34-tm-0754 Manage Counterintelligence (ci Sources

PurposeThe Defense Acquisition Guidebook (DAG), Chapter 7, provides guidance to Program Managers (PMs) on how to use intelligence information and data to ensure maximum warfighting capability at a minimum risk to cost and schedule. BackgroundIntelligence is a key factor in understanding the current and future threat posed by foreign weapon and information technology system capabilities, and should therefore affect United States (U.S.) weapons and information technology system acquisition decisions. For systems to achieve their intended capabilities, consideration of the threat must be constantly reviewed and considered throughout the life cycle of each system. Threat and intelligence support considerations should affect all decisions from defining requirements and capabilities, through initial concept phases, planning, research, full-scale development, production, test and evaluation, deployment, and system upgrade, all the way through disposal: cradle to grave. Threat analysis and intelligence support requirements inform and enable program capabilities and minimize costs to the government throughout the entire acquisition process.While the dialogue between the Defense Intelligence Enterprise (DIE) and acquisition community bridges the cultural divide or stovepipes, that same dialogue is no less important between the requirements and intelligence communities.

1. 34-tm-0754 Manage Counterintelligence (ci Sources Free

The requirements developer should call on the supporting intelligence SME at the earliest stages of development for assistance in determining if the requirements being developed will involve intelligence support, especially IMD. The determination and statement of the intelligence support requirements, or lack thereof, are recorded and transmitted to the acquisition program manager in each capability document. CH 7–2.1 Expected BenefitsThe integration of intelligence has become increasingly critical to DoD acquisition programs. Threat intelligence analysis and/or intelligence supportability requirements inform the acquisition community and enable weapon system capabilities. They also minimize risk and cost to the government throughout the entire acquisition process.Early determination of intelligence supportability requirements increases the likelihood that the delivered system will be fully capable and more survivable against the relevant adversary threats.

CI/HUMINT All Source Integration System (CHASIS) The Counterintelligence/Human Intelligence Information Management Systems (CHIMS) is a family of systems that will enhance counter intelligence. Intelligence officers who specialize in HUMINT manage operations to obtain intelligence information using humans as both intelligence data sources and collectors. Human intelligence officers may also be responsible for overseeing psychological operations, which are designed to control, influence, predict, and understand persons and groups though communication and contact with these individuals.

It also reduces risk to acquisition cost, schedule, and performance through the early identification of threat capabilities and the work to be performed by the DIE; it also reduces risk to proper tasking of the DIE at the appropriate acquisition milestone through production requirements, identification of capability gaps, risk considerations, mitigation steps, and negotiated delivery dates for products. Business PracticeThe importance of determining at the earliest possible time that an acquisition program has intelligence supportability requirements cannot be overstated. As stated earlier, the engagement to determine intelligence support starts with the Sponsor and the supporting intelligence SME.

CH 7–3.1 Intelligence and RequirementsThe (Appendix I to Encl. D) provides a general description of the nine intelligence support requirement categories to assist the Sponsor and stakeholders in identifying intelligence support requirements and sufficiency or risk of shortfalls in the DIE needed to support a materiel capability solution. CH 7–3.1.1 Early Intelligence and Requirements EngagementThe (paragraph 1.a.(2)) states that it is crucial for the Sponsor to identify intelligence support requirements, particularly IMD dependency, in all capability requirement documents or state there are no such requirements, Therefore, the Sponsor should engage the supporting intelligence SME to assist in determining whether or not a materiel capability solution is IMD-dependent and/or involve other intelligence supportability requirements. The acquisition PM is the beneficiary of this determination and is not responsible for making the determination. If the capability requirement documents identify intelligence supportability requirements, the Sponsor should establish a line of communications among the Sponsor, acquisition PM, and operator, and their respective supporting intelligence SMEs.

CH 7–3.1.2 Advantages of Early Intelligence and Requirements EngagementThe communication between these communities, especially with the supporting intelligence SMEs, should improve efficiency and effectiveness and minimize errors in identifying and requesting adequate intelligence support to acquisition. For example, without greater integration of threat and intelligence within the program structure, the program runs the risk of being out of sync with changes in the threat of record or of a new threat materializing, increases risk during Developmental Operational Test and Evaluation, and ultimately risks system failure when operationally deployed. CH 7–3.2 Capability Requirements and IntelligenceThe Joint Staff provides review, coordination, and certification/endorsement functions in support of the JCIDS process. These functions include intelligence supportability requirements for intelligence certification, and threat validation. All acquisition programs that are expected to operate in a threat environment should be developed in accordance with the most current threat information. The applicable threat information should be continually updated to account for threats throughout the acquisition program’s life cycle. The supporting intelligence SMEs to the Sponsor should be invaluable in incorporating adversarial threat capabilities throughout the JCIDS review process, and will review and validate the threat input within the JCIDS documents.

CH 7–3.2.1 Documents and Intelligence CollaborationThis section addresses the capabilities documents that identify intelligence supportability requirements. It also describes the intelligence certification process regarding intelligence support within an acquisition program. CH 7–3.2.1.1 JCIDS DocumentationThe Sponsor’s supporting intelligence SME should help drive the threat(s) of record in support of JCIDS document development. The supporting intelligence SME should also review all ICDs, CDDs, and CPDs - as well as Joint ICDs, CDDs, and CPDs, which involve their service equities - during the JCIDS document-staffing process to ensure that the threat information and the addressing of the nine JCIDS intelligence support categories meet JCIDS requirements.

Furthermore, the supporting intelligence SME should assist the Sponsor in identifying key performance parameters, key system attributes, and additional performance attributes that are threat-dependent and require Critical Intelligence Parameters (CIPs) in the threat and capabilities sections of the applicable JCIDS documents. Defense Intelligence Agency (DIA) provides CIP best practices and a development template at the following SIPRNet site: Capabilities Document (ICD). Spanish language for balabolka video.

The initiating DoD Component prepares a concise threat summary and threat rationale. If validated Threat Modules or Validated Online Lifecycle Threat (VOLT) Reports (see Sections 4.1.1 and 4.1.2) are available and address the threat areas affecting U.S. Capability, these documents should be used as the primary sources for the threat statements. The ICDs reference the threat documents used to support the analysis. The initiating DoD Component prepares a concise threat summary and threat rationale.

If validated Threat Modules or VOLT Reports are available and address the threat areas affecting U.S. Capability, these documents should be used as the primary sources for the threat statements. The initiating DoD Component prepares a concise threat summary and threat rationale. If validated Threat Modules or VOLT Reports are available and address the threat areas affecting U.S. Capability, these documents should be used as the primary sources for the threat statements. CH 7–3.2.1.2 Validated Online Lifecycle Threat (VOLT) and Threat ModulesDeleted. CH 7–3.2.1.3 Intelligence Certification ProcessThe Intelligence Certification Process involves the evaluation of threat documentation and the nine JCIDS intelligence support categories with respect to system architecture, security, and intelligence interoperability standards.The J28 Intelligence Requirements Certification Office (IRCO) acts on behalf of the DJ-2 and the J-2/DDJ28 as the lead intelligence entity within the Joint Staff for intelligence certification of capability requirement documents.

It provides intelligence certification of capability requirement documents. See (para 2.c.(5), Encl. B) for details on IRCO. The IRCO engages members of the DIE during intelligence certification. The IRCO can be contacted for assistance at (757) 836-7030 or through SIPRNet channels ( sites/IRCO/SitePages/Home.aspx). CH 7–3.2.2 Advantages of Capability Requirements and Intelligence CollaborationThe early identification of IMD dependency and/or other intelligence supportability needs in the requirements process will inform identification of potential gaps or shortfalls in intelligence support to an Acquisition Category (ACAT) program, particularly, IMD.

This early identification should allow the DIE, PM, and eventually the operator time and flexibility in addressing any recognized gap or shortfall in intelligence support. Additional Planning ConsiderationsThreat support and the nine JCIDS intelligence support categories play an increasingly significant role in the successful development of the U.S. Capabilities that provide an advantage on the battlefield. This section addresses the capabilities and intelligence documents required by (Table 2) and their linkages to the Acquisition, Intelligence, and Requirements communities.

CH 7–4.1 Threat SupportThreat Intelligence support to the acquisition process provides an understanding of foreign threat capabilities. It should be continually updated to account for upgrades to adversarial capabilities throughout the program to ensure that the technological advantage over adversarial capabilities is maintained. See the graphic in Figure 1.Figure 1 illustrates the range of support provided by the threat intelligence community over the life of a particular capability shortfall identification process and the resulting system acquisition program. The Defense Intelligence Threat Library (DITL) informs the capability shortfall identification process as well as during the early phases of system acquisition prior to the generation of the VOLT. The Threat Modules in the DITL project foreign capabilities in particular threat areas looking out 20 years.At the beginning of the Material Solution Analysis phase, the Sponsor should contact the supporting intelligence production center (IPC) to support the integration of validated threat information into the technology development approach in the Analysis of Alternatives (AoA). Threat information may come from DIA-validated Threat Modules or other DIA/Service-validated VOLTs that align with the capability mission, concept of operations (CONOPs), and employment timeline.Once the Sponsor, PM, or other appropriate enabler identifies concepts or prototypes for the materiel solution, the program office or Sponsor should task the supporting IPC for the lead Service to produce a VOLT Report. The program office should work closely with the supporting IPC to provide system-specific characteristics, employment CONOPS, and employment timeline as they evolve.

34-tm-0754 Manage Counterintelligence (ci Sources Free

The program office should also work with the Sponsor and VOLT Report validation authority to identify CIPs and ensure that DoD IC production requirements are levied against those CIPs. CH 7–4.1.1 Threat Modules(DITL (Threat Modules) row, Table 2) describes the Threat Modules as regulatory documents that are produced by the DIE and are required to be updated every 2 years, independent of acquisition decision events.

Threat Modules serve as the analytical foundation for VOLT Reports and maintain projections of technology and adversary capability trends over the next 20 years.The Threat Modules are defined as comprehensive, authoritative, and validated assessments of foreign threats, relative to ACAT I-III programs. Modules project the threat environment in a given threat topic out 20 years and constitute the DIE position with respect to those topics. The modules fall under the following seven categories: Chemical, Biological, Radioactive, and Nuclear; counter sensor; cyberspace; employment/CONOPS; platform/target; sensor; and weapons. The DITL is available on SIPRNet at the following DIA page: CH 7–4.1.2 VOLT Report(VOLT Report row, Table 2) lists the VOLT Report as a regulatory document for ACAT I-III programs. These programs require a unique, system-specific VOLT Report to support capability development and PM assessments of mission needs and capability gaps against likely threat capabilities at initial operational capability (IOC).VOLT Reports are required for all other programs unless waived by the Milestone Decision Authority (MDA). Programs on the Director, Operational Test, and Evaluation (DOT&E) Oversight List require a unique, system-specific VOLT Report, unless waived by both the MDA and the DOT&E. DoD Components produce a VOLT Report.

DIA validates the VOLT Report for ACAT ID or IAM programs; the DoD Component validates the VOLT Report for ACAT IC or IAC programs and below. For ACAT ID or IAM programs, DIA contact information and the VOLT Report request form are available at the following SIPRNet page: VOLT Report is defined as the authoritative threat assessment tailored for and normally focused on one specific ACAT I, II or III program and authorized for use in the Defense Acquisition Management process. The VOLT Reports involve the application of threat modules, and are to be written to articulate the relevance of each module to a specific acquisition program or planned capability. At the discretion of the responsible MDA, VOLT Reports can be used in the future to support multiple programs that address like performance attributes, share an employment CONOPs, and have a similar employment timeline. CH 7–4.1.3 Life-Cycle Mission Data Plan(LMDP row, Table 2, Encl. 1) lists the LMDP as a regulatory requirement for all ACAT programs if the system is dependent on IMD.

The LMDP is a Milestone A requirement and a Program Executive Officer and Component Acquisition Executive-approved draft update is due for a Development Request for Proposal Release. The DoD Component approves the draft update at Milestone B. CH 7–4.1.3.1 “V” ProcessFigure 2 depicts the five phases of the LMDP process, called the “V” process. In Phase I, the PM, in collaboration with the Sponsor, identifies all known IMD requirements. Phases II-IV involve the DIE lead; the description of these phases is in Section 4.1.3.2 below.

In Phase V, the Sponsor determines which shortfalls should be addressed, the appropriate course(s) of action to mitigate risk, and the risk associated with the remaining IMD shortfalls. Supplemental 001, Life-Cycle Mission Data Plan (LMDP) and Intelligence Mission Data (IMD) planning, of this chapter provides details of the LMDP process.CH 7–4.1.3.2 Intelligence input to the “V” ProcessPhases II-IV involve intelligence input from the IMD Center (IMDC) and Service IPCs. In Phase II, the IMDC evaluates the submitted LMDP IMD requirements list for sufficiency and determines which IPCs should assess each IMD request. In Phase III, the IPC assesses any gaps associated with each IMD request and estimates the shortfall costs. In Phase IV, the IMDC identifies common IMD requirements across ACAT Programs and Services.

The IMDC also analyzes the shortfalls and provides consolidated feedback to the appropriate PM. CH 7–4.1.4 System Threat Assessment Report (STAR)Deleted. CH 7–4.1.5 Support to Operational Test and EvaluationThe should define specific intelligence requirements to support program operational test and evaluation. When requested by the appropriate authority in the offices of the DOT&E or the Under Secretary of Defense for Acquisition, Technology and Logistics (USD(AT&L)), DIA, working with the DIE, should provide additional intelligence support to the operational testing of programs on the annual DOT&E Oversight List. DIA support should include certification that the threat information in the test plan is correct and consistent with existing assessments.Per (VOLT Report row, Table 2), programs on the DOT&E Oversight List require a VOLT Report regardless of ACAT designation. Details on the VOLT Report are available at paragraph 4.1.2.of this chapter.

CH 7–4.2 Intelligence Mission Data Support(LMDP row, Table 2) lists the LMDP as a regulatory document and is required only if the system is dependent on IMD. (glossary) defines IMD as DoD intelligence used for programming platform mission systems in development, testing, operations, and sustainment, including, but not limited to, the functional areas of signatures, electronic warfare integrated reprogramming (EWIR), order of battle (OOB), characteristics and performance (C&P), and geospatial intelligence (GEOINT). CH 7–4.2.1 IMD Functional AreasThe (para 2.e., Appendix I, Encl. D) addresses these functional areas as follows: CH 7–4.2.1.1 SignaturesSignatures are defined as the distinctive characteristics, or sets of characteristics, that consistently recur and identify a piece of equipment, materiel, activity, or event. Signature support is the provision of such data to capability solutions that use signatures in their design, development, testing, training, or operations of sensors, models, or algorithms for the purpose of: combat identification; blue force tracking; targeting; or detecting or identifying activities, events, persons, materiel, or equipment. CH 7–4.2.1.2 EWIREWIR involves assessed, all-source intelligence data on adversary and non-adversary commercial systems, to include technical parametric and performance data, observed electronic intelligence data on foreign emitters from the National Security Agency, and engineering-value/measured data on domestic emitters.

CH 7–4.2.1.3 OOBOOB is the identification, command structure, strength, and disposition of personnel, equipment, and units of an armed force. CH 7–4.2.1.4 C&PC&P refers to all-source derived assessments of foreign military system capabilities and physical attributes. CH 7–4.2.1.5 GEOINTGEOINT provides programs with mapping, charting and geodesy, geospatial information, imagery intelligence, and other GEOINT data, data products, and services to support operations, navigation, terrain visualization, targeting, and the characterization of the physical and manmade environments.

CH 7–4.2.2 Consideration of IMDThe (para 2.e.(2), Appendix I, Encl. D) further states that IMD requirements “must be considered” as early as the AoA when one or more of the alternatives under consideration are likely to be dependent on IMD to ensure mission effectiveness. Consideration is to be given for alternatives that are not IMD-dependent or those that can be satisfied by IMD already produced by the DIE. Alternatives requiring additional IMD production by the DIE should only be considered where the value of the additional mission effectiveness exceeds the cost associated with generating and maintaining the additional IMD CH 7–4.2.3 Reference Sources on IMDand the DIA Intelligence Mission Data SharePoint Site (SIPRNet – ) provide details on IMD.