Working Linux Emergency Response System Undermined at Homeland Security by Microsoft Lobbying

Posted by tadelste on Mar 24, 2006 7:44 PM EDT
Lxer, Originally Linux Journal; By Tom Adelstein
Mail this story
Print this story

LAMP is at the heart of Emergency Response Network Systems and is saving lives. But recently, Microsoft maneuvered into taking the system away from a Free Software vendor. As Jim Lytle put it:
It concerns some information about the deployment of our product which looks like they are trying to replace it with Microsoft solution at DHS. In violation of many FARs (Federal Acquisition Regulations) in regards to COTS, commercial-off-the-shelf, technology etc. They have awarded a contract to an existing vender to "develop" a copy of our product. In addition to the utter disregard for the "Small Business" set-aside programs and other directives they are going ahead at the risk of providing a developmental system. This system is not tested and has no proven track record and doesn't currently exist.
Keep in mind, this is the Emergency Response Network System that worked so well during 911. I believe the failure to deploy since 911 has put our nation at risk and harmed such efforts as advanced hurricane notification that battered Florida, the Gulf and New Orleans: All because it's Linux and Microsoft can't have that.

Like many government contractors, the provider of ERN (Emergency Response Network) Systems maintains a low profile. When you ask the CEO, Jo Balderas, for references she politely says, "the Federal Bureau of Investigation, the Department of Public Safety and the Department of Homeland Security". That's quite an impressive list, and it represents only a few of the company's clients.

When you ask for a technology snapshot Jo says, "currently we use an enterprise open-source software stack known as LAMP (Linux, Apache, MySQL and PHP). We also use an appliance to support rapid deployment and to minimize total cost of ownership. Our roadmap has us integrating the OASIS Common Alerting Protocol (CAP) version 1.0 and Justice XML standards within six months."

CAP enables the exchange of emergency alert and public warning information over data networks and computer-controlled warning systems. Justice XML is evolving into a method for justice and public-safety groups to import and export data from multiple databases and publish it in various formats. Justice XML officially is known as the Global Justice XML Data Model.

ERN Systems has supported the Dallas FBI Emergency Response Network since May 2001, through both the September 11 terrorist attacks and the Space Shuttle Columbia disaster. On September 11, 2001, the FBI used ERN to immediately locate InfraGard personnel to confirm their immediate statuses and any anomalies. Within minutes, InfraGard partners such as American Airlines, EDS, Sabre and members of the banking and defense industry provided status reports and contact numbers. The Dallas FBI began to use ERN to communicate with InfaGard in the post-9/11 investigation period and continues to use it today.



On February 1, 2003, the FBI used ERN during the Space Shuttle Columbia disaster. The crash occurred at 8:05 am. By 8:10 am, FEMA had contacted FBI Dallas requesting a phone number for Johnson Space Center (JSC) in Houston, as no one (FBI, FBI HQ, FEMA, OHS) could reach the published number. FBI used ERN to locate all law enforcement personnel in the Houston area. A Houston intelligence officer provided the cell phone for JSC's Director of Security. By 8:15 am, using ERN, all 800 numbers and JSC instructions were transmitted by the FBI to the public and to first responders.

ERN Roll-Out--Will It Scale?

On June 23, 2004, DHS and the FBI launched the first Homeland Security Information Network-Critical Infrastructure Program in Dallas using ERN. Additional implementations are scheduled to follow in Seattle, Indianapolis and Atlanta. Homeland Security decided to turn the initiative into a pilot program. Each site will operate this year to determine if ERN can become the application for other cities across the country. One might think that ERN's three-year history of reliable and critical performance would prove sufficient evidence.

After spending time with the founders and creators of the ERN project, I quickly realized that they could face a critical political challenge from the vendor lobby. As noted in last week's article, "law enforcement cannot work effectively when the people in decision-making positions in our government fail to empower them. Currently, the evidence points vividly to state CIOs who have failed to implement any of the "value add" they claim to have."

The same possibly holds true now that ERN officially is out of the bag. Will we discover that "the biggest barriers still remain cultural components, legal components [and] political components", as Tom Richey said. Will those components in regional offices of DHS hamper the rapid deployment of ERN? Will using Linux and open-source components require leaders within DHS to put aside their unfounded prejudices and embrace this technology as the multiplier for solving our security problems? Will they put the nation's interests ahead of their loyalties to larger and more influential vendors?

One would expect Red Hat to assist in this effort because the solution uses Red Hat's Enterprise Linux product. With ERN gaining public exposure, will Red Hat recognize this opportunity quickly? It certainly provides the company with a serious entry into this vital area.



One has to wonder if ERN will run into the regional hurdles of DHS because of the special interests. Will decision makers use their standard techniques of "delay and bury", or will they overcome their allegiances to, say, Microsoft? Simply put, will they give ERN a chance to prove itself?

If not, the country will have to ask some hard questions: Can DHS make sound technology decisions by breaking the hold of influence peddlers? Perhaps, we even could re-form the question by asking: Given the rise of other technologies, such as the LAMP stack, can we trust bureaucrats who have made questionable or inferior technological decisions in the past to make better technological decisions in the future? Or will the sway and tug of marketing, "nobody ever got fired for buying IBM" rationale and other reductionist thinking continue to hold?

A Critical DHS Application

Few of us realize that the permanent government runs the country, and that's not necessarily our elected and appointed officials. Actually, one even might say that the permanent government doesn't do that work, at least sometimes not efficiently. The permanent government consists of the long-term civil servants who operate in fiefdoms. When someone gets the blame for the failure of a department, its usually an elected official whose inheritance is his or her agency.

The Dallas FBI worked to put ERN into place. Here's a part of the permanent government that does work and works for the people. Now, they want to share this incredible software solution with the rest of the nation. Will they succeed?

Currently, the Dallas FBI has the ERN system. It has run for three years and uses Linux, Apache, MySQL and PHP. Look elsewhere, and the remainder of the country lacks such a critical application. When you want to report an incident or a suspicious activity, if it doesn't make it to the ERN system, it falls into a hole.

ERN has a database of strategic contacts that includes local, national and international individuals in both public and private sectors. The dynamic alert and notification system supports broadcast and targeted distribution of information, such as:



  • 10,000 voice calls per minute

  • 30,000 simultaneous inbound hotline calls

  • 3,000 simultaneous faxes

  • 5,000 simultaneous e-mails



  • 5,000 simultaneous text messages

  • Immediate Web site changes.

And additional notification technology currently is being added quarterly.

ERN provides dynamic and unobstructed information sharing between program partners at every level of government and the private sector. This system even alerts providers to the location of supplies and equipment so offices quickly can assign those critical assets in case of a crisis. Those assets include personnel, equipment and vehicles available in daily-use or crisis-use situations. In other words, ERN can provide immediate dispatch of the country's assets to disaster areas.

Why wouldn't every citizen in the US and across the globe want this system active and operational today?







Figure 1. Secretary Ridge and Jo Balderas

Secretary Ridge Lets the Cat Out of the Bag

On June 23, 2004, when Secretary Tom Ridge gave a speech in Dallas honoring the creators of ERN and their founder Jo Banderas, he said:



A girl grew up in Chicago, the youngest child in a family with twelve children. Her cousins and uncles and godparents worked the sweaty, hard jobs of Chicago cops and firefighters, and two of her brothers went away to Vietnam with the Marine Corps. She grew up, married and stayed home to raise three kids of her own. Then she taught herself computers and the technology necessary to use them. Then she started her own company with her son--a company that had software that, among other things, helped talent agencies conduct talent searches.

And this software, this technology with a robust search capability, was the type of technology that the FBI desperately needed after September 11th. On September 12, it took 2 and 1/2 hours to reach 540 local law enforcement organizations in Dallas to stand up multi-agency command posts. We needed a better, faster tool to disseminate and collect information, and connect people. When Art Fierro, Special Agent with the Dallas FBI, called this woman, she took down all the FBI's requirements and redeployed her existing technology to fulfill our country's needs.

The FBI told her that they could not pay her very much money. She said not to worry about the money, the country faced a national emergency and she would do whatever it took to help. Sacrifice on behalf of our country often requires us to forfeit self interest and private goals for the sake of the common interest and public good. For her sacrifice and patriotism, today I'd like to recognize and thank Jo Balderas. I'd also like to recognize Art Fierro for his tireless efforts to help develop this great tool that the private sector can use to communicate with each other and with the Department.

Secretary Ridge went on to describe ERN, which Jo Baldera's company started and which has become part of Homeland Security's information sharing initiative:

One of these solutions is the Homeland Security Information Network Critical Infrastructure Pilot Program (HSIN-CI). A program forged by the strong partnership not only between the FBI and the Department of Homeland Security, but also with the private sector, our local leaders, law enforcement and first responders.

It is a cross-agency, cross-sector, cross-discipline, public and private information-sharing and alert notification system. And it is locally governed and administered by knowledgeable, respected domain experts and decision makers from the private and public sectors.... HSIN-CI will provide unobstructed information sharing to the right people--those who need to know and those who need to act.



And it will provide it quickly, with the capability to make 10,000 calls per minute and send 3,000 faxes simultaneously. Notifications can also be sent out by e-mail and text messaging.

In a Department of Homeland Security Press Release, we learn even more:

The [ERN] HSIN-CI pilot program, modeled after the FBI Dallas Emergency Response Network expands the reach of the Department's Homeland Security Information Network (HSIN) initiative--a counterterrorism communications tool that connects 50 states, five territories, Washington, DC, and 50 major urban areass to strengthen the exchange of threat information--to critical infrastructure owners and operators in a variety of industries and locations, first responders and local officials. As part of the HSIN-CI pilot program, more than 25,000 members of the network will have access to unclassified sector specific information and alert notifications on a 24/7 basis.



Linux in the Trenches

On my initial visit to Jo Balderas' company in Ft. Worth, I spent a fascinating morning with her and her son, Mike. Afterwards, I felt like I had made a trip to visit friendly relatives. We sat and discussed the intricacies of Linux and the commitments that the community brings.

Jo Balderas' company, YHD Software Inc., incorporates the qualities of excellence in programming, innovation, security and reliability. YHD Software Inc. exemplifies the intent of our nation's efforts to help form small businesses in which innovation can flourish and jobs can be created. We should be glad to know that open-source and free software provides tools at low to no-cost that people can use to realize their dreams and aspirations. It's nice to know it can happen even in your home town.

  Nav
» Read more about: Story Type: News Story; Groups: Community, IBM, Microsoft, MySQL, PHP, Red Hat

« Return to the newswire homepage

Subject Topic Starter Replies Views Last Post
a request for LXER number6x 7 2,623 Mar 29, 2006 5:54 AM
What particularly disturbs me Skapare 0 2,377 Mar 28, 2006 7:49 PM

You cannot post until you login.