Linux in Government: DHS Secretary Ridge Gives the Go Ahead to Linux

Like many government contractors, the provider of ERN (Emergency
Response Network) Systems maintains a low profile. When you ask the CEO,
Jo Balderas, for references she politely says, "the Federal Bureau of Investigation, the Department of
Public Safety and the Department of Homeland Security". That's quite
an impressive list, and it represents only a few of the company's clients.

When you ask for a technology snapshot Jo says, "currently we use
an enterprise open-source software stack known as LAMP (Linux, Apache,
MySQL and PHP). We also use an appliance to support rapid deployment
and to minimize total cost of ownership. Our roadmap has us integrating
the OASIS Common Alerting Protocol (CAP) version 1.0 and Justice XML
standards within six months."

CAP enables the exchange of emergency alert and public warning information
over data networks and computer-controlled warning systems. Justice XML
is evolving into a method for justice and public-safety groups to import
and export data from multiple databases and publish it in various
formats. Justice XML officially is known as the Global Justice XML
Data Model.

ERN Systems has supported the Dallas FBI Emergency
Response Network since May 2001, through both the September 11
terrorist attacks and the Space Shuttle Columbia disaster.
On September 11, 2001, the FBI used ERN to immediately locate
InfraGard
personnel to confirm their immediate statuses and any anomalies. Within
minutes, InfraGard partners such as American Airlines, EDS, Sabre and members
of the banking and defense industry provided status reports and contact
numbers. The Dallas FBI began to use ERN to communicate with InfaGard in
the post-9/11 investigation period and continues to use it today.

On February 1, 2003, the FBI used ERN during the Space Shuttle Columbia
disaster. The crash occurred at 8:05 am. By 8:10 am, FEMA had contacted
FBI Dallas requesting a phone number for Johnson Space Center (JSC) in
Houston, as no one (FBI, FBI HQ, FEMA, OHS) could reach the published
number. FBI used ERN to locate all law enforcement personnel in the
Houston area. A Houston intelligence officer provided the cell phone
for JSC's Director of Security. By 8:15 am, using ERN, all 800 numbers and JSC
instructions were transmitted by the FBI to the public and
to first responders.
ERN Roll-Out--Will It Scale?
On June 23, 2004, DHS and the FBI launched the first Homeland Security
Information Network-Critical Infrastructure Program in Dallas using
ERN. Additional implementations are scheduled to follow in Seattle, Indianapolis and
Atlanta. Homeland Security decided to turn the initiative into a pilot
program. Each site will operate this year to determine if ERN can become
the application for other cities across the country. One might think
that ERN's three-year history of reliable and critical performance
would prove sufficient evidence.

After spending time with the founders and creators of the ERN
project, I quickly realized that they could face a critical political
challenge from the vendor lobby. As noted in
last week's
article, "law enforcement cannot work effectively when the people
in decision-making positions in our government fail to empower
them. Currently, the evidence points vividly to state CIOs who have
failed to implement any of the "value add" they claim to have."

The same possibly holds true now that ERN officially is out of the
bag. Will we discover that "the biggest barriers still remain cultural
components, legal components [and] political components", as Tom Richey
said. Will those components in regional offices of DHS hamper the rapid
deployment of ERN? Will using Linux and open-source components require leaders within DHS
to put aside their unfounded prejudices and embrace this technology as the
multiplier for solving our security problems? Will they put the nation's
interests ahead of their loyalties to larger and more influential vendors?

One would expect Red Hat to assist in this effort because the solution
uses Red Hat's Enterprise Linux product. With ERN gaining public
exposure, will Red Hat recognize this opportunity quickly? It certainly provides
the company with a serious entry into this vital area.

One has to wonder if ERN will run into the regional hurdles of DHS
because of the special interests. Will decision makers use their standard
techniques of "delay and bury", or will they overcome their allegiances
to, say, Microsoft? Simply put, will they give ERN a chance to prove itself?

If not, the country will have to ask some hard questions: Can DHS make
sound technology decisions by breaking the hold of influence peddlers?
Perhaps, we even could re-form the question by asking: Given the rise of
other technologies, such as the LAMP stack, can we trust bureaucrats who
have made questionable or inferior technological decisions in the past
to make better technological decisions in the future? Or will the sway
and tug of marketing, "nobody ever got fired for buying IBM" rationale
and other reductionist thinking continue to hold?
A Critical DHS Application
Few of us realize that the permanent government runs the country, and
that's not necessarily our elected and appointed officials. Actually,
one even might say that the permanent government doesn't do that work, at least sometimes
not efficiently. The permanent government consists of the long-term
civil servants who operate in fiefdoms. When someone gets the blame
for the failure of a department, its usually an elected official whose
inheritance is his or her agency.

The Dallas FBI worked to put ERN into place. Here's a part of the
permanent government that does work and works for the people. Now, they
want to share this incredible software solution with the rest of the
nation. Will they succeed?

Currently, the Dallas FBI has the ERN system. It has run for three years
and uses Linux, Apache, MySQL and PHP. Look elsewhere, and the remainder
of the country lacks such a critical application. When you want to report
an incident or a suspicious activity, if it doesn't make it to the ERN
system, it falls into a hole.

ERN has a database of strategic contacts that includes local, national and
international individuals in both public and private sectors. The dynamic
alert and notification system supports broadcast and targeted distribution
of information, such as:

• 10,000 voice calls per minute
• 30,000 simultaneous inbound hotline
  calls
• 3,000 simultaneous faxes
• 5,000 simultaneous e-mails
• 5,000 simultaneous text messages
• Immediate Web site changes.

And additional notification technology currently is being added quarterly.

ERN provides dynamic and unobstructed information sharing between program
partners at every level of government and the private sector. This
system even alerts providers to the location of supplies and equipment
so offices quickly can assign those critical assets in case of a crisis. Those
assets include personnel, equipment and vehicles available in daily-use
or crisis-use situations. In other words, ERN can provide immediate
dispatch of the country's assets to disaster areas.

Why wouldn't every citizen in the US and across the globe want this
system active and operational today?
Figure 1. Secretary Ridge and Jo Balderas
Secretary Ridge Lets the Cat Out of the Bag
On June 23, 2004, when Secretary Tom Ridge gave a speech in Dallas
honoring the creators of ERN and their founder Jo Banderas,
he
said:

A girl grew up in Chicago, the youngest child in a family with twelve
children. Her cousins and uncles and godparents worked the sweaty, hard
jobs of Chicago cops and firefighters, and two of her brothers went away
to Vietnam with the Marine Corps. She grew up, married and stayed home
to raise three kids of her own. Then she taught herself computers and
the technology necessary to use them. Then she started her own company
with her son--a company that had software that, among other things,
helped talent agencies conduct talent searches.

And this software, this technology with a robust search capability,
was the type of technology that the FBI desperately needed after
September 11th. On September 12, it took 2 and 1/2 hours to reach 540
local law enforcement organizations in Dallas to stand up multi-agency
command posts. We needed a better, faster tool to disseminate and collect
information, and connect people. When Art Fierro, Special Agent with the
Dallas FBI, called this woman, she took down all the FBI's requirements
and redeployed her existing technology to fulfill our country's needs.

The FBI told her that they could not pay her very much money. She said
not to worry about the money, the country faced a national emergency and
she would do whatever it took to help. Sacrifice on behalf of our country
often requires us to forfeit self interest and private goals for the sake
of the common interest and public good. For her sacrifice and patriotism,
today I'd like to recognize and thank Jo Balderas. I'd also like to
recognize Art Fierro for his tireless efforts to help develop this great
tool that the private sector can use to communicate with each other and
with the Department.

Secretary Ridge went on to describe ERN, which Jo Baldera's company
started and which has become part of Homeland Security's information sharing
initiative:

One of these solutions is the Homeland Security Information Network
Critical Infrastructure Pilot Program (HSIN-CI). A program forged by
the strong partnership not only between the FBI and the Department of
Homeland Security, but also with the private sector, our local leaders,
law enforcement and first responders.

It is a cross-agency, cross-sector, cross-discipline, public and private
information-sharing and alert notification system. And it is locally
governed and administered by knowledgeable, respected domain experts and
decision makers from the private and public sectors.... HSIN-CI will
provide unobstructed information sharing to the right people--those
who need to know and those who need to act.

And it will provide it quickly, with the capability to make 10,000 calls
per minute and send 3,000 faxes simultaneously. Notifications can also
be sent out by e-mail and text messaging.

In a Department of Homeland Security
Press
Release, we learn even more:

The [ERN] HSIN-CI pilot program, modeled after the FBI Dallas Emergency
Response Network expands the reach of the Department's Homeland Security
Information Network (HSIN) initiative--a counterterrorism communications
tool that connects 50 states, five territories, Washington, DC, and 50
major urban areass to strengthen the exchange of threat information--to
critical infrastructure owners and operators in a variety of industries
and locations, first responders and local officials. As part of the
HSIN-CI pilot program, more than 25,000 members of the network will have
access to unclassified sector specific information and alert notifications
on a 24/7 basis.
Linux in the Trenches
On my initial visit to Jo Balderas' company in Ft. Worth, I spent a
fascinating morning with her and her son, Mike. Afterwards, I felt
like I had made a trip to visit friendly relatives. We sat and discussed
the intricacies of Linux and the commitments that the community brings.

Jo Balderas' company, YHD Software Inc., incorporates
the qualities of excellence in programming, innovation, security and
reliability. YDH Software Inc. exemplifies the intent of our nation's efforts to
help form small businesses in which innovation can flourish and jobs
can be created. We should be glad to know that open-source and free
software provides tools at low to no-cost that people can use to realize
their dreams and aspirations. It's nice to know it can happen even in
your home town.

Tom Adelstein lives in Dallas, Texas, with his wife, Yvonne, and
works as a Linux and open-source software consultant locally and nationally.
He's the co-author of the upcoming book Exploring the JDS
Linux Desktop, published by O'Reilly and Associates. Tom has
written numerous articles on Linux technical and marketing issues as a
guest editor for a variety of publications. His latest venture has him
working as the webmaster of JDSHelp.org.