doing business with esa working with classified information · technology and communications...

ESA UNCLASSIFIED – For Official Use

Stefano Zatti – ESA Security Office

Warsaw, 14 April 2014

DOING BUSINESS WITH ESA –

Working with Classified Information


1. Synergy: A basic security system protecting all assets and information, augmented by an additional capability to handle classified information

2. Holistic approach: Cover the five pillars of security: Physical, Personnel, Information Protection, Information Technology and Communications (INFOSEC) + BCDR

3. Necessity: Keep implementation at the minimum level necessary with respect to the assessed risks.

4. Division of powers: Separate the security policy and the control of its correct implementation from the implementation and operations of security

Security Principles at ESA


• Security Policy and Control of its correct implementation

• Head of the Office is the Head of the ESA Director General’s

Cabinet H/DGC, directly reporting to DG

• Managed by the ESA Security Office Manager, DGC-Y

• 4 officers: Infosec, Physical, Information Protection and BCM,

Personnel and Outreach + 2 administrative assistants

• Support from Legal Department for legal and technology export

issues

• Based at ESRIN in Frascati, Italy with Agency-wide scope

• Support ESA Executive in the ESA Security Committee

• Secure premises at ESRIN (Class I) for high levels of classification

(ESA Confidential and Secret)

The ESA Security Office


SECURITY POLICY DEFINITION

ESA Security Committee

ESA Executive =

ESA Security Office ESA Legal Dept

National Security Authorities

Of ESA Member States

ESA Director General


ESA Convention

ESA Security Agreement

ESA Security Regulations

ESA Security Directives ESA Generic PSI

ESA COMSEC Instructions

Physical Security Directives

Personnel Security Directives

Information Protection Directives

InfoSec Directives

Business Continuity Management Directives

SEC OPS

SEC OPS SEC

OPS SEC OPS

SEC OPS SEC

OPS SEC OPS

SEC OPS SEC

OPS

The ESA Security Framework –

Policy vs. Implementation


ESA UNCLASSIFIED INFORMATION ESA CLASSIFIED INFORMATION

Types of information in ESA


ESA UNCLASSIFIED

Refers by default to any information, document or material, whatever

the format or media, produced or acquired by ESA. As a general rule,

unclassified information is not to be made publicly available, unless

explicitly authorised.

Protected within a contractual framework

– ESA UNCLASSIFIED – For Official Use

By default.

– ESA UNCLASSIFIED – For Internal Use

Produced within the Agency and distributed within a limited framework,

not necessarily confined to the Agency.

ESA UNCLASSIFIED INFORMATION - 1


– ESA UNCLASSIFIED – Proprietary Information

Intellectual property rights remain with the originator.

– ESA UNCLASSIFIED ITT/TEB – For Internal Use

Limited Distribution

For the protection of ESA’s procurement processes

– ESA UNCLASSIFIED – Releasable to the Public

Can be released in public fora (internet, conference etc...).

Possible extra attention to the sensitivity of a document can be drawn

through an additional caveat marking “For SSA Programme Manager’’ /

‘‘Releasable to the Public starting 10/07/2013’’.

ESA Unclassified Information - 2


ESA CLASSIFIED INFORMATION

ESA Classified

Refers to any information, document or material, whatever the format

or media, produced or acquired by ESA, which is subject to a formal

security classification according to the ESA Security Regulations.

Protected within a legal framework

– ESA SECRET (PSC required)

– ESA CONFIDENTIAL (PSC required)

Applicable to information and material the unauthorised disclosure of

which could harm the essential interests of ESA or of one or more of its

Members States.

– ESA RESTRICTED (no PSC required)

ESA UNCLASSIFIED – For Official Use ESA UNCLASSIFIED – For Official Use

TABLE OF EQUIVALENCES

ESA ESA SECRET ESA CONFIDENTIAL ESA RESTRICTED

Austria Geheim Vertraulich Eingeschränkt

Belgium Secret (Loi 11.12.1998)

Geheim (Wet 11.12.1998) Confidentiel (Loi 11.12.1998)

Vertrouwelijk (Wet 11.12.1998) nota below1

Czech Republic Tajné Důvěrné Vyhrazené

Denmark Hemmeligt Fortroligt Til tjenestebrug

Finland SALAINEN

HEMLIG LUOTTAMUKSELLINEN

KONFIDENTIELL KÄYTTÖ RAJOITETTU

BEGRÄNSAD TILLGÅNG

France Secret Défense Confidentiel Défense nota below3

Germany Geheim VS2— Vertraulich VS — Nur für den

Dienstgebrauch

Greece Απόρρητο

Abr: (ΑΠ) Εμπιστευτικό

Αbr: (ΕΜ) Περιορισμένης Χρήσης

Abr: (ΠΧ)

Ireland Secret Confidential Restricted

Italy Segreto Riservatissimo Riservato

Luxembourg Secret Lux Confidentiel Lux Restreint Lux

The Netherlands Stg GEHEIM Stg CONFIDENTIEEL Dep. VERTROUWELIJK

Norway Hemmelig Konfidensielt Begrenset

Poland Tajne Poufne Zastrzeżone

Portugal Secreto Confidencial Reservado

Romania Strict secret Secret Secret de serviciu

Spain Reservado Confidencial Difusión Limitada

Sweden HEMLIG / SECRET or HEMLIG

HEMLIG / CONFIDENTIAL HEMLIG / RESTRICTED

Switzerland SECRET / GEHEIM / SEGRETO CONFIDENTIEL / VERTRAULICH /

CONFIDENZIALE

INTERNE / INTERN / AD USO

INTERNO

The United Kingdom UK Secret UK Official Sensitive

EU EU Secret EU Confidential EU Restricted


Process to adopt classification

within a project

ESA Security Regulations, section XIII on Industrial Security

• ESA will determine the aspects of an ESA program or element requiring security protection – this approach may be requested/required by a Member State participating in the project

• The ESA Security Committee and the appropriate ESA subordinate body will recommend the security classification to be accorded to each aspect area of the programme to ESA Council for approval

• The programme implementing rules … shall contain a Programme Security Instruction, containing a Programme Security Classification Guide (or as a minimum a “Security Aspect Letter”)


THE ESA GENERIC PSI:

a tool to adopt classification in a programme

• PSI: Programme Security Instructions

• Provide instructions on safeguarding of the ESA classified information and material that is

provided to or generated in the framework of an ESA Programme

• Based on the ESA security regulations

• Describes:

• Classification levels (ESA RESTRICTED, CONFIDENTIAL, SECRET)

• protection, handling, transportation, IT use of classified information at the

different levels

• Release of information

• International visits

• Contracting and subcontracting

• To be customized (in specially marked areas) for each ESA programme that will need to be

protected using the ESA classification system (e.g., (Galileo), EGEP, Egnos, SSA)

• Classification guide (Annex D) to provide all the details on which document or element

will get which classification level for the specific programme

• To be made applicable to an ESA classified contract, providing industry with all the details

they need to manage ESA information properly


Particular modalities for Classified

Procurement

• ESA only rarely issue classified Procurement ( main procurement was

for Galileo) but is fully equipped to that effect with detailed Security

Regulations & Directives , FSC and significant number of staff with

PSC’s.

• Classified Procurement can take two forms :

• The ITT issued by ESA include some classified parts: In this

case ESA will sue the Two Stage Tendering Procedure as

defined in Article 16 of the Procurement Regulations

• (part of ) the Tenders are expected to be classified : Dedicated

Security Evaluation Panel with cleared members

• IN some cases, ESA will select Non Competitive Procurement or

Restricted competition


The Classified ITT

• In the case of Classified ITT, ESA will select the two stage tendering

procedure with :

• The Non Classified part of the ITT will be issued on EMITS and

outline the need for tenderers to submit their offer in two

stage:

– A Request to Participate compliance with selection

criteria : in particular evidence of existing security

Clearance ( FSC,PSC’s) or at least a letter of NSA

confirming process of clearance is on going.

– ESA TEB will verify the fulfilment of security criteria and

make available through secured channels, the classified

part of the ITT.

– Proposal submission and evaluation as shown after


Classified proposal Submission

• Classified Proposal shall be submitted in two separate way

• For the Non classified part , through the standards means as

described in the General Conditions of Tender and specific

provisions of the ITT

• For the Classified part, in accordance with specific modalities

defined in the ITT derived from ESA security Directives and

providing for a secured transmission of the ITT.

• Classified Proposals will be evaluated as follows:

• Unclassified part of the Proposal by the TEB

• Classified Part of the Tender by a Security Panel composed of

ESA staff members with Personal Security Clearance.

• The Panel will report to the TEB its conclusions by providing

only unclassified information.


Classified ITT & TEB 1/6

• A Security Officer for the programme/project shall be proposed to

the Head of the ESA Security Office who will endorse the

appointment.

• The Security Officer shall be appropriately security cleared.

• The security officer shall ensure that all persons requiring access

to the ITT and TEB material classified RESTRICTED CRYPTO,

CONFIDENTIAL or higher is appropriately cleared prior to be given

access.



• Companies from ESA member states that have signed and ratified the ESA Security Agreement can participate in a classified ESA ITT (unless decided otherwise by the ESA Security Committee and the ESA Council when establishing the programme) provided they hold a Facility Security Clearance (FSC, or are in the process of obtaining one) and have appropriately cleared personnel (PSC).

• also valid for contracts related to works in ESA

establishments, sites etc…

• In case the company has a provisional facility security clearance it

must be ensured that the full FSC is granted not later than the

moment the contract is signed

• In case the company is in the process of obtaining an FSC it must

be ensured that the full FSC is granted not later than at signature

of contract



• It is the Security Office which makes the FSC verification with the

appropriate NSA by requesting a Facility Information Sheet (FIS).

• Companies holding a valid FSC can collect the classified data

package (if any) at the designated ESA Class 1 Area. The courier

must have a valid courier certificate.

• Companies not yet having a valid FSC can consult the classified

data package in a designated ESA Class 1 Area, provided the

persons concerned have a valid PSC and a valid RFV procedure

was concluded

• Classified ITTs shall have a clause that all classified data are

returned to ESA by companies not submitting a proposal, or by

companies not awarded a contract, 15 days after notification.



• All personnel in TOB, pre-TEB or TEB needing access to the

classified data, must be appropriately cleared.

• All elements of the proposals classified CONFIDENTIAL or higher

must be stored in a Class 1 Area and can only be consulted here.

• All meetings related to classified information CONFIDENTIAL or

higher shall take place in a Class 1 Area.



• The TEB Security Officer shall ensure that all MoM, reports and

notes generated during CLA meetings are verified, and receive

correct classification. He shall register these documents

accordingly.

• The TEB Security Officer shall ensure proper handling, registration,

distribution and/or transmission and destruction of the relevant

classified information.

- The TEB Security Officer shall ensure the appropriate return of the

relevant classified proposals if required.

doing business with esa working with classified information · technology and communications...

Documents