BY ORDER OF THE COMMANDER,
AIR FORCE OPERATIONAL TEST
AND EVALUATION CENTER
AIR FORCE INSTRUCTION 10-1101
AIR FORCE OPERATIONAL TEST
AND EVALUATION CENTER
Supplement 1
1 MARCH 2005
Operations
OPERATIONS SECURITY (OPSEC)
INSTRUCTIONS
COMPLIANCE WITH THIS PUBLICATION IS MANDATORY
NOTICE:
This publication is available digitally on the AFDPO WWW site at:
http://www.e-publishing.af.mil.
OPR: HQ AFOTEC/SF
(Ms. Geraldine A. Archuleta)
Certified by: AFOTEC/CV (Colonel Alison R. Hill)
Pages: 17
Distribution: F
AFI10-1101, AFOTECSUP 1, 31 May 2001, is supplemented as follows:
This supplement applies to HQ AFOTEC, Detachments and Operating Locations. It applies to contractors
when it has been determined that such measures are necessary for the adequate protection of critical or
sensitive information regarding a specific contract and is included in the DD Form 254, Contract Security Specification.
SUMMARY OF REVISIONS
Briefly describes OPSEC and the OPSEC process. Requires Dir/Dets to appoint an OPSEC POC in writing to assist AFOTEC/SF with management of the OPSEC program. Requires OPSEC POCs to complete
the OPSEC Fundamentals CBT course within 90 days of appointment. Requires OPSEC surveys be conducted annually. Calls for test teams to develop Critical Information Listings (CILs) if test CILs are
required. Implements procedures to destroy For Official Use Only (FOUO) and other sensitive but unclassified documents by shredding, whenever possible. Discusses the role of OPSEC in Anti-terrorism and
Force Protection. Requires personnel to take OPSEC into consideration prior to posting official information on organizational web pages.
2.2.6. (Added) Critical information related to AFOTEC operational test and evaluation (OT&E) efforts
constantly changes with the different systems being involved in OT&E. Attachment 8 (Added) identifies
critical information (topics) related to OT&E efforts. These general topics should be selectively applied to
particular operational test and evaluation planning and reporting information. Amplify and supplement
them as appropriate. Only information not protected by security classification or the privacy act will be
included on the critical information list. Detachments will designate a point of contact (POC) to ensure
that test teams and supporting personnel are informed of critical information related to the test and evaluation effort. This includes Open Skies and foreign over flight notifications.
2
AFI10-1101_AFOTECSUP1 1 MARCH 2005
2.7. (Added) Attachment 9 (Added) overviews the OPSEC threat and vulnerabilities. Attachment 10
(Added) identifies sample OPSEC indicators, which might give an adversary a clue to AFOTEC’s intentions and activities. Additionally, this attachment includes countermeasures that can be taken to prevent
the intentional or unintentional release of sensitive information.
3.2.5. (Added) The OPSEC POC will provide each new member assigned to AFOTEC a basic understanding of OPSEC and their role in the program as well as provide refresher training annually thereafter.
4.1.5. OPSEC POCs at Detachments geographically separated from HQ AFOTEC will conduct an
in-house survey of their OPSEC program for their Commander on an annual basis and provide a copy to
AFOTEC/SF by 15 September each year. AFOTEC/SF will conduct an in-house survey of the HQs
OPSEC program by 15 September each year. OPSEC will also be included in the Information Security
Program Review (ISPR) conducted by AFOTEC/SF. Additionally, OPSEC lessons learned from OT&E
that can be applied to future tests should be input into the AFOTEC Lessons Learned database, with an
information copy to AFOTEC/SF for crossfeed to AFOTEC activities.
4.2. AFOTEC/SF is responsible for overall management of AFOTEC’s OPSEC program and training.
Dir/Dets will appoint OPSEC POCs to assist AFOTEC/SF with managing the OPSEC program. Appointees shall be designated in writing. At a minimum, OPSEC POCs will complete the OPSEC Fundamentals
CBT within 90 days of appointment for training purposes.
4.3. Core teams will integrate the OPSEC process as applicable into each OT&E at the planning stage.
Critical information listings (CILs) will be developed for each specific operation at the earliest possible
time during the planning stage. Reference a specific program protection plan (PPP) and augment only if
test CILs are required. Refer to AFI 10-1101, Chapter 2, for OPSEC process. Directors and Detachment
Commanders will approve CILs for their respective Dir/Det.
AFI10-1101_AFOTECSUP1 1 MARCH 2005
3
Attachment 8 (Added)
AFOTEC CRITICAL INFORMATION – GENERAL TOPICS
A8.1. (Added) Operation concepts and test philosophies that reveal military applications.
A8.2. (Added) Guidance system accuracy, orbital parameters, and operations predictions.
A8.3. (Added) Test schedules/field tests/laboratory data.
A8.4. (Added) Test successes/shortfalls/failures.
A8.5. (Added) Weapons system details, such as, design information, concept of application. specifications, capabilities, limitations, and vulnerabilities of those being tested.
A8.6. (Added) Limitations and vulnerabilities of test resources.
A8.7. (Added) Command and control capabilities: for example, timeliness, force responsiveness, and
quality of reaction to stimuli.
A8.8. (Added) Critical communications links or logistical chains with unsatisfactory alternate links;
especially when loss may cause operation failure or impairment.
A8.9. (Added) Impending mission or operation advance notice such as force buildup and communications flow increase.
A8.10. (Added) Call signs; nicknames associated with classified operations, projects or activities; frequency allocation; identification of specific users.
A8.11. (Added) Any intelligence data or collection capability shortcomings.
A8.12. (Added) Reasons for grounding aircraft.
A8.13. (Added) Actions taken during specific readiness conditions.
A8.14. (Added) Reconnaissance data.
A8.15. (Added) Enemy battle estimates.
A8.16. (Added) Anticipated enemy battle plans and tactics.
A8.17. (Added) Distribution and exact location of troops, weapons and equipment.
A8.18. (Added) Logistics (procurement, maintenance, consumption rates, spare requirements, and transportation or personnel and materials). How adequate is it, and how is it provided? Also, supply lines;
routes and scope of special operations.
A8.19. (Added) Movement; for example, force redistribution or deployment, to include AEF rosters, etc.
A8.20. (Added) Weapons and equipment such as types and quantities, performance data, limitations,
design specifications, reliability, vulnerability.
A8.21. (Added) Unit strength; for example, manning levels, special AFSCs, to include TRPs, reclamas,
etc.
A8.22. (Added) Readiness state; status of tactical training, success rate in previous exercises and operations, combat efficiency.
A8.23. (Added) Purpose and concept of specific plan or operation.
4
AFI10-1101_AFOTECSUP1 1 MARCH 2005
A8.24. (Added) Specific targets and strike priorities.
A8.25. (Added) Weapons used.
A8.26. (Added) Tactics used.
A8.27. (Added) Test team travel, such as TDY dates, locations, times, official orders, TDY worksheets,
meeting/conference/briefing attendance.
A8.28. (Added) Organizational information, such as org charts, recall rosters, meeting/conference attendance or contact lists.
A8.29. (Added) Preparatory documentation, such as agendas, read-aheads, and related documents.
A8.30. (Added) Computer, network, and software vulnerabilities when associated with node names and/
or IP addresses.
A8.31. (Added) COMSEC equipment and materials in use by AFOTEC and the rationale for such use.
A8.32. (Added) Location of classified computer systems and containers.
A8.33. (Added) Any computer network system configuration information to include IP addresses and
logical schemes, operating system information and network services.
AFI10-1101_AFOTECSUP1 1 MARCH 2005
5
Attachment 9 (Added)
OPSEC THREAT AND VULNERABILITIES
A9.1. (Added) Who wants the critical information?
There are countries both allied and adversarial to the U.S., seeking to gain information by all means available and either exploit it for tactical or technological advantage or for economical reasons, both of which
can impact U.S. interests.
A9.2. (Added) How is our information vulnerable to interception and collection?
A9.2.1. (Added) Foreign intelligence services acquire the information they want by three basic methods:
A9.2.1.2. (Added) Open sources. Our adversaries satisfy more than 80 percent of their intelligence needs
through the collection and analysis of open source literature. These sources provide valuable and free
information on technological advances. Specific examples are:
A9.2.1.2.1. (Added) Congressional Record
A9.2.1.2.2. (Added) Aviation Week and Space Technology
A9.2.1.2.3. (Added) Jane’s Fighting Aircraft
A9.2.1.2.4. (Added) Missile and Space Daily Newsletter
A9.2.1.2.5. (Added) Commerce Business Daily
A9.2.1.2.6. (Added) Defense Management Journal
A9.2.1.2.7. (Added) Defense Documentation Center Publications
A9.2.1.2.8. (Added) Federal Register
A9.2.1.2.9. (Added) Defense Electronics
A9.2.1.2.10. (Added) Aerospace Daily
A9.2.1.2.11. (Added) Military Electronics/Countermeasures
A9.2.1.2.12. (Added) Combat Crew
A9.2.1.2.13. (Added) The Infrared Handbook
A9.2.1.2.14. (Added) Airman Magazine
A9.2.1.2.15. (Added) Electronic News
A9.2.1.2.16. (Added) Milestone
A9.2.1.3. (Added) Technical surveillance. This includes intercepting electronic signals emanating from
telephones, computers, printers, instruments, and sensors.
A9.2.1.4. (Added) Human intelligence (as the name implies, the source is people). The people problem is
our most serious and potentially devastating. It is also the most frustrating and difficult one to deal with.
The old saying, “Loose lips sinks ships” is alive and well. We have a constant influx of foreign visitors.
This includes official visitors, exchange students, tourists, ship crewmembers, scientists and engineers,
and treaty inspection team members.
6
AFI10-1101_AFOTECSUP1 1 MARCH 2005
Attachment 10 (Added)
OPSEC INDICATORS AND COUNTERMEASURES
A10.1. (Added) Indicators are data derived from openly available information or detectable activities
that adversaries can piece together or interpret to reach conclusions or estimates concerning program
intentions, capabilities, or activities. Exploitation of this information could enable the adversary to discover or deduce unit critical information. There are three types of indicators:
A10.1.1. (Added) Indicators that establish a profile give the observer or analyst patterns that show how
activities are normally conducted.
A10.1.2. (Added) Indicators showing deviations provide contrasts to normal activity, which helps the
adversary gain appreciation about intentions, preparations, time, and place.
A10.1.3. (Added) Tip-off indicators highlight and focus attention on information that otherwise might
pass unnoticed. These are most significant when they warn an adversary of impending activity, allowing
him to pay closer attention and possibly task additional collection assets.
A10.2. (Added) Common Indicators:
Access lists Agreements/memorandums
Conferences/meetings
Limiting factors
C-Rating factors
Locations of units/resources
Data processing needs
Assigned missions
Fixed sequence of actions
Nuclear weapons procedures
Hours of operation orders
Identifiers: Performance criteria
Abbreviations/acronyms
Implementing procedures
Code words
Prioritizing services
Mission designators
Evaluation results
Static callsigns
Planning conferences
Nicknames
AFI10-1101_AFOTECSUP1 1 MARCH 2005
Changes to requirements
Project numbers
Security alerts
Times/dates: Personnel/staff composition
Arrival/departure
Proficiency
Milestones/suspenses
Quality control
Key words: Reports/reporting
"Critical" Restrictions
"Higher headquarters"
Security checks and tests
"Priority” Clearance requirements
State of readiness
Use of stockpiles (WRM)
Distinguishing emblems
Activity intensity
Locations: Planning conferences
Origins/destinations
Prioritizing services
Prepositioned assets
Rush requirements
Augmentation
Shortages/limitations
Deficiencies/breakdowns
Volume of services requested
Emergency procedures
Security enhancements
A10.3. (Added) Planning Activity Indicators:
Climatology Force structure
Command and control procedures
Composition
7
8
AFI10-1101_AFOTECSUP1 1 MARCH 2005
Conferences
Disposition
Exercises
Pre-positioning
Flight planning:
Intelligence:
Foreign overflight
Dissemination
ICAO/FAA filing
Sources/methods
Restricted airspace
Gaps
Map and chart coverage requirements
Mission designators scenarios
Number of aircraft/vehicles
Search and rescue capabilities
Physical security
Security classification guides
Planned activity profile
Sensor capabilities
Reaction times/sequences tactics
Reconnaissance activities
Threat assumptions/intelligence
A10.3.1. (Added) Administration Activity Indicators:
Accountability records Mission statements
Administrative organization
Operational organization
Clerical workload
OPLAN/OPORD-numbers
Distribution/AIG lists
Property/inventory receipts
Document receipts
AFI10-1101_AFOTECSUP1 1 MARCH 2005
Publication priorities
Job/position description
Mail forwarding
Mail volume
Report distribution
Accident/incident reports
Security clearance requests
Administrative correspondence
Security investigations
Forms requests
Work orders/job requests
Mail address changes
A10.4. (Added) Civil Government and Commercial Support Indicators:
Civilian facility use Courier service
Contract security
Delivery/pickup locations/times
Contract specifications
Local government notifications
Memorandums of agreement
Local law enforcement coordination
Technical studies/reports
Requests for proposals/bids
Trash disposal
Technical representative visits
Commercial assistance requirements
Commercial personnel movement
Commercial manpower
Commercial movements of material
Transportation support
Traffic control
Vehicle rental
Telephone service requests
9
10
AFI10-1101_AFOTECSUP1 1 MARCH 2005
A10.5. (Added) Command and Staff Activity Indicators:
Command control procedures Force composition
Command control responses
Foreign/interagency liaison representative
Commander: Intercommand communications
Appearances in public
Intracommand communications
Health
Communications flow
Leave schedule
Organization structure
Personal affairs
Reactions to hostile actions
Reactions under stress
Reconnaissance activity
Strategic/tactical behavior
Reconnaissance unit locations
Commander/senior staff identity
Staff officer experience/skills
A10.6. (Added) Communications Activity Indicators:
Antenna types/orientation Net/circuit designators
Brevity codes
Nets/net membership
Call signs
Nodes/choke points
Communications discipline
Operating instructions
Communicator signature features
Power requirements
Encryption/encoding/authenticators priorities
Flow volume/intensity radio checks
Frequencies assigned
AFI10-1101_AFOTECSUP1 1 MARCH 2005
Transmission signature features
IFF/SIF codes
Reporting times
MARS communications
Security procedures
Message efficiency/speed
Telephone usage
A10.7. (Added) Financial Activity Indicators:
Budget analysis TDY funds requirements/limits
Budget justification documents
Advance payments
Budget projections/estimates
POM inputs
TDY funds requirements/limits
TDY fund-usage
Financial plans
Travel vouchers
Operating budgets
A10.8. (Added) Logistics Support Indicators:
Cargo/shipment: Specialized vehicles
Classification Control numbers
Identification numbers/codes
Traffic density
Number of pieces
Container labels
Origin/routing/destination
Convoy assembly
Priority Travel reservations
Classification Movement nodes/choke points
Weight/cubic feet
Commercial transport use
Courier service material handling
11
12
AFI10-1101_AFOTECSUP1 1 MARCH 2005
Movement assembly areas
A10.9. (Added) Maintenance and Repair Activity Indicators:
Aircraft tail numbers Technical order changes
Downtime Test equipment
Equipment nomenclature
Repair scheduling
Maintenance team movements
Damage assessments
Maintenance trends
Failure rates
Nuclear weapons procedures
System-wide deficiencies
A10.10. (Added) Supply Indicator:
Stock Numbers Inventory
Fuels and lubricants:
Shelf life times
Aircraft full loads
Stockpile conditions
Inventory Survival equipment
Requirements requisition priorities
Special types staging of material
Storage capacity
Re-supply timing
Suppliers Storage capacity
Maps and charts:
Pipeline nodes/choke points
Inventory Mobility assets
Requirements munitions movements
Demand Parts availability
A10.11. (Added) Operational Flying Indicators:
Aircraft density Aircraft movement
Endurance capability
AFI10-1101_AFOTECSUP1 1 MARCH 2005
Force locations
Force composition
ICAO/FAA flight planning:
Low/high altitude operations
Aircraft type
Radar observation/detection
Airspeed
Refueling requirements
Altitude
Sortie number/status
Course/routing
Visual observation Origin
Search and rescue operations
Times of events
Specialized aircraft
Call sign/frequency
Weather limiting factors
A10.12. (Added) Personal Affairs Indicators:
Apparel Billeting
Child care services
Car rental
Education program participation
Changes of address
Immunization records
Hotel/motel reservations
Newspaper delivery
Mail forwarding
Passport
PCS orders/arrangements
Personal equipment issue
Arrangements for property care
Vehicle identification
13
14
AFI10-1101_AFOTECSUP1 1 MARCH 2005
Powers of attorney
Security clearance/access
Termination of leave
Spouse/dependent routines
Wills
Advance payments
Sale/purchase/rent residence
A10.13. (Added) Personnel Activity Indicators:
Air Force/MAJCOM requirements Deployment order
Apparel Mobility processing
Crew proficiency
Recall procedures
Manpower strengths/projections
Skill shortages
Personnel locations
Unit activation
Staff officer assignments
Special manning
Training Special skills requirements
Casualty reports
Unfavorable personnel information
A10.14. (Added) Public Relations and Public Notices Indicators:
News articles/releases Economic impact statements
Contractor advertisements
Hazardous situation notices
Technical journal articles
Hometown news releases
Warning notices
Notice to airmen/mariners
Advertisements for bid
Public appearances
A10.14.1. (Added) Schedules:
AFI10-1101_AFOTECSUP1 1 MARCH 2005
15
Delivery/pickup schedules Leave schedules
Dining hall schedules
Personnel duty schedules
Distinguished visitor schedules
Senior officer itineraries
Intelligence briefing schedules
Transportation schedules
Laundry service schedules
Weekly flying schedules
A10.15. (Added) Engineering and Services Support Indicators:
Billeting capacity/use Runway usage
Design factors
Trash disposal
Utility requirements
Camouflage
Environmental impact
New construction
Firefighting capabilities
Structure modifications
Road usage
Facility maintenance/usage
A10.16. (Added) Countermeasures are anything, which effectively negates an adversary’s ability to
exploit vulnerabilities. Considerations should include:
A10.16.1. (Added) Access Controls. Access to HQ AFOTEC facilities is controlled by an automated
access control system. The system is supplemented, where appropriate, with push-button combination
locks for additional internal controls and to enforce need-to-know at selected offices or areas. Question
people not wearing badges and beware that visitors routinely frequent AFOTEC facilities.
A10.16.2. (Added) Classification Guides. Identify and use applicable security classification guides. In
the absence of a guide(s) or classification guidance for a particular test and evaluation effort, the AFOTEC Commander has original Top Secret classification authority.
A10.16.3. (Added) Supporting Security Disciplines. Applying the controls provided by the following
security programs:
A10.16.3.1. (Added) Information Security.
A10.16.3.1.1. (Added) Mark and safeguard classified material according to DoD 5200.1-R and AFI
31-401. Technical documents subject to export control laws need to be marked and disseminated IAW
16
AFI10-1101_AFOTECSUP1 1 MARCH 2005
AFI 61-204, Disseminating Scientific and Technical Information. Violations of export laws are subject to
severe criminal penalties.
A10.16.3.1.2. (Added) Enforcing the need-to-know rule to ensure access to sensitive information is
required in the performance of official duties.
A10.16.3.1.3. (Added) Accurately reflect distribution and destruction notices on test plans/reports and
other OT&E documentation. Destruction notices should be as follows: “DESTRUCTION NOTICE: For
classified documents follow the procedures in DoD 5200.1-R and AFI 31-401. Contractors follow DoD
5220.22-M, National Industrial Security Program Operating Manual (NISPOM). For unclassified documents, destroy by any method that will prevent reconstruction of the document.”
A10.16.3.1.4. (Added) Within AFOTEC, destroy classified by using approved shredders. Destroy For
Official Use Only (FOUO), and other sensitive but unclassified documents, by any method to prevent
reconstruction- whenever possible, destroy by shredding.
A10.16.3.1.5. (Added) Ensure DD Form 254, Contract Security Specification, accurately reflects security requirements for contractors.
A10.16.3.2. (Added) Communications Security (COMSEC). Practice good communications security on
the telephone. Keep conversations short and to the point. Don’t attempt to talk around classified or sensitive information. Remember that conversations may be monitored. Use a STU/STE and go secure.
A10.16.3.3. (Added) Computer Security. Protect computer data. Use reliable and credible passwords.
Maintain positive control on all media storage devices.
A10.16.3.4. (Added) Emission Security (EMSEC). Separate RED equipment from BLACK signal wire
lines by 0.5 meters. This separation is not required for fiber optic cables. Keep at least one meter separation between RED and BLACK equipment. Keep power cords as short as possible. Eliminate unused
wires and other conductors such as pipes and ventilation ducts that can carry signals out of the area. Cell
phones with integral digital camera capability are prohibited (NOT AUTHORIZED) for use or possession
within any Air Force classified processing equipment.
A10.16.3.4.1. (Added) Use Encrypt for Transmission Only (EFTO) procedures for teletype and electronic transmissions.
A10.16.3.4.2. (Added) Use Encrypt for Transmission Only (EFTO) procedures for teletype and electronic transmissions.
A10.16.3.5. (Added) Foreign Disclosure. Ensure foreign disclosure office (HQ AFOTEC/SF) approves
release of classified and unclassified information to foreign nationals and representatives of foreign governments.
A10.16.3.6. (Added) Anti-terrorism/Force Protection (AT/FP). OPSEC is a key component of Anti-terrorism and Force Protection. These programs protect our most precious asset- people. Be aware of your
surroundings and report suspicious activity to appropriate officials ASAP. Know and immediately comply
with actions under all Force Protection Conditions (FPCONs).
A10.16.4. (Added) Before official information is released to the public, it should be reviewed by HQ
AFOTEC/PA.
A10.16.5. (Added) Neither confirm nor deny the presence of official information in open publications.
AFI10-1101_AFOTECSUP1 1 MARCH 2005
17
A10.16.6. (Added) OPSEC must be taken into consideration prior to posting official information on organizational web pages.
FELIX Dupré, Major General, USAF
Commander