Home' RTCA Documents for Review : DO-230H FRAC Contents 20
©2017 RTCA, Inc.
Incident Response Posts
Incident Response Coordination could follow the path of identify, respond, stabilize, recover, restore,
resume and normalized with stakeholder inputs based on the nature of the incident. Incident response can
be coordinated from a centralized location (i.e., an established SOC) or from a decentralized response
locations based on the nature of the incident. Proactive monitoring or reactive response to an incident should
be addressed as part of the design of a PACS. IT-related incidents (such as a network, server or router
disruptions or failures) might be initially reported to an SOC and addressed in a by separate Incident
Response Coordination Center if categorized at a priority other than security-related. Risk mitigation and
continuation of ongoing operations planning are essential considerations for airport operators during their
planning process. Operational and financial implications of a centralized versus a decentralized approach
and the airport’s ConOps will dictate which works best based on inputs from the stakeholders.
These and other related topics may be found in Section 7: Security Operations Center (SOC).
Bringing usually disparate security subsystem components together into a physically and functionally
cohesive whole that adds enhanced capabilities and value requires careful system architecture and
engineering interface protocols. While, security systems integration methods vary (vertical, star, horizontal,
et cetera) and are mentioned – either briefly or at length – in the various sections, the topic is most
significantly addressed in Section 8: Integration.
Trade Studies / Design Trade-offs
Per the System Engineering Manual, Version 3.1, Section 4.6, Trade Studies (Federal Aviation
Administration, 2006), a ‘trade study’ (or ‘trade-off study’) performs an objective comparison of proposed
solutions with respect to cost, schedule, performance and risk. Design alternatives, alternative architectures
and migration strategies, and lease/purchase decisions are presented for the access control system by various
parties and evaluated against stakeholder requirements and documentation generated to correlate the
requirements, assumptions and success criteria. System reliability, maintainability, availability and
supportability are important to trade studies. Metrics are applied to the outcomes of the trade studies to
determine how well system objectives are achieved (stakeholders’ inputs) and the overall performance of
the system (as defined by the performance objectives). These form the basis for decision-making by airport
operators in the selection process of their access control system.
Configuration Management / Interfacing / Integration / Migration Issues
Security access control systems exist in many forms and whether airport operators are contemplating a new
system, the migration of a legacy system via technology refreshments, or a hybrid of new and legacy
systems, Configuration Management (CM) should be pivotal in their planning and integration process and
procedures. With an established CM plan, defined interfaces between systems and integration plans could
be managed using methodologies such as Engineering Change Proposals (ECP). Changes would only be
implemented after consideration and approval by an appointed Change Control Board (CCB) comprised of
stakeholder representatives. Migration from legacy or the introduction of technology refresh updates can
therefore be documented as part of the CM document. Of note, CM documentation is always ‘in-progress’
and requires periodic updates and review for it to be useful. General procurement guidance is provided in
this document covering configuration management.
Links Archive Navigation Previous Page Next Page