CHAPTER 2
OPERATIONS SECURITY [OPSEC]
INTRODUCTION
Operations security is one of the keys for achieving the two war
principles: surprise and security. A military force has the advantage when he
can surprise the enemy. In order to achieve this goal, those military forces
must protect their operations and activities with a continuous implementation
of a security plan that is healthy and effective. The purpose of OPSEC is to
protect the military operations and their activities by negating the
indicators military forces plans and their intentions vis-a-vis the enemy
forces. In other words, the enemy commander should not know or recognize how,
when, where, why and what operations our forces are about to undertake, until
it is too late for the enemy to react effectively against our operations.
OPSEC is the duty of the commander, together with each individual at all
levels of command. The commander determines which are the measures of OPSEC
which should be implemented and the duration of each event. Equally, they
should determine the level of risk that they should be willing to accept. The
elements of intelligence (SD) provide information about enemy threat. The
operation elements (S3) direct the program of OPSEC and recommend measures for
OPSEC. The units of each individual implement those OPSEC procedures. In order
to attain a good OPSEC program, commanders and the members of the joint
command, and each individual should be trained in the proper use of the
procedures and techniques of OPSEC.
This teaching plan provides a guide for the procedures to be used by the
technical units in the OPSEC program. Described OPSEC and provides doctrinaire
direction for the future instructors and trainers.
What is OPSEC?
GENERAL
In order for our military forces to be successful against enemy forces,
information about the activities of our units or plans and operations should
be denied to the enemy until it is too late for him to react effectively.
OPSEC does not occur by itself. Our military forces have to create the
right condition for a good OPSEC program since OPSEC is an integral part of
all the operations and activities. The OPSEC program can be good because it
was implemented effectively in each unit; or it can be a program without
13
LN324-91
effectiveness because the members of the unit did not know the importance of
the program and does not know what it requires.
OPSEC IS ALL ACTION TAKEN BY THE COMMAND TO
DENY INFORMATION TO THE ENEMY ON OUR ACTIVITIES
OR MILITARY OPERATIONS
Generally, OPSEC includes coordination of various techniques and
procedures that deny information to the enemy. It is the common sense applied
systematically to the situation of a unit or a mission. The result is the
security of the military forces. This requires a total effort of integration
by all commanders, and the members of the team, and the units and each
individual. Under the umbrella of OPSEC, there exist basically three types of
action.
COUNTER SURVEILLANCE - These activities are taken to protect the true
purpose of our operations and activities.
COUNTER MEASURES - Those actions taken to eliminate and reduce the enemy
threat and its capability of intelligence and electronic warfare against our
military forces.
DECEPTION - Those actions taken to create the false image of our
activities and operations.
COUNTERSURVEILLANCE
SIGNAL SECURITY (SIGSEC)
The signal security includes communication security (COMSEC) and
electronic security (ELESEC).
COMSEC includes those measures taken to deny the enemy information on our
telecommunications. This includes the cryptographic security, transmissions
security, physical security of COMSEC information, and measures to assure the
authenticity of the communications.
ELESEC is the protection of the electromagnetic transmission, which
includes the communication apparatus. This includes such measures as standard
operations procedures which have been approved, appropriate search,
maintenance procedures, and training programs.
ELECTRONIC COUNTER COUNTERMEASURES
Electronic counter countermeasures (ECCM) are various measures taken to
14
LN324-91
protect the electronic transmissions of our military forces and the detection
capacity, recognizing and identifying the enemy. This includes the proper use
of the command post of the motor, situating the antennas, concealing and
distancing the antennas, a check of the equipment to secure and make sure that
there is no radioactive radiation, and training.
A good electronic counter countermeasure program must ensure the
effective use of the electromagnetic systems of our military forces.
INFORMATION SECURITY (DOCUMENTS)
Information security INFSEC is the protection of information of value
for the enemy forces. This includes two types of information, classified and
unclassified. Some examples are the dispatch documents, requisitions (orders),
plans, orders (directives), reports, charts (maps), map covering material, and
dissemination of verbal information, and the press that may have an adverse
effect on national security and the operation of friendly military forces.
PHYSICAL SECURITY
Physical security (PHYSEC) is the protection of the installations,
command post and their activities, etc., by the members of the Armed Forces,
dogs, and other necessary measures for the restriction and protection of the
area. Some measures include barriers of the perimeters, detective lights,
marked copies of the keys or combinations, bolting mechanism, alarm systems
for the control of intrusion, personal identification, controlled access, and
controlled movement. The PHYSEC also allows the protection against espionage,
sabotage and robbery.
STANDARD OPERATION PROCEDURES (SOP)
As a general rule, the countersurveillance procedures such as
camouflage, concealing and the use of color, light and noise, are concealment
measures discussed in the SOP. The SOP also covers the manner in which the
unit utilizes buildings, roofs, highways and its equipment.
COUNTER MEASURES
Counter measures are selected, recommended and planned in order to
overcome the specific aspects for the operation of intelligence of the enemy.
Once a vulnerability has been identified and the risk is determined to exist,
a counter measure is designed specifically for this threat in order to avoid
exploitation of said vulnerability by the enemy. The counter measures can be
anything from deception to the destruction of the capability of the enemy's
means. The counter measures also include appropriate measures to discover the
vulnerability of the friendly force. For example, the use of smoke, or the
15
LN324-91
use of flak in critical moments. The deception operation also can be planned.
DECEPTION OPERATIONS
Deception operations (DECOP) are carried out in order to deceive the
enemy. These operations include:
Handling of Electronic signatures
Distortion of the friendly activities in order not to make the real
objective known.
Falsifying material, and placed wherever it can be captured or
photographed by the enemy.
Simulated maneuvers
Demonstrations
Simulated equipment
Deception operations can be conducted when the commander sees an
opportunity to deceive the enemy.
? 2
Also, deception can be required when the countersurvei1lance operations are
not sufficient to disorient the enemy so that the operation may be successful.
In any case, knowledge of the friendly military forces provided by security
analysis is necessary in order to create a credible deception plan.
SECURITY ANALYSIS
Security analysis is done in order to support the countersurveillance
and counter measures. OPSEC depends on the commander and his personnel being
informed of a threat that they will confront, in the patterns, weaknesses and
profiles of the friendly force. Intelligence analysts provides information on
the enemy; the analyst assigned to OPSEC section determine which unit or
activity of the friendly forces are vulnerable, and why. The OPSEC analyst
provides the commander and the operators with a risk estimate; this is based
on the efforts of the aggregate of intelligence of the enemy and the
activities of the friendly forces that are known. They can recommend
procedures or procedures of countersurveillance and counter measures.
OPSEC is a condition.
Generally, OPSEC is a condition that seeks to attain security or safety
of the friendly forces. It involves a variety of activities for concealing the
friendly units, or to deceive the capabilities of the enemy analyst and
commander in regard to intelligence gathering. These activities (under the
16
LN324-91
category of countersurveillance, counter measures and deception) can be
accomplished independently by members of each unit. But it is the integration
of these activities by the commanders and the operation officer, which
transforms the OPSEC program for a unit and provides security for the
operations. The elements of security such as SIGSEC, counter intelligence,
military police, and the personnel of each unit, provide the necessary support
to create good conditions for OPSEC in the installations.
THE THREAT
COLLECTIVE CAPABILITIES OF THE ENEMY
HUMAN RESOURCES ELECTRONIC RESOURCES IMAGE RESOURCES
Agents INTELSEN/GE Photography
Infiltrators -- Radio interception Infrared (close and
distant)
Reconnaissance Unit --Radar interception Night vision
equipment
Combat Unit --Interference equipment Image
amplifiers
Patrol --Radar surveillance Visual
Prisoners of war--Telesensors SLAR
Refugees --Acoustics
Figure 1
The intelligence threat against our Armed Forces vary from place to
place, according to operations, missions, contingency plan and the level of
sophistication of the enemy. Therefore, the units to receive information about
the threat in specific situations in the local sections of intelligence. It is
expected that the enemy units will utilize all of their capabilities of
collecting information, as is shown in Figure 1, when they confront our
forces.
The enemy is particularly interested in the different echelons of our
military forces: which are the capabilities of the unit; such as, their fire
17
LN324-91
power, communications, detection capabilities, logistic support, but in the
same way are interested in the location, movements, and intentions of our
military forces. The capability of the threat that is discussed in the
classrooms and the practical exercises of the units should be based on the
capabilities of the enemy and the ones that can have be a fundamental threat
in the operation activities of the unit involved. In other words, the OPSEC
program was developed in order to counteract the specific threats against the
military unit involved.
OPERATIONAL GUIDE
GENERAL
The OPSEC program is conducted by the commander and led by the
operations officer as part of the operations of each unit. Each unit can have
an effective OPSEC program with only the coordinated forces of the commander,
members of the task force and the troops, and the use of various activities of
security and intelligence.
NUCLEUS OF THE OPSEC OPERATIONS
Operations Officer
G1/S1 G3/S3
SIGSEC Commander Troops
Counter espionage G3/S3
MILITARY INTELLIGENCE
18
LN324-91
The OPSEC program is designed to function with the characteristics of
the technical operations, and the requirements of each organization. Each unit
takes the necessary steps to provide the security and maintain the surprise -
keep the enemy without knowledge of what our military forces are doing. For
this reason, OPSEC should be taught in all the military schools at all levels,
and established in the doctrinaire literature of each organization and its
operations. Each manual should describe how military forces can improve the
security of their operations.
In order for the OPSEC program to be effective, the tactical units
should:
Be established by the commander, and led by the operations officer of
the support of the local intelligence officer.
Be based on the operational requirements of the unit.
Be imaginative and adaptable for certain changes.
Be designed to deny valuable information to the enemy regarding
activities and operation.
Be compelled at all levels by the commander in the plans and training,
so that the program can function in operations situations.
OPSEC SUPPORT
The OPSEC support is provided by the unit or sections of the OPSEC which
are found in the organizations of military intelligence. The OPSEC teams are
specialists in security signals in the counter intelligence and should be put
in direct support of the combat brigade, support division commands and the
artillery units. These teams support the unit determining the vulnerability of
each unit, to assist the subordinate units and maintaining the most current
data regarding enemy threats and evaluation of vulnerabilities of such
threats. The support units of OPSEC participate in the conduct of evaluation
of OPSEC. They also recommend certain ways of protecting the procedures which
could provide indicators to the enemy.
The security specialists help in the development of the plans and
procedures of OPSEC, maintaining the archives of OPSEC, and recommending the
deception measures. Commanders can also obtain the support of the units of
OPSEC at the highest echelons of the high command of the Armed Forces. This
support includes services such as the signal security, computerization
security, counter measures of technical surveillance, counter intelligence
investigations and inspection of cryptographic installations.
19
LN324-91
THE OPSEC PROCESS
OPSEC is a continuous process of planning, collecting information,
analyzing and forming, changing data base, issuing orders and instructions and
execution.
OPSEC PROCESS
Planning the gathering --->Information gathering--->Analyzing
Report on Report
results
Executing orders <----Issuing orders <-----Revising the
and instructionsdata Base
NOTE: Once started, the OPSEC process is continuous and more than one
section can do it at any moment.
The OPSEC process is done in a sequence of planning, execution and
reporting the results. The process begins with information already known of
the data base and continues in a logical way resulting from the assessment,
recommendation and operation plan. The plan is carried out by the units. The
OPSEC measures are monitored by members of the different unit and by elements
of the CI to verify the effectiveness of the OPSEC measures. The commander and
the operations officer take action to correct the vulnerabilities based on the
different reports. The process can be illustrated as follows:
THE OPSEC PROCESS
S3/D3 S2/D2
Based on OPSEC profile Estimate of the enemy
Data base or intelligence threat
Condition of
our forces
------------
and
Commander countersurveillance
guideline in effect
20
LN324-91
The Concept of the Commander
of the mission or operation
P --Determine the sensitive aspects of the operation
L --Develop the essential elements of friendly information (EEFI)
A --Advise on our vulnerabilities
N --Analyze the risk
N --Determine countermeasures and requirements of deception
I --Estimate of OPSEC (written or orally)
N --OPSEC plan (written or orally)
G --Deception plan (written or orally)
I
M
P --Units implement Operational Plan (With the OPSEC plan as an Annex)
L --Counterintelligence elements supervise the OPSEC plan
E
M --Inform on indicators that can influence the operations
E
N --Effectiveness of OPSEC program is evaluated
T
A
T
I
0
N
R
E
S --Counterintelligence elements inform the commander and the
U operations officer orally or in a written report.
L
T
S
Figure 1
21
LN324-91
THE DATA BASE
Data base for the planning of OPSEC is maintained by the CI section.
This information on our units and enemy capability for gathering information
is always in the process of evaluation and change.
The intelligence section informs the CI element regarding the capability
of the element to collect information. This information about the enemy is
important because:
Time is not wasted advising an erroneous threat.
Counter measures are not assigned to indicators which the enemy does not
have the capability to collect.
Counter measures are assigned to counteract the capabilities of the
enemy to collect information on our activities.
The CI section establishes the data base to develop the indicators, the
signatures, the patterns and the profile of our forces. This information
indicates how our units appear in the battlefield -- the way they operate, how
they communicate, how they are supplied, etc. The information about our own
unit is important for the planning of our operations because:
It determines the essential elements of information on our forces and
our vulnerabilities.
Counter measures are applicable to the units which need them. In
carrying out and providing advice for OPSEC measures.
Deception can be done effectively. The use of deception depends on
common sense, precise information about enemy intelligence and our
involved units. For example, the units which use deception have to
demonstrate indicators, signatures, patterns and profiles showing the
same characteristics as the type of unit they are trying to imitate.
COMMANDER GUIDE
The concept of the operation and the mission of the commander provides
the direction and guideline for the OPSEC plan. The commander can order
certain general measures of OPSEC or perceive specific procedures of security
during operation. For example, it can establish measures for protecting the
revealing of unit movement, supplies and use of radio. The commander should
announce which part of the operation should be protected for the operation to
succeed.
22
LN324-91
PLANNING
The C3/S3 is assisted by the CI section and other high staff and general
staff officers, realizing the plan described in Figure 1. Although the
different aspects of the planning might not be completed in detail, each one
should be completed as much as possible in a given time.
Determine the Sensitive Aspects of the Operation
Take note of the information which if known by the enemy provides
indicators that reveal our operation. Operational indicators and physical
characteristics are compared constantly with the operation. Once this is done
the planners can --
Determine the Essential Elements of the Elements of
Friendly Information (EEFI)
The essential element of friendly information is information that if it
falls in the hands of the enemy, our operations will fail. The EEFI reflect
the concern of the commander regarding areas that need security. The CI agents
use the EEFI to identify and inform regarding vulnerabilities. The unit uses
the EEFI to plan operations of countersurveillance.
Advice on Our Vulnerabilities
Noting the EEFIs, the CI sections begin to advise on our
vulnerabilities. The CI agents identify the units and activities that are most
vulnerable and detectable by enemy intelligence. This step is necessary for --
Risk Analysis
Risk analysis is a process that compares our vulnerabilities with the
enemy capabilities for gathering of collect.
The CI agent identifies indicators that if detected would result in the
divulging of important combat intelligence regarding our operations. The
purpose is to identify the risk and determine what can be done to reduce them.
This includes an evaluation of the operation of countersurveillance and
counter measures actually in effect for determining what more needs to be
done. The units always employ procedures of counter surveillance. The units
separate and evaluate the effectiveness of countersurveillance as they receive
new information. Based on the new information, they can decide and adjust the
measures for countersurveillance in order to focus on certain techniques and
procedures. This process continues throughout the CI agents structure.
23
LN324-91
Determine the Counter Measures
Counter measures are used to protecting these indicators and EEFI which
are most vulnerable for enemy detection, as a result the counter surveillance
measures which are not adequate. Generally there are five options:
Counter measures are not necessary
Applying a counter measure
Stop the activity
Employ deception operations
Change the operation
Counter measures are not necessary under the following conditions:
A indicator cannot be detected by the enemy
If it is detected, the indicator supports the deception plan.
The commander decides to accept the risk.
The use of counter measures in deception requires common sense,
information over our units and knowledge of the capabilities of the enemy to
gather intelligence. The specific counter measures are directed towards the
capabilities of the enemy in order to collect information.
Counter measures may include the physical destruction of the enemy -s
collection measures. If this is the case, the S3, in accordance with the
commander, has to react quickly in order to counteract the enemy's gathering
capability. For example, it is known that an enemy reconnaissance patrol is
collecting enough information regarding our operation, the 53 can recommend
the increase of combat patrols to destroy the reconnaissance element.
Deception
The planning of deception is integral in the planning operations. A
deception plan can be done because it is a good idea for a specific operation;
because it is a requirement to support a plan of deception at a higher level
as part of the measure against the enemy intelligence threat. In any case,
deception and the OPSEC are inseparable. In order to use deception
successfully, a unit as o have a good knowledge of all of the aspects of
OPSEC.
24
LN324-91
Deception is designed to deceive the enemy by means of manipulation,
distortion, making him react in a way that is detrimental to his interest. In
order for a plan of deception to function, certain conditions have to exist:
-- The plan of deception should be creedible. The concept of deception
should be carried out in conjunction with the concepts of operation. Whenever
possible, the operation activities should support the plan of deception.
-- The deception should be part of thee technical situation.
-- The enemy should be given the opporrtunity to react to deception.
-- One should consider all the informaation gathering capabilities of the
enemy. There is no point in deceiving an enemy resource if it is detected by
another resource. The success depends on the good knowledge of the
characteristics, capabilities and the use of intelligence systems of the
enemy.
-- The units involved in the deceptionn have to accomplish their different
missions. This may not require anything special if the unit is doing its
normal mission. It is possible that it may have enough information and
equipment to project a false image. The subordinate units have to support the
plan of deception of the superior units.
Deception requires good intelligence, OPSEC and an operational
implementation in order for it to be successful. Intelligence units inform
regarding information gathering capabilities of the enemy and possible
reactions. The CI section informs regarding indicators, signatures, patterns
and profiles of the units involving deception; and the operations sections
applies the deception plan of the combat operations. A satisfactory OPSEC
program needs to be established in order for the deception to be successful.
INDICATORS, SIGNATURES, PATTERNS AND PROFILES
General
All the armies have their ways of operating. The normal operating
procedures, the field manuals, the training instructions, and other local
instructions result in similar units functioning in a similar way. The effort
of maintaining the similarities and functioning adds to the effectiveness and
efficiencies of the units. Its weakness is that the units become stereotypical
units, and consequently more predictable. This causes that the analyst of any
intelligence can interpret more easily the indicators, signatures, patterns
and profiles of our military forces.
The commanders and the operation officers should examine and study
carefully how to conduct their military operations. They need to know if they
25
LN324-91
are conducting operations in the same way each time there is an operation, and
advise on the manner the operation should be conducted. This means that they
should revise the actions that occur during the planning phase, execution and
the debriefing after the combat drills. It could be that a comparison of the
activities of various combat drills is necessary.
INDICATORS
Indicators are activities that may contribute to determine a course of
action of our military forces. When preparing combat operations, it is
virtually impossible for a military unit to hide or avoid giving out
indicators. Certain activities must be conducted. Some of these activities are
essential for the operations -- others can be directed by the commander or by
standard operational procedures of the operations. In many cases, these
activities might be detected by the enemy and used to predict possible courses
of action.
Identifying and interpreting specific indicators is a critical task for
the intelligence operations, either for the enemy of for our own armed forces.
The intelligence personnel looks for indicators, analyze the, and make an
estimate of the capabilities, vulnerabilities and intentions. These analyses
have become a requirement for information, plans, and eventually provide the
basis for directives and orders.
Identifying the critical activities of the military forces could
indicate the existence of specific capabilities or vulnerabilities, or the
adjustment of a particular course of action. Determining which indicator is
important, could be the result of previous action analysis. The lack of action
is as important, in certain cases, as actions already taken. For example, if a
unit does nor normally deploy its attack artillery equipment, this information
is important for the analysts to include it in their estimate. In any case,
the indicators that arise requires a concrete knowledge of the organization,
equipment, doctrine of the tactics, the command personalities, and the
logistic methods, as well as the characteristics of the operations. Indicators
are not abstract events. The indicators are activities that result from the
military operations.
Indicators are potential tools for each commander. The indicators are
probabilities in nature, which represent activities that might occur in the
military operations. The interpretations of the indicators require knowledge
of the enemy and the current situation. Some indicators are mentioned below.
It is not intended to be a complete list, or applicable to all situations.
26
LN324-91
Possible Attack Indicators
-- Concentration of mechanized elementts, tanks, artillery, and logistic
support.
-- Delivery of combat elements (mechannized, tanks, anti-tank) in echelons.
-- Deployment of tanks, guns, cars to the front units.
-- Extensive preparation of artillery..
-- Artillery positions very much to thhe front and in concentration.
-- Extensive patrol activity.
-- Change in the level of communicatioons, crypto, codes and frequency.
-- Placement of the air defense forcess beyond the normal front.
-- Logistics activities, reinforcementt and extensive replacement.
-- Relocation of support unit at the ffront.
Possible Defense Indicators
-- Withdrawal of defense positions beffore onset of battle.
-- Successive local counterattacks witth limited objective.
-- Counterattack is suppressed before regaining positions.
-- Extensive preparation of field forttifications and mined fields.
-- Firing positions in the front are uused; the long-range firing is
started.
-- Movement to the rear of long-range artillery equipment and logistics
echelons.
-- Destruction of bridges, communicatiion facilities and other military
equipment.
27
LN324-91
SIGNATURES
The signatures are a result of the presence of a unit or activity in the
battlefield. The signatures are detected because several units have different
equipment, vary in size, emit different electronic signals, and have different
noises and heat sources. The detection of the individual signatures could be
grouped by analysts to point out the installations, units, or activities.
In general, these are the categories applied to the units: visual,
acoustic, infrared, and electromagnetic. Each one of these areas are discussed
individually. Have in mind, however, that the enemy will try to exploit
several individual signatures grouping them in order to determine a signature
for the unit. Usually, action is not undertaken as a result of the detecting
only one signature. With exception of the detection of critical areas, which
can result of the detection, identification and location of a signature. The
critical areas are key activities such as command posts, communications
facilities and systems, some equipment and its surveillance systems. The
detection of these areas reduces the ability of a military force to conduct
military operations. However, the longer the critical areas are exposed, the
easier would be for the enemy to detect, identify, locate, attack and destroy
these critical areas.
VISUAL
Visual signatures are detected through light photography and by human
eyesight, assisted or unassisted. Visual signatures are equipment, location of
personnel, activity patters, and the frequency of these activities. Also, some
of these visual signatures include vehicle movement, tanks, vehicle marking,
uniform markings, etc. Theoretically, a target is detected when it is seen by
a human eye. The targets might be detected and identified by using photography
by --
-- Its distinct form, or recognizable patters, form, style, size,
design, shadow, and its dimensions of height and depth.
-- A distinct deployment system, possibly involving other targets.
-- The color, hue, shine, tone and texture of the target.
It is possible to detect a target without having to identify it.
Detection is the discovery of a target or activity, while identification
requires an additional step - to establish what the target is, what it does,
or the capabilities of such target. The violence, confusion, and the darkness
in the battlefield introduces variables that might prevent identification or
detection of military targets.
28
LN324-91
Some studies point out that the visual detection is affected by the
following:
-- The size of the target and the time it has been exposed to sight.
-- The degree to which the target has been camouflaged or covered.
-- Light variation, visibility and weather.
-- Number of targets - the more targets there are, it is more
difficult to identify them correctly.
-- Target distance - the longer the distance the more difficult to
identify the target correctly.
-- The contrast of the target against the background -- the less
contrast there is, the more difficult it is to identify the
target.
Some factors help the probability of visual detection. For example, the
probability of detection is increased by knowing previously that a target is
in a particular area. The probability of detection and identification is also
augmented if the target detected in a particular area is associated with other
targets in the vicinity, in other words, find a known target and search for
similar ones in the area. For example, if a tank repair vehicle is detected in
an area, look for tank units or mechanized units in the vicinity.
The identification and visual detection can be enhanced with the use of
photography. Visual location of ground and air observers, of which there is no
specific identification, can be used to lead photographic reconnaissance
missions. Unlike the location in one site only, or having a short view of the
target, photographs provide the opportunity to enlarge and study specific
areas and equipment. Photography is limited mainly because it provides the
record of an area as it was at the moment the photograph was taken.
ACOUSTIC (SOUND)
The acoustic signatures come in two types: The first are noises produced
during battle by explosives and rifle firing. The second sound is associated
with the noise of certain military functions - such as vehicles, equipment and
the activities of the installation. The acoustic signatures are detected by
human hearing, sound detection equipment, or special devices that magnify the
sound.
Acoustic sounds could be very significant because different equipment
and guns have a unique sound. These signatures have considerable importance
for planning countersurveillance, countermeasures and deception. The forces
29
LN324-91
try to prevent escape of signatures in order to reinforce security; a
deception plan must sound as if it were an actual unit.
The noises produced by operations are affected by the weather
conditions, terrain, atmospheric conditions, and the propagation of sound. The
relative direction of wind, the amount of wind, the temperature and humidity
influence the quality of sound. In general, the sound travels better when
projected by the wind, when humidity is relatively high, and during nighttime.
The enemy is not expected to react only to what he hears. The sound only
serves to alert us on what is happening. The acoustic signature, unlike the
visual signature that can stand by itself, normally is used to support other
sensors.
The acoustic sounds are integrated with other information to enhance
intelligence. But have in mind that under certain circumstances, the sound can
travel long distances. While the enemy cannot distinguish between an M-60 tank
and an APC, the sound can alert him that there is movement in the vicinity.
INFRARED (IR)
The infrared signatures are those not visible by the eye. It is the
heat, or light, produced by equipment, person, unit or activity. The infrared
signatures can be detected with the use of several specialized equipment.
The infrared surveillance equipment vary from the individual optical
device to sophisticated aerial systems. Under favorable conditions, the
systems that have been improved will be able to produce images that
distinguish between the equipment of the same quality and type.
The tactical infrared equipment come in two categories -- active and
passive. The active equipment require that the potential target be illuminated
by infrared sources -- light sent in infrared frequencies. These devices are
susceptible of being detected because they emit a distinct and identifiable
signature. The enemy sensors can locate the active sources. The passive
devices detect the infrared radiation of any of these two sources: emissions
created by the target or solar energy reflected by the target. These devices
are more applicable to play the role of surveillance because the equipment
does not produce an identifiable signature. The passive devices are vulnerable
to detection at the level at which their power sources are detectable.
The majority of the military equipment emit an infrared signature of
some type. The equipment more vulnerable to infrared detection are those that
produce a high degree of heat, such as, tanks, trucks, long guns, generators,
air conditioners, furnaces, aircraft, maintenance facilities, artillery fire,
kitchen areas, landing areas and assembly points.
30
LN324-91
Infrared surveillance has limitations. Humidity, fog, and clouds can
cause serious limitations, while smoke and fog can degrade the operations of
some systems. The clouds present a more serious problem because the radiations
emitted can be enough to prevent the operations of the system itself.
Clouds also telltale the infrared radiation of the objects being
targeted by the system.
ELECTROMAGNETIC
The electromagnetic signatures are caused by electronic radiation of
communication and non-communication emitters. In other words, the detection of
specific electromagnetic signatures can disclose the present of an activity in
the area. This allows us to direct our sensors to that area in order to detect
other signatures.
The communication signatures are generally direct -- use a radio and a
signature will be provided. The battalions have certain communication systems;
the brigades have other communication systems, and the elements of higher
echelons also have different communication elements and other additional
systems. To find the bigger units, to which a transmitter belongs, it is the
duty to:
-- detect other transmitters in the area.
-- Use radio-goniometry to determine the location.
-- Categorize signals by a signal analysis.
-- Locate the type of transmitter in the vicinity of the area.
From this type of information, the intelligence can determine the location of
a unit or command, supply point, weapons units, and assembly areas. This is
particularly true when some radios or radars are used exclusively by a
specific unit or weapons system. The movement, information of the order of
battle, the structure of the radio network, tactical deployment, and, in a
lesser degree, the intentions could be derived from the interception of the
communications systems. All these could be detected and identified by knowing
the location of communication equipment, without reading the messages.
The signatures produced by radars are considered from two viewpoints.
First, when radar systems are activated they transmit signals and create
signatures.
This makes our forces vulnerable when we use radar against the enemy.
Secondly, the equipment, buildings and mountains have identifiable
characteristics which the radar can be used to detect and identify. Therefore,
the forces exposed are vulnerable to the detection by radar.
31
LN324-91
The military equipment have a great number of protuberances, angles and
corners which the radar could detect. This refers to what is called the radar
cross-section (RCS). Modern radar surveillance equipment can do more than
solely detect the RCS of a target. Aerial radars with lateral view (SLAR) have
enough resolution to identify certain weapons systems by detailed imagery or
by its pattern. The radar systems can penetrate the fog, cloud and moderate
rain. The surveillance radars are active systems and can operate against
mobile or fixed targets.
The radar systems are limited in that they require an uninterrupted
passage, or visibility points, towards the target area. However, have in mind
that these systems cannot penetrate forests or heavy rain. The radar systems
are susceptible to enemy interception and can become targets because of their
distinctive signature.
PATTERNS
A pattern is the manner in which we do things. Patterns that can be
predicted are developed by commanders, planners and operators. The different
classes of patterns are as numerous as the different procedures in military
operations. Some examples of patterns are:
-- Command and Operations Posts
-- Artillery fire before an attack
-- Command posts located in the same position relative to the
location of the combat units.
-- Reconnaissance patrols repeatedly on a zone before an operation.
The officers need to examine their operations and activities in their
zones of responsibility and reduce the established patterns whenever possible.
PROFILES
The profiles are a result of the actions taken by military units and
individual soldiers. The profile analysis of a unit could reveal signatures
and patterns on the procedures, and, eventually, the intentions of the unit
could be determined, collectively, the profiles could be used by the enemy to
find out our various courses of action. Our counterintelligence units develop
profiles of our units in order to determine our vulnerabilities and thus
recommend the commanders on the correction measures. In order to achieve this,
all activity of the unit has to be identified to see if it presents indicators
to the enemy.
Usually, profiles are developed by means of the gathering of information
on the electromagnetic equipment and on physical actions and deployments.
32
LN324-91
Electromagnetic information identifies the activities of the units by
associating the different signals with the equipment. Physical actions and
deployments are things that the unit does: how a unit appears while it is
performing; how it moves; its configuration during march or when it deploys.
These different factors identify the different units.
In the majority of units, the electromagnetic and physical information
is applicable to 5 areas of importance in order to complete an entire profile.
The five profiles are:
-- Communications and command post
-- Intelligence
-- Operations and maneuvers
-- Logistics
-- Administration and other support
COMMUNICATIONS AND COMMAND POST
Some factors to be considered when developing and profile:
Where are the command posts located with regard to other units -
particularly subordinate units?
-- How does the command post look likee?
-- When is it transferred with regard to the other command elements?
-- Is the post surrounded by antennas - thus creating a very visible
target?
-- What type of communications equipmeent is used and where is it located?
-- What is the amount of communicationns traffic with regard to the
activities and operations?
-- Are there any road signs that mightt help the enemy units or agents to
located the command post?
-- Do the logistics and administrationn communications compromised the
operation?
33
LN324-91
INTELLIGENCE
Profiles on intelligence, surveillance, reconnaissance and elements
identifying targets are developed in order to determine whether our activities
indicate our intentions. Some considerations:
-- How frequently and to which zones hhave the land and air elements been
assigned for information gathering?
-- Where are the information gatheringg elements located? (Which
communication methods are used to report? Which are the information channels?
Which are the security measures?)
-- How are the radars used? (For how llong are they used before transferring
them?)
-- Are there sensors in the target zonne?
-- Have the reconnaissance vehicles (lland and air) compromised the location
of future operations?
-- Are the patrol levels been varied?
-- Can the different gathering activitties relate to the different stages of
operation - planning, preparation, execution?
OPERATIONS AND MANEUVERS
Activities during the preparation and execution of combat operations can
be identified. Many activities are hard to cover due to the number of men
involved, the noise, dust, tracks of vehicles, heat emitted, etc. However, the
activities for combat operation have to be examined.
-- Can the drilling and instruction off men be easily detected?
-- If there is special training requirred for the operation, are there any
special security measures?
-- Where are the units located before the operation? Artillery? Aviation?
Reserves? Maintenance and supply? Is the movement indicated towards the front
or the rear during their course of action?
-- How are the same actions carried ouut for preparation of offensive or
defense operations? Do they indicate intentions?
LOGISTICS
34
LN324-91
Supply, maintenance, transportation and services and facilities
indicating an operation have to be examined.
-- Which movements indicate the startiing of an operation?
-- Are material and special equipment visible?
-- Where is the material being stored?? When?
-- Is the change of schedule for vehiccle and weapons maintenance indicating
the start of an operation?
-- Are new roads being built?
-- Are special munitions being deliverred secretly?
ADMINISTRATION AND OTHER SUPPORT
Activities seemingly completely innocent individually could provide
valuable information for the enemy analyst. The administration and support
profile could identify these actions which become obvious because they are
different from what is normal. Some examples follow:
-- Things change before an operation:
* Getting up and meals schedules?
* Directions
* Larger mail volume?
* Frequency of reports:
* Entry of licensed personnel?
-- There is a special request for:
* Personnel?
* Equipment?
* Supplies of all types?
-- How is trash, paper, etc. being desstroyed? Can enemy agents locate and
use the waste?
-- Expecting wounded personnel by mediical units, do they indicate a pending
operation?
35
LN324-91
36
LN324-91
THE OPSEC PROCEDURE
1) To identify the enemy capability to gather intelligence (D-II/S-II).
2) Identify our EEFI and profiles.
Profiles + Patterns and signatures
Profile: All the characteristics pertaining a unit.
Patterns: Repeated activities established by SOP or by doctrine.
Signatures: Field actions of a unit.
-- visual
-- sound
-- infrared
-- electromagnetic
Profiles: Command Post
-- Communications
-- Operations
-- Logistics
3) Identify the vulnerable profiles that indicate our intentions.
4) Implement a risk analysis and make note of the EEFI.
-- Profiles \
-- Patterns > Indicators
-- Signature /
5) Recommend OPSEC measures
-- Countersurveillance
-- countermeasures
-- Deception
6) Select the OPSEC measures.
7) Apply the OPSEC measures.
8) Apply efforts to monitor OPSEC.
9) Monitor the effectiveness of OPSEC.
10) Recommend OPSEC adjustments.
37
LN324-91
Step (1) --- OPSEC estimates
Step (2) --- OPSEC estimates
Step (3) -- Planning estimates/guidelines
Step (4) --- Estimate/guidelines
Step (5) --- Estimate/guidelines
Step (6) --- Estimate/guidelines
Step (7) --- OPSEC Annex
Step (8) --- OPSEC Annex
Step (9) --- OPSEC Annex
Step (10) --- OPSEC Annex
ESTIMATE --> GUIDELINE --> ANNEX
EVALUATION:YEARLY REPORT
38
LN324-91
OPSEC ANNEX
Item 1): Mission of the unit. (From the Plan of Operation)
Item 2): Summarize the enemy situation in terms of intelligence gathering,
sabotage, and subversion. Discuss the situation with regard to
recent enemy activities and their potential capability. This item
is designed to indicate their capability for intelligence
gathering; while item 3 include the measures to counteract those
efforts. The following factors should be analyzed:
A. Indicate the effect of weather on the enemy's capability to gather
intelligence on our OPSEC measures.
B. Indicate the effect of the terrain on the enemy's capability to
gather intelligence on our OPSEC measures.
C. Resume the enemy's capability to gather intelligence and carry out
sabotage and subversive actions. This includes:
1) Intelligence
A) Ground Observation and Reconnaissance
1) Eye observation
2) Patrols
3) Ground radars
4) Infrared surveillance
5) Long-range ground sensors
6) Other
B) Air Surveillance and Reconnaissance
1) Penetration flights
2) Long-distance flights
3) Reconnaissance satellites
C) Signal Intelligence
1) Communications Intelligence
2) Electronic Intelligence
D) Electronic Warfare
1) Interception and radio goniometry
2) Interruption
3) Destruction
E) Guerrilla, insurgents, agents
39
LN324-91
F) Other: infiltrators, refugees, prisoners of war, etc.
2) Sabotage
A) Military
B) Economic
3) Subversion
A) Propaganda
B) Terrorism
C) Political
D. Summarize the enemy's intelligence and security weaknesses.
Summarize its intelligence gathering weaknesses, for committing
sabotage and subversion sabotage. Discuss its internal security
posture.
Item 3): Implementation
A: Make a list of all the countersurveillance measures taken by the
field SOP. Emphasize new countersurveillance measures or changing
of measures that are part of the SOP.
B. In this section, make a list of all the additional countermeasures
that are not included in the SOP and are applicable to all the
units. These countermeasures are designed to counteract a specific
threat by the enemy counterintelligence.
Item 4): Miscellany
A. Summarize the threat to internal security. Discuss the problems of
internal security detected in the command post.
B. Establish any special instructions not covered previously as
targets of interest for counterintelligence (with priorities and
locations).
C. Establish the chain of command for counterintelligence.
Item 5): Command
This item deals with instructions on where counterintelligence is
sent to, the link between the various units, location of counter-
intelligence personnel, the different dissemination channels,
types of reports required, frequency and priorities.
40
LN324-91
OPSEC ESTIMATION
Item 1): The Mission of the Unit. (From the Plan of Operations)
Item 2): Area of Operations. (Discuss the influence of the area of
operations on the enemy capabilities to gather intelligence and
commit acts of sabotage and subversion).
A. Time/weather. (From the Intelligence Annex)
-- The enemy's capabilities for surveillance and ground and air
reconnaissance.
-- The time/weather is or is not favorable to the enemy's
gathering efforts.
-- The impact of time/weather on our countermeasures.
B. Terrain. (From the Intelligence Annex)
-- Surveillance
-- Coverage
-- Natural and artificial obstacles
-- Key Terrain
(How the terrain affects the enemy's capability to gather
information/intelligence and how it affects our countermeasures).
C. Other factors of the zone.
-- Political
-- Economic
-- Sociological
-- Psychological
-- Transportation
Item 3): Current Enemy situation on intelligence, sabotage and subversion
activities.
A) Intelligence
1) Ground surveillance and reconnaissance.
-- Eye observation
-- Patrols
-- Ground radars
-- Infrared surveillance
-- Long-range ground sensors
-- Other
41
LN324-91
2) Air surveillance and reconnaissance
-- Penetration flights
-- Distance flights
-- Air Sensors
-- Reconnaissance satellites
3) Signal Intelligence
-- Communication intelligence
-- Electronic intelligence
4) Guerrillas and Insurgents
5) Espionage
6) Other: infiltrators
refugees, displaced persons,
prisoners of war, etc.
B) Sabotage
1) Military (installations, line of communication)
2) Economic
C) Subversion
1) Propaganda
2) Terrorism
3) Political
Item 4: Enemy capability for intelligence gathering and to commit sabotage
and subversive actions.
A) Intelligence
1) Ground surveillance and reconnaissance.
-- Eye observation
-- Patrols
-- Ground radar
-- Infrared surveillance
-- Long-range ground sensors
-- Other
2) Air surveillance and reconnaissance
-- Penetration flights
-- Distance flights
-- Air Sensors
-- Reconnaissance satellites
3) Signal Intelligence
42
LN324-91
-- Communication intelligence
-- Electronic intelligence
4) Guerrillas and Insurgents
5) Espionage
6) Other: infiltrators
refugees, displaced persons,
prisoners of war, etc.
B) Sabotage
1) Military
2) Economic
C) Subversion
1) Propaganda
2) Terrorism
3) Political
Item 5): Conclusions
A) Indicate how the enemy will use its capability to gather
intelligence and to commit sabotage and subversion actions.
B) Indicate the effects of the enemy capability on our course of
action.
C) Indicate the effectiveness of our current countersurveillance
measures.
D) Indicate the effectiveness of our current countermeasures.
E). Recommend additional countersurveillance measures.
F). Recommend additional countermeasures.
43
LN324-91
OPSEC PLANNING GUIDELINES
UNIT ______________________________ COMMANDER: __________________________
G3/S2: ______________________ NAME OF OPSEC OFFICER: ____________________
CONTENTS DISCUSSED WITH: ________________________________________________
NAME RANK
PERSON COMPLETING REVISION: ____________________________________________
YES
NO
CAMOUFLAGE
A.
B.
DOCUMENT SECURITY (INFORMATION)
A.
B.
COMMAND POST
A.
B.
COMSEC
SIGSEC
TRANSSEC
44