Embracing agile at the border

DHS components are discovering that transformation is best tackled one step at a time.

Border fence. Shutterstock image.

DHS components are discovering that transformation is best tackled one step at a time

U.S. border operations are entering a particularly turbulent period as presidential candidates turn the security issue into a campaign combat zone. Yet although immigration and border security debates reprise old arguments with little substantive change, the federal agencies that monitor immigration and U.S. borders are quietly undergoing a technological revolution.

Customs and Border Protection safeguards more than 100,000 miles of combined border and shoreline and 327 ports of entry using a bewildering array of technology — including aircraft and ground sensors, massive databases and back-office IT systems. After some unsuccessful attempts at wholesale reinvention, the agency has embraced the idea of making changes in incremental steps.

Deputy Commissioner Kevin McAleenan said CBP officials are turning to modular development and deployment techniques to take up the slack in a sluggish budget environment and maximize technology's impact. The agency's fiscal 2016 budget request was $13.5 billion (a slight increase from fiscal 2015), and according to the federal IT Dashboard, nearly $1.7 billion is earmarked for 61 IT projects.

"Agile is a core principle for IT" at CBP, McAleenan said. "We're pushing the envelope" to move away from traditional waterfall development and make "bite-sized, flexible contracting models" a core part of CBP's culture.

To illustrate that evolving culture, he pointed to the agency's rapid development and launch of the Automated Passport Control (APC) program at airports around the country. The system began with a 2013 trial at Canada's Vancouver International Airport, and now travelers at 40 domestic and a few international airports can use self-service kiosks to submit their customs declaration forms and biographical data instead of waiting in line to interact with an on-site customs officer.

McAleenan said officials chose to bypass a years-long waterfall development cycle in favor of issuing broad requirements and allowing companies to come up with solutions — a process that took less than a year. And the system has already helped bring passenger wait times in airport customs lines back down to 2012 levels, he added.

Big data with a purpose

He also highlighted CBP's Automated Commercial Environment (ACE), which will provide a "single-window" electronic portal for rail, sea and truck cargo manifests and serve as the primary system for the trade community to report information on imports and exports.

That's not a small job. CBP administered more than $1.5 trillion worth of U.S. exported goods and more than $2.4 trillion in imports in fiscal 2015 as more than 26.3 million imported cargo containers passed through the nation's ports of entry.

ACE has been developed and deployed in an incremental fashion over more than a decade and is set for full implementation by the end of the year. That modular process has allowed the project to continue despite delays for software development and other issues.

"The IT world is in transition," U.S. Citizenship and Immigration Services CIO Mark Schwartz told FCW. "Data used to be transactional. Now, more and more, a piece of data is analyzed many, many times. We've moved from transactional to data as an asset."

USCIS is responsible for processing visa and naturalization petitions, asylum and refugee applications, and other data-intensive decisions related to immigration cases. To help the agency invent new ways to use IT to achieve its mission, USCIS is seeking both a CTO and a deputy CIO who are DevOps- and agile-savvy.

"After years of data being locked in silos, we have been creating a [central] data warehouse, with reporting, analytics, ad hoc queries and statistical analysis," Schwartz said, adding that the shared resource will allow USCIS to execute its duties in ways that weren't possible in the past.

For instance, the agency's Electronic Immigration System (ELIS) will eventually consolidate all the agency's data systems — but not all at once and not through big, rigidly defined projects. The work must be tackled in smaller, iterative steps and harness agile development techniques and the cloud to be effective, he said.

And through it all, big data must have a purpose. "I'm not interested in putting data together for its own sake," he added.

Rejecting 'too big to fail'

The shift to faster, more efficient development techniques can involve some pain, however.

Last fall, the Washington Post ran a story about how, despite being 10 years into developing ELIS, USCIS had succeeded in making only a handful of the hundreds of immigration forms and other operations available electronically. The Government Accountability Office also criticized the program for its poor performance.

After the Washington Post story was published, however, DHS Secretary Jeh Johnson took the unusual step of issuing a statement in response. He contended that the system was far from the cautionary tale of mishandled federal IT that the article made it out to be.

Johnson said USCIS recognized that the initial system wasn't good enough as it was being developed, and the agency ditched the contractor working on the project and turned to agile techniques to create something much better.

"The result of these changes was a program and system that [have] little in common with the initial outdated attempt that was launched in 2006, beyond a shared name," Johnson said in his November 2015 statement. He added that the new system had processed 500,000 filings — or 16 percent of all immigration processing — and was on track to increase that total by 41 percent by the end of 2016.

In other words, DHS and USCIS officials realized they had a problem and solved it in a timely, iterative fashion rather than deeming it "too big to fail" and sticking with the status quo.

The willingness to reject tradition and embrace agile development has been taking hold at DHS without much fanfare. Its roots are particularly evident in the agency's acquisition efforts — a key area that sets the stage for future capabilities, according to McAleenan and Mark Borkowski, assistant commissioner of CBP's Office of Technology Innovation and Acquisition.

"Agile is a tremendous help," Borkowski said. "You can't go too fast — particularly in the information technology domain, which moves faster than we can keep up with." Agile is "scary and frustrating to the acquisition community, but it is extraordinarily effective in helping with the pace."

He added that agile methods force agencies to define their desired outcome rather than prescribe the specific path for getting there. "You have opportunities every couple of weeks" to change, he said. "The only place you need detail is in the near-term stuff."

The government has traditionally sought project specifics upfront and used extensive documentation, detailed baselines and other drawn-out processes, and Borkowski said that mindset makes it tricky to introduce agile into acquisition processes. However, the Federal Acquisition Regulation allows significant flexibility and some fuzziness in development cycles that can work to IT projects' advantage.

But it must be the right kind of fuzziness, he added. "As IT evolves, it's too tempting to say, 'Oh, we can do better' and keep adding stuff to a program without making a conscious decision because it serves a particular purpose," Borkowski said.

Learning from SBInet's failures

Such so-called scope creep loomed large in CBP's scotched multibillion-dollar SBInet border protection plan a few years ago, he said. The project also prompted the agency to begin shifting toward agile methodology.

SBInet sought to integrate personnel, infrastructure, technology and rapid response from DHS' four border and immigration component agencies — CBP, USCIS, Immigration and Customs Enforcement and the Coast Guard — into a single security system along the Mexican and Canadian borders.

The technology was supposed to include surveillance sensors, mobile capabilities, fixed observation towers, cameras, radar and unattended ground sensors. The data generated by those technologies would be consolidated in IT systems in a series of "smart towers" along the border, and personnel would use the data to assemble a "common operating picture" for border agents.

The project began in 2006 and collapsed in January 2011, when then-DHS Secretary Janet Napolitano said it couldn't meet its objective of providing a single, integrated technology solution for border security in a sensible, cost-effective, efficient manner.

By the time the project ground to a halt, the department had spent about $1 billion to construct a 28-mile-long pilot section and a 53-mile-long permanent segment of SBInet in Arizona.

According to Borkowski, tower installation couldn't really get going until the common operating picture was tested and modified, which proved to be a moving target, so the larger project of installing the surveillance towers was lost in the details of ever-shifting IT.

Taking a rigid approach to the complex process of specifying and buying technology can have a huge impact on an agency's operations because it comes with lengthy development toward a specific goal that is probably doomed to become outdated by the time it's reached, he added.

Borkowski is no stranger to big projects. He oversaw implementation of SBInet as executive director of the Secure Border Initiative Program Executive Office. Before joining CBP, he was the program executive for the Robotic Lunar Exploration Program at NASA, and he oversaw satellite programs during his 23-year career in the Air Force.

He said problems with big projects can often be traced to how the specifications were written, how an acquisition workforce operates or whether key stakeholders are willing to step back and take a more considered view of what they're doing. Throwing IT into the mix complicates things even more, he added.

"SBInet was a waterfall project," he said, but its successor — the Integrated Fixed Tower (IFT) program — has relied on agile methodology. "It wasn't called agile at the time," he said of SBInet's eventual evolution to IFT, but the change in approach was critical.

The first seven of a planned series of 52 IFTs on the Arizona/Mexico border completed testing last September. Ronald Vitiello, acting chief of the U.S. Border Patrol, certified IFT's operational requirements to Congress on March 1, paving the way for wider deployment.

Each unit consists of a fixed tower equipped with radar, electro-optical and infrared surveillance cameras, and power generation and communications equipment, which combine to enable continuous detection and tracking of activity of interest. The cost for the first seven IFTs is pegged at around $150 million.

McAleenan said CBP's efforts to get better technology faster and from more diverse sources are spreading. The APC project, for example, has a mobile sister app called Mobile Passport Control that was developed with help from the Airports Council International-North America. It is slated to operate in 20 high-volume U.S. airports by the end of the year.

Another mobile app will estimate border wait times for those entering the country, McAleenan said. And CBP is developing a wearable device to help the agency's canine officers monitor their dogs' health in severe heat and other dangerous weather conditions.

Such iterative efforts are essential to DHS components' ability to protect and manage U.S. borders, particularly as missions multiply and budget resources fail to keep pace, McAleenan said.

"Necessity is the mother of invention," he said.

NEXT STORY: DHS warns on old SAP vulnerability