Decisions made over the next five years to launch, cancel, or curtail U.S. programs will determine positioning, navigation, and timing (PNT) capabilities over the next twenty years--how the picture will look in 2025. In this context, it's important to take a strategic outlook, to see if a more effective overall system could be had for the same or even perhaps less cost.

Preliminary results of the National PNT Architecture drew some pointed feedback from a group of high-level stakeholders gathered at a Cambridge, Massachusetts, meeting in late April, hosted by the National Security Space Office (NSSO) and the Departent of Transportation's Research and Innovative Technology Administration (RITA).

The purpose of the PNT Architecture is not to design programs, but to gain understanding of higher-level issues and set down principles by which programs may then be designed--and to ensure that decisions on individual programs are not taken piecemeal, but in the context of a larger vision.

The centerpiece of the exercise appears in the PNT User Perspectives 2025, aka the Ice Cube Tray.

For each cube, participants identified current or potential gaps in fulfililng perceived user needs in accuracy, availability, coverage, continuity, integrity, timeliness, and security. For each gap, which cube has that problem, who are the users living there, why do they have that problem, what is their need, what solutions are possible? Which are feasible? What fits within an overall architecture?

The gaps largely fall under the following categories, according to the military's PNT Joint Capabilities Document, with additions and modifications from parallel civil community documents and discussions:

* Physically impeded environments

* Electromagnetically impeded environments

* Higher accuracy with integrity

* Hazardously misleading information (integrity)

* High altitude/space position and orientation

* Geospatial information: access to improved GIS data

* Insufficient modeling capability

PNT architect-participants scored, for each cube, how six representative architectures might bridge or mitigate gaps. These six future combinations of PNT technologies are: evolved baseline (few changes from current); dependent terrestrial; combined GNSS constellations; network aiding of GNSS; aided autonomous sensors and aiding sources; and highly autonomous. Evaluating factors included adaptability, interoperability, robustness, and sustainability.

Many marathon sessions and more than 6,000 stakeholder scores and comments were consolidated to identify insights and features. A three-month assessment period has begun, with a report expected in the July timeframe, with recommendations, guidance, and decision criteria.

Findings. Among the preliminary findings of the analysis and assessment phase of the Architecture study:

* Demand for assured PNT in RF impeded environments (interference and obscuration) will increase;

* Current GPS-centric architecture could be significantly altered by emergence of networked or autonomous PNT systems;

* Higher power is one way to address impeded environment, but must consider implications of raising the noise floor;

* Combined GNSS has the potential to provide improved accuracy and integrity; but the U.S. must maintain sufficient stand-alone global capability to support military operations;

* Low-frequency RF-based systems are not sufficiently accurate to meet most-stressing positioning needs.

Ponderables. Some of the architecture-level questions (27 total) considered in this exercise include:

* What requirements should be apportioned to basic GPS: which to augmentations, and which to user equipment?

* How can terrestrial/augmentation systems best make up GNSS shortfalls?

* What international agreements are most important in protecting U.S. national security and the economy?

* How can we better embrace commercial industry and academia, since they are often a driving force for innovation and change?

* How do we protect the spectrum, nationally and internationally?

Feedback. Stakeholders from both government and industry (Boeing, Lockheed Martin, Navcom Technology, Omnistar, and the U.S. Data Grid) at the April workshop commented:

* The communications world (now fully digital) versus the GPS world (analog): how should we factor in the migration to software-defined (and software-redefineable) radio architecture? Are software-defined receivers a disruptive technology? Do they enable, or limit, because everyone has to have one?

* Some federal agencies' policies inhibit innovation and use of latest technologies. And yet the federal government is one of, if not the biggest user of PNT

* A stable government policy may bring inhibition or stagnation--but it also provides an environment for investment and innovation by industry. Flexibility in public policy is not necessarily good for industry.

ArcSight ESM v4.0 offers single view into all events across enterprise infrastructures and associates those events to users that cause them, enabling intelligent identification, prioritization, and response to external security threats, insider threats, and compliance breaches. Data security software also includes asset management capability and scalability in support of modeling networks, environments, and applications.

London, UK - 22nd May 2007 - ArcSight, Inc. today announced the availability ArcSight ESM 4.0, a next generation platform that dramatically changes the definition of Security Information and Event Management (SIEM) technology. This new release extends ArcSight's flagship ESM platform way beyond security monitoring, by providing the industry's first integrated identity and role-based correlation capabilities, adding the "who" to the what, when, where and why scenario that is integral for establishing effective business risk protection.

With this new capability, ArcSight ESM 4.0 provides a single view into all events across a multitude of enterprise infrastructures and associates those events to the users that cause them, enabling intelligent identification, prioritisation and response to external security threats, insider threats and compliance breaches.

ArcSight ESM 4.0 introduces major improvements to asset management capability and scalability in support of modelling networks, environments, and applications on a mega enterprise scale. The enhanced scalability reinforces the platform's inherent enterprise-class capabilities. Most large organisations manage over hundreds of thousands of assets and collect millions of events per day. ArcSight delivers a solution designed to handle these enterprise requirements by supporting management of one million assets, including vulnerabilities, applications, and owners.

"Data itself doesn't create security breaches, people do," said Hugh Njemanze, CTO and Executive Vice President of Research and Development, ArcSight. "Without the ability to combine identity and role data with information from technology solutions, businesses are missing a key piece of intelligence. With the addition of this capability to ArcSight ESM, we're adding a new level of understanding of business risk intelligence."

Leveraging the new capabilities of ArcSight ESM 4.0, the company is also releasing a new version of its Sarbanes-Oxley compliance application providing customers with proactive compliance functionality and an instant baseline to demonstrate compliance over a historical period of time. This new solution extends compliance capabilities to a business process whereby violations are quickly identified and remediated.

"ArcSight ESM 4.0 has given our customers a deeper understanding of their business, protecting them against internal and external threat, as well as compliance breaches," said Dusty Wince, CEO at KCG. "The ability to identify relationships between people and network and security events provides a more complete view of any given situation, allowing customers to prioritise incidents and respond faster, and with greater accuracy."

In a recent report, Forrester Research outlined the top reasons enterprises are investing in SIEM products. Among them was the ability to obtain a comprehensive view into the organisation's enterprise security posture for legislative and regulatory mandates. The report also highlighted the need for CISOs and CIOs to identify information that ties back to a specific person: "Security teams are looking to integrate more information about the identity of IT users, so security teams can: 1) map issues back to specific users rather than just devices and 2) get alerted to policy violations by users that cannot be prevented easily by access control." ("The Forrester Wave: Enterprise Security Information Management, Q4 2006", December 2006.)

ArcSight is extending its core capabilities beyond security and compliance to include areas that enable customers to optimise several core business functions such as detecting business process integrity and fraud, and ensuring segregation of duties policies are adhered to. The new capabilities in ArcSight ESM 4.0 help companies make better decisions and protect their businesses:

Identity and Role Correlation

New Identity Correlation capabilities enable full automation of various security controls that interpret how an event relates to an organisation's business, and correlates the event activity to individuals in real time. Most identity integration mechanisms only track the events that contain user information or those that touch identity related systems. Leveraging ArcSight ESM 4.0, customers can readily determine the significance of an event; who is associated with the event; and what the person's role is in the organisation.

Working in tandem, Role Correlation identifies violations of business processes or compliance with policies, and compares the action of an individual with their business role and organisation membership.

The variety and number of domestic and military operational roles the Defense Department fulfills in today's uncertain environment require mission rehearsals with civil authorities and an astonishing number of government and non-government agencies.

Noble Resolve can help. Noble Resolve is a U.S. Joint Forces Command (USJFCOM) campaign plan designed to enhance homeland defense and improve military support to civil authorities for quick and decisive action in the event of natural or manmade disasters.

The aim of Noble Resolve is to develop solutions for U.S. agencies and organizations to use to deter, prevent and defeat threats and aggression aimed at the United States, its territories and interests.

Supported by U.S. Northern Command (NORTHCOM), Noble Resolve is the first of what will be a series of experiments held over a number of years on this theme. USJFCOM's Joint Innovation and Experimentation Directorate (J9) manages Noble Resolve experimentation.

According to Rear Adm. James Winnefeld, J9 director, more than 125 people from across the United States and multinational participants, including Canada, Germany, Singapore, Finland, Sweden, and others, came together in the weeklong event. USJFCOM collaborated with the U.S. Transportation Command and other federal agencies, such as the Department of Homeland Security, the FBI and Customs and Border Protection. In this event, JFCOM teamed with the commonwealth of Virginia and, in a later phase, Oregon will be added.

Winnefeld discussed Noble Resolve with members of media April 26, emphasizing that it was important to understand how crucial the exercise was to understanding and planning the Department of Defense role in effectively assisting civil authorities. Referring to current disaster relief capabilities, Winnefeld said that organizations at every level need to improve disaster response methods and that JFCOM is eager to assist.

Virginia's General Assembly passed legislation in 2005 that required the governor to establish a multi-agency intelligence center to receive and coordinate information related to terrorism and other hazards. Because JFCOM is located in Virginia, working with the commonwealth and its agencies is a logical choice and saves taxpayer dollars, Winnefeld said.

The timing was especially good because the commonwealth was simultaneously conducting an exercise in conjunction with the Army, called the Virginia Emergency Response Team Exercise, or VERTEX, centrally managed at the Virginia Fusion Center, located in the Virginia State Police Combined Headquarters in suburban Richmond.

"We are working with the Fusion Center carefully. We are helping them with nodal analysis tools to help them understand where their communications seams might be. We are trying to stay out of their way. They are running an exercise, and we don't want to be viewed as the 100-pound gorilla muscling in trying to run their experiment for them," Winnefeld said.

Results from the exercise will be analyzed and become an after action report that will then be sent to all participants, as well as Virginia officials, including Gov. Tim Kaine and mayors of the cities in Hampton Roads, said Winnefeld. However, a quick look report will be distributed to participants within 30 days of the conclusion of the experiment.

The Fusion Center, run by the Virginia State Police Criminal Intelligence Division, provides criminal intelligence and technical support to local, state and federal law enforcement agencies. The center's role in Noble Resolve was to coordinate the flow of information during Virginia's response to the scenario and allow the various federal, state and local entities involved to get a clear picture of what was happening. These included firefighters and police officers from the Tidewater area, who worked with agencies all the way up to the national strategic level.

Those partners include Virginia's Department of Fire Programs and Department of Health. Other state and local agencies, like the Virginia Port Authority, connect to the Fusion Center from their own offices, feeding up-to-date information into the system. Some of these tools have nationwide applicability to other states' Emergency Operations Centers and local municipalities, according to Winnefeld.

"Norfolk Mayor Paul Fraim was in here this morning and he was interested in getting some of the tools into his hands instantly so that he can apply them to some of the problems Norfolk might have. We had folks from Hampton here that were interested in the same things," Winnefeld said.

Because homeland security threats cut across the interests of many government and public agencies, the Defense Threat Reduction Agency, Naval Criminal Investigative Service, National Guard and even the Maersk shipping line, based in Norfolk Va., participated. Maersk was helpful in showing its capabilities for maritime domain awareness, Winnefeld said.

On a tour of the experimentation cells, Winnefeld and Dave Ozolek, executive director of JFCOM's Joint Futures Laboratory, and other exercise coordinators, explained the dimensions of the exercise by demonstrating some of the technology used in the experiments. It's difficult to create a sense of excitement observing rooms full of people staring at computer screens, but Winnefeld and Ozolek succeeded by their enthusiasm and knowledge of the technological innovations they demonstrated.