Integrated Public Alert and Warning System (IPAWS) Practitioner Webinar Program
Commercial Mobile Alert System (CMAS): DHS S&T Testing, Evaluation and Research
Wednesday January 4th, 2012 12:00 Noon Eastern

Amy Sebring: Welcome everyone to our first IPAWS Webinar for 2012.  I am Amy Sebring and 
will serve as your moderator today since my associate Avagene Moore is a bit under the 
weather.  We hope you all had wonderful holidays and are looking forward to an exciting year 
ahead.

Please note, we are making a recording and will let you know via our mailing list when the 
recording and slides are posted.  If you are not on your mailing list, you can email me at the 
address I will put up at the end of the program and I will be happy to subscribe you.

Most of you are familiar with the Commercial Mobile Alert System, a component of IPAWS, but 
for those who are not, CMAS enables the geo-targeted delivery of Presidential, Imminent Threat, 
and AMBER Alert messages to cellular telephones and is being deployed nationally in the 
coming months.  More background information about CMAS may be found on the IPAWS 
Website, and I would also like to mention that the IPAWS Independent Study course, IS-247, is 
now available from the Emergency Management Insitute and also includes information regarding 
CMAS. 
 
Many of you also know today’s guest Denis A. Gusty, Program Manager with the Department of 
Homeland Security (DHS) Science &Technology Directorate.  Denis now serves as the Alerts 
and Warnings Program Manager within the First Responder Group’s (FRG) Office for 
Interoperability and Compatibility (OIC).  

His office has worked in support of the development of data interoperability standards for a 
number of years, which form the basis of the IPAWS architecture.  Denis will provide an 
overview of S&T’s partnership with FEMA for CMAS including the recent CMAS test in New 
York City, future testing and evaluation plans, as well related research.  We will take your 
questions and comments following his presentation.  

Welcome Denis and thank you for being here today.  I now turn the floor over to you to start us 
off please.

[Slide 1]

Denis Gusty: Thank you and welcome.  As Amy mentioned, my name is Denis Gusty and I am 
a Program Manager at DHS Science and Technology Directorate.  We support FEMA, 
especially in this effort called IPAWS, and more specifically with CMAS.

[Slide 2]

My office is providing coordination and management support to ensure the readiness of CMAS.  
For the test in New York City that was recently conducted, we coordinated with the 
stakeholders—FEMA, the IPAWS PMO, New York City Office of Emergency Management, 
and the major wireless carriers.

We also had CTIA and the FCC onboard. For the purpose of the test we had 100 handsets that 
were donated to the NYC Office of Emergency Management for the test.

[Slide 3]

The test itself covered the five Boroughs.  There were about nine test messages we sent out with 
mixed results. I won’t get into the specifics of the result of that test; it is a little premature.  I will 
say that in terms of the test itself, the overall planning and our ability to execute what we 
planned—it was a complete success.  We are still tabulating some of the results.

When we talk about the distinction between FEMA and DHS S&T, I think people outside of 
Washington look at them as one agency.  In some regards we are, which requires a lot of 
planning and partnership-forming on our part.  In terms of the roles and expectations, FEMA 
owns and operates IPAWS.  DHS S&T is providing some of the technology support and the 
ability to get all the stakeholders together.

[Slide 4]

In terms of partnerships, this was a heroic effort.  The main reason is that CMAS is not supposed 
to be fully operational until April 2012, so we were ahead of schedule.  Getting FEMA and 
everyone onboard required a lot of cooperation and collaboration.  From that view, the test was 
very successful.

We have four other regional tests planned for this year, plus a national test we are looking to 
participate in.  We are looking for people on the origination side—state and local governments 
that have alert origination software.  We also need FEMA’s aggregator and to get the carriers 
onboard. We are working through the definition of what those tests will look like.  

We will be holding CMAS forums this year.  The first is February 21, 2012.  That will be in 
conjunction with the IWCE expo in Las Vegas.  If you are interested in participating, visit the 
FRCoP alerts and warnings group or email the CMAS forum (cmas_forum@sra.com).

We are looking to develop best practices.  These forums and tests will provide information for us 
to do that type of work.  We are also planning a CMAS 2.0 forum.  DHS S&T will be looking at 
what trends and technologies will impact the future of mobile alerting.  Practitioner input is critical 
in this area.

[Slide 5]

Some of the other work we’re doing—we have the Alerts and Warnings Using Social Media 
program that has been going on for at least a year.  There were four pieces to this project.  We 
want to figure out the next generation of alerts and warnings.  Social media isn’t just limited to the 
younger generation so it makes sense to figure out how to implement alerts and warnings into 
the social media.

We developed some guidance from the emergency response community on resources they 
needed to successfully integrate social media into their programs.  We also wanted to provide 
insight into how messages need to be crafted and disseminated so that the public reacts the way 
we intend them to.  

This is important with social media and IPAWS itself.   We also want to look at how to enable 
officials to alert the public with various communication methods without repeating their alerts.  
IPAWS is limited to a 90 character message.  The social media limit is 140 characters.  We want 
to make this as seamless as possible for the creators of messages.

[Slide 6]

How did we create the guidance document?  We interviewed over 100 members of the 
emergency management community and other practitioners and we tried to cover the entire 
United States.  We included rural and metropolitan areas.  We took all that data, aggregated it, 
and it is publicly available now.

[Slide 7]

This is a diagram that highlights the five core elements for achieving success—community 
awareness, governance, partnerships, resources, and usage.  

[Slide 8]

These are some high level sample finding we discovered—one-size solution does not fit all.  You 
have to go through what works best for your community and create a program that meets their 
needs and expectations.

Don’t reinvent the wheel.  The uptake on social media is a steep slope.  Look to other 
jurisdictions for best practices.

Make a clear distinction between alert and warning messages.  Consider using different tools for 
different types of messages.

[Slide 9]

Here are more sample findings.  Preparedness is key. Develop procedures ahead of time so 
alerts can be issued on social media.  Test the system and make sure it works.  Partnerships are 
key, such as with the National Weather Service, the Red Cross, FEMA, local groups and church.

[Slide 10]

Research, development, testing and evaluation—to support CMAS, my office is funded through 
NTIA.  It is not through DHS S&T.  We have set up a RDT&E program.  Our activities span 
across academic institutions, private sectors entities and private laboratories to develop 
innovative technologies that will enable emergency alerts to the public.

The two main areas we are focused on are public response through alerts and warnings, and 
technology capable of sending and receiving geo-targeted messages.  We set aside funding for 
these two areas.  We are reaching out to academic institutions and private entities to visit the 
FedBizOpps website (http://bit.ly/rZdkMO).  

The research dollars have to be allocated by the end of this fiscal year.  If you are interested in 
doing research in this area, contact us or visit the FedBizOpps website.

[Slide 11]

We are using the First Responder Community of Practice.  It is our online community for the 
alerts and warnings community.  If you want to participate, please visit 
(http://communities.firstresponder.gov). 

We will be doing monthly calls and webinars.  Our next call will be the third week in January.  We 
look forward to continuing our partnership with all of you on this goal.  Thank you for joining.

Amy Sebring: Thank you, Denis. Before we move to our Q&A, also on the bridge with us from 
the IPAWS Program Management Office are Wade Witmer, Mark Lucero, and Gary Ham.

Now, we have a number of questions for you.

Audience Question: Which cellular providers participated in the NYC test?

Denis Gusty:  It was AT&T, Verizon, T-Mobile and Sprint.

Audience Question: This is Ward Noland with the Idaho Bureau of Homeland Security; we have 
the Idaho State Alert & Warning System (ISAWS), and IPAWS based CAP compliant state wide 
public alert and warning system. I would be happy to discuss testing and assistance with DHS 
S&T.

Denis Gusty:  Good.

Audience Question: Do you know the time and location of the other two CMAS workshops?

Denis Gusty:  No, we don’t have that information yet.  We are in the early planning stages.  As 
soon as we know, we will get that information out to this group.

Audience Question: Are there specific software (alert origination software) vendors that you 
work with to enable this test notification? We currently use First Call.

Denis Gusty:  The IPAWS guys have a list of all the software.

Amy Sebring:  On the FEMA IPAWS website, there is a list of commercial and public sector 
developers that have executed an MOA with FEMA for testing purposes.

Gary Ham:  There are a few folks who have been able to show the ability to post using 
signatures.  Those are limited.  Once the formal developers guide is published, I expect there will 
be a large number of people who can write originations.   

Ask the vendor you currently use if they are CMAS ready via IPAWS-OPEN or not.  After that, 
you may ask me what state they are in, but I cannot provide a sales list for the vendors.

Not only do you need software, you need some documents and agreements that must be put in 
place and signed for this to happen.

Mark Lucero:  If you visit the IPAWS website there are links to some good descriptions of the 
process to get hooked up to use IPAWS.  We have currently 92 signed MOAs.  It looks like 27 of 
them are testing with us.  The list is on the IPAWS website.

First you need a tool capable of sending a CAP message.  Then you need to take training 
through EMI.  You need to fill out an MOA with FEMA for access to the system.  If you want 
alerting authority, you have to work with the state to receive that authority. 

Audience Question: When do you expect the regional and national testing to be done? When will 
the D.C. test be done?

Denis Gusty:  I don’t have the dates nailed down yet.  CMAS is supposed to be operational by 
April 2012.  We wanted to do at least one regional test and then the national test before that date.  
That is all I know right now.

Audience Question: Is DHS/FEMA able to assist states and locals with any proposed project 
aligned with the SOW outlined today, with bringing the carriers to the table in a local or state?

Denis Gusty: The first question would be—what carriers provide service in that particular 
service, and then if those carriers are participating in CMAS.

Audience Question: We are interested in the research that Denis mentioned regarding recipient 
attitudes and behavior. With the ability to opt out of CMAS/PLAN/WEA, we are concerned that 
people will do that and thus lessen the effectiveness of the alerts. What has your research shown 
about how the general public feels about receiving these alerts?

Denis Gusty: We did a workshop in 2010 through the National Academy of Sciences that 
touched upon this area of public response. There has been a lot of research done in this area.  
Concerns about opting out—that doesn’t seem likely to happen based on the research.

What we don’t know is how people react to an abbreviated 90 character message.  That is where 
we are going to focus our efforts.  The social media research is at the First Responders 
Communities.  

Audience Question: Regarding the CMAS test: Did you find the message length limitation too 
limited to give meaningful info versus what we're used to with our typical social media and/or 
alerting systems?

Denis Gusty:  For the test, we weren’t looking into the length of the message and how people 
were responding.  New York City had a list of volunteers that participated in the test.  We weren’t 
researching the message itself and how people were reacting.

Audience Question: With the legacy "reverse call" systems dependent upon land lines, and the 
newer systems dependent upon "opt in" software, do the FEMA folks understand how important 
it is to continue this notification option? In other words, is this considered a priority within FEMA 
leadership?

Mark Lucero:  Reverse 911 systems that use landlines versus cellular alerts—they are 
somewhat different.  Cellular alerts are bell-ringer systems.  They are not intended to replace 
911 systems.  They are a supplement.  

Reverse call systems have some capabilities that CMAS do not have.  You would potentially 
have a database of phone numbers of people you are calling and information about the people 
that is very important for extracting people.  CMAS does not have that kind of information.

They are complementary systems.

Amy Sebring:  This system is implemented under FCC rules and FEMA has taken on the role of 
message aggregator under FCC rules.  Is that correct?

Mark Lucero:  Yes, FEMA is committed to CMAS.

Audience Question: When do you see software vendors being permitted to transmit messages to 
CMAS?

Gary Ham:  Software vendors are not permitted to transmit messages to CMAS.  Owners or 
licensed users are authorized to transmit to CMAS.  The authorization is to the user of the 
software, not the vendor.  That is an important distinction to make.  Vendors have access to the 
test facility.

Amy Sebring:  When the vendors have tested fully and are able to do the digital signatures and 
get their clients set up, then they are ready to go, right?

Gary Ham:  CMAS is currently operational through the IPAWS production platform.  They are 
ready to go and we are ready to go when that happens.  The carrier may or may not be ready to 
go.

Audience Question: Do you need a special phone to receive a CMAS message? If so, when will 
they be available and how do you identify a compatible phone?

Denis Gusty:  We don’t have control over that.  The carriers do not have control over that.  The 
cell phone manufacturers do—there are a number that are compatible currently available.  I 
don’t have a list in front of me.  The newer phones are probably CMAS capable.

Mark Lucero:  There is some information on some of the carrier websites.

Audience Question: Florida has an approved/certified program throughout the state what we do 
not have is the carriers partnered to perform the proposed testing. How do we enjoin them under 
the federal program? Florida has done a similar test with one local provider - we would like to 
engage in a much larger - state wide test. Is this possible?

Denis Gusty:  We have four regional tests planned and a national test planned this year.  We 
haven’t really defined the geographical regions of the country yet.  If you broke the country into 
four quadrants, the southeast would certainly be one.  We would look for you to participate in that 
test.

Audience Question: What does the caller ID show on the receiving phone of a CMAS 
notification?

Mark Lucero:  The message is presented separately from text messages so your phone would 
say something like “severe alert” or “CMAS alert”.  There is no caller ID, per se.

Audience Comment: The major carrier CMAS capable phones are also listed on the 
Communities of Practice - Alert and Warning Book Marks.

Amy Sebring:  You mentioned a prototype application you are working on under this program.  
Can you tell us more about that?

Denis Gusty:  That is under the social media work we are doing.  We have partnered with John 
Hopkins University Applied Physics Lab.  This goes back to the point about creating one 
message and disseminating it multiple times, such as taking a CAP message and converting it to 
a message for social media.

It is currently in the prototype phase.  I’m not certain when the final delivery date is.  We have 
tested it in a lab, and it does work.

Amy Sebring:  The BAA announcement—that is still open, but there is a deadline?

Denis Gusty:  I’m not sure how long they are going to keep the BAA open.  It was issued in 
FY11.  I assume they are going to upgrade or issue another one in FY12.  This link is still good.
The dollars are FY12.  The money needs to be obligated by the end of this fiscal year.

Audience Question: Who will determine those with access to CMAS - DHS or a state 
coordinating agency?

Amy Sebring:  Basically it is FEMA.  On the website you can find the rules for that.  If you are a 
state or local government organization you may qualify for access to IPAWS, but to have access 
to CMAS there is an additional process.  We are asking states to review those applications.

Wade Witmer:  You apply to FEMA for access to IPAWS.  For your application to be good, we 
want the state to tell us that you are an alerting authority for your area.  

Audience Question: How will you mitigate in the future with the accidental test messages from 
Verizon and other carriers? What best practices on test messages have you gleaned from those 
lessons learned?

Gary Ham:  The test messages from Verizon—it is interesting how that happened.  In the 
production system, that would not happen. 

Denis Gusty:  Verizon was testing their network and sent messages out.  We learned that if we 
are going to send messages out, they need to be clearly marked as test messages.  NYC did a 
lot of PR work alerting citizens that we were conducting a test.  

Amy Sebring: Denis, on behalf of the IPAWS Program and all our participants today, thank you 
for taking the time to share this information with us today.  We wish you good luck with your 
efforts over the coming year.  

Our thanks also to Geffon Patterson for assisting with the preparation for today’s program. 
Thanks also to Wade Witmer, Mark Lucero, and Gary Ham for helping us out today.

For those who are interested in participating in the CMAS tests and other efforts, please contact 
Denis through the addresses shown.

Finally, thanks to everyone for participating today.  Again, if you would like to be added to our 
mailing list, please drop me a note at asebring@emforum.org

Our next developer Webinar is scheduled for Weds January 18 and our next Practitioner 
Webinar scheduled for Weds Feb 1.  Please watch the mail list for program notices an make 
plans to join us!

Thank you all – we are adjourned.  Have a great day everyone.