Homeland Security Interoperability and IPv6
By Matt Walton
Chairman, Emergency Interoperability Consortium

The tragic collapse of the World Trade Center Towers on 9-11 made interoperability a household word. We all watched in horror as it became evident that the police and fire departments could not communicate with each other. Prior to 9-11, the issues associated with the inability of public agencies and private companies to share information during emergencies had largely gone un-noticed by the general public. It was assumed that police departments, fire departments, public health departments and the myriad agencies that support them had the tools necessary to communicate regardless of the circumstances. But 9-11 sadly showed that this was not the case.

Shockingly, the same gaps were unmistakable in the bungled response to Katrina in the late Summer of 2005. With a combination of anger and urgency, both public officials and the general public have begun to ask — how is it possible that a mission as critical as public safety interoperability has not been effectively addressed in a society aroused by epic tragedies and blessed with abundant technological resources?

The answer to this urgent question has multiple parts: some political, some organizational and some technological. The good news is that the path to a solution is now becoming clear on at least one of those dimensions: the technological. The fact is that the technological capabilities are now available to address the problem, and IPv6 is a fundamental part of the solution.

The Data Interoperability Challenge
When it was founded in the Fall of 2002, the Emergency Interoperability Consortium (EIC) took as its charter to ensure that:

In emergencies, every American has appropriate access to required information, when and how he or she needs its.

In accepting this challenge, the EIC devoted itself to the development of open data standards using Webservice tools (SOAP, XML, etc,) to create an environment where any piece of data could be accessed and used regardless of where it might stored or how it might be processed. And in less than two years, the EIC working in partnership with the Organization for the Advancement of Structured Information Standards (OASIS) and the Department of Homeland Security Disaster Management Program have either published, or put into formal development four major categories of interoperability standards — the Common Alerting Protocol (CAP 1.0 and 1.1), the Distribution Element (DE), Resources and Hospital Availability (HAVE). Each of these standards attempts to provide a documented Webservices interface to permit the exchange of critical emergency data. All of these standards fit under a framework called Emergency Data Exchange Language (EDXL).

Impressive though the effort to bring forth EDXL has been, a number of problems in data exchange have either thus far been insoluble or addressable only through the use of “brute force.” Authentication/Verification, item level tracking, rich content streaming and stateless auto-configuration have all been difficult to address prior to the emergence of IPv6.

IPv6 To The Rescue
Prior to the advent of IPv6, authentication/verification required the intercession of an intermediary, and, in many cases, a “manual” verification that the entities involved in the exchange of information were who they said they were and were therefore authorized to complete the transaction. Items at the individual level were extremely difficult to track — again requiring manual intercession. Rich content from Closed Circuit Television (CCTV), sensors, GIS systems and other media sources quickly overloaded transmission and traditional data management systems. And the fielding of thousands of stateless IP-capable devices made the configuration and management of ad hoc networks next to impossible.

Enter IPv6. With authentication at the source, the ability to individually tag billions of items, “flow” multi-casting and stateless auto-configuration, IPv6 structurally addresses most, if not all, of the core problems. Instead of inelegant, expensive and nightmarishly difficult to maintain “work-arounds,” IPv6 provides the foundation on which secure, interoperable data communications can be built. Once implemented, much of what now requires human intervention can be automated in ways that will permit the first response community to focus on its “day job” with the assurance that the data it requires will be delivered appropriately when and how its needed.

So How Do We Get There?
While we can all take some comfort in the fact that the enabling capabilities inherent in IPv6 are on their way, much work needs to be done before it will find its way into the hands of first responders. The essential ingredient in all change is leadership, and here the conditions are mixed. The good news is that the dramatic evidence from 9-11 and Katrina has given the issue a sense of urgency at the Department of Homeland Security and the response community, and interoperability efforts are underway to address the problem. The bad news is that up to now little to no thought has been given to IPv6. And, ironically, because of its very ubiquity, the adoption of IPv6 almost certainly has to be driven from the top.

The mandate from OMB that all agencies must become able to support IPv6 by 2008 is beginning to elevate the issue to the senior management level within many agencies. However, the adoption of IPv6 needs to embraced as a matter of policy at DHS — not a compliance issue. IPv6 needs to be recognized at DHS as a core element in the department’s strategy to achieve both intra- and inter- agency interoperability. As such, it must be articulated as a matter of policy — in much the same way as it has been positioned by the senior leadership of the Department of Defense.

Achieving broad-based interoperability will not be easy. Many challenges will have to be overcome politically, organizationally and technologically. It will take years to change mindsets, retrofit legacy systems and integrate new technology. But the good news is that with proliferation of IPv6 a critical foundation of enabling capabilities can be put in place quickly so that the next disaster, which we know is coming, will find our first responders better prepared.