A Final Final Word expressed by Alexandra James
The Final Word

A Final Final Word expressed by Alexandra James

For the last few years, I have had the pleasure of serving as sub-editor of Aviation Security International, editing the vast range of articles that have been written by individuals from a variety of different backgrounds, from airline and airport employees to regulators, police, academics, technology providers, and everything in between. I initially ‘fell into’ the aviation security industry five years ago via my editorial work and research for Green Light (the training and consultancy company that produces the content for ASI), and if there is one thing I have learned in this role, it’s that aviation security has evolved and thrived due to the collaboration of a whole host of disciplines, which bring with them their own unique cultures and perspectives. Therefore, even those who ‘fall in’ are enthusiastically welcomed and encouraged to contribute.

In this issue’s main feature, the journal’s editor-in-chief, Philip Baum, embarks on the extraordinary challenge of summarising 24 years’ worth of ASI highlights (a task, which, as per usual, he executes with enviable intellectual acuity, refinement and warmth). And now, rather like a support act following the star of the show, I have been tasked with producing the final word of the last issue of ASI…

…as the aviation industry enjoys a post-COVID renaissance, it goes without saying that operations will need to expand rapidly while maintaining, if not enhancing, their focus on security…

So, while Philip looks back on the events that have informed and shaped the journal from his unique position as editor and general aviation security guru, I will bring ASI to a conclusion (in its current format) by taking a brief look forwards from my perspective as a researcher/journalist and, well, linguist.

The obvious place to start is to highlight the greater than usual optimism ushered in by the New Year. While the social impacts of the approved vaccines will in no way be immediate, over the next year the introduction of vaccination programmes around the world certainly provides light at the end of the tunnel. Hopefully, by the middle of 2021, individuals and businesses will have finally started flying again (in both the literal and metaphorical senses!), allowing the initiation of new relationships, the reinvigoration of existing ones that were held in stasis over 2020, and the simple enjoyment of the freedom of life without restrictions on movement. We can therefore reasonably expect the aviation industry to not only recover but to experience unparalleled growth as the world makes up for the lost year that was 2020.

As the aviation industry enjoys a post-COVID renaissance, it goes without saying that operations will need to expand rapidly while maintaining, if not enhancing, their focus on security. It is at this point that I reiterate a point made by Jim Marriott in his own opinion piece of this issue addressing how we move forward “to the future of aviation security”. As a linguist, I was gratified to see communication being emphasised in Marriott’s article as a key aspect of how this is to be achieved (as a side note, ‘a linguist’ is not always ‘one who speaks many languages’, but rather ‘one who studies how language and communication function in various social settings’).

Robust aviation security is absolutely dependent on effective communication, whether you’re talking about threat analysis, reporting procedures, or interactions between industry figures and the public, such as directives issued by security personnel during pre-flight screening and disruptive passenger de-escalation by crew. While working on ‘Air Watch’ for each issue of ASI, I have often wondered how many incidents could have been avoided – or reduced in severity – if more effective communication had been implemented by the individuals involved.

But communication is vital to security on the macro level, too. Take intelligence sharing, for example. The New Year marked especially significant change for the UK, which finds itself simultaneously reeling from the impact of COVID-19 and navigating the final, crucial aspects of its journey out of the European Union. Despite a trade agreement having been reached at the 11th hour, the UK now has diminished access to vital data, e.g. the Schengen Information System, necessitating a change in how the UK communicates with Europe and the rest of the world, and potentially having a major impact on security. Establishing new and effective forms of communication must therefore be an absolute priority for the UK.

To conclude this short opinion piece (and Aviation Security International in general), despite the fact that the only avsec-focused trade journal is coming to an end, we must ensure we keep talking in order to ensure transparency and the efficiency and effectiveness of security operations. To this end, as the industry recovers, we must emphasise communication skills in recruitment and training. Also, incidentally, do continue to be open-minded about those who, like myself, ‘fall in’ from other fields, as they often bring with them new perspectives on old problems. After all, let’s not forget that X-ray and CT were initially developed for the medical world, and CCTV was invented to remotely monitor the first ballistic missile launches.

Alexandra James is the sub-editor of Aviation Security International. She completed her MA in Forensic Linguistics at Cardiff University in 2020 and takes up the position of aviation security analyst at Osprey Flight Solutions in January 2021. She can be contacted at allyjames@avsec.com.

The Final Word

A Personal View expressed by Tony Blackiston

I’m sure you have all looked at your operations recently and asked, “how can we survive this pandemic and be more efficient, effective and adapt to the new norm?”. Aircraft are not flying, passenger numbers have plummeted, and governments are changing the entry/exit rules almost daily. The industry is unrecognisable and, in certain areas, so is the provision of aviation security. There is a huge global loss of security experience caused by forced redundancies and the associated redistribution/amalgamation of the roles of the surviving staff, which may have to include non-security duties. Generalists are now performing specialist roles in aviation security.

Despite these strange times, most still agree that security and safety are two vital ingredients to restore passenger confidence and restart the industry. Contracts with security service providers have been ripped up, airline and airport security departments have downsized and the role of security staff has increased to include biosafety.

Who is monitoring the changing role of security staff? Regulators, airlines and airports around the world are showing a new willingness to rely on non-contact, computer based or social distancing audits, quality assurance and compliance practices. These quickly approved amendments can involve new non-face-to-face practices, virtual site assessments and a greater reliance on self-assessments to fulfil regulatory or mandatory certifications in the short term. This may be acceptable but in the long term there need to be corresponding changes to regulatory oversight and the introduction of appropriate quality assurance practices to reflect new procedures. These changes are neither universal nor consistently applied. In reality, nothing has changed in certain parts of the world or, where new procedures have been applied, they may still be inadequate, leaving huge vulnerabilities once the world joins up again. I may be exaggerating the problems ahead but remember, “a false sense of security is the only kind there is” (Michael Meade).

Governments and ICAO have responded to the dire straits the industry is in, but only time will tell whether enough is being done to manage these vulnerabilities. To be fair, we have seen some encouraging signs from ICAO in the form of the Council Aviation Recovery Taskforce (CART) guidelines and evidence of some governments working closely with aviation stakeholders. However, these actions are often too little, too late and too restrictive to allow industry to re-engineer their processes. CART provides the global guidance for a safe, secure and sustainable restart and recovery but it needs state-level commitment to truly embrace the changes and to harmonise the new processes.

It is therefore important with all these changes that we think of security as part of the overall restart process. Already we have seen screening point infrastructure changes, greater use of contactless touchpoints during immigration and security processes, improved passenger data usage (or is it just collection?) and improved government agency cooperation. Let us not forget these changes are not being driven by a need to improve security but are a response to the pandemic. Regardless, they provide an opportunity to reassess security processes for the benefit of the industry. Security practitioners must be involved in the decisions being made now and moving forward.

Vaccine aside, there are patches of hope; for example, the uptake of digital solutions in the industry, cargo refits to passenger planes in response to demand, and the overdue introduction of technology that has been around for years, such as biometrics. We have also recently seen the adoption of new contactless technological solutions and some new financing models and creative re-financing, leading to opportunities for governments to enter or re-enter the industry and for bullish entrepreneurs to pick through the remnants of the industry – leading to more disruption and new opportunities.

quote tony blackiston
Quality assurance, compliance checks and supervision/oversight have been the cornerstone of our defence against unlawful interference with aviation. These should not be tick-box exercises but meaningful, outcome-focused, risk-based, intelligence-driven and industry-inclusive activities that encourage a positive security culture and outcome. Common sense? Prior to the pandemic, many areas of our industry never reached this point. Instead, there was a prevalence of prescriptive measures to solve broad global problems without taking into account the local environment, individual strengths and risk tolerance. It was all about mitigating that single problem, often by adding measures on top of measures. I strongly dislike the ‘layers of the onion’ analogy in security, where additional security measures are added to the original measures as new vulnerabilities are identified – we now have an opportunity to completely review and change the process/technology/infrastructure from the start of the process to manage risks appropriately, and that doesn’t always mean adding more measures! Work smarter – not harder.

Now, during the industry restart, is an ideal opportunity to position security as a vital piece of the jigsaw. Therefore, instead of simply asking how we can survive the pandemic, aviation security professionals should be taking the opportunity to ask, “how can we change our processes to ensure there is a comprehensive, flexible and cost-effective security apparatus in place that is based on risk, that will build public confidence and that will make civil aviation viable, safe and secure?”.

A Personal View expressed by Jean-Marc Demoulin
The Final Word

A Personal View expressed by Jean-Marc Demoulin

On 30 July 2020, the 11th edition (17th Amendment) of Annex 17 of the International Civil Aviation Organization’s (ICAO) Convention on Civil Aviation came into force. The Annex addresses the ‘Safeguarding International Civil Aviation Against Acts of Unlawful Interference’. The Chicago Convention – the first agreement between countries regarding civil aviation – was implemented on 7 December 1944, whilst the first edition of Annex 17 was published in 1975.

This latest 11th edition was first proposed in the United States in 2019 and the final text was approved in March 2020. In brief, it includes revised definitions, along with new and/or revised provisions on: vulnerability assessments; information sharing between States and stakeholders; training programmes and certification systems; access control; and, staff screening.

Over the last 45 years, ICAO has adapted its recommendations to its member States 16 times in response to international civil aviation needs. In my review of the document, I paid particular attention to the modification to Chapter 3.4, ‘Quality Control and Qualifications’. The changes made convey ICAO’s tougher position regarding the training and screening of staff involved in security at airports and airlines. This, in turn, emphasises the human factor in the security process, and acknowledges that the individuals responsible for maintaining security should receive proper training. ICAO’s recommendations address the capacity for member States to develop the right training programmes, the right quality control programmes and, more importantly, the capacity to ensure that these programmes are properly implemented and controlled.

In the past, technology’s role was prioritised and, while the human factor was not ignored, it was not given adequate consideration. Much training was conducted by technology manufacturers, and security procedures were written by them in favour of their technology. This was supposed to eliminate the risks associated with the human factor and the number of security workers. It was, of course, well received by airports, which benefited from lower operating costs, especially in countries where manpower is expensive.

Another significant modification to the text of the Annex is the use of “shall” instead of “should”. This apparently very small change transforms ICAO’s previous requests into demands, forcing civil aviation authorities (CAAs) to adopt certain controls. This will impact on many authorities, requiring them to modify their national civil aviation security programmes in response.

Chapter 3.4 also identifies an especially important matter regarding background screening of aviation security personnel – not just at the point of recruitment, but periodically throughout each individual’s employment. ICAO recognises the complacency that is pervasive throughout many countries with regards to background screening, but once we fully appreciate terrorists’ abilities to infiltrate organisations and infrastructure and radicalise individuals, ICAO’s more vigorous stance is fully justified. Again, this stance will demand more focused action from CAAs vis-à-vis their airports’ operators and their sub-contractors.

The ICAO position demands that: “Each Contracting State shall ensure that the management, setting of priorities and organization of the national civil aviation security quality control programme shall be undertaken independently from the entities and persons responsible for the implementation of the measures taken under the national civil aviation security programme”. This is a big change for many CAAs as, usually, they require airport security operators to control themselves and their sub-contractors, their security capability, and their training.

…on 30 July 2020, the 11th edition (17th Amendment) of Annex 17 of the International Civil Aviation Organization’s (ICAO) Convention on Civil Aviation came into force…

Today, many security operators propose their own auditing, testing and training processes, and simply ask their CAA to approve them. This is due to the fact that most CAAs are not sufficiently well-versed in both the nature of the threat to which the industry is exposed or have a sufficient understanding of the requisite operational countermeasures at any given location to be able to draft such programmes; this can result in lengthy delays to the approval process.

Aliquis non debet esse judex in propria causa, quia non potest esse judex et pars. (No-one should be the judge of his own cause because you cannot be judge and party). ICAO understands this point clearly and is therefore implementing a totally new process to ensure the industry addresses it too.

At the time of writing, I cannot yet see any significant changes as the new Annex was only approved in March and has come into force just four months later; however, we hope that all contracting States will make the changes necessary to comply. We are happy to see that relevant security issues continue to be monitored and evaluated by ICAO and that new amendments continue to be proposed (imposed) in response to information collected on the ground.

Jean-Marc Demoulin, AVSEC PM (ICAO) is Managing Director, SRDI SA, Luxembourg. His company won the award for Best International Civil Aviation Security Organisation in the 2019 Benelux Enterprise Awards for 2019.

A Personal View expressed by Ken Dunlap
The Final Word

A Personal View expressed by Ken Dunlap

“Doing more with less” combined with the never-ending quest to increase shareholder value (or emerging from bankruptcy reorganisation) will force AVSEC leaders in the post-COVID 19 world to tackle some difficult decisions. The most important may be deciding between those security functions that must continue to be performed by people and those that can be outsourced to machine learning. Most AVSEC organisations do not have the fundamentals in place to make these decisions and bad outcomes will result until they do.

To be clear, machine learning, or what we more casually refer to as ‘artificial intelligence’ (AI), excels at evaluating large amounts of data with a degree of precision and so allows for a significant reduction in personnel such as analysts, control centre employees, inspectors, and government oversight personnel. I’ll leave it to the global vendor community to fill in the other potential uses. Regardless of the capability, before you make an acquisition you need to understand machine learning, your team, your adversary, and your vendor with a clarity not often brought to AVSEC purchases. With this in mind, here are some guidelines:

AI/Machine Learning Ethics

Long before a procurement decision, empanel an AI ethics board for your organisation. Bias can be intentionally or accidentally built into an AI system from the first line of code and the first set of data used to train the AI algorithms. This may result in overt bias. For example, by including more people of certain ethnicities in your dataset, your algorithms will have a corresponding bias towards (or against) people of those ethnicities. An equally insidious yet more subtle bias is associated with assigning weights to the various factors that will be used to identify items of interest in your data. The AVSEC professionals on your ethics team – not the system vendor – need to be the final authority in labelling a factor as being of greater or lesser importance. Your ethics board will help ensure that the vendor has sufficient expertise in the AVSEC field and uses training data that reflects the aviation world. Don’t skip this step.


Aviation personifies the world of ‘can-do’ attitudes. Books on innovation and creativity call these personality types ‘the implementers’. A team consisting solely of implementers will fail at deploying AI powered AVSEC systems. A properly balanced team will consist of implementers and innovators. Don’t fall for the person who claims to be both. At the start of an AI rollout, your team needs to be driven by the innovators but, at a defined point, some project milestone or even a date, the innovators need to give way to the implementers. Rolling out an AI project without role definition and a properly balanced team will fail.

The Adversary

Here’s an uncomfortable fact: most universities teach machine learning for the perfect world. This is because it’s complicated enough to teach basic machine learning concepts to students, let alone concurrently teach them how to make AI systems resilient to adversarial exploitation. Think of it like this: a camera-based recognition system will identify a picture of a rifle on a T-shirt as readily as a rifle held in a person’s hand. Adversaries know that many vision systems can’t detect the difference between a 3D object and a 2D picture and are working to exploit this vulnerability. Understand the limits of your AI and continually test it in an adversarial manner.


Insist that your vendor programmes the system using experts in AVSEC. If your vendor’s team isn’t as good as your AVSEC team, you have a problem. Very powerful AI fuelled by AVSEC novices will give you powerfully faulty answers. The typical vendor response will be, “we have the finest AI programmers in the world”. That may be so, but theoretical knowledge can never be a functional replacement for operational experience. Finally, don’t be smitten by talk of neural networks and the expertise they bring. Vendors like touting this. Neural networks are excellent for making associations in unstructured data where none are obvious, but these can be notoriously inaccurate. Neural nets are a tool; make sure that it’s the right tool for your job. The best screwdriver in the world is useless against a nail.

If you’re like any other organisation, you’ve likely thrown up your hands and thought that these guidelines are a huge burden in procurement decision. In fact, they are and should be so. AVSEC is a unique industry where decisions can have life or death implications, lead to imprisonment, inability to find work, or subject persons to grave inconvenience. Important, high-impact decisions should be based on reliable, valid data processed by powerful tools. AI, therefore, is the future, but we must implement and use it wisely to ensure we don’t introduce new problems in attempting to solve others.

Ken Dunlap is managing partner at Catalyst-Go. His firm provides strategy development and enterprise architecture for procuring and deploying cutting edge transportation technologies. He hosts the podcast and blog ThinkingThroughAutonomy. He is a co-founder and member of the board of the Partnership to Advance Responsible Technology dot AI (PART.AI). Before establishing Catalyst-Go, Ken was the International Air Transport Association’s (IATA) Director of Government Affairs and, prior to that, was IATA’s Global Director, Security and Travel Facilitation.

A Personal View expressed by Stacey Peel
The Final Word

A Personal View expressed by Stacey Peel

Only four months ago I spoke at an aviation conference, challenging the audience of industry experts to think outside today’s models for airport design and operation in order to find solutions to meet 2050 net zero carbon targets. I highlighted that if today’s terminal life span is 30 (but often pushed out to 40) years then we should have started adapting at a global scale, over a decade ago. I argued therefore, that we needed a significant and radical step change to make up for the last ten years of lost innovation, foresight and opportunity.

Little did I know that three months later we would be facing the industry’s – indeed one of the world’s – greatest crisis and that the pace of necessary action was measured in hours, not decades. We are facing the fall-out from the spread of Covid-19, the invisible global pandemic causing very visible yet unimaginable health and economic impact across the planet.

At the time of writing this personal view it was the eve of the Ryanair Group cutting 80% of their flights1; on the other side of the world, Qantas grounding all of its fleet2; and, the US President agreeing that the stimulus package for the US airline industry “could look something like $50 billion”3.

Given the unparalleled nature of this crisis, it is difficult to say right now where we are in the industry’s business continuity cycle. The death toll continues to rise, there are large scale job losses, families are separated, and businesses are failing. Good news stories, however, are emerging: China reporting no new domestic transmissions of Covid-19 and promising breakthroughs in drug effectiveness. Buoyed by this positive news I am confident the industry will recover as it has done so from numerous “unprecedented” incidents, including 9/11 and Eyjafjallajökull’s eruption.

Whilst we wish for a speedy recovery, I return to the challenge that I referred to in my opening paragraph and ask, ‘is this the time to make the necessary step change?’ To quote Dara Khosrowshahi of Uber, one of transport’s greatest interrupters: “Desperation sometimes drives innovation”. What will the new normal look like?

Will we see changes in passengers’ travel experience expectations?

Should we see a consolidation of airlines, it is likely that pricing structures will change. Airlines have been appropriately generous in their flexibility during this crisis, but it may be that passengers are prepared to pay more in the future for guaranteed flexibility in travel arrangements. This might manifest as greater expectations for legacy-carrier standards of services and acceptance of the pricing accordingly.

At a micro-level, the lexicon and practice of ‘social distancing’ may be integrated into expectations of airport service (even if it cannot be achieved with today’s aircraft cabin design). Can the industry’s famous term of clean (sterile areas) and dirty (landside) become literal by leapfrogging to new systems and find innovative ways to avoid queuing? Will airports seek to build greater resilience into the existing assets and operations and less reliance on consequence management?

Many have argued the lack of resiliency in most countries’ health care systems has compounded the danger of Covid-19. That lack of resiliency has manifested publicly as calls for more hospital beds, personnel, personal protective equipment and ventilators. By contrast, aviation is considered a relatively resilient industry and, one could argue, mature in assessing (and managing where considered vital) resilience at the system and asset level. However, defining overall resilience of an entire asset, e.g. an airport in its entirety, continues to elude much of the industry, let alone applying a robust system to address inadequacies. I anticipate there will be increased focus on this across the industry and all aspects of future operational and capital investment will have a newfound, if yet to be defined, performance measure applied accordingly.

What lessons learned can the aviation industry adopt from the health industry?

The global collaboration of the health industry from investment in research to the sharing of crisis- management lessons learned has been applauded. I hope the aviation industry explores this further and recognises that removing red-tape and unlocking and targeting investment drives innovation. The step change in our efforts to meet carbon net zero targets feels a lot more achievable if the same approach to innovation and collaboration was enabled in the aviation industry.

As hard as it feels at this moment in time, given the rising Covid-19 death toll and it still being ‘early days’ in terms of the impact on the aviation industry, I encourage the aviation community to look for opportunities to drive innovation and apply lessons learned to create the new ‘normal’. It is appropriate that our resources and focus is on the present, given the urgency of the crisis. However, the industry continues to face big challenges, including our continued commitment to net zero carbon. It may be that this crisis creates opportunities to make the step changes necessary to deliver on those sustainability commitments.

Stacey Peel is the Aviation Security Global Lead for Arup, based in the UK.

  1. Eurocontrol
  2. www.theage.com
  3. Remarks by President Trump, Vice President Pence, and Members of the Coronavirus Task Force in Press Briefing, 18 March 2020.
A Personal View expressed by Geoffrey D. Askew AM
Industry NewsThe Final Word

A Personal View expressed by Geoffrey D. Askew AM

Aviation security in India needs re-engineering!

The air transport industry is acknowledged by economists, politicians and the global business community as an essential element for global, regional and country economic development.

The civil aviation industry in India has, in recent years, become one of the fastest growing industries in the country. According to IATA, India will displace the UK as the third largest aviation market in the world by 2026.

In 2016 the Indian Government published the National Civil Aviation Policy (NCAP 2016), which “proposed to take flying to the masses by making it affordable and convenient.”

Based on the Worldmeters elaboration of the latest United Nations data, India will have a population by mid-2020 of 1.38 billion people or 17.7% of the world population. With an annual population growth of 1.11% it is expected to surpass China by 2024 as the most populous country in the world.

Whilst there are numerous publications tracking and analysing the economic growth of India, what is unquestionable is the significant growth of the middle class, with some reports suggesting that it will represent more than 40% of the Indian population in the near future.

Despite the capacity constraints caused by the grounding of India’s largest commercial passenger airline Jet Airways in April 2019, Arum Kumar, Director General of the Indian Directorate General of Civil Aviation, has estimated a growth in the domestic market for 2019 of between 4-5%. The Asian Development Bank expects the Indian economy to expand by more than 7% this year.

The welcome growth of the middle class and the Indian economy, along with the expansion of operations by low cost carries (LCCs) in India, will create significant challenges for the growing aviation industry, including airport infrastructure and aviation security.

New airports are under construction and many current ones are undergoing significant expansion and upgrades. The Indian Civil Aviation Ministry’s Vision 2020 plan stresses a need to develop the country’s infrastructure, with a particular focus on well-equipped, user-friendly airports to handle as many as 280 million passengers per year by 2020.

Vision 2040 also highlights the growth of the Indian civil aviation industry. India, it says, will require 200 airports to handle a minimum of 1.1 billion passengers flying to, from and within the country by 2040.

Airports, including Delhi, Mumbai, Bangalore, Hyderabad and Cochin have been operating as leased airports under a public-private partnership (PPP) model for some time. Last year, another six airports were leased out for operations, management and development under the PPP model.

There is no doubt the threat to the aviation industry in India is real and the general security environment presents ongoing concerns and challenges for the government.

Since 2000, security at most Indian airports has been provided by the Central Industry Security Force (CISF), a large armed paramilitary organisation with a reported current airport deployment number of around 29,000. State police provide security services at the small number of other commercial airports.

The deployment of the CISF is, according to their own management, anti-hijacking focused. Core functions include the verification of travel documents against identity documents at the entrance to terminals, armed patrols inside and outside of the terminals, access control duties at airside pedestrian and vehicles access points, CCTV system monitoring and screening duties at the checkpoint. Interestingly, the screening of checked bags is undertaken by terminal or airline security staff.

At the checkpoint, passengers walk through an archway (walk-through) metal detector; however, regardless of whether or not the unit alarms, females will be escorted to a private enclosure for a pat-down search, and males are subjected to screening by a handheld metal detector. This is inefficient and the effectiveness is questionable.

The CISF has begun to review some of its processes and deploy some body-scanning screening technologies at major airports, although there remains scepticism about the effectiveness of such screening by some in their ranks.

In the NCAP 2016, the government stated that it would encourage the use of private security agencies at airports for non-core security functions which will be decided in consultation with the Ministry of Home Affairs. In 2019, the International Institute of Security and Safety Management submitted a report to the Indian Government on ‘The Role Private Security Can Play in Aviation Security in India’.

There is no doubt that private security could provide professional security services and significant economic benefits to the industry whilst performing the so-called non-core security functions currently performed by the CISF.

Aviation security should be intelligence led, risk-based and outcome focused. Security outcomes must also be accompanied by courteous and practical facilitation. If the Indian aviation industry is to be safe, secure and economically viable, whilst taking advantage of the benefits that the forecast growth will deliver, it must change. A holistic approach to the management of aviation security is required, supported by advanced, state-of-the-art technologies and well-established global best practice processes and training.

Aviation security in India requires re-engineering if India is to become an aviation industry powerhouse and meet the ambitious vision, mission and objectives of the NCAP 2016.

Geoffrey D. Askew AM is Principal, Askew and Associates.

A Personal View expressed by Steve Wolff
The Final Word

A Personal View expressed by Steve Wolff

Let’s be honest, AVSEC screening technology has stagnated.

CT technology was first deployed in the early 1990s and body scanners appeared in airports ten years ago. In the meantime, other industries (automotive, electric vehicles, space exploration, software, and medical technology, to name a few) have innovated at rapid rates. So why hasn’t AVSEC? I believe it stems from how we develop, mature and roll-out new technologies.

Innovative ideas or technologies generally come from innovators who are driven to form start-ups. Companies like Apple, Google, Amazon and Facebook started in home garages, and it took a financial leap-of-faith to put these companies on a path to becoming today’s world-spanning enterprises; rarely can large companies achieve this. As the saying goes, “Small companies innovate, large companies integrate”. Sure, they’ll release product improvements (737 Max, anyone?) to preserve or expand their current products’ market share, but they have minimal incentive and too much bureaucracy for the fast, almost desperate pace needed for new, novel technology development. If large companies later see a threat from small innovators, they’ll buy – and often bury – them.

Privately funding AVSEC technology is a hard sell these days. Venture capitalists look for the next Uber or Facebook with ‘sky’s-the-limit’ potential markets, and prefer software-only companies to those with risky and costly hardware. This leaves government funding, which seems well suited for AVSEC technology development but, let’s do a reality check; governments are, by nature, conservative, so often distrust ‘wild’, innovative ideas. They typically (especially in the US) have burdensome, lengthy proposal/award processes, sometimes taking years before a decision, and there’s a low award probability for new applicants. For start-ups to survive in the interim, they fund what progress they can from retirement funds, friends, family and angel investors, making glacial progress compared to what they could accomplish with even small government grants. I’ve been amazed at what a small company can do for US$100,000 (c. £75,000) without that big company overhead. However, it’s the well-established companies with staff, good government connections, refined proposal-writing skills and history that seek – and get – most government funding, even though they can fund their own R&D if there’s a healthy market (although that’s a different story).

Here’s an example from one client, new to our industry, who was used to the fast-paced telecomms business cycle and sought a DHS Long Range Broad Agency announcement (LR BAA) grant. After submitting a white paper and waiting over a year, the CTO got a positive response but then gave up. When I asked why, he said, “I extrapolated; if it took over a year to hear about a 10-page document, a 50+ page full proposal would take over five years! We’ll either have done the work and be ineligible for the funding or be out of business by then, and I’d have to pay you to write it!” He’s not alone, other ex-clients new to the process have taken over three years to get a DHS award. So, what to do?

1. Restructure government R&D grants to consist of more frequent, smaller awards, with a higher success probability and less bureaucracy. These should be targeted at micro-companies with innovative, perhaps riskier technologies that really need the cash, government introductions and support. This shotgun approach would be good value for governments, as they’d be paying directly for research rather than covering large-company overheads. A good model for this is the UK FASS (Future Aviation Security Solutions) process.

2. Governments should proactively seek out new small companies rather than wait for announcement responses. DHS S&T’s Silicon Valley Innovation Program does this via nationwide tours and briefings, but it should be expanded beyond IoT and cybersecurity to include other innovative technologies with potential AVSEC value.

3. Streamline the application/award process. Micro-companies lack people and time to write encyclopaedic proposals. DHS S&T wisely improved the front end fast-review process for its latest BAA, but still requires two to three space- and time-consuming volume tomes for the full proposal. The UK process is more efficient (and DHS CBP effectively used a similar process for its recent Opioid Detection challenge) with simpler, less verbose submissions and less than three months to award. Also, when companies fail, they’re told why – critical education to help them with future submissions.

4. Fund the ‘Technology Readiness Levels of Death’ (TRL 5-8); those test/evaluation phases that sit between R&D (where there are funding options) and deployment (i.e. sales revenue). Since the 2000s, getting through testing to deployment has become much more bureaucratic, time consuming and costly. In the 1990s, the US had a costly-but-manageable (to smaller companies like InVision Technologies and Ion-Track) 4-step, 2+ year process for HBS technology. This has evolved, at last count, to a mind-bending 8-step, 5+ year qualification gauntlet. There’s no government funding to navigate these TRLs as it’s ‘just engineering’, making them a severe obstacle to all but the largest players.

The results are clear: no innovative scanning technologies in the past 10 years and an industry dominated by a decreasing number of huge enterprises with no incentive for innovation. If we want new technologies moving forward, let’s rethink how we nurture small, innovative micro-companies to overcome underfunded R&D, zero-funded ‘TRLs of Death’ and grow so we can grow some Apples and Googles in AVSEC.

Steve Wolff has 34 years’ experience developing and marketing advanced security scanners based on X-ray, radio frequency and neutron inspection technologies. His 16-year-old consultancy has helped over 50 worldwide clients with development, trials, government and industry outreach. Previously, he was V.P., Marketing & Engineering for Quantum Magnetics and InVision Technologies (both now Smiths Detection). In 2010, he led IATA’s risk-based Checkpoint of the Future visionary team. He is a 15-year Editorial Advisory Board member of Aviation Security International, and peers voted him Vice Chair of the first Concealed Explosives Detection Workshop in 2016.

A Personal View expressed by Prof. Dr. Adrian Schwaninger
The Final Word

A Personal View expressed by Prof. Dr. Adrian Schwaninger

Performance of security screening at airports depends on humans, machines and their interaction. Applied research is important for a better understanding of how to strengthen security effectiveness and increase the efficiency of security screening processes. To illustrate this point, I use two examples from own work: completed research on the transition from 2D to 3D imaging for hold baggage screening and current research on the EU regulation restricting continuously reviewing X-ray images to 20 minutes.

European regulation mandates that hold baggage screening systems must achieve the European Civil Aviation Conference Standard 3 in the near future. This higher detection standard can only be achieved by computer tomography 3D imaging systems. However, their image quality is lower than that of older 2D multi-view imaging systems that are still being used at many airports. Some countries are concerned about the lower image quality of 3D systems and that screeners will need extensive and specific training before they can be allowed to work with 3D imaging. Moreover, screeners might need more time to analyse 3D images, which could impair overall baggage throughput.

To examine these concerns, we conducted a study with 2D and 3D screeners who were tested with 2D and 3D imaging. Differences in image quality were assessed with the standard procedure for 2D imaging. In a study that was recently published in Human Factors, we reported the results (https://doi.org/10.1177/0018720818799215). We found that despite lower image quality, screeners’ detection performance with 3D imaging was not lower than when using 2D imaging. Apparently, features of 3D imaging systems (3D image rotation and slicing) compensate for lower image quality. Thus, current image quality standards for 2D imaging need revision before they can be applied to 3D imaging. Moreover, we found that 2D screeners could transfer their 2D knowledge quickly to working with 3D imaging. After only one practice session with a 3D training simulator, they could achieve similar detection performance with 3D imaging compared to when using 2D imaging. Interestingly, 3D screeners achieved better performance with both types of imaging compared to 2D screeners. A plausible explanation is that experience and training with 3D imaging results in richer visual representations and, therefore, better detection performance. Unsurprisingly, both screener groups needed more time to analyse 3D images because rotating and slicing 3D images takes time. However, baggage throughput was still higher with 3D imaging because those systems have lower alarm rates, resulting in fewer images having to be analysed by the screeners. In summary, 3D screening is more effective (it enables better detection of explosives) and more efficient (due to higher baggage throughput). A wide-scale implementation of 3D imaging systems for hold baggage screening is therefore recommended also from a scientific point of view.

The second research example addresses the current European regulation that defines a maximum of 20 minutes of continuously reviewing X-ray images of passenger bags. At airport security checkpoints, after 20 minutes of screening passengers’ carry-on baggage, screeners usually rotate to another position where they carry out other tasks such as assisting passengers with divesting, secondary bag search, and alarm resolution of the walk-through metal detector or person scanner. Remote Cabin Baggage Screening (RCBS), which is being employed increasingly by airports, comes with operational challenges in light of the 20-minute rule. With RCBS, screeners can work in a quiet office-like environment separated from the noisy checkpoints. RCBS also allows for a higher utilisation of X-ray machines. However, relocating image inspection away from the checkpoint into a remote room makes rotating between X-ray image inspection and other tasks at the checkpoint more difficult to coordinate and more costly. Therefore, screening durations longer than 20 minutes would be beneficial.

To investigate this matter, we conducted a study using a simulated X-ray baggage screening task and divided screeners into two groups: one group took 10 minutes breaks every 20 minutes and the other group continuously reviewed X-ray images for one hour without breaks. We found that continuously reviewing X-ray images for 60 minutes without breaks did not decrease performance. Both screener groups were able to maintain their visual inspection performance over the course of one hour. There was no difference in performance between the group with breaks and the group without breaks. The results of the study have been presented recently at an IEEE conference (a preprint is available at https://doi.org/10.13140/RG.2.2.15053.38885/1). In our current research, we are investigating prolonged screening durations in the field using threat image projection data. By the end of next year, we should have more results and we will be happy to share them with regulators and the airport security industry to discuss whether more flexible work-break schedules should be considered for X-ray screening.
Although these are only two examples, I hope that I have illustrated why research on human factors and human-machine interaction is important for a better understanding of how to strengthen security effectiveness and increase the efficiency of security screening processes.

Prof. Dr. Adrian Schwaninger

Prof. Dr. Adrian Schwaninger is the Head of the Institute Humans in Complex Systems at the School of Applied Psychology of the University of Applied Sciences and Arts Northwestern Switzerland. He is also the Chairman of the Center for Adaptive Security Research and Applications (CASRA) in Zurich, Switzerland.

A Personal View expressed by Simon Roberts
The Final Word

A Personal View expressed by Simon Roberts

I was living in Dubai on 3 September 2010 when I heard the news that a UPS 747-400 cargo aircraft had crashed on the outskirts of the city killing both crew members. I was working for DHL and this seemed so close to home, both geographically and professionally, that it shocked me greatly. A couple of weeks later, I spoke to one of the senior security managers in UPS and he told me that the cause was believed to be lithium batteries that had been sent from China. There have been several other similar incidents, such as that which occurred on a Singapore Airlines flight on 22 April 2013, which landed safely, and on an Asiana Airlines flight on 28 July 2011, which crashed killing two crew members on its way to Shanghai. Both were blamed on dangerous goods in the cargo hold.

Do you remember reading about the subsequent court cases, about the corporate manslaughter, and terms of imprisonment for the people responsible? No, nor do I. In fact, I’m not aware of a single prosecution and certainly not one resulting in imprisonment.

If we turn the clock back to 2008, air rage incidents were in the news almost daily. Lurid headline stories regaled us with tales of the latest drunken rampage. There were calls for tougher action to be taken and, in the UK, the Air Navigation Order 2009 came into effect increasing the number of offences and penalties for transgression. Later, the sentencing guidelines advised that an immediate custodial sentence be imposed – even for those with no criminal record. Whilst this has not stopped incidents entirely, those who decide to get drunk and abuse crew and fellow passengers in UK airspace can look forward to a large fine, up to five years imprisonment and probably a ban from flying with the airline again. In a recent case, an Irish female international lawyer who abused and threatened crew on board an Air India flight to London was, in April 2019, sentenced to six months imprisonment.

…if hidden or undeclared dangerous goods are discovered in air cargo, the shipper is advised, and reports are sent to the local civil aviation authority. Occasionally warning letters are sent to the transgressors…

However, what surprises me is that when I talk to people in the industry globally about the lack of prosecution action against individuals and companies placing undeclared and hidden dangerous goods on aircraft everyone agrees with me in expressing concern. Yet when I ask why the lax response exists, no-one seems to know. Currently, if hidden or undeclared dangerous goods are discovered in air cargo, the shipper is advised, and reports are sent to the local civil aviation authority. Occasionally warning letters are sent to the transgressors. Some companies put repeat offenders on a black list and close off their customer accounts. You can guess what happens next. Yes; they simply move their business to another supplier who innocently accepts their business and the entire risky business repeats itself.

There is very little to dissuade the perpetrators. Why bother to declare the hazardous materials and spend extra money on safely packaging and declaring it with all the associated hassle and costs? It’s much simpler to mis-declare your clear flammable liquid as a water sample and hope for the best. Few people think about the potential tragic consequences, and I doubt that many realise that a large amount of this hazardous cargo is placed in the belly of passenger aircraft beneath the feet of hundreds of innocent people. Yet such actions in my opinion amount to nothing less than criminal acts, and those who repeatedly flaunt the regulations should face punishments at least as severe as perpetrators of air rage.

I would like to see organisations such as ICAO and IATA place the issue on their agendas with a view to recommending more robust measures to tackle the problem. In turn, our own national civil aviation authorities should review legislation and their powers of prosecution. It should become an offence punishable by the law to place dangerous goods on board air cargo without honestly and accurately declaring it. If you park your car illegally or break the speed limit you are likely to receive a fixed penalty ticket or summons. This should become the standard industry practice for people who commit dangerous goods offences too. If civil aviation authorities started imposing minimum fixed penalty summons for, say, 250 euros for a first offence and terms of imprisonment for repeat offenders it would make the law breakers wake up to the seriousness of their actions. It might even make our government CAAs cost-neutral too.

The author is Global Head of Security Compliance, DHL Express, UK

A Personal View expressed by Prof. Michael Breadmore
The Final Word

A Personal View expressed by Prof. Michael Breadmore

There are a number of ways in which an individual can be identified. A photographic ID is the simplest, most well-established form of identification and can be supplemented with machine learning and facial recognition technology. Fingerprints have been used by policing and forensic authorities for what seems like forever and this has recently transitioned into airports at immigration points. So too have facial recognition technologies. Retinal scans and vascular pattern solutions have the potential to penetrate the market soon as well, whilst gait and voice analysis have also progressed to a level at which they can prove useful. Thus, perhaps the combination of all of these at the same time could provide an ideal identification solution? But, will it be enough and is there something better?

…the probability of two individuals having the same DNA fingerprint is approximately 1 in 575 trillion…

DNA fingerprinting is commonly regarded as the ultimate way to identify someone. It relies on the detection of certain sections of the genome that are repeated – called short tandem repeats (STRs). Looking for STRs at one location (loci) is not enough, with the industry standard being 13 loci to create a DNA fingerprint. The probability of two individuals having the same DNA fingerprint is approximately 1 in 575 trillion (the world’s population is estimated to be about 8 billion) so, aside from twins and family members, the odds are unlikely that your DNA fingerprint will match that of someone else. The challenges in using DNA for screening are many but the greatest has always been the ability to technically implement it in a timescale that could be used for checkpoint screening as it is no easy task creating a DNA profile. First, the DNA must be isolated, then the STRs at the 13 different loci are created using a process called polymerase chain reaction (PCR) and, finally, the STR fragments must be detected. Two decades ago, this entire process took six to 12 hours. Recent work has seen this reduced to an hour and I have recently seen potential for this to be done in a minute.

…the $100 genome is not far away and the one-minute DNA fingerprint will not be far behind…

The key innovation to making this quicker has been to miniaturise the entire biochemical workflow. I’ll illustrate this by considering the second step in this process – the PCR step. This requires the temperature to be cycled from 60 – 90°C to allow an enzyme to replicate the STR sequence. Typically, 30 cycles are performed to obtain enough of the STRs to be easily detected and the larger the volume that is used the longer it takes to heat and cool the liquid and, therefore, the slower the process. Thus, heating/cooling a smaller amount of material can be done more quickly and efficiently. This is exactly what has been done with ‘extreme PCR’ – reducing the volume used to just 1 μL and cycle times from two minutes to 0.4 seconds – meaning that the time to complete 30 temperature cycles is reduced from two hours to 12 seconds. Similar innovations in the final process step have been reported, with only the collection and purification of the DNA steps yet to be addressed. Advances in DNA purification have seen the use of a liquid extraction, again using enzymes, and it is reasonable to expect similar improvements in time. Combined, they will make the one-minute DNA fingerprint a possibility.

Michael Breadmore

But… and there is always a but, the bigger issue may well not be whether it is possible, but whether it is affordable. Unlike all of the other approaches mentioned above, creating a DNA fingerprint requires consumables – biochemical reagents for the PCR reaction are needed as is a way to collect the biological specimen, probably a mouth swab that cannot be reused. The biochemical reagents are expensive and, while they will reduce with economies of scale, there will be a fixed cost per analysis and it will be higher than current costs. Will DNA analysis be at a cost the industry will find acceptable?

The $100 genome is not far away and the one-minute DNA fingerprint will not be far behind. We need to start thinking about whether this is really necessary and what an acceptable cost might be for an almost unequivocal ability to identify an individual based on their DNA.

Prof. Michael Breadmore is a professor at the Australian Centre for Research on Separation Science (ACROSS), in the School of Physical Science, University of Tasmania, Hobart, Australia. His research interests lie in the application, understanding and exploitation of the capillary and microchip electro-separation techniques for the analysis of complex samples with real world significance. He can be contacted at: michael.breadmore@utas.edu.au