AMS Information Systems & Security Checklist

Note:

• This is the complete checklist throughout your ISS Engineering activities during the AMS Lifecycle phases.
• The symbol "*" indicates that the FAA firewall access is required to view this link.

Initiate

FAA Information Systems Security (ISS) Activities Process:

1. If any questions, please contact 9-ATOP-HQ-ISSE-Info@faa.gov, ATO-P Information Systems Security Chief Scientist Engineer.
2. Go to the last page of this checklist to review:
   • Appendix 1: "AMS Logo Map - FAA Lifecycle Management Process".
     • Use the map to follow the numbered AMS decision points in the process with this checklist.
   • Appendix 2: "Security Activities during AMS Phases"
     • It is a quick overview of deliverable security related products for each AMS Phases.
3. Use this checklist to map the security activities along with your appendix 1 & 2.
4. Review the lettered content of the "FAA Information Systems Security (ISS) Engineering Process".

Resources

1. The ATOISS related websites:
   • FAAFASTAMS - Security Section
   • FAANAS Enterprise Architecture (NASEA) - Security View (TBA - Still in the maturation process.)
   • FAA Systems Engineering Manual (SEM)
     • Section 4.8.6, Information Security Engineering
   • ATOISS Program Library website
     • An authoritative source indicating governance of SCAP process*
   • ISS related policies*
2. SCAP Templates and FAQs

Quick Links

• Service Analysis (SA)
• Concept & Requirement Definition (CRD)
• Investment Analysis (IA)
• Final Investment Analysis (FIA)
• Solution Implementation (SI)
• In-Service Management (ISM)

Begin Service Analysis (SA) - AMS decision point: #1

(Start: Service Analysis activities for the Mission Needs Decision (MND))

Note: The symbol "*" indicates that the FAA firewall access is required to view this link.

Review

• FAAFASTAMS Lifecycle Phases and Decisions guidance website:
  • Service Analysis (SA)
  • Mission Need Decision (MND)
  • ISS policy guidance listed in the ATOISS Program Library website.
    • FAA Orders 1370.82A, "Information Systems Security Program"*
  • ISS Engineering
    • AMS Lifecycle Management Process with ISSE related activities

Initiate

• Service Level Mission Need (SLMN) Threat Stipulation and basic security policy.
  • Integrating Initial Security Needs and Threat Stipulation into the SLMN (a)

Deliverable(s)

1. Statement of security policy and threat environment stipulation incorporated into the SLMN.

End SA for AMS decision point: #1

Begin Concept and Requirement Definition (CRD) - AMS decision point: #2

(Start:OMB Exhibit 300 Attachment 1 for the Investment Analysis Readiness Decision (IARD))

Review

• The CONOPs of the system.
• FAAFASTAMS Lifecycle Phases and Decisions guidance website:
  • Concept & Requirements Definition (CRD)
  • Investment Analysis Readiness Decision (IARD)
• FAAFASTISS Flow Chart of the CRD section
• Security engineering activities.
  • AMS Lifecycle Management Process with ISSE related activities
• The NAS-SR1000 security requirements section.
  • To obtain the document please contact Linda Suppan (Acting Manager).

Coordinate

• Service Unit/Service Area Certification Team Lead to determine plans and strategy for SCAP activities including determining the level of effort and security activities.
  • ATO Information System Security Manager (ISSM)
  • ATO Designated Approving Authority (DAA), Information System Security Certifier (ISSC), and Information System Security Manager (ISSM)
  • ATO Service Unit/Service Area Certification Team Lead
  • ATO Service Unit/Service Area ISSO.
    • The individual is responsible for all the security functions for the program and is designated by the Program Manager.

Generate

• “Developing CONOPS and Preliminary Security Requirements (b)”
  • CONOPS of system.
  • ISS section of the Preliminary Requirements. (pPR document).
    • For assistance in developing security requirements contact Kenneth Kepchar, ATO-PISS Chief Scientist System Engineer.
  • The 800-53 controls.

Deliverable(s)

1. OMB Exhibit 300, Attachment 1: Preliminary Program Requirements (pPR)
   • ISS Section of the Preliminary requirements. (pPR)

End CRD for AMS decision point: #2 & AMS Phase Mission Analysis (MA)

Begin Initial Investment Analysis (IIA) - AMS decision point: #3

(Start:OMB Exhibit 300 Attachment 2 for the Initial Investment Decision (IID))

Review

• FAAFASTAMS Lifecycle Phases and Decisions guidance website
  • Investment Analysis (IA)
  • Investment Decision (ID)
• FAAFASTISS Flow Chart of the IIA section
• Security engineering activities
  • FAA Information Systems Security (ISS) Engineering Process

Update

• CONOPS of system.
• ISS section of the Preliminary Requirements. (pPR document).
  • Apply 800-53.
    • Tailor 800-53 security requirements to your acquisitions.

Generate

• Basis of Estimates (BOE) on security cost estimates for alternatives.
• SCAP with your Service Unit/Service Area Certification Team Lead.
• The preliminary Information System Security Plan, (ISSP).
  • "Develop the Preliminary ISSP (Including Basic Security Policy)" (c)
    • NISTSP 800-18, "Guide for Developing Security plans for Federal Information Systems" (February 2006)
• Preliminary System Characterization/Categorization.
  • Develop Systems Characterization/Categorization (d)
  • FIPS-199
  • 800-53 controls.
• Preliminary vulnerability and risk assessment.
  • Developing Preliminary Vulnerability and Risk Assessment (e)
    • NISTSP 800-30, "Risk Management Guide for Information Technology Systems"

Deliverable(s)

1. BOE on security cost estimates for alternatives.
2. OMB Exhibit 300, Attachment 2: Business Case Analysis Report (BCAR)
3. Updated OMB Exhibit 300, Attachment 1: (pPR)
   • Requirements for the ISS section of the (pPR) to include the 800-53 controls.
4. Preliminary vulnerability and risk assessment.
5. Preliminary SCAPs document
   • Preliminary ISSP with security policy statement.
   • Preliminary System Characterization/Categorization.

End IIA for AMS decision point: #3

BEGIN Final Investment Analysis (FIA) - AMS decision point: #4

(Start:OMB Exhibit 300 Attachment 3 for the Final Investment Decision (FID))

Review

• FAAFASTAMS Lifecycle Phases and Decisions guidance website:
  • Investment Analysis (IA)
  • Investment Decision (ID)
• FAAFASTISS Flow Chart of the FIA section.

Update

• SCAP with your Service Unit/Service Area Certification Team Lead.
• CONOPS of system.
• ISS section of the Preliminary Requirements for the Final Requirement Document (fPR).
  • Security Interfaces document for inclusion in Interface Requirement Document (IRD).
• The ISSP.
• System characterization/categorization.(FIPS-199)
• Vulnerability and risk assessment.

Generate

• Initial Security Test Plan & Report.
  • Documentation should be produced only if test documents are being developed early based on approved system prototype, prior to Solution Implementation phase.
    • “Develop Security Test Plans and Procedures”(k)
• Support for system addition to the ATO Five Year SCAP Plan with your Service Unit/Service Area Certification Team Lead and ISSO.
  • Proposed schedule, security characterization/categorization (FIPS-199) and planned sites where a system would be fielded to the ISSM
• Security Information for Solicitation Information Request (SIR), Contract Statement of Work (SOW) and Contract Data Requirement List (CDRL).

Obtain

• Stakeholders’ buy-ins and signing of the final security documents.

Deliverable(s)

1. Updated OMB Exhibit 300, Attachment 1:
   • (pPR) transformed into Final Requirement Document (fPR).
2. OMB Exhibit 300, Attachment 2:Business Case Analysis Report (BCAR)
3. OMB Exhibit 300, Attachment 3:Implementation Strategy/Planning (ISP)
4. Final security vulnerability and risk assessment.
5. SCAP documents
   • ISSP with security policy statement.
   • System characterization/categorization.
   • Security Test Plan & Report (See note above.)
6. Proposal of schedule, FIPS-199, and plan toward ATO Five Year SCAP Plan for your added system.
7. The security information for SIR, SOW & CDRL.
8. Stakeholders’ signatures on all finalized security documents

End FIA for AMS decision point: #4 & Phase: IA

BEGIN Solution Implementation (SI) - AMS decision point: #5

(Re-baseline:OMB Exhibit 300, Attachment 1, 2 & 3 for the In-Service Decision (ISD))

Note: The symbol "*" indicates that the FAA firewall access is required to view this link.

Review

• FAAFASTAMS Lifecycle Phases and Decisions guidance website:
• Solution Implementation (SI)
• In-Service Decision (ISD)
• FAAFASTISS Flow Chart of the SI section
• OMB Exhibit 300, Attachment 1, 2, & 3.

Update

• Security information for Solicitation Information Request (SIR), Contract Statement of Work (SOW) and Contract Data Requirement List (CDRL).
• Vulnerability and risk assessment for the Security Risk Assessment (SRA).
  • This is to be performed independent of the Integrated Product Team (IPT).
  • “Update Vulnerability and Risk Assessment” (f)
• CONOPS of system.
  • “Update the CONOPS and Security Requirements” (g)
  • To include ISS section to the CONOPS depending on level of impact of the NAS system.
• ISS section for the Final Requirement Document (fPR).
  • Security Interfaces document for inclusion in Interface Requirement Document (IRD).
  • “Integrate Security Requirements with System Requirements” (h)
  • “Integrate Security Architecture and Design” (i)
• The ISSP.
  • “Update the ISSP” (j)
• SCAP to reflect actual fielded systems with your Service Unit/Service Area Certification Team Lead and ISSO. Must complete the SCAP documents before operating the system.
  • Locate the “ATOISS Implementation Guide * ” and follow the link “SCAP” for the SCAP guidance document.
  • “Create Final Security C&A Documents” (n)

Generate

• Security testing on system baseline and refine solution as needed for ISD/commissioning.
  • This is to be performed independent of the IPT.
  • “Develop Security Test Plans and Procedures” (k)
• Users guide, training plans, and contingency/disaster recovery plans.
  • “Develop User’s Guides, Training, and Contingency Plans” (l)
  • “Conduct Security Testing” (m)

Obtain

• DAA signature(s) of Certification and Authorization to connect and operate system in the NAS.
  • “Obtain Security Authorization and Accreditation” (o)
    • ATO Designated Approving Authority (DAA), Information System Security Certifier (ISSC), and Information System Security Manager (ISSM).

Deliverables

1. SCAP Implementation Guide(Reference: SCAP implementation guide - Section 4.1.1 *)
2. Baselined OMB Exhibit 300, Attachment 1:
   • ISS section of the Final Requirement Document(fPR).
     • Security Interfaces in the IRD.
3. Baselined OMB Exhibit 300, Attachment 2, & 3
4. The security information for SIR, SOW & CDRL.
5. DAA signature(s) of Certification and Authorization to connect and operate the system in the NAS.

End SI for AMS decision point: #5 & AMS Phase: SI

BEGIN In-Service Management (ISM) – Systems Engineering Milestones: Technology Refresh Assessment (TRA)

(Determine: To continue, update (Tech refresh, P3I) or end the Systems Development Lifecycle needs for the (ISM))

Review

• FAAFASTAMS Lifecycle Phases and Decisions guidance website:
  • In-Service Management (ISM)
• FAAFASTISS Flow Chart of the ISM section.
• The ISSP for the system assessed.
• OMB Exhibit 300, Attachment 1, 2, & 3.

Update

• ISS section of the Final Requirement Document (fPR).
• Vulnerability and risk assessment for the Security Risk Assessment (SRA).
• SCAP with your Service Unit/Service Area Certification Team Lead.
  • Verify if recertification is required.

Generate

• Technology refresh and/or upgrade of the system assessed.
  • Prepare for Technology Refresh and Upgrade Planning (p)
  • NISTSP 800-64, “Security Considerations in the Information System Development Life Cycle”
• For disposal of the system.
  1. Follow ISSP
  2. Archive information
  3. Sanitize media
  4. Dispose of hardware and software.

Obtain

• DAA signature(s) of Certification and Authorization package (SCAP).
  • Service Unit/Service Area Certification Team Lead and ISSO.
  • ATO Designated Approving Authority (DAA), Information System Security Certifier (ISSC), and Information System Security Manager (ISSM).

Deliverables

1. Updated OMB Exhibit 300, Attachment 1, 2, & 3
   • ISS section of the Final Requirement Document (fPR).
2. Updated Security vulnerability and threat assessment for the SRA.
3. Updated SCAP documents.
4. DAA signature(s) of the SCAP documents.

End ISM for Systems Engineering Milestones: TRA & AMS Phase: ISM

Kenai Flight Service Station

Home Page

Below -20°C

Celsius to Fahrenheit Temperature Conversion
(-20°C to +39°C)

Celsius to Fahrenheit Temperature Conversion
(Below -20°C)

Top of Page

Questions or Comments Welcome

Kenai Flight Service Station

Home Page

Current Date: 11/3/21 (U.S. Eastern Time)

Top of Page

Questions or Comments Welcome

Kenai Flight Service Station

Home Page

Alaska Flight Service Master Flight Plans

Master Flight Plan Worksheet

After completing the applicable data fields in the form use an email button to send it to the
appropriate Flight Service Station. It may also be sent via FAX, or mailed directly to the Flight Service Station. Forwarding information can be found on page 2 of the form.

Top of Page

Questions or Comments Welcome

Kenai Flight Service Station

Home Page

Kenai FSS User Comment Form

Air Traffic Organization

The Air Traffic Organization (ATO) is the operational arm of the FAA. It is responsible for providing safe and efficient air navigation services to 29.4 million square miles of airspace. This represents more than 17 percent of the world's airspace and includes all of the United States and large portions of the Atlantic and Pacific Oceans and the Gulf of America.

Our stakeholders are commercial and private aviation and the military. Our employees are the service providers – the 35,000 controllers, technicians, engineers and support personnel whose daily efforts keep aircraft moving safely through the nation's skies.

Aviation is essential to our way of life and is a driving force in our economy. Entire industries rely on the successful operation of the national airspace system. Aviation accounts for 11 million jobs and is responsible for more than 5 percent of our gross domestic product.

The U.S. air traffic system is experiencing the safest period in its history. This is the result of the ATO's robust safety culture. With the implementation of its proactive Safety Management System, the ATO is now able to identify precursors of risk before there is a safety problem.

Mission Analysis

The Information Systems Security (ISS) engineering process starts in the Corporate Mission Analysis. In this phase, the ISSE process focuses on:

• the proposed system's operating environment
• system boundaries
• information assets and functions
• and the potential threat and vulnerability sources to the system's information assets and functions.

Basic system security policy flows from FAA organizational directives, such as FAA Order 1370.82A, "ISS Program Policy" as well as from FAA operating procedures and instructions. Basic system security policy is the set of rules governing control, access, and use of system information. For example, a basic security policy statement may be that only authorized FAA users shall access the system.

The ISS engineering process applies NIST Federal Information Processing Standards (FIPS) 199, "Standards for Security Categorization of Federal Information and Information Systems" to categorize the information system assets and functions. The ISSE process analyzes the NAS system concept of operations (CONOPS) and mission need statement (MNS) to formulate a basic security policy.

The security planning aspects of ISS engineering also begins in this phase, following guidance of NIST Special Publication (SP) 800-18, "Guide for Developing Security Plans for Federal Information Systems". Security requirements, based on security policy, are in the Preliminary Program Requirements (pPR) document.

Solution Implementation

The Information Systems Security (ISS) engineering activities during the earlier phases provide the basis for the updating, monitoring, and controlling system security risks and the respective mitigation measures or controls that are implemented during this phase of the system development. A summary of ISS engineering activities for this phase includes the following:

• Revise the security related statement in the CONOPS and security requirements based on functional analysis performed during early stages of the Solution Implementation phase.
• Analyze the physical/system architecture, resulting in an allocation of the securityfeatures to be implemented in the system under development. Security trade studies may be needed to identify the appropriate security controls to be implemented that balance system and security requirements.
• Integrate the security features into the security architecture to balance them with the system architecture and design. Security trade studies, interface securityrequirements, and other Systems Engineering (SE) outputs contribute to successful integration of security architecture into system design. System design reviews are key milestones for ensuring that security controls are integrated into system development.
• Update the ISSP, one of the SCAP documents based on the expected ISS functional and assurance controls derived from the system architecture and design. Refine the system test planning and procedures to ensure that all security requirements and controls are addressed. The ISSP supports Validation (SEM Section: 4.12, subsection 4.12.1) and Synthesis (SEM Section: 4.5) to assess controls and assurance as being cost effective and meeting the ISS requirements. Use Risk Management (SEM Section: 4.10) and Requirements Management (SEM Section: 4.3) to mitigate security risk to acceptable levels. The criticality/sensitivity of the system and its information assets guides the type and level of controls and testing.
• Develop a user's guide, training plans, and Contingency/Disaster Recovery Plans (C/DRP). Security procedures, rules, training, and planning for C/DRP operations may be integrated into the integrated logistics support and lifecycle planning for systems.
• Conduct security testing. Security controls and mechanisms may be testedincrementally and as a part of system development testing. For mission-criticalsystems, a third party shall conduct independent testing of system vulnerabilities.
• Create final the Security Certification and Authorization Package (SCAP) documents. The results of ISSE activities-including relevant results from related SE elements such as Integrated Technical Planning (SEM Section: 4.2), Synthesis (SEM Section: 4.5), Validation and Verification (SEM Section: 4.12), and Lifecycle Engineering (SEM Section: 4.13)-shall be considered as final SCAP documents. The Air Traffic Organization provides templates for collecting and presenting the SCAP documentation.

Investment Analysis

Integrating the Information Systems Security (ISS) engineering process with the SE elements is essential. During the Initial Investment Analysis (IIA), ISSE develops and documents the need for security in the CONOPS and the initial security requirements for the Preliminary Requirements document (pPR). The Investment Analysis (IA) team uses the system program CONOPS and the security requirements to evaluate the system alternatives. The security engineers in the product team conduct a preliminary vulnerability and security risk assessment using updated threat and vulnerability data to determine the specific risks that must be controlled or mitigated. The security trade studies are performed to evaluate the system alternatives and to assess the security risk controls/mitigation measures related to the system alternatives. Also, the security trade studies identify the native, existing system, and/or network features that reduces the likelihood of the system threats successfully exploiting a vulnerability. These trade studies compare the costs and benefits of the system features/security controls in terms of risk reduction. Trade studies may evaluate the cost-effectiveness of different controls for a given risk or set of risks. Also, system alternatives may require different types of controls to balance the system performance and security requirements against the security risks/costs of the different alternatives. The different system alternatives may have significantly different physical and/or system architectures that would require different security controls that may lead to different security costs and effectiveness.

During the final stage of the IA phase, the ISS engineering refines and updates the preliminary vulnerability and security risk assessment. Updated threat and vulnerability data is applied, analyzing the costs and effectiveness of system features and security controls that are associated with each of the final system alternatives. ISS engineering provides the final security requirements for the final Program Requirements document (fPR) and the system specification, as well as special requirements for the Solicitation Information Request (SIR) and contract Statement of Work (SOW). In developing the final system requirements, ISS engineering analyzes and establishes the appropriate assurance level to be proven during system implementation. The assurance in this context addresses the required level of confidence in the security function, performance and ensures that the security controls function in an integrated fashion. The assurance can be gained through many techniques, including conformance testing, independent verification testing, and employing diverse and/or redundant capability.

The ISS engineering shall support a documented agreement among the FAA stakeholders regarding the necessity and sufficiency of the security requirements. It should clearly document the agreement to the security requirements before the investment decision becomes the foundation for the Security Certification and Authorization Package (SCAP), which shall be completed before the In-Service Decision (ISD). During the IA, ISS engineering identifies the technically qualified, senior FAA official who shall certify that the system security controls meet the minimum FAA/NASISS requirements (see DAA discussion in SEM section: 4.8.6). The ISSP, which was based on the NISTSP 800-18 and was a conceptual draft during the Mission Analysis of the AMS phase, is updated to become an initial draft.

The ISS engineering products from this phase include the updated preliminary and vulnerability security risk assessment, final security program requirements, security trade studies to support cost-benefit/investment analysis of security controls, and input to the SIR, SOW, system specification, and Contract Data Requirements List (CDRL) for systems to be acquired. These products support the AMS milestone decision for transition into the Solution Implementation phase.

In-Service Management

Activities during this phase include the following:

• Follow and conform to the final SCAP template as required for the final SCAP documents.
• Obtain the security Certification and Authorization (C&A). Stakeholder C&A review shall ensure that the DAA is in a position to certify and authorize the system as meeting the security requirements and as presenting an acceptable risk to the FAA mission and NAS operations.
• Conduct the performance measurement, monitoring, and reporting of the security controls and incidents. Ensure that the monitoring of ISS performance and assurance for the respective NAS service/capability has not degraded and that the new vulnerabilities have not been introduced to the operational system.
• Update the SCAP to reflect any major configuration changes at least every 3 years, assessing the changes in the environment and system for previously unforeseen risks from new threats and vulnerabilities. Plan and take corrective action as necessary.
• For disposal of the system, the following types of activities may be addressed in the Information System Security Plan, and conducted at the appropriate stage of the System Development Lifecycle
  • Archive Information - Retain information as necessary, keeping in mindlegal requirements and future technology changes that render the retrievalmethod obsolete.
  • Sanitize Media - Ensure data is deleted, erased, or written over asnecessary.
  • Dispose of Hardware and Software - Dispose of the hardware and software in accordance with ISS policy.