Round table contributions
Environmentalism is a universal consideration in most business sectors in 2016. Whether seeking to provide greener products, or looking for new ways to minimise waste of manufacturing processes, most companies are involved to some degree with environmental concerns. Green has not traditionally been a big driver in the security industry, but there are indications the profile of environmentalism is increasing. We asked this week's Expert Panel: How green (environmentally friendly) is the security industry? How should the industry as a whole (integrators and manufacturers) work to improve the industry’s environmental record?
“Buyer beware” is always good advice in the security marketplace – or in life for that matter. But the age-old warning is more timely than ever in our age of global commerce and given our fragmented market with thousands of products manufactured all over the world. Complicating the picture: our market is also inching toward commodisation and facing downward pricing that shrinks margins for manufacturers. So the question becomes: When is an item merely a good deal or somehow “too good to be true?” Counterfeit products are flooding a wide range of markets, so it seems unlikely the security market would be immune. So we asked our panellists this week: How is counterfeiting of security equipment a problem for the market, and how should it be prevented?
What lessons, if any, are there to be learned from the recent attacks in Paris? Recent events in Paris highlight the deadly and changing face of terrorism in 2015. Two gunmen armed with Kalashnikov assault rifles attacked the Paris offices of satirical magazine Charlie Hebdo on 7 January, killing 12 people in all, including eight Charlie Hebdo employees and two national police officers. Two days later, the terrorism continued with a hostage crisis at a printing firm at Dammartin-en-Goel and at a kosher supermarket in Paris, where four hostages were murdered before the assailant was killed by police. The world has been shocked by the events, and many are evaluating what we can learn from them to help us prevent or minimise such future attacks. We asked our panel if there are lessons to be learned specific to the security industry.
Articles by Jeremy Malies
The border with Mexico is an obvious starting point for the security community. Many had assumed that 'wall' would mean a high-tech fence or possibly just a virtual barrier of perimeter intrusion detection systems (PIDS), video surveillance with analytics and thermal imaging. However, during a press conference shortly before inauguration, Mr Trump put journalists straight. Unless there is a mountain or river already doing the work along the 2,000 miles to be protected, this really will be a wall and it will be made of concrete; a substance that the president has used to some effect in his previous career. Initially, the money will be federal funds to ensure a prompt start, but Mexico should expect to reimburse its neighbours. Mr Trump's estimate is $12bn but consultants with relevant civil experience are putting the likely figure at $30bn. CCTV and access control expenditure Will there be a mass purchase of CCTV cameras to augment the new wall? Probably – but don't expect Vice President Pence, currently tasked with kick-starting the project, to spend central government money on Chinese brands which the administration regards as part of an irresponsible economic menace. He will be happy to pay a premium to source products originating from the US and will soon discover just how many surveillance cameras really are designed and assembled in Silicon Valley. Of course, US manufacturers may not be able to supply cameras of all the types required but there are alternatives to China. I for one believe that Mr Trump knew exactly what he was doing when he departed from protocol and accepted a congratulatory call from Taiwanese leader Tsai Ing-wen. If you take the president at his word, then there will be another project with massive security content. Mr Trump has made the extraordinary pledge to relocate the US Israeli embassy from Tel Aviv to Jerusalem. With the status of Jerusalem being a core element of the Israeli-Palestinian conflict, even the most upbeat observers see this proposal as likely to set off a new Intifada. The expenditure on perimeter and blast protection, CCTV and access control would run to many millions of dollars and like the new US embassy in London, would involve primarily US contractors and brands. As I write, the UK prime minister has just declared that Brexit will be 'hard' with no membership of the free market. Hastily arranged US-UK trade agreements may result. Marine Le Pen of the French National Front is declaring herself emboldened by Mr Trump's victory. She was seen in Trump Tower a week before the inauguration but would not comment on whether the visit was business or personal. An anti-immigration Euro sceptic, she is likely to make the second round of the French elections in May. The broader point is that protectionism is now rife, the European Union may dismantle and Trump is openly rooting for its collapse. Even more worryingly, the incoming president has said that he regards NATO as antiquated with many member nations not pulling their weight. Mr Trump declared that he would recruit some of the "greatest computer minds anywhere in the world" to tackle cyber security Cyber Security adviser Rudy Giulani Initially I had hoped to limit this article to physical security, but in the era of the Internet of Things (IoT), it is no longer possible for anybody discussing major issues to polarise themselves as being focused on either physical or cyber security. However, this is where the Trump administration enters high comedy. Incoming White House adviser on Cyber Security is Rudy Giuliani, a former Mayor of New York, who had previously intimated that he wanted to be Secretary of State or nothing. His recent role has been with the firm Giuliani Security & Safety which describes itself as “a full-service security, investigative and crisis management consulting firm.” If anybody can tell me exactly what the company does then please use the comment box below. In the era of the Internet of Things, no one discussing major issues can polarise themselves as being focused on either physical or cyber security We're back to the previously mentioned press conference during which Mr Trump declared that he would be recruiting "some of the greatest computer minds anywhere in the world" to tackle cyber security problems head-on. Giuliani's company website has mysteriously gone offline after pundits noted that it was riddled with irreparable security flaws, mainly stemming from expired Secure Sockets Layer (SSL) encryption. Layout smacked of the turn of the last century, the platform was a three-year-old version of Joomla and SEO was non-existent since the site was relying on Adobe Flash which is now all but ignored by browsers. When I think of Giuliani, I remember him primarily as having showed exceptional physical courage on 9/11 as he strode through the streets of his burning city in the knowledge that further attacks were probable. However, as a cyber chief he is risible. Cyber security treaty Is there anything positive to be said? Can we be at all hopeful for the Trump presidency? John McAfee (yes - that's the founder of the software company that protects many of our computers) has been more than usually candid when saying that the US is simply no good at cyber security but what the country may excel at is full-on cyber war. There is now a consensus that US and Israeli intelligence agencies used the Stuxnet worm (a self-replicating malware programme) to compromise 14 industrial sites across Iran in 2010 alone. The targets included a uranium enrichment plant. Note the crucial escalation here: Stuxnet does not merely hijack computers or steal information; it sabotages the core mechanical components of infrastructure such as the turbine in a power station or the gates of a dam. If nations are now capable of blowing up each other's critical national infrastructure (CNI) by malware intervention alone, maybe there is an open goal that would allow Mr Trump to be remembered; not just for a vicious election campaign and an unqualified cabinet stuffed with billionaires, but for a significant legacy? The international community has signed agreements on chemical, biological and nuclear weapons. Could the forty-fifth president steer us to a cyber security treaty?
How will the UK's decision to leave the European Union affect security cooperation between its member countries and with European countries? 'Strength through unity' is the term being used by pro-European economists observing the fall-out from Brexit, but it's surely an even more pertinent phrase for the security sector and this is being underlined in the most unexpected quarters. Fifty-six percent of the referendum votes cast in Northern Ireland were for 'Remain' and even staunch Loyalist politicians have spotted a way of staying in Europe through the previously unthinkable option of a united Ireland. Possible hard border enforcements Pending a possible reunification, what are the security implications for an Ireland that is now only part-EU? The border is currently 'soft': drive south into the Republic and the first indication is speed warning signs changing from miles to kilometres. The Irish Government has pledged to 'do its utmost' to retain the so-called 'Common Travel Area' on the island. But don't rule out reintroduction of occasional (possibly mobile) physical checkpoints across the 300-mile divide. Much of the security will remain covert, but scrutiny of freight vehicles for customs purpose will be mandatory. Border control at English ports will also be hardened. Currently, in a spirit of co-operation, French authorities allow their British opposite numbers to check vehicles and even foot passengers at Calais while there is French immigration control at Dover for travellers wishing to enter the Schengen Area via Calais or Dunkirk. The juxtaposed arrangement is a result of the Treaty of Le Touquet dating from 2003 and is bilateral, having nothing to do with the EU. But don't underestimate the toxicity of the current situation. There has been flip-flopping on the treaty already; local government in northern France initially said it was safe but the mayor of Calais now wants it 'renegotiated' (read scrapped) while leading candidate for the 2017 presidential election Alain Juppé says it will be pain grillé if he is wins power. "We must move the border back to where it belongs." How will the soft border between Ireland and Northern Ireland change once it becomes the only land border between the UK and the EU? Greater fragmentation in Europe? Is the outlook for international co-operation between European countries really this bleak? The doom mongers who see more drawbridges being raised and further exits from the EU should bear in mind that much international security cooperation stems from Interpol (headquartered in Lyon, France) and below the radar of most media comment including the security trade press. Brexit has no doubt pleased Vladimir Putin, who must be encouraged by the prospect of a weakened Europe with the possibility of more fragmentation to come. EU disunity can only reduce the resolve of member countries to implement sanctions on Russia after its military intervention in Ukraine. It's unlikely that France will secede from the EU but prepare for ultra-right-wing politician Marine Le Pen of the Front National progressing to the second round of her country's election in April on a Brexit platform. Newly merged pan-Europeancompanies will surely find thatpost-Brexit, movement ofproducts and people hits moreobstacles Apart from UK manufacturers focused predominantly on exports who gleefully welcomed the slump of pound sterling against the Euro and dollar (short-termism since the situation remains volatile), few in the security industry can be satisfied with Brexit. And manufacturers not reliant on imported raw materials must be rare indeed meaning that any gain can easily be lost in increased costs. The current trend in our industry is acquisitions with the playing field dominated by an increasingly small number of major corporates. Newly merged pan-European companies will surely find that post-Brexit, movement of products and people hits more obstacles. International cooperation To argue that collaboration on production standards through organisations such as CENELEC and CEN will come to an end post-Brexit would be excessively gloomy. CENELEC (based in Brussels by the way) is not an EU institution and in addition to member countries it works with five other European nations. But these standards organisations have been founded in the interests of European harmonisation and hassle-free legislation. The decision by the UK electorate last month can only hinder open working methods, and I for one don't want to go back to the bad old days in which the British kitemark was predominant. If you're an R&D engineer in the UK with an innovative new product on the bench, don't rule out the possibility that piqued international standards bodies may make your life a little more difficult in order to send a message to others. Brexiters who argued that Brussels is synonymous with bureaucracy may see UK exporters surrounded in yet more red tape as they try to get their products approved abroad. It's highly likely that Scotland will hold a second referendum within the next two years to leave the UK as a result of the Brexit vote I frequently find myself on university campuses talking to academics researching technology with security applications notably in 'big data' and video analytics. Long before Brexit hardened into a possibility, interviewees were reminding me that UK universities as a whole receive ten percent of their funding from the EU (£1bn a year) and they feared the worst. The European academic community is at its strongest in terms of developing strategies to combat terrorism when universities from several countries pool resources. One such initiative is the EU-funded PRIME project which studies terrorism carried out by individuals working alone, the acronym being LAEEs (Lone Actor Extremist Events). The collaborators include University College, London, King's College, London, the University of Warsaw, Leiden University and Aarhus University (Denmark). You tell me which two institutions would lose out if the programme were being drawn up and funded post-Brexit. The BSIA has described theUK's position post-Brexit as'uncharted territory' andspoken about a need topersuade member statesthat we will "remain anenthusiastic partner in allsecurity and trade issues" What will Scotland do? On the macro level there is an elephant in the room or at least an elephant in the Firth of Clyde. Scotland voted overwhelmingly to remain in the EU making another referendum on independence probable within the next two years. The Scottish Nationalist Party (SNP) is implacably opposed to the Royal Navy's nuclear-armed submarines which are housed to the west of Glasgow. If Scotland secedes the Navy will be told to take its fleet off Scottish shores immediately. Remember the £350m a week that the Vote Leave campaign claimed (prior to a retraction) would be saved on EU contributions and could go to the National Health Service? A new naval facility for England would dwarf this and cost billions. The British Security Industry Association (BSIA) has described the UK's position post-Brexit as 'uncharted territory' and spoken about a need to persuade member states that we will "remain an enthusiastic partner in all security and trade issues." I wish I could be so sanguine. Yes, it will be apparent from my focus here that I voted 'Remain' after making it into a polling station at the last minute, late on the final day of IFSEC. I'm aware that the UK is part of Europe in terms of shared history and culture as well as commerce. But I'm sceptical about our ability to trade effectively and share strategic information with the member states now that we have all but left. I've spoken to installers, consultants, manufacturers and fellow industry observers and found that none of them are able to greet Brexit as a positive thing for the international security industry.
Transport hubs will always be terrorist targets since people congregate in tight clusters (Image credit: deepspace / Shutterstock.com) The attack on Ataturk Airport, Istanbul, comes only three months after the bombing of Brussels Airport. Many are considering common elements in terms of modus operandi and likely perpetrators but the similarities are largely superficial. Airports, like any major transport hub, will always be terrorist targets since people congregate in tight clusters and passengers are likely to include many foreign nationals. Motivation by the two sets of jihadists in March and June may be a unifying factor but otherwise their approaches differ. This is not to say however that effective solutions from the security sector to both types of threat might not be similar. Similarities to other attacks Istanbul resembles Mumbai or the Bataclan Music Hall (a target of the Paris attacks) more than Brussels in so far as the terrorists carried AK-47 rifles and their explosives were in suicide vests. By contrast, Brussels saw what we now know were so-called Islamic State operatives (unarmed apart from their bombs) bringing peroxide-based explosives to the airport in suitcases. Terrorism at airports in Moscow (2011), Brussels and now Istanbul has all taken place ‘landside’. Unless terrorists want to capture a plane and use it as a weapon it makes no sense to try and breach ‘airside’ security other than to emphasise our vulnerability. Writing about Brussels several months ago I said that “only airports with particularly chequered pasts in terms of terrorism and sectarian violence (Istanbul, Nairobi and Mumbai) have screening operations at pre-security areas.” I’m rarely prescient, but the mention of Istanbul now seems chilling. Role of airport x-ray scanners In a sense, security at Istanbul succeeded insofar as there are x-ray scanners and checkpoints almost on the perimeter of the building and these would have revealed suicide vests immediately. The terrorists could not proceed more than 100 feet into the terminal without a battle with police officers. Naturally, passengers gather around the scanners waiting to be checked and it is a bottleneck. But had the Istanbul terrorists breached this initial protective measure undetected they might have inflicted greater harm among tighter clusters of people. There is still no consensus on the order of events but it seems that after they overpowered initial security, the jihadists wandered through the airport, shooting at random before detonating their explosives. There were 44 deaths from the bomb belts and gunfire. The attack in Istanbul resembles the attacks in Mumbai or the Bataclan Music Hall as the terrorists carried AK-47 rifles and their explosives were in suicide vests(Image credit: deepspace / Shutterstock.com) Refuge areas As with many such incidents, airport users and staff improvised safe havens in lavatories, shops and under seating. Would it be sensible for the aviation industry to begin creating refuge areas in terminals? Possibly, but this presents the nightmare scenario of a terrorist disguised as a security officer corralling passengers. (Remember that Anders Breivik lured terrified Norwegian youngsters towards him on the island of Utøya because he was dressed as a policeman.) Physical security technology possibilities So what can physical security technology offer to combat incidents like Istanbul? The outlook is not hopeful and we can discount the promises of irresponsible manufacturers who made outrageous claims for video analytics in the wake of the Boston Marathon bombings and have continued doing so. Artificial intelligence such as video analytics needs to move up many gears before it becomes effective in this kind of environment. Where do we draw the line? Sniffer dogs at motorway service stations, bag checks at adjacent railway stations? This would be simply moving the problem outside One obvious avenue is human intelligence and teaching staff how to identify atypical behaviour, a practice at which the Israelis excel. On the subject of human rather than technological response; any consideration of the events should note that Turkish police behaved with exceptional courage and lost five of their officers. A particularly depressing aspect to Istanbul is that the city’s secondary airport (Sabiha Gokcen) had been mortar-bombed by a Kurdish separatist group late last year. There was only one fatality but several parked aircraft were damaged. As a result, Ataturk Airport increased manned guarding throughout and set up the perimeter screening already discussed. Where to begin the security process But how many outer security rings can we create? Picture your regular journey to the airport you use most often. Where do we draw the line? Sniffer dogs at motorway service stations, bag checks at adjacent railway stations? This would be simply moving the problem outside. Bear in mind that neither the Brussels nor Istanbul incidents have seen aviation targeted as a specific transport mode. They are assaults on society’s soft underbelly. Preparation for an atrocity at a railway station concourse or a major retail location (both feature people in queues and clusters) must be priorities for the security community. I said earlier that the two recent airport incidents will share a broad motivation. As I write, no one has claimed responsibility for Istanbul and informed sources are at odds as to who the perpetrators were. This makes the situation even bleaker since until the terrorists are identified there is no scope for preventative SIGINT intelligence gathering to thwart similar events. We should make no automatic assumption that so-called Islamic State is responsible. The Turkish premier may be reluctant to admit it but the Kurdish militant organisation PKK remains a candidate while a taxi driver’s claim that the bombers were using a language he had never heard before surely points to Chechen which is not spoken outside the Caucasus area.
No matter how strong the security planning, it will take only one small failure tocreate an opportunity for unimaginable events(Photo credit: Marco Iacobucci EPP / Shutterstock.com) Successful security at UEFA Euro 2016 may well depend on the ability of the French to bring cohesiveness to disparate technologies. Given the scale of the threats, a variety of security solutions are being used visibly and behind the scenes – in addition to the presence of 90,000 police, gendarmerie and uniformed soldiers. I can’t remember an event where there has been a greater need for multi-agency working than the Euro 2016 football tournament now taking place at 10 stadiums across France, a country still recovering from the Paris attacks in November, torn apart by ethnic tensions, and in the grip of labour strikes. The security backdrop to the tournament is already dampening what should be a joyous festival for 2.5 million spectators watching the 51 matches over four weeks. Despite the comprehensive resources available to France and her neighbours, I see little cause for optimism. Security communications Starting at a macro level, there will be an enormous signals intelligence (SIGINT) operation in an attempt to intercept and analyse information from suspected terrorist cells, potential “lone wolf” jihadists and anybody whose communications arouse suspicion. The French government has been fighting a protracted battle to have voice over Internet protocol (VoIP) communication services (notably Skype, which is a known favourite of terrorists) registered as telecoms operators and thus subject to stricter regulation. The French government has beenfighting a protracted battle to haveVoIP communication servicesregistered as telecoms operatorsand thus subject to stricter regulation Internet communication may yet solve rather than cause problems during the tournament with the release of a mass notification phone App. In the event of an attack, the App will alert users on a geo-location basis and in a discrete manner should they be near an incident. Users will also be able to pre-program up to eight geographical zones that they might be visiting in order to receive context-specific information and advice on how to minimise risk. Hooligans distract police attention from terrorism During the first weekend, the tournament was already marred by fighting between Russian and English fans (with involvement from locals) in the port of Marseille, where tear gas and water cannon have been deployed. An England supporter is critical after suffering a heart attack while being beaten senseless. UK politicians have been quick to denounce these incidents but also to make the broader point that hooliganism distracts French police from vigilance against terrorism. The England vs Russia game in Marseille has thrown up concerns at many levels. Toward the end of the match, Russian fans donned gum shields and martial arts gloves, turned their t-shirts into masks and charged English fans including family groups who were forced to jump over perimeter barriers with 10-foot drops in order to escape. Neutral observers complained about a lack of police presence and ineffective stewarding. Inappropriate security scanning As if this wasn’t bad enough, Russia’s equalising goal in the final minutes saw one of their supporters using a flare gun. Yes, a flare gun, which is larger than a handgun. This was accompanied by smoke bombs. A photo is doing the media rounds of a Russian holding two flares, each the size of a Coke bottle. One doesn’t have to speculate long on what might have happened if these containers were filled with plastic explosives. During the first weekend, the tournament was already marred by fighting between Russian and English fans(Photo credit: Marco Iacobucci EPP / Shutterstock.com) Am I alone in thinking that terrorists, seeing how lax security must be at the Stade Vélodrome, may be tempted to smuggle in more sophisticated explosives? The presence of the fireworks is doubly embarrassing since security at the Stade de France failed miserably in May during a domestic cup final when dozens of firecrackers were brought into the ground despite what was claimed to be vigilant searching of fans. Debate over fan zone The French are flexing their technological muscle and have made much of the fact that there is anti-drone technology at the 90,000-capacity fan zone beneath the Eiffel Tower. This is to guard against a possible terrorist “spectacular” such as a chemical or biological attack of the kind hinted at in data found on a laptop used by Paris attacker Salah Abdeslam. The future of the fan zone is uncertain. Former president Nicolas Sarkozy sees it as a sitting duck for a terrorist attack and has asked for it to be scrapped while police chief Michel Cadot wants it to operate only during games played outside the two Parisian stadiums. Am I alone in thinking thatterrorists, seeing how laxsecurity must be at the StadeVélodrome, may be tempted tosmuggle in more sophisticatedexplosives? Generally, the French government prefers a concentration of fans rather than dispersed groups. Of course, commerce should not be a factor, but there will inevitably be behind-the-scenes pressure from advertisers to retain fan zones since their merchandising potential is enormous. If they go ahead, the zones will feature CCTV surveillance, bag searches and even body-frisking should police suspicions be aroused. Conducting mock disaster drill to improve emergency response I recently reported on a disaster scenario exercise in London, and the French are conducting exhaustive equivalents in order to test response techniques should there be an attack at a stadium or fan zone. One such operation saw volunteers pretend to be fans at a mocked-up Northern Ireland vs Ukraine game in Lyon where actors, pretending to be jihadists, conducted a suicide bombing. Other drills have simulated chemical attacks, and in Nîmes over 1,000 cadet police officers acted out the role of spectators at a fan zone while colleagues in protective clothing went through decontamination routines. Violence likely to overshadow Russia vs. Ukraine match In terms of fan behaviour, what are the upcoming games with the most potential for violence? Turkey vs Croatia has passed off peaceably despite grave concerns. One nightmare scenario that UEFA must be dreading is if Russia were to come top of their group and Ukraine qualify as a third-placed team. Then the tournament has the prospect of the two sides meeting in Paris. Anybody who thinks this would be a sporting contest is misguided. The game would be a hate-filled microcosm of the recent Russian annexation of Crimea and the war in east Ukraine. No matter how much planning and technology the French authorities have at their disposal, it will take only one small failure to create an opportunity for unimaginable events. All we can hope is that sport will soon disappear from the front pages of our newspapers and be relegated to the back with the tournament remembered for sporting achievement rather than security lapses. Read more about security at UEFA Euro 2016 here
What effect will the attacks in Brussels have on aviation security? Screenings inpre-security airport areas have been uncommon, but may become standard practice Will the Brussels airport attack herald a new era of aviation security? Like the bombing of Moscow’s Domodedovo Airport in 2011, the Brussels attack took place “landside”, meaning that security precautions would have been low-key and limited to spot checks and the general watchfulness of police officers for unusual behaviour. Combination of security techniques Even the tabloid press has had the sense not to second-guess Belgian authorities and ask why there were no metal detectors and body scanners at the departure hall. Only airports with particularly chequered pasts in terms of terrorism and sectarian violence (Istanbul, Nairobi and Mumbai) have screening operations at pre-security areas. However, unless their aim is to undermine public confidence by evading security measures or taking control of a plane, it makes little difference to terrorists exactly where they kill aviation passengers. CCTV still images from Brussels, which flashed around the world shortly after the attacks, showed Najim Laachraoui, who blew himself up at the airport. We now know that Laachraoui not only made the Brussels bombs but probably also made the suicide vests used in Paris back in November – fragments recovered there contained his DNA. A mug shot identifying Laachraoui as a significant terrorist suspect had been distributed by Belgium Federal Police only days before the attack in their capital. Consider the imaginary scenario of a comprehensive database of possible jihadists shared by transport hubs all around Europe. Combine that with perfect facial recognition CCTV (from all angles), not just airside but in the departure hall. And assume the resulting information is actionable quickly enough to intercept attackers. Then and only then would the Belgian airport trio have been halted. Video analytics for airport security Clearly this is the stuff of fantasy, though I’m aware of current progress and invite facial recognition vendors to weigh in. But here’s a sobering statistic from London: the Metropolitan Police’s forensic imaging team has admitted that, of the 4,000 images entered onto their database after the 2011 riots in the UK, only one person has been recognised solely by facial geometry. More generalised video analytics have a definite role to play in protecting airports; there are algorithms that will alarm on unusual direction of movement and loitering when other passengers are flowing through the site. Yes, there were peculiar aspects to the bombers. Two of them were wearing a glove on one hand only (concealing links to detonation devices), and they had large suitcases but no carry-on luggage. But this is the kind of atypical behaviour that is likely to register with human rather than artificial intelligence. I concede that analytics can do much to reveal an abnormal gait that might indicate the weight of a bomb vest but would challenge any movement algorithm developer to report much about a passenger when they are pushing a trolley. Key terror suspect Mohamed Abrini open up. #BrusselsAttack #ISIS #MohamedAbrinihttps://t.co/s4onH32OeL pic.twitter.com/3Y82I1kKQE — Indiacom (@indiacom) April 9, 2016 Explosive device detection The immediate potential for improving security throughout airport premises probably lies with alerts on explosives through trace (minute particulate) detection. Military-grade explosives are a rarer commodity now than 10 years ago (the physical security sector can take some credit for this) and without sponsorship by a rogue state, the terrorist’s current explosive of choice is triacetone triperoxide (TATP). A crystalline powder, TATP is a synthesis of three commonly available materials – hydrogen peroxide and acetone (staples of the beauty industry) and mineral acid. Known to bomb-makers as “The Mother of Satan” because of its volatility, TATP is also a nightmare for security since (unlike fertiliser bombs) it contains no nitrogen that can be detected with relative ease. TATP has been used by terrorists ranging from “shoe bomber” Richard Reid to the jihadists in London on 7/7 and more recently in Paris and Brussels. One of the bombs carried into the Brussels airport remained undetonated within a suitcase, and authorities found it to be composed of metal bolts and nails with TATP as the explosive. A handheld device from Oregon-based FLIR Systems can now collect particulates from surfaces and create a noticeable change in fluorescence signal when TATP is detected. Most explosive materials tend to be sticky and will defeat attempts to prevent them from collecting on clothes and hair by all but the most determined and skilled bomber. Challenges for European security community Other detection methods include CT (computerised tomography) scanning to compare the density of items in bags and suitcases with the density values of substances known to pose a threat of explosion. Adding TATP to libraries of suspicious density values has been a logical and fairly easy step by manufacturers. As TATP detection devices become cheaper, more portable and unobtrusive it will be possible to use them extensively in transport locations. Few analysts would have failed to note that the Brussels bombings came four days after the capture of Salah Abdeslam, who is suspected of having masterminded the Paris attacks. Abdeslam’s lawyer has said that his client is cooperating with authorities in Belgium. The Brussels airport and Metro attacks were improvised measures by a cell who knew they were in imminent danger of capture. The bombers had another target in mind, and given more time would have mounted a more concerted operation. Speculation can of course be feverish, but there have been suggestions that the real target was one of Belgium’s seven nuclear reactors or the UEFA Euro 2016 soccer championship to be held in France this summer. The enormity of the two possible targets is worrying, but security professionals may be equally concerned by the fact that these are such different threats. Both concern perimeter protection but of an almost diametrically opposite kind. The range of challenges facing the European security community is dizzying.
The disaster training exercise took place at four sites, with the primary locationbeing a disused power station in Kent (Image credit: London Fire Brigade) Europe's biggest-ever disaster simulation provided a test to evaluate London’s ability to "detect, prevent and if necessary to withstand, handle and recover from disruptive challenges." Exercise Unified Response replicated the aftermath of a tower block falling into Waterloo Station, a transport hub on the south bank of the Thames used by 98 million passengers a year. The exercise took place at four sites with the primary location being a disused power station in Kent. Testing emergency practices at Waterloo Station Waterloo is both a mainline and underground “metro” station that had been chosen so that first-responders would have to deal with the combination of derailed trains, cramped dark conditions and live electric rails. The exercise worked from the simple premise that during a refurbishment the tower block had collapsed. There was no consideration of terrorist activity as a factor, and the goal was to test emergency practices on a large scale. Rescue teams from the UK, Italy, France, Hungary and Germany would have had many options, and the exercise sought to test technology as well as protocols and human processes. Four thousand people took part in total with hundreds of medical students from the London teaching hospitals playing dead or simulating being trapped in the mocked-up tube station. Security technology to the rescue So what types of equipment could have saved lives had the incident been for real with mass casualties among the tonnes of rubble? A crucial resource may have been thermal imaging cameras which display body heat. Other methods would include use of microwave radiation which can alert rescuers to a heartbeat even through several metres of concrete. Bodies are illuminated by a microwave beam, and the chest movements of those still breathing alters the reflected wave. Ultra-wideband radar is also used, with both methods relying on the regularity of breathing which makes it stand out from background noise and clutter components. Thermal cameras, microwave radiation and ultra-wideband radar would be crucialequipment to save lives in this emergency scenario (Image credit: London Fire Brigade) Identification of the deceased The exercise strived for authenticity and didn’t shrink from details such as identification of the dead and setting up a mortuary. Seven tube carriages were taken to the main site near the Dartford river crossing. The station infrastructure was deliberately crushed by construction equipment, and the trains filled with bloodied commuters both living and dead. Disaster victim identification teams from many UK police constabularies provided officers to work alongside other forensic specialists. Exercise organisers threw every conceivable combination of complex needs at responders. Emergency workers picked their way through the carnage and treated realistic trauma injuries with the procedures, even including mimicking of on-scene amputations. Unusual requirements at the refuge areas included train passengers separated from vital medication and a serviceman relapsing into post-traumatic stress disorder. Role of PSIM In terms of testing security technology and assessing whether it gave emergency managers optimum information, the performance of PSIM and similar platforms would be crucial. With many sub-systems likely to fail after the collapse of the tower block, exercise organisers would have been looking to simulate failover provision, field-testing it in conditions more akin to a disaster than will ever be encountered barring the real thing. Help points, public address and voice alarm (PA/VA) and passenger information displays would all have been scrutinised. SCADA and similar process control would have been crucial in giving rescuers information about air quality and explosive hazards. Staying at the macro level, emergency services are now exploiting mass notification systems in order to oversee crisis data. Software of this kind also analyses microblogging services such as Twitter, Instagram and Facebook to isolate tactically important information posted by civilians at the scene and distinguish it from messages expressing general empathy. About Exercise Unified Response Exercise Unified Response was organised as part of the London Assembly's resilience partnership strategy. It saw 70 partner agencies working alongside each other with the UK government’s COBRA committee being a main participant. An incident command room was set up with emergency supervisors making crucial decisions about which resources should be despatched as the scenario unfolded. The £770,000 operation was funded by the European Union. It involved police and emergency workers from four EU countries plus of course the host nation which will decide on June 23 (the last day of IFSEC) whether to remain in the Union. An “out result would hardly mean the end of this kind of European security co-operation which (largely through Interpol) pre-dates the EU but member states would surely become less enthusiastic about working with the UK.
UK citizens will vote on June 23rd 2016 on whether to remain within the European Union A significant aspect of the four-month operation leading to the capture in March of Salah Abdeslam, Europe’s most wanted man, is that French and Belgian police worked alongside each other with minimal protocol complications since the countries are not only geographical neighbours but members of the European Union. Abdeslam was arrested for his alleged involvement in the Paris attacks of last November. Joint operations between UK and European security forces On June 23rd (with a touch of congruity for our sector since it’s the last day of IFSEC) UK citizens will vote on whether to remain in the European Union. Nobody should ignore the fact that the Union is an economic community and began as a common market for trade in coal and steel. And yet, suggesting that the outcome of the referendum is anything other than crucial for physical security in Europe would strike most observers as naïve. Prime Minister David Cameron has weighed in on the possible consequences: “When it comes to terrorism, when it comes to security, when it comes to our borders, we are better off, we are stronger inside a reformed EU.” Certainly the recent bomb attacks in Brussels underline concerns about terrorism throughout Europe. French President Francois Hollande also warns: “I don’t want to scare you, I just want to say the truth – there will be consequences.” Of course it would be overstating the case to suggest that a "Leave" vote will bring an end to cooperation between UK security forces and European counterparts since police forces first began sharing information (though not necessarily resources) when Interpol was formed in 1923. The European Union is not the only backdrop to these matters, and the UK is currently tackling people smugglers by sending amphibious vessels to the Aegean Sea between Turkey and Greece in a NATO (as opposed to EU) initiative. Such joint exercises would continue even after an “Out” decision on Brexit. Tightening border control security measures However, the whispers from Paris on the security ramifications of a departure by the UK are teetering between ominous hints and naked threats. Currently, Britain is allowed to have its own border control officers at major French ports such as Calais and, as a reciprocal measure, French-run passport control is the first checkpoint you reach when taking your car to France from Dover. This arrangement is in fact the result of a bilateral treaty dating from 2003 and nothing to do with the European Union, but Monsieur Hollande has already made it clear that should my compatriots vote “Leave” then this cosy entente cordiale will become toast or “pain grillé.” With even responsible liberal-leaning media outlets reporting that the Calais “Jungle” transit camps contain would-be jihadists, it seems that UK security is under immediate threat. As security professionals, we all subscribe to the “layered protection” principle. If Dover and other ports on the English side of the Channel become our first opportunity to scrutinise people then border control is clearly weakened, and the Brussels attacks emphasise the need that it be strengthened. The recent bomb attacks in Brussels and Paris have heightened concerns of terrorism. What ramifications would Brexit have on security cooperations in Europe? Other security issues of Brexit Unity usually produces strength, and UK voters may want to heed US General Philip Breedlove, senior NATO commander in Europe, who now believes that Russia and Syria are “weaponising” the possibility of terrorists posing as refugees or economic migrants in order to destabilise Europe. Surely at a time when there is a credible threat of this magnitude, UK voters should forget the clichéd contentious trade issues such as farming subsidies and alleged “wine lakes” and “butter mountains?” The prospect of Vladimir Putin and Bashar al-Assad joining forces in this manner is more worthy of our immediate attention and should be a factor as voters debate where to put their X on the ballot slip come June. This article has begun with the macro issue of border control and national security. There is a raft of additional subjects to be considered. Major topics will be international legislation on location of CCTV cameras, regulations on retention of footage, collection of biometric data and the sharing of information between EU and non-EU states. There is also the small matter of a £1.5bn Anglo-French drone project that may create the next generation of unmanned combat aircraft. Repercussions of a "Leave" note on security powerhouses A “Leave” vote would undoubtedly produce economic uncertainty, but our sector would hardly be alone in this. One footnote, however: the UK will go to the referendum polls as a single country but a “Leave” vote may hasten a split into two. If the decision is to leave but a totalling up of votes in Scotland shows that the Scots wish to stay in Europe, then the Scottish Nationalist Party will demand another chance to devolve and then become a European Union member state. England and Wales will face the prospect of security powerhouses such as IndigoVision and Veracity being part of a separate economic territory. A vote to leave would not produce the mare’s nest you might expect in terms of certifying products and documenting working methods. CE markings certify compliance with EU legislation but make no claim as to point of manufacture. Similarly, our industry’s increasing use of International Standardisation Organisation (ISO) practice to show responsible quality control and concern with environmental impact will be unaffected by the referendum vote. The ISO has no affiliations with the European Union, pre-dates it having been formed in 1947 and is based in Switzerland, which is not an EU member and unlikely to become one anytime soon.
Energy efficiency extends beyond a company’s running costs vs. its carbonfootprint, to using security technological intelligently to the company’senvironmental advantage Even as manufacturers are becoming greener and innovation is reducing our industry’s carbon footprint , is there more we could be doing? Can we adapt our general operational methods to be smarter and help save the planet? Are we learning from other industries, do we absorb things quickly enough, and are there some lessons we simply don’t want to learn? Remote system diagnostics approach Accepted working styles are often profitable for integrators and can slow down innovation. Only recently have integrators recognised that remote system diagnostics means fewer site visits, less disruption to the end user’s business and greener practice in terms of fewer vehicle miles. Is it cynical to suggest that taking this approach may have been slow because it reduces billable man- hours? Should we be frustrated that significant (and ultimately green) developments such as the ability to control a PTZ remotely via an app have only been introduced after similar technology has been used for several years in home automation? Installers and the whole security community need to recognise that the phrase “energy efficiency” extends beyond mere running costs to the carbon footprint of an organisation. Increasingly, managers want to know if operational advantages derived from intelligent use of security technology will be reflected in green benefits. A few examples are obvious, and the Canadian manufacturer Senstar has introduced a surveillance robot that travels on a monorail, constantly patrolling a perimeter, moving to the site of possible breaches after analysing video and interacting with suspected intruders via public address. The environmental advantages of such a product compared to a guard patrolling an extensive perimeter in a fuel-consuming, exhaust-emitting truck are overwhelming. The R&D expenditure involved in such a solution is no doubt extensive, but the essential idea stems from alert minds combining existing technology to create a product that is not only green but probably offers the end-user prompt return on investment (ROI). This monorail robot is an exceptional case, and ROI from improved carbon practice in the security sector as opposed to the “feel-good” intangibles of responsible corporate citizenship is a long way off. Ultimately, the most likely driver of improved carbon management from non-technological factors will be legislative authorities that have teeth. Anybody who doubts this might like to consider the rigour with which the United States Environmental Protection Agency (EPA) has begun overseeing the impact of federal construction projects. Creative thinking can be just as effective as technological innovation for greensecurity practices, as demonstrated by the prisons training eagles to intercept drones Convergence of IT and physical security Endeavouring to make equipment perform multiple and disparate roles is an obvious financial economy that is also green. Convergence of IT and physical security has received much attention recently, and there are more unusual examples of multi-tasking that should be discussed here. A notable instance is video analytics within cameras including an algorithm to alert on the shape and movement pattern of flames as well as the standard scenario of an intruder. Leaner, more versatile (and therefore greener) security technology can be as much about open minds as open protocols. Technological innovation and open thinking The modish phrase “enterprise security” need not involve exceptional innovation in terms of technology but may simply view disciplines such as access control and fire detection from a similar perspective. Open thinking of this kind will always involve less hardware and therefore be carbon friendly. We shouldn’t have to take all our cues from Microsoft, but the company has been indisputably green in creating two Global Security Operation Centres that combine physical security infrastructure with IT practices. (This is while many of the companies using their products see squabbles between IT and security over sharing a bit of closet space.) The two centres monitor 840 sites worldwide, which involve the small matter of 14,000 access card readers and 15,000 video cameras not to mention duress alarms and biometrics. Finally, my favourite piece of current green security practice that involves no technological innovation, is indisputably carbon-neutral and involves a solution that has been around for 1,500 years. Flying contraband into prisons on drones has become a major threat to the integrity of custodial perimeters. But before investing in PIR sensors and fence-mounted analytics cameras, prison governors might consider a flying squad with a difference. Earlier this year and following a trial by Dutch police, Scotland Yard announced that it was training eagles to intercept drones and with remarkable success. It’s a headline writer’s dream in which the eagle has not so much landed as taken off. Anybody concerned for the welfare of the birds should note that they intercept the drones in such a way as to avoid the rotors and are of course rewarded with food after every strike. Low tech defeats high tech and proves indisputably green.
The development of PSIM security systems and the move towards smart buildings and cities holds huge potential for environmental performance in the security industry Is the drive to give clients improved CCTV, perimeter protection, intruder alarms and access control making our industry any greener? Is technological innovation consistent with reducing security industry’s carbon footprint? In any case, green operating practices are more a side effect of current developments than a planned objective. Energy efficient CCTV lighting Camera lighting (both IR and white) is a convenient starting point, and the ability to focus illumination on areas of potential interest rather than flood a large expanse indiscriminately is producing significant energy savings. There’s little debate that present-day LED illuminators out-perform sodium and halogen equipment in terms of area of coverage and power consumption. Industry observers estimate that LED lamps often use as little as 10 percent of the power consumed by conventional incandescence. Similarly, motion-based PIRs (now a venerable technology dating from the ‘70s) are extremely energy-efficient save for their occasional nuisance activations. So what could be better for the planet than the new breed of energy-efficient CCTV lighting products? The obvious answer is cameras that require no lighting at all and will work by ambient moon and starlight. Quoting comparative lux levels for ultra-low-light camera performance is problematic as there is no consensus as to use of auto gain control (AGC) and slow-shutter mode. But CMOS sensor design is improving, a fact that means IP cameras are catching up after initial poor performance in low light compared with analogue. Recent camera “shoot outs” have produced serviceable image quality at low lux levels that are nearly off the scale. Again, insofar as this means there is often no need for additional lighting, it’s a green development. Exploring solar panels as power supply Many improvements in our industry can be traced to advances in telephony, a sector that has given us the managed hub by which a device receives power appropriate to its exact needs (often down to a few milliamps) rather than an arbitrary amount dictated by classifying every channel in the same broad terms. A common rallying cry, to which I don’t subscribe in security or any other sector, is that solar power will be the environment-friendly saviour of us all. Ask your friendly local installer to show you a camera project that is solar-powered. I’m willing to make a wager as to what kind of project it’s likely to be. Of course I’m happy to be proven wrong, but I’d maintain that the majority of solar-powered CCTV is at locations that are remote or “off-grid” such as pipelines, border control, water supply hubs and early-phase construction sites. The driving force is the logistics of power distribution rather than concern with carbon footprint. Saying this, I’m aware that companies such as MicroPower are successfully exploiting solar panels to operate low-current-draw cameras and the practice may become mainstream. Solar energy is being used as a power supply by companies such as MicroPower to operate low-current-draw security cameras Miniaturisation (with the driving force being spin-off from consumer video) can hardly fail to make the security industry greener. An original motivator for changing from CRT monitors to flat-panel screens both in offices and security control rooms must have been desk space, but it need hardly be added that they are not only more efficient in terms of consumption of non-renewable resources in manufacture but draw less current and emit less heat. On the subject of heat, as I was being ushered into a server room recently, I found that my remaining hair was standing on end such was the gale coming from the rack cooling fans and air-conditioning. This set me to thinking that the relationship between unwanted heat generation and the requirements for heat dissipation is exponential. Thus, an inefficient DVR generating a heat throw of 40 watts may require use of a fan-cooler that consumes 80 watts. That’s a particularly vicious sequence. Eco-friendly technological innovations Numerous innovations are making us greener through small improvements in fossil fuel usage. The modern security installer’s habit of “piggy-backing” on existing structured cabling wherever possible must have saved thousands of miles of Cat5 worldwide. Power over Ethernet (PoE) was designed with time and cost savings in mind; carbon footprint would hardly have been a consideration but the fact is that the technique makes economical use of raw materials. Small improvements in our environmental performance range from modern video compression codecs reducing storage demands to on-board camera analytics eliminating the need for hardware to conduct video processing at the core. And green attracts green as eco-friendly technological innovation often reaps immediate rewards: installers with ISO 14001 are likely to consolidate their qualification by specifying products from manufacturers associated with sound ecology so creating a cycle of sustainable operating procedures. The innovations listed above are certainly reducing use of fossil fuels but will never be more than micro trends. The potential game-changer for how innovation within our industry might have major environmental impact lies with PSIM (physical security information management). It’s a significant development in that PSIM security systems within truly “intelligent” and sustainable buildings are evolving beyond mere aggregation of data. Managers are beginning to inhabit a connected multi-disciplinary zone of components and sensors. This is an environment that gives them a platform to filter and share security information on such a scale that they are finding structure and patterns in data that should soon move us from the “smart building” to the “smart city.” Make that leap, with the security sector claiming some of the credit, and our green practice will truly have come of age.
Many security manufacturers are working towards ISO 14001, an internationally-recognised standard for the environmental management of businesses How green are security industry manufacturers? As innovation (much of it driven from home video and mobile phones) continues, it’s likely that our sector’s carbon footprint will decrease since compact products use up fewer raw materials. Even casual observers will note that integrators are falling over themselves to gain environmental accreditation since it’s often a prerequisite at tender stage. In the integrator community, environmentally-aware practice will soon become the default way of working and barely worth mentioning as a credential. For the major sources of potential improvement in environmental impact we should look to manufacturers. Are they trying to be environmentally-friendly in terms of material consumption, recycling and waste management? Working towards green marketing campaigns A cynic will say that the only real motivation towards being green is when good environmental practice also benefits the bottom line. Fortunately, there are many cases where green initiatives do make business sense. Researching manufacturers while preparing this article, I discovered that as an industry dealing to a large extent with crime, we are probably slow to play the ‘green card’ even when our practices are essentially sound. Our marketing must have a high level of integrity. There are horror stories of promotional ‘greenwash’ in other sectors, notably an outrageous claim by Shell that they were “using waste CO2 to grow flowers.” Friends of the Earth scrutinised this and found that just 0.325 percent of Shell’s output was used in such a manner and the (UK-based) Advertising Standards Authority insisted that the campaign be pulled. Many security manufacturers are quietly working towards ISO 14001, an internationally-recognised standard for the environmental management of businesses. However, take-up in the US (where the standard is regarded with less respect than in Europe) is lamentably slow. As it moves from a criterion for “conformance” to one of “compliance”, ISO 14001 is likely to acquire more teeth. Security products deemed to originate from manufacturers with a poor environmental record can be simply thrown out and the consultant told to look for an alternative Achieving ISO 14001 environmental management certification SourceSecurity.com reports regularly on manufacturers gaining ISO 14001, most recently HID Global. Within CCTV, Pentax was one of the first manufacturers to be awarded the standard. There are many other examples. Raytec is not just preventing light pollution with its products but is minimising pollution in the conventional sense with environmental policy that meets ISO requirements. The company has focused on electricity consumption, use of non-recyclable packaging and generation of non-recyclable waste. Its ultimate goal is being carbon neutral and many of Raytec’s suppliers are based locally, a policy that reduces truck miles. For large units and consignments, the company has introduced ‘rotate and re-use’ packaging systems with distributors. Samsung Techwin is also environmentally aware with scrupulous analysis of any hazardous materials generated by production processes and a green procurement and supplier programme involving over 300 companies. Tyco’s record in terms of environmental practice is also exemplary; there are initiatives in place to collaborate with waste haulers on maximisation of recycling and reduction in materials sent to landfill. Analysis of Tyco’s working practices has broadened my own terms of reference: it’s easy to focus exclusively on fossil fuels in this type of discussion but every element of environmental impact should be considered and Tyco is able to boast that its strategy at manufacturing facilities has reduced water usage by 11%. American LEED certification vs. UK-based BREEAM standard Under pressure from environmentally-aware clients on major civils projects at tender stage, construction companies and M&E sub-contractors are scrutinising the green credentials of every single component. Security products deemed to originate from manufacturers with a poor environmental record can be simply thrown out and the consultant told to look for an alternative. (The London borough councils are particularly vigilant in this area.) Consultants are now arbitrating on the green credentials of products in their initial designs, especially when the client is working to the American LEED green building certification system which evaluates projects against common green criteria including stewardship of resources. A rival code of practice is the UK-based BREEAM standard which has been developed to provide information to the building industry on sustainable development. Both certifications analyse energy usage in cooling of electrical components which is a significant factor for security manufacturers. Chinese manufacturers are experiencing greater pressure from global sales markets to conform to environmental standards for security products Eco-friendly challenge for Chinese security product manufacturers A development that should surprise nobody is stringent requirements from standards bodies on likely product lifecycles. The (abysmal) norm of built-in redundancy after three to five years that is tolerated in the IT sector has never been accepted by users of security products. Requirements from the International Organisation for Standardisation may soon codify the product lifecycle that manufacturers should strive for but without impeding R&D. Despite all the success stories, there is an elephant in the room that should not be ignored. Chinese manufacturers must realise that if their products are to be used on the world stage then green isn’t optional anymore. It should of course be said that regulatory frameworks in China are lacking (there has been some improvement since 2014) and legislation is complicated by the fact that individual provinces have a level of autonomy. Sadly, there also appears to be a lack of will. Here is just one statistic. The Environmental Protection Agency in the United States currently has 15,000 employees compared with 200 at its Chinese equivalent. All of this puts the onus on Chinese manufacturers to self-supervise in terms of environmental impact.
Technology can safeguard other motorists, and help highway authorities to communicate with wayward drivers to avoid accidents There has been a spate of accidents worldwide in which cars have been driven either knowingly or unwittingly against the flow of traffic and into oncoming vehicles. Existing and imminent technology from the security sector can prevent such occurrences, alerting responsive drivers to their error and safeguarding other motorists. I write this shortly after reading that two people have died in the East Midlands of England after a “wrong-way” collision in which an 87-year-old man hit a van head-on when he drove his people-carrier northwards on the southbound lanes of the M1 motorway (known as a freeway, highway or interstate in the US) near the city of Nottingham. At least 350 people die every year in the U.S. as a result of similar incidents. Video analytics - identifying the exact threat Anybody working in video analytics will tell you that atypical direction of movement is one of the easiest scenarios on which to generate an alert. The algorithm to recognise this can now reside “at the edge” within a camera and no longer requires central processing at the core. Recent advances in the ability of cameras to cope with rain and fog coupled with the fact that most motorways are well- lit (certainly at exit and entrance ramps) make the slow take-up of scene analysis by highway authorities disappointing. The U.S. National Transportation Safety Board has found that wrong-way crashes on motorways have a fatality rate tthat is up to 27 times that of other high-speed collisions. Video analytics offers the best means of identifying the exact threat faced by other motorists, but the most robust solution for detecting a wrong-way driver is microwave radar which is of a continuous wave (CW) Doppler type or frequency-modulated continuous wave (FMCW). Radar is a low-maintenance (often solar-powered) solution and unaffected by inclement weather but does not tell first responders exactly what to look for unless combined with cameras. Cloud communication and even the prospect of mass emergency notification systems with the co-operation of cellular providers are all part of an armoury that should reduce accidents Communicating with drivers Highway authorities worldwide are exploiting advances in variable message signing to communicate with legitimate drivers. The usual instruction is to pull over to the hard shoulder and stop. This is often effective against the hesitant elderly wrong-way driver since, regardless of whether a country drives on the right or the left, a wrong-way driver who thinks they are in the crawler lane will in fact be in the fast lane in terms of oncoming traffic. Communicating with wrong-way drivers poses specific challenges in that if they are to see a message, it must be mounted on the back of a normal gantry, and many errant drivers are either intoxicated or suffering spatial disorientation which is a common trait with elderly motorists found driving against the flow. A nightmare scenario is that of drivers turning and moving the wrong way in order to correct a previous mistake (such as missing an exit junction) and it is here that video analytics holds the most promise since the manoeuvre is so anomalous it should create an alert. Help from driver assistance cameras Even in an era of saturation, CCTV and the extraordinary optical performance of megapixel cameras, it will never be possible to cover every yard of motorways. Having avoided the physical threat to themselves, motorists encountering a wrong-way vehicle on a freeway are usually public-spirited enough to phone emergency services. This was the case late last year, when a 20-year-old apprentice electrician drove his BMW for nine miles in the wrong direction around the M25 motorway in Greater London. (The M25 is the equivalent of Paris’s ‘Périphérique’ and New York’s I-287 though with speeds as much as a quarter higher.) The journey saw him weaving in and out of oncoming traffic and if you have the stomach to watch it, Kent Police has posted footage on its official YouTube channel. Motorists who are making an innocent mistake may soon receive help from driver assistance cameras. Currently used to correct errors such as poor lane discipline, intelligent on-board cameras are already being used by Mercedes-Benz to identify no-entry signs. Data from the cameras is also compared with information retrieved from GPS navigation, and wrong-way driving results in an immediate alert. The wrong direction of movement is oneof the easiest scenarios on which togenerate an alert in video analytics Warnings via the Cloud In 2016 Bosch plans to begin supplying manufacturers with software that will place a car’s progress in a database of roads, alert the motorist promptly to wrong-way driving and even stop the vehicle if necessary. Crucially, the software will also send alerts to the Cloud in order to warn other motorists of the errant driver and activate variable message signing. The limiting factors take-up rates from purchasers and availability of robust Internet connections. The development has caused concern among observers in the U.S., notably Gulf Coast inhabitants, who note that a robust disable feature would be vital since it is common for all lanes on a highway to be available to traffic fleeing a hurricane. Ashutosh Saxena, a faculty member at Cornell University, has gone way beyond simple algorithms that create alarms on atypical direction to the analysis of complex combinations of driver head movements. The analysis is placed in the context of the road ahead by drawing information from street maps and satellite systems. The research may soon be a reliable source of warnings when a driver is about to make an illegal turn onto a motorway (or any other road) but will of course be available in the first instance only on high-end cars. Those determined to injure themselves or others will continue to pose a threat on motorways but the length of time they spend driving the wrong way before being apprehended is likely to diminish. Increasingly sophisticated radar, automated video analysis, Cloud communication and even the prospect of mass emergency notification systems with the co-operation of cellular providers are all part of an armoury that should reduce accidents.
The Eiffel tower illuminated with colours of the French national flag on November 16 Let’s say it up front: The physical security sector has limited solutions to address events like those in Paris on the 13th November. The series of coordinated terrorist attacks consisted of mass shootings, suicide bombings, and hostage-taking in which 129 people died. Among the dead were 89 people at the Bataclan theatre where American band Eagles of Death Metal was playing at the time to an audience of around 1,500. But we can take our cue from President Obama, who has just announced that the United States will not only share more information with its allies but will do so more quickly and across more channels. If anything can be learned from Friday 13th it’s that we need to distribute data of every kind (video footage from both public and private sectors, access control reports, and biometrics) across the widest possible law enforcement network in a collaborative manner. We already have physical security information management (PSIM), and we are making strides towards smart cities, the Internet of Things and Big Data that is easily retrieved and analysed. Public perception may be that we are already more cohesive than we actually are. Vigilant guarding and biometric scrutiny Three of the terrorists detonated suicide vests either on the perimeter or very close to the 80,000-capacity Stade de France in the north of the city. (A stadium wall is currently pockmarked with the imprint of ball bearings.) Whatever our technological advances, it should be remembered that one of the terrorists seeking entry to the game was detected by a vigilant steward conducting a body frisk. Manned guarding of the highest order is perhaps still our greatest safeguard and should never be underestimated by legislators or eclipsed by technology companies with large marketing budgets. A terrorist scare at the German team’s hotel on the same morning occurred in error but was the result of staff showing diligence and alertness. Manned guarding of the highestorder is perhaps still our greatestsafeguard and should never beunderestimated by legislators oreclipsed by technology companieswith large marketing budgets The possible consequences of reports that a forged Syrian passport was found at the sports stadium are enormous. Still more incendiary is the probability that the jihadist entered Europe from Syria and used the forged ID to buy ferry tickets while posing as a refugee. But all this is for the politicians. In the security community, our responsibility is to ensure that biometric scrutiny of passports at a small island off the Greek coast is as rigorous and sophisticated as checking at airports such as Ben Gurion and John F. Kennedy International. Expectations of technology We should not only avoid apportioning blame but are duty-bound to ensure that the public has realistic expectations of our technology. Anne Hidalgo, the mayor of Paris, could install as many 16-megapixel cameras in the Place de la Concorde as there are figures around the famous fountains; the city would still not be protected even against known suspects since automated facial recognition remains the stuff of science fiction. Saying this, the attacks can only result in the installation of more cameras and greater public acceptance of them. To date, cameras in Paris have been used more for enforcement of traffic regulations than surveillance of pedestrians, with sensitivity about civil liberties being acute and entrenched. (The French have also tended to be sceptical about the effectiveness of video analytics.) Protecting vulnerable venues and events French security administrators should focus on known future challenges and not impute failings to specific policing or civil service sectors either in France or neighbouring countries. The most immediate challenge is next year’s European football championships (UEFA Euro 2016) which will be held in 10 French cities with the final (inevitably) slated for the Stade de France. Security in stadiums (as was shown earlier this month) generally works well, and the risk is more to street gatherings and celebrations where there are no fixed entrance points. Of course Euro 2016 will see large informal gatherings of fans in public squares prior to games. Crowds lit candles outside the Bataclan theatrein tribute to the victims Concert halls such as the Bataclan (where there is ticketing but no turnstiles) are likely to prove vulnerable, and it was here that the terrorists proved most lethal, killing over 89 people with automatic rifles and explosives. An arts venue can’t be a fortress, but we are surely close to a situation where attending any event in a large venue will involve producing photographic ID. And would it be such an enormous infringement of my human rights that the credit card with which I bought a ticket for a concert this morning should be linked to my passport number? Need for communication and shared data There is surely scope for security authorities to work with Twitter in order to create officially sanctioned hashtags in emergency situations. With the Paris transport system frozen, much was achieved with an unofficial #PorteOuverte hashtag as inner-city residents simply opened their doors to strangers and in many cases almost literally pulled people out of harm’s way into their homes. None of this came out of a clear blue sky. François Heisbourg, a French security expert from the International Institute for Strategic Studies, gave an immediate interview saying: “We were expecting something big but not like this and not this sophisticated. The background noise [‘chatter’] was getting very disturbing.” But chatter rarely gives specifics, and the threat could have been to any part of mainland Europe. As I write, the focus has turned to Belgium and an impoverished suburb of Brussels which may now be the hideout of the one gunman to survive the shootings. The search for Salah Abdeslam is probably the biggest manhunt in European history and is certainly involving the most intensive use of technology. Just as the threat is evolving, with jihadists showing an increasing level of preparation and determination to inflict mass casualties in coordinated actions, the physical security sector needs to communicate with police and legislators to illustrate the sophistication of cameras, access control and perimeter protection (which can now be deployed effectively on a temporary basis for one-off events.) But the greatest mistake (and irresponsible conduct) in the face of continuing threats would be for security vendors to oversell their offerings.
With every technological advance that canbenefit museum management comes anotherthat may assist thieves When protecting art treasures, the first instinct for many security professionals may well be to look at recent advances in technology. Hasn’t the advent of IP-addressable devices provided sufficient tools to protect art exhibits from theft in a discreet manner? Apparently not, and entrenched attitudes abound among curators. Consultants who so much as mention RFID tagging in a museum environment often receive sarcastic responses reminding them that they have been asked to secure works of art – not pets or livestock. There has, however, been a gradual acceptance of RFID in the art world, particularly if the tag is small enough to occupy only the head portion of the frame of a painting and not extend to the back. But it’s unusual for museum RFID tags to have GPS tracking, and they are rarely monitored beyond a distance of 70 yards. There is no downloadable “Where’s My Painting?” app on Android or iOS. Furthermore, RFID tagging of a frame provides no protection against thieves who are willing to take a blade to the canvas. An application where RFID tagging and GPS come into their own is when items are sent on loan to other galleries and a travelling case is placed around the regular frame. The Kröller-Müller Museum in the Netherlands (known for its van Gogh collection) has recently adopted this technique. But even with such technology in place, art sector observers are disturbed by the risks inherent in what currently seem to be frenetic levels of activity, with galleries lending each other works as part of “inter-museum horse-trading.” Motion detection The video analytics lobby might point to the increasing reliability of intelligent scene analysis, but a confident thief placing a small painting in a shopping bag is not an easy scenario for an algorithm, and many types of legitimate behaviour near a painting can cause nuisance alarms. By contrast (even as a small source of comfort) it should be noted that removing an oil painting from its frame is not an easy matter and in this context “canvas” in the sense of cloth is a misnomer. Centuries-old lacquer makes many canvases as stiff as a board, and simple motion detection within a CCTV camera let alone analytics is likely to expose the hacking and sawing movements needed to cut away a painting. Simple motion detection within a CCTV camera let alone analytics is likely to expose the hacking and sawing movements needed to cut away a painting Passive infrared sensor advantages Passive infrared sensors (PIRs) have been the mainstay of protection at galleries since the 1950s and continue to be a vital tool, although ceiling height can be a limiting factor. The usual technique is to create a 4-inch deep “wall” in front of the painting by projecting downward from a ceiling-mounted detector. It was after leaning in to one of these “curtains” once too often at my favourite portrait gallery that I was finally persuaded to buy a pair of bi-focal glasses. I had been performing an elaborate ritual whereby I would come within inches of a work in order to read the information panel and then back off in order to view the whole painting. By this time an alarm had sounded or a visual alert unseen by me had attracted a guard. This odd to-ing and fro-ing among the middle-aged has been practiced by and named after one of Britain’s foremost playwrights; it’s known as “the Alan Bennett minuet.” Steven Keller of Florida-based Architect’s Security Group is a consultant whose expertise includes museum protection. He argues that, ideally, an infrared curtain should be combined with a low railing in front of pictures projecting out some three feet. This will allow responsible visitors to lean over if necessary for a better view or perhaps to indicate a detail to a companion or student without setting off an alert. The infrared field can then be tight to the picture and nuisance alarms from legitimate visitor activity will be minimised. A veteran of numerous gallery and museum installation projects, Keller makes the point that unless the wall being protected by an infrared alarm is very long – longer than the range of the detector – then the field of coverage will project into walkways or other areas where surveillance is not required. This difficulty can be solved by using two opposing detectors and wiring the devices so they must both trip before an alarm is generated, or terminating the detector into the wall before it extends beyond the desired area. Passive infrared sensors (PIRs) have beenthe mainstay of protection at galleries since the1950s and continue to be a vital tool Analytics better than infrared? If a museum has suitable cameras then video analytics can become a viable alternative to projecting infrared beams in front of pictures. Areas that are prone to nuisance alarms can be masked off, and adaptive learning analytics can be “taught” that certain types of stimuli are not an attempt to steal the item but part of legitimate ambient activity. Analytics can benefit museum curators more than infrared in so far as it may be possible to sound an alarm as soon as a sterile zone is compromised and prevent an incident whereas infrared will always be after the fact. Access control for museum security Access control has much to offer museums and, far from ignoring developments in this sector, galleries are beginning to adopt a technology that in no way compromises the safety of exhibits or visitor experience. It should be remembered that many of the access challenges presented to museum managers are in areas not seen by the public. MIFARE cards that can be deactivated at will must have solved many headaches for security directors worried that a former member of staff may pose a threat. Similarly, electronic key management (often using RFID) where traditional keys are issued on a hierarchical “right-to-have” basis creates accountability and protects paintings when they are in vulnerable locations such as a restoration studio. (Stringent access control for staff may have prevented many incidents: the FBI currently estimates that 80 percent of art crime is committed with the aid of an insider.) Passive infrared is primarily useful in protecting exhibits from the clumsy or over-curious but it also deters thieves. A strategy intended specifically to defeat the art thief is a small wireless transmitter placed at the back of a painting and connected to an impact sensor. Unless they are exceptionally dexterous, anybody removing the painting from the wall will send a signal to an alarm panel in a control room, an off-site alarm receiving centre (ARC) or even to a smartphone app. These devices are of course reliant on a power supply in the control room and it would be interesting to know how many major art galleries have a back-up generator and how many take precautions against the possibility of thieves with electrical knowledge disabling entire power systems. Saturation motion detection ispreferable to perfect perimeterprotection since museum theftscan more easily occur by stayingbehind than by breaking in Sadly, with every technological advance that can benefit museum management comes another that may assist thieves. (I can hardly be the first person to have looked at the roofs and perimeters of London’s art galleries on Google Earth.) The sheer volume of current security innovations must however be favouring the good guys; video management systems (VMS) companies are not only allowing motion sensors or video analytics to trigger recording but they can also programme their software to send clips (playable on a tablet or smartphone) to staff who are either off-site or elsewhere in a large building. Understanding perimeter protection and motion detection Perimeter protection manufacturers have much to offer the art sector. Nobody wants a museum to look like a fortress and many of the buildings are listed architecture whose façades cannot be compromised, but buried volumetric intruder detection is contributing to the security of numerous galleries. However, Steven Keller notes that perimeter protection provides no safeguard against the “stay behind” or against perhaps the most potent threat of all, the disaffected current or recent employee lurking in the building as was the case when ‘The Mona Lisa’ was stolen from the Louvre in 1911. Keller says: “So many security designers, faced with a moderate budget, saturate galleries with motion detection rather than alarming every air intake vent in the room. While the intruder might not be immediately detected, he would eventually be apparent upon arrival in the collection-bearing area. Saturation motion detection is preferable to perfect perimeter protection since museum thefts can more easily occur by staying behind than by breaking in.” Keller is also at pains to stress that guards must also remain vigilant out of hours, and any security installation should be walk-tested every day at closing time in order to check functionality and flush out a “stay behind,” however remote this possibility may seem.
Major art heists often feature audacity that defeats even the most thorough security protocols Museum security, like art, is ever-changing. Traditional security practices like manned guarding alone are not sufficient to keep thieves at bay. Modern security technologies such as video surveillance, motions detectors, intruder alarms and other physical security devices also play an equally important role in securing museums and its art work. Regrettably, having all these security measures in place does not always guarantee safety and thieves sometimes still manage to steal art work through deceptive tactics. “The Mona Lisa” by Leonardo, “The Scream” by Edvard Munch (twice, but two different versions), “Poppy Flowers” by van Gogh (twice), “Harlequin Head” by Picasso, and “Jacob de Gheyn III” by Rembrandt (a staggering four times). What do these paintings have in common? They have all been stolen from museums. Museum security – best practices Any museum director must strike a delicate balance between providing a sanctuary and a showplace for art works. Galleries seek both to protect and to welcome. For the legitimate visitor, museum security should be nearly invisible. For the would-be criminal, it should be apparent, but not so obvious as to make hostile reconnaissance a worthwhile practice. Spend a few hours in a selection of galleries in any major city and you’ll note that on the whole, attendants are indeed welcoming. They tend to be amiable blazered men in their 60s who are filling in time while on a pension from a former career in the police or armed forces. You would back them to prove zealous in confiscating a selfie-stick from a tourist (largely banned, though frequently still used) but might be less confident of the outcome if they had to confront a determined thief or vandal. Galleries need guards who are physically strong, observant and not beyond early middle age. (A standard gag among criminals is that staff are often of the same vintage as the exhibits they are guarding.) Michael Daley, director of ArtWatch UK, makes the pragmatic point that gallery curators should assess thoroughly the security measures at any museum that they are going to entrust with a loan item. In 1994, the Tate in London lent two paintings by Turner to a museum in Frankfurt that shares its premises with a music college and at the time had no perimeter security. The Turners were stolen by thieves working for Serbian gangsters and a ransom in excess of $4.5 million was paid by Tate from charitable monies with little attempt made at apprehending the criminals. One of the paintings was recovered from the garage of a Frankfurt mechanic who had a sideline as a Dean Martin impersonator. Yes, really. CCTV vs. human response A standard gag among criminals is that staff are often of the same vintage as the exhibits they are guarding The consensus among curators that technology has much to offer but will never replace the human response is difficult to argue with, but only if we are confident that guards will prove to be consistently alert and conscientious. Scepticism about the merits of video surveillance prompts many museums to pay more attention to installing CCTV in their gift shops than in the exhibition halls. Traditional curators are also reluctant to allow a battery anywhere near a painting for fear that acid may be leaked. They argue that unless CCTV is scrutinised non-stop by guards (and few institutions have the manpower for this) it merely gives a record of the theft. This was the case three years ago when a Salvador Dali painting was taken from a brand-new gallery on Madison Avenue. Management had a high-resolution clip from an IP camera and little else to go on. Use of proximity alarms The principal focus of London-based ArtWatch UK is to protect works from inappropriate restoration techniques and careless or demeaning treatment. But Michael Daley naturally keeps an eye on security issues and has some horror stories to relate that suggest proximity alarms are not being used. He says: “Only recently I was shown a photograph of a curator signing a form by placing the paper on the vertical surface of a Rembrandt.” He continues: “At a preeminent gallery in the U.S., I saw a group of teenagers having their photograph taken and being instructed to keep moving back so that they could all be in the frame. They ended up leaning against a canvas with one boy’s elbow depressing it sharply. Only when I shouted at them did either the guard or their teacher notice what was happening.” London’s National Gallery theft incident Museum parlance for somebody who enters a gallery as a visitor through the normal route and remains after hours is a “stay behind.” A bizarre theft involving a stay behind (possibly better categorised as a protest rather than a serious attempt to steal) occurred at London’s National Gallery early one morning in August 1961. As part of a campaign against the perceived injustice of low-income pensioners being charged to buy a license to watch public television broadcasts, Kempton Bunton eased his way out of a toilet window leading on to Trafalgar Square carrying a portrait bust of Napoleon by Goya under his arm. He had arrived as a regular visitor the previous day and hidden overnight. Bunton had done his research and was aware that the gallery’s infrared motion sensors were switched off while cleaners readied the building for the day. A disabled former bus driver in his 60s and weighing 240 pounds, he was an unlikely burglar. The next time you watch the Bond film Dr No (shot six months after the theft) look for Sean Connery walking past an oil painting in the villain’s underwater Jamaican headquarters. “So that’s where it went!” The painting was returned safely in 1965 when, with an anticlimactic gesture, Bunton deposited it at the left luggage lockers of a Birmingham railway station. Scepticism about the merits ofvideo surveillance promptsmany museums to pay moreattention to installing CCTV intheir gift shops than in theexhibition halls Biggest art theft in US history Major art heists often feature audacity that defeats even thorough security protocol. An unsolved 1990 theft at Boston’s Isabella Stewart Gardner Museum involving 13 paintings valued at $500 million began when a pair of criminals presented themselves at the gallery door late at night dressed as policemen and claiming they were responding to a call amid the hoopla of St Patrick’s Day celebrations. They were buzzed in and one of the two duty guards foolishly left his desk (which featured a panic button.) Both guards soon found themselves duct-taped to pipes in the basement. The theft is the largest ever art haul and included Rembrandt’s only seascape, “The Storm on the Sea of Galilee.” This painting remains in our popular culture, being seen in films and even featuring in an episode of “The Simpsons.” "They have cameras at McDonald’s but we weren’t allowed to install them" Ingenuity can also extend to diversionary tactics and escape methods. In December 2000, criminals brought an already busy Stockholm city centre to gridlock by abandoning a pair of cars outside major hotels and setting them afire. Meanwhile, at the National Museum, their colleagues stole a Rembrandt and two Renoirs, making their getaway along the river Norrström in a tatty second-hand speedboat they had bought a few days earlier. In a remarkably blunt and no doubt emotional press conference, Agneta Karlström of the museum said: “They have cameras at McDonald’s but we weren’t allowed to install them.” Staying in Scandinavia, art security specialists noted a depressing development in Oslo in 2004 when one of the several versions of “The Scream” painted by Edvard Munch was stolen from the Munch Museum. Thieves had been armed before but in this case they were wielding machine guns during opening hours and gave the impression they would not hesitate to use them.
Millions of dollars are spent annually at border crossings on technology such as buried volumetric sensors Border control forces, train operators, ferry companies and humanitarian organisations have spent much of 2015 concerned with people trafficking between the northern coast of France and the United Kingdom. Now the focus has switched to migrants fleeing civil war in Syria. It is one of the biggest migrant crisis that Europe has witnessed so far, with hundreds of refugees seeking shelter away from war-torn Syria. The favoured route to continental Europe is through the Balkans, which has led to clashes between migrants and security forces patrolling the borders. In such a scenario, is there a role for physical security technology to help manage the crisis? Protecting refugees Video of the Hungarian army erecting 12-foot-high fencing along the whole of the 110-mile border with Serbia hardly reinforces the welcoming image that saw 9.5 million tourists visit the country last year. But Hungarian Prime Minister Viktor Orbán is confronting a difficult choice: Face the stigma of erecting a barrier or allow the Internet to go viral with pictures such as that of a 10-year-old Syrian girl having teargas doused from her eyes. This horrific image emerged after a stand-off between police and migrants throwing bricks and wielding sticks at Horgos, the main crossing point between Serbia and Hungary. At the time of writing, more than 27,000 migrants (mainly from Syria, Afghanistan and Pakistan) have headed west to Croatia, which they see as more promising than Hungary’s right-wing regime and a possible entry point to Slovenia which has a border with Austria. Dangers facing the migrants in Croatia include unexploded landmines left over from 1990s ethnic conflicts in the former Yugoslavia. All of the Hungarian barrier is chainlink topped with razor wire at minimum, but news reports have shown occasional two-level sections with electric fences and even use of sophisticated microphonic cable over conventional fencing at locations seen as points of vulnerability. Stringent measures The Hungarian parliament has just voted to give police and army new powers to deal with migrants, including use of “coercive weapons designed to cause bodily harm, although in a non-lethal way, unless it cannot be avoided.” “Coercive weapons” include rubber bullets, smoke grenades and a water cannon with pepper spray. These measures may be exceptional, but the situation is extraordinary with two recent instances of children being thrown over the new fence. The Hungarian parliament has just voted to give police and army new powers to deal with migrants, including use of "coercive weapons designed to cause bodily harm although in a non-lethal way, unless it cannot be avoided" Tension now extends between neighbouring countries, with Serbia claiming that its ambulance service is being overstretched collecting the injured from Hungarian territory where they are being denied food, water and information. The United Nations High Commissioner for Refugees and Frontex (the European Union’s border coordination agency) have condemned the Hungarian stance. Serbian government spokesmen have described how journalists are administering basic first aid to migrant children while Hungarian soldiers simply look on. There have been several instances of migrants taking bolt cutters to the fence, which can only indicate a degree of support from Serbs living near the border. Going back in time So what help can the physical security industry offer in terms of technology? Sadly, the Hungarians’ sophisticated fencing is simply pushing people westward. Few of the migrants have travel documentation of any kind, and the number carrying biometric passports is minimal. Biometric technology, so often a source of protection at conventional transport hubs, is proving a flashpoint here. A riot broke out (again at the Horgos crossing) when a group of Syrians would not allow their fingerprints to be taken. Most of them will have first set foot on European Union soil in either Bulgaria or Greece, but this group surmised (correctly) that under the Union’s rules anybody documented biometrically for the first time while in Hungary would end up in what is likely to be a less-than-hospitable holding camp in the Hungarian capital of Budapest. These are not economic migrants; their journeys have no plan or structure, and technology is going out the window amid the fog of war So, in addition to a fence, what are the Hungarian National Police relying on to deal with the worst refugee crisis since WWII? Karoly Papp, Chief Commissioner, showed his hand early on; he’s using mounted police and dogs. The country we now recognise as Hungary began to take shape in the year 895. And what did the early Hungarians use to defend themselves against incursions from the Byzantine Empire? You’ve guessed it. Fences, men on horses and dogs. Modern security technology vs. outdated measures Try as I might, I can’t get beyond metal barriers in this analysis but manufacturers may have some suggestions as to how their products might be used constructively in the region. And yet I’m sceptical as to what our industry can offer, and fear it may prove impotent in this emergency. Millions of dollars are spent annually at border crossings on technology such as buried volumetric sensors, acoustic sensors, seismic detection, passive infrared (PIR), HD cameras, thermal imaging and video analytics. But when a crisis occurs, the government of a European Union member resorts to methods that date back to the ninth century. It is probable that many of the Syrian migrants would be able to assemble better documentation and even biometric ID had they not fled a dictatorship in the throes of ethnic and sectarian violence, not to mention sustained attacks by ISIS. These are not economic migrants; their journeys have no plan or structure, and technology is going out the window amid the fog of war. Our sector is proving irrelevant amid a humanitarian crisis.
The sheer number of travelers and lack of passport control in the Schengen Area in Europe tests railroad security’s capabilities Railway security faces the unenviable task of monitoring hundreds of thousands of passengers travelling between countries every day, and an attack on a train in Europe last month has cast a spotlight on the conflict between offering fast and efficient transport services whilst conducting thorough surveillance of passengers and luggage in transit. This incident has brought pressure on EU transport officials to implement more stringent security screening procedures on inter-continental trains in Europe, but can this be realistically achieved? Ayoub El Kahzzan, a Moroccan national who had spent time in Syria, allegedly attempted to open fire on passengers in a train from Amsterdam to Paris last month. Prosecutors claim that he was carrying a Luger pistol, a Kalashnikov, a box-cutter knife and a bottle of petrol. He slashed at one passenger and fired off a few rounds before the rifle’s primer failed. He was subdued promptly by travellers including two vacationing U.S. servicemen. El Kahzzan was known to authorities in France, Belgium and Spain. He had also attended a mosque in Algeciras on the southern coast of Spain that had been under police surveillance. And that is as far as we need go with the precise details of the case other than noting that 550 people were on board the train (this being more than the capacity of a typical Boeing 747) and it had passed through three countries. But might available and imminent security products or services be able to address such threats? Protecting train passengers has been a priority for our sector since 191 people died in Madrid from three coordinated bombings in March 2004. It would be foolish to expect train operators and infrastructure managers to give out much information, but it’s difficult not to conclude that progress since the 2004 atrocity has been slight. Challenges of screening & surveillance at major transport hubs Sheer numbers present the main hurdle on rail networks and the task of screening the 260,000 people a day who go through Amsterdam Central (the departure point of the Thalys high-speed train in question) is clearly not a viable one. Few people would be willing to present themselves at a train station more than ten minutes prior to departure for such screening, and any attempt at surveillance of this kind would simply block Europe’s motorways. El Kahzzan’s fingerprints were on file (presumably accompanied by a mugshot), but facial recognition on this scale at a major rail hub is the stuff of fantasy in terms of our current biometric and database capabilities. It would also meet opposition (quite rightly) from the civil rights lobby. A crucial factor here is the abolition of passport control within the 26 European countries that make up the Schengen Zone. Realists working in both security and politics acknowledge that we don’t exist in a vacuum and, literally as I type, German Chancellor Angela Merkel is waiving certain visa checks as the build-up of refugees fleeing the war in Syria increases. Extensive behind-the-scenes security screenings Sheer numbers present the main hurdle on rail networks and the task of screening the 260,000 people a day who go through Amsterdam Central (the departure point of the Thalys high-speed train in question) is clearly not a viable one If body searches and biometric screening are more or less out of the question, the technological outlook for analysing passenger luggage on inter-continental trains is far more encouraging, though we should be realistic about likely increases to boarding times. The weighing and initial scanning of your hold luggage at an airline check-in desk while it’s still in your sight probably represents less than 5% of the total time spent scrutinising it. Behind the scenes there will be extensive x-raying and use of sniffer dogs who can only work a 20-minute shift before resting for 40 minutes. Of course use of dogs while a train is in motion is achievable but anybody who has struggled simply to make headway down the corridor of a Eurostar train will rule this out, and the prospect conjures up scenes from bad war movies. Eurostar trains in and out of London are an exception to much of the analysis here since Britain is not a signatory to the Schengen Area agreement. Screening of luggage and the attention of immigration officials to travellers on these trains can often be as scrupulous as that paid to air passengers though the layout of a train station (as opposed to an airport) must be a nightmare for officials since there is more scope for would-be terrorists to conduct hostile reconnaissance. Fuel vapour detection is achievable with simple hand-held devices, but El Kahzzan’s possession of a bottle of petrol is so bizarre (and such a threat to himself even before completing whatever he saw as his ultimate mission) that it can be ruled out as a regular tactic of future jihadists. Intending to discuss overall issues here rather than the circumstances of the recent incident on the Belgian-French border, I return to it only to point out that it is not necessarily a template from which we should seek to learn. El Kahzzan’s bizarre arsenal and his incompetence suggest that he was a lone wolf with no logistical support from Al-Qaeda and its affiliates. Reintroduce passport control in Schengen Area? EU transport ministers will face pressure to reintroduce passport control as trains cross international borders within the Schengen Area. Of course, this will only alert controllers to known or suspected criminals and will provide no protection against seasoned terrorists travelling on stolen or forged papers One simple strategy for the operators of inter-continental trains does suggest itself. EU transport ministers are due to meet in early October. They will face pressure to reintroduce passport control as trains cross international borders within the Schengen Area. Of course, this will only alert controllers to known or suspected criminals and will provide no protection against seasoned terrorists travelling on stolen or forged papers. Proactively sharing intelligence across borders by issuing train guards with smart devices that can access international passport databases is eminently achievable and the costs – which could be shared by multiple stakeholders – would be significant but by no means prohibitive. The profile of certain guards could also be heightened to that of a marshal. There is of course a dampener to even the modest optimism that might come from taking such measures. The jihadist mentality seeks to attack secular communities and any society adhering to religious beliefs alien to its own. A common theme running through recent targets has been material wealth; it is no coincidence that the World Trade Center was attacked twice. Passengers on the train in question included the film star Jean-Hugues Anglade and many others aboard would have been affluent. This Thalys express train was a high-profile target but even a cursory glance at the timetable out of Amsterdam shows that there are services with comparably extensive rolling stock (and thus passenger numbers) to every major city in Holland. Travellers would not be so wealthy and there would be few if any Americans in their number. We can at least take a modicum of comfort from what will be an inevitable increase across Europe in metal detectors, spot checks on ID, random examination of luggage and engagement between police and passengers that will contribute to general awareness of threats.
Intimate body search at airports also takes a psychological toll on the person conducting the search SourceSecurity.com's European Correspondent, Jeremy Malies gives an account of the Body Search 2015 security conference that was held at Hounslow, London. Along with emphasis on aviation security, the conference also covered an array of safety and commercial applications. Some of the topics outlined in this article include: New techniques in body scanning, the exasperation public face during airport security checks, inflexible protocols followed by the airport security staff and some more. The breadth of coverage in terms of the technology and application sectors at Body Search 2015 made it an interesting conference. Body Search 2015 security forum “The Invasion of the Body-Scanners” was the self-deprecating tagline, and Body Search 2015 was the most interesting security forum I’m likely to attend this year. A former Israeli bomb disposal expert argued cogently that mice will outperform humans, dogs and machines in detecting explosives. In a side room, a training company would subject you to a pat-down search and then discuss the best practice for this kind of inspection. Only at such an event could you learn that extroverts conduct the best body checks. Many bookish introverts may excel in training and written examinations, but they often perform miserably in the field. But the most memorable detail will remain with me every time I begin to feel frustrated while being scrutinised at an airport security checkpoint, and the thought will no doubt help my blood pressure. No matter how demoralising and draining an intimate body search may be for the passenger, it is nothing compared with the psychological toll on the person conducting the search. This is an interesting viewpoint and one that should remind us that airport security personnel are performing a largely thankless task expressly to keep us safe in the skies. Manual airside security checks In a talk covering manual airside security checks, Andrew McClumpha dealt with cultural issues against a backdrop of what will always be stressful circumstances. Despite the evolving challenges, with threats changing constantly, airport staff is required to follow inflexible protocol in their stop-and-search activity. When regulations do change, the new protocol seldom appears to have been framed with operational and motivational sustainability in mind. Integration of people, processes and technology requires organisational structures that are “flatter” than standard models, and it is vital that in a mission-critical environment such as airport security, promotion of staff should be based not on longevity of service but fitness to manage and ability to energise a workforce. Airport security - higher incidence of body searches and greater thoroughness Despite the evolving challenges, with threats changing constantly, airport staff are required to follow inflexible protocol in their stop-and-search activity McClumpha looked ahead to changing European regulations in September that will require a higher incidence of body searches and greater thoroughness. From the perspective of a trade journalist who deals with related disciplines such as CCTV and access control but always pays close attention to security practice when travelling by air, it was fascinating to learn that many elements of airport security are designed not just to expose criminal acts, but to frustrate attempts at reconnaissance by would-be terrorists. If guest speakers later in the month at IFSEC had shown half the wit of those at Body Search 2015, I would have had a more interesting three days in the lecture theatres at ExCeL. As moderator, Steve Wolff framed many of the sessions with an urbane perspective, notably when reminding the delegates that whatever their role in transport, leisure or custodial security, they will always be governed first by the laws of physics and secondly by the laws of environmental exposure, this being a neat introduction to a discussion of the myths and realities surrounding ionising radiation and the health risks of body-scanning. Balance between security and inevitable pressures So what is the tipping point in terms of a balance between the most stringent possible security and the inevitable pressures to run an airport as a commercial transport hub? To what extent did the panel on the second morning of the conference feel (if at all) that the security community needs to ensure that business pressures never take precedence over striving for optimum safety? Should we be “selling” the security case even harder? These were questions posed by Philip Baum, editor of Aviation Security International and a frequent interviewee in mainstream media, most recently after the Germanwings Flight 9525 French Alps crash also discussed by SourceSecurity.com. Just as the advent of the suicide bomber (as early as 1881 with the assassination of Tsar Alexander II) changed the security landscape, body-implanted explosives have thrown up new challenges since they cannot be detected by canines. The Body Search 2015 programme gave slots to speakers from companies representing both transmission and backscatter X-ray techniques. The Body Search 2015 programme gave slots to speakers from companies representing both transmission and backscatter X-ray techniques Transmission and backscatter X-ray techniques Since I could not remember, here is a summary of the two approaches. “Transmission” (also used in medical imaging) passes X-rays through the traveller and collects the information in the form of an image on the other side while “backscatter” (at a lower intensity) does not penetrate or even transmit through the body but relies on rays being bounced off or scattered onto large detectors which create meaningful images. Repeating the frustration felt in this sector by the perceived reluctance of regulators to innovate quickly, Dr Steve Smith (of San Diego-based Tek84, inventors of the “backscatter” X-ray approach) described how implementation in the field took three years. There were significant difficulties in conveying the message that a single usage of the scanner involved a radiation dose 1,000 times lower than what even disinterested parties from other fields agreed was trivial. This was far too sophisticated a conference for any kind of crude comparisons between the two X-ray approaches. When Konstantin Sosenko of ADANI (a company that develops “transmission” X-ray equipment) took the rostrum, the topic changed completely to cover hiding of scalpel blades about the body in prisons and theft from a diamond mine in Angola whose monthly turnover rose by 30 percent when miners realised that they would be subjected to scanning at the end of a shift. Ultimate goal - Complete sharing of information? Breadth of coverage both in terms of technology and application sectors at Body Search 2015 made it easily the most interesting technical conference I have ever attended. Speakers and delegates impressed not only with enthusiasm for their particular fields, but also willingness to exchange information and learn from related disciplines. If, as security professionals, our ultimate goal is complete sharing of information through the Holy Grail of “big data” then the vendors, consultants and end-users at this conference will be in the vanguard.
If airport perimeter fencing is vulnerable then covert detection methods should be used Lack of airport perimeter security would be laughable, if it weren’t so serious. A recent farcical breach of security in London is drawing renewed attention to airport perimeter protection. I want to focus on airport perimeter security, but we’ll start with critical infrastructure in general: A nun, a housepainter and a gardener break into a nuclear facility. This sounds like the beginning of a joke except it was a disturbing reality when the trio (the nun proving to be exceptionally limber at the age of 82) defeated perimeter fencing at the Y-12 National Security Complex in Oak Ridge, Tennessee, a facility that houses the United States’ stocks of bomb-grade uranium and missiles confiscated from Libya’s Colonel Gaddafi. Perimeter breach at JFK airport This incident occurred in July 2012, and only a month later, a man on a jet ski clambered out of the water on the edge of John F. Kennedy International Airport, scaled a perimeter fence and walked along a runway apron. Reading a news item about this at the time, I missed a fundamental point. It should be noted that Daniel Casillo’s craft had broken down and he was neither an activist nor a deliberate trespasser. He had swum for three miles, was scared, tired and on the verge of hypothermia. His first action on nearing a terminal building was to make his presence known to a cargo worker. But it gets worse. JFK was exposed twice on consecutive days in June of this year when a would-be fisherman went over a fence, and an uncle and nephew duo deliberately tried to summon help by shaking another fence violently after the engine of their boat had failed. Consider what a group of determined jihadists equipped with bolt-cutters and weapons could do amid such lax perimeter protection. It’s enough to give me sleepless nights, and I don’t even work in airport security. Negligent security at Heathrow airport I thought I’d seen it all until I switched on the news earlier this month to see activists dressed as polar bears on the northern runway of London’s Heathrow International Airport after they had cut away a sizable section of chain link fence. Am I alone in thinking that terror groups might look at mainstream news sources and get ideas? The activists are from the environmental group Plane Stupid and were protesting plans for expansion at Heathrow. They assembled a tripod device themselves out of poles, and news channels chose to go with an extraordinary photograph of a polar bear (who has tactfully raised part of his headgear) being coaxed down by firemen on a cherry picker. Glasgow International’s breach incident It would be amusing if the security risks exposed were not so grave. Again, am I in a minority as I remember how Glasgow International, an airport I’ll fly into next month for my annual holiday, was attacked during 7/7 week in the UK when a radicalised British-born doctor drove a flaming Jeep Cherokee into its perimeter? Airport security options are comprehensive; there’s a robot that travels on a fence-mounted monorail checking for unusual situations Airport perimeter security solutions Airports are secured (or not) by techniques including conventional plain fencing (typically a minimum of 6 feet high and topped with razor wire), microphonic fencing, terrain-following volumetric sensors, fibre optic sensors, digital microwave, infrared sensors, ground radar (often used in a sterilized zone between two fences), conventional “white light” CCTV with motion detection and thermal imaging cameras. The options are comprehensive, and one manufacturer even has a robot that travels on a fence-mounted monorail checking for unusual situations that may indicate an intrusion. The robot uses laser detection to alert against possible fence damage and suspicious objects. My own hope is that tumbling prices of thermal cameras (as manufacturers who have recouped their initial R&D costs allow the products to be more commercially viable) will see the units become more widespread. By definition they excel in low light and are effective at large perimeters. The “thermograms” they produce are high-contrast and therefore well suited to video analytics. I also believe that if fencing is going to prove consistently vulnerable then the airport community should bolster it with more use of covert detection methods. On a visit to a testing field run by one of the world’s largest (and most technically agile) manufacturers, I observed buried volumetric sensors being calibrated to fine tolerances so that they could reliably distinguish between human intruders and wildlife based not just on weight but pattern of movement. Unaccounted intrusion incidents In the United States, the Transportation Security Administration (TSA) is responsible on a nation-wide basis for screening passengers and baggage, but individual airports are tasked with securing their perimeters, a distinction that suggests the government thinks threats are more likely to come from within. Concerns have been voiced over the fact that, frequently, manned guarding is not even performed by airport staff but by poorly motivated casual workers from third-party contracting companies. If a trespass incident does not result in a police log then contractors will be showing exceptional integrity if they report each and every event to the airport. In turn, it’s naïve to expect airports to behave with complete transparency towards the TSA. They certainly don’t co-operate with the media, and earlier this year, the Port Authority of New York & New Jersey (responsible for Kennedy, LaGuardia and Newark airports) refused to give full accounts of intrusion incidents to the Associated Press. Threat and risk assessment Airports need to work with specialist consultants who can conduct penetrative threat assessments, and equipment specifiers in the US may wish to consult the National Safe Skies Alliance. Tennessee-based Safe Skies not only assesses the functionality of airport security equipment but exploits field conditions that are so realistic they can make predictions about whole life cycles. I don’t subscribe to the passive acceptance that only a terrorist atrocity resulting from a perimeter breach will finally spur the aviation community to put its house in order. Israel is of course a special case but the sector as a whole might like to note that a spokesperson for Ben Gurion in Tel Aviv announced earlier this year that the airport spends $200 million annually on perimeter protection alone. Returning to the recent intrusion at Heathrow; now well into middle age, I’m plagued with the usual incredulity as to what is going on around me. It hits everybody at my time of life. Have 13 people in polar bear costumes really just penetrated Europe’s busiest airport with seemingly little more effort than would have been required to break into a chicken coop?
A US Department of Homeland Security investigation showed that undercover agents defeated airport screening in 95 percent of cases by smuggling mock explosives and weapons past checkpoints. With admirable transparency, U.S. Office of Inspector General (OIG) has described how so-called “Red Teams” posed as regular passengers and exposed inadequate measures at some of the busiest airports across the United States. The revelations came a few days before Body Search 2015, a conference in London addressing body concealment methods, threat resolution technology and the use of the human body as a weapon. Body Search 2015 The conference delegates covered a spectrum of senior airport security managers, product manufacturers, consultants, security trainers, canine experts and academics specialising in radiology, psychology, chemistry and body-cavity IEDs. The equipment developers joined in a moment of ironic reflection when considering the alarming results reported recently from Washington, noting that their units are expected to achieve a 95 percent hit rate not failure rate and these demands do not seem to be matched by the performance levels of airport staff. A predominant theme of the conference was the need to respect the dignity of airport travellers while maximising their safety. No reporter, observing the timetable of the conference and the urgency of the messages being conveyed, could fail to appreciate the gravity of the threat from devices implanted within the body rather than merely carried on it. While airport security continues with its mission to detect terrorists such as “shoe bomber” Richard Reid and “underwear bomber Farouk Abdulmutallab, everybody leaving the conference would have appreciated a more pressing challenge: How can they frustrate criminals seeking to either implant bombs into their bodies or conceal the components for a bomb in bodily cavities and then assemble them “airside” or within the plane? Calculating “risk score” An air traveller with criminal intentions should never be able to second-guess what kind of algorithms are likely to assess them An impressive speaker in terms of range of reference and pragmatism was Adrienne Gibbs of the International Air Transport Association (IATA). Gibbs gave detailed updates on progress being made with explosive trace detection on luggage, and discussed the security implications of online check-in and even “online” boarding. Her analysis was particularly revealing and subtle. There is a delicate balance, she said, between educating passengers in terms of what to expect at security and retaining an element of unpredictability so that jihadists and other terrorists can never perfect their preparations. As an industry reporter specialising in other areas such as CCTV and access control, I was given an instructive overview of how conscientious airport security screeners should create a “risk score” by balancing a passenger’s behavioural traits with factors such as other airports used on a multi-point long-haul journey. Interested in airport screening practice from early adulthood, and with previous experience at the Australian Office of Transport Security, Gibbs described how as a young air traveller around Australia her (legitimate well-motivated) curiosity prompted her to learn how she could alter her gait so as to not set off metal detectors, which of her belts would or would not activate an alarm, and which of her sets of high-heel shoes she could keep on. Enhancing access control with RFID and Biometrics Moving to present-day practice, she continued by describing how flexible methods should allow airport checkers to decide which parts of the body should be screened and with what levels of sensitivity. An air traveller with criminal intentions should never be able to second-guess what kind of algorithms are likely to assess them and in what manner. Gibbs continued by arguing that the industry should be doing more with RFID trays to track an individual’s bag throughout the system while also building on recent breakthroughs in biometrics. Again, as an outsider, this was an “elephant in the room” moment when I considered the infinitesimal likelihood that staff at the walk-through metal-detector arch would connect my demographic profile with the contents of my rucksack on the adjacent x-ray baggage scanner. There is a delicate balance between educating passengers in terms of what to expect at security and retaining an element of unpredictability so that jihadists and other terrorists can never perfect their preparations Defying terrorism through unified action The likelihood is that airport security will move quickly on this kind of interconnectedness, which is no more than an easily implemented aspect of ”big data.” I was consistently impressed by the self-awareness and breadth of vision of these leading researchers, analysts and manufacturers working in a specialised field within the overall security field. They justifiably bemoaned the fact that inflexibility from regulators means significant innovations are often delayed for five years before being used in the field. (There is an obvious parallel with the pharmaceutical industry.) Several speakers hinted that much may be learnt from the ability of sports stadia administrators to channel large numbers of people through entry points quickly. Moderator Steve Wolff used a telling phrase when stressing that the sector must free itself from inward-looking attitudes that can involve “islands of technology.” Airport security managers face some of the most pressing challenges, but if, as with the security community as a whole, they succeed in unifying formerly disparate equipment and ways of working, then the terrorist threat (which will never abate) will at least face sterner obstacles.
The technological resources from the physical security sector available to prisons dealing with contraband threats are effective For those outside the security industry, the idea of prison contraband rarely extends beyond the old gag of a file inside a cake. In fact, contraband at prisons and other custodial premises is a major challenge: deterring and detecting it occupies many man-hours, and manufacturers devote much R&D activity to the problem. Contrabands in prison The topic went mainstream recently when a journalist was reporting on the escape by two murderers from Clinton Correctional Facility, a maximum-security jail in New York State. During a live split-screen sequence, the correspondent updates the studio anchor with news about the escape while, in plain light of day, the camera shows a hooded pedestrian behind her attaching a package to a rope that has been thrown over the prison wall. At time of writing, one of the escapees has been shot dead after being challenged by police and the other has been taken alive. Contraband features prominently in the escape, with prison worker Joyce Mitchell and corrections officer Gene Palmer being accused of providing the escapees with hacksaw blades and other tools hidden in frozen hamburger meat. No, you couldn’t make this up. Whether simply alleged or ultimately proven, this is crude stuff in our sector where video analytics algorithms are being developed to frustrate infinitely more sophisticated activity such as detecting miniature drones (usually packed with narcotics and mobile phones) being flown over prison walls. The practice has been common in the UK and Ireland for several years but is new to the US where in April there was widespread coverage of a crashed drone being picked up by CCTV cameras after dark at the Lee Correctional Institution, a maximum-security facility in South Carolina. Morning revealed a package containing a mobile phone, tobacco and marijuana hanging forlornly from power lines on the prison perimeter while a high-tech drone lay in nearby bushes. A search of adjacent forest suggested that the drone’s operator had fled when the crash occurred. It was apparent that repeated flights had been made with modest consignments of contraband on each occasion until the navigational hiccup. Using drones The success with which drones are being used to bring mobile phones into prisons is particularly worrisome for authorities since contact with the outside world allows inmates to continue orchestrating crime. The practice will soon have had its day since the response of the drone community has been impeccable: prominent manufacturer DJI has introduced “geofencing” software that prevents the drones from flying over specific locations and, along with other producers, is co-operating with No Fly Zone, a website and planning tool that is creating a database of locations that are considered inappropriate for drone activity. The success with which drones are being used to bring mobile phones into prisons is particularly worrisome for authorities The criminals with their drone in South Carolina were at least showing restraint using a “little but often” approach. Greed proved the undoing of prisoners and their accomplices at Bucaramanga, northern Colombia, where a carrier pigeon was trained to fly over the prison perimeter and land in the yard with a backpack of marijuana and cocaine paste. When the strength of the bird was overtaxed by a 1.6-ounce consignment, it became exhausted. Gamely trying to complete the mission, it was captured and cared for by an animal charity. Supply methods The practice of throwing a tennis ball stuffed with heroin or cocaine over a perimeter fence is passé, and the Colombian pigeon is lucky not to have met the fate of pigeons at a jail in Auckland, New Zealand, whose narcotic-filled carcasses were being thrown into the yard until staff became suspicious. (The ruse at Auckland was particularly subtle since inmates were being tasked with clearing up the mess.) Many cats – for some reason always black with white paws – have been caught at prison perimeters with drugs and SIM cards; recent incidents being in Moldova and Tatarstan, western Russia, where a cat carrying a parcel of heroin on its collar was killed by a prison guard dog. The heroin would have been a light consignment compared with an incident at a medium-security jail in Brazil, where a cat was found with the incredible baggage of two saws, two concrete drill bits, a headset, a memory card, three batteries and a mobile phone charger. Showing admirable restraint, the prison governor relieved the cat of its load and drove it to an animal welfare centre himself. Perimeter protection manufacturers are also doing a good job in persuading prisons that they are not a one-way street focused solely on keeping offenders inside However hard one tries to report on the custodial contraband problem in a sober manner, bizarre incidents create a tone of levity. Researching this article, the choicest anecdote I found came from John Moriarity, the Inspector General of the Texas prison system, reporting how a warden in one of the state’s jails received a complaint from the mother of an inmate. She was calling to say that she was paying her son’s mobile phone bill, had checked with the cellular provider to ensure the prison was in a good coverage area and how could he justify her boy getting such a poor quality signal? Staying with Texas, in 2009 George Vera, who at the time tipped the scales at 500 lbs. defeated multiple body frisks when sneaking an unloaded 9mm pistol into Harris County Jail by burying it in his fat folds. You might like to note a final touch of opera in that the twin charges against him were possession of the firearm in a prison and an original allegation of selling bootleg CDs out of the back of an SUV. He finally fessed up to having the weapon during a shower break. Perimeter protection On a more serious note, the technological resources from the physical security sector available to prisons dealing with contraband threats are effective and varied. Many of the incidents described above that involve breaches of perimeters can be pre-empted or detected by microphonic cable fence disturbance sensors and buried volumetric sensors. Perimeter protection manufacturers are also doing a good job in persuading prisons that they are not a one-way street focused solely on keeping offenders inside and should also use systems that will stop contraband collaborators (both human and animal) from entering. Of course the debate over the effects of repeated exposure to ionising radiation during X-raying for contraband at prisons will continue. However, more and more organisations, including civil liberties bodies, are conceding that the doses are comparable with ambient exposure from the atmosphere during everyday life. The very essence of the burgeoning sector that is video analytics is to detect aberrant behaviour in whatever form, be it unusual movement, speed, positioning, clustering or direction. With more and more of this intelligence residing within cameras “at the edge,” there is an arsenal of technology to assist authorities in keeping contraband out of prisons.
Kevin Brownell, principal physical security consultant at PTS Consulting Group, considers convergence of IT networks and physical security. He argues that current best practice shows that they no longer need to be separate disciplines and reassures installers that their diversity has been exaggerated. Brownell describes experiences of working with IT managers who no longer see networked CCTV and access control as ‘black arts’ and are buying into the idea of IP security as an integral part of truly ‘intelligent’ buildings. But optimism is tempered by the warning that our thinking needs to be truly ‘joined up’ if we are to avoid the elementary errors he has observed out in the field. Convergence is now delivering on its promises in the manner that users and integrators have hoped for since the original concepts came into the public domain Anybody observing how major security programmes are currently being implemented will have noted that many are appearing on the planning table from unconventional sources and are frequently bundled with IT. The corporate network has become not only a pervasive platform but also the starting point for security projects. Traditional CCTV systems with dedicated cabling in two or three different formats are coming close to extinction. Equally, you’re now unlikely to hear network managers dismiss IP-based CCTV with the familiar cry: “Not on my bandwidth you’re not!’ But that does not mean we have reached a utopia (promised by certain manufacturers) of all security systems operating on a single seamless network. The changes are even more far-reaching in terms of the hardware at the heart of the security systems – the servers. Clients are realising that the cost of owning and supporting their own dedicated hardware far exceed the cost of moving to a virtualised environment. The corporate network has become not only a pervasive platform but also the starting point for security projects Server virtualisation for multi-site systems is making geography an irrelevance; if one of my clients deems that I am a legitimate visitor to any of its offices in Europe then a centralised access control server – possibly in a different continent – need only be informed once of my access rights. What sounded far-fetched a couple of years ago is now the norm and the default question is: “Why would you not opt for such a solution?” Convergence is now delivering on its promises in the manner that users and integrators have hoped for since the original concepts came into the public domain. The IT network began as a dedicated structure in a facility. From this base position we have seen telephones, HVAC, fire systems, access control and more recently CCTV moving onto the network. Each discipline that has migrated to the network has come with problems of evolution but it is now safe to say that if a new building were unveiled featuring separate networks for each type of subsystem it would be viewed with incredulity followed quickly by derision. Facilities managers will not tolerate the disruption caused by separate cabling and multiple contractors; active Ethernet has become a default choice with a single installation process. This is not only true of new-build projects but is often the only viable approach for engineers working within the strictures imposed by listed buildings. New bedfellows Clients are realising that the cost of owning and supporting their own dedicated hardware far exceed the cost of moving to a virtualised environment We all have new partners with whom we must engage. Information technology, structural architects, network architects, physical security specialists, cyber security specialists, AV consultants, structured cabling providers, facilities management and human resources now have to balance what may be conflicting agendas and competing demands on space by pulling together. In-house IT and security resources must also show the self-awareness to consider using external sources of everyday support in addition to consultants dealing with conceptual issues. The key to successful convergence is to ensure that the widest possible range of stakeholders begin talking to each other around planning tables at an early stage and that significant individuals in the planning process begin to define technical strategy in line with threat vulnerability and risk assessments (TVRAs) carried out by security consultants. You don’t have to be Nostradamus to predict that altering systems at the delivery stage will be difficult and costly. Most major corporates use their networks to ensure scalability and built-in flexibility for the future in terms of both cyber and physical security. Short-sightedness is rare though many will have read recently about the New York merchant bank that was installing access control turnstiles as an afterthought while staff were arriving for their first morning’s work. It was an object lesson in the price of failure to invest time and resources in effective communication between clients and security integrators, and an abject illustration that there had been no security master plan. Assume nothing Building flexibility into corporate networks so that physical and IT security providers can continue to both optimise and safeguard the working environment is vital Physical security consultants should not assume – however logical the requirement might seem – that their needs will get picked up by others in the design process. Where we put security equipment is seldom where IT engineers might imagine: we seldom want networking points under desks and tend to use risers and other unexpected locations above the ceiling. New ways of working always filter throughout the security disciplines and access control manufacturers are reporting that the current breed of intelligent building requires functioning access control earlier in the construction process than has been the norm. Similarly, if structured PoE cabling is to take multiple services, it must be fitted earlier. Country cousins Physical security has flourished in the age of distributed control systems and can take a share of the credit for the emergence of the truly intelligent building. IT managers realise this and are now less likely to treat security contractors as technically backward poor relations. Industry forums such as ONVIF and the PSIA, the British Security Industry Association (BSIA) and an active trade press all deserve credit for having ensured that physical security is treated seriously at board level such that IT directors are proving wise enough to work constructively with it. We should congratulate these bodies on having ensured that convergence of physical security with IT has never been a Wild West, and a new language has evolved. Drivers for change What have been the other drivers for change? The improved performance of IP CCTV cameras and the advent of video analytics (sometimes known as intelligent scene analysis) have contributed to ‘Big Data’ mining. Manufacturing advances in IP-addressable access control have made it an obvious hub for third-party integration and allowed it to combine effectively with visitor management software which had previously been the province of facilities management and IT. The safety advantages of integrating visitor management with access control in the event of a need for fire mustering are obvious. The demonstrable effectiveness of biometric identification in government security spheres has been another catalyst that has prompted take-up in the private sector where databases of biometric data (facial, fingerprint and iris recognition) are used not necessarily to solve and prevent crime but primarily for access control. The distinctions between IT and physical security are becoming imperceptible. Anybody reading this article in an office might like to consider what use they have made in the last hour of room booking, cashless vending, ‘follow me’ printing, RFID lockers, ‘hot desking’ and smart cards. They may also like to reflect that it is almost certain that had they not identified themselves to an access control device they would have been unlikely to have been able to log into a computer network and be benefiting from these services. Building flexibility into corporate networks so that physical and IT security providers can continue to both optimise and safeguard the working environment is vital. Audience perception Paradoxically, one of the biggest drivers for change has been people, and notably young staff members who have pragmatic, fearless attitudes to technology. Consultants who have had careers based on a single discipline are considering staff demographics as they implement new technology. They frequently observe that young audiences come to work with their own smart devices, are willing to get stuck in and simply expect things to work. Notably, they want previously disparate devices to connect via a network if they know this is the logical approach. Of course not everybody is 21 years old and confident with technology. A consultant’s training strategy must cater for the whole work force and should prove sustainable over what may be a lengthy period of change. Staff should feel that the support they receive is evolving with the cycle of innovation and at no time should they think they are being neglected. This is vital at the end of the process and training materials should give employees a final momentum to continue and even experiment: the consultant should always ‘close with grace’. When is an IP device not ‘just an IP device’? As attitudes among young staff are changing, a new breed of engineer is also emerging, possibly taking their cue from the telephony sector. A phone on your office desk used to be the result of quite a complicated installation process. With the advent of the pervasive network, a telephone simply needed to be plugged in and it would find an IP address. The distinctions between a phone, a printer or a PC became minimal. The same might be said for an access control reader. But what of an IP-enabled CCTV camera? A network engineer can assign it an IP address but can they produce a usable picture? Is the camera pointing in the right direction? Is it focused? Does the engineer understand the concepts of wide dynamic range (WDR), frame rate adjustment and the focus shift between white and IR light? These are issues that cannot be solved by just a structured cabling and treating the camera as just one more IP device. A few provisos Fortunately, cameras are an anomaly possibly because the optics surrounding them have not changed since the days of Gallileo. The likelihood is that both the traditional security installer and the new breed of network engineer will both ‘skill up’ to fill their knowledge gaps in building subsystems. The brave new world of interconnectivity really is as achievable as IT industry commentators are suggesting but a few warning notes need to be sounded on the ‘help yourself’ option of DHCP as opposed to fixed IP addresses. Just as with the New York bank, major installers in London will be aware of the recent meltdown of a transport hub when, after a power cut, 200 doors in an IP access control system simply indulged themselves in a free-for-all and assigned themselves new identities. I give these examples to show that my optimism is tempered by realism and that the increasing convergence of physical security with IT is not without some case studies that should make us pause and reflect. But multiple infrastructures can be, and are being, replaced with single holistic environments across every industry type with benefits in terms of ergonomics, safety, security and profitability.