Home' RTCA Documents for Review : DO-230I, Airport Security Access Control Systems Contents 2
©2018 RTCA, Inc.
modified regularly since, primarily by improvements in technology as well as TSA-issued Security
Directives and ASP amendments that modify performance requirements.
Several other initiatives have also provided input to this document. These include the:
Various findings studied by TSA have influenced other standards bodies such as NIST, ISO/IEC
and ICAO [Refer to Appendix A: Standards]
National Safe Skies Alliance commitment to airport operators and facilities, technology providers
and government organizations through its testing facilities, product research and lifecycle analysis
of devices and systems
“Personal Identity Verification” (PIV) Program and associated standards (FIPS 201- Federal
Information Processing Standard 201) issued by NIST in 2006 and numerous supporting
documents since (including FIPS 201-2 July 2012)
The standards outlined herein establish application recommendations for components, processes, methods,
designs, and engineering practices in the implementation of ISSA systems. In addition, the document
contains significant additional material on potential extensions of such systems over and above the current
regulatory requirements in line with industry practice, anticipated regulatory requirements and new
technology. It contains explicit material on system migration issues. This document includes criteria
deemed appropriate to standards intended to achieve the highest practical degree of commonality of
interfaces between system or subsystem hardware and software modules and interchangeability of these
modules across a wide range of products and manufacturers.
These performance standards do not replace technical specifications that must be developed by end users
to tailor ISSA requirements to specific purposes such as system acquisition, installation, operation, training
These standards provide the foundation upon which such ISSA technical specifications should be
developed. The operational goals are the installation and/or implementation of an FAA- and TSA-approved
ISSA that enables an airport operator to comply with the regulatory requirements, to minimize costs and
operational impacts, to maximize utility for operational users, and to provide a sound foundation for the
support of anticipated new requirements, technology and standards.
ISSA (colloquially referred to Access Control Systems (ACS)) should reflect the security strategy for an
entire airport operation; its planning should take into consideration:
Who are the stakeholders of the system(s),
What access control technologies exist,
What are the migration, obsolescence, and/or emerging technology strategies,
When is the implementation planned for the system (taking into account migration and
obsolescence issues), and
Where are the funding sources for the system?
Access control policies need to be developed (or enhanced and modified) to address current and emerging
stakeholder needs and technological changes that could change how some policies are implemented. These
policies may determine what software systems or hardware platforms are selected and the need to follow
established implementation standards and/or guidelines. The National Institute of Standards and
Technology (NIST) Interagency Report Computer Security division reports on ACS assessment and
provides additional guidance on various areas of concern (NISTIR-7316 September 2006).
Links Archive ACAS X MOPS DRAFT Vol. 2 Navigation Previous Page Next Page