[EAS] Sufolk Co, NY EAS mishap

Sean Donelan sean at donelan.com
Wed Sep 7 17:54:46 CDT 2016 

On Wed, 7 Sep 2016, Lucero, Mark wrote:
> The next steps (one man's opinion):
> 1. Fix the FCC rules (this work is ongoing) to provide CERTAINTY
> 2. Convene the EAS-CAP Industry Group to address the ambiguity now to provide CERTAINTY
> 3. Reach out to state SECCs and state EMAs to adopt a policy for what alerts will be relayed and what alerts will not WITH CERTAINTY
> 4. Educate alerting authorities on how their alerts will appear when relayed to the public WITH CERTAINTY

1. It would be nice if the FCC rules provided certainty, but the reality 
is regulations are written by and for lawyers. I've suggested the Part 11
should to follow the lead of Part 10, and move the technical 
specifications to a standards group (such as done with ATIS in Part 10) 
with experience writting technical specifications.  And leave only
the legal/policy stuff in Part 11.

2. The FCC should follow the previous ECIG recommendation how to handle 
the "Requred EAS Header" text.  The FCC Required Text should be considered 
the "default" text when the CAP text is unavailable; much like WEA has 
default text.  But visual text crawls and text-to-speech should use
*only* the Sender/Description/Text contents when present.  This would
enable the emergency management agency to control the complete message 
presented to the public; and the EAS event codes would only be used for 
message filtering.

We will have to deal with the legacy EAS-over-the-air, and only the EAS 
header text will be used in those cases.  Except for EANs, CAP devices 
have at least 8 seconds and usually much longer for state/local alerts to 
"ping" IPAWS when it gets an over the air EAS message.  Other than EAN, 
there is no FCC rule controlling which duplicate messages must be 
processed, although over-the-air EAS was FIFO by default (or limitation).

3. Relationships between SECCs, EMAs, broadcasters/cable/etc happens 
in some parts of the country, and doesn't happen in other parts of the 
country.

4. Training is always a challenge.  The "train the trainer" suggestion 
usually just means we don't have any money, and hope someone else will 
train people.

5. I would add testing and regular usage. Both testing of the people, 
system and of the equipment. The JTIC testing for CAP was a good start. 
The challenge with vendor paid certification labs, is they aren't paid to 
find (too many) problems.  Not just cyber pen-testing, but general fuzzing 
and testing stuff that should never happen to see what happens.

We need low-annoyance capabilities for using the system so people get 
familar with the system, and the kinks can be worked out before pushing 
"the big red button" alerts. If EMAs aren't allowed to use the system
except for in a huge crisis, no one is going to use even in the crisis 
because they aren't familar with it. PIOs do practice press conferences, 
there is a need for practice warnings (just don't wake me up at 3am with 
my cell phone making that WEA alert sound).

More information about the EAS mailing list