THE
P U B L I C AT I O N
FOR
T R A N S P O RTAT I O N
SECURITY
PROFESSIONALS
AUGUST/SEPTEMBER 2006
Mix and match Pa t t e r n t r a c k i n g n ew a n d o l d
Ready for anything? Simplifying building security
Globalizing port security
U.S. MARITIME SECURITY EXPO 2006 5TH ANNUAL EXPO & CONFERENCE
Guardian makes invisible traces of explosives extraordinarily clear ™
Precise screening of passengers for concealed explosives in seconds In the war against terrorism, even the tiniest clues are critical and Syagen technology specializes in detecting them. Syagen has designed the Guardian™ Explosives Trace Detection (ETD) Portal for people screening using the most accurate technology available. The patented mass spectrometry (MS) technology detects explosives contamination as small as onemillionth a grain of sand. MS has a resolution that’s 10 to 10,000-times greater than ion mobility spectrometry (IMS). This high resolving power enables MS to screen for more than 30 explosives simultaneously without compromising accuracy and precision. This advanced technology has been recommended by the National Academy
of Sciences as the core technology for explosives trace detection for aviation security.1 Incorporating the most advanced pre-concentration technology,2 Guardian produces performance levels unmatched in sensitivity, specificity and low false negative and false positive rates for the largest number of explosive compounds and is easily upgraded to search for new compounds should the threat scenario change. Guardian offers a comfortable environment during the brief screening process, high screening throughput and occupies a small footprint. For more information, contact Syagen Technology at 714 258-4400 x28
Guardian Explosives Trace Detection Portal
Syagen Technology, Inc. 1411 Warner Ave. • Tustin, California 92780 U.S.A. Tel 714 258-4400 x28 • Fax 714 258-4404 Email sales@syagen.com • www.syagen.com 1 National Research Council, “Opportunities to Improve Airport Passenger Screening with Mass Spectrometry,” National Academies Press, Washington DC, 2003. 2 Sandia National Laboratories (Albuquerque) “Hound” technology.
A D V E R T O R I A L
An Exact Match Syagen Technology’s mass spectrometry solution could be the key to improved airline security in the near future By Tom Venetis
W
hen Britain’s police and security services arrested some 24 persons for allegedly planning to blow up as many as 10 transatlantic flights to the U.S., security experts around the world worried about a new kind of terrorism threat. According to information released by the authorities, the suspects are alleged to have intended to smuggle on board the planes chemical components for liquid-based bombs, disguised as ordinary drinks and toiletries and undetectable by conventional security measures.
“There’s huge gap in financing the transition from R&D to commercial product” Jack Syage Dr. Jack Syage, president of Syagen Technology Inc. (Tustin, Calif.) believes that the news of this kind of concealed explosive dramatically underscores the inability of many security systems to screen persons for potentially dangerous materials. “The greatest vulnerabilities in securing airports and other venues is the lack of a non-intrusive way to detect concealed explosives on people,” Syage says. “Whereas baggage can be X-rayed and imaged, people cannot.” Liquid-based explosives pose a unique challenge because they are ‘invisible’ to many conventional security measures. But Syagen Technology’s Guardian Explosives Trace Detection (EDT) technology, along with the company’s mass spectrometry technologies, could offer airports a way of detecting such terror methods. Dr. Karl Hanold, principal scientist with Syagen Technology, says that detecting explosives requires a very accurate and precise detection system in order to identify the unique ‘signature’ of the materials that can be used in an explosive device. One way of doing this is to deploy mass spectrometry (MS) to detect explosive compounds. Current explosive trace detection systems use ion mobility spectrometry “which is a low resolution device not capable of monitoring many compounds simultaneously,” says Hanold. “Mass spectrometry offers 10 to 10,000 times more resolving power according to a recent National Academy of Sciences report and can meet the current and future requirements for effective trace explosive detection,” he says. “MS is considered the gold standard in chemical analysis.” The advantage of using MS is the technology can be calibrated so it zeroes in on the distinct detection signature of a potentially dangerous compound and not on any substance that is deemed safe or simply occurs naturally in the environment. This is often referred to as “specificity” and helps eliminate “false positives,” where something innocuous is flagged by mistake. At the same time, MS is sensitive enough that it doesn’t generate a “false negative” where a dangerous substance is missed, giving rise to a potentially serious security problem.
The TSA is in the process of acceptance testing Syagen’s Guardian EDT portal
Market-ready Syage says his company’s MS technology and Guardian EDT portal are “at a commercial stage of development” and currently undergoing acceptance testing with the TSA. By incorporating MS technology into the Guardian EDT portal, an airport security screener can potentially detect some 30 explosive compounds. According to Syage, the Guardian EDT works by “literally sniffing people” for traces of explosives that they may have concealed. “The individual walks into the portal and is subjected to air [currents] that will ruffle clothes and remove particles and contamination from their person,” he said. “This contamination is then collected, concentrated, vaporized and then analyzed by the MS for the presence of threat compounds.” Along with testing by the TSA, the company is also getting funding from the Department of Homeland Security. Syagen Technology has now begun to successfully transition from research and development to commercial products. Along with its Guardian EDT system, Syagen also has a line of photo ionization sources the company provides as an OEM product to such companies as Agilent Technologies, Thermo Electron, Waters Corporation and Shimadzu Corp. But Syage admits that moving from research and development to commercial introduction of products can be a daunting hurdle for many companies. “There’s huge gap in financing the transition from R&D to commercial product,” he says. “This usually achieved from the company’s ongoing cash flow – which is generally insufficient in small, emerging companies – or from investment capital. We’ve used both sources to launch our commercial products.” AUGUST/SEPTEMBER 2006
TransSec 3
C
O N T E N T S
AUGUST/SEPTEMBER 2006
10
COVER STORY
10
Ports Apart Trade is globalized: Is port security keeping up? BY
06
ANDREW BROOKS
12
INDUSTRY NEWS USCG Security Exercise ■ Prestwick security foiled ■ Modern Terminals charges for security ■ IBM takes on supply chain security ■ Defender highlights explosives detection
TECHNOLOGY NEWS
08 Anti-IED robot system launched
■
20 VIEWPOINT Maritime security: an inside view Better public-private sector collaboration and more non-intrusive container inspection systems are essential to ensure maritime shipping security, says a leading industry expert BY
16
ROMA IHNATOWYCZ
Anti-MANPADS use still distant CONFERENCES FEATURES & REPORTS
12 INFORMATION TECHNOLOGY Mix and Match Machines are learning how to tell right from wrong BY
ANDREW BROOKS
16 BUILDING SECURITY Ready for anything? True facility protection is a matter of matching a broad range of systems, technologies and processes to an equally broad range of threats BY
ANDREW BROOKS
4 TransSec
www.transsec-magazine.com
22 EXHIBITION PREVIEW Securing the Waters Hailed as the definitive conference on marine security, the fifth annual U.S. Maritime Security Expo turns things up a notch with more live simulations and high-level restricted meetings BY
ROMA IHNATOWYCZ
26 EVENTS Industry conferences, seminars, exhibitions and symposia coming up for 2006 and into 2007
23
E
D I T O R
’
S
L
E T T E R
TransSec is published six times per year (January/
Technology one more time
February/March, April/May, June/July, August/September, October, November/ December) by TransSec Magazine, 5720 Timberlea Blvd., Suite 201, Mississauga, Ontario, L4W 4W1, Canada. It is distributed internationally to transportation security executives, civil aviation authorities, airlines, cruise lines, rail companies, regulatory bodies, immigration and customs officials, security and policy makers, academic institutions, training specialists,
n the aftermath of the U.K. aviation security scare, it’s probably not too surprising that we find ourselves in a discussion about security technology and systems yet again. It happens after every major security incident – or near incident. And as far as I’m concerned, it’s completely understandable. Quite a few news reports in the days following the breakup of the alleged plot focused on the possible commercial benefit it would bring to firms operating in the security arena. At least one report mentioned L-3 and GE, two heavyweights that will be familiar to readers of TransSec. But there is a broader market populated by smaller firms with specialized systems that may now come into their own, some of which have also featured in our coverage. The U.S. Transportation Security Administration (TSA) says it is about to begin testing a Guardian Technologies system that scans x-ray images to detect liquid or solid explosives. Rapiscan Systems is working on a liquid explosives detector. Other companies that say they have relevant explosives detection systems – liquid and otherwise – ready or under development include Ahura Safety Corp. (“First Defender”), AS&E (“Backscatter” systems), General Dielectric (“BCT 2000”), Electronic Sensor Technology (“zNose”), DefenderTech International (“Protadas”) and HazMat Management Systems (“CASS”). The sudden attention being paid to technology post-crisis is typical – and natural. It’s natural to look for a quick fix when security seems to have been nearly outflanked. It was sobering to realize that such security holes still exist, and that someone somewhere is sharp enough to figure them out. But despite a host of companies offering solutions, the TSA is taking a healthy, cautious approach, warning that systems capable of forestalling the kind of plot uncovered in the U.K. aren’t yet ready for prime time. And of course there’s heated debate about whether the TSA is foot-dragging, or whether the reasons for the delay are legitimate. In one way, the fact that technology is a step behind is actually a good thing, since it forces security experts to look at other solutions. And other solutions do exist. Among the flood of press reports you will find mention of how the TSA is now deploying officers in airports who are trained to read gestures, behavior and facial expressions for signs of suspicious activity. Dubai International Airport is another example – behavior observation techniques used by security staff there are reported to have helped reduce the incidence of theft. And behavioral observation techniques have long been one of the staples of Israeli airport security. By all accounts the training required to detect suspicious behavior isn’t rocket science, involved as it may be. The Israelis have for years recruited university graduates from a broad range of disciplines for such techniques – not, as you would have thought, mining the ranks of the military or security agencies for experienced intelligence officers. Sometimes the best fix turns out to be a pretty simple one.
I
legal firms, transportation manufacturers, security technology suppliers, consulting firms, maintenance facilities and insurance companies. Subscriptions: US$200 for one year, US$300 for two years and US$400 for three years. Art and photographs will not be returned unless accompanied by return postage. The views expressed in this magazine do not necessarily reflect the views and opinions of the publisher or editor. August/September 2006. Printed in Canada. All rights reserved. Nothing may be reprinted in whole or in part without written permission from the publisher. © 2006 Global Marketing Company Ltd.
TransSec Magazine 5720 Timberlea Blvd., Suite 201, Mississauga, Ontario, L4W 4W1, Canada Tel: 1 905 629 0007 Fax: 1 905 629 1933 www.transsec-magazine.com
PUBLISHER: Aijaz Khan aijaz@globalmarketingcom.ca EDITOR: Andrew Brooks andrew@transsec-magazine.com ART DIRECTOR: Patrick Balanquit patrick@globalmarketingcom.ca SUBSCRIPTION MANAGER: Pina Lagrotteria pina@globalmarketingcom.ca EDITORIAL ADVISORY BOARD Dr. Abdulla Al Hashimi, senior vice-president, Emirates Group Security Michael Crye, Esq, president, International Council of Cruise Lines
Andrew Brooks Editor andrew@transsec-magazine.com 905 629 0007 ext. 35
Theo W. Fletcher, vice-president, supply chain compliance, security and diversity, IBM Integrated Supply Chain David Forbes, president, BoydForbes Inc.
AUGUST/SEPTEMBER 2006
TransSec 5
I
N D U S T R Y
N
E W S
USCG SECURITY EXERCISE As part of Bay Sentinel 2006, a multi-agency exercise conducted in August to test the area maritime security plan for St. Petersburg, Fla., a homeland security boat from the USCG Station St. Petersburg is shown establishing a security zone around the cruise ship StarShip while a Coast Guard helicopter from Air Station Clearwater, Fla., hovers overhead with a joint FBI/USCG boarding team ready to deploy. The cruise ship was playing the role of a vessel carrying hazardous cargo that attempts to enter the port with a suspected terrorist aboard. The boarding team is preparing to lower from the helicopter and search for the suspected terrorist. USCG Photo by PA1 Donnie Brzuska.
PRESTWICK SECURITY FOILED A group of activists protesting the use of Prestwick airport in the U.K. as a transshipment point for U.S. munitions bound for Israel was able to climb aboard a Hercules C-130 transport aircraft before security nabbed them. They accessed the airport using an airport map downloaded from the Internet and bolt cutters to cut their way through the airport’s security fence. The three protestors told press they simply headed for the most likely-looking aircraft – a group of several U.S. military transports. Once aboard, the group simply remained there, acting peacefully and 6 TransSec
www.transsec-magazine.com
doing no damage. As it turned out, the actual plane they boarded was being used as a troop transport. After the incident, local police said they had contacted airport management to ask them to undertake a full review of their security measures, and offered to provide expert help. Prestwick suffered two security breaches last year: one in June 2005 just before the G8 summit, and the other in February 2005 when a journalist walked across a runway and stood underneath a parked jet to demonstrate the laxity of security procedures at the airport.
MODERN TERMINALS CHARGES FOR SECURITY Modern Terminals has implemented a port security charge on laden containers entering or leaving its Hong Kong terminals by truck or barge. The charge is HK$20 (US$2.57) per 20-ft container and HK$30 (US$3.85) per 40-ft and 45-ft container. “The introduction of the charge follows the substantial investment that Modern Terminals has made, and will continue to make, to ensure that its security standards meet and even exceed today’s international level,” the company statement said. The company says it fully complies with the ISPS code, and has collaborated with other partners in various security-related programs, including the CSI, C-TPAT and ICIS.
Jerry Jasinowski of the Manufacturing Institute and IBM’s Theo Fletcher explain the value of the supply-chain security study
IBM TAKES ON SUPPLY CHAIN SECURITY At a special news conference held on August 1, academics and industry experts discussed the issue of supply chain security from a number of perspectives. On hand for the discussion, which was also broadcast via teleconference, were: Jerry Jasinowski, president of the Manufacturing Institute; Theo Fletcher, vice-president, import compliance and supply chain security at IBM; Dr. Lesley Sept, assistant director, Global Supply Chain Management Forum, Stanford University; and Arnold Allemang, senior advisor and member of the board of directors of Dow Chemical. The conference centered on a study conducted by the Stanford Global Supply Chain Management Forum together with The Manufacturing Institute and IBM. The study looked at innovations in supply chain security with a view to demonstrating to business leaders that security investments do have collateral business benefits, a case that’s historically been hard to make. Titled “Innovators in Supply Chain Security: Better Security Drives Business Value,” the research was based on input from 11 manufacturers and three logistics service providers, all of them considered to be innovators in securing their supply chains. Some of the benefits demonstrated included: ■ 37 percent reduction in tampering ■ 12 percent increase in reported on-time delivery ■ 50 percent increase in access to supply-chain data ■ 26 percent reduction in customer attrition ■ 20 percent increase in the number of new customers. Not all of the measures that can be taken to improve the security of supply chains are high-tech. Theo Fletcher of IBM told attendees that one way to examine a freight container for concealed contraband is to record its inside and outside dimensions with a tape measure and compare the figures. “That may sound archaic,” he said, “but I can tell you that in the past we have received containers at IBM that did turn out to have hidden compartments.” IBM also uses advanced technologies such as GPS and RFID as well as tamper-evident seals. Arnold Allemang of Dow pointed out that one important part of his company’s supply chain security strategy is to get as much advance information as possible about the drivers who will be bringing rigs into Dow facilities. “You want to know something about them, their background,” he said. “We also have two drivers on every shipment so that the cargo is never left unattended.”
DEFENDER HIGHLIGHTS EXPLOSIVES DETECTION One of the companies highlighting its explosives detection technology in the aftermath of the U.K. aviation scare is DefenderTech International (DTI, Saint Clair Shores, Mich.). DTI says that its Protadas can detect the types of containers – plastic, composite, that might be used to carry liquid explosives hidden under clothing to avoid recently tightened airport restrictions. The system can also detect devices of the size and composition most commonly used to construct non-liquid explosives – materials that DTI says metal detectors and other sniffer-type devices normally can’t pick up. DTO joins a growing number of compa-
HazMat’s CASS system
nies whose technologies may come in for closer attention in the current atmosphere of heightened security. Others include HazMat Management Systems, which makes the CASS chemical analyzer, a system that can determine a liquid’s chemical composition without requiring the container to be opened by identifying its acoustic signature. However, as noted in the August 31 TransSec e-newsletter, the TSA has been slow to move on deploying these technologies on a wide scale at airport security checkpoints. The agency says many of the systems aren’t yet ready for broad deployment, but cost and time issues are likely as large a factor. AUGUST/SEPTEMBER 2006
TransSec 7
T
E C H N O L O G Y
N
E W S
ANTI-IED ROBOT SYSTEM LAUNCHED A remote-control robotic system that can explode improvised explosive devices (IED) and determine if a suspicious package contains hazardous chemicals has been launched by the Technical Solutions Group of AMTI (AMTI TSG, of Virginia Beach, Va.). The r500 is AMTI TSG ’s newest robotic system, designed for repeated use in reconnaissance and surveillance operations. Besides being able to destroy IEDs and other threats, the unit can affix a sensor to detect chemical and biological hazards and other dangers. The system can be operated with a hands-free heads-up display (HUD) or with an LCD monitor for collaborative viewing. Both camera and truck have an operating range of about 1000 feet and the truck can move at speeds up to 35mph. AMTI TSG’s R-500 can detect IEDs, chemical and biological threats and other hazards
ANTI-MANPADS USE STILL DISTANT Researchers are making steady progress in developing and refining missile defense systems for use on commercial aircraft, but a U.S. government report states that widespread deployment could still be decades away. The report, obtained by Associated Press, said that laser-based systems developed in a test program still don’t meet Department of Homeland Security (DHS) reliability standards. Security experts are still very concerned about the threat to commercial aircraft posed by shoulder-fired missile systems, or MANPADS (man-portable air defense systems). The systems are small, easy to use and inexpensive – and they’ve already been used against aircraft, as in the case of two MANPADS missiles that narrowly missed an Israeli passenger plane taking off from Mombasa, Kenya in 2002. The U.S. Congress promoted the development of systems by manufacturers, but so far has been unwilling to finance their implementation on the U.S fleet of 6800 airlines, which would cost billions of dollars. In 2004 DHS gave BAE Systems and Northrop Grumman Corp. US$45 million each to adapt existing military systems for civilian use. At the beginning of August both companies announced they had received follow-on funding for the 18month Phase III of the DHS program, which involves expanded testing of systems mounted on cargo aircraft. Northrop Grumman said its contract was worth US$55.4 million. BAE did not disclose any figures. In 2003 33 countries agreed to measures to control the export and storage of MANPADS missiles. At the end of August, Australia joined Europe in calling for a crackdown on the illicit trade in the systems. The call came after Swiss authorities in June arrested a group of North Africans who were allegedly planning to fire MANPADS missiles at an El Al airliner. 8 TransSec
www.transsec-magazine.com
BAE researchers with the company’s Agile Eye II, a potential lower drag replacement for the company’s current JETEYE anti-missile system
A schematic rendering of how Northrop Grumman’s anti-missile system functions
M
A R I T I M E
S
E C U R I T Y
Trade is globalized: is port security keeping up?
othing better illustrated the global implications of port security and the changing nature of the security threats faced by ports than the Dubai Ports World controversy. When the global port operator acquired another major player earlier this year, the ensuing debate highlighted the pace of corporate change among port operators worldwide, and demonstrated how murky the issue of actual port ownership has become. In March, Dubai Ports World (DP), a
N
high-level support for the deal from the U.S. Administration and an improbable chorus of erstwhile political foes, DP backed off to the extent of promising to transfer the acquired U.S. port operations to a “U.S. entity.” It began evaluating U.S. bids for those controversial operations in mid-August. The controversy capped several years of rapid-fire mergers and consolidations in the global shipping industry, but as HSToday magazine noted (“Ports after the Storm,” April 2006), “foreign ownership is an
“Terrorism is part of the threat to the supply chain, of course, but it’s more than that” Fer van de Laar, IAPH major port operator based in Dubai, UAE, announced its purchase of the U.K.-based port operator Peninsular & Oriental Steam Navigation Company (less quaintly known as P&O) for US$7 billion. The acquisition put the operation of U.S. ports in New York, New Jersey, Philadelphia, Baltimore, New Orleans and Miami in the hands of DP. Once politicians and the media got wind of the deal it quickly became controversial, with politicians noting that two 9/11 hijackers had been UAE nationals. Ultimately, in spite of 10 TransSec
www.transsec-magazine.com
accepted part of the business.” P&O itself is a U.K.-based company, and supporters of the DP plan were quick to point out that this kind of foreign ownership didn’t seem to trouble anyone. Another case in point: Singapore-based PSA International, which briefly vied with DP for the P&O assets (it dropped out of the running in February), didn’t set off anyone’s alarm bells. Another aspect of the deal that garnered special attention from security experts was the issue of sharing port security plans.
U.S. maritime regulations call for the formulation of security plans for all kinds of waterfront facilities. These individual plans are then consolidated locally and regionally into Area Maritime Security plans. While many aspects of port operations are closely held for security reasons, these plans can be shared with port operators at the discretion of the local U.S. Coast Guard.
Tech troubles A major problem for U.S. port security is the fact that while technology is abundant and security processes are advancing at a good pace, there are few uniform standards for how security information is handled and distributed. This lack of clarity plays a large role in making the issue of foreign ownership of port operations more sensitive. It also seems to be playing a role in holding up the implementation of the much-heralded Transportation Worker Identity Credential (TWIC) program, a plan to issue foolproof security cards to hundreds of thousands of workers at ports and other transportation facilities across the country. The technology behind the TWIC credential is solid and would add a firm layer of security anywhere it is used. But technology is always a two-edged sword. The TSA has missed some important TWIC deadlines thanks to the difficulty of establishing uniform standards for the card
BY
ANDREW BROOKS
The security standards on both sides of the Atlantic are fairly uniform, says van de Laar, largely thanks to the forward posture adopted by European ports before 9/11. In spite of the difficulties noted in the EC report cited earlier, the European Union has still had a large role to play in harmonizing standards, giving European ports a unified direction and impetus in much the same way as the centralizing role of the U.S. government acts upon ports in that country. North America, of course, also has its own kind of EU-like transnational harmonization mechanisms, beginning with the North American Free Trade Agreement (NAFTA) and developed further in various security partnerships launched since 9/11.
The economic motive
Emergency response simulation technology is becoming increasingly sophisticated, and allows security staff to go through realistic scenarios step by step at minimal expense. Photo courtesy ETC
readers that will have to be installed. More recently the agency announced it would postpone the requirement for ports and other players to buy and install the readers during TWIC’s Phase One – and the financial burden that ports will have to bear continues to be a sore point. The U.S. barge and port industries have formally filed complaints with the TSA about the problem of financing the machines. At press time the agency extended the period provided for public comment on this and other aspects of the program, but it says it still plans to go ahead with distribution of card readers at the end of this year. Financing security is also an issue on the other side of the pond. At the beginning of August, the European Commission announced that it had adopted a report on the financing of security measures for the maritime and aviation sectors. The report, according to the EC, warns that the costs of security can be significant and are typically passed on to users. Further, security financing mechanisms are by no means as uniform across the EU as they could be, which could distort competition, and the report recommends greater transparency in revealing to supply-chain partners exactly what they’re paying by way of security taxes and surcharges. The report also states that
government funding of anti-terrorism security measures does not constitute “state aid,” a way of forestalling objections that might be based on the ‘distorting’ effect of uneven security investment. The EC notes that the EU has more than 1200 seaports and 4000 port facilities, and that some 9000 vessels sail under the flags of member states. The study reports “considerable variation” in the amount spent on port security across the different types of ports, such as multi-purpose and container ports. But most of this variation, the report suggests, is due to the fact that many facilities already had different security measures in place for anti-theft and other supplychain reasons long before security against terrorist threats such as dirty bombs became the stuff of headlines. “For most ports in Europe, and for the companies that operate in them, the security that came in after 9/11 wasn’t a new thing,” says Fer van de Laar, managing director of the International Association of Ports and Harbors (Rotterdam, Netherlands). “Five years before the ISPS was adopted, it was as difficult to get into a European terminal as it is now, and that’s because we care about our customers. We’re liable for the goods that come into our care.”
Selling security to businesspeople can be difficult. The payoff is that nothing happens, and “nothing” doesn’t rank very high as a return on investment. But as has been pointed out so often, increased port security – and increased maritime security generally – are virtually synonymous with more efficient supply chains. The goal of knowing exactly where a cargo is anytime and anywhere, monitoring conditions in freight containers, knowing exactly when and where freight is being moved and by whom, all adds up to a vastly more efficient supply chain. Here, van de Laar says, a program like the U.S.-led Container Security Initiative (CSI) has brought benefits even to the efficient and already security-savvy port operators of Europe. “The CSI has had a positive effect,’ he says. “It allows ports to do some advance planning, because it involves profiling containers, cargoes, the flow of goods from all parts of the world.” The cost of the advanced security is borne by shippers and port operators, which of course pass the costs on to their customers, but the extra amount is negligible, says van de Laar. The EC report cited earlier backs him up on this: it says that an average of €100 per European-registered vessel is invested in security, which constitutes between 0.0006 and 0.0015 of total sector investments. A Rand Corp. study released in August said that the detonation of a 10-kiloton nuclear weapon at the Port of Long Beach in Los Angeles could kill as many as 60,000 people, irradiate 150,000 and cause economic damages ten times greater than those caused by the 9/11 attacks. All ships in the port, and much of the infrastructure – along with nearby oil refineries – would be destroyed in the blast. The breadth of potential losses is a good motive for everyone involved in the supply chain to get involved in making ports more secure. “IAPH is working with companies in the supply chain to try to secure it,” says van de Laar. “Terrorism is part of the threat to the supply chain, of course, but it’s more than that. It’s about the security of the supply chain, about ensuring that the goods reach ■ the customer.” AUGUST/SEPTEMBER 2006
TransSec 11
I
N F O R M A T I O N
T
Mix
E C H N O L O G Y
and
match
Machines are learning how to tell right from wrong
t its most basic, looking for significant patterns in large masses of data is a matter of numbers, whether it’s the huge amount of mathematical processing undertaken by computers in drawing concealed correspondences between elements of raw data, or looking at the often surprising, counterintuitive patterns that exist in numbers themselves. But human activity always leaves traces, and those traces can be found if you have the smarts – and the tools – for the job. Benford’s Law is a good example of how what belongs in a series of numbers can be distinguished from what doesn’t. It’s a mathematical maxim that sets down the likelihood of given numbers occurring in legitimately generated data. It has been used in a wide variety of applications. Among other things, it enables tax accountants to detect returns that have been filled out fraudulently, because numbers supplied solely by the imagination will tend to be evenly distributed at random, while legitimately generated figures actually do not occur in an even distribution. So, for example, the probability that the leading digit of any given legitimately generated number will be a 1 is around 30 percent, while the number 9 is likely to be the first digit less than five percent of the time. It’s more complicated than that, of course, and the law’s validity can be nullified when numbers are converted from one set of measures to another or where the data itself is such that numbers tend to occur within a narrow range. For example, 9 and 1 are both ruled out as leading digits when the category is “height of an adult in inches” – outside of circus sideshows. Several years ago Canada’s Revenue Agency adopted a software package that uses Benford’s Law to help find suspicious patterns in the numbers provided on tax returns that suggest they were generated by other than legitimate calculations. Numbers also figure in the work of Trade Transparency Teams, special units set up by U.S. Immigration and Customs Enforcement (ICE) to detect and disrupt the international financial networks operated by terrorist and criminal groups. In the late 1990s the ICE
A
12 TransSec
www.transsec-magazine.com
teams found trade figures indicating that Colombia was exporting more gold than it was actually capable of producing. This was an example of criminal activity, but the teams can apply the same software to intercept terrorist funding flows – although technology is also
Cogito specializes in “graph-based relationship analytics” (GBRA), a software technique focused on sorting through large masses of data – phone records and other information – to discover relationships between individuals and then depict them
“There’s an immense amount of data out there, and a huge demand for the ability to glean intelligence from it” William Donahoo, Cogito helping nefarious elements to stay one step ahead, for example through “digital money laundering,” using commonly available tools like PayPal and BidPay to escape outdated financial reporting requirements. On a more advanced level, the U.S. National Targeting Center in Virginia has developed a “targeting algorithm” to help port security staff evaluate incoming cargo. Based on at least two decades’ worth of data on incoming cargo, the algorithm looks for anomalies such as unusual weight for a given commodity, or an unusual country of origin. It assigns points to each anomaly and triggers a physical examination when a certain threshold is reached.
Calling cards The use of phone data has become controversial in the U.S. recently, with the judicial overturning of a phone surveillance program run by the National Security Agency (NSA), but security agencies continue to analyze vast quantities of phone call data to uncover patterns and explore the dynamics of suspicious groups. In one notable demonstration of the capabilities of software in this field, patterntracking analytics were applied to the 9/11 hijackers after the attacks, and were able to determine which individuals played a leading or central role by tracking their centrality in the communications of the entire group. Cogito Inc. (Draper, Utah) develops the software used for such pattern tracking.
in graphic form for analysts to interpret. GBRA can be useful in a number of applications, ranging from financial analysis to database research, but one obvious application is security. The company’s Knowledge Center product is based on neural networking and can process a mass of apparently unstructured phone records to determine the actual dynamics of the relationships between the people who made the calls to each other. The real value comes when tracking calls between members of a group who are attempting to evade detection by communicating as indirectly as possible. “Really good analysts can use this tool to help them see how information is flowing,” says William Donahoo, Cogito vice-president of product marketing. Donahoo cites one example in which a customer had been asked to track calls from members of Iraq’s government to known figures in that country’s insurgency. Phone call analysis coupled with human intelligence – tips, or suspects rounded up in counterterror operations – could enable intelligence analysts to decide where to focus their efforts. “There’s an immense amount of data out there, and a huge demand for the ability to glean intelligence from it,” Donahoo says. Another application of pattern recognition is “intelligent video” surveillance, where raw video footage recorded by CCTV networks is closely analyzed for anything that departs from predetermined norms. The
BY
ANDREW BROOKS
Different strokes t the end of 2005, BioPassword (Issaquah, Wash.) dared attendees at a technology show in Las Vegas to crack a PC using its security software – and was confident enough to offer a US$10,000 prize. It wasn’t asking people to crack 256-bit encryption or spoof an iris recognition system. The PC only had a password, which BioPassword openly provided. 1200 people tried to log on and failed, even after BioPassword rubbed it in on the show’s final day by raising the purse to US$100,000. The key to the authentication system is that it identifies an individual’s unique typing patterns and keystrokes to within milliseconds, so that no one but the legitimate user, who registers their unique pattern by typing the password several times, can actually use that password to log on. “It measures the timing of keystrokes with respect to each other,” says Greg Wood, BioPassword’s chief technology officer. “It gives a great view of the ‘cadence’ that is uniquely identifiable, to the point that it’s approaching the performance of a thumbprint reader.” Wood hastens to point out that so far the technology is employed to provide authentication as opposed to individual identification. However, he says, given that it does hinge upon the identification of one person’s unique typing pattern, it could be used to supply firm individual identity across a reasonably large sample where every person in the group has registered on the system. Wood says the software has a broad range of potential applications for any devices where a keyboard interface is used, such as cellphones and handheld PCs. The product is now in use by banks and credit unions, and also by a music rights management service that distributes tracks to radio stations over the Internet. The system can also be calibrated to allow greater or lesser precision in matching keystroke sequences and timing, so that customer-facing applications won’t become inaccessible to the public, and can also be set up to allow escalating levels of authorization depending on the precision of pattern matches.
A
Intelligent video analysis enables surveillance systems to alert human operators to unusual items or events in real time. Photo courtesy Cogito
Phone call patterns can help intelligence operatives distinguish group leaders, and figure out other group dynamics. Photo courtesy ObjectVideo
technology not only improves security: it also drastically eases the heavy workload associated with conventional video surveillance, where human operators have to stay alert for hours on end to detect anything out of the ordinary – or stay alert for hours on end watching hours of recorded footage after an event has occurred. Intelligent video analysis is also more proactive, as the technology can be applied to detect anomalies in real time, before or during an incident. The systems have advanced to the point that they can be used to detect increasingly subtle anomalies,
such as an object being left in an unusual location – or for an unusually long period of time – or a person moving the wrong way in an airport queue.
A note of caution A report on the National Targeting Center’s cargo “targeting algorithm” in the June 19 New Yorker noted that over-reliance on numerical analysis had cut the experience of dockworkers out of the security equation. The former inspector general of the DHS, Clark Kent Ervin, also reported in 2004 that more contraband had been
detected in incoming containers selected at random than in those separated out by U.S. Customs and Border Protection (CBP). Technology can’t work properly without experienced human intervention, which brings to bear qualities that the digital realm so far does not have. As a member of Port of New York and New Jersey staff member said in the New Yorker report, “you’ve got to use your imagination” when looking for things out of the ordinary. So far, imagination is one quality no software developer has been able to write into the code. ■ AUGUST/SEPTEMBER 2006
TransSec 13
Intelligent Surveillance When it comes to securing your perimeter and high value assets, our automated all-weather wide area surveillance detection and tracking sub-systems are always watching... your enemy that is. At 4D Security Solutions, Inc. we are focused on providing immediate Situational Awareness in any environment, allowing you to access a security threat before it materializes. Our trusted experience, combined with our unique integrated security solutions allows the end users to meet their existing and emerging security challenges real-time. From the use of sophisticated ground radar and night surveillance systems to the installation of visible or “virtual” barriers, 4D Security Solutions’ sophisticated perimeter protection, sensor and smart fence technologies provides you with a customized Common Operational Picture (COP), in a user-friendly integrated package.
SUNY Maritime Demonstration Facility Site Set-Up Includes: C 4 Support Software Centralized Sensor Fusion Crisis Management Software Wide Area RF Sensors Thermal NVIR PTZ Camera Video Motion Detection (VMD)
& Non-Motion Detection (NMD)
We invite you to see our proven technology solutions.
Contact us today! (212) 801-1026
www.4-Dsecurity.com
A
D
V
E
R
T
O
R
I
A
L
4D Security Solutions, Inc. a NYC based security solutions
Our operational systems experience and multi-layered surveillance
provider offers true all-weather wide-area surveillance, detection,
concepts provide users with the ability to operate integrated sur-
tracking and assessment systems to major customers in opera-
veillance systems that possess enhanced probability of detection,
tions such as borders, airports, railway yards, maritime ports and
with reduced false and nuisance alarm rates. A testament to our
other critical facility perimeter intrusion detection solutions.
drive to provide performance driven solutions 4D utilizes it’s active demonstration facility at SUNY Maritime College in Bronx, NY, to
All of our key sensor components, both of our own design and
insure that our technology is best of the best in addressing
manufacture, and those acquired from our select suppliers are
perimeter protection.
linked and operated seamlessly as one system through our unique sensor command and control software suite.
The 4D demonstration site at SUNY-Maritime College is an installed, deployed and fully operational perimeter intrusion sys-
Our technology is proven in demanding installations world-wide
tem that is used as a source for customer evaluations of our capa-
including some of the largest borders, metropolitan airports, mar-
bility and an avenue for users to get a look at the operational capa-
itime ports and military installations in the world.
bility of our products. A multi -layered sensor demonstration approach focuses on ground-based radars (GBR), video motion
Components of our solution include:
detection (VMD), non-motion detection (NMD) and other line and
■ Integrated Command & Control software, coupled with Crisis
area sensors as applicable, to demonstrate the type of perimeter
Management procedures ■ Centralized sensor fusion, command support software – ties
security system solutions available for multiple customers unique applications. The demonstration system provides video displays,
all sensors and remote devices and subsystems (e.g. fence
recording of detected intrusion scenes, sensor fusion, etc.; all to
alarms, cameras, VMD, access control and mobile vehicles
a simplistic command & control center.
etc.) into one synthesized operating system ■ All-weather wide-area RF sensor – wide area scanning or localized fixed versions for detection of intrusion or direction
Customer assessment and evaluation of our demonstration site is encouraged and can be scheduled at customers’ availability.
of movement and tracking in user defined zones ■ Day cameras with pan-tilt-zoom control operated remotely from the central command station
Please feel free to contact 4D Security Solutions, Inc. offices at (212) 801-3744 or visit our website at www.4-dsecurity.com.
■ Infrared and thermal cameras for exceptional night-vision surveillance ■ Video processing to include intelligent motion detection, non-motion detection and image stabilization ■ Video recording systems for evidence gathering ■ Plus numerous other components to create tailor made solutions.
AUGUST/SEPTEMBER 2006
TransSec 15
B
U I L D I N G
S
E C U R I T Y
Advanced simulation technologies allow security managers and first responders to rehearse building security incidents. Images courtesy ETC
Ready for anything? True facility protection is a matter of matching a broad range of systems, technologies and processes to an equally broad range of threats e have incidents every day.” That was the response of Barbara Carley, managing director of the 110-storey Sears Tower in Chicago, to a reporter who asked about the intensity of security threats at the building. Security managers at the Sears Tower are probably among the more forward-thinking anywhere in the world, given the nature of the targets attacked in September 11, 2001, but it isn’t just terrorism that managers of major buildings have to worry about. “There are a lot of things that happen in a building of this
“W 16 TransSec
www.transsec-magazine.com
size, and we do talk to the police on a daily basis,” Carley said. The disparate nature of the threats faced by large structures is mirrored by the kind of security strategy that – ideally – is put in place to prevent and cope with those threats. Access control, CCTV surveillance, perimeter security, biometrics, communications, remote control of doors and locks, reinforced or bombproof/bulletproof glass, blast walls, anti-vehicle barriers, emergency lighting, evacuation routes, firefighting systems, alarms, evacuation plans and drills, shelter-in-place capabilities such as rein-
forced rooms equipped with food, water, toilets and independent communications, public address and signage systems… the list is a long one, and evolves as technology and security awareness advance. Under previous management, the Sears Tower got a major security overhaul in the aftermath of 9/11, increasing staff numbers and adding metal detectors, keycard turnstiles, upgraded communications systems and new digital cameras. When CB Richard Ellis assumed management two years ago it decided to make some of the security systems a bit less obtrusive, but also instituted
BY
ANDREW BROOKS
The new Beijing TV Center in China is slated to receive an advanced integrated security and communication intercom system, provided by Zenitel and Beijing Nera Stentofon Communication Equipment Co. Ltd. Photo courtesy Zenitel
an online visitor registration system and launched a security education program including fire drills, medical training and special seminars. Security at the building is now described as equivalent to what you’d find at an airport. Is it all enough to stop a determined attack? That question remains open. More could almost certainly be done, but here as in other arenas security eventually becomes a tradeoff between the attempt to be completely foolproof and the need to keep a facility – buildings, airports, seaports, rail terminals, what have you – open for business without too much inconvenience. It all drives home the increasingly difficult job security managers have in deciding how much to do, and where and when to do it, when they have to pick and choose from an increasingly complex array of human and technological solutions. But if technology is part of the problem in making things complicated, it can also be part of the solution in sorting through that complexity. One way this has been happening recently is in the growing deployment of Internet Protocol (IP) connectivity between security devices, systems and staff. IP connectivity is a leading driver of overall security system integration. Once CCTV cameras, alarms, doors, locks, access control devices etc. all have ‘web addresses’ of their own they become relatively easy to manage and monitor from a networked central location, either inside the building itself or even from a remote site. When the Port of Wilmington embarked on a major security overhaul in 2002, they opted for a blue-chip concoction of the latest systems, including some specialized ones of particular interest to ports. But one of the most interesting
wrinkles they added is of direct value to any enterprise with multiple sites: Wilmington partnered its security and
control system with a similar one being implemented at its sister port, Morehead City, 100 miles away. The security of either
“Operators have more and more capabilities, more and more different kinds of systems – but they’re still running the same old fashioned procedures” Brian Hennessey, Adacel Systems
The same page: technology harmonized The necessary breadth of a genuinely integrated approach to building security reaches beyond the four walls, as exemplified by network provider Global Crossing, whose security strategy aims to protect infrastructure, data and people. The strategy, as described in the April 2006 issue of Security Technology & Design, included hiring and HR practices, physical access control and data security. Notably, the strategy features a specially designated vice-president and a global “Security Organization” that assesses risk and formulates security policy, handling some global security functions itself but leaving others to local management where appropriate across Global Crossing’s worldwide network of facilities. As an example of local involvement, the Security Technology & Design article notes that when a Brazilian facility wanted to tighten security in the face of rising gangrelated crime, local management worked with the Security Organization to come up with a response, increasing the extent and technological capabilities of the facility’s perimeter fence. At the same time, the company also places great weight on the adoption of uniform technologies across its global network. For example, the use of identical digital video recorder (DVR) technology throughout dozens of company facilities in four countries provides security information to local managers while enabling global management to control and monitor the system from a central location. Similarly, the use of a single technology platform for employee access cards means that the same cards can work on multiple access systems at different facilities. This has reduced the number of actual cards in circulation by a third, itself increasing the security of the cards and making card management and assignment much simpler.
AUGUST/SEPTEMBER 2006
TransSec 17
B
U I L D I N G
S
E C U R I T Y
facility can now be completely managed from the other. Thanks to the implementation of wireless communication, the two-port network also includes a mobile command unit, and the same access card system for both sites. Starting with a security system that was little more than “guards, gates and guns,” Wilmington is now among the most technologically advanced seaports anywhere in the U.S.
As real as required But by increasing the number, type and complexity of security systems that can be managed efficiently, the availability of wired and wireless connectivity also raises the bar when it comes to choosing systems and putting them in place. Here again, technology has a solution, although it’s one that’s emerging only very slowly for this particular application: computer simulations. Event simulations are an increasingly widely deployed variety, such as the Advanced Disaster Management Simulator (ADMS) system offered by Environmental Tectonics Corp. (ETC, Orlando, Fla.). The system – featured in the Sept./Oct. 2005
BY
issue of TransSec – enables first responders to walk through the entire sequence of events that occurs in the aftermath of a major disaster, whether natural or deliberately caused. Potential applications from the point of view of building security include triage of the injured, fire suppression, chemical and hazmat response, and the effectiveness of evacuation plans and routes. But it’s at least as logical to use simulation technology before a security system has even been put in place. Adacel Systems (Orlando, Fla.) is one company that is heavily involved in building simulation with a heavy specialization in security system design. Its VAST software enables building managers and security planners to set up a virtual security system consisting of all the elements such as sensors, access control systems and CCTV networks, which can be configured to simulate particular capabilities such as camera ranges, infrared vision, etc. It goes a step further, however, in allowing actual attacks to be programmed in and worked through, including vehicles, aircraft, boats and other craft as well as people. Alarms are sent in
ANDREW BROOKS
XML, a widely used format that enables VAST to interact with any computer system. And the ‘enemy’ can behave intelligently, for example abandoning an attempt to break through a perimeter at one point if extra cameras have been positioned there, and moving on to look for a more vulnerable zone. “You can learn how to operate a closed circuit TV camera,” says Brian Hennessey, Adacel’s director, advanced programs. “Sure you may be able to point, tilt, zoom, whatever, but that doesn’t make you a security expert. For that, you also have to learn how to react to an actual incident – and that’s a whole different picture.” Adecel originally arrived in the building security market through its widely used air traffic control simulator, which gives you a good idea of how complex a business security system management has become. “Security centers are starting to look more and more like ATC systems,” says Hennessey. “Operators have more and more capabilities, more and more different kinds of systems – but they’re still running ■ the same old fashioned procedures.”
Brick by brick: the many elements of building security nytime there’s a large project, we always believe that lards can be lowered below ground level when not required, the senior security specialist should be part of the eliminating the aesthetic dimension entirely. “We want to get master team from the outset,” Dr. Neil Livingstone away from Jersey Barriers,” Livingstone says. says in a special webcast available at www.domesticpreparedAtriums – Atriums are a nice idea, design-wise, but they also ness.com. Livingstone is the CEO of GlobalOptions, a company greatly magnify the potential damage caused by an explosion. with a very broad mandate: it lists risk management, executive Huge open areas in the center of a building enable shock waves protection, investigation, litigation support and crisis communito travel farther, increase the risks posed by flying glass, and cations among its security capabilities. reduce structural integrity. The floors of a building are one of its But building and facility security is one theme that built-in defenses, and anything that reduces floor area increases Livingstone touches on especially frequently at conferences and vulnerability. The U.S. Marine Corps barracks in Beirut, where in articles. His webcast is a schematic breakdown of the various more than 240 Marines were killed by a truck bomb in 1983, feaelements that go into securing buildings. Here’s a look at a few tured a large internal atrium. of the elements and vulnerabilities that Livingstone addresses. Glass – Another widely used architectural element – and Mailroom – In the aftermath of 9/11, a rash of anthrax scares again, a bad idea according to Livingstone. In the 1998 attacks occurred, with suspicious white powders mailed to various indion U.S. embassies in Tanzania and Kenya, flying glass was viduals and facilities around North America. The atmosresponsible for about 90 percent of the casualties. As phere was such that icing sugar that got brushed off a with other building materials, blast-resistant varieties doughnut was liable to be enough to shut down an are now available, although they tend to be quite a bit office, but there were legitimate instances. Anthrax heavier and can’t simply be swapped in to replace regaside, there are enough good reasons to move a mail ular plate glass (see next item). operation into a separate part of a building – if not offSecurity ‘designed in’ – For a building to be site entirely – that this was a regular part of Livingstone’s truly secure, the security elements have to be factored recommendations to customers well before 9/11. That in from the beginning. “You have to ascertain and measure the threat environment before you can understand turned out to be prescient when the State Capitol of how much security any building needs,” Livingstone Wyoming’s mail operations received a ‘white powder’ says. As you might expect, he isn’t a fan of retrofitting envelope. The mailroom had to be shut down, but for security, recalling one case with a customer in Latin because GlobalOptions had already persuaded the govAmerica. The previous security contractor had added ernment to move it into a different building, state busiheavy laminated security glass windows to a building, ness continued uninterrupted. but without reinforcing the window frames to take the Landscaping – Federal authorities recommend considerable added weight. GlobalOptions arrived ona 350-ft. offset from any thoroughfare for optimum site only to find that the glass was literally falling out of security – an option that’s clearly out of the question in the windows. a practically infinite number of cases. The alternative: Livingstone admits the Pentagon’s security retrofit use natural contours such as ponds, hills and gullies to Bollards don’t have to look like several years ago was a good idea, but notes that planlimit building access and visibility. Similarly, heavy secusecurity add-ons. ners had luck on their side: the 9/11 attack happened to rity fencing and bollards are available in designer for- Photo courtesy hit the only one of five sections that had been commats, so that the protection they offer doesn’t have to SureGuard pleted at that point. make a facility look like the Tower of Doom. Some bol- Security Products
“A
18 TransSec
www.transsec-magazine.com
Linatron K9 Dual-Energy, Automatic Detection The Varian Linatron® K9 is the only dual-energy x-ray source capable of switching energies pulse-to-pulse. This gives cargo screening systems the ability to automatically identify high-density materials used in WMDs and Dirty Bombs – even in heavily loaded cargo containers. The K9 can penetrate up to 17-inches of solid steel and deliver fast, highresolution images and completely scan a fully-loaded container faster than any other non-intrusive inspection system in the world. Best of all it’s built on Varian’s proven high-energy accelerator technology, the industry standard around the world.
Put some serious teeth into your cargo screening system with Linatron K9 – The Watchdog.
For more information, contact
Varian Medical Systems Security & Inspection Products Las Vegas, Nevada tel: 702.938.4859 fax: 702.938.4833 www.varian.com/sein
V
I E W P O I N T
Maritime security:
an inside view 1. There must be a concentrated focus on the frequency and quality of public-private sector collaboration. All parties including competitors, service providers and economies must work together. The supply chain is a complex web of many actors from many different cultures, speaking different languages with different interests and capabilities. Orchestrating cooperation is therefore not easy. This requires like-minded economies to huddle together to determine how best to make international trade more secure. In this regard, effective communication and joint planning and practice are key. By way of example, in the event of a terrorist attack, joint contingency planning is critical in restarting the network. Key questions need to be answered before an actual event occurs, such as: ■ What standards will be used in restarting the system? ■ What will governments expect from their trading partners? ■ What will be expected of terminals/ ocean carriers? ■ What will be expected of shippers? The public sector needs to develop a comprehensive crisis response and restart capability. The private sector must be included in this important planning. Similarly the public sector needs to under-
An example of the importance of collaboration involves a company’s plans to redeploy highly skilled workers to another location to keep international trade moving. But this plan would obviously not work if these experts could not clear immigration due to last-minute border control changes. Setting up communication protocols to advise the private sector of such changes is critical. 2. The public sector must expand the pertinent information required for the effective targeting of suspect containers. The key security challenge is knowing What’s in the Box. The key task is the secure stuffing and sealing of the container at the point of load and the transportation of that box to the ISPS-compliant marine terminal – what we refer to as the “first mile” of the supply chain. Aside from the cost, physically inspecting every box is impossible. Consider infrastructure issues such as marine terminal congestion, warehouse space shortages, trucking demands and road congestion. And don’t forget: not only would every container need to be opened, but every carton in every container would have to be inspected as well. The key isn’t how many boxes we inspect, but which ones. Therefore, we must conduct effective container targeting prior to vessel
Earl Agron, vice president security at APL Ltd., shared his views on international supply chain security with an audience of industry representatives at the recent APEC Symposium on total supply chain security, which took place
“The public sector must avoid the rush to create regulations without careful collaboration with key stakeholders.”
July 6-7 in Singapore. In a special address at the event, Agron outlined five key steps he felt were required to secure maritime trade. The following excerpts from his speech summarize the recommendations.
20 TransSec
www.transsec-magazine.com
stand the private sector’s plans to help ensure the continuity of the supply chain. The private sector owns and/or operates much of the supply chain infrastructure that may be a target. The private sector can also serve as a resource in the event of an attack. So understanding where roles and responsibilities overlap is critical.
load with the purpose of identifying the riskiest containers to inspect. Even though the “24-hour rule” has been in place for some time, the U.S. continues to collaborate with the private sector to improve targeting of suspect containers destined for the U.S. Additional information that is currently being considered to
BY
ANDREW BROOKS
A port and its marine terminals are only as secure as its weakest link. A terrorist incident at one terminal will likely result in all terminals being shut down even though some of those terminals may have invested more in security than others. Regulations will help strengthen the weakest link
improve targeting includes: name and address of buyer, seller and consolidator; container stuffing location; ultimate consignee; country of origin and more detailed cargo descriptions. 3. An intelligent regulatory framework balancing security and trade is required. One reason we welcome intelligent regulations is that they help to ensure that companies do not become non-competitive. This might happen if one company adopts relatively expensive security practices while its competitors do not. A second reason why we would welcome intelligent regulations is to help ensure that investment in technology would not be rendered obsolete due to a subsequent mandate. A third reason why we welcome intelligent regulations is that a port and its marine terminals are only as secure as its weakest link. A terrorist incident at one terminal will likely result in all terminals being
APL at a glance APL is known as an ocean carrier, but it is also a marine terminal operator, and its sister company, APL Logistics, is a global third-party logistics provider. Security is central to APL’s business and all three member companies are CTPAT certified. APL manages approximately 500 vessel calls per week around the world and has services to 25,000 locations in 140 countries. It operates around 100 vessels and manages a fleet of 400,000 containers. APL Logistics has operations in more than 50 countries and an especially large presence in Asia. As a marine terminal operator, APL has an interest in nine terminals in Asia and the U.S.
shut down even though some of those terminals may have invested more in security than others. Regulations will help strengthen the weakest link. A fourth but less discussed reason addresses the nature of the competitive structure of our business through the use of vessel sharing alliances with our competitors. Alliances allow ocean carriers to cooperate by sharing space with competitors, so it is very common that our containers will be on our competitors’ ships and their containers on our ships. In fact, it would not be unusual for almost half of the space on some ships to be allocated to other ocean carriers. Therefore in today’s operating environment, one ocean carrier may adopt robust and costly security standards voluntarily based on industry guidelines but another alliance partner may not. However, we caution against regulations that are solely a result of political pressure or trendy ideas. The public sector must avoid the rush to create regulations without careful collaboration with key stakeholders. Threats can be ever-changing and our response to those threats should always be considered in any new regulations. 4. Non-intrusive container inspection technology and related procedures must be further developed and deployed at key points prior to vessel load. The public sector should accelerate the rollout of non-intrusive inspection equipment such as radiation portals and gamma ray machines, including related procedures at key load ports. Implementing these technologies will increase the probability of detecting a WMD prior to vessel loading. Research and testing of more sophisticated radiation portals that can perform isotopic analysis should be prioritized, improving the reliability of such container cargo inspections. But I emphasize that this should be a public-sector responsibility. Generally the ownership of radiation portals and gamma ray machines at the ports today belongs to individual countries. While private-sector
ownership and operation of this equipment might help public-sector budgets and improve the financial health of some marine terminal operators, it is inappropriate for a private entity to perform tasks normally assigned to customs or other law enforcement functions. Just as a note, ocean carriers have generally structured their controls so cargo anonymity is maintained. Because the third-party terminal operators generally do not know the identity of importers or the contents of the containers, they are not in a position to do any risk assessment. Sharing importer/cargo content information with terminal operators could have other unintended consequences from both an antiterrorism and theft perspective. 5. Long-term security technology solutions need to be developed through collaboration of supply chain stakeholders. There is an avalanche of solutions looking for a security problem to solve – electronic seals, container security devices, smart containers, supply chain visibility solutions and so on. We need to pause and look for the right technology in a more systematic way. In particular, we need to recognize that the critical issue is what’s inside the box. Electronic container seals, for example, can’t guarantee that a bomb will not be in a box that is securely sealed. Visibility tools have little chance of being justified either on a return-on-investment or security basis. To find the right answers, the public sector and private supply-chain stakeholders need to collaborate. It is up to the public sector to define the risk in sufficient detail so that both sectors can work together to define optimum solutions. Once those solutions are defined, technology companies, universities and national labs should be given the challenge to develop the end product that satisfies the security needs. When integrated carefully with the supply chain, technology can have an important role in improving security. But people, processes and training are equally – if not more – important. ■ AUGUST/SEPTEMBER 2006
TransSec 21
E
X H I B I T I O N
P
R E V I E W
or years now, the U.S. Maritime Security Expo in New York City has proven a valuable trade gathering for security professionals tasked with protecting North America’s ports and maritime trade. This year’s event, taking place Sept. 19-20, is expected to draw 2000 attendees and up to 200 exhibitors from altogether 30 nations. Keynote speakers include Senator Robert Menendez of New Jersey and deputy secretary at the U.S. Department of Homeland Security Michael Jackson. In addition to the cutting edge technology displayed on the trade floor and conference sessions on timely issues, Expo visitors will have the chance to view two exciting simulations. The first will re-enact, at port, an attack on a U.S. Merchant Marine Academy training vessel. The second will recreate, via a U.S. Army multi-media demonstration, an explosive attack by someone carrying a remote-controlled bomb in their backpack. The simulations will take attendees through both the attack and the post-incident command and control. “What we’re hearing from our attendees is that they want to see actual simulations in a live setting, see what would happen in an incident and how to deal with that,” explains Michael Rosenberg, vice president homeland security division at E.J. Krause & Associates, organizers of the event. “So we’ll be doing more of these types of demonstrations in the coming years.” Also in high demand are invitation-only sessions allowing senior personnel to discuss security issues more openly, including a session on interoperable identification systems. “It allows senior port personnel to be more open about discussing their concerns and in turn allows the government officials to be able to be more open about programs that they’re coming up with,” says Rosenberg. In other developments, E.J. Krause is considering organizing a sister conference for the maritime security sector in Europe, possibly ■ in Marseille, France in 2007 or 2008.
F
Securing the
Waters
Hailed as the definitive conference on marine security, the fifth annual U.S. Maritime Security Expo turns things up a notch with more live simulations and high-level restricted meetings
Some of the vendors presenting their wares and services at this year’s U.S. Maritime Security Expo are highlighted below.
[
T O TA L
I D E N T I F I C AT I O N S O L U T I O N S
]
The DSVII-SC handheld ID verifier by Datastrip is a hand-held device designed to provide identity verification by reading smart cards and proximity cards. Designed to support evolving identification document standards, the unit reads numerous card formats used for ID cards and driver’s licenses. The compact hand-held unit weighs approximately two pounds combining a contact/contactless smart card reader, a 500 DPI fingerprint sensor for instant biometric verification and a large touch screen display that can be read in direct sunlight or low light conditions. It also offers communication via CompactFlash, Serial, USB, and Ethernet with optional features supporting 802.11 and Bluetooth wireless communication. Datastrip is a leading provider of biometric verification devices and 2D bar code software with associated hardware. Together with its integration partners, it provides total solutions for production of ID cards, passports, national ID cards, driver’s licenses, voter registration cards, health cards, financial cards, birth certificates and other identity documents, as well as mobile AFIS and biometric verification systems. 22 TransSec
www.transsec-magazine.com
E
X H I B I T I O N
S
H O W C A S E
BY
[
3D
IMAGES IN REAL TIME
I N T E G R AT I N G
SECURITY
]
Backed by a powerful team consisting of Israeli Aircraft Industries and Sentry Technology, 4D Security Solutions Inc. (New York, NY) supplies security technology, interoperable communications and infrastructure development to different sectors. It provides technical, financial and strategic resources in the areas of Sensor Fusion, video analytics and fully integrated Command & Control Perimeter Intrusion Detection Systems. This includes ProtectZone, the company’s full turnkey end-to-end solution for security and communications. 4D Security Solutions, Inc, a division of Sentry Technology Group, is a systems integrator dedicated to providing end-toend security and communication solutions for a wide array of homeland security applications.
A 4D Security Solutions command center
[
R O M A I H N ATO W Y C Z
[
]
The Coda Underwater Inspection System (UIS) from Coda Octopus is the world’s only fully integrated high resolution 3D inspection system, delivering precise and intuitive 3D images in real time. Designed to inspect large areas with 100 percent coverage and 98 percent probability of detection, the UIS is ideally suited to port and harbor security applications. At the heart of every UIS is the unique Coda Echoscope realtime 3D sonar. Incorporating cutting edge phased array technology, the Echoscope simultaneously generates over 16,000 beams, resulting in an instant three-dimensional sonar image where the position of every data point is accurately known. Producing detailed images from a single sonar ping, it is capable of updating at up to 15 times per second allowing rapid coverage of large areas: up to 20,000 linear feet per hour in the murkiest of waters. Using patented 3D ‘mosaicing’ techniques, data is integrated into an intuitive geo-referenced visualization of the whole underwater scene in real time. Coda Octopus specializes in underwater technologies for imaging, mapping, defense and survey.
STERN
D R I V E S T H AT P R O T E C T W AT E R W AY S
]
Konrad Marine designs and manufactures stern drives that protect waterways around the world. At this year’s Expo, it offers its Konrad 520 and 540 models, which feature thicker castings, oversized bearings, super alloy gears and the industry’s largest U-joints. Both are cooled by a continuous flow of oil and require minimal maintenance. The Konrad 520 is the only commercial rated stern drive for diesel engine applications, says the company. It was engineered with heavy-duty applications in mind and is currently being used by the Canadian Coast Guard, Panama Canal Authority, and the U.S. Army, Navy, Border Patrol and Coast Guard. The Konrad 540 was designed for lighter boats, both gas and diesel, that require higher speeds. Forces such as the Hong Kong Military Police depend on the Konrad 540 for their interceptor craft. Konrad Marine is a Wisconsin-based boat propulsion systems manufacturer. The U.S. Navy uses these SeaArk 34’ Dauntless patrol boats, each equipped with two 380 hp diesel engines and two Konrad 520 stern drives
Coda Echoscope mounted on an ROV
[
ENHANCING
WO R K E R SA F E T Y
]
EDO Corporation has developed its next generation gamma-ray detection technology. The new GammaCam LT27 version represents a completely new dimension in assessing nuclear radiation fields by producing accurate two-dimensional images of gammaray-emitting objects. The new LT27 is an upgrade to the GammaCam M31. It’s smaller and lighter and the user can be trained in about 30 minutes. The portable system provides real-time pseudo-color gamma ray imagery superimposed on a conventional black and white video picture. Remote operation of the sensor head allows safe acquisition of gamma ray images in high radiation environments while minimizing worker exposure. Headquartered in New York, EDO Corporation designs and manufactures a diverse range of products for defense, intelligence and commercial markets, including defense electronics, communications, aircraft armament systems and undersea warfare. AUGUST/SEPTEMBER 2006
TransSec 23
E
X H I B I T I O N
S
H O W C A S E
BY
[
TRAINING
]
OverNite Software specializes in interactive training courses for U.S. ports navigating the high seas of homeland security compliance. Its 30 MTSA-focused security courses address everything from facility security assessment to dangerous cargo to MARSEC levels. Port Freeport, Port of Lake Charles and Port of Beaumont are just some of the ports already utilizing this powerful online product. OverNite Software is also promoting its ExxTend Learning, a webbased solution that creates, schedules, assigns, delivers and tracks an organization’s training. Management headaches are relieved as the system automatically grades tests, stores results and prepares reports on the fly. OverNite Software, Inc. is a leading creator of learning management and delivery solutions. The company specializes in providing interactive multimedia training products and performance support to its clients.
[ ALLIED TUBE & CONDUIT
www.transsec-magazine.com
SERVICES
]
[
MOBILE ID
V E R I F I C AT I O N
]
Lowry Computer Products (Brighton, Mich.) will exhibit Be.U Mobile, a rugged device that allows for mobile ID verification in harsh environments and extreme temperatures. Under terms of a recent partnership agreement with Labcal Technologies, Inc., headquartered in Quebec, Canada, Lowry became the U.S. Master Distributor of Be.U Mobile. This biometric reader provides agents with the ability to authenticate employees with the help of their smart card such as the CAC or TWIC. The Be.U Mobile also allows connection to large central site databases (AFIS, for example) for accurate ID information in the field, making background checks very easy and reliable. This solution is used for applications such as Positive Identification, Travel Documents, e-ID and Employee ID. Lowry Computer Products is a provider of wireless, RFID, bar code and security solutions to the U.S. Government and Department of Defense.
]
Allied Tube & Conduit (ATC) will present its SS-40 high strength, galvanized fence pipe at this year’s U.S. Maritime Security Expo. The SS-40 pipe meets the requirements of the Federal Specifications and the Unified Facilities Guide Specifications. Another recent addition, the SS 30T, will also be highlighted. This is ATC’s domestic alternative to import Schedule 40 pipe. Allied Tube & Conduit’s family of framework products is available in POLYKOTE, a polyester color coating. The company’s barbed tape products that will be presented include Razor Ribbon, Instabarrier and Detainer Hook Barb, which are GSA listed. All three products are supplied to security installations on six continents and, says the company, are recognized as the industry standard in both quality and design. Allied Tube & Conduit is one of the world’s leading manufacturers of fence framework and barbed tape products. All its products are manufactured in the United States. 24 TransSec
C U S T O M - TA I LO R E D
Adesta is a systems integrator that brings flexible thinking to the design, construction and maintenance of stand-alone or integrated communication networks and electronic security systems. The company provides electronic and physical security solutions, installations, upgrades and additions for critical assets including ports, dams, locks, reservoirs, hydroelectric facilities, airports, power generation sites and more. Adesta’s engineering expertise moves design from the drawing board to the field, culminating in a fully operating system or network. The integrator provides engineering services for project development, site surveys, installation, testing and training. Its engineers identify user and system requirements, develop conceptual designs and analyze and determine proper products and system configurations to meet customers’ needs. The company provides custom-tailored services in SONET, IP/Ehternet, ATM, wireless, lastmile and broadband networks. Headquartered in Omaha, Nebraska, Adesta is managed by executives from the telecommunications, construction and security industries.
An Adesta command center at work
[ INTERACTIVE
R O M A I H N ATO W Y C Z
Barbed wire fencing from Allied Tube & Conduit
OCTOBER 24-25, 2006
|
JACOB JAVITS CONVENTION CENTER
|
NEW YORK, NY
HOT! – ALL NEW FEATURE AREAS Urban Security • IP Institute
Sneak peek at the future. Two days only. Change is shaking up the physical security
And this year, ISC East will be held right along
industry — new R&D advances, systems
side Infosecurity NY 2006. Early registration to
integration, the increasing reliance on software
ISC East also provides you free access to the
and networking applications. Get to where the
largest IT security event in the East. The growing
industry is going — go to ISC East 2006.
convergence of IT and physical security makes this year’s event a not-to-be-missed business opportunity.
Source new products and solutions, make new contacts and gain critical industry knowledge. 9,100 industry professionals. More than 400
To get to where the security industry is going,
exhibiting companies. Two jam-packed days.
and to secure your place for free, register early at:
It’s all here.
www.isceast.com/TransSec
NEW EVENTS
CODE: AD25
SPONSORED BY:
|
NEW KNOWLEDGE
CORPORATE SPONSORS:
PRODUCED BY:
|
NEW OPPORTUNITIES ENDORSED BY:
International Security Conference East® is a registered trademark of Reed Elsevier Properties Inc., used under license. ©2006 Reed Elsevier Inc.
CONFERENCE LISTINGS
2006-2007
Event
round-up
Industry conferences, seminars, exhibitions and symposia ■ ASIS San Diego. Organized by ASIS International, Sept. 25-28, San Diego. www.asis-sandiego.org
2006
■ Security China 2006. Organized by E.J. Krause, Oct. 30 – Nov. 2, Beijing.
SEPTEMBER NOVEMBER ■ Annual Technologies for Critical Incident Preparedness Conference and Exposition. Organized by U.S. Departments of Homeland Security, Justice and Defense, Sept. 6-8, Atlanta, GA. www.regonline.com/eventinfo.asp?EventId =88623 ■ Digital ID World 2006. Organized by Digital ID World LLC, Sept. 11-13, Santa Clara, CA. http://conference.digitalidworld.com/2006 ■ Biometric Solutions 2006. Organized by Access Events, Sept. 12-13, Brussels, Belgium. www.biometricsummit.com ■ Air & Port Security Expo Europe 2006. Organized by Simply Events, September 13-14, Brussels. www.aps-expo.com ■ BC 2006 – Biometric Consortium Conference. Organized by the Biometric Consortium, Sept. 19-21, Baltimore, MD. www.biometrics.org/bc2006/index.htm ■ U.S. Maritime Security Conference and Expo. Organized by E.J. Krause, Sept. 19-20, New York. www.maritimesecurityexpo.com ■ TechNet North: An International Forum on Defense, Public Safety and Security. Organized by AFCEA Canada, Sept. 19-21, Ottawa, ON. www.technetnorth.com ■ ACI-NA Annual Conference and Exhibition. Organized by Airports Council International – North America, Sept. 25-28, Reno, NV. www.aci-na.org 26 TransSec
www.transsec-magazine.com
OCTOBER ■ Homeland and Maritime Security Asia 2006. Organized by Defence Directory Conferences, dates TBD, Singapore. www.defencedirectory.com/conference ■ Homeland Defense Symposium. Organized by National Homeland Defense Foundation, Oct. 2-5, Colorado Springs, CO. www.nhdf.org ■ Global Fair and Congress for Security and Fire Protection. Organized by Messe Essen, Oct. 10-13, Essen, Germany. www.nhdf.org ■ Terrorism Awareness and Prevention Conference. Organized by Applied Risk Management, Oct. 12-23, Foxwoods Resort, CT. www.arm-security.com/conference_061013.htm ■ AVSEC World 2006. Organized by IATA, Oct. 18-20, Sydney, Australia. www.messe-essen.de ■ Biometrics 2006. Organized by Biometric Technology Today, Oct. 18-20, London, U.K. www.biometrics.elsevier.com ■ 2nd Annual Border Management Summit. Organized by IDGA, Oct. 23-25, Washington, DC. www.bordermanagementsummit.com ■ ISC East 2006. Organized by Reed Exhibitions, Oct. 24-25, New York. www.isceast.com ■ RISCON: Security & Safety Trade Expo 2006. Organized by Tokyo Big Sight Inc., Oct. 24-26, Tokyo, Japan. www.kikikanri.biz
■ Cartes 2006. Organized by Exposium, Nov. 7-9, Paris. www.cartes.com ■ International Aviation Security Technology Symposium. Organized by Safe Skies Alliance, Nov. 27 – Dec. 1, Washington, DC. www.sskies.org/symposium.htm ■ ID World International Congress 2006. Organized by Wise Media, Nov. 28-30, Milan. www.idworldonline.com
DECEMBER ■ APTS Europe 2006 (co-located with Counter Terror World, Event & Venue Security and Infrastructure Security). Organized by International Business Events, Dec. 5-6, London, U.K. www.apts-expo.com/ME/
2007 FEBRUARY ■ Fourth Annual Worldwide Security Conference. Organized by EastWest Institute, Feb. 20-22, Brussels, Belgium. http://wsc.ewi.info
JULY ■ 92nd International Educational Conference – The International Association of Identification (IAI). Organized by IAI, July 22-27, San Diego, CA. www.theiai.org/conference/2007
3%#52)49
&OUR GREAT NAMES IN SECURITY ARE NOW ONE
/.% #/-0!.9 4/4!, 3%#52)49 53! &).,!.$ 5.)4%$ +).'$/- 3).'!0/2%
ÜÜÜ°À>« ÃV> ÃÞÃÌi ðV "!''!'% !.$ 0!2#%, ).30%#4)/. #!2'/ !.$ 6%()#,% ).30%#4)/. (/,$ "!''!'% 3#2%%.).' 0%/0,% 3#2%%.).'