Home' RTCA Documents for Review : DO-230I, Airport Security Access Control Systems Contents EXECUTIVE SUMMARY
The document provides guidance on acquiring and designing such systems, testing and evaluating system
performance, and operational requirements.
It should be emphasized that these guidelines and standards are not regulatory in nature but represent the
industry’s derived consensus on standards and provisions to be met in achieving consistency and
interoperability in an airport access control environment.
This updated document incorporates the latest technological advances in security access control systems
and identity management technologies, including smart cards and biometrics. The nature of the changes in
available technology, and the need to enhance sections pertaining to perimeter security, security operation
support, and identity management requirements, has led to a few changes in this document. Specifically
updated are the Credentialing section.
Following the approach adopted in previous versions of DO-230 and recognizing that both technology and
regulation proceed apace and await no man, it was decided that a strict adherence to what was required by
the regulations at the date of issue was pointless as it would be quickly obsolete.
As in previous releases of DO-230, Special Committee 224 (SC-224) received input from the TSA, airports,
and industry representatives for inclusion in the revised credentialing section. Within other previously
updated sections, privacy concerns have been raised as they relate to video surveillance using closed circuit
television (CCTV) systems, cameras used in perimeter intrusion detection systems (PIDS), and the use of
drones / unmanned aerial vehicles (UAV). These paradigm shifts in the use of advanced imaging
technology have resulted in the need to address privacy and protect the images captured by these systems
and information sharing by airport stakeholders at all levels.
While the FAA Reauthorization Act of 2012 requires the FAA to address the issue of drones / UAVs, that
agency’s primary mission is safety rather than security; thus, safety-related actions in this area have been
deemed to be outside the scope of this document.
Some captured images may be federally classified as Security Sensitive Information (SSI) thus restricting
their distribution and/or public release. Airport security plans and programs should include risk mitigations
as to privacy in operational and procedural scenarios and ensure security controls are adequate in controlling
who has access to information and how it may be shared. The Department of Homeland Security (DHS)
has established a Privacy Office and its Privacy Incident Handling Guidance, January 2012 is available for
reference on its website.
This RTCA DO-230I document contains forward-thinking references to technology, processes and
guidance which continue to evolve. Where applicable, the Committee has made these references in the
interest of providing a complete picture of the possible direction of a standard and/or technology. An
example of this is the evolution of cloud computing and the ongoing development of standards by various
professional, academic and standards organizations.
The (US) Government Accountability Office (GAO) issued a report on future cloud computing efforts and
the need for better planning (GAO-12-756: Information Technology Reform – Progress Made but Future
Cloud Computing Efforts Should be Better Planned). As in previous releases of this document, RTCA SC-
224 recommends that readers of this guidance document solicit the latest information on any referenced
Links Archive ACAS X MOPS DRAFT Vol. 2 Navigation Previous Page Next Page