Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security [1 ed.] 9781607506218, 9781607506201

Citation preview

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

HUMAN SYSTEMS INTEGRATION TO ENHANCE MARITIME DOMAIN AWARENESS FOR PORT/HARBOUR SECURITY

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

NATO Science for Peace and Security Series This Series presents the results of scientific meetings supported under the NATO Programme: Science for Peace and Security (SPS). The NATO SPS Programme supports meetings in the following Key Priority areas: (1) Defence Against Terrorism; (2) Countering other Threats to Security and (3) NATO, Partner and Mediterranean Dialogue Country Priorities. The types of meeting supported are generally “Advanced Study Institutes” and “Advanced Research Workshops”. The NATO SPS Series collects together the results of these meetings. The meetings are co-organized by scientists from NATO countries and scientists from NATO’s “Partner” or “Mediterranean Dialogue” countries. The observations and recommendations made at the meetings, as well as the contents of the volumes in the Series, reflect those of participants and contributors only; they should not necessarily be regarded as reflecting NATO views or policy. Advanced Study Institutes (ASI) are high-level tutorial courses to convey the latest developments in a subject to an advanced-level audience. Advanced Research Workshops (ARW) are expert meetings where an intense but informal exchange of views at the frontiers of a subject aims at identifying directions for future action. Following a transformation of the programme in 2006 the Series has been re-named and reorganised. Recent volumes on topics not related to security, which result from meetings supported under the programme earlier, may be found in the NATO Science Series. The Series is published by IOS Press, Amsterdam, and Springer Science and Business Media, Dordrecht, in conjunction with the NATO Public Diplomacy Division.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Sub-Series A. B. C. D. E.

Chemistry and Biology Physics and Biophysics Environmental Security Information and Communication Security Human and Societal Dynamics

Springer Science and Business Media Springer Science and Business Media Springer Science and Business Media IOS Press IOS Press

http://www.nato.int/science http://www.springer.com http://www.iospress.nl

Sub-Series D: Information and Communication Security – Vol. 28 ISSN 1874-6268 (print) ISSN 1879-8292 (online)

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security Edited by

Elisa Shahbazian OODA Technologies Inc. Montreal, Canada and

Galina Rogova

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Encompass Consulting Honeoye Falls, USA

Published in cooperation with NATO Public Diplomacy Division Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Proceedings of the NATO Advanced Research Workshop on Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security Systems Opatija, Croatia 8-12 December 2008

© 2010 The authors and IOS Press. All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, without prior written permission from the publisher. ISBN 978-1-60750-620-1 (print) ISBN 978-1-60750-621-8 (online) Library of Congress Control Number: 2010933754

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Publisher IOS Press BV Nieuwe Hemweg 6B 1013 BG Amsterdam Netherlands fax: +31 20 687 0019 e-mail: [email protected]

Distributor in the USA and Canada IOS Press, Inc. 4502 Rachael Manor Drive Fairfax, VA 22032 USA fax: +1 703 323 3668 e-mail: [email protected]

LEGAL NOTICE The publisher is not responsible for the use which might be made of the following information. PRINTED IN THE NETHERLANDS Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security E. Shahbazian and G. Rogova (Eds.) IOS Press, 2010 © 2010 The authors and IOS Press. All rights reserved.

v

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Preface An Advanced Research Workshop (ARW) “Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security” was held in Opatija, Croatia, December 8-12, 2008. An ARW is one of many types of funded group support mechanisms established by the NATO Science Committee to contribute to the critical assessment of existing knowledge on new important topics, to identify directions for future research, and to promote close working relationships between scientists from different countries and with different professional experiences. The NATO Science Committee was approved at a meeting of the Heads of Government of the Alliance in December 1957, subsequent to the 1956 recommendation of "Three Wise Men" – Foreign Ministers Lange (Norway), Martino (Italy) and Pearson (Canada) on Non-Military Cooperation in NATO. The NATO Science Committee established the NATO Science Programme in 1958 to encourage and support scientific collaboration between individual scientists and to foster scientific development in its member states. In 1999, following the end of the Cold War, the Science Programme was transformed so that support is now devoted to collaboration between Partner-country and NATO-country scientists or to contributing towards research support in Partner countries. Since 2004, the Science Programme was further modified to focus exclusively on NATO Priority Research Topics (i.e. Defence Against Terrorism or Countering Other Threats to Security) and also preferably on a Partner country priority area. The objective of this multidisciplinary workshop was to bring together experts in the domains of Harbour Security and Human Factors, as well as Knowledge Management, Knowledge Exploitation and Decision Support Technologies from the NATO, NATO Partner and Mediterranean Dialogue Countries to discuss the problems of enhancing Maritime Domain Awareness in Harbours through application of HumanSystem Integration and advanced technologies. The ARW provided an opportunity for exchange of information in harbour security practice and research in the areas of cognitive engineering and advanced information processing. To facilitate information exchange and a better understanding of mutual problems, the ARW comprised presentations as well as brainstorming sessions in the form of Working Group discussions. Presentations by domain, human factors, and technology experts were devoted to domain understanding, and the theory and practice of designing decision support systems for harbour security and integration of human factors in such systems. The workshop also included three break-out sessions, in which the smaller working groups of mixed expertise held brainstorming sessions. These working groups investigated: 1. 2. 3.

Process, organizations, and technology requirements to meet challenges of the seaport infrastructure security; Methodology for a human/machine information system to support harbour security; Regulations, infrastructure, stakeholder responsibilities, as well as technology requirements to meet challenges of cargo security.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

vi

Through lectures and working group discussions, the participants of this workshop were able to enhance understanding of the problems, approaches, methodology and technical language used in various disciplines related to designing harbour security systems. These discussions were built upon lessons learned during the previous ARW (ARW981703) on Data Fusion Technologies for Harbour Protection, Tallinn, Estonia, June 27 - July 1, 2005. This volume consists of two sections. Section one includes papers by lecturers, and Section two contains the reports developed by the working groups. Lecture topics were devoted to the discussion of challenges and possible approaches to:

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

− Effective representation of domain characteristics and user requirements; − Modelling of human systems, their behaviour, and their impact on port security; − Information modelling, characterization, and processing for situation awareness and decision support; − Designing the situation and threat assessment systems. Participants representing Armenia, Belgium, Bulgaria, Canada, Croatia, Germany, Italy, Russia, Spain, Sweden and the USA contributed in this ARW. A distinguished group of experts was assembled, and the technical program was organized with the generous and very capable assistance of the Organizing Committee composed of Dr. Elisa Shahbazian (Canada), Dr. Damir Zec (Croatia), Dr. Galina Rogova (USA), Dr. Eloi Bossé (Canada), Darren P. Wilson (USA), and Ms. Hasmik Atoyan (Canada). The organizers offer their deep appreciation to the ARW participants, who devoted so much of their time and talents to make the ARW successful. We are grateful to the NATO Security Through Science Programme, which provided important financial support. The organisers are especially grateful to Prof. Fernando Carvalho Rodrigues, head of the Human and Societal Dynamics Panel (HSD), whose suggestions for providing a systemic approach to the discussions and the technical program contributed to the success of the ARW. In addition, the following sources made significant contributions: the Defence Research and Development Canada in Valcartier, the U.S. Department of Homeland Security, Science & Technology Directorate; the Department of Maritime Studies, University of Rijeka, Croatia; the Department of Mathematics and Statistics of Université de Montreal Canada; Encompass Consulting, USA; and OODA Technologies, Inc., Canada. We would like to thank the management of Hotel Ambassador in Opatija, Croatia for ensuring that all the needs of the ARW were satisfied to the fullest. A very special acknowledgement goes to Ani Shahbazian who undertook the very challenging task of performing the English Language editing of all the lecturers' manuscripts and producing a camera-ready document for the publisher. And, finally, all of our thanks go to the people of Croatia, who certainly displayed, in every way, their warmth and hospitality. Elisa Shahbazian Montreal, Canada Galina Rogova Honeoye Falls, USA October 2009 Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

vii

Contents Preface Elisa Shahbazian and Galina Rogova

v

Maritime and Supply Chain Security in Europe Dominique Cant

1

Harbour Protection: The Role of NATO Navies in the Third Millenium Andrea Mucedola

15

Maritime Threats: Origins and Enabling Factors Valerio de Divitiis

23

A Maritime Security Incident Map of the Alondra Rainbow Hijacking Maximo Q. Mejia, Jr. and Roland Akselsson

29

Ports Security Organization and Functionality – Implementation of the ISPS Code in Medium and Small Countries Damir Zec, Vlado Frani and Marija Šimi Hlaa

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Human Performance Challenges in Port/Harbour Security Systems Melissa Ho, Darren Wilson, Janae Lockett-Reynolds and Thomas B. Malone

41

51

Human Factors Analysis of Different Types of Uncertainties in Complex Systems Hasmik Atoyan, Jean-Marc Robert and Jean-Rémi Duquet

61

Aspects of Human Systems Behaviour and Their Impact on Port Security Architecture Kalin Kalinov and Nikola Stoyanov

69

Contextual and Human Factors in Information Fusion Jesus Garcia Herrero, Miguel A. Patricio, José M. Molina and Luiz A. Cardoso Decision Support Systems Design for Joint Multi-national Multi-agency Defence and Security Environment Éloi Bossé and Pierre Valin Information Quality and Decision Making in the Human-in-the-loop Environment Galina Rogova

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

79

93

103

viii

Intelligence Processing for Decision Support in Defence and Security Joachim Biermann

113

Adaptive Evidence Accrual for Context-Sensitive Situation Understanding Alan N. Steinberg

131

Event Analysis and Understanding for Situational Awareness Support Giovanni Ferrin, Lauro Snidaro and Gian Luca Foresti

139

Geo-Feasibility Concept for Maritime Domain Awareness Marie-Odette St-Hilaire, Chris Helleur and Eric Lefebvre

147

A “Vicious Agent” Modelling Approach for Testing Port Security Systems Boyan Mednikarov and Nikola Stoyanov

155

Social Network Analysis - A Tool for Researching Threats in the Supply Chain Dragan iši, Robert Mohovi and Eduard Tijan

161

An Agent Framework for Maritime Situation Awareness Hans Wehn and Adel Guitouni

177

Web-Service Network for Context-Aware Emergency Management Alexander Smirnov, Nikolay Shilov, Tatiana Levashova and Alexey Kashevnik

193

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Process, Organizations, and Technology Requirements to Meet Challenges of Seaport Infrastructure Security Éloi Bossé, Jesús Garcia Herrero, Max Mejia, Andrea Mucedola, Nikola Stoyanov and Marie-Odette St-Hilaire A Methodology for Designing a Human/Machine Information System to Support Harbour Security: NATO ARW Group Two Report Valerio de Divitiis, Melissa Ho, Galina Rogova, Alexander Smirnov, Alan Steinberg, Ingrid Visentini and Hans Wehn Regulations, Infrastructure, Stakeholder Responsibilities, and Technology Requirements to Meet Challenges of Cargo Security Hasmik Atoyan, Joachim Biermann, Dominique Cant, Giovanni Ferrin, Elisa Shahbazian, Lauro Snidaro and Damir Zec

201

207

217

Subject Index

229

Author Index

231

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security E. Shahbazian and G. Rogova (Eds.) IOS Press, 2010 © 2010 The authors and IOS Press. All rights reserved. doi:10.3233/978-1-60750-621-8-1

1

Maritime and Supply Chain Security in Europe Do min ique CA NT Security, DP World Antwerp

Abstract. The paper summarizes the currently existing regulations and measures to ensure maritime security in the European Union, United States and Internationally, and makes observations regarding the implementation and the consistency of implementation of these measures between all nations involved in the International Maritime Organization (IMO). The paper specifically mentions issues with the supply chain management of container and cargo transport that are hard to manage due to multidisciplinary and multi-jurisdictional nature of the ports. The paper then describes and refers to a number of recommendations and amendments to current policy and procedures that will correct many of existing deficiencies. It stresses the importance of the development of a Community security framework for the supply chain instead of opting for a patchwork approach..

Keywords. container security, supply chain, maritime safety, SOLAS, nuclear, bacteriological, chemical

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Introduction Nu merous events have shown that no country in the world is immune to terroris m. Whatever the reasons behind them, acts of terrorism can be committed at any time and in any place. Shipping is no exception. This issue is, alas, nothing new for the European Un ion, and many of the Member States have taken steps to protect their citizens and modes of transport. The European Co mmission, for its part, has already addressed the subject of cruise passenger security in Europe in the Transport White Paper. It considers that, there is a need to enhance the security of the entire marit ime transport logistics chain fro m the supplier to the consumer. Consequently, since the security of a transport chain depends upon its weakest link, an approach addressing the multimodal dimension in parallel will make it possible to improve the security of transport as a whole. Any ship can be deliberately used as a weapon or be a carrier of weapons of mass destruction, or even an innocent carrier of inappropriate cargo, unle ss appropriate security and control measures are taken. Terrorist acts against a ship are possible, in particular by using another boat, or from inside the ship by stowaways, or by terrorists who board the ship by force. Passenger vessels are particular targets because of the number of lives that can be immed iately endangered. Freight vessels are no less vulnerable and can be dangerous carriers. The very nature of cargoes or hazardous substances could prompt terrorists to attempt to blow up such vessels, e.g. in port areas, with horrendous human and environmental consequences. Moreover, the illicit

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

2

D. Cant / Maritime and Supply Chain Security in Europe

transport of nuclear, bacteriological o r chemical products by sea cannot be ruled out, for subsequent use against the country of destination of the cargo. The EU has 35 000 km of coastline and hundreds of seaports . Every year, some 2 billion tons of general cargo, products needed for the European economy and trade with other regions of the globe (oil and gas - solid fuel and ore - manufactured products), pass through European ports. 90% of all o il trade with the EU is sea -borne, while almost 70% of EU imports pass the shores of Brittany and the English Channel. It is scarcely possible to establish a strict typology of ports. While there are a number of ports specializing in a particu lar type of merchandise, e.g. the oil and chemical industries, the motor vehicle industry, or ferry services, most ports handle all activities, including in the port area. The growth in marit ime transport is based on the use of containers, increasingly large ships, specialized port terminals, and the organization of " mu lti-spring" shuttle services. Since the early 1990s, a g rowing number of new ports, known as "transhipment hubs", have appeared on the scene in each of the abovementioned marit ime regions. Work on marit ime security began within the IMO in Feb ruary 2002, cu lminating on December 12 2002 at the IMO Diplo mat ic Conference with the adoption of an amend ment to the International Convention for the Safety of Life at Sea (SOLAS Convention) and an International Ship and Port Facility Security Code (ISPS). The amendment of the SOLAS Convention and Part A of the ISPS Code consist entirely o f mandatory provisions; Part B of the ISPS Code is made up of recommendations that Contracting Govern ments are requested to implement. These provisions apply to passenger ships, cargo ships of 500 gross tonnage and upwards, mobile offshore drilling units and port facilities serving international traffic. The mandatory provisions are indispensable to the improvement of marit ime security. They require that ships be permanently marked with their identificat ion number, fitted with an auto matic identification system (AIS) and a ship security alert system for spreading the alarm in the event of hostile action against the ship, and issued with a continuous synopsis record (CSR), a kind of identify document recording the history of the ship. They also provide for a set of active and passive security measures based on three security levels (normal, increased, high), their implementation being linked to a risk assessment. They include the requirement to appoint people responsible for carry ing out security measures (ship, company and port facility security officers), to prepare security plans considering risk assessment (ship and port facility), and to issue an international ship security certificate, as well as arrangements for personnel train ing and exercises. Provision is also made, depending on the potential risk to persons, property and environment, fo r the possibility of drawing up a declaration of security between the ship and the host port facility defin ing their respective responsibilities, and of inspection by Port State authorities of a ship in port or about to enter port for security reasons. In addition, the responsibilities and obligations of the various players (Contracting Govern ments, companies, ships' masters and port facilities) are clearly defined. Part B of the ISPS Code is made up of a set of very detailed reco mmendations intended as guidance for the various players with regard to the implementation of mandatory provisions. Contracting Govern ments are required, in particular, to designate recognized security organizations (responsible for providing security services

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

D. Cant / Maritime and Supply Chain Security in Europe

3

for port facilit ies and ships) and national or regional marit ime security contact points, to manage security levels, and to exchange informat ion on security matters. This part of the ISPS Code also contains detailed proposals for both ships and port facilit ies, regarding risk assessment and security plans to be prepared, as well as personal train ing and exercises. It also indicates how, and in which cases, a declaration of security should be drawn up between the ship and the host port facility. On March 31 2004, the European Parliament and the Council of the European Union adopted Regulation (EC) No 725/2004 [2] on enhancing ship and Port Facility Security. The maritime security measures imposed by that Regulation constitute only part of the measures necessary to achieve an adequate level of security throughout marit ime -linked t ransport chains. That Regulation is limited in scope to security measures onboard vessels and the immediate ship/port interface. In order to achieve the fullest protection possible for maritime and port industries, port security measures should be introduced, covering each port within the boundaries defined by the Member State concerned, and thereby ensuring that security measures taken pursuant to Regulation (EC) No 725/ 2004 benefit fro m enhanced security in the areas of port activity. These measures should apply to all ports in which one or more port facilit ies covered by Regulation (EC) No 725/2004 are situated. On October 26 2005, the Eu ropean Parliament and the Council of the European Union adopted Directive (EC) 2005/ 65/ EC [3] on enhancing Port Security. The main objective of this Directive is to introduce Commu nity measures to enhance port security in the face of threats of security incidents. This Directive shall also ensure that security measures taken pursuant to Regulation (EC) No 725/2004 benefit fro m enhanced port security. Following the events of September 11 2001, the USA introduced unilateral protection measures, often anticipating the implementation of prov isions being negotiated in international bodies. In the marit ime sphere in part icular, security is regarded as a domestic matter. There have been many parliamentary init iatives resulting in the adoption by Congress of the Maritime Security Act of 2002 (S.1214) on November 14 2002. Th is measure, when fully implemented, will impose broad security requirements on the marit ime industry. In addition, the creation of a Depart ment of Ho meland Security, effect ive since 1 March 2003, bringing together over twenty government bodies operating in this field, means that the various authorities at present concerned by security issues are even more actively involved. In this context, three types of recent measures concerning the marit ime sector should be mentioned. The Container Security Init iative: In mid-2002, the US launched the Container Security In itiat ive (CSI) aimed initially at 20 ports in Europe and Asia where the biggest proportion of marit ime container t rade to the US is concentrated [6]. This init iative, imp lemented with the help o f squads of customs observers, consists in:    

Establishing security criteria to identify h igh-risk containers; Pre-screening containers before they arrive at US ports; Using technology to pre-screen high-risk containers; and Developing and using smart and secure containers.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

4

D. Cant / Maritime and Supply Chain Security in Europe

The US Customs Serv ice has succeeded in persuading the competent authorities of the Member States, and most of the Asian countries concerned, to join in with this initiat ive. Other ports have also joined the CSI. Unfortunately, the provisions were drawn up and imp lemented without regard for Co mmunity law, and without consulting the Co mmission that has reacted in accordance with the Treaty establishing the European Co mmun ity. The 24-hour ru le: In August 2002, the US Customs Service announced an amend ment to US customs regulat ions to require that US customs must in future receive cargo manifest informat ion fro m carriers 24 hours before cargoes bound for the US are loaded on board ships leaving fro m a foreign port. This informat ion is allegedly needed to enable US Customs to assess the possible risk of terrorist threat represented by containers bound for the US. This new ru le took effect on December 2 2002 and has been put into practice since February 2 2003 [7]. The proposed rule making for the elimination of crew list visas: The rule making proposed by the US State Depart ment provides for the eliminatio n of crew list visas for crew members on foreign ships making port calls in the US. Until now the provision of crew list visas for crew members was considered to be a common acceptable practice, despite the fact that the US is one of the few major maritime countries requiring crew visas at all. The scope of the work concerning marit ime security at the IMO is limited to ships and to port facilities where the ship/port interface takes place. Apart fro m provid ing this interface, ports are crossroads for flo ws of people and goods coming either fro m the sea or fro m inland. It also brings together a range of wo rkers involved in various kinds of professional activities who are essential to the smooth functioning of trade. Consequently, without establishing tangible and somewhat "virtual" categorizations, the Commission is of the opinion that a number of co mmon -sense practices with regard to security should be spread, taking into account an effective analysis of the risks, the geography and the activity of each port. In this connection, a number of constants can be identified. Arriving at ports by various means of transport and flows of freight, passengers and port workers need to be identified and differentiated in order to facilitate proces sing and relevant security checks. Reserved areas where access is regulated should be established according to the sensitivity or hazardousness of the facilities that they contain (e.g. embarkation areas and storage areas for sensitive or hazardous products). Rationalization should also be sought in checks to be carried out at the entrance to the port area, in part icular concerning freight. The mu ltiplicity of co mpetent administrations makes for co mplex p rocedures, and the slowing -down of traffic flo ws and errors or emissions, in particular with regard to security checks. Where the checking of goods is concerned, customs are the co mpetent authorities best able to implement this type of check and coordinate checks carried out by other national administrations in the framework of their activit ies. The Co mmission is in favour of establishing a "single entry point" where all the various authorities involved are p resent and at which the various checks are carried out. After passing the single entry point, all passengers and goods would be regarded as secure and authorized for embarkat ion. Maritime safety depends to a large extent on the security of other feeder modes of transport. Any chain is only as secure as its weakest lin k, especially with marit ime freight transport where volumes involved are so large that physical checking of goods is realistically conceivable at the entrance to the port area only on the basis of targeted inspections based on risk analysis, documentation and intelligence. In this connection,

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

D. Cant / Maritime and Supply Chain Security in Europe

5

the crucial ro le o f customs authorities in goods checking throughout the international logistics chain should be stressed, particularly as regards containers. It is therefore very important that, right fro m the start of loading operations at the warehouse o f the first supplier sending freight for shipment by sea, it should be possible to identify both the goods in question and those involved in their handling (suppliers and carriers), as well as the latter’s respective responsibilities. Th is process should b e continued throughout the routing of goods to the port, particularly if additional loading is carried out. This is only inco mpletely ach ieved at present. Current practices (e.g. written load declaration, physical sealing of containers the inviolability of which is questionable, last-minute additional loading) impose limits on security, particularly the abovementioned "said to contain..." practice. That is why the Co mmission supports the G8 approach to container security . Furthermore, it considers that encouragement should be given for any technological solution that makes it possible to develop "smart" secure containers and generalize their use in all modes of transport. The recent init iative to establish computerized customs accordingly seeks to introduce a technological solution involving all part ies in the freight logistics chain in the same computerized freight monitoring system. Generalization wou ld offer several advantages, the first being an increase in the security of the entire transport chain as a result of real-t ime knowledge of the nature of the goods transported, and of the various parties and their responsibilities. There can legitimately be expected to be an increase in the quality and efficiency of the transport chain, a reduction in its use for illicit purposes, and a reduction in theft during transport. Similarly, container fleet management would be simplified and more economic, since any container would be useable for any destination on any mode of transport. It is therefore essential to generalize the use of this type of container ultimately, for undoubted security reasons, but also to avoid any sort of disparity between the different modes of transport. This practice would in fact make it possible to meet the need s of both processing speed and container security during transhipment in ports, wh ich call for special attention by no means always given to them fro m the security point of view at present. The new standards adopted by the IMO clearly define certain security responsibilit ies, in particular with regard to the Contracting Governments and shipping companies. Ho wever, a number of grey or co mp lex areas continue to exist in the shipping world and hamper the imp lementation of optimu m security. The Co mmission considers that greater transparency is needed with regard to the identification of ship operators. It notes in this connection that, in July 2002, the OECD's Maritime Transport Committee started drawing up an inventory of practices that may make for a lack of transparency. In addition, and even though the Co mmission has itself taken steps to address all aspects concerning the security of maritime transport, it would be worthwh ile if all Member States were to adopt a multid isciplinary approach to this issue. The Co mmission is well aware of the historical, cultural and other reasons why the Member States have each adopted a different administrative and economic system for marit ime and port matters, in part icular at the level of the superv isory authorities. Without calling this into question, the Commission above all wants clear and comprehensible procedures to be established at both the national and Co mmun ity level with regard to marit ime security. Concerning the application of security measures in port areas, the Co mmission is in favour of a "single entry point" procedure.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

6

D. Cant / Maritime and Supply Chain Security in Europe

Moreover, the amendment to the SOLAS Convention and the ISPS Code assign major security responsibilit ies to the Contracting Govern ments. Part B of the Code recommends designating a national contact point responsible for nat ional marit ime security matters and liaising with the contact points of the other Contracting Govern ments. The Co mmission considers it essential to designate such contact points within the Member States, as sole national authorities responsible for ship and port facility security. Similarly, a "competent authority for port security" would seem to be essential in order to coordinate, for each Co mmunity port, the application of security measures for ships and port facilit ies. Provisions are therefore contained in the proposal for a Regulation [4] so as to make it possible, at Co mmun ity level, to monitor the imp lementation of the abovementioned security measures, and to specify the possible role of the European Maritime Safety Agency in this process. The European Co mmission considers that comprehensive and coherent action is needed on the part of the Commun ity in order to enhance maritime trans port security. While continuing to encourage progress within international organizations, there is a need to effectively imp lement the adopted measures as soon as possible, to define also the necessary security measures not covered by the future internatio nal agreements, and to ensure, at the international level, recognition of the acco mp lished actions, in order to promote trade without risk of distortion of co mpetition. This philosophy should underlie negotiations with the USA on the basis of a mandate giv en by the Council, and negotiations conducted by the Community with its major co mmercial partners, in particular China and Russia. Lastly, overall coherence and effective imp lementation of the adopted measures must be monitored in order to ensure the Commu n ity's credibility in this matter. Furthermore, since enhancing security measures, even when combined with suitable safety measures, cannot totally rule out all risk of accident, whether unintentional or malevolent, it is appropriate to reflect upon existing measures in order to limit the consequences of such accidents. Consequently, in order to limit the consequences of accidents on people and the environment, whatever their orig in, the Co mmission will examine the advisability of adopting measures aimed in part icular at guaranteeing a min imu m level of informat ion for the general public about how to behave following an accident. In this context, it will also examine, with the Member States, the need to ensure that emergency plans are drawn up and regularly tested in order to guarantee optimu m organization of emergency services in case of need.

1. Suppl y Chain Security Two key links in many supply chains, namely air transport together with airports , and marit ime transport with seaports , have established intense levels of security in the fo rm of rules and measures, along with detailed, legally b inding specifications and checks. A similar approach for remain ing links in the s upply chain would undoubtedly enhance the security of the entire supply chain. Ho wever, a co mparison of maritime and air transport with the supply chain as a whole reveals fundamental d ifferences. The marit ime and air transport markets are marked by a limited nu mber of operators, which, above all, operate in geographically confined and defined controllab le areas. They are used to security arrangements.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

D. Cant / Maritime and Supply Chain Security in Europe

7

The land transport supply chain as a whole has quite different d imensions. More than half a million co mpanies are involved in transport and ancillary services alone, ranging fro m major mu ltinationals to tiny service co mpanies rooted in a wide variety of cultures and business settings. They cover the entire Co mmunity. Most have no security management at present and, generally, security levels are only starting to develop. The security awareness of all actors involved in the intra-EU supply chain should be increased. Depending on the goods transported, the position of the operator within the chain, and the vulnerab ility of the infrastructure, the needed level of security can be defined. Highly prescriptive new security measures for all operators would lead to a breakdown of the supply chain. However, an increasing number of companies are establishing their own security management standards, not only to protect their own operations and brand, but also as a tool for selecting their partners in the supply chain. In view of the above, it is therefore impossible in practice to establish, in a single all embracing operation, security rules and measures for the land transport supply chain comparable to those in air and marit ime transport. Instead, it is more realistic to establish a framework of minimu m-security requirements that can gradually evolve in line with technological progress and risk develop ments in order to ensure satisfactory security levels in an operational environ ment. It is tempting to concentrate efforts on improving supply chain security levels in a limited nu mber of clearly identified key areas: devices are being developed to make seals more resistant to tampering; most logistics centres have tightened access rules and many operators have introduced background checks and identity cards for employees. Risk awareness is growing. All these developments are welcomed. But they are limited in scop e and do not offer the systematic approach to supply chain security necessary to respond to potential terrorist risks or attacks as promptly and effectively as possible. The supply chain is made up of a nu mber of operat ions, beginning at the production site and ending at the cargo’s point of delivery, and associated processes . These operations are interdependent, as are the operators that carry them out. A ll of the individual elements, including the informat ion flo ws, have to pull together to ensure high levels of security along the entire supply chain . However, imp roving security in well-defined key areas risks diminishing the impact of security measures if taken in isolation. The introduction of, e.g., secure seals would serve little useful purpose if not combined with appropriate develop ments in, e.g., personnel security attitudes. Indeed, a fully secure part of the mult i-operator supply chain where a specific security feature is of paramount importance would lose its security benefit if another part of the supply chain, with other security features, were allowed to remain insecure. At the international level, only complete, secure supply chains receive recognition. Tailo rmade measures are required for the mult itude of specific security features in response to the specificities of operators and supply chains. In view of the foregoing, it is considered more appropriate to foc us on the development of a Co mmunity security framework for the supply chain instead of opting for a patchwork approach [8]. Th is choice by no means precludes detailed Co mmunity-wide minimu m requirements, or even detailed rules for certain areas. As will be exp lained later, the framework should contain such minimu m requirements for all the indiv idual lin ks in the supply chain and specific technical ru les where warranted. In all cases, however, the framework should allow regular, easy updates. It has to be established whether one of the operators involved should be responsible for the security of the entire supply chain or whether each operator should bear responsibility for the

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

D. Cant / Maritime and Supply Chain Security in Europe

8

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

security of its part of the supply chain. This point is relevant because the supply chain consists of a considerable number of operators. The supply chain normally begins at the manufacturing site with preparation for shipment. Goods may be loaded into containers or otherwise packed. They may be collected fro m the manufacturing site to be transported by a single mode to their final destination. They may be taken to warehouses, storage areas, or inland terminals, where they may change transport modes. The operation may involve freight forwarders and agents or brokers. Every link in the supply chain is accompanied by often-sophisticated information processes. It is tempting to impose responsibility for the security of the co mplete supply chain on a single operator. While it would be simple, it would not reflect the reality of the market. It may well be that the specialized manufacturers, due to their size and t ype of operation, carry out, or at least fully control, transport operations. Their responsibility for the security of the entire supply chain may well be established. However, in normal co mmercial circu mstances, a manufacturer of good s does not carry out the complete transport operation. Specialized co mpanies do that, of which railway co mpanies are but one example. Indeed, manufacturers often do not know, nor even need to know, which operator transports their goods and by what means. T he same considerations apply to other operators in the supply chain that may control more than one link in the chain, or even, more rarely, the entire chain, except for the first stage, on the manufacturing site. Their responsibility may thus cover more than one stage. These market realit ies point to only one practical conclusion: each operator of each lin k in the supply chain assumes responsibility for the security of its own – but only its own – activities. Individual security measures add up to the security of the complete chain. Analysis of the supply chain identifies four groups of activit ies, each of which has its own security-relevant characteristics:    

Preparation of goods for shipment and shipment fro m the production site; Transport of goods; Forwarding of goods; Warehousing, storage and inland terminal operations.

The Co mmunity customs rules are based on the concept of “authorized econo mic operator”. Operators that comply with certain re liab ility criteria can be granted “authorized economic operator – AEO” status allowing them to benefit fro m facilitations for safety and security-related customs controls and/or from simplifications provided for under customs rules. The latter is of part icular co mmercial value to operators that can then control their material flow according to their own needs. Successful imp lementation of the “secure operator” scheme depends on tangible practical advantages for authorities, and for operators opting to make the financial investments: Use of public resources: Authorities responsible for security wou ld be able to concentrate their control resources on those operators which do not take part in the scheme without forfeit ing their right to control “secure operators” where warranted. The same approach proved successful when applied by customs authorities to their “authorized economic operators”. There is no reason to believe that security authorities would not benefit fro m being able better to focus their work.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

D. Cant / Maritime and Supply Chain Security in Europe

9

Europe-wide co-coordinated security drive: Authorities will be able, for the first time, to address Europe-wide supply chain security initiat ives on the basis of common awareness, common objectives and common criteria. Interconnectivity with secure maritime and air transport: Airports and seaports , including port facilities, wh ich come under stringent Community security rules, can be confident that cargo entering their perimeter fro m a chain o f “secure operators” has been adequately secured all along the chain. Such operators should be given preferential treat ment, e.g. by being authorized to use “fast track treatment”. Europe-wide recognition: Eu rope-wide recognition of a “secure operator” status awarded by a national authority has advantages for the operators and the Member States: The operator will benefit fro m recognition throughout the EU. The Member States will be able to rely on awards by other Member States, knowing that the stat us has been granted on the basis of uniform European rules, applying agreed min imu m European security requirements. Integration into global supply chain security: W ith co mparable security provisions, the customs authorities in charge of security controls at the external borders, both for exports and imports, will recognize for their “authorized economic operator” scheme, the status of a “secure operator” granted by the supply chain security authority. The supply chain security authority will do likewise with the “authorized economic operator”. Current work by customs authorities and the conditions under the proposal [4], if imp lemented, will lead to co mpatibility and mutual recognition. The “secure operator” scheme would allow European exporters to benefit fro m current US import facilitation schemes, but also anticipates international developments. In fact, a European scheme could become a model for a rapid worldwide imp lementation of the global supply chain security reco mmendations developed by the World Customs Organization. Business security performance: The “secure operator” can demonstrate to its clients and to its partners in the supply chain its ability to keep the supply chain free of security breaches. It will be easier to identify responsible, security -conscious business partners to the detriment of others that are not security-conscious. Business efficiency and resilience: Experience in adjacent areas points to the conclusion that operators can reap benefits from part icipating in the “secure operator” scheme. Imp lementation of the CSI scheme (US Container Security In itiative) in marit ime t ransport, although not specifically designed for operators’ benefit, is widely acknowledged to have had a number of positive co mmercial side-effects, notably better operational systems, and better control over and predictability of transport and other processes, as well as more reliable processing times and reduced loss through theft. Trends in recently published research indicate that a number of cost factors, both of the transport chain and of the businesses involved, would derive positive collateral benefits in a nu mber of areas fro m imp roved security measures.

2. Mariti me Security in the Port of Antwerp  Current STATUS of the port of Antwerp :  

Total surface: 134 km² River bank: 120 km

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

D. Cant / Maritime and Supply Chain Security in Europe

10

          

Total quay length: 130 km Total railway length: 960 km Total road length: 400 km Sea going vessels: 16.600 Pipelines: 360 km Total transhipment 2007: 181.500.000 tons People: ~135.000 every day A high volume and great diversity of goods; The port is a distribution centre and a giant warehouse; For the vast majority of the Port Facilit ies in Antwerp, imp lementation of the ISPS-code is enforced on the totality of the Terminal and not only on the ship shore interface; There are 85 ISPS cert ified port facilities in the port of Antwerp, and in addition, ~500 port-related co mpanies (= logistic stakeholders) within the port boundary.

 Maritime Security Structure in Belg iu m & Antwerp:

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

 

National Authority of Maritime Security (Several min istries); Local Co mmittee of Maritime Security (Harbour Master, Police, Customs, State Security).

In Antwerp t wo fo ru ms have been installed to enhance the dialogue between the Port Authority and the Port users (Port Facilit ies, Ship Chandlers, Service co mpanies, The Chaplain …). The Port Security Th ink Tank is a regular meet ing (4 times a year or on demand) where Port users can put a security problem on the agenda. The dual ro le of the Authorities of the Po rt of Antwerp with respect to Maritime & supply Chain Security is remarkab le. On the one hand, the Authorities’ responsibility is to ensure the implementation of the provisions of the EC Regulation on Port Facility Security, that is, to certify port facilities and impose a fine if necessary, and on the other hand, the same Authorities in Antwerp have the legal obligation to develop a Port security plan taking into account the precedence of the security provisions of port facilit ies to be cert ified over the provisions of their own Port security Plan. Are both responsibilit ies of the Authorities compatible and / or consistent?

3. Mariti me & Suppl y Chain Security & Areas of Attention The mandatory provisions (the amendment to the SOLAS Convention and Part A of the ISPS Code) are indispensable for enhancing maritime security. They require that ships be permanently marked with their identificat ion number, fitted with an auto matic identification system (AIS) and a ship security alert system for spreading the alarm in the event of hostile action against the ship, and issued with a continuous synopsis record (CSR), wh ich is a kind of identity document recording the history of the ship. They also provide for a set of active and passive security measures based on three security levels (normal, increased, high), their implementation being linked to an

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

D. Cant / Maritime and Supply Chain Security in Europe

11

overall risk assessment. They include the requirement to appoint people responsible for carrying out security measures (ship, company and port facility security officers), to prepare a security plan geared toward risk assessment (ship and port facility), and to issue an international ship security certificate, as well as arrangements for personnel training and exercises. Provision is also made, depending on the potential risk to persons, property and the environment, fo r the possibility of drawing up a declaration of security between the ship and the host port facility defining the responsibilities of each, and fo r inspection by State authorities of a ship in port or about to enter port for security reasons. The duties and obligations of the various players (Contracting Govern ments, co mpanies, ships' masters and port facilities) are clearly defined. Part B of the ISPS Code consists of very detailed reco mmendations intended to provide guidance in imp lementing the mandatory provisions. The Contracting Govern ments are responsible in particular for designating recognized security organizations (responsible for provid ing security services to port facilit ies and ships) and national or regional marit ime security contact points, to manage the security levels and to exchange info rmation on security matters. This part of the ISPS Code also contains detailed proposals for both ships and port facilit ies, regarding assessment of the risks and the security plans to be prepared, and personnel training and exercises. It also shows how, and in what cases, a declaration of security should be drawn up between the ship and the host port facility. Member States shall designate a port security authority for each port covered by this Directive. A port security authority may be designated for more than one port. The port security authority shall be responsible for the preparation and imp lementation of port security plans based on the findings of port security assessments. Member States may designate a ‘co mpetent authority for marit ime security ’ provided for under Regulation (EC) No 725/2004 as port security authority. Member States shall ensure that port security assessments are carried out for the ports covered by this Directive. These assessments shall take due account of the specificities of different sections of a port and, where deemed applicable by the relevant authority of the Member State, of its adjacent areas if these have an impact on security in the port, and shall take into account the assessments for port facilities within their boundaries as carried out pursuant to Regulation (EC) No 725/ 2004. Each port security assessment shall be carried out taking into account as a minimu m the detailed requirements. Port security assessments may be carried out by a recognized security. Port security assessments shall be approved by the Member State concerned. It should be mentioned that in different Member States the process of the implementation of the EC-Regulat ion & EC-Direct ive on Port Facility & Port Security was considerably slowed down because of the fact that national authorities did not start up their work to transpose the Directive into national law. Because of this, port authorities could not proceed with their work to implement the EC-Directive & the ECRegulation. It can be derived fro m the internal survey that additional work for port authorities in relat ion to the Po rt Security Directive mainly occurs in ports that have no clear natural borders or clear borders, by way of concrete fencing in the peripherals of the ports. Especially for seaports with areas characterized by a far-reaching integration of direct marit ime activit ies and more industrial activit ies, the imp lementation of the Directive seems to cause a lot of additional work. The same can be mentioned for seaports that are stretched out over a wide area and have a mixture of other than

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

12

D. Cant / Maritime and Supply Chain Security in Europe

directly marit ime act ivities within the port area. Especially for the latter, the Directive entails a lot of work (assessments) whilst additional security measures might seem rather abundant. The security assessment has not been finalized in all ports. If the assessment has not yet taken place, this is main ly due to missing or vague or inconsistent national legislative basis. Assessments often included identifying and evaluating assets and infrastructure in the wider port area. Th is was followed by determining threats and risks on these assets and infrastructure as well as analy zing counter measures. Most port authorities identified a risk-based approach as the preferred option. The only basis for deciding upon security standards should be risk-based. Therefore the risk-assessment method should be used to determine such measures. Only by means of a risk-based approach can terrorism be effect ively fought. This applies to port perimeter protection, as well as to determining the use of specific technical equipment with in a port. Port authorities indicated the controversial issue of determin ing boundaries of the port area under the scope of the Direct ive. In most Member States, port authorities were consulted and involved in the process of setting the boundaries of the port area. In some EC Member States, this boundary was defined on the basis of the existing competence of certain authorit ies, whereas in other Member States the boundary was connected to activities that have a direct marit ime link. In that sense, areas that are recreational, public domain or residential zones can be left outside the scope of the Directive. In so me cases such areas were excluded fro m the start, whereas in others the security assessment determined whether or not they needed to be included in the port area. Other controversial issues are the division of tasks between different authorities, and mo re specifically the role of the focal point for port security, the co mpetent authority for maritime security and the port security officer. Furthermore, it is unclear whether the RSO (Recognized Security Organizat ion) should act as a single person or as an institution. Finally, assessment and plan approval procedures often remain somewhat vague. When addressing a ‘port’ or a ‘port facility’, it must be kept in mind that the legal boundaries and jurisdiction of port authorities is very diverse across Europe, as it should remain. The definit ion of a port must remain a matter of subsidiarity. The impact of the port on the adjacent areas and possible security measures should be based on a risk assessment. It is necessary to realize that a 100% secure system does not exist. The only possible way to co mpletely secure all European ports would be to close them. Therefore carrying out a risk assessment should be the basic principle prior to taking any action and putting in place any security measures. After the risk assessment has been completed, the right level of security should exist at the sub area parameter. An open port is in some cit ies essential, as numerous facilit ies or even urban areas can be found in the port area. Co mp lete fencing off of port areas is detrimental for various reasons, including public support for port development plans. Complete fencing would increase a feeling of insecurity that is not justified for most sub areas of the port. ESPO [1] believes that access to certain sub areas should be unlimited at low security level. Across Europe, port authorities have diverse legal means and competences . A clear task division between relevant authorities and stakeholders is vital. Therefore coordination must be ensured.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

D. Cant / Maritime and Supply Chain Security in Europe

13

It should be prevented that every new piece of legislation may create an additional layer o f security inspections that could hamper port efficiency. Co mmun ity inspections should focus on correct imp lementation of EU legislation by Member States. Customs play an important ro le in port security, as customs are mainly responsible for the content of the cargo (which is particularly important for containers). As this affects the international supply chain, measures related to customs should also be preferably taken at the international level. Therefore security initiat ives should preferably be co mpatib le or fit within the international framewo rk of the World Customs Organization (W CO). The new WCO's SAFE Framework of Standards is set up to maximize customs-to-customs and customs-to-business cooperation through its AEO (Authorized Econo mic Operator) concept [5]. Facilitation benefits will be o ffered to those traders who comply with basic security standards, thus allowing for increased security of the supply chain whilst facilitating the movement of leg itimate trade. It is intelligence and the speed and relevance of the information being exchanged that will make or break the ‘secured’ supply chain . There is little doubt that stakeholders in the whole logistic chain have a valuable role to play in the supply chain. In this regard, the ‘secured’ ports and independent ‘secured’ terminal operators also have a role to play, as they are, in some respects, the critical link in the whole supply chain, given their interface between the maritime and landside transport sectors and the designated authorities responsible for the compliance of maritime security measures. Consequently, like all other stakeholders in the logistic chain, they will have to invest in robust, capable community systems that can communicate with all partners in the freight game, the so-called ‘single-window-concept’. In supply chain & logistics, trust is good but control technology is even better. Professional technical systems solutions can be used for this, such as: RFID, active GPS/ GSP t ransponders, electronic seals, danger warning systems, video monitoring technology (analysis, sensor technology, transmission systems), peri meter protection, access control systems, automatic number plate recognition. Technical security solutions should be integrated in the logistic processes and existing IT-applications of each stakeholder within the supply chain. A ‘real-time’ management of shared and visible security information through the whole logistic chain is indispensable and will only be feasible and effective when the transfer speed of the relevant security informat ion of a ship ment is simultaneous with the physical shipment, e.g. container. Security solutions should be implemented as part of an integrated security strategy, involving all private & public stakeholders. All stakeholders in the supply chain become potential entry points for a security breach that can affect others well downstream in the supply chain. Stakeholders in the supply chain are forced to collaborate in ways that were never before thought necessary. Supply Chain Security becomes a question of image, a significant criterion for quality, a selling point and a business qualifier!

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

D. Cant / Maritime and Supply Chain Security in Europe

14

Figure 1. Supply chain management

References [1] [2] [3] Copyright © 2010. IOS Press, Incorporated. All rights reserved.

[4] [5] [6] [7] [8]

European Sea Ports Organization – ESPO. Regulation (EC) No 725/2004 of the European Parliament and of the Council of 31 March 2004 on enhancing ship and port facility security. Directive 2005/65/EC of the European Parliament and of the Council of 26 October 2005 on enhancing port security. Proposal for a Regulation of the European Parliament and of the Council on enhancing supply chain security – COM (2006), 79. The security amendment of the Community Customs Code (Regulation (EC) 648/2005): the creation of the AEO concept. The Container Security Initiative (CSI) Strategic Plan. Customs-Trade Partnership Against Terrorism (C-TPAT). The Megaports Initiative - Second Line of Defence.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security E. Shahbazian and G. Rogova (Eds.) IOS Press, 2010 © 2010 The authors and IOS Press. All rights reserved. doi:10.3233/978-1-60750-621-8-15

15

Harbour Protection: The Role of NATO Navies in the Third Millenium Andrea MUCEDOLA HEAD of Maritime Defence Planning of ACT

Abstract. After 9/11, the world has seen a dramatic change in the nature of threat, moving from a static, clearly identified possible menace to an asymmetric one where rules are unclear and unpredictable. Example of such asymmetric threats include: various terrorist acts, such as naval sea mines, improvised explosive devices (C-IED), weapons of mass destruction (WMD), suicide attacks, as well as illegal migration, narco-traffic, etc., which can dramatically and quickly capture international political attention, providing more and more sensitive challenges to master. It is therefore necessary to establish balanced and feasible defence measures in order to adequately respond to threats in the global requirement for security. This paper describes various common NATO initiatives launched to jointly reduce vulnerability and enhance security in ports, including joint policy as well as new technology development.

Keywords. asymmetric threat, maritime security, situational awareness, defence against terrorism

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Introduction Recent statistics affirm that 90% of today’s world goods – large quantities of raw materials that are necessary for keeping the global economy afloat, are moved by sea. The renewed centrality of worldwide sea basins in the global system will maintain this focus in the future. The rising importance of oceans is particularly evident in the case of relatively small seas such as the Mediterranean, which, despite representing only 1% of the total sea surface, has a central role in global economy and trade dynamics. With twenty-five coastal states in three different continents and over eighty ports of international relevance, this basin is further characterized by the transit, with ships and pipelines, of 65% of the European Union’s oil and gas needs every year. It is self-evident that Maritime Security is related to the importance of sea transit as a unique and extraordinary means to connect geographically distant people, permitting cultural and economic exchanges. Recognizing this importance, it is therefore time to challenge the sea-blindness of some policy makers who consider it a subordinate element of land activities. A more comprehensive approach and new understanding of future challenges should catalyze foreign and security policies of countries and organizations, typically characterized by continentally inward strategies, to realign toward maritime-oriented and outward-looking lines of development. The importance of sea lines of communications (SLOCs) and main harbour security approaches for worldwide energy security were recently raised by the NATO

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

16

A. Mucedola / Harbour Protection: The Role of NATO Navies in the Third Millenium

Secretary General, Jaap de Hoop Scheffer, at Lloyds of London in December 2008. The SECGEN, revisiting NATO’s actual priorities, stressed the possibility that NATO may be called upon to police the oceans in order to protect energy transporter companies against old but ever-renewed threats. The ocean is crucial to global economy, and the goal of maritime security is to free the maritime environment from any form of threat. Diminishing natural resources and increasing demand will provoke a greater request in terms of protection of maritime seafarers. After 9/11, the world has seen a dramatic change in the previously expected overall threat, moving from a static, clearly identified possible menace to an asymmetric one; in the naval environment, non-nuclear submarines and sea mines continue to pose difficult challenges to maritime security, especially if used in an asymmetric environment where rules are unclear and unpredictable. Although submarines may be considered a traditional naval threat, and high sea antisubmarine warfare capabilities must be maintained and improved, the emergence of mini subs and submersibles poses a new threat in shallow water areas. These midget submarines can be extremely dangerous and unpredictable. Naval Sea Mines are cheap and highly cost effective, and can be easily found in the black (or even grey) market. Improvised explosive devices can be easily designed and used by divers in a variety of different ways, using commercial scuba equipment easily bought on the Internet. Last but not least, the environment plays a significant role in reducing the rate of clearance, depending on bottom types and water volume, physical characteristics and complexity. Naval mine warfare military forces, while very well prepared, are not sufficient to cover new additional demands posed by asymmetric scenarios. In order to overcome these quantitative/qualitative pitfalls, NATO has made significant efforts to improve the military forces' capability to reduce response time (an essential factor if we consider economical aspects of the non availability of the harbour approach and maritime infrastructures to industry) and improving their efficiency in terms of percentage of success. This includes risk management in sensitive scenarios and waterfronts of commercial relevance. Unfortunately history provides dramatic examples of maritime blindness, heavily paid for by many tons of losses. Underwater warfare, sometimes considered a cold war remnant, became popular only after dramatic incidents at sea, perhaps reaching a high in the 80s during the Gulf war when two American ships were hit by mines, and has since let its capability drop to minor levels as the risk appears to be less likely. 9/11 has drawn attention to how some areas of naval warfare, included in recent NATO concepts, are becoming more and more important in future asymmetric scenarios. However, it is well understood that asymmetric warfare cannot be faced with regular capability but requires feasible and innovative responses supported by the evolution of doctrine, material, training and transformational goals. These issues are constantly being discussed in NATO, and a common understanding is being sought on how future NATO capabilities should be tailored to face future threats. Indeed, NATO countries have been involved in defence planning processes to adapt their military organizations to future risks in order to improve capabilities to accommodate these non-traditional tasks. It should be stressed that the goal is to find solid solutions against evolving threats in a backdrop of unpredictable defence budget cuts in a future time frame of 10-15 years.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

A. Mucedola / Harbour Protection: The Role of NATO Navies in the Third Millenium

17

After November 21, 2002 at the Prague Summit, NATO started a new initiative, the Prague Capabilities Commitment (PCC), aimed at focusing defence objectives on secure communications, deployable assets and protection against weapons of mass destruction (WMD). The NATO Response Force (NRF) was created to provide NATO with a more effective tool in terms of deployability and efficacy. Although the PCC results might be considered mixed due to different political choices and regrettably declining defence budgets, particularly on the European side of the Alliance, the Riga 2006 Summit marked a milestone when Nations agreed to concentrate their effort on high priority capability development areas under a comprehensive political guidance (CPG) approach, drawing a framework to identify, for the next 15 years, which priorities NATO should pursue in terms of capabilities. In addition, a NATO Defence Against Terrorism program (DAT) was launched to concentrate resources on 11 major topics extracted from recent operations or events. Included are the identification of countermeasures against improvised devices (CIED) and infrastructure and harbour protection. As stated, despite the predominant “boot on the ground vision,” the maritime arena is now the focus of renewed attention by politicians and international trading lobbies, focusing in particular on those activities that will potentially disrupt commercial sea trade and interfere with the smooth running of commercial harbours. This is the case with Piracy and other illegal activities at sea, not the least of which is terrorism, which all require responses that short-term stopgap measures cannot adequately provide. It is clearly understood that without confidence in the nations' abilities to counter threats, merchant ship companies will suffer a reduced sense of security, which could affect the overall economy in terms of goods availability and insurance costs. This requisite is particularly felt in international fora, considering that the menace can now easily be extended to sensitive infrastructures such as pipelines, oilrigs, platforms and merchant vessels alongside or at anchor. Illegal migration, narco-traffic and terrorism can dramatically and quickly capture international political attention, providing even more sensitive challenges to master. It is therefore necessary to establish balanced and feasible defence measures in order to adequately respond to threats in the global requirement for security. The “Comprehensive Approach,” outlined at the Bucharest Summit, seeks to integrate “civilian” capabilities in a common effort to improve security as well as safety in the maritime arena. It goes without saying that for general development and well being, free and peaceful use of the maritime domain is a given, and a common balanced effort to enhance defence capabilities to protect strategic coastal assets and maritime trades is necessary. A greater coordination effort in maritime situational awareness (MSA) activities among the different member states will improve maritime environment monitoring. To achieve this need, civilian and military must work more closely together. MSA also benefits from, and is dependent on, adapting technologies to improve the quality of information concerning shipping and associated activities. National maritime security actors must be involved in this close coordination effort in order to set up an efficient information system, as a successful key for timely intervention decisions. For this purpose, maritime forces are seeking to develop systems able to ensure enhanced surveillance capacity of maritime spaces and prevent possible threats in tight conjunction with civilian actors and NGOs. The need to review old maritime strategies is now being felt, but this can be said to be merely a return to existing maritime ops, calling for a stronger maritime presence to perform constabulary tasks in support of law enforcement agencies to protect not only

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

18

A. Mucedola / Harbour Protection: The Role of NATO Navies in the Third Millenium

territorial and international sea lanes but also critical coastal infrastructures from kinetic attack by criminal and ideological groups. For the high seas it involves all nations' navies operating in basins of interest. As for coastal areas, an “integrated maritime surveillance” consists of both monitoring and physical presence in concerned areas, with support from other related state agencies. As stated, 90% of world trade goes by sea. These ships are most vulnerable to attack at the beginning and at the end of their journeys in ports, when loading and unloading. The attractiveness of harbours as targets for terrorist actions can be explained as follows:

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

− High visibility. An attack on any civilian maritime infrastructure will garner a high level of media interest due to the fact that most of ports are in the proximity of urban areas; − Infrastructure protection and available resources. Ports are vital to economic development and are not easily controlled. Actors responsible for maintaining security must respond to a variety of possible hostile actions. Although Harbour and Coastal Protection is traditionally a Law enforcement and Coast Guard task, as part of a homeland security remit, different solutions are now being developed by nations. Opinions diverge on the correct level of military engagement within civilian infrastructures due to different procedures, knowledge, best practices, training and sharing of responsibilities. − Consequence management and economic impact. An attack on a harbour or any other transport infrastructure node can be seen as one of the most cost effective actions. Theoretically speaking, a 5-cent phone call announcing a bomb inside the confined area of a port or harbour, while causing disruption for only a short period, can cause huge financial damage to companies as a result of the consequent delay of loading and offloading of goods. However, security cannot be confined to maritime infrastructure: approach routes and anchorages are still very sensitive to unpredictable hostile action. An attack on military and civilian vessels is not hypothetical, but a reality. On October 12, 2000, a suicide boat attacked the USS Cole during a logistic port visit to Aden, causing almost 170 million dollars of damage. Seventeen sailors were killed and thirty-nine others were injured in the tremendous and unexpected blast. The attack was sponsored by Al Qaeda, and pictures of the wounded ship were broadcast around the world. Regrettably, the rules of engagement approved by the Pentagon kept the personnel on duty from firing upon the small boat loaded with explosives as it neared without first obtaining permission from the Cole's commanding officer. The small boat packed with less than 700 pounds of explosives, and the blast blew a 40-foot hole in the side of the USS Cole. On 6 October 2002, the French oil tanker Limburg was attacked off the coast of Yemen. The ship was carrying 397,000 barrels of crude oil from Iran to Malaysia and was stationed off the coast waiting to load additional oil. An explosive dinghy rammed the starboard side of the oiler causing 90,000 litres of oil to leak into the Gulf of Aden, 45 million dollars worth of damage, and the death of one sailor. Fortunately, the oil spill caused limited pollution. While this incident resulted in relatively minor damage, the economic consequences were highly relevant. The oil price increased by about half a dollar, Aden harbour lost 4 million dollars and some thousands of employees lost their jobs.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

A. Mucedola / Harbour Protection: The Role of NATO Navies in the Third Millenium

19

Internationally, this raised queries concerning consequence management. Are modern navies able to protect and provide support to civilian vessels? We might ask what these two dramatic events have highlighted. The first lesson learned is that all ships might be subject to attack by terrorist groups when alongside, at anchor or crossing choke points. The USS Cole was conducting fuel operations in a harbour, in what was believed to be a relatively safe environment. Port calls for military ships have become a major point of concern, because although ships are relatively safe at sea, they need to resupply. Regrettably, the next port call of a ship can be discovered with relative ease due to commercial dependency on the supply chain. Logistic activities are therefore difficult to execute in a covert manner. Vessels must proceed at slow speed when approaching harbours and ports, thus increasing their vulnerability. The high traffic density along inbound sea-lanes cannot be easy controlled because of the number of small boats crisscrossing the approaches sometimes in very shallow water. Another very sensitive issue is the protection of coastal oil and power infrastructures, some of which are adjacent to the coast, while others are further out at sea but can still be easily reached by small vessels able to perform illicit activities, ranging from kidnapping workers for ransom (as in the case of the Movement for the Emancipation of Niger Delta) to destroying pipeline heads. Oil and gas infrastructures are particularly vulnerable as well as associated power plants1, and expensive security systems are required to protect them. Hostile actions towards these targets can carry heavy social/political consequences, from actual physical damages as well as psychological impact from media coverage. More recently, some terrorist groups seem to have found financing by working in symbiosis with criminal groups. In particular, narcotic trafficking appears to be an easy way to procure the money necessary to buy weapons and finance heavy cost terrorist operations. The question should be raised as to whether this is merely a local problem or a global one as part of a broader plan to affect industrial western economies? Multinational criminal organizations are now faced with the Coalition of Willing Naval Groups sharing the cost of expensive maritime surveillance operations, and legal constraints might limit the effective capabilities of navies (e.g. rules of engagement of agreements and treaties that limit actions on the high seas Force protection is becoming, in an asymmetric warfare scenario, an important factor that might influence future requirements for the third millennium maritime forces. Force protection may seem to have a rather military connotation, but in today’s climate it is highly relevant. Although Force Protection (FP) and Harbour Protection (HP) are closely related, the former includes measures and means necessary to minimizing vulnerability of personnel, facilities, materiel, operations and activities from threats and hazards in order to preserve freedom of action and operational effectiveness. Protection of naval forces rests on a coordinated system of sensors, situation reports and effectors that are more effective the greater the distance from the coast. The overall risk increases dramatically by approaching brown-water, and reaching its apex during port visits. To be effective, warning and reaction times should be reduced to a minimum. It is self-evident that naval protection in harbours and at sea is an issue that should be developed in the general concept of an “Expeditionary Navy.” Harbour Protection (HP) focuses on minimizing the vulnerability of the water and landside area of the harbour in order to preserve freedom of operation for ships using 1

Saudi Arabia’s oil plants have 16000 kilometers of pipelines and a number of critical infrastructures.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

A. Mucedola / Harbour Protection: The Role of NATO Navies in the Third Millenium

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

20

their facilities. It can be seen as a 3-dimensional area including the airspace above the harbour, the landside fences and areas within port limits that are to be used by a vessel, and the sea bottom under vessels. It includes jetties and other landside installations within boundary fences and on the waterside, both the area within the navigational boundaries of the harbour itself and any associated anchorages in the vicinity. This highlights the scenario's complexity. Harbour Protection requires a number of different assets, and the capability to exploit these means, results in a process that includes an assessment of threat devices, warning tools, and active and passive defensive systems. Rules might change because of the number of actors inside the area of concern, and a coordination authority should be established in order to harmonize common effort and improve safety and security. A modern Maritime Operation Centre might be a solution for providing situational awareness and coordination. As mentioned before, NATO launched a "Programme of Work for Defence against Terrorism (PoW DAT) in the context of "protection against terrorism" focusing on 11 areas where there is a need to develop new technologies. Individual NATO countries and Capabilities Groups, directed by the CNAD (Conference of National Armaments Directors) 2 , are leading the various projects with support and contributions from member countries and partner nations. This complex programme includes items of direct relevance to the maritime sphere, where requirements are derived from recent lessons learned in all theatres where NATO troops were and are engaged. For instance, DAT Item 2 focuses on protecting ships in port and at anchor, while Item 7 and Item 10 seek solutions for ground situation surveillance for the protection of infrastructure facilities (not only maritime). This is a field where maritime, air and land requirements should be approached in a joint manner to reduce stove piping. Coordination becomes critical when harbour protection is performed in a hostile environment such as a war scenario or in area where social instability is very high and it is necessary to blend all the necessary civilian actors (i.e. NGOs) and the military. The common NATO approach is to analyze and test available technology provided by the industry and to develop, demonstrate and test different systems meeting the criteria for harbour protection and protection of ships in port and close to shore. The programme is also investigating the use of innovative sensors that can be integrated into command and control systems and will eventually propose decision-making tools to allow adequate actions to be taken as a response to threats. In other words, to identify and test the capability to manage a system of systems able to provide real time situational awareness in articulated asymmetrical threat environments assuming possible risks from underwater attackers (carrying conventional and improvised ordnance), from fast inshore attack craft and slow low flyers. The first Trial, led by Italy and supported by NURC (NATO UNDERWATER RESEARCH CENTRE), took place at LA SPEZIA (Italy) in April 2006, with the aim to evaluate pure underwater threats such as divers posing different shape ordnances. To reduce surveillance time, UUVs (underwater unmanned vehicles) appeared to be an effective and mature technology able to support conventional assets as navy divers and mine counter-measure vessels. The second trial was performed at TARANTO, (Italy) in September 2007 and provided an opportunity to evaluate different detection systems 2

Most NATO activities to identify opportunities for collaboration in research, development and production of military equipment and weapon systems for armed forces takes place under CNAD working groups. The Conference meets in plenary session twice a year and collects output from the three Main Armament Groups (NAAG as NATO Army Armament Group, NNAG NATO Naval Armament Group and NAFAG NATO Air Force Armament Group) concerning Research and Development activities. Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

A. Mucedola / Harbour Protection: The Role of NATO Navies in the Third Millenium

21

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

against small fast boats (as used against USS Cole). Radar and other electromagnetic sensors were evaluated. The latest trial was organized in Eckernförde, Germany from 18 August to 5 September 2008. Numerous multi-national and multi-functional surveillance and detection sensors were linked into a network centric battlemanagement system for detection, localization and identification of potential terrorist threats in the harbour’s sub-surface and surface waters and airspace. Again, various technologies were explored. This included the testing of Autonomous Underwater Vehicles (AUV) for mine and Improvised Explosive Device (IED) detection and clearance, the development of an array of sensors, sonar and sea barrier devices, and systems networking to detect and protect against surface and sub-surface craft and divers. AUV technology, in particular, is revolutionizing the capability of naval forces to detect and counter inner harbour and shallow water mines and other water-borne threats. The output of stand-alone systems was a secondary aim of the trial. The focus was on the integration of these systems in order to make all information available to decision makers. This demonstration was very successful and a critical step in the DAT Program of Work was successfully achieved. Some major lessons were learned and are the basis for further development: − A multi-dimensional harbour threat warning system might be possible using commercially available off-the-shelf (COTS) technology based on sensor integration for subsurface, surface and air pictures; − The defence framework should be tailored to the threat while maintaining a level of flexibility; − Modular deployable structures can support passive and active sensors in order to increase the surveillance level required; − Non-lethal responses might be an alternative option to lethal ones; − An Interagency approach is considered necessary to meet the challenge of effectively protecting naval units in harbours and in littoral waters from terrorist asymmetrical attacks. In addition, it should be understood that Maritime Operation Centres are key future enablers in the maritime arena, providing excellent tools to face future asymmetrical threats in a common military and civil environment. It is each NATO nation’s responsibility to provide security within territorial waters for ports and harbours. Outside territorial waters, the navy retains its role as “protector of the high seas,” and NATO's Standing Maritime Groups can be used for this purpose if necessary and agreed upon by nations. Inside territorial waters, each nation has different beliefs about the role of the navy. Although it is clear that in times of crisis or war security is a military task, in peacetime against an asymmetric threat, this responsibility is less clear, and in many nations the remit of Coast Guard and Police Forces. However it is certain that the military can help, and as the common factor is water, the navy must take the lead as primus inter pares. NATO’s effort toward investigating means of enhancing harbour protection is ongoing: lessons learned and new requirements call for increased harmonization among all actors. The threat to sea lines of communications can be decreased if naval forces improve their surveillance capabilities, especially in inbound routes to harbours. Future decision-making systems will provide those responsible for port protection with adequate means to alert and coordinate efficient responses in complex and sensitive situations.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

This page intentionally left blank

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security E. Shahbazian and G. Rogova (Eds.) IOS Press, 2010 © 2010 The authors and IOS Press. All rights reserved. doi:10.3233/978-1-60750-621-8-23

23

Maritime Threats: Origins and Enabling Factors Valerio de DIVITIISa Independent analyst, Italy

Abstract. Maritime security faces a wide range of challenges in addressing contemporary threats. The safety of trading flows is a pivotal element of the current international order and countermeasures derived from open-minded analysis may contribute to countering and reducing terrorist and criminal maritime menaces.

Keywords. maritime security, maritime terrorism, organized crime, seaports, supply-chain security, corruption, container security, seafarers

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Introduction The protection of the maritime infrastructure faces challenges requiring a deep analytical and open-minded approach. Effect ive countermeasures may help decision makers to take precise actions and mit igate threats in the maritime environ ment. Any countermeasures constitute a partial and limited contribution to a wider process requiring constant knowledge upgrade and rethinking of strategies to decrease the possibility of marit ime incidents. The objective of this paper is to offer a comprehensive and concise overview o f the nature of risks posed by the phenomena of marit ime terro ris m [1], [2], by considering the relevant role played by organized crime in many international seaports .

1. The Mariti me Environment The sea represents a priority environment fo r international geopolitical balance that is not possible to effectively control. Furthermore, International marit ime law offers a weak framework fo r utilizing shared knowledge and cooperative commit ments among States. Doubtless, countering the wide spectrum of illegal act ivities taking p lace within the maritime environment is very difficult. Terrorist and criminal organizations thoroughly explo it opportunities offered by the maritime natural and business environment to pursue illicit activ ities and disruptions. As such, they increasingly pose serious asymmetric threats in a field constituting a fundamental pillar of the international order. Security conce rns are a

Valerio de Divitiis is an independent analyst in International relations. He regularly participates in the works of the Observatory for National Security (OSN), belonging to the Italian Ministry of Defence, through the Association O.Me.R.O. of which he is a co-founder. E-mail address: [email protected] Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

24

V. de Divitiis / Maritime Threats: Origins and Enabling Factors

geared in particular to the protection of seaports , merchant, and passenger vessels as well as several kinds of Crit ical Energy Infrastructures, offshore facilities and littoral infrastructures. A recent and meaningful exa mple of how easy it is to exp loit the maritime environment for terrorist purposes is the terrible attack occurred in Mumbai in November 2008 [3]. The maritime dimension is a fundamental gate for the perpetrations of all terrorist and criminal activ ities. Specifically, the mult iple attacks carried out in Mu mbai underlined the importance of protecting not only logistical key areas but sensitive shorelines as well. It is hardly conceivable to guarantee that very large coastal areas be properly protected, but it is possible and suggested to enhance marit ime security along the whole shores of main, sensitive, or strategic coastal cities and their marit ime outskirts, as well as to utilize a similar approach to the protection of other kinds of possible targets (e.g. transit routes, straits and channels harbours, tourist localities/resorts). International maritime law would require a rev ision for providing a solid framework of understanding that could allow also ad hoc and temporary init iatives (undertaken by a single state, in partnership or by an international organization) to more effect ively counter maritime threat factors. Cooperative and mult ilateral countermeasures, with the involvement of national agencies, relevant in ternational public actors (e.g. IMO, NATO, W CO, EU, UNODC, UNICRI) as well as private stakeholders (e.g. International Maritime Bureau, insurance companies, shipping companies, energy supply companies, security co mpanies and tour operators) may facilitate the process of analyzing maritime threats in order to significantly enhance security of the supply chain and beyond. Transparency among national maritime registers (especially regarding the open registers) as well as stricter rules and background requirements to which to submit both marit ime shipping co mpanies and seafarers , represent necessary actions for effective countermeasures against international marit ime threats. Moreover, a crucial factor in reducing maritime insecurity is the imp rovement of political and social stability in marit ime countries whose waters may be affected by marit ime threats. Furthermo re, the prevention of restoring stability in countries whose security if co mpro mised could affect g lobal maritime security is another key po int in the adoption of effective countermeasures. In the current very sensitive historical mo ment for global economies, wh ile criminal groups are increasing their power and role throughout the world, a deep cooperative approach built upon political and military agreements, could offer a better chance to reduce organized crime and terrorist organizations in the marit ime environment, with the consequence of countering threats aris ing from the explo itation of seaborne legal and illegal trade. High seas and maritime industry offer an ideal environ ment to avoid control and make profits fo r organizat ions and companies. Co mmercial shipping can be used either to smuggle weapons, to move terrorist operatives through countries or to launder illicit funds for terrorist organizations. The ability to freely transport personnel and weapons around the world is one of the most important factors for international terroris m. Flags of convenience are a strategic way for terrorist organizat ions to work behind a wall of anonymity. Furthermore, pirates and terrorists explo it maritime limits and borders in order to escape and hide, leaving behind coast guards and military ships.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

V. de Divitiis / Maritime Threats: Origins and Enabling Factors

25

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

2. Seaports and Vulnerabilities When considering seaports vulnerability, a thorough review of their functions in the supply chain and in transportation is necessary. A comprehensive and classified methodology which purpose is to effectively reduce threats towards ports and harbours should analyze official and unofficial infrastructure data vital for the global economy. Many international ports and related facilities suffer fro m the st rong presence of organized crime , and it is a real concern that terrorist organizations can profit fro m existing security weakness. Ports and shipping are attractive targets for organized crime actors. Furthermore, transnational terrorist organizations and state-sponsored terrorist organizations are a cause for worry. These actors are fully aware of the fact that the marit ime industry represents an explo itable soft target in terms of smuggling of arms, personn el, or lethal WMD components and as a point of attack. A strike against a large port facility (or other marit ime key infrastructures) could, for instance, tackle a nation’s economy, significantly impact world stock markets and cause significant casualties and potential long-term environ mental damages. Ports are a key asset in the marit ime system and their vulnerability is considerably high [4], [5]. Intelligence operations might include threat assessments, while taking into account the role of a specific port/harbour facility in the geopolitical p lans of an organized crime group and its possible relation (or co-operation) with a terrorist group that could be interested in acting in/hitting a specific marit ime object. Terrorist and criminal organizations are generally prone to carefully analy zing wh ich seaports guarantee ideal conditions for perpetrating their goals. A preliminary step in reducing marit ime threats demands a deep knowledge of seaports environments, requiring the strategic collaboration of local personnel working in seaports facilit ies and/or boarding vessels. Such individuals should have particular characteristics: they should possibly be nationals of the state, in which a seaport under consideration is located, be familiar with its daily routines and peculiarities, be able to speak local d ialects and have practical knowledge of criminal and illicit networks operating in the considered port. The participation is such networks could increase the reliability of the information gathering process. Subsequently, a constant review and updating of HUMINT would provide more effect ive data in order to improve systems for ports and harbour security. The development of preparatory and planning systems for detection of threat to the marit ime infrastructure and preventing disasters such as terrorist attacks or the seizure of cargo or preventing the seizure of a vessel transporting dangerous materials or arms), might be a subsequent countermeasure. A further step in countering maritime threats requires the fight against unhealthy practices such as bribery and corruption, and enhancing the dominance of the rule of law throughout customs, seaport facilit ies and the shipping industry. After 9/11, several international in itiatives led by The Un ited States were undertaken in order to prevent maritime terrorist stamp disasters. The main reason for the adoption of these measures was to counter-balance the weakness of the international law with regard to maritime safety against terrorist acts [5]. An interesting and meaningful action aimed to imp rove container security is the recent US homeland depart ment decision to scan, as of 2012, 100% of the containers directed to US seaports in the seaports of provenance. This measure offers a clear signal of sensitivity toward security risks posed by commercial ships (e.g . the terrorist

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

26

V. de Divitiis / Maritime Threats: Origins and Enabling Factors

use of a container to deliver arms, for smuggling people or for the perpetration of an attack in a seaport), which remain the most important element for a regular and international balanced trad ing flow. It is noteworthy to mention that this measure would have a substantial impact on supply chain processes involving U.S. economy, as it will entail a different conception in terms of trade mechanisms timing.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

3. Mediterranean Basin The security of the Mediterranean basin is essential for ensuring stability of NATO members and partners in the Mediterranean. This southern flank of the Alliance puts NATO members in direct contact with current geopolitical choke points. The Midd le East and No rth Africa, together with Eastern Europe, the Caucasus and Central Asia, are critical areas requiring efforts in reducing threats (symmetric and not) to the Alliance countries. The Mediterranean perspective suggests a comprehensive and constant marit ime approach to prepare an enduring and flexible strategy to counter risks and to preserve stability and prosperity among NATO member states, Partnership for Peace countries, Mediterranean Dialogue and Istanbul Cooperation Initiative countries. Naturally, the impact of mo re secure conditions in a specific geographical area would have beneficial effects beyond itself. The Mediterranean area might be envisaged exclusively as a peaceful pivot for relations among actors with outstanding differences in terms of growth. Co mmercial and political effects of modern piracy demonstrate the importance of ensuring political stability in Mediterranean countries in order to avoid a lack o f maritime security that could create even greater challenges to be overcome. The constant increase in piracy during recent years, widely (and often confusingly) reported by the international mass med ia, confirms how polit ical instability favours the flourishing of maritime threats and how terrorist groups (whose connections with world wide piracy is well-known) are able to explo it opportunities offered by the marit ime environ ment. A terrorist attack might take place at sea in ways that are difficult to predict. The following actions constitute marit ime terrorist modus operandi attacks: ramming vulnerable vessels at sea; blowing up vessels at ports; attacking vulnerable ashore or off-shore critical in frastructures, carrying out underwater attacks by divers or suicide demolition teams, using limpet mines. The Mediterranean political area is heterogeneous and some of its countries show instability and/or potential instability affecting the marit ime d imension as well. The reinforcement of NATO's Operation Active Endeavour (OAE) is a necessary commit ment to survey Mediterranean waters and adapting a mu lti-faceted response to the complexity of terrorist threats. A cooperative approach should be adopted in order to raise maritime awareness with regard to the Black Sea reg ion while expanding NATO's ro le in partnership with existing operations. Maritime insecurity is a common concern for many countries: marit ime threats constitute partially new ground requiring co-operative countermeasures to be properly addressed.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

V. de Divitiis / Maritime Threats: Origins and Enabling Factors

27

4. Conclusions Maritime do main awareness is based on actionable intelligence, the cornerstone of successful maritime counter-terrorism operations. It is important to ensure the regular flow of marit ime traffic and to protect seaports and marit ime crit ical infrastructures in order to reduce world wide instability. Exp lo itation of the sea area for terro rist or criminal purposes is a reality of contemporary global (dis)order. When assess port and harbour exposure to terrorist threat, it is necessary to examine their exact nature and strategic value in legal and criminal activit ies. An analytical approach would require to determine how a considered port is useful for criminal needs, and which countermeasures should be implemented for deterrent a terrorist attack involving such port. This paper p resented some suggestions, wh ich may be taken into account while developing such approach. Thus, for examp le, if organized crime and terrorist groups are cooperate around a particu lar port, the possibility of a terrorist attack carried out by these groups is not very h igh since the counter-productive effect this attack might have on their own interests. In this perspective, the security of a port could be assessed by identifying the past, current and future nature of activities of criminal and terrorist organizations. Tracking both criminal activit ies (frequently involving terroris m financing) and the exp loitation of the maritime environ ment fo r terrorist purposes, is an important activity, which can prevent terrorist attacks. However, Even if a port is a fundamental infrastructure for a terrorist/criminal network, state-sponsored terroris m, for instance, could hit it anyway. The suggestions offered in the paper do not represent un iversal rules that law enforcement agencies can rely on in order to analyze port risks, but they doubtless represent important considerations.

Endnotes

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

[1]

[2]

[3]

[4]

Maritime terrorism refers to the undertaking of terrorist acts and activities with in the maritime environment, using or against vessels or fixed platforms at sea or in port, or against any one of their passengers or personnel, against coastal facilities or settlements, including tourist resorts, port areas and port towns or cities. Møller, Bjørn [.4] “Even though maritime terrorism has so far been a very minor problem, one cannot completely discount the rather widespread fears of much worse to come. Most ‘nightmare scenarios’ envisage a use of ships as floating bombs or as delivery vehicles for explosive devices, perhaps even nuclear ones; or attacks against passenger ships, such as a ferry or cruise ship, that are simply intended to cause a maximum of fatalities; or the sinking of ships in order to produce a maximum of economic damage, for instance, by blocking congested and narrow waterways such as the Malacca Straits for the Suez Canal. Various insurgent groups that are sometimes labelled terrorists have made quite extensive use of the sea, usually because they operate in local areas that are closely linked to it." Roul, Animesh [5]: "In one of the most prolonged deadly terrorists attacks the country has ever seen, at least ten Muslim terrorists entered Mumbai on November 26 using sea routes to perpetrate mindless carnage at several places, including the main railway station, a hospital and two luxury hotels. Based on the results of police interrogations, two individuals identified as Abu Hamza and Khafa have been named as trainers who provided maritime lessons and training in the handling of explosives and weapons." Ciotti, Silvia: [2]: “ It is important to consider the value of international practical cooperation in this matter, and the potential role of existing organizations, alliances, cooperation agreem ents, law enforcement agencies. Indeed, given the difficulties that the existing organizations and conventions are facing to become really effective, it may not be financially feasible to create new law enforcement agencies and new special institutes or maritime corps to fight the new threats. New organizations require time and resources to become operative and practically efficient, and general agreement and approval by all the official actors involved in their creation, maintenance and organization. To obtain all

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

V. de Divitiis / Maritime Threats: Origins and Enabling Factors

28

[5]

[6]

of this for a new start -up organization would be a utopia; in the meantime we would lose much time while pirates and terrorists continued their illegal activities. Difficulties are mostly connected with control and authority over the maritime hot spots and chokepoints all over the world. We have to remind that more than 80% of world trade is conducted by sea. More than 46,000 large vessels and some 4000 major ports make up the global maritime transport system, and a successful maritime attack could have a potentially huge effect on the international economy. In identifying the world’s hotspots, we can use data on the locations of piracy and maritime terror incidents, threat warnings by international maritime organizations, and strategic analysis of the world’s most vulnerable sea areas and routes. Maritime targets present logistical complications and require specialized skills and knowledge, and therefore land-based targets are still preferred by terrorists. However, some analysts have begun to suggest that ‘threat displacement’ effects could occur as a result of target hardening on land. A successful maritime attack could have a devastating effect on world trade." Luft, Gal [3]: "There is growing evidence that terrorists find the unpoliced sea to be their preferred domain of operation. Terrorist groups such as al Qaeda, Hezbollah, Jemaah Islamiyah, the Popular Front for the Liberation of Palestine-General Command, and Sri Lanka’s Tamil T igers have long sought to develop a maritime capability. Today, over 60% of the world’s oil and almost all of its liquefied natural gas is shipped on 3,500 tankers through a small number of ‘chokepoints’—straits and channels narrow enough to be blocked, and vulnerable to piracy and terrorism." Chalk, Peter [1]: "The Container Security Initiative (CSI), which involves a series of bilateral, reciprocal accords that, among other things, allow for the forward deployment of U.S. Coast Guard and Border Protection (CBP) officers and their foreign counterparts to pre-screen container ships bound for and departing from U.S. shores. The International Ship and Port Facility Security (ISPS) Code, which was adopted by the International Maritime Organization at its December 2002 conference and outlines minimum security procedures that all ports and ships above 500 tons must meet to improve overall maritime security. Relevant authorities at the destination terminal can turn away a vessel which does not meet the requirements, or which leaves from a port that does not meet the requirements. Stipulations in the code are based on those embodied in the U.S. Maritime T ransport Security Act (MT SA of 2004.The Proliferation Security Initiative (PSI), which aims to combat the proliferation of weapons of mass destruction by sanctioning the right to stop, board, and, if necessary, seize a vessel on the high seas if its is suspected of smuggling chemical, biological, radiological, or nuclear materials. The Customs-Trade Partnership Against Terrorism (C-TPAT), which offers international importers expedited processing of cargo if they comply with U.S. Thus far, over 45,000 companies have agreed to participate in C-TPAT."

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

References [1] [2] [3] [4] [5]

Chalk, The Maritime Dimension of International Security, RAND Corporation, 2008. Ciotti, NAT O Advanced Research Workshop (ARW) Piracy and Maritime Terrorism: Logistics, Strategies, Scenarios, 2009. G. Luft, Institute for the analysis of Global Security, Hearing before the subcommittee on International Terrorism and Non-proliferation of the Committee on International Relations House of Representatives, 2005. B. Møller, Piracy, Maritime Terrorism and Naval Strategy, DIIS REPORT 2009:02, Danish Institute for International Relations. A. Roul, Mumbai T error Investigation Leads to Pakistan’s “ Epicentre of Terrorism”, T errorism Focus Volume: 5 Issue: 42, 2008.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security E. Shahbazian and G. Rogova (Eds.) IOS Press, 2010 © 2010 The authors and IOS Press. All rights reserved. doi:10.3233/978-1-60750-621-8-29

29

A Maritime Security Incident Map of the Alondra Rainbow Hijacking a

Maximo Q. MEJIA, Jr.a and Roland AKSELSSONb Maritime Law and Policy, World Maritime University, Malmö, Sweden b Design Sciences, Lund University, Lund, Sweden

Abstract. This paper presents the preliminary results of a pilot study in an ongoing project that analyzes past maritime security incidents using graphic representation models. This pilot study aims to identify some of the active and latent conditions that allow maritime security incidents to occur, to conduct a macro-level analysis of security incidents, and to determine the feasibility of adapting the AcciMap as a tool for maritime security management. The method employed in this pilot study is the application of the concepts and principles formulated by Rasmussen and Svedung and the adaptation of their AcciMap graphic representation model to the 1999 hijacking of the general-cargo vessel Alondra Rainbow. The materials used are information gathered from official and journalistic investigations conducted into the security incident. As part of its results, this paper presents a SecInciMap of the hijacking and identifies actors and latent and active conditions relevant to the incident. The paper’s preliminary conclusion is that the adaptation of the AcciMap to the context of maritime security is feasible and could play an important role in a proactive maritime security regime.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Keywords. maritime security, AcciMap, SecInciMap, terrorism

Introduction Shipping today is exposed to a wide spectrum of violent criminal acts that often result in serious injury, death, and substantial financial loss. Within this spectrum, the two most commonly identified threats are terrorism and piracy. Addressing these threats is a complex process that requires effective policy and enforcement at different levels. At the international level, work has been undertaken to revitalize relevant conventions. Most notably, the Convention for the Suppression of Unlawful Acts against the Safety of Maritime Navigation (SUA), 1988, and the International Convention for the Safety of Life at Sea (SOLAS), 1974, have been amended. Some writers have already expressed doubts over the adequacy of the amended conventions and have pointed out a number of latent weaknesses. One of the many challenges facing policy makers is the development of useful tools for a multilevel analysis of the security seascape to facilitate the identification of problem areas and the formulation of appropriate, perhaps even proactive, action plans. Those in use in maritime security today are designed for application at the operational/shipboard level and not the strategic/national level. The paucity in tools serves as the impetus for this study which aims to: (1) identify some of the active and latent conditions that allow maritime security incidents to occur, and (2)

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

30

M.Q. Mejia, Jr. and R. Akselsson / A Maritime Security Incident Map

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

explore the feasibility of adapting the Rasmussen-Svedung AcciMap as a tool for maritime security management. Large-scale accidents continue to occur in spite of numerous efforts to design safer systems. Rasmussen [13] speculates that this is due to an inadequacy of tools to explain accident causation in today’s dynamic society that comprises several levels of decisionmaking ranging from legislators, administrators, and managers to work planners, supervisors, and system operators. He argues that traditional “task analysis focused on action sequences and occasional deviation in terms of human errors” is insufficient and should be replaced by “a model of behaviour shaping mechanisms in terms of work system constraints, boundaries of acceptable performance, and subjective criteria guiding adaptation to change” [13]. In a series of publications, including at least two articles [13, 16] and a book [12], Scandinavian scientists Jens Rasmussen and Inge Svedung present an array of tools, which includes the AcciMap – a graph representing a particular accident scenario based on the classic cause-consequence chart of the causal flow of events supplemented by a representation of the planning, management, and regulatory bodies that contribute to the creation of scenarios. Developed further with Svedung, Rasmussen’s safety management tools are characterized in terms of the following tensions: (1) functional abstraction versus structural decomposition, and (2) cross-disciplinary approach versus multi-disciplinary approach. Rasmussen and Svedung propose the application of tools that examine “functional relationships among variables” in order to obtain an overview of the macro multi-level system instead of breaking down the system and examining its component parts for “connections of events, decisions, acts and errors” [12]. The weakness of a structural decomposition approach is that it may be helpful in identifying courses of action at very specific levels but prove insignificant in its impact on the overall safety of the system. Rasmussen and Svedung apply the AcciMap, together with the ActorMap and InfoFlowMap, to past accident scenarios in search of patterns and tools that can contribute positively to proactive risk management efforts [16].

1. Materials and Methods The method employed in pursuing this pilot study’s objectives is the application of the concepts and principles propounded by Rasmussen and Svedung [13], [12], [16] in an exploratory adaptation of their AcciMap graphic representation model to the 1999 hijacking of the general-cargo vessel Alondra Rainbow. Graphic representations have a long history of application in the field of industrial risk management and have been useful in providing overviews of intricate events and processes that pave the way for specific accidents. So far as the authors’ research has shown, these concepts have not yet been adapted to the field of maritime security. The terms “latent conditions” and “active conditions” used in this paper are adapted from Reason’s [14] definitions of “active failures” and “latent conditions.” Since security incidents are characterized by deliberate criminal interventions, the term “active failure” becomes inappropriate in the context of this paper and is therefore replaced by the term “active condition.” Active conditions are those that have an immediate impact and contributory effect in allowing the occurrence of a maritime security incident, while latent conditions are those that “can lie dormant for a time doing no particular harm until they interact with local circumstances to defeat the

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

M.Q. Mejia, Jr. and R. Akselsson / A Maritime Security Incident Map

31

system’s defences” [13]. Active conditions are found closer to the lower levels of organization, that is, at levels of “the human-system interface – the front-line or ‘sharpend’ personnel,” whereas latent conditions “are spawned in the upper echelons of the organization and within related… regulatory and governmental agencies” [13]. Since the adaptation portrays the violent hijacking of a ship rather than an accident, the graph will be referred to in this paper as a SecInciMap (security incident map). The SecInciMap adopts the approach taken by Rasmussen and Svedung in constructing the AcciMap which employs functional abstraction and cross-disciplinary analysis to identify all relevant factors “that contributed to the creation of the accident scenario, whether or not they have violated rules or committed errors” [12], The Alondra Rainbow was selected because it is typical of the “medium size, infrequent” category of security incidents and is one of the very few hijacking cases that underwent the complete judicial process that resulted in the conviction of the pirates. Additionally, because it was a high-profile case that came in the heels of a long streak of vessel hijackings, accounts and documentation surrounding the incident are relatively easy to obtain. The principal materials used in constructing the SecInciMap are the judgment rendered by the Court of Sessions for Greater Mumbai [17], a 246-page document that includes details of the hijacking and the recovery of the vessel; an account written by Abhyankar [1], one of the expert witnesses at the hijackers’ trial in Mumbai; and the book The Outlaw Sea by Langewiesche [6], a well-researched piece of investigative reporting that includes material from interviews that Langewiesche conducted with the convicted hijackers. To complete the description of the different levels of the sociotechnical system, including latent conditions, articles on maritime security issues relevant to most cases of piracy and hijacking were also consulted [2], [3], [5], [7], [8], [9], [10], [15]. The Alondra Rainbow was a 370-foot, 7,762 gross tonnage general-cargo vessel built in 1998, owned by a Japanese company, and flagged in Panama. On 18 October 1999 it was berthed at the Indonesia Asahan Aluminum plant, a coastal facility in the Indonesian port of Kuala Tanjung where the ship began loading a cargo of 7,000 tons of aluminium ingots worth approximately 10 million dollars. Having completed loading of the cargo, the ship sailed out of Kuala Tanjung at 2010 the evening of 22 October. Two hours after departure it was boarded by pirates from a rubber boat launched by the pirate ship Sanho. At around midnight the Alondra Rainbow’s blindfolded crew of 17 were transferred to another ship (presumably the Sanho) and, after a week, set adrift on a life raft. After 10 days adrift on the raft, the crew was rescued by a Thai fishing vessel and delivered to authorities on Phuket [17]. On 27 October, approximately 3,000 MT of the cargo was transferred to the cargo ship Bonsoon II, which delivered the shipment to a buyer in the Philippines [1]. Acting on the cargo ship’s reported disappearance, the International Maritime Bureau (IMB) issued a special alert to all ships, offering a US$200,000 reward for information leading to location of the missing vessel. The hijacked vessel was eventually captured on 16 November by Indian naval forces on the high seas some 300 nautical miles west of Mumbai. The 15 pirates were convicted by the Court of Sessions for Greater Mumbai in 2003 and sentenced to seven years imprisonment. Using the literature identified above, this study reconstructed the events leading not only to the hijacking of the Alondra Rainbow but also to the eventual recovery of the vessel and capture of the hijackers. Latent and active conditions that facilitated the planning and execution of the hijacking were identified. These events, decisions, and conditions were assigned their places on the SecInciMap according to the

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

32

M.Q. Mejia, Jr. and R. Akselsson / A Maritime Security Incident Map

corresponding level in the socio-technical system. The SecInciMap includes one more level, “International treaties and conventions,” in addition to those found in the AcciMap. To avoid disturbing the existing number scheme for levels in the AcciMap, this additional top-most level in the SecInciMap is labelled Level (0).

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

2. Results The result of the adaptation of the Rasmussen-Svedung AcciMap graphic representation model to construct a SecInciMap of the 1999 hijacking of the generalcargo vessel Alondra Rainbow is presented in Figure 1 below. The following numbered text elaborates upon the corresponding circled numbers in the figure. (1) Due to limited economic resources, coupled with political instability brought about by threats posed by secessionist movements against Indonesia’s territorial integrity, the protection of foreign merchant shipping cannot expect high priority in the country’s national policy agenda. Attempting to maintain control over six million square kilometres of Indonesian waters is a virtually impossible task for the Indonesian Navy and its fleet of around 120 ships [4]. (2) Heavy budgetary burdens have a direct impact on the planning of anti-piracy naval patrols (3) which end up being limited in frequency and effectiveness (4). (5) The vast expanse of water under Indonesian jurisdiction is approximately the same breadth as the Mediterranean Sea. Additionally, the Earth is covered by 360 million square kilometres of ocean [18] that makes hiding most vessels relatively easy even on a clear day. (6) Indonesia is the world’s largest archipelagic state, with more than 17,508 islands and 54,716 kilometres of coastline [18]. (7) Thousands of watercraft used both as a mode of transport and as a means of livelihood, dot Indonesia’s waters. This makes it difficult to distinguish between legitimate fishermen or ferry operators and pirates. Together with items (5) and (6), this make adequate patrolling by the country’s coast guard and naval forces a challenging task. (8) Aggressive competition in the ship registry business forces smaller open registries to develop novel arrangements to ensure a presence in the major shipping centres of the world in spite of limited financial resources.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

M.Q. Mejia, Jr. and R. Akselsson / A Maritime Security Incident Map

33

Figure 1.

(9) It is common for open registries to delegate or authorize local experts in a particular international port to act as their representatives in the survey and registration of ships. Some representatives of a number of ship registries have been known to sell original blank documents including ship safety and registry papers as well as certificates of competency on the black market [1].

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

34

M.Q. Mejia, Jr. and R. Akselsson / A Maritime Security Incident Map

(10) The hijackers of the Alondra Rainbow possessed complete sets of documents from the registries of Belize and Liberia filled with details and particulars suited to their criminal plans [17]. (11) The cargo of aluminium ingots valued at USD10 million was only one of the objects of the hijacking operation. The acquisition of a practically brand new vessel, also worth USD10 million, together with prospects for taking in new cargo in the future and diverting these to other ports were the other significant motivations. (12) Soft law or para-droit are instruments such as, inter alia, resolutions, codes, declarations, recommendations, guidelines “generated by the organs of international institutions or other such law-making bodies which in a strict legal sense may not be binding, but possess a persuasive character” [11]. At least three maritime security related para-droit instruments were in existence at the time of the hijacking: Maritime Safety Committee (MSC) Circular 443, which introduced the concepts of a ship security officer, operator security officer, and a port facility security officer [19]; MSC Circ. 622, which provided recommendations to governments for preventing and suppressing piracy and armed robbery against ships, but the circular only has the effect of guidance [20]; and MSC Circ. 623, which contains recommendations to ship owners and ship operators, shipmasters and crews on preventing and suppressing acts of piracy and armed robbery against ships but the circular only has the effect of guidance [21]. Circs. 622 and 623 both are regularly updated through regional workshops and assessment missions conducted by IMO in the world’s principal maritime regions. (13) Shipping and ports legislation and policy at the national level set the tone for the development and implementation of regulations governing ports and ships. The effectiveness of law and policy is dependent on many factors, including budgetary constraints. (14) Regulations are developed and implemented at the level of the port authority. Whether or not the provisions of the soft law are adopted in the port regulations may be determined at this level. (15) Aggressive competition influences the budget for the kind of port security system implemented, installed, and maintained. (16) Since MSC Circ. 443 is not adopted at the national level as mandatory regulation, port security planners did not adopt provisions pertaining to it. (17) International port terminals are notorious for the number of unauthorized people such as souvenir hawkers, etc. allowed to loiter along the berths. Coordination of security measures between ships and port facilities were left to the discretion of the individual port authority. Access control to the port facility is inadequate. (18) Vessel regulations, such as those relating to minimum safe manning, are developed and implemented at the level of the maritime safety administration. Also, whether or not the provisions of the soft law are incorporated into vessel regulations may be determined at this level. (19) Aggressive competition influences the kind of manning policy adopted by the shipping company. Since para-droit does not have the force of mandatory regulation, the provisions of MSC Circs. 622 and 623 were not adopted. The absence of mandatory regulations meant that minimum ship security standards were set at the level of each shipping company. (20) The master is ultimately responsible for the planning and implementation of the watch keeping routines and schedules on board his ship. Much depends on the number of officers and ratings deployed to the ship by the company, subject to minimum safe manning regulations.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

M.Q. Mejia, Jr. and R. Akselsson / A Maritime Security Incident Map

35

(21) Just like any other commercial activity, commercial success in the highly competitive world of shipping rests on being able to operate at “the fringes of the usual, accepted practice” [13]. Today’s ships are double the size but manned by half the crew compared to ships in the 1970s. The phenomena of reduced manning levels and increased ship sizes are well-documented sources of fatigue among seafarers [5]. This means there are fewer crewmembers to cover a wider area and fulfil the ever-increasing number of on-board tasks and duties. The dark seascape, dotted with dozens of watercraft of all shapes and sizes, made it difficult to maintain a tight watch and thus also contributed to fatigue [6]. (22) Pre-meditated action with criminal intent is one element that is not normally found in an accident, and one that differentiates a SecInciMap from an AcciMap. The sophisticated operation was planned months in advance by a criminal syndicate [1], [17]. (23) An informant in the port illegally provided information on the Alondra Rainbow's movements to the pirate group that facilitated the identification of both optimum time and ideal location to board the ship while underway [6]. (24) Inadequate access control mechanisms to prevent boarding by unauthorized persons in port (see item (17)) and on board ship (item (21)), plus planning by the criminal syndicate (item (22)) using insider information (item (23)), facilitated the smuggling of one of the pirates on board the Alondra Rainbow while the ship was loading its cargo. The pirate posed as a hawker or stevedore and concealed himself on board the ship. (25) The lack of ship security planning and reduced manning levels meant the antipiracy watch conducted by the Alondra Rainbow’s crew was inadequate to detect any ships or small craft intending to come alongside the ship. (26) Two hours into the voyage of the Alondra Rainbow, the pirate gang “approached from behind in their small fast boat” and climbed aboard the ship as it “ploughed ahead under autopilot at 13 knots” [6]. The pirate who was already on the ship facilitated the boarding of his comrades by lowering ropes over the side for them. The crew was eventually overpowered and detained in the mess hall. The hijackers took control of the Alondra Rainbow. (27) Soon after taking over the ship, the hijackers repainted the freeboard and renamed the ship Global Venture, complete with spurious Liberian registration documents obtained from corrupt representatives (see item (9)) [1]. (28) Part of the cargo – 3,000 MT of aluminium – was transferred to the Bonsoon II and diverted to the Philippines where it was landed without any difficulty and sold on the black market [1], [6]. (29) Even though claimants were able to locate and positively identify the stolen aluminium, Philippine authorities were unable to help recover the 3,000 MT of diverted cargo, thus highlighting the complex transnational dimension of organized crime. (30) The hijackers were directed to head towards the Arabian Sea. The ship was once again given a new identity, now as the Mega Rama, complete with spurious registration documents from Belize (see item (9)) [1]. (31) After a two-day chase, Indian naval forces recovered the Alondra Rainbow/Global Venture/Mega Rama and its remaining cargo on 16 November 1999 approximately 300 miles south west of Mumbai [1]. (32) The fifteen hijackers were apprehended and put to trial. They were convicted by the Court in 2003 and sentenced to seven years imprisonment [17].

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

36

M.Q. Mejia, Jr. and R. Akselsson / A Maritime Security Incident Map

The post-vessel recovery events help identify latent conditions in the national and international legal and collaborative frameworks that may contribute to allowing the risk level, for similar incidents might occur, to remain the same or even increase. Two situations highlight the complexities of the legal framework – initial difficulties in determining how the hijackers should be prosecuted in India and inability by Philippine authorities to help recover the 3,000 MT of diverted aluminium cargo. (33) The international legal framework for maritime security at the time of the hijacking, consisting of the United Nations Convention on the Law of the Sea (UNCLOS) and the Convention for the Suppression of Unlawful Acts Against the Safety of Navigation (SUA), contains a number of weaknesses vis-à-vis piratical acts. In particular, these relate to the specific definition of piracy in UNCLOS Art. 101 and complicated conditions for hot pursuit in UNCLOS Art. 111 [2], [3], [9], [15]. (34) In spite of adopting the term unlawful acts in its title, SUA does not address all criminal offences against shipping. This is compounded by a strong requirement for the unlawful act to endanger the safety of navigation, without which the act would not be considered an offence under the Convention. Additionally, there is a lack of uniformity among states in terms of sanctions for offences under SUA [7]. (35) According to Menefee [14], “municipal legislation is the true fulcrum for the problem, and that much of the weakness of anti-piracy responses may be traced to the lack of attention paid to domestic piracy law.” The law against piracy in Indonesia closely mirrors the UNCLOS piracy provisions, including their weaknesses [4]. (36) In spite of the acknowledged desirability of engaging affected states in regional cooperation [9], bilateral & multilateral anti-piracy cooperation treaties between most of the affected Southeast Asian states have proven difficult to implement. (37) Due to the transnational dimension of organized crime, the prosecution of major cross-border piracy or hijacking cases becomes an almost impossible task. The bundle of criminal acts are broken down into separate, relatively minor crimes under the respective states’ jurisdictions. This latent weakness in the international system hinders the development and implementation of an effective global anti-piracy programme. (38) Deterrent factors that operate or exist in the background have a potentially substantial influence on whether criminals decide to plan and carry out hijackings in spite of the associated risks. These factors act in some kind of feedback capacity in terms of the risk-based decision-making exercised by criminal elements. The following are examples of deterrent factors or barriers: stricter port access control, stricter ship access control, tighter anti-piracy watch on board ship, high risk of apprehension through more frequent naval patrols, ship design taking security into consideration, measures addressing the use of stolen blank documents, tighter customs control, better naval intelligence, high prosecution success rates, and tougher sanctions or punishments. These represent negative feedback that serves as a deterrent to crime. On the other hand, ships that are easy to board, law enforcement that is not visible or is easy to evade, markets where stolen goods can be readily sold, jurisdictions where the risk of prosecution is low, or penal laws that provide light punishments, are examples of factors that give encouraging feedback to potential hijackers.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

M.Q. Mejia, Jr. and R. Akselsson / A Maritime Security Incident Map

37

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

3. Discussion Reconstruction of the events surrounding the hijacking of the Alondra Rainbow using the SecInciMap helps identify some of the latent and active conditions that facilitated the planning and execution of the hijacking. In general, these conditions relate to, inter alia, inadequate international maritime security conventions; virtually inoperative bilateral or multilateral anti-piracy cooperation agreements; absence of mandatory practical maritime security measures and inadequate access control mechanisms; coastal state disadvantaged by geography, political instability, and inadequate human and financial resources; corruption within certain maritime administrations; company cost-cutting measures that result in reduced manning levels that in turn lead to fatigue and compromised attention span among seafarers; and planning by highly organized crime syndicates. The preceding section elaborated on how the post-vessel recovery events reveal some of the latent conditions. There are other latent conditions such as, for example, items (1), (8), (12), and (13). Conditions that play a more active role in increasing the risk of maritime security incidents can be identified in items (4), (9), (17), (21), (22), (24), and (25). The overview provided by the SecInciMap facilitates the identification of the control structure and relevant controllers or actors in a maritime security incident such as the Alondra Rainbow hijacking. Items (1), (3), (8), (12), (14), (18), (33), (34), (35), (36), and (37) are some of the issues pertinent to identifying the control structure and actors. The control structure in this context consists of, inter alia, international organizations responsible for formulating and adopting the legal framework for maritime security, maritime administrations that mandate standards for ships, local authorities that enforce security measures in port facilities, coastal states that provide the presence necessary to deter pirates and hijackers, and shipping companies that establish security systems on board their ships. The actors or controllers in this structure are decision makers across all levels of society – public officials that are endowed with the relevant policy-/decision-making and enforcement authority as well as shipboard and shore-based management responsible for the development and implementation of a security system. Svedung and Rasmussen [16] emphasize that the development of an AcciMap involves the identification of decision-makers “that have influenced the conditions leading to accident through their normal work activities” (emphasis added). Most of the actors or controllers undertake their normal work activities without being cognizant of the influence of their isolated actions on the occurrence of maritime security incidents. The SecInciMap’s vertical perspective provides an understanding of the interaction between different actors as well as the roles they play in influencing decisions and events. Nonetheless, the SecInciMap by no means provides a comprehensive list of actors. Numerous others that have a substantial impact upon the system are not reflected in the map such as insurance companies, shipbuilders, naval architects, education and training institutions, port state control inspectors, etc. Neither does the map identify all relevant background elements that could directly or indirectly influence the chain of events, such as the individual motivations of the hijacker, socioeconomic conditions in coastal areas, geopolitical conditions in the region, high cost of fuel oil, shortage of qualified ship’s officers, low freight rates, etc. An analysis of these factors might reveal whether a systematic migration of organizational behaviour brought about by pressure towards cost-effectiveness in an aggressive competitive environment [12] can be linked to the hijacking of the Alondra Rainbow.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

38

M.Q. Mejia, Jr. and R. Akselsson / A Maritime Security Incident Map

The issues raised and discussed in this section point to the feasibility of adapting the AcciMap to the context of maritime security. The exercise shows that the graphic representation of a past maritime security incident can assist in identifying relevant actors and conditions, and therefore serve as an aid to proactive risk management. The SecInciMap can serve as a vehicle in support of discussions when auditing security management systems on board ships, or during national and international policy deliberations affecting maritime security. The SecInciMap can also help set the boundaries of safe performance. Items (12), (14), and (18) reveal that while the boundaries of security-enhancing actions are available through MSC Circulars 443, 623, and 633, these are cast in hortative instead of imperative terms. The boundaries are known but do not have any coercive effect because of their recommendatory nature; the SecInciMap increases awareness of the need not only to make the boundary explicit but also mandatory. Svedung and Rasmussen [16] note that the AcciMap’s aim is the design of improved systems and, as such, places emphasize the importance of “a representative identification of factors sensitive to improvement.” The present study shows the potential for the SecInciMap to help achieve this aim. The identification of concomitant conditions using the SecInciMap can aid policymakers in designing measures to address factors relevant to the hijacking of ships.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

4. Conclusions and Further Study The above discussion addressed the objectives of this pilot study to: (1) identify some of the active and latent conditions that allow maritime security incidents to occur; (2) develop a vertical, macro-level analysis of security incidents; (3) construct a security incident map (SecInciMap); and (4) make a preliminary assessment of the feasibility of adapting the AcciMap as a tool for maritime security management. The process of constructing the SecInciMap led to some highly relevant questions. One question relates to how readily adaptable safety and risk management concepts are in the context of security. As mentioned earlier, safety and security are not congruent. While accidents are the result of the “loss of control of physical processes capable of injuring people or damaging property” [13], security incidents are the result of human intervention deliberately planned and carried out to break the ship’s security barriers. As indicated by item (14) in the SecInciMap, criminal intent plays a crucial role in security incidents. The pirate’s or hijacker’s will and readiness to rob, injure, or kill is a form of energy that also serves as the primary hazard source in the socio-technical system described in the map. Since criminal intent is not easily defined or bounded, determining how the root causes that release this energy can be eliminated becomes a highly challenging proposition. The boundaries of secure ship operation can prevent incidents or mitigate their negative effects. Greater international cooperation and more stringent national law enforcement can also serve as deterrents. However, in many cases, the elimination of root causes is dependent on the success of poverty alleviation programs – a condition that requires socio-political rather than ergonomic intervention. Another important question pertains to validity and reliability. How much can the study of one incident be expected to contribute to a wider understanding of maritime security management issues? The generic AcciMap that enables generalizations to be drawn is concededly created on the basis of several cases. However, “the basic AcciMap is developed from the analysis of one particular accident case” [12]. In other

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

M.Q. Mejia, Jr. and R. Akselsson / A Maritime Security Incident Map

39

words, the generic AcciMap can only be built by collating numerous single-event basic AcciMaps. The Alondra Rainbow SecInciMap in this paper is the first step towards developing a generic SecInciMap. This, together with the fact that it is the first study of its kind, represents this paper’s contribution to the knowledge domain in maritime security. Further research in connection with this ongoing project will involve showing SecInciMaps to some of the actors identified at different levels, and interviewing them on the roles they play in their normal work activities and soliciting their opinions on perceived inter-relationships with other actors and conditions. Rasmussen and Svedung recommend the optimal use of interactive computer-based questionnaires in the conduct of such investigations (for example formats, see Figure 9.5 in [12]). These have the advantage of providing the actor filling out the interactive questionnaire with the opportunity of accessing otherwise voluminous background material with just the click of a button. Such direct input from actors will enhance the validity of the SecInciMap, lead to the identification of other important stakeholders and conditions, and result in an improved understanding of the processes involved in promoting maritime security. Other issues require further study, such as the need to identify parameters that can provide an indication of the effectiveness of maritime security measures to be developed and tested on board ships. Another important topic that requires further research is the identification of deterrent factors and barriers that can ensure that the feedback described in item (38) to item (22) “criminal intent” becomes a negative one insofar as criminal planning is concerned. If the barriers are effective, then the incentives for potential hijackers should decrease. An understanding of the whole system is necessary to ensure that these barriers function properly. An ideal system is one that ensures a continuous chain of feedback loops from actors at a lower level to actors in the levels above them. The identification of deterrent factors can be aided by a cross-level analysis for which the SecInciMap-ActorMap-InfoFlowMap combination is appropriate. This paper presents only the initial results of the pilot study and shall be followed by the analysis of other past maritime security incidents in order to support the development of a generic SecInciMap. The generic map will facilitate adaptations of the ActorMap and the InfoFlowMap, two other elements in the Rasmussen-Svedung array of graphic representation tools, to the maritime security context. One disadvantage of the AcciMap that bears mentioning is the difficulty of trying to present all relevant information in the limited space available. Despite this disadvantage, however, the graphic representation tools can facilitate a comprehensive multilevel analysis of the security seascape that can identify relevant actors, decision-makers, organizations, legislation, regulations, and events; describe the interaction and interrelationships between these different elements; establish patterns that may determine the outcome of events; and identify the requisite fundamental characteristics for an effective action plan.

References [1] [2]

J. Abhyankar, Maritime crime, in M.Q. Mejia Jr. (ed.), Contemporary issues in maritime security. WMU Publications, Malmö, Sweden, 2005. P.W. Birnie, Piracy – past, present and future, Marine Policy 11 (1987), 163-183.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

40

[3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] [14] [15] [16] [17] [18] [19] [20]

B.H. Dubner, The law of international sea piracy, Martinus Nijhoff Publishers, Hague, Netherlands, 1980. R. Fajriyansah, Piracy and piratical acts in Indonesian waters, in M.Q. Mejia Jr., J.J. Xu (eds.), Coastal zone piracy and other unlawful acts at sea, WMU Publications, Malmö, Sweden, 2007. E. Kahveci, Fast turnaround ships and their impact on crews, SIRC Publication, Cardiff, UK, 1999. W. Langewiesche. The outlaw sea – chaos and crime on the world's oceans, Granta Publications, London, UK, 2004. M.Q. Mejia Jr., P.K. Mukherjee, Issues of law and ergonomics in maritime security, Journal of International Maritime Law 10 (2004), 316-326. M.Q. Mejia Jr., P.K. Mukherjee, The SUA Convention, 2005: a critical evaluation of its effectiveness in suppressing maritime criminal acts, Journal of International Maritime Law 12 (2005), 170-191. S.P. Menefee, The new Jamaica discipline – problems with piracy, maritime terrorism and the 1982 Convention on the Law of the Sea, Connecticut Journal of International Law 6 (1990), 127-150. S.P. Menefee, Anti-Piracy Law in the Year of the Ocean: Problems and Opportunity. ILSA Journal of International & Comparative Law 5 (1999), 308-318. P.K. Mukherjee, Maritime legislation, WMU Publications, Malmö, Sweden, 2002. J. Rasmussen, I. Svedung, Proactive risk management in a dynamic society, Räddningsverket, Karlstad, Sweden, 2000. J. Rasmussen, Risk management in a dynamic society – a modelling problem, Safety Science 27 (1997), 183-213. J. Reason, Managing the risks of organizational accidents, Ashgate Publishing Hampshire, UK, 1997. A.P. Rubin, The law of piracy, 2nd ed., Transnational Publishers, New York, USA, 1998. I. Svedung, J. Rasmussen, Graphic representation of accident scenarios – mapping system structure and the causation of accidents, Safety Science 40 (2002), 397-417. Court of Sessions for Greater Mumbai, State Versus Christianus Aeros Mintodo et al., Sessions Case No. 197 of 2000, Mumbai, India, 25 February 2003. Central Intelligence Agency, The world fact book, https://www.cia.gov/cia/publications/factbook, accessed 27 February 2009. International Maritime Organization, Measures to prevent unlawful acts against passengers and crews on board ships, MSC/Circ.443, IMO Documents, London, UK, 1986. International Maritime Organization, Recommendations to governments for preventing and suppressing piracy and armed robbery against ships, MSC/Circ.622/Rev.1, IMO Documents, London, UK, 1999. International Maritime Organization, Guidance to shipowners and ship operators, shipmasters and crews on preventing and suppressing acts of piracy and armed robbery against ships, MSC/Circ.623/Rev.3, IMO Documents, London, UK, 2002.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

[21]

M.Q. Mejia, Jr. and R. Akselsson / A Maritime Security Incident Map

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security E. Shahbazian and G. Rogova (Eds.) IOS Press, 2010 © 2010 The authors and IOS Press. All rights reserved. doi:10.3233/978-1-60750-621-8-41

41

Ports Security Organization and Functionality – Implementation of the ISPS Code in Medium and Small Countries Damir ZEC1, Vlado FRANI and Marija ŠIMI HLAA Faculty of Maritime Studies, University of Rijeka, Croatia

Abstract. The paper deals with the implementation of security measures in small to medium developing countries. Based on Croatian experience, it examines possibilities for efficiently combining security measures that should be implemented in SOLAS ships and ISPS compliant ports with those appropriate to non-SOLAS ships and ports where measures defined in the ISPS Code are not mandatory. Finally, it examines measures promoting a more extensive use of information technologies, particularly information fusion and dedicated decision support systems, in order to enhance the level of maritime security and protection from illegal activities at sea and in ports. Keywords. maritime security, non-SOLAS ships, enhancement measures

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Introduction Throughout the centuries, as well as in the current day, maritime transport has been exposed to a variety of security threats. Among these, the most prominent threats are piracy, robbery attacks, terrorist attacks, smuggling, human trafficking and illegal migrations. Regardless of their particular nature, these threats directly and significantly influence merchant ships and ports. In order to prevent and/or mitigate these threats, particularly those that exploit inherent weaknesses in ports and on board ships, the International Maritime Organization (IMO) adopted a standard set of harmonized measures in 2004. Aiming to reach global coverage as soon as possible, these measures were incorporated into the SOLAS Convention 0 as a separate chapter. The regulations stipulated in the Convention are further specified in the International Ship and Port Facility Code (ISPS Code) 0. The shipping industry was for the first time provided with mandatory instruments for dealing with security issues, and clearly defined security measures and standards, at sea as well as alongside. The standardization of security measures at the global level could have both a potentially positive and negative impact on security protection. Harmonized measures are significantly easier to implement, particularly in the shipping industry's multicultural environment. Consequently, the implementation of security requirements 1

Corresponding Author: Damir Zec, Faculty of Maritime Studies, University of Rijeka, 51000 Rijeka Croatia, E-mail: [email protected]

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

42

D. Zec et al. / Ports Security Organization and Functionality

onboard ships goes smoothly, on time and as anticipated. Effective implementation varies significantly in port facilities of different countries, and numerous difficulties arise, caused by limited economic potentials, differing positions on the status of the national and international maritime security system, and disparate understanding of which mitigation measures should be accepted as appropriate. In this respect, developing countries such as Croatia with a long coast, many ports, and a relatively developed maritime transport system, face a number of challenges in terms of the efficient implementation of prescribed security measures. The issues specific to those countries are discussed in the following sections, based on Croatian experiences.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

1. Croatia – Security Background Croatia is a southern Central European country. It borders Slovenia and Hungary in the North, Serbia in the Northeast, Bosnia and Herzegovina in the East, and Montenegro in the far Southeast. Its Southern and Western flanks border the Adriatic Sea, and it shares an ocean border with Italy and Slovenia in the North and with Montenegro in the South. Its mainland territory is split into two non-contiguous parts by the short coastline of Bosnia and Herzegovina, around the small town of Neum. Total length of the Croatian border is 1.982 km. Croatia became an independent country in 1990 when it adopted its new Constitution. In the following years, it became a member of the United Nations, the Organization for Security and Co-operation in Europe and the Council of Europe. Unfortunately, between 1991 and 1995, Croatia was involved in the war led by the Yugoslav National Army and rebellion groups from Serbian enclaves, strongly supported by the Serbian government. During wartime, maritime trading almost completely ceased. Land borders were not protected and the transfer of people and weapons, both legal and illegal, was considerable. Even a few years after the war, the security situation did not improve appreciably due to much more brutal war operations in the neighbouring Bosnia and Herzegovina and later in Kosovo. Today, the economic and security situation has been significantly improved. Croatia is a candidate for membership in the European Union and received a NATO membership invitation in 2008. It is expected to formally join NATO in 2009, making it the second former Yugoslav republic to join the NATO following Slovenia, which entered in 2004. Since October 2007, Croatia became a non-permanent member of the United Nations Security Council for the 2008-2009 terms. However, the neighbouring politically and economically unstable countries, Bosnia, Herzegovina and Kosovo, still influence the security situation in the region and have to be taken into account when assessing the maritime security situation. Offshore Croatia consists of over one thousand islands varying in size. The largest islands are Krk and Cres (approximately 400 km² each), both located in the northern part of the Adriatic Sea. The major ports open for international trade are Rijeka, Split, Dubrovnik, Ploe, Zadar, Šibenik and Pula. During the year approximately 240.000 merchant ships are accommodated in Croatian ports, carrying more than 30 million tons of cargo and more than 26 million passengers. Among these are also approximately 900 cruise ships per year and almost 1.0 million people visiting Croatian ports on cruisers yearly. The majority of these ships visit the port of Dubrovnik, particularly during the summer season, and count for almost 10% of all tourists visiting

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

D. Zec et al. / Ports Security Organization and Functionality

43

Croatia. In addition, approximately 900.000 foreign tourists sail along the Adriatic coast on different types of yachts and recreation boats yearly. 2. The Croatian Maritime Security System 2.1. Legal Framework

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

ISPS Code implementation started in Croatia in the second half of 2003. It was initiated and later coordinated by the Ministry of the Sea, Transport and Infrastructure. The first step was to involve major stakeholders, in particular shipping companies, harbour master offices, port authorities, potential recognized security organizations (RSO), educational organizations, and maritime agents and to ensure their support for planned activities. The second step was to develop a legal system compatible with ISPS Code requirements 0, but taking into account the existing national transport system, capabilities and functionalities of major ports, capabilities of existing organizations responsible for national security, as well as characteristics of present and near-future maritime traffic in the area. The job was assigned to a group of experts under the supervision of the Ministry. The developed legal framework was laid down in the Law on Security of Merchant Ships and Ports Open for International Transport 0. It entered into force in April 2004. Finally, following the formal familiarization of the administration staff with new regulations in 2004, as the last step, the education of ship, company and port facility security officers has commenced. According to the Law, the Ministry of the Sea, Transport and Infrastructure plays the most important role in carrying out security measures. It is responsible for organizing security infrastructure, communication channels, and related reporting, organization and inspection. Figure 1 represents the organizational structure responsible for maritime security issues.

Figure 1. Croatian national ISPS framework Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

44

D. Zec et al. / Ports Security Organization and Functionality

The Ministry of the Interior is responsible for setting up the security level in ports. If the security level changes, the Ministry of the Sea should be informed as soon as possible. Then, information on the new security level will be conveyed (in less than 60 minutes, as a rule) to all appointed Port Facility Security Officers (PFSO), harbour masters and to the person responsible for publishing Notices to Mariners. The National Maritime Rescue Coordinating Centre is responsible for information exchange as well as for communications with ships at sea. This system has served its purpose since its introduction. Consequently, the legal framework has not been changed since 2004. However, a need to amend it arose in 2008 with the establishment of the Croatian Coast Guard within the Ministry of Defence. It is to take over some responsibilities of maritime border control and as such has to be formally included in the system. Also, some lessons learned during regular exercises in port areas as well as with shipping companies will be considered during the planned revision of the Law in the second half of 2009. 2.2. Ports Status and Security Issues

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Croatia has a long and well-indented coastline with many islands. This configuration led to the development of numerous cities and ports along the coast as well as on the islands. Generally, the present economic and legal system in Croatia divides all ports according to size, economic importance and ownership, as well as according to ship types they can or usually do accommodate. The system implemented in Croatia is essentially similar to systems in place in numerous other countries. The major ports (i.e. Pula, Rijeka, Zadar and Šibenik, Split, Ploe and Dubrovnik) are managed by their respective port authorities. Port authorities are established by the Government and are responsible for the steady economic development of port areas assigned to them. Port areas consist of one or more port terminals, geographically positioned in different locations. Each port authority has at least one Port Facility Security Officer, responsible for ISPS implementation and security-related issues within port authority limits.

Figure 2. Ports organization structure

County port authorities are responsible for national and local ports within county borders. There could be one or more county port authorities in each county – usually each county port authority covers ports within an economically or geographically Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

D. Zec et al. / Ports Security Organization and Functionality

45

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

coherent area such as a large island. The ports assigned to a county port authority are fishing ports and local ports (boats, yachts and small recreational ships), and ports used for national passenger transport. However, since ISPS ships call at these ports only occasionally2, only one PFSO is usually appointed per authority and is responsible for all ports in the area. Besides public ports open to all ships in accordance with rules set out by the government, there exists a group of privately owned ports dedicated to accommodating only ships connected with particular activities and operated under concession agreement. The most important ports in this group are industrial ports (cement factories, refineries…), shipyards and marinas. If allowed to accommodate SOLAS ships, then each of these ports must have at least one PFSO. Consequently, most small shipyards and marinas are “outside” ISPS regulations since they are not allowed to accommodate ISPS compliant ships.

Figure 3. National maritime security system

Harbour master offices are responsible for navigation safety and pollution prevention, not only at sea but in ports as well. Consequently, together with representatives from the Ministry of the Interior, they are responsible for supervising all activities that in any manner affect the security status in ports 0. Their area of responsibility is defined by county borders, and they are responsible for all ports within these limits regardless of status. Regarding traffic volumes, the following ports are considered as the most important ones: • •

Rijeka and Ploe – general cargo and container terminals, Dubrovnik and Split – cruising and national passenger ports,

2 Usually, such small local ports occasionally accommodate smaller cruise ships that are ISPS compliant.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

D. Zec et al. / Ports Security Organization and Functionality

46

• •

Omišalj – oil terminal, Dina – chemical & LPG terminal (including the new LNG terminal proposed).

The ports of Rijeka and Ploe are the largest cargo ports in the country. More than 5.2 MT of dry cargo (in 2007) is loaded or unloaded in the port of Rijeka annually. The most prominent cargo is dry bulk cargo (3.2 MT) followed by containers (more than 150.000 TEUs). The port of Ploe had a total of 4.2 MT dry cargo in 2007. The major share belongs to bulk cargo, with modest quantities of other cargoes. While the port of Rijeka serves, beside Croatian exporters and importers, customers from a wider area, including Austria, Hungary, Czech Republic and Slovakia, the port of Ploe is almost entirely oriented to customers from Bosnia and Herzegovina. The port of Dubrovnik is the biggest Croatian port and one of the principal cruise ports in the world, with more than 800.000 passengers every year. Almost all passengers arrive on board large cruise ships, mostly during the summer season when up to nine large cruise ships call in the port daily. The port of Split on the other hand is the largest national passenger port with 3.6 M passengers per annum. The crude oil terminal located in the bay of Omišalj on the island of Krk has an annual throughput of about 7 MT of crude oil. Administratively, it belongs to the Rijeka Port Authority. Its main task is to supply crude oil for neighbouring refineries as and other inland customers in Croatia and in neighbouring countries through the JANAF oil pipeline. In its immediate vicinity is the Dina chemical & LPG terminal, where, in addition to existing capacities, a large LNG terminal is expected to be built. This new LNG terminal is expected to accommodate approximately 180 ships per annum.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

3. Maritime Port Security Issues in Developing Countries: The Case of Croatian Ports Being a Mediterranean country, Croatia faces more or less the same challenges as other neighbouring countries. From an organizational standpoint, the most demanding requirement arises from the significant difference between ISPS-compliant ports and ships on one side, and non-ISPS ports and ships, on the other. Security measures in ports open for international trade are well defined in the ISPS Code, both with respect to organization and responsibilities, and to procedures 0. In addition, the volume of trade and the number of ships in these ports normally justifies the investment in personnel and resources, resulting in a relatively satisfactory level of maritime security and protection against illegal acts. Ports not covered by the ISPS Code must cope with much more serious challenges. As a rule the number of ships visiting these ports is much smaller, thus making investments in personnel and resources unreasonable. In addition, coordinating preventive measures in combination with other services, such as migration offices, border control, customs, etc. can be quite a demanding task, and could affect the efficiency of ship operations. In some cases, particularly in marinas where people gather for recreational purposes, extensive or even visible security measures could negatively impact the overall enterprise success. The Republic of Croatia, similarly to numerous developing countries, does not play a noteworthy role in international relations. Large-scale terrorist action against

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

D. Zec et al. / Ports Security Organization and Functionality

47

such countries is not likely. However, based on experience, terrorist attacks should be deemed as probable as those carried out by organized criminal groups. Terrorist attacks are undertaken against foreign governmental representatives, businessmen or other innocent and unrelated persons. On rare occasion, they are directed at certain national officials as an act of revenge for actions carried out while performing certain duties at an international level (i.e. participating in international peace keeping forces). Terrorist action can also be aimed at prominent persons (e.g. judges) and politicians. It can be assumed that attacks follow well-known patterns and, as such, call for standard preventive procedures. Executing preventive or mitigating measures at sea, as in the case of an attack against a ship, yacht or boat, is quite a challenging task, requiring more effort than a comparable action ashore. It is worthwhile noting that recently some criminal actions were executed in a form very similar to acts commonly considered as terrorist actions. Such actions could be aimed at prominent persons (e.g. judges), and politicians. These actions are primarily focused on people, but could also target ships and port facilities. In countries where tourism is an important part of the national economy, notable targets for terrorist as well as criminal groups could be yachts owned or used by famous and/or wealthy people. Since yachts and corresponding ports are not covered by the ISPS Code, these vessels and the people on them are particularly vulnerable. In addition, common anonymous participation in cruise vacations along the coast makes it difficult to prevent illegal activity. Finally, beside human beings, illegal attacks could be directed against ships, port facilities, and the environment. In this respect, a large number of tankers sailing along the Adriatic Sea could be deemed highly potential targets, where attacks could aim to create large-scale pollution. In some cases, implementing effective security measures may be even more difficult or requires additional effort due to external influences, i.e. that cannot be controlled by responsible authorities. In this respect, negative impact can be expected if a large sea area has to be secured, especially if there are numerous islands and sheltered areas, in areas where low coastal population density exists, and in areas where tourism is the most prominent economic activity. Additionally, in areas where substantial differences in regional development exist or where significant maritime traffic on international and domestic routes takes place, additional efforts should be expected. Beside already mentioned external influences, a number of internal, inherited factors could affect the overall effectiveness of the implemented security system. According to the authors’ opinion the most important internal factors are: • • • •

Certain new threats (such as some criminal activities) are not yet anticipated as activities to be covered by the ISPS system; consequently, the system has to be amended as to be able to efficiently respond to these threats; Existence of a significant share of ISPS non-compliant traffic requires that different responses appropriate to particular circumstances and restraints, and depending on security capabilities on board ships under threat, be prepared; Improved co-operation among neighbouring countries could significantly decrease response time and increase overall efficiency; consequently it should be encouraged by any available means; The general public does not consider security a key issue, mainly due to modest experience or none at all; consequently, a change in attitude with respect to security issues should be encouraged as much as possible;

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

D. Zec et al. / Ports Security Organization and Functionality

48

• •

•

Provision of well educated/trained personnel could be limited; the system should include appropriate education and training system with clear requirements for all participants, especially those with supporting roles; Lack of data sources and streams could jeopardize the outcomes of certain security measures; the system should be able to collect and manage data as needed; therefore, particular attention should be paid to data integration, particularly from subjects that already collect necessary data but are not able to communicate the data as required; Maritime security issues are characterized by a high level of local variability; consequently, the system has to be able to take into account local differences and to respond accordingly.

In the case of Croatia, future developments of the maritime security system should take into account all mentioned factors. In this respect, further developments should aim to: • • • • •

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

•

Promote better co-operation with neighbouring countries; Introduce additional education and training requirements for all personnel with security related tasks; Develop and implement human performance monitoring and assessment; Made access to data sources more efficient; Increase institutional capacities, particularly to improve communication between stakeholders having security related information and responsibilities; Encourage more robust institutional links among allied services.

Finally, these measures should encourage information fusion and the use of dedicated decision support systems. Notable advances can be expected when implementing these measures with non-SOLAS ships and ISPS non-compliant ports and marinas, where, as a final goal, adequate but invisible security protection should be put in place. Furthermore, satisfactory security protection of vessels, yachts and boats sailing within the territorial waters can be attained by combining security related data sources and services with navigation safety.

4. Conclusions Maritime security measures implemented in the Republic of Croatia are, as in many other countries, based on rules and regulations prescribed by the SOLAS convention and the associated ISPS Code. However, these measures do not cover all aspects of security protection at sea, particularly in countries where tourism is an important economic sector generating significant maritime traffic. Consequently, national maritime security systems have to be amended by introducing measures appropriate for particular circumstances. Measures considered appropriate for the Republic of Croatia or countries sharing similar circumstances are presented in this paper. As a result, particular emphasis is placed on measures promoting information fusion and dedicated decision support systems that are considered technologies offering major advances in maritime security protection.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

D. Zec et al. / Ports Security Organization and Functionality

49

References [1]

[2] [3] [4] [5]

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

[6]

SOLAS – Chapter XI-2 Special Measures to Enhance Maritime Security, Consolidated text of the International Convention for the Safety of Life at Sea, 1974, International Maritime Organization, London, 2004 IMO – International Ship & Port Facility Security Code and SOLAS Amendments 2002 (ISPS Code) – 2003 Edition – International Maritime Organization, London 2003 IMO MSC/Circ.1111, Guidance relating to the implementation of SOLAS Chapter XI-2 and the ISPS Code, International Maritime Organization, London, 2004 Law on security of merchant ships and ports opened for internationally transport – Official Gazette No. 48/2004, 51/2004, Zagreb Zec D., Frani V., Rudan I.: An Analysis of the Security Issues in Croatian Ports in Relation to the Port State Control Inspections, review, Promet (Traffic & Transportation), vol. 20/1, pages 31-36, Zagreb, 2008 Yilmazel M.& Asyali E., Analysis of port state control inspections related to the ISPS Code, Proceedings of the IAMU, 6th AGA conference 2005, WITPress, Southampton, 2005.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

This page intentionally left blank

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security E. Shahbazian and G. Rogova (Eds.) IOS Press, 2010 © 2010 The authors and IOS Press. All rights reserved. doi:10.3233/978-1-60750-621-8-51

51

Human Performance Challenges in Port/Harbour Security Systems Melissa HOa, Darren WILSONa, Janae LOCKETT -REYNOLDSa and Thomas B. MALONEb a Science and Technology Directorate, U.S. Department of Homeland Security b Carlow International Incorporated, USA

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Abstract. Human Systems Integration (HSI) in port/harbour security systems is directed at optimizing the performance of security personnel in identifying threats, avoiding threats, defending assets, establishing and monitoring barriers, repelling an attack, and minimizing damage. The goal of HSI in this context is to optimize performance of these personnel by providing them with efficient and effective technology, weapons, information, knowledge, decision aiding, and procedures to defeat the threat. There are challenges, however, in applying HSI to port/harbour security system design. Some challenges include: (1) designing human machine interfaces to support surveillance vigilance and situation awareness, (2) reduction of the incidence and impact of human error, (3) reduction of human workload, (4) support of decision making and provision of decision support , (5) designing displays that are intuitive and integrated, and (6) reduction of risks associated with denying access or engaging an adversary. This paper provides a rationale for the importance of considering these challenges when developing system performance requirements to be incorporated into the design and development process for the purpose of ensuring mission success.

Keywords. human systems integration, threat, human machine interface, decision support, display, human error

Introduction

According to the U.S. General Accounting Office (GA O 2006), ports play an important role in the nation’s economy and security. Ports are used to import and export cargo worth hundreds of billions of dollars; generating jobs, both directly and indirectly, for Americans and our trading partners. Ports, which include inland waterways, are used to move cargo containers and bulk agricultural, mineral, petroleu m, and paper products. Ports are also important to national security by hosting naval bases and vessels and facilitating the movement of military equip ment and supplying troops deployed overseas. Since the terrorist attacks of September 11, 2001, the Nation’s seaports have been increasingly viewed as potential targets for future terrorist attacks. Ports are vulnerable because they are sprawling, interwoven with complex transportation networks, close to crowded metropolitan areas, and easily accessible. Ports contain a number of specific facilit ies that could be targeted by terrorists, including military vessels and bases, cruise ships, passenger ferries, terminals, dams and locks, factories, Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

52

M. Ho et al. / Human Performance Challenges in Port/Harbour Security Systems

office build ings, power p lants, refineries, sports complexes, and other critical infrastructure (U.S. GA O, 2006). The GAO noted in 2002 that a terrorist act involving chemical, b iological, radiological, or nuclear weapons at a large seaport could result in:

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Extensive loss of lives, property, and business; A disruption of the operations of harbours and the transportation infrastructure (bridges, railroads, and highways) within the port limits; Extensive environmental damage; and A disruption of the free flow of trade. Port security measures are aimed at minimizing the explo itation or dis ruption of marit ime trade and the underlying infrastructure and processes that support it. The Brookings Institution reported in 2002 that a weapon of mass destruction shipped by container or post office mail could cause damage and disruption costing the e conomy as much as $1 trillion. Port vulnerabilit ies stem fro m inadequate security measures as well as fro m the challenge of monitoring the vast and rapidly increasing volu me of cargo, persons, and vessels passing through the ports. A major factor in the success of port and harbour security systems is the performance of the people who operate and manage these systems. The NATO Science for Peace and Security Programme recognized this need in stating that while t here are numerous organizations and agencies (Military, Coast Guard, Po rt Authorities, the International Maritime Organization (IM O), Universit ies, etc.), wh ich are responsible for developing the systems, procedures, logistics, and doctrine for ensuring port and harbour security, the literature available on this topic rarely mentions decision support technologies and the operators that use them. Also, there is a huge research commun ity involved in conducting research in decision support technologies; however, few researchers have sufficient understanding of the port and harbour security requirements and issues. Publications in both domain and technology areas identify the need for Hu man Systems Integration/Human Factors consideration, from the perspective of training and logistics, and using technology-enabled capabilities to enhance system performance. The need for an in-depth assessment of human involvement in port and harbour security systems led to the NATO Advanced Research Workshop entitled Hu man Systems Integration to Enhance Maritime Do main Awareness for Port/Harbour Security, in Opatija, Croatia in December, 2008.

1. Human Systems Integrati on The single most important determiner of mission success for the complex, technologybased, manpower-limited security systems of the 21st century is human performance. This pertains to the demonstrated capability of the human user to operate, control, maintain, support, manage, and use the components of the system under all expected conditions. Human performance refers to the successful attainment of job task objectives for roles and tasks (e.g., cognitive and physical) allocated to humans. Successful attainment of job task objectives means that the outcome of the task meets time, accuracy, energy and throughput criteria, under specified operational, environmental, and tactical conditions, as performed by intended personnel. Effective

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

M. Ho et al. / Human Performance Challenges in Port/Harbour Security Systems

53

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

performance of these systems is usually a direct function of the capabilit ies of the human in making accurate decisions, understanding the situation, interacting with automation, and acting decisively in collaboration with other units to execute the mission. The discipline directed at addressing human performance in co mplex systems is Hu man Systems Integration. HSI is the systems engineering element that integrates the human aspects of a system, including human performance, hu man utilizat ion, human acco mmodation, and personnel safety, into the acquisition strategy. The domains of HSI include manpower (quantity and quality of personnel required), personnel (requirements for recru iting, retaining, assigning, and supporting personnel in career advancement), training (techniques for providing needed knowledge, skills and abilit ies to the human), human factors engineering (design of hu man-machine interfaces in accordance with the requirements, capabilities and limitations of the human), habitability (including concerns for quality of life), personnel survivability (requirements for protection and safeguards), and safety and health (requirements to reduce hazards). This engineering discipline is directed at imp roving the efficiency and effectiveness of technology by addressing human requirements in the design and use of the technology. The aspects of technology to be improved through the application of HSI include the following areas: Usability - info rmation is integrated, displays are understandable, controls and displays are integrated and co mpatible, labels are readable, decision aids are provided, awareness of the situation is maintained, automation interfaces are clear, procedures are consistent, communicat ions are intellig ible. Reliability - potential and consequences of hu man errors are quantified, predicted and reduced; tolerance of errors is enhanced. Supportability - human performance is addressed in the design for maintainability, and fo r supply and support. Safety and Survivability - hazards are eliminated or guarded (e.g., alarms, warning labels, etc.). Affordability - costs associated with system/technology redesign, manpower, training, hu man support, errors and accidents are reduced. Acceptability - technology is accepted by users, by other persons affected by its use, and by the general public. There are numerous ways that HSI contributes to the performance of comp lex systems (e.g., through the design of decision support systems to assist humans in making decisions under difficult conditions). Various classificat ions of these types of systems exist and are currently imp lemented in the following ways (in ascending order of comp lexity): On-line help - addresses specific issues either in response to operator query, or based on an inference of where the operator needs additional orientation, explanation, and instruction. Memory aids - provide some degree of intelligence for anticipating operator action requirements and providing prompts and cues concerning when and how to accomplish the action. Planning aids - present alternate approaches to reaching a goal including patterns of action from past situations; defines the resources and expected

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

54

M. Ho et al. / Human Performance Challenges in Port/Harbour Security Systems

performance and formulates the final p lan with schedules, resources, constraints, and expected outcomes. Intelligent tutoring systems - co mb ine art ificial intelligence, modelling, and cognitive psychology to develop and maintain expert ise. Situation awareness aids - collect data to characterize a model of what is happening in the external world, what to expect, what actions are required, what additional informat ion is needed, what's important, and how much t ime is available. Real-time simulations - investigate the potential outcome of planned activit ies, assess alternate diagnoses, and rehearse action strategies prior to implementation. Cooperative, collaborative decision making - allo ws humans to interact with other humans and with intelligent machines that serve to enhance/augment the operator's decision-making capabilities. Integration of data fusion with decision support - concentrates on the evaluation of alternatives with data fusion as a major source of input to the situation assessment module of the decision augmentation s ystem. Decision Aides/Operator's associate (or pilot, commander, evaluator, or maintainer) - incorporates many of the features of categories described above to enable the intelligent machine to act as an aide to the human in the performance of missions, functions and tasks.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

2. Human Systems Integrati on i n Port/ Harbour Security Systems Hu man performance requirements in port/harbour security involve performance of port/harbour personnel in identifying threats, defending assets, establishing and monitoring barriers, repelling an attack, and minimizing damage. The goal of HSI is to optimize performance of personnel by providing them with efficient and effective technology, systems, information, knowledge, skills, communications, decision rules, decision aiding, and procedures to defeat the threat. The issues to be addressed by applying HSI to port/harbour security systems include: Integrating and fusing information/displays fro m mu ltip le sources while providing the operator with an understanding of in formation integrity (e.g., certainty/information reliab ility); Information sharing and collaboration with other units; Conducting surveillance and maintaining v igilance and awareness of the situation; Decision aid ing, operator’s associate; Interacting with auto mation; Interacting with remotely controlled systems; Interacting with sensors; Performing remote inspection; Reducing the incidence and impact of hu man error; Making systems error-tolerant; Allocation of functions and distribution of workload among humans and between humans and automation; and Maintaining the required level of skills with an ever imp roving threat.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

M. Ho et al. / Human Performance Challenges in Port/Harbour Security Systems

55

The process for defining HSI requirements in port/harbour security systems is illustrated in Figure 1.

CONOPS

Directed Requirement Analyze Mission Requirements/Define Mission Scenarios Legacy Systems Identify HSI High Drivers & Lessons Learned

Analyze Functions and Associated Requirements

Technolog

Include considerations for human performance in the design of each system concept

Allocate Functions and Define the Roles of Humans in each Function

Assess Human Performance through Human-in-the-Loop Modeling and Simulation

Analyze Task Performance Requirements

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Assess Affordability and Risk associated with each concept

Define Requirements for Human Performance

Figure 1. HSI Top Down Requirements Analysis Process

The HSI p rocess begins with the definition of scenarios that are challenging for human performance and workload. This is fo llo wed by the identificat ion of high driver functions that have been identified (based on a comparable legacy system) as being labour intensive, difficult to perform, error or accident prone, or require high levels of skill, special skills, or excessive train ing. Next, an analysis of system functions involves the decomposition of functions required to co mplete the mission in terms of informat ion, performance and decision requirements. These functions are then allocated to determine the roles of hu mans and automation in the performance of each function. Concepts for human performance enhancement, which consist of various approaches for supporting human performance in the applicat ion of technology, are then generated prior to the assessment of affordability and risk (i.e., the cost and risk associated with supporting human performance for each concept). Then, a task analysis is conducted in order to determine human task sequences and performance requirements for each concept. Hu man-in-the-loop modelling and simulat ion is then conducted and is critical in providing empirical investigation of human performance

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

56

M. Ho et al. / Human Performance Challenges in Port/Harbour Security Systems

attributes for the concept. Finally, requirements (e.g., human -machine interfaces, skills and training, and associated metrics) for hu man performance are defined. The HSI top down requirements analysis (TDRA) begins with an operational scenario that serves to identify performance requirements for a representative set of conditions. For the purposes of this paper, three port/harbour security system scenarios were generated: Scenario A - a vessel controlled either on-board or remotely is steered to collide with a target of majo r importance (NATO Workshop on Data Fusion Technologies, Shahbazian et al, 2005). Scenario B - an explosive device is hidden in a container to be transported by ship to a port where it will be detonated either by direct control or by time control (NATO Workshop on Data Fusion Technologies, Shahbazian et al, 2005). Scenario C - a Marit ime Intercept Operation (MIO) of a ship is conducted before entering the harbour to search for exp losives or adversary personnel intent on infiltrating port/harbour facilit ies.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Hu man performance challenges and technology requirement s by scenario are discussed in the follo wing sections. Scenario A – a vessel controlled either on-board or remotely is steered to collide with a target of major impo rtance. Hu man perfo rmance requirements and associated challenges are as follo ws: Maintain surveillance and receive intelligence on an impending attack – challenge is maintain ing vigilance and situation awareness over long periods of inactivity, accurate detection and classification of threat given low probability and high consequences of an attack. Identify a vessel that could pose a threat to port/harbour assets through analysis of aberrant behaviour – challenge is ability to detect anomalies (e.g., targets amongst distracters) and the availability of decision aiding concerning aberrant behaviour. Coordinate a response to the threat through vessel tracking and communicat ions with other units – challenges include supporting team cognition (e.g., decision-making, shared situation awareness , etc.) decision aiding and advanced displays of port/harbour geometry and a common operating picture. Execute the attack to deny access or destroy the vessel – challenges include identification of requirements (e.g., informat ion, situation awareness , etc.) to support accurate and timely decision-making; avoidance of fratricide, and decision aiding on use of weapons. Scenario B – an explosive device is h idden in a container to be transported by ship to a port where it will be detonated either by direct control or by time control. Hu man performance requirements and associated challenges include: Monitor the container in the depot, maintain a barrier to prevent exp losives being emplaced, and detect presence of an exp losive device – challenges Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

M. Ho et al. / Human Performance Challenges in Port/Harbour Security Systems

57

include maintaining vigilance, d isplays of intrusion of the barrier, and decision aiding to determine that intrusion has occurred. Monitor a container in transit to determine that a container has been tampered with, that containers have been switched, or that a container has been loaded which contains explosives – challenges include maintain ing vigilance, change detection over time, as well as sensor displays and decision aiding. Monitor container during transport to maintain access barriers and container integrity – challenges include decision aiding to support a decision that a barrier has been breached or container integrity has been compro mised. Scenario C – a Maritime Intercept Operation (M IO) of a ship is conducted before entering the harbour to search for explosives or adversary personnel intent on infiltrat ing port/harbour facilit ies. Hu man performance requirements and associated challenges are as follo ws:

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Identify vessel to be interdicted through behavioural analysis and/or intelligence – challenges include accurate detection, recognition, and classification of vessel, as well as decision support and information fusion. Stop and board the vessel – challenges include decision aids to formu late a vessel search plan. Interrogate personnel – challenges include accurate detection of anomalies, as well as decision aids to determine leg itimate crew members or personnel being smuggled. Locate contraband or personnel being smuggled – challenges include maintenance of the appropriate sequence of tasks and procedures, as well as decision aiding on actions required and procedures to be follo wed. The specific implications of HSI for port/harbour security systems or technology can be addressed in terms of the specific characteristics of the systems/technology, which include usability, reliability, supportability, safety, affordability, and acceptability. The areas where HSI will impact system usability include the following: Controls and displays – workstations; Alarms and alerts; Decision aids; Information integration; Maintaining situation awareness; Interface with planning systems; Wearable technology interfaces; Co mmunicat ions devices; Operator selection and training; and Workload distribution and reduction. Areas where HSI will impact system reliability are: Design to reduce the potential for hu man error; and Design to reduce the impact of hu man error - make system error tolerant. Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

58

M. Ho et al. / Human Performance Challenges in Port/Harbour Security Systems

Areas where HSI will impact system supportability are: Design for maintainability; Enhance operational availability; Availability of spares; and System calibration. Areas where HSI will impact system safety/survivability are: Hazard reduction; Protective clothing and equipment; and Reduction of ergonomic injuries. Areas where HSI will impact System affordability are: Manpower reduction; Train ing and training pipeline reduction; and Redesign and reengineering. Areas where HSI will impact System acceptability are: Ease of use, intuitive operation; Safety of use; and Effectiveness in complet ing the mission.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

3. Conclusions It is clear that Hu man Systems Integration plays a critical role in the design of port/harbour security systems. The front-end analysis discussed in this paper provides a systematic approach for identify ing human perfo rmance requirements and associated challenges as identified in the above-mentioned scenarios. Across the three scenarios, human performance challenges included (but were not limited to): accurate detection and classification of threats, maintain ing individual and team situation awareness , identification of requirements (e.g., information, situation awareness , etc.) to support accurate and timely decision-making, and the ability to detect change over time. By addressing these challenges, practitioners will have greater insight into human capabilit ies and limitations, and will therefore be able to design systems that are usable, reliable, supportable, affordable, safe, and acceptable.

References [1] [2]

Brookings Institute, Protecting the Homeland: A Preliminary Analysis, Brookings Institution Press, Washington, DC, 2002. U.S. General Accounting Office T estimony to Congress, Maritime Security: Information Sharing Efforts are Improving, GAO-06-933T, 2006.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

M. Ho et al. / Human Performance Challenges in Port/Harbour Security Systems

[3] [4]

U.S. General Accounting Office Testimony to Congress, Port Security: The Nation faces Formidable Challenges, GAO-02-993T, 2002. T.B. Malone, C.C. Baker and D.E. Anderson, Application of Decision Support Systems for Reduced Workload, Manning and Human Error”. DoD Acquisition Research Symposium, Washington, DC, 1997. E. Shahbazian, M.J. DeWeert and G. Rogova, Findings of the NATO Workshop on Data Fusion Technologies for Harbour Protection, Estonia, 2005.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

[5]

59

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

This page intentionally left blank

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security E. Shahbazian and G. Rogova (Eds.) IOS Press, 2010 © 2010 The authors and IOS Press. All rights reserved. doi:10.3233/978-1-60750-621-8-61

61

Human Factors Analysis of Different Types of Uncertainties in Complex Systems Hasmik ATOYANa , Jean-Marc ROBERTb and Jean-Rémi DUQUETc a CAE Professional Services, Canada b École Polytechnique, Canada c Lockheed Martin Canada, Canada

Abstract. Decision Support Systems help human operators to cope with large amount of information and make decisions. However, in complex dynamic environments, automation can create different types of uncertainties in the system, and consequently, in the mind of the operator. A comprehensive understanding of the types of uncertainties in complex environments and their impact on human decision-making is essential for designing safe and efficient systems. In this paper, we analyze and identify different types of uncertainties that could surface during human-automation interaction. We will consider the problem of uncertainty from the human factor perspective and propose guidelines for designing systems that will support human operators in performing their tasks efficiently while coping with uncertainties.

Keywords. automation, system reliability, subjective uncertainty, decision making, decision support

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Introduction In the past, users may not perform their tasks efficiently because of a lack of informat ion. Today users are overwhelmed with informat ion. The development of new technologies and their increased usage allow one to receive a vast amount of dynamic informat ion. The human operator needs to monitor and access this information, understand the current situation, infer possible future imp licat ions, and finally, make decisions. Implementation of Decision Support Systems (DSSs) can help human operators to handle information overload. They can help to organize the data in a meaningful way, analyze and correlate the in formation, and make decisions more efficiently. Hu man factor engineers concerned with safety tend to highlight the challenges posed to human operators while interacting with DSSs [13], [14]. Explo itation of DSSs although beneficial can have negative effects on human performance. Such negative effects include misuse or disuse of the system by the operator, skill degradation, reduced situation awareness, and complacency (overtrust in the system). Many of these problems and accidents associated with DSS utilization are d iscussed by Sheridan and Parasuraman [14] in their review of hu man-automat ion interaction. Additional challenges faced by the human operators utilizing the DSSs are related to the fact that automation can expose and even create uncertainties, especially when used in dynamic co mplex environments. It is ev ident that people cope with uncertain Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

62

H. Atoyan et al. / Human Factors Analysis of Different Types of Uncertainties

data on a daily basis. They understand that the informat ion, upon which decisions are made, could be incomp lete, imprecise, and the decisions could be based on guesses and assumptions. However, in situations where the informat ion is used to make high -risk decisions, the comprehensive understanding of data uncertain ty and the quality of their presentation to the operator are vital. The goal of this paper is to identify different types of uncertainties that could be present in human-machine systems in complex environ ments, and discuss each type of uncertainties fro m hu man factors perspectives and its impact on the operator’s trust and decision-making process. The uncertainty types could vary depending on the stage and level of automat ion. The paper will also present an overview of different stages, levels and types of automation and their possible impact on the man ifestation of different types of uncertainties. Finally, we will propose guidelines on how to design s ystems that could support the operators to cope with uncertainties.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

1. Types of Uncertainties One distinguishing feature of complex environments such as port/harbour or military environment is the huge amount of incomplete and uncertain informat ion. Thus, in the first place, uncertainty can be associated with data acquisition [5], [16]. Then, this informat ion is fused. In order to handle uncertainty in incoming information, different probabilistic methods are applied during data fusion. However, the output of the fusion process may also remain uncertain, wh ich also represents a challenge for the operator [2]. The reliab ility of the system the operator is interacting with, is an important issue. High reliab ility cannot be always guaranteed not only because of the imperfection of the data presented but also because of possible imprecisions or imperfections in the system, and the conditions in which data processes are used [12]. Consequently, another source of uncertainty for the operator beco mes system reliability. Hence, uncertainties can be associated with data acquisition, data processing, data output, and system reliability. We classify these types as objective uncertainties. Another type of uncertainty existing in decision-making tasks is subjective uncertainty, i.e. the uncertainty in the mind of the operator. There are always differences in how people perceive and process information, wh ich consequently affects the operator’s decisions and actions. These differences are due to such subjective elements as the operator’s expectations, mental model and trust. Figure 1 presents different types of uncertainties related to data acquisit ion, data fusion, system reliability, and with the decision maker’s perception of the info rmation.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

H. Atoyan et al. / Human Factors Analysis of Different Types of Uncertainties

63

Objective uncertainties

Uncertainties connected with Inputdata data Input Input data Reliability, coverage of information Automated Processes Reliability of the system / automation Output data (fused data)

Subjective uncertainties

Fuzziness, ambiguity of information Human-computer interface (HCI)

Operator

Mental model Trust in the system (Uncertainties in Mind)

Decision-making

Figure 1. Different types of uncertainties

1.1. Uncertainties Associated with Data Acquisition

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

The uncertainties in data acquisition are examined and discussed by Griethe and Schumann [5] and Thomson et al. [16]. During data acquisition, uncertainties could be associated with: The precision of data sources such as satellites, sensors, etc. The precision of data acquisition methods. Collect ion methods might be vulnerable to deception or deliberate disinformation. Information processing. Errors or reduction of precision can happen during informat ion processing. The gap between the learning of informat ion and reporting it. There could be a temporal delay between occurrence and info rmation acquisit ion, which can lead to system erro rs. Hu mans expect that automated systems should perform in a near perfect way [4]. And if they are not aware of possible system erro rs (because of informat ion imprecision or system errors during informat ion processing) a rapid decline of trust in the system may occur [4]. This may hinder the operator in making the right decision. 1.2. Uncertainties Associated with Data Fusion As noted above, the data from mu ltip le sources are integrated and presented to the human operator. The data integration process can contain several types of uncertainties. Thus, for examp le, Klir and Wierman [6] d ivide uncertainties associat ed with data integration into fuzziness and ambiguity. These uncertainties of data sources can be reduced by the fusion process (e.g. reduced fuzziness), but remain a part of the fused

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

H. Atoyan et al. / Human Factors Analysis of Different Types of Uncertainties

64

informat ion and can become even more prevalent in the end system. For e xample, end results may include estimated location and identification with corresponding confidence estimates, a list of identity options with associated likelihood, or evidence of conflicting sensor data, etc. A ll of these represent uncertainty that had n ot been necessarily present in the initial data but that must be brought to the attention of the decision maker. If the operator is used to fuse the data mentally, then new challenges arise for him/her if the reasoning of the system is different fro m his/her usual reasoning process. The reasoning of the automated system can beco me a b lack-bo x for the operator and create another type of uncertainty for him/her. 1.3. Uncertainties Associated with System Reliability Automation can vary in level, starting fro m lo wer level automat ion, which presents only relevant data, to fu ll auto mation, in wh ich the operator is not involved in decision processes. Sheridan and Verplank [15] have proposed the following levels of automation scale (LOA): Hu man does it all. Co mputer offers alternatives. Co mputer narrows alternatives down to a few. Co mputer suggests a recommended alternative. Co mputer executes alternative if hu man approves. Co mputer executes alternative, hu man can veto. Co mputer executes alternative and informs hu man. Co mputer executes selected alternative and informs human only if asked. Co mputer executes selected alternative and informs hu man only if it decides to. 10. Co mputer acts entirely autonomously. Copyright © 2010. IOS Press, Incorporated. All rights reserved.

1. 2. 3. 4. 5. 6. 7. 8. 9.

Automation can differ in type and comp lexity, fro m simply organizing informat ion sources to integrating them in so me su mmary, to g iving advice and reco mmending choices, or even providing courses of action. Parasuraman et al. [12] have proposed an extension of the LOA concept: four information processing stages where each stage can have its own LOW. The four stages are: 1. 2.

3. 4.

Information acquisition: collection and filtering of information (processing, pre-processing of data). Information analysis: integration of informat ion in a form of inference or diagnosis (integration, d iagnosis, and inference, occurring prior to the point of decision). Decision and action selection: selection among decision alternatives. Action implementation: execution of chosen action.

The higher the level and stage of automation, the higher the operators’ concerns about the reliability of the system are. It is possible for an operator to observe the behaviour of informat ion acquisition, i.e. stage one, even if he/she is not re lying on it [19]. At this stage, the raw data are still available, and therefore, the operators can balance their attention between the raw data and automation [17]. In contrast, it is not

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

H. Atoyan et al. / Human Factors Analysis of Different Types of Uncertainties

65

possible for the operators to observe action implementation, i.e. stage four, unless they are relying on automation [7]. Uncertainties in the system reliability might increase the chance that the operator will d isagree with system results, resulting in its d istrust and disuse of the system. When the operators are aware of automation faults or imperfection, they can more carefully calibrate their allocation of attention (automation stages 1 and 2) or be prepared for incorrect actions (automation stages 3 and 4) [18]. The findings of Dzindolet et al. [3] revealed that providing operators with information about the conditions, in which an auto mated aid is likely to make errors leads to improved task performance.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

1.4. Adaptive and Adaptable Automation An important issue with regard to human-auto mation interaction is the role of automation during system operations. To improve human-automat ion performance, the use of adaptive and adaptable automation has been proposed by different authors [10], [11]. In adaptive or adaptable automat ion, the types and levels of automat ion are not fixed, but dynamic. They may change during system operations. In adaptive automation, the decision to invoke auto mation or to return automated task control back to the human is defined by the system. Fo r example, when a high human workload is detected or when a human is not responding appropriately, automation can switch to a higher-level and become less dependent on the operator. In contrast, in adaptable systems the operator retains the authority to invoke or change the automation. Here the operator is in charge and decides how much automation to use, and can change the LOA when necessary. According to various authors, utilization of adaptive automation raises the issue of human acceptance. Many users may be unwilling to accept system driven adaptation since adaptive changes performed by the system may increase system unpredictability. Unpredictability of automation behaviour will add to uncertainty for the operator with regard to system behaviour. By keeping the operator actively in charge of how much and what kind of automation to use and when to use it, we keep the operator "in the loop", which helps to develop an appropriate level of trust (neither too high nor too low) in the system [1], [4] and avoid comp ro mised safety and profitability of the system [8], [13]. 1.5. Uncertainties Associated with the State of Mind Uncertainties in the decision making process could be formed by the mental models of individuals. The mental model is a key factor in determining how individuals will behave in any situation. The human mental model is qualitatively different fro m computer based models. The human mental model contains not only informat ion but also other psychological variab les, that the human will use to structure and interpret the world around them. This includes subjective elements such as belief, and personal, group, cultural expectations. Decision makers have certain mental models of the system, with wh ich they interact. These mental models comp rise the operators’ understanding the system objective(s), its functionalit ies, and how it arrives at decisions. If the logic of the system's reasoning is not consistent with the mental model of the operator then several uncertainties will be created in the mind of the operator. This will impact the operator’s

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

66

H. Atoyan et al. / Human Factors Analysis of Different Types of Uncertainties

trust in the system. The operator might consider the system untrustworthy, even if system reliability is high [4]. Th is could cause disuse of the system. Nevertheless, even if the logic of system’s reasoning is consistent with the mental model of the operator, the human decision makers always assess, and thus internalize the uncertainty represented by the system output. This subjective assessment of uncertainty of the system output may be impacted by the manner in wh ich the informat ion is presented [16 and it is important to analyze user expectations regarding informat ion presentation. There is a need to define the presentation mode and format in the given context, key elements critical for decision making, and ordering them according to operator’s preferences. For examp le, in investigations of the U.S. Navy air threat assessment, Liebhaber and Feher [9] revealed navy officers’ preferences for graphical presentation of uncertainties characterizing information p resented. The officers felt that threat being a fu zzy concept; should not have a numerical representation.

2. System Engineering Gui delines

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

It is impossible to avoid uncertainty related to information acquisition as well as system and operator performance. However, system designers can help operators t o perform their tasks in a safe and efficient way by creating a system that will reduce uncertainty in the operator’s mind. Based on our analysis of different uncertainty types, the challenges that uncertainty can create for operators, and different theoretical, empirical and analytical studies, we propose the following reco mmendations for designing a system, which that will support human operators in performing their tasks efficiently while coping with uncertainties. 5. Provide informat ion on data precision, reliability and credibility, on possible errors connected with data processing or information transformation, and on the missing data. This will reduce the uncertainties that operators could face while mon itoring the system performance. If operators are aware of incomp leteness, imp recision of data, system errors, or that data are missing they can develop a control strategy to compensate for such errors. 6. Provide access to raw data, their accuracy, precision and reliability at all stages and levels of automation. This does not mean visualization of this informat ion on the main display at all stages of automation. Nevertheless, it is important for the operator to know that if needed he/she can trace this informat ion. 7. Find means to show the operator the logic of system's reasoning, in a way that will be understandable to him/her. Th is will help the operator to understand how the system arrives at decisions and will reduce uncertainties in the mind of operator associated to data fusion output. 8. Identify the reasoning strategy/strategies utilized by the human operator in the decision making process, and try to adapt the reasoning logic of the algorithm to the reasoning utilized by the human operator. The lesser the mismatch between the reasoning methods of the system and of the hu man decision maker, the lesser the resulting subjective uncertainties for the latter. 9. Provide information about automation faults, imperfect ion, or the conditions in which an automated aid is likely to make erro rs. This can help the operators

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

H. Atoyan et al. / Human Factors Analysis of Different Types of Uncertainties

67

to calibrate their allocation of attention or preparation for incorrect actions to automation imperfection. This will also help to reduce uncertainties in the operator’s mind with regard to system reliab ility. 10. Adaptable automation can help to reduce uncertainties in the system. This approach can help to implement auto mation at all stages and levels but at the same time help the operator to be in charge of how much and what kind of automation to use. Th is will support the operator to avoid unpredictability of the system. When people are in control of automat ion, they can participate in the decision-making process and intervene when needed. 11. Present information consistent with user expectations (e.g. with regard to the mode, format, important cues, etc.).

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

3. Conclusions Poorly designed automation can increase uncertainty in the system perfo rmance. Th is uncertainty affects operator understanding of the informat ion produced by the system and system behaviour, which may result in additional uncertainty in the operator’s mind and negatively influence her/his performance. The paper has presented a human factor perspective on various types of uncertainties that may appear at different stages of automation. Thus, at the stage of informat ion acquisition (input data) uncertainty may relate to completeness and reliability of in formation as well as reliability of the system acquiring the information. At the stages of information analysis, decision selection and action implementation, uncertainty is related to the quality of the system performance, operator understanding of the system reasoning, and very importantly, with reliability of the system. Finally, there is subjective uncertainty or uncertainty in the mind of the operator. This uncertainty is related to the consistency between the presented informat ion, system logic and system reliab ility , and the operator’s mental models, expectations and trust in the system. We have also proposed guidelines fro m the human factors perspectives that will help the designers to develop systems that could mit igate the impact of uncertainties on human performance. The guidelines are not port/harbour security specific and can be used for designing machine-hu man systems in different domains such as, medical, financial market, and meteorology.

References [1] [2]

[3] [4] [5]

H. Atoyan, J.-R. Duquet and J.-M. Robert Trust in New Decision Aid Systems. In Actes de la Conférence IHM06, April 18-21, Montreal, QC, Series, ACM Press, 133: 115-122, 2006. M. S. Cohen, J. T . Freeman, Thinking Naturally About Uncertainty. Human Centred T echnology – Key to the Future. Proceedings of the Human Factors and Ergonomics Society 40th Annual General Meeting, Philadelphia, Pennsylvania, September 2-6, The Human Factors and Ergonomics Society, Santa Monica, California, 1: 179-183, 1996. M., Dzindolet, L.G., Pierce, H.P. Beck, and L. Dawe, Misuse and disuse of automated aids. Proceedings of the Human Factors an Ergonomics Society 43rd Annual meeting, 339 -343, 1999. M.T. Dzindolet, S.A. Petersona, R.A. Pomranky, L. G. Pierce, H. P. Beck, The role of trust in automation reliance. International Journal of Human Computer Studies, 58(6): 697-718, 2003. H. Griethe, and H. Schumann, Visualizing uncertainty for improved decision making. In Proceedings of the 4th International Conference on Perspectives in Business Informatics Research, Sweden, 2005.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

68

[6] [7] [8] [9] [10] [11] [12] [13] [14] [15] [16] [17] [18]

G. J. Klir, and M.J. Wierman Uncertainty-Based Information: Elements of Generalized Information Theory. Physica-Verlag/Springer-Verlag, Heidelberg and New York, 1999. J. D. Lee, and N. Moray, Trust, control strategies and allocation of function in human-machine systems. Ergonomics, 35: 1243-1270, 1992. J.D. Lee, and K.A. See, T rust in Automation: Designing for Appropriate Reliance. Human Factors, 46: 50-80, 2004. M. J. Liebhaber, and B. Feher, Air Threat Assessment: Research, Model, and Display Guidelines. In Proceedings of the 2000 Command and Control Research and Technology Symposium, Naval Postgraduate School, Monterey, CA, 2000. R. Opperman, Adaptive user support. Hillsdale, NJ; Erlbaum, 1994. C. Miller, H. Funk, R. Goldman, J. Meisner, and P. Wu, Implications of Adaptive vs. Adaptable UIs on Decision Making: Why “Automated Adaptiveness” is Not Always the Right Answer. In Proceedings of the 1st International Conference on Augmented Cognition, Las Vegas, NV, July 22-27, 2005. R. Parasuraman, T.B. Sheridan, C.D. Wickens, A model for types and levels of human interaction with automation. IEEE Transactions on Systems Man and Cybernetics-Part A: Systems and Humans, 30: 426-432, 2000. R. Parasuraman, V. Riley, Humans and automation: Use, misuse, disuse, abuse. Human Factors, 39: 230-253, 1997. T. Sheridan, R. Parasuraman, Human-automation interaction. Reviews of Human Factors and Ergonomics, 1, 89-129, 2006. T.B. Sheridan, and W.L. Verplank, Human and Computer Control of Undersea T eleoperators. MIT. Man Machine Systems Laboratory, Cambridge, MA, Technical Report, 1978. J. Thomson, B. Hetzler, A. MacEachren, M. Gahegan, M. Pavel, A typology for visualizing uncertainty. In Visualization and Data Analysis 2005, In Proceedings of the SPIE, SPIE, IS &T, San Jose, CA, 5669: 146-157, 2005. C. D., Wickens, K.Gempler, and M. E. Morphew, Workload and reliability of predictor displays in aircraft traffic avoidance. Transportation Human Factors, 2: 99-126, 2000. C. D. Wickens, and X. Xu, Automation Trust, Reliability and Attention HMI 02 03, AHFD-0214/MAAD-02-2, AHDF T echnical Report, 2002. M. Yeh, and C. D. Wickens, Display signalling in augmented reality: Effects of cue reliability and image realism on attention allocation and trust calibration. Human Factors, 43: 355–365, 2001.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

[19]

H. Atoyan et al. / Human Factors Analysis of Different Types of Uncertainties

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security E. Shahbazian and G. Rogova (Eds.) IOS Press, 2010 © 2010 The authors and IOS Press. All rights reserved. doi:10.3233/978-1-60750-621-8-69

69

Aspects of Human Systems Behaviour and Their Impact on Port Security Architecture a

Kalin KALINOVa and Niko la STOYA NOVb G.S. Rakovski Defence and Staff College, Naval Department, Bulgaria b N.Y. Vaptsarov Naval Academy

Abstract. The paper presents a harbour protection system developed within a national project, and studies of human systems behaviour and impact on port security architecture. The work includes practical recommendations in the following areas: (1) Networks and centralized organizations in a complex conflict environment; (2) Distribution of responsibility in a multi-level hierarchical organization (command and control dilemmas); (3) The “multi-directional” subordination problem (limits of subordination); (4) The function of the “hidden commander” in a system (is he\she ready and is she\he conscious).

Keywords. port protection, maritime security system, terrorism

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Introduction The Port Protection System (PPS), while an art ificial system, is do minated by human subjectivism. We provide a brief description of the PPS as a preliminary to studying the impact of human behaviour on Port Security Architecture. The PPS is an artificial organizat ional system designed to protect different types of compound objects against a wide range of adversary effects. The system functions in an unpredictable and dynamic environ ment. As a who le, its strategy is protective and responsive. The legal basis of the system is to meet requirements set by at least three relatively independent authorities: 1. 2. 3.

International and EU legislation 1 ; National security policy requirements and realities ; The “good sea practice.” 1

The ISM Code [1] and the ISPS Code [2] define the main security requirements. The ISPS Code (International Ship and Port Facility Security Code) was adopted by the Conference of Contracting Governments to the International Convention for the Safety of Life at Sea, 1974 (London, 9 to 13 December 2002) in a resolution passed on December 12 2002. Chapters V and XI of SOLAS (International Convention for the Safety of Life at Sea) [3], enforcing mandatory compliance with the Code as of July 1 2004, were also amended. The existing chapter XI of SOLAS was re-identified as chapter XI-1, and a new chapter, XI-2, addressed special measures to enhance marit ime security. Parts A and B of the ISPS Code contain, respectively, mandatory requirements regarding the provisions of chapter XI-2 of SOLAS, 1974, as amended, and guidance regarding the provisions of chapter XI-2 of SOLAS, 1974, as amended. Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

K. Kalinov and N. Stoyanov / Aspects of Human Systems Behaviour and Their Impact

70

The PPS is expected to provide safety and security in an extremely difficult environment, where the land borders the sea, where national security meets economic freedom, where a heavily populated urban area is a highly developed economic object involving dangerous materials and hazards. The above considerations can be summarized in the following requirements for an effective Port Protection System. The PPS must be: 4. 5. 6.

Object oriented 2 ; Precisely acting; Adaptable.

The general approach to meet ing these requirements consists in establishing an autonomous organization consisting of elements fro m different maritime security or economically orientated institutions united under the authority of a common command body. Generally, Port Security Council 3 functions as command authority, the system is highly automated, and personnel, consisting of two groups, are limited in quantity: personnel highly educated in information technologies, responsible for operating highly automated technical surveillance and response systems, and armed personnel responsible for physical aspects of port area protection, namely the protection of borders and inner objects. Coordinating these groups poses a s ignificant challenge in itself, but represents only a small part of the problem. This work proposes to conduct an in-depth study of the human impact on system architecture development.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

1. Centralized Org anizations Versus Networks In 2008, a team of researchers fro m the Bu lgarian Naval Academy and the Bu lgarian Defence College co mpleted a national pro ject initiated by the Navy: the develop ment of a naval base and harbour protection system model. Surprisingly, the challenge was organizational in nature, rather than technical as was expected in the in itial stages of the project. The main question considered was: What kind of an organization do we need: centralized, or network -organized? The decision was to establish a networkorganized PPS, which in a conflict s ituation is centralized on a level immed iately above the scale of the threat. A detailed explanation fo llo ws.

2

PPS “object orientation” is a response to object oriented terrorist philosophy “ Tear everything up; change now and fix later” [4] 3 The Port Security Council is responsible for maintaining? port security regime. It was established by Bulgarian government Ordinance No 53/2004 [5] in response to requirements set by the ISPS Code. A Port Security Council is comprised of representatives from the following organizations: the port operator, the Chief Directorate of “Border Police” at the Ministry of the Interior, the Executive Agencies “Maritime Administration” and “Port Administration” at the Ministry of Transport, the Customs Agency at the Ministry of Finance, the Navy at the Ministry of Defence, the Civil Protection National Service at the Ministry of State Policy for Disasters and Accidents, the Regional Inspectorate of Environment and Water at the Ministry of Environment. It is possible, depending on the situation, for representatives of other organizations to be included in the Council.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

K. Kalinov and N. Stoyanov / Aspects of Human Systems Behaviour and Their Impact

71

The most important problem to consider in organizational arch itecture is how to establish “structural prerequisites for satisfaction of the management’s principles.” A comparison of centralized organizations and popular “networks” can help solve this problem. Centralized organizat ions (such as military type organizations) are easily observed and controlled. On the one hand, the existence of a well-developed hierarchy facilitates mon itoring info rmation flows and helps to avoid “information overloading” of the managing body, and on the other hand, allows the organization to grow without significant co mplications related to information e xchange. It can be stated with a high degree of certainty that centralized organizations possess the prerequisites necessary to satisfy management standards such as unity of effort, sustainability, stability, and personal responsibility. Classically, the disadvantages of centralized organizations are their predictability and relative “slowness,” a significant d isadvantage being their vulnerability to the incorrect functioning of higher h ierarchical levels. A study of centralized behaviour reveals undesirable tendencies, such as “escape of responsibility” by intermediate hierarchical levels, “seizure of subordinate levels’ autonomy,” realization of informat ion exchange by “bypassing” connections, and “overloading” lower executive levels. It should be added that centralized organizations tend to overcome environmental co mplexity through a “mechanical” approach, establishing additional hierarchical levels and increasing the number of system co mponents. It can be said that centralized organizat ions meet difficult ies in (have trouble satisfying, or satisfy) management standards such as: co mmand and control continuity, creativeness, flexib ility, init iative, operativ ity, and efficiency. The main advantages of networks are their rapid information transfer capabilit ies , which, when co mbined with relat ively independent and alternative information flows, can meet, with a high degree of satisfaction, management standards such as: flexib ility, operativity, co mmand and control continuity, and robustness. On the other hand, d ue to rapid information transfer capabilities, networks suffer complications in monitoring and control. A study of networks reveals “loss of goal” and increased sensitivity to perturbations. A typical disadvantage of networks is “washing away” responsibility to fulfil operat ional goals, especially for “secondary goals” such as self-education, selfreproduction, etc. Netwo rk co mponents necessitate permanent actualization of personnel informat ional potential to realize informat ional capabilit ies. It could be summarized that networks encounter difficu lties in satisfying management princip les such as: unity of effort, sustainability, stability, and personal responsibility. Even briefly presented, the ju xtaposition of centralized organizations and networks yields the idea that, without being “antipodes,” the two types of organizations mutually supplement each other. Hence the logical basis for co mbining the advantages and compensating for the disadvantages of centralized organizations and networks through centralization of a network organized security system on a level immed iately above the scale of the threat. 2. Unexpected Network Behavi our: The “C2 Dilemma” When dealing with network-type organizations, the problem to consider is how to overcome their potential for spontaneous self-organizat ion. The pract ical dimensions of self-organization are centralizat ion and/or autonomy.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

72

K. Kalinov and N. Stoyanov / Aspects of Human Systems Behaviour and Their Impact

Co mponents of a centralized organization have their o wn motivations beyond the main global system goal. Their behaviour reveals rather interesting motives in the system components’ behaviour, especially for networks which are “the hit of the system architecture”.

2

4

14

6

1 5 13 12

3

8 7

11

10

9

1. Aspirations for “centralization” : 1 , 5 , 13 , 6 , ... 2. Competition : (1 , 5); (2 , 13) ; (6 , 7) ; ... 2. Self-organization : - for the purpose of “centralization” : (5 , 13) ; (1 , 6) ; ... - to achieve “autonomy” : (2 , 14 ,12 , 13) ; (3 , 6, 7) ; ...

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Figure 1. A variant of a network organized system

The system portrayed in Figure 1 is more similar to network organizations than to centralized systems. Its behaviour exhib its tendencies toward: centralizat ion, wh ich is typical for elements with high connectivity - see component №; co mpetition, which can have different mot ives, such as where №1 and №5 co mpete for the leader’s position, but №2 and №13 co mpete for №14 to be its only connection with the rest of the elements; and a self-o rganizing tendency aimed at “centralization” and “autonomy” components №13 and №5 unite to centralize the whole system, the connection between elements №9 and №7 are severed, and we have a sub -system which consists of elements №7, №6, and №3. The described behaviour usually occurs as a result of resource problems. A different perspective on the system would be useful to understanding the problem. When we establish an organization in order to meet a challenge or threa t, we have to consider that the threat not only becomes an objective for this system but also that it represents a resource for this system and the existence of the threat justifies the existence of the system. If threat is added to PPS co mponent, we obtain a typical “predators and preys” system. Elements from 1 to 6 represent “ predators” and subset of the elements fro m 7 to 15 represent “preys” – or threats. Based on Figure 2, we can describe some of the aforementioned tendencies: “centralization,” “competition,” and “self-organization.”

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

K. Kalinov and N. Stoyanov / Aspects of Human Systems Behaviour and Their Impact 1

7

8

2

3

4

5

9

10

11

12

73

6

13

14

15

1. Aspirations for “centralization” : 1 , 4 , ... 2. Competition : (1 , 2); (4 , 5) ; ... 2. Self-organization : - for the purpose of “centralization” : (1 , 5) ; (2 , 4) ; ... - to achieve “autonomy” : (5 , 6) ; ... 4. “Separatism” : 1 , 6

Figure 2. A graph presenting a variant of PPS components and threats

We can see one more significant tendency in the system’s behav iour, namely "separatism,” wh ich is usually based on the existence of own resources. For examp le element №6 has its own resources represented by elements №14 and №15, which makes №6 relat ively independent from the rest of the system. To summarize, PPS co mponents are individuals or units b elonging to different institutions organized in a system, sustained for the purpose of opposing and responding to security threats, and competing for responsibilities. Because, having responsibilit ies, they have a reason to exist, and more importantly, they deserve a budget. Unfortunately, with regard to Bu lgarian PPS co mponents, these tendencies occur on at least two levels: 1. 2.

Relations among members of the collective managing body - the Port Security Council; Relations among units of the system belonging to different institutions.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

We refer to the consequences of these tendencies as the “Command and Control dilemma": Lack of willingness to delegate a high degree of authority over subordinate units to a representative of another institution, “Jealous” protection of own informat ional sources, Establishment of surveillance systems duplicating those of other institutions; Lobbyism in the Parliament and the Govern ment. As a result, the first variant of Bu lgarian government Ord inance No 53/2004 established a Security Council as consultative body to the Minister of Transport. The Security Council was a sort of “triumvirate” including three co-chairmen : the Minister of Transport, the Min ister of the Interior and the Min ister of Finance (or their authorized representatives). The most capable organization in the area of maritime critical infrastructure protection - the Navy, wasn’t included. The misconception was “weeded out” in 2007 by amending the Ord inance to provide an opportunity for the Navy’s representatives t o be “involved” in port security councils, but the decision carry it out rests on port operator “judgment.”

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

74

K. Kalinov and N. Stoyanov / Aspects of Human Systems Behaviour and Their Impact

Obviously, the solution wasn’t correct. What's more, representatives of the organization responsible for emergency situations management, namely the Civil Protection National Service at the M inistry of State Po licy for Disasters and Accidents, aren’t included. Another disadvantage of the Ordinance is that it doesn’t address and clarify the second and third degrees of PPS readiness. In addition to being selective and partial, this approach to providing port security raises the authority to command PPS to an unnecessarily high, ministerial level. The proposed solution to this problem includes the following points: To enlarge the Port Security Council, including representatives from all interested institutions; To provide the Council with a set of procedures for: Delegation of authority over subordinate units fro m different institutions; No mination of a Chairman of the Council among representatives of different institutions according to the security level; In fact, these reco mmendations were helpful in solving the “Command and Control dilemma.”

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

3. The Problem of “Multi-Directional” Subordination (Li mits of Subordinati on) The practical d imensions of the “command and control dilemma” are manifested by so called “ multi-directional” subordination. Due to the procedure for nomination of a chairman of the council among representatives of different institutions in accordance with security level and operational particularity, there is a possibility to transfer command and control authority among possible chairmen over units belonging to different institutions. The necessity of transfer of authority can emerge even in an ordinary and routine operation in the context of an unexpected threat escalation. Additional problems in this area co me fro m the necessity to share informat ion and the idea to apply “on scene command and control concept” in overall PPS organizat ion. There is a strong argument for developing a flexib le “multi-directional” system for subordination of participating units in PPS. The existing organization of institutions doesn’t meet the formu lated requirement. In fact, there are many limitations to the pre delegation of command and control authority. To overcome the problem, we have to consider, on the one hand, the necessity not to discharge participating institutions of their responsibilit ies and to threaten their interests, and on the other hand, to reflect the possible operational need of transfer of authority. The approach can be briefly described as fo llo ws: the PPS is organized on the basis of the existing network of Port Security Councils, established by the Bulgarian government Ordinance No 53/2004 in response to ISPS Code requirements. Ordinance No 53 establishes three security levels of readiness of the PPS. During the first (lower) level of readiness, the system is maintained by Port Security Councils that include representatives of the following organizations:

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

K. Kalinov and N. Stoyanov / Aspects of Human Systems Behaviour and Their Impact

75

The port operator; The Chief Directorate “Border Police” at the Min istry of the Interior; The Executive Agency “Maritime Ad ministration” at the Ministry of Transport; The Customs Agency at the Ministry of Finance. Depending on context, representatives of the following organizations are included in the Council:

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

The Navy the Ministry of Defence; The Civil Protection National Service at the M inistry of State Po licy for Disasters and Accidents; The Regional Inspectorate of Environ ment and Water at the Ministry of Environment. It is possible, depending on context, for representatives of other organizat ions to be included in the Council. The Port Operator is at the head of the Council, wh ich holds regular meet ings when necessary, but not less than 3 per year. The Port Security Officer, Deputy Chairman of the Council, manages “day to day” activities. The business community is responsible for regime maintenance. All other bodies participating in the Council perform their duties in their functional areas of responsibility. According to procedure, the Chairman or the national authorities can declare a higher (second or third) degree of readiness. Being a representative of the business community, the Chairman is no longer qualified for the post. During the second level of readiness, Councils are strengthened with additional assets predominantly granted by the Ministry of the Interior. According to context and procedure, a new Chairman can be nominated. Typically, the nominated Chairman is a representative of the Ministry of the Interior. He is granted the right to exercise authority over forces (assets) under his command. Procedure determines the process of delegating command authority and the extent of the authority. The third level of readiness is declared when the threat is imminent or when, during the second level, a necessity to conduct a special operation has arisen. The Council is strengthened with addit ional assets (fro m the Ministry of the Interior and the Navy). The naval unit co mmander or naval representative is no minated for the position of Chairman of the Council. The process of delegation of co mmand authority and its extent are settled by a procedure. In fact, this approach can help resolve solve the problem of “multi-directional” subordination and the limits of subordination. The basic principles are simple: 3. 4. 5.

The best method to achieve synergy of cooperation is by delegation (or transfer) of authority. Co mmand authority over naval units can be exercised only by a military commander. Co mmand authority over units belonging to the Min istry of the Interior can be exercised only by a representative of the same min istry or by a military commander.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

K. Kalinov and N. Stoyanov / Aspects of Human Systems Behaviour and Their Impact

76

In fact, the process described is a realizat ion of the idea of centralization of a network organized PPS on a level immed iately above the scale of the threat . Network organizations are needed for at least three reasons: 6.

7.

8.

To have a diversity of informat ional sources during peacetime. This recommendation is satisfied by network organizat ion of PPS during the first level of readiness. To achieve “informat ional superiority” or a greater variety of react ions to the dynamic change of crises situations. This is realized both by the nomin ation of a Chairman according to context and the provision of a staff including representatives of different institutions. To overcome possible resistance from organizations having responsibilit ies in port security matters. Participation in the Council provides them with the possibility to defend their interests.

The centralization process aims to provide prerequisites for management principles that are important for the purpose of winning a conflict:

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Rapid reaction; Unity of co mmand; Unity of effort; Personal responsibility; Etc. The Navy “co mmands” the system during higher degrees of read iness (second or third), therefore the technical base of the “newborn” system is maintained by a naval unit. The system's area of responsibility includes the littoral approaches to the harbour, the port area, and the adjacent urban area on shore. Its components are joint forces fro m different institutions and organizations, which provide “object oriented” protection. State institutions are responsible for “zonal” protection. Every institution functions it in its particular area of responsibility. The “command and control dilemma” is solved by, on the one hand, a procedure nominating a Port Protection Council senior, and on the other, a procedure regulat ing transfer of authority over the HMS (or part of its components) among different bodies.

4. Conclusions This paper focused predominantly on the organizational dimensions of the impact of human behaviour on PPS’s architecture. The function of “hidden commander,” both an educational and a personnel challenge, is an important matter. During development, graphical analytical tools were applied to study the behaviour of the system architecture model. A surprising finding was the number of “Bonapartes" in the system. "Bonapartes" are IT people responsible for the maintenance and management of highly automated PPS. They ensure the system’s wholeness and robustness. Being conscious of how information flows and software works, they tend “to replace”

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

K. Kalinov and N. Stoyanov / Aspects of Human Systems Behaviour and Their Impact

77

commanders. A problem can arise if they are ready to assume the position, and if, as is sometimes the case, they are conscious of their impo rtance. Another problem arises when co mmanders, who only have basic IT education, too often ask them for help and tend to overestimate their advice. This would not be such a serious issues if port protection were a computer strategic game, but it isn’t. The issue is how to prov ide these people with a solid education both in marit ime security matters and in IT technology. The obvious solution is to adapt the education of all PPS personnel. In this context, thanks to opportunities provided by the Norwegian Cooperation Programme, the Varna Municipality Admin istration intends to enhance crisis response capabilit ies on Varna Municipality territory and the adjacent national sea territory. Th is involves establishing a Crisis Management Train ing Centre (CMTC) on Varna Municipality territory, to provide adequate training of the crisis management staff of all institutions involved in the Crisis Management (CM) at the reg ional level. By establishing a CMTC, the Varna Municipality plans to create the material basis for developing a modern regional Crisis Management System (CM S), which, through the shared efforts of governmental institutions, local authorities, and non-governmental organizations, will be responsible for individual safety and public security. Aside fro m contributing to the enhancement of regional CM S capability and improving the inter-agency co-operation process for the CM at the regional level, such a CMTC is to offer a basis for preparing organizations involved in port protection.

References [1] [2] [3] Copyright © 2010. IOS Press, Incorporated. All rights reserved.

[4] [5]

International Safety Management Code (ISM Code), International Maritime Organization (IMO), London, 2002, (http://www.imo.org), 22.05.2008. International Ship and Port Facility Security Code (ISPS Code), International Maritime Organization (IMO), London, ISBN: 9789280151497, 2003. International Convention for the Safety of Life at Sea (SOLAS), International Maritime Organization (IMO), London, 1974, (http://www.imo.org/Conventions/), 22.05.2008. Walter Reich, ed., Origins of Terrorism: Psychologies, Ideologies, Theologies, States of Mind, Washington: Woodrow Wilson Centre Press, 1998. Ordinance No 53/2004 on the conditions and methods of ship and port security, Issued by the Minister of Transport and Communications, promulgated in the State Gazette, issue No. 72 of 17 August 2004, effective as of 1 January 2005. (http://www.port.bg/bg/documents/nar53.pdf), 22.05.2008.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

This page intentionally left blank

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security E. Shahbazian and G. Rogova (Eds.) IOS Press, 2010 © 2010 The authors and IOS Press. All rights reserved. doi:10.3233/978-1-60750-621-8-79

79

Contextual and Human Factors in Information Fusion Jesus Garcia HERREROa, Miguel A. PATRICIOa , José M. MOLINAa and Luiz A. CARDOSOb a GIAA – University Carlos III de Madrid, Spain b IPqM – Navy Research Institute, Brazil

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Abstract. Context and human factors may be essential to improving measurement processes for each sensor, and the particular context of each sensor could be used to obtain a global definition of context in multisensor environments. Reality may be captured by human sensorial domain based only on machine stimulus and then generate a feedback which can be used by the machine at its different processing levels, adapting its algorithms and methods accordingly. Reciprocally, human perception of the environment could also be modelled by context in the machine. In the proposed model, both machine and man take sensorial information from the environment and process it cooperatively until a decision or semantic synthesis is produced. In this work, we present a model for context representation and reasoning to be exploited by fusion systems. In the first place, the structure and representation of contextual information must be determined before being exploited by a specific application. Under complex circumstances, the use of context information and human interaction can help to improve a tracking system's performance (for instance, video-based tracking systems may fail when dealing with object interaction, occlusions, crosses, etc.).

Keywords. context representation, adaptive data fusion, human computer interaction

Introduction Surveillance network processing problems are relevant to Air Traffic Control (ATC), Vessel Traffic Services (VST) and many security and defence applications. These systems are usually meant to emulate human intelligent behaviour in surveillance tasks. In fact, before machine-implemented information fusion, maritime surveillance, for instance, was a fully non-automated activity, performed by human operators by (“mentally”) fusing data from different sources, including that collected from direct sea observation, radio communication messages and, when available, air/surface surveillance radars. Intelligence and other contextual information have always played an essential role in this task, conditioning human perceptual analysis and decision. Along with the evolution of computational tools and software technology, the use of different types of radar and other sensors have become widespread, many modern systems today being capable of autonomous fusion of target data from an assorted range of cameras or different radar sensors, either land based, shipborne or airborne. AIS (Automatic Identification System) data has also become a valuable source of

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

80

J.G. Herrero et al. / Contextual and Human Factors in Information Fusion

information to be fused in surveillance applications, after its introduction by the International Convention for the Safety of Life at Sea (SOLAS), as a compulsory selfidentification standard for a large class of commercial vessels [5]. In the near future, higher lever data, like port activity, shipboard communication, social connections of crew and passengers, detailed cargo description, news around the word (as posted on the Internet, for instance), are expected to be considered, increasing enormously the range of possibilities for data association and information fusion. Improvement of the fusion and analysis of maritime intelligence information is an eventual goal in maritime surveillance systems projected for the future [19]. Due to recurrent asymmetrical threats observed in the world in the last years, fusion models need to take into account increasingly more civilian sourced information, becoming prone to achieving very high levels of complexity. Because of that, and because of the above mentioned human-centred subjective criteria for user satisfaction, the demand for system performance in this framework draws attention to information fusion models with the potential to fully integrate and exploit both human and machine capabilities. (Some may say that this model encompasses some cheating, resembling the first chess machine with a dwarf player inside [15]. In our point of view, this is more like advanced chess, where the “team” is assembled by a man cooperating with a machine program [18]). While contextual information can satisfactorily include high level human-modelled offline information to enhance a system’s behaviour, there has been also some interest in the quest for models of online man-machine cooperation in information fusion and decision making. In [2] E. Blash introduced a fuse-interaction model where the user can interfere at any hierarchical level of the JDL model [7]. In a more recent proposal [8] this possibility is extended to simultaneous cooperative learning, as in symbiotic human-machine processing, in order to enhance information fusion. In order to address maritime surveillance and port security applications using sensor networks, we now consider a modelling approach where both full symbiotic Human-Computer reciprocal learning interaction and context representation are present. Human perception of context and activity differs from perceptions coming from computer sensors. To be capable of anticipating human behaviour, a context model then needs to bridge the gap between human understanding and computer perception. The structure and representation of this information must be determined before being exploited by a specific application [3]. Once a context model is built up and validated, it can be used to identify and correct erroneous or incomplete data coming from perceptual components, which can be predicted and corrected knowing the situation, i.e. the current state within the context model [9]. Context could be useful to improve the measurement process for each sensor and the particular context in each sensor could be fused to obtain a global definition of context in multisensor environments. In this proposal, extensions to the well known JDL architecture are defined to enhance reasoning with external information, besides sensorial input, handling both contextual information and human interaction, as indicated in Figure 1.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

J.G. Herrero et al. / Contextual and Human Factors in Information Fusion

81

Inference/Decision Context model

JDL-based information fusion as a cognition model

Level 4

Level 4: Performance Assessment

Level 3

Level 3: Impact Assessment

Level 2

Level 2: Situation Assessment

Level 1

Level 1: Entity Assessment

Level 0

Level 0: Signal/Feature Assessment

Context Knowledge-Based System

Human Cognition (online collaboration)

Sensors

“Reality”

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Figure 1. Extended architecture for Fusion Enhancement

A direct application of contextual information introduces improvements at the lowest level of fusion systems in charge of detecting and tracking all interesting objects. In this work, the improvement in surveillance capabilities of Visual Sensor Networks (VSN) using a Context Model (static and dynamic) is explored, leading to the proposal of a combined Context-HCI information fusion model. Video-based tracking systems may fail when dealing with complex scenarios, such as those in which objects enter and/or leave the scene, interact with each other producing occlusions, crosses, unions, separations, etc [16], [17]. It is under these types of circumstances that the use of context information can help to improve a tracking system's performance [10], [14]. In particular, the tasks of data association and fusion tracking can be improved considering human input and a high-level reasoning process based on available contextual information. In the next section, we explain our JDL extension to take into account user interaction to adapt the fusion chain. Section 3 presents the general architecture for integrating context in Level 1 fusion systems, and the details for context representation in the case of visual sensor networks are presented in section 4. Finally section 5 presents the conclusions and future works.

1. HCI in Maritime Surveillance Fusion Systems The JDL Data Fusion Model can be thought of as a general framework for emulating human reasoning in environment perception, thus providing an automated decision making tool. In the model, the complex and apparently parallel mental processes exhibited by human intelligence are hierarchically organized as a sequence of growing abstraction levels, each taking input from the previous, lower levels. The integration of human actions into the JDL architecture allows direct human guidance to be accepted

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

82

J.G. Herrero et al. / Contextual and Human Factors in Information Fusion

at any level, exhibiting supervised learning properties and treating the human actor as an external Level 4 agent. In the proposed model (see diagram in Figure 2), both machine and man take sensorial information from the environment and process it until a decision or semantic synthesis is produced. The machine works hierarchically, executing from low level signal processing and feature extraction algorithms, at the bottom layer, to high level programming strategies, at the top layer. On the human side, perception and reasoning are similarly developed, to include perception induced by stimulus generated at intermediate machine processing levels. In some cases, reality may be beyond the human sensorial domain, with man relying only on machine-translated stimulus. The machine, reciprocally, receives feedback at its different processing levels, adapting its algorithms and methods accordingly.

Machine Inference/Decision

Human Inference/Decision

Level 4: Performance Assessment Level 3: Impact Assessment Human Cognition

Level 2: Situation Assessment

Context model Knowledge-Based System

Level 1: Entity Assessment Level 0: Signal/Feature Assessment

Sensors

(online

Human sensory system collaboration) Human sensory system

JDL-based information fusion as a cognition model

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

“Reality” Figure 2. Information fusion boosting through human-computer interaction

A fusion-based automated surveillance system, operating over a sensor network, can thus be thought of as implementing an Artificial Intelligence (AI) model of Human Cognition that produces: − The fusion of sensor information, with the elimination of redundant input information through integration and generalization; − The improvement of accuracy and reduction of uncertainty in sensor information [14]; and − A compiled representation of the environment (within a delimited space-time volume), the entities present in it, comprehension of their meaning, their state, and predicted short future evolution, based on all above sensor-fused information, thus inducing what is called “situation awareness” [6]. The purpose of achieving “situation awareness” is usually to allow some decision making process to occur, either agent (automatic) or human based, aiming at

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

J.G. Herrero et al. / Contextual and Human Factors in Information Fusion

83

optimization of decision latency and correctness, according to the mission's assigned objectives. Thus, a fourth computational task for AI processing could be described to produce a decision or a semantic evaluation of the input space. Such systems will often carry, relatively to those based on human intelligence only, some expectancy for exceeding performance levels, as given by either: a) Shorter response time requirements; or b) Higher accuracy requirements; or c) Higher throughput (expressed in terms of larger scan volume, larger target quantity or faster scan rate); or d) Higher confidence levels; or e) Improved repeatability requirements (consistent behaviour in a range of situations where human cognition might fail, for example, as a result of fatigue or stress); or f) A simultaneous combination of these requirements.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Under these circumstances, it is remarkable that, in spite of the urge for automation to replace some routine human action in the information gathering and processing by machine implemented algorithms, in order to outperform human capacity, the kernel of the decision process usually (and also by requirement) relies on a human being itself, namely, the system user or operator. The same goes for the evaluation criteria of system performance. This “human-has-the-right-to-final-judgement” requirement implies a certain hierarchical modelling in the system design, suggesting that human intelligence would be self-perceived as hierarchically oriented.

Figure 3. Interface for human feedback in low-level fusion process

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

J.G. Herrero et al. / Contextual and Human Factors in Information Fusion

84

The capacity of the fusion-based automated surveillance system to obtain situation awareness as human operator relies on the definition of context information and the capacity of the system to infer he real situation from this context information. This operation needs specifically developed interfaces to adapt low-level operations to human perception (see an example in Figure 3).

2. Architecture for Context Integration in Information Fusion at the Sensor Level In our proposal, the context represents the previous knowledge of the human operator to interact/adapt the system to real situations. In low-level interaction, context represents the knowledge of the human operator to adapt the tracking system at the Fusion Centre integrating the contextual information and the tracking system's information of each sensor, treating it with low level concepts and context information to interpret what is happening in the scene, thus improving the system's output and also each local tracking system. The main objective of this work is to develop an architecture for surveillance networks in complex, proposing a methodology to develop a context-based fusion system (an example for visual sensor networks is given in the next section). The architecture proposed in this work is based on two-layer data processing modules to improve the association process of a tracking system (see Figure 4): •

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

•

GTL (General tracking layer). Generic Multipurpose Tracking Process for Video Surveillance Systems. CL (Context layer). Symbolic reasoning to manage the symbolic interface between GTL modules, asses situation and take the appropriate decisions.

Figure 4. Context-based Fusion Architecture to interact on Level 1

The inclusion of context in a fusion system requires the definition and development of several concepts (see Figure 5):

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

J.G. Herrero et al. / Contextual and Human Factors in Information Fusion

• • •

85

Describing a formal Context Model to represent information for the specific scenario that can help interpret what is happening in the environment. This Context Model considers both static and dynamic contextual information. Proposing a reasoning schema able to improve tracking system performance using the specific information of the Context Model. Defining the adaptation of the tracking level from the context level through an interface.

Figure 5. Conceptual representation of Context Concepts in Level 1

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

3. The Role of Context in Visual Sensor Networks The concept of Visual Sensor Network (VSN) is the current paradigm for deploying visual surveillance systems based on distributed fusion. For instance, Figure 6 illustrates a domestic VSN with three indoor cameras with overlapped Field of Views. These overlapped areas could be exploited by the Fusion Centre in order to get more accurate results and guarantee coherent monitoring in the global area. The tracking algorithms implemented in the surveillance-sensor nodes have to deal with motion detection errors and complex object interactions (merging, occlusions, fragmentation, etc.). The Fusion Centre combines the information inferred by individual surveillancesensor agents to maximize the final information content about the area to be guarded. We previously proposed a fusion architecture for distributed solutions in visual sensor networks [4].

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

86

J.G. Herrero et al. / Contextual and Human Factors in Information Fusion

Figure 6. Indoor visual sensor network example

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

3.1. Context Model The Context Model (CM) is an implementation of specific context information that helps to understand and improve the tracking system [11]. This information is obtained from the input Scenario's Context and from the Fusion Centre. The information obtained from the input in each camera is static information about the scenario, while the information obtained and updated from the Fusion Centre is dynamic information about the moving objects. CM maintains the following context information which helps reason about what is really happening in the scene, thus improving the tracking system. Let K be the set of objects which enclose the context information for a specific scenario. K is described as a set of regions of interest R, static objects S and tracks information I (see Figure 7). Regions of interest R can be described as areas in a scene where specific characteristics can be found. Static objects S are objects in the scene where tracks will be initialized or deleted. Finally, tracks information I, stands for consistent tracks properties, such as size, position, colour, etc., of the objects that are in the scene. R = {r1, …, rn}

(1)

S = {s1, …, sm}

(2)

I = {i1, …, ip}

(3)

K = R ∗S ∗ I

(4)

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

J.G. Herrero et al. / Contextual and Human Factors in Information Fusion

87

Figure 7. Context Information

Regarding the set of regions of interest R, a region of interest ri can be described as:

ri = {z r , t r , s r d r } i

i

i

i

(5)

where: •

z r represents this region of interest zone as polygons, because polygons are i

simple and flexible enough to match human knowledge. •

t r is ri's temporal information. This temporal information indicates at what i

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

time interval this region's characteristics are relevant. Therefore, there could be different regions of interest with the same zones, but different temporal information. •

s r gives illumination geometries' information. For instance, in ri at time i

interval t r , shadow and reflection size and direction. i

•

d r stands for the dynamic objects' features that are expected to be observed i

in a specific region of interest at a specific time interval. This information allows the CL to reason about what is happening in the scene. There are three types of static objects S considered: entrances E and exits X and occlusion objects O. All of these types of static objects are described by polygons. For simplicity, the areas described in the examples presented are represented by rectangles. For instance, Figure 8 shows an example indoor scenario. On the left, the areas and some of the dynamic objects are depicted, and on the right, the static objects. The scene is divided into four areas, depending on dynamic object sizes. Therefore, when an object moves from Area 1 to Area 4, its size decreases. In this scene, there are no occlusion objects, but instead seven entrances and exits are established.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

88

J.G. Herrero et al. / Contextual and Human Factors in Information Fusion

Figure 8. The left image shows the areas and some of their dynamic objects in CORRIDOR, and the right image shows the static objects.

3.2. Sensor and Information Fusion with Context Reasoning in VSN

For each i-th local processor associated to one sensor, at the lowest level, CM maintains tracks information I i[k] for each frame k every time a new track is initialized, updated or deleted. This tracking information is an extension of conventional systems, with specific information needed by the Reasoning System in the Fusion Centre to represent dynamic contextual information. Tracking information at the i-th sensor, I i[k], has been classified into three types of tracks: active v*i[k], occluded hi[k] and grouped g i[k], defined for each sensor: I i[k] ={v*i[k], h i[k], g i[k]}

(6)

Active tracks, v*i[k], are those containing the tracks sent by each i-th local processor.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

v *ji [k ] = {v1*i [k ], v *2i [k ], ! , v *Mi [k ]}

(7)

Each of these active tracks v *ji [k ] are described by a set of features such as a

unique identifier, velocity, position, colour ... and the list of grouped tracks, l ij [k ] (see Figure 9), v *ji [k ] = {v ij [k ], l ij [k ]}

Figure 9. Active Tracks Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

J.G. Herrero et al. / Contextual and Human Factors in Information Fusion

89

The Fusion Centre maintains a set of occluded tracks hi[k] and a set of grouped tracks gi[k] for each sensor, updated to the last frame k. h i [k ] = {h 1i [k ], ! , h iq [k ]} g i [k ] = {g 1i [k ], ! , g iu [k ]}

(8)

An active track v *ji [k ] , as described earlier, is represented by a set of features and l ij [k ], where l ij [k ] is a list that contains the identifiers of the tracks that are grouped with that active track

v *j i [k ]. For instance, g ij [k ] can be a grouped track at

frame k, that was an active track v ij [ w ] at frame w, but that at frame k has been

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

grouped with an active track v ij [k ] . In order to make proper use of the contextual information, a knowledge base with all contextual information integrates the knowledge coming from each sensor, as depicted in Figure 10.

Figure 10. Context-based fusion

This knowledge base is composed of predicates such as is_a_track(), is_a_occlusion(), is_hidden(), are_grouped(), etc. This system is responsible for the coherence of local/global context information. As a part of the fusion process, this reasoning system [12], [13] takes into account the correspondences among data from different sensors (data association), applies an inference process and improves the track fusion process and the global result (coherence/fusion information) is sent back to every local process to adapt the local behaviour accordingly to the global conditions.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

90

J.G. Herrero et al. / Contextual and Human Factors in Information Fusion

For instance, considering the mono-sensor indoor scenario presented above, the contextual information is inserted as a set of facts in the knowledge base, and remains within the knowledge base. Static facts are first inserted in the knowledge base, these initial facts ci represent the contextual information. Entrances, exits, areas and dynamic objects are represented by polygons (height and width), and all but the dynamic objects have a position, as illustrated in Figure 11.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Figure 11. Systems state at frames 86, 98, 157 and 182

Once the initial facts have been loaded into the system, the tracking system analyzes the video input. The detection of new tracks adds a new fact into the knowledge base, this fact labelled as f1 is (newtrack (id v0)). Once this fact f1 is inserted into the Fusion Centre, a rule is activated (as shown in Figure 11, frame 98), due to two primitive facts f1 and c4. The execution of this rule eliminates the previous f1 and introduces a new fact f1: (track (id v))) to confirm the track. When a new object enters the scene, right before the new object has been detected, the only fact in the knowledge base referencing the existence of a track is its id 0. As the sensor detects the new object, it adds a new fact into the knowledge base f2 (frame 98). A rule modifies the knowledge base by eliminating the fact introduced previously and inserting a fact that establishes the existence of a track with id 1 in the scene. At frame 157, track v1 disappears from the scene, hidden behind track v0, at which point the sensor processor deletes track v1 and inserts into the knowledge base fact f3 (frame 157). This new fact activates rule 3, which modifies the knowledge base as shown in frame 157, box 3. The facts establish that there is a track with id 0 visible in the scene

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

J.G. Herrero et al. / Contextual and Human Factors in Information Fusion

91

and another track with id 1 in the scene but not visible. This modification of the knowledge base activates rule 4 which modifies the knowledge base to establish that the track with id 0 is a group and grouped with it is the track with id 1. Finally, the situation is later restored at frame 182, when a new track is initialized but the system reassigns it to the hidden track kept in the group.

4. Conclusions and Further Work

In this contribution, we presented a context model handled by a reasoning system to improve data acquisition in local sensors and drive the fusion process. This contextbased system models the human capacity to adapt to low-level processing. The reasoning capabilities of the system were tested with isolated sensors and are currently under experimentation to analyze potential improvement in fusion performance in multi-camera environments. Improvement at higher levels of cognitive processing is an open possibility also implied in the model. References [1] [2]

[3]

[4]

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

[5] [6] [7] [8]

[9] [10] [11]

[12] [13]

[14]

K. Alexiev and I. Nikolova. Methods for Data and Information Fusion, in Scientific Support for the Decision Making in the Security Sector, O. Kounchev et al. (Eds.), IOS Press, 2007. E. P. Blasch and S. Plano. Level 5: User refinement to aid the Fusion Process, in Multisensor, Multisource Information Fusion: Architectures, Algorithms, and Applications, Dasarathy., B. V. (Ed.), Proceedings of SPIE Vol. 5099, 2003. O. Brdiczka, P.C. Yuen, S. Zaidenberg, P. Reignier, and J.L. Crowley. Automatic acquisition of context models and its application to video surveillance. In Proceedings of the 18th International Conference on Pattern Recognition (ICPR’06), 2006. F. Castanedo, J. Garcia, M.A. Patricio and J.M. Molina. Data Fusion to improve trajectory tracking in Cooperative Surveillance Multi-Agent Architecture. Information Fusion. Special Issue on Agent-based Information Fusion (to appear). Aug. 2008.[2] United States Coast Guard. The U.S. Coast Guard Strategy for Maritime Safety, Security, and Stewardship. Washington D.C., 2007. M. Guerriero, P. Willet, and S. Coraluppi. Radar-AIS Data Fusion and SAR tasking for Maritime Surveillance. ICIF 2008 – Cologne, Germany, 1-3 Jul. 2008. M. R. Endsley. Theoretical Underpinnings of Situation Awareness: A Critical Review. Situation Awareness Analysis and Measurement, Lawrence Erlbaum Associates, 2000. D. L. Hall and J. Llinas. An Introduction to Multisensor Data Fusion. Proceedings of the IEEE, Vol. 85, No. 1, January 1997. L. A. Lisboa Cardoso, Jesús García, José M. Molina. Requirements for supervised fusion adaption. International Symposium on Distributed Computing and Artificial Intelligence, DCAI 2008, University of Salamanca, Spain, 22th-24th October 2008. L. Morency, C. Sidner, C. Lee, and T. Darrell. Contextual recognition of head gestures. Proc. of ICMI, 2005. A.M. Sanchez, M.A. Patricio, J. Garcia, and J.M. Molina. Video tracking improvement using contextbased information. In The 10th International Conference on Information Fusion, Quebec, July 2007. A.M. Sanchez, M.A. Patricio, J. Garcia, and J.M. Molina. Occlusion Management using a Contextbased Tracking System. In 3rd Workshop on Artificial Intelligence Techniques for Ambient Intelligence (AITAmI’08) Special Session on Vision-based Reasoning Co-located event of European Conference on Artificial Intelligence. Patras, Greece, 21-22 July 2008. A. M. Sanchez, M. A. Patricio, J. Garcia, JM Molina. "A Context Model and Reasoning System to Improve Object Tracking in Complex Scenarios". Expert Systems With Applications. Vol 41 (in press) A. M. Sánchez, M. A. Patricio, J. García and J.M. Molina. Extending Local Contextual Reasoning to Multicamera Environments. SWIFT 2008 - Skövde Workshop on Information Fusion Topics. SWIFT 2008. Skovde, Sweden, 4-6 Nov 2008. T. Standage. The Turk: the Life and Times of the Famous Eighteenth-Century Chess-Playing Machine. Walker & Company, 2002.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

92

J.G. Herrero et al. / Contextual and Human Factors in Information Fusion

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

[15] A. Torralba, K.P. Murphy, W.T. Freeman, and M.A. Rubin. Context-based vision system for place and object recognition. Proc. of ICCV, 2003. [16] M. Xu and T. Ellis. Augmented tracking with incomplete observation and probabilistic reasoning. Image and Vision Computing, vol. 24:pp. 1202–1217, 2006. [17] T. Zhao and R. Nevatia. Tracking multiple humans in complex situations. IEEE Trans. Pattern Analysis and Machine Intelligence, 26(9):1208–1221, 2004. [18] The Advanced Chess Organization (CCO). Advanced chess description, 2004. On line at http:// advancedchess.netfirms.com/description.htm. [19] United States Coast Guard. The U.S. Coast Guard Strategy for Maritime Safety, Security, and Stewardship. Washington D.C., 2007.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security E. Shahbazian and G. Rogova (Eds.) IOS Press, 2010 © 2010 The authors and IOS Press. All rights reserved. doi:10.3233/978-1-60750-621-8-93

93

Decision Support Systems Design for Joint Multi-national Multi-agency Defence and Security Environment

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Éloi BOSSÉ and Pierre VA LIN Defence R&D Canada – Valcartier 2459 Pie-XI Blvd. North, Québec, QC, Canada, G3J 1X5 [email protected] / [email protected]

Abstract. In complex environments like harbour security, where human errors may have tragic consequences, decision support systems are essential to execute complex tasks. This paper discusses critical issues in the design of computer-based support systems that can support operators/decision-makers to better understand the situation, select a course of action, monitor the execution of operations, and evaluate the results. These aids will support decision-makers to cope with uncertainty and disorder and to help people exploit technology at critical times and places in order to ensure success in operations. Because the human cannot be completely replaced or removed from the execution of these tasks, the interaction and coordination between the human and the automated support systems become crucial. In emergency situations, that would necessitate the ability to coordinate multi-agency and multi-national operations, advanced decision support , knowledge exploitation, information fusion and management tools can significantly improve the ability to respond to such emergencies. A technological perspective alone has led system designers to propose solutions by providing operators with Decision Support Systems (DSS). T hese DSSs should aid the operators to achieve the appropriate Situation Awareness (SA) state for their decision-making activities, and to support the execution of the resulting actions. The lack of knowledge in cognitive engineering has, in the past, jeopardized the design of helpful computerbased aids aimed at complementing and supporting human cognitive tasks. Moreover, this lack of knowledge has, most of the time, created new trust problems in the designed tools. Providing the appropriate level of support thus requires balancing the human factor perspective with that of the system designer, and coordinating the efforts in designing a cognitively fitted system to support decision-makers.

Keywords. human factors, decision support, situation awareness, cognitive engineering, course of action

Introduction The events of September 11, 2001 moved the issues of anti- and counter-terroris m, national/public security, and collective emergency response (both crisis and consequence management) to the fore of concerns of many nations. Harbour protection against terrorist attack is an examp le of a kind of co mp lex situations typical of the post 9/11 new security paradig m. In the event of a large-scale terrorist emergency situation

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

94

É. Bossé and P. Valin / Decision Support Systems Design

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

that would necessitate the ability to coordinate mu lti-agency and mult i-national operations, the military viewpoint alone is not sufficient to meet the increase in terrorist threat that is diverse and unpredictable, as such threat requires a consideration of collective security that expands to cooperation with mult iple non -military organisations. That expansion of Defence to Security qualifies the theatre of operations as a Joint, Interagency, Multinational, and Public (JIMP) environ ment. Actually, working effectively in a JIMP environ ment requires the ability to communicate and to coordinate mult i-national and mu lti-agency operations in a seamless fashion. There are vast quantities of data and information requiring weeding, sorting, and analysis. Clearly, advanced information management technology and decision support tools are required to enable the various response communities to timely and securely access data, informat ion, services, etc. relevant to their ro les and responsibilit ies, regard less of what agency operates the facilit ies where the critical data and services reside. This paper discusses critical issues in the design of computer-based decision support systems that can support operators/decision-makers to better understand the situation, select a course of act ion, mon itor the execution of operations, and evaluate the results. These aids will support the decision-makers facing two main constraints: uncertainty and time that are directly related to the ever-increasing problem of volu me and quality of data. The desired end-state is for decision-makers to be able to help people to exp loit technology at critical t imes and places, to ensure success in operations. Designing Decision Support Systems (DSS) requires balancing the human factor perspective with the one of the system designer and coord inating the efforts in designing a cognitively fitted system to support decision -makers. The paper starts with a discussion on C4ISR and the characteristics of that JIMP environ ment, followed by the decision support definit ions and concepts. Then, the problem of designing a cognitively fitted DSS, using Cognitive Systems Engineering (CSE) approach, is addressed.

1. JIMP Environment Characteristics As already mentioned, the military viewpoint alone is not sufficient to meet the increase in terrorist threat that is diverse and unpredictable, as such threat requires a consideration of collect ive security that expands to cooperation with mu ltiple non military organisations within a JIMP environment. However, fro m a military standpoint, the JIMP operations, as well as their mo re trad itional warfare operations, are being conducted through a system-of-systems called Co mmand Control, Co mmun ications, Co mputer, Intelligence, Surveillance and Reconnaissance (C4ISR). “C4ISR consists of the concepts, the connectivity, the informat ion systems, the sensors, and the tools in support of, and required to, achieve effective Co mmand, Control and awareness across the entire spectrum of Canadian Force operations through the timely attain ment, generation and distribution of trusted and relevant informat ion.” (Canadian defin ition) A C4ISR capability integrates people, processes, and technology to ensure the delivery of timely and relevant informat ion at all operational levels. C4IS R is developed and advanced as a capability that enables JIMP operations, and equally by the individual Environmental Co mmands (ECs: Army , Navy, Land Forces), who need to enable their own environ ments’ national and combined operations. How C4ISR is

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

É. Bossé and P. Valin / Decision Support Systems Design

95

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

used to join people, processes and technology to enhance decision -making, p lanning activities and synchronization of actions could be called Net -Enabled Operations (NEOps). The C4ISR world can be summarized using Figure 1 with the link and similarities between the Observe-Orient-Decide-Act (OODA) loop (used to describe the Co mmand and Control (C2) process during military or public security operations) and the intelligence cycle [7]. Co mmanders exercise C2 by synchronizing military actions in time, space, and purpose to achieve unity of effort within a military force under two main constraints – uncertainty and time – that dominate the environment in which military decisions are made. The OODA loop and the intelligence cycle are the two central models for the informat ion and decision-making processes. The two loops hinge on the fulfillment of two broad functions: first, that all co mmanders within a force arrive at a shared and consistent understanding of the battlespace arising through battlespace (situation) awareness; and, second, that unity of effort is achieved (decision -making) throughout a joint and combined force through commonly held intent. For mo re details, numerous definit ions, concepts and models related to C2 are provided in the following references [1], [2].

Figure 1. Linking the OODA loop and the intelligence cycle: source [7]

1.1. JIMP Domain Characteristics Reference [3] provides rather substantial details about the various definit ions of incident, crisis, event and the response management of the same, and a list of JIMP domain characteristics that are still applicable. A very important characteristic of a JIMP environment, which co mp lexifies the response to an incident, is its mult ijurisdictional nature. At the Government of Canada (Go C) level, it requires an integrated, co-ordinated approach to national security, integrated inside the Go C and with key partners (i.e. provinces, territories, co mmun ities, the private sector, and allie s). The focus of the policy is on events and circu mstances that generally require a national response, since they are beyond the capacity of individuals, co mmunities or provinces to address alone.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

96

É. Bossé and P. Valin / Decision Support Systems Design

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Do mestically, the p rovinces and other federal govern ment d epart ments and agencies have the responsibility of preventing, deterring, crisis managing, and consequence managing an asymmetric attack on Canada. If called upon, the Depart ment of Nat ional Defence (DND) will need to respond to requests for assistance fro m these organizations and will function in a supporting role. Regardless of which government department has the lead, the inherent flexib ility of military units makes DND a potential source of assistance in all do mestic emergencies and civil disturbances. However, the DND response is bound by legal considerations. Public agencies have jurisdiction at an incident related to their legal responsibilit ies and authority. Jurisdictional authority at an incident can be polit ical or geographical (e.g., city, county, tribal, State, or Federal boundary lines) or functional (e.g., law enforcement, public health). The design of computer-based DSS that enable DND to play its role with the support of its C4ISR capability shall consider a number of characteristics across numerous dimensions (see [3]): Diversity in the nature of operations. Geographically dispersed operations. Large number and diversity of data, information and knowledge types and sources. Large number and diversity of services, applicat ions, tools and pro duct types and sources. Staff resources to perform Emergency (EM ) functions have remained basically stable over the years. EM workers possess an increasing level of information technology literacy. The EM environ ment continually adjusts to expanding information technology capabilit ies. Operating in the EM environ ment, the needs of the decision -makers at all levels (e.g. Incident commanders) and their staff. To rapidly develop SA (e.g. Understand how a situation has developed and is expected to develop). To rapidly develop shared understandings of the operational environ ment. To plan operations. To monitor the situation and the execution of the plans. To ensure that each individual worker is productive and concentrated on its assigned roles and tasks. To deal with co mplex crises. To deal with mult iple, simu ltaneous crises (e.g., mult iple operations monitoring). To perform routine office tasks. Initial d iscussions with members of the EM operational co mmun ities clearly reveal that advanced information management technology and decision support tools can help to address a substantial number of their identified system limitations [3].

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

É. Bossé and P. Valin / Decision Support Systems Design

97

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

2. Designing Decision Support Systems in Complex Environments In complex environ ments like harbour security, where human erro rs may have tragic consequences, decision-support systems are essential to execute co mplex tasks. The technological evolution constantly increases the scope of the operational theatre and the tempo of the response. Moreover, a huge load of uncertain data and information is generated about the environment. Clearly, all of these data and informat ion may exceed human in formation processing capabilities . In formation technology, support is thus typically required to cope with human limitations in such complex environments. This emphasizes the need for real-time, co mputer-based DSS. A DSS is a computerized system that is intended to interact with, and co mplement, a hu man decision -maker. Whatever the nature of the DSS, the object ive is to develo p DSS features that intuitively fit the perceptual and cognitive processes of its human user. The ideal DSS is one which provides the information needed by the human decision -maker, and as opposed to raw data, can be controlled effort lessly by the human, c o mplements the cognitive power of the human mind, and supports a wide variety of problem solving strategies. Effect ive DSSs are the ones that “make the problem transparent to the user.” Providing the appropriate level of support thus requires balancing the hu man factor perspective with that of the system designer, and coordinating the efforts in designing a cognitively fitted system to support decision-makers. Typically, a technological-only perspective has led system designers to prescribe decision support solutions to overcome many of the domain problems, but without knowing explicitly the decisions and cognitive demands that needed to be supported. This and the lack of knowledge in Cognit ive System Engineering (CSE) have in the past jeopardised the design of helpful co mputerized aids aimed at co mp lementing and supporting human cognitive tasks. Moreover, this lack of knowledge has most of the time created new problems in t rusting supporting tools and human -in-the-loop concerns. Therefore, formal DSS design approaches, such as cognitive engineering analyses, are required to understand the problem before prescrib ing any automation solutions. CSE analyses are defined as approaches that aim to develop knowledge about the interaction between human informat ion processing capacities and limitations, and technological information processing systems. The usefulness of a system is closely related to its compatib ility with human information processing. Therefore, CSE analyses focus on the cognitive demands imposed by the world in order to specify how technology should be explo ited to reveal problems intuit ively to the decision maker’s brain. Among the procedures developed to identify cognitive processes, there are the Cognitive Task Analysis (CTA) and the Cognitive Work Analysis (CWA). There are only subtle and ambiguous differences between these two procedures. Moreover, their labels are frequently used in an interchangeable manner in the literat ure. However, the CWA can be seen as a broader analysis than the CTA. The CWA approach [8] is comparable to, and co mpatible with, Rasmussen’s abs traction hierarchy framework [5], [6]. Ras mussen’s framework is used for describing the functional landscape in which behaviour takes place in a goal-relevant manner. This abstraction hierarchy is represented by means-ends relations and is structured in several levels of abstraction that represent functional relationships between the work domain elements and their purposes. The ACWA methodology [4], a prag matic applied version of CWA, emphasizes a stepwise process to reduce the gap to a sequence of small, logical engineering steps,

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

98

É. Bossé and P. Valin / Decision Support Systems Design

each readily ach ievable. At each intermediate point the resultin g decision-centreed artifacts create the spans of a design bridge that link the demands of the domain, as revealed by the cognitive analysis, to the elements of the decision aid. The A CWA approach is a structured, princip led methodology to systematically transform the problem fro m an analysis of the demands of a do main to identifying visualizations and decision-aiding concepts that will prov ide effective support. The steps in this process include:

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Using a Functional Abstraction Network (FAN) model to capture the essential domain concepts and relationships that define the problem-space confronting the domain practit ioners; Overlay ing Cognitive Work Requirements (CWR) on the functional model as a way of identifying the cognitive demands / tasks / decisions that arise in the domain and require support; Identifying the Informat ion / Relationship Requirements (IRR) for successful execution of these CWR; Specifying the Representation Design Requirements (RDR) to define shaping and processing for how the informat ion / relationships should be represented to the practitioner(s); Developing Presentation Design Concepts (PDC) to explo re techniques to implement these RDR into the syntax and dynamics of presentation forms in order to produce the informat ion transfer to the practitioner(s). In the A CWA analysis and design approach, design artifacts are created to capture the results of each of these intermediate stages in the design process. These design artifacts form a continuous design thread that provides a principled, traceable link fro m cognitive analysis to design. However, the design progress occurs in the thought and work in acco mplishing each step of the process, by the process of generating these artifacts. The artifacts serve as a post hoc mechanism to record the results of the design thinking, and as stepping stones for the subsequent steps of the process. Each intermediate artifact also provides an opportunity to evaluate the completeness and quality of the analysis/design effort, enabling modifications to be made early in the process. The linkage between art ifacts also ensures an integrative process; changes in one-artifact cascades along the design thread necessitating changes to all. 2.1. High-Level Requirements for DSS in Contexts like Harbour Protection The aim of a DSS is to enable the members of the operational co mmun ities at all levels (fro m first responders through upper-level management) to wo rk together effectively in emergency situations, when engaged, for examp le, in crisis response and consequence management. The numerous objectives of supporting systems can be summarized as [3]: 1.

Enhance collect ive decision-making capabilities:

a) Support users in achieving informat ion superiority: Improve situation analysis support to enhance the SA of responders. Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

É. Bossé and P. Valin / Decision Support Systems Design

99

Provide the emergency situation picture tailored to the user’s needs. Provide users with the specific informat ion required to perform their functional responsibilities during crisis or conflict. Support the development, maintenance and sharing of the co llect ive “battlespace knowledge.” Exchange informat ion within and across jurisdiction boundaries. b) Improve decision support to enhance the critical decision-making of responders regarding scarce response resources. c) Support rapid incident assessment and management. 2.

Improve the effect iveness and efficiency of inter-agency co-operation, coordination, interoperability and decision-making:

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

d) Coordinate mult i-national and mult i-agency operations in a seamless environment. e) Provide a solid collaborative solution to the many part icipating organizations and individuals across multip le jurisdictions. f) Link jurisdictions into a trusted federation. g) Facilitate secure interaction between jurisdictions, while leaving access control decisions under each jurisdictional authority. h) Better exp loit critical data, information, knowledge, services, applications, tools and products offered by the legacy systems of the operational commun ity. i) Improve the integration of existing operational info rmation systems. j) Operate at mult iple scales regarding time, space, co mputer capacity, visualization and human-co mputer interface capacity, bandwidth, security levels, training levels, financial resources, …etc. k) Support scenario rehearsal, exercises, training, readiness assessment, post -event reconstruction to enhance collective readiness. 3.

Improve the efficiency of the emergency response workers:

l) As individual workers, as co mmunities, and as groups. m) Independently fro m their co mputer literacy level. n) Without revolutionizing organisation values, business rules and work layouts. 4.

Reduce the response time.

The DSS is an example of an innovative information management and integration system (providing the informat ion management technological glue) developed to meet requirements such as the ones listed below: 5. o) p) q) r)

Allow a timely and secure integrated/federated access:

To multip le types of data, information, knowledge and expertise; To multip le types of services, applications, tools and products; Fro m wide variety of heterogeneous, distributed sources and disparate providers; To data, services, etc., maintained by their o wners;

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

100

É. Bossé and P. Valin / Decision Support Systems Design

s) t) u) v)

Fro m any med ia; With mu ltip le formats; Fro m vary ing levels of abstraction; Within and across jurisdiction boundaries, regardless of what agency operates the facilit ies where the critical data, informat ion, knowledge, expertise, services, applications, tools and/or products reside.

6. 7.

Allow arbitrary navigation, fro m a single workstation, on the sources of data, informat ion, knowledge, expert ise, services, tools and products. Timely find and provide the users with the right, trustable data, information, knowledge and expertise:

w) Allow semantic connections on sources of data, information, knowledge, expertise, services, applications, tools and products. x) Allow searching and ext racting informat ion that is tru ly relevant to the work and to what is needed at the time where the search is performed. y) Integrate/aggregate/fuse the data, information and knowledge: Allow various forms of aggregation/fusion depending on users’ preference and/or true value of the results. Create new products on the fly through combining different datasets. z) Provide data, informat ion, knowledge and expert ise relevant to the various user roles and responsibilit ies in tailorable v iews, with adaptable and flexible tools. aa) In context of the work, take into account individual user interests and group constraints within a dynamic and evolving task context (in a changing environment).

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

8. 9.

Manage the data, informat ion, knowledge, expertise, services, applications, tools and products. Distribute/exchange/share the data, information, knowledge, expert ise, services, applications, tools and products:

bb)Rapid d issemination toward the intervention site. cc) In the appropriate form and level of detail. dd)To users at all echelons. ee) Allow easy contribution to the collective “battlespace knowledge”. ff) Allow easy contribution to the collective response. 10. Provide services for synchronous and asynchronous collaboration among a variety of responders: gg)Interact with other people. hh)Expertise grouping. 11. Make relevant task support tools readily/easily availab le to users, according to the task being performed, and according to the preferred ways of working, skills and community of practice.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

É. Bossé and P. Valin / Decision Support Systems Design

101

12. Provide personalization capabilities in terms of data, informat ion, and knowledge content and expertise, services, applications, tools and products: ii) Provide users with designated working spaces, called portfolios. jj) Display, manage or produce documents related to user’s assignment and responsibility. kk) Tap on task-specific tools (temp lates, wizards, lessons learned, etc.). ll) Access specific specialized tools such as systems or applicat ions (e.g. a planning application). 13. Allow s mart navigation fro m any element of the portfo lio universe, e.g. to ju mp fro m a particu lar paragraph in a working document into the appropriate section of an external system source corresponding to the meaning of that paragraph. 14. Allow the activation or deactivation of the contextual assistant in certain fu zzy scoped areas. 15. Allow a continuous formulation of the contextual meaning of the work as actions are performed. 16. Keep track o f all documents and actions taken when assuming the duty. 17. Tackle many crit ical issues regarding system and data security, privacy and confidentiality, and authentication:

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

mm) Provide fine grain user management and access control. nn)Allow a security strategy that matches the nodal network and informat ion pull approach. In view o f the discussions above, working effectively in terrorist emergency situations requires the ability to communicate and coordinate multi-national and mult iagency operations in a seamless environment. There are vast quantities of data and informat ion requiring weeding, sorting, and analysis. Clearly, advanced informat ion management technology is required to enable emergency response communities to timely and securely access data, informat ion, services, etc. relevant to their ro les and responsibilit ies, within and across jurisdiction boundaries, regardless of what agency operates the facilities where these critical assets reside. Unfortunately, the current situation limits the integration of the assets fro m different sources, thereby limiting their impact on efficient emergency interventions. Broad integration has yet to be ach ieved in Canada, or within other nations, and would constitute a breakthrough. Interoperability between systems and data is also a major problem in many informat ion technology (IT) pro jects. One would like to better exp loit the existing legacy IT systems through synergistic integration, without the need for extensive re-engineering or major alteration to the business process of each individual participant. This is a key problem currently faced by governments and industries.

3. Conclusions This paper discussed decision support design methodologies and requirements applied to complex environ ments such as harbour protection. The perspective was to balance the human factor and technology in order to design cognitively fitted supporting

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

102

É. Bossé and P. Valin / Decision Support Systems Design

systems. The JIMP environment is co mplex and necessitates CSE approaches to better intervene when designing tools to support decision -makers in such environments. A coarse analysis of the domain characteristics and high -level requirements for decision support were presented. The reco mmendations to use CSE to design decision support systems could lead to a better understanding of how to intervene in such a complex field of application in order to enhance collective read iness and the safety of people and critical infrastructures.

References [1] [2] [3] [4] [5] [6] [7]

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

[8]

É. Bossé, J. Roy and S. Wark, Concepts, Models, and Tools for Information Fusion, Artech House, Norwood, MA, 2007. É. Bossé, P. Valin, Definition of Data/Information Fusion in the Context of the C4ISR Campaign Plan, DRDC Valcartier TN 2008-538. É. Bossé, J. Roy, Applying Decision Support and Data/Information Fusion/Management Concepts for Emergency Response in the Context of Harbour Protection, NATO Advanced Research Workshop, Tallinn, Estonia, 27 June - 1 July 2005. W.C. Elm, S.S. Potter, J.W. Gualtieri, E.M. Roth, J.R. Easter, Applied cognitive work analysis: A pragmatic methodology for designing revolutionary cognitive affordances. E. Hollnagel Ed, 2003. Handbook of cognitive task design. Mahwah, New Jersey : Lawrence Erlbaum Ass. J. Rasmussen, Information Processing and Human-Machine Interaction: An Approach to Cognitive Engineering, North-Holland, New York, 1986. J. Rasmussen, A. M. Pejtersen, L. P. Goodstein, Cognitive Systems Engineering. New York: Wiley & Sons, 1994. J. Roy, A knowledge-centric view of situation analysis support systems, DRDC Valcartier TM 2005419, 2007. K.J. Vicente, A Few Implications of an Ecological Approach to Human Factors, Lawrence Erlbaum Associates, NJ, 1995.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security E. Shahbazian and G. Rogova (Eds.) IOS Press, 2010 © 2010 The authors and IOS Press. All rights reserved. doi:10.3233/978-1-60750-621-8-103

103

Information Quality and Decision Making in the Human-in-the-loop Environment Galina ROGOVA Encompass Consulting, USA

Abstract. Harbour protection requires monitoring the global maritime domain for building a dynamic situational picture in order to increase the ability of the decision makers to predict threat and manage operations to mitigate their possible impact. Effective situation assessment and decision making call for an integrated human-machine information environment, in which some processes are best executed automatically while for others the judgment and guidance of human experts and end-users are critical. Thus decision making in the integrated information environment requires constant information exchange between human and automated agents that utilize operational data, data obtained from sensors, intelligence reports, and open source information. The quality of decision making strongly depends on the quality of such input data as well as the information produced by automated agents and human decision makers. Designing the methods of representing and incorporating information quality into this environment is a relatively new and a rather difficult problem. The paper discusses major challenges and suggests some approaches to address this problem.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Keywords harbour protection, human-system integration, information quality, ontology, decision making, quality control

Introduction One of the key goals of strengthening harbour security is to “increase maritime domain awareness – a combination of intelligence surveillance and operational information to build as complete a picture as possible to assess the threats and vulnerabilities in the maritime realm” [4]. Maintaining coherent situation awareness requires monitoring the global maritime domain and building a dynamic situational picture in order to increase the ability of decision makers to predict threats and manage operations to mitigate their possible impact. Building such a current and predicted situational picture involves gathering and fusing a large amount of uncertain heterogeneous multimedia and multispectral information coming from geographically distributed sources to gain knowledge of the entire domain. Information to be processed and made sense of includes but is not limited to data obtained from Automatic Identification System, sensor data (underwater sensors infrared imagers, radars, etc.), surveillance reports, human intelligence reports, operational information, and information obtained from open sources (internet, papers, radio, TV, etc). Successful processing of this information also demands information sharing and dissemination, and action cooperation of multiple maritime stakeholders such as different national and international authorities, navies, coast guards, law-

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

G. Rogova / Information Quality and Decision Making

104

enforcement and regulatory agencies, and commercial shipping and insurance companies. Such complex environments call for an integrated human-machine system, in which some processes are best executed automatically while for others the judgment and guidance of human experts and end-users are critical. Automatic processes support human users by affording them with inferred object tracks and identities, relations between them, as well as possible current and predicted future states of the maritime environment (situations and threat) and ideally support assignment of likelihood or plausibility tags. In their turn, human users not only utilize the results of automated processes for decisions and actions but also frame queries to give context to the machine processes as well provide information (e.g. degree of beliefs, situational hypotheses, utilities, arguments, and preferences) by utilizing their experience and flow of observations. Real-time information exchange in such integrated humanmachine system is presented in Figure 1.

Fusion processes

Data and Information sources: •Sensors •Open source information •Intelligence reports •Operational information

Experts and end users

Level 2

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Level 1

•Beliefs •Opinions •Arguments •Hypotheses •Utilities •Preferences •Decisions

•Objects •Relations •Situations •Vulnerabilities •Threats Level 3

Level 4

Context Figure 1. Information exchange in the human-system environment

The problem of building such integrated systems is complicated by the fact that data and information obtained from observations and reports as well as information produced by both human and automatic processes, are of variable quality and may be unreliable, of low fidelity, insufficient resolution, contradictory, and/or redundant. At the same time, the quality of the current and predicted situational picture and, therefore, the quality of decisions and actions, strongly depends on the accurate assessment and intelligence exploitation of the knowledge of the quality of these data and information. The subject of information and data quality has been receiving significant attention in the recent years in areas such as communication, business processes, personal computing, health care, and databases, while the problem of information quality in

fusion-based human-machine systems for decision making has attracted less attention. There are many research questions related to the information quality problem in the human-system integrated environment, including: Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

G. Rogova / Information Quality and Decision Making

• • • • • • •

105

What is ontology of quality characteristics? How to assess information quality of incoming heterogeneous data as well as the results of processes and information produced by users? How to combine quality characteristics into a single quality measure? How to evaluate the quality of the quality assessment procedures? How incorporate quality into integrated human-machine systems to compensate for various information deficiencies? How do quality and its characteristics depend on context? How does subjectivity, i.e. user bias, affects information quality?

The remainder of this paper represents an effort to address some of these questions.

1. Information Quality: Definitions and Ontology There are several definitions of information quality available in the literature: 1. 2. 3.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

4.

“Quality is the totality of characteristics of an entity that bear on its ability to satisfy stated and implied needs.” [15] “Quality is the degree to which information has content, form, and time characteristics, which give it value to specific end users.” [8] “Quality is the degree to which information is meeting user needs according to external, subjective user perceptions.” [13] "Quality is fitness for use." [7]

While having different emphases, all of these definitions point to the fact that information quality is a “user-centric’ notion and needs to be measured in terms of the potential or actual value for users. In the human-system context, and in this paper, the term “users” will refer to humans or automated agents and models. Information Quality (IQ) represents “information about information,” or metainformation, and the best way to represent and measure the value of this metainformation is through its attributes, since, “without clearly defined attributes and

their relationships, we are not just unable to assess IQ; we may be unaware of the problem.’’ [2] These attributes have to be considered in relations to specific user objectives, goals, and functions in a specific context. Due to the fact that all users, whether human or automatic processes, have different data and information requirements, the set of attributes taken into consideration and the level of quality considered satisfactory, vary with the user’s perspective, type of model, algorithms, and processes comprising the system. Therefore the general ontology designed to identify possible attributes and relations between them in a human-machine integrated system will require instantiation in every particular case. There have been multiple views on information quality ontologies, identifying quality attributes, classifying them into broad categories and relations. In [13] data quality was classified into four categories: intrinsic, contextual, representational, and accessibility. In [6] three categories were enumerated: pragmatic (relevance, completeness, etc.), semantic (accuracy, reliability, etc., and syntactic (correctness, consistency, accessibility, etc.), while in [2] four sets were identified: integrity,

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

106

G. Rogova / Information Quality and Decision Making

accessibility, interpretability and relevance. In [11] information imperfection, a limited subcategory of IQ, was classified into two general categories: uncertainty and imprecision. The type of information exchange in the fusion-based human-system environment as presented in Figure 1 notes the three main interrelated categories of information quality proposed in this paper (Figure 2): 5. 6. 7.

Quality of information source. Quality of information content. Quality of information presentation.

The metrics associated with each of these categories are both user- and timedependent. Quality of data and information

Quality of information source

Quality of information content

Quality of information presentation

Figure 2. Information quality ontology (a fragment)

The next subsections will consider these quality characteristics in more detail.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

1.1. Quality of Information Content There are five major attributes of the quality of information content: accessibility, availability, relevance, timeliness, and integrity. Accessibility and availability refer to the users' ability to access this information effectively. Accessibility is related to the cost of obtaining this information. Availability is an important characteristic, which has a binary value since information can be either available or not. If availability is 0, all other attributes are irrelevant. At the same time, even if information is currently unavailable to an agent, it does not mean that it will always be unavailable to all agents. Thus, the other attributes still matter to the integrated system. Timeliness as an attribute of the content of information is different form timeliness of information presentation and can be measured by the utility of the information under consideration at the time it becomes available. Data and information can be designated relevant if the outcome of the process, decisions, or actions change with the change of the data/information. For example, information can be considered relevant for situation assessment if a change of its value affects the uncertainty of hypotheses about this situation or the values of utilities of a set of possible courses of action. Integrity or lack of imperfection of the information content is the most studied category of information quality (see, e.g. [1], [2], [9], [11], [12]). In the context of a human-system integrated environment, imperfection can be defined as something that

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

G. Rogova / Information Quality and Decision Making

107

causes inadequacy or failure of decision making and/or actions. Following [11], we consider two major characteristics of imperfection: uncertainty and imprecision. Uncertainty arises from a lack of information [11] and can be either objective, represented by probabilities reflecting relative frequencies, or subjective, represented by credibility (believability) describing information that is not completely trustworthy. Both probability and credibility in turn can be not completely accurate, which calls for an additional attribute: reliability. Imprecision can be possessed by information either with or without error. Thus information without error can be approximate (lacking accuracy) or conflicting and inconsistent. Two latter attributes make sense when information either has several pieces or when it is compared with some background information, e.g. databases or information obtained or inferred earlier. Information with error can be incomplete, deficient (lacking important pieces, which prevents its usage), vague (ambiguous), or fuzzy (not well defined). The ontology of the quality of information content adopted in this paper is presented in Figure 3.

Quality of information content Availability

Accessibility

Timeliness

Integrity

Relevancy

Uncertainty

Reliability

Credibility

Imprecision

Probability

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Data without error

Conflict

Data with error

Accuracy

Vagueness

Completeness

Consistency Fuzziness

Deficiency

Figure 3. Ontology of quality of information content

1.2. Quality of Information Sources From the information quality point of view, we consider two types of information sources: subjective and objective. Subjective sources such as human observers, intelligence agents, newspaper reporters, experts and decision makers, supply observations, subjective beliefs, hypotheses, and opinions about what they see or learn. These sources use subjective judgment to produce this information, the quality of which is defined by their level of expertise, reputation, and objectivity, and their intentions are defined by truthfulness. Information coming from subjective sources is usually represented in non-numeric form (so-called “soft information”). The quality of objective information sources such as sensors, models, and automated processes is free from biases inherent to human judgment and depends only on how well sensors are calibrated and how adequate models are. As opposed to subjective sources, objective

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

G. Rogova / Information Quality and Decision Making

108

sources deliver information in numerical form (so-called “hard information). The quality of objective sources comprises relevance of the source, which in most cases describes the quality of an objective open source, e.g. a source containing objective statistical information as well as their credibility and reliability. Relevance, credibility, and reliability can also measure the quality of subjective sources. An example of credibility is the frequency, with which a process, a model, or a human agent produces a correct answer. Reliability is related to the quality of beliefs, plausibility, or probability assigned to this answer by a human agent or a model [9]. An ontology of the quality of information sources is presented in Figure 4. Quality of information sources

Subjective sources •Observers •Decision makers •Experts •Open sources

Objectivity

Objective sources

Reliability Relevance

Level of expertise

Credibility

Reputation

•Sensors •Models •Databases •Machine processes •Objective open sources

Truthfulness

Figure 4. Ontology of quality of information source

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

1.3. Quality of Information Presentation The quality of information presentation affects the perception of decision makers and end users, and influences their actions, decisions, judgments and opinions. Information must be presented on time and in a way that makes it understandable, complete, and easy to interpret. Thus attributes of the quality of presentation are related to when, how, and which information is presented. The ontology of the quality of information presentation is shown in Figure 5. Quality of information presentation

Understandability

Completeness

Timeless

Interpretability

Figure 5. Quality of information representation

Timeliness is affected by two factors: whether the information is presented by the time it must be used and whether the dynamics of information in the real world is reflected by the dynamic of information presentation (when information is presented). Completeness is the ability of an information system to represent every meaningful state of the real world system by representing all necessary information related to this state [14]. An important related problem here is whether it is beneficial to present the

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

G. Rogova / Information Quality and Decision Making

109

value of information quality along with information itself [3], [14]. For example, it was found that the benefits of incorporating meta-data depend on the experience of the decision maker [5]. Interpretability and understandability define to what extent users can understand the information presented and can follow the logic of the automatic processes producing this information. It is important to mention that the quality of such information attributes as interpretability and understandability depends on the level of training and expertise of the user and can be high in one use and poor in others.

2. Where the Numbers Come From: Assessing the Values of Information Quality In order to compensate for insufficient information quality in a fusion based humanmachine system, it is necessary to be able to assess the values of quality attributes and combine these values into an overall quality measure. As was mentioned above, the value of quality is user, time and context specific. For example, information about containers arriving in a harbour is not relevant when we are evaluating threat presented by a small boat approaching a cruise ship. Another example is the reliability of an optical sensor, which can be very reliable during a sunny day and not reliable at night. Depending on the context and user requirements, overall quality may relate to a single attribute, a combination of several or all the attributes. The information quality of single attributes can be assigned by utilizing:

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

• • • • •

A priori domain knowledge. Outputs of models and processes producing this information. Learning from examples. A level of agreement between sources (e.g., sensors or experts). Subjective judgment of human users and experts based on their perception.

A priori domain knowledge about the context of the problem under consideration can provide quality values for many attributes, such as source reputation, information availability and accessibility, or sensor reliability and credibility, which will be difficult or even impossible to estimate otherwise. In many cases, a priori domain knowledge does not directly contain values of quality attributes, but information such as training patterns that can be exploited for learning. The attributes, which quality can be learned from training patterns, include for example credibility or reliability of sources whether human, sensor, or models. Models and processes outputs can serve as a source for assessing the integrity of data obtained with these models (reliability, level of conflict, credibility). The subjective judgment of humans or experts are used when there is no a priori domain knowledge e.g., probability of non-repeatable events, or when it is important to know the quality of information from the subjective point of view of an expert, e.g. the level of understandability of information. While the value of any IQ attribute may be defined in various ways, the users and process designers are mostly interested in how good quality is. Thus quality scores often measure the level of satisfaction with the information under consideration, in relation to the decision makers’ goals and objectives or the purpose of the models or processes. The level of satisfaction for objective quality attributes is based on attribute values and can be expressed either in linguistic form (e.g., good, fair, bad) or

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

G. Rogova / Information Quality and Decision Making

110

numerically by a number from the interval [0 1]. Some attributes, e.g. availability, have binary values (0 or 1) only.

3. Quality Control The success of decision making in a complex human-system environment depends on the successful awareness of, and compensation for insufficient information quality at each step of the information exchange. It is necessary to mention that good quality of input information does not, of course, guarantee sufficient quality of system output. Thus, quality considerations play an important role whenever raw data (sensor reading, open source and database search results, and intelligence reports) enter the system as well as when information is transferred between automatic processes, between humans, and between automatic processes and humans. Quality control strategies can include:

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

• • • •

Eliminating low quality information from consideration. Incorporating information quality into models and processes. Utilizing process refinement by sensor management. Delaying accession of information to the next processing level or to decision makers until it has matured as a result of additional observations and/or computations improving its associated IQ.

Selection of a particular quality control method depends on the quality attributes under consideration. For example, irrelevant information is usually eliminated form consideration while reliability is often incorporated into models and processes. Methods of incorporating reliability into processes are discussed in [9]. Delaying the transfer of information can be used for dealing with such attributes as reliability, credibility, completeness, or availability, the quality of which can be improved over time when more information becomes available. Implementation of the quality control measures requires a criterion to be used for defining when the quality of information is not sufficient. One such criterion is threshold satisfaction when the value of a quality attribute or a combination of several attributes is compared with a certain threshold. This threshold is highly context specific and depends on decision makers and their attitude toward risk. The strategy of delaying the transfer of information usually involves incorporating into the overall quality measure such attribute as timeliness. For example, dealing with threat in a port requires timely decisions and swift actions. Waiting may result in unacceptable decision latency leading to significant damage and casualties. At the same time, the cost of false alarms can be very high, since it can result in the disruption of port operations, the waste of valuable resources, and scepticism leading to limited compliance when future alarms are sounded. Therefore, the cost of waiting for additional information or the cost of additional computation delay to produce information of better quality and reduce false must be justified by the benefits of obtaining results of better quality. This can be achieved by either implicitly modelling the expected utility of making a decision at a certain moment, or by comparing the quality of information achieved at a certain time with a time varying threshold [9].

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

G. Rogova / Information Quality and Decision Making

111

4. Conclusions This paper discusses major challenges and some possible approaches to addressing the problem of data and information quality in the human-machine information environment. In particular, this paper presents an ontology of information quality and identifies potential methods of assessing the values of quality attributes. Designing methods of representing and incorporating information quality into a fusion-based integrated human-system information environment is a relatively new and rather difficult problem and more research is needed to confront all its challenges.

Acknowledgements The author thanks Peter Scott for valuable discussions.

References

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

[1]

P. Bosc, H. Prade, An Introduction to the fuzzy set and possibility theory-based treatment of flexible queries and uncertain or imprecise databases, in A. Motro, P. Smets, editors, Uncertainty in Information systems: from needs to solutions, 285-324, Kluwer, 1997. [2] M. Bovee, R. P. Srivastava, B. Mak, A Conceptual Framework and Belief-Function Approach to Assessing Overall Information Quality International Journal Of Intelligent Systems, 18, 51–74, 2003. [3] I. Chengalur–Smith, D. Ballou, H. Pazer, The impact of data quality information on decision making: an exploratory analysis, IEEE Tran. on Knowledge and Data Engineering, 11, 6, 1999, 853-864. [4] Admiral T. H. Collins, Statement on transportation security before the committee on commerce, science, and transportation, U. S. Senate, 2003. [5] C. W. Fisher, I. Chengalur–Smith, D. P. Ballou, The Impact of Experience and Time on the Use of Data Quality Information in Decision Making, Information Systems Research, 14, 2, 2003, 170-188. [6] M. Helfert, Managing and Measuring Data Quality in Data Warehousing. In: Proc. of the World Multiconference on Systemics, Cybernetics and Informatics, 55-65, 2001. [7] J. B. Juran, A.B. Godfrey Juran's Quality Handbook, 5th edition, McGraw-Hill., New York, 1988. [8] J. A. O'Brien, G. Marakas. Introduction to Information Systems, McGraw-Hill/Irwin, 2005. [9] G. Rogova, V .Nimier, Reliability in information fusion: literature survey, in: Proc. of the FUSION’2004-7th Conference on Multisource- Information Fusion, 2004, 1158-1165. [10] G. Rogova, P. Scott, C. Lollett, Distributed Fusion: Learning in multi-agent systems for time critical decision making, in: Data Fusion for Situation Monitoring, Incident Detection, Alert and Response Management, E. Shahbazian, G. Rogova, P. Valen (eds), FOI Press, 123-152, 2005. [11] P. Smets, Imperfect information: Imprecision - Uncertainty. Uncertainty Management in Information Systems. From Needs to Solutions. A. Motro and Ph. Smets (eds.), Kluwer, 225-254, 1997. [12] M. Smithson, Ignorance and Uncertainty, Emerging paradigms, Springer Verlag, 1989. [13] R.Y. Wang and D.M. Strong, Beyond Accuracy: What Data Quality Means to Data Consumers, J. Management Information Systems, Springer 1996, pp. 5-34. [14] Y. Wang, R. Wang, Anchoring Data Quality Dimensions Ontological Foundations, Communications of the ACM, 39, 11, 1996. [15] Standard 8402, 3. I, International Organization of Standards, 1986.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

This page intentionally left blank

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security E. Shahbazian and G. Rogova (Eds.) IOS Press, 2010 © 2010 The authors and IOS Press. All rights reserved. doi:10.3233/978-1-60750-621-8-113

113

Intelligence Processing for Decision Support in Defence and Security

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Joachim BIERMANN Department for Sensor Data and Information Fusion FGAN-FKIE, Germany

Abstract. Decision makers in defence and security require timely and accurate situational awareness to prevent or defeat evolving threats. Particularly in the area of unconventional conflicts or homeland security, e.g. in the fight against organized crime and terrorism, heterogeneous and complex non-military factors influence the situation. To be able to automatically support human operators in the intelligence processing, a sound understanding of the reasoning of operators in the human dominated area of heuristic information, processing and fusion is necessary. The main intelligence processing steps, which are not dependent of the area of application, are described in this paper. Large volumes of information and data from various types of sources and agencies have to be processed in order to gain an appropriate awareness of the situation. Structured data is a necessary precondition for any automated processing. Therefore, a particular attention is paid to the collation step, which is the structuring of all incoming information. Special tools supporting military operators in structuring text information are presented as an example of the actual interactive approach to coping with semantic information. A second challenging aspect of the automation of information fusion is the heuristic nature of human decision making. The human method of default reasoning, based on knowledge about the behaviour and structure of adversary factions, can be used for a model-based approach to support the transformation of information into intelligence. For civil security, as in (air)ports or public transportation, near real time data and information processing for situation awareness is more important than long-term reconnaissance for threat detection. The integrated processing of sensor data and background information based on available knowledge about relevant factors of the situation, including tactical and operational behaviour information of the objects under concern, will improve sensor data processing algorithms and contribute to tactical intelligence for threat detection and situational awareness as a necessary precondition for decision support. HAMLeT, a demonstration system for the localization of hazardous material and person tracking, is presented as an example of support for security personnel monitoring an access control areas.

Keywords. intelligence processing, semantic information structuring, behaviour model, default reasoning, interactive information processing, decision support

Introduction The intelligence processing is an essential task not only in military command and control but also for border control, homeland security and disaster management. A most accurate awareness of the actual situation, including the assessment of the potential situation development and threats, is essential for to all decisions and other

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

114

J. Biermann / Intelligence Processing for Decision Support in Defence and Security

activities. An intelligence cell needs the capability to collect, process and disseminate a wide variety of data and information produced by the full spectrum of technical sensors, HUMINT, and socio-political sources. Major challenges of intelligence processing are: first, the danger that processing capability will be overtaken by the sheer volume of information that is available in very large quantities and various formats; second, and especially true for asymmetric threats, collected information and knowledge is mainly unstructured by nature and typically provided as text documents. Therefore, as an inevitable precondition for being processed automatically, relevant information has to be extracted and structured efficiently so that this type of input can be readily and efficiently exploited for all of its intelligence value [4]. The urgent requirement for reasoning methods and procedures, which give automated support to the further analysis and integration of structured semantic information, defines another challenge. Shortcomings of the ability to make deductions about missing and conflicting information, and the current inability to support automatic context based correlation and reasoning about vast amounts of information are drawbacks to providing a coherent overview of unfolding events. Section 1 explicates the main aspects of information processing in intelligence by revisiting the intelligence process with particular attention paid to collation and Analysis; the requirements for automated decision support are presented. Examples of existing solutions for interactive information processing and decision support are offered in section 2 by introducing two tool suites for automatic collation and link analysis. Section 3 presents HAMLeT, a demonstrator for real time support of security personnel in detecting explosive material. Section 4 concludes with some final remarks.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

1. The Basic Structure of Intelligence Processing In the military area as well as in homeland or civil security, intelligence is the process and service, which provides a commander or a decision maker with the necessary information about his own situation, the situation, capabilities and assumed intensions of relevant other factions, possible developments of the situation, and recognized or potential threats. ‘Situation Awareness’ and ‘Threat Assessment’ have to be done in the most timely and reliable fashion to serve as a basis for all own decisions and actions. Therefore, intelligence cells have to process and evaluate a huge amount of incoming information provided by very different and heterogeneous sources. The increased amount of data and information, and the growing complexity of the information context that has to be taken into account have made this task more and more demanding for the analysts. In this environment, automatic support for human operators would substantially contribute to a comprehensive and thorough information processing. To be able to provide any automatic support to the production of intelligence, a sound understanding of the reasoning of operators in the human dominated area of heuristic information processing and fusion is necessary. 1.1. The Process Flow and the Functional Steps of the Intelligence Cycle The processing of information for the production of intelligence is performed in a structured and systematic series of operations, which is called the Intelligence Cycle. It includes four stages, Direction, Collection, Processing and Dissemination, which are defined by the NATO Glossary of Terms and Definitions [15]. The representation of Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

J. Biermann / Intelligence Processing for Decision Support in Defence and Security

115

this process flow in Figure 1 shows that the Orientation and Decision phases of the Command and Control Cycle, also called OODA loop, interface with the Direction phase of the Intelligence Cycle. Intelligence is usually driven by the Commander’s Critical Information Requirements (CCIR), from which Priority Intelligence Requirements (PIR) are derived. Observation

OODA Action

Orientation

Loop

CCIR+PIR

Direction

Intelligence

Decision Perceived Situation

Dissemination

Collection

Cycle Targeting

Processing

Collation Evaluation Analysis Integration Interpretation

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Figure 1. Intelligence Cycle interfacing with OODA Loop

The Processing phase is the most essential part of the intelligence cycle with respect to the exploitation of all data and information. It is defined as: “The production of intelligence through Collation, Evaluation, Analysis, Integration and Interpretation of information and/or other intelligence.” [15] These discrete stages are resulting in the distribution of the finished intelligence product. It is a structural cyclic series of actions where the information collected in response to the commander's directions (CCIR, PIR) is converted into different intelligence products providing a service to all force customers, from rank and file to commanders, who order products in the context of their own situations. A detailed description of this structured processing can be found in [16]. In spite of all technical improvements in information technology, the essential component of intelligence production is still a human cognitive process, which applies heuristic procedures based on personnel skill and experience. These human procedures have to be carefully analyzed to understand the experts' view and cognitive processes, and to adapt human principles and methods for automated information processing concepts and procedures (see section 1.2). Figures 2 and 3 illustrate the different functional processes supporting the intelligence cycle with focus on the processing phase and, more specifically, on Collation and Analysis aspects. As mentioned above, the CCIR and other information requirements of the commander and his staff trigger the intelligence processing (see c in Figure 2). Incoming information first has to be digitized, and if necessary, logged and stored into a data management system. This part is covered by d in Figure 2. The main function of such document management relates to the ability to register and store structured and unstructured documents in a document database. A further, more

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

116

J. Biermann / Intelligence Processing for Decision Support in Defence and Security

content related functionality of the data and information database is to enable the discovery of knowledge in the context of a respective information requirement. The function of knowledge discovery includes interactive capabilities for guiding the user through the process, which represents a different way of searching and retrieving information from large information sources. Depending on the kind of data and knowledge representation, it exploits structures such as semantic networks and ontologies to establish links between domain models and information sources, and helps users to find relevant information. These functions directly support the collation process described below. Direction

1

Collection 2

Preprocessing Incoming Data & Information

Information Management

Information DB

COLLATION Information Structuring Categorization Cross (Context depend. Referencing categories)

3

Information Decomposition & Extraction

Evaluation 4 Structured Information DB / KB

- Reliability Source - Credibility Info

Direction

1

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Figure 2. Information pre-processing and functions of the collation step

To answer pending 'Requests for Information' (RFIs), topical information has either to be retrieved from available databases or newly collected. During the Collation step (indicated by e in Figure 2), this information is decomposed into individual items, which are grouped by categories relevant to the mission context and then crossreferenced with previously processed information items. This grouping of information provides, among others, a record of events, organizations and persons, and facilitates further processing [15]. A structured information set is thus established and , serves as the main bases for intelligence production. By indexing, categorizing (and classifying) and cross-referencing all information appropriately, the intelligence organization avoids losing important data. A special problem arises from the fact that much of the information fed into intelligence cells is to be found within text documents and is often not in a format suitable for machine manipulation. This is well known from actual military asymmetric operations, homeland security or defence against terrorism. Therefore, any automated support of the collation step essentially requires the extraction of relevant information from incoming unstructured pieces of semantic information as well as the structured representation of these newly processed information items (see section 2).

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

J. Biermann / Intelligence Processing for Decision Support in Defence and Security

117

Evaluation: The evaluation of the reliability of sources and the credibility of collected information is usually done implicitly by intelligence analysts as soon as the relevant information has been extracted. For the sake of automation and collaboration, it should be annotated explicitly as a tag on the piece of information or document (f in Figure 2). In the context of semantic information from HUMINT and OSINT sources, evaluation is very much an experience based task with highly subjective results. Analysis: According to the NATO AAP6 definition, "… information is subjected to review in order to identify significant facts for subsequent interpretation." [15] It consists of a number of interacting sub-processes resulting in the analyst answering questions like: Who /What is it?, What does it mean?, Why is it happening? etc., in order to recognize indicators and warnings.

Structured Information DB / KB Direction

1

Patterns Indicators Models

ANALYSIS & INTEGRAT ION 5 Link Analysis - Correlation - Association

Aggregation

Evaluation

Integration

Interpretation

PCS

EFS

4

6 Dissemination

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Figure 3. Functions of the analysis, integration and interpretation steps

Integration: "… analyzed information or intelligence is selected and combined into a pattern in the course of the production of further intelligence." [15]. This is the process of building ‘pictures’ of the current (Perceived Current Situation: PCS, see Figure 3) and of predictive future situations (Estimated Future Situation: EFS, see Figure 3) from all gathered and analyzed information. In practice, Analysis and Integration (see g in Figure 3) are usually performed as a combined step within the overall process flow. It is here that intelligence is produced and fusion of information into an operational picture of the situation takes place. Supporting the human operator in performing link discovery and analysis is an important requirement for an intelligence processing system. This ability depends on the system capacity to automatically or semi-automatically allow the identification of specific objects of information and all related categories such as location, time, cause, originator, subject, etc. Once those links are enabled, identified and validated, analysts obtain a better and more focused image of the situation. Disparate pieces of information that had little or no value when considered independently could have a whole new meaning when combined and linked to form a pattern (the fundamentals of pattern based information fusion are discussed in section 1.2). Cross-referencing or

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

118

J. Biermann / Intelligence Processing for Decision Support in Defence and Security

link creation is carried out during the 'Information Structuring' process of the collation step (see e in Figure 2). Link discovery and analysis are working on the “Structured Information DB / KB” within the “Analysis and Interpretation” process (see g in Figure 3). The resulting information is stored back into the “Structured Information DB / KB”. Link analysis is a capability that can support both the collation and analysis processes. In summary, the functionalities of the three processing steps shown in Table 1 are central to the conduction of intelligence.

Table 1. Required functionality for automated information processing in intelligence

Step

Functionalities

Collation

Semantic text extraction

Information structuring

Categorization

Analysis

Correlation

Link analysis

Classification Identification

Integration

Pattern matching

Aggregation

Fusion

This means that to be able to build a system for automated intelligence processing and decision support, a number of requirements and challenges have to be met:

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

1.1.1. Semantic Access to All Information The collation step has to deal with a continuum of different types of information. To produce a reliable and comprehensive operational picture, all available input information and data is needed. Therefore it is necessary be able to get full semantic access to the content of all unstructured text documents. Section 2 presents two tools that support the interactive extraction of text from documents and the categorizing and structuring of information according to the respective information requirements. 1.1.2. Understanding Human Reasoning in Intelligence Processing Within analysis and integration, significant information has to be found and put together to form a situational picture. Human analysts develop an appropriate view of the theatre and battle space, which means they have a mental model of all relevant aspects of the operation. Link analysis is a technique well known by intelligence analysts and other security organizations. It allows for the detection and visualization of inter-related topics to help resolve the “effects- to- cause” puzzles (see Figure 4), which arise when trying to put together all pieces of fractional information to form a coherent and reliable picture of the real situation.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

J. Biermann / Intelligence Processing for Decision Support in Defence and Security

119

Figure 4. Solving the many incomplete puzzles in intelligence [12]

Analysts have to solve many different puzzles at the same time. The problem is similar to the problem of police determining which people belong to which street gangs, what territories they control, and what weapons, tactics, logistics and patterns they use. The basics of the cognition in heuristic intelligence processing are given in section 1.2.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

1.1.3. Knowledge Representation and Methods for Automatic Reasoning To be able to process information automatically to produce intelligence, the human default reasoning approach has to be transformed into a domain model and an appropriate reasoning method. This calls for the methods and tools for (semi-) automatic context dependent fusion of incomplete information (see section 1.3). 1.2. Heuristic Intelligence Processing and Default Reasoning Intelligence cells will never obtain all the relevant information they are asking for, but will be bombarded by partial, false, unreliable, irrelevant, and redundant pieces of information, which they will have to filter according to the information and intelligence requirements given to them by the commander. The human brain permanently selects and inserts relevant information from its internal, mental understanding and model of the situation as it is perceived so far. To this information it adds the experience gained from “similar” problems in order to fuse all this information into a reasonable picture of the situation, thus deciphering the meaning of all pieces of input data. This process roughly describes the main steps and aspects of cognitive reasoning based on patterns, schemata, learning and experience (see e.g. [1]). The principles of “default reasoning” are not dependent on the specific problem area but are a general human problem solving paradigm. In heuristic intelligence processing, constraints with respect to data, information and knowledge available are as follows:

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

J. Biermann / Intelligence Processing for Decision Support in Defence and Security

120

• •

Usually, only general and incomplete information is available about the structure, activities, situation and intent of adversaries and other involved factions. Information gained by reconnaissance is imperfect and incomplete.

This means that, because of lacking knowledge and information, neither the mental model of the situation (“world”) that analysts have is perfect, nor they are provided with a perfect actual world view by the incoming information stream. In order to deduce a more reliable picture of situation intelligence, in spite of these weak preconditions, analysts practice a method of heuristic reasoning which relies on the assumption that: It is common military experience and expert knowledge that the production of intelligence can be done by integrating current information based on the assumption of default behaviour. Behaviour modelling as doctrinal templating [2], is a descriptive, qualitative method of knowledge representation. The situation elements are not only described by their attributes, but also by their relations and dynamic behaviour as well as their potential and intentions. For supporting intelligence systems two different kinds of models are needed 0: •

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

•

Behaviour models describing tactics of potential adversary factions and all necessary pre-conditions for their hostile activities. Models describing 'normality', the common and unsuspicious behaviour of defined subgroups of the population or other elements and groups relevant to the situation.

In case a), analysis is the task of detecting special indicators of activities or status that define by their combination a potentially evolving threat. This approach is used e.g. in low and high intensity conflicts of military or paramilitary type. Threats, like an ambush or an IED attack, are complex sequences and interrelations of different activities having their own structure (pattern). Combined, they form the high-level pattern of the final threat. For an ambush or IED, the following aspects are, among numerous others, relevant to the conduction of these activities: 1.

Physical & material requirements.

− Personnel. • •

Expert knowledge (specialists, training, experience). Combat value of units.

− Equipment. • • •

Arms and warfare agents (explosive, mines, mortars, manpads). Transportation and logistics. Communications.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

J. Biermann / Intelligence Processing for Decision Support in Defence and Security

2.

Space & terrain attributes.

• • • •

Defilade of path of approach. Suitability of location. Distance of operation location. Accessibility of location.

3.

Time constraints.

•

Time slots / reachability.

121

As a consequence, a pattern for an ambush to be used in automatic reasoning should consider and incorporate all aforementioned factors in order to build up a template for analysis and integration. Little and Rogova [7] discuss the formal ontological structure of threats as integrated wholes possessing three inter-related parts: intentions, capabilities and opportunities, and show how these elements stand to one another, as well as to states of vulnerability. These aspects have to be covered by surveillance and reconnaissance to provide the intelligence staff with relevant information. In case b) concerning 'normality', the task is to detect deviations from patterns of 'normal' behaviour. Snidaro, et al. [8] informally define an anomalous event as an event that “…can be automatically detected as a deviation from common patterns of activity.” This definition is used, e.g. in combating terrorism, to identify indicators of suspicious activities [5]. Anomaly detection is increasingly important for decision support, since it can provide hints to the intelligence staff on where additional analysis or information is needed. To detect anomalies in littoral areas, coastal regions and harbours, it is of high interest to be able to define the usual i.e. 'normal' behaviour of maritime traffic. Long term surveillance by appropriate sensor systems, e.g. radar, automatic identification systems like ISPS and other surveillance equipment, provide a database of tracks of individual entities that can be clustered to define standard traffic lines ('roads') (see e.g. [6]). A supporting system for the anomaly detection system then has to maintain a knowledge base of the normal course of events in order to find entities which do not behave according to what is considered normal. 1.3. Knowledge Representation for Automatic Information Processing In a decision support system, all actual and background information, including models of behaviour and normality, have to be processed automatically. The representation of information and knowledge can be based on domain ontology. Ontology, as a semantic description of all objects and classes (or categories) and their relations, incorporates taxonomies, attributes of the objects, and respective values and constraints, rules and schemata representing the behaviour defaults ([8],[10]). Schemata can be well represented as so called feature-value matrices. These are sets of features (or attributes) and value pairs. For schemata, on the top level, the features denote the thematic roles of the represented object or class and the values are feature-value matrices themselves that pool information about the object that fulfils the respective role. From a mathematical

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

J. Biermann / Intelligence Processing for Decision Support in Defence and Security

122

standpoint, a feature-value matrix is a finite set of pairs. Each pair consists of a feature and a value. A feature is always a symbol, a value, however, can be a symbol or a feature-value matrix itself. In addition, the following uniqueness condition holds: Every feature has a unique value. In other words, in a matrix there cannot be two pairs that share the feature but not the value. However, different features may have the same value. These matrices have many beneficial properties. First, underspecified information can be represented, which is important for fusion processing. Second, the matrices obey XML schemata, which allow further automatic processing. Third, the matrices allow unification, a standard computational linguistic algorithm for merging information that we regard as being beneficial in information fusion [10].

2. Interactive Tools for Collation and Link Analysis

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

CoALA [14] and PARANOID [15] are tool suites, which provide intelligence personnel with a functionality supporting the collation of free-text documents and link analysis. This is achieved by supporting interactive extraction of relevant information from free-text source documents and storing that information in a structured database to be further analyzed and relate to other items of information, thus creating intelligence. They are products of a close and intensive collaboration effort between DRDC, Quebec, Canada, and the TNO, Den Haag, Netherlands. They were developed in parallel to the series of NATO RTO Research Task Groups on Information Fusion active since 2000, and have benefited from the results of these groups. CoALA is based on PARANOID and has now been further developed under the responsibility of the Chief of Defence of the Canadian Forces. CoALA will be in operation in 2009. Both tool suites provide intelligence personnel with a functionality supporting the collation of free-text documents. In brief the general characteristics of the tools are: • • •

Rapid collation of unstructured text information into pertinent intelligence products. Identification of hidden patterns and connections within information to focus analysis on counterterrorism, organized crime, threat assessment and incidents. Collaborative collection and analysis enabled.

2.1. PARANOID PARANOID (Program for Analysis Retrieval And Navigation On Intelligence Data) was developed by TNO Defence, Security and Safety. Techniques for searching, storing and analyzing information are implemented and tested in this tool suite. It supports the process of specifying the total functionality for an operational processing system for intelligence, such that it reflects the workflow of an intelligence staff. PARANOID processes information in support of PSO, but is equally applicable to other areas such as counter-terrorism operations, the fight against fraud, and the acquisition of business intelligence.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

J. Biermann / Intelligence Processing for Decision Support in Defence and Security

123

The functions of PARANOID reflect the workflow in the intelligence process, starting from the definition of the information need through to the storage of the final intelligence products. Three main functional areas have been defined. Profiles: In this function the user is able to define certain factors, such as time and space definitions, certain types of events, and particular individuals that have to be taken into account while processing the incoming information. Documents: This function carries out a range of different operations on all incoming information. One example is the storage and transformation of structured and unstructured data from documents into a structured database, carried out by applying different information extraction techniques. Analysis: There is a need for different types of analyses, which are able to support the different sub processes: link analysis, pattern recognition, trend analysis and threat/risk analysis. There is also a need to visualize data and results. This can be achieved not only by using a geographical information system, but also through a number of innovative ways of navigating through a network of different types of related data and information. 2.2. CoALA

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

CoALA is an evolutionary specialized collation tool suite for intelligence analysts based on PARANOID and developed by DRDC Valcartier, Canada. It provides expert applications to exploit unstructured information and populate a structured intelligence database that allows detailed analysis and production of intelligence. Important functionalities that the tool suite is already providing are: Document management: Basic document management functions such as importing, registering, storing and disposing of documents. Information Management: CoALA includes a structured knowledge database that provides a means to record common pieces of information and intelligence in an organized fashion that support the retrieval of that information and intelligence. Data Collation: Capabilities that allow these pieces of information to be related to each other, grouped in related categories and stored into the knowledge database. Data Analysis: To conduct a link, pattern, geospatial and temporal analysis of information and intelligence. The results are stored in the knowledge database. Intelligence production management: Simple means to capture and manage the IR/PIR list and to link the intelligence production back to it. The tool allows for any intelligence products (assessments, analytical charts, briefings and reports) to be stored in the knowledge database with references to all of its supporting material. 2.3. Information Extraction and Structuring One of the core concepts for good analysis in both tools is the collation concept: the extraction of relevant information from unstructured information and transformation into structured knowledge. The extraction of information is predominantly achieved by

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

124

J. Biermann / Intelligence Processing for Decision Support in Defence and Security

interactively tagging relevant parts of sentences from documents (“Statements”) and linking them to “Intelligence Objects” or “IntObjects”. IntObjects are elements of categories of domain items as: Persons, Organizations, Location, Equipment and Facilities. Figure 5 provides an example of a statement (in the rectangle) that is linked to other IntObjects.

IntObject association to relevant topics / categories Facility AL SAYYID MOSQU

A SHA’EEDA BOMBER Person

Location SECTOR 14

Equipment CARBOMB

27 VICTIMS

SUNNI MUSLIMS

Organisation

Organisation

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Figure 5. Interactive information extraction and structuring.

The statement contains different IntObjects that are linked in a standard way (“related to”). Figure 5 shows how relationships between IntObjects, such as between the Person “A Sha’eeda Bomber” and the location “Sector 14” is established by extracting and tagging the single information items. The established new set of structured information is to be integrated into the knowledge base (KB), which represents the so far perceived situation. The KB is searched for already existing IntObjects, which are or may be the same as one of the elements of the existing structured information set. Figure 6 shows that two IntObjects “A Sha’eeda Bomber” and “Carbomb” are known within the KB. They are offered to the operator to verify and confirm the identicalness. Then the new IntObject structure is merged into the KB as shown in Figure 6.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

J. Biermann / Intelligence Processing for Decision Support in Defence and Security

125

Structured Information Knowledge Base

Figure 6. Integrating the new structure into the knowledgebase

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

The special benefit of such information integration lies in the now established connection between the two persons, shown by the red line in Figure 7. These two actors are now related to one another and this additional new structure element.

Structured Information Knowledge Base

Figure 7. Merged information reveals new relations in the knowledge network Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

J. Biermann / Intelligence Processing for Decision Support in Defence and Security

126

In the actual context of defence and security, the intelligence effort needs to shift from attempting to predict 'the enemy’s next move' to 'inferring and understanding the tactical environment' as situations evolve and unfold. In such environment, intelligence personnel are tracking loose amalgams of people, not constituted forces. Network analysis, cultural analysis, genealogy, event-pattern analysis, language-pattern analysis, traffic-flow analysis, and financial-transaction analysis are tools that intuitively lend themselves to better supporting the intelligence effort in an asymmetric environment.

3. Real-Time Decision Support for Security Personnel The ubiquitous terrorist or 'asymmetric' threat requires suitable surveillance technologies based on multiple, mutually complementary sensors. Senor networks provide a significant contribution to improving public domain security in open societies. In many cases, this task proves to be a challenging surveillance application characterized by a complex urban or in-door environment and a threat spectrum that is usually not well known. For civil security, as in airports, harbours or public transportation, the aspect of near real-time data and information processing for situation awareness dominates over long-term reconnaissance for threat detection. Figure 8 presents an overview on the sequence of actions for the preparation and conduct of an IED attack.

Financer Supplier Transporter

BANG

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Builder Planner Emplacer

Exploiter

Triggerman Protect

Predict

Detect

Prevent

1y

1mth

Neutralize

1wk

1d

1hr

1mn

10s

1s

1mn 1hr

Derived from: LTC Gordon N. Houston, USMC, NATO Allied Command Transformation, April 2005

Figure 8. Life cycle of an IED attack

During the long preparation period, indicated by “Predict” and “prevent”, the aim of intelligence in civil security is not only to discover and quantify single persons and objects, but to understand the behaviour and intentions of the adversary indicated by the observed objects, contacts and activities. Local security personnel are on duty minutes and seconds before an attack takes place. The integrated processing of sensor

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

J. Biermann / Intelligence Processing for Decision Support in Defence and Security

127

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

data and background information based on available knowledge about relevant factors of the situation, including tactical and operational behaviour information of the objects and persons under concern received from intelligence service, will improve sensor data processing algorithms and contribute to tactical intelligence for threat detection and situational awareness as a necessary precondition for decision support. In solving the real-time surveillance task, human security personnel play an indispensable role not only at present, but even beyond the near future. The required technical support for improving public domain security must therefore function as a 'security assistance system', providing decision support for security personnel. This is especially true in complex situations, where human deficiencies must be compensated by interactively working assistance systems, decreasing attention in routine situations, focusing on anomalous events, limited memory, reaction, or combination capabilities. Besides the advantages of reducing the human workload in routine or mass situations, intelligent fusion of data from multiple, mutually complementary and heterogeneous sensor systems can produce qualitatively new knowledge, which otherwise remains unknown. For many applications, it is requested that a 'Multiple Sensor Security Assistance System' should operate as hidden and discreetly as possible in order to avoid interference with everyday public life. In addition, potentially threatening persons should not be aware that they are under observation. HAMLeT (Hazardous Material Localization & Person Tracking) is a demonstrator for the classification and tracking of potentially suspicious persons in dynamic multiple person in-door scenarios [13]. The system comprises selected and relevant core functions of future security assistance systems. The functions are used to focus the attention of security personnel on potentially suspicious individuals in a person flow, which are possibly carrying hazardous materials, such as explosives and their byproducts. Basic for the HAMLeT demonstrator is the observation that in many securityrelevant applications there exist well-defined access regions, e.g. escalators, passenger tunnels, and walkways as shown in Figure 9.

Escalators / Stairways

Tunnels / Underground

Skywalks / Walkways

Figure 9. Indoor tunnel areas

In such regions, a person flow can be observed by using multiple sensors. In the HAMLeT demonstrator there are two types of sensors: • •

Metric sensors, measuring the kinematical characteristics of walking persons Attribute sensors, providing hints to qualitative properties of persons and/or carry-on items.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

J. Biermann / Intelligence Processing for Decision Support in Defence and Security

128

Chemical sensors play a key role in the HAMLeT demonstrator [13]. for threat warning. They provide measured attributes enabling the detection of hazardous material, such as explosives, their by-products, or chemicals needed for producing them. The spatio-temporal resolution capability of an individual chemical sensor, however, is fundamentally insufficient for localizing the material at a given time and associating it to an individual person. Nevertheless, in a dynamic multiple person scenario these problems can be solved or at least mitigated by fusing the output of several chemical sensors with kinematical data from laser range-scanning or video sensors, which are used for continuously tracking the individual persons in the scenario [13]. Figure 10 illustrates on the left the concept of the security assistance system.

Data

Sensor Surveillance

Attributes: What? When?

Data

Kinematics: Where? When?

Fusion Person Classification

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Figure 10. Threat detection by fusing kinematic and attribute data

The collection of heterogeneous sensor observations over a certain time window and the subsequent spatio-temporal fusion of the resulting sensor data are expected to result in clear attribute-to-person associations, which are the prerequisite for subsequent classification decisions. The final products of the HAMLeT demonstrator thus indicate which individuals should be checked specifically by the security personnel (Figure 11). HAMLeT demonstrates new capabilities for early detection, localization, and continuous tracking of individuals or groups carrying hazardous material within a multiple person flow. Only in an integrated multisensor system can the potential of chemical sensors for security applications entirely be exploited.

Figure 11. Future multiple sensor security assistance system Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

J. Biermann / Intelligence Processing for Decision Support in Defence and Security

129

4. Final Remarks

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

The detection and identification of a threat in the public domain, such as in a harbour, an airport or an urban terrain, is more than the gathering and selection of a set of fused multiple sensor data about single objects or small groups. Situational awareness is the understanding and interpretation of data in the context of a given tactical situation. This can be achieved by processing results of sensor based tracking, classification, and identification as well as background information (tactical, political, social, technical, sensor specifications) to contribute significantly to a near real-time analysis of situation data and information. Due to its abundance and complexity, such information can hardly be actively handled and used by a human analyzer. An automatic integration of background information, structured and stored in comprehensive and up-to-date databases, leads to a substantial improvement in quality of current and future ISR systems (ISR: Intelligence, Surveillance, Reconnaissance) [9]. Knowledge based integration of results from tracking and attribute classification with available background knowledge about typical behaviour and tactical activities of potential aggressors will support the assessment of human operators on potentially evolving threats providing decision support in defence and security. Tools like CoALA or PARANOID are accepted and appreciated by the military community. They support the processing and exploitation of unstructured semantic information as well as some additional functionality for analyzing the established structured information set. However, these interactive tools have up to now mainly only assisted the human operators in their semantic exploitation of the information and their reasoning about the meaning and the consequences of the determined situation. To support situation awareness and threat and impact assessment, more research has to be performed on the discovery and update of behaviour pattern and system structures as well as on the principles of pattern and behaviour based reasoning, especially for imperfect data and information.

References [1] [2] [3]

[4]

[5]

[6] [7] [8]

J.R. Anderson, Cognitive Psychology and its Implications, Palgrave Macmillan, 6th Edition, 2005 R.T. Antony, Principles of Data Fusion Automation, Artech House, Inc., Norwood, MA, 1995. C. Becher et al., A Security Assistance System combining Person Tracking with Chemical Attributes and Video Event Analysis, In: The 11th International Conference on Information Fusion, Cologne, Germany, 2008. J. Biermann, “Understanding Military Information Processing – An Approach to Supporting the Production of Intelligence in Defence and Security”, in: Shahbazian, Elisa; Rogova, Galina; De Weert, Michael J. (Eds.) “Harbour Protection Through Data Fusion Technologies”, Proceedings of the NATO Advanced Research Workshop on Data Fusion Technologies for Harbour Protection Tallinn, Estonia 27 June - 1 July 2005, Springer, 2009. J. Biermann et al., “From Unstructured to Structured Information in Military Intelligence: Some Steps to Improve Information Fusion”, NATO RTO SCI-158 Panel Symposium on “Systems, Concepts and Integration (SCI) Methods and Technologies for Defence Against Terrorism”, London, UK, 2004. A. Dahlbom, L. Niklasson, Trajectory Clustering for Coastal Surveillance, In: The 10th International Conference on Information Fusion, Quebec, Canada, 2007. E.G. Little, G.L. Rogova, An Ontological Analysis of Threat and Vulnerability, In: The 9th International Conference on Information Fusion, Florence, Italy, 2006. K. Kruger, J. Biermann, M. Frey, U. Schade, Automatic Information Fusion from Diverse Sources. Proceedings of the Military Communications and Systems Conference, Bonn, 2007.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

130

[9]

[10]

[11] [12] [13] [14] [15] [16]

F.P. Lorenz, J. Biermann, M. Grandt, D. Nötel, W. Koch, From Surveillance in Urban Terrain Towards Security Assistance. Conference on Cognitive Systems with Interactive Sensors: COGIS06, Paris, France, 2006. U. Schade, J. Biermann, M. Frey, K. Kruger, From Battle Management Language (BML) to automatic information fusion. In: Popovich, V., Schrenk, M. & Korolenko, K. (Eds.), Information Fusion and Geographical Information Systems (Lecture Notes in Geoinformation and Cartography) (pp. 84-95). Berlin: Springer. 2007. L. Snidaro, C. Piciarelli, G.L. Foresti, Fusion of trajectory clusters for situation assessment, The 9th International Conference on Information Fusion, Florence, Italy, July 10-13, 2006. G. Thibault, M. Gareau, F. Le May, Intelligence Collation in Asymmetric Conflict: A Canadian Armed Forces Perspective. Proceedings of the 10th Int. Conf. Information Fusion, Québec, Canada, 2007. M. Wieneke, K. Safenreiter, W. Koch, Hazardous Material Localization and Person Tracking, In: The 11th International Conference on Information Fusion, Cologne, Germany, 2008. Chief of Defence Intelligence, Concept of Operations Document for Collation and Link Analysis Tool Suite (Draft v. 0.5), Minister of National Defence, Canada, 2008. North Atlantic Treaty Organization NATO Standardization Agency, AAP-6, NATO Glossary of Terms and Definitions, http://www.nato.int/docu/stanag/aap006/aap6.htm (03-2009), 2008. NATO, AJP 2.0 Allied Joint Intelligence Counter Intelligence and Security Doctrine, NATO/PfP Unclassified, Ratification Draft 2, 2002. PARANOID, http://www.tno.nl/content.cfm?context=markten&content=product&laag1= 178&laag2=363&item_id=1180&Taal=2 (03-2009)

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

[17]

J. Biermann / Intelligence Processing for Decision Support in Defence and Security

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security E. Shahbazian and G. Rogova (Eds.) IOS Press, 2010 © 2010 The authors and IOS Press. All rights reserved. doi:10.3233/978-1-60750-621-8-131

131

Adaptive Evidence Accrual for ContextSensitive Situation Understanding Alan N. STEINBERG Georgia Tech Research Institute, U.S.A.

Abstract. Context is used in data fusion to provide expectations and to constrain processing. It also is used to infer or refine inferences of desired information (“problem variables”) on the basis of other available information (“context variables”). Context is used in refining data alignment and association as well as in target and situation state estimation. Relevant contexts are often not self-evident, but must be discovered or selected as a means to problem-solving. Therefore, context exploitation involves an integration of data fusion with planning and control functions. Discovering and selecting useful context variables is an abductive data fusion/ management problem that can be characterized in a utility/ uncertainty framework. An adaptive evidence-accrual inference method – originally developed for Scene Understanding – is presented, whereby context variables are selected on the basis of (a) their utility in refining explicit problem variables (expressed as mutual information), (b) the probability of evaluating these variables to within a given accuracy, given candidate system actions (data collection, mining or processing), and (c) the cost of such actions.

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

Keywords. model-based reasoning, evidence accrual, context variables, anaphora, mutual information

1. Contexts1 Generally speaking, context is used in data fusion to • • •

Refine ambiguous estimates; Explain observations; and Constrain processing, whether in cueing or tipping-off or in managing fusion or management processes.

The utilization of context in fusion applications raises such issues as (a) the relations between situations and context and (b) the question of uncertainty in contextual reasoning inherent in fusion problems. Building on Devlin’s situation logic [1], we have defined a situation as a set of relationships and a relationship as an n-tuple comprised of a relation and one or more

1

This section elaborates the concepts for the systematic exploitation of context for improved data fusion first presented in [3] Human Systems Integration to Enhance Maritime Domain Awareness for Port/Harbour Security, IOS Press, Incorporated, 2010.

A.N. Steinberg / Adaptive Evidence Accrual for Context-Sensitive Situation Understanding

132

arguments of the relation [4]2. Context can be assessed either from the outside-in or from the inside-out. These relate to the notions of “context-of” and “context-for” presented in [2]: a) We can have certain expectations based on situations; as in “in the context of the present economic and political situation, we would expect an increase in property crime;” b) Alternatively, we can assess referenced items – whether individual entities or situations – by establishing a relevant context: “the economic and political situation provides a context for understanding this crime.” • C-O: A situation of interest that provides constraints and expectations for constituent entities, relationships and activities – – – –

Constraints Expectations (e.g. priors) Recognition: Deduction Prediction: Induction

Inference

• C-F: A situation that is selected to help solve a problem – – – –

Sense-making Resolving Ambiguities Explanation: Abduction Planning

Discovery + Inference

Figure 1. “Context-of” (C-O) and “Context-For” (C-F)

Copyright © 2010. IOS Press, Incorporated. All rights reserved.

In the second use, context is relative to a problem to be solved. A data fusion problem may be stated in terms of 1. 2.

A set of “problem variables” x ∈ X S to be evaluated (given a problem statement and problem decomposition scheme S) and A utility function on the resolution of these variables ωS : σ x → Ω. .

Let us consider how contexts can be used in evaluating problem variables to meet utility objectives.

2

Explicitly defined, a relation is an abstraction, represented by an m-place predicate. For convenience we include relations where m=1; i.e. attributes. A relationship is an instantiated relation, consisting of an mplace relation and n