Joint Doctrine for Operations Security97).pdf · such actions. C2W is a warfighting application of...
79
24 January 1997 Joint Doctrine for Operations Security Joint Pub 3-54
Transcript of Joint Doctrine for Operations Security97).pdf · such actions. C2W is a warfighting application of...
24 January 1997
Joint Doctrinefor
Operations Security
Joint Pub 3-54
PREFACE
i
1. Scope
This publication describes the use ofoperations security (OPSEC) in the planning,preparation, and execution of joint operations.Additionally, it provides the procedures forthe conduct of OPSEC surveys.
2. Purpose
This publication has been prepared underthe direction of the Chairman of the JointChiefs of Staff. It sets forth doctrine and togovern the joint activities and performanceof the Armed Forces of the United States injoint operations and provides the doctrinalbasis for US military involvement inmultinational and interagency operations. Itprovides military guidance for the exerciseof authority by combatant commanders andother joint force commanders and prescribesdoctrine for joint operations and training. Itprovides military guidance for use by theArmed Forces in preparing their appropriateplans. It is not the intent of this publication torestrict the authority of the joint forcecommander (JFC) from organizing the forceand executing the mission in a manner the JFCdeems most appropriate to ensure unity ofeffort in the accomplishment of the overallmission.
3. Application
a. Doctrine and guidance established inthis publication apply to the commandersof combatant commands, subunifiedcommands, joint task forces, and subordinatecomponents of these commands. Theseprinciples and guidance also may apply whensignificant forces of one Service are attachedto forces of another Service or whensignificant forces of one Service supportforces of another Service.
b. The guidance in this publication isauthoritative; as such, this doctrine (or JTTP)will be followed except when, in the judgmentof the commander, exceptional circumstancesdictate otherwise. If conflicts arise betweenthe contents of this publication and thecontents of Service publications, thispublication will take precedence for theactivities of joint forces unless the Chairmanof the Joint Chiefs of Staff, normally incoordination with the other members of theJoint Chiefs of Staff, has provided morecurrent and specific guidance. Commandersof forces operating as part of a multinational(alliance or coalition) military commandshould follow multinational doctrine andprocedures ratified by the United States. Fordoctrine and procedures not ratified by theUnited States, commanders should evaluateand follow the multinational command’sdoctrine and procedures, where applicable.
DENNIS C. BLAIRVice Admiral, US NavyDirector, Joint Staff
For the Chairman of the Joint Chiefs of Staff:
ii
Preface
Joint Pub 3-54
Intentionally Blank
TABLE OF CONTENTS
iii
PAGE
EXECUTIVE SUMMARY ............................................................................................. v
CHAPTER IGENERAL
• Policy........................................................................................................................ I-1• Definition.................................................................................................................. I-1• Characteristics of OPSEC......................................................................................... I-1• OPSEC Survey......................................................................................................... I-1• Fundamentals of Command and Control Warfare (C2W).......................................... I-2• OPSEC and Command and Control Warfare............................................................. I-3
CHAPTER IIOPSEC PLANNING
• General.................................................................................................................... II-1• OPSEC Planning Factors......................................................................................... II-1• OPSEC Planning and the Joint Operations Planning Processes................................. II-2
CHAPTER IIITHE OPSEC PROCESS
• General.................................................................................................................. III-1• The OPSEC Process............................................................................................... III-1
APPENDIX
A Examples of Critical Information..................................................................... A-1B The Intelligence Threat..................................................................................... B-1C OPSEC Indicators.............................................................................................. C-1D Operations Security Measures.......................................................................... D-1E Procedures for OPSEC Surveys........................................................................ E-1
ANNEX
A OPSEC Survey Planning Phase................................................................ E-A-1
TAB
A Composite OPSEC Profile for Combat Operations....................... E-A-A-1B Functional Outline and Profile Guideline for Intelligence
Collection Operations............................................................... E-A-B-1C Functional Outline and Profile Guideline for Logistics.................. E-A-C-1D Functional Outline and Profile Guideline for Communications..... E-A-D-1
iv
Table of Contents
Joint Pub 3-54
E Functional Outline and Profile Guideline for Operations.............. E-A-E-1F Functional Outline and Profile Guideline for Administration and Support................................................................................ E-A-F-1
B Field Survey Phase.................................................................................... E-B-1C Analysis and Reporting Phase................................................................... E-C-1
TAB
A Suggested Format for Final OPSEC Survey Report...................... E-C-A-1
F References....................................................................................................... F-1G Administrative Instructions.............................................................................. G-1
GLOSSARY
Part I Abbreviations and Acronyms....................................................................GL-1Part II Terms and Definitions.............................................................................. GL-3
FIGURE
I-1 Operations Security and Command and Control Warfare................................ I-4II-1 Deliberate Planning Process........................................................................... II-4II-2 Crisis Action/Campaign Planning Process..................................................... II-5III-1 The Operations Security (OPSEC) Process.................................................. III-2B-1 The Intelligence Cycle................................................................................... B-1E-A-A-1 Sample Composite OPSEC Profile for Combat Operations.............. E-A-A-2
EXECUTIVE SUMMARYCOMMANDER’S OVERVIEW
•
•
•
v
Discusses the Characteristics of Operations Security
Covers Operations Security Planning
Details the Operations Security Process
General
Operations Security (OPSEC) is a process of identifying criticalinformation and subsequently analyzing friendly actionsattendant to military operations and other activities to: (a)identify those actions that can be observed by adversaryintelligence systems; (b) determine what indicators adversaryintelligence systems might obtain that could be interpreted orpieced together to derive critical information in time to beuseful to adversaries; and (c) select and execute measures thateliminate or reduce to an acceptable level the vulnerabilitiesof friendly actions to adversary exploitation. OPSEC’s mostimportant characteristic is that it is a process and not acollection of specific rules and instructions that can beapplied to every operation. Therefore, OPSEC and securityprograms must be closely coordinated to ensure that all aspectsof sensitive operations are protected. Commanders must beprepared to assume some degree of risk because, in most cases,OPSEC entails the expenditure of resources. An OPSECsurvey is essential for identifying requirements foradditional measures and for making necessary changes inexisting measures. Command and control warfare (C2W) isthe integrated use of psychological operations, militarydeception, OPSEC, electronic warfare, and physicaldestruction, mutually supported by intelligence, to denyinformation to, influence, degrade, or destroy adversarycommand and control (C2) capabilities while protectingfriendly C2 capabilities against such actions. In C2W, thethreat to OPSEC is ultimately the adversary commander.Denial of critical information about friendly capabilities andlimitations may result in flawed command decisions that provedevastating to the adversary force. The emphasis of OPSECas a part of an overall C2W effort should be to deny criticalinformation necessary for the adversary commander toaccurately estimate the military situation. The intent of OPSECin C2W should be to force the adversary commander to make
Operations security(OPSEC) is concernedwith identifying,controlling, and protectingthe generally unclassifiedevidence that is associatedwith sensitive operationsand activities.
vi
Executive Summary
Joint Pub 3-54
faulty decisions based upon insufficient information and/or todelay the decision making process due to a lack of information.Planning and executing OPSEC measures require closecoordination with public affairs officers.
Joint OPSEC planning and execution occur as part of thecommand’s or organization’s C2W effort. The commander’sobjectives for C2W are the basis for OPSEC planning. OPSECis an operational function, not a security function. Planningmust focus on identifying and protecting critical information,and the ultimate goal of OPSEC is increased missioneffectiveness. OPSEC should be one of the factorsconsidered during the development and selection of friendlycourses of action. The termination of OPSEC measures mustbe addressed in the OPSEC plan in order to prevent futureadversaries from developing countermeasures to successfulOPSEC measures. There are three major planning processesfor joint planning. Plans are proposed under different processesdepending on the focus of a specific plan. The processes arelabeled either campaign, deliberate, or crisis action planning;however, they are interrelated. OPSEC plans are prepared aspart of all joint operation plans and orders.
The OPSEC process, when used in conjunction with the jointplanning processes, provides the information required to writethe OPSEC section of any plan or order. The OPSEC processconsists of five distinct actions: identification of criticalinformation, analysis of threats, analysis of vulnerabilities,assessment of risk, and application of appropriate OPSECmeasures. These actions are applied in a sequential mannerduring OPSEC planning, yet in some situations individualactions may be revisited at any time in order to update allplanning processes.
This publication describes the use of operations security in theplanning, preparation, and execution of joint operations.Additionally, it provides the procedures for the conduct ofOPSEC surveys.
To be effective, OPSECmeasures must beconsidered as early aspossible during missionplanning and then beappropriately revised tokeep pace with anychanges in currentoperations and adversarialthreats.
OPSEC planning isaccomplished through theuse of the OPSEC process.
CONCLUSION
OPSEC Planning
OPSEC Process
CHAPTER IGENERAL
I-1
operation or activity for the purpose ofdenying critical information to an adversary.
b. Unlike security programs that seek toprotect classified information, OPSEC isconcerned with identifying , controlling , andprotecting the generally unclassifiedevidence that is associated with sensitiveoperations and activities. OPSEC andsecurity programs must be closelycoordinated to ensure that all aspects ofsensitive operations are protected.
c. OPSEC acknowledges that commandersmust be prepared to assume some degreeof risk when choosing whether or not toexecute OPSEC measures. OPSEC measureswill, in most cases, entail the expenditure ofresources. In choosing to execute particularOPSEC measures, commanders must decidethat the assumed gain in secrecy outweighsthe costs in resources. If commanders decidenot to execute certain measures because thecosts outweigh the gain, then they areassuming risks. The OPSEC process requiresthat decision makers directly address howmuch risk they are willing to assume.
4. OPSEC Survey
An OPSEC survey is an intensive applicationof the OPSEC process to an existing operationor activity by a multi-disciplined team of experts.Surveys are essential for identifyingrequirements for additional measures and formaking necessary changes in existingmeasures. Appendix E, “Procedures for OPSECSurveys,” describes the procedures forconducting OPSEC surveys.
“If I am able to determine the enemy’s dispositions while at the same time Iconceal my own, then I can concentrate and he must divide.”
Sun Tzu,The Art of War , 400-320 BC
1. Policy
Policy for joint operations security(OPSEC) is established by the Chairman ofthe Joint Chiefs of Staff (CJCS) Instruction3213.01, “Joint Operations Security.”Reference should be made to that documentfor information concerning responsibilitiesrelating to joint OPSEC and for requirementsfor establishing joint OPSEC programs.
2. Definition
OPSEC is a process of identifying criticalinformation and subsequently analyzingfriendly actions attendant to militaryoperations and other activities to:
a. Identify those actions that can beobserved by adversary intelligence systems;
b. Determine what indicators hostileintelligence systems might obtain that couldbe interpreted or pieced together to derivecritical information in time to be useful toadversaries; and
c. Select and execute measures thateliminate or reduce to an acceptable levelthe vulnerabilities of friendly actions toadversary exploitation.
3. Characteristics of OPSEC
a. OPSEC’s most important characteristicis that it is a process. OPSEC is not acollection of specific rules and instructions thatcan be applied to every operation. It is amethodology that can be applied to any
I -2
Chapter I
Joint Pub 3-54
5. Fundamentals of Commandand Control Warfare (C2W)
a. C2W is the integrated use ofpsychological operations (PSYOP), militarydeception, OPSEC, electronic warfare (EW),and physical destruction, mutually supportedby intelligence, to deny information to,influence, degrade, or destroy adversarycommand and control (C2) capabilities whileprotecting friendly C2 capabilities againstsuch actions. C2W is a warfightingapplication of information warfare (IW) inmilitary operations and is a subset of IW.C2W applies across the range of militaryoperations and all levels of conflict. C2W isboth offensive and defensive.
• C2-attack. Prevent effective C2 ofadversary forces by denying informationto, influencing, degrading or destroyingthe adversary C2 system.
• C2-protect. Maintain effective C2 ofown forces by turning to friendlyadvantage or negating adversary effortsto deny information to, influence,degrade or destroy the friendly C2system.
b. C2W employs various techniques andtechnologies to attack or protect a specifictarget set — C2. C2W is applicable to bothwar and military operations other than war(MOOTW). C2W is planned and executedby combatant commanders, subunifiedcommanders, and joint task force commanders.C2W efforts are focused within a commanderof a combatant command’s area ofresponsibility or a commander, joint taskforce’s joint operations area and their area ofinterest (AOI). C2W is an essential part ofany joint military operation opposed orthreatened by an organized military orparamilitary force. It is an integral part of anoverall campaign plan. C2W applies to allphases of an operation, including those before,during and after actual hostilities.
c. The elements of C2W (PSYOP,military deception, OPSEC, EW, physicaldestruction) can support land, sea, air, andspace operations. Although C2W as definedis composed of these five elements, in practiceother warfighting capabilities may beemployed as part of C2W to attack or protecta C2 “target set.” The level of applicabilityof the various C2W elements is dependent onthe assigned mission and the circumstances,targets, and resources available. C2Wprovides a framework that promotessynergy between the individual elementsto produce a significant warfightingadvantage. Even in MOOTW, C2W offersthe military commander lethal and nonlethalmeans to achieve the assigned mission whiledeterring war and/or promoting peace.
d. Effective C2W provides to the jointforce commander (JFC) an ability to shapethe adversary commander’s estimate of thesituation in the theater of operations. It mayeven be possible to convince an adversary thatthe United States has “won” prior to engagingin battle, resulting in deterrence andpreempting hostilities.
e. A successful C2W effort will contributeto the security of friendly forces, bring theadversary to battle (if appropriate) at adisadvantage, help seize and maintain theinitiative, enhance freedom of maneuver,contribute to surprise, isolate adversary forcesfrom their leadership, and create opportunitiesfor a systematic exploitation of adversaryvulnerabilities.
f. Effective C2W operations influence,disrupt, or delay the adversary’s decisioncycle. This decision cycle is supported by aC2 system which does not merely consist ofa commander and the infrastructure tocommunicate orders. It encompasses all thecapabilities, thought processes, and actionsthat allow a commander to correctly observethe AOI; assess what those observations implyabout the operation; use assessments to make
I -3
General
timely, effective decisions; and communicatethose decisions as orders to subordinatecommanders to control the course of anoperation. The execution of orders on bothsides of an operation alters the situation inthe operational area. These changes, in turn,must be observed, assessed, and acted uponin a continuous process. This process canbe thought of as a “decision cycle.”
g. Synchronized C2W operations shouldenable a JFC to operate “inside” anadversary’s decision cycle by allowing theJFC to process information through the C2decision cycle faster than an adversarycommander. Initiative is fundamental tosuccess in military operations. In C2W, bothC2-attack and C2-protect operations
contribute to gaining and maintaining militaryinitiative.
h. For more information on C2W, see JointPub 3-13.1, “Joint Doctrine for Command andControl Warfare.”
6. OPSEC and Command andControl Warfare
See Figure I-1.
a. OPSEC is concerned with denyingcritical information about friendly forcesto the adversary. In C2W, the threat toOPSEC is ultimately the adversarycommander. Denial of critical informationabout friendly capabilities and limitations mayresult in flawed command decisions that provedevastating to the adversary force. The emphasisof OPSEC as a part of an overall C2W effortshould be to deny critical informationnecessary for the adversary commander toaccurately estimate the military situation. Theintent of OPSEC in C2W should be to force theadversary commander to make faulty decisionsbased upon insufficient information and/or todelay the decision making process due to a lackof information.
b. The inevitable presence of the newsmedia during military operationscomplicates OPSEC. As part of the globalinformation infrastructure, the news mediaportrays and offers commentary on militaryactivities on the battlefield—both preparatoryto and during battle. News media portrayalof military activities prior to hostilities canhelp to deter actual hostilities and/or buildpublic support for inevitable hostilities. Byportraying the presence of US and/or
Since the news media potentially can be a lucrative source of information toadversaries, OPSEC planners must work closely with public affairs personnel toavoid inadvertent disclosure of critical information.
I -4
Chapter I
Joint Pub 3-54
multinational military forces in or en routeto the operational area, news media storiescan demonstrate the readiness,commitment and resolve of the UnitedStates and its multinational partners tocommit military forces to battle if necessaryto protect US and/or multinational interests,lives, or property. However, the presence ofthe news media in the operational area, withthe capability to transmit information on areal-time basis to a worldwide audience, hasthe potential to be a lucrative source ofinformation to adversaries. OPSECplanners must keep these considerations inmind when determining which aspects of amilitary operation are “critical information”
Figure I-1. Operations Security and Command and Control Warfare
OPERATIONS SECURITY AND COMMANDAND CONTROL WARFARE
A methodology that can beapplied to any operation oractivity for the purpose ofdenying critical information toan adversary
Concerned with identifying,controlling, and protecting thegenerally unclassifiedevidence that is associatedwith sensitive operations andactivities
Deny critical informationnecessary for the adversarycommander to accuratelyestimate the military situation
Force the adversarycommander to make faultydecisions based uponinsufficient information and/orto delay the decision makingprocess due to lack ofinformation
Operations Security
Operations Security In Command andControl Warfare
that must be denied to the adversary. OPSECplanners must work closely with militarypublic affairs personnel to develop guidelinesthat can be used by both military and newsmedia personnel to avoid inadvertentdisclosure of critical information that could,ultimately, increase the risk to the lives ofUS and/or multinational military personnel.
c. Denial of critical information to theadversary commander contributes touncertainty and slows the adversary’s decisioncycle. Critical information can be hidden bysuch traditional OPSEC measures as actioncontrol, countermeasures, andcounteranalysis. Counterintelligence
I -5
General
appropriate level. In C2W, operationalplanners concerned with OPSEC shouldalso coordinate with C2 planners, EWplanners, and targeteers to deny criticalinformation to the adversary commander. TheOPSEC process may also identify for attackparticular adversary collection, processing,analysis, and distribution systems in order todeny the adversary commander criticalinformation by forestal l ing thatcommander’s ability to collect it.
support is an integral part of successfulOPSEC. PSYOP and military deceptionpersonnel also work closely with OPSECplanners to mutually support their respectiveefforts.
d. Critical information denied to anadversary can be replaced or refocused tosupport the commander’s goals throughmilitary deception and/or PSYOP, if use ofthose elements has been approved at the
I -6
Chapter I
Joint Pub 3-54
Intentionally Blank
CHAPTER IIOPSEC PLANNING
II-1
1. General
a. In order to prevent adversaries (orpotential adversaries) from gaining valuableintelligence about friendly operations, jointforces must plan and execute OPSECmeasures. To be effective, OPSEC measuresmust be considered as early as possible duringmission planning and then be appropriatelyrevised to keep pace with any changes incurrent operations and adversarial threats.
b. Joint OPSEC planning and executionoccur as part of the command’s ororganization’s C2W effort. The commander’sobjectives for C2W are the basis for OPSECplanning. In addition to directly supportingthe accomplishment of the commander’s
objectives, the use of OPSEC measures insupport of the other components of C2W mustalso be considered during OPSEC planning.
2. OPSEC Planning Factors
The following factors must be consideredwhen conducting OPSEC planning:
a. The commander plays the critical role.OPSEC planning guidance must be providedas part of the commander’s C2W planningguidance to ensure that OPSEC is consideredduring the development of friendly coursesof action (COAs).
b. OPSEC is an operational function,not a security function. OPSEC planning
“To keep your actions and your plans secret always has been a very goodthing . . . Marcus Crassus said to one who asked him when he was going tomove the army: ‘Do you believe that you will be the only one not to hear thetrumpet?”
Niccolo Machiavelli,The Art of W ar, 1521
While planning joint operations, including those requiring highly visible deployments,OPSEC measures must be considered as early as possible to prevent adversariesfrom gaining valuable intelligence.
II-2
Chapter II
Joint Pub 3-54
must be done by the operations planners.They are assisted by the organization’sOPSEC program personnel and appropriateplanners from other staff elements.Intelligence support is particularly importantin determining the threat to friendlyoperations and in assessing friendlyvulnerabilities.
c. Planning must focus on identifyingand protecting critical information.Denying all information about a friendlyoperation or activity is seldom cost effectiveor realistic.
d. The ultimate goal of OPSEC isincreased mission effectiveness. Bypreventing an adversary from determiningfriendly intentions or capabilities, OPSECreduces losses to friendly units and increasesthe likelihood of mission success.
e. OPSEC should be one of the factorsconsidered during the development andselection of friendly COAs. COAs will differin terms of how many OPSEC indicators willbe created and how easily those indicators canbe managed by OPSEC measures. Dependingupon how important maintaining secrecy isto mission success, OPSEC considerationsmay be a factor in selecting a COA.
“O divine art of subtlety and secrecy!Through you we learn to be invisible,through you inaudible; and hence holdthe enemy’s fate in our hands.”
Sun Tzu, c. 500 BCThe Art of W ar
f. OPSEC planning is a continuous process.During the execution phase of an operation,feedback on the success or failure of OPSECmeasures is evaluated and the OPSEC planis modified accordingly. Friendly intelligenceand counterintelligence organizations,communications security (COMSEC)monitoring, and OPSEC surveys are the primarysources for feedback information.
g. Public affairs officers shouldparticipate in OPSEC planning to providetheir assessments on the possible effects ofmedia coverage and for the coordination ofOPSEC measures to minimize those effects.
h. The termination of OPSEC measuresmust be addressed in the OPSEC plan toprevent future adversaries from developingcountermeasures to successful OPSECmeasures. In some situations, it may benecessary for the OPSEC plan to provideguidance on how to prevent the target of theOPSEC operation as well as any interestedthird parties from discovering sensitiveinformation relating to OPSEC during thepost-execution phase.
3. OPSEC Planning and theJoint Operation PlanningProcesses
a. Joint OPSEC Planning. OPSECplanning in support of joint operations isaccomplished through the application ofthe OPSEC process. The five actions thatcompose the OPSEC process are describedin detail in Chapter III, “The OPSECProcess.” Joint OPSEC planning is alwaysdone in conjunction with normal jointoperation planning and is a part of the overallC2W planning effort.
b. Planning Processes. There are threemajor planning processes for joint planning.Plans are proposed under different processesdepending on the focus of a specific plan. Theprocesses are labeled either campaign,deliberate, or crisis action planning, and areinterrelated. They are described in Joint Pub5-0, “Doctrine for Planning Joint Operations.”
c. The Deliberate Planning Process.OPSEC planning relates to the Joint OperationPlanning and Execution System (JOPES)deliberate planning process as shown inFigure II-1.
II-3
OPSEC Planning
d. The Crisis Action Planning Process.OPSEC planning relates to the JOPES crisisaction planning process as shown in FigureII-2.
e. The Campaign Planning Process
• Combatant commanders translatenational and theater strategy into strategicand operational concepts through thedevelopment of theater campaignplans. The campaign plan embodies thecombatant commander’s strategic visionof the arrangement of related operationsnecessary to attain theater strategicobjectives. Campaign planningencompasses both the deliberate andcrisis action planning processes. If thescope of contemplated operationsrequires it, campaign planning beginswith or during deliberate planning. Itcontinues through crisis action planning,thus unifying both planning processes.As stated in Joint Pub 1, “Joint Warfareof the Armed Forces of the UnitedStates,” “Campaign planning is done incrisis or conflict (once the actual threat,national guidance, and availableresources become evident), but the basisand framework for successful campaignsis laid by peacetime analysis, planning,and exercises.” The degree to which theamount of work accomplished indeliberate planning may serve as the corefor a campaign plan is directly dependenton the particular theater and objectives.
• Preparation of a campaign plan isappropriate when contemplatedmilitary operations exceed the scopeof a single major operation. Campaignplanning is appropriate to both deliberateand crisis action planning. Duringpeacetime deliberate planning,combatant commanders prepare jointoperation plans (OPLANs), includingcampaign plans, in direct response totaskings in the Joint Strategic Capabilities
Plan. Tasking for strategic requirementsor major contingencies may require thepreparation of several alternative plansfor the same requirement using differentsets of forces and resources to preserveflexibility. For these reasons, campaignplans are based on reasonableassumptions and are not normallycompleted until after the NationalCommand Authorities (NCA) selects thecourse of action during crisis actionplanning. Deliberate plans may includeelements of campaign planning;however, these elements will have to beupdated as in any deliberate plan used atexecution. Execution planning isconducted for the actual commitmentof forces when conflict is imminent. Itis based on the current situation andincludes deployment and initialemployment of forces. When a crisissituation develops, an assessment isconducted that may result in the issuanceof a CJCS WARNING ORDER. COAsare developed based on an existingOPLAN or operation plan in conceptformat (CONPLAN), if applicable. Thecombatant commander proposes COAsand makes any recommendations whenthe Commander’s Estimate is forwardedto the NCA. The NCA selects a COAand, when directed, the Chairmanissues a CJCS ALERT ORDER. Thecombatant commander now has theessential elements necessary forfinalizing the construction of a campaignplan using the approved COA as thecenterpiece of the plan. OPSEC planningis done the same as in crisis actionplanning (see Figure II-2).
f. OPSEC Plans Format. OPSEC plansare prepared as part of all joint operationplans and orders. The format is found inJoint Pub 5-03.2, “Joint Operation Planningand Execution System, Vol II: (Planning andExecution Formats and Guidance).”
II-4
Chapter II
Joint Pub 3-54
DELIBERATE PLANNING PROCESS
InitiationPhase I
Concept DevelopmentPhase II
Mission AnalysisStep 1
Planning GuidanceOPSEC Action 1 -- Identificationof Critical Information
Step 2
Staff EstimatesOPSEC Action 2 --
Analysis of ThreatsOPSEC Action 3 --
Analysis of Vulnerabilities
Step 3
Commander's EstimateOPSEC Action 4 --
Assessment of Risks
Step 4
Commander's ConceptStep 5
Chairman of the Joint Chiefs of StaffConcept Review
Step 6
Plan DevelopmentPhase III
Phase IV Plan Review
Phase V Supporting Plans
OPSEC Action 5 -- Application of Appropriate OPSEC Measures(This relates to those measures intended to protect the plan prior toits being implemented) *OPSEC = Operations Security
Figure II-1. Deliberate Planning Process
II-5
OPSEC Planning
CRISIS ACTION/CAMPAIGN PLANNINGPROCESS
Situation DevelopmentPhase I
Crisis AssessmentPhase II
Identification of CriticalInformation
OPSEC Action 1
Course of ActionDevelopment
Phase III
Phase V Execution Planning
Phase IV Execution
OPSEC Action 5 -- Application of AppropriateOPSEC Measures
Analysis of ThreatsOPSEC Action 2
Analysis ofVulnerabilities
OPSEC Action 3
Assessment of RisksOPSEC Action 4
Phase IV Course of ActionSelection
OPSEC = Operations Security
Figure II-2. Crisis Action/Campaign Planning Process
II-6
Chapter II
Joint Pub 3-54
THE “BLACK HOLE”: OPSEC DURING PLANNING
During the autumn of 1990, joint force air component commander (JFACC)planners merged the Air Force Component, Central Command (CENTAF) pre-deployment concept of operations with the INSTANT THUNDER concept toform the foundation for the Operation DESERT STORM plan for air operations.
Navy, USMC, and Army planners worked closely with Air Force (USAF) plannersin August and September to draft the initial offensive air plan. In Riyadh, NavyComponent, Central Command (NAVCENT), Marine Corps Component, CentralCommand (MARCENT), and Army Component, Central Command (ARCENT)were integral planning process members. Royal Air Force (RAF) plannersjoined the JFACC staff on 19 September.
CENTCOM’s offensive air special planning group (SP6), in the Royal Saudi AirForce (RSAF) headquarters, was part of the JFACC staff and eventually becameknown as the “Black Hole” because of the extreme secrecy surrounding itsactivities. The Black Hole was led by a USAF brigadier general, reassignedfrom the USS Lasalle (AGF 3) where he had been serving as the deputycommander of Joint Task Force Middle East when Iraq invaded Kuwait. Hissmall staff grew gradually to about 30 and included RAF, Army, Navy, USMC,and USAF personnel. By 15 September, the initial air planning stage wascomplete; the President was advised there were sufficient air forces to executeand sustain an offensive strategic air attack against Iraq, should he order one.However, because of operational security (OPSEC) concerns, most of CENTAFheadquarters was denied information on the plan until only a few hours beforeexecution.
SOURCE: Final Report to CongressConduct of the Persian Gulf W ar, April 1992
CHAPTER IIITHE OPSEC PROCESS
III-1
1. General
a. OPSEC planning is accomplishedthrough the use of the OPSEC process. Thisprocess, when used in conjunction with thejoint planning processes, provides theinformation required to write the OPSECsection of any plan or order. OPSEC planningis done in close coordination with the overallC2W planning effort and with the planningof the other C2W components.
b. The OPSEC process consists of fivedistinct actions. These actions are appliedin a sequential or adaptive manner duringOPSEC planning. In dynamic situations,however, individual actions may be revisitedat any time. New information about theadversary’s intelligence collectioncapabilities, for instance, would require a newanalysis of threats.
c. An understanding of the followingterms is required before the process can beexplained.
• Critical Information. Specific factsabout friendly intentions, capabilities,and activities vitally needed byadversaries for them to plan and acteffectively so as to guarantee failure orunacceptable consequences for friendlymission accomplishment.
• OPSEC Indicators. Friendly detectableactions and open-source information thatcan be interpreted or pieced together byan adversary to derive criticalinformation.
• OPSEC Vulnerability. A condition inwhich friendly actions provide OPSECindicators that may be obtained andaccurately evaluated by an adversary intime to provide a basis for effectiveadversary decision making.
2. The OPSEC Process
See Figure III-1 and Figure III-2.
a. OPSEC Action 1— Identification ofCritical Information
• While assessing and comparing friendlyversus adversary capabilities during theplanning process for a specific operationor activity, the commander and staffseek to identify the questions that theybelieve the adversary will ask aboutfriendly intentions, capabilities, andactivities. These questions are theessential elements of friendlyinformation (EEFI). In an operationplan or order, the EEFI are listed inAppendix 3 (Counterintelligence) toAnnex B (Intelligence).
• Critical information is a subset ofEEFI. It is only that information that isvitally needed by an adversary. Theidentification of critical information isimportant in that it focuses theremainder of the OPSEC process onprotecting vital information rather thanattempting to protect all classified orsensitive information.
“He passes through life most securely who has least reason to reproachhimself with complaisance toward his enemies.”
Thucydides,History of the Peloponnesian W ars, 404 BC
III-2
Chapter III
Joint Pub 3-54
• Critical information is listed in theOPSEC portion of an operation planor order. Some general categories ofcritical information are provided inAppendix A, “Examples of CriticalInformation.”
b. OPSEC Action 2 — Analysis of Threats
• This action involves the research andanalysis of intelligence information,counterintelligence, reports, and opensource information to identify who thelikely adversaries are to the plannedoperation.
• The operations planners, working withthe intelligence and counterintelligencestaffs and assisted by the OPSECprogram personnel, seek answers to thefollowing questions:
•• Who is the adversary? (Who has theintent and capability to take action againstthe planned operation?)
•• What are the adversary’s goals?(What does the adversary want toaccomplish?)
•• What is the adversary’s strategy foropposing the planned operation? (Whatactions might the adversary take?)
•• What critical information does theadversary already know about theoperation? (What information is it toolate to protect?)
•• What are the adversary’s intelligencecollection capabilities?
• Detailed information about theadversary’s intelligence collectioncapabilities can be obtained from thecommand’s counterintelligence andintelligence organizations. In additionto knowing about the adversary’scapabilities, it is important tounderstand how the intelligencesystem processes the information thatit gathers. Appendix B, “TheIntelligence Threat,” discusses thegeneral characteristics of intelligencesystems.
THE SEQUENTIALOPERATIONS SECURITY
(OPSEC) PROCESS
OPSEC ACTION 1
Identification of CriticalInformation
OPSEC ACTION 2
Analysis of Threats
OPSEC ACTION 3
Analysis ofVulnerabilities
OPSEC ACTION 4
Assessment of Risk
OPSEC ACTION 5
Application ofAppropriate OPSEC
Measures
Figure III-1. The Sequential OperationsSecurity (OPSEC) Process
III-3
The OPSEC Process
OPSEC ACTION OPSEC ACTION OSPSECACTION OPSEC ACTION OPSEC ACTIONOSPSEC ACTION OPSEC ACTION OPSECACTION OSPSEC ACTION OPSEC ACTIONOPSEC ACTION OSPSEC ACTION OPSECACTION OPSEC ACTION OSPSEC ACTIONOPSEC ACTION OPSEC ACTION OSPSECACTION OPSEC ACTION OPSEC ACTIONOSPSEC ACTION OPSEC ACTION OPSECACTION OSPSEC ACTION OPSECOPSEC
THE ADAPTIVE OPERATIONS SECURITY (OPSEC)PROCESS
CRITICAL INFO
VULNERABILITY
ASSESS RISKSAND
APPLY COUNTERMEASURES
THREAT
Figure III-2. The Adaptive Operations Security (OPSEC) Process
c. OPSEC Action 3 — Analysis ofVulnerabilities
“Little minds try to defend everythingat once, but sensible people look at themain point only; they parry the worstblows and stand a little hurt if therebythey avoid a greater one. If you try tohold everything, you hold nothing.”
Frederick the GreatThe Art of Modern W ar, 1940
• The purpose of this action is to identifyan operation’s or activity’s OPSECvulnerabilities. It requires examiningeach aspect of the planned operation toidentify any OPSEC indicators that couldreveal critical information and thencomparing those indicators with theadversary’s intelligence collectioncapabilities identified in the previousaction. A vulnerability exists when theadversary is capable of collecting anOPSEC indicator, correctly analyzing it,and then taking timely action.
• Continuing to work with the intelligenceand counterintelligence staffs, theoperations planners seek answers tothe following questions:
•• What indicators (friendly actions andopen source information) of criticalinformation not known to the adversarywill be created by the friendly activitiesthat will result from the plannedoperation?
•• What indicators can the adversaryactually collect?
•• What indicators will the adversary beable to use to the disadvantage of friendlyforces? (Can the adversary analyze theinformation, make a decision, and takeappropriate action in time to interferewith the planned operation?)
• See Appendix C, “OPSEC Indicators,”for a detailed discussion of OPSECindicators.
III-4
Chapter III
Joint Pub 3-54
d. OPSEC Action 4 — Assessment of Risk
• This action has two components. First,planners analyze the OPSECvulnerabilities identified in the previousaction and identify possible OPSECmeasures for each vulnerability. Second,specific OPSEC measures are selectedfor execution based upon a riskassessment done by the commander andstaff.
• OPSEC measures reduce the probabilityof the adversary either collecting theindicators or being able to correctlyanalyze their meaning.
•• OPSEC measures can be used to:(1) Prevent the adversary from detectingan indicator; (2) Provide an alternativeanalysis of an indicator; and/or (3)Attack the adversary’s collection system.
•• OPSEC measures include, amongother actions, cover, concealment,camouflage, deception, intentionaldeviations from normal patterns, anddirect strikes against the adversary’sintelligence system.
•• More than one possible measuremay be identified for eachvulnerability. Conversely, a singlemeasure may be used for more than onevulnerability. The most desirableOPSEC measures are those that combinethe highest possible protection with theleast effect on operational effectiveness.Appendix D, “Operations SecurityMeasures,” provides examples ofOPSEC measures.
• Risk assessment requires comparing theestimated cost associated withimplementing each possible OPSECmeasure to the potential harmful effectson mission accomplishment resultingfrom an adversary’s exploitation of aparticular vulnerability.
•• OPSEC measures usually entailsome cost in time, resources, personnel,or interference with normal operations.If the cost to mission effectivenessexceeds the harm that an adversary couldinflict, then the application of the measureis inappropriate. Because the decisionnot to implement a particular OPSECmeasure entails risks, this step requirescommand involvement.
When conducting joint operations, all personnel must understand the adversary'sintelligence collection capabilities and take action to deny the use of thosecapabilities.
III-5
The OPSEC Process
•• Typical questions that might beasked when making this analysisinclude the following: (1) What risk toeffectiveness is likely to occur if aparticular OPSEC measure isimplemented? (2) What risk to missionsuccess is likely to occur if an OPSECmeasure is not implemented? (3) Whatrisk to mission success is likely if anOPSEC measure fails to be effective?
•• The interaction of OPSECmeasures must be analyzed. In somesituations, certain OPSEC measures mayactually create indicators of criticalinformation. For example, thecamouflaging of previously unprotectedfacilities could be an indicator ofpreparations for military action.
• The selection of measures must becoordinated with the othercomponents of C2W. Actions such asjamming of intelligence nets or thephysical destruction of criticalintelligence centers can be used asOPSEC measures. Conversely, militarydeception and PSYOP plans may requirethat OPSEC measures not be applied to
certain indicators in order to project aspecific message to the adversary.
e. OPSEC Action 5 — Application ofAppropriate OPSEC Measures
• In this step, the command implementsthe OPSEC measures selected in Step4 or, in the case of planned futureoperations and activities, includes themeasures in specific OPSEC plans.
• During the execution of OPSECmeasures, the reaction of adversariesto the measures is monitored todetermine their effectiveness and toprovide feedback. Planners use thatfeedback to adjust ongoing activities andfor future OPSEC planning. Provisionsfor feedback must be coordinated withthe command’s intelligence andcounterintelligence staffs to ensure thatthe requirements to support OPSECreceive the appropriate priority. Inaddition to intelligence sources providingfeedback, OPSEC surveys can provideuseful information relating to the successof OPSEC measures.
A key action during the OPSEC process is to analyze potential vulnerabilities tojoint forces.
III-6
Chapter III
Joint Pub 3-54
Intentionally Blank
APPENDIX AEXAMPLES OF CRITICAL INFORMATION
A-1
This appendix provides general examplesof critical information. Several genericmilitary activities with some of theirassociated critical information are listed.These are only a few of the many types ofmilitary activities and their associated criticalinformation.
a. Diplomatic Negotiations
• Military capabilities (pretreaty andposttreaty)
• Intelligence verification capabilities
• Minimum negotiating positions
b. Politico-Military Crisis Management
• Target selection
• Timing considerations
• Logistic capabilities and limitations
• Alert posture
c. Military Intervention
• Intentions
• Military capabilities
• Forces assigned and in reserve
• Targets
• Timing
• Logistic capabilities and constraints
• Limitations
• Third-nation support arrangements
d. Counterterr orism
• Forces
• Targets
• Timing
• Staging locations
• Tactics
• Ingress and egress methods
• Logistic capabilities and constraints
e. Open Hostilities
• Force composition and disposition
• Attrition and reinforcement
• Targets
• Timing
• Logistic constraints
• Location of critical C2 nodes
f. Mobilization
• Intent to mobilize before publicannouncement
• Impact on military industrial base
• Impact on civil economy
• Transportation capabilities andlimitations
g. Intelligence, Reconnaissance, andSurveillance
A-2
Appendix A
Joint Pub 3-54
• Purpose of collection
• Targets of collection
• Timing
• Capabilities of collection assets
• Processing capabilities
• Unit requesting collection
h. Peacetime Weapons and OtherMilitary Movements
• Fact of movement
• Periodicity of movements
• Origin and destination of equipmentbeing moved
• Capabilities and limitations of equipmentbeing moved
• Extent of inventory of equipment beingmoved
i. Command Post or Field TrainingExercises
• Participating units
• OPLAN, CONPLANs, or othercontingencies that are being exercised
• Command relationships
• Command, control, communications, andcomputers connections and weaknesses
• Logistic capabilities and limitations
j. Noncombatant Evacuation Operations(Hostile Environment)
• Targets
• Forces
• Logistic constraints
• Safe havens
• Routes
• Timing
k. Counterdrug Operations
• Identity of military forces
• Law Enforcement Agency (LEA)involvement
• Military support to LEAs
• Host-nation cooperation
• Capabilities
• Timing
• Tactics
• Logistic capabilities and constraints
APPENDIX BTHE INTELLIGENCE THREAT
B-1
1. Introduction
Adversaries and potential adversariescollect and analyze information about USmilitary operations in order to determinecurrent capabilities and future intentions. Toperform this function, most adversaries havecreated intelligence organizations andsystems. The capabilities and levels ofsophistication of these threats differ greatly,but they all share certain core characteristics.The most important of these are howintelligence is developed and how it iscollected. This appendix will describe thosecharacteristics.
2. The Intelligence Cycle
All intelligence systems follow a process.This process begins with a consumer (acommander or decision maker) requestinganswers to certain questions and ends withthe intelligence system providing thoseanswers. Figure B-1 illustrates a typicalintelligence cycle (in this case, the intelligencecycle described in Joint Pub 2-0, “JointDoctrine for Intelligence Support toOperations”). Understanding the concept ofthe intelligence cycle is basic to understandingthe total adversary intelligence threat tofriendly operations in general and the specific
Figure B-1. The Intelligence Cycle
12
345
PLANNING ANDDIRECTION
DISSEMINATION COLLECTION
PROCESSINGPRODUCTION
THE INTELLIGENCE CYCLE
MISSION
B-2
Appendix B
Joint Pub 3-54
threat to the critical information that OPSECseeks to protect.
a. Planning and Direction
• Decision makers task their intelligencesystems to collect and assess informationabout their adversaries and potentialadversaries. These informationrequirements are the basis for intelligencecollection, evaluation, and reporting.
• These information requirements willnormally include any information thatwould allow the decision maker to betterunderstand an adversary’s goals,intentions, current capabilities, strengths,and weaknesses. At the operational andstrategic levels of war, decision makerswill want to know what their adversarycounterparts think; how they make theirdecisions; and their social, cultural,economic, and political beliefs and habits.
• Intelligence specialists take the decisionmaker’s information requirements and turnthem into specific intelligence taskings.
b. Collection
• After determining the taskings, theintelligence system will evaluate thecurrency and amount of informationalready at hand. If more or newerinformation is needed, collectionrequirements will be submitted to theappropriate collection resources.
• Information may be collected eitherovertly or clandestinely.
•• Overt collection may include suchactivities by military attaches assignedto embassies and the review of availableopen-source information.
•• Clandestine collection acquiresinformation while concealing thecollection effort and consists of espionageand technical means such as signals andimagery intelligence.
c. Processing. Collected information mustbe processed into a form that is suitable forthe production of intelligence. For example,imagery film must be developed and signalsmust be processed before they can beevaluated, analyzed, and interpreted forsignificance.
d. Production
• The still raw intelligence is evaluated foraccuracy, reliability, and credibility. It iscompared for consistency with knowndata and examined for meaningfulassociations by analyzing it against itshistorical background. It is combinedwith other information. The informationis analyzed, interpreted, and prepared forpresentation to the consumer. There arenumerous types of intelligence productsranging from informal briefings tomultivolume written studies.
• Generally, every product attempts toaddress the questions, “What is theadversary doing now?" and "What is itgoing to do next?” In many cases,because of inadequate collection orinsufficient time for processing andanalysis, intelligence analysts will not beable to provide unambiguous answers tothose questions. This phase of theintelligence cycle is still more art thanscience.
e. Dissemination. In this step, the productis delivered to the consumer. There are asmany forms of delivery as there are productsand consumers. Automated means arebecoming increasingly important in manyintelligence systems.
B-3
The Intelligence Threat
3. Intelligence Sources
a. Human Intelligence (HUMINT).HUMINT uses people to gain information thatis often inaccessible by other collectionmeans. Although it is the oldest and mostbasic form of intelligence collection,HUMINT remains significant because it isoften the only source with direct access to theopponent’s plans and intentions. ClandestineHUMINT collection is done in a fashion thatmaintains the secrecy of the collectionoperation.
b. Imagery Intelligence (IMINT)
• IMINT is derived from visualphotography, infrared sensors, lasers,electro-optics, and radar sensors. IMINTsystems can operate from land, sea, air,and/or space platforms. Imageryequipment is being improved constantly,and combinations of sensors are beingused to enhance the quality and timelinessof the intelligence product.
• An increasing number of countries arestarting to use photo reconnaissancesatellites. In addition to being a majorstrategic collection capability, they arebecoming an increasingly importantoperational and tactical capability. Thetraditional airborne IMINT platformsremain an important capability for thosecountries without access to satelliteimagery.
c. Signals Intelligence (SIGINT).SIGINT is derived from communication(COMINT), electronics (ELINT), and foreigninstrumentation signals (FISINT).
• COMINT is technical and intelligenceinformation derived from foreigncommunications by other than theintended recipients. Prime COMINTsources include clear voice(nonencrypted) telephone and radio
communications and unencryptedcomputer-to-computer data communications.
• ELINT is technical or geolocationintelligence derived from foreign non-communications electromagneticradiations emanating from other thannuclear detonations or radioactivesources. Radars are the primary ELINTsource.
• FISINT is derived from the intercept andanalysis of electronically transmitted datacontaining measured parameters ofperformance, such as a ballistic missile’sperformance during a test flight.
d. Measurement and SignatureIntelligence (MASINT). MASINT isscientific and technical intelligence obtainedby the quantitative and qualitative analysis ofdata (metric, angle, spatial, wavelength, timedependence, modulation, plasma, andhydromagnetic) derived from specifictechnical sensors for the purpose of identifyingany distinctive features associated with thesource, emitter, or sender and to facilitatesubsequent identification and/or measurementof the same. MASINT includes otherintelligence sources such as acousticalintelligence, laser intelligence, and nuclearintelligence.
e. Open Source Intelligence (OSINT).OSINT is information of potential intelligencevalue that is available to the general public.OSINT is available from such sources as thenews media, public affairs announcements,unclassified government documents andpublications, public hearings, and contractsand contract-related material.
f. Technical Intelligence (TECHINT).TECHINT is derived from the exploitationof foreign materiel. It results from the analysisof captured or otherwise obtained foreignequipment.
B-4
Appendix B
Joint Pub 3-54
Intentionally Blank
APPENDIX COPSEC INDICATORS
C-1
1. OPSEC Indicators
OPSEC indicators are those friendly actionsand open sources of information thatadversary intelligence systems can potentiallydetect or obtain and then interpret to derivefriendly critical information.
2. Basic OPSEC IndicatorCharacteristics
An indicator’s characteristics are thoseelements of an action or piece of informationthat make it potentially useful to an adversary.There are five major characteristics.
a. Signature
• A signature is the characteristic of anindicator that makes it identifiable orcauses it to stand out. Key signatureproperties are uniqueness and stability.Uncommon or unique features reduce theambiguity of an indicator and minimizethe number of other indicators that mustbe observed to confirm a singleindicator’s significance.
• An indicator’s signature stability,implying constant or stereotypedbehavior, can allow an adversary toanticipate future actions. Varying thepattern of behavior decreases thesignature’s stability and thus increases theambiguity of the adversary’s observations.
• Procedural features are an important partof any indicator signature and mayprovide the greatest value to an adversary.They identify how, when, and where theindicator occurs and what part it plays inthe overall scheme of operations andactivities.
b. Associations
• Association is the relationship of anindicator to other information oractivities. It is an important key to anadversary’s interpretation of ongoingactivity. Intelligence analystscontinuously compare their currentobservations with what has been seen inthe past in an effort to identify possiblerelationships.
• For example, a distinctive piece ofground-support equipment known to beused for servicing strategic bombersmight be observed at a tactical fighterbase. An intelligence analyst couldconclude that a strategic bomber presencehas been or will be established there. Theanalyst will then look for other indicatorsassociated with bombers to verify thatconclusion.
• Another key association deals withcontinuity of actions, objects, or otherindicators that may register as patternsto the observer or analyst. Suchcontinuity may not be the result ofplanned procedures but may resultinstead from repetitive practices orsequencing to accomplish a goal.
• If, for example, the intensive generationof aircraft sorties is always preceded bya maintenance standdown to increaseaircraft readiness, detecting andobserving the standdown may allow theadversary analyst or observer to predictthe subsequent launch activity.Moreover, based on past patterns of thelength of such standdowns, the analystmay be able to judge the scope of thesortie generation.
C-2
Appendix C
Joint Pub 3-54
• Another type of association that is usefulto intelligence analysts is organizationalpatterns. Military units, for example, areoften symmetrically organized. Thuswhen some components are detected,others that are not readily apparent canbe assumed to exist.
• For example, an intelligence analystknows that a particular army’s infantrybattalions are organized with threeinfantry companies, a headquarterscompany, and a weapons company. Ifonly the headquarters company and oneinfantry company are currently beingdetected, the presence of the other knownbattalion components will be stronglysuspected. Thus in some situations, apattern taken as a whole can be treatedas a single indicator, simplifying theintelligence problem.
c. Profiles
• Each functional activity generates its ownset of more-or-less unique signatures andassociations. The sum of these signaturesand associations is the activity’s profile.An activity’s profile is usually unique.Given enough data, intelligence analystscan determine the profile of any activity.Most intelligence organizations seek toidentify and record the profiles of theiradversary’s military activities.
• The profile of an aircraft deployment, forexample, may be unique to the aircrafttype or mission. This profile, in turn, hasseveral subprofiles for the functionalactivities needed to deploy the particularmission aircraft (e.g., fuels, avionics,munitions, communications, air trafficcontrol, supply, personnel, andtransportation).
• The observation of a unique profile maysometimes be the only key that an
intelligence analyst needs to determinewhat type of operation is occurring, thusminimizing the need to look harder foradditional clues. Such unique profilescut the time needed to make accurateintelligence estimates. As a result,profiles are the analytical tools.
d. Contrasts
• Contrasts are any differences that areobserved between an activity’s standardprofile and its most recent or currentactions. Contrasts are the most reliablemeans of detection because they dependon differences to established profiles.They also are simpler to use because theyneed only to be recognized, notunderstood.
• Deviations from normal profiles willnormally attract the interest ofintelligence analysts. They will want toknow why there is a change and attemptto determine if the change meansanything significant.
• In the previous example of the distinctivebomber-associated ground supportequipment at a fighter base, theintelligence observer might ask thefollowing questions.
•• Have bombers been deployed atfighter bases before? At this particularfighter base? At several fighter basessimultaneously?
•• If there have been previous bomberdeployments, were they routine or didthey occur during some period of crisis?
•• If previous deployments have beenmade to this base or other fighter bases,how many bomber aircraft weredeployed?
C-3
OPSEC Indicators
•• What actions occurred while thebombers were deployed at the fighterbases?
•• What is happening at other fighter andbomber bases? Is this an isolated incidentor one of many changes to normalactivity patterns?
• Although the detection of a singlecontrast may not provide intelligenceanalysts with a total understanding ofwhat is happening, it may result inincreased intelligence collection effortsagainst an activity.
e. Exposure
• Exposure refers to when and for how longan indicator is observed. The duration,repetition, and timing of an indicator’sexposure can affect its relativeimportance and meaning. Limiting theduration and repetition of exposurereduces the amount of detail that can beobserved and the associations that can beformed.
• An indicator (object or action) thatappears over a long period of time willbe assimilated into an overall profile andassigned a meaning. An indicator thatappears for a short time and does notappear again may, if it has a high interestvalue, persist in the adversary intelligencedata base or, if there is little or no interest,fade into the background of insignificantanomalies. An indicator that appearsrepeatedly will be studied carefully as acontrast to normal profiles.
• Because of a short exposure time, theobserver or analyst may not detect keycharacteristics of the indicator the firsttime it is seen, but he can formulatequestions and focus collection assets toprovide answers if the indicator isobserved again.
• Repetition of the indicator in relationshipto an operation, activity, or exercise willadd it to the profile even if the purposeof the indicator is not understood by theadversary. Indicators limited to a singleisolated exposure are difficult to detectand evaluate.
3. Examples of Indicators
The following paragraphs provideexamples of indicators that are associated withselected military activities and information.This short list only scratches the surface ofthe almost infinite sources of indicatorsassociated with the wide range of US militaryoperations and activities that could beexploited by an adversary. This list is designedprimarily to stimulate thinking about whatkinds of actions can convey indicators thatbetray critical information for specific friendlyoperations or activities.
a. Indicators of General Military ForceCapabilities
• The presence of unusual type units for agiven location, area, or base.
• Friendly reactions to adversary exercisesor actual hostile actions.
• Actions, information, or materialassociating Reserve components withspecific commands or units (e.g.,mobilization and assignment of Reservepersonnel to units).
• Actions, information, or materialindicating the levels of unit manning aswell as the state of training andexperience of personnel assigned.
• Actions, information, or materialrevealing spare parts availability forequipment or systems.
C-4
Appendix C
Joint Pub 3-54
• Actions, information, or materialindicating equipment or systemreliability (e.g., visits of technicalrepresentatives or special repair teams).
• Movement of aircraft, ships, and groundunits in response to friendly sensordetections of hostile units.
• Actions, information, or materialrevealing tactics, techniques, andprocedures employed in different typesof training exercises or during equipmentor system operational tests andevaluations.
• Stereotyped patterns in performing theorganizational mission that reveal thesequence of specific actions or when theyare accomplished.
b. Indicators of General C2 Capabilities
• Actions, information, or materialproviding insight into the volume oforders and reports needed to accomplishtasks.
• Actions, information, or materialshowing unit subordination fordeployment, mission, or task.
• Association of particular commanderswith patterns of behavior under stress orin varying tactical situations.
• Information revealing problems ofcoordination between the commander’sstaff elements.
• In exercises or operations, indications ofthe period between the occurrence of aneed to act or react and the action takingplace, of consultations that occur withhigher commands, and of the types ofactions initiated.
• Unusual actions with no apparentdirection reflected in communications.
c. General Indicators from CommunicationsUsage
• Alert and maintenance personnel usinghandheld radios or testing aircraft orvehicle radios.
• Establishing new communications nets.These might reveal entities that haveintrinsic significance for the operation oractivity being planned or executed.Without conditioning to desensitizeadversaries, the sudden appearance ofnew communications nets could promptthem to implement additional intelligencecollection to discern friendly activitymore accurately.
• Suddenly increasing traffic volume or,conversely, instituting radio silence whenclose to the time of starting an operation,exercise, or test. Without conditioning,unusual surges or periods of silence maycatch adversaries’ attention and, at aminimum, prompt them to focus theirintelligence collection efforts.
• Using static call signs for particular unitsor functions and unchanged orinfrequently changed radio frequencies.This usage also allows adversaries tomonitor friendly activity more easily andadd to their intelligence data base forbuilding an accurate appreciation offriendly activity.
• Using stereotyped message characteristicsthat indicate particular types of activitythat allow adversaries to monitor friendlyactivity more easily.
• Requiring check-in and checkout withmultiple control stations before, during,and after a mission (usually connectedwith air operations).
C-5
OPSEC Indicators
d. Sources of Possible Indicators forEquipment and System Capabilities
• Unencrypted emissions during tests andexercises.
• Public media, particularly technicaljournals.
• Budget data that provide insight into theobjectives and scope of a system researchand development effort or the sustainabilityof a fielded system.
• The equipment or system hardware itself.
• Information on test and exerciseschedules that allows adversaries to betterplan the use of their intelligencecollection assets.
• Deployment of unique units, targets, andsensor systems to support tests associatedwith particular equipment or systems.
• Unusual or visible security imposed onparticular development efforts thathighlight their significance.
• Information indicating special manningfor tests or assembly of personnel withspecial skills from manufacturers knownto be working on a particular contract.
• Notices to mariners and airmen thatmight highlight test areas.
• Stereotyped use of location, procedures,and sequences of actions when preparingfor and executing test activity for specifictypes of equipment or systems.
• Use of advertisements indicating that acompany has a contract on a classifiedsystem or component of a system,possesses technology of militarysignificance, or has applied particularprinciples of physics and specific
technologies to sensors and the guidancecomponents of weapons.
e. Indicators of Preparations forOperations or Activities. Many indicatorsmay reveal data during the preparatory, ascompared to the execution, phase ofoperations or activities. Many deal withlogistic activity.
• Provisioning of special supplies forparticipating elements.
• Requisitioning unusual volumes ofsupply items to be filled by a particulardate.
• Increasing prepositioning of ammunition,fuels, weapon stocks, and other classesof supply.
• Embarking special units, installingspecial capabilities, and preparing unitequipment with special paint schemes.
• Procuring large or unusual numbers ofmaps and charts for specific locations.
• Making medical arrangements,mobilizing medical personnel, stockpilingpharmaceuticals and blood, andmarshalling medical equipment.
• Focusing friendly intelligence andreconnaissance assets against a particulararea of interest.
• Requisitioning or assigning increasednumber of linguists of a particularlanguage or group of languages from aparticular region.
• Initiating and maintaining unusual liaisonwith foreign nations for support.
• Providing increased or tailored personneltraining.
C-6
Appendix C
Joint Pub 3-54
• Holding rehearsals to test concepts ofoperation.
• Increasing the number of trips andconferences for senior officials and staffmembers.
• Sending notices to airmen and marinersand making airspace reservations.
• Arranging for tugs and pilots.
• Requiring personnel on leave or libertyto return to their duty locations.
• Having unusual off-limits restrictions.
• Preparing units for combat operationsthrough equipment checks as well asoperational standdowns in order toachieve a required readiness level forequipment and personnel.
• Making billeting and transportationarrangements for particular personnel orunits.
• Taking large-scale action to change mailaddresses or arrange for mail forwarding.
• Posting such things as supply delivery,personnel arrival, transportation, orordnance loading schedules in a routinemanner where personnel without a need-to-know will have access.
• Storing boxes or equipment labeled withthe name of an operation or activity orwith a clear unit designation outside acontrolled area.
• Employing uncleared personnel tohandle materiel used only in particulartypes of operations or activities.
• Providing unique or highly visiblephysical security arrangements for
loading or guarding special munitions orequipment.
• Requesting unusual or increasedmeteorological, oceanographic, or iceinformation for a specific area.
• Setting up a wide-area network (WAN)over commercial lines.
f. Sources of Indicators During theExecution Phase
• Unit and equipment departures fromnormal bases.
• Adversary radar, sonar, or visualdetections of friendly units.
• Friendly unit identifications throughCOMSEC violation or physical observationof unit symbology.
• Force composition and tracks or routesof advance that can be provided byemissions from units or equipment andsystems that provide identifying data.
• Stereotyped procedures; static andstandard ways of composing, disposing,and controlling strike or defensiveelements against particular threats; andpredictable reactions to enemy actions.
• Alert of civilians in operational areas.
• Trash and garbage dumped by units orfrom ships at sea that might provide unitidentifying data.
• Transportation of spare parts or personnelto deploying or deployed units or viacommercial aircraft or ship.
• Changes in oceanography high frequencyfacsimile transmissions.
C-7
OPSEC Indicators
• Changes in the activity over WAN.
g. Indicators of Postengagement ResidualCapabilities
• Repair and maintenance facilitiesschedules.
• Urgent calls for maintenance personnel.
• Movement of supporting resources.
• Medical activity.
• Unusual resupply and provisioning of anactivity.
• Assignment of new units from otherareas.
• Search and rescue activity.
• Personnel orders.
• Discussion of repair and maintenancerequirements in unsecure areas.
• Termination or modification ofprocedures for reporting of unclassifiedmeteorological, oceanographic, or iceinformation.
C-8
Appendix C
Joint Pub 3-54
Intentionally Blank
APPENDIX DOPERATIONS SECURITY MEASURES
D-1
The following OPSEC measures areoffered as a guide only. Development ofspecific OPSEC measures is as varied as thespecific vulnerabilities they are designed tooffset.
a. Operational and Logistic Measures
• Randomize the performance of functionsand operational missions. Avoidrepetitive or stereotyped tactics andprocedures for executing operations oractivities in terms of time, place, eventsequencing, formations, and C2arrangements.
• Employ force dispositions and C2 controlarrangements that conceal the location,identity, and command relationships ofmajor units.
• Conduct support activities in a way thatwill not reveal intensification ofpreparations before initiating operations.
• Transport supplies and personnel tocombat units in a way that conceals thelocation and identity of the combat units.
• Operate aircraft at low altitude to avoidradar detection.
• Operate to minimize the reflectivesurfaces that units or weapon systemspresent to radars and sonars.
• Use darkness to mask deployments orforce generation.
• Approach an objective “out of the sun”to prevent detection.
b. Technical Measures
• Use radio communications emissioncontrol, low-probability-of-intercepttechniques and systems, traffic flowsecurity, padding, flashing light or flaghoist, ultra high frequency relay viaaircraft, burst transmission technologies,secure phones, landline, and couriers.Limit use of high frequency radios anddirectional super-high frequencytransponders.
• Control radar emission, operate atreduced power, operate radars commonto many units, assign radar guard to unitsdetached from formations or to air earlywarning aircraft, and use anechoiccoatings.
• Mask emissions or forces from radar orvisual detection by use of terrain (suchas mountains and islands).
• Maintain sound silence or operate atreduced power, proceed at slow speeds,turn off selected equipment, and useanechoic coatings.
• Use screen jamming, camouflage,smoke, background noise, added sourcesof heat or light, paint, or weather.
c. Administrative Measures
• Avoid bulletin board, plan of the day, orplanning schedule notices that revealwhen events will occur.
• Conceal budgetary transactions, supplyrequests and actions, and arrangements
D-2
Appendix D
Joint Pub 3-54
for services that reveal preparations foractivity.
• Conceal the issuance of orders, themovement of specially qualifiedpersonnel to units, and the installation ofspecial capabilities.
• Control trash and garbage dumping orother housekeeping functions to concealthe locations and identities of units.
• Follow normal leave and liberty policiesto the maximum extent possible beforean operation starts in order to preserve asense of normalcy.
• Ensure that personnel discretely preparefor their families’ welfare in their absenceand that their families are sensitized totheir potential abrupt departure.
d. Military Deception In Support ofOPSEC
• Military deception can be an effectiveOPSEC measure, provided that priorcoordination is accomplished whenactions will affect other commanders.Military deception can be used tofacilitate the following.
•• Cause adversary intelligence to fail totarget friendly activity; collect againsttargeted tests, operations, exercises, orother activities; or determine throughanalysis vital capabilities andcharacteristics of systems and vital
aspects of policies, procedures, doctrine,and tactics.
•• Create confusion about, or multipleinterpretations of, vital informationobtainable from open sources.
•• Cause a loss of interest by foreign andrandom observers in test, operation,exercise, or other activity.
•• Convey inaccurate locating andtargeting information to opposing forces.
• In accordance with CJCSI 3211.01A,“Joint Military Deception,” commandersare authorized to conduct militarydeception:
•• To support OPSEC during thepreparation and execution phases ofnormal operations, provided that priorcoordination is accomplished for actionsthat will affect other commanders; and
•• When the commander’s forces areengaged or are subject to imminentattack.
e. Physical Destruction and ElectronicWarfare. During hostilities, use physicaldestruction and electronic attack against theadversary’s ability to collect and processinformation. C2W actions that can be usedin support of OPSEC includes strikes againstan adversary’s satellites, SIGINT sites, radars,fixed sonar installations, reconnaissanceaircraft, and ships.
APPENDIX EPROCEDURES FOR OPSEC SURVEYS
E-1
1. General
a. The purpose of an OPSEC survey is tothoroughly examine an operation or activityto determine if adequate protection fromadversary intelligence exploitation exists.
b. Ideally, the operation or activity beingsurveyed will be using OPSEC measures toprotect its critical information. The OPSECsurvey is used as a check on how effectivethe measures are. The survey will determineif the critical information identified during theOPSEC planning process is being protected.
c. A survey cannot be conducted until afteran operation or activity has at least identifiedits critical information. Without a basis ofidentified critical information, there can beno specific determination that actual OPSECvulnerabilities exist.
2. Uniqueness
a. Each OPSEC survey is unique. Surveysdiffer in the nature of the information requiringprotection, the adversary collection capability,and the environment of the activity to besurveyed.
b. In combat, a survey’s emphasis must beon identifying operational indicators thatsignal friendly intentions, capabilities, and/orlimitations and that will permit the adversaryto counter friendly operations or reduce theireffectiveness.
c. In peacetime, surveys generally seek tocorrect weaknesses that disclose informationuseful to potential adversaries in the event offuture conflict. Many activities, such asoperational unit tests, practice alerts, andmajor exercises, are of great interest to a
potential adversary because they provideinsight into friendly readiness, plans, crisisprocedures, and C2 capabilities that enhancethat adversary’s long-range planning.
3. OPSEC Surveys VersusSecurity Inspections
a. OPSEC surveys are different fromsecurity evaluations or inspections. A surveyattempts to produce an adversary’s view ofthe operation or activity being surveyed. Asecurity inspection seeks to determine if anorganization is in compliance with theappropriate security directives andregulations.
b. Surveys are always planned andconducted by the organization responsible forthe operation or activity that is to be surveyed.Inspections may be conducted withoutwarning by outside organizations.
c. OPSEC surveys are not a check on theeffectiveness of an organization’s securityprograms or its adherence to securitydirectives. In fact, survey teams will beseeking to determine if any security measuresare creating OPSEC indicators.
d. Surveys are not punitive inspections, andno grades or evaluations are awarded as aresult of them. Surveys are not designed toinspect individuals but are employed toevaluate operations and systems used toaccomplish missions.
e. To obtain accurate information, a surveyteam must depend on positive cooperation andassistance from the organizations participatingin the operation or activity being surveyed.If team members must question individuals,observe activities, and otherwise gather data
E-2
Appendix E
Joint Pub 3-54
during the course of the survey, they willinevitably appear as inspectors, unless thisnonpunitive objective is made clear.
f. Although reports are not provided to thesurveyed unit’s higher headquarters, OPSECsurvey teams may forward to senior officialsthe lessons learned on a nonattribution basis.The senior officials responsible for theoperation or activity then decide to furtherdisseminate the survey’s lessons learned.
4. Types of Surveys
There are two basic kinds of OPSECsurveys; command and formal.
a. A command survey is performed usingonly command personnel and concentrates onevents within the particular command.
b. A formal survey requires a survey teamcomposed of members from inside and outsidethe command and will normally crosscommand lines (after prior coordination) to
survey supporting and related operations andactivities. Formal surveys are initiated by aletter or message stating the subject of thesurvey, naming the team leader and members,and indicating when the survey will beconducted. Commands, activities, andlocations to be visited may also be listed, withthe notation that the team may visit additionallocations if required during the field portionof the survey.
c. Both types of surveys follow the samebasic sequence and procedures that areestablished in the annexes to this appendix.
5. Survey Execution
a. Careful prior planning, thorough datacollection, and thoughtful analysis of theresults are the key phases of an effectiveOPSEC survey.
b. The following annexes describe the threephases of an OPSEC survey.
ANNEX A TO APPENDIX EOPSEC SURVEY PLANNING PHASE
E-A-1
Preparations for an OPSEC survey mustbegin well in advance of the field surveyphase. The required lead time will depend onthe nature and complexity of the operationand activities to be surveyed (combatoperations, peacetime operational activity, orother type of operation). Sufficient time mustbe allotted in the planning phase for a thoroughreview of pertinent documentation, for formaland informal coordination and discussions,and for the careful preparation of functionaloutlines. The following actions normallymake up the planning phase.
a. Determine the Scope of the Survey.The scope of the survey should be defined atthe start of the planning phase and be limitedto manageable proportions. Limitations willbe imposed by geography, time, units to beobserved, funding, and other practical matters.
b. Select Team Members
• Regardless of the survey’s external orinternal focus, the team should containmultidisciplined expertise. Survey teammembers should be selected for theiranalytical, observational, and problem-solving abilities.
• Since surveys are normally oriented tooperations, the senior member should beselected from the operations (orequivalent) staff of the commanderresponsible for conducting the survey.
• Typical team members would representthe functional areas of intelligence,security, communications, logistics,plans, and administration. Whenappropriate, specialists from otherfunctional areas, such as transportationand public affairs, will participate.
• When communications monitoring isplanned as part of the survey, themonitoring group’s leader should bedesignated as a member of the OPSECsurvey team. Team members must bebrought together early in the planningphase to ensure timely, thoroughaccomplishment of the tasks outlinedbelow.
c. Become Familiar with SurveyProcedures. Designating team members withsurvey experience is advantageous, but isoften not possible. In such cases, teammembers will require familiarization withsurvey procedures.
d. Determine the Adversary IntelligenceThreat. The adversary threat to the activitiesto be surveyed must be evaluated carefullyand realistically. An all-source threatassessment should comprehensively addressthe adversary intelligence capability, takinginto account not only the adversary’scollection capabilities (see Appendix B, “TheIntelligence Threat”) but also the adversary’sability to exploit the collection results in atimely manner.
e. Understand the Operation or Activityto be Surveyed. The team members’thorough understanding of the operation oractivity to be surveyed is crucial to ensuringthe success of subsequent phases of the survey.Team members should become familiar withthe operation plans, orders, standard operatingprocedures, or other directives bearing on thesurveyed operation or activity. This initialreview familiarizes team members with themission and concept of operation andidentifies most of the organizationsparticipating in the surveyed activity (othersmay be identified as the survey progresses).
E-A-2
Annex A to Appendix E
Joint Pub 3-54
f. Conduct Empirical Studies
• Empirical studies simulate aspects of theadversary intelligence threat and supportvulnerability findings. These studies alsohelp the survey team identifyvulnerabilities that cannot be determinedthrough interviews and observation. Theresults of these studies are useful to thesurvey team during the field or analyticphase of the survey.
• An example of an empirical study issignals monitoring. Computer modelingor other laboratory simulations of theenemy threat may also be useful to thesurvey team. These studies are usuallyperformed by organizations external tothe one sponsoring the OPSEC surveyteam. Arrangements for their use shouldbe made as far in advance of the surveyas possible.
g. Develop a Functional Outline
• A basic OPSEC survey techniqueinvolves the construction of a chronologyof events that are expected to occur inthe surveyed operation or activity. Eventsare assembled sequentially, thus creatinga timeline that describes in detail theactivities or plans of an operation oractivity.
• Chronologies should first be constructedfor each separate functional area, suchas operations, communications, logistics,or administration. This functionalapproach aids the team members indefining their separate areas of inquiryduring the field or data collection phaseof the survey. Later, the functionaloutlines can be correlated with each otherto build an integrated chronology of theentire operation or activity (see Tab A,“Composite OPSEC Profile for CombatOperations”).
• After the chronology is assembled,vulnerabilities can be identified in lightof the known or projected threat.
• During the initial review of operationplans, orders, and procedures, individualteam members can begin to developfunctionally oriented outlines for theirareas of interest. Initially, the outlineswill be skeletal projections, in a narrative,table, or graph format, of what is expectedto occur in the chronology for a particularfunctional area (see Tabs B through F).
• Such projections can serve as planningaids for the subsequent field surveyphase. For example, units and facilitiesassociated with each of the events can beidentified and geographically grouped toaid in planning the travel itinerary of teammembers during the field survey.Collectively, the initial functionaloutlines provide a basis for planning thefield survey phase and constitute a basisfor observation and interviews.
• During the field survey phase, teammembers will acquire additionalinformation through observation,interviews, and other data-collectiontechniques, enabling further developmentand refinement of the functional outlines.
• Collectively, the outlines project a time-phased picture of the events associatedwith the planning, preparation, execution,and conclusion of the operation oractivity. The outlines also provide ananalytic basis for identifying events andactivities that are vulnerable to adversaryexploitation.
h. Determine Preliminary FriendlyVulnerabilities. After the adversaryintelligence threat and the OPSEC indicatorsare determined, a subjective evaluation mustbe made of the potential friendly
E-A-3
OPSEC Survey Planning Phase
vulnerabilities. A vulnerability (e.g., adetectable, exploitable event) may or may notcarry a security classification at the time ofits identification, but such preliminaryvulnerabilities must be protected fromdisclosure by administrative or securitycontrols. These preliminary friendlyvulnerabilities will be refined in later stagesof the OPSEC survey.
i. Announce the Survey
• After team members are selected and arefamiliar with the operation or activity tobe surveyed, the organization conductingthe survey should inform its subordinateand supporting organizations that asurvey will be conducted so thatpreparations can be made to support theteam during the field survey phase.
• The following information should beincluded:
•• Survey purpose and scope.
•• List of team members and theirclearances.
•• List of required briefings andorientations.
•• Timeframe involved.
•• Administrative support requirements.
•• Signals security (SIGSEC) monitoringsupport requirements (if needed).
E-A-4
Annex A to Appendix E
Joint Pub 3-54
Intentionally Blank
TAB A TO ANNEX A TO APPENDIX ECOMPOSITE OPSEC PROFILE FOR COMBAT OPERATIONS
E-A-A-1
Figure E-A-A-1 provides a samplecomposite OPSEC profile for combatoperations. As illustrated by this sample, aprofile can be constructed to display the event-time-agency data of significant information
collected during an OPSEC survey. OPSECsurvey personnel should use a compositeOPSEC profile or similar tool to assist inidentifying unit or mission OPSEC indicators.
E-A-A-2
Tab A to Annex A to Appendix E
Joint Pub 3-54
CO
MP
OS
ITE
OP
SE
C P
RO
FIL
E:
BR
IGA
DE
CO
MB
AT
AS
SA
ULT
(HO
UR
S)
-24
-23
-22
-21
-20
-19
-18
-17
-16
-15
-14
-13
-12
-11
-10
-9-8
-7-6
-5-4
-3-2
-1H
AD
MIN
1711
INT
EL
L3 4
12 13
OP
S15
1624
LOG
28
9 10
CO
MM
S1
5 6 7
1418
1920
2122
23
1. 2. 3. 4. 5. 6. 7. 8. 9. 10.
11.
12.
1100
:12
33:
1310
:13
20:
1405
:14
06:
1430
:17
05:
1800
:
1850
:19
30:
1940
:
War
ning
ord
er o
ver
unse
cure
tel
epho
ne a
t T
F H
Q.
AF
sup
ply
orde
r 15
00 x
500
lb b
ombs
.S
2 or
der
for
100
x 1:
12,5
00 m
aps
of o
bjec
tive
area
.R
econ
flig
ht o
ver
fore
st c
lear
ings
in o
bjec
tive
area
.A
rtill
ery
net
activ
ated
; w
arni
ng t
o m
ove
tube
s.B
rigad
e m
aint
enan
ce n
et u
nusu
ally
act
ive.
Dus
toff
net
disc
lose
d es
tabl
ishm
ent
of f
ield
aid
sta
tion.
12 x
slin
g-lo
aded
CH
-47s
arr
ived
at B
rigad
e re
ar.
3 x
C-1
23s
off-
load
ing
woo
den
crat
es (
prob
ably
art
iller
yro
un
ds)
.5
x C
-123
s of
f-lo
adin
g fu
el d
ough
nuts
.T
wo
troo
ps o
f 1-
9th
Air
Cav
rel
ease
d to
rea
r on
per
sona
lbu
sine
ss "
in t
ime
to r
etur
n fo
r th
e op
erat
ion.
"S
niffe
r fli
ght
in o
bjec
tive
area
.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
1944
:19
21:
2100
:22
30:
2315
:23
40:
0030
:01
30:
0230
:03
30:
0430
:04
55:
AR
DF
flig
ht o
bser
ved
in o
bjec
tive
area
.LR
RP
rad
io D
F'd
in o
bjec
tive
area
.P
athf
inde
rs a
ssem
ble
outs
ide
Brig
ade
brie
fing
tent
.A
rtill
ery
firin
g H
&I
in o
bjec
tive
area
for
firs
t tim
e.C
hapl
ain
hold
ing
serv
ices
nea
r fo
rwar
d po
sitio
ns.
New
fre
quen
cy/c
ell
sign
hea
rd.
New
NC
S p
olic
ies
chat
ters
for
firs
t tim
e.M
ore
new
fre
quen
cies
/cal
l sig
ns;
man
y co
mm
sch
ecks
.O
nly
activ
e st
atio
ns in
Brig
ade
rear
.N
ear
com
plet
e ra
dio
sile
nce.
Com
plet
e ra
dio
sile
nce.
Man
y fla
res.
Fig
ure
E-A
-A-1
. S
ampl
e C
ompo
site
OP
SE
C P
rofil
e fo
r C
omba
t Ope
ratio
ns
TAB B TO ANNEX A TO APPENDIX EFUNCTIONAL OUTLINE AND PROFILE GUIDELINEFOR INTELLIGENCE COLLECTION OPERATIONS
E-A-B-1
The completed profile reflects a picture ofthe intelligence collection effort. Intelligencecollection is normally one of the firstfunctional areas to present indicators of animpending operation or activity.
a. Planned Event Sequence. Seeintelligence collection plan prepared byintelligence staff element.
b. Actual Event Sequence. Observeevents in the operation center.
c. Analysis. Determine any OPSECvulnerabilities. If vulnerabilities exist,determine whether they exist because of anerror or because they are the result of normalprocedures.
d. Examples of Typical Indicators
• Appearance of specialized intelligencecollection equipment in a particular area.
• Increased traffic on intelligencecommunications nets.
• Increased manning levels and/or workhours in intelligence facilities.
• Increased research activity by knownintelligence activities and personnel inlibraries and electronic data bases.
• Increased activity of friendly agent nets.
• Increased levels of activity by airborneintelligence systems.
• Alterations in the orbits of intelligencesatellites.
• Interviews with nongovernmental subjectmatter experts conducted by intelligencepersonnel.
• Requests for maps and other topographicmaterial.
E-A-B-2
Tab B to Annex A to Appendix E
Joint Pub 3-54
Intentionally Blank
TAB C TO ANNEX A TO APPENDIX EFUNCTIONAL OUTLINE AND PROFILE GUIDELINE
FOR LOGISTICS
E-A-C-1
The completed logistic profile presents apicture of logistic activities conducted inpreparation for an impending operation. Asin the administration function, the long leadtime for some preparations gives earlywarning of forthcoming operations if eventsare compromised.
a. Planned Event Sequence. See logisticannex to OPLAN.
b. Actual Event Sequence. Observation,interviews.
c. Analysis. As in other functional areas.
d. Examples of Typical Indicators
• Special equipment issue.
• Prepositioning of equipment andsupplies.
• Increased weapons and vehiclemaintenance.
• Petroleum, oils, and lubricants stockpiling.
• Upgrading lines of communications.
• Ammunition stockpiling.
• Delivery of special munitions anduncommon munitions (discloses possiblenature of operation).
• Arrival of new logistic units andpersonnel.
• Increased requisition of supplies.
• Increased traffic on logistics communicationsnets.
• Changes in normal delivery patterns.
E-A-C-2
Tab C to Annex A to Appendix E
Joint Pub 3-54
Intentionally Blank
TAB D TO ANNEX A TO APPENDIX EFUNCTIONAL OUTLINE AND PROFILE GUIDELINE
FOR COMMUNICATIONS
E-A-D-1
In addition to presenting a picture of its ownfunctional area, friendly communications alsoreflect all other functional areas.Communications surveillance andcommunications logs for all functional netsare important tools in evaluating thisfunctional area as well as other functionsinvolved.
a. Planned Event Sequence. OPLAN,operation order (OPORD), signal operationinstructions, or standing signal instruction.
b. Actual Event Sequence. Communicationsmonitoring and communications logs.
c. Analysis. As in other functional areas.
d. Examples of Typical Indicators
• Increased radio, teletype, and telephonetraffic.
• Increased communications checks.
• Appearance of new stations in net.
• New frequency and call-signassignments.
• New codes and authenticators.
• Radio silence.
• Changing callup patterns.
• Use of maintenance frequencies to testequipment.
• Communications command postexercises.
• Appearance of different cryptographicequipment and materials.
E-A-D-2
Tab D to Annex A to Appendix E
Joint Pub 3-54
Intentionally Blank
TAB E TO ANNEX A TO APPENDIX EFUNCTIONAL OUTLINE AND PROFILE GUIDELINE
FOR OPERATIONS
E-A-E-1
The completed profile of operationalactivities reflects events associated withtactical combat units as they prepare for anoperation.
a. Planned Event Sequence. OPLAN,OPORD, standing operating procedure(SOP).
b. Actual Event Sequence. Observations,reports, messages, interviews.
c. Analysis. As in other functional areas.
d. Examples of Typical Indicators
• Rehearsals and drills.
• Special-tactics refresher training.
• Appearance of special-purpose units
(bridge companies, forward air controllers,pathfinders, mobile weather units).
• Pre-positioning of artillery and aviationunits.
• Artillery registration in new objectivearea.
• Complete cessation of activity in area inwhich reconnaissance activity previouslytook place.
• Appearance of new attached units.
• Issuance of new equipment.
• Changes in major unit leadership.
• Repositioning of maneuver units.
E-A-E-2
Tab E to Annex A to Appendix E
Joint Pub 3-54
Intentionally Blank
TAB F TO ANNEX A TO APPENDIX EFUNCTIONAL OUTLINE AND PROFILE GUIDELINE
FOR ADMINISTRATION AND SUPPORT
E-A-F-1
The completed profile of administrative andsupport events shows activities taking placebefore the operation, thereby giving advancewarning.
a. Planned Event Sequence. Derive fromunit SOPs and administrative orders.
b. Actual Event Schedule. Observationsand interviews.
c. Analysis. As in other functional areas.
d. Examples of Typical Indicators
• Release of groups of personnel orcomplete units for personal affairs.
• Runs on exchanges for personal articles,cleaning, and other items.
• Changes to wake-up and mess schedules.
• Changes to mailing addresses.
• New unit designators on mail.
• Emergency personnel requisitions andfills for critical skills.
• Medical supply stockpiling.
• Emergency recall of personnel on passand leave.
E-A-F-2
Tab F to Annex A to Appendix E
Joint Pub 3-54
Intentionally Blank
ANNEX B TO APPENDIX EFIELD SURVEY PHASE
E-B-1
As noted previously, data collection beginsin the planning phase with a review ofassociated documentation. During the fieldsurvey phase, interviews with personneldirectly involved in the operation, togetherwith observations and document collection,are the primary means of data collection. Thefollowing actions are normally accomplishedduring the field survey phase.
a. Command Briefing on Operation tobe Surveyed. This briefing is presented tothe OPSEC survey team by the commanddirecting the forces or assets involved in theoperation or activity being surveyed. Thepurpose of the briefing is to provide the surveyteam with an overview of the operation fromthe command’s point of view. Team membersshould use this opportunity to clarifyremaining questions about the informationdeveloped in the planning phase.
b. OPSEC Survey Team Briefing. Thisbriefing is presented by the chief of the surveyteam to the commander and principal staffofficers of the surveyed organization. Thebriefing may be either a formal presentationor an informal discussion. The objective is toinform the commander and the staff of howthe survey will be conducted. The briefingshould include a summary of the hostile threatand the vulnerability assessment developedduring the planning phase. The staff shouldbe asked to comment on the validity of thisassessment. Results of previous OPSECsurveys of similar activities may besummarized.
c. Data Collection and FunctionalOutline Refinement
• Data Collection
•• During the field survey phase, data arecollected through observation ofactivities, document collection, andpersonnel interviews. Data may also beacquired through concurrent ongoingempirical data collection, such asSIGSEC monitoring.
•• Team members must be alert todifferences between what they have read,what they have assumed to be thesituation, what they have been told in thecommand briefing, and what theyobserve and are told by personnelparticipating in the operation.Conflicting data are to be expected.
•• While observations can verify theoccurrence, sequence, and exact timingof events, much essential informationmust be gathered from interviews. (1)Functional outlines should be reviewedbefore and after interviews to ensure thatall pertinent points are covered. Specificson how, when, and where peopleaccomplish their tasks, and how thesetasks relate to the planned and observedsequence of events, are recorded in orderto document activities in a logicalsequence. (2) Team members shouldassure interviewees that all sources ofinformation will be protected by anonattribution policy. (3) Interviews arebest conducted by two team members.(4) Facts to be recorded during or soonafter the interview normally include: (a)Identification and purpose of theinterview; (b) Description of thepositions occupied by the persons beinginterviewed; (c) Details of exactly whattasks the individuals perform and how,when, and where they perform them with
E-B-2
Annex B to Appendix E
Joint Pub 3-54
a view toward determining whatinformation they receive, handle, orgenerate, and what they do with it; and(d) Whether the individuals’ actionsreflect an awareness of a hostileintelligence collection threat.
• Functional Outline Refinement
•• As indicated earlier, each teammember should have a basic functionaloutline to direct data collection efforts atthe beginning of the field survey phase.The basic outline will be modified duringthis phase to reflect new informationobtained by observation and interviewand will ultimately become a profile ofactual events.
•• Each team member should be familiarwith the outlines used by the othermembers of the survey team and shouldbe alert for information that might affectthem. An interview in the communicationsarea, for example, might discloseinformation that would result in a changeto the outline being developed foroperations; or an observation in onegeographic location could affect anoutline being followed up in another.Also, to permit followup elsewhere, alloutlines should try to reflect theinformation generated and the flow ateach location where data are collected.
•• As data are accumulated throughobservation and interviews, incorporationof such data into the basic functionaloutline changes the original list ofprojected events into a profile of actualevents. The functional outline thenbecomes a chronological record of whatactually was done, where, who did it, andhow and why it was done. The outlineshould also reflect an assessment of thevulnerability of each event to the knownor suspected hostile intelligence threat.
•• Tentative findings will begin toemerge as data collection proceeds andinformation is reviewed and compared.The findings should be confirmed andfully documented as quickly as possible.
•• If a finding is considered to haveserious mission impact, it should be madeknown to the commander responsible forthe operation in order to permit earlycorrective actions.
•• Development of findings during thefield survey phase ensures access tosupporting data and precludes the needto reconstruct evidence after the team hasleft the scene. Following this procedure,the basic findings and supporting data ofthe final survey report will be welldeveloped before the end of the fieldsurvey phase. Final development andproduction of the survey report can thenproceed immediately upon the team’sreturn to home station.
d. Team Employment
• The complexity, size, and duration of thesurveyed operation or activity willdetermine the general employment of thesurvey team. Tentative locations for datacollection, developed during the planningphase, provide initial indications of howand where to employ the team.
• It is rarely possible, however, to planemployment in detail before the fieldsurvey phase. A limited, short durationoperation with few participating elementsmay permit concentrating the team inone, or a very few, locations. Larger andlonger operations may require completedispersal of the team, movement of theentire team from one location to another,or both, over a substantial period of time.The most reliable guideline for the teamchief in determining how to employ the
E-B-3
Field Survey Phase
team is to reassemble it daily to assessprogress, compare data, and coordinatethe direction of the survey.
• The duration of the field survey phase isestablished during the planning phase anddepends on how rapidly data arecollected. Many surveys have required30 days or more in the field. Lesscomprehensive ones might require aweek or 10 days. The proximity of datacollection locations to each other, numberof such locations, transportationavailability, and degree of difficultyexperienced in resolving conflicting dataare some of the factors affecting durationof the field survey phase.
e. OPSEC Survey Team Exit Briefing
• An exit briefing should be presented tothe commander before the team leaves acommand, regardless of previous reportsor tentative findings. Like the entrance
briefing, the exit briefing can be aninformal discussion with the commanderor a formal briefing for the commanderand the staff.
• The tentative nature of survey findingsshould be emphasized. Even those thatappear to be firm may be altered by thefinal data review as the survey report isprepared. Because preparation of thewritten report may take some time, theexit briefing can serve as an interim basisfor further consideration and possibleaction by the commander.
• The distribution of the final written reportshould be clearly stated during the exitbriefing. Normally, the report will beprovided directly to the commander.Some commands have found it useful toforward an interim report to the surveyedcommander for comments beforeproceeding with the final version.
E-B-4
Annex B to Appendix E
Joint Pub 3-54
Intentionally Blank
ANNEX C TO APPENDIX EANALYSIS AND REPORTING PHASE
E-C-1
During this phase, the OPSEC teamcorrelates the data acquired by individualmembers with information from any empiricalstudies conducted in conjunction with thesurvey.
a. Correlation of Data
• Correlation of Functional Outlines.When the separate chronology outlinesfor each functional area are correlated,the chronology of events for the operationor activity as a whole will emerge.During the field survey or analyticphases, conflicts of data must be clarified.
• Functional Outlines. The purpose ofconstructing the functional outlines is todescribe the time-phased unfolding of theoperation or activity; to depict the mannerin which separate commands, organizations,and activities interact and perform theirroles in the operation or activity; and totrace the flow of information throughelectrical and nonelectrical communicationsmedia from its origin to its ultimaterecipients. It is important that the teammembers present the information in amanner that facilitates analysis. The netresult of the correlation will be a portrayalof the entire operation or activity.
• Correlation of Empirical Data. Inaddition to correlating data acquired fromthe observations of individual teammembers, the survey team may also userelevant, empirically derived data torefine individual functional outlines.More importantly, these data can alsoverify vulnerabilities that wouldotherwise be exceedingly speculative ortenuous. Empirical data are extremelyimportant to a comprehensive survey.
b. Identification of Vulnerabilities
• The correlation and analysis of data helpthe team to refine the previouslyidentified preliminary vulnerabilities orisolate new ones. This analysis isaccomplished in a manner similar to theway in which adversaries would processinformation through their intelligencesystems.
• Indicators that are potentially observableare identified as vulnerabilities.Vulnerabilities point out situations thatan adversary may be able to exploit. Thekey factors of a vulnerability areobservable indicators and an intelligencecollection threat to those indicators.
• The degree of risk to the friendly missiondepends on the adversary’s ability to reactto the situation in sufficient time todegrade friendly mission or taskeffectiveness.
c. OPSEC Survey Report. The report ofthe OPSEC survey is addressed to thecommander of the surveyed operation oractivity. Lengthy reports (more than 15 pages)should be accompanied by an executivesummary.
• There is no special format for OPSECsurvey reports; a suggested format isfound in Tab A, “Suggested Format forFinal OPSEC Survey Format.”Whatever the format, the report shouldprovide a discussion of identified criticalinformation, indicators, adversaries andtheir intelligence capabilities, OPSECvulnerabilities, risk analysis, andrecommended OPSEC measures toeliminate or reduce the vulnerabilities.
E-C-2
Annex C to Appendix E
Joint Pub 3-54
Although some vulnerabilities may bevirtually impossible to eliminate orreduce, they should be included in thereport to enable commanders to assesstheir operation or activity morerealistically.
• Each report should contain a threatstatement. Its length and classificationneed only be adequate to substantiate thevulnerabilities (or actual sources ofadversary information) described in thereport. The statement may be includedin the main body of the report or as anannex to it. Portions of the threat thatapply to a particular vulnerability findingmay be concisely stated as substantiationin a paragraph preceding or following theexplanation of the observation. If thethreat statement is so classified that it willimpede the desired distribution andhandling, the statement, or parts of it,should be affixed as an annex that can beincluded only in copies of the surveyreport provided to appropriately clearedrecipients.
• The section that delineates vulnerabilitiescan be presented in a sequence thatcorrelates with their significance, in anorder that coincides with their appearancein the chronological unfolding of thesurveyed operation or activity, orgrouped together according to functionalarea (logistics, communications,personnel). A particular vulnerability canbe introduced by a headline followed byan adequate description of the finding andaccompanied by identification of thatportion of the operation or activity thatincludes the vulnerability. As statedearlier, a vulnerability observation mayalso include relevant threat references.
• If possible, OPSEC teams should includerecommendations for corrective actionsin the report. However, the team is notcompelled to accompany each vulnerability
finding with a recommendation. Insome situations, the team may not bequalified to devise the corrective action; inothers, it may not have an appreciation ofthe limitations in resources and options ofa particular command. It may sometimesbe more effective for the team to presentthe recommendation informally rather thanincluding it in the survey report.Recommendations of the OPSEC teammay be particularly valuable in situationsin which a vulnerability crosses commandlines. Ultimately, commanders or theresponsible officials must assess the effectof possible adversary exploitation ofvulnerabilities on the effectiveness of theiroperation or activity. They must then decidebetween implementing corrective actionsor accepting the risk posed by thevulnerability.
• Appendixes and annexes to OPSECsurvey reports may be added to supportthe vulnerability findings andconclusions. Sections, such as a threatannex, may include empirical studies (orparts of them). Maps, diagrams, andother illustrative materials are some waysto substantiate OPSEC vulnerabilities.
• The report may end with a conclusion orsummary of the survey and its findings.The summary should not includejudgments about compliance withstanding security practices of theorganizations. Such judgments are thepurview of security disciplines.
• Distribution of the survey team’s reportshould be limited to the principalcommands responsible for the surveyedoperation or activity. After thecommands have had time to assess thereport and take corrective actions, theycan consider additional distribution.Abstracts from the report may beprovided for lessons-learned documentsor data bases on a nonattribution basis.
E-C-3
Analysis and Reporting Phase
• Because they contain vulnerabilityinformation, OPSEC survey reportsmust be controlled from release tounauthorized persons or agencies.Affected portions of the report mustbe controlled in accordance withapplicable security classificationguides. For those portions of the report
not controlled by security classificationguides, administrative control of therelease of survey report informationmust be considered. Likewise, thenotes, interviews, and raw data usedto build a survey report must be subjectto the same controls as the finishedreport.
E-C-4
Annex C to Appendix E
Joint Pub 3-54
Intentionally Blank
TAB A TO ANNEX C TO APPENDIX ESUGGESTED FORMAT FOR FINAL OPSEC SURVEY REPORT
E-C-A-1
1. Overview
a. Background. Address the purpose andscope of the survey as well as the results ofthe threat and vulnerability assessments.
b. Conduct of Survey. Brief discussionof methodology, team composition, majorcommands visited, and timeframe of survey.
c. Critical Information
d. Threat
2. Summary of SignificantFindings
3. Analysis, Conclusions, andFindings
This is the body of the report. Discussionsand findings may be listed chronologically,by command, or chronologically withincommands.
4. Suggested Format for EachFinding
a. Observation
b. Analysis and discussion
c. Conclusion or recommendation
E-C-A-2
Tab A to Annex C to Appendix E
Joint Pub 3-54
Intentionally Blank
APPENDIX FREFERENCES
F-1
The development of Joint Pub 3-54 is based on the following primary references:
1. DOD Directive 5205.2, 7 July 1983, “DOD Operations Security Program.”
2. CJCS MOP 6, 3 March 1993, “Electronic Warfare.”
3. CJCS MOP 30, 8 March 1993, “Command and Control Warfare.”
4. CJCSI 3211.01A, 15 June 1994, “Joint Military Deception.”
5. CJCSI 3213.01, 28 May 1993, “Joint Operations Security.”
6. Joint Pub 1, “Joint Warfare of the Armed Forces of the United States.”
7. Joint Pub 1-02, “Department of Defense Dictionary of Military and Related Terms.”
8. Joint Pub 1-01, “Joint Publication System, Joint Doctrine and Joint Tactics, Techniques,and Procedures Development Program.”
9. Joint Pub 2-0, “Joint Doctrine for Intelligence Support to Operations.”
10. Joint Pub 3-0, “Doctrine for Joint Operations.”
11. Joint Pub 3-13.1, “Joint Doctrine for Command and Control Warfare.”
12. Joint Pub 3-51, “Electronic Warfare in Joint Military Operations.”
13. Joint Pub 3-53, “Doctrine for Joint Psychological Operations.”
14. Joint Pub 3-58, “Joint Doctrine for Military Deception.”
15. Joint Pub 5-03.1, “Joint Operation Planning and Execution System, Vol I: (PlanningPolicies and Procedures).”
16. Joint Pub 5-03.2, “Joint Operation Planning and Execution System, Vol II: (Planningand Execution Formats and Guidance).”
F-2
Appendix F
Joint Pub 3-54
Intentionally Blank
APPENDIX GADMINISTRATIVE INSTRUCTIONS
G-1
1. User Comments
Users in the field are highly encouraged to submit comments on this publication to theJoint Warfighting Center, Attn: Doctrine Division, Fenwick Road, Bldg 96, Fort Monroe,VA 23651-5000. These comments should address content (accuracy, usefulness,consistency, and organization), writing, and appearance.
2. Authorship
The lead agent and the Joint Staff doctrine sponsor for this publication is the Director forOperations (J-3).
3. Supersession
This publication supersedes Joint Pub 54, 22 August 1991, “Joint Doctrine forOperations Security,” with Change 1.
4. Change Recommendations
a. Recommendations for urgent changes to this publication should be submitted:
TO: JOINT STAFF WASHINGTON DC//J33/STOD//INFO: JOINT STAFF WASHINGTON DC//J7-JDD//
Routine changes should be submitted to the Director for Operational Plans andInteroperability (J-7), JDD, 7000 Joint Staff Pentagon, Washington, D.C. 20318-7000.
b. When a Joint Staff directorate submits a proposal to the Chairman of the JointChiefs of Staff that would change source document information reflected in thispublication, that directorate will include a proposed change to this publication as anenclosure to its proposal. The Military Services and other organizations are requestedto notify the Director, J-7, Joint Staff, when changes to source documents reflected inthis publication are initiated.
c. Record of Changes:
CHANGE COPY DATE OF DATE POSTEDNUMBER NUMBER CHANGE ENTERED BY REMARKS__________________________________________________________________________________________________________________________________________________________________________________________________________________
G-2
Appendix G
Joint Pub 3-54
5. Distribution
a. Additional copies of this publication can be obtained through Service publicationcenters.
b. Only approved pubs and test pubs are releasable outside the combatant commands,Services, and Joint Staff. Release of any classified joint publication to foreigngovernments or foreign nationals must be requested through the local embassy(Defense Attache Office) to DIA Foreign Liaison Office, PSS, Room 1A674, Pentagon,Washington, D.C. 20301-7400.
c. Additional copies should be obtained from the Military Service assignedadministrative support responsibility by DOD Directive 5100.3, 1 November 1988,“Support of the Headquarters of Unified, Specified, and Subordinate Joint Commands.”
By Military Services:
Army: US Army AG Publication Center2800 Eastern BoulevardBaltimore, MD 21220-2898
Air Force: Air Force Publications Distribution Center2800 Eastern BoulevardBaltimore, MD 21220-2896
Navy: CO, Naval Inventory Control Point700 Robbins AvenueBldg 1, Customer ServicePhiladelphia, PA 19111-5099
Marine Corps: Marine Corps Logistics BaseAlbany, GA 31704-5000
Coast Guard: Coast Guard Headquarters, COMDT (G-OPD)2100 2nd Street, SWWashington, D.C. 20593-0001
d. Local reproduction is authorized and access to unclassified publications isunrestricted. However, access to and reproduction authorization for classified jointpublications must be in accordance with DOD Regulation 5200.1-R.
GLOSSARYPART I—ABBREVIATIONS AND ACRONYMS
GL-1
AOI area of interest
C2 command and controlC2W command and control warfareCJCS Chairman of the Joint Chiefs of StaffCOA course of actionCOMINT communications intelligenceCOMSEC communications securityCONPLAN operation plan in concept format
EEFI essential elements of friendly informationELINT electronics intelligenceEW electronic warfare
FISINT foreign instrumentation signals intelligence
HUMINT human intelligence
IMINT imagery intelligenceIW information warfare
JFC joint force commanderJOPES Joint Operation Planning and Execution System
LEA law enforcement agency
MASINT measurement and signature intelligenceMOOTW military operations other than warMOP memorandum of policy
NCA national command authorities
OPLAN operation plan in complete formatOPORD operation orderOPSEC operations securityOSINT open source intelligence
PSYOP psychological operations
SIGINT signals intelligenceSIGSEC signals securitySOP standard operating procedure
TECHINT technical intelligence
UHF ultra high frequency
WAN wide-area network
GL-2
Glossary
Joint Pub 3-54
command and control warfare. Theintegrated use of operations security(OPSEC), military deception, psychologicaloperations (PSYOP), electronic warfare(EW), and physical destruction, mutuallysupported by intelligence, to denyinformation to, influence, degrade, ordestroy adversary command and controlcapabilities, while protecting friendlycommand and control capabilities againstsuch actions. Command and controlwarfare is a warfighting application ofinformation warfare in military operationsand is a subset of information warfare.Command and control warfare appliesacross the range of military operations andall levels of conflict. Also called C2W.C2W is both offensive and defensive: a.C2-attack. Prevent effective C2 ofadversary forces by denying information to,influencing, degrading, or destroying theadversary C2 system. b. C2-protect.Maintain effective command and controlof own forces by turning to friendlyadvantage or negating adversary efforts todeny information to, influence, degrade ordestroy the friendly C2 system. (Joint Pub1-02)
critical information. Specific facts aboutfriendly intentions, capabilities, andactivities vitally needed by adversaries forthem to plan and act effectively so as toguarantee failure or unacceptableconsequences for friendly missionaccomplishment. (Joint Pub 1-02)
essential elements of friendly information.Key questions likely to be asked byadversary officials and intelligence systemsabout specific friendly intentions,capabilities, and activities, so they canobtain answers critical to their operationaleffectiveness. Also called EEFI. (Joint Pub1-02)
PART II—TERMS AND DEFINITIONS
GL-3
operations security. A process of identifyingcritical information and subsequentlyanalyzing friendly actions attendant tomilitary operations and other activities to:
a. Identify those actions that can beobserved by adversary intelligence systems.
b. Determine indicators hostile intelligencesystems might obtain that could beinterpreted or pieced together to derivecritical information in time to be useful toadversaries.
c. Select and execute measures thateliminate or reduce to an acceptable levelthe vulnerabilities of friendly actions toadversary exploitation. Also calledOPSEC. (Joint Pub 1-02)
operations security indicators. Friendlydetectable actions and open-sourceinformation that can be interpreted or piecedtogether by an adversary to derive criticalinformation. (Joint Pub 1-02)
operations security measures. Methods andmeans to gain and maintain essentialsecrecy about critical information. Thefollowing categories apply:
a. action control. The objective is toeliminate indicators or the vulnerability ofactions to exploitation by adversaryintelligence systems. Select what actionsto undertake; decide whether or not toexecute actions; and determine the “who,”“when,” “where,” and “how” for actionsnecessary to accomplish tasks.
b. countermeasures. The objective is todisrupt effective adversary informationgathering or prevent their recognition ofindicators when collected materials areprocessed. Use diversions, camouflage,
GL-4
Glossary
Joint Pub 3-54
concealment, jamming, threats, policepowers, and force against adversaryinformation gathering and processingcapabilities.
c. counteranalysis. The objective is toprevent accurate interpretations ofindicators during adversary analysis ofcollected materials. This is done byconfusing the adversary analyst throughdeception techniques such as covers. (JointPub 1-02)
operations security planning guidance.Guidance that serves as the blueprint forOPSEC planning by all functional elementsthroughout the organization. It defines thecritical information that requires protection
from adversary appreciations, taking intoaccount friendly and adversary goals,estimated key adversary questions,probable adversary knowledge, desirableand harmful adversary appreciations, andpertinent intelligence system threats. It alsoshould outline provisional operationssecurity measures to ensure the requisiteessential secrecy. (Joint Pub 1-02)
operations security vulnerability. Acondition in which friendly actions provideOPSEC indicators that may be obtained andaccurately evaluated by an adversary intime to provide a basis for effectiveadversary decisionmaking. (Joint Pub1-02)
Assess-ments/
Revision
CJCSApproval
TwoDrafts
ProgramDirective
ProjectProposal
J-7 formally staffs withServices and CINCS
Includes scope of project,references, milestones,and who will developdrafts
J-7 releases ProgramDirective to Lead Agent.Lead Agent can beService, CINC, or JointStaff (JS) Directorate
STEP #2Program Directive
l
l
l
The CINCS receive the pub andbegin to assess it during use
18 to 24 months followingpublication, the Director J-7, willsolicit a written report from thecombatant commands andServices on the utility and qualityof each pub and the need for anyurgent changes or earlier-than-scheduled revisions
No later than 5 years afterdevelopment, each pub is revised
STEP #5Assessments/Revision
l
l
l
Submitted by Services, CINCS, or Joint Staffto fill extant operational void
J-7 validates requirement with Services andCINCs
J-7 initiates Program Directive
l
l
l
STEP #1Project Proposal
All joint doctrine and tactics, techniques, and procedures are organized into a comprehensive hierarchyas shown in the chart above. is in the series of joint doctrine publications.The diagram below illustrates an overview of the development process:
Joint Pub 3-54 Operations
JOINT DOCTRINE PUBLICATIONS HIERARCHY
JOINT PUB 1-0
PERSONNELand
ADMINISTRATION
JOINT PUB 4-0 JOINT PUB 5-0 JOINT PUB 6-0
LOGISTICS C4 SYSTEMSPLANS
JOINT PUB 0-2
JOINT PUB 1
UNAAF
JOINTWARFARE
JOINTDOCTRINE
PUBLICATION
Lead Agent forwards proposed pub to Joint Staff
Joint Staff takes responsibility for pub, makesrequired changes and prepares pub forcoordination with Services and CINCS
Joint Staff conducts formalstaffing for approval as a Joint Publication
STEP #4CJCS Approval
l
l
l
Lead Agent selects Primary Review Authority(PRA) to develop the pub
PRA develops two draft pubs
PRA staffs each draft with CINCS, Services,and Joint Staff
l
l
l
STEP #3Two Drafts
ENHANCEDJOINT
WARFIGHTINGCAPABILITY
INTELLIGENCE
JOINT PUB 2-0
OPERATIONS
JOINT PUB 3-0
![Welcome [] › nl › system › files › 20190308_presenta...2019/03/08 · Volvo Group Trucks Operations CDC Gent Operations • 800 employees 722 IW, 76 OW • 273.000 part numbers](https://static.fdocuments.net/doc/165x107/5f03975d7e708231d409ceda/welcome-a-nl-a-system-a-files-a-20190308presenta-20190308-volvo.jpg)
