Home' RTCA Documents for Review : DO-230H FRAC Contents 205
©2017 RTCA, Inc.
SECURITY OPERATIONS CENTER (SOC)
This entire RTCA document is focused on providing minimum performance standards for an integrated
airport security system, including the access control systems that allow or deny entry into non-public areas.
The Security Operations Center (SOC) is at the heart of the process, because no matter how many or how
good the technology deployment, and no matter how precise the information gathered and reported, all the
data must come back to a central SOC to initiate analysis, decision-making and resource deployment, some
of which may be automated while much may require human examination, analysis, intervention and follow-
Just as each airport is unique in its layout and security requirements, each airport’s SOC is unique in its
features, staffing, and methods of operation. SOCs are sometimes known by other names, particularly where
they may co-locate with other operational functions; such designations may include: Airport
Communications Center, Airport Operations Center, or Security Control Center. A SOC can provide
multiple communications links to the airport operator including police, fire, rescue, airport operations,
crash/hijack alert, off-airport emergency assistance and a secure communications channel, as well as liaison
with Federal agencies.
SOC location has a significant effect upon its utility. Ideally, it should be located close to the airport's
emergency Command Post (CP), and in a secure area because the EOC must manage the emergency while
the airport operator deals with continuing regular operational concerns, and each must coordinate with the
others. From the standpoint of cabling interconnections, a relatively central geographic location serves to
maintain reasonable cable lengths to all the security detection reporting devices as well as normal
Determining who and what comprises a SOC must consider not only the logical transmission, reception
and presentation of data from literally hundreds of simultaneous voice/data/video reporting points, but also
an assessment to determine the necessary balance between automated and human interfaces – what data is
available, which is required, how will the information flow to and from the SOC, and how will it be used
to fulfill the airport’s security obligations, as well as some ancillary tasks. An ongoing threat and risk
assessment will continually examine:
What anomaly has been identified?
What threat does the anomaly introduce?
What vulnerabilities are exposed?
What preventive measures are already in place?
What are the resulting levels of tolerable risk, as additional alerts and alarms compete for attention
and new decisions?
What plans exist for incident management and how should they be implemented?
What response capabilities exist, how are they deployed, and which should be involved?
Finally, what does all this mean for implementing new system design requirements for sensors,
physical and IT infrastructure, analytical tools, communications capability, staffing and training?
In the context of the integrated security system standards outlined in this document, the Security Operations
Center is where information processing is most critical, coupling human operational assessments of the
relevance and consequences of all events, including access control, to deploy security personnel to respond
appropriately to events and to resolve outcomes. To be successful, this process should be initiated through
the development of a Concept of Operations (ConOps) specific to the SOC:
What do we want to do?
Why are we doing it?
Links Archive Navigation Previous Page Next Page