CASE STUDIES: Public Policy
|
Companies across the nation rely on standards and conformance to increase efficiency, reduce cost, and boost market access for their products and services. Here are a few examples of how standards and conformance contribute to public policy objectives:
|
|
In 2004 Homeland Security Presidential Directive (HSPD) 12, Policy for a Common Identification Standard for Federal Employees and Contractors, was issued to address the lack of government‐wide secure identity mechanisms for federal employees and contractors. Under HSPD’s authority,
the National Institute of Standards and Technology (NIST) developed Federal Information Processing Standard (FIPS) 201, Personal Identity Verification (PIV) of Federal Employees and Contractors. The guideline was developed through a public-private partnership utilizing biometric standards developed by the InterNational Committee
for Information Technology Standards (INCITS) M1, Biometrics Technical Committee, and International Organization for Standardization/International Electrotechnical Commission Joint Technical Committee 1, Subcommittee 37, Biometrics, (ISO/IEC JTC 1 SC 37).
FIPS 201 defines a reliable, government‐wide PIV card as a smart‐card based solution with on‐card common credentials and authentication mechanisms that can be used to verify the identity of federal employees and contractors. To enable interoperability, NIST issued several special publications outlining the mandatory format
for biometric data carried in the PIV data model. The biometric records are required to be wrapped in a PIV instantiation metadata structure
specified in INCITS 398, Information Technology - Common Biometric Exchange Formats Framework (CBEFF).
INCITS 378, Information Technology - Finger Minutiae Format for Data Interchange,
and INCITS 381, Information Technology - Finger Image-Based Data Interchange Format, establishconformance requirements for fingerprint records.
And INCITS 385, Information Technology - Face Recognition Format for Data Interchange, definesconformance requirements for facial image records.
FIPS 201 also includes specifications of an optional iris biometric record, which affords an alternative to fingerprint-based authentication and chain-of-trust maintenance. Iris image requirements are based
on ISO/IEC 19794-6:2011, Information Technology - Biometric Data Interchange Formats - Part 6: Iris Image Data.
And specifications for on-card comparison leverage ISO/IEC 19794-2:2011, Information Technology - Biometric Data Interchange Formats - Part 2: Finger Minutiae Data.
According to the White House of Office of Management and Budget (OMB), as of September 1, 2012, over five million federal employees and contractors (over 97 percent of employees and 88 percent of contractors) have been issued PIV cards.
Want to learn more? Check out the full-length case study.
– InterNational Committee for Information Technology Standards (INCITS)
From 1999 to 2002, approximately 15,300 fires occurred annually where the first item ignited was a mattress and its bedding. These fires resulted in an annual average of 350 deaths, 1,750 injuries, and $295 million in property loss. In an effort to reduce deaths and property damage, the U.S. Consumer Product Safety Commission (CPSC) and the National Institute of Standards and Technology (NIST) joined forces to establish flammability standard 16 CFR Part 1633 .
The mandatory standard is designed to reduce the severity of mattress fires ignited by open flame sources such as candles, matches, lighters, and cigarettes. The CPSC estimates that 16 CFR Part 1633 prevents as many as 270 deaths, 1,330 injuries, and millions of dollars in property damage every year.
Want to learn more? Check out the full-length case study.
-National Institute of Standards and Technology, U.S. Department of Commerce
The Library of Congress (LoC) maintains records that archive historical or cultural collections as well as collections subject to mandatory archival under U.S. copyright law. In 2000, Congress appropriated $100 million for the National Digital Information Infrastructure and Preservation Program (NDIIPP) to be led by the LoC. The legislation called for the LoC to guide a public-private partnership in the development of a national approach to digital preservation. The goal was to collect, preserve, manage, and make available significant digital content, especially information that is created in digital form only, for current and future generations.
In order to evaluate each digital format and establish a decision-making framework for support/adoption of each format, the LoC developed seven sustainability factors: disclosure, adoption, transparency, self-documentation, external dependencies, impact of patents, and technical protection mechanisms. Using these seven sustainability factors, the LoC evaluated formats that were both promising and not promising for archiving. Consequently, file formats identified by the LoC as optimal for sustainability and long-term storage were created by standards development organizations (SDOs) and consortia. The formats initially adopted by the LoC fall into four basic content categories: still images (TIFF), sound (MP3), text (PDF), and moving images (MPEG). Over time, additional descriptions will be added to all categories and new categories will be added as new standards and digital formats evolve.
Want to learn more? Check out the full-length case study.
– Library of Congress and INCITS (the InterNational Committee for Information Technology Standards)
When Congress was initially working to pass the
Pipeline Safety Improvement Act of 2002 (PSIA) they wanted to apply the liquid integrity rule used for liquid pipelines to gas pipelines, which would require in-line inspection of the entire system every five years. However, gas pipelines transport a compressible fluid, may have significant diameter restrictions, and are more challenging to maintain than liquid lines. A gas rule similar to the liquid rule would have cost the industry many billions of dollars to retrofit the
pipelines and would have resulted in untold numbers of customer shut-offs to modify and inspect the lines.
In response, a coordinated public-private effort including pipeline operators, manufacturers, suppliers, consumers, and federal and state regulators
bought about the development of ASME B31.8S, Managing System Integrity of Gas
Pipelines ASME Code for Pressure Piping. After thorough technical studies and research, Congressional staff found this American National Standard (ANS)
vital to the success of the PSIA. The standard has become a cornerstone of the Act and has since aided in improving the safety and integrity of pipelines,
reducing accidents and injuries to workers, increasing regulator and consumer confidence in pipelines, and enhancing current and future infrastructure.
The net cost for the gas pipeline industry to implement PSIA utilizing ASME B31.8S is $4.7 billion over the next 20 years as compared with the initial estimated
cost of $10.9 billion over the same period – a $6.2 billion savings to industry and consumers.
Want to learn more? Check out the full-length case study.
– ASME (the American Society of Mechanical Engineers)
According to the U.S. Consumer Products Safety Commission (CPSC), during the 1980s electrical arc faults were associated with more than 40,000 home fires, claiming over 350 lives and causing 1,400 injuries annually. In 1992, the electrotechnical industry developed an Arc Fault Circuit Interrupter (AFCI) which continuously monitors current flow.
They worked with Underwriters Laboratories to publish UL 1699, Standard for Safety of Arc-Fault Circuit-Interrupters, in 1996 which provides testing, performance, and construction requirements for this critical equipment. AFCIs are also a requirement in the National Electrical Code (NEC), the model code for electrical wiring developed by the National Fire Protection Association (NFPA).
Standards and conformity assessment activities for AFCIs help protect against hazardous arc faults, saving lives and protecting property nationwide.
- National Electrical Manufacturers Association (NEMA)
India has over 1.2 billion residents, many of whom do not have identification documents, calling for the Indian government to launch one of the world’s largest identity assurance systems utilizing biometrics standards. In 2009 India established the Unique Identity Authority of India (UIDAI) to develop a system for resident identification. UIDAI developed the Aadhaar (translation: foundation) system, which allows social services, government agencies, financial institutions, and other registrars to collect basic biographic information as well as fingerprint, iris, and facial images from residents.
Authentication through the use of international biometric standards facilitated the success of the Aadhaar system. For example, ISO/IEC 19794, Information Technology - Biometric data interchange formats, provided specifications on biometrics for face, finger, and iris images used in e-passports. Aadhaar also utilized ISO/IEC 19794-2:2011, Information Technology - Biometric data interchange formats - Part 2: Finger minutiae data,
for authentication purposes. And ISO/IEC 19785, Information Technology - Common Biometric Exchange Formats Framework (CBEFF), for packaging the biometric data, provided common structure, metadata, and security guidelines.
The Aadharr system provides online, cost‐effective, ubiquitous authentication services using biometric tools. The use of biometrics improves de‐duplication accuracy using multiple modalities (ten fingerprints, two irises, and the face). Over sixty thousand active enrollment stations and sixty registrars across India are currently involved, including state governments and service providers, financial institutions, and the postal system. More than 200 million citizens from nearly all Indian states have been enrolled to date, and projections estimate that number will top 600 million by 2014.
Want to learn more? Check out the full-length case study.
International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC)
Following the terrorist attacks of September 11, 2001, there was an increased focus on using x-ray and gamma-ray screening technologies for homeland security applications. However, the international community found itself at a loss for comprehensive performance standards against which these technologies could be evaluated.
In 2005, the Department of Homeland Security (DHS) and the National Institute of Standards and Technology (NIST) launched an effort to identify and develop national voluntary consensus standards for the use of x-rays and gamma rays in the screening of carried items and human subjects at airline checkpoints, airline checked baggage, air cargo, and other venues, as well as the associated radiation safety concerns. The result was the development, renovation, and promulgation of x-ray safety (i.e., IEC 62523-2010, HPS N43.17-2009) and image performance (i.e., IEEE N42.44-2008, ANSI N42.46-2008) standards that significantly benefit passengers and users of air transportation services, government agencies, equipment manufacturers, and the international community – creating a safer air transportation infrastructure for all.
A conservative, rough-order-of-magnitude (ROM) estimate of the economic benefits associated with x-ray screening standards is in the hundreds of millions of dollars. For example, it is estimated that x-ray screening machines would be 40% more costly in the absence of consensus standards. If the average cost of an x-ray screening device is $300,000, and there are 6,000 in usage, an ROM estimate of savings to manufacturers is $720 million. And the total social benefits of air transportation security standards are higher since the ROM estimate only considers the direct beneficiaries of increased airline travel security.
The economic benefits of air transportation security also extend to indirect beneficiaries whose lives and business are more secure because air transportation is more secure, such as other potential terrorist targets like highrise buildings, nuclear power plants, and government buildings. In addition, significant efficiencies and savings are achieved by a reduction of the number of design versions of x-ray equipment as a result of common requirements, common measurement language, and common configuration controls provided by the standards.
Want to learn more? Check out the full-length case study.
– Security Industry Association (SIA)
Since its initial release in 1994, CP-01, Control Panel Standard –Features for False Alarm Reduction, has significantly contributed to the nearly 70 percent reduction in false intrusion alarms reported to law enforcement. Moreover, during the past 16 years, sales of new alarm system panels have doubled.
In the mid-1990s, the security industry was making huge technological advances in their residential and commercial security panels. However, market presence, consumer confidence, and law enforcement acceptance was undermined by the number of false alarms generated by user error. Among other issues, emergency buttons were too easily triggered, entry and exit times were being set to low, optional communication delays were not being utilized, and system resets were not sequenced properly after power failures. CP-01 addressed many of these problems, and the standard continues to be revised, most recently in May 2010, to meet ever-changing technological demands.
The CP-01 standard has not only allowed dealers, installers and monitoring companies to thrive in communities where local law enforcement had threatened to implement a non-response policy, it has also opened new business by boosting public confidence in the reliability of security systems and convincing officials in several areas to relax what had been very stringent response policies.
The success of the CP-01 panels in curtailing user errors and reducing false alarms was so profound that the National Sheriff’s Association and the International Association of Chiefs of Police passed simultaneous national resolutions recommending that all law enforcement jurisdictions require its use for new installations. As a result, hundreds of agencies have included such mandates in their ordinances, and at least three states have enacted laws requiring panels to be CP-01 compliant.
– Security Industry Association (SIA)
Harmonizing U.S. packaging machinery safety standards with international standards helps U.S. manufacturers compete globally with a common product design. Risk assessment is a requirement consistent with the E.U. directives.
Also, global consumer goods manufacturers are now requesting the machinery manufacturer share the documented risk assessment with the purchaser. This levels the playing field for all machinery manufacturers.
– Packaging Machinery Manufacturers Institute (PMMI)
In the post-9/11 environment, the U.S. Department of Homeland Security (DHS) faced public fears that a dirty bomb attack could cost billions of dollars, cause extensive environmental contamination, result in hundreds of fatalities and injuries, and take years of recovery. In response, DHS dramatically increased efforts to screen the vast amounts of cargo entering U.S. ports daily. While some of the equipment needed to monitor cargo was already on the market, it was not able to handle use in diverse settings, nor was it designed for use by non-specialists or first-responders.
In collaboration with DHS, industry, and other national laboratories, the National Institute of Standards and Technology (NIST) coordinated and integrated the work of the Institute of Electrical and Electronics Engineers (IEEE) Radiation Detection Standards Program N42 Committee to address radioactivity measurements, homeland security, and protection instrumentation for increased port security. The N42 Committee developed a suite of standards for radiation detection equipment from small, handheld detectors to massive, port-screening monitors that could be used easily by non-specialists and first responders to scan massive amounts of cargo for nuclear-radiological threats.
Today, users and vendors have access to standards that set performance requirements for radiation detection equipment based on homeland security needs; increase the effectiveness and efficiency of cargo, vehicle, and other screening processes; and reduce the risk of terrorist attacks on U.S. soil.
Want to learn more? Check out the full-length case study.
– National Institute of Standards and Technology, U.S. Department of Commerce