2012 December 27 by les-admin
Hyatt Regency Crystal City
2012 October 26 by les-admin
Several recent airport perimeter security breaches have brought the issue into the public spotlight. Normally, such scrutiny is reserved for the “front door,” of aviation security, which is the screening checkpoint and largely the domain of the TSA.
The “back door,” employee access and perimeter security, is regulated by TSA but the actual protection and management of the systems are the responsibility of the airport operator.
The recent incident of an individual on a jet-ski, who was stranded and jumped the perimeter fence at the JFK airport – who has stated he tried to get noticed in order to receive medical attention. He eventually had to (according to public reports) contact a cargo worker and notify him of his presence. The question asked by the media and the general public is: what if this was a bad operator with intent to do harm?
Before we start installing triple fencing with razor wire, guard towers with spotlights and .50 caliber machine gun nests, let’s assess the risk of a perimeter intrusion.
The incident at Dallas / Love Field, where a drunk driver crashed through a perimeter gate and led police on a high speed chase across the airfield, highlights a safety threat. The FAA has traditionally been concerned with the risk of vehicles colliding with an aircraft, particularly during the takeoff or landing phase of flight. Therefore, a potential threat is a bad operator intentionally attempting to crash their vehicle into an aircraft on takeoff or landing.
A related threat would be the use of a car bomb on an aircraft parked at the gate or while operating on the taxiway.
Another threat is the risk of an individual accessing the airfield via the perimeter and introducing a bomb onto the aircraft. An individual could access the aircraft and plant weapons on board for use by a confederate(s) who has lawfully accessed the aircraft by purchasing a ticket and completing the screening checkpoint. Or, individuals could access the field via the perimeter and attempt to hijack the aircraft – however, it’s unlikely to ever get off the ground so I’m not going to pay too much attention to that risk right now.
Actually, several of these threats have already occurred in aviation’s history. There have been incidents where individuals lobbed mortar shells over the perimeter fence, snipers have fired bullets at passengers from off-airport locations, hijackers have accessed aircraft via perimeter gates (dressed as security or customs personnel) and catering personnel have stowed weapons on aircraft for later use by a confederate.
The existing layers of security for the perimeter include fencing with barbed wire, airport and airline personnel watching for individuals in the security areas without the proper identification and airfield patrols by police, airport operations and security personnel. The levels of security (i.e. patrols) vary by airport staffs and capabilities.
Presently, airfield access gates are not required to have pop up barricades but are required to be strong enough to stop or slow down most vehicles attempting to drive through them. Perimeter Intrusion Detection Systems (PIDS) are not required in the United States, although many airports, including JFK have implemented them.
There are some airports that meet very stringent security standards, such as the Ben Gurion Airport, which features at least 3 fences, including a monitored perimeter intrusion detection system (PIDS), closed circuit television monitoring and a separate security control tower. Some U.S. airports, such as LAX and Boston/Logan have installed pop up barricades at their perimeter gates as an added layer, while others, like JFK, have installed various forms of PIDS.
The TSA recently announced it was reviewing the perimeter security requirements, so efforts are already underway, and they should be. History has shown us over the past 11 years, that as it gets harder to get a prohibited item through a screening checkpoint, bad operators are looking for other pathways to attack aviation. Recently, we have seen suicide bombings at airports (Moscow, Pakistan) and air cargo bombs (Yemen).
So, what should we do?
There are a few steps airports can do right now. Increasing the use of armed law enforcement, unarmed security officers and airport operations personnel to patrol the airfield and additional training for all airport personnel in watching for individuals not wearing the proper identification in the security areas. TSA can increase the use of red teaming to identify specific vulnerabilities at airports, to fix the problems, not punish the airport with fines. Airports can adopt Security Management Systems (SeMS), which is a systematic program, closely related to Safety Management Systems, that puts security as a priority, identifies and mitigates known risks, audits the systems in place and promotes security throughout the airport culture.
Longer term solutions: I believe that the pop up bollards or other similar methods should be in place at U.S. airports. It helps solve both a security and a safety issue. I believe that perimeter security should be increased, both in terms of technology and “boots on the ground.” Technology, such as PIDS (when it works) helps identify an intrusion. Individuals patrolling the airfield can also identify intruders, help deter intrusions and put personnel in a better position to spot bad operators who may attempt to shoot down or laze an aircraft using surface-to-air-missiles, rocket launchers or laser devices. These basic security improvements will strengthen the back door to airport security.
2012 July 25 by leadingedgestrategies
Blogging live from the Colorado Airport Operators Association, Annual Conference, 2012, Vail, Colorado (paraphrasing as necessary)
Douglas Hoffsass – Assoc. Administrator, Office of the Administrator, TSA
The Right Reverend Hoffsass continues his nationwide tour to preach Administrator Pistole’s risk based security programs, most notably, PreCheck and Global Entry. I, Deacon Jeff, will attempt to pass his latest message to you.
In a quick poll of the room, while most attendees are familiar with PreCheck and Global Entry, many are not members of either program (a fact which could be partially attributed to the fact that the Continental/United merger has slowed the deployment of PreCheck to Denver International Airport).
Pistole’s “values” with respect to new aviation security initiatives: they must
improve security, create efficiencies and reduces the burden on the user.
Before discussing PreCheck, Doug spun off into the air cargo and GA industry security updates. All cargo moving in the U.S. or flying outbound from the U.S. is now 100% screened, but not all cargo inbound into the U.S. is currently screened. TSA is currently working with CBP and the freight forwarding industry, to determine if TSA can know more about the shipment and the shipper, can that knowledge be leveraged so that their shipments can clear faster when they arrive in the United States.
While not calling it “secure cargo,” or “known cargo,” but trying to look at what is coming into the U.S. and who is shipping it and take a risk based security approach on inbound cargo.
General aviation: in 2008, TSA launched the NPRM on the Large Aircraft Security Program, and with nearly 10,000 comments, the message came back to TSA who then engaged with industry. The new document will not be called the LASP, but it did include industry engagement. It does still have to clear the Office of Management and Budget.
Doug said that without getting ahead of himself on the future rule making the new regulations would be focused on the following four areas:
- Pilots knowing who your passengers are
- Having trusted and vetted crew
- Ensuring that the aircraft is properly secured when the aircraft is unattended
- Setting a weight limit for security measures
Doug did not speculate when the NPRM would come out, but Kerwin Wilson, TSA’s director for General Aviation did note 2 weeks ago at the AAAE Annual conference that it would be unlikely to come out prior to the elections in November.
The benefits of PreCheck is that you get to keep your shoes on, get to keep laptops inside the bag, and get to keep a light jacket on, belts staying on, with liquids staying in your suitcase. Fifteen airports are online as of today, with upwards of 30 by the end of the year. Participants to specifically to a lane that is designated for PreCheck screening. Presently, there are now AIT’s at the PreCheck locations, due to the reduced risk presented by PreCheck members. However, TSA has been receiving some feedback that certain individuals prefer the AIT (specifically those with medical implants) rather than the walk through metal detector.
If you are a member of Global Entry (globalentry.gov), through CBP (a $100 fee good for 5 years), essentially clears a passenger coming back to the United States, through an interactive kiosk and the time it takes, is less than a minute.
The TSA PreCheck process is an opt-in process on the airline website. When a passenger selects that option as the individual makes reservations in the future, there is an indicator encoded into the bar code on the boarding pass noting that the individual is a member. There are classified thresholds, for miles and/or segments and other travel characteristics that the TSA uses to determine an individuals eligibility for PreCheck. If the qualifiers are met, then the individual receives and “invitation” from their airline, via the airline reservation website.
While airports with PreCheck do provide a single-line for just PreCheck participants, TSA will not denigrate the screening process for other passengers to support the program. However, PreCheck lines are about two to two and a half times more efficient than a normal screening line, so as more passengers join PreCheck, the screening speed should continue to accelerate. While there are some relaxed screening procedures (shoes, laptops) TSA continues to conduct random screening of PreCheck passengers so that individuals cannot game the process.
TSA is working on more ways to bring people into the PreCheck program, and the vision of the future, is that 50-65% of the checkpoint of the future, we want to be PreCheck. The other side of the checkpoint will have passengers that are not members either by not being able to qualify for the program, or don’t want to provide background information necessary to become members.
As TSA wraps up PreCheck for Cat X airports (the large hubs), they will work towards Cat I and II airports (medium and small hubs), but for smaller airports, Cat III and IV’s, with only one screening line in some cases, the PreCheck program may have to look different. Those issues are still aways out and still being considered as it will be awhile before PreCheck comes to the smallest airport.
In response to questions from the audience, Doug noted that its not always about the number of checkpoint lanes that are available, but its more about the proper divestiture and recomposure set-up than it is the number of lanes, in determining the speed of the screening process.
By the way, it is important to note for this audience that Doug was one of the responders for United Airlines to the crash site of Flight 93 (something that I personally did not know until today) – he comes from our industry and has been an advocate for airports and aircraft operators during his tenure with the TSA and we appreciate his support.
Here endeth the lesson.
2012 July 18 by les-admin
2012 April 3 by les-admin
With millions of hits a controversial video has been circulating the Internet in which an individual claims to be able to defeat the TSA body imagers. TSA’s response has been unsurprising in that they have not provided any real rebuttal to the man’s claims. But that is to be expected. To provide rebuttal, specific to this man’s claims, provides information to individuals who want to defeat the technology for criminal or terrorist purposes.
I know the video has been out for a few weeks and I have withheld comment so far. The problem is we have a claim on the Internet from somebody that I have never met, who claims to have defeated a body imager under conditions that no one but him really was aware of and he doesn’t have the advantage to see what actually was displayed on the screen. Additionally, we do not know what the TSA screener may have seen in the monitor and, whether automatic threat recognition was in use or maybe the TSA screener identified an innocuous item and decided to give the gentleman pass. Or maybe they did truly miss it. The fact is we just don’t know.
I have been to the Transportation Security Integration Facility in Washington DC and seen the rigorous testing that these technologies undergo. This is not to say that an individual, or even a piece of equipment, can fail. We know from routine tests of the system that people and equipment both fail from time to time. There is no such thing as a perfect system or, despite what presidential candidates want us to believe, a perfect person.
I would like to correct one point the gentleman made in his viral video. He believes that we should go back to the age of metal detectors. He claims that body imagers do not detect the metallic objects that metal detectors detect and further claims that nobody has tried to destroy an airplane by wearing a bomb. Both of these statements are untrue. To cite just one of many incidents in our history, in August of 2004, two female Chechen suicide bombers, concealing explosives in their brassieres, took down 2 Russian airliners. It was this incident that in fact started the use of the patdown technique, the trace detectors and the body imagers.
2012 January 25 by les-admin
2011 September 5 by leadingedgestrategies
What does a woman in Mexico tweeting about non-existent school shooting attacks and a government warning about a plot by al-Qaeda to use small, explosives filled aircraft to attack U.S. targets, have in common? They are both efforts to create fear and panic, and to cause us to spend more money to chase our tails.
Click here for story.
Industry reps tell me that the neither the FBI nor DHS have issued guidance or warnings about this latest threat and from the language of the L.A. Times article, it reads similar to previous threats from General Aviation that have been issued.
In the Mexico City incident, individuals falsely tweeted about schools being attacked by gunmen, sending many people into a panic that shut down emergency telephone lines. In the “GA Threats” article, al Qaeda may be trying to achieve the same panic effect. Just by sending out some information that a plan to use GA explosives-laden aircraft to attack U.S. targets is in the works, or even the final stages, while likely not to cause widespread panic, adds to the overall fear factor. It may just fuel a community fire or political fires to put more regulations and restrictions on the GA industry, which alone adds $100 billion in economic impact to the United States.
While regulating general aviation aircraft, or causing higher security requirements (and thus, more cash to be spent) on “securing” general aviation may seem to be a small inconvenience to those outside of the GA industry, it’s one more expense, it’s one more “fear” for us to worry about, it’s one more pinprick, that is slowly eroding our economy and our civil rights.
In 1776 a group of individuals signed a Declaration of Independence. That document proclaimed freedom from oppression. At the time, the oppression was from a specific source. The Declaration though did not come with an expiration date, nor was it specific to one entity doing the oppression. It was a declaration from all forms of oppression, including al Qaeda and any other group or individual that seeks to deny our God given right to choose our destiny.
2010 November 1 by leadingedgestrategies
The issue with privatized screening is very interesting and very misunderstood by the public. Pre 9/11, the screening was given to private companies who were contracted by the airlines at the lowest bidder. The standards were “upheld” by the FAA and those standards were far below the international standard for screeners in terms of qualifications, performance and training.
Post 9/11, the TSA took over screening at most, but not all, U.S. airports. There were 5 airports that continued to use private screening companies under a model known as the Screening Partnership Program, more commonly known as “opt-out.” Those 5 airports continue to use private companies to this day and an additional 12 airports have opted out of TSA screeners since 2005. The reason most given for airports saying goodbye to TSA is customer service and waiting times.
This issue is coming back to the forefront today as TSA is on it’s 10th or 12th iteration of the Screener Allocation Model (SAM), which is their attempt at matching airport passenger flows with the amount of screeners that are assigned. However, the industry is seeing the failure of TSA in many areas to do this matching, whereas the private airports seem to have it down. Many of us in the industry expect to see even more airports opting out of TSA screeners in favor of private companies in the near future.
As for whether private companies are better or worse, it’s hard to tell, but here is some information to help consumers figure out if they are “safer.”
- Much of the world uses private screeners at their airports including Ben Gurion airport in Tel Aviv, and at London’s Heathrow airport. However, pre and post 9/11 these screeners were held to much higher standards than in the U.S. Since Israel is often pushed up as the “model” for airport security, I think it’s interesting to know that they rely on private screeners at the checkpoints.
- The GAO reports that in classified testing, the detection rate is about the same for TSA and private screeners.
- The “contract” model has changed. The airlines no longer have a say. If an airport goes private, TSA puts out an RFP and makes the selection. The screening company must then meet or exceed the TSA screening standards and the contract is managed by the TSA.
- Post 9/11, failed screening was pointed to as the reason 9/11 happened. There is debate on this as the items that the hijackers apparently used were allowed on aircraft pre 9/11. However, there is some debate about whether the hijackers used tear gas, which was not approved to be on a U.S. aircraft at the time. Regardless, many in the U.S. felt that screening was in need of a long overdue overhaul, and thus, wrapped up those changes in the post 9/11 legislation.
To read more on a related article, visit http://www.bbc.co.uk/news/business-11632944)
2010 September 21 by leadingedgestrategies
There have been several reports in the news lately of airports across the country having their security screening equipment removed by the TSA. This is actually pretty common as long as TSA is the owner of the equipment. Prior to 9/11 various entities were responsible for screening and for purchasing screening equipment. The airlines would often buy what they felt was needed, but if the airport wanted more machines than the airlines were willing to pay, then the airport would be footing the bill.
2010 February 19 by leadingedgestrategies
We’re heard the term before – suicide-by-cop. This is where someone threatens the police with a gun to get the police to kill the individual. On February 18, we witnessed suicide-by-small-plane.
We did not witness a terrorist attack. We barely witnessed an attack on a government building. Had Stack intended on causing mass casualties, he certainly did not pick an effective tool for the job.
He did manage to start a pretty good fire and cause damage to the structure, but a good question to ask here is, what does this say about general aviation security? People throughout the country are asking themselves if they should be worried about threats from small aircraft. Will they become a tool for terrorist attacks?
Let’s answer that by comparing the goals of terrorism and whether they match up with what we saw in Austin?
1. Mass casualties… no.
2. Destruction to an element of the infrastructure, or symbolic or economic target… not really. He hit the IRS building and while it caught fire, this isn’t a symbolic target like the Statue of Liberty, nor does it cause great damage to our nation’s infrastructure. If the target had been the Statue of Liberty, or a large office building on Wall Street. . . well, we can fix the Statue, and firefighters and sprinkler systems can put out a fire of the size we saw yesterday. This was not a Boeing 757 jet.
3. Instill fear in the public… depends on how much fear we want to add.
4. Gain widespread media attention…yes. But then again, Hollywood celebs going through rehab manage to do that all the time. We can decide how much attention we want to give to this.
5. Erode our liberties, change our way of life and cause us to mistrust that our government can protect us. This is where the rubber meets the road. We will have to wait and see whether this type of attack would achieve this objective. Fortunately, whether this objective is achieved is up to us, not the bad guys. The ball is back in our court.
Already Representative Michael McCaul, a Republican from Austin who is on the House Homeland Security Committee is saying that small airplane threats are “…weakness we hope terrorists don’t exploit…this has been on the radar of al-Qaeda and others…it can be done and they may attempt to do the same thing…”
However, the Homeland Security Department’s inspector general last year stated that: private aviation “does not present a serious homeland security vulnerability…” a conclusion that Homeland Security Secretary Janet Napolitano disputes.
Whether we see further erosions of our civil liberties as a result of this is up to our elected officials. I’ve read numerous DHS IG reports and feel they are very well informed and have a good perspective on this issue, despite what Napolitano or Congressman McCaul feel. I don’t believe there is a plan on the terrorist books to use numerous numbers of small general aviation aircraft in some sort of massive attack on the United States.
Let’s keep this in perspective. A guy who was unhappy with life, took his private plane and committed suicide. While tragic, certainly, this type of attack does not achieve the objectives of terrorism, unless we let it.
So what is the solution?
Most people will not like the solution because it is not a simple fix. Nor does the solution lie primarily in aviation security.
In every one of these incidents, whether they are school shootings, business shootings, or what have you, there are pre-incident indicators. In the coming weeks, information will surely come forth from friends, business associates and possibly family members about the problems Stack was having. The pre-incident indicators will manifest and everyone will start putting the pieces together. Hindsight will become 20/20 and many people will start to wonder why he wasn’t red flagged before.
As I told a reporter today, general aviation security is not new. We were teaching airport operators back in the 1980s and 1990s to watch for signs of aircraft being used in drug smuggling. In fact, I still have my old drug investigators guide — the only thing that’s really changed is the threat. Rather than drug smuggling airport operators, airport employees and tenants need to be trained to recognize suspicious activity. But this may still not stop the next suicide-by-plane, or even a potential attack from a GA airport. Keep in mind that there are many small airports throughout the U.S. that are not regularly staffed with any sort of airport manager. Many of these smaller airports are operated by cities and counties and may have a public works employee assigned to occasionally drop by to make sure things are okay.
So, we get back to pre-incident indicators. Basic workplace violence recognition training just may well be the solution to this “threat.” There are always signs. There are always pre-incident indicators. There are always opportunities to identify the threat ahead of time and report it to authorities.
Is this the 100% perfect solution? No. Of course not. But it’s better than throwing billions of dollars into small aircraft security measures that ultimately are not only ineffective but help fulfill the goals of terrorism.