Industrials

Critical Elements In Aviation Security Operations And Management

__
<h1>&nbsp;</h1><ol><li style="text-align: justify;"><strong>Aviation Security</strong></li></ol><p style="text-align: justify;">Aviation security&nbsp;is the protection of civil&nbsp;aviation&nbsp;against acts of unlawful interference. This objective is achieved through a combination of measures and resources both human and material, aimed for the safety of passengers, crew, ground personnel, and the general public.</p><ol style="text-align: justify;" start="2"><li><strong>AVSEC Planning: </strong></li></ol><p style="text-align: justify;">The Aviation Security Planning incorporates the key aspects and themes. The need for effective, risk-based measures that are assessed regularly to reflect the evolving threat picture, ensuring that measures are effectively implemented on the ground on a sustainable basis, resource allocation and the promotion of a culture of security; and establishing effective national oversight of aviation security systems.</p><p style="text-align: justify;">Aviation Security being an international issue therefore&nbsp;&nbsp; States are dependent on the effectiveness of each other&rsquo;s aviation security systems to provide a common secure aviation environment. Despite enhancements to the security system, terrorists continue to view civil aviation as an attractive target and continue to exploit real or perceived vulnerabilities in the international civil aviation system, with the aim of causing substantial loss of life, economic damage and disruption to connectivity and trade between States.</p><p style="text-align: justify;">Without question, enhancing aviation security will bring financial and other economic benefits. The economic and financial cost to States, airports, airlines, and stakeholders of terror attacks and security breaches can be very significant, and the loss of human lives cannot be measured. On the financial and economic side, some recent attacks have caused huge financial losses as a result of close to two weeks suspension of airport and airline operations, repair to infrastructure, and other losses suffered from terror attacks.&nbsp; Other repercussions may also be suffered as a result of poor aviation security standards and measures, including the loss of public and investor confidence, and effects on tourism, trade and connectivity.</p><p style="text-align: justify;">The objective of establishing the Aviation Security Planning is to help stakeholders enhance the effectiveness of aviation security. The AVSEC Planning, therefore, seeks to unite the international aviation security community and inspire action in this direction, considering that the threats and risks faced by civil aviation the community continues to evolve. It is also intended to achieve the shared and a common goal of enhancing aviation security worldwide and to help States come together to fulfill the commitments set out by the ICAO. To achieve the objective of AVSEC Planning the following principles are necessary to be followed:</p><p style="text-align: justify;"><strong><em>(i)</em></strong>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <em>Effective implementation and compliance: </em>Appropriate measures that are applied to ensure consistent outcomes, coupled with a robust security quality control and oversight system.</p><p style="text-align: justify;"><strong><em>(ii)</em></strong>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <em>Sustainability</em>: Utilizing measures that are proportionate and realistic in the long term, duly coordinated with entities from other sectors (e.g. aviation safety, air navigation, facilitation).</p><p style="text-align: justify;"><strong><em>(iii)</em></strong>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <em>Cooperation and information sharing</em>. Strengthen cooperation and sharing of information between and amongst States and stakeholders. To ensure that the principles of cooperation defined in bilateral and/or multilateral air services agreements, recognition of equivalent security measures, and focus on security outcomes continue to be the basis for international cooperation.</p><p style="text-align: justify;"><strong><em>(iv)</em></strong>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <em>Security culture and human capacity development</em>. Establish a strong and robust security culture and develop human capital, skill and competency.</p><p style="text-align: justify;"><strong><em>(v)</em></strong>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;<em>Innovation</em>. Encourage stakeholders to devise, establish and share new and innovative ways to implement security policies and measures.</p><p style="text-align: justify;"><strong><em>(vi)</em></strong>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <em>Identifying, understanding, and managing risk</em>. Enhance understanding of aviation security risks, and take appropriate and effective action.</p><p style="text-align: justify;">Continued improvement ineffective implementation of Annex 17 is paramount to assure the security and regularity of air transport. The AVSEC Planning applies to each country and its stakeholders to guide effective implementation and compliance efforts, promote accountability for these security responsibilities, and enhance the effectiveness of global aviation security.&nbsp;</p><ol style="text-align: justify;" start="3"><li><strong>AVSEC Security culture</strong></li></ol><p style="text-align: justify;">AVSEC planning is focused on Developing Security Culture and Human Capability. Security culture is a set of norms, beliefs, values, attitudes and assumptions that are inherent to the daily operation of an organization and are reflected by the actions and behaviours of all entities and personnel within the organization. In relating to aviation security, building a strong security culture will capitalize on shared resources, promote information sharing, ensure recognition that effective security is critical to business success, establish positive security practices among employees as a core value, and align security to core business goals.</p><p style="text-align: justify;">An effective security culture can result in employees who are engaged with, and take responsibility for, security issues. It is an essential component for a protective security regime, which supports and maintains a risk-resilient organization. Promoting a positive security culture helps to mitigate against both insider threats and external threats as personnel think and act in more security-conscious ways and can identify and report behaviours or activities of concern. In turn, this results in all personnel feeling that they have a critical role to play within a security regime, and security overall being improved - for not just aviation security but for wider border security without the need for significant investment. From screeners to cleaners, and from taxi drivers to those working in airport retail outlets, all have a vital contribution to make to improve aviation security.</p><p style="text-align: justify;">A robust and efficient security regime must be proactive and supported by competent people. Furthermore, a security culture can only be successful if people are accountable and motivated to follow established procedures, comply with prescribed regulation and take the initiative when unforeseen circumstances arise. An effective Security Management System (SeMS) can offer one way to achieve this by providing an&nbsp;organized, systematic approach to managing security which embeds security management and risk ownership into the day-to-day activities of the organization and its people.</p><p style="text-align: justify;">All&nbsp;stakeholders should be encouraged to ensure capacity and capabilities are built up throughout the system by investing in human capital for a motivated and competent workforce. This will help to achieve a security culture where everyone knows their role and responsibilities within a security regime. Such actions could include those highlighted in the <strong><em>Security Culture Toolkit</em></strong><em>&cedil; </em>which includes, but is not limited to, initial and recurrent training on security culture and continuous learning activities; promotion of security culture by senior leadership, a targeted communication plan and continuous security awareness campaigns; and the establishment of a reporting system that guarantees the confidentiality of reporting individuals.</p><p style="text-align: justify;">It is emphasized&nbsp;that a transformation in security culture behaviour and awareness can be challenging to deliver and to embed throughout an organization from the top down. To receive the most benefit, all stakeholders and entities&nbsp;should take a multi-agency approach so that support for security culture is not just focused on aviation security but security as a whole.&nbsp; Organizations and industries need&nbsp;be&nbsp;encouraged&nbsp;to take immediate practical steps to begin delivering high profile behaviour change campaigns and other practical actions to promote a strong and sustainable security culture within their organizations.</p><p style="text-align: justify;">The aviation security culture can be well achieved throughout the aviation facilities&nbsp;through&nbsp;regular AVSEC Training and Quality Control oversight besides&nbsp;general security awareness to all stakeholders and users of&nbsp;airport facilities.</p><ol style="text-align: justify;" start="4"><li><strong> AVSEC Training</strong></li></ol><p style="text-align: justify;">Every effort to strengthen AVSEC, whether through the development of practical policies and procedures, advanced technology, and the implementation of effective measures, depends on human factors. To develop sound AVSEC policies and practical measures, personnel who are charged with these responsibilities will need to have a good level of AVSEC knowledge and appreciation of AVSEC challenges, in order to develop effective approaches and solutions.</p><p style="text-align: justify;">CAO clearly acknowledges the importance of AVSEC training. Under the Convention on International Civil Aviation, there are several SARPs that place emphasis on the importance of AVSEC training. &nbsp;ICAO&rsquo;s Global Aviation Security Plan (GASeP) which was promulgated in November 2017 also places emphasis on AVSEC training. Under the GASeP&rsquo;s priority outcome to develop security culture and human capability, it emphasizes that &ldquo;The existence of a well-trained, motivated and professional workforce is a critical pre-requisite for effective aviation security&rdquo;. The GASeP also has at least five priority actions and 10 priority tasks on improving AVSEC training.</p><p style="text-align: justify;">With greater synergies needed between regulators and industry, AVSEC training programs to help regulators, industry and operators to understand the common challenges and develop collective approaches to deal with new and emerging AVSEC challenges are also necessary. Further collaboration on AVSEC training between regulators, industry, operators and ICAO are strongly encouraged. These can include joint seminars, courses and conferences, where sharing of best practices and new AVSEC training needs and initiatives, including dealing with evolving challenges such as cybersecurity threats, landside security and dealing with the insider threats, will be useful and help generate cross regulator-industry appreciation and learning.</p><p style="text-align: justify;">Another critical area of AVSEC training is focused on providing top management personnel from regulators and industry with a strategic appreciation of AVSEC challenges and needs. This would be useful to help top management personnel to understand and appreciate the importance of AVSEC and how AVSEC needs and requirements can be better facilitated within the civil aviation ecosystem. It would also help top management personnel to better understand and forge stronger inter-agency and cross-organization collaboration between Governments, industry, and operators, on AVSEC risks, regulations and effective implementation of measures.</p><p style="text-align: justify;">In this regard, India strongly advocates the importance of AVSEC training. The Indian Aviation Academy1 (IAA) continues to develop and offer various AVSEC training programmes, including courses in collaboration with industry bodies.</p><p style="text-align: justify;">&nbsp;</p><ol style="text-align: justify;" start="5"><li><strong>Quality Control Oversight </strong></li></ol><p style="text-align: justify;">A fundamental component of an aviation security system is the effective implementation of quality control measures. In the aviation security context, quality control measures can be defined as the surveillance techniques and activities used to assess the aviation security system of the concerned country and, where required, to resolve identified deficiencies. To implement quality control measures, Appropriate Authority of Civil Aviation Security of&nbsp;each member State must develop, implement and maintain a National Civil Aviation Security Quality Control Programme (NCASQCP).</p><p style="text-align: justify;">Annex 17 of the International Civil Aviation Organization (ICAO), is the primary source of Standards and Recommended Practices (SARPs) for the establishment and management of a State&rsquo;s National Civil Aviation system, by addressing preventive and responsive security measures. The fundamental challenge for the establishment and management of such a civil aviation security system is to create an aviation security regime that is highly effective in preventing acts of unlawful interference and ensures compliance with specific regulations but does not unduly interfere with the efficiency of civil aviation, impose excessive costs or intrude unnecessarily into private rights or civil liberties. &nbsp;The Quality control oversight is responsible to:</p><ul style="text-align: justify;"><li>Determine Compliance with and validate the effectiveness of the State&rsquo;s rules and regulations relating to&nbsp;aviation&nbsp;security operations including&nbsp;the National Civil Aviation Security Program (NCASP).</li><li>Identify all aspects of security measures that might call for changes in aviation security regulations/NCASP or means of implementation.</li><li>Verify the effective implementation of security measures.</li><li>Monitor implementation of aviation security measures by airports, aircraft operators (national and foreign aircraft operators), Regulated Agents, Cargo Handlers, known consigners, catering companies and other entities that perform security functions, in compliance with regulations and the national civil aviation security program (NCASP).</li><li>Determine the adequacy of effectiveness of the National Civil Aviation Security Programme and regulations.</li><li>Ensure all persons who are assigned AVSEC duties or responsibilities are subject to background checks, selection procedures and are verifiably trained and instructed/certified to carry out such duties.</li><li>Review and re-evaluate security measures and controls immediately following an act or simulated exercises of unlawful interference.</li><li>Gathering of information on aviation security from sources outside the quality control system, such as reports on a voluntary basis from passengers, crew members and staff employed by airport and aircraft operators.</li></ul><p style="text-align: justify;">In order to achieve the primary objective i.e. protection and safety of passengers, crew, ground personnel, general public, aircraft and facilities of an airport serving aviation against acts of unlawful interference perpetrated on the ground or in flight, various combination of measures and marshalling of various human and material resources are implemented at the appropriate level through various programs. Standardized implementation of these&nbsp;AVSEC programs&nbsp;is to be ensured in India.</p><p style="text-align: justify;">It should be ensured by the appropriate authority that:</p><ul style="text-align: justify;"><li>The persons implementing security control possess all competencies required to perform their duties and are appropriately trained according to the requirements of the National Civil Aviation Security program and the appropriate records are maintained up to date. Relevant standards of performance need to be established and initial and periodic assessments needs to be introduced to maintain those standards.</li><li>The personnel carrying out security audits, tests, surveys and inspections are trained to appropriate standards for these tasks in accordance with the National Civil Aviation Security program.</li><li>The persons implementing security controls are subject to background checks and selections procedures.</li></ul><p>&nbsp; &nbsp; 6. <strong>AVSEC Challenges:&nbsp;</strong></p><p style="text-align: justify;">Terrorist groups are actively seeking ways to defeat or circumvent aviation security. All states have a responsibility to protect the security of citizens and nationals of all nations against terrorist attacks on air services operating within their territory.&nbsp;</p><p style="text-align: justify;">The global aviation industry is heavily relied upon by many and the demand for air travel will only grow. In fact, experts predict it will double over the next 20 years. That&rsquo;s why security has and will always remain a top priority for those in aviation. So the types of challenges related to security the industry face today are noted&nbsp;below:</p><ul style="text-align: justify;"><li><strong> </strong><strong>Insider Threats</strong></li></ul><p style="text-align: justify;">An&nbsp;<strong>insider threat</strong>&nbsp;is defined as the&nbsp;<strong>threat</strong>&nbsp;that an employee or a contractor will use his or her authorized access, wittingly or unwittingly, to do harm to the security of civil aviation&nbsp;throughout the world.<strong> Insider threats</strong>&nbsp;have long existed in the&nbsp;<strong>airline</strong>&nbsp;industry, such as when a Horizon Air employee commandeered a turboprop passenger plane from Seattle-Tacoma International&nbsp;<strong>Airport</strong>&nbsp;in August 2018, or an American&nbsp;<strong>Airlines</strong>&nbsp;mechanic tampered with an aircraft's air data module (ADM) system in 2019. Aviation leaders need to take a holistic approach by creating an insider threat program across the aviation industry. &nbsp;Increasingly, insider threat cases and high-profile data leaks illustrate the need for strong insider threat programs within organizations. The number of infamous and damaging attacks against the government illustrates that the threat posed by trusted insiders is significant.</p><p style="text-align: justify;">&nbsp;</p><p style="text-align: justify;">This threat will continue to grow as increased information-sharing results in greater access to and distribution of sensitive information. The effort should be developing&nbsp;novel methods to detect insider threats through disk-level storage behaviour and how an individual&rsquo;s behaviour diverges from prior behaviour and/or that of their organizational peers. Current approaches rely on rules/signatures and look for patterns matching previous attacks. Analysing disk-level storage behaviour with a lightweight media forensics agent will provide a more in-depth look at user behaviour for indicators and proactively identify potential threats.</p><ul style="text-align: justify;"><li><strong> </strong><strong>Cyber threat</strong></li></ul><p style="text-align: justify;">Cyber threats are a major concern for all companies and organizations worldwide, or at least they should be. Losing control of the most valuable assets &ndash; your data &ndash; could have potentially devastating ramifications &ndash; which is exactly why cyberattacks are becoming more and more common. Several of the major cyber threat incidents recently have been traced back to national agencies. Depending on the type of attack, such threats may be defined as either cyber-attacks or cyber terrorism.</p><p style="text-align: justify;">Cybersecurity is the protection of the privacy, integrity, and accessibility of devices, networks, systems, and data information. Cybersecurity is about protecting your data services from a potential cyber threat and being able to recover if an attack should occur. Building a solid cybersecurity system is difficult &ndash; and protecting Aviation operations from all external threats is borderline impossible.</p><p style="text-align: justify;">To succeed we need to have good routines on how to handle threats and breaches, foster a culture of security, test our applications, and perform exercises to increase knowledge of potential threats and security risks.</p><p style="text-align: justify;">Civil&nbsp;<strong>aviation</strong>&nbsp;is mainly reliant on <strong>cyber-enabled</strong>&nbsp;technology which is used to increase the safety and efficiency of air transport. &nbsp;However, the interconnectivity of systems and dependency on technology created the optimum premises for new risks to emerge.</p><ul style="text-align: justify;"><li><strong> </strong><strong>Security Screening</strong></li></ul><p style="text-align: justify;">Another ongoing challenge is security screening. This may include checkpoints for staff and contract workers. Most travellers are familiar with passenger checkpoint screening and cabin baggage screening because they experience it first hand at the airport. It also includes hold baggage screening as well as air cargo screening for shipments on passenger and cargo aircraft. Each of these checkpoints is unique with the volume of people and items flowing through, screening methodologies used, standard procedures to follow, and types of threats or prohibited items to look for.</p><ul><li style="text-align: justify;"><strong>&nbsp;Operations</strong></li></ul><p style="text-align: justify;">Day-to-day&nbsp;operations are another challenge for the aviation industry. Not only does each organization have to worry about the effectiveness and efficiency of their own performance, but they also have to be concerned about compliance with government regulations. In order for operations to be successful, cooperation between airlines, airport operators, regulators, and equipment manufacturers must be well-managed.</p><ol style="text-align: justify;" start="7"><li><strong>Measures to counter the challenges:</strong></li></ol><p style="text-align: justify;">With so many areas to proactively manage and control, how can security teams manage it all? The sheer volume of what goes on in an airport requires nothing short of a robust set of supervisory tools and powerful oversight designed to see it all at a glance with relevant alerts built-in at appropriate places. It must also track and report to ensure compliance at every step of a shift. Maintaining security standards and mitigating challenges can be achieved by:</p><p style="text-align: justify;"><strong>Creating a comprehensive view of the airport&rsquo;s security status and potential risks:</strong></p><p style="text-align: justify;">&nbsp;This is best achieved by moving the airport security officers into a fully digitalized workforce management environment. With a cloud-based solution that delivers real-time data, managers and supervisors can see their entire airport security status on a single screen, allowing them to identify potential security or customer conflicts before they become a serious issue. Security teams move from being reactive to proactive.</p><p style="text-align: justify;"><strong>Anticipating adjustments in staffing requirements:</strong></p><p style="text-align: justify;">Supervisors can proactively manage sudden changes in passenger flow or needs, as well. Long waits for just the right additional personnel are cut down when a supervisor can see, at a glance, who is on the clock and available to assist with coverage. With this approach, travellers needing extra assistance or enhanced screening can be assured that personnel are ready to do the job.</p><p style="text-align: justify;"><strong>Improving field monitoring and reporting operations:</strong></p><p style="text-align: justify;">&nbsp;Security supervisors need more than an assurance that their security officers are in the proper place at the proper time. From passenger screening to luggage checks to utilization of de-escalation techniques, supervisors need the unfettered ability to inspect officers in the field to ensure they are doing tasks by the book. Reporting the findings and reviewing them regularly should be a key part of improving the overall quality of your security operations.</p><p style="text-align: justify;"><strong>Locating and dispatching officers in real-time:</strong></p><p style="text-align: justify;">&nbsp;Airports cover large surface areas and security officers will likely be patrolling and performing duties in a myriad of locations. Supervisors can reduce risks and the margin for error by having the ability to locate their officers in real-time via GPS technology so they can instantly see where their officers are at any time and ensure they are at their stations performing their duties. This capability allows them to immediately dispatch the nearest officer, based on proximity, to investigate an alarm, support another officer, or respond to a member of the public. Geolocation capabilities mitigate risks by enhancing officer accountability and the delivery of efficient security services.&nbsp;</p><ol style="text-align: justify;" start="8"><li><strong>The utmost endeavours to achieve better security:</strong></li></ol><p style="text-align: justify;">Efforts should be directed towards making airport security systems smarter and more flexible, not necessarily more encompassing, or extensive. Intelligence on threats and adversaries can be the basis for configuring a flexible system to meet those threats and to focus enhanced security measures mainly on high-risk individuals. To this end, channels of information and coordination must be established between the airport security systems and the intelligence-gathering and -analysis activities of national and local law enforcement agencies.</p><p style="text-align: justify;">Another source of intelligence is the computer-Assisted Passenger Pre-screening System (CAPPS). When a ticket is purchased, CAPPS can rate passenger risk on the basis of about 40 characteristics, including address, credit history, destination, travel companions, type of payment, and type of trip. Special technology, such as electronic strip searches, that are too time-consuming to be used with all passengers could be employed to screen those identified as high risk. Other procedures not involving technology, such as personal interrogation and assessment, could also be employed with the few passengers identified as high risk.</p><p style="text-align: justify;">&nbsp;</p><p style="text-align: justify;">&nbsp;</p><p style="text-align: justify;">&nbsp;</p>
KR Expert - Gautam Banerjee