CONCERNS REGARDING SAFE

STATO STAT 131A-37---61-a-rbhdie ea.to? ....1 i sy. ; ?0 01- 10: i i ?icv r.,III III iing:2- ? /1--5,:i4/7Z7 SUBJECT: (Optional) Concerns Regarding SAFE EXTENSION / 7 NO. ODP 0-386 FROM: " D/ODP/DDA HR 2-0-00 I-IQS. DATE 31 March 1980 TO: (Officer designation, room rumber, and bu ilding) ? DATE OFF ICER'S IRIITIALS COMMENTS (Number each comment to show from whom so wham. Draw a line across column after each comment.) namm FORWARDED ? DDA 7D-24, Eq. , ' STATINTL . Don: ' As this memorandum was off the typewriter, L._ -coming called to tell . STATINTL ime tnat ne naa just met with land had shown nim our joint memorandum to the Director. I Isaid 4. STATINTL that he can support everything that we said in that memoran- dum. With reference to para. 5 of my attached memo, when George spoke of updating functional requirements he really meant that there was a need to investigate anew the requirements which CIA and DIA analysts might have which would exploit a link connect- ing the SAFE systems in the two organizations. I must confess that I could wish that if that was his intention, he had found a clearer expression for it. Bruce T. Johnson . . ' Et. ' 10. 11. 12. 13. ? - 14. IL r*Pm 610 m2=4 1-79 Approved For Release 2002/06/18 : CIA-RDP84-00933R000500070019-2 STATINTL Approved FoRelease 2002/06/18 : CIA-RDP84-00933R000500070019-2 ODP 0-386 31 March 1980 MEMORANDUM FOR: Deputy Director for Administration FROM: Bruce T. Johnson Director of Data Processing SUBJECT: Concerns Regarding SAFE REFERENCES: A. Memo to DCI fm Dint? dtd 26 Mar 80, subjects Project SAFE (IRC/MM 80-2408 STATINTL B. Memo to DCI fm D/ODP and D/OCR dtd 26 Mar 80, subject: Concerns Regarding SAFE (ODP 0-369) STATINTL 1. Attached is a copy of memo to the DCI (Reference A) commenting on the issues raised by the Science and Technology Advisory Panel (STAP) on Project SAFE. (Another copy is coming to you directly frowl 2. I regret to say that I find far less support for CSPO than I expected to find in George's memo. Re has indeed, particularly on page 4, said some of the things I thought he would say, but he precedes these points with others which, I fear, will augment any existing concerns about the way SAFE is being managed. 3. In paragraph 3 nanages to convey the idea that CSPO has been dilatory about changing the SAFE speci- fications to include the CIA/DIA link. In fact the amendment has already been given to the contractor (as noted in the response to STAP's question 5) and the change has reached STAT them in ample time to be taken into account as the design of SAFE takes shape. In any event, the link cannot be acti- vated until both organisations have systems, which is to say it will be operative no earlier than 1984 when DIA/SAFE comes on-line. 4. In paragraph 5. George makes some assertions about the need for interconnected services which he supports by quoting the Inc-sponsored Analysts Support Study. I have asked Clare Rice to have someone look carefully at the claims Approved For Release 2002/06/18 : CIA-RDP84-00933R000500070019-2 Approved Fokaelease 2002/06/18 : CIA-RDP84-009344000500070019-2 made in this paragraph. I do not believe that the Study presents as clear a picture of analysts' needs as George asserts. He speaks of analysts regularly accessing SOLIS, for example, but the Study merely says that 368 of all the analysts interviewed (including CIA analysts in the total number) use SOLIS regularly, defining regularly as "at least once a month.* When we meat with the Director, OCR will be prepared with more information on these claims based on the Analysts Support Study. 5. Perhaps the most troubling statement George makes is in paragraph 6, where he says that there has been no extensive formal review or update of CIA's functional require- ments." As you learaed during our joint session with Bruce Clarke, the review and updating process has been going on continuously since the decision was made to proceed with the SAFB Project. George is well aware of this fact and I hope to learn from him before our meeting with the Director just what he meant by this statement. 6. The other point which will almost certainly catch the Director's eye is the suggestion in paragraph 7 that he task someone to define the security issues inherent in system interconnection. Here I am sure George intended to be help- ful but he manages again to convey a sense of management failure to address these questions. In fact, we are intensely aware of the security issues and expected to address them as a part of our developing plans for integrating SAFE into the rest of the ODP services. It is not too soon to begin thinking about these problems but neither, in my view, should we be accused of being lax. In stating the problem as he does, unfortunately, George manages to convey the idea that we have indeed boon lax. 7. As you can tell, I am not very happy with the "supportive" document from the Director, IRO. Almost cer- tainly his comments will complicate our meeting with the Director next Thursday. However, no one promised thatit- --3TATINTL ST/ATINTL would be easy to develop the SAFE system. ILLEGI 8. and I ar Chairma gain some clar You should knew that Messrs. Rice, meetingon Tuesday afternoon, 1 Ap of the STAP. We hope at cation of the STAP's stated ill keep you advised. cc: C/SPS/ODP Clarke hat meeting to concerns about 151 Bruce 'T. 'Johnson Bruce T. Johnson Approved For Release 2002/06/18 : CIA-RDP84-00933R000500070019-2 merit Staff MEMORANDUM FOR: VIA: FROM: CIA ItilERNAL iSE ONLY The Director of (:clitrJ1 Intelligence I)(: 21.1505 S TAT INTL roppid IHC/MM 80-2406 26 March 1980 Director of Central Intelligence Deputy to the DCI for Resource Management uirector, inrormation Resources Office SUBJECT: Project SAFE REFERENCE: ? A. Your memo of 21 March, Subject: Concern Regarding SAFE (Tab A) S TAT INTL B. Memo from Chairman, STAP to DCI dtd 18 Mar 1980, Subject: Questions Regarding SAFE (Tab 8) 1. I appreciate the opportunity to comment on the issues raised by the STAP Panel in connection with the SAFE Project. As background to our comments, I should point out that last year, after discussions between the D/DCl/RM, the DOCI,'and DDA, it was determined that the focus of our interest in SAFE was to be "the areas of resource allocation and the relationship of SAFE to other programs on a Community-wide basis."* Although we have continued to review the development of Project SAFE, our primary attention has been in accordance with the above quoted limitations. Conse- quently, we are not prepared to comment, except in general terms, on many of the concerns raised in the referenced STAP memorandum. 2. Of the four principal concerns listed in your memo of March 21st, only one falls within the scope of IRO's responsi- bility as set forth in paragraph 1 above, namely: "What actions are underway to ensure that the gence Community has access to CIA SAFE and that CIA SAFE has access to DIA SAFE as well as such systems as COINS and SOLIS?" *Memo from DDCI to D/DCl/RM dated 16 March 1979, Subject: Project SAFE Approved For Reiew wpggrmis )9.tiek?clI,E71P(134-00933R000500070019-2 USL It is appropriate that your concerns along these lines 0 addressed because: o At the DCI's semiannual review in May 1979, it was stated that a direct physical link between the DIA and CIA systems would be provided. ? o Our review of the current version of the System Requirements Specifications indicates that such a communications connection between CIA and DIA SAFE systems is not included in the specifications. o I have discussed this deficiency to the attention of the SAFE Project Manager and he states that such a requirement will be added by amendment; that, although this has not yet been accomplished, such an amendment will be prepared in the near future. 4. We believe that it is crucial to the ultimate development of the types of intercommunication which are set out in your subject memorandum that this requirement be now formalized in the SAFE documentation since, if properly specified, it will provide the technical capability to enable: o CIA analysts to access DIA files. o CIA analysts to access other Community files through the DIA SAFE interface with the COINS network which is included in the current requirements documents. o DIA analysts to access CIA SAFE files. o Analyst to analyst communications between DIA and CIA analysts. o The capability to permit other Intelligence Community components to access CIA SAFE facilities by going through the DIA interfaces with the COINS or AUTODIN networks. 5. It should be noted that the provision of the physical links and the technical capabilities to accomplish the above listed functions will not, in and of itself, result in the implementation of any of these functions. None of the SAFE documentation, either emanating from DIA or CIA, calls for these functions to be provided. Indeed, the original CIA SAFE docu- mentation specifically provides that the CIA SAFE system will be a closed system accessible only by CIA personnel. The position has been taken by .some that CIA has no validated requirement for access to any non-CIA system, including DIA SAFE. The results of Approved For Release 2002/06/18Z. CIA-RDP84-00933R000500070019-2 r. ? e INC-sponsored Analyst Support Study indicate that this is probably not the case. "Nearly half of the CIA analysts Interviewed said they regularly access outside data bases such as SOLIS, the COINS files, CIRC II, and the NPIC data system. Furthermore, analyst-to-analyst communication across agency lines was ranked the second most important source of information by CIA analysts and the most important source by DIA analysts. As automated systems develop and improve and analysts become increasingly confident in their use of and reliance upon direct access to automated systems, requirements for and the value of access to external systems should increase still further. 6. The management of the Consolidated SAFE Project Office is working under a handicap in this area. There has been, to our knowledge, no extensive formal review or update of CIA's functional requirements on the user side since the decision was made to combine the two programs. Without any formal statement of requirements from the CIA analytical community (primarily NFAC) which the system is designed to support, it is difficult for those charged with designing and implementing the system to anticipate what those needs may be. Therefore, we suggest that either you or some other appropriate authority should give to the SAFE Project Office some appropriate guidance which addresses these areas of concern. 7. We would call to your attention the fact that providing any access to the CIA system from DIA and more especially from elements of the Intelligence Community outside of DIA raises serious security issues. The resolution of these issues will probably require action on your part to modify the present interpretation of existing security policies, or in some cases amendments thereto. If you should decide that the combined SAFE systems should provide the types of intercommunication and outside access which are outlined in your areas of concern, then someone (possibly the Computer Security Subcommittee of the DCI Security Committee) should probably he tasked with the responsibility of defining the security issues, suggesting possible solutions, and performing appropriate risk analyses so that they may be submitted to you for resolution. If this is undertaken, IRO should probably be involved in some way since decisions on these issues will ' undoubtedly have major long-term effects on the feasibility of improving the interagency exchange of information and could also have a substantial impact on the resources which will be needed to satisfy Community ADP requirements. 8. General comments on other concerns expressed by you based upon our limited perspective are: 3 Approved For Release ?Opi.?49,,641 91,*-r.R RI?T4,-00933R000500070019-2 CIA INTERNAL USE ONLY STATINTL We are informed that of OCR is coordinating the CIA user interface with the CSPO; that he is completely aware of the status of the project and consults regularly with the CSPO. o In the development of a project such as SAFE, it is extremely important that a well defined single point of contact between the users and developers be established and maintained. Otherwise, the system developers will be faced with conflicting statements of requirements. o If, in fact, the established lines of communications with the users are not adequate, perhaps the reason is attributable to a lack of an effective framework within NFAC to provide a continuing review of SAFE as it develops. If this is the case, we are not aware of it. o We see no evidence that "major portions of the proposed operational capabilities are unspecified." It is, however, probably true that NFAC should direct more attention to the general issue of what its requirements for op'en source material are and how these should be met, either through SAFE or other means. o The decision to place SAFE on a design-to-cost basis necessarily implied some scaling down of the original requirements for the initial version. In consonance with this, NFAC did review and set priorities on the original SAFE requirements. o It is our assessment that the CSPO is proceeding with development so that NFAC's highest priorities will be met first and the design will accommodate the later addition of those functions which now enjoy a lesser priority. o If some of the capabilities which this approach will require to be deferred are considered to be important enough to Warrant it, NFAC should develop a justifi- cation for their inclusion in the initial version of SAFE and the issue should be addressed during program review. 9. In conclusion, I would take this opportunity to inform you of two initiatives we are taking in conjunction with the IHC which may have an impact on the future development of SAFE. 4 Approved For Re1.99.2.992!06.118 : CIA-RDP84-00933R000500070019-2 C!ft, IN1ERNV. USE ONLY The development of a user language for SAFE will result in a common user language for DIA & CIA. We are exploring the possibility that this could become the initial step for developing user language standards for use throughout the Community. This will require the cooperation of the SAFE Project Office if it is to succeed. o We expect the INC to recommend the development of a distributed system of bibliographic informa- tion storage and retrieval systems. If this is to be done, the facilities of both the DIA & CIA SAFE systems in this area will have to function. as part of an overall Community system. If this is to be accomplished, the interconnection of the two systems could taken on added importance. STATINTL Approved For Release 2002/06/18 : CIA-RDP84-00933R000500070019-2 It;TFWIA1 HSE UNIV Approved ForpRelease 2002/06/18 : CIA-RDP84-009i3R000500070019-2 NFAC . ODP 0-369 26 March 1980 MEMORANDUM FOR: Director of Central intelligence VIA: Deputy Director for Administration Director, National Foreign Assessment Center FROM: Bruce T. Johnson Director of Data Processing, DDA SUBJECT: REFERENCE: Clarus W. Rice Director of Central Reference, NFAC Concerns Regarding SAFE Your memo dtd 21 March 1980, same subject (Exalg 80-754/1) 1. This memorandum responds to your query of 21 March 1980, transmitting some questions about SAFE posed. by your Science and Technology Advisory Panel (STAP). , 2. Attached ara answers to the specific questions raised by the STAP, presented in a narrative form reflect- ing the complexity of some of the issues they addressed. These answers represent the coordinated views of OCR and ODP, reviewed and endorsed by the DDA and the Director, NrAc. 3. At our ptine with vou1 now scheduled for 3 April, we propose that 14r.1 1 Director of the Con- STATIN solidated SAFE Project Office (CSW), present a brief summary whit% addresses the four concerns you list in your memorandum, after which we will be prepared to elaborate on ny of those or other STAP questions about SAFE. We will also have available 1 Chief of OCR's Systems Analysis Staff, to alscuss nrau.s exodnsive efforts to iden- tify user requirements. STATNIL STATINTL 4. We understand that Masers will be at the meeting, and welcome vie opportunity no discuss their questions with them. We would like to suggest however, that it may be profitable for us to spend some additional time with them subsequent to our joint tooting Approved For Release 2002/06/18 : CIA-RDP84-00933R000500070019-2 TL Approved Foelease 2002/06/18 : CIA-RDP84-00933R000500070019-2 SUBJECT: Concerns Regarding SAFE with you, to supplement the one short briefing previously provided for them by SAFE. managers. /s1 Bruce T. Johnson ' "Bruce T. auison STATINTL CONCUR: STATINTL Clarus W. nice Deputy D rector n strat on Data aiiabre National Poreign Assessment Attachments: a/s cc: D/CSPO 0/D/ODP/BJohnson:ee/3-26-80 Distribution: Orig - DCI w/att. 1 - DDCI Watt. 1 - Exec. Reg. Watt. 1 - D/NFAC Watt. 1 - DDA w/att. 1 - D/CSPO Watt. 1 - D/OCR Watt 2 - ODP Registry w/o att. -2 - O/D/ODP w/att. Center 2 6 VAR 19 80 Date Approved For Release 2002/06/18 : CIA-RDP84-00933R000500070019-2 STATINTL Approved For.getweiR9pw@jsEciettwp84-00934goo /51 VP, , tr OJ' c 21 March 1980 OOP -- 1";c Y12: '47 V2-1(- /5-30-,Otact ,b? MEMORANDUM FOR: Deputy Director for National Foreign Assessment Deputy Director for Administration Director of Data Processing FROM: Director of Central Intelligence SUBJECT: Concerns Regarding SAFE 1. One of the subjects addressed at the recent Science and Technology Advisory Panel (STAP) meeting was the SAFE system and its implementation. Several concerns were expressed at the meeting regarding SAFE, including the fact that there are no plans at present to connect CIA and DIA SAFE systems so that they are mutually accessible. I share several of the.concerns expressed by the Science and Technology Advisory Panel, and accordingly would like to meet with you to address several of the issues that were raised by the Panel. I attach for your information and response a list of questions and concerns prepared by the STAP relating to SAFE. While I would appreciate your being prepared to address all of these questions at our meeting, I personally am especially concerned about the following: -- What actions are under way to ensure that the Intelligence Community has access to CIA SAFE and that CIA SAFE has access to DIA SAFE as well as such systems as COINS and SOLIS? -- How will SAFE deal with open source material? -- As described in some detail on page 3 of the STAP paper, what actions are being taken to identify the real needs of the SAFE user community and will they be satisfied by the system? -- How cen CIA make a reasonable evaluation of the current status of SAFE with major portions of the proposed operational capabilities either unspecified or not communicated to the Agency? CIA INTERNAL USE ONLY Approved For Release 2002/06/18 : CIA-RDP84-00933R000500070019-2 Approved Fop?Reklie hieTiA5i)181-J:S81/aldP84-009336t000500070019-2 2. I will schedule a meeting to discuss these issues toward the end of next week. In the meantime, I would appreciate your responding to all of the questions in the attached paper and providing such responses to me by the middle of next week for my use in preparation for the meeting. Attachment ais STATINTL cc: DDCI DDS&T 2 CIA INTERNAL USE ONLY Approved For Release 2002/06/18 : CIA-RDP84-00933R000500070019-2