Adapting the Aviation Security Array to Tomorrow’s Threats – Part One

Written by Mr. Itay Levin

In their publication Dying by the Book – Developments in Aviation Security, Mr. Raz and Mr. Sagi review the process of establishing the Israeli aviation security array, placing an emphasis on the human element and the PPS method. Dotan mainly describes the process and Oded describes a specific method that constitutes an essential level of the comprehensive security approach of the Israeli security approach. Oded describes the influence of the terrorist attacks on the design of the response.

In this article I shall attempt to deal with the broader principles of designing an effective aviation security array, while using a number of demonstrations, in order to attempt the impossible and prepare for tomorrow’s attack.

The Threats

When attempting to create an effective security array, we must first and foremost examine the nature of the threats facing the object of security and determine the relevant weights of each threat.

This process is generally carried out by and/or after consulting with the regulatory/guiding level, with the assistance of the security expert who presents the potential damage in the realization of each threat, the specific response and the comprehensive response.

The security expert is required to present the general approach at the basis of the array of security actions in order for the supervising level to “defend” it when asked to dos so, whether by federal, legislative or judicial authorities, whether by he international community or whether by the nation’s residents and citizens.

a. What are the relevant threats?

The relevance of a specific threat is determined, in most cases, based on the result of a successful attack and the possibility that an enemy will carry out an effective attack based on the outline in question.

The first stage involves mapping the aviation threats – a relatively simple affair, as most have already occurred, and I shall review the aviation threats in brief:

  1. Exploding the airplane by way of a device brought on to the plane.
  2. Exploding the airplane by and external impact.
  3. Exploding the airplane by attacking the various flight systems while it is in the air or on the ground.
  4. Harming the airplane’s passengers and crew when the airplane is in the air ­– poisoning using conventional or non-conventional weapon  methods.
  5. Hijacking the airplane with its passengers and crew.
  6. Harming passengers on the ground within the airport.

The ways in which attacks and devices can be carried out are varied, starting from taking advantage of passengers or their luggage in general cargo or catering services on the airplane to harming the airplane’s computer systems or other systems on the ground at the airport.

As I am personally loathe to issue publications that may risk human lives, I shall not specify many additional courses of action that, for some reason, have not been used to date, as well as some that have.

After mapping the threats, an examination must be made as to whether a reasonable possibility exists that the threat will be realized.

That last sentence is the essence of the failure of many security arrays, which after mapping all the threats have not tried to decide which threats are relevant. For instance, what amount of a certain type of explosive will succeed in blowing a hole in the side of an plane in flight or the amount of an agent that needs to be spread throughout a plane in order to harm its passengers or what means can be used for a hijacking. In most cases, minimal security processes dictated by the authorities are implemented without planning and with the full expenditure of a certain budget with no planning and internal logic.

After security array designers know the theoretical threats to the array, they must cooperate and conduct surveys with the intelligence community regarding the level of relevance:

  1. The measure’s availability in the relevant sector.
  2. The identity and availability of the potential attackers.
  3. The possibility of connecting the means and the attacker at the relevant time and in the relevant place.

b. The Element of Surprise

The security margins in designing the security array must include a work assumption from the universal philosophy of war, namely that “the enemy will surprise you and breach the first line of contact.

The “terrorist guide” put together by the global jihad organizations provides clear instructions on how to create a surprise or a dilemma for the defending forces in one or more of the following parameters: time, place or means.

Those familiar with suicide bombings will most certainly remember how, when the phenomenon began, intelligence experts tried to assemble a profile of a suicide attackers. Terror elements caught on quickly and began sending suicide attackers who were not covered by the profile, such as elderly men or young women. As soon as it became apparent that this point had run its course and that this component could no longer pose a surprise, attackers were sent with different means, which constituted an additional surprise to the defender, in that they defeated the defensive technology they had employed.

The security principle at work here is that security margins must exist for the security array, or it will fail. This is no small matter, as the world is currently guided by economic considerations and its necessity is hard to explain.

c. Tactical Versus Strategic Intelligence

Much has been written lately on how strategic intelligence is equivalent to a constantly blinking light, which brings about the opposite effect – ­instead of serving as a warning, increasing alertness and focusing effective work, it puts the security array to sleep, in same sense as the boy who cried wolf.

In spite of the above regarding the marginal contribution of strategic intelligence and in spite of the misguided conceptions, we need to remember at times that this is not always the case.

The appearance of global jihad organization in the international arena led to a significant change in the Israeli security array, something that was not implemented in other security arrays around the world and aided the element of surprise that lay at the basis of the September 11 2001 attacks.

Compared to strategic intelligence, which can be important, tactical intelligence is highly relevant and can provide us with fine-tuned focus in our security planning.

First-rate tactical intelligence was at the basis of the thwarting of the 2006 London attack, a turning point the traces of which are evident to this day in the prohibition of bringing liquids on flights, and the 2010 Yemenite commercial cargo incident.

Alongside these successes, in recent years the U.S. has had significant failures in handling tactical intelligence. The most famous of these is the Christmas 2009 attack in which Omar Farouk Abdul-Mutallab boarded Delta Flight 253 from Amsterdam with the intention of blowing the plane up over Detroit. The attacker’s name had been included in various terror watch lists, advance information had been received from his father near the attack date, British intelligence had warned their American counterparts and the terrorist himself had interacted with the American security array in Ghana before departing to Lagos in Nigeria.

Compared to the security forces, attackers have a great deal of tactical intelligence at their disposal; for instance, from reading media sources any attackers can find out what “suspicious findings” security services protecting flights departing to the U.S. are looking for. Many publications noted these “suspicious signs”, and it is clear that attackers are aware of them as they are exposed to media sources, and will probably use this to their advantage.

An additional way of collecting tactical intelligence was at the basis of many attacks, including 9/11, where data was collected in preparation for an attack by way of simulations and interaction with security services by the use of weapon-simulating measures.

A terrorist preparing for an attack can easily wander about no small number of airports and learn about the technology used to scan passenger luggage and carry-ons. It’s enough to find out the make and model of the machine and the relevant manufacturer’s website will provide a huge amount of detail regarding the machine’s capabilities, for instance, which materials it identifies and which materials are not included in the list.

d. What is an Effective Response?

An effective array is put together in a balanced manner and is comprised of components capable of detecting threats ahead of time and neutralizing them before they can be realized. The array will be comprised of systems capable of being updated and adjusted quickly and efficiently based on the changes.

Proper and balanced combination of advanced technology and human capital is the only formula for the success of any security array, after their activities have been regulated with clear-cut procedures.

Each of the two components, the human and the technological, has its advantage and disadvantages; while the former tires and may deviated from expected norms, the latter is systematic and consistent – but the former has more varied and flexible capabilities while the latter can be studied and ultimately circumvented.

Therefore, proper combination of the components is the sole relevant formula for creating an effective array that can deal both with calculated threats and with the element of surprise.

e. Balance between Security Array Components

As noted, there is a variety of threats the security array must face, in situations of absent intelligence and changing realities.

The 9/11 attacks led to mass panic and the construction of a quick and available security array, while the Richard Reid (shoe bomber) attack only increased global hysteria.

A conceptual lack of understanding led to massive purchases of EDS and later ETD technology, with no planning, and various measures were deployed without examining the relevant and effective contribution of each.

Too many arrays are currently constructed that place the full weight of their “armor” on advanced technology, with too few relying solely on the human element; the biggest failures employ just one type of technology and leave the array wide open to the full variety of threats not mentioned in said technology’s operating manual.

f. How do we Test a System’s Balance?

A system’s balance is tested in its ability to deal with a variety of threats combining the element of surprise. The security array achieves this by operating in layers, with full or partial overlap of the elements facing said threat factor.

According to this doctrine, balance is not “just” dealing with detecting means or not “just” detecting intent, but rather initiating action in both dimensions at the same time.


In my next post, I will discuss the three main components for deploying security.


Written by Mr. Itay Levin

Mr. Levin has just recently joined Lotan Security and is an expert in the area of protective security with extensive experience in aviation security, security systems management, critical infrastructure and corporate protection. Mr. Levin’s experience is based on his past work managing international aviation security systems spread over a wide geographical area for ELAL Airlines Security.  His responsibilities included managing the officers in charge and supervising projects and large scale operations.  He was responsible for hundreds of employees and thousands of day-to-day security operations in a highly competitive commercial environment for 10 years, many of them during an era of high profile terror attacks.  This unique combination of maintaining the highest security standards while taking the needs of the commercial environment into consideration are what helped to make him unique in the industry and a leader in the field.




This entry was posted in Aviation Security and tagged , , , , , , , , , , , , , , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *