Skip to main content

Behavioral Modeling for Security in Airports

Final Report Summary - BEMOSA (Behavioral modeling for security in airports)

Executive Summary:

Airports have increasingly become industrial and commercial enterprises making them prime targets for terrorists and prompting authorities to invest heavily in security.

BEMOSA provides answers and, more importantly, cutting edge applicable solutions for improvements in providing security by strengthening human resource capabilities. The basis for doing so lies in utilising a holistic view of the airport as a large and complex organisation within which there exists both formal ties between administrative units and a more subtle non-formal set of socially based communication networks that facilitate daily operations. As complex organisations, airports exhibit characteristics that influence employee behaviour through human resource management processes that relate to security issues. Therefore, it is important to understand how employees behave in normal routine as well as non-routine situations.

To attain our goals we combined ethnographic observations, questionnaire surveys, interviews and panel group studies to understand who, what and under what situations security decisions are made. We discovered in the eight airports located across Europe patterns of security behaviour where up to 40 % bend, break ignore or even go against the rules. Where three-quarters of potential security issues are assessed as false alarms, where trust in technology determines rule and protocol compliance; when security decisions are primarily made within groups rather than as individuals. Examining decisions more closely we were able to distinguish employees by their degree of rule compliance. Further analysis derived how such decisions came about, especially the role that informal social networks affected rule compliance. In addition, the ethnographic study and subsequent survey analysis supported the security decision making model that traced how a security trigger led to specific behavioural actions. This model, reflecting the reality of security behaviour, was based on a large collection of scenarios derived from the interviews. These scenarios created a data pool for the subsequent work on the simulation scenario based training programme.

On the basis of these real-time based scenarios, BEMOSA delivered the basis for a set of comprehensive and practical training programme guidelines that considers all the airport security stakeholders. It combines scenario simulation alongside alternative training schedules as a supplement to rule compliance training. By doing so it provides security employees a broader set of alternative security behaviours in non-routine as well as routine situations.

Overall, BEMOSA has provided an evidence based description of airport security decision making that will allow for a reduction in false alarms, increase decision making skills among employees and increase passenger throughput and positive airport experiences.

Project Context and Objectives:

Summary description of project context and objectives

The objective of 'Behaviour modelling for security in airports' (BEMOSA) is to improve security in airports through enhancing the capability of airport authority personnel to correctly detect and act on potential security hazards and reduce false alarms. Furthermore, BEMOSA aimed at improving the way in which airports learn from experience, revising and updating their safety and security skills/procedures.

While the benefits of effective aviation security technology cannot be overstated, the effectiveness of the use of technology depends on two non-technology related issues:

1. the ability to interpret the results of technology and
2. even more important, the ability to act upon this interpretation.

The latter, also known as the ability to take security decisions, is the focus of the BEMOSA project. These capabilities in decision making have direct implications in a wide range of high risk organisations.

The challenge of airport security

Aviation has become the preferred means of transportation in the modern world and as a result airports have become one of the pinnacles of modern infrastructure for the civil knowledge-based society. It embodies the principles of free flow of people, goods and capital in the free world. This makes civil aviation - both airports and aircrafts - prime targets for terrorists that aim to disrupt modern civil society. This threat is taken very seriously by all stakeholders involved, ranging from policy makers to aviation management and law enforcement agencies. The stakeholders understand very well that the threat is not only to human lives and property, but as a threat to values that are central to the free world. Therefore, it is no surprise that eliminating and mitigating threats to civil aviation in general and airports in particular is one of the main objectives of the global air transport system.

Like most production or service organisations, the aviation industry and especially airports, is composed of complex and interdependent groups of decision makers. Crisis events that may affect one part of an airport authority will likely have consequences on all others parts of the airport organisation. A breach of security in the handling department, for example, will have a domino effect on control tower decisions concerning delaying and rerouting aircraft which in turn affects the flow of passengers. Even 'behavioural security' personnel who are charged with reporting persons with suspicious (terrorist) behaviour, may be influenced by their fellow workers preconceptions of what a terrorist looks like and by a lack of specific expertise/training. These issues are complicated by the variety of potential security threats inherent in airports as major transportation hubs and the multiple organisational levels in the airport administration that must make decisions when a crisis occurs.

An important tool to maintain effective and efficient airport security is applying technology in general and screening technology in particular. Currently, in accordance with European Community (EC) regulation No 300/2008, all passengers, staff and luggage are to be screened prior boarding an aircraft. Therefore, airport security operations increasingly include the use of such screening, detection and prevention technology: the state of the art of airport security technology is being extended, but its effectiveness may be limited by administrative and organisational constraints as well as by human ability to:

1. operate technology;
2. interpret the results of the technology generated, including data integration; and
3. the ability to take decisions and act based upon the results of the technology outputs.

Furthermore, while airport security personnel are instructed to implement procedural guidelines determined by relevant legislation and regulation, recent research has shown that maintaining high security standards is not easily upheld in practice.

A major point of consideration in the airport security operations are human factors - ultimately, airport security is provided by humans. It is individuals that operate airport security technology and interpret their results. Therefore, some questions need to be asked. How can the human factor be better integrated in the design of airport security? How can technology be better integrated with human operators? How can the capabilities of the human operators be better matched with the requirements of effective and efficient airport security, while minimising human limitations and vice versa, how to recruit and maintain human operators with the required capabilities for effective and efficient airport security?

Maintaining standards through aviation security training is a special challenge. In order to maintain effective and efficient enforcement of the rules and procedures as well as the effective and efficient application of necessary technology, airport security has to be kept at a continuous high level. This may be hampered by the lack of large numbers of personnel, a large turnover of lower-level security staff and shortage of training for the large numbers of people that work in airport security.

Leveraging investment in airport security

To-date, the vast majority of investments in airport security have been made in additional security technology and equipment, but little attention is paid to the so-called human factors, i.e. the people that operate the technology and provide the interface between the passengers and security. So far, there seems to be a trend to replace people by technology and equipment, but one has to question whether the reliance on technology actually provides the most effective and most efficient security. On the other hand, the better security personnel is trained, the more effectively and efficiently the available technology and equipment can be utilised. Evidence seems to show that the bottleneck in security is not the ability to record an 'event', but diagnosing and interpreting it in real-time as well as taking decisions based upon the diagnosis. In addition, better trained personnel require, generally speaking, less management time and therefore, through better training, additional indirect [financial and social] efficiencies can be obtained as well.

BEMOSA will provide answers and, more importantly, cutting edge applicable solutions for improvements in providing security by strengthening human resource capabilities. BEMOSA will do so by using a holistic view of the airport as a large and complex organisation. It literally houses a number of formal organisations under one roof, including representatives of many airlines, service providers, tax free shops and the airport authority itself. While formally these organisations are not all related to each other, they interact with each other, both in routine situations and in crisis situations.

As the figures show, any improvement in efficiency, even a modest one, will improve the situation of (European) air traffic in general and airports in particular. In a crisis situation, multiple decisions on multiple levels across formal organisational lines will be taken. The simple fact is that delayed or wrong decisions can have grave consequences in terms of both life and property and lead to the critical disruption of transportation systems. Estimate cost, for example, of delay time average EUR 75 per minute, cancellations at EUR 6 380 per flight and diversions at EUR 4 552 per flight: meaning that security related decisions to suspend airport operations can run into the hundreds of thousands of Euro per incident (Safety of Air Navigation, 2005). By including both direct and indirect costs for physical damage to infrastructure and medical costs for those killed or injured, in cases of actual terror incidents, this figure grows geometrically.

Training Packages Based Upon Actual Decision Making

With regard to providing security, it is imperative to have an open and critical mind to truly understand if technology or human resources is a major contributor to the current level of security at the airport. To do so, first of all, one needs to understand what really happens 'on the ground'. Most airports have an emergency plan in place, but case studies of various emergencies and disasters in complex organisations similar to airports have shown a large gap between plans and actual implementation by both managers and employees. This is a critical point as having an emergency plan does not automatically mean being able to manage a security crisis as crises by their very nature are dynamic and difficult to predict.

Therefore, it is important to understand how people behave in normal situations and how they act in a crisis situation. This should not only be limited to security personnel, but also to all people working on the airport premises in general (across organisational boundaries). What procedures are in place and are these procedures indeed drilled and implemented, especially during a crisis situation? Are security personnel only focused on implementing specific procedures or do they have a broader outlook? As is widely recorded, a crisis is an ever evolving situation when even most elaborate (static) plans cannot predict how decisions are made. And most important of all: what actual behaviour indeed contributes to increased security and what does not!

A dynamic and realistic model of social behaviour and security decision making during security threats in airports is being developed, based upon a clear insight is obtained as to how people behave and what behaviour contributes to increased security. Based upon examining airports throughout Europe and focusing on key decision making groups such as control tower operators, security employees, service vendors and passengers, BEMOSA has developed the basis for a comprehensive and practical training programme that considers all the airport security stakeholders. Advanced software simulations that will help to capture and predict social behaviour under stressful emergencies will provide the platform for the training modules and training packages that can be readily applied at minimum cost to airports across Europe. Unlike most currently existing training packages, the BEMOSA training packages will be based upon how people make security decisions in the face of reality during the 'normal routine' and crisis situations that occur in airports. This novel approach will lead to increased efficiency of air transportation by decreasing false alarms, as well as improve safety and coordination for all stakeholders in cases of an emergency and security threat. It will provide breakthrough advancements in real-world crisis handling, reduce some well-known effects of stress and time pressure on human behaviour and can be readily applied across cultural and organisational boundaries.

Project Results:

Main scientific and technological (S&T) results/foregrounds

Airports have increasingly become industrial and commercial enterprises that symbolise modern civil society. This makes them prime targets for terrorists that aim to disrupt the very modern civil society. This threat is taken very seriously by all stakeholders involved, ranging from policy makers to airport management and law enforcement agencies. In addition, such security threats are extremely costly in terms of money, complicating air/land side logistics and affecting passenger satisfaction.

These multiple and costly issues will inevitably grow even more unwieldy given the forecast that European air traffic will double by 2030. Security costs alone already account for between 25 to 30 % of total operating costs of airports with costs rising with the introduction of even more sophisticated detection technology required to detect even more sophisticated means of terrorism, while maintaining the throughput of passengers and cargo in order not to disrupt air transportation even more. Given the competitive private market that is the basis for most commercial airports in Europe, a recent report by Airports Council International (ACI) found at least half of the European airports are not profitable.

These combined security and economic pressures make it imperative to leverage any investment in airport security as effectively as possible. Therefore, it is of no surprise that eliminating and mitigating threats to air traffic is one of the main objectives of the global air transport system.

This same objective formed the basis for BEMOSA that focused on critical human factors that played a leading role in airport security. We did this by designing an innovative and cutting-edge research platform for collecting comprehensive empirical data among European airports across the continent for the purpose of providing a realistic picture of how, when and under what situations security decisions are made. On this basis we then:

1. provided simulation and evidence-based scenarios for security decisions
2. provided guidelines for evidence based training as supplemental to rule compliance training
3. modelled security behaviour of human actors (personnel, passengers and suppliers) in airports for future development of human resources and training solutions.

On the basis of BEMOSA, we have already made a major contribution to this objective by focusing on the human factors involved in the security process.

Emphasis has been put on first and foremost discovering actual security behaviours of airport employees and passengers. As airports are complex economic and social organisations, it is clear that security decisions are based on employees in their interaction with passengers, sets of mandated rules and technology. This trilogy within which employees find themselves is crucial to how they make their security decisions. It is for this reason that the analysis of employee security behaviour was generated by looking extensively at the security decision making process within the social and organisational context of airports. Deciphering who, how and under what situations such decisions are made formed the platform for a scenario based training programme whose objective is to provide guidelines for an evidence based training programme to enhance security decision making.

This approach fits well with major aviation agencies moves toward viewing security in terms of risk-based and risk assessment models. BEMOSA made a major contribution toward this development as such risk based is dependent up enhancing security decision making capabilities on the part of employees.

Solutions for Stakeholders

BEMOSA has provided answers and, more importantly, cutting edge applicable solutions to a host of airport stakeholders for improvements in providing security by strengthening human resource capabilities. For technology providers is has focused on the interactive man-machine capabilities through understanding how false alarms and trust play in interpreting security technology outputs.

The heavy reliance on security technology raises many issues that were found in the BEMOSA project, particularly the link between man and machine. The analysis demonstrated that the link was more complex, namely framed by a 'man-machine-man' interface that goes beyond the simple technical operations to a point where there is a need to interpret the output of the technology. Traditionally, the man-machine interface focuses on the interface for the input side of the system. Surprisingly enough, despite the utmost importance of interpreting the output, very little research has been done to understand this process.

For the service suppliers, especially security employees, we have discovered 'decision making profiles' of employees that can be utilised through recruitment and placement strategies to enhance throughput of passengers and reduce false alarms. For security managers we have discovered the basis for security decisions at major check points and the impact that the passenger-employee interaction affects its timing and resolution. By both understanding and having evidence that allows for the understanding of security decisions, stakeholders will be able to predict, control and change many of the problematic hurdles that until now have been both costly and inefficient in an airports operation.

Based on the reality and evidence based scenarios we discovered and analysed, BEMOSA will be a forerunner for the development of a full training package based upon a behaviour model reflecting the reality in airports and tailored for staff. This novel approach will lead to increased efficiency of air transportation by decreasing false alarms, as well as improve security and coordination in cases of an emergency and security threat. It will result in an increased level of skill for all human resources within the airport by preparing them for sensitive decision making. Such a training package will make airports safer, more secure and due to improved efficiency, more economically successful. And, it will positively enhance passenger's experience.

Airport Complexity

The basis for examining the social process of security decision making is based on a holistic view of the airport as a large and complex organisation within which there exists both formal ties between administrative units and a more subtle non-formal set of socially based communication networks that facilitate daily operations. As complex organisations, airports exhibit characteristics that influence employee behaviour through human resource management processes that relate to security issues. Therefore, it is important to understand how people behave in normal routine as well as non-routine situations.

To do so we designed a research framework that led to the analysis of not only security personnel, but also to people working on the airport premises in general (across organisational boundaries) and even extended to the largest group of people in an airport: the passengers. This led us to develop a methodology to examine multiple facets of airport operations. What procedures are in place and are these procedures indeed drilled and implemented, especially during a crisis situation? Are security personnel only focused on implementing specific procedures or do they have a broader outlook? As a crisis is an ever evolving situation when even most elaborate (static) plans cannot predict how decisions are made, how flexible will employees be in facing events for which they have never encountered? And most important of all: what actual behaviours indeed contribute to increased security and what does not!

Throughout the research, it became abundantly clear that each airport had its own individual footprint so that any changes or intervention (e.g. in training or team work as a result of the analysis of each airport) will have to be customised to fit the context of each individual airport. However, a methodology was developed for studying each airport and this methodology itself is scalable and transferable to any airport.

Evidence Based Solutions

To answer these issues, the first challenge was to obtain basic administrative information on airport operations. Only by understanding how such a complex organisation logistically and administratively functions could we begin to then delve into how security decisions were made. This led to a ground breaking ethnographic study that recorded actual security related behaviours of both employees and passengers. On the basis of these initial results, we refined the study design by incorporating a sophisticated research field study based on a sample of eight international and regional airports in Europe. The distribution included large, medium and small airports distributed across Europe. This sampling allowed us to not only generalise about security behaviours but also focus on specific structural characteristics of airports that we argued could also have an impact on security processes. As sources for additional corroborative data we performed personal interviews and conducted a longitudinal panel study to measures changes in security behaviours over time.

The study results form the basis for a behaviour model that describes how airport employees make security decisions and what affects those decisions in the face of reality during 'normal routine' and crisis situations that occur in airports from time to time. We encompassed employees in general and security personnel in particular.

Security as a Social Process

The reality of security decision making in airports is framed by rule compliance. However, such rules and protocols are often guidelines in the decision making process as it is the social context that determines the final security decision outcome. The clear implications for stakeholders is that relying solely on regulators to determine the security in airports misses the key human element in how decisions are made in reality. This was very apparent after completing the ethnographic study.

The combined results of over 700 case study scripts based on the ethnographic observations, 518 responses from structured questionnaires, close to 700 single person interviews, 300 responses to passenger questionnaires dramatically show that rule compliance based security is far from full proof!

1. Security decisions depend on routine or non-routine situations.
2. Most decisions are made through group interaction and not as individuals.
3. Rule compliance depended on both the situation and group context.

The analysis of the interviews provided a large number of non-routine crisis case study descriptions that support the ethnographic scenarios as well as strongly suggest that security decision making is primarily a social group process. These non-routine situations were contributory to breaking and bending the rules.

The results of the questionnaire are diverse and can be summarised as:

1. protocols and procedures are frequently bypassed, adapted or broken
2. security related decisions are mainly informal group based
3. sources of security information (formal versus informal) affect rule compliance
4. a dense network based on friendships and cooperation exists
3. around 75 % of the responders never faced a real security threat.

The Reality of Rule Compliance

The security framework that is invested in maintaining airport security is based on a combination of two factors: regulators set in place a set of rules and regulations, protocols that are to be followed to optimise security. This is, however, built on the assumption that both employees and passengers will follow these rules. This approach fits into the engineering mass processing design of airports but discounts the reality of non-rational behaviour on part of both employees and passengers.

Actual security based decision making behaviour reflects the complex nature of airports as large human organisations and the normative behaviours among employees when making security decisions. Therefore, it appears employees do not rely primarily on procedures or rules only.

1. This pattern of behaviour only slightly differs between those employees who are directly involved in security and those who are not.
2. Informal social networks within and between departments selectively filter information and norms of behaviour that affect rule compliance.
3. Group based security decisions as opposed to individual decisions are more likely to comply with security rules.

Employee Profiles

Three basic employee profiles affect degree of rule compliance:

1. adaptive employees who bend rules to each situation
2. social decision makers who depend on co-workers
3. compliant bureaucratic employees who follow rules.

Trusting Technology

The degree of 'trust' in technology and assessing most incidents as 'false alarms' affects rule compliance decisions:

1. those who put 'complete trust' in security technology tend to comply with rules and protocols
2. those who view security technology as 'the best means to catch offenders' tend to be less compliant and more flexible in bending the rules.

Social Networks

The interview results strongly support the critical significance that social interaction among co-workers affects security decisions and actions.

1. The emergence of distinctive informal information networks for attaining and providing security information leads to reduced rule compliance.
2. Patterns of security information flow reflected how social networks were dependent on the size and organisational complexity of each airport.

Threat Incidents and Actions

The interviews revealed that the employee's primary focus on threat incidents and concern is not perceived to be terror related but primarily on passenger related incidents.

1. The majority of perceived emergency incidents are related to unruly/aggressive passengers.
2. The major security actions taken by employees relate to confiscation of illegal items or dealing with unruly/drunken passengers primarily with help from colleagues.

Security Threats

There seems to be a definite need to improve security decision making ability as reflected in the clear problems of recognising a threat and acting upon it. There appears to be a gap between procedures and actual behaviour when a threat is recognised and especially when acted upon as it seems that in such cases informal group behaviour is as important as formal procedures.

1. As employees regard most threats as 'false alarms', have never faced a real threat and have pre-biased estimates of what constitutes a threat, security decisions tend to be inconsistent.
2. The diverse sources of formal and informal updating of security threats affect how security threats are perceived and acted upon.
3. Informal interdepartmental work relations are prevalent facilitating information flow through non-official networks.

Scenario Building

The basic assumption of airport security is that its very foundation depends upon rule compliance. With the discovery that security employees bend, break and sometimes ignore or even disregard the rules, we sought situations where and when this occurred. Having knowledge of the circumstances when compliance is not full would provide security managers a tool to intervene to correct the situation. One innovative approach that we utilised was the development of evidence based situational scenarios. These scenarios relied on the interviews of security personal who literally described their actual behaviours during both routine and non-routine threat situations. The scenarios provided a wealth of alternative situations and a variety of possible security decisions that were made that fell outside the rule compliance training that is presently required by security employees.

This effort to describe in detail the actual security decision behaviours proved critical for finding training solutions. This was due to the fact that most airport employees were never involved in or faced non-routine threats. Providing employees with actual real-life scenarios that occur outside the normal routine situations not only would enrich their decision making capabilities when critical incidents occur but eventually merge them within the rule compliance protocols.

As we can see from the example below, we were able to trace the decision making scenario for a single employee. We then selected employees and categorising them by job descriptions (e.g. screener, security guard, etc); we were able to build up sets of scenarios associated with their tasks thereby providing employees with scenarios that would very likely occur. It includes a 'trigger' that was initiated by a threatening event (who, what, where), followed by a decision and the source(s) of corroborative information and the consequences or outcomes of the security decision.

Simulation

Simulation or modelling the actual security behaviour was paramount to developing the guidelines framing the training programme of BEMOSA. To do this we first built a basic simulation programme of how airport employees would theoretically behave in both routine and non-routine situations. This process, through a number of iterations, developed the potential scenario based simulations. As additional insights were gained through the data analysis, these were introduced into the simulation in the hope of capturing the most relevant types of situations and alternative security decisions that reflected the reality of behaviours. At this stage the simulations were imbedded within a scenario based framework.

In developing the training scenarios we had to restrict our efforts to only a very limited number of potential realistic event behaviours and focus them on specific job related security characteristics. Given the numerous potential scenarios for all the event threats expressed by security employees, even the simplest required hundreds of possible alternative decisions structured in a tree-decision making algorithm. To this end we extrapolated only a very limited number of 'security incident threats'; those most frequently cited by security employees.

The simulation was developed within an overall framework where it would become an integral part of the overall training programme. As we were able to isolate the profiles of employees, we took advantage of this and set up the training scenarios as an interactive system where the training scenarios changed in accordance with the trainees responses. This activity is still in its infancy as the number of simulated scenario iterations will require work well beyond the capacity of the present BEMOSA budget and time-line. Yet, it represents a very promising direction in terms of training beyond the rule compliance system today and affords the ability to institute a broader set of security decision alternatives.

Training Alternatives

It was clear that the scenario simulation interactive training attempt must be supplemented by more conventional training systems that would provide the background to enrich the scenarios and play a more realistic basis for the security decision options that would be available for trainees. This was accomplished by looking more closely at the predominant factors that surround security decisions; namely situational awareness, the flow of communications and how to manage the task at hand.

To demonstrate how the BEMOSA findings fit into this framework, we examined in detail the specific issues involved in screeners. As illustrated in the Figure below, we looked at the screeners' job description and matched it against the results of the BEMOSA data analysis and found specific gaps between the present training regime and the reality of actual security behaviours. This difference provided us with the opportunity to focus specific scenarios into the scenario simulation that would fill this gap. This same methodological track was performed for other security employees but due to the BEMOSA financial and time constraints could be applied to a host of other airport employees.

Potential Intervention Strategies

Given the objectives of BEMOSA to deliver the basis for a comprehensive and practical training programme that considers all the airport security stakeholders; it can be said that airport security will improve considerably from the point of view of reducing false alarms by enhancing security decision making; developign a more skilled pool of human resources; and making the passenger-security interaction at airports less invasive and less unpleasant.

1. Cases that procedures are not followed should not necessarily be viewed as either a negative or positive phenomenon. It seems that in some cases the current procedures are not sufficient or relevant and security personnel show initiative and creativity to handle the situation. However, it also seems that in some other cases procedures are sufficient and relevant and not following procedures are a result of lack in skills, training or motivation.
2. Security personnel seem highly motivated in general. Thus, informal group behaviour during security threats can be described as an interactive process with personnel first consulting with their colleagues which is then reinforced by the willingness of colleagues to provide feedback. Such readiness to consult and willingness to provide advice may provide an interesting input for future training and may be incorporated in procedures as an initial step in responding to security threats.
3. The discovery of three major types of employee profiles opens up a variety of opportunities for the social and physical placement of work teams throughout the airport that takes advantage of the dynamic changes in both security requirements and passenger logistics. These profiles also assist in recruitment in accordance with human resource needs and in generating security skills by appropriate 'not one technique for all' training programme.
4. Knowing that the degree that employees trust security technology to guide them in making security decisions also provides a window of opportunity to re-evaluate the training programmes currently utilised so as to reemphasise those areas in the programme that can benefit from realistic scenarios involving optimising security technology.

Supplemental Scenario Training

Unlike most available training packages, the BEMOSA training packages are based upon how people make security decisions in the face of reality during the 'normal routine' and crisis situations that occur in airports. This novel approach will lead to increased efficiency of air transportation by decreasing false alarms, as well as improve safety and coordination for all stakeholders in cases of an emergency and security threat. It will provide breakthrough advancements in real-world crisis handling, reduce some well-known effects of stress and time pressure on human behaviour and can be readily applied across cultural and organisational boundaries.

Secondly, having the ability to introduce into scenario training programmes simulation engine an educational component where alternative modes of decision reflect actual behaviours provides the trainee group with the ability to immediately review its consequences. Matching actual decision making against rules and procedures also is expected to provide the trainee group with greater flexibility to innovate and utilise informal communications to solve security threats.

Potential Impact:

Dissemination and Exploitation of the results

The BEMOSA Consortium has been committed to ensure the proper dissemination and exploitation of project results so that the vision and results of the project become not just as widely known and understood as possible, but also highly influential and implementable. To that extent, we have created raise awareness within the different stakeholders who are related to and could benefit from the outcomes of BEMOSA. In particular, we have demonstrated our concepts to the various stakeholders from airport authorities, airlines, airport service providers, governments and related government agencies (police, fire brigades, (para-)medical organisations, home security, search and rescue units etc.) as well the aviation consultancy community through a series of workshops and individual meetings. As a result, strong ties were forged with some relevant national, EU and international initiatives and associations, such the ACI, ECAC, IATA, TSA and CATSA. Prof. Kirschenbaum and Simon van Dam became members of Workgroup 4 of ACARE, dealing with aviation safety and security and ensured that the BEMOSA findings and project results have been incorporated in the ACARE Strategic Research Agenda that was published in September 2012. Last, but not least, Prof. Kirschenbaum and Simon van Dam have been asked tentatively to provide a presentation to SAGAS (Stakeholders Advisory Group on Aviation Security), a consultation body, under Directorate General (DG) MOVE, advising the European Commission and European Union (EU) Member State Governments on the technical and operational details of implementing rules in aviation security, upon publication of the Final Report.

Conclusions of the project

Meeting Objectives

The overall objectives of the BEMOSA research project have been fulfilled. We have provided through an edge-cutting and innovative research platform a realistic picture of how, when and under what situations security decisions are made. On this basis we developed simulation and evidence-based scenarios for security decisions; provided guidelines for evidence based training as supplemental to rule compliance training and modelled security behaviour of human actors (personnel, passengers and suppliers) in airports for future development of human resources and training solutions.

Innovative Research

For the first time a detailed picture of the actual reality of security related behaviours was uncovered though the combined multifaceted methodologies that included ethnographic, field questionnaires and personnel interviews that allowed a detailed analysis to not only describe the realities of security behaviour but to seek their sources and consequences.

Airports as Social Organisations

Our examination of airports as complex social organisations is supported by the rich sources of empirical evidence we uncovered that they are embedded with both formalistic administrative and informal social networks - both of which have an impact on the culture of airport security and security decisions. The social networks - as communication paths for security information - were also found to be vital in how security decisions would be made and under what circumstance.

Profiling Employees

By using advanced statistical techniques we discovered security decision making profiles for airport employees: the adaptive, compliant bureaucratic and social based decision maker. These profiles can be used to predict how specific employees will likely make security decisions and can be utilised in terms of recruitment and placement of employees according to the specific security tasks that may/may not require strict rule compliance.

Scenario Building

By recording and tracing actual behaviour of employees during perceived threats, it was possible to accumulate hundreds of realistic scenarios that employees could potentially face in their daily airport tasks. This afforded the building of sequential time-based decisions for both routine and non-routine security decisions that could be utilised in training employees who face either a non-routine threat or one that the existing rules are inadequate. These scenarios were then introduced into computer software simulations providing employee trainees with an enriched variety of situations in which decisions would be made and their consequences evaluated.

Reality Training

The dominant security training in place is based on rule compliance but evidence from BEMOSA demonstrated that in many cases rules are bent, broken, ignored or gone against. In the analysis it was clear that a large proportion of non-rule compliance related to non-routine situations or where rules did not apply. It was with this 'reality' that the guidelines for the training programme were developed. Employing classical training perspectives alongside the simulations of threat scenarios, we sought to determine the gap between what is presently trained and the scenarios that reflected the reality of security decision behaviours.

Recommendations

Further field research required

The ground breaking discoveries of the BEMOSA project, like all research into an area that has rarely been examined from a behavioural perspective, raise additional questions that cry out to be answered. Only through additional and more comprehensive in-depth research into additional airports beyond the 8 we examined can we gain a greater understanding of how security decisions are affected by the social context of an airports organisational environment including the technology in place.

The extent of the critical importance of the present findings is only now beginning to be recognised with its consequences introduced into the recently published Acare's Strategic Research Innovative Agenda (SRIA). By extending and continuing the BEMOSA research programme, even more significant areas for future research can be discovered as vital for the air industry of the future.

Incorporation of scenario-based simulations into current training programmes

As the emphasis of BEMOSA was on applied research, it is clear that many of its findings were generated by keeping in mind a practical operational perspective on how to enhance airport security. One of the clearest implications for doing so is in the area of training. What has been provided in the simulation scenario guidelines can be utilised as a basis for further research and development (R&D) in the area of developing behavioural training models and tools that take into account both rule compliance and non-routine situations.

In addition, the results of the analysis can also be incorporated into already existing training programmes so as to maintain their integrity in terms of EU requirements and accreditation.

Adaptations of BEMOSA Conclusions in aviation security regulations and operations

As an integral part of the aviation industry, stakeholders are in need of updated information concerning the operation of airports; especially related to both employees and passenger behaviour. As BEMOSA has shown, a behavioural approach provides an additional and vital component to this knowledge that can have a direct impact on stakeholder decisions.

A specific area where BEMOSA's findings can have direct consequences - one of vital concern for airport security - is technology. Our findings of human-machine interaction in terms of trust and false alarms can be utilised to gain greater awareness of both the limitations and exciting future applications of technology in the area of security.

Benefits and Added Value for Stakeholders

Government Agencies and Regulators: evidence based policy decisions

BEMOSA provides a broad range of insights to the aviation industry that emphasises the human factor as an underlying component in driving airport security operations. To this end we rely on an evidence based evaluation of both employees and passengers within a dense security technology environment to reduce costs, false alarms and passenger dissatisfaction. The emphasis on evidence based policy decisions fit into both long term strategic security policies as well as day-to-day security operations. BEMOSA has provided the ability to match policies with behavioural reality as well as provide cost estimates for alternative policies.

Training Companies: training scenario simulations

Based on behavioural evidence in airport security decision making, cutting-edge training guidelines may be developed that go beyond the rule compliance training regimes currently required by authorities. The training format may involve convenient mobile on-line scenario simulations for routine and non-routine situations so as to increase rule compliance. The scenarios reflect empirically derived incidents experienced by employees and can be simulated in a gaming fashion. The training package would be underpinned through feedback and educational engines that assure high impact on security decision making behaviours.

Technology Suppliers: false alarms

A key to airport security lies in sophisticated security technology. Yet, there continues to be an abundant proportion of false alarms and disregard for the threat generated output. Passengers also play a role in this process. Focusing on key determinants of technology derived security decisions may provide a solution to this vexing problem. Human-machine interactions, team cooperation, trust of technology and other underlying sources influencing decisions can be analysed to isolate critical factors in appropriate use of security technology. By leveraging these in a cost effective manner, there will be a decrease in false alarms while increasing through-put.

Airports: security costs

A 'bottom-line' concern for all airports is operational continuity and commercial viability. Therefore there is the need for an accurate assessment of the level of security of various areas in the airport. An innovative Security Index could be developed to provide managers the ability to determine how security compliance affects passenger through-put, pinpoints areas where intervention may be necessary and helps determine costs per passenger.

Employees: recruitment and turnover

The costly issues of human resources turnover and recruitment have a direct impact on levels of security in airports. The extensive research of BEMOSA may provide cost effective solutions to guide recruitment policies that select and place employees by proven behavioural qualities that affect adhering to rule compliance or adaptive security behaviours. Turnover can be ameliorated employing BEMOSA's mapping methodology that reinforces informal social networks, team sharing and group decision making.

Potential Impact and Use

Given the objectives of BEMOSA to deliver the basis for a comprehensive and practical training programme that considers all the airport security stakeholders; it can be said that airport security will improve considerably from the point of view of:

1. reducing false alarms by enhancing security decision making;
2. develop a more skilled manpower pool; and
3. make the passenger-security interaction at airports less invasive and more pleasant.

List of Websites:

http://www.bemosa.eu

Simon van Dam

bemosa@bemosa.eu

+97-226-786120