Deepwater in trouble, watchdog says

POGO says Coast Guard accepted new cutter without completing communications checks

The Coast Guard made a final acceptance of its first National Security Cutter this month without completing tests for key communications equipment on the boat, according to an investigation by a watchdog group.

The Coast Guard welcomed the $700 million cutter, named Bertholf, into its fleet on May 8 after many months of testing and operation. It is the largest asset produced thus far by the agency’s $24 billion Deepwater acquisition program.

However, key equipment needed for communications, referred to as Tempest capabilities, has not yet been installed on the Bertholf. The final testing will not be complete until those tests are performed in March 2010, Mandy Smithberger, national security investigator for the Project on Government Oversight watchdog group, wrote on her blog on May 21.

An important element of the Tempest suite is the Sensitive Compartmented Information Facility (SCIF), which she said has not yet been installed. Once installed, it will need to be tested. The Coast Guard has avoided talking about the problem and is putting Deepwater acquisitions at risk by making final acceptances without completing testing, Smithberger wrote.

The Coast Guard should “not only be more transparent about the problems that exist, but also be wary of ramping up other Deepwater assets until the Tempest is proven,” Smithberger wrote. Whistleblower Michael DeKort has been raising concerns about the Tempest issues in Deepwater since 2003.

Smithberger said she based her findings on an interview she held with Rear Adm. Gary Blore, assistant commandant for acquisition, on May 19.

“Adm. Blore told me that both the visual and the instrumented tests for the Tempest were completed in April. But follow-up questions on that statement suggest that it isn't the case at all,” Smithberger wrote. “Currently, the plan is to have the [SCIF] installed and operational in March 2010. When I asked a Coast Guard representative if they would have to conduct more testing following the SCIF's installation, they confirmed that they would.”

A Coast Guard spokesman referred a reporter to the acquisitions directorate, which did not respond to a request for comment.

The Coast Guard hired Lockheed Martin Corp. and Northrop Grumman Corp. as prime contractors and lead systems integrators for Deepwater in 2002. In 2007, the Coast Guard rejected eight patrol boats built under Deepwater due to structural problems. The Coast Guard took over as lead systems integrator shortly afterward.

About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.

Reader Comments

Mon, Jun 1, 2009 imispgh

Follow the money. If this is all on the up and up and the secret side really did pass the tests as stated then the CG should release the ECP for the SCIf along with the budget for it as well as all the TEMPEST test results, the requirements and the waivers. So far this misinformation campaign here looks just like the same thing that came out on the 123s before the truth , or at least some of it, was forced out in to the open. (If the NSC's waivers were built on the illegal Porter waivers from the 123 we should see that as well) The CG should also provide the information on what happened to the 353 critical NSC TEMPEST design flaws the Navy called out a couple years ago. Also please explain why the SCIF could not be designed in to the boat originally as well as define the tests that have to be run again on the secret side when the SCIF is in and tell us why it has taken so long and will take another year to finish.

Fri, May 29, 2009 RADM Gary T. Blore Washington D.C.

(Continued from previous comment)Following the SCIF installation, the cutter will undergo additional TEMPEST testing to ensure it remains in compliance with applicable standards. This will also consider any of the already installed equipment on Bertholf, and how it would affect the cutter’s overall TEMPEST posture. Once certified, the SCIF will enhance the intelligence capabilities of the cutter’s already operational systems.

This situation is no different than any other Coast Guard ship that had an existing TEMPEST certification and then received major communications or sensor equipment changes, which over the 30 plus year service life of a cutter is typical.

The Coast Guard takes TEMPEST and other Information Assurance requirements very seriously and ensures that all tests and certifications comply with federally established standards.

Fri, May 29, 2009 RADM Gary T. Blore Washington D.C.

Unfortunately, confusion remains regarding the differences between TEMPEST certification of Bertholf’s standard electronic communication systems, and the separate Sensitive Compartmented Information Facility (SCIF) equipment, which will be installed during the post shakedown availability. Important to this discussion is an understanding of what TEMPEST is—and isn’t. It is a set of federal standards to be met vice a specific capability, suite, or set of equipment to be installed.

Most Coast Guard cutters have “secure” (controlled access) areas that house classified communications and sensor systems that are required for the ship to complete its mission. Cutters with this capability must meet TEMPEST requirements and be certified to process classified information.

A SCIF is an area where sensitive kinds of classified information may be stored, used, discussed, and/or processed. A SCIF should not be confused with other secure areas that do not meet SCIF standards. The SCIF is separate from the other secure areas including the “Operations Center” of the NSC, where much of the cutter’s command and control activities will take place.

The SCIF on board Bertholf will be a first for the Coast Guard—no other current Coast Guard cutters are equipped with a SCIF and it was not part of the cutter’s pre-September 11, 2001, requirements or design. However, the need for a SCIF was identified following that tragic event. Therefore, during Bertholf’s construction, the SCIF space was designed and built starting in 2003. The SCIF installed sensors and communications equipment design began with the Navy in 2004. Our plan has been consistently to install the SCIF systems within that space following delivery and acceptance of the cutter. Suggestions that this post-delivery installation of the SCIF is the result of an error are not correct.

Completing the April TEMPEST testing of the cutter’s non-SCIF electronic communications systems, prior to installation of the SCIF, was the prudent and normal approach to ensure Bertholf’s suite of advanced mission systems could begin operation and service to the public. TEMPEST certification of those non-SCIF electronic communication systems, as-is, enables Bertholf to be fully interoperable with other Coast Guard ships, aircraft and communications systems, as well as with those of the Navy.

The SCIF is not necessary for Bertholf to be interoperable with Coast Guard, joint, and interagency partners. However, it will increase the cutter’s ability to perform some missions, compared with other Coast Guard cutters.
(Continued in next comment)

Thu, May 28, 2009 Doug

It would be useful (not to mention educational) if journalists would ask their nearest geek friend to proof their material. TEMPEST refers to the evaluation of equipment or an environment (like a SCIF) to identify and possibly mitigate any compromising emanations (electromagnetic waves, but carrying information). This is not new technology, nor is it a super-secret widget. But it is a royal pain to do, so waiting until any changes to the equipment and the phsical environment are complete before undertaking the expensive TEMPEST tests is entirely appropriate. This molehill needs to stay a molehill.

Tue, May 26, 2009 James Fairfax, VA

I found this article to be more confusing than helpful. I had to go to the source blog to understand the issue. TEMPEST is not a suite of equipment or capability. As explained in the blog posting, it is a standard against which the communications system(s) must be tested and validated.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above.

What is your e-mail address?

My e-mail address is:

Do you have a password?

Forgot your password? Click here

Washington Technology Daily

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.


contracts DB