Government approved so.ft\'rare changes
shall be made to the baselined or fielded software.

1)

Super User

1

Federal Security
Director
Screening Manager
Screening Supervisor

All Access Level 2 Capabilities
Logon and Logoff
Startup and Shutdown
EnablelDisabIe Auto-Detect Highlighting
CreatelModify Accounts (Level 2)

2

Lead-In-Charge

All Access Level 3 Capabilities
Perform Daily Preventative Maintenance
Create and Modify Accounts (Level 3)
Access and view WBI FDRS Database and Reports
Access and view WBI User Database
Download WBI FDRS Data
Calibrate system

WAR."I/1NG: This rfcord contains Sensitive Security InfoI'
n that is controUtll under 49 CFR parts 15 and 1520. No part of this
reeord may be discl~.ed tt> persons with6ut " "n'"
0 know", as defined in 49 CFR parts 15 lind 1520, except with the written
rtan'.lJl Security Administl'ation or the Secretary of Tran~portatioD. Unauthorized
permission of the Administrator of tbe Tr
release rna}' result in civil penil.lty or
J: nction. For U.s. government ag'H1.ie~, puhlic di~dosure i. governE'(\ b)' !i U,S.c. 552 and 49
CFR parts 15 and 1520.

C-l

8ENSITIVE SECURITY INFORMATION
User Access
Level
3

User
Operators

Capabilities
Logon and Logoff
Startup and Shutdown
Access Screening Mode
Screens Passengers
Initiate Fault Isolation Test

WARNING: This record contains Sensitive Se<:urit)' Informatio
at is conn'olled under 49 CFR parts 15 and 1520. No part of tbis
k"ecord m1ty be disclos~d to pl'rsons without a "need to·
''', as defined in 49 CFR parts 15 and 1520, e;:((:ept with the written
permission of the Administrator of the Transportatio
ecurity Adminlstratinu or the Secretary of Transportation. 'Unauthorized
release ma;r result in dviJ penalty or other action.

r U.S.

govel'nm~nt

CFR parts 15 and 1520.
C-2

agencies, puhlic disclosure is governed by 5 U.S.c. 552 and 49

SENSI'IIVE SECORITY JNFORMATION
APPENDIX D TSA OPERATIONAL POWER REQUIREMENTS
1.0

INTRODUCTION

The purpose of this document is to define the minimum power performance requirements for any
detection system that identifies potential threats 011 a person, an article of baggage, a parcel or cargo. The
standards, on which these requirements were based, have been adopted from the FAA Specification
Document: Electronic Equipment, General Requirements (FAA-G-2l00H).
2.0

OVERVIEW

The requirements defined in this dOC1Jment were generated from the results of eight different electronic
screening device tests, from the point-of-view of "power system perfonnance." The tests were conducted
between August 21 st and August 25 th 2006, at the Transportation Security Laboratory (TSL) and the
Doughty Road Laboratory. The objective of these tests was to provide confidence, as well as validate the
compatibility ofTSA's equipment with the available electrical supply at its various deployment locations.
Special attention was given to the equipment's power profile, energy consumption, and vulnerability to
power system events (i.e., voltage sags and drops). Each system was tested to define the baseline
electrical performance relative to:
(a) The respective equipment data sheets,
(b) The current Commereial-Off-the-Shelf (COTS) procurement specification, and

(c) The actual system voltage sag and intenuption withstand performance.
The recorded results of these tests are expected to provide procurement and specification personnel with a
better understanding ofthe impact that detection systems have on other facility equipment, in addition to
their internal components. This includes the sensitivities of detection systems to some of the more
common power quality variations that may be encountered at locations where the detection systems are
deployed.

3.0

EQUIPMENT

For the purpose of this document, "detection systems" will refer to all screening devices using bulk, trace,
or any other teclmology to screen passengers and their luggage before entering a secure area (e.g.,
Checked Baggage Systems, Checkpoint Systems, Cargo Screening Systems, or any other passenger and
baggage screening system).
4.0

MEASUREMENT

Power over an entire operational cycle tends to vary as heaters, compressors, and other cyclic loads tum
on and off. The measured "Max.imum Steady State Load" will identify the highest level of power drawn
consistently over a measured period oftime (e.g., 4 kW for 5 min, with no changes). Therefore, the
Maximum Steady State Load must be maintained during a full operational cycle while power
requirements are measured and recorded.
5.0

POWER PERFORMANCE DATA ACQUISITION AND REQUIREMENTS
ANALYSIS

5.1

BASELINE VOLTAGE AND CURRENT DISTORTION

The baseline voltage and current distortion measurement identifies the harmonic current distortion of the
equipment and determines how that current distortion level will distort the vo tage at the supply point.
WAlli~ING: This record contains Sensitive Security Information t
controUed under 49 CfR parts 15 and 11520. No part of this
rt'cord may be disclosed to persons without il "need to k
, as defined in 49 CFR parts 15 and 1520, except with the written
permission of the Administrator of the Transport'
ecurity Administration Qr the Secretary of Transportation. lJnauthorized
r"lease may result in civil penal!)' or other
. . For U.S. government agencies, public disclosure is governed by 5 U.S.c. 552 and 49
CFR parts 15 and 1520.

0-1

SENSITIVE SECUftlTY INF'ORMATION
Total Harmonic Distortion - The "Total Hannonie Distortion" will be calculated as the square root of
the cumulative sum of each measured distortion over several operational cycles.
The maximum Total Hannonic Distortion (THD) during a full operational cycle for detection systems'
shall (198) be less than three percent «3%), as specified in the follO\ving references:
(a) IEEE 519, Harmonic Limits and
(b) FAA·G-21 OOH, 3.1.1.3.2.£, Inrush Current.

Individual Harmonic Distortion The measured "Individual Hannonic Distortion" will identify the
maximum distortion of the equipment during any operational cycles over a specific period oftime.
The maximum Individual Hannonics (IN) during any given cycle for detection systems shall (199) be less
than three percent «3%), as specified in the following references:
(a) IEEE 519, Harmonic Limits and

(b) FAA-G-2100H, 3.1.1.5.c, Table 1, Hannonics.

5.2

POWER USAGE PROFILE AND POWER FACTOR

The power usage profile and power factor measurement evaluates the minimum and maximum power
drawn during a full operational cycle of the equipment. Once the full load power draw is determined, the
power factor is measured at the full load value.
Power Factor (a,mll.'dmumstoodys(.tdooding) - Standard measure of "Power Factor" includes two methods,
Displaced Power Factor (DPF) and Distortion Power Factor, or Total Power Factor (TPF). As long as the
meter being used integrates the instantaneous voltage and currents over each cycle of the power
frequency, the calculated Power Factor will be accurate regardless of the method selected.

The Power Factor at maximum steady state loading shall (200) be greater than point six (> .6) for all
detection systems, as specified in the following reference:
(a) FAA·G-2100H, 3.1.1.3.1, Power Factor.

5.3

MAXIMUM INRUSH CURRENT RATIO

The inrush current measurement assesses the maximum peak inrush of the equipment during a full
operational cycle and detennines how that peak inrush compares to the maximum steady state Root
Means Square (RMS) current drawn.
Max Inrush Current Ratio ~ The maximum inrush current ratio will compare both the Maximum Peak
Inrush (lm2X pea0 and the maximum steady state RM:S current (Imax RMS) through the following formula:
ImllX peak I IJlli\x RMS.
The maximum "Inrush Current Ratio" during a fun operational cycle for detection systems shall (20 I) be
less ilian twenty times « 20) the steady state, as specified in the following references:
(a) IECIEN61000-3-3, Flicker and Voltage Variation and
(b) FAA-G-2100H, 3.1.1.3.2.h, Inrush Current.

5.4

STEADY STATE CURRENT UNBALANCE

The steady state current unbalance measures the current unbalance of the equipment and determines how
that current unbalance value compares to the COTS procurement specification.
WARNING: This record contailLS Sensl
Tit)' Information that is controlled under 49 CFR parts 15 and 1520. No part of this
record may bc dlaclo..d to PCl"$OI1S without'" "nee
. w". as derIDed in 49 CFR parh 15 and 1520, except with the written
permissioll of the Administrator of the TranSpllrtatioD Security
. . atioD or the Se~rebry of T ....nsportatien. '()nauthori2:ed
release may J'''suU in civil penal!)' or other action. For U.S. govcrnmeJ;lt agencies,
. ·SdO_UN i. governed hy 5V.S.C. 552 and 49
pun l5 and 15Z0.

em

D·2

SEN£ITIVE SECURITY INFORMATION
Avg. Current Unbalance (lUND A'~) - The averagc eurrent unbalance will be the sum of eaeh eurrent
unbalancc measured over the course of several operational cycles.
(a) The average current unbalance measured for detection systems shall (202) be less than ten percent
« 10 %), as specified in the following references:
1.

National Electrical Manufacturers Association (NEMA)

11.

FAA-G-2100H, 3.].1 A., Electric Load Balance.

M61 and

(b) The average current unbalance measured for detection systems shall (203) be verified and adjusted
as needed during site acceptance.
Max Current Unbalance (TUN''''''.) - A three-phase system is called balanced if the three-phase voltages
and currents have the same amplitude and are phase shifted by 1200 with respect to each other. If either
or both of these conditions are not met, the system is considered unbalanced or asymmetrical. Thus the
maximum current unbalance is the maximum current measured that is out of symmetry, with respect to
the other phases. (Note: Under multiple system configurations, it is possible for the eurrentunbalance of
one system to be neutralized by the current unbalance of the next system (based on phase and direction)).
(a) The maximum current unbalance for threat detection systems shall (204) be identified. for each
system to substantiate the caleulation, sizing and integration of multiple configurations of the same
equipment.
(b) The maximum current unbalance for threat detection systems shall (205) be verified and adjusted as

needed during site aeceptanee.

5.5

MAXIMUM LEAKAGE CURRENT

The intent of the maximum leakage eurrent measurement is to identify the maximum leakage current
injected onto the ground conductor by the equipment, during a full operational cycle. In addition, this
measurement will help determine how that value might need to be correlated to ground fault protection
settings, if applicable at the installation location.
Maximum Leakage Current - The maximum leakage current is the current that flows from the unit
through the grounding conductor into a facility ground. Leakage current could shock an individual if the
household grounding is not sufficient or there is an intentional or unintentional interruption of grounding
connection.
Ca) The maximum leakage current measured for detection systems shall (206) be less than or equal to
three and a half milliamps (3.5mA) as specified in the following references:
1.

UL Standard 60950, clause 5.1.7,

ii. lEe 6060 I-I, General requirements for basic safety and essential performance, and
iii. IEEE Transactions on Very large Scale Integration (VLSI) Systems, 12(2):131-139.

5.6

VOLTAGE SAG AND INTERRUPTION WITHSTAND PERFORMANCE

The voltage sag and interruption withstand measurement evaluates the capability of the equipment to
withstand power faults which result in momentary power system interruptions. The secondary objective
of this requirement is to evaluate the system drop-off and subsequent restart time.

--

Voltage Sag - The voltage sag measurement identifies the length oftime and percentage below nominal
usage that n system can tolerate) if the power source is interrupted or eliminated during normal operations.
W AR~NG: TWs record contains Sensitive Securit)' Information that is controlled uode
reeord may hi: dilldoll",d to persons without 9

14

neQ d to know", AS

permission of the Administrator of the Trans ort
release mar re:ntlt in civil penal

r

Administration

ern

01'

arts 15 and 1520. No part of this
parb 15 and 1520. except with the written

the Secretal')' of Transportation. Unauthorized

action. "'or U.s. govcl'nmC'nt agencies, public disclosure i.ll

CFR parts 15
D-3

gov~rned

by 5 tl.S.c. :552 lind 49

SENSITIVE SECURITY INFORl\,fATION
(a) The voltage sag for detection systems shall (207) tolerate a zero voltage for a minimum duration of
twenty milliseconds (20 ms) as specified in the following references:

5.7

1.

lEC 61000-4-34, Voltage Sag Immunity,

11.

lEe 61000-4-11, Voltage Dip Immunity, and

111.

lTIC (CBEMA) Curve 07.01.2000.

UNINTERRUPTIBLE POWER SUPPLY

The presence of an Uninterruptible Power Supply (UPS) demonstrates the systems ability to shield
against unexpected power fluctuations, voltage sags or temporary power loses from the power distribution
sources. As a byproduct of power performance, a weak UPS can cause unwarranted system reboots,
hang-ups, and several other system anomalies.
Uninterruptible Power Supply ~ The health ofa UPS can be significantly affected by the system's
ability to tolerate the variance of power over short periods oftime. Measuring the strength of the UPS
identifies the systems ability to maintain operational availability during moments of critical power failure.

The UPS, ifpresent, shall (208) be configured into the core system for automated monitoring and display
of the current health and condition of the UPS.

WARNING: This recllrd co,ntalns SenSitive Securit)· Informatllll1 that is
'olled under 49 CFR parts 15 and 1520. No part of this
record nUl)' be disclosed to persons witbout II "need to know"
efined in 49 eFR parts 15 lind 1520, except with the written
permhsion of the Administratllr of the Transportation S
Ity AdminiJtration Or the Secrctoll'Y of Transportation. UDauthllrized
release may result in civil penalt:\, or other acnon.
.5. govel'>1ment ag.mcles, public di.closure b governl>d by !Ii II.s.C. 552 and 49
CF'R parts 15 and 1520.

D·4

SENSITIYE SECURITY INFOR.M~ TION
APPENDIX E WBI REPORTS
FDRS REPORT DISPLAY

1.0

The WBI system shall (209) provide the reports listed in Table 1 below. Data reports (Reports 1,
2 and 3) shall (210) be viewable by calendar month and year (e.g., February 2008).

Table 1. WEI Data Reports
Report Narne

ReDort
1

10 Log Report

2

Event Report

3

Access History Report

1.1

10 Log Report

The 10 Log Report shall (211) present an overview of all lOs who worked each day for the
selected month, along with their locations and login/logout times. The 10 Summary Report shall
(212) contain one record / row in the output table for cach login session occurring in the date
range. This report .<hall (213) be downloadable and be viewable on the 10 Station monitor.
Output Field
User_ID

DescriDtion
Identification login of the 10

Format
String
(length = 15)

LastName

10 Last Name

String
(length = 15)

FirstName

10 First Name

String
(length = 15)

LoginTime

10 Login Timestamp

String
(length = 19)

LogoutTime

10 Logout Timestamp

String
(length = 19)

PaxCount

Number of passengers scanned
during session

Integer

PaxSuspectCount

Number of passengers suspected
during session

Integer

PaxClearCount

Number of passengers cleared
during session

Integer

Affiliation

10 Affiliation

String
(length = 15)

WBIModeiNo

Model Number of the WBI System

String
(length = 8)

SiteCode

FAA Airport Code

String

w_" ~ ••N,_••~ ~•• cm_~.. ~,,~ ,"_"
of this record may be disclosed to persons without a "need tow", a$ deitned in 49 CFR plIrt:s 15 and 1520, enept with the
permil)siM of the Administrator (If the Tran
tatiOD SeC:l.l.rity Administration or the SecretaI')" of Transportation.
Unauthorized release may result in civil penal'
other action. For U.S. gOYfll"nment agencies, public disclosure is governed
by 5 U.S.C. 552 and 49 CFR parts 15 an
.

writt~n

SENSITIVE SECURITY INFORMATION
Deseription

Output Field
SubsiteCode

1.2

Format
(length - 3)
String
(length = 20)

Machine Location

Event Report

An Event Report containing details of each system event shall (214) be provided. This report
shall (215) consist of one row per event, and shall (216) provide data indicated in the following
table. This report shall (217) be downloadable and be viewable on the 10 Station monitor.
Descriotion

OUtDU! Field

Fonnat

MACHINE_ID

Identification Number of the WBI
System

String
(length ~ 8)

LastName

10 Last Name

String
(length ~ IS)

FirstName

10 First Name

String
(length = 15)

User_ID

Identification login of the 10

String
(length = 15)

SiteCode

FAA Airport Code

String
(length ~ 3)

Event_Time

Time event occurred

String
(length = 19)

Event

Description of event

String
(length

1.3

= 25)

Access History Report

The Access History Report shall (218) report who modified system settings as well as the time
and nature of the modification using the format described below. The Access History report also
presents detail on administrative operations activity (Le., who accessed the report, the type of
report, and when the report was accessed). This report shall (219) be downloadable and be
viewable on the 10 Station monitor.
Output Field

Description

Format

MACHINE)D

Identification Number of the WEI
System

String
(length ~ 8)

User_ID

Identification login of the 10

String
(length = 15)

AccessLevel

Access Control Level

String
(length = 1)

Action

System action

Integer

ActionTime

Time action occurred

../'

String

WAR1~ING: This record contains Sensitive Security InfQrmation tha . controlled under 49 eFR parts 15 and 1520. No paJ;'t
of this rccord may be disclosed to persons without a "need to
, as defined in 49 CfR parts 15 and 152:0, I;'!xc:ept with the
written permission of the Administrator of the Transpo
1011 S¢curity Administratioll or the Secretary of Transportation.
er action. For U.S. go",·ernment agencies, public disclosure is governed
Unauthorized relcase may result in civil penalt)' or

by 5 U.S.C. 552 llnd 49 CFR parts. 15 and 152

SENSITIVE SECURITY INFORMA lION
Outnut Field

Descrintion

Format
(length = 19)

ReportType

Report type

Integer

Dov.nloaded

Was the file downloaded?

String
(length=l)

WARNING: This re<:ol'd contains Sensitive Security InfQrmatio tat is controlled under 49 eFR parts 15 sod 1520. No part
of this record may be disclllsed to persons without a "need t
ow". as defined in 49 CFR parts 15 and 1520, except with the
written permisshm Qf the Administrator of the Transpo don Security Administration or the Secretary of Transportation.
Unauthorized release may result in civil penalty or 0' er action. For U.s. government agencies, public disclosure is governed
by 5 U.S.C- 552 and 49 eFR pllrts 15 and 1520.

 

 

Disciplinary Self-Help Litigation Manual - Side
Advertise here
CLN Subscribe Now Ad 450x600