Computer-based training is universally used to enhance the performance of X-ray screeners, but it has so much more to offer. It has utility in training for the whole organisation, can be applied to counteract social engineering schemes used by cyber criminals, and provides a great opportunity to simulate out-of-the-ordinary occurrences and thereby help aviation security officers to develop lateral thinking skills. Daniel Odido discusses some of these applications and explores how they may benefit the aviation security industry
The image of X-ray screeners huddled over their screens trying to detect various prohibited items in passenger baggage is indelibly associated with the concept of computer-based training (CBT) in aviation security. The detection of prohibited items such as guns, improvised explosive devices and various other weapons depends on the skills and knowledge of the operator, as well as the presentation of the image on the X-ray screen. CBT is crucial to achieving and maintaining high detection performance.
CBT may be used both for initial and refresher X-ray screener training with great success. A wide range of organisations offer a multitude of unique solutions, which are relatively cheap, and which can be customised to meet specific requirements. They can also be integrated into existing operations and delivered either through the internet or locally. Most systems provide the capability to trace and monitor the progress of each operator, and to respond to each individual’s unique learning style.
The training of screening personnel lies at the core of any successful aviation security programme. However, revolutionary advancements have been made in the field of CBT, which can be gainfully harnessed to enhance capabilities in other aspects of aviation security. The qualities that make CBT such a success for X-ray screeners also make it a candidate for application to other areas of aviation security.
Currently, some of the most significant security threats in aviation rest in cybersecurity, the insider threat and security on the ground. Cyber threats are ubiquitous, and they impact on the industry heavily in terms of lost resources and threats to safety. With the advancement of technology, cyber security has become an increasing concern, especially since these types of attacks are inexpensive to carry out. They can target computer systems on the ground as well as those used while aircraft are in-flight, and have the potential to cause a broad range of disruptions and damage. The Cathay Pacific data leak of 2018 affected up to 9.4 million passengers. This came hot on the heels of another data loss at British Airways, for which the airline was heavily fined. Airports have also been targeted by cyber criminals. Cyberspace is an emerging, critical and fast-growing area of competition between states and non-state actors like terrorist groups and conventional criminals.
All players in aviation security require regular recurrent security training. This includes immigration officers, airport security, airline security, civil aviation authority (CAA) security personnel and security forces attached to airports. Security awareness training should be carried out for all members of the organisation: office staff; ICT; management; flight and cabin crew. The training should be tailored to their specific requirements. CBT is a convenient method of delivering training to large or widely distributed groups of people, particularly in situations where mass transportation to a single location is neither desirable nor feasible.
CBT ‘ON STEROIDS’: USING GAMIFICATION
The advent of big data, cloud computing and machine learning, and its integration with CBT has provided a much greater capability for application in training. CBT, when integrated with AI, provides enormous benefits in training for organisations. One of the major goals of research in artificial intelligence is to programme a computer to solve problems or communicate in a manner that mimics the great diversity of skills, knowledge and ‘common sense’ of a human operator. Few computer programmes can do this.
“…gamification does not mean the trivialisation of serious issues that are typically confronted by aviation security. Rather, it recognises the importance of engagement in training…”
Game-based learning increases the role of learners in controlling their own learning experiences. ‘Gamification’ involves the application of game elements and concepts to a non-game scenario to solve a problem or induce a change of behaviour. It is applied in learning or training scenarios in order to make them more engaging for the learner.
Game-like elements can be used to enhance security awareness and modify users’ behaviours. A review of research on gamification shows that a majority of studies on gamification find it has positive effects on individuals. Gamification employs game design elements to improve user engagement, organisational productivity, and much more. These elements have also been applied to employee recruitment and evaluation.
Much CBT software for X-ray screeners employs gaming techniques. Repeated use of CBT programmes leads to improvement in detection and interpretation performance. In CBT for airport X-ray scanners, the largest training improvement effects have been found in detection of IEDs. These are usually problematic for operators since they are not every-day items and are therefore not instantly recognisable. Regular CBT also improves performance for familiar threat objects like guns that are placed in unfamiliar orientations.
However, gamification does not mean the trivialisation of serious issues that are typically confronted by aviation security. Rather, it recognises the importance of engagement in training.
CBT in Aviation Security Awareness
CBT may be applied to enhance security awareness across the whole organisation. This is a particularly valuable resource in training for cyber threats and phishing attempts. It can be used to strengthen internal policies and plans. Instead of being victims of social engineering, organisations are taking matters into their hands and applying social engineering to deal with potential threats.
“…a particularly valuable resource in training for cyber threats and phishing attempts…”
Consider security awareness training where the goal is to encourage users to make better decisions when they encounter a phishing e-mail: interactive, computer-based training combined with regular drills is likely to be more effective than simply issuing directives. The training may be designed so that employees get points and recognition if they participate and take security-related actions, like reporting phishing attempts. Such training provides positive feedback when users do the right thing, whether in real life or during drills, and prompts correct behaviour when users make a mistake. This mirrors CBT training for X-ray screeners, which occasionally presents contrived images to the screener to test for alertness.
Similarly, personnel in other areas may be subjected to drills at suitable intervals; for example, by distributing fake phishing emails or by having agents attempt to tailgate their way into secure areas. In one organisation, participants in the programme were 50% less likely to click on a phishing link and 82% more likely to report a phishing email after the first 18 months of a security awareness gamification effort based on positive recognition rather than negative reinforcement.
Operator Selection: checking for aptitude and attitude
CBT and gamification techniques leverage people’s natural desires for socialising, learning, mastery, competition, achievement, status, and self-expression. They can also accurately evaluate the response and presence or absence of specified skills. Much like physical simulators, games can also be used to identify and evaluate the required skills of a candidate. One of the challenges in aviation security is the presence of the insider threat.
“…like physical simulators, games can also be used to identify and evaluate the required skills of a candidate. One of the challenges in aviation security is the presence of the insider threat…”
The perfect vetting system does not exist. Nevertheless, use of CBT coupled with gamification may be able to identify undesirable traits in an employee. CBT has been applied to evaluate X-ray image interpretation skills and other issues such as colour blindness, power of concentration, spatial thinking, and personal behaviour skills in X-ray screeners. Such techniques may be applied much in the same way that the US army uses the military simulator, ‘America’s Army’ as a recruitment tool.
Simulations in CBT
While simulation software for technical training of flight crew and maintenance technicians is readily available, one area requiring development is simulation software that may be used to train crew in various evolving threat scenarios.
Some threats in aviation security are unpredictable and cannot be foreseen. No CBT training could have prepared the crew or management for the events of 9/11 in precisely the way they unfolded. Nor could the tragedy of Germanwings have been directly planned for. Simulations will nevertheless provide the adaptability to plan for such unstructured and out-of-the-ordinary occurrences and assist personnel in developing their capabilities in lateral thinking.
Flight and cabin crew are the last line of defence in an attack on an aircraft. Simulations in CBT can be used to train crew to handle unusual situations. Crew constantly face challenges like unruly passengers, the threat of terrorist attacks, hijacking, bomb threats and sabotage. There could be dangers of hazardous or even explosive substances onboard. This is an opportunity for designers of computer-based training programmes to provide simulation software to address this type of training. The software should be scalable and should address the various threats that aviation organisations are exposed to. Ground crew also require training on how to handle unusual situations.
The world is a global village. In the words of Bill Gates, “the airplane became the first world wide web, bringing people, languages, ideas and values together”. It also makes it easier for terrorists to carry out attacks anywhere on the planet. Target hardening drives potential attackers to locations that are perceived to be less secure. Some regional airports are not exposed to the throughput and threats experienced by larger airports, and so their personnel are less likely to have the same level of experience and training. CBT provides accessibility to the broadest range of experiences to every organisation at any point on the globe.
Computer-based Learning and Communication
Researchers have lately been reporting on the development of computer-based, non-verbal communication training. This is built on the concept that non-verbal communication generally transcends cultural boundaries. It supersedes the spoken word and it can be used and understood with a comparatively higher success rate. This kind of training can be adapted for the training of aviation security personnel. The availability of these skills coupled with information of the itinerary of the traveller can improve the efficiency of operation of aviation security personnel. Careful attention to the use of non-verbal communication by personnel in aviation security will make them more effective in their communication with travellers.
The use of computer-based training has grown rapidly and, in some cases, has the potential to replace in-person training altogether. Aviation security is a large and ever-evolving domain of knowledge and goes well beyond X-ray screening. Trainers should make use of opportunities to tailor training programmes to the needs of the learner, bearing in mind that different people learn in different ways.
Daniel Odido is the head of the Department of Flying Studies in the School of Aerospace Sciences of Moi University in Kenya. He has previously headed the Department of Aviation Security & Logistics at the same university. He is interested in aviation security and safety, and also the development of unmanned aerial systems and their safe integration into airspace. He can be contacted at odido@mu.ac.ke Twitter: @aerospaceKenya