Higher score = stronger methodological discipline in published NG911 analytics and cyber work.
What NG911 actually changes
NG911 — Next-Generation 911 — replaces the old circuit-switched telephone backbone of 911 with an IP-based network called ESInet (the Emergency Services IP Network). The architecture is defined publicly in NENA i3 (National Emergency Number Association, version 3 of the i-series specifications) and supported by FCC and CISA guidance. The technical pieces have names: ESRP (Emergency Services Routing Proxy) routes calls; ECRF (Emergency Call Routing Function) figures out which PSAP gets the call; LIS (Location Information Server) provides the caller's location.
For the public, the visible change is what they can send. NG911 accepts voice (as before) plus text-to-911, MMS images, and — where supported — live video. Every new ingestion modality is both an analytics opportunity (more information for the call-taker) and a cybersecurity surface (more ways an attacker can interfere).
The methodology literature treats analytics and cybersecurity as a single design problem. Decisions about how multimedia is handled, how the telecommunicator (the trained 911 call-taker) sees the data, and how the PSAP (Public-Safety Answering Point — the 911 center itself) routes calls all shape what attackers can do. You cannot design one well without thinking about the other.
Classifying text-to-911 messages: harder than it looks
Text-to-911 messages do not arrive in a clean schema. They are conversational, interrupted, abbreviated, sometimes bilingual, occasionally adversarial. A classifier built on standard SMS data will not perform on real 911 text traffic. The published research — APCO conference proceedings, NENA technical bulletins, peer-reviewed work in IEEE Access and the Journal of Public Safety Communications — converges on one core requirement: a message-class taxonomy validated against real PSAP traffic.
The taxonomy has to be granular enough to drive routing decisions and coarse enough to stay reliable under noise. Common axes include incident type (medical, fire, law enforcement, other), urgency, location confidence, and modality interaction (text-only, text-with-image, text-with-video). The published patterns are clear: the taxonomy is not invented by ML researchers in isolation. It is co-developed with telecommunicators and revised against operational outcomes.
Reliability is the discipline that protects life. A classifier with 95% aggregate accuracy can still miss the rare-but-critical incident classes — weapons present, child abuse in progress, suicide intent — that drive the highest-stakes outcomes. The published evaluation norm is per-class precision and recall, with false-negative cost weighted at the life-safety level, not optimization of aggregate accuracy.
Multimedia handling: information and evidence at once
Images and video sent through NG911 are simultaneously information for the call-taker and evidence for downstream investigation. The published guidance from NENA, the National 911 Program, and the IACP (International Association of Chiefs of Police) requires chain-of-custody discipline on every multimedia object: time-stamped on receipt, sender attribution where available, tamper-evident storage. Analytics on top of the multimedia — image classifiers, scene-content recognizers, video summarizers — have to operate without compromising that evidentiary chain.
Operational throughput is the other constraint. A telecommunicator already manages voice calls, computer-aided dispatch (CAD) entries, and multi-screen displays. Adding "review every incoming image manually" turns the multimedia channel into a workload tax instead of an information gain. The published patterns favor triage analytics — flag images that contain weapons, fire, or medical scenes for priority review — not full automation.
Privacy at the moment of ingestion deserves explicit policy. Multimedia from a 911 call can include bystanders who did not consent, sensitive locations, or content that is itself evidence of a crime against the sender. Programs that pin down retention rules, access controls, and disclosure procedures before going live encounter far fewer downstream complications than programs that treat these as operational details to settle later.
The cyber threat surface
NG911's threat surface is wider than the surface of the legacy phone-network 911 it replaces. Old 911 dealt with TDoS — Telephony Denial of Service, where attackers flood lines to keep real callers out. NG911 still has that, plus SIP-DoS (denial of service against the SIP signaling protocol that routes IP-era calls), multimedia upload abuse, and adversarial inputs aimed at the analytics layer itself. CISA's Emergency Services Sector reports, FCC NG911 cybersecurity guidance, and peer-reviewed work in journals like Computers & Security document the patterns.
Adversarial input attacks on analytics are the most underappreciated risk. If a classifier triages multimedia, attackers who learn how the classifier works can craft images that get high-priority content scored as low-priority — effectively suppressing call-taker attention on the calls that matter most. Defenses include input validators, anomaly detectors that flag inputs near the classifier's decision boundary, and human-in-the-loop review on high-stakes triage decisions.
Hardening the SIP infrastructure (the IP signaling layer that replaces traditional phone-network signaling) is the other major surface. The published deployment guidance treats authenticated routing, registrar hardening, and ESInet network segmentation as table stakes. Public incident reports on NG911 disruptions consistently cite weaknesses on this surface as the proximate cause. The methodology is mature; the implementation discipline is uneven across PSAPs.
Cyber-resilience: availability comes first
For most systems, confidentiality is the headline cyber concern. For 911, availability comes first. A 911 system that cannot answer calls during an attack has failed, regardless of how well it protected the data it could not deliver. The published cyber-resilience literature — including NIST SP 800-160 Volume 2 (a federal publication on resilient systems engineering), CISA's emergency-services-sector resources, and peer-reviewed resilience-engineering work — designs accordingly. Failover paths, alternate routing, degraded-mode operation are first-class concerns.
Testing the resilience claims is the discipline that separates mature programs from immature ones. A PSAP that has run failover testing under simulated load, exercised degraded-mode operations under simulated outage, and revised its procedures based on what it learned has a credible resilience claim. A PSAP with documented procedures it has never tested has procedures, not resilience.
Regional coordination matters because NG911 is normally a multi-PSAP system. If one PSAP goes down, others can absorb the load — if the routing infrastructure and the playbooks support it. The published incident-response literature emphasizes regional drills, cross-PSAP playbooks, and shared situational awareness as the operational instruments. None of these emerges from documents alone; they have to be exercised.
False-positive cost: the binding constraint at most PSAPs
Analytics that fire on the wrong message, image, or incident class consume telecommunicator attention. Telecommunicator attention is finite, and at most PSAPs it is the binding capacity constraint. False-positive alerts degrade response capacity even when each individual false positive looks cheap.
The math is concrete. A classifier producing 100 false positives per shift, each costing a telecommunicator 10 seconds of attention, burns more than 15 minutes of shift capacity per shift. At PSAPs operating near capacity, that cost is consequential. The published evaluation patterns favor classifiers tuned for high precision at the operating point the PSAP actually uses, even when that costs recall on the long tail.
Operating-point selection — choosing the threshold where the classifier fires — is its own discipline. A classifier with strong AUC can be operated at many thresholds; the right one depends on calls-per-shift, the telecommunicator's per-call review budget, and the cost of a false negative on the rare-but-critical classes. The published norm is to select the operating point with PSAP leadership in the loop, not to default to a generic statistical convention like maximum F1.
| NG911 surface | Analytics opportunity | Cyber consideration |
|---|---|---|
| Voice ingestion | Speech-to-text triage, anomaly flags | SIP-DoS, registrar abuse |
| Text-to-911 | Message-class classification, urgency scoring | Spam flooding, conversational adversarial inputs |
| Image / MMS | Scene classification, weapon/fire/medical detection | Adversarial inputs, payload-borne malware |
| Video (where supported) | Scene summarization, motion-activity flags | Bandwidth abuse, evidentiary integrity |
| Location services (LIS/ECRF) | Confidence-aware routing, dispatch optimization | Location spoofing, ECRF poisoning |
| Cross-PSAP routing | Regional load balancing, mutual aid | Routing-layer compromise, cascading failure |
Workflow integration: the analytics has to fit the call-taker, not the other way around
Telecommunicators are highly trained, and any system that does not fit their existing workflow adds cognitive load that erodes the analytical value the system was supposed to add. The published human-factors literature on PSAP operations — APCO standards, peer-reviewed work in human-factors journals — emphasizes three patterns: calibrated confidence (numbers the call-taker can interpret), clear anomaly explanation, and a hard visual line between what the system suggests and what the call-taker decides.
Display integration is the practical lever. Existing CAD (Computer-Aided Dispatch) consoles, call-handling screens, and mapping tools represent years of telecommunicator training. Analytics that augment those existing surfaces — overlays, markers, audit trails — get accepted. Analytics that introduce parallel tools to flip between get worked around or ignored.
Audit-trail discipline carries unusual weight in public safety. Decisions made during a 911 call get reviewed afterward, sometimes years later, by oversight bodies or in legal proceedings. Analytics that record what was suggested, what the telecommunicator actually did, and what the outcome was, are far more defensible than analytics that produce suggestions without a trail.
Privacy and information sharing across jurisdictions
NG911 data — voice recordings, text content, multimedia, location — is sensitive under several overlapping regimes. State public-records laws apply. Federal CJIS (Criminal Justice Information Services) policy applies where law-enforcement data is involved. Program-specific policies apply on top. The published guidance on NG911 information sharing emphasizes three foundations: documented data-sharing agreements, role-based access controls, and detailed audit logging.
Cross-jurisdictional sharing is the harder case. A regional NG911 deployment crosses state, county, and tribal boundaries; the privacy and disclosure rules differ across each. The published patterns favor data-sharing agreements that specify which data classes can cross which boundaries, with contractual and technical controls aligned to those agreements rather than left informal.
Common questions on the public-record framing
What is NENA i3?
The publicly available NENA i3 specification defines the technical architecture for NG911, including SIP-based call routing, ESRP, ECRF, LIS, and the data services around them. It is the dominant reference for NG911 deployment.
Why is false-positive cost modeled at the workflow level?
Telecommunicator attention is the binding constraint at most PSAPs. A classifier with low individual false-positive cost can still degrade response capacity if it fires often enough at scale. The published eval discipline measures cost at the workflow level rather than the classifier level.
What does this article not cover?
Specific PSAP deployments, specific incidents under restriction, or any Precision Federal architectural approach. The framing is general public methodology only.
Frequently asked questions
NG911 replaces the old phone-network 911 backbone with an IP-based network (ESInet) and adds new ways to reach 911: text-to-911, MMS images, and where supported live video. The architecture is documented in publicly available NENA i3 specifications.
Real text-to-911 messages are conversational, interrupted, abbreviated, sometimes bilingual, occasionally adversarial — nothing like a clean training set. A classifier with strong aggregate accuracy can still miss the rare-but-critical messages (weapons, child abuse, suicide intent) that drive life-safety outcomes. The discipline is to evaluate per-class, with false-negative cost weighted at the life-safety level.
SIP-based denial-of-service (attacks on the IP signaling that replaces phone-network signaling), multimedia upload abuse, adversarial inputs that fool the analytics layer, location-services spoofing, and ECRF poisoning (attacks on the routing function that picks which PSAP receives the call). Legacy TDoS persists too. CISA emergency-services-sector guidance is the public reference.
Failover-path testing under simulated load, degraded-mode exercises under simulated outage, regional drills across multiple PSAPs, and cross-PSAP playbook walkthroughs. The published norm: documented procedures that have never been tested are not resilience — they are paperwork.
How we use this site
We write articles like this to make our reading visible — what we think the open literature says, what we think the open gaps are, and where careful work might land. We do not use these pages to preview proposed approaches in active program spaces. Precision Federal is a software-only SBIR firm. If your office is funding work in this area and would value a software-first partner with a documented public-reading habit, we welcome the introduction.