[House Hearing, 114 Congress]
[From the U.S. Government Publishing Office]


                  TRANSPORTATION SECURITY ACQUISITION 
               REFORM ACT: EXAMINING REMAINING CHALLENGES

=======================================================================

                                  HEARING

                               BEFORE THE

                            SUBCOMMITTEE ON
                        TRANSPORTATION SECURITY

                                 OF THE

                     COMMITTEE ON HOMELAND SECURITY
                        HOUSE OF REPRESENTATIVES

                    ONE HUNDRED FOURTEENTH CONGRESS

                             SECOND SESSION

                               __________

                            JANUARY 7, 2016

                               __________

                           Serial No. 114-48

                               __________

       Printed for the use of the Committee on Homeland Security
                                     

[GRAPHIC NOT AVAILABLE IN TIFF FORMAT] 

                                     

      Available via the World Wide Web: http://www.gpo.gov/fdsys/

                               __________
                               
                               
                       U.S. GOVERNMENT PUBLISHING OFFICE
21-291 PDF                    WASHINGTON : 2016                       
_________________________________________________________________________________________ 
For sale by the Superintendent of Documents, U.S. Government Publishing Office, 
http://bookstore.gpo.gov. For more information, contact the GPO Customer Contact Center, 
U.S. Government Publishing Office. Phone 202-512-1800, or 866-512-1800 (toll-free).
E-mail, gpo@custhelp.com.  

 
                               

                     COMMITTEE ON HOMELAND SECURITY

                   Michael T. McCaul, Texas, Chairman
Lamar Smith, Texas                   Bennie G. Thompson, Mississippi
Peter T. King, New York              Loretta Sanchez, California
Mike Rogers, Alabama                 Sheila Jackson Lee, Texas
Candice S. Miller, Michigan, Vice    James R. Langevin, Rhode Island
    Chair                            Brian Higgins, New York
Jeff Duncan, South Carolina          Cedric L. Richmond, Louisiana
Tom Marino, Pennsylvania             William R. Keating, Massachusetts
Lou Barletta, Pennsylvania           Donald M. Payne, Jr., New Jersey
Scott Perry, Pennsylvania            Filemon Vela, Texas
Curt Clawson, Florida                Bonnie Watson Coleman, New Jersey
John Katko, New York                 Kathleen M. Rice, New York
Will Hurd, Texas                     Norma J. Torres, California
Earl L. ``Buddy'' Carter, Georgia
Mark Walker, North Carolina
Barry Loudermilk, Georgia
Martha McSally, Arizona
John Ratcliffe, Texas
Daniel M. Donovan, Jr., New York
                   Brendan P. Shields, Staff Director
                    Joan V. O'Hara,  General Counsel
                    Michael S. Twinchek, Chief Clerk
                I. Lanier Avant, Minority Staff Director
                                 
                                 ------                                

                SUBCOMMITTEE ON TRANSPORTATION SECURITY

                     John Katko, New York, Chairman
Mike Rogers, Alabama                 Kathleen M. Rice, New York
Earl L. ``Buddy'' Carter, Georgia    William R. Keating, Massachusetts
Mark Walker, North Carolina          Donald M. Payne, Jr., New Jersey
John Ratcliffe, Texas                Bennie G. Thompson, Mississippi 
Michael T. McCaul, Texas (ex             (ex officio)
    officio)
             Krista P. Harvey, Subcommittee Staff Director
             Vacancy, Minority Subcommittee Staff Director
                            
                            
                            C O N T E N T S

                              ----------                              
                                                                   Page

                               Statements

The Honorable John Katko, a Representative in Congress From the 
  State of New York, and Chairman, Subcommittee on Transportation 
  Security:
  Oral Statement.................................................     1
  Prepared Statement.............................................     3
The Honorable Kathleen M. Rice, a Representative in Congress From 
  the State of New York, and Ranking Member, Subcommittee on 
  Transportation Security:
  Oral Statement.................................................     4
  Prepared Statement.............................................     5

                               Witnesses

Mr. Steven Wallen, Director, Explosives Division, Homeland 
  Security Advanced Research Projects Agency, Science and 
  Technology Directorate, U.S. Department of Homeland Security:
  Oral Statement.................................................     6
  Prepared Statement.............................................     8
Ms. Jill Vaughan, Assistant Administrator, Office of Security 
  Technologies, Transportation Security Administration, U.S. 
  Department of Homeland Security:
  Oral Statement.................................................    13
  Prepared Statement.............................................    14
Mr. Michele Mackin, Director, Office of Acquisition and Sourcing 
  Management, U.S. Government Accountability Office:
  Oral Statement.................................................    17
  Prepared Statement.............................................    18
Mr. T.J. Schulz, Executive Director, Security Manufacturers 
  Coalition:
  Oral Statement.................................................    37
  Prepared Statement.............................................    38

                                Appendix

Questions From Chairman John Katko for Steven Wallen.............    45
Questions From Chairman John Katko for Jill Vaughan..............    45
Questions From Chairman John Katko for Michele Mackin............    50

 
  TRANSPORTATION SECURITY ACQUISITION REFORM ACT: EXAMINING REMAINING 
                               CHALLENGES

                              ----------                              


                       Thursday, January 7, 2016

             U.S. House of Representatives,
                    Committee on Homeland Security,
                   Subcommittee on Transportation Security,
                                                    Washington, DC.
    The subcommittee met, pursuant to call, at 2:08 p.m., in 
Room 311, Cannon House Office Building, Hon. John Katko 
[Chairman of the subcommittee] presiding.
    Present: Representatives Katko, Carter, Walker, Ratcliffe, 
Rice, Keating, and Payne.
    Also present: Representative Hudson.
    Mr. Katko. The Committee on Homeland Security Subcommittee 
on Transportation Security will come to order.
    The subcommittee is meeting today to examine the remaining 
challenges to transportation security acquisition reform. I now 
recognize myself for an opening statement.
    Taxpayer dollars should never be wasted on technology that 
is not effective or meeting our needs. Unfortunately, this is a 
problem with which the TSA has struggled for many years. Our 
Government relies upon private-sector innovation to develop 
security technologies. However, that innovation comes with a 
price tag and we cannot reasonably expect the private sector to 
spend millions of dollars into research and development of new 
and emerging technologies without greater transparency, 
communication, and interaction from both the TSA and the 
Department of Homeland Security as to what their future needs 
and technology investments will be.
    In the agency's short history, TSA has exhibited a number 
of deficiencies in its procurement process. However, the 
acquisitions challenges facing TSA are not insurmountable. It 
is incumbent upon this subcommittee to provide the necessary 
oversight to streamline the agency's policies and procedures 
while ensuring that taxpayer dollars are appropriately spent on 
technologies that are proven to be effective at protecting our 
Nation's transportation systems.
    I recently sat down with Administrator Neffenger, and I 
know that he is acutely aware of some of the challenges TSA 
faces in this regard. I look forward to continuing to support 
him in his efforts to lead and reform this agency along with 
Ms. Vaughan and others. The purpose of today's hearing is to 
examine the challenges that TSA faces in their research and 
development of security technologies and how those challenges 
affect TSA's acquisitions practices.
    On December 18, 2014, before we were sworn in for this 
Congress, President Obama signed the Transportation Security 
Acquisition Reform Act into law, which was introduced by 
Congressman Hudson, my predecessor last year. This bipartisan 
bill was passed on the premise that TSA must be more 
transparent and strategic in identifying its technology 
investment needs by working closely with industry stakeholders 
to develop and procure future technologies.
    In addition, this legislation required TSA to submit to 
Congress a strategic, 5-year technology investment plan. This 
plan, which was provided to this committee in August of this 
year, lays out the--last year, rather, lays out the agency's 
vision for near-term technology investments while providing a 
clearer vision of the agency's often opaque acquisition 
strategy. Producing a 5-year plan is a meaningful step in the 
right direction and includes a number of pragmatic observations 
and goals. However, more must be done to build on the strategy 
and turn words on paper into more efficient and streamline 
procurement process. I will note that Ms. Vaughan was sworn in 
as a new director of this project a few weeks before it became 
incumbent upon her to come up with a strategy. So good luck, 
Ms. Vaughan.
    Earlier this year, Ranking Member Rice and I visited the 
TSA integration facility to observe how TSA tests and evaluates 
existing and emerging screening technologies. Additionally, we 
have met with a number of industry stakeholders offering a 
range of impressive technologies and innovations to better 
secure our Nation's transportation systems. These stakeholders, 
like TSA, share a desire to improve the security of the 
traveling public and mitigate threats from a rapidly-evolving 
threat landscape and have talked frankly about the state of 
existing technologies and the challenges facing the agency.
    However, many of them also have shared troubling anecdotes 
about the bureaucratic difficulties they have encountered in 
attempts to partner with TSA in the Department of Homeland 
Security's Science and Technology Directorate. I am concerned 
that bureaucracy and stagnation are preventing TSA and DHS from 
being responsive to legitimate security threats facing our 
Nation.
    Indeed, while it is critical that any acquisition process 
includes safeguards to prevent wasting taxpayer dollars on poor 
investments and unproven technology, it is just as critical 
that we are not failing to meet our most basic mission, and 
that is to prevent terror attacks against transportation 
targets.
    This is, no doubt, a challenge and I am intent on holding 
both TSA and industry accountable to reasoned effective 
investment strategy. I am concerned about whether TSA is making 
procurement and investment decisions in a vacuum without 
leveraging sufficient support from other Government experts and 
stakeholders.
    Additionally, I remain unconvinced that TSA and Homeland 
Security's Science and Technology Directorate are working 
closely enough to develop and test existing and future 
technology. A lack of cross-pollination and communication 
between these entities is, I believe, hindering our ability to 
meet mission needs.
    I look forward to hearing different perspectives from our 
witnesses today on how DHS and TSA work together to make their 
procurement decisions; how this committee's legislation has 
informed this process; and what more needs to be done to ensure 
that taxpayer dollars are being spent in a deliberate and 
strategic manner with an eye towards keeping us safe. I would 
like to thank all of you for being here today and we have a 
two-paneled hearing.
    I will note that prior to preparing here today, I have been 
encouraged about what I have heard about some of the 
improvements being made at TSA and I am looking forward to 
hearing about similar improvements at DHS if, in fact, they do 
exist. Note that we are not here to indict anybody. We are here 
to just find out how we can make the process better. It has 
gotten better. It needs to get better, and that is what this 
whole goal today is about.
    We will begin by hearing testimony from a panel of 
Government witnesses followed by a panel representing the 
security technology industry.
    [The statement of Chairman Katko follows:]
               Prepared Statement of Chairman John Katko
                            January 7, 2016
    Taxpayer dollars should never be wasted on technology that is not 
effective or meeting our needs--unfortunately, this is a problem with 
which the Transportation Security Administration has struggled for many 
years. Our Government relies upon private-sector innovation to develop 
security technologies. However, that innovation comes with a price tag, 
and we cannot reasonably expect the private sector to spend millions of 
dollars in the research and development of new and emerging 
technologies without greater transparency and communication from both 
TSA and the Department of Homeland Security as to what their future 
needs and technology investments will be.
    In the agency's short history, TSA has exhibited a number of 
deficiencies in its procurement processes. However, the acquisitions 
challenges facing TSA are not insurmountable, and it is incumbent upon 
this subcommittee to provide the necessary oversight to streamline the 
agency's policies and procedures, while ensuring that taxpayer dollars 
are appropriately spent on technologies that are proven to be effective 
at protecting our Nation's transportation systems. I recently sat down 
with Administrator Neffenger, and I know that is he is acutely aware of 
some of the challenges TSA faces in this regard. I look forward to 
continuing to support him in his efforts to lead and reform this 
agency.
    The purpose of today's hearing is to examine the challenges the 
Transportation Security Administration faces in their research and 
development of security technologies and how those challenges affect 
TSA's acquisitions practices. On December 18, 2014, President Obama 
signed the ``Transportation Security Acquisition Reform Act'' into law, 
which was introduced by Congressman Hudson last year. This bipartisan 
bill was passed on the premise that TSA must be more transparent and 
strategic in identifying its technology investment needs, while working 
closely with industry stakeholders to develop and procure future 
technologies. In addition, this legislation required TSA to submit to 
Congress a strategic 5-year technology investment plan. This plan, 
which was provided to this committee in August of this year, lays out 
the agency's vision for near-term technology investments, while 
providing a clearer vision of the agency's often opaque acquisitions 
strategy. Producing a 5-year plan is a meaningful step in the right 
direction and includes a number of pragmatic observations and goals.
    However, more must be done to build on this strategy and turn words 
on paper into a more efficient and streamlined procurement process. 
Earlier this year, Ranking Member Rice and I visited the Transportation 
Systems Integration Facility to observe how TSA tests and evaluates 
existing and emerging screening technologies. Additionally, we have met 
with a number of industry stakeholders offering a range of impressive 
technologies and innovations to better secure our Nation's 
transportation systems. These stakeholders, like TSA, share a desire to 
improve the security of the traveling public and mitigate threats from 
a rapidly-evolving threat landscape and have talked frankly about the 
state of existing technologies and the challenges facing the agency. 
However, many of them also have shared troubling anecdotes about the 
bureaucratic difficulties they have encountered in attempts to partner 
with TSA and the Department of Homeland Security's Science and 
Technology Directorate.
    I am concerned that bureaucracy and stagnation are preventing TSA 
and DHS from being responsive to legitimate security threats facing our 
Nation. Indeed, while it is critical that any acquisitions process 
include safeguards to prevent wasting taxpayer dollars on poor 
investments and unproven technology, it is just as critical that we are 
not failing in our most basic mission--to prevent terror attacks 
against transportation targets. This, no doubt, is a challenge, and I 
am intent on holding both TSA and industry accountable to a reasoned, 
effective investment strategy. I am concerned about whether TSA is 
making procurement and investment decisions in a vacuum, without 
leveraging sufficient support from other Government experts and 
stakeholders. Additionally, I remain unconvinced that TSA and the 
Department of Homeland Security's Science & Technology Directorate are 
working closely enough to develop and test existing and future 
technology. A lack of cross-pollination and communication between these 
entities is, I believe, hindering their ability to meet mission needs. 
I look forward to hearing different perspectives from our witnesses 
today on how DHS and TSA work together to make procurement decisions, 
how this committee's legislation has informed this process, and what 
more needs to be done to ensure that taxpayer dollars are being spent 
in a deliberate and strategic manner.
    I would like to thank all of you for being here today. We have a 
two-panel hearing here today. We will begin by hearing testimony from a 
panel of Government witnesses, followed by a panel representing the 
security technology industry.

    Mr. Katko. With that, I now recognize the Ranking Member of 
the subcommittee, the gentlewoman from New York, Miss Rice for 
any statements she may have.
    Miss Rice. Thank you, Mr. Chairman. First I want to thank 
you for convening this hearing and I want to thank the 
witnesses for coming to talk with us about TSA's technology 
acquisition process, its strengths, and weaknesses, and what 
TSA is doing to make the process more effective and more 
efficient.
    The Transportation Security Acquisition Reform Act was 
signed into law just over 1 year ago. Among other things, the 
law requires the administrator to establish a strategic 5-year 
technology investment plan and submit its intentions to 
Congress. The administrator, with the approval of the 
Secretary, published the 2015 report to Congress in August of 
last year. This 5-year plan shows us the full scope of TSA's 
investment objectives and it is a good start. But there are 
clearly some challenges that need to be addressed.
    In December GAO released a report assessing TSA's 
acquisition process, specifically, its process for testing and 
evaluating screening technology. This test and evaluation 
process is a necessary step that allows TSA and DHS to 
determine whether technologies meet mission needs before 
proceeding with procurement and deployment which saves the 
agency time and money. The GAO report acknowledges that TSA has 
come up with ways to improve the test and evaluation process in 
part by developing a third-party testing strategy in order to 
determine whether or not a vendor's technology is immature 
before TSA and DHS begin the test and the evaluation process.
    Unfortunately, we have learned from this report that TSA 
has yet to implement that strategy. Allowing third-party 
testing and evaluation would determine early on if a certain 
technology is mature enough to deploy which will save, 
obviously, time and money, and prevent wasteful spending.
    So I hope to hear from our witnesses today why that 
strategy has not yet been implemented and when we can expect 
that it will be. While third-party testing has yet to be 
finalized, I am pleased to learn that TSA has been highly 
responsive to GAO's recommendations. I agree with the Chairman, 
Ms. Vaughan, you are not in an enviable position, but you were 
kind enough to take some time to meet with me yesterday and as 
a result of that, I think that this is going to be a very 
fruitful hearing.
    So with TSA's screening more than 1 million passengers and 
checked bags, and more than 3 million carry-on bags every 
single day, it is critical that TSA utilize taxpayer dollars as 
efficiently as possible to procure the most effective 
technology available. We know that those numbers will only keep 
growing. The Federal Aviation Administration aerospace forecast 
for fiscal years 2015 to 2030 projects the number of passengers 
on U.S. carriers to increase 2 percent each year over the next 
20 years.
    So TSA clearly needs technology that will cater to such 
growth, and as new threats emerge there is no question that we 
need to prioritize certain security-related technologies over 
others. That is why it is so important that TSA do the work now 
to establish and finalize all of the components of a 
straightforward and cost-efficient acquisition process in order 
to ensure that the agency can continue to fulfill its mission 
and keep passengers safe.
    I appreciate the fact that TSA has been so responsive to 
the GAO report. I truly do appreciate the opportunity to talk 
with our witnesses today about TSA's efforts to improve their 
acquisition processes. Among other things, I look forward to 
learning more about how TSA works with DHS to evaluate the 
different technologies.
    I am also interested in the ways in which TSA incentivizes 
small businesses to be able to innovate and compete with larger 
companies that provide screening technology. That is probably 
one of the biggest challenges I think that we face today.
    TSA's acquisitions process has been described as too long 
and too expensive for large businesses, so I can only imagine 
the issues that arise with small businesses, other start-ups 
that are trying to break into a field, that are obviously at a 
competitive disadvantage, and may endure a lengthy process only 
to learn their products aren't mature enough for deployment. So 
I hope our witness can speak to that point as well.
    Mr. Chairman, thank you again for convening this hearing. I 
look forward to a productive conversation today. I yield back 
the balance of my time.
    [The statement of Miss Rice follows:]
               Statement of Ranking Member Kathleen Rice
                            January 7, 2016
    The Transportation Security Acquisition Reform Act was signed into 
law just over 1 year ago. Among other things, the law requires the 
administrator to establish a strategic 5-year technology investment 
plan and submit its intentions to Congress. The administrator, with the 
approval of the Secretary, published the 2015 report to Congress in 
August of last year. This 5-year plan shows us the full scope of TSA's 
investment objectives, and it's a good start--but there are clearly 
some challenges that need to be addressed.
    In December, GAO released a report assessing TSA's acquisition 
process--specifically, TSA's process for testing and evaluating 
screening technology. This test and evaluation process is a necessary 
step that allows TSA and DHS to determine whether technologies meet 
mission needs before proceeding with procurement and deployment, which 
saves the agency time and money.
    The GAO report acknowledges that TSA has come up with ways to 
improve the test and evaluation process, in part by developing a third-
party testing strategy, in order to determine whether or not a vendor's 
technology is immature before TSA and DHS begin the test and evaluation 
process.
    But unfortunately, we've learned from this report that TSA has yet 
to implement that strategy. Allowing third-party testing and evaluation 
would determine early on if a certain technology is mature enough to 
deploy, which will save time and money and prevent wasteful spending.
    So I hope to hear from our witnesses today why that strategy has 
not yet been implemented, and when we can expect that it will be. While 
third-party testing has yet to be finalized, I am pleased to learn that 
TSA has been highly-responsive to GAO's recommendations. With TSA 
screening more than 1 million passengers and checked bags and more than 
3 million carry-on bags every day, it's critical that TSA utilize 
taxpayer dollars as efficiently as possible to procure the most 
effective technology available.
    We know that those numbers will only keep growing. The Federal 
Aviation Administration Aerospace Forecast for fiscal years 2015-2035 
projects the number of passengers on U.S. Carriers to increase 2 
percent each year over the next 20 years. So TSA clearly needs 
technology that will cater to such growth, and as new threats emerge, 
there's no question that we need to prioritize certain security-related 
technologies over others.
    That's why it's so important that TSA do the work now to establish 
and finalize all the components of a straightforward and cost-efficient 
acquisition process, in order to ensure that the agency can continue to 
fulfill its mission and keep passengers safe. Again, I appreciate the 
fact that TSA has been so responsive to the GAO report, and I 
appreciate the opportunity to talk with our witnesses today about TSA's 
efforts to improve their acquisition processes.
    Among other things, I look forward to learning more about how TSA 
works with DHS to evaluate technologies. I'm also interested in the 
ways in which TSA incentivizes small businesses to be able to innovate 
and compete with larger companies that provide screening technology.
    TSA's acquisitions process has been described as too long and too 
expensive for large businesses--so I can only imagine the issues that 
arise with small businesses that may be at a competitive disadvantage, 
and may endure a lengthy process only to learn their products aren't 
mature enough for deployment. So I hope our witnesses can speak to that 
point as well.

    Mr. Katko. Thank you, Miss Rice.
    Our first witness is Mr. Steven Wallen, who currently 
serves as the director of the Explosives Division in the 
Department of Homeland Security Science and Technology 
Directorate. Previously Mr. Wallen worked for the United States 
Secret Service for 20 years where he managed the Science and 
Technology Group, including the Engineering Research and 
Development Branch. The Chair now recognizes Mr. Wallen to 
testify.

  STATEMENT OF STEVEN WALLEN, DIRECTOR, EXPLOSIVES DIVISION, 
 HOMELAND SECURITY ADVANCED RESEARCH PROJECTS AGENCY, SCIENCE 
    AND TECHNOLOGY DIRECTORATE, U.S. DEPARTMENT OF HOMELAND 
                            SECURITY

    Mr. Wallen. Good afternoon, Chairman Katko, Ranking Member 
Rice, and distinguished Members of the subcommittee.
    Thank you for the opportunity to testify alongside my 
colleague from TSA on the ways the Science and Technology 
Directorates' work on transportation security technology 
supports the aviation security mission. In this testimony I 
will discuss S&T's approach to research and development and how 
our partnerships with TSA and others are leading to new 
aviation security in explosive detection and mitigation 
solutions.
    S&T's mission is to deliver effective and innovative 
insight, methods, and solutions for the critical needs of the 
Homeland Security enterprise. Under Dr. Brothers' leadership as 
Under Secretary, S&T has focused the last 2 years on reshaping 
S&T's approach to R&D. To achieve this, S&T set up 
interdisciplinary teams to work closely with field operators, 
to identify challenges and develop user-driven solutions. S&T 
has initiated several programs to advance technology 
development and reach operational goals. Our Apex projects 
represent some of the highest profile and most revolutionary 
projects in the directorate. These ambitious projects look at 
the Nation's security strategically and address future 
challenges while continuing to support today's operational 
needs.
    The Apex screening and speed project is tailored to address 
maximizing the effectiveness of screening while minimizing 
inconvenience to travelers. S&T's Apex program is supported by 
a new category of resources called Apex Technology Engine 
Teams. These engines provide expertise in focused topic areas 
and enable crosscutting R&D that moved S&T's entire portfolio 
forward.
    S&T has also recently reinstituted Integrated Product 
Teams. The IPTs are initially addressing 6 topic areas: 
Aviation security, biological threats, counterterrorism, border 
security, cybersecurity, and first responder resources. Through 
the IPTs S&T is implementing a formal process for identifying, 
validating, and prioritizing technical capability needs to help 
guide future R&D investments within DHS.
    The aviation security IPT is designed to address a wide 
array of topics including checkpoint check baggage, air cargo, 
systems architecture and integration, and emerging threats. The 
aviation security IPT is chaired by TSA, and has subgroups that 
are jointly chaired by TSA and S&T and include members from 
other DHS and non-DHS organizations.
    Beyond the IPT process, S&T works with TSA in two 
significant ways. One of those ways is through my division of 
S&T, the Explosives Division. We are devoted to protecting 
citizens and our country's infrastructure against the 
devastating effects of explosives, by taking innovative 
approaches to detection and countermeasures. Through our work 
with TSA, industry, academia, and other Government agencies, 
S&T delivers concepts, science, technologies, and systems that 
increase the country's ability to detect explosives and 
mitigate the effects of an explosive blast.
    The Explosives Division's portfolio is divided into three 
operational areas: Aviation solutions, intermodal solutions and 
facilities protection, and foundational science. Aviation 
solutions develops cost-effective systems for screening air 
cargo, checked baggage, carried item, and people at 
checkpoints.
    Intermodal solutions and facilities protection develops 
technologies capable of screening high throughput areas where 
traditional checkpoints are neither effective nor efficient. 
Additionally, they developed tools to improve current canine 
capabilities and screening methods. Vehicle screening methods.
    Foundational science evaluates homemade and conventional 
explosives, and blast phenomenology that makes applied R&D 
possible. S&T's Explosives Division regularly interacts with 
various offices in TSA and works closely with TSA's Office of 
Security Capabilities. Our organizations share information on 
goals, requirements, and current and proposed projects. Both 
organizations frequently offer to hold joint meetings with 
vendors to evaluate the status of projects, discuss new 
technology, or discuss proposals.
    Another significant way in which S&T works to further TSA's 
mission is through the Transportation Security Lab in Atlantic 
City, New Jersey. TSL is 1 of 5 S&T labs and has a specialized 
campus and a highly-experienced staff who are dedicated to 
advancing detection technology from conception to deployment.
    In addition to its research and assessment activities, TSL 
houses an independent test and evaluation group that advances 
TSA's mission by conducting certification and qualification 
tests on detection technologies. TSL also provides technical 
assistance to help industry mature their concepts in 
preparation for certification and qualification testing. S&T 
brings to bear a range of capabilities and expertise in support 
of TSA in the explosives detection and mitigation portfolio. 
The aviation security IPT, my division and the TSL, we are 
investing with TSA and other stakeholders in both evolutionary 
and revolutionary improvements in transportation security.
    I thank you for the opportunity to testify before the 
committee today and welcome your questions and the opportunity 
to further discuss our work.
    [The prepared statement of Mr. Wallen follows:]
                  Prepared Statement of Steven Wallen
                            January 7, 2016
    Good afternoon Chairman Katko, Ranking Member Rice, and 
distinguished Members of the subcommittee. Thank you for the 
opportunity to testify before you today on the Department of Homeland 
Security (DHS) Science and Technology Directorate's (S&T) work on 
transportation security technology. In this testimony, I will discuss 
S&T's approach to research and development (R&D) and how our 
partnerships with the Transportation Security Administration (TSA), the 
private sector, and universities are leading to new explosives 
detection and mitigation solutions.
    S&T's mission is to deliver effective and innovative insight, 
methods, and solutions for the critical needs of the Homeland Security 
Enterprise (HSE). Many of the constraints that S&T and other Federal 
R&D organizations face result, often indirectly, from processes and 
authorities suited to a previous era of relatively less competition for 
technical expertise and less emphasis on organizational agility and 
responsiveness to rapid change. The homeland security mission 
encompasses numerous complex threats that evolve quickly and strain 
operational capabilities running on traditional, multi-year development 
and acquisition cycles. Under Dr. Reginald Brothers' leadership as 
Under Secretary, S&T has focused the last 2 years on reshaping S&T's 
approach to R&D to overcome those constraints. That meant finding ways 
to mine sources of innovation like start-ups that may not traditionally 
work with Government. To achieve this, we set up interdisciplinary 
teams working closely with field operators to accelerate translation of 
operational challenges into real, user-driven solutions. And that meant 
speeding up our internal processes to the maximum extent possible to 
ensure long-term relevance of solutions that become operational and 
enter wide-spread use.
    To foster that approach to R&D, we have focused on five priorities:
   Develop visionary goals for the organization.
   Produce an actionable strategy.
   Foster an empowered workforce.
   Deliver force-multiplying solutions to homeland security 
        stakeholders.
   Energize a Homeland Security Industrial Base.
                            visionary goals
    In the past, S&T had a very operational focus in helping to bridge 
capability gaps identified by component partners and stakeholders. 
While S&T continues to work daily with component partners, first 
responders, and other stakeholders on immediate issues, the 
organization undertook an effort last year to create comprehensive, 
far-reaching visionary goals that look 20 or more years into the 
future. These visionary goals serve as our strategic direction and will 
ultimately improve DHS's capabilities and make our Nation more secure.
   Screening at Speed: Security that Matches the Pace of 
        Life.--Noninvasive screening at speed will provide for 
        comprehensive threat protection while adapting security to the 
        pace of life rather than adapting life to security. Unobtrusive 
        screening of people, baggage, or cargo will enable the seamless 
        detection of threats while respecting privacy, with minimal 
        impact to the pace of travel and speed of commerce.
   A Trusted Cyber Future: Protecting Privacy, Commerce, and 
        Community.--In a future of increasing cyber connectivity, 
        underlying digital infrastructure will be self-detecting, self-
        protecting, and self-healing. Users will trust that information 
        is protected, illegal use is deterred, and privacy is not 
        compromised. Security will operate seamlessly in the 
        background.
   Enable the Decision Maker: Actionable Information at the 
        Speed of Thought.--Predictive analytics, risk analysis, and 
        modeling and simulation systems will enable critical and 
        proactive decisions to be made based on the most relevant 
        information, transforming data into actionable information. 
        Even in the face of uncertain environments involving chemical, 
        biological, radiological, or nuclear incidents, accurate, 
        credible, and context-based information will empower the aware 
        decision maker to take instant actions to improve critical 
        outcomes.
   Responder of the Future: Protected, Connected, and Fully 
        Aware.--The responder of the future is threat-adaptive and 
        cross-functional. Armed with comprehensive physical protection, 
        interoperable tools, and networked threat detection and 
        mitigation capabilities, responders of the future will be 
        better able to serve their communities.
   Resilient Communities: Disaster-Proofing Society.--Critical 
        infrastructure of the future will be designed, built, and 
        maintained to withstand naturally-occurring and man-made 
        disasters. Decision makers will know when disaster is coming, 
        anticipate the effects, and use already-in-place or rapidly-
        deployed countermeasures to shield communities from negative 
        consequences.
    These goals will serve as our strategic direction and will 
ultimately improve DHS's capabilities and make our Nation more secure. 
S&T will continue to provide operational support and help stakeholders 
Nation-wide meet near-term requirements while, with the Visionary Goals 
as a guide, also facilitating longer-term R&D opportunities with public 
and private-sector communities.
                      force-multiplying solutions
The Apex Program
    Grounded in our Visionary Goals and working in mission areas that 
cut across our DHS component partners, S&T launched 6 new Apex projects 
including 1 in direct partnership with TSA. These ambitious programs--
which are based on vetted, long-term requirements of DHS operational 
components--look strategically at the Nation's security and address 
future challenges while continuing to support today's operational 
needs. It is worth noting that in order to create the new Apex 
projects, we reduced the overall number of programs at S&T to have 
fewer, but more impactful, projects. New Apex project areas include the 
following: Biothreat awareness, aviation screening, next-generation 
cyber infrastructure, flood awareness, next-generation first responder, 
and border situational awareness. In addition to existing Apex projects 
with U.S. Customs and Border Protection on passenger screening (the 
Apex Air Entry/Exit Re-Engineering Program) and U.S. Immigration and 
Customs Enforcement (ICE) on data analytics (the Apex Border 
Enforcement Analytics Program), Apex projects represent some of the 
highest-profile and most promising projects in the Directorate.
Engines
    S&T's Apex program is supported by a new category of projects 
called Apex Technology Engine Teams (Engines) that provide expertise in 
focused topic areas, enable cross-cutting R&D, and benefit S&T's entire 
portfolio including our work with TSA. Engines represent a novel 
approach in S&T for realizing S&T's Visionary Goals and powering 
innovation. The first wave of Engines includes the following:
   Data Analytics
   Situational Awareness and Decision Support
   Communications and Networking
   Behavioral Economics and Social Sciences
   Identity and Access Management
   Modeling and Simulation
    Our Engines harness subject-matter expertise and capabilities 
across the Department and leverage technological, scientific, 
industrial, and academic communities to provide continuous support in 
areas of need common to multiple, and sometimes all, DHS component 
agencies. S&T's Engines identify and share subject-matter expertise, 
technical solutions and tools, best practices, lessons learned, and 
reusable products and solutions on behalf of Apex and other S&T 
projects. Collaboration to leverage knowledge from the DHS enterprise 
and external stakeholders are core components of the Engine approach.
    In less than a year, the Engines model has already begun to take 
root. As one example, the Data Analytics Engine works with nearly every 
operational component in DHS. It recently won an award for work with 
the Federal Emergency Management Agency on the U.S. Fire 
Administration's National Fire Incident Records System and has a highly 
successful program underway with ICE's Homeland Security 
Investigations. Additionally, the Data Analytics Engine continues to 
support customer projects such as TSA's third-party pre-screening by 
providing technical evaluation of analytics software.
Integrated Product Teams
    Science and technology are near-universally acknowledged as 
critical elements to future operational success. By prioritizing 
solutions that substantially multiply the effects of manpower and other 
existing assets, components and customers are more likely to recognize 
S&T's value and integrate a jointly-developed R&D portfolio into their 
procurement cycles and, ultimately, their operations. In the last year, 
we have made significant strides in this area including, most 
significantly, re-establishing the Department's Integrated Product 
Teams (IPT) as part of the Secretary's April 2014 Unity of Effort 
initiative.
    In August, the Secretary directed S&T to reinstitute these cross-
departmental IPTs for the purpose of identifying technological 
capability gaps and coordinating R&D to close those gaps across the 
mission areas of the Department. The overall effort is led by S&T, but 
the individual IPTs are led by senior representatives from the 
operational components with representation from the Joint Requirements 
Council (JRC) and support from S&T.
    One of the first 5 topic areas for IPTs is Aviation Security and is 
chaired by TSA. The remaining 4 topic areas are Biological Threats, 
Counterterrorism, Border Security, and Cyber Security. S&T will also 
continue its on-going IPT supporting our Nation's first responders 
through the First Responders Resource Group, and the IPT will create 
additional sub-IPTs to address key issues such as resilience. Going 
forward, the IPTs will be one mechanism by which the Department 
identifies and coordinates its R&D efforts to align DHS's priority 
missions.
Acquisition Support in the Department
    S&T's Office of Test and Evaluation oversees test and evaluation 
(T&E) for DHS major acquisitions including at TSA, ensuring homeland 
security technologies are reliable, interoperable, and effective. S&T 
provides test and evaluation oversight for the Department's major 
acquisition programs housed by the DHS components. In this capacity, 
S&T develops DHS-wide T&E policies and procedures, acts as principal 
advisor on operational T&E to the Office of the Secretary and the 
component heads, and manages a T&E Center of Excellence to support the 
Department. As an independent T&E organization within DHS, the 
objective is to help every program plan and execute robust T&E 
throughout the acquisition life cycle, bringing credible assessments to 
all acquisition decisions.
    For pre-acquisition requirements development, S&T has also been an 
active participant in the Department-wide JRC, a part of the 
Secretary's Unity of Effort Initiative. The JRC identifies common 
capability needs and challenges across DHS components and will work as 
an essential input into S&T's own R&D process. In addition to JRC 
membership, S&T currently provides the JRC's primary analytic 
resources. As such, S&T is helping develop and refine JRC analysis, 
methodology, and process in addition to partnering with topic-specific 
teams to conduct capabilities-based assessments. Working under the 
direction of the JRC chair and with the other JRC stakeholders, S&T 
will establish a lasting and functional framework for the Department's 
requirements process.
                   homeland security industrial base
    In many cases, DHS--more than many Federal agencies such as the 
Department of Defense--is dependent on commercially-available, off-the-
shelf products to achieve its mission. As a result, partnership with 
industry, specifically in product development, is essential. R&D 
projects can yield isolated, one-off solutions, but a truly successful 
portfolio must strategically shape the shelf by inserting homeland 
security applications, if not as primary use cases or applications, at 
least as considerations during companies' product development cycles. 
If successful, that approach results in numerous products on the shelf 
that operators may use.
    S&T has enjoyed considerable success expanding and refining 
outreach to industry including in the area of explosives detection and 
mitigation. We continue to host industry days to inform and educate the 
private sector on our direction and available opportunities for 
partnership, including one last June dedicated to checkpoints and S&T's 
screening-focused Apex project. We published a new S&T Strategic Plan 
and overhauled S&T's website to be more informative and transparent to 
potential private-sector partners. Additionally, we launched innovative 
accelerator and prize competition platforms to reach innovators and 
communities that may have never heard from or worked with Government 
before. S&T expanded our Silicon Valley presence with a pilot program 
that aims to maintain constant, face-to-face contact with venture 
capital and start-up communities outside the Beltway, including in the 
Silicon Valley area. By combining these efforts with willing partners 
within the Department, including in the Management Directorate and 
Office of General Counsel, we are beginning to see real interest in 
private-sector participation in a Homeland Security Industrial Base.
           r&d and t&e in explosives detection and mitigation
    S&T's Explosives Division is devoted to protecting citizens and our 
country's infrastructure against the devastating effects of explosives 
by seeking innovative approaches in detection and countermeasures. 
Through our work with operational partners like TSA and with industry, 
S&T delivers concepts, science, technologies, and systems that increase 
the HSE's ability to detect explosives and mitigate the effects of an 
explosive blast. The Explosives Division's portfolio is divided into 
three operational areas:
   Aviation Solutions, developing cost-effective systems for 
        screening air cargo, checked baggage, carried items, and people 
        at checkpoints that will improve detection capabilities, reduce 
        false alarm rates, and improve the overall customer experience.
   Intermodal Solutions and Facilities Protection, developing 
        technologies capable of screening in high-throughput areas 
        where traditional checkpoints are neither effective nor 
        efficient and enhancing tools to improve current canine and 
        trace detection screening methods.
   Foundational Science, determining explosives and blast 
        phenomenology that makes applied R&D possible, including the 
        study of explosive material characteristics relevant to 
        discrimination and detection and the assessment of blast 
        effects on aircraft and infrastructure.
    In addition to the broader approaches and capabilities in S&T 
described above, below are descriptions of a number of elements that 
are specifically contributing to the success of the explosives R&D 
portfolio.
Partnership with TSA
    Through the Aviation Security IPT, S&T is implementing a formal 
process for identifying, validating, and prioritizing technological 
capability gaps to help guide future R&D investments within DHS S&T. 
The Aviation Security IPT includes 5 Sub-IPTs: Checkpoint, Checked 
Baggage, Emerging Threats, Air Cargo, and System Architecture and 
Integration. Although the primary IPT is chaired by TSA, the Sub-IPTs 
are jointly chaired by TSA and DHS S&T and include members from other 
organizations such as Customs and Border Protection, the U.S. Secret 
Service, the Federal Protective Service, and the Federal Bureau of 
Investigation. The Aviation Security IPT charter was signed on October 
15, 2015, and the results of the capability gaps evaluation, program 
crosswalk, and R&D plan are currently being combined and prioritized by 
a cross-component body of senior leaders, known as the S&T Research 
Council.
    S&T's Explosives Division regularly interacts with various offices 
in TSA and often works closely with TSA's Office of Security 
Capabilities. The organizations share information on goals, 
requirements, and current and proposed projects. Both organizations 
frequently offer to hold joint meetings with vendors to evaluate the 
status of projects, discuss new technology, or discuss proposals. The 
organizations are evaluating the means by which to use proposals 
submitted to the other organization's Broad Agency Announcements to 
expedite the procurement process.
Aviation Checkpoint Screening at Speed Apex project
    Our Aviation Checkpoint Screening at Speed Apex project is 
developing next-generation, leap-ahead screening hardware with 
potential to substantially improve the security and passenger 
experience at checkpoints. The Screening at Speed Apex specifically 
focuses on developing the technologies and framework that is compatible 
with TSA's vision for an Aviation Checkpoint of the Future while at the 
same time enhancing TSA's ability to reliably detect smaller and 
evolving threats and to distinguish potential homemade explosive (HME) 
threats from items commonly carried by passengers. S&T envisions a 
future where TSA screeners are able to spend less time on complicated 
images and more time observing and assisting passengers and resolving 
alarms. The technology being developed as part of the Screening at 
Speed Apex will strengthen security and lead to expedited passenger and 
baggage screening.
Transportation Security Laboratory (TSL)
    Located in Atlantic City, New Jersey, TSL is one of S&T's 5 labs 
and is dedicated to advancing detection technology from conception to 
deployment through applied research, test and evaluation, assessment, 
certification and qualification testing. TSL's Independent Test and 
Evaluation group provides certification and qualification tests. 
Additionally, they create laboratory assessments that provide DHS 
components, including TSA, with critical information about equipment 
and its ability to detect explosives and other contraband. TSL also 
provides system developers and manufacturers with a range of explosive 
test articles to help them develop software to locate explosive threats 
artfully concealed on passengers or in their luggage. With a 
specialized campus; a highly-experienced staff including physicists, 
chemists, engineers, and mathematicians; and numerous cooperative 
research and development agreements with industry and academia, TSL is 
a National asset for transportation security.
DHS Tyndall Reactive Materials Group (TRMG)
    Another important DHS S&T asset which supports the work of TSA and 
furthers aviation security is the TRMG. The TRMG is an explosives data 
collection facility located at Tyndall Air Force Base in Panama City, 
Florida, which collects and maintains data on explosive materials using 
specialized facilities and equipment under the oversight of DHS S&T. 
One of the key ways in which the TRMG supports DHS S&T and TSA programs 
is by collecting large amounts of data on HME materials. TRMG personnel 
work to meet the needs of the Electronic Baggage Screening Program 
(EBSP) and the Passenger Screening Program (PSP), by providing vendors 
with information and a test platform for algorithm development to 
detect new threats. Their work is designed to keep pace with the 
dynamic and expanding requirements and threats at transportation 
screening portals and to maintain the capacity to conduct testing on 
systems and technologies to detect improvised explosives.
Center of Excellence for Awareness and Localization of Explosives-
        Related Threats (ALERT)
    Led by Northeastern University in Boston, Massachusetts, ALERT is 1 
of S&T's 10 university-based Centers of Excellence (COE) and is 
dedicated to transformational research, technology, and educational 
development surrounding explosives-related threats. The COE network is 
an extended consortium of hundreds of universities conducting 
groundbreaking research to address homeland security challenges. S&T's 
COEs work closely with the homeland security community to develop 
customer-driven, innovative tools and technologies to solve real-world 
challenges. ALERT's researchers bring strengths in designing advanced 
sensors; detecting weakly-defined targets from a stand-off distance; 
signal processing and sensor integration; characterizing explosives; 
understanding improvised explosive device (IED) detonator signatures; 
shock physics; and material science.
                              path forward
    S&T brings to bear a range of capabilities and expertise in support 
of TSA and the explosives detection and mitigation portfolio. Through 
the Aviation Security IPT and routine formal and informal interactions, 
we are investing with TSA and our stakeholders in both evolutionary and 
revolutionary improvements. I thank you for the opportunity to testify 
before the committee today, and welcome your questions and the 
opportunity to further discuss our work.

    Mr. Katko. Thank you, Mr. Wallen. Before I proceed further, 
I ask unanimous consent that the gentleman from North Carolina, 
my predecessor, Mr. Hudson, be allowed to sit on the dais and 
participate in this hearing.
    Without objection, so ordered.
    I do want to note before we go any further and thank Mr. 
Hudson because he was the one who propounded the bill, the 
Transportation Security Acquisition Reform Act of 2014, and it 
is why we are here, and why we are trying to get some reform to 
the acquisition process at TSA. I commend you for your work, 
Mr. Hudson, on that.
    Our second witness is Ms. Jill Vaughan, who currently 
serves as the assistant administrator within the Transportation 
Security Administration's Office of Security Technologies. 
Previously, Ms. Vaughan served as deputy chief information 
officer and deputy assistant administrator for TSA's Office of 
Information Technology. The Chair now recognizes Ms. Vaughan to 
testify.

 STATEMENT OF JILL VAUGHAN, ASSISTANT ADMINISTRATOR, OFFICE OF 
SECURITY TECHNOLOGIES, TRANSPORTATION SECURITY ADMINISTRATION, 
              U.S. DEPARTMENT OF HOMELAND SECURITY

    Ms. Vaughan. Chairman Katko, Ranking Member Rice, and 
Members of the subcommittee, I am pleased to appear before you 
today to discuss the TSA's use of technology to meet our 
mission of protecting the Nation's transportation system.
    TSA utilizes a range of technological capabilities to 
screen passengers and accessible property. Checkpoint screening 
technologies include: Advanced imaging technology, metal 
detectors, bottled liquid scanners, explosive trace detection 
technologies, and advanced technology X-ray. Checked baggage 
technologies include: Explosive detection systems and explosive 
trace detection technologies. These technologies represent a 
substantial improvement in detection capability over the 
previous technologies. For example, they strengthen TSA's 
ability to detect nonmetallic explosives which current 
intelligence identifies an active threat to aviation security.
    TSA continues to pursue advanced concepts and capabilities 
to meet our mission demands. Our industry partners are 
developing technology solutions to close capability gaps, 
optimize existing technologies, and drive towards future 
screening innovations. TSA is updating existing technology as 
new capabilities become available instead of requiring complete 
system replacements. TSA closely partners with the DHS Science 
and Technology Directorate on Research and Development.
    TSA has also partnered with Science and Technology through 
the Aviation Security Integrated Product Team to plan for the 
fiscal year 2018 through 2022 resource allocation plans to 
further align research and development projects to meet 
security needs. This critical process enables our enterprise to 
identify capability gaps and to coordinate research and 
development to close those gaps. The Transportation Security 
Acquisition Reform Act, or TSARA, signed into law December 2014 
has helped TSA to increase transparency in the use of best 
practices for security technology acquisitions. This mandate 
offered an opportunity to expand our partnership with industry 
and aviation security stakeholders, communicate future focus 
areas and themes, and articulate planned technology initiatives 
through the development of a 5-year strategic technology 
investment plan.
    TSA has worked to enhance transparency and partnerships 
with its stakeholders. TSA does so through a range of industry 
forums such as the Security Manufacturers Coalition, the 
Washington Homeland Security Roundtable, and regular Industry 
Days.
    In addition, TSA is developing an Innovation Lane concept 
to enable early capability demonstrations and to allow industry 
access to stream-of-commerce data and real-time user feedback, 
a key request of industry.
    TSA is investing in the future of aviation security by 
pursuing enhanced technology to enable a flexible, adaptable 
approach. Key to this vision is a system-of-systems approach 
which integrates technology, data, and processes within and 
across airports. TSA is developing a system architecture that 
will expand risk-based security through an integrated security 
screening system. TSA will continue to collaborate with 
stakeholders to develop a shared vision for the future state of 
aviation security where business data and next generation 
platforms combine to address emerging and evolving threats. TSA 
is also working to secure the current and future fleet against 
cybersecurity vulnerabilities and threats by integrating 
cybersecurity considerations into current and future 
capabilities.
    TSA published information assurance requirements and 
socialized them with industry through Industry Days and a 
series of technical interchange meetings. Continued focus on 
cybersecurity will safeguard our transportation security 
equipment against the continuously-evolving cyber threat.
    I also want to thank the Government Accountability Office 
for their continuing efforts to enhance security of the 
transportation system, particularly as a result of the report 
on our testing and evaluation process. This report resulted in 
two recommendations with which we fully concur. We are eager to 
continue working with industry to finalize aspects of our 
third-party testing strategy and further assess testing data to 
identify additional areas for efficiency.
    One year after TSARA was signed into law, TSA has increased 
transparency and alignment across security technology 
acquisitions to promote an effective, adaptive, and flexible 
system of security capabilities to safeguard the American 
public from terrorist attacks on transportation systems.
    Chairman Katko, Ranking Member Rice, I want to thank the 
subcommittee for your continued partnership on this issue, and 
I look forward to answering your questions.
    [The prepared statement of Ms. Vaughan follows:]
                   Prepared Statement of Jill Vaughan
                            January 7, 2016
    Chairman Katko, Ranking Member Rice and distinguished Members of 
the subcommittee, I am pleased to appear before you today to discuss 
the Transportation Security Administration's (TSA) use of technology to 
meet key mission objectives.
    TSA was created in the wake of the attacks on September 11, 2001, 
to protect the Nation's transportation systems and ensure freedom of 
movement for people and commerce. Our operations use a range of 
capabilities in a risk-informed approach to screen nearly 660 million 
passengers and nearly 2 billion carry-on items and checked bags 
annually. As a result, Transportation Security Officers (TSOs) were 
able to prevent 119,000 dangerous items from being carried onto 
airplanes in fiscal year 2015. Our screening technology evolves to meet 
the dynamic threat through our extensive partnerships across 
Government, academia, and industry.
                          passenger screening
    Congress established TSA through the Aviation and Transportation 
Security Act (ATSA) (Pub. L. 107-71), which designated passenger 
screening as a Federal responsibility. TSA prioritizes its technology 
investments based on intelligence community assessments concerning the 
evolving nature of terrorist capabilities, tools, and intent. TSA 
performs risk analyses as the foundation for deriving operational needs 
and requirements, taking into consideration potential threats, 
vulnerabilities to those threats given current system capabilities, and 
the consequences in the event of an attack. To meet these challenges, 
passenger screening technology, processes, and systems must continually 
adapt and evolve. TSA utilizes a range of technological capabilities to 
screen passengers and accessible property. Passenger screening 
technologies include Advanced Imaging Technology (AIT), metal 
detectors, explosives trace detectors (ETD), and bottled liquids 
scanners (BLS). Carry-on baggage is screened using Advanced Technology 
X-Ray, BLS, and ETD technologies.
    Prior to the development and fielding of AIT and dual view AT X-
ray, metal detection and single view X-ray were the most common methods 
for screening passengers and carry-on baggage, respectively. These new 
AIT and AT X-ray technologies provide a substantial improvement in 
detection capability for the most significant concealments over the 
previous generation, and specifically strengthen TSA's ability to 
detect non-metallic explosives, which current intelligence has 
identified as an on-going threat to aviation security.
    TSA closely partners with the Department of Homeland Security (DHS) 
Science and Technology Directorate (S&T) on Research and Development 
(R&D) to ensure development efforts align with program goals and 
expectations for achieving and implementing higher levels of 
performance detection. DHS S&T is assisting TSA in the advancement of 
detection capabilities by characterizing new threats to aviation. These 
efforts will assist TSA, as well as small and large business equipment 
manufacturers, in the development of enhanced future systems. TSA is 
seeking to acquire a robust adaptive passenger screening system that 
builds upon existing capabilities while advancing functionality to 
ensure a higher level of system effectiveness and efficiency.
   transportation security acquisition reform act (tsara) background
    The TSARA was signed into law on December 18, 2014 (Pub. L. 113-
245) and mandated increased transparency and the application of 
acquisition best practices for security technology acquisitions. The 
law includes provisions for TSA to advance small business contracting 
goals, adhere to acquisitions and inventory policy and procedures, and 
develop a Five-Year Strategic Technology Investment Plan. Building on a 
previously-developed strategic and capability investment plans, TSA 
developed the Five-Year Strategic Technology Investment Plan, which the 
agency found to be an opportunity to further our partnership with 
industry and aviation security stakeholders, communicate future focus 
areas and themes, and articulate planned technology initiatives and 
purchases.
    In developing the Five-Year Plan, TSA augmented on-going Industry 
Days and vendor communication with a series of Industry Forum Working 
Groups and released a Request for Information (RFI) to solicit industry 
input. TSA then incorporated this industry feedback into a draft copy 
of the Plan. This report was also reviewed by the Aviation Security 
Advisory Committee (ASAC) before being finalized and submitted to 
Congress on August 12, 2015. The Plan was published on the 
FedBizOpps.gov website on September 2, 2015.
    TSA received thoughtful insight from stakeholders throughout the 
development of the report, which provided a strong framework for TSA's 
Five-Year Strategic Technology Investment Plan. Four key themes anchor 
the Plan:
   Integrating principles of Risk-Based Security (RBS) in 
        capabilities, processes, and technologies;
   Enhancing core mission delivery by focusing on a system (or 
        systems) that analyzes threats, risks, and opportunities across 
        the aviation security environment;
   Streamlining acquisitions, requirements, and test and 
        evaluation processes; and
   Increasing transparency in engagement with stakeholders to 
        enable innovation.
    Streamlining acquisitions and increasing transparency of the 
acquisition process is an area of focus for TSA. TSA is continuing to 
pursue advanced concepts and capabilities to enable TSA's vision of the 
future of security screening. To better focus these investments, TSA 
generates a list of capability gaps to drive continued technology 
development and enhancement using a structured, repeatable process. 
Technology solutions are developed by industry to close capability 
gaps, strengthen aviation security, and drive toward future screening 
innovations. Recognizing that the threat environment is constantly 
evolving, TSA actively pursues enhanced capability development to 
address capability gaps, optimize existing technologies, and develop 
future technologies. Capability development occurs in tandem with 
recapitalization and enables TSA to upgrade existing platforms with new 
capabilities. This allows TSA to upgrade existing technology by 
improving detection algorithms (or other similar methods) as new 
capabilities arise, instead of requiring complete system replacements. 
In addition to the upgrade process, TSA also outlined planned 
technology recapitalization. Transparency about the acquisition process 
as well as technology priorities provides stakeholders better insight 
on how to partner with TSA.
    Since enactment of TSARA, TSA has worked to enhance transparency 
and partnerships with stakeholders and execute technology initiatives 
as identified in the Five-Year Strategic Technology Investment Plan. 
TSA's end goal is accelerated capability development through rapid 
identification, testing, prototyping, and piloting with the ability to 
quickly evaluate products and push forward promising capabilities. TSA 
continues to engage with industry through forums such as Washington 
Homeland Security Roundtable, Security Manufacturer's Coalition and 
ASAC, in addition to regular Industry Days. TSA is also developing a 
concept to enable early capability demonstration and allow industry 
access to data and real-time user feedback, which has been a frequent 
request from industry.
                  test and evaluation process updates
    When a vendor fails a Qualification Test (QT) and Operational Test 
(OT) multiple times, TSA's acquisitions deadlines are extended and the 
Government's Test & Evaluation (T&E) and acquisition costs increase. To 
alleviate some of these concerns, TSA is pursuing Third-Party Testing 
as an opportunity to allow vendors to refine their products with an 
outside entity, which reduces TSA's cost and time from test delays.
    TSA is working with the National Institute of Science and 
Technology (NIST) to develop a Third-Party Test Program to ensure 
capabilities are mature enough to enter TSA's formal T&E process. To 
support the implementation of third-party testing, TSA approved the 
Third-Party Test Strategy on April 21, 2015. TSA plans to begin 
implementing the Third-Party Test Program in a phased approach by 
December 31, 2016.
    TSA also created a Policy and Guidebook to standardize TSA roles, 
responsibilities, and policy and provide vendors guidance on how to 
prepare a Qualification Data Package. This will assist in reducing the 
acquisition time line and the amount spent on retest costs. 
Additionally, TSA developed a Master Tracker to better manage and 
monitor testing events and information. The tool delivers a 
comprehensive understanding of all T&E events and will aid TSA in 
closing a Government Accountability Office's (GAO) recommendation to 
conduct a root-cause analysis of testing challenges and their impact on 
the acquisition processes. The incorporation of a Third-Party Test 
Strategy reduces cost and time associated with test delays, shortens 
the acquisition time line, and streamlines the incorporation of future 
technology initiatives.
         future technology initiatives and system architecture
    TSA has invested in the future of aviation security by pursuing 
enhanced technology to enable a flexible, adaptable, and robust multi-
capability approach to detecting and disrupting an evolving range of 
threats. The key to this vision is a holistic ``system-of-systems'' 
perspective, which integrates technology, data, and processes within 
and across airports. TSA is developing a system architecture that will 
enable expanded implementation of RBS by developing an integrated 
security screening system that defines business rules, equipment 
functionality, information exchange, and decision making. This system 
architecture approach will allow TSA to proactively identify gaps and 
define capabilities at a system level. TSA will continue to collaborate 
with stakeholders to develop this shared vision for the future state of 
aviation security where business, data, and next-generation platforms 
combine to enable near-real-time decision making and response 
capabilities to address emerging and evolving threats.
    TSA has determined functional enhancements that will address 
existing capability gaps over the next 5 years outlined in the 
technology initiatives in the Five-Year Plan. Technology enhancements 
will enable a future system defined by:
   Enhanced algorithms for Explosives Detections Systems that 
        decrease false alarm rates to minimize officer resolution and 
        the removal of items from passenger bags;
   Dynamic algorithm switching and the application of risk 
        profiles facilitate the evolution of RBS, ensuring passengers 
        and baggage are screened at the appropriate risk level;
   Biometrics to enable real-time identity verification of 
        passengers at the checkpoint; and
   Next generation carry-on screening capabilities to more 
        precisely screen carry-on baggage, improving detection 
        capabilities and false alarm rates.
                               conclusion
    TSARA mandated certain best practices for procuring and using best 
available technology to meet critical mission needs. The Five-Year 
Strategic Technology Investment Plan mandated by the law presents a 
forward-looking investment plan that supports best practices and 
improved transparency in security technology acquisition programs. Now, 
1 year after TSARA was signed into law, TSA has increased transparency 
and alignment across security technology acquisitions to deploy an 
effective, adaptive, and flexible system of security capabilities to 
safeguard the American public from terrorist attacks on transportation 
systems.
    I want to thank the subcommittee for your continued partnership on 
this and other important issues, and I look forward to answering your 
questions.

    Mr. Katko. Thank you, Ms. Vaughan. We appreciate your 
taking your time to be here today.
    Our third witness, Ms. Michele Mackin, has served as the 
director of the Office of Acquisition and Sourcing Management--
that is quite a title--at the Government Accountability Office 
since 2012. Previously, Ms. Mackin served as assistant director 
of GAO from 2001 to 2012. The Chair now recognizes Ms. Mackin 
to testify.

 STATEMENT OF MICHELE MACKIN, DIRECTOR, OFFICE OF ACQUISITION 
 AND SOURCING MANAGEMENT, U.S. GOVERNMENT ACCOUNTABILITY OFFICE

    Ms. Mackin. Thank you, Mr. Chairman. Good afternoon, 
Ranking Member Rice and Members of the subcommittee. Thank you 
for having me here today to discuss TSA's test evaluation and 
acquisition of security-related systems. My statement is based 
on our December 2015 report which stems from a mandate in the 
Transportation Security Acquisition Reform Act.
    In general, the goal of test and evaluation is to find as 
many problems as possible so failure can be a good thing as 
long as knowledge is gained. A rigorous testing protocol is the 
best way to ensure that TSA is buying effective screening 
technologies. We found that TSA's test and evaluation processes 
followed DHS requirements and comport with best practices in 
industry. The process involves multiple layers of laboratory 
testing and importantly, operational testing at airports with 
actual transportation security officers. But, if extensive 
retesting is needed, it can create inefficiencies in the 
acquisition system, and that is what we found.
    We analyzed the outcome of all 22 security-related systems 
that TSA tested over a 5-year period. All of these systems have 
either been deemed fit to procure, or were ultimately rejected. 
The 22 systems were evenly split between passenger and baggage 
screening systems. We found that of the 22 systems exactly 
half, 11, passed all rounds of testing and were qualified for 
procurement.
    So why did so many systems not make the cut? The bottom 
line is that the systems vendors submitted to TSA were not 
technologically mature when testing began. They often needed 
significant fixes and had to be retested often multiple times. 
Extensive retesting increases costs to TSA and to the vendors. 
Importantly, it means it takes longer to field these systems to 
end-users at airports. In one example the planned acquisition 
schedule for an explosive detection system slipped by 5 years 
while multiple rounds of testing occurred.
    TSA's 2015 technology investment plan states that policies 
have been implemented to ensure system maturity at the start of 
testing. Based on our work, however, they are not there yet. 
TSA is taking actions to improve the situation. For example, 
they are sharing test plans with industry and taking steps to 
better define requirements and to share those requirements with 
industry earlier so vendors can be better prepared for the 
testing. Industry representatives told us they have seen some 
improvement in the sharing of test plans and requirements but 
would like to see more. They are also very concerned about the 
time and investment they are having to make to get their 
systems through multiple rounds of testing and qualified for 
procurement.
    Another key effort underway is to require third-party 
testing before vendors ever enter the formal TSA testing arena. 
TSA planned to implement this requirement early this year. We 
found, however, that aspects of the plan were not fully 
understood. For example, TSA did not know how many potential 
third-party testers were out there, or what the costs could be 
to Government or to vendors. We recommended that the approach 
be more fully developed before implementation and TSA now plans 
to roll this out in phases starting at the end of this calendar 
year.
    Finally, we found that TSA was not comprehensively 
assessing the test data across all systems. It had the 
information for each system, but wasn't collecting or analyzing 
the data across all systems. This includes time frames for 
testing, reasons for any delays, the costs, and the results of 
the testing.
    Based on our recommendation, TSA has begun to collect this 
data. Once complete, TSA will have a better picture of key 
factors contributing to delays in acquiring screening systems, 
but now the question is how will TSA use this information to 
improve the acquisition process going forward? Assessing the 
data and using it, along with the planned actions to improve 
technology maturity at the start of testing, those are the 
critical next steps to help inject more efficiency into the 
acquisition process.
    Mr. Chairman, Ranking Member Rice, this concludes my 
prepared remarks. Thank you.
    [The prepared statement of Ms. Mackin follows:]
                  Prepared Statement of Michele Mackin
                            January 7, 2015
    Chairman Katko, Ranking Member Rice, and Members of the 
Subcommittee: Thank you for the opportunity to discuss the 
Transportation Security Administration's (TSA) test and evaluation 
process for passenger and baggage screening technologies. TSA is 
responsible for overseeing security operations at the Nation's roughly 
440 commercial airports as part of its mission to protect the Nation's 
civil aviation system. TSA screens individuals, their carry-on luggage, 
and their checked baggage to deter, detect, and prevent carriage of any 
prohibited items, such as explosives and contraband, on board 
commercial aircraft. To carry out these activities, the agency relies 
to a large extent on security-related screening technologies, such as 
explosives detection systems and advanced imaging technology devices. 
As of August 2015, TSA had deployed approximately 15,000 units of 
security-related technology to airports Nation-wide. In our past work, 
we have found that TSA encountered challenges in effectively acquiring 
and deploying passenger and baggage screening technologies and had not 
consistently implemented Department of Homeland Security (DHS) policy 
and best practices for procurement.\1\
---------------------------------------------------------------------------
    \1\ In GAO, Advanced Imaging Technology: TSA Needs Additional 
Information Before Procuring Next-Generation Systems, GAO-14-357 
(Washington, DC: Mar. 31, 2014), we recommended that TSA establish 
protocols to facilitate capturing operational data on passenger 
screening at the checkpoint. TSA concurred with this recommendation and 
stated that it will monitor, update, and report the results of its 
efforts to capture such data and evaluate any cost impacts. In 
addition, in GAO, Aviation Security: TSA Has Enhanced Its Explosives 
Detection Requirements for Checked Baggage, but Additional Screening 
Actions Are Needed, GAO-11-740 (Washington, DC: July 11, 2011), we 
found that TSA's explosives detection systems were not configured to 
meet the most current requirements.
---------------------------------------------------------------------------
    My statement today draws from our report on TSA's test and 
evaluation of security-related technologies, which we issued last 
month.\2\ We examined the extent to which: (1) TSA's test and 
evaluation process helps meet mission needs through the acquisition of 
passenger and baggage screening technologies; and (2) TSA's planned 
actions to improve the test and evaluation process address factors 
contributing to inefficiencies in acquiring those technologies. Based 
on our findings, we recommended that TSA: (1) Finalize certain aspects 
of its revised testing approach before implementing it; and (2) conduct 
and document a comprehensive assessment of testing data to identify key 
factors contributing to any acquisition inefficiencies and potential 
areas for reform.
---------------------------------------------------------------------------
    \2\ GAO, TSA Acquisitions: Further Actions Needed to Improve 
Efficiency of Screening Technology Test and Evaluation, GAO-16-117 
(Washington, DC: Dec. 17, 2015).
---------------------------------------------------------------------------
    To conduct this work, we reviewed DHS and TSA acquisition and 
testing documentation for passenger and baggage screening technologies 
tested since June 2010 and conducted our own analyses of the 
information. We also met with relevant TSA and DHS officials, which 
included site visits to the 2 primary testing facilities for TSA's 
security-related technologies--the TSA Systems Integration Facility in 
Arlington, Virginia and the DHS Transportation Security Laboratory in 
Atlantic City, New Jersey. Additionally, we met with industry 
representatives to obtain their views on the test and evaluation 
process. More detailed information on our scope and methodology can be 
found in our December 2015 report.
    In addition to our report on TSA's test and evaluation process, we 
have other on-going work for this subcommittee pertaining to TSA's 
acquisitions of screening technologies. First, we are assessing TSA's 
implementation of our prior recommendations related to the acquisition 
of security-related technologies. And secondly, we are assessing TSA's 
progress in implementing key provisions of the Transportation Security 
Acquisition Reform Act, which was enacted in December 2014. We plan to 
issue both reports this winter.
    We conducted the work on which this statement is based in 
accordance with generally accepted Government auditing standards. Those 
standards require that we plan and perform the audit to obtain 
sufficient, appropriate evidence to provide a reasonable basis for our 
findings and conclusions based on our audit objectives. We believe that 
the evidence obtained provides a reasonable basis for our findings and 
conclusions based on our audit objectives.
   test and evaluation critically informs acquisition decisions, but 
     failures during testing have decreased acquisition efficiency
    Consistent with Departmental guidance and acquisition best 
practices, TSA's test and evaluation process supports its acquisition 
decisions by providing DHS and TSA officials with information regarding 
the ability of passenger and baggage screening technologies to meet 
mission needs prior to a decision to procure the technologies. Before 
DHS makes a procurement decision, vendors submit potential systems--
vendors' versions of a specific technology type--to TSA for 
consideration. If TSA accepts systems for testing, they undergo a 3-
phase test and evaluation process.
   Systems undergo qualification and certification testing at 
        the DHS Transportation Security Laboratory to qualify or 
        certify that they meet explosives detection requirements.
   If explosives detection requirements are met, the systems 
        undergo additional qualification testing at the TSA Systems 
        Integration Facility, where system performance is verified 
        against additional requirements, such as system reliability, 
        availability, and maintainability.
   Systems that have successfully passed testing at the TSA 
        Systems Integration Facility then undergo operational testing 
        at selected airports, where TSA evaluates their operational 
        effectiveness and suitability in a realistic environment.
    This phased test and evaluation process provides the agency with 
critical information regarding system capabilities, saving it from 
investing in potentially expensive yet ineffective equipment. Such 
validation of product knowledge early in the acquisition process--
before key investments are made--is consistent with best practices used 
by commercial firms.\3\ We found in our December 2015 report that from 
June 2010 to July 2015, only half of the 22 systems that TSA and DHS 
tested successfully passed qualification and operational testing and 
were therefore deemed effective and suitable for deployment. TSA 
procured all but one of the 11 successful systems. The system TSA did 
not procure was a portable explosives trace detector system that 
transportation security officers could use to randomly screen 
passengers' hands and their accessible property for traces of 
explosives residue. TSA found the system to be operationally effective 
and operationally suitable with limitations, but a new threat emerged 
and TSA deferred the procurement, deciding to wait for a system that 
could meet TSA's new detection requirements.
---------------------------------------------------------------------------
    \3\ GAO, Best Practices: A More Constructive Test Approach Is Key 
to Better Weapon System Outcomes, GAO/NSIAD-00-199 (Washington, DC: 
July 31, 2000).
---------------------------------------------------------------------------
    An additional 8 systems were tested from June 2010 to July 2015 and 
testing remains on-going. In addition, during this period 1 vendor 
withdrew its system from the testing process. These 9 systems are not 
depicted in figure 1 below, which shows the number of systems that 
progressed through each phase of TSA's test and evaluation process 
during this period.


    TSA officials emphasized that immature technologies submitted by 
vendors are a key driver of testing failures and therefore delays in 
TSA's ability to buy screening systems for use in airports. Because 
immature technologies often experience multiple failures during testing 
and require retests, testing takes longer than originally anticipated 
and costs more. TSA provided us with examples of 3 explosives detection 
systems that required multiple retests, which resulted in acquisition 
delays of several years. TSA ended up spending over $3 million in 
additional costs incurred in retesting to ensure the systems were 
effective and suitable.
    In addition, we found in our December 2015 report that 4 of the 11 
systems that successfully passed TSA's testing process in the last 5 
years required at least 2 formal rounds of qualification or operational 
testing before TSA qualified them for procurement. According to TSA 
leadership, the security-related technologies industry is still 
maturing--since it primarily developed after the terrorist attacks of 
September 11, 2001--and TSA has had to work extensively to help 
industry develop systems that will meet the agency's mission needs. 
Industry representatives involved in testing these systems also told us 
that systems are not always mature when they enter TSA's test and 
evaluation process and that they can require significant modifications 
and retesting before they are ready to be bought and deployed to 
airports.
  tsa's planned actions to improve test and evaluation may not reduce 
                       acquisition inefficiencies
    Acknowledging the need to better ensure technology maturity at the 
start of testing to improve the efficiency of its acquisition process, 
TSA has recently initiated reforms. For example, to increase 
transparency, TSA officials told us that they are sharing test plans 
with vendors to better prepare them for testing; however, to maintain 
the integrity of the test process, they do not intend to provide 
vendors with detailed information that could be used to ``game'' the 
tests. While industry officials agreed that TSA has become more 
transparent, they said that the number of test plans that TSA has 
shared thus far has been limited. Another key action TSA is taking is 
developing a third-party testing strategy, which it has partially 
implemented for technologies that have already entered the test and 
evaluation process. Under TSA's interim third-party testing guidance, 
effective July 2014, a vendor experiencing a significant failure during 
testing is required to fund and undergo third-party testing. The 
results must be provided to TSA demonstrating that the system has met 
the previously failed requirements before the system is allowed to 
resume TSA's testing process. To further streamline the acquisition 
process, TSA is in the process of establishing additional third-party 
testing requirements that will affect vendors proposing new systems to 
TSA. Under this part of the strategy, vendors will be required to 
obtain a third-party verification that they meet various requirements 
before they ever enter the test and evaluation process.
    TSA plans to implement this strategy in 2016, but it is too soon to 
tell whether the strategy will reduce acquisition inefficiencies 
because TSA has yet to finalize key aspects. For example, TSA has not 
identified whether there are a sufficient number of eligible third-
party testers or established a mechanism to oversee the testing they 
will perform. In addition, TSA officials are unsure whether the third-
party testing strategy will save overall acquisition costs, which they 
have highlighted as a potential benefit. Specifically, while vendors 
will be responsible for funding the third-party testing, industry 
officials told us it is probable that they will reflect these 
additional costs in their pricing. TSA officials told us they had not 
assessed potential cost impacts or the possibility that third-party 
testing costs could be a barrier to entering the market for new 
vendors. As we established in prior work, components of sound planning 
include, among other items, identifying: Problems and causes; 
resources, investments, and risks; roles, responsibilities, and 
coordination; and integration among and with other entities.\4\ Without 
finalizing the strategy before implementation, it may not be as 
effective as envisioned and TSA risks unintended consequences, such as 
increasing acquisition costs.
---------------------------------------------------------------------------
    \4\ GAO, Social Security Disability: Additional Performance 
Measures and Better Cost Estimates Could Help Improve SSA's Efforts to 
Eliminate Its Hearings Backlog, GAO-09-398 (Washington, DC: Sept. 9, 
2009).
---------------------------------------------------------------------------
    Further, at the time of our 2015 review, TSA had not conducted a 
comprehensive assessment of testing data--such as time frames for 
completing testing and costs incurred--because it lacked a mechanism to 
track and consolidate testing data across all technologies. This 
information would include, for example, an overall assessment of 
testing delays, costs, time frames, and results across all technologies 
that were tested. Thus, TSA does not have any documented assessment 
supporting the decision to implement the third-party testing strategy; 
officials were also not able to provide us with testing time frames for 
each of the 22 systems tested in the past 5 years.\5\ However, after we 
raised this point during the course of our review, TSA officials 
developed a master testing tracker to more comprehensively track 
testing data. While the master testing tracker TSA developed is a 
positive first step towards more informed decision making, officials 
have not established a plan for assessing the information collected 
from the tracker. We previously found that agencies can use performance 
information to identify problems in existing programs, to try to 
identify the causes of problems, and/or to develop corrective actions. 
The benefit of collecting performance information is only fully 
realized when this information is actually used by agencies to make 
decisions oriented toward improving results.\6\
---------------------------------------------------------------------------
    \5\ While TSA was unable to provide us with testing time frames for 
the 22 systems, we reviewed test and evaluation plans, test reports, 
and other documentation to determine the number of systems that passed 
each phase of TSA's testing progress.
    \6\ GAO, Managing for Results: Enhancing Agency Use of Performance 
Information for Management Decision Making, GAO-05-927 (Washington, DC: 
Sept. 9, 2005).
---------------------------------------------------------------------------
    TSA's actions to address acquisition inefficiencies--in large part 
through its third-party testing strategy--focus on improving 
technological maturity and better ensuring readiness for testing. 
However, TSA and industry officials we spoke with identified additional 
issues that may be contributing to inefficiencies, which third-party 
testing may not address. Specifically, TSA and industry officials 
highlighted issues pertaining to optimistic acquisition schedules and 
how requirements have been defined and interpreted in the past. Without 
conducting and documenting an assessment of testing data available to 
date across all technologies and sharing it with key stakeholders, such 
as TSA's program management offices, DHS, industry, and end-users, it 
is too soon to tell to what extent TSA's actions will reduce 
acquisition inefficiencies. Specifically, TSA may be missing 
opportunities to identify other factors, in addition to technology 
immaturity, that are outside the purview of testing officials, but that 
also contribute to acquisition inefficiencies.
                           concluding remarks
    Due to the significant challenge TSA faces in balancing security 
concerns with efficient passenger movement, it is important that the 
agency procures and deploys effective passenger and baggage screening 
technologies. TSA has acknowledged the need to improve the efficiency 
of its test and evaluation process and taken steps that could increase 
the maturity of technologies put forth by vendors and reduce the burden 
on TSA's own testing resources. However, without further actions, these 
steps may not reduce acquisition inefficiencies. To help ensure that 
the actions TSA takes to improve the test and evaluation process 
address identified challenges and that they are informed by existing 
information, we recommended in our December 2015 report that TSA: (1) 
Finalize all aspects of the third-party testing strategy before 
implementing further third-party testing requirements for vendors to 
enter testing; and (2) conduct and document a comprehensive assessment 
of testing data available to date, such as time frames for completing 
testing, costs incurred, and testing delays across all technology areas 
to identify key factors contributing to any acquisition inefficiencies 
and potential areas for reform. DHS concurred with our recommendations 
and estimated that it would complete both actions by the end of 
calendar year 2016.
    Chairman Katko, Ranking Member Rice, and Members of the 
subcommittee, this completes my prepared statement. I would be pleased 
to respond to any questions.

    Mr. Katko. Thank you, Ms. Mackin, for your testimony. We 
appreciate you taking the time to be here today. I now 
recognize myself for 5 minutes for questions.
    It is presumed that TSA had problems in their acquisition 
process because we had this bill passed by former Chairman 
Hudson, but I don't think it is productive for me to go back 
into an analysis of what has gone on because we already know 
what has gone on.
    My biggest concern with TSA since I got this chair, was 
that for a young agency it has all of the tell-tale signs of 
well-entrenched bureaucracy. Miss Rice and myself and others on 
this committee are dead-set to make sure that we fix that. I 
think this bill is a good start in the right direction. It is a 
somewhat dry topic to some, but it is critically important to 
the future of this agency, and the future of our air traffic 
and the safety of our passengers in the airline industry. So it 
is a really, really important topic.
    So my biggest concern in this realm is that there is always 
the incentive in a great democracy like ours for someone to 
build a better mouse trap. Sometimes those ideas don't get to 
the people they want to at TSA, at least that is the way it has 
been in the past because it became more insular, I believe, in 
its acquisition process, and if you didn't have your nose under 
the tent already, it is very hard to get your nose under the 
tent, especially for a new vendor. But, you know, if that was 
the case in the past, people like Apple may not have had an 
opportunity to show their products to people and get them to 
market.
    We need to have a process whereby good, innovative ideas 
even, if they aren't from someone you are comfortable with as a 
vendor, should at least be taking a look at. You should at 
least kick the tires. You should at least see if that is a good 
idea that can be implemented. That is one of the things I am 
very concerned about with respect to this, why this exercise we 
are undertaking today is so important.
    Of course, this is the beginning of the oversight process 
and we are going to continue it moving forward as long as I am 
Chairman.
    Now, with that being said, Ms. Mackin, I understand your 
study was a 5-year study. You went back and looked at things. 
Could you tell me what in the last year or so you can tell me 
that is most encouraging and the thing that is most concerning 
with you about the acquisition process that we are discussing 
today?
    Ms. Mackin. You are right. We assessed the test data over a 
5-year period to end in July 2015. So our information was 
rather current. I think that I am encouraged absolutely by the 
response we got from TSA, not only when we provided them with 
our draft recommendation, but even during the course of our 
audit, they were very open to our comments about assessing the 
test data across the systems, for example, and taking a little 
more time to work out this third-party testing strategy before 
requiring vendors to undergo it.
    I think my concern might be that TSA was not proactive in 
doing these things on their own. I think we have a history of 
GAO making recommendations that TSA implements, which is a good 
thing. But we have had issues in the past and this could be an 
issue now too of, they could have taken steps to assess the 
test data, or recognize that maybe the third-party test 
strategy wasn't quite ready to roll out. So I think that's the 
next bag I would respond with.
    Mr. Katko. Thank you, Ms. Mackin. Ms. Vaughan and Mr. 
Wallen, you have a colossal responsibility and that is to 
reform a process that has not been very impressive in the past. 
I applaud you for your efforts thus far, and this is not 
criticism. I want to just find out how we can help you make the 
process better, and make sure we are not missing great ideas, 
great technologies, and that we are keeping up with the 
technological advances instead of trying to play catch-up like 
I think TSA has done in the past.
    So again, I will ask you a similar question, Ms. Vaughan 
and Mr. Wallen afterwards, if time permit, and that is simply, 
what can you point to in the last year that you have changed 
that you think is the most significant, and what are the most 
significant things you need to work on to continue to make this 
process a better process?
    Ms. Vaughan. So thank you for your question. I acknowledge 
what Ms. Mackin indicated. We are eager to take a proactive 
approach in addressing some of the things she recognized. I 
think some of the things that are very significant in the 
response in our 5-year plan, we did for the first time ever 
disclose and provide what we indicate are our capability gaps 
in the overall system, which is significant.
    So we went through, we developed a very rigorous process 
over the last year or 2 to develop what we called the 
Transportation Security Capability Analysis Process. Through 
that process, we have identified and socialized through our 5-
year strategic framework plan, what those capability gaps are 
to try to give industry better early indicators of where we 
would like to see them generate their investments when they are 
looking at how they would like to structure what type of 
capability they would like to work on. So I think that is a 
significant step forward.
    In addition, an alignment with Science and Technology and 
my counterpart, Mr. Wallen, we have under the Secretary's 
direction established the Aviation Security Product Team. It is 
a team that meets and we basically have taken those capability 
gaps that we have developed, and S&T, Science and Technology is 
leveraging those to inform how they will resource the problems 
we are trying to solve.
    So we are very interested in further alignment with Science 
and Technology to take the capability gaps to inform how 
research and development will be resourced moving forward.
    I think those are very positive steps for us.
    Mr. Katko. Mr. Wallen, briefly the same question.
    Mr. Wallen. Okay. I am agreeing with my other witnesses. 
Moving forward, the IPT process has been very good in helping 
us work even more closely together, and it has been a good step 
in the right direction in identifying needs and solutions to 
fill those needs.
    You had mentioned working closely, more closely with 
innovators and not losing that. One of the other things that 
S&T is doing is opening an office in Silicon Valley to be 
closer to innovators out on the West Coast to have more insight 
into what they are doing, and working with other communities in 
the Government, in industry, and in academia, to be closer to 
innovation and to get ideas outside of the normal ideas and to 
be able to get more of the creative innovation.
    Mr. Katko. Thank you very much. My time has expired. I just 
want to urge you with the strongest words possible, Mr. Wallen, 
and Ms. Vaughan, to continue down this track. I mean, you are 
at the beginning of a long overhaul process, and I encourage 
you to keep doggedly pursuing making this a better process, 
because it is--I can't think of anything more important that 
TSA could be doing and Homeland Security could be doing than 
that type of stuff, to give the proper tools to the people out 
in the field to make the airlines safer.
    So with that, I recognize Miss Rice for 5 minutes of 
questioning.
    Miss Rice. Thank you, Mr. Chairman. So I think that if we 
were to focus on two things that I think the general public 
expects from agencies like DHS and TSA, in their everyday 
travel, it is to have the best, most sophisticated technology 
to ensure safe travel, and that we develop that and procure 
that in as efficient a time frame as possible.
    It sounds like you are attempting to make the process more 
efficient, but my question is, where did the creative ideas 
come from in terms of what is the hot new technology? I mean, 
is it DHS or TSA calling, you know, whoever the big companies 
are that are in this atmosphere, and say, okay, this is what we 
want you to work on, or you saying to them what are you seeing 
out there, and what are you developing in the private sector 
that may be something that we like?
    How does that information flow go? Either Mr. Wallen, or 
Ms. Vaughan.
    Ms. Vaughan. I can start. Thank you for your question. I 
would say it depends on the maturity of the technology. So 
vendors have an opportunity to reach out. We do a lot of 
coordination with Science and Technology, and I would say 
depending on the maturity of the technology is where we make 
recommendations to that particular vendor to begin their 
journey.
    In terms of looking for new ideas, the TSA and Science and 
Technology both do what we call a targeted broad agency 
announcement process. What that this is is, it is us providing 
our set of requirements out to industry to say we are 
interested in receiving more information to try and solve this 
sort of problem.
    Industry has an opportunity to provide feedback through a 
series of proposals. We then evaluate those proposals and 
provide, depending on the solutions that are presented, we will 
provide funding to those entities to provide kind of their 
investment to try to get them up and running, so to speak.
    Miss Rice. Let me just stop you right there, Ms. Vaughan, 
because you and I spoke yesterday--and what I am going to talk 
about now preceded your tenure, but we sat and had a roundtable 
with some of the contractors, and they expressed a level of 
frustration that is, you know, expected, obviously. That it's 
not an efficient process, that we are told to develop this, and 
then when we finally do, we don't want that anymore.
    You are talking about a system that really benefits only 
those companies that have the resources to invest their own 
money until they can get a contract. Small businesses, there is 
no space for small businesses. So first of all, can cooperative 
research and development agreements be expanded to cover both 
Science and Technology and TSA activities? Is that already 
being done, or is there a way to do that?
    Mr. Wallen. Could you repeat that, please?
    Miss Rice. Do the two agencies, DHS and TSA actually get 
together and coordinate what research and development they ask 
various companies to do? Do you do that already?
    Mr. Wallen. Yes, the broad agency announcement that Ms. 
Vaughan had mentioned, we coordinate our responses to those. We 
talk to each other about the proposals that we see. So that is 
coordinated.
    Miss Rice. Those are direct lines of communication because 
what we have heard is that it is very difficult to get an 
answer where someone is accountable for the communication.
    Mr. Wallen. So I can look into that. Our program managers, 
I know, talk to the director of the Mission Assurance Division, 
so I do know that they converse.
    Miss Rice. I think that there just needs to be a system by 
which the communication is more direct and that there is clear 
accountability.
    The other thing is, I just think that we need to support as 
much innovation as possible and a lot of that innovation is 
coming from smaller businesses that just don't have the capital 
to invest that kind of up-front money. I mean, they are funded 
by private equity but they don't have the kind of money. So I 
know that, depending on the proposal, I mean, or do you have 
proposals that are put out specifically to small business 
innovators to give them a chance to kind of break into this 
world?
    Ms. Vaughan. So I would say from a TSA perspective, we 
acknowledge small businesses. This is a difficult market. What 
I would say to that is, one of the things I am working very 
diligently on is developing what we call a new systems 
architecture. What that really means is, it basically will 
provide for more of an open architecture that will allow for 
interoperability and more commonality so that we can look at 
the checkpoint as an entire system and an entire framework.
    I think if we can move into that sort of system 
architecture where systems have more commonality associated 
with how they talk to each other, it will allow for the 
entrance of new, smaller companies to play in that particular 
space.
    Miss Rice. Well, and also, and I don't know if you have 
this, but maybe an effective mentor kind of protege program 
that encourages small, innovative technology companies to 
partner with, you know, larger businesses. I mean, that 
obviously is something that I would think you would want to 
promote. Right?
    Ms. Vaughan. Yes, absolutely. We are, as I mentioned in my 
opening statement, establishing an Innovation Lane concept 
which this would really allow for products that are in 
development after they have gone through kind-of a level of 
testing to validate that they meet the minimum security 
standards, but it would allow industry to actually see how 
their capabilities play out in the operations environment.
    Miss Rice. So my time is up. I thank you all, and I just 
want to leave you with this one thought. Terrorists, ISIL, 
ISIS, all of them, they are innovating every day, and if we do 
not keep pace with that, shame on us. We have the ability to 
stay ahead of them. But we cannot let an overly-bloated 
bureaucratic process stymie that.
    So I thank you all for your efforts that you are making to 
streamline that, and Ms. Mackin, for your input which I am 
happy to hear was well-received by TSA. Thank you. I yield 
back.
    Mr. Katko. Thank you, Miss Rice. The Chair will now 
recognize other Members of the subcommittee for 5 minutes for 
questions they may wish to ask the witnesses.
    In accordance with our committee rules and practices, I 
plan to recognize Members who were present at the start of the 
hearing by seniority on the subcommittee. Those coming in later 
will be recognized in the order of arrival.
    The next person to ask questions is a gentleman with the 
best-looking tie on the dais, and that is Buddy Carter from 
Georgia.
    Mr. Carter. Thank you, Mr. Chairman. Thank each of you for 
being here today. We appreciate it very much. Ms. Vaughan, I 
want to start with you because I am concerned about the 
approval process that TSA has and especially when it comes to 
new technology. Let's say, for instance, that there is a new 
technology that is being tried out and is working through the 
approval process and all of a sudden, you come to a requirement 
that TSA feels like is not being met. What happens then?
    Ms. Vaughan. Thank you for your question. So the testing 
process, it is likened to a 3-step process. When a technology 
is making its way to the testing process, it first starts out 
at the Transportation Security Laboratory located in New 
Jersey. If it passes the detection standard, meaning it can 
detect a threat against a set of requirements, then it moves to 
our testing facility near Reagan airport in a lab environment. 
There it is tested for things like safety standards, 
reliability, maintainability, and the like.
    If it passes those tests, then we move it into an 
operations environment which to me is critical because the 
technology really needs to, you know, operate within the 
construct of an airport and the officer, most importantly. So 
during the course of that, there are certain requirements that 
are considered, I would say significant. So it depends on the 
failure of what was happening during the course of testing. But 
if a piece of technology does fail during the course of 
testing, the manufacturer, the vendor, is immediately notified 
so we can discuss what types of steps need to be taken for the 
vendor to remediate the situation, whether that be they take 
their product back and they make the necessary changes if it is 
a hardware fix, or if it is failing a safety standard there may 
be some hardware modifications that have to be made to that 
piece of technology.
    So it really depends on the nature of the change. Then from 
there, once they submit back their product after they believe 
they have remediated the failures or the issues that occurred 
during testing, they would notify us and we would work with 
them to get them back into the testing process to resume 
testing.
    Mr. Carter. Okay, you know, 2 questions here. First of all, 
what time line are we talking about here? I mean, from start to 
finish, how long are we talking about?
    Ms. Vaughan. Sir, it honestly depends.
    Mr. Carter. Just an average.
    Ms. Vaughan. Well, as Ms. Mackin indicated, we have some 
products that we demonstrated during the course of her testing 
review of our process where we had certain technologies that 
were going back and forth for several years.
    We have other issues where a piece of technology fails, and 
it is a rather simple fix, I will call it, and it gets right 
back into the process. So I think it depends on how significant 
the failure is during the course of testing.
    Mr. Carter. But from start to finish, on average, there is 
no average? I mean----
    Ms. Vaughan. I would say from start to finish it could be 
approximately about a year time frame if I had----
    Mr. Carter. A year time frame.
    Ms. Vaughan. Yes, sir.
    Mr. Carter. That seems like a long time. Let me ask you 
this: When there is an instance where you have to go back to 
the manufacturer and say, hey, you need to fix this because it 
is not working, do you stop at that point and then resume at 
that point, or do they have to start all over again in the 
process?
    Ms. Vaughan. No, sir. They don't have to start over again. 
We do what is called regression testing which is essentially 
where we kind-of pick up where we left off, but we also have to 
validate that when they implemented the new changes, it didn't 
inadvertently change something else that had already passed. 
Those are very normal testing procedures.
    So anything they would implement as a fix, we have to go 
back and validate that it didn't inadvertently modify something 
and now something else is failing as a result of the fixes they 
put in place.
    Mr. Carter. Does the Department ever use third-party 
testing? I mean, do you ever have third parties to do the 
testing for you, or is this all hands-on, the Department has 
got to do it?
    Ms. Vaughan. Sir, right now, the testing--the 3-step 
process I described is performed by the Government. That is why 
we are very interested in working with industry to establish a 
third-party testing process. We think it will greatly increase 
the level of transparency so manufacturers and industry can 
better understand how mature their product is before they enter 
our formal testing process.
    Mr. Carter. Okay, so where are you at in that discussion 
with the third parties?
    Ms. Vaughan. So we have an Industry Day coming up next 
month that we are coordinating with the Security Manufacturers 
Coalition and the Washington Homeland Security Roundtable. We 
have been working with the National Institute of Standards and 
Technology to develop the third-party testing framework and we 
will socialize that with industry to obtain their feedback on 
where we are in the process.
    Mr. Carter. You feel like that will streamline the process 
and perhaps even speed up the process?
    Ms. Vaughan. Yes, sir, I do. I liken it to an Apple iPhone.
    Mr. Carter. Sure.
    Ms. Vaughan. I don't think Apple would sell us an iPhone 
before they had internally tested it and checked it to make 
sure a consumer would buy it.
    Mr. Carter. Well, I am glad to hear you say that. It sounds 
like you are making progress, and I am encouraged by that. So 
thank you again. Thank you, Mr. Chairman, I yield back.
    Mr. Katko. That was absolutely perfectly 5 minutes. That is 
amazing. The Chair now recognizes Mr. Payne from New Jersey for 
5 minutes of questioning.
    Mr. Payne. Thank you, Mr. Chairman, and to our Ranking 
Member. I think the gentleman has the best-looking straight tie 
on.
    You know, Ms. Vaughan, in my other committee 
responsibilities, I am on Small Business, and so I think the 
topic today is very, very poignant in terms of the continuity 
of the things that I am looking at. You know, with regard to 
small and disadvantaged company participation, aside from 
learning of the procurement opportunities through 
fedbizopps.gov, is there any other type of outreach conducted? 
For instance, a small and disadvantaged company technology 
fair, or procurement opportunities newsletter distributed via 
electronic mailing on a list?
    Ms. Vaughan. So, sir, I acknowledge your concerns about 
small business. We actually have a small business fair coming 
up next month and there will be a specific component focused on 
technology. That is a TSA-wide small business fair. So we are 
always looking for other opportunities to increase the level of 
small business participation.
    I do believe the third-party testing strategy will give 
industry and small businesses more access and transparency into 
our processes so that the overall process, hopefully, doesn't 
seem as cumbersome as it may have seemed in the past.
    We also do those targeted broad-agency announcements that I 
discussed earlier, which is really where we really go out with 
a set of requirements to see what is available and it gives 
anybody an opportunity to respond in which we would award 
proposals to those folks where it looks like it may meet the 
need or the problem we are trying to solve.
    Mr. Payne. Well, that is great because I am always looking 
for opportunities to partner with different agencies for 
opportunities for small businesses lying in my district and my 
State. So I will be reaching out to you with respect to that.
    I want to know, has TSA considered allowing small business 
to perform portions of the qualification process in parallel to 
reduce costs? For example, a new technology is received. The 
appropriate safety certification, can the testing at the 
laboratory at TSL be done in parallel with operational tests 
and evaluation at TSL--TSIF, I am sorry.
    Ms. Vaughan. Sir, yes, I think that's absolutely something 
we can look into. I think as we further develop our third-party 
testing strategy, and looking at the roles and responsibilities 
of that process with industry, that is absolutely something we 
can explore.
    Mr. Payne. Okay. All right. Chair, thank you. I yield back.
    Mr. Katko. Thank you, Mr. Payne. The Chair now recognizes 
Mr. Walker from North Carolina for 5 minutes of questioning.
    Mr. Walker. Thank you, Mr. Chairman. My Joseph Bank 
signature collection tie is starting to feel a little slighted 
in the room, but we will work through it.
    I am still not overly confident in some of the 
implementations of the GAO and I just want to revisit that to 
make sure that we are passing along to our constituents that 
there is something that is being--some action steps being 
taken.
    Ms. Mackin, I would like to go back to you just if I could, 
please, for just a moment. Who is accountable to make sure that 
these recommendations are being implemented at a timely pace? 
Is that something that you are responsible for?
    Ms. Vaughan. Yes.
    Ms. Mackin. Yes. We have a very active recommendation 
follow-up process at GAO. In this case it will be easy because 
the Department concurred, agreed to implement both 
recommendations, and we have actually seen actions they are 
taking already, even before our report was issued. So we will 
definitely be following up on the concrete steps they are 
taking for both recommendations.
    Mr. Walker. Sure. I am thrilled to hear that. Are there any 
recommendations that are outstanding that are still yet to be 
implemented that you guys are continuing to work on?
    Ms. Mackin. Of the security-related TSARA-type 
recommendations we have made 58 over the years; 51 have been 
fully implemented. There are, I think, about 3 that are still 
outstanding, all pertaining to the AIT system. We, of course, 
are continuing to track TSA's progress in implementing those 
recommendations.
    Mr. Walker. When you say over the years, what kind of time 
line are we looking at?
    Ms. Mackin. October 2003 to present, essentially.
    Mr. Walker. Okay, and those 3, are we working in some kind 
of proactive manner to finalize it? Is there a gap? Is there an 
issue--help me understand, why are we----
    Ms. Mackin. TSA is making progress on those 3. As I said, 
they all pertain to the Advanced Imaging Technology program. 
One has to do with tracking the false alarm rates of that 
system across all of the systems at all of the airports, and 
making sure that the security officers are doing patdowns, as 
appropriate, when an alarm does go off.
    Again, TSA has agreed with the recommendation. It is just a 
matter of taking all of the steps to get it in a place where we 
would consider it fully implemented.
    Mr. Walker. I appreciate both your knowledge and your 
articulation of those remaining implementations. A 2012 
Congressional report detailed that TSA was housing equipment at 
the Transportation Logistics Center in Dallas. This created a 
significant cost, as you might imagine, to the American 
taxpayer without a proper tracking system. Is there any 
indication this practice has been updated, changed, modified? 
Can one of you speak to that? Ms. Vaughan.
    Ms. Vaughan. Yes, sir, I can speak to that. Yes, I 
acknowledge the issues that were encountered in the past. We 
have worked--I have worked with our counterparts in the Office 
of Finance and Administration to establish an inventory asset 
management policy to track the duration, the age of the 
equipment in the warehouse, as well as the total dollar 
threshold of the equipment in the warehouse. I review those 
metrics with the chief financial officer on a biweekly basis.
    Mr. Walker. Okay, and how does this equipment storage 
affect TSA's recapitalization plan? Can you speak to that?
    Ms. Vaughan. The equipment in the warehouse is essentially 
into different categories. So some of it is associated with 
maintenance, or if we have recently bought a newly-procured 
system and we are in the process of recapitalizing and moving 
things from the warehouse or out of an airport, it is the 
staging environment to validate that all of the appropriate 
software and everything is on the machines. So it is constantly 
an evolving situation depending on the state of 
recapitalization or the use of safety stock out of that 
particular warehouse.
    Mr. Walker. All right. Ms. Mackin, Ms. Vaughan, thank you 
very much for your answers. With that, I yield back, Mr. 
Chairman.
    Mr. Katko. Thank you, Mr. Walker. The Chair now recognizes 
Mr. Keating for 5 minutes of questions.
    Mr. Keating. Thank you, Mr. Chairman. Just following up 
briefly on a couple of the other points made regarding small 
business that Miss Rice and Mr. Payne mentioned as well.
    What we are hearing from some of our small businesses in 
the Massachusetts area is the flexibility because they are 
small, and some of the fairs and other things are important, 
but is there an incorporation of web seminars, and conference 
calls, and those things to provide more flexibility in reaching 
out and communicating with small business as well, some of the 
major ways of doing it?
    Ms. Vaughan. So from a TSA perspective, we are always 
interested in looking--I am always interested in looking for 
new and different opportunities to engage small business. I 
think they are a critical player, especially from an innovation 
perspective. They have some of the best ideas.
    I would say from a TSA perspective we did publish as part 
of the TSARA, the Transportation Security Acquisition Reform 
Act, a small business process guide. We do host Industry Days 
and things like that. I personally meet with many different 
small businesses to try and look for different opportunities 
for them.
    I do believe the Innovation Lane concept of establishing 
capabilities at a particular airport will be another avenue as 
well as the third-party testing strategy. I think that will 
open up additional opportunities for small businesses to enter 
into this marketplace, and expand our industrial base.
    Mr. Keating. Yeah, for some time I have been trying to 
promote as much as possible, a stronger collaboration with 
academic institutions and for many reasons. One of them is 
innovation. You are getting, you know, clearly some of the most 
creative minds involved in the process.
    No. 2, in terms of some staffing from time to time it is 
great to build bridges. It is one of our concerns with TSA is 
just recruitment and maintenance of people, and I think if you 
build those kind of associations, that is helpful as well.
    I know that some of the institutions that are really 
specializing in different area, explosives. I know Northeastern 
University, for instance, has done a lot of work on explosives, 
and I know there are a lot of academic, you know, resources 
that are available. How far have you reached the academic 
communities?
    The other thing I think is also important, sometimes when 
you are dealing strictly with vendors, they are just pushing 
their own products and perhaps you don't get as objective a 
viewpoint as you might through some academic avenues too. So 
what are you doing with the academic institutions to try and 
help and use as a resource?
    Ms. Vaughan. So I can speak from a TSA perspective, and 
then I am sure Mr. Wallen would like to inject as well. But we 
do work with the National Labs on a regular basis to explore 
other opportunities. We also work with our counterparts at 
Science and Technology and the relationships that they have 
with academia.
    Mr. Wallen. To continue on with Ms. Vaughan's comments, we 
work with National Labs frequently. We also work with the 
Centers of Excellence. You mentioned ALERT up at Northeastern 
University. We work with them to look for new innovation, new 
creation of new devices, new topics, new areas. So they are 
very helpful in bringing forward technology.
    Mr. Keating. Yeah, and just lastly, you know, the airports 
are so different the way they are managed, the way they are 
operated. That creates challenges in and of itself. How 
successful--I know you are going to try out some of the 
possible procurement, you know, products at individual 
airports, but how does that create challenges for you? How are 
you working with the different airports, the different size 
airports, the differently-structured airports, in this whole 
process?
    Is there anything you can inform us about in terms of 
perimeter security needs that you think might be--I know we do 
a lot of concentration on the gate and getting through, but 
what about perimeter security? Are there, you know, are there 
devices? Is there technology that can be more helpful around 
perimeters of airports as well? I know I asked 3 or 4 things, 
but just jump in.
    Ms. Vaughan. Absolutely. Thank you for your question.
    So from an airport perspective as we look at trying to 
establish these Innovation Lanes, some of the airports that we 
have been in discussions with are in the middle of an airport 
recapitalization where they are looking to really make some 
modifications to the way the airport is laid out. Those present 
wonderful opportunities to try and inject an innovation concept 
and some of those folks are very eager to do that.
    I think as we look at how we potentially could design a 
checkpoint of the future, you know, looking at what that looks 
like in working with the airport, we could involve some 
discussions around perimeter security and some of the 
capabilities that might benefit.
    So it is really taking it from a system-of-systems approach 
and looking at the entire system and the framework and the 
checkpoint.
    Mr. Keating. Okay, I yield back.
    Mr. Katko. Thank you, Mr. Keating. The Chair now recognizes 
Mr. Ratcliffe from Texas for 5 minutes of questioning.
    Mr. Ratcliffe. Thank you, Mr. Chairman. I want to thank the 
witnesses for being here, for your testimony, and giving us an 
opportunity to fulfill our obligation with respect to 
oversight. I want to follow up in that regard with respect to 
some of the things that the GAO and DHS IG found about 
deficiencies in the acquisition of new technology. I am sure 
this has been talked about earlier in the hearing.
    One example is the acquisition of trace portal or puffer 
machines that were designed to blow air on the passengers in 
order to detect explosive particles. From my understanding, TSA 
didn't really adequately test these in the environments that 
they would be, in airports with ambient humidity and dirt 
particles. The bottom line is after spending $30 million, those 
machines were removed.
    You know, I know we all want to be better stewards of 
taxpayer dollars. I am pleased to hear about some of the 
developments through the testimony that has been given here 
today. But I want to follow up, and I want to start with you, 
Ms. Vaughan, I know that technology is ever-evolving. I look at 
what has happened with regard to our cell phones in the last 10 
years. So I can only imagine where airport security can be in 
the next 10 years.
    But in some prior Congressional testimony, TSA 
Administrator Neffenger talked about getting to a place from a 
technology standpoint where passengers become their own 
boarding passes through the use of biometrics, like fingerprint 
scans, to verify identities. I am all in favor of making the 
passenger experience safer, and more efficient, and innovative 
approaches to security. But that being said, I would like to 
hear a little bit more in that regard about your plans, the 
plans of TSA to be able to secure databases of biometric 
information that can be used to confirm passenger identities.
    Ms. Vaughan. Yes, sir. Thank you for your question. Having 
been the former chief information security officer for TSA, 
cybersecurity is core to my heart. So before we do anything in 
terms of capabilities or rolling out technologies, I will 
absolutely ensure which is why cybersecurity was one of the 
common themes associated with my 5-year plan, we will 
absolutely ensure that cybersecurity requirements, as well as 
privacy considerations are considered and wrapped into whatever 
capabilities we would be fielding, including any biometric 
solutions.
    Mr. Ratcliffe. So can you elaborate a little bit about that 
plan with regard to comprehensive IT security, a framework for 
these security technologies?
    Ms. Vaughan. Absolutely. So I worked with my counterpart in 
the Office of Information Technology, who is the chief 
information officer. We essentially are leveraging the 
Department's policies around IT security. So moving forward, 
all procurements for new capabilities of transportation 
security equipment will include cybersecurity requirements so 
that we can ensure that our capabilities maintain pace with 
ever-evolving cybersecurity requirements and the threat as we 
move forward in the cyber environment.
    Mr. Ratcliffe. So, does that plan include testing 
methodologies both during the qualification and operational 
testing?
    Ms. Vaughan. Yes, sir. So our counterparts at the 
Department have also, as part of their oversight authority, are 
also including cybersecurity testing as these capabilities move 
through the process. So not only will we be tested from a 
security authorization perspective in accordance with the 
Federal Information Security Management Act, FISMA, they will 
also receive additional sets of testing from the Department in 
their oversight testing role.
    Mr. Ratcliffe. Terrific. So one of the other things that 
Administrator Neffenger talked about was that he would like to 
screen at the speed of life. In that regard talked about a goal 
of combining metal detection with non-metallic anomaly 
detection, shoe X-rays, vapor detection, all which sounds great 
but it is very ambitious goal. So in that respect, does TSA or 
should I say how does TSA communicate its needs to industry 
partners since the report here calls for mutually-beneficial 
dialogue and communication on that front?
    Ms. Vaughan. Absolutely. So there I would go back to the 
system architecture and a system-of-systems approach that we 
are coordinating with industry through the Security 
Manufacturers Coalition and the Washington Homeland Security 
Roundtable. Very interested in working with them to establish 
open architecture standards to drive towards Mr. Neffenger's 
vision of looking at the checkpoint as a system.
    Mr. Ratcliffe. All right. Well thank you, Ms. Vaughan. Mr. 
Wallen and Ms. Mackin, I had questions for you but didn't talk 
fast enough. So my time is expired. I will yield back.
    Mr. Katko. Thank you, Mr. Ratcliffe. The Chair now 
recognizes the former Chair, Mr. Hudson, from North Carolina.
    Mr. Hudson. Thank you, Mr. Chairman. Thank you for hosting 
this hearing. I appreciate the opportunity to be back here at 
the subcommittee. It is nice to be here. It is great to see 
that the subcommittee is in great hands with your leadership 
and Miss Rice's leadership. I think your backgrounds uniquely 
qualify you for this. As I have watched as an interested party, 
I have appreciated the work you have done so far this year. So 
thank you for letting me be here with you today. I thank the 
panel for being here and your time.
    This Transportation Security Acquisition Reform Act is a 
product of several years of work. I was proud to be a part of 
that, along with Bennie Thompson, Cedric Richmond, Mr. Keating, 
Mr. Payne. This truly was a bipartisan effort, something where 
we worked together, worked with outside stakeholders, worked 
very closely with TSA. I am proud of the product. So it is very 
gratifying to have the opportunity to come back here in a cameo 
role and hear some of your testimony. I appreciate the work 
both with the Government Accounting Office, playing their 
input, and then your work as well inside the agency. Because 
these are important issues.
    I would like to maybe dive a little deeper on Miss Rice's 
point that she was making earlier about engaging industry, 
communicating with industry. One of the issues that we looked 
at early on that led us to want to develop this bill was this 
idea that--and, frankly, it started because we stood up an 
agency and said go solve this problem that is happening right 
now and come up with technology to solve something that is 
already happening. So you are playing catch-up from the 
beginning as an agency.
    But in dealing with the outside industry, what we were 
hearing was they will put out a request for a certain type of 
technology that isn't feasible. Then they will sort-of pull it 
back. Then they will put out a request. Then we will start 
investing money to try to develop a product that we can 
present. Then they will say actually, we are not going to do 
that anymore, we are going to go a different direction. So the 
communication with outside industry was a challenge for 
industry, because industry does have to invest money, has to 
invest time if they are going to work with TSA and come up with 
technology and concepts.
    When you talk about the capability gaps, when we talk about 
innovation, I love to hear what you are saying about that and 
the way you are trying to address that. But the ability to have 
predictability, for industry to see where TSA is going, and 
also to maybe play a role in that. You know, folks, the 
innovators love the fact that you have got a Silicon Valley 
office. These are the folks that can help maybe TSA see where 
we are going to be 5 years from now, what things are possible. 
So it can speed up the process. But it can also get us to a 
better outcome.
    So I am just curious, if you could maybe give, Ms. Vaughan, 
an example of how this is working now, and if there is any 
specific instances where this has happened, or how you have 
moved to implement this and some of the changes that have been 
made?
    Ms. Vaughan. So, thank you for your question. I would say 
that through our work with Science and Technology, we have made 
great strides to ensure that the operator, TSA's needs and the 
capability gaps are aligned with the research and development, 
so that we can have a more streamlined vision to industry as to 
where we are going.
    I acknowledge, I think, you know, there has been some 
issues in the past about the Government needing to be 
additionally transparent to industry. We have made some great 
strides in trying to both increase transparency through our 
testing and evaluation process, through sharing all of our 
process guides, our test plans, and things like that, as well 
as ensuring that the needs of the operator are aligned to 
research and development so we can really focus and help 
industry understand where we are going.
    So I am very hopeful that that is the direction we are 
moving. I also meet with the vendors on a regular basis to talk 
about where we are and where we are going. I think those 
conversations have been very helpful for both sides.
    Mr. Hudson. Are they any structural barriers that still 
exist that prevent you from maybe doing more, whether it is 
with small business, as has been raised, or just industry 
specifically? Are there still things that Congress can do to 
make your job easier? Are there things this committee could 
work towards to help us all reach that goal?
    Ms. Vaughan. So I think this act was wonderful because I 
was in the job about 14 days after it was signed. So for me, it 
really helped me put together my vision in short order. Looking 
at what I walked in to see, you know, yes, we need to increase 
transparency and communication with industry. That only 
benefits both sides I think from a Government and industry 
perspective. Then I also think it allowed me to really signal 
to industry what my vision is, where are key themes, where are 
we going with cybersecurity and system architecture, and 
innovation lanes.
    So I appreciate the legislation. I do think the legislation 
you all put forth in terms of allowing TSA to donate equipment 
overseas is very helpful because I think that will allow us to, 
you know, strengthen our, you know, work with our foreign 
airport operators overseas to strengthen security where 
possible.
    Mr. Hudson. Thank you, Mr. Chairman.
    Mr. Katko. Thank you very much, Mr. Hudson. Many people 
often say that Government, Congress doesn't get anything done. 
Well, this is proof positive that you find a problem, you find 
a solution to it, Mr. Hudson. We are clearly making progress. I 
commend you for that. I commend all of you for that.
    I want to thank all of you for your thoughtful testimony. 
Members of the committee may have some additional questions for 
each of you. We will ask you to respond to those in writing. 
The hearing record will be open for 10 days. The panel is now 
dismissed.
    But before I do so, I want to thank all of you for a great 
job. The hopefulness of the testimony was good. We have got a 
long way to go, like I said. Let's keep it going. For those of 
you testifying for the first time, we all think you did a fine 
job. So congratulations.
    Now, with that being said, I am going to ask you to get 
away from your desk quickly because we are trying to get this 
done quickly and transition to the second team. Thank you very 
much.
    We are in a very brief adjournment. We will sit here.
    [Recess.]
    Mr. Katko. We are back in session. The Chair now recognizes 
the second panel.
    We are pleased to have a very distinguished second panel 
before us. Let me remind the witness that his entire written 
statement will appear in the record.
    Our witness is Mr. T.J. Schulz who currently serves as the 
executive director of the Security Manufacturers Coalition. Mr. 
Schulz, we recognize you to testify but we do want to caution 
you that there are 17 votes expected. We have to leave in about 
5 or 10 minutes.
    So without objection, the committee will recognize the 
Members for as much questioning as we can possibly handle here. 
I am not confident that we can do much. If you would like to 
have a truncated version of your testimony so we can get a 
little bit of testimony, that is fine too. We will leave it up 
to you.
    In any regard, you have 5 minutes total to testify. 
Whatever we don't cover today, we can cover in written 
questions to follow up, okay.
    Mr. Schulz. Indeed. Thank you.
    Mr. Katko. All right. Mr. Schulz.

    STATEMENT OF T.J. SCHULZ, EXECUTIVE DIRECTOR, SECURITY 
                    MANUFACTURERS COALITION

    Mr. Schulz. Chairman Katko, Ranking Member Rice, and 
Members of the subcommittee, let me thank you for the 
opportunity to testify on improvements to the TSA acquisitions 
process.
    I am here today representing companies that develop and 
deliver first-rate threat detection and screening equipment 
across the country and around the world. We are pleased to 
provide our views on improving the TSA acquisitions process.
    We commend this committee and the Congress for passage of 
the Transportation Security Acquisition Reform Act which will 
help establish more accountability and transparency in the 
process. Having said that, we believe there are a number of 
challenges facing the TSA and the viability of a robust, 
competitive, domestic manufacturing base. The TSA's 5-year 
technology plan shows an agency in sustainment mode with 
investment focused primarily on recapitalizing systems. We see 
very little detail in the plan on investments in next 
generation equipment with improved detection and operational 
capabilities.
    Improving the overall TSA acquisitions process can also 
enhance competition in the industry. We believe that the 
greatest opportunity for improvement lies in fixing the current 
test and evaluation process. The process is vital to ensuring 
that capable technologies are fielded. But in its current 
state, it simply takes too long and unnecessarily wastes 
millions of dollars for both Government and industry.
    To that end, we acknowledge and endorse the findings 
outlined by the GAO on the test and evaluation process. We also 
share GAO's concerns that the third-party testing process 
recently instituted by the TSA could, in fact, serve to 
increase costs and time associated with equipment testing. 
There really is no certainty as to whether the TSA will accept 
the findings of that third party.
    In the future, Congress should monitor the third-party 
testing policies and support resources that TSA needs to set up 
and maintain a workable system. TSA should also endeavor to 
identify a handful of solid core capability and operational 
requirements in the involved industry and the development of 
those requirements. That will help attain better alignment 
between the TSA and the vendors.
    Moving beyond the T&E process, we urge Congress to monitor 
and keep updated on the interface between the DHS Science and 
Technology Directorate and TSA to make sure that they are 
coordinating the development of newer, higher-capability 
equipment that can be transitioned to a more effective testing 
process and eventual deployment.
    The plan outlines a desire to transition to a network 
system-of-systems. A key component of this is our open 
architecture functionality. Industry must be closely involved 
as TSA embarks on this goal, as companies have spent tens of 
millions of dollars in R&D in order to get to higher-capability 
equipment. Efforts to seek to standardize the equipment could, 
indeed, stifle innovation.
    In closing, this committee's strong oversight and the TSA's 
efforts to improve the acquisitions process has had positive 
results. We believe continued oversight and monitoring will 
ensure TSA stays on track to implement needed reforms and 
updates to the 5-year plan. I look forward to taking your 
questions to the extent we have time.
    [The prepared statement of Mr. Schulz follows:]
                   Prepared Statement of T.J. Schulz
                            January 7, 2016
    Chairman Katko, Ranking Member Rice, and Members of the 
subcommittee, on behalf of the 9-member Security Manufacturers 
Coalition, thank you for the opportunity to share our collective 
thoughts on potential areas of improvement in technology research, 
strengthening the TSA test and evaluation process, and bringing clarity 
and stability to technology acquisitions. Your vigilance and oversight 
this past year was most welcome, and the SMC stands ready to work with 
you and the TSA in 2016 to improve the security of the traveling 
public.
    The SMC is the unified voice of leading security technology 
companies with manufacturing operations and offices in 10 States. The 
7,000 direct and 20,000 in-direct jobs generated by SMC members run the 
gamut of systems engineering and design to advanced product assembly 
with tested and certified equipment deployed across the transportation 
network throughout the world. Every coalition member is committed to 
delivering first-rate threat detection and screening equipment to 
protect our Nation and our people.
    The coalition is primarily focused on: (1) Developing a straight-
forward dialogue and collaboration with our key Government partners; 
(2) improving the TSA test and evaluation (T&E) process, for which this 
subcommittee just received GAO testimony and on which we largely agree; 
(3) improving the overall TSA acquisition planning; (4) urging an 
improved R&D process that ties back to TSA requirements and 
procurement; and (5) ensuring adequate funding is in place to execute 
important equipment upgrades and recapitalization.
    I am also pleased to serve on the aviation security advisory 
committee (ASAC) and as the co-chairman of the ASAC's newly-formed 
security technology subcommittee. Our thanks to the committee again for 
supporting legislation to codify the ASAC and ensure technology is a 
key focus of this important industry advisory group to the TSA.
                             tsa leadership
    My testimony today will largely focus on TSA's T&E process, the 
importance of building off of the 5-year acquisition plan requirements 
of the Transportation Security Acquisition Reform Act (TSARA--Pub. L. 
113-245), and Congress's important role moving forward. However, first 
and foremost, any meaningful result today and in the future will only 
be achieved when industry has an active and purposed seat at the table 
with Government--not simply to receive information, but to generate a 
constructive dialogue on the threats we face and vulnerabilities ripe 
for exploitation by our adversaries. This will enable manufacturers to 
align private-sector technology research and capabilities with current 
and future threats, as well as to ensure a viable domestic security 
technology industrial base is maintained.
    Over the past 4\1/2\ years in which the SMC has been operating, we 
have seen a laudable increase in engagement by TSA with the industry. 
This trend continues under Administrator Neffenger's leadership and 
with Office of Security Capabilities Assistant Administrator Jill 
Vaughan, who has genuinely sought a greater partnership with 
manufacturers. We are optimistic TSA understands how unpredictable 
purchasing cycles and multi-year time lines for equipment development, 
testing, and qualification negatively impact both Government and the 
industry.
                          tsa acquisition plan
    TSARA required TSA to develop a 5-year technology acquisition plan. 
Released in August, the Strategic Five-Year Technology Investment Plan 
for Aviation Security (henceforth referred to as the ``Five-Year 
Plan''), is a positive step forward in accountability, cross-
jurisdictional collaboration and industry engagement. An essential 
document for industry planning, the Five-Year Plan provides some 
visibility into TSA's schedule for replacement and upgrades of existing 
equipment, and projected future capability needs. But this is just a 
first step. Industry needs a more precise roadmap to know where and 
when to invest. Ensuring our R&D efforts focus on the capabilities that 
will meet TSA priorities and address emerging security threats is 
critical to protect the citizens of this country. Greater partnership 
between TSA and industry will only help with this process.
    The SMC believes the Five-Year Plan can be leveraged to vastly 
improve TSA's acquisition process and, ultimately, the security of our 
aviation system. This committee is in a unique position to monitor 
progress TSA is making on acquisition reform. The SMC supports all 
efforts to ensure TSA is making necessary changes to: Streamline and 
strengthen the T&E process; align budget requests to identified 
requirements; provide clear and consistent details on the threat 
profile to ensure industry is prepared to respond and TSA is making the 
right investments; and ensure meaningful engagement with industry.
                              plan details
    The SMC encourages Congress to require future iterations of the 
Five-Year Plan to provide more specific dollar allocations and 
investment detail tied to particular equipment type. The spend plan 
generically suggests a $3.6 billion investment over the 5-year period 
but fails to align those expenditures along actual programs, projects, 
and activities. Further, there is virtually no mention of ``new'' 
acquisition as opposed to recapitalization. Finally, the acquisition 
plan should be based on the true needs of the TSA from a technology 
capabilities standpoint, not an expected budget framework.
    This lack of detail creates challenges for industry. By example, 
``Figure 8. Approved PSP and EBSP Recapitalization'' on Page 22 of the 
Five-Year Plan indicates TSA plans to recapitalize 897 Enhanced Metal 
Detectors (EMDs) in fiscal year 2016. At this stage, it is unclear 
whether TSA plans to purchase these machines directly off of the 
Qualified Equipment List--equipment that has been certified and cleared 
through the T&E process--or whether new requirements will be introduced 
requiring additional testing and validation. At present, TSA has not 
provided vendors a schedule, RFP, or plan to extend the useful life of 
existing EMDs operating under standing requirements. The SMC is equally 
concerned that in fiscal year 2017 and beyond order volumes for EMD are 
less than 10 percent of fiscal year 2016.
    Figure 8 also suggests acquisition in fiscal year 2017 of 296 Next 
Gen Advanced Technology X-ray (AT-2) machines. Industry is awaiting a 
list of requirements for this technology, which may include 
cybersecurity hardening. Even under the best possible scenario, if the 
requirements document were released and a manufacturer provided 
equipment to TSA for T&E immediately, the likelihood of TSA being able 
to purchase in fiscal year 2017 is challenging based on the 
comprehensive testing process.
    Overall, industry is concerned about future recapitalization plans 
outlined in the Five-Year Plan that consist of peaks and valleys on a 
year-by-year basis. This makes resource allocation and staffing 
extremely challenging for manufacturers. A more consistent, level spend 
plan spread out over the 5 years would enable original equipment 
manufacturers (OEMs) to maintain consistency in staffing and 
manufacturing plans.
                           t&e process reform
    TSARA is an important first step to meaningful reforms, but while 
plans are great, it is the implementation of those plans that 
determines ultimate success. TSA has outlined a number of initiatives 
underway at OSC that seek to improve the acquisitions process, 
particularly relating to the development, testing, and qualification of 
security equipment. While TSA has done a good job of providing 
transparency into the process for industry, the fact remains that under 
the best scenario, it can take 3 years or longer to navigate a piece of 
equipment through the T&E process. While the bar must be high, this 
process impacts innovation, competition, improved security and 
efficiency, as both the Government and industry expend undue time and 
resources navigating a complicated process.
    We believe GAO did an admirable and fair assessment of the state of 
TSA's test and evaluation process and we offer a few of our 
perspectives for this committee's consideration.
    First, GAO touches on a key challenge at TSA: The need to improve 
coordination internally in the T&E and overall acquisitions process. 
The report cites a lack of coordination between program managers and 
the T&E division, which has led to problems in establishing unrealistic 
acquisitions schedules and conflicts in the interpretation of test 
results. Quite simply, the barriers to effective coordination within 
TSA need to be broken down to facilitate a more coordinated 
acquisitions process. Breaking down internal barriers and empowering 
key individuals as well as instituting direct accountability is 
absolutely required.
    Second, as noted in the report, the TSA has begun to share test 
plans with OEMs for specific transportation security equipment (TSE). 
The SMC supports this as a means to ensure alignment on the goals and 
testing procedures between the TSA and vendors. TSA has provided test 
plans for Explosive Detection Systems (EDS), and they are helpful, but 
we encourage test plans for other TSE to be shared.
    The GAO also notes OSC has implemented plans and policies that 
would engage third parties to assist in the test and evaluation 
process. The SMC shares the concerns raised by GAO that the TSA has 
undertaken third-party testing without a clear vision of what the end-
state will truly be. As noted by GAO, the current third-party testing 
procedures could potentially raise costs and lengthen an already 
arduous equipment vetting process rather than provide an expedited, 
focused review that in turn gets equipment to the field.
    The SMC believes that developing a viable and optional third-party 
testing process could be an example of a collaborative initiative by 
TSA and industry. Under this process, TSA would select and certify 
providers in the private sector and conduct proper oversight of these 
entities. Once this is in place, TSA should then accept the findings 
and results of the third-party providers and not start the entire 
testing process over again, particularly on items that are not critical 
to detection and operational performance. Rather than TSA spending 
considerable time testing items that can be objectively measured (such 
as size, weight, lights, basic functions), and then spend weeks in 
coordination and correction, third-party testing could offer a faster, 
more cost-efficient alternative by allowing TSA to focus on the 
critical aspects of threat detection. Overall, third-party testing 
should be used as an economical way to ensure requirements are met, not 
as a duplicative, costly measure.
    It should be noted that setting up this structure will require 
substantial resources by OSC, as the initial vetting, approval and 
certification of third-party testing providers, and the sustained 
monitoring and oversight, will require considerable support. However, 
SMC believes the security and industry innovation benefits of a 
reliable, well-constructed third-party vetting process warrant TSA's 
attention and Congress' persistent oversight to get this right. 
Recently, TSA has reached out to SMC to begin framing out a third-party 
testing program in 2016 and we look forward to this dialogue.
    The SMC also endorses GAO's recommendation that the TSA conduct a 
comprehensive assessment of testing data, including time frames, costs 
incurred and testing delays across all technologies, to ascertain the 
factors that lead to recurrent chokepoints in the T&E process. This 
would provide a good opportunity for industry and TSA to collectively 
identify and find solutions to address the most prominent stumbling 
blocks in the process.
    Finally, perhaps the single, most critical element for ensuring a 
successful test and evaluation process is the thoughtful development of 
equipment requirements. TSA and industry have struggled over the years 
with requirements that number in the hundreds, many of which have 
little relevance with the core detection and operational performance of 
the equipment. There is also the challenge of constantly shifting 
requirements, which cause significant disruptions in the testing 
process. We have urged TSA with each procurement to identify the 
handful of solid, core requirements to test capabilities.
    In summary, shortening and streamlining the testing process and 
collaborating with industry to identify recurrent chokepoints and 
develop solutions would go a long way to getting newer, more advanced 
equipment into the field. It will provide a higher degree of certainty 
to industry that the process isn't a series of roadblocks, but 
important, measurable checkpoints on a linear road. It will also help 
to foster more competition and effective use of Government and industry 
resources.
               s&t investment & interagency collaboration
    The TSA's Five-Year Plan projects a more integrated engagement with 
the DHS Science & Technology Directorate. We urge the committee to 
require more detail in future iterations of the Five-Year Plan to 
include specific examples and plans of S&T investment directly tied to 
fulfilling TSA identified capability gaps and future requirements; the 
subsequent transition of TSE from development to the T&E stage; and 
eventually acquisition. There are substantial opportunities to improve 
coordination between S&T and TSA to ensure the development of newer, 
higher-capability equipment that can be transitioned to a more 
effective testing process and fielded more expeditiously.
    The SMC supports the thoughtful investment of research dollars, 
provided it is tied to addressing real threats identified by TSA as a 
capability gap and with an eye toward eventual and realistic 
procurement either by the Government or as a requirement of Government 
(as in the case of air cargo). Secretary Johnson's efforts to better 
align S&T Integrated Product Teams (IPT) under the Unity of Effort 
Initiative is a welcome first step. TSA and OSC needs to have a 
prominent role in the IPT effort, and ultimately should have a lead 
role in identifying key R&D needs and activities, as they are 
responsible for acquiring and operating equipment that will meet new 
and evolving threats. Further, industry input should be solicited early 
on in the process to ensure research goals align with achievable, cost-
conscious results.
                               life cycle
    Along with the T&E process and up and down procurement cycles, 
there are other notable challenges for industry. In 2014, with no 
industry input, TSA made a decision to expand the projected life cycle 
of EDS machinery from 10 to 15 years. This had significant implications 
on company manufacturing and staffing plans. While the justification by 
TSA was that detection capabilities for known threats continues to be 
sufficient, the results are that future threat research and response is 
stifled and next-generation detection and high-speed capabilities are 
delayed.
    The life-cycle decision may have a very real budgetary and 
operational impact for TSA, as the ability to maintain and keep 
equipment fully operational and performing its mission after 10 years 
of service is increasingly difficult. This means more patches, 
difficulty finding replacement parts, more service calls, antiquated 
operating systems, and less efficiencies. Further, trying to bring 10- 
to 15-year-old equipment into the Age of the Internet of Things is 
almost impossible as the equipment was designed and built to 
requirements that never envisioned cybersecurity, internet 
connectivity, or data conversion capabilities.
    Congress should closely watch TSA life-cycle equipment 
determinations for both delayed security impacts, operational cost 
increases, and the very real implications for a viable domestic 
security industrial base. At a minimum, pushing equipment approval time 
lines to the right delays the next generation of equipment with 
increased capabilities, hinders current performance and stifles 
innovation.
    A market environment that engenders innovation is our best defense 
against improvised explosives and thwarting transportation threats. 
Certainly intelligence is key, but when this fails, if we are not 
encouraging technological innovation and next-generation investment, we 
will lose not only our technological edge, but the industrial base that 
goes with it.
                           open architecture
    Related, the Five-Year Plan touches on a desire by TSA to move to a 
networked system of equipment, or as Administrator Neffenger refers to, 
a ``system of systems.'' A key component of this end-state is an open 
architecture which functionally seeks to better integrate technology 
applications and apply security countermeasures, ``at the system level 
rather than the component level'' (pg. 25).
    The SMC appreciates the discussion provided in the Five-Year Plan 
on this system-of-systems approach and recognizes the security 
proposition of data sharing. However, industry remains skeptical of 
this initiative without greater transparency on what could be a 
significant business disruption and potentially impact security 
efficacy. With a goal of implementing this concept within the next 5-10 
years, the constructive engagement with industry right now is vital.
    SMC encourages caution and thoughtfulness in an effort that appears 
to seek uniformity, commonality, and standardization amongst the 
various TSE, which could ultimately discourage the drive for innovation 
and newer capabilities. While industry supports the concepts behind 
risk-based, layered security, potentially surrendering intellectual 
property and company-sensitive algorithms developed through tens of 
millions of dollars of private-sector investment generates another set 
of risks, including the potential degrading of the competitive nature 
and vibrancy of the industry. We look forward to discussing this in 
more detail with TSA in the future to reach a desired state of better 
capabilities and integration, while maintaining a viable industry base.
               transportation security equipment funding
    As mentioned in the Five-Year Plan and the GAO Report, TSA is 
transitioning into a technology sustainment mode focusing on 
recapitalization of over 2,400 pieces of equipment that are reaching 
their end of life over the next 5 years. While process is key, it is 
also absolutely critical to ensure that recapitalization of security 
equipment is fully funded to keep our transportation system safe and 
the industry viable.
    The SMC is grateful to Congress for its leadership in fully funding 
the fiscal year 2016 DHS budget request for TSA Checkpoint Support and 
EDS Procurement/Installation. We encourage the subcommittee to work 
with your colleagues to continue this trend while reducing the 
bureaucratic barriers for innovation and deployment.
    SMC would encourage this subcommittee to require future TSA budget 
documents to allot specific funding amounts to various technologies 
within the Checkpoint Support account and insist the Five-Year Plan 
provides a lookback on actual equipment purchased during the preceding 
3 fiscal years. Because Checkpoint Support funding is not delineated to 
individual equipment types, industry has had difficulty ensuring 
Federal funds are truly reaching the intended target and consistent 
with previous documents. Further, previous EDS procurements have been 
significantly delayed or cancelled after significant vendor investment. 
Congress should insist on an accounting for these unspent funds and 
ensure they are carried over EDS replacement only.
    These details would go a long way to informing Congress on the true 
TSA operational equipment need as opposed to budget-constrained funding 
requests.
                                closing
    The SMC believes the mission the Chairman and Ranking Member are on 
is the right one. As equipment begins to phase out, new technologies 
must be researched, developed, and purchased. New threats cannot be 
resolved with antiquated solutions.
    The SMC encourages continued, vigilant oversight. However, we would 
encourage the Congress to be mindful of new legislation that could 
serve to bog down an already ponderous acquisitions process with more 
requirements and procedures. This could serve to add additional delays 
and costs. We recommend Congress work with TSA and industry to find 
efficiencies and make this complicated process more streamlined and 
effective. Doing so will save time and money, while providing OEMs and 
emerging companies more certainty to develop and produce a new 
generation of equipment with better capabilities to meet ever-evolving 
threats.

    Mr. Katko. Thank you very much. I remind you that you will 
have an opportunity, given how this is shaking out with our 
votes, to submit anything to supplement your testimony based on 
what you heard today in the first panel. I will give you an 
opportunity to make any comments you want on what you heard 
today. So, please, I encourage you to do so.
    Given all that and given what you have heard today, in 
addition to what you have stated, is there any one thing that 
you would point to that remains a systemic, the biggest 
systemic problem within TSA, even within the last year's 
adjustments that have been made, what is the biggest systemic 
problem you see?
    Mr. Schulz. I think the transparency has gotten much better 
thanks to the work of this committee and the legislation and 
the plan. Now is really the time where the rubber hits the 
road. We need to take this industry engagement to another 
level. That involves more detail on the plans that TSA has as 
it relates to new innovation, new innovative technologies, 
while also recapping the systems that are already in place.
    This really involves a test and evaluation process. That is 
something that absolutely needs to get fixed. It takes way too 
long. It really inhibits competition in smaller companies as 
well. The GAO said we need to get more data there. We need to 
get into that process and see if there are recurrent 
chokepoints in the system. We need to work with industry and 
the TSA to identify those and see what we can do to make that 
better.
    Mr. Katko. Okay. Miss Rice, do you have anything?
    Miss Rice. So, what are your thoughts about how third-party 
testing might--it was clearly the opinion of Ms. Vaughan that 
third-party testing is going to make this a much more efficient 
process. Do you agree with that or not?
    Mr. Schulz. Again, we have stated some concerns about the 
policy as it is in place right now and that we don't have any 
guarantee that that is going to save any time or cost. We do 
think that there can be stood up a viable third-party system. 
What that would entail is TSA going out and identifying capable 
entities that would be able to do this testing, to certify 
them. They would also have to do continual monitoring of these 
entities as well.
    A key component of this is that the TSA, once this third-
party finds that the company hit the mark, the TSA should be 
able to accept that. We shouldn't have to go back and do 
substantial regression testing back at the TSA.
    Miss Rice. How often does that happen?
    Mr. Schulz. Well, we are not really engaged in that third-
party system. But----
    Miss Rice. No, but the going back. I mean, if you are 
saying they not accepting----
    Mr. Schulz. Ms. Vaughan touched on the fact that there is 
quite a bit of regression testing that takes place. That does 
take an awful lot of time because not only do you have to go 
ahead and do the test and the vendor has to go and find fixes 
for that problem, but then you bring it back and there is all 
sorts of paperwork identified all throughout that process.
    Miss Rice. It sounds like communication is a problem?
    Mr. Schulz. It is a problem. It is something that can be 
solved though. The communications within the TSA itself, the 
GAO points to the fact that sometimes there is not quite 
alignment within the TSA from the program managers to the 
people that are actually doing the testing. Sometimes there is 
misalignment as it relates to what the requirements mean. 
Sometimes the test plans and the test results, there isn't 
alignment there. Then you bring in the vendors. Sometimes the 
vendor comes into the program thinking that they know what the 
TSA wants. They are not quite in alignment there.
    Miss Rice. Well, that was the point that I was trying to 
make with the previous panel. What are the lines of 
communication that are set up and where is the attendant 
accountability for conversations that are had between agency to 
agency, not just agency to agency, DHS to TSA, but to the 
vendors?
    Mr. Schulz. She mentioned, Jill mentioned the sharing of 
test plans. To our knowledge, I think for the EDS equipment, 
that has taken place. I don't know for the other technologies 
whether those test plans have been shared. That is very helpful 
because it gives the vendor an idea of what the TSA is looking 
for and how they are going to be conducting the testing. There 
are definitely opportunities to look, work with TSA to, again, 
find these chokepoints and figure out what the communication 
implications are.
    The requirements is a big topic too. It is a very big topic 
because really the success of your T&E process is going to be 
based on how robust those requirements are. Sometimes, as I 
mentioned before, there might not be complete alignment within 
the TSA as to what those requirements are.
    Miss Rice. Hear you loud and clear. Thank you, Mr. 
Chairman.
    Mr. Katko. I apologize for the brevity of your testimony. 
But, again, it is very helpful. I think the colloquy between 
Miss Rice and yourself really nailed one of the biggest 
concerns we have in the committee and something we are going to 
continue to pursue going forward.
    Again, I apologize for the brevity of your testimony. But I 
encourage you strongly to submit anything in writing that you 
wish to offer in addition to your testimony of any concerns you 
have.
    We want to get this right. We understand we are at the 
beginning of, this is a marathon, not a sprint. There is a lot 
more to be done here. So I encourage you to keep the lines of 
communication open with us, keep the discussions open. If you 
think more roundtables are helpful as well, we would be happy 
to have them as well. Because we want to fix this process. We 
want to make sure it is the best process it possibly can be. We 
have a long way to go. TSA is a bureaucratic agency that needs 
to change some of its old habits. Some of the old habits ought 
to go.
    Mr. Keating. Mr. Chairman, along those lines, in your 
written testimony, I imagine your clients have some private-
sector clients as well they deal with. If you could for the 
committee contrast the way that they are working with the 
private side and the public side, I think seeing that side-by-
side might be very helpful to us. Thank you.
    Mr. Katko. Yes. That is a great point. We want to thank you 
very much for your testimony. I thank the Members of the 
committee for their questions as well. The Members of the 
committee may have some additional questions for the witness. 
We will ask you to respond to these in writing.
    Pursuant to Committee Rule 7(e), the hearing record will be 
held open for 10 days. Without objection, this subcommittee 
stands adjourned. Thank you.
    [Whereupon, at 3:26 p.m., the subcommittee was adjourned.]



                            A P P E N D I X

                              ----------                              

          Questions From Chairman John Katko for Steven Wallen
    Question 1. Industry stakeholders have previously told the Members 
of this subcommittee that the relationship between DHS's Science & 
Technology Directorate and TSA's Research & Development has caused 
inconsistencies in the development of new technologies.
    Can you explain the operational relationship between DHS S&T and 
TSA R&D?
    Answer. Response was not received at the time of publication.
    Question 2a. TSA plans to utilize third-party testing for 
technologies that do not meet the operational standards TSA requires. I 
understand that there are not any third-party testers that can 
replicate the explosive testing environment like DHS S&T is able to.
    How is DHS S&T involved in the third-party testing?
    Question 2b. Was DHS S&T consulted at the point TSA was developing 
this plan?
    Answer. Response was not received at the time of publication.
    Question 3a. I have been informed that DHS S&T, specifically the 
Transportation Security Lab, significantly collaborates with private 
industry when developing technologies.
    Please describe the collaboration and how it has aided in the 
development of security technologies.
    Question 3b. What emerging security technologies is DHS working to 
develop?
    Question 3c. What biometric technologies is DHS testing? Looking to 
develop in the future?
    Answer. Response was not received at the time of publication.
    Question 4a. During the hearing, TSA and DHS described progress 
made through the constitution of an Integrated Product Team (IPT) on 
Aviation Security. The IPT will identify capability gaps and coordinate 
R&D program in 2018-2020.
    Please provide IPT capability gap recommendations for R&D 
investment and a current schedule of IPT activities.
    Question 4b. What is the projected role of industry stakeholders as 
part of the IPT process?
    Answer. Response was not received at the time of publication.
    Question 5. Has TSA procured equipment received basic or 
transitional S&T investment to address TSA identified capability gaps 
or overcome technological barriers? Please provide examples.
    Answer. Response was not received at the time of publication.
    Question 6. Provide examples of S&T-led Broad Agency Announcements 
that have eventually translated into a TSA aviation security equipment 
procurement.
    Answer. Response was not received at the time of publication.
    Question 7. The Strategic Five-Year Technology Investment Plan 
notes that approximately $75 million has been spent by S&T for 
university research.
    Please provide specific examples of aviation technology upgrades, 
solutions, or equipment that have been produced and eventually deployed 
in the field by OSC through these programs.
    Answer. Response was not received at the time of publication.
    Question 8. What recommendations would you suggest to increase 
collaboration amongst DHS and TSA and industry?
    Answer. Response was not received at the time of publication.
          Questions From Chairman John Katko for Jill Vaughan
    Question 1a. A provision of the Transportation Security Acquisition 
Reform Act (TSARA) requires TSA to collaborate with the National 
Institute of Standards and Technology to develop standardized criteria 
for testing security screening technologies.
    What is the status of the development of the standardized criteria 
for security-related technologies?
    Question 1b. Has the criteria been effective in the R&D of any 
technologies?
    Answer. One of the key themes in the Transportation Security 
Administration's (TSA) Strategic 5-Year Technology Investment Plan is 
the focus on a system-of-systems approach rather than procuring 
independent technologies with specific functions TSA would take a 
holistic approach moving towards increased interoperability and 
integration, which would include development of standards for open 
architecture. TSA is collaborating with the National Institute of 
Standards and Technology (NIST) on security-related technology 
interface standards that could promote more interoperable passenger and 
baggage screening systems. TSA believes the development of these 
standards and associated architecture will help to streamline 
technology investment and enhance delivery of security capabilities.
    In addition, TSA is working with NIST, through the Department of 
Homeland Security (DHS) Standards Executive to enhance 
interoperability. When developing specifications and solicitations, TSA 
works with NIST to ensure proper reference to established relevant 
standards. With sponsorship by the DHS Standards program, NIST and TSA 
collaborate in order to cross-utilize subject-matter expertise to trace 
standard explosive materials and to support quality assurance efforts 
for fielded Explosives Trace Detection systems. NIST has also provided 
support for TSA's test and evaluation program to develop non-contact 
scanner testing. The collaboration with NIST has led to a more 
performance-sensitive, general level of acceptance tolerances, and a 
more open analysis software tool to move forward from simulant-based 
acceptance of Explosive Detection Systems. These tools are currently 
being transitioned to support both Factory and Site Acceptance Testing, 
once the Project Management Office contractually requests the vendors 
to update their associated test procedures to implement these American 
National Standards Institute test kits.
    TSA recognizes that further collaboration with NIST may open 
possibilities, help the agency plan for the future, assist TSA with 
reducing process delays, and define more precise outcomes in the 
future. In our work to develop the most accurate and precise screening 
technology we continue to make great strides to ensure that operational 
requirements and capability gaps are aligned with research and 
development efforts.
    Question 2a. TSARA mandates that TSA notify the appropriate 
Congressional committees when making a purchase of security-related 
technology totaling $30 million or more.
    How often does TSA utilize its ``other transaction'' authority to 
purchase security-related technologies?
    Question 2b. What technologies have been procured under the 
category of ``other transaction''?
    Answer. The Transportation Security Administration (TSA) does not 
use other transactional agreements (OTAs) to acquire Transportation 
Security Equipment. However, prior to 2005, TSA may have used OTAs to 
acquire testing services and test equipment from Original Equipment 
Manufacturers for the Electronic Baggage Screening Program. That test 
equipment included Explosives Detection Systems and ancillary 
equipment. One unit may have been installed at the Transportation 
Security Lab; another unit remained with the Original Equipment 
Manufacturer to continue development efforts; and perhaps one was 
placed in the field following the test. All of these units were 
disposed of after becoming obsolete. Current TSA policies do not allow 
for the use of OTAs to purchase Transportation Security Equipment.
    Question 3. I understand that DHS has mandated new cybersecurity 
requirements for all networked equipment, and that TSA has communicated 
9 critical cybersecurity requirements to vendors.
    Has compliance with these cybersecurity requirements resulted in 
any delays to TSA's deployment schedule for security equipment?
    Answer. TSA is currently in the process of sharing proposed 
Department of Homeland Security (DHS) requirements with the 
transportation security equipment (TSE) vendors to enhance current and 
future systems' cybersecurity. However, TSA will not know the full cost 
and associated time lines until responses from the TSE vendors are 
evaluated against the cost and benefits of the proposed enhancements. 
While these activities are being pursued, TSA has mitigated the 
cybersecurity risk to TSE by disconnecting them from the Security 
Technology Integrated Program (STIP) network pending these programmatic 
decisions.
    These efforts to address cybersecurity requirements have impacted 
the test and evaluation schedule for the development of Credential 
Authentication Technology (CAT). In January 2016, TSA released a 
request for proposal to the CAT vendor for the implementation of the 
cybersecurity requirements, and held a technical interchange meeting 
with the vendor to discuss technical specifications and requirements 
for personal identity verification integration and the other 
cybersecurity requirements. Once the cybersecurity requirements are 
met, then the CAT vendor can resume testing. Procurement and deployment 
decisions and time lines are dependent upon successful completion of 
testing activities. In that regard, TSA has already notified DHS of a 
schedule breach and is preparing the Congressional report identifying a 
schedule breach for CAT pursuant to 6 U.S.C  563b, as enacted by the 
Transportation Security Acquisition Reform Act (Pub. L. 113-245). Such 
occurrences could impact milestones and disrupt time tables in the 
future.
    Question 4a. I understand that DHS cybersecurity mandates requiring 
PIV card access could delay the deployment of the Credential 
Authentication Technology.
    How is TSA working to rectify these delays?
    Question 4b. When will CAT be deployed, if at all?
    Answer. The time line for testing and deployment of Credential 
Authentication Technology (CAT) has been impacted by the efforts to 
address several cybersecurity requirements, such as Personal Identity 
Verification (PIV) enabling. The Transportation Security Administration 
is working to meet all cybersecurity requirements to enable CAT to 
proceed to final Operational Testing and Evaluation (OT&E).
    In January 2016, TSA released a request for proposal to the CAT 
vendor for the implementation of the cybersecurity requirements, and 
held a technical interchange meeting with the vendor to discuss 
technical specifications and requirements for PIV and the other 
cybersecurity requirements. Once cybersecurity requirements are met, 
then the CAT vendor can resume testing. Procurement and deployment 
decisions and time lines are dependent in part upon successful 
demonstration of system effectiveness, suitability, and cybersecurity 
readiness through Initial Operation Test and Evaluation (IOT&E).
    Question 5a. GAO has reported that TSA fails to adequately monitor 
the maintenance of its security screening technologies which would 
ensure the equipment's effectiveness, and yet TSA found it appropriate 
to lengthen the life span of the EDS machines.
    What is the current maintenance strategy for security-related 
technologies?
    Question 5b. How is the maintenance of security-related 
technologies tracked?
    Question 5c. What prompted TSA to elongate the life span of some 
security-related equipment? Was it from information derived from the 
maintenance records?
    Answer. The Department of Homeland Security (DHS) Office of the 
Inspector General report found that, in some cases, local 
Transportation Security Administration (TSA) personnel at the airports 
were not aware of the status of corrective maintenance actions, or the 
schedule for preventive maintenance being conducted by contracted 
technicians. Since then, TSA has implemented measures to improve 
visibility of maintenance actions and schedules at the local level.
    TSA has detailed and accurate maintenance data on all of its 
Transportation Security Equipment (TSE). TSA centrally manages the 
Performance-Based Logistics contracts under which TSE is maintained. As 
part of these contracts, the maintenance contractors' capture and 
report detailed information for each corrective maintenance action, and 
this information is reported to TSA for validation and analysis.
    TSA's operational experience has indicated that deployed 
technologies have the ability to operate longer without a negative 
operational impact or requiring increased maintenance. TSA equipment is 
in a constant state of maintenance and refurbishment, and is tested or 
calibrated on a daily basis to ensure proper functioning prior to use. 
As a result, the TSE in the field has exceeded initial service life 
estimates and consistently achieves Operational Availability rates at 
or above 98 percent. Because the material condition and functionality 
of the equipment does not justify replacement, TSA deemed it fiscally 
responsible and operationally sound to extend the service life of the 
equipment.
    Most importantly, the deployed fleet of Explosives Detection 
Systems has shown the capability to be upgraded with and to run 
enhanced algorithms. Therefore, the TSE will reach the end of its 
useful life and need to be replaced when next generation technologies 
with improved detection or efficiencies are available, or when the 
current fleet has reached technical obsolescence (i.e., inability to 
run enhanced algorithms to detect the threat). TSA will ensure that 
future considerations of any service life extensions will include 
engagement with industry.
    Question 6a. TSA's recent failures have been well-publicized and 
prompted TSA to conduct a massive re-training effort.
    Has TSA collected data on failure rates since the re-training has 
taken place? Have failures rates gone down?
    Question 6b. Did the failure rates and retraining process inform 
any decisions regarding future technology purchases?
    Answer. Screening operations are the core mission of the 
Transportation Security Administration (TSA). Our Transportation 
Security Officers (TSOs) screen hundreds of millions of passengers and 
approximately 2 billion carry-on and checked bags each year to prevent 
dangerous and/or prohibited items from being carried onto aircraft.
    In response to the results of the recent DHS Inspector General 
covert testing of airport checkpoints and the subsequent TSA Action 
Plan, TSA has developed and delivered Mission Essentials--Threat 
Mitigation (ME-TM) training to the entire TSO workforce plus a number 
of TSA Headquarters and Federal Security Director staff. The overall 
objective of Mission Essentials training is to instruct the screening 
workforce on the link between intelligence information regarding the 
current threat, capabilities within checkpoint technologies, 
operational procedures, and the role of the TSO in mitigating those 
threats. These principles will be reinforced through additional 
offerings in the Mission Essentials training series scheduled for 
quarterly release, and the principles are being incorporated into the 
TSO Basic Training Program for newly-hired officers.
    Training the workforce is a priority for TSA. Collection of data 
for validating the effectiveness of training is on-going and among 
several measures being implemented as part of the TSA Action Plan. 
Total assessments conducted have increased over the previous year to 
approximately 14,000 annually. As a result, TSA has observed 
improvements in covert test assessments since the completion of ME-TM 
training. This Classified aggregated National data can be shared with 
the committee in the appropriate environment.
    The TSA Office of Inspection regularly conducts covert ``Red Team'' 
testing to measure the effectiveness of TSA security systems and 
identify vulnerabilities in the people, processes, and technology. The 
``Red Team'' tests are developed and deployed based upon an insider-
level of knowledge and current intelligence regarding threats against 
transportation systems. Once tests are completed, a Classified report 
is prepared which includes the results, findings, and recommendations 
for mitigating identified vulnerabilities. TSA can provide a briefing 
to the committee in a Classified setting if further information 
regarding testing procedures and results is requested.
    Another element of TSA's response includes assessing areas where 
screening technology equipment can be enhanced. This includes new 
software, new operating concepts, and technology upgrades in 
collaboration with our private-sector partners. TSA will ensure more 
emphasis is given to human factors in the development of requirements 
used for future procurements.
    TSA recently hosted equipment manufacturer representatives at the 
TSA Academy on the Glynco, Georgia, campus of the Federal Law 
Enforcement Training Center (FLETC). The purpose was to facilitate 
coordination between the vendors and Academy instructors and staff, as 
well as to address gaps in awareness about technology training. A 
significant focus has been placed on ensuring that TSOs understand both 
the capabilities and the limitations of the technologies deployed so 
they can be used most effectively. The relationship between equipment 
vendors and instructors is vital to ensuring that TSOs remain up-to-
date on the capabilities of TSA technology.
    Question 7. GAO points out that TSA will now include third-party 
testing for technologies that do not meet the TSA requirements and need 
additional development but TSA did not account for several factors that 
will impact the effectiveness of the third-party testing and, 
therefore, not be as cost-effective.
    Has TSA made improvements to the third-party testing process as a 
result of the GAO report?
    Answer. The Transportation Security Administration (TSA) has 
observed challenges with transportation security equipment passing 
qualification testing and operational testing, resulting in delayed 
acquisition processes and increased test and evaluation costs. TSA is 
working to address these challenges by developing its Third-Party Test 
Program, which is intended to streamline the acquisition process by 
requiring vendors to provide more mature systems in response to 
procurement opportunities.
    TSA initiated its Third-Party Test Program in July 2014, with an 
announcement on the Federal Business Opportunities website. To support 
the implementation of this program, TSA approved the Third-Party Test 
Strategy on April 21, 2015. The strategy was developed with support 
from the National Institute of Standards and Technology (NIST). It 
provides a high-level overview of TSA's Third-Party Test Program and 
the associated roles and responsibilities for TSA stakeholders.
    In addition, TSA is also working with NIST to develop Third-Party 
Test Procedures. This document will identify standardized testing 
criteria, testing requirements, and standardized test scenario 
templates for transportation security equipment. In support of this 
effort, TSA conducted a detailed analysis of each technology's 
historical rate of failures for qualification testing and operational 
testing, and is leveraging this analysis to help define the 
requirements for third-party testing. The priority for developing each 
technology's third-party test requirements and templates are based on 
acquisition time lines and then the historical rate of failures.
    Furthermore, TSA continues to work with NIST to leverage industry 
best practices and international conformity assessment standards in the 
development of its Third-Party Test Program. The program will allow TSA 
to receive applications for potential third-party test organizations 
and will enable TSA to ensure the organization is capable of testing to 
TSA's requirements.
    Finally, TSA is continuing to ensure transparency throughout the 
process of developing its Third-Party Test Program. TSA hosted an 
industry day on February 25, 2016, to engage with industry on the 
detailed updates of the program and solicit feedback on the processes. 
In support of the industry day, TSA distributed a Request for 
Information through the Federal Business Opportunities website on 
January 26, 2016. The purpose of this request is to gather an 
understanding for the potential market of available third-party test 
organizations and generate feedback from industry on their concerns and 
ideas for TSA's program. TSA will leverage responses to the request to 
drive discussion during the industry day, and will ensure to 
incorporate industry's feedback into the continued development of its 
Third-Party Test Program.
    Question 8. TSARA required TSA to develop a 5-year technology 
investment plan, which TSA defined as an investment plan for aviation 
security.
    Why did TSA's Five-Year Technology Investment Plan not encompass 
other transportation sectors?
    Answer. The Transportation Security Administration (TSA) does not 
procure, deploy, or maintain security technology for other 
transportation sectors; therefore, the plan does not encompass them. 
Pursuant to 49 U.S.C  44901(1) TSA must screen all passengers and 
property that will be carried aboard a passenger aircraft operated by 
an air carrier or foreign air carrier.
    TSA, in collaboration with other transportation sector stakeholders 
and the Government Coordinating/Sector Coordinating Councils, does 
develop capability gap analyses for other transportation sectors. TSA 
also maintains several robust programs to assess the marketplace, 
promote developing security technologies, and provide security 
technology data and information to industry and other Government 
departments and agencies.
    Question 9. Does TSA capture and utilize secondary screening data 
to assist in the development of security screening equipment in terms 
of lowering false alarm rates, as GAO suggests?
    Answer. The Transportation Security Administration actively 
utilizes secondary screening data to directly influence Detection 
Standards, including false alarm rates for both Advanced Imaging 
Technology systems and Advanced Technology X-ray systems.
    Secondary screening data is often used to inform a variety of 
performance metrics through Modeling & Simulation tools and the 
requirements development process (e.g., Detection Standards are 
directly incorporated into requirement documents). Analysis of data, 
including false alarm rates, on how the equipment is affecting the 
system is used to model staffing needs. Networking of Transportation 
Security Equipment will also provide real-time performance data.
    Question 10. During testimony, it was identified that the process 
for security-related technologies to be tested and evaluated is, 
approximately, 1 year.
    How is TSA working to improve the average time span to T&E and 
procure security-related technologies?
    Answer. The Transportation Security Administration (TSA) works 
closely with the Department of Homeland Security (DHS) Science and 
Technology Directorate to identify new and emerging technologies to 
safeguard our Nation's transportation network. TSA follows DHS 
Acquisition Directive 102 (AD-102) for the procurement of new 
capabilities or procurement of capability upgrades (either hardware or 
software) to existing transportation security equipment.
    The amount of time it takes for a technology to pass through the 
procurement process varies widely depending upon the complexity of or 
enhancement to the system, and the technology's readiness for testing. 
TSA is proactively working towards accelerating the acquisition 
process, reducing procurement delays, and reducing the overall time-to-
deploy, while at the same time ensuring that required detection 
capabilities are achieved.
    TSA is working to increase communications with the transportation 
security equipment vendors and is revamping current processes to ensure 
more collaboration and their earlier involvement. Additionally, TSA is 
increasing transparency into its testing and procurement strategies to 
allow vendors the opportunity to create long-term development 
strategies to support TSA's acquisition plans. Finally, TSA is 
conducting a comprehensive assessment of Test and Evaluation (T&E) 
processes to identify challenges and their impact on the acquisition 
process, and to identify continued areas for improvement.
    TSA is currently exploring opportunities to increase the ``up-
front'' communication between TSA and the vendor by revamping the 
Qualification Management Plan (QMP) and Qualification Data Package 
(QDP) process. The purpose of a QMP is to provide guidance to vendors 
on how to prepare a QDP with sufficient detail and substantiation to 
enable TSA to determine whether a system is ready to enter into TSA's 
formal T&E process. This process will allow TSA to better communicate 
system requirements to the vendor.
    Question 11. Please identify which locations TSA has identified for 
potential implementation of ``innovation lanes''.
    What is the time line for implementation of ``innovation lanes''?
    Question 11b. What locations does TSA plan to utilize for the 
``innovation lanes''?
    Question 11c. What are TSA's priorities for test and evaluation as 
part of this initiative?
    Answer. The Transportation Security Administration (TSA) is 
pursuing the establishment of Innovation Lanes at various airports. An 
Innovation Lane would be a partnership with manufacturers and industry 
to demonstrate emerging capabilities in an airport environment.
    TSA is in the early stages of defining Innovation Lanes and is just 
beginning to have discussions with airports. Innovation Lanes could 
provide an opportunity for TSA and vendors to gather data in an 
operational environment, while potentially enabling manufacturers to 
mature technologies before entering into the formal acquisition 
process, thereby reducing the overall time it takes for TSA to 
introduce new technologies. Innovation Lanes could also help TSA 
develop detection requirements, Concept of Operations, and testing 
methodologies.
         Questions From Chairman John Katko for Michele Mackin
    Question 1. How would GAO categorize the changes TSA has enacted 
since the implementation of the Transportation Security Acquisition 
Reform Act?
    Answer. Response was not received at the time of publication.
    Question 2. How do the acquisition processes of DHS and TSA compare 
to other Government agencies' best practices?
    Answer. Response was not received at the time of publication.
    Question 3. Given the findings of GAO's latest report, were there 
any issues identified that would warrant future investigation?
    Answer. Response was not received at the time of publication.
    Question 4. GAO, in its latest report on TSA acquisitions, 
identified that 11 of 22 security-related technologies failed the TSA 
testing and evaluation process.
    What steps can TSA take to develop a more efficient process to 
prevent such high failure rates in their testing and evaluation 
process?
    Answer. Response was not received at the time of publication.
    Question 5. A 2012 Congressional Report detailed that TSA was 
housing equipment at the Transportation Logistics Center in Dallas, 
Texas, at significant cost to the American taxpayers without a proper 
tracking system.
    How does the equipment in storage affect TSA's recapitalization 
plan?
    Answer. Response was not received at the time of publication.

                                 [all]