Documente Academic
Documente Profesional
Documente Cultură
24
REFERENCES:
Blaxter, L.; Hughes, C. & Tight, M. (2006). How to Research, 3
rd
ed. Berkshire: Open University Press
Bowen, G (2005) Preparing a qualitative research-based dissertation: lessons learned. The Qualitative Report,
10/2, pp. 208-222. Retrieved 31 Aug 06, from http://www.nova.edu.ssss/QR/QR10-2/bowen.pdf
Cooper, J. R. (2005). Curing Analytical Pathologies: Pathways to Improved Intelligence Analysis.
Washington, USA: Central Intelligence Agency, Center for the Study of Intelligence.
DePoy, E & Gitlin, L (2005) Introduction to Research understanding and Aplying Multiple Strategies, ed3.
Philadelphia: Elsevier Mosby
Doyle, T. & Hammond, J. (2006). Net cred: evaluating the internet as a research source. Reference Services
Review, 34:1, 56-70
Ehigie, B & Ehigie, R (2005) Applying qualitative methods in organisations: a note for industrial/organisational
psychologists. The Qualitative Report, 10/3, pp. 621-638. Retrieved 31 Aug 06, from
http://www.nova.edu.ssss/QR/QR10-3/ehigie.pdf
Gazit, S. (1980). Estimates and Fortune-Telling in Intelligence Work. International Security, 4:4, 36-56
George, R. (2004). Fixing the Problem of Analytical Mind-Sets: Alternative Analysis. International Journal of
Intelligence and Counterintelligence, 17: 385404, 2004
Gill, P. & Phythian, M. (2006). Intelligence in an Insecure World. Cambridge: Polity Press
Grieve, J (2006). Developments in UK Criminal Intelligence, in Ratcliffe, J (ed) Strategic Thinking in Criminal
Analysis. Sydney: The Federation Press
Guest, G; Bunce, A & Johnson, L (2006) How many interviews are enough?: An experiment with data
saturation and variability. Field Methods, 18:1, pp. 59-82
Harris, G. (1989). Evaluating Intelligence Evidence. In R. Garst (Ed.), A Handbook of Intelligence Analysis
(2
nd
ed., pp. 33-47). Washington: The Defense Intelligence College.
Heath, C, Luff, P & Svensson, M (2002) Overseeing organizations: configuring action and its environment.
British Journal of Sociology, 53/2, pp. 181-201.
Herbert, M. (2006). The Intelligence Analyst as Epistemologist. International Journal of Intelligence and
Counterintelligence, 19:4, 666 684
Heuer, R. (1999). Psychology of Intelligence Analysis. Washington, USA: Central Intelligence Agency, Center
for the Study of Intelligence.
Hulnick, A. (2006). What's wrong with the Intelligence Cycle. Intelligence & National Security, 21:6, 959
979
Kidd, P & Parshall, M (2000) Getting the focus and the group: Enhancing analytical rigor in focus group
research. Qualitative Health research, 10:3, pp. 293-308
Kitzinger, J (1995) Introducing focus groups. BMJ, 311, pp. 299-302
Kosmala, K (2006) Insights from Ricoeurs hermeneutics on best practice in professional service firms: on
perpetual myth creation? Qualitative Sociology Review, 1/1, pp. 31-50.
Krauss, S (2005) Research paradigms and meaning making: a primer. The Qualitative Report, 10/4, pp. 758-
770. Retrieved 31 Aug 06, from http://www.nova.edu.ssss/QR/QR10-4/krauss.pdf
Lefebvre, S. (2004). A Look at Intelligence Analysis. International Journal of Intelligence and
Counterintelligence, 17:2, 231 264
Manual of Land Warfare. (1996). Part 2, Corps Doctrine, Volume 1, Pamphlet 1, Intelligence. Canberra:
AGPS.
25
Marrin, S. & Clemente, J. (2005). Improving Intelligence Analysis by Looking to the Medical Profession.
International Journal of Intelligence and Counterintelligence, 18:4, 707 729
Moore, D. Krizan, L. & Moore, E. (2005). Evaluating Intelligence: A Competency-Based Model.
International Journal of Intelligence and Counterintelligence, 18:2, 204 220
Morrissey, G & Higgs, J (2006) Phenomenological research and adolescent female sexuality: discoveries and
applications. The Qualitative Report, 11/1, pp. 161-181. Retrieved 31 Aug 06, from
http://www.nova.edu.ssss/QR/QR11-1/morrissey.pdf
Paterson, M (2003) Professional Practice Judgement Artistry in Occupational Therapy. Thesis submitted in
fulfilment of the requirements for the degree of Doctor of Philosophy, University of Sydney.
Paterson, M & Higgs, J (2005) Using hermeneutics as a qualitative research approach in professional practice.
The Qualitative Report, 10/2, pp. 339-357. Retrieved 31 Aug 06, from
http://www.nova.edu.ssss/QR/QR10-2/paterson.pdf
Ratcliffe, J (2006). Intelligence Research, in Ratcliffe, J (ed) Strategic Thinking in Criminal Analysis. Sydney:
The Federation Press
Richardson, J (1999) The concepts and methods of phenomenographic research. Review of Educational
Research, 69/1, pp. 53-82
Rolfe, G (2006). Validity, trustworthiness and rigour: quality and the idea of qualitative research. Journal of
Advanced Nursing, 53 (3), 304 - 310
Price, P. & Stone, E. (2004). Intuitive Evaluation of Likelihood Judgment Producers: Evidence for a
Confidence Heuristic. Journal of Behavioral Decision Making, 17, 39-57.
Rodgers, S. (2006). Improving Analysis: Dealing with Information Processing Errors. International Journal of
Intelligence and Counterintelligence, 19:4, 622 641
Sandow-Quirk, M. (2002). A Failure of Intelligence. Prometheus, 20:2, 131 142
Sandberg, J (2000) Understanding human competence at work: An interpretive approach. The Academy of
Management Journal, 43:1, pp. 9-25
Sarantakos, S. (1993). Social Research. Melbourne: MacMillan Education.
Warner, M. (2006) in Treverton, G. Jones, S. Boraz, S. & Lipscy, P. (Eds) Toward a Theory of Intelligence
Workshop Report, Santa Monica, RAND National Security Research Division.
Walter, M. (ed). (2006). Social research methods an Australian perspective. Melbourne: Oxford university
Press.
Weiss, C (2008). Communicating Uncertainty in Intelligence and Other Professions. International Journal of
Intelligence and Counterintelligence, 21, 57-85
Whitehead, L (2004). Enhancing the quality of hermeneutic research: decision trail. Journal of Advanced
Nursing, 45 (5), 512-518
Willis, K (2006) Analysing qualitative data, in Walter, M (ed) Social Research Methods an Australian
Perspective, South Melbourne: Oxford University Press
COPYRIGHT
Jeff Corkill 2008. The author/s assign Edith Cowan University a non-exclusive license to use this document
for personal use provided that the article is used in full and this copyright statement is reproduced. Such
documents may be published on the World Wide Web, CD-ROM, in printed form, and on mirror sites on the
World Wide Web. The authors also grant a non-exclusive license to ECU to publish this document in full in the
Conference Proceedings. Any other usage is prohibited without the express permission of the authors.
26
Vigilance and the implications of using threat image projection (TIP) for CCTV
surveillance operators.
Fiona M. Donald
University of the Witwatersrand, Johannesburg, South Africa.
Email: fiona.donald@wits.ac.za
Craig Donald
Leaderware cc
Email: sales@leaderware.com
Abstract
Closed circuit television (CCTV) surveillance operators are responsible for protecting people and property in a
range of settings, including critical infrastructure (e.g., airports, ports and government buildings) and public
spaces (e.g., shopping malls, streets). The effectiveness of CCTV surveillance is related to operator
performance. Several authors have indicated that CCTV surveillance operator (hereafter referred to merely as
operator) performance is sub-optimal. CCTV surveillance is vigilance intensive and vigilance tasks in
themselves are demanding. Further, a vigilance decrement may occur over time. Therefore an intervention to
enhance operator performance is recommended. Threat image projection (TIP) has been used successfully with
X-ray baggage screeners in aviation and involves the electronic insertion of a threat image into the X-ray image,
to which screeners are required to respond. TIP, or IGOs, could be applied to CCTV to heighten vigilance and
enhance the detection of potential threats and security incidents. Given the differences between X-ray screening
and CCTV, however, careful consideration needs to be given to the nature of TIP images or IGOs so that they
do not distract operators from real incidents. This paper discusses how TIP could improve vigilance
performance, how it could be used to assist operators in visually engaging with the displays they monitor, and
design considerations for TIP images.
Keywords
closed circuit television, CCTV, threat image projection, TIP, critical infrastructure protection, vigilance, IGO,
detection performance, operators.
INTRODUCTION
Closed circuit television (CCTV) surveillance operators are responsible for protecting people and property in a
range of settings, including critical infrastructure (e.g., airports, ports and government buildings) and public
spaces (e.g., shopping malls, streets). Despite large investments in the technological systems involved in CCTV
and a more recent focus on automated analysis, its effectiveness has been questioned (Gill & Spriggs, 2005;
Smith, 2004). Most research into CCTV has focused on technological effectiveness (such as image quality) and
social aspects such as the impact of CCTV surveillance systems on crime rates and public perceptions of
security systems. The human side of CCTV systems has largely been ignored (Keval & Sasse 2006; Neil,
Thomas, & Baker, 2007). Research that has been done on operator performance tends to focus on aspects such
as pay and management issues (for example, Gill & Spriggs, 2005). Limitations in the development of
technological solutions focused on improving operator performance can lead to a major shortfall in the
realisation of the potential for CCTV system service delivery. At the same time, aligning human performance
and the technological potential of CCTV systems represents a major design and implementation challenge
(Keval, 2006).
27
The operational effectiveness of CCTV operators is influenced by a number of factors relating to the
ergonomics of the working environment, social issues, management effectiveness and viewing strategies, and
the selection, training, and performance management of operators. A key environmental factor related to
operator performance is the design of the operators job, such as how many monitors and cameras they monitor
(Neil et al., 2007), shift lengths, breaks, and other tasks that remove attention from the displays (Donald, 2008).
Many of these factors are already being addressed by organisations, such as ensuring that there are sufficient
breaks and rotating operators to other tasks in order to improve performance. The social environment in control
rooms also impacts on performance as it may distract operators from their monitoring task, but at the same time
may reduce monotony (Smith, 2004). Organisational policies and procedures regarding selection, training and
performance management, and supervisory skills, are likely to influence performance. In addition, broader
industry and socio-economic factors and legislation regarding the use of CCTV,individualprivacyandtheuse of
CCTV are likely to impact on performance.
Many of the social, organisational, and technical environmental conditions come together to impact on the level
of vigilance, and consequently, detection capabilities of the operators. Vigilance is therefore a key factor in the
performance of CCTV surveillance operators (referred to as operators) who are required to sustain attention
for long periods of time and maintain high levels of concentration, in order to detect incident conditions or
deviations from standards. Vigilance is defined in a number of ways, but for the purposes of this research is
defined as a capacity for sustained effective attention when monitoring a situation or display for critical signals,
conditions or events to which the observer must respond. Incorporated into this perspective on vigilance is the
ability to identify, recognise and interpret the information that is being monitored (Donald, 2001, p 36).
Detection rates of operators who are required to be vigilant over long periods of time are frequently less than
optimal (Donald & Andrew, 2003; Edkins & Pollock, 1997; Keval & Sasse, 2006; Wells, Allard, & Wilson,
2006).
Despite extensive research into vigilance over many decades, the development of vigilance theories and the
identification of numerous factors related to performance, relatively few methods of enhancing vigilance have
been proposed (Mackie, 1987). More recently, however, an intervention called threat image projection (TIP)
has been developed and applied to X-ray baggage screeners (referred to as screeners) in the aviation industry
(Berrick, 2004; Catchpole, Fletcher, McClumpha, Miles & Zar, 2001; Neiderman & Fobes, 2005). The use of
TIP in X-ray screening provides a valuable foundation for the use of similar concepts in CCTV viewing and
there is potential for a similar system to be developed and applied to CCTV. This paper discusses some of the
issues involved. Only two other studies on TIP for CCTV have been found. These are Andrew, Landgrebe and
Donald (2003) and Neil, Thomas and Baker (2007). Both indicated that the technology has potential, but major
adjustments are required for the system to be effective. The current study places a greater emphasis on how TIP
needs to be adapted for the CCTV context and the implications for the design of the images.
TIP images for screeners and CCTV may share certain similarities, but would also differ in many respects. TIP
images are realistic representations of threat objects or contraband (Catchpole et al., 2001; Neiderman &
Fobes, 2005). Conversely, the type of objects displayed as TIP type CCTV stimuli may vary between synthetic
shapes (such as circles or squares), images of real objects or people (some of which may have threat
characteristics), representations of behaviours associated with incident conditions, or inserts of video showing
actual behavior or suspect targets. In addition the stimuli used for CCTV can vary widely, such as still,
animated, moving objects or simulated or real video inserts (Andrew et al., 2003; Donald et al., 2007). Given
the range and formats of stimuli that could be used for CCTV, the term inserted graphic object (IGO) is used
instead of the narrower term, TIP. The term incident refers to events that operators are required to detect.
While TIP for X-ray screening and CCTV surveillance would share some similarities, they would differ in some
crucial respects. Therefore careful consideration is needed regarding how TIP for CCTV would be implemented,
including the types of images used.
The aim of this paper is to discuss key issues in the design of TIP images for CCTV. In the next section, factors
28
related to operator performance are discussed. Thereafter, TIP is explained in more detail, followed by a
comparison of X-ray and CCTV detection tasks and the implications for an intervention for CCTV. Possible
objectives of TIP for CCTV are then covered, emphasising the importance of IGOs facilitating incident
detection, rather than being an end in themselves. The focus then moves to a discussion of attentional processes
and how these underpin detection. This leads into the need to align IGOs (or TIP images) with real incidents or
targets, and suggestions regarding how this could be done, based on attention and visual search research. Next,
the potential for IGOs to distract operators from their primary task of detecting real incidents and ways of
dealing with this are covered. The paper concludes with a summary of key considerations and recommendations.
There are two aspects of vigilance that have major implications for CCTV viewing. Parasuraman (1984) has
described these as the overall level of vigilance and the vigilance decrement. Operators bring an overall level of
vigilance to the task and some individuals may have a higher overall vigilance level than others. On the other
hand, the vigilance decrement occurs when performance deteriorates over time (Koelega, 1996). Vigilance tasks
typically impose high attentional, information processing and working memory demands on people
(Parasuraman, 1979). Further, the mere requirement of continually observing a display seems to be demanding
in itself and appears to cause a vigilance decrement (Dember & Warm, 1979). The conditions mentioned above
are likely to apply to CCTV surveillance operators who observe multiple visually complex monitors for lengthy
periods (Donald, 2001; Donald, 2008). One available empirical study that measured CCTV operator incident
detection over time reported that there was in fact a vigilance decrement (Donald, Andrew & Landgrebe, 2007).
Vigilance performance is affected by numerous factors related to the task, individual characteristics and the
environment (Mackie, 1987). Task related factors include incident characteristics such as foreknowledge,
frequency, complexity, regularity, conspicuity, spatial and temporal uncertainty, redundant versus orthogonal
discrimination and whether the background is static or dynamic (Balakrishnan, 1998; Koelega, 1996; Mackie,
1987; See, Howe, Warm, & Dember, 1995). With CCTV, characteristics of incidents are seldom known before
they occur, incidents often occur infrequently, irregularly, in locations and at times that are not specified
beforehand, and against a dynamic background. Incidents vary in the degree to which they are difficult to detect.
For example, a brawl outside a pub is easier to detect than a small object being removed from a desk. However,
regardless of the difficulty level, the degree of visual complexity is almost always high. Situation awareness is
often required to detect incidents as this provides clues as to what to look for and how to interpret actions seen
on displays (Donald, 2008). All these aspects affect the demands the task makes on operators.
Individual factors affecting vigilance performance include motivation, mood, morale, health, drug use and
smoking, work/rest patterns, circadian rhythms, search strategy (Mackie, 1987; See et.al., 1995), stress and
fatigue (Sawin & Scerbo, 1995; Szalma, Warm, Matthews, Dember, Weiler, Meier, & Eggemeier, 2004),
personality characteristics such as boredom proneness (Sawin &Scerbo, 1995) and observational skills (Donald,
2001). It is important to select people who are most suited to the role and to develop relevant skills, mental
models and expectancies. These factors are likely to apply to operators.
Attentional processes are an additional individual factor that affects performance. Where surveillance is
conducted in real time, the success of the CCTV system depends, to a large extent, on the assumption that
operators are actively observing the displays. However, operators tend to cope with the monotony of their jobs
by embarking on activities that remove their gaze and attention from the displays, such as making tea, thinking
about other matters, talking to colleagues, reading newspapers and taking toilet breaks (Smith, 2004). Therefore
an intervention that assists operators in attending to the displays is needed. About fifteen years ago Craig (1984)
noted that few interventions aimed at improving vigilance performance have attempted to address attentional
processes, and a review of literature in the area suggests that this comment still applies today.
29
Given the large number of factors that affect vigilance performance, it is unlikely that any single intervention
will solve all performance issues. However, TIP systems address the frequency of targets requiring a response
and therefore operator expectancies regarding incident frequency. This in turn is likely to affect operators
response criterion, or tendency to decide that an incident or target has occurred or not (MacMillan & Creelman,
1991). If implemented appropriately, TIP could increase operator awareness of incident characteristics, as
elaborated upon later.
TIP and its objectives
TIP refers to the electronic projection of images of objects that pose a threat, such as weapons and explosives,
into real time X-ray images of actual bags and requires screeners to detect them (Neiderman & Forbes, 2005).
TIP is based on research conducted in the 1960s referred to as artificial signal injection (ASI) (for example,
Baker, 1960; Wilkinson, 1964). ASI was mostly used for inspection in manufacturing. Faulty items were
placed amongst other items for inspection in order to measure how many faults were noticed, how many were
missed and how many false positives or false alarms occurred. Inspectors had to respond to both artificial and
real faults, and could not distinguish between them. Early ASI studies obtained mixed results but found
improved detection rates for sonar signals when combined with feedback (Mackie, Wylie & Smith, 1994). Thus
feedback is an important component in the effectiveness of ASI systems. ASI and TIP manipulate signal or
target frequency and related expectancies both important factors in vigilance performance (Balakrishnan,
1998; Koelega, 1996; Mackie, 1987; See et al., 1995).
Expectancies regarding the frequency of events which require a response will impact on observation and
vigilance performance (Loeb & Alluisi, 1984). In signal detection theory terms, alterations in expectancies lead
to a change in the observers response criterion. The response criterion refers to observers tendencies to bias
their decisions regarding the presence of targets or signals based on their expectations (MacMillan & Creelman,
1991). An alternative explanation is that operators who expect incidents or IGOs to appear more often, are more
likely to direct their gaze and attention at the displays and in turn, to detect more incidents and IGOs. IGOs
inserted into displays towards the end of shifts may assist in reducing monotony and fatigue, provided that they
do not impose too large a mental workload. This is in line with learning and neurological theories of vigilance
(Loeb & Alluisi, 1984; Parasuraman, 1984).
IGOs may be used to evaluate and manage performance, provide feedback, and maintain motivation and
alertness (Andrew et al., 2003). Such targets are thought to increase vigilance by manipulating the frequency of
signals to which operators should respond (Baker, 1960). This is based on arousal, expectancy, learning and
neurological theories of vigilance (Loeb & Alluisi, 1984) and signal detection theory (MacMillan & Creelman,
1991). Arousal theories explain performance improvements through the maintenance of appropriate arousal
levels during the watch (Matthews & Davies, 1998).
A less obvious objective is to use IGOs to not only heighten vigilance, but to enhance the process of recognising
and detecting potential threats and security incidents (Andrew et al., 2003). Using IGOs to enhance incident
detection is a significant departure from traditional ASI and TIP studies and practice and goes beyond
manipulating signal frequency and expectancies. This objective uses IGOs to assist operators in visually
engaging with the displays and deploying attentional resources to them. To achieve these objectives, a
relationship between the detection of IGOs and incidents should be established. Without this relationship,
operators may become skilled at detecting IGOs without detecting real incidents, especially if IGOs are very
30
different from incidents and performance reviews are based solely on IGO detection. Where a relationship
exists, IGO detection rates can be used to measure and predict performance regarding incident detection.
The nature of the detection task differs for operators and X-ray screeners although similar visual analysis
processes seem to underpin both jobs. Both positions require job incumbents to form mental pictures of what is
happening and to draw upon situation awareness in the process. However, operators do this in a dynamic
context where detection occurs in real time. Although some incidents take a while for perpetrators to set up and
implement, others occur in a split second. Operators who apply accurate mental models and situational
awareness to recognise the behaviours involved in either of these situations are likely to be more successful in
detecting incidents (Donald, 2008). An understanding of behaviours assists in anticipating events and
recognising them as they unfold (Donald, 2004). Therefore operators need to observe objects, behaviours and
patterns, while screeners focus only on objects. The range of behaviours and events that suggest an incident is
taking place implies that IGOs could take on a variety of forms to reflect these behaviours and events. IGOs
need not only reflect objects, as with TIP for screeners.
The context of X-rays provides a clear indication of the type of images used as TIP objects, such as weapons or
parts of weapons. For CCTV, the type of systems most appropriate for IGOs is less clear. In view of the
complexity of CCTV displays and the vast array of scenes recorded, a wide range of images could potentially be
used. Given the differences between X-ray screening and CCTV surveillance there are likely to be different
types of TIP images or IGOs for the two contexts. It would be difficult to achieve equivalent degrees of realism
for TIP images and CCTV IGOs. TIP images blend into the display and characteristics, such as colour, size
and visual angle can be used in a realistic manner. This high degree of realism and the inability to distinguish
visually between TIP images and real threat objects would be difficult to replicate in CCTV due to the dynamic
properties of CCTV displays, depth of field, the operators ability to control cameras, changing viewing
conditions, the use of multiple displays and the time taken for incidents to unfold. In addition, IGOs should not
be located in places where they obscure incidents (Andrew et al., 2003).
A range of objects could be used for CCTV, from simple shapes, to items related to incidents (such as valuable
objects or weapons), to symbols and humourous items. However, the decision regarding the nature of the
images used should be based on the objective of the IGO system. IGOs consisting of real or enacted footage is
most likely to blend into displays in a realistic manner, especially if placed in displays depicting the context
usually covered in that display. However, such footage is likely to suffer certain drawbacks. It may be large
and could obscure certain camera views, preventing operators from detecting any actual incidents that may
occur in that space while the inserted footage is displayed. Alternatively it would need to be inserted in a
section of the display where the context is appropriate and aspects such as perspective, size and colours would
need to be suited to the particular display where it is inserted.
Where real footage is used, operators are likely to know about incidents that have occurred, (even if they did not
detect the incidents themselves) because incidents may be discussed amongst surveillance staff and are
sometimes used in training sessions. This would make the detection of these IGOs very easy, especially if used
repeatedly. Therefore a large pool of such footage would need to be developed. Further, operators need to be
aware of other types of incidents that could occur, and reinforcing mental models for a (presumably) small set of
incidents may narrow the range of incidents they expect and therefore detect.
CCTV IGOs could also be used to influence operators expectations regarding incident frequency and have the
potential to assist in maintaining stable performance over time and reducing the vigilance decrement. This is
particularly relevant to CCTV where real incidents occur very infrequently in some situations as much as
31
days, months or years apart (Donald, 2001). Given the complexity of CCTV displays, the question is raised as
to how IGOs should be designed and implemented for CCTV.
This increase in image monitoring that comes with TIP will impact on operators mental workload, attention
resource allocation, situation awareness and search strategy and scanpaths (Donald, 2008). Monitoring multiple
displays is likely to influence the detection of both incidents and IGOs (Neil et al., 2007). Therefore designers
of IGO systems for CCTV clearly need to consider the number of monitors and cameras monitored per operator.
In addition, consideration needs to be given to where IGOs are placed which camera views or displays and
their locations within these. It is proposed that the extent to which TIP achieves it objectives will therefore
depend significantly on the design of IGOs and an appropriate implementation strategy. This is explored
initially below in terms of theories of attention and how these provide pointers to how such a strategy could be
achieved.
Attention processes and IGO characteristics.
Operators are required to pay attention to displays, therefore it is not surprising that attentional processes can
guide the design of IGOs in a CCTV environment. Attention is no longer viewed as a unitary process, but is
made up of multiple processes (Parasuraman, 1998). Five types of attention are acknowledged in the resarch
focused, selective, divided, switched and sustained (Wickens & McCarley, 2008). All these types of attention
are relevant to operators. Thus operators select specific objects or areas of displays on which to focus. At other
times they divide attention between objects, camera views or displays. Similarly, they may switch attention
from one area or object to another and back again. This is sustained over a period of time.
Two key processes are involved in influencing which objects or events are selected for attention (Serences,
Shomstein, Leber, Golay, Egeth, & Yantis, 2005). These are referred to as goal directed or endogenous
processing, and stimulus-driven or exogenous processing. Goal-directed processing occurs when goals, mental
models, expectations, attentional sets, beliefs and task goals influence the deployment of attention to visual
stimuli (Yantis, 1993). It is voluntary, intentional and controlled by the observer. Thus operators decide where
to direct their gaze and which regions and stimuli deserve scrutiny. By contrast, stimulus-driven processing
takes place when properties of a stimulus grab or draw attention involuntarily, even though the stimulus is not
related to the observers goals (Leblanc & Jolicoeur, 2005). Thus operators may find that they notice a large
bright object even though they were not searching for one.
Both processes are involved in incident detection. Operators have mental models regarding incidents which
assist goal-directed attentional control. For example, operators have expectations regarding what form an
incident may take, areas where incidents are likely to occur and types of people who may be involved. These
aspects form part of their attentional set or mental model of incidents and influence where they look and how
carefully they examine various display regions. Operators attention may also be drawn by certain objects or
events such as a new person entering a scene, which may attract attention.
It seems prudent to use the same mental model for incident and IGO characteristics where possible. If the
nature of the IGOs is such that they require a different mental model from incidents, it is argued that IGOs could
slow or even prevent the detection of incidents. This has not been tested empirically, but visual search literature
on singletons supports the reasoning involved.
32
Singletons are visual stimuli that differ on one dimension from surrounding stimuli. They are detected
extremely efficiently, regardless of the number of surrounding stimuli or distractors (Duncan, 1984). This
contrasts with conjunctions (stimuli defined by two features that share a feature with distractors). This was
attributed to singleton detection mode, whereby observers adopted an attentional set for singletons (ibid.). Thus
observers applied their attention set for singletons and searched specifically for singletons, disregarding
surrounding stimuli. This implies that separate attention sets were used for singletons and surrounding stimuli.
A similar process could develop with IGOs, where operators develop and apply an attention set for IGOs and
ignore other objects and events that form incidents. It is proposed that this situation be prevented by aligning
the mental sets required for IGOs and real incidents. To do this, IGOs should reflect characteristics found in
incidents. It may not be practical for IGOs and real incidents to be identical and therefore to share all aspects of
mental models and search processes. However, at the minimum, the attentional set for IGOs should reinforce
that for actual incidents.
It is argued that IGOs depicting content that is completely unrelated to incidents should be avoided as their
detection will involve a different attention set from incidents. Although IGOs that are unrelated to incidents
may be easy to detect, their detection is not likely to be related to incident detection. Therefore they may not be
effective in performance management and feedback. Further, unrelated IGOs are not likely to enhance incident
detection and may even cause a deterioration in incident detection if the mental model for incidents is not
invoked. Without a shared mental model, search may favour either incidents or IGOs, depending on a number
of factors such expectancies, rewards and pay-offs. In situations where incidents occur very seldom, operators
may focus on IGOs rather than incidents.
Stimulus characteristics play an important role in detection performance. Key characteristics include novelty,
visual salience or conspicuity (Brockmole & Henderson, 2005; Itti & Koch, 2000; Irwin Colcombe, Kramer, &
Hahn, 2000) and certain types of motion (Franconeri & Simons, 2003). Stimuli with these properties tend to
draw attention quickly. Therefore IGOs reflecting these characteristics are likely to be noticed easily and
quickly, without searching the display carefully. Therefore they have the potential to distract operators from
other areas of the display which may contain potential incidents.
IGOs that attract attention on a largely stimulus-driven basis may function in a similar way to singleton
detection mode. If this occurs, operators would search specifically for them and ignore other aspects of the
display that may contain incidents. In order to reduce the likelihood of singleton detection mode and distraction,
it is proposed that IGOs that draw attention be aligned with attention sets for incidents. Given their presumed
ease of detection, these IGOs may be useful in maintaining alertness rather than facilitating visual engagement
this deserves research in the future. However, they should probably be used with caution and possibly in
conjunction with other IGOs that are more difficult to detect. Thus the mix of IGOs needs to be considered as
part of an implementation strategy. The types of mental models and attention sets that operators develop for
IGOs that function on a largely stimulus-driven basis is also recommended as an area for future research. In
view of the potential of stimuli with these properties to distract operators, they should be used with caution.
Goal-directed and stimulus-driven attention processes have been separated for the purpose of discussion, but do
not function in isolation. They interact and are both present in all instances of perception (Hitch, 2005; Serences
et al., 2005). Observers exercise a degree of control over which stimuli receive attention and only a few stimuli
attract attention on a purely involuntary basis (Serences, et al., 2005). With the majority of stimuli, the
attentional set modulates stimulus-driven capture and vice versa (Folk, Remington & Johnston, 1992, 1993).
Other factors involved in modulating these attentional processes include the similarity between the target and
other stimuli (Proulx & Egeth, 2006), the nature of the task (Bravo & Nakayama, 1992), availability of attention
33
resources (Boot, Brockmole & Simons, 2005), representations of similar tasks in long-term memory (Wickens
& McCarley, 2008) and various perceptual processes such as grouping and working memory representations
(Yantis, 2000). Thus the allocation of attention to different types of IGOs and incidents involves numerous
factors and complex processes.
When there is foreknowledge of the target characteristics, goal-driven attention processes tend to be dominant
(Wickens & McCarley, 2008). Conversely, when the target is not specified, stimulus-driven processes tend to
be given more weight (ibid.). With CCTV surveillance, incident characteristics are generally not known before
they occur and stimulus driven characteristics may therefore be given substantial weight in deploying attentional
resources. Operators have expectancies and mental models regarding incidents, but presumably these need to be
well developed if they are to guide attention appropriately. This highlights the importance of training to
generate situational awareness and a knowledge of incident characteristics and behaviours.
CONCLUSION
Numerous factors affect vigilance performance and detection rates achieved by operators. Therefore no single
intervention is likely to address all problems regarding operator performance. However, IGOs seem have the
potential to increase performance based on the increased frequency of events and altered expectancies.
Aligning the attentional sets required for detecting IGOs and incidents is seen as a key factor in designing IGOs
that assist operators in visually engaging with displays and enhancing incident detection. IGOs reflecting the
defining properties of incidents are likely to have the advantage of reinforcing the mental models required for
incidents by serving as reminders of what to search for in incidents. IGOs depicting content that is not related
to incidents may be detrimental to performance as they may distract operators from other areas of the display.
More importantly, when the pool of IGOs consists only of highly salient images, operators may search only for
them and ignore incidents.
Goal-directed and stimulus-driven attentional processes are both relevant to IGO and incident detection. Goal-
directed processes assist in guiding attention, while stimulus-driven processes alert operators to new and
different stimuli. Both types of process should be considered when designing IGOs. However, the mental
models used in guiding attention need to be accurate and developed through training. Stimulus-driven processes
have the potential to distract operators, but may be useful in maintaining alertness. An implementation strategy
needs to consider a mix of IGOs using goal-directed and stimulus-driven processes.
IGO systems for CCTV could be designed in many different ways. However, empirical research is needed to
establish which IGOs are most effective and how they should be implemented. This implementation will vary
with the objectives of the system. Therefore it is important that organisations consider the objectives of the
system before implementing IGOs. This paper proposes that inserted targets be adjusted to the nature of the
environment and infrastructure being implemented. For example, the implementation of TPP for Government
institutions may focus on terrorist TIP images to increase the sensitivity to those kinds of events. Key point
protection around gas and oil installations will incorporate elements in the risk profile for the CCTV TIP for
those industries to ensure that attentional sets of operators are in line with those kinds of risk. A city council is
likely to have a very different set of CCTV TIP images to facilitate the recognition and detection of crime type
activities.
The authors are currently conducting research into the characteristics of IGOs. It is recommended that future
research also be conducted on the types of mental models used for IGO and incident detection, whether highly
salient IGOs assist in maintaining alertness and reducing a vigilance decrement, the distraction effects of various
34
types of IGOs, and the implications of IGOs for mental workloads. In conclusion, IGOs are likely to be useful
for CCTV, but given the huge number of forms IGOs could take, the way in which they are designed will be
crucial to their success.
REFERENCES
Andrew, C., Landgrebe, T., & Donald, C. (2003). Enhanced surveillance platform validation testing:
methodology report. De Beers technical report.
Baker, C. H. (1960). Maintaining the level of vigilance by means of artificial signals, Journal of Applied
Psychology, 44, 336-338.
Balakrishnan, J. D. (1998). Measures and interpretations of vigilance performance Evidence against the
detection criterion, Human Factors, 40(4), 601-623.
Berrick, C. A. (2004). Aviation security - Challenges Exist in Stabilizing and Enhancing Passenger and
Baggage Screening Operations. United States General Accounting Office. Testimony before the
Subcommittee on Aviation, Committee on Transportation and Infrastructure, House of Representatives.
United States.
Brockmole, J. R., & Henderson, J. M. (2005). Prioritization of new objects in real-world scenes: Evidence
from eye movements. Journal of Experimental Psychology: Human Perception and Performance, 31(5),
857-868.
Boot, W. R., Brockmole J. R., & Simons, D. J. (2005). Attention capture is modulated in dual-task situations.
Psychonomic Bulletin & Review, 12(4), 662-668.
Bravo, M., & Nakayama, K. (1992). The role of attention in different visual search tasks, Perception and
Psychophysics, 51, 465-472.
Catchpole, K., Fletcher, J., McClumpha, A., Miles, A., & Zar, A. (2001). Threat image projection: Applied
signal detection for aviation security. In D. Harris (Ed.). Engineering psychology and cognitive
ergonomics, Volume Six, Industrial Ergonomics, HCI, and Applied Cognitive Psychology. Aldershot,
UK: Ashgate.
Craig, A. (1984). Human engineering: The control of vigilance. In J. S. Warm (Ed.), Sustained attention in
human performance (pp. 247-291). Chichester, England: Wiley.
Dember, W. N.. & Warm, J.S. (1979). Psychology of Perceptions (2
nd
ed.). New York. Hold Rinehart and
Winston.
Donald, C. (2001). Vigilance. In J. Noyes, & M. Bransby (Eds), People in control: Human factors in control
room design. London: The Institution of Electrical Engineers.
Donald, C. (2004). Where does it hurt key areas of CCTV security. Presented at the conference of the
International Security Education Council (ISEC), 6 July, Guys Hospital, London, UK.
Donald, C., & Andrew, C. (2003). Technology Enhancement of CCTV Operator Effectiveness. CCTV User
Conference, Bolton, 9 April, 2003.
Donald C., Andrew C., & Landgrebe T. (2007). The Impact of CCTV TIP Implementation. Human Factors
Transport Security Academic Forum, Trinity College, Oxford, 24
-
25 September 2007.
Donald, F. (2008). The classification of vigilance tasks in the real world. Ergonomics, in press.
Duncan, J. (1984). Selective attention and the organization of visual information. Journal of Experimental
Psychology: General, 113, 501-517.
35
Edkins, G. D., & Pollock, C. M. (1997). The influence of sustained attention on railway accidents, Accident
Analysis and Prevention, 29(4), 533-539.
Folk, C. L., Remington, R., & Johnston, J. C. (1992). Involuntary covert orienting is contingent upon
attentional control settings, Journal of Experimental Psychology: Human Perception and Performance,
18, 1030-1044.
Folk, C. L., Remington, R., & Johnston, J. C. (1993). Contingent attentional capture: A reply to Yantis (1993).
Journal of Experimental Psychology: Human Perception and Performance, 19, 682-685.
Franconeri, S. L., & Simons, D. J. (2003). Moving and looming stimuli capture attention. Perception and
Psychophysics, 65, 999-1010.
Gill, M., & Spriggs, A. (2005) Assessing the impact of CCTV. Home Office Research Study 292.
Hitch, G. J. (2005). Working memory. In N. Braisbay and A. Gellatly (Eds), Cognitive Psychology, (Chapter
9, pp. 307-341). Oxford: Oxford University Press.
Irwin, D. E., Colcombe, A. M., Kramer, A. F. & Hahn, S. (2000). Attentional and oculomotor capture by onset
luminance and color singletons, Vision Research, 40(10-12), 1443-1458.
Itti, L., & Koch, C. (2000). A saliency-based search mechanism for overt and covert shifts of visual attention.
Vision Research, 40, 1489-1506.
Keval, H. (2006). CCTV Control Room Collaboration and Communication: Does it Work? Proceedings of
Human Centred Technology Workshop, 11-12 September, Brighton, UK.
Keval, H. & Sasse, M. A. (2006), Man or Gorilla? Performance Issues with CCTV Technology in Security
Control Rooms, presented at the 16th World Congress on Ergonomics Conference, International
Ergonomics Association, 10-14 July, Maastricht, Netherlands.
Koelega, H. S. (1996). Sustained attention. In O. Neumann, & A. F. Sanders, (Eds.). Handbook of perception
and action, Vol. 3: Attention, (pp. 277- 331). London: Academic Press.
Leblanc, E., & Jolicoeur, P. (2005). The time course of the contingent spatial blink. Canadian Journal of
Experimental Psychology, 59(2), 124-131.
Loeb, M., & Alluisi, E. A. (1984). Theories of vigilance. In J. S. Warm (Ed.), Sustained attention in human
performance (pp. 247-291). Chichester, England: Wiley.
Mackie, R. R. (1987). Vigilance research Are we ready for countermeasures?, Human Factors, 29(6), 707-
723.
Mackie, R. R., Wylie, C. D., & Smith, M. J. (1994). Countering loss of vigilance in sonar watchstanding using
signal injection and performance feedback, Ergonomics, 37(7), 1157-1184.
MacMillan, N. A., & Creelman, C. D. (1991). Detection theory: A users guide, Cambridge, Cambridge
University Press.
Maguire, R. L., McClumpha, A. J., & Tatlock, K. B. (2002). Using Cognitive Theory to Enhance Aviation
Security X-Ray Screening. Human Factors and Ergonomics Society Annual Meeting Proceedings,
Cognitive Engineering and Decision Making , pp. 387-391.
Matthews, G., & Davies, D. R. (1998). Arousal and vigilance: Still vital at fifty. Proceedings of the Human
Factors and Ergonomics Society Annual Meeting, 1, 772-777.
Neil, D., Thomas, N. & Baker, B. (2007). Threat Image Projection in CCTV. In C. Lewis (ed.). Proceedings of
SPIE Optics and Photonics for Counterterrorism and Crime Fighting III, Vol. 6741, 674102.
36
Neiderman, E. C., & Fobes, J. L. (2005). Threat image projection system. United States Patent 6899540.
www.freepatentsonline.com .
Parasuraman, R. (1979). Memory load and event rate control sensitivity decrements in sustained attention,
Science, 205, 924-927. From Noyes and Bransby.
Parasuraman, R. (1984). Sustained attention, in Parasuraman, R., & Davies, D. R. (Eds.), Varieties of attention,
Orlando: Academic Press, Inc.
Parasuraman, R. (1998). The attentive brain: Issues and prospects. In R. Parasuraman (Ed.)., The attentive
brain, (pp. 3-15). Cambridge, MA: The MIT Press.
Proulx, M. J., & Egeth, H. E. (2006). Target-nontarget similarity modulates stimulus-driven control in visual
search. Psychonomic Bulletin and Review, 13(3), 524-530.
Sawin, D. A., & Scerbo, M. W. (1995). Effects of instruction type and boredom proneness in vigilance:
implications for boredom and workload, Human Factors, 37(4), 752-765.
See, J. E., Howe, S. R., Warm, J.S., & Dember, W. N. (1995). Meta-analysis of the sensitivity decrement in
vigilance, Psychological Bulletin, 117, 230-249.
Serences, J. T., Shomstein, S., Leber, A. B., Golay, X., Egeth, H. E., & Yantis, S. (2005). Coordination of
voluntary and stimulus-driven attentional control in human cortex. Psychological Science, 16(2), 114-
122.
Smith, G. J. D. (2004). Behind the screens: Examining constructions of deviance and informal practices among
CCTV control room operators in the UK. Surveillance and Society, 2(2/3), 376-395.
Szalma, J. L., Warm, J. S., Matthews, G., Dember, W. N., Weiler, E. M., Meier, A., & Eggemeier, F. T. (2004).
Effects of sensory modality and task duration on performance, workload, and stress in sustained
attention, Human Factors, 46(2), 219-233.
Wells, H., Allard, T., & Wilson, P. (2006). Crime and CCTV in Australia:
Understanding the Relationship. Faculty of Humanities and Social Sciences, Bond University, Australia.
Wickens, C. D., & McCarley, J. D. (2008). Applied attention theory. London: CRC Press.
Wilkinson, R. T. (1964). Artificial signals as an aid to an inspection task. Ergonomics, 7, 63-72.
Yantis, S. (1993). Stimulus driven attentional capture and attentional control settings, Journal of Experimental
Psychology: Human Perception and Performance, 19, 676-681.
Yantis, S. (2000). Goal directed and stimulus driven determinants of attentional control. In S. Monsell & J.
Driver (Eds.), Attention and Performance (Vol 18). Cambridge: MIT Press.
COPYRIGHT
Fiona Donald and Craig Donald 2008. The author/s assign Edith Cowan University a non-exclusive license to
use this document for personal use provided that the article is used in full and this copyright statement is
reproduced. Such documents may be published on the World Wide Web, CD-ROM, in printed form, and on
mirror sites on the World Wide Web. The authors also grant a non-exclusive license to ECU to publish this
document in full in the Conference Proceedings. Any other usage is prohibited without the express permission
of the authors.
37
Australias Oil Refining Industry- Importance, Threats, and Emergency Response
Amanda East
School of Engineering
Security Science
Edith Cowan University
Bill Bailey
SECAU Security Research Centre
Edith Cowan University
Abstract
Australias Oil Refining Industry- Importance, Threats, and Emergency Response.
Australia is heavily reliant on down-stream, or refined oil products for daily life and industrial purposes. The
industry faces a range of threats and risk factors all of which have the capability to inflict significant damage. A
major disruption to Australias oil refining industry would have major consequences not only for the industry
but on society and the economy as a whole. By assessing Australias reliance on oil products, as well as
considering the impact of major disruption to oil refining capabilities internationally, this paper seeks to assess
the impact that such an event would have on Australian society, public and private industry and the economy. In
the Australian context the industry is not adequately prepared to respond to, or recover from major disaster or
disruption. There are a range of international strategies and policies which will be assessed in order to further
prepare the Australian industry for a range of potential disasters. This paper uses the Kwinana oil refinery in
Western Australia as a case study for considering potential threats, consequences and recovery strategies
related to a major oil refinery disruption or disaster.
AUSTRALIAS OIL REFINING INDUSTRY-IMPORTANCE, THREATS AND
EMERGENCY RESPONSE
The Australian oil refining industry is very important to the social and industrial stability of the nation. In terms
of size and production the Australian refining industry is relatively small. This being said the local oil refining
industry is critical in supplying and maintaining national social and industrial activities. The majority of refinery
output is used to supply the transport sector, however the agricultural industry, heavy industries, and general
household activities are also reliant on locally produced oil products. If an Australian oil refinery were rendered
unavailable for an extended period of time it would have significant consequences for the regional, and perhaps
even national social and economic stability. Subsequently the industry needs to be prepared for the range of
human and natural threats that it faces. Terrorists, insiders, criminals and natural disasters are all sources of
threats which have the capacity to severely disrupt any, or all of the Australian oil refining facilities. There are a
number of governmental and industrial measures in place to prevent and respond to any possible threats and
risks. Thus far the Australian industry has avoided any major disaster, however must remain vigilant in securing
against every form of threat.
AUSTRALIAS OIL REFINING INDUSTRY
The Australian oil refining industry is made of seven privately owned refineries. Located in five states and
owned by four major companies, these refineries provide Australia with 796 000 barrels of refined oil product
each day (EIA, 2005). Two refineries, Kwinana (WA) and Bulwer (QLD) are owned by BP; Lytton (QLD) and
Kurnell (NSW) are owned by Caltex; Shell runs two refineries, Geelong (VIC) and Clyde (NSW), while the
Altona refinery in Melbourne (VIC) is owned by Mobil (AIP, 2005, p.5). The Kwinana refinery is the biggest
with an output capacity of 138 000 barrel per day (bpd) (EIA, 2005). The Liquid Fuel Emergency Act (LFE Act,
1984) identifies the following as refined liquid petroleum products (S3.1):
38
Petroleum products make up 46% of Australian refinery output, diesel 29%, and jet fuel 14% (AIP, p.6).
Seventy five percent of Australian demand for petroleum products is supplied by local refineries, any disruption
within the Australian industry would have significant social, and economic consequences. Only 30% of refinery
feedstock is local crude oil (AIP, 2008, p.2), Australian crude oil is unsuitable for conversion into the primary
refined product, petrol. Subsequently the majority of crude oil used in Australian refineries is imported from the
Asian and the Middle Eastern refineries (AIP, 2008, p.2). As previously stated Australia is heavily reliant on
the local oil refining industry, a range of social and industrial services rely on the stability and supply of the
Australian oil refining sector.
AUSTRALIAN RELIANCE ON OIL PRODUCTS
Australian society relies heavily on oil products to provide and supply a range of essential social and industrial
services. Oil is relied on for transportation, agricultural as well as industrial, and household purposes. The
Australian Institute of Petroleum states that petroleum products are responsible for 52% of final energy
consumed in Australia (n.d., p.1). Based on this data it can be assumed that the consequence of a major
disruption to the refining industry would be significant. Without oil a significant number of vital social
requirements, and industries would not be able to function at full capacity, or at all
Transport is the sector of Australian society which is most reliant on petroleum products. The oil refining
industry is geared toward petroleum production to supply the nations transport requirements. All forms of
transport, passenger cars, trucks, cargo transport- truck and rail, as well as air transport are reliant on petroleum
products to fuel them. Of these, passenger cars or personal transport is responsible for the highest level of
consumption. In Australia road transport accounts for nearly 80% of liquid petroleum use (Robinson, Fleay &
Mayo, n.d., p.1; Taylor, n.d., p.10), two thirds of which can be attributed to passenger vehicles (Taylor, p.10).
Considering that there are 13.2 million registered motor vehicles (passenger cars, commercial vehicles and
trucks)in Australia (Robinson etal, p.1; ABARE, 2004, p.47) each averaging 15 300 kilometers (Robinson etal,
p.1) per year it is understandable that Australia consumes 38 billion litres of fuel annually for road and off road
vehicles (Green Car Congress, 2008). These numbers indicate that Australia has a very strong, but probably
unrealised, reliance on the oil refining industry. Transport is relied on not only to transport people, but for the
transportation of food, goods and services. If the oil refining industry were to suffer a serious disruption the
social, and eventually economic consequences would be enormous.
The agricultural industry also has a strong direct, as well as indirect reliance on oil products. In Western
Australia livestock and crop farmers, predominantly wheat, are responsible for 80% of petroleum product
purchases by broadacre agriculture (Kingswell, p.2). The majority of the fuel and oil purchases are used in
establishing and harvesting a range of grain crops (Kingswell, p.2). The dairy industry has a strong, but indirect
reliance on oil products for the transportation of dairy products from farms to processing plants. As previously
stated transportation is the sector most reliant on oil products, and agriculture relies on the transportation
industry to maintain and ensure the success of their operations. Expenditure of grain and sheep dominant
agricultural sectors on transport is 55.6 and 35.5 percent respectively (Kingwell, p.3), while expenditure on
petroleum products by the grain dominant sector is 37.0 %, and 20.5 % for the sheep dominant sector (Kingwell,
p.3). The export earnings for Australian agricultural commodities made up approximately 2.9% of annual GDP
(ABS, 2005). Taking into account drought and other conditions the Australian agricultural industry has not been
as successful recently as in previous years, even so the sector is very important to Australian society and
economy, and would be significantly effected in the event of a major disruption to local oil supply.
The industrial sector, including mining and quarrying, iron and steel and construction accounts for 21% of
Australian oil use (IEA, 2000, p.44). Within this sector, the mining industry is major consumer of diesel fuel
(IEA, 2000, p.44). About 35 percent of energy needs within the mining sectors are met by electricity followed
by fuel oil which accounts for 32 percent. Energy requirements in exploration and site preparation are reliant on
transportation and drilling, which both require fuel oil (ITP, p.18). As the world's largest exporter of coal iron
39
ore, lead, diamonds, rutile, zinc and zirconium, and the second largest exporter of gold and uranium the mining
industry contributes a significant amount to Australians GDP. Since the mid 1980s the mining industry has
contributed $ 43 Billion to the Australian economy, that is 5% of annual GDP (ABS, 2005). Although the
sector is not entirely reliant on oil products it could not function effectively without it, resulting in consequences
for Australian exports and the economy.
Petroleum fuels (liquefied petroleum gas (LPG) and heating oil) accounted for 4.6% of household energy
consumption in 1995. It is possible that this number has been reduced since due to the connection to natural gas,
and upgrades in heating and cooling technology (G.Wilkenfeld, 1998, p.5). Of the petroleum fuels used in
general household activities approximately 83.7% was used for heating, 13.3% for water heating and 3.0% for
cooking (G.Wilkenfeld, 1998, p.9). Household consumption of oil is not particularly significant, however plays
an important role in providing the services and luxuries that we have come to expect.
THREAT SOURCES
The oil industry has always faced a wide range of threats from a number of sources. In the current international
security environment terrorism is the main security concern, however every industry must remain vigilant in
defending against other sources, and types of threats. As Pavel Baev, a senior researcher at the International
Peace Research Institute states,
it was Katrina not Al-Qaeda that devastated the platforms and refineries along the U.S. Gulf coast in August
2005; it was a short circuit not a well-placed bomb that caused the massive blackout in Moscow in May 2005;
and it was not a shoot-out but a labor strike that stopped the pipeline construction in Azerbaijan in November
2005 (Baev, 2006, p.33).
As well as terrorism, the threat from environmental terrorism, insiders, cyber attacks, and natural disasters must
be considered in protecting and defending all forms of major infrastructure.
The major threat to the oil and gas infrastructure is from highly motivated terrorists (Bajpai & Gupta, 2004,
p.176). In 2006 there were 344 significant attacks against oil and gas targets compared with 265 in 2005 (Oil
and Gas Industry-Terrorism Monitor(OGI-TM), 2007). These attacks resulted in significant loss of life and tens
of billions of dollars in lost production as well as physical and reputational damage to many companies (OGI-
TM, 2007). The oil and gas industry is not a new target for terrorism, however in recent years Al-Qaeda has
vowed more strongly to cut the economic lifelines of industrialised societies (Peck & Lord, p.4), the economic
lifelines being oil infrastructure. In light of this and the fact that a number of significant terrorist organisations
exist in the region surrounding Australia all forms of oil infrastructure, including refineries need to be prepared
for and consider the consequences of a possible terrorist attack.
Agricultural, forest, mineral, petroleum and ecosystem sites and water resources have been identified as being
particularly vulnerable targets for environmental terrorism (OLear, 2003, p.140). Although not the most
significant threat to oil refineries activists are capable of causing disruption and disturbance to oil refinery staff
and operations. During times of peace, aspects of the environment, including human manipulated landscapes,
could be targets of intentional acts of destruction intended to communicate a particular message (OLear, 2003,
p.140). Environmental terrorists are not of major concern to the Australian oil refining sector. However oil
refineries do have the potential to cause significant environmental damage, and petroleum sites are targets for
environmental terrorism. The Australian sector must be wary of the threat that environmental terrorists and
activists pose.
40
Insiders, employees of a particular company or organisation, are also a major threat to the security and
productivity of their company. The threat they pose may be maliciously motivated, or purely accidental. As has
been previously stated terrorism is a major threat to the oil industry. It is possible that in some cases terrorists
may be working in collusion with internal disgruntled employees (Bajpai & Gupta, 2007, p.176) to achieve their
objective. That being said disgruntled employees can cause serious disruption of their own accord through
fraudulent activity, sale of corporate information, or cyber attacks (Stoneburner, Goguer & Feringa, 2002, p.14).
However the major threat posed by employees working in oil refineries is accidents. Around the world, plant
and refinery employees are injured or killed on the job almost every day, many of the accidents take place as a
result of the negligence of other employees, employers, or third parties (Nelson, 2007). In facilities that process
hazardous materials, and performs such a vital social function, there must be a significant emphasis placed on
preventing malicious or accidental incidents from within.
The increased reliance computers and networks to control and maintain oil refineries and their functions has led
to the development of another, major threat source. The Supervisory Control and Data Acquisition (SCADA)
and Distributed Control Systems (DCS) provide the critical service of monitoring and controlling the functions
and delivery of the essential services of most critical infrastructure. These systems are used within refineries and
to control pipelines, however they were developed purely for functional purposes with no security concerns
considered, as a result they are vulnerable to cyber threats. These vulnerabilities leave oil companies, and their
facilities susceptible to exploitation, attack and theft of proprietary information (Sevounts, 2006, p.79). Oil
facilities have always been targets of malicious attack, and now that many of them are reliant on systems that
are vulnerable to cyber threats there is an increased priority placed on securing systems, and defending against
the cyber threat (Sevounts, 2006, p.79).
Natural disasters are a major cause of damage and disruption to oil refinery operations. Of all the threats listed,
the threat from natural sources is potentially the most damaging. Measures can be implemented to reduce the
effects of natural disaster, however they can still cause extensive damage and nothing can be done to prevent
their occurrence. Australia is susceptible to a range of natural disasters, all of which can create significant
damage and disruption.
PREPAREDNESS
The government has developed a range of strategies and initiatives by which to further enhance the security of
critical infrastructure. The majority of government strategies are targeted at critical infrastructure as a whole,
rather than each individual sector. This being said the security of oil refineries is covered by a range of energy
sector legislation, and critical infrastructure initiatives.
The Liquid Fuel Emergency Act is the legislation developed in order control the production and release of fuel
in times of a national fuel crisis. Unless there is a national crisis oil companies are responsible for their own
activities and security issues. The Act enables the government to control the output and use of oil products in
periods of major emergency. The Act states that, The Minister may... direct a relevant fuel industry
corporation:
(a) to maintain at all times after a specified day, at specified places in Australia, specified quantities of reserve
supplies of a specified kind of liquid fuel; or
(b) to accumulate, by a specified day, specified quantities of reserve supplies of a specified kind of liquid fuel
and to maintain, at all times after that day, such quantities of reserve supplies of liquid fuel of that kind at
specified places in Australia (S12:1a, b).
The legislation can only be considered in extreme situations where rationing across multiple jurisdictions would
be necessary for an extended period and be beyond the capability of the industry to manage on its own (AIP,
2008, p.14). Enacted in 1984 the legislation has never been required to be introduced. Although the Act is not
directly related to oil refineries it is the only legislation which Australia can introduce in a time of severe
disruption to any part of the oil industry.
41
The Australian government has implemented a number of initiatives and measures to assist in development and
enhancement Australias critical infrastructure security. These measures are relevant to, and aimed at all
industries classified as critical infrastructure. The government strategies intend to increase communication
between the government and private sectors on matters of security threats and improvements.
The Business Liaison Unit (BLU), a part of the Australian Security Intelligence Organisation (ASIO), was
developed in order to provide a forum by which Australian businesses could interface with the Australian
intelligence community (ASIO). The BLU aims to ensure that owners and operators of critical infrastructure
can access ASIO information on security issues which affects their assets, operations and personnel (ASIO).
The Trusted Information Sharing Network (TISN) is another government program aimed at increasing the
security of critical infrastructure through increased communication.
The TISN brings business and government together with the purpose of sharing ideas and expertise to develop
solutions to common, as well as complex, security concerns and problems.
The Computer Network Vulnerability Assessment (CNVA) Program is part of the TISN. It is a government
grants scheme developed to help secure critical infrastructure. Through the program funding is provided to help
owners and operators of critical infrastructure identify the vulnerabilities of their information and
communication systems (CNVA, 2008). It also allows for the examination of security implications of IT
infrastructure changes, and assesses potential and existing physical and personnel security issues (CNVA,
2008).
The Australian industry has a number of strategies it can implement in times of supply emergency. In times of
extreme emergency they can be introduced in combination with government strategies. The mechanisms which
the industry uses to adjust supply include purchase and ship product from a refinery in another state which may
take several days to arrive, or from Singapore the shortest time frame is about three weeks (AIP, n.d., p.7). In
times of long term disruption product can be purchased and shipped from other overseas sources, delivery of
which is likely to take several weeks (AIP, p.7). When there is a significant disruption or reduction to supply
and production companies may restrain or limit supplies to industrial and local consumers (AIP, p.7).
RECOVERY STRATEGIES
In terms of maintaining supply of refined oil products the only existing options are to import from other national
refineries, increase the capacity of existing refineries, or import products from overseas. The best recovery
strategy for the Australian oil refining industry is found in the physical layout of the industry. Australian
refineries are not located in close proximity, or owned by the same companies, subsequently it is highly unlikely
that the entire industry can be affected by a single disaster or disruption. No natural disaster has the capability to
disrupt every refinery, unlike in America where over 40% of national refining capacity is found in two states
which are vulnerable to severe weather conditions (Parformak, 2007, p.4). The Australian refineries are owned
by different companies, with no communication or cyber connection, making it impossible to shut down the
entire system via a single cyber attack. Perhaps the only event that has the capability to impact the nation by
disrupting oil refinery production is a highly organised and coordinated terrorist group with the ability to
infiltrate the physical and personnel security procedures of the Australian refineries.
The production capacity of the Australian refineries is equal, no refinery is far superior in terms of production. If
one or two refineries where to be disrupted it is probable that other refineries could supply the effected region
for a short period of time without being severely effected themselves. This being the case the most useful and
immediately available measures for recovering, or dealing with an oil related emergency are market-driven,
voluntary and compulsory demand restraint (IEA, 2000, p.39). In the Australian context the implementation of
measures to reduce industrial and general consumption of oil products is the most effective means by which to
recover from a major disruption, while still maintaining social and economic stability.
42
In terms of size and production the Australian oil refining industry is relatively small, however extremely
important in supplying the country with oil products. The majority of locally refined oil products are used
domestically, meaning that Australian society and industries are reliant on the local oil refining sector.
Australian refineries produce a full range of oil products, the majority of which are used to supply the
transportation industry, as well as the agricultural and mining sector. Thus far the industry has been free of
malicious, or extremely damaging events, however it does face a range of potentially disastrous threats.
Terrorists, insiders, cyber criminals, activists and natural disasters are all sources that threaten the security of the
oil refining industry. The consequences of a major disruption would be significant. There are a range of
governmental strategies in place to develop and enhance the security of Australias critical infrastructure, and
the industry itself has plans by which it intends to continue in spite of a major disruption. Although the
Australian industry has not yet faced any serious disasters it must continue to develop measures to secure, and
ensure the continuity of the industry in the event of a major disaster, otherwise there will be major consequences
to Australian society, industry and economy.
REFERENCES
Australian Bureau of Agricultural and Resource Economics. (2004). Energy in Australia. Retrieved from
Australian Government:
http://www.environment.gov.au/soe/2006/publications/drs/pubs/562/set/hs31energy-in-australia-
2004.pdf
ASIO. (n.d.). Business Liaison Unit. Retrieved from Australian Government: http://blu.asio.gov.au/
Australian Bureau of Statistics. (2005). Year Book Australia 2005: 100 years of change in Australian industry.
Retrieved from
http://www.abs.gov.au/Ausstats/abs@.nsf/Previousproducts/1301.0Feature%20Article212005?opendocu
ment&tabname=Summary&prodno=1301.0&issue=2005&num=&view=
51
Working Smart
Throwing the most resources at the worst case scenarios imaginable does not necessarily provide the best
protection for critical infrastructure. In a review of security at Los Angeles International Airport, Stevens, et al
(2006) found that security solutions tended to fall into one of four categories:
1. Low-cost options that greatly reduced the risk of terrorism;
2. High-cost options that greatly reduced the risk of terrorism;
3. Low-cost options that modestly reduced the risk of terrorism, and;
4. Expensive solutions to modest problems. (p. iix-ix).
The study also found that dramatic improvements could be made by implementing just two of the category 1
options (Stevens, et al, 2008, p. xiii). This type of approach satisfies the cost/benefit analysis of business as well
as the Government's need to maintain service continuity. This partially bridges the public/private divide and
indicates that the protection of critical infrastructure can be achieved in effective and cost effective ways.
TRAINING AND EXERCISES
The fifth stage of continuity management involves promoting awareness and training in the Business Continuity
Plan and associated emergency responses. This stage is intricately linked with local and regional security
networks, and according to Waugh (2004), investment in planning and exercising [are essential] to assure that
those security networks are adequate (p. 312). Elements of infrastructure interdependence that were considered
earlier in the continuity planning process will directly impact how training and exercising is conducted, the level
of investment in training, and eventually the level of coordination and cooperation during a disruption. Airport
operators may ask if another airports contingency plans take into account a particular disruption of their
network node (airport). If not, what adjustments need to be made to continuity plans to compensate? Of course,
the ideal situation would involve a resounding yes to the first question from all areas of the infrastructure
network. If security networks can be effective on every level, this will help the industry tip toward a more
cooperative and integrated security culture, creating a greater incentive to invest in security. Eventually this may
lead to a resounding yes emanating from a unified infrastructure network.
RECOVERY AND ASSESSMENT
The final stage of the continuity planning process is to ensure that the applied processes remain up to date and
appropriate to the security environment. This is a continual process of review and improvement. The review
process is integrally linked to the recovery phase of a disruption, and is essential in order to establish potential
areas of improvement. The recovery stage of emergency crisis management involves the re-establishment of
critical airport functions in the least time possible. Enoma and Allen (2007) identify key aspects of recovery as:
- Availability of backup or alternative for the facility;
- The ease of repair or replacement;
- The experience and expertise available;
- The strength of the workforce;
- The speed at which the security authority takes control of the situation;
- The way and manner the airport officials handle the situation;
- The early arrival of help from ambulances and medical crew;
- Creation of support and canceling areas for those involved;
- Clear communication to everybody on the situation at hand through the public address system;
- Clear signage to the nearest assembly point; and
- An unobstructed route to the nearest assembly point. (p. 311).
52
Recovery also involves assessing the performance of the planning, preparation and response. The process of
assessment can be problematical given the difficulty in determining where and how improvement has occurred,
and where it is needed. Here, the importance of regional security networks that involve many airports becomes
apparent, as details of recovery assessment for different airports may be compared in order to aid evaluation.
Enoma and Allen (2007, p. 296) state that the use of key performance indicators for airport safety and security
may provide a frame of reference for post incident assessment. They argue that key performance indicators can
aid comparison like for like so it will be possible to compare the operations of different airports (p. 301).
Rigorous benchmarks, key performance indicators as well as measurement and performance targets are tools
that can assist the speed of recovery and limit the loss of lives, assets and money (Enoma & Allen, 2007, p.
313).
However, no amount of planning and preparedness is adequate to prevent all extreme risks from eventuating
(Wildavsky, 1988). Much literature has been published on both the requirement and the impossibility of
knowing the sources and dynamics of threats well enough to avoid them all (Turner, 1978; Reason 1990, 1997;
Pauchant & Mitroff, 1992; Anheier, 1999; Gauld & Goldfinch, 2006). But given the critical nature of
infrastructure, it is the responsibility of the private sector to ensure all available tools are utilised to ensure
continuity and that due consideration is given to the risks and benefits of the fundamental interdependence of
infrastructure. It follows that the Government must take responsibility for providing the appropriate tools for the
private sector to apply, and to provide essential support through its departments and the Trusted Information
Sharing Network.
CONCLUSION
The protection of critical infrastructure poses some of the most significant challenges to nation-states today.
This paper examined the process of planning, incident, and recovery for Australian airports taking into
consideration the problems associated with security networks and the interdependent nature of critical
infrastructure. It was found that the fundamental interdependence that allows aviation infrastructure to function
may be an additional source of risk which creates variations in the expected risk exposure within the
infrastructure network. Mitigation strategies at one airport may be rendered ineffective or redundant by the
security arrangements of another airport within the network. There is also an increasing awareness that the
privatised nature of much of Australias critical infrastructure calls for a broader and more robust integration of
public and private elements in security networks.
However, the aviation infrastructures fundamental interdependence may also yield great benefits in creating an
integrated security solution. Agreement and cooperation on security measures among a small part of the
infrastructure network can change the tide of opinion and the general security outlook among aviation
infrastructure owners and operators. Measures employed to increase the integration of public and private
elements in security networks will assist these networks to be effective on every level. This has the potential to
help the industry tip toward a more cooperative and integrated security culture, creating a more robust security
environment for Australias critical aviation infrastructure.
REFERENCES
Anheier, H.K. (Ed.). (1999). When things go wrong: organizational failures and breakdowns. Sage: Thousand
Oaks, CA.
Attorney Generals Department. (2005). National Counter-Terrorism Plan (2
nd
ed.). Canberra: Commonwealth
of Australia.
53
Attorney Generals Department. (2008). Information for business: Business continuity planning. Retrieved
August 20, 2008, from
http://www.ag.gov.au/agd/www/nationalsecurity.nsf/Page/Information_For_BusinessBusiness_Continuit
y
Audi, J., Belson, M., Patel, M., Osterloh, J., & Schier, J. (2005). Ricin poisoning: a comprehensive review.
Journal of the American Medical Association, 294(18), 2342-2351.
Boin, A., & McConnell, A. (2007). Preparing for critical infrastructure breakdowns: the limits of crisis
management and the need for resilience. Journal of Contingencies and Crisis Management, 15(1), 50-59.
Boin, R.A., Kofman-Bos, C., & Overdijk, W.I.E. (2004). Crisis simulations: exploring tomorrows
vulnerabilities and threats. Simulation and Gaming: An International Journal of Theory, Practice and
Research,35(3), 378-393.
Chantler, A.N., & Broadhurst, R. (2006). Critical information infrastructure protection. Technical report for the
Australian Institute of Criminology. Retrieved August 10, 2008, from http://eprints.qut.edu.au
Crichton, G. (2007). The Glasgow airport attack from a business continuity and crisis management point of
view. Business and Continuity Journal, 2(3), 18-24.
Cyber Security Journal. (2006). Cyber threats to the critical infrastructure of the nation. Retrieved August 14,
2008, from http://www.cybersecurityjournal.com/category/cyber-crime/
Department of Homeland Security. (2006). National Infrastructure Protection Plan. Washington. DHS.
Department of Infrastructure, Transport, Regional Development and Local Government. (2008). Aviation
Security Measures for Carry-on Baggage at International Airports. Retrieved August 4, 2008, from
http://www.infrastructure.gov.au/transport/security/aviation/LAG/index.aspx
De Ruiter, C.J., & Lemmens, O.M.E.J. (2008). Liquid explosives the threat to civil aviation and the European
response. In H. Schubert and A. Kuznetsov (Eds.), Detection of liquid explosives and flammable agents
in connection with terrorism. Springer Science.
Dupont, B. (2004). Security in the age of networks. Policing & Society, 14(1), 76-91.
Elias, B. (2008). National aviation security policy, strategy, and mode-specific plans: background and
considerations for congress. Congressional Research Service. Retrieved August 15, 2008, from
http://www.fas.org
Enoma, A., & Allen, S. (2007). Developing key performance indicators for airport safety and security.
Facilities, 25(7/8), 296 -315.
Fleckner, A. (2005). Developing a comprehensive approach by transport operators to the terrorist threat.
Proceedings of the Australian Urban Transit Security Conference. Melbourne: AHSRC.
54
Gauld, R., & Goldfinch, S. (2006) Dangerous enthusiasms: E-government, computer failure and information
system development. Otago University Press: Otago.
Heal, G., Kearns, M., Kleindorfer, P., & Kunreuther, H. (2008). Interdependent security in interconnected
networks. Proceedings of the International Public-Private Preparedness Summit, 2008. Florence. NYU.
Jenkins, B.M. (2002). Get used to it: our airports are vulnerable to terrorism. Retrieved August 12, 2008, from
http://www.rand.org/commentary/2002/07/25/LAT.html
Kearns, M., & Ortiz, L.E. (2004). Algorithms for interdependent security games.University of Pennsylvania.
Retrieved August 20, 2008, from
http://books.nips.cc/papers/files/nips16/preproc/NIPS2003_AA71.pdf
O'Malley, P. & Palmer, D. (1996). Post-Keynesian policing. Economy and Society, 25(2), 137-155.
Pauchant, T.C., & Mitroff, I.I. (1992). Transforming the crisis-prone organization: preventing individual,
organizational and environmental tragedies. Jossey-Bass: San Francisco.
Reason, J. (1990). Human Error. Cambridge University Press: Cambridge.
Reason, J. (1997). Managing the Risks of Organizational Accidents. Ashgate: Aldershot.
Rosenthal, U. & Pijnenberg, B. (Eds) (1991). Crisis management and decision making: simulation oriented
scenarios. Kluwer: Dordrecht.
Rothery, M. (2005) Critical infrastructure protection and the role of emergency services. The Australian Journal
of Emergency Management, 20(2), 45-50.
Schwartz, P. (2003). Inevitable surprises: Thinking ahead in a time of turbulence. Gotham Books: New York.
Smith, J.A.D., & Runyon, L.C. (2003). Terrorism preparedness and response. Washington: National
Conference of State Legislatures.
Standards Australia. (2004). HB 221 Business Continuity Management. Sydney: Standards Australia.
Stevens, D., et al. (2006). Implementing security improvement options at Los Angeles international airport.
Congressional Research Service. Retrieved August 15, 2008, from http://www.fas.org
t Hart, P. (1997). Preparing policy makers for crisis management: the role of simulations. Journal of
Contingencies and Crisis Management, 5(4), 207-215
Trusted Information Sharing Network. (2004). Critical Infrastructure Protection National Strategy. Version 2.1.
Canberra. Commonwealth of Australia.
55
Turner, B.A. (1978) Man-made Disasters. Wykeham: London.
Waugh, W.L. Jr. (2004). Securing mass transit: a challenge for homeland security. TheReview of Policy
Research, 21(3), 307-317.
Wheeler, J. (2005). An Independent Review of Airport Security and Policing for the Government of Australia.
Canberra: Commonwealth of Australia.
Whelan, C., & Palmer, D. (2006). Responding to terrorism through networks at sites of critical infrastructure: a
case study of Australian airport security networks. Proceedings Social Change in the 21st Century
Conference 2006 (pp. 1-13).Brisbane. QUT Carseldine.
Wildavsky, A. (1988), Searching for Safety. Transaction: New Brunswick.
Yates, A. (2003). Engineering a safer Australia: Securing critical infrastructure and the built environment.
Australia: Institution of Engineers.
COPYRIGHT
Melvyn Griffiths and William. J. Bailey, Edith Cowan University 2008. The author/s assign Edith Cowan
University a non-exclusive license to use this document for personal use provided that the article is used in full
and this copyright statement is reproduced. Such documents may be published on the World Wide Web, CD-
ROM, in printed form, and on mirror sites on the World Wide Web. The authors also grant a non-exclusive
license to ECU to publish this document in full in the Conference Proceedings. Any other usage is prohibited
without the express permission of the authors.
56
Modern Society as Risk Society: Implications of Modernity on Private Security
David Jurcic
Edith Cowan University
djurcic@student.ecu.edu.au
Abstract
German sociologist Ulrich Beck has devised an exclusive theory of risk and reflexive modernisation, impacting
considerably on contemporary sociological thinking (Elliott, 2002). One of the core tenants of Becks argument
is that modernisation is dissolving industrial society and in its place, leaving behind a new modernity
(Shearing & Stenning, 1981). Beck refers to this new modernity as risk society, a type of society where the
notion of risk becomes the new lens through which individual and institutional thinking is guided in
contemporary societies (Hall, 2002). Drawing on the work of Beck and other scholars, this paper examines the
growing concerns with security/protection, by placing the analysis within the context of the late modern or risk
society. The paper attempts to demonstrate how security is likely to be impacted by present societys growing
focus towards the control and management of uncertainty and risk.
Keywords
Ulrich Beck; modernity; risk society; reflexive modernisation; risk management; ontological security; risk
society thesis; protection.
INTRODUCTION
Simple Modernity to Post Industrial Era
According to Ferguson (1997), simple modernity ran from a period between the 1920s to the 1970s. Western
societies during this particular period have been described as pre-modern societies, as it was a period during
which the concept of uncertainty was understood as danger or hazard over which people had little or no control
(Hall, 2002). It has been suggested that the idea that people could in some way control uncertainty, was not part
of the lexis at that time and in the event of some misfortune, outcomes were attributed to fate, chance or even
Gods will (Hall, 2002). Hence threats were viewed as a given, but an outcome over which people or even
society had little or no control (Hall, 2002). According to Shrivastava (1995), the logic of wealth production
dominated the logic of risk production: risks [in this era] were [viewed] as minor, and they could be treated as
a latent side effects or externalities of production (p.120).
The move from classical industrial society (simple modernity) to the post industrial (modernity) era has resulted
in a shift in the way society and individuals think about threats and hazards. Hall (2002) says that modernity has
brought on a condition in which the logic of risk has emerged as a dominant preoccupation, whereby Instead of
viewing most threats as givens, people increasingly understand risk as products of human activities, and as a
phenomena over which humans exercise control and responsibility (p.175). Hence, thinking in terms of risk
has become central to the way in which human agents and modern institutions organise the social worldrisk
managing and risk monitoring increasingly influence both the constitution and calculation of social action
(Elliott, 2002, p. 299).
Risk A New Way of Thinking
Risk based ways of thinking may be observed in business, government and professional practice where
individuals and institutions are persistently ordering reality into a calculable form. Furedi (2005) describes risk
based thinking as the application of rational management principles that is symptomatic of contemporary
cultural attitudes towards threatening and dangerous phenomena. It seems apparent that human agents in the
57
modern world are attempting to control an unpredictable future through mechanisms that aim to control risk
(Elliott, 2002; Loader, 1999).
Today, it is common practice for human agents within developed democracies to proactively manage risk and
uncertainty, by anticipating undesirable outcomes before as apposed to retrospectively dealing with the effects
as they arise (Shearing, 2001). Classical risk oriented approaches to decision making involves a temporal shift to
pro-actively anticipate and forestall events that have yet to occur, but paradoxically may not actually ever occur,
by changing the language of misfortune or uncertainty into a calculable probability (Hollway & Jefferson, 1997;
Zedner, 2007). Through the use of methodologies and practices that attempt to order the future into calculable
constructs, human agents have discovered the rationale behind the improvements and gains that are achievable
during decision making, especially when risky judgements and decision need to be made. According to Beck
(1992) present-day awareness of hazards or threats has become future orientated; The centre of risk
consciousness lies not in the present, but in the futureWe become active today in order to prevent, alleviate or
take precautions against the problems and crises of tomorrow and the day after tomorrow (p.34). There is a
growing tendency by human agents to understand what the outcomes (consequences) are likely to be, before
engaging in activities that might be considered as risky (Furedi, 2005). This is supported by Los (2002) in which
she states that within the new order, people have begun to assess potentially hazardous situations and choose
how to approach them (p.171).
Reflexive Modernization - Responding to Dangers
Risk society commentators like Beck, Giddens and others support the view that present day preoccupations with
risk management, security (protection/loss prevention) and safety is linked to societies heightened fears of
threats and hazards brought on by a climate of insecurity (Hughes, 2003). This insecurity may be due to the
process of reflexive modernization which, according to Beck is at the core of risk society (Ferguson, 1997).
Reiterating, since around the 1970s, western societies have entered a new social order, an era of modernity or
risk society. Within such an era, there appears to have been significant changes to the way people and the
greater society perceive and then responded to hazards and dangers. Many authors discuss the new risk
consciousness that exists, which essentially concerned with undesirable risk events and its management.
Following on from the argument above concerning the climate of insecurity, such insecurity is then said to be
linked to reflexive modernization.
Insecurity may increase because of the reflex or responsive behaviours that people may have towards
information about hazards and dangers. Essentially, people react and organise their behaviours and activities in
manner that reflects an increased awareness of the potential harms that are out there somewhere in the world of
which they form apart. People thus have a conscious recognition that potential downsides to risk do exist and
that the outcome of a risk can be harmful. However, there is also an awareness of the gaps in knowledge about
the possibility of future events that cannot be predicted with absolute certainty (Ferguson, 1997). Reflexive
modernity may mean that individuals and institutions perceive and respond to control the possibility of
unfortunate events, even with the awareness of the existence of inadvertent or unknown consequences
(Ferguson, 1997). It is possible to observe links between societies concern with threats and hazards, brought on
by insecurity and the corresponding reflexive application of precautionary techniques to better manage the
negative consequences that have been brought on by modernisation (Hutchinson & O'Connor, 2005; O'Reilly &
Ellison, 2005). For example, according to Loader (1999), The purchase of policing services or security
hardware enablespeople to feel they have acted responsibly in the face of crime, reducing their levels of risk
and bringing themselves some peace of mind (p.382).
There are likely to be more complex structural linkages that explain the desire for modern agents to take pre-
emptive action to secure themselves. Many authors suggests that modern societies desire for certainty over
uncertainty, precipitated by conditions of anxiety, is likely to play a substantial part in attracting human agents
to courses of action that offers the ability to provide order and control to an otherwise uncertain or unpredictable
future (Hollway & Jefferson, 1997). Hutchinson & O'Connor (2005) suggest that the growth of protection
systems is part of the surge towards risk based thinking, which paradoxically, has become central to the practice
of asset protection.
The Search For Certainty
Giddens as cited by Rasmussen (2002) mentions the term ontological security, a condition that is desired by at
risk societies. The term implies the firm knowledge of what one might expect (p.331). Modern society is
an actuarial society, where many aspects of social life are transformed from a state of unknowability, invisibility
or even uncertainty, to a social that is informed, visible, knowable and manageable (Ferguson, 1997;
58
Hutchinson & O'Connor, 2005). Societys desire for ontological security requires knowledge. The insatiable
demand for knowledge is increasingly a function [that] is linked to the generic task of providing information
for risk analysis (Johnston, 1999, p.189). Ontological security flows from the knowledge provided by the
systematic generation of information gained during the analysis of risks (Hall, 2002). There is evidence to
suggest that the contemporary security discourse has adapted an actuarial frame of reference that presumes
that security risk events are predictable and therefore calculable and manageable (Ferguson, 1997). According to
Fisher & Green (1998) Security implies a stable, relatively predictable environment in which an individual or
group may pursue its ends without disruption or harm and without [the] fear of disturbance or injury (p.3).
Security as defined here implies the creation of conditions of stability and predictability against harm and injury,
which not surprisingly, is symptomatic of an at risk society. The definition seems to imply that security risk
events are visible, knowable and therefore predictable.
The Insatiable Demand For Protection
According to Ericson, Barry, & Doyle (2000), security is at the core of modernity. Many authors support the
view that there is an insatiable demand for security due to heightened perceptions of risk (Abrahamsen &
Williams, 2006). Accordingly, human agents will be attracted to security as it provides a veneer of control over
the fear of threats or for some, a means to control their susceptibility to victimisation (Loader, 1999). Giddens as
cited by Loader (1999) describes how it is now common to see individuals, businesses and communities
building protective cocoons around themselves. This apparent shift in consciousness to anticipate and forestall
undesirable outcomes is exemplified by the modern approach to the provision of security, where risk based
(predictive, actuarial and event based) methodologies have for many years, been a principle characteristic
(O'Reilly & Ellison, 2005).
Lustgarten as cited by O'Reilly & Ellison (2005) suggests that security institutions have long been in the
business of providing risk management solutions, even before the onset of modernity. It is important, at least in
this context, to highlight the difference between preventive methodologies in a generic sense and risk based
solutions in particular. To suggest, as Lustgarten does that security intuitions have long used risk based modes
of operation, would not be entirely accurate. Early security programs were not pre-emptive in a true sense as
would be understood by contemporary risk discourses. Applications of preventive security measures prior to the
1970s were driven by an enforcement mentality that required adherence to rules and the application of physical
hardware that were implemented after a security breach had been realised. Hence, security measures were
implemented to counter a security breach after the fact, to prevent reoccurrence, which is a reactive approach.
Real applications of risk management methodologies require forward planning and proactiveness to anticipate
events before they manifest into tangible loss and disruption. Such forward thinking within a security context is
a modern realisation. This is supported by Shearing (2001) where he mentions that risk focused modes of
governing is emerging within security. Shearings commentary also contradicts Johnstons (1999) argument that
the principles of risk management have been central to commercial security for more than a century.
Shifting Crime Discourse
According to Loader (1999), taking precautions against crime risk within modern society is becoming the
norm rather than the exception for individuals and organisations. Coleman & Sim (1998) make note of the
official discourse on crime that is increasing being viewed as a risk to be managed, rather then an issue that
needs to be explained. According to Shearing (2001), traditional or pre-modern modes of thought that centred
on justice are being eroded by a new morality, one that is based on the logic of risk. This risk logic or new
penology as Coleman & Sim (1998) point out is focused upon an instrumentalist approach that is central to risk
based thinking. It is possible to observe how traditional notions of crime control are changing due to modernity.
Order maintenance, upholding social norms and making criminals accountable for past wrongs, traditionally
central to criminal justice systems is according to Shearing (2001) slowly fading. The move towards modernity
has changed the way society views crimes and criminals. Crime is now less attributed to economic and social
conditions or demography and instead seen as a given, a normal condition of modernisation that needs to be
examined in the context of probability and consequences, and measures implemented to reduce loss or prevent
disruption (Zedner, 2003). Criminality is no longer presented as a deviation from the norm but rather as
continuous with normal social interaction and motivated by the same urge to utility maximisation (Zedner,
2003, p.158). Reflexive societies have begun to deviate away from correcting past wrongs and tyring to
rehabilitate offenders, to a mode of thinking that is emphasizing a conscious shift towards understanding the
costs of wrongs or crimes and what can be done to prevent the likelihood of future reoccurrence. Accordingly,
risk management is managerial, not corrective or punitive. It does not focus on problems or causes,
wrongdoing or the morality of erring individuals, but on reducing risks and avoiding harm (Heng, 2002, p.
234).
59
Risk Society and Security A Harmonious Existence
Risk societies, though it would seem, appear to be obsessed with the search for security (Johnston, 1999).
Security can survive strongly within a cultural sphere that is dominated by risk based thought and action
(Johnston, 1999). As society changes, security has also transformed to accommodate and feed the growing
expectations of a risk society. As society exhibits a growing tendency towards risk based ways of thinking, the
working practices of security have adapted to ensure that its principle mode of functioning caters for the
challenges presented by contemporary risk society. Modern security has adapted the philosophy of risk
management which is now firmly embedded within contemporary discourses. The working practices of security
emphasise a rational, pragmatic approach to decision making. The aim is to reduce or prevent loss and therefore
protect the interests of populations that are at risk of future security violations (Lippert & O'Connor, 2006).
Security achieves its objectives by identifying, assessing, evaluating and quantifying risks and then providing
cost effective options to reduce the probability and or consequences. This contemporary discourse ensures that
security accentuates a temporal shift in its own consciousness that will motivate thought and action towards
anticipation, forward planning and proactiveness. As modernity has brought with it a consciousness of risk,
which according to Heng (2002) is bound up with attempts to control and colonize the future (p.232)
Present day security discourses have moved towards controlling and anticipating the future via proactive,
calculated, risk based actions.
CONCLUSION
This paper introduces the risk society thesis developed by Ulrich Beck. The discussions have attempted to show
how the growing concerns with risk and its management is driven by Western societys heightened perceptions
of hazards and dangers that are driven by a process of reflexive modernization. Growing concerns with threats
and hazards, brought on by insecurity, causes a corresponding reflexive application of precautionary techniques.
As individual and institutional thinking is being continuously guided and framed by a risk logic, we thus
observe an actuarial society at work where most aspects of social life are transformed from a state of
unknowability, invisibility or even uncertainty, to a society that is informed, visible, knowable, calculable and
manageable. It was also shown that as society has entered a post industrial state, the working practices of
security have adapted the philosophy of risk management to ensure that its principle mode of functioning caters
for the challenges presented by contemporary risk society.
It would appear that there is an insatiable demand for security due to heightened perceptions of risk in the post
industrial era. Human agents will be attracted to security as it provides control over the fear of threats or in some
instances, will be the sole means by which these agents can reduce their levels of victimisation. Hence security
enables people to feel they have some control over the wrongs or dangers that seem to be prevalent within the
consciousness of the post industrial era, bringing stability and predictability.
The paper also discusses how reflexive societies have begun to deviate away from correcting past wrongs and
tyring to rehabilitate criminals, to a mode of thinking that is beginning to emphasize an understanding of the
costs of crimes and what can be done to prevent the likelihood of future reoccurrence, consistent with a risk
logic. The move towards modernity has changed the way society views crimes and criminals; crime is now less
attributed to economic and social conditions and instead seen as a given, a normal condition of the late modern
era that needs to be dealt with by a risk frame of reference.
It appears that security will continue to be in strong demand by a risk society. As long as insecurity prevails, and
there is strong desire by human agents to pre-empt undesirable outcomes, and to bring a sense of stability and
predictability to an otherwise dangerous and unpredictable world. Security will continue to exist to provide the
type of protection that is tailored and which reflects the consciousness of risk society.
REFERENCES
Abrahamsen, R., & Williams, M. C. (2006). Security sector reform: bringing the private in. Conflict, Security &
Development, 6(1), 1-23.
Coleman, R., & Sim, J. (1998). From the Dockyards to the Disney Store: Surveillance, Risk and Security in
Liverpool City Centre. International Review of Law, Computers & Technology, 12(1), 27-45.
Elliott, A. (2002). Beck's Sociology of Risk: A Critical Assessment. Sociology, 36, 293-315.
60
Ericson, R., Barry, D., & Doyle, A. (2000). The moral hazards of neo-liberalism: lessons from the private
insurance industry. Economy and Society, 29(4), 532-558.
Ferguson, H. (1997). Protecting children in new times: child protection and the risk society. Child and Family
Work 2, 221-234.
Fisher, R. J., & Green, G. (1998). Introduction to Security (Sixth ed.). Woburn, WA: Butterworth-Heinemann.
Furedi, F. (2005). Culture of Fear: risk taking and the morality of low expectation (Revised ed.). London. New
York: Continuum.
Hall, D. R. (2002). Risk Society and The Second Demographic Transition. Canadian Studies in Population,
29(2), 173-193.
Heng, Y. K. (2002). Unravelling the war on terrorism: A Risk-Management Exercise in War Clothing? Security
Dialogue, 33, 227-242.
Hughes, G. (2003). Understanding crime prevention; Social control, risk and late modernity. Maidenhead:
McGraw-Hill House.
Hutchinson, S., & O'Connor, D. (2005). Policing the New Commons: Corporate Security Governance on a Mass
Private Property in Canada. Policing and Society, 15(2), 125-144.
Jefferson, W. H. T. (1997). The Risk Society in an Age of Anxiety: Situating Fear of Crime. The British Journal
of Sociology, 48(2), 255-266.
Johnston, L. (1999). Private Policing in Context. European Journal on Criminal Policy and Research, 7, 175-
196.
Lippert, R., & O'Connor, D. (2006). Security Intelligence Networks and the Transformation of Contract Private
Security. Policing and Society: An International Journal of Research and Policy, 16(1), 50-66.
Loader, I. (1999). Consumer Culture and the Commodification of Policing and Security. Sociology, 33, 373-
392.
Los, M. (2002). Post-communist fear of crime and the commercialization of security. Theoretical Criminology,
6, 165-188.
O'Reilly, C., & Ellison, G. (2005). Eye Spy Private High. British Journal of Criminology, 46, 641-660.
Rasmussen, M. V. (2002). 'A Parallel Globalization of Terror': 9-11, Security and Globalization. Cooperation
and Conflict, 37, 323-349.
Shearing, C. (2001). Punishment and the Changing Face of the Governance. Punishment & Society, 3, 203-220.
Shearing, C. D., & Stenning, P. C. (1981). Modern Private Security: Its Growth and Implications. Crime and
Justice, 3, 193-245.
Shrivastava, P. (1995). Ecocentric Management for a Risk Society. The Academy of Management Review, 20(1),
118-137.
Zedner, L. (2003). Too much security? International Journal of the Sociology of Law, 31, 155-184.
Zedner, L. (2007). Pre-crime and post-criminology? Theoretical Criminology, 11(2), 261-281.
COPYRIGHT
David Jurcic2007. The author/s assign Edith Cowan University a non-exclusive license to use this document
for personal use provided that the article is used in full and this copyright statement is reproduced. Such
documents may be published on the World Wide Web, CD-ROM, in printed form, and on mirror sites on the
World Wide Web. The authors also grant a non-exclusive license to ECU to publish this document in full in the
Conference Proceedings. Any other usage is prohibited without the express permission of the authors.
61
A new definition of Piracy in South East Asia required?
P. Kevans
School of Engineering
Security Science
Edith Cowan University
Bill Bailey
SECAU Security Research Centre
Edith Cowan University
Abstract
Many experts consider that Piracy is a serious problem in South East Asia region and that this impacts on both
world trade and the economy generally. However, there is another school of thought that indicates because of
the way piracy is defined it includes what are in fact incidents that should be classified as crimes by another
name. The issue appears to be the definition of what is piracy? Furthermore, the reluctance of some countries
to take part in international initiatives or allow external powers to be involved in the process is also in question.
They consider it to be an infringement of their national sovereignty; therefore they deem it to have greater
geopolitical ends rather than a way to control the problem of piracy. These waters also have serious social and
economical constraints that limit their involvement to effectively mitigate the issue.\ The response to reducing
piracy incidents is neither insular nor simple; the social constructs need to be considered in providing a greater
understanding of what piracy actually means in the wider context. This will allow the actual problem of real
piracy to be dealt with effectively and not to waste resources on what could be classified as petty crime. This
paper recommends that a new definition of piracy is required in order to establish a new direction for
combating piracy.
Keywords
Piracy, Government, Legislation, Root Causes, Geopolitical, Aid, SLOC, ASEAN, UNCLOS, ReCAAP.
INTRODUCTION
The subject of Piracy is one that has become very prominent on the news today with a substantial increase in the
number of incidents this year. Although Somalia is currently the area of interest this paper will focus on the
issue of Piracy in S.E. Asia, principally the regions of Malacca, Indonesia, Singapore Straits and the littoral
states that border them. The paper will review what measures have been used to try and reduce the problem as
well as the barriers associated to agreement of some of the proposed regional and international initiatives that
are being proposed.
The process will review the definitions of piracy in a legal context, to ascertain if the legal designations
realistically reflect it broadly enough to allow effective application in perceived mitigating mechanisms.
Conversely consider whether the definitions themselves are acting as a barrier to ratification of security
initiatives and protocols.
The overall premise of research should allow for a more effective understanding of the crime threat while
considering the influential nodes that may alter the threat level. This in turn should assist the Security function,
both State and private shipping operators in the application of security policies and strategies that could prevent
or mitigate crimes at sea?
Objectives and Aims
The principal aim of the paper is to identify the level of piracy threat to the Sea Lanes of Communication
(SLOC) and Shippers in South East Asia (S.E.Asia). Establish some of the root causes of piracy on a local and
regional level including social economical aspects of the crime and identify any risk transfer nodes that may be
established when these influences are established. Based upon these aspects a redefinition of Piracy will be
suggested as a method to focus resources at the actual problem and not petty crime side issues.
62
Overall the premise is to emphasise that the issue of piracy is not a simple issue that can be adequately
prevented just by heightened frequency of marine patrols. It is offered that the threat of piracy remains where an
ineffective policing strategy is assigned. Especially if it fails to consider the inductive functions of the crime
nodes and mechanisms, as well as the barriers to achieve or maintain an accepted mitigating construct.
Significance
The principal purpose of this paper is to identify whether Piracy in South East Asia (S.E.Asia) is resulting in a
significant impact to global shipping as some regional and international governments perceive it be and why
they are pressuring coastal states to effectively address the problem. This pressure is centred on the assignment
of enforcing agencies and ratification of both regional and international protocols.
It can be offered that the international focus is based on the protection of shipping routes or Sea Lanes of
Communication (SLOC) which carry critical infrastructure commodities which are of global economic
significance. On this basis a high monetary significance could be assigned. The annual Asia global marine
market is estimated to be worth US$ 254 Bn (Parsons, Westwood, Rowley, 2002) as figure 1 below indicates,
with some 45% (Barrios 2004, P1) of the worlds shipping passing through the S.E.Asia region as such many
countries relying on the trade links then any significant threat requires mitigating for.
Figure1. Geographic Segmentation of the US$747Bn. Westwood Associates UK (2002) Global Ocean Markets
Although as stated by Maritime International Secretariat Services (MARISEC) website (The Round Table of
International Shipping Associations, 2004, P.1) it is difficult to quantify the value of world seaborne trade in
monetary terms. Douglas Westwood associates from the UK in a later paper (2005, p.24) give reference to the
United Nations Conference on Trade and Development (UNCTAD) who hazard an estimate, that the operation
of merchant ships contributes about US$380 billion in freight rates within the global economy, equivalent to
about 5% of total world trade. On this basis and that the segmentation provided in figure 1 remains applicable
this indicates that Asia merchant shipping is valued at an approximate 129bn USD.
Also in considering critical infrastructure commodities, Zubir M (2005, p.6) suggests that oil and gas shipments
passing through the Malacca straits alone are estimated to be somewhere in the region of 11 million barrels a
day, in example this route services some 80% of Japans Oil import requirements. This being the case and on
recent barrel values reaching $USD 130 (BBC News, 2008) then any threat to the safe transit of this highly
sensitive priced commodity could potentially result in a global economy downturn, stifling Asia growth and
possibly resulting in a return to the economic levels of 1998 Asia market crash.
63
Currently there continues to be healthy expansion in the shipping industry as indicated in figure 2, which
identifies nearly a doubling in growth in dry weight tonnage (dwt) over 300 gross tonnes.
Figure2. Total world merchant fleet by national and foreign registries as of January 1st, 1995 2007 (dwt index
1995 = 100) Heideloff, (2007)
This growth is further compounded by a reduction in the number of vessels being scrapped; figure 3, which
potentially indicates that the SLOC are in the short term likely becoming more congested as older vessels
remain in service, thus posing a safety risk, while also offering more opportunity to pirates.
Figure 3. World tonnage additions and reductions 1994-2006 dwt, Heideloff, (2007)
Due to these global economic values then why are countries being assigned a responsibility to act by the
International community, not ratifying regional agreements or United Nations International codes?
Firstly the premise of this paper is to identify;
What are the legal definitions of piracy and
Identify whether piracy in S.E. Asia actually poses a serious threat to regional and even
international global trade as may be suggested by experts and authors.
While doing so:
Ascertain if piracy in international waters or armed robbery, in states territorial waters, International
Maritime Bureau [IMB definition] should be re classified to correctly define the crimes that are being
committed.
It is proposed that these influences must be considered as both barriers and risk reduction concepts that will
subsequently enable international, regional power nations with a vested interest in the region as well as the
64
Shippers themselves to better consider strategies, while reducing the threat and the influences of marine based
crime.
Research Premise
The fundamental research premise is based on the general threat of piracy in the region and in such the principal
focus will be made towards the regional and geopolitical responses by governments and industry alike. To
achieve this effectively it is necessary to identify and provide examples of the threats and response in relation to
comment, theory or definition as that may be proffered by a research paper author, book or assigned legislative
function or marine standards as well as industry and government issued piracy data. Where interviews are
undertaken the research function is based on that as suggested by Cohen, Manion (2000, p.27), Research
Methods in Education.
Background
The focus of many papers points to Indonesia waters as some of the most active and dangerous waters in the
world, Beckman, 2002, p.317. Beckman further highlights that from 1999 to 2000 resulted in a 56% increase in
incidents and this was a fourfold increase compared to 1991. The author however does not indicate any potential
external influences to this increase in his example.
Asia suffered financial crises in 1998, which started after a devaluation of the Thai Baht in 1997, and this
resulted in massive regional unemployment and overall economic downturn bringing some countries to the
virtual brink of collapse. Emmer, 2007, in a working paper on piracy offers that;
The rise in Piracy has resulted from social economic difficulties face after the 1997 [not felt until 1998] Asia
crash. Poverty and unemployment resulted in piracy, an attractive income for coastal communities.
(Emmers 2007, p.9)
Southeast Asia specifically Indonesia, Malaysia and Singapore noted the following step changes in reported
piracy incidents:
Indonesian Waters 1998, 60 incidents to 2000 119 incidents
Singapore Waters (Straits) 1998, 1 to 14 in 2000
Malaysia 1998, 10 to 21 in 2000
Malacca Straits running between Malaysia, Indonesia and at its south, sitting Singapore went
from 1 in 1998 to 75 in 2000
Figure 4 provides a trend of piracy and armed attack incidents collated from IMB reports 1991 to first quarterly
reports 2008. This provides a clear indication of incident uplift 1994 to 2000 and subsequent decline thereafter
to 2008.
65
Total Attempted & Actual Piracy Incidents
(IMB Reports 2001 - 2007 - S.E.A, India, Far East, India, Sub-Continent)
0
20
40
60
80
100
120
140
160
180
200
220
240
260
280
300
320
340
360
380
1
9
9
1
1
9
9
2
1
9
9
3
1
9
9
4
1
9
9
5
1
9
9
6
1
9
9
7
1
9
9
8
1
9
9
9
2
0
0
0
2
0
0
1
2
0
0
2
2
0
0
3
2
0
0
4
2
0
0
5
2
0
0
6
2
0
0
7
2
0
0
8
(
M
a
r
c
h
)
Year
N
u
m
b
e
r
S.E.A Malaysia,
Indonesia, Singapore
Indian & Sub-continent
S.E.A & India Sub-
continent
Figure 4. International Marine Bureau (IMB), 2001 - 2007 Piracy Reports,
Although since 2000 there has been a steady overall decline in piracy incidents in S.E. Asia although there was
an upward turn in 2003, the trend has dropped by some 69% from 2000 to 2007 with incidents reported in the
region running on par with 1991 piracy reports of 102 and 109 in 2007, this is also comparable to the incident
levels pre-Asian Crash. However positive, this suggests that even in good times piracy remains and this may be
attributed to a function of community acceptance as well as a marginalization of coastal communities.
This is not to assign all the improvements in incident frequency to one facet as other constructs need to be
discussed and addressed. Although on initial data trending the link between economic stability is potentially a
principal influential factor. The downward trend in statistics has been attributed to the littoral states enforcement
initiatives (IMB, 2005 p.22) however this has been sporadic at best since being introduced between Singapore
and Indonesian navies through the Indonesian Singapore Coordinated Patrols (ISCP) patrols which commenced
in 1992, see figure 5 below:
66
Total Attempted & Actual Piracy Incidents - Key Events
(IMB Reports 2001 - 2007 - S.E.A - Malaysia, Indonesia, Singapore)
0
20
40
60
80
100
120
140
160
180
200
220
240
1991 1992 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008
(March)
Year
N
u
m
b
e
r
Asia Financial Crash / USD
dollar tumbles
Tsunami
& Aceh
Ceasf ire
Thai Bhat Depreciated
Aceh peace agreement /
Indoensia elections
Indonesia: 20 Million Unemployed
79.4 Min Poverty
SARS af f ects
Toursim
Malacca Littoral States increase
Patrols. TNI/ Malay Navies praised
f or apprehending pirates by IMB
(EIS)
Insurance War Rating
start/ stop
Indonesia: 20 Million Unemployed 140
Million in Poverty / President Suharto
Loses election
Littoral State
'coordinated' patrols
Littoral State 'joint'
patrols
US Threatens to send
Troops to Malacca region
US puts pressure on
Indonesia - elections &
maintains arms embargo
IMOintroduced
Alarms on
Vessels >500 gt
Oil $45 /b
Oil Prices drop to a 12 year low at
$10/ barrel OPECf ails to cut
d ti
Oil Price increases
by 17%
9/11 Terrorist
attacks USA
Oil $30 /b
Oil $50 /b
Oil Facts & figures: http://www.atimes.com/atimes/Global_Economy/GE26Dj02.html / Asia Crises Information http://www.asiasociety.org/publications/update_crisis_ching.html / Shipping Info: http://www.imo.org/Newsroom/mainframe.asp?topic_id=476&doc_id=1339 /
http://www.mindef.gov.sg/cyberpioneer/backissuesoctnews.htm
Indonesia reduces poverty
through Industrial Employment
60% in 1970 to 14% in 1994, Sai
S.W. Latt (2007. P.62)
Allie War
on Iraq
US/ UK Af tganistan
Bombings
On 1/12/98 mandatory ship
reporting system& AIS Malacca &
Singapore Straits & new TSS
US Indonesian
military
restrictions lif ted
First The Indo-Sin
Coordinated
Patrols (ISCP)
Anti-corruption
Initiative Indonesia
Indonesia 26% rise
in Fuel, 30% Rise in
Basic Foods
Oil $130/b. Riots in
Countries, Protests
Indonesia. Fuel
Subsidies being
reduced Malay &
Indo
Figure 5: Plotted Key Events against IMB Piracy Reports 1991 2008 (1
st
Quarterly Report), Appendices 7,
and p.134
Through further review of these nodes it is proposed that the investigation process may allow for the redefinition
of either piracy or armed robbery as assigned under legal function. This is especially apt were it is established
that some of the nodes are acting as a barrier to the effective application of security functions.
Piracy what is it and what are the definitions?
What is Piracy?
Hitts (2000, p.6) suggests that Piracy in S.E.Asia was re-ignited in the 70s and 80s when S.E.Asia fishermen
grew desperate from economic problems as their once stable livelihoods became entwined with the boom-
bust global economy and also when there was an influx of Vietnamese boat people escaping from the Vietnam
conflict who became easy pickings while stories emerged of horrific vessel boardings involving robbing, raping
and killings.
Internationally it was recognised as an issue in 1958 when the Geneva Convention of the High Seas was adopted
by the international community. This was followed in 1982 when through the U.Ns International Marine
Organisation (IMO) the U.N Convention of Law at Sea (UNCLOS, 1998) and the issue of piracy was
established under article 101.
Piracy is defined in the 1982 United Nations Convention on the Law of the Sea, UNCLOS, Article 101 as
follows;
Piracy consists of any of the following acts:
(a) Any illegal acts of violence or detention, or any act of depredation, committed for private ends by the crew
or the passengers of a private ship or a private aircraft, and directed:
67
(i) On the high seas, against another ship or aircraft, or against persons or property on board such ship or
aircraft;
(ii) Against a ship, aircraft, persons or property in a place outside the jurisdiction of any State;
(b) Any act of voluntary participation in the operation of a ship or of an aircraft with knowledge of facts making
it a pirate ship or aircraft;
(c) Any act inciting or of intentionally facilitating an act described in sub-paragraph (a) or (b).
2 Armed robbery against ships is defined in the Code of Practice for the Investigation of the Crimes of Piracy
and Armed Robbery against Ships (resolution A.922 [22], Annex, paragraph 2.2), as follows:
Armed robbery against ships means any unlawful act of violence or detention or any act of depredation, or
threat thereof, other than an act of piracy, directed against a ship or against persons or property on board such
ship, within a States jurisdiction over such offences.
IMO (2008 p.2), Piracy Acts November Report, issued 11
th
January 2008
This definition does have an impact on how incidents are reported, and is especially relevant when considering
acts of boarding, violence and attack in international waters or Exclusive Economic Zones (EEZ) which are
categorised as piracy while incidents in states territorial waters such as Indonesia and Malaysia are categorised
as armed robbery.
Under Article 101 of the UN Convention of Law at Sea [UNCLOS] piracy is defined as an international crime.
The problem with the definition is that certain littoral states are reluctant to agree to the application of
international law in their sovereign waters and the inclusion of Armed Robbery which groups all marine crime.
(Beckman, 2002 p.320), in short it is their waters, therefore their problem, under their law.
It can be said that the law definition of armed robbery itself fails to adequately define incidents that occur in
territorial waters of a country and in turn this may be acting as a barrier to user and regional state initiatives. In
fact in considering that the types of incidents occurring in the main are not as IMO defined armed robbery in
its full context and this is a principal barrier to agreement. Dillon (2005, p.1) suggests that current definitions
also overlook corruption among port authorities and classify maritime terrorism together with reports of
dockworkers stealing cans of paint.
A more recent protocol offered, is the Suppression of Unlawful Acts against the Safety of Maritime Navigation
(SUA) 2005 this further clouds the issue of definition between terrorism and unlawful acts which in turn
amplifies the concerns of non-ratifying states. Beckman (2002 p.330) suggests the ratification by all countries
and application of the SUA Convention could be an;
important tool for combating major criminal hijacks in Southeast Asia. If all the states in Southeast Asia
were parties to the convention, and many are not, those persons who undertake actions in international waters
would be categorized as international criminals.
This may be true however both Indonesia and Malaysia have ratified UNCLOS they have not ratified the SUA
Convention 1998 or its update of 2005.
As Barrios (2004. p.1) highlights pursuit of pirates is requirement of all ratifying states under UNCLOS
however once the pirates enter a third parties or their own waters they then fall outside the jurisdiction of the
pursing party and the pursuit has to stop this is why joint initiatives are being pressed for in allowing agreement
to continue to pursue in to neighbouring waters. This function though is potentially superseded by the 2005
SUA convention, in effect removing sovereignty rights and allowing entry under the premise of terrorist
prevention (Hughes, 2004 p.8).
68
In reality the UNCLOS convention stills remains un-ratified by 37 of the world countries including the USA.
Also there are gaps in the law which would benefit from further qualification such as terrorism, kidnapping
and other broadly termed unlawful acts under SUA as well as that assigned to marine armed robbery itself.
In confirmation of codes and protocols narrowness of armed robbery definition, in 2005, IMB director Pottengal
Mukundan stated that the vast majority of attacks on ships in waterways [state] were opportunist, low-level
crimes (MIMA News Flash, p.11). Are these really armed robbery under the definition of the IMB? If an act of
violence occurs it could be termed armed robbery however most perpetrators are carrying tools for the purpose
of breaking and entry into the ships store or for cutting away a ships equipment such as a life raft.
Are these types of thefts were the perpetrator is armed with tools such as a crow bar or knife for the purpose of
breaking and entry or burglary not the same? Why doesnt the UK Home office report such incidents
separately, it can be assumed that their classification is termed as theft if not petty theft under the terms of
UK law. In this respect and if the same premise is assigned by non-ratifying states a similar opinion can be
drawn in that most of the incidents reported are petty in nature and therefore the definition overall is ineffective
in considering all the functions of crime that are played out.
Figure 6 provides an indication of the some of the barriers associated to full state ratification by S.E.ASIA states
of international law.State Barrier Treatment Outcome
Figure 6: Barriers to the ratification of SUA 1998 / 2005
So what are the real threats to Shipping?
S
U
A
R
a
t
i
f
i
c
a
t
i
o
n
R
a
t
i
f
i
c
a
t
i
o
n
S
t
a
t
e
SovereigntyIssuesin
cross border pursuits
OnlyencompassesPiracydoesnot
coverothermoredamagingmarine
i h ill l fi hi
MostincidencesofPiracy
[armedrobbery]arelowlevel
pilferingincidentscarriedout
Detentionofvesselsand
revertedcostrisktostateand
accusationofstatepiracy
JointStateInitiatives
BroadenIMO/SUA
Definitiontoinclude
th i i
BroadenIMO/SUA
Definitiontorecognise
thelowlevelcrime
BroadenIMO/SUA
Definitiontoinclude
othermarinecrimes&
terms of detention
SUA2005inessenceallowsa
ratifyingstatetoboarda
vesselsuspectedofunlawful
actspotentiallyinotherstate
waters(doesnotapplytonon
Unlikelytoberatifiedasthe
definitionofterroristor
unlawfulactisnotwell
defined.Inessenceallows
countriessuchastheUSA
unimpededaccesstoother
Stateswaters.Furthermore
h USA h if
SUA2005Protocol
Ratification
69
In comparing the volume of marine traffic using the Malacca straits and the number of incidents this establishes
a less worrying representation than one might expect, the attack rate is less than one percent. That is for every
62,000, approximate vessels sailing through the Malacca straits the vessel would have 0.01% of being attacked
even if this was equated to the high number of incidents noted in late 1990s it is still less than 1%. If we also
consider that the rate of traffic is predicted to increase and if the rates of attack remain the same the risk reduces
even further. A general representation of risk value based upon IMB Piracy reports over 17 years is provided in
figure 9 below:
Percentage Piracy Incidents based on 62000 Vessels Traversing Malacca Straits
0
0
.
0
1
1
%
0
.
0
1
8
%
0
.
0
1
9
%
0
.
0
6
1
%
0
.
0
4
5
%
0
.
1
2
1
%
0
.
0
5
2
%
0
.
0
2
6
%
0
.
0
2
7
%
0
.
0
0
3
%
0
.
0
0
2
%
0
.
0
0
0
%
0
.
0
0
5
%
0
.
0
0
3
%
0
.
0
0
5
%
0
.
0
0
8
%
0
.
0
1
1
%
0.000%
0.020%
0.040%
0.060%
0.080%
0.100%
0.120%
0.140%
1
9
9
1
1
9
9
2
1
9
9
3
1
9
9
4
1
9
9
5
1
9
9
6
1
9
9
7
1
9
9
8
1
9
9
9
2
0
0
0
2
0
0
1
2
0
0
2
2
0
0
3
2
0
0
4
2
0
0
5
2
0
0
6
2
0
0
7
2
0
0
8
(
M
a
r
c
h
)
%
Figure 9: Malacca traits actual and attempted Piracy attacks IMB Piracy Reports 1991 2008 (Quarter 1
report)
.
In considering that a high volume of incidents, 70%, were carried out when the vessel was not steaming and the
value assigned to most of the incidents could be termed as small, highlighted later, then to a large extent the
majority could be termed opportune pilfering incidents.
Out of the 245 attacks reported between January 1st 2005 and March 31
st
2008 in the Singapore, Malaysia and
Indonesia regions 193 incidents when actual boardings. 57% [110] of the reports indicated perpetrators were
armed, ninety nine of these reports actually detailed the types of arms used the majority of cases, knives were
the prominent weapon.
Piracy Research Definition
On basis of research and identification of interrelated nodes a general definition of Piracy and Armed Robbery is
offered in specific regard to South East Asia, and consideration of the barriers to acceptance in its present form:
- Piracy:
Piracy is defined in the 1982 United Nations Convention on the Law of the Sea (UNCLOS) (article 101) is in
the main adequate and should remain.
(a) Any illegal acts of violence or detention, or any act of depredation, committed for private ends by the crew
or the passengers or ship or a private aircraft, and directed:
70
(i) On the high seas, against another ship or aircraft, or against persons or property on board such ship or
aircraft;
(ii) Against a ship, aircraft, persons or property in a place outside the jurisdiction of any State;
(b) Any act of voluntary participation in the operation of a ship or of an aircraft with knowledge of facts making
it a pirate ship or aircraft;
(c) Any act inciting or of intentionally facilitating an act described in sub-paragraph (a) or (b).
The premise of pursuit by state into other countries territorial waters should continue to be made by previous
formal memorandum of understanding or ratification of agreement between the two states or groups. In doing so
this maintains the sovereign rights of the states in which its jurisdiction is held.
Armed Robbery is influenced by a number of nodes and therefore the IMO and IMB definition needs to be
expanded.
- Armed Robbery
Armed Robbery undertaken in a States waters whether the vessel is steaming, moored or berthed remains the
responsibility of the State in which its jurisdiction falls and should be prosecuted as per laws of that state in
which the unlawful acts occur. On this premise the following terms are provided as guidance to the states in
which the attack occurs. In any case in the event the vessel leaves states waters and enters international waters
the terms of Piracy are engaged and in doing so it is elevated to an International Crime.
- Serious Crime; The perpetrator(s) who may be a member of the crew or passenger, or other persons
who have externally boarded the vessel unless otherwise indicated.
a) Vessel Hijack is the taking control of a vessel and moves the said vessel through either
operation by the perpetrator(s) or by a crew or member of the public or state officer by means of threat of, or
actual violence whether the perpetrator is armed, or not in the pursuit of stored or transited goods, equipment,
monies or other financial gain including the theft of the vessel itself.
b) Armed Robbery against ships means any unlawful act of violence or actual threat of violence
against a member of the crew, public or state officer in the pursuit of stored or transited goods, equipment or
monies or other financial gain on a vessel which is berthed, steaming or moored in a states territorial waters by
the perpetrator(s). In the event of physical assault then the indictments should therefore be viewed in respect of
these additional events.
c) Kidnap against persons on ships whether they is berthed, steaming or moored in a states
territorial waters by the perpetrator(s). The perpetrator(s) may be a member of the crew or passenger, or other
persons who have externally boarded the vessel. Definition is provided in reference to Archbold 19-331 to 19-
348, under the UK Crown Prosecution Service, the general premise is provided in example only;
There are two elements to the offence:
removal of person(s) by another by force or threat of force
without the consent of the person so taken or carried away; lawful excuse.
71
The law further indicates that kidnapping will include or be followed by the commission of assault sexual or
aggravated or murder or attempted murder and the indictments should therefore be taken in review of these
additional events.
(CPS UK, Archbold 19-331 to 19-348)
d) Unlawful or False Imprisonment against persons on ships by the perpetrator(s). Definition is
provided in reference to Archbold 19-331 to 19-348, under the UK Crown Prosecution Service, the general
premise is provided in example only;-
False imprisonment . involving the unlawful and intentional or reckless detention of the victim. An act of
false imprisonment may amount in itself to an assault. If the detention was for the purpose of committing
another indictable offence, and such an offence was committed, a count for the substantive offence will usually
be enough
(CPS UK)
o Lesser Crime: The perpetrator(s) who may be a member of the crew or passenger, or other persons who
have externally boarded the vessel unless otherwise indicated.
a. Breaking and Entry by unlawful means by perpetrator(s) in the pursuit and actual
retention of stored or transited goods, equipment or monies or other financial gain without threat of violence or
actual harm to persons on a vessel which is berthed, steaming or moored in a states territorial waters
b. Trespass with intent by unlawful means by perpetrator(s) who are persons who have
externally boarded a vessel which is berthed, steaming or moored in states territorial waters, in the pursuit and
attempted retention of stored or transited goods, equipment or monies or other financial gain without actual
threat of violence or harm to persons on.
These definitions would allow more constructive assessment of crime types in regard to a States law compared
to those presently being assigned by both the IMO and IMB. This in turn may improve the reporting of
serious incidents by shippers and states, which currently deems the function of armed robbery as too broad in
that it encompasses all facets of the crimes being carried out. Further to this the basis of redefinition and
expansion of armed robbery will better support security functions as defined under ISPS in quantification of the
threat level and in doing so assign more effective mitigating controls.
In regard to the 2005 SUA convention in which the premise of entry to states waters on the basis of preventing a
terrorist act or were the vessel or persons on board is believed to be involved in such activities. Ratification
remains unlikely as it supersedes the UNCLOS statement of pursuit approval into territorial waters undermining
the states jurisdiction. The definition of terrorism or unlawful acts is not provided and this is cause for concern
as the premise of boarding or stopping a vessel is essentially made by the pursuing party.
Additional functions should also be applied in consideration of other marine crimes such as smuggling of states
goods, natural resources including fish, as well as people. To emphasize some of the disparity of the laws
attributed to piracy, the UK abolished corporal punishment was abolished through the ratification of the
European Unions Human Rights Convention. [hanging] in 1965, (Wildash, 2008 p.1) however it wasnt until
1998 that hanging for pirates
At present no regulation or suggestion on criminal penalties is provided under UNCLOS for piracy or armed
robbery, however UNCLOS does deter custodial sentence for illegal fishing and therefore any deterrence is
limited. This provides further clarification that the law of piracy and armed robbery should be adequately
defined but so should, smuggling, Illegal, Unregulated, Unreported fishing (IUU) and people trafficking under
the international community protocols which would clearly benefit from an overhaul. This would address some
72
of the barriers to ratification while provide recognition of the problems faced by some of the less developed
countries face. In turn terrorism the de rigeur word of recent age, must be defined without a clear definition it
has far reaching security, political and social consequences that could do more harm than good.
The ship in the water on the basis of statistics review is at much less risk of serious incident to what it has been
over the last eight years. In regards to low level incidents underreporting has been brought about by the actions
of the Lloyds war rating and the focus of external functions such as ASEAN, ReCAAP and IMB. Although on
the surface they can be seen as positive mitigating mechanism the focus and application has likely further
distanced Indonesia and Malaysia from open reporting in what are in the main low cost incidents that do not
warrant a grouping under a piracy premise. Countries like the UK do not differentiate between onshore and
offshore crime, yet littoral states are expected to. This is perceived by Littoral States to be an unfair application
of law that that does warrant the international interest that it receives.
A positive move would be the development of a more encompassing maritime crime protocol which recognises
other facets of marine crime, which are impacting on SLOC bordering States. If the perceptions of non-user
SLOC states in regard to marine crime are not considered in future protocols and codes then any proposal is
unlikely to receive effective ratification.
In conclusion, the concept of piracy under UNCLOS is the most useful in terms of legality however there are
clear weaknesses in regard both the modes and severity of attack required in providing assignment as an
international crime and even grouped under a terrorist banner as SUA does especially for state based water
incidents. When the majority can be termed petty at best, even breaking and entry and in some cases only
trespass with intent to steal. Therefore it is necessary to provide a more encompassing definition of marine
crime, which may remove barriers of ratification, however before this can be accomplished additional influences
and a clearer understanding of the threats need to be reviewed. This paper has suggested on area that could be
reformed with little difficulty.
REFERENCES
Alam N (2006) Chittsagong port dubbed most dangerous CPA Blasts IMB report for falsereport. The daily
news paper, New Age, retrieved 2/3/08 from
http://209.85.175.104/search?q=cache:ACbVTojA0yoJ:www.newagebd.com/2006/nov/02/front.html+C
Hittsagong+Bangladesh+Port+criticise+IMB+Piracy&hl=en&ct=clnk&cd=1
Anatara (2007) RI suffers $3 Billion losses due to illegal fishing-2007, retrieved 14/4/08 from
http://www.antara.co.id/en/arc/2007/5/30/ri-suffers-us-3-billion-loss-due-to-illegal-fishing/
Asian Business (2005) A whiff on New Money, The McGraw-Hill Companies Inc retrieved 15/5/08 from
http://www.businessweek.com/magazine/content/05_27/b3941061.htm
Australian Government Indonesia Fact Sheet (2007), Australian Government Department of Foreign Affairs and
Trade, Australia retrieved from 2/3/08 ww.dfat.gov.au/geo/indonesia/indonesia_brief.html
Bakorkamla (2006), Indonesian Maritime Security Coordinating Board (MSCB), retrieved 17/4/08 from
http://www.bakorkamla.go.id/tugasfungsi_eng.php)
Barker J (2003), No Nonsense Guide to Terrorism, New Internationalist Publications Ltd
Barrios (2004), Casting the Wider Net: Addressing the Maritime Piracy Problem in South East Asia. retrieved
2/2/08 http://www.bc.edu/schools/law/lawreviews/meta-elements/journals/bciclr/28_1/03_FMS.htm
Beckman (2002) Combating Piracy and Armed Robbery Against Ships
in Southeast Asia: The Way Forward, National University of Singapore,
www.southchinasea.org/docs/Beckman,%20Combatting%20Piracy%20and%20Armed%20Robbery.pdf
Cohen L, Manion L (2000) Research Methods in Education, 4
th
Edition, Publisher Rutledge, Section 13, P.27.
Ching (1999) Social Impact of the Regional Financial Crisis, Asia Society retrieved 1/6/08 from
http://www.asiasociety.org/publications/update_crisis_ching.html
73
ClassNK (2004) Guidance to the Provisions of Chapter XI-2 of the Annex of the Safety of Life at Sea as
Amended, ISPS Code Part B/Final/SOLAS/CONF_5/34, Nippon Kaiji Kyokai ship classification society
Japan retrieved 26/6/08 from
http://www.classnk.or.jp/hp/SMD/isps/pdf/Part_B_Final_CONF5_34_Eng.pdf
CPS UK (2008), Kidnap & False Imprisonment U.K Law, Archbold 19-331 to 19-348, Crime Prosecution
Service U.K retrieved 28/6/08 from
http://www.cps.gov.uk/legal/section5/chapter_c.html
CSCAP (2007), Council for Security Cooperation in the Asia Pacific, meeting of CSCAP in Jakarta retrieved
19/1/08 from www.cscap.ca/Malacca&SingaporeStrts_SG.html
Chua (1998) Marine Pollution Management in the Malacca/ Singapore Straits: Lessons Learned, U.N Regional
Programme for the Prevention and Management of Marine Pollution in the East Asian Seas, retrieved
15/4/2008 from d130148.u37.wsiph2.com/publications/icm/61MarPollMgt-Malacca-Singapore-
Straits.pdf
Dillon (2005) Maritime Piracy: Defining the Problem, senior policy analyst for Southeast Asia in the Asian
Studies Center at the Heritage Foundation. Retrieved 15/2/08 from
www.heritage.org/about/staff/DanaDillon.cfm
Douglas Westwood Associates (2005) UK, Global Oceans Market, retrieved 20/4/08 from
www.wtsh.de/wtsh/en/teaser/maritime_potenzialanalyse_engl.pdf
Douglas, Parsons, Rowley, Westwood (2002) Global Marine Market Westwood Associates, retrieved 2/3/08
from
www.tos.org/oceanography/issues/issue_archive/issue_pdfs/14_3/14.3_westwood_et_al.pdf
Eklf (2005) Piracy in Southeast Asia: Status, Issues, and Responses. Singapore: International Institute of Asian
Studies retrieved 15/1/08 from www.iias.nl/nl/40/IIAS_NL40_29.pdf
Emmers, (2007) Comprehensive Security and Reslience in Southeast Asia: ASEANs Approach to Terrorism and
Sea Piracy. S.Rajaratnam School of International Studies Singapore retrieved 20/5/08 from
www.idss.edu.sg/publications/WorkingPapers/WP132.pdf
Fadli, (2008) Pollution in Batam Keeps Fishermen inshore Jan 2008, Jakarta Post retrieved 10/4/08 from
http://cempaka-marine.blogspot.com/2008/01/pollution-in-batam-keeps-fishermen-on.html
Frecon (2006) Pirates Set the Straits on Fire, Covering Maritime Piracy in S.E. Asia, Konrad Adenauer
Foundation Singapore, Kuala Lumper 13-15 July 2006, retrieved 15/5/08
www.kas.de/wf/doc/kas_10478-544-2-30.pdf
Gatsiounis (2004) Malacca Strait: Target for terror, Asia Times. Retrieved 17.5.08 from
http://www.atimes.com/atimes/Southeast_Asia/FH11Ae02.html
Guerin (2003) Indonesia-Singapore Gap More Than Just Number, Asia Times, retrieved 10.4.2008 from
http://www.atimes.com/atimes/Southeast_Asia/EF27Ae03.html
Greenless (2007) Indonesia and Singapore sign two landmark treaties International Herald Tribune,, retrieved
14.4.08 from http://www.iht.com/articles/2007/04/27/asia/indo.php
Gwinn (2007) Dark Passage The Strait of Malacca. Pirates haunt it. Sailors fear it, Global trade depends on it.
National Geographic Magazine, retrieved 10/4/08 from
http://ngm.nationalgeographic.com/2007/10/malacca-strait-pirates/pirates-text
74
Hand (2004) Six Tub boat Crew Taken Hostage in Malacca Attack, Lloyds List Singapore retrieved 21/6/08
from http://209.85.175.104/search?q=cache:7-
jgZM4HVokJ:www.seasia.com.sg/base/newsletter/seawatch_novdec2004.pdf+Japan+stops+piracy+fund
ing+to+Indonesia+ReCAAP&hl=en&ct=clnk&cd=8
Heideloff (2007) Institute of shipping economics and Logistics, retrieved 16.5.08 from
http://www.isl.org/products_services/publications/pdf/COMM_1-2-2007-short.pdf
Hitts (2000) Bandits in the Global Shipping Lanes, New York Times retrieved from 1/6/08
http://query.nytimes.com/gst/fullpage.html?res=9B05E3DE1E3FF933A1575BC0A9669C8B63
Hotland (April 2008), China relations almost in honeymoon state: Sudrajat, Jakarta Post Indonesia retrieved
14/4/08 purchased newspaper
Hughes (2008) Controversy over Amending Vital Anti-Terror Treaty, Seasia Network News Letter, Singapore,
retrieved 22/6/08 from
http://209.85.175.104/search?q=cache:7-
jgZM4HVokJ:www.seasia.com.sg/base/newsletter/seawatch_novdec2004.pdf+Japan+stops+piracy+fund
ing+to+Indonesia+ReCAAP&hl=en&ct=clnk&cd=8
Informa Asia (2004) International conspiracy to talk up terror threat, Mima Malaysia, retrieved 18/4/08 from
http://www.mima.gov.my/mima/htmls/mimarc/news/newsflash_files/news-cut/july04.htm
IMB Piracy Reports 2000 2008, retrieved in correspondence of IMB through the ICC, retrieved 24/4/08 from
http://www.icc-ccs.org/prc/piracyreport.php
IMO (2008) Reports on Acts of Piracy and Armed Robbery Against Ships, International Maritime Organisation,
Issued monthly Acts reported during November 2007, issued 11/1/08 retrieved 15/5/08 from
www.imo.org/includes/blastData.asp/doc_id=8915/112.pdf
ISPS (2004) International Ship and Port Facility Security, FindLaw Australia, retrieved 27/6/08
http://www.findlaw.com.au/articles/default.asp?id=8924&site=CN&task=read
Jakarta Post (2007), Batam Authority to Cooperate with BNI [Bank] on port transactions. Retrieved 15/4/08
from old.thejakartapost.com/yesterdaydetail.asp?fileid=20070205.G03
Jones (2007) LMA: Marine Piracy Threat Likely Under-Reported, AMBest, retrieved 28/3/08 from
http://www.zibb.com/301.aspx?a=1690034&h=LMA%3a+Marine+Piracy+Threat+Likely+Under-
Reported
Kydo (2005) Japanese Crew Kidnapped during Piracy Attack, Kydo News International, retrieved 19/4/08 from
www.findarticles.com/p/articles/mi_m0WDQ/is_2005_march_21/ai_n123458273
Law Group (2005) Ship Boarding: An Effective Measure Against Terrorism and WMD Proliferation, A
summary of the discussion of International Law Group Chatham House UK. Retrieved 22/6/08 from
http://www.chathamhouse.org.uk/publications/papers/download/-/id/318/file/3288_ilp241105.doc
LTIFR (2008), Lost Time Incident Frequency Rate, Department of Consumer and Employment Protection,
Australia retrieved 22/6/08 from
http://www.docep.wa.gov.au/worksafe/Content/Services/Facts_and_figures/Frequently_asked_questions.
html#5.%20How%20do%20I%20calculate
75
Liss (2006) The Privatisation of Maritime Security: Maritime Security in Southeast Asia: Between a rock and a
hard place. BISA Conference retrieved 15/4/08 from http://japanfocus.org/products/details/2444
Liss (2005) Private Security Companies in the Fight Against Piracy in Asia, Murdoch University Australia
retrieved 26/6/08 from http://wwwarc.murdoch.edu.au/wp/wp120.pdf
Marisec (2004) Value of Volume of World Trade by Sea, The Round Table of International Shipping
Associations, retrieved 22/5/08 from http://www.marisec.org/shippingfacts/worldtrade/volume-world-
trade-sea.php
MEH (2006), Marine Electronic Highway Gets Green Light, Seatradeasia, retrieved 13.4.08 from
http://seatradeasia-online.com/news/338
Morada (2006) Regional Maritime Security Initiatives in the Asia Pacific: Problems and Prospects for Maritime
Security, 1
st
Berlin Conference on Asia Security. Retrieved 20/5/08 from http://swp-
berlin.org/common/get_document.php?asset_id=3562
Model National Law (2005) The Model National Law on Acts of Piracy and Maritime Violence [draft], Comit
Maritime International (CMI), 1st Redraft 19-1-06[1].doc. Retrieved 14/ 12/2007 from
http://72.14.205.104/search?q=cache:fTNQm_XZlZAJ:www.mlaus.org/archives/library/997.doc+model
+law+piracy&hl=en&ct=clnk&cd=16&gl=sg
Osnin (2006) Private Maritime Security Company (PMSC) In The Strait of Malacca: Options for Malaysia,
Centre for Ocean Law and Policy
Maritime Institute of Malaysia, retrieved 17/5/08 from
http://www.mima.gov.my/mima/htmls/papers/pdf/apandi/pmsc%20in%20som%20-%20wmu%20jma.pdf
Piracy Incidents Vs Key Events, information and statistics retrieved 1/6/08 & 3/6/08 respectively from:
1) Oil Facts & figures: http://www.atimes.com/atimes/Global_Economy/GE26Dj02.html
2) Asia Crises Information http://www.asiasociety.org/publications/update_crisis_ching.html Shipping
Info: http://www.imo.org/Newsroom/mainframe.asp?topic_id=476&doc_id=1339
ReCAAP (2006), COMBATING PIRACY AND ARMED ROBBERY AGAINST SHIPS IN ASIA
- RECAAP, retrieved 1/3/08 from
http://app.mot.gov.sg/data/ReCAAP%20factsheet%20_Nov06_%20%5BFINAL%5Das%20of%2028110
6.pdf
Sahni (2002) South East Asia Cargo Theft: Better Organized, More Lethal published in Pinkerton Global
Intelligence Services, August 30, 2002. Retrieved 15.4.08 from
http://www.satp.org/satporgtp/ajaisahni/Pink300802.htm
Sato (2007) Southeast Asian Receptiveness to Japanese Maritime Security Cooperation, Asia-Pacific Center for
Security Studies http://www.apcss.org/Publications/Maritime%20security%20cooperation%20Japan-
SE%20Asia%20Sato.pdf
Sjaastad (2005) Southeast Asian SLOC and Security Options, IDSS-NUPI
Public Seminar on Maritime Security in Southeast Asia Institute of Defence and Strategic Studies,
Singapore. Retrieved 29/2/08 from
http://www.ntu.edu.sg/rsis/publications/conference_reports/NUPI%20PubSeminar.pdf
Secure Marine, (2003), Primer: Piracy in Asia, U.S. Pacific Command's Strategic Planning and Policy
Directorate USA, retrieved 1/6/08 from http://www.secure-marine.com/piracy_update.pdf
76
Sipalan (2008) Fuel Subsidy: Govt studying options, New Straits Time, retrieved 1/6/08
http://www.nst.com.my/Current_News/NST/Wednesday/Frontpage/2251991/Article/index_html
SOLAS Convention (2003), Australia Joint Committee on introduction of SOLAS & ISPS code. Retrieved
25/6/08 from http://www.aph.gov.au/house/committee/jsct/SOLAS/report/chapter2.pdf
The Mariner Group (2004) Oil Spill History, Mariner Group Norway, retrieved 1/6/08 from
http://www.marinergroup.com/oil-spill-history.htm
Tkacik (2006), Hedging Against China Heritage Foundation Backgrounder, retrieved 5/5/08 from
ww.heritage.org/Research/AsiaandthePacific/upload/96070_1.pdf.
UNCLOS (1998) United Nations Convention on the Law of the Sea, 1998, retrieved 2/2/08 from
www.un.org/Depts/los/convention_agreements/texts/unclos/unclos_e.pdf
Vaughn (2007) U.S. Strategic and Defense Relationships in the Asia-Pacific Region, Analyst in Southeast and
South Asian Affairs, Congressional Report Service USA, retrieved 1/3/08 from
http://www.fas.org/sgp/crs/row/RL33821.pdf
Waizenegger (2007) Armed Separatism and the 2004 Tsunami in Aceh, Asia Pacific Foundation of Canada,
retrieved 25/5/08 from http://www.asiapacific.ca/analysis/pubs/pdfs/commentary/cac43.pdf
Wildash (2008) Remarks by British High Commissioner on the death penalty, British High Commissioner
Lilongwe, retrieved 8/7/08 from
http://www.britishhighcommission.gov.uk/servlet/Front?pagename=OpenMarket/Xcelerate/ShowPage&
c=Page&cid=1145899677157&aid=1203956055983
COPYRIGHT
Bill Bailey and P. Kevans 2008. The author/s assign Edith Cowan University a non-exclusive license to use
this document for personal use provided that the article is used in full and this copyright statement is
reproduced. Such documents may be published on the World Wide Web, CD-ROM, in printed form, and on
mirror sites on the World Wide Web. The authors also grant a non-exclusive license to ECU to publish this
document in full in the Conference Proceedings. Any other usage is prohibited without the express permission
of the authors.
77
The use of red teaming in the corporate environment: A study of security management,
vulnerabilities and defence
Greg Lane
GHD Pty Ltd
David Brooks
SECAU Security Research Centre
Edith Cowan University
Abstract
This study explored the use of red teaming within the Western Australian mining sector. Red teaming is the
formation of a team of experts with the goal of attacking a companys infrastructure, with permission to find
flaws and weaknesses in their security. A series of interviews were conducted with security professionals within
the mining sector to gauge the level of red teaming knowledge and to investigate the current security red
teaming practices. The study interviews demonstrated a lack of security testing within the mining industry.
However, the interviews indicated that companies would find value in using red teaming exercises to evaluate
the level of security in their current systems, in particular, security vulnerabilities. Furthermore, the intention of
this study was to provide foundation information regarding red teaming. This approach allowed the
development of a proposition to focus on the introduction and use of the red teaming methodologies within the
corporate security environment. Such a proposition allows an interpretive inquiry to develop, test and measure
a corporate red teaming model.
Keywords
Red teaming, vulnerability assessment, security audit, war gaming
INTRODUCTION
The Western Australian resource sector is currently booming, with millions of dollars invested into the sector
for new exploration projects and mine sites to capitalise on the valuable minerals beneath the surface. It is vital
for the security considerations of both new and existing sites to be taken seriously, not only to protect the
valuable assets but also to ensure the safety of the personnel onsite. Red teaming methodologies provide a way
to assess the effectiveness of the current security measures and identify potential weak points that expose
possible avenues of attack.
The concept of red teaming is far from new. It has been used (under that name or others) in government,
military, and civilian circles in a variety of contexts and in the business world, red teaming usually means a
peer review of a concept or proposal. In government circles it is normally
associated with assessing vulnerabilities of systems or structures, especially within the informationwarfare
arena (Malone, & Schaupp, 2002). As Malone and Schaupp describe, the use of red teaming has a long history
in the military and ultra high security government applications. A view supported by White and Conklin, who
stated that emergency service organisations and the military frequently use exercises to test how their personnel
will react to specific situations (2004). Red teaming is also used in the military, as the US Department of
Defence (DoD) typically use red teams in force on force exercises, in which attackers (red team) go toe-to-toe
with defenders (blue team) (White & Conklin, 2004). However, there is a growing trend for companies to use
red teaming as a part of an extensive risk management process.
Many authors believe that red teaming, which is the practice of attacking systems to better understand how to
defend them is a necessary practice (Ray, Vemuri & Kantubhukta, 2005). Red teams allows a company to gain
a greater understanding of exposure to vulnerabilities and how critical known threats may assessed. This
approach to risk mitigation allows internal processes to be developed to deal with such security incidents. The
American Defence Science Board Task Force stated that Red Teaming deepens understanding of options
available to adaptive adversaries and both complements and informs intelligence collection and analysis
(Defence Science Board Task Force, 2003).
78
BACKGROUND OF THE STUDY
In 2005-06 the value of Western Australias Mineral and Petroleum industry reached $43.2 billion. In this
period the Department of Industry and Resources reported that Western Australia hosted 560 commercial
mineral projects, which had a total of 1222 operating mine sites (Department of Industryand Resources, 2006).
Due to the remote nature of the mining operations, the security within this sector can sometimes be overlooked.
This study investigated the use and knowledge of red teaming methodologies, and if they have a place in the
security planning and auditing process within the Western Australian resource sector. Structured interviews of
practising mining or allied industry security managers were used to respond to prescribed research questions.
Interviews allowed richer data to be gathered, gaining a greater insight into the use and understanding of red
teaming.
RED TEAMING
Red teaming is not a new concept; it has been used in many forms over the years, typically in high security
applications such as the military. By definition and purpose, the Red Team takes an attacker like approach to
testing security (Peake, 2003). The United States military has been using red teaming for security testing and
auditing for some time. Military testing has used red teaming methodologies to evaluate the security for various
high security installations, such as nuclear power plants and other key infrastructure sites. Generally red teaming
exercises include a red team who play the attackers, and a blue team who take the role of the defenders. These
teams will participate in an exercise which attempts to simulate an actual attack (White & Conklin, 2004).
However in the business world, red teaming usually refers to a peer review of a concept or proposal, and in
government circles it is generally associated with the investigation of vulnerabilities of systems of structures,
especially in the IT arena. (Malone & Schaupp, 2002, p. 2). In some larger international corporations with
critical national infrastructure, red teams are used to emulate the methods and procedures of enemy hostile
intelligence or rival competitive intelligence services. These teams utilise a mock program to test their
companies internal security systems (Helms, Ettkin, & Morris, 2000, p. 129).
The Seattle Police Department has bee utilising red teaming exercises in both small and large scenarios for a
number of years, including exercises such as the 2003 TOPOFF2, 2005 Marine Terrorism Response Exercise
and the 2005 TOPOFF3 full scale exercise in Connecticut. They have stated that employing red team
techniques is a major initiative in the intelligence and warning mission area (Meehan, 2007). Meehan separates
red teaming activities into two major categories, analytical red teaming (passive) and physical red teaming
(active).
The following eleven steps combine to form the basic structure of the red teaming process:
Determine the objectives of desired results
Communicate with government and private partners
Determine the scale and type of exercise, the type of scenario, the method of evaluation, and
the documentation plan
Develop the scenario
Identify and train the appropriate participants
Conduct and evaluate the exercise
Prepare thorough documentation
Evaluate the performance
Develop the improvement plan
Make the required and desired improvements
Exercise again
(Meehan, 2007)
79
However, in recent years the information technology sector has been increasingly employing the use of red
teaming methodologies to test the security of IT systems, computer servers and their Internet presence. Often
called penetration testing, a company can use internal staff or employ an external entity to attempt to break into
their systems. The importance of penetration testing in a networked environment is explained further by
Budiarto, et al, the best way of ensuring that the system is secure is to attempt penetration testing. This would
be the most effective way to find exploits and to proof whether a system is vulnerable (Budiarto, Ramadass,
Samsudin, & Noor, 2004, p. 563).This vulnerability evaluation helps expose flaws and oversights, in an effort to
increase the overall system security.
Risk and risk management have always been an important consideration in a companys planning process, both
in terms of normal operations and security. Moreover, there has been a growing trend in the use of professional
risk management planning and tools with standards, such as the risk management standard AS/NZS4360:2004.
This standard defines a risk management process and considers, in depth, how it can be employed in the
companys own internal risk processes. The risk management process assists the company to identify the risks
that it may be exposed too and attempts to define a process that can mitigate these risks, usually through security
measures to protect the company and its interests. Duncan suggests that "The risk management audit is a
primary method used to review the effectiveness of the companys risk management functions. (Duncan, 1991,
p.48). Red teaming offers a process that can be used to audit a companys security process and in addition,
report on the effectiveness of the risk management procedures that are currently in place. The use of red teaming
within the corporate environment has been difficult to gauge due to the very limited literature on the subject.
However there is now appears to be a growing trend for companies to use red teaming as a part of an extensive
risk management process. This study set out to discover if red teaming was currently being used within the
Western Australian resource sector and investigates the level of knowledge that security professionals have on
this topic.
FINDINGS
When the research topic was first proposed, several research questions were put forward in regard to red
teaming within the Western Australian mining sector. These research questions considered the level of red
teaming knowledge within the sample group, the application and acceptance of red teaming within the West
Australian mining sector and whether the industry could benefit from such a security approach. Through the use
of structured interviews with security professionals, the research questions were addressed, standardised semi-
structured interviews determine the exact wording and sequence of the questions in advanced and all
interviewees are asked the same basic questions (Cohen et al., 2007, p. 353). The results of these interviews
show a wide variance in the level of knowledge relating to red teaming methodologies and vulnerability
assessments. Additionally the research showed a general lack of post installation security testing within the
industry in general. This is further supported by Furnell and Papadaki, who state that Testing readiness is a
standard practice in other contexts (e.g. fire safety drills, military defence exercises), as it is recognised that one
cannot wait for an incident to occur in order to determine the level of preparedness. (Furnell & Papadaki, 2008,
p. 11).
Understanding red teaming
The level of knowledge of red teaming that the security professionals in the resource sector had was generally
very limited. While most had some academic knowledge of red teaming, this had rarely been applied and their
knowledge appears to have a close similarity to prominent articles available in popular journals. Their
knowledge tended to be generally focused on red teaming in terms of defence and penetration testing in an
information technology environment. Due to the academic levels of the people interviewed, it may be possible
that the red teaming knowledge was gained through academic pursuits and therefore would be limited by the
available literature. The literature on red teaming is generally lacking and tended to be focused on activities by
the United States Defence Force in testing security to key high security government assets. While these articles
do contain important information on the structure of a red teaming exercise, have the benefit of being refined
over decades of use and studied by the people who are directly involved with their execution, they do not
directly relate to the use of red teaming in a corporate environment. Only one of the people interviewed had any
direct knowledge of red teaming within a corporate environment and specifically within the resource sector.
80
While this knowledge related directly to one of the research questions, its value was somewhat diminished as no
particular model was used. When questioned further regarding this, it was discovered that for each exercise a
plan was developed according to the scope of the project being undertaken. While this may prove beneficial,
when a security professional is performing the exercise who has a good depth of experience upon which they
can draw to develop a red teaming methodology to suit there is a potential for introduced flaws that may cause
a bias in the results and generally reduce the quality of the exercise. These biases may take the form of the
security professionals opinions, previous experiences in similar situations or their own unique evaluation of the
issues being dealt with. The support of upper management was expressed as a key concern in all interviews. It
was discussed that the red teaming exercise needs their support so that security staff and managers who may
have implemented security measures in the past do not affect the results. Eckert has investigated the reluctance
of upper management to perform these tests and stated businesses are reluctant to discuss security gaps they
discover in their systems, fearing it may expose them to liability (Eckert, 2002).
The concern was raised that a red teaming exercise may show dramatic weaknesses in the security currently in
use. If staff who are responsible for this security are directly involved, they may attempt to control the red team
process especially in the case of dramatic failures in security. This concern is also raised by Lodal and Shinn,
they recognise that this can sometimes be a difficult process. They suggest that The real challenge for the Red
Team is not architecture or technology, however. It is getting political leadership to break the bureaucratic rules
and move fast in order to plug the security threat (2002, p. 6). Several of the interviews with security
professionals who had academic knowledge of red teaming, described it as a structured methodology with a
combination of management planning, design and technology, as well as a specialised technical form of brain
storming. From these descriptions it is apparent that they consider red teaming primarily as a desktop activity
focusing on a study of facilities or assets, and proposing possible angles of attack with a physical exercise either
excluded completely or forming only a small component of the project. While this may be a valid methodology
in assessing the security of a facility or asset, it appears to be very similar to a typical vulnerability or risk
assessment with the possible inclusion of a small demonstration upon the conclusion of the project. It lacks the
ability to test the actual implementation of the security hardware, policies and procedures, as well as testing the
response to a possible breach.
Application of red teaming
The use of red teaming within the Western Australian mining sector appears to be minimal to nonexistent, with
only one of the interviewees having any knowledge of red teaming ever being used. The security professional
interviewed that did have knowledge of red teaming being used in the sector, advised that its use was minimal
and typically was only being used on assets with very high monetary values. It was also noted that the use of red
teaming was highly dependent on the attitudes of management and the experience of the security professional.
Exploring this further, it appeared that even when red teaming was employed, it took the form of a desktop
study with some practical demonstrations upon completion to allow the client to visualise the weaknesses.
While this may be effective, it does tend to have more in common with a typical vulnerability assessment then a
strict red teaming exercise. To explore the level that vulnerability assessments are used and to help gauge the
level of security testing that is currently in place, the security professionals interviewed were queried on their
experiences performing vulnerability assessments within the mining sector. Vulnerability assessments were
considered of high importance by all security professionals interviewed, with an emphasis placed on the
physical and procedural aspects of security as the key areas in which they are used. Other areas that were
considered important included personnel and, health and safety, as they were considered closely linked with the
security function. All of the security professionals expressed the opinion that testing of security in place was, in
general, rare in typical operations and was only brought about as part of an audit process. If an incident occurred
or there was a redevelopment that could directly effect the level of security or the security functions in place.
This view did divert from the topic of red teaming to some extent, nevertheless, it was important to note the
general lack of security testing within the industry. While the comments of the security professionals may be
affected by self marketing, it does express the importance of testing a security solution once it had been
implemented.
81
Acceptance of red teaming
The next phase of the research was to attempt to ascertain the level of acceptance that a company operating
within this mining sector would have to the inclusion of red teaming as part of their security process. As part of
this process, each interviewee was shown a copy of the Sandia National Laboratories Information Design
Assurance Red Team (IDART) methodology for red teaming. They were asked their opinion on both the
functionality of the IDART model and if they believed that it could be employed within the industry. It was
noted that the model has similarities to the intelligence cycle known to most intelligence professionals and that it
broke down the discovery of vulnerabilities into logical steps. While it did have some weaknesses and
omissions, the consensus was that it did have a place within the industry, however perhaps not in its current
form. This view was due to some reservations on the flexibility of the model to adapt to some situations and it
appeared to focus on security within the information technology industry. It was suggested that it may have
some issues adapting to the testing of a physical security solution. These opinions appeared to be held by the
security professionals with a high level of experience in actually performing testing within the industry. Some of
the security professionals interviewed with less general experience or less direct experience within the industry
tended to be more receptive to the Sandia model and held a greater regard for its usefulness. While there were
some reservations, it was generally believed that the industry would be receptive to a red teaming model to test
security initially for high monetary value assets. It appeared that with the appropriate model, marketing and
pricing structure, it could be expanded to include assets of a high value that may not necessarily have a high
monetary cost. This approach would allow smaller operations to have the benefit of testing the quality of their
security without the high costs normally associated with doing so.
Benefits of red teaming
The final question posed was if security professionals could benefit from a red teaming approach. It was
accepted by all of the professionals interviewed that red teaming could be of great value to the industry if it was
presented correctly and within the right context. It was noted by all participants that security was generally not
tested once implemented, with the possible exception of a walkthrough test on an electronic intruder detection
system. In addition, that the true level of security afforded by the system is based solely on the experience and
assessment of the security specialist implementing it. This approach presented some danger to the company
implementing the solution, who in general relied on outside contractors and security specialists to recommend
security solutions based on known threats. Any weaknesses left in the companys security by these security
specialists will likely not be discovered until they are defeated or possibly where other security specialists are
brought in and identify them. It is important to note that other than the Sandia model no other red teaming
methodologies were presented to the security consultants and their responses regarding the proposed model
were only based on a short reading during the interview. However, there was a clear opinion by all security
professionals that value would be found in further exploring the red teaming model and refining it to provide a
baseline methodology that could apply to the Western Australian resources sector.
PROPOSITION
The study has raised the need for further research to consider the use of red teaming within a corporate security
environment. The industry security professionals interviewed during this study expressed an interest to further
develop a corporate red teaming model. The proposed study seeks to further investigate the prevalence of red
teaming within the corporate environment and will endeavour, with the assistance of industry professionals, to
develop a peer reviewed red teaming model specifically designed for the corporate environment. Case studies
will then be performed to test such a model in real world situations. These case studies will be analysed and
reviewed, with the assistance of industry security professionals, to measure the effectiveness of the proposed
model. From where the model will be further developed and refined for general use by corporate security
managers and staff.
CONCLUSION
The study has shown a low level knowledge and use of red teaming amongst the security professionals
interviewed. Nevertheless, there appeared to be a high level of interest in the possibilities that red teaming
represents. This lack of knowledge appears to have come about due to a general lack of security testing within
82
the industry, illustrating a potentially vulnerability. Such vulnerability is an important consideration, as
organisations are relying on security solutions implemented by their security professionals. While the security
professionals are relying on their experience and perhaps past incident reports in recommending and
implementing security solutions, there remains the possibility that previously unknown vulnerabilities may be
exposed, negating other security measures. In using a red teaming exercise it was agreed that security solutions
could be analysed in greater depth, allowing for a better understanding of the security implemented, the
processes involved and the multiple levels of security employed. This in turn would allow for the vulnerabilities
to be brainstormed and tested as per the red teaming processes. While it was found that red teaming is not
currently used within the mining sector to a great extent, it was agreed that red teaming has a place, given
correct marketing to ensure that it is properly understood. While there is some concern over the perceived high
costs involved in performing a red teaming exercise, the repetition within the same environment over several
years could dramatically reduce such costs. One of the primary concerns in the development of a red teaming
methodology is that it needs to be broad enough to be able to adapt to different situations, while still providing a
process that can be used by the project manager to clearly define the stages of the red teaming exercise. With
this in mind, it is important to note that one of the key challenges of red teaming may not be the process itself,
but convincing upper management of the value in using this technique to test their risk mitigation strategies.
REFERENCES
AS/NZS 4360:2004. Risk management. Sydney: Standards Australia.
Budiarto, R., Ramadass, S., Samsudin, A., & Noor, S. (2004). Development of penetration testing
model for increasing network security. Paper presented at the International Conference on
Information and Communication: From Theory to Applications, Syria.
Cohen, L., Manion, L., & Morrison, K. (2007). Research Methods in Education. New York:
Routledge. Defence Science Board Task Force. (2003). The role and status of DoD red teaming
activities. Washington: DSB.
Department of Industry and Resources. (2006). Western Australian mineral and petroleum statistics
digest. Perth: AGPS.
Duncan, C. (1991). Risk Management Audits set Directors Minds at Ease. Risk Management, 38(8),
48-51.
Eckert, T. (2002). U.S. red teams think like terrorists to test security. Copley News Service,
Retrieved October 14, 2007 from
http://www.signonsandiego.com/news/nation/terror/20020820- 9999_1n20redteam.html
Furnell, S., Papadaki, M. (2008). Testing our defences of defending our tests: the obstacles to
performing security assessment references. Computer Fraud & Security, 2008, (5), 8-12.
Helms, M., Ettkin, L., & Morris, D. (2000). Shielding your company against information compromise.
Information Management & Computer Security, 8(3), 117-130.
Lodal, J., & Shinn, J. (2002). Red-teaming the data gap. Council on Foreign Relations. Retrieved
October 14, 2007 from
http://www.cfr.org/publication/8668/redteaming_the_data_gap_a_cfr_paper.html
Malone, T., & Schaupp, R. (2002). The Red Team forging a well conceived contingency plan.
Aerospace Power Journal, 16(2), 22-33.
83
Meehan, M. (2007). Red teaming for law enforcement. The Police Chief, 74(2).
Peake, C. (2003). Red teaming: The art of ethical hacking. SANS Institute. Retrieved October 14, 2007
from http://www.sans.org/reading_room/whitepapers/auditing/1272.php
Ray, H., Vemuri, R., & Kantubhukta, H. (2005). Towards an automated attack model for red teams.
IEEE Security & Privacy, 3(4), 18-25.
White, G., & Conklin, A. (2004). The appropriate use of force-on-force cyberexercises. IEEE Security
& Privacy, 2(4), 33-37.
COPYRIGHT
Greg Lane and David Brooks 2008. The author/s assign Edith Cowan University a non-exclusive license to
use this document for personal use provided that the article is used in full and this copyright statement is
reproduced. Such documents may be published on the World Wide Web, CD-ROM, in printed form, and on
mirror sites on the World Wide Web. The authors also grant a non-exclusive license to ECU to publish this
document in full in the Conference Proceedings. Any other usage is prohibited without the express permission
of the authors.
84
Title: Freedom Fighters or Terrorists by another name?
William Bailey
SECAU Security Research Centre
Edith Cowan University
Adam McGill
School of Engineering
Security Science
Edith Cowan University
Abstract
The term terrorism has been over-used in recent history. This has led to the term losing some of value as its
meaning has been altered. This essay will refute the statement that freedom fighters are but terrorists of a
different name. It will be argued that there are certain actions and practices that separate the two. Performing
these behaviors will cause a group to fall under either one heading or the other. Defining Terrorism has been a
challenge in recent history. Early usage of word stems from the writings of Russian Revolutionaries, modern
day definitions have changed somewhat from these early beginnings. The term freedom fighters first emerged in
British controlled Palestine with creation of the group Freedom Fighters for Israel. Differentiating between
freedom fighters and terrorists involves the identification of a number of issues including; who has the right to
label activist groups, the requirement of popular support, freedom as a primary goal, their targets and areas of
operation. Included within this paper will be an examination of the IRA which aims to isolate and identify
changes in behaviours that lead to a group shifting its focus from freedom fighting to terrorism. It is certainly
possible to evaluate a group by its actions and goals and categorize it as either a terrorist group or freedom
fighters.
The term terrorism has been over-used in recent history. Its definition has been stretched, moulded and shaped
by the political context. This has led to the term losing its value and meaning. In effect it has become a catch-
all word used for purposes beyond a descriptor for a particular type of behaviour. This paper will refute the
statement that freedom-fighters are but terrorists of a different name, and will also argue that there are certain
actions and practices that separate the two and will cause a group to fall under either one or the other heading.
To construct this argument a clear definition of terrorism must be identified along with a clear definition of a
freedom-fighter. Factors which influence whether a group is labelled as a terrorist or freedom fighter will be
explored. Finally a case study and its participants will be examined and, through a discussion of their actions, be
categorized as either terrorists or freedom fighters.
DEFINITIONS
Terrorism
Defining terrorism has been a challenge in recent history. Early usage of word stems from the writings of
Russian Revolutionaries and Anarchists at the end of the 19th century. Bakunin includes terrorism, along with
Revolution and banditry as methods of challenging the superiority of the state. In fact Bakunin states that in the
course of revolution, opponents will cast them as terrorists in order to denigrate their cause (Bakunin, 1869).
Morozov, another Russian writer, would describe the tactics of the day as a new form of revolution namely
Terroristic Revolution Morozov included acts of violence against the state, including political assassination, as
terrorism. (Morozov, 1880). What is considered terrorism in the modern day has changed somewhat from these
early beginnings. Recent writings have described terrorism as;
85
serious, violent, criminal act[s] intended to cause death or serious bodily injury that occur outside an armed
conflict for a political, ideological, religious, or ethnic purpose and that are intended to create extreme fear with
the goal of intimidating a population or unduly compelling a government (Saul, 2006, p. xxxiii)
Wilkinson (cited in Barnaby 2007, pp. 207-208) describes terrorism as coercive intimidation. It is the
systematic use of murder and destruction, and the threat of murder and destruction, in order to terrorize
individuals, groups, communities or governments into conceding to the terrorists political demands. Current
Australian legislation describes terrorism as; an action or threat of action made with the intention of advancing a
political, religious, or ideological cause and, the action or threat of action is done with the intention of coercing,
or influencing by intimidation, the government of the Commonwealth including state and territories or foreign
country or, intimidating the public or section of the public. Included in the definition of an action are such things
as causing serious harm, injury, death, endangerment, serious risk to healthy and safety, disruption of electronic
and financial systems, damage to property (Australia, 2002). This becomes a catch all definition that may well
prove to be too general for it to achieve the desired aim; successful application in the courtroom.
There are subtle differences between the above definitions. The inclusion of the statement in Sauls definition
regarding outside of armed conflict is notable as this would be outside an open declaration of war. According
to this definition one could immediately discount insurgencies during times of war and occupation as non-
terrorist activities. Likewise the inclusion of destruction of property in Government legislation is also
interesting as this adheres to the general principals of a developed society where property is the driving force
behind the economy. Failure to protect this negates the concept of ownership upon which wealth can be
developed. The Wilkinson definition fails to mention damage to property, stating only serious, violent criminal
acts. The word terror has been defined as; an intense, overpowering fear (FARLEX, 2008). This brings us to
the difference between fear and terror. It is possible to argue that controlled demolition of an adversarys
facilities, without loss, or risk to, human life does not create the intense overpowering fear that possible loss of
life or serious injury does.
The better definitions include the compelling or coercion of government as a goal of terrorist groups. While this
is legitimate, a true definition of terrorism must include the goal of intimidating a population in order to force or
coerce the government into some form of action. Violent actions directed solely at a government and not at the
civilian population is one of the areas where this essay will differentiate between terrorists and freedom-fighters.
The definition of terrorism which will be taken for the purpose of this essay is Extreme political or
ideologically motivated violence with the intention of causing overwhelming fear in the civilian population, in
order to coerce the existing powers into a pre-determined course of action.
Freedom Fighters
The term freedom fighters first emerged with creation of the group Lohamei Herut Israel Or Freedom
Fighters for Israel; this group operated in British controlled Palestine and later became known as the Stern
Gang (Westrate, 1997). The international acceptance of the idea that they were freedom-fighters lies very
much with the general guilt felt by many at the abject failure to prevent the holocaust committed by the Nazi
regime. The term freedom fighter was also used to describe members of groups such as the Front de liberation
national (FLN), who fought to liberate Algeria from French occupation.
While no clear academic definition for freedom- fighter was identified, several dictionary based definitions were
discovered. The best of these was; Freedom fighter - noun - a person involved in armed conflict against an
oppressive government etc; an insurgent, rebel or insurrectionist (Allwords, 2008). The key point identified in
this definition is not that they are in involved in armed conflict, but in armed conflict against an oppressive
government. This is the definition which will be taken for the purposes of this essay.
86
LABELING AND LEGITIMACY
In terms of differentiating between freedom-fighters and terrorists an issue which must be addressed is who has
the right to label the different groups. A common statement concludes that "one man's terrorist is another man's
freedom-fighter." This is not necessarily the case. Who has the right to suggest that one group is either one or
the other? What may be viewed as a legitimate act by one group may not be viewed in the same light by another.
Correctly identifying the difference must be based on the history of a group as it is possible for one person to
say that an act was terrorism and another to say that it was a legitimate act of war (Newman, 2002). Another
complicating factor is the way in which terrorists construe abhorrent acts of violence as admirable acts of
courage (Jackson, 2004). Given these factors it is impossible for a burgeoning activist group to legitimately
label itself as freedom-fighters. That label can only be given based on examination of established behaviours
and actions.
It is also common for a political power to label a group as terrorists for solely political purposes. Sceptics argue
that some criminal acts become terrorist activities in order to secure political mileage (Barnaby, 2007, pp. 207-
208). Any label given to a group by a state or nation it is in conflict with must therefore be viewed with
suspicion.
Arguably, none of the directly involved groups may issue any legitimate labels due to the various biases and
agendas they may have. The decision of whether a group are freedom fighters or terrorists must come from
outside of the conflict, namely, the international community.
POPULAR SUPPORT
The definition of freedom fighter states that they are involved in conflict with an oppressive government.
Therefore in order to be classed as freedom-fighters they must not be involved in actions against a
democratically elected and supported government. Wilkinson argues that in a true democracy there can be no
group that does not have representation (Wilkinson, 1977, p. 257). Therefore it is possible to say that any
internal group that initiates violent actions against a democratic state cannot be labelled as freedom fighters. In a
democracy, citizens have the right to protest against government decisions, and many aim to cause political
change through non-violent means (marches, petitions, demonstrations, rallies).
FREEDOM AS A PRIMARY GOAL
United Nations Article 1514 (XV) makes the statement that all peoples have an inalienable right to complete
freedom, the exercise of their sovereignty and integrity of their national territory. Also included in the Article is
the following statement; All peoples have the right to self-determination; by virtue of that right they freely
determine their political status and freely pursue their economic, social and cultural development. (UN, 1960).
In the eyes of the international community groups acting against governments which deny these rights to their
people may be classed as freedom-fighters, as the internationally recognized rights of freedom are what they are
fighting for. In order to support this classification they must retain the support of majority of their population.
Losing popular support may mean they are in fact acting against the peoples right to self determination.
The emergence of the term freedom fighter can be traced back to a period of history during
which global society was experiencing a wave of anti-colonial terrorism as described by
Rapport (2002), Complications arise in securing this definition of political action because a
freedom-fighter, as defined above, refers to those who struggle against oppression. This is seen in some corners
as an acceptable form of action as it is directed towards a legitimate cause. Even the United Nations has stated
that people under foreign occupation have a right to resistance and that any definition or terrorist or terrorism
should not include them (High Panel Report, 2004). What differs between the two is not the ultimate goal or
even the initial causes, but the method of operation. Freedom-fighters do not target civilians and non-
87
combatants. They do engage in violence, but this violence should be against government or military bodies and
is often referred to as guerrilla warfare, which is the deliberate use of violence against military and security
personnel (Ganor, 2002). Inevitably some civilians do get caught in the crossfire but they are not the principle
targets. A terrorist act, on the other hand, does deliberately target an area that is frequented by civilians, such as
train station, hotel or office building in order to inflict as much physical and psychological damage on the
population as a whole as possible. The objective for terrorist violence is to inflict terror!
TARGETS
One of the best ways to differentiate between freedom fighters and terrorists lies in the targets at which they
strike. Freedom-fighters aim to make their primary targets military or state based. While civilian casualties may
occur, they are not the intended target (Goldie, 1987). Freedom-fighters will make every effort possible to avoid
and reduce civilian casualties in order to retain their public support. In contrast, terrorists intend to harm non-
combatants in order to coerce a third party (Goldie, 1987). In many cases of terrorism the perpetrators are
heedless of the fact that the victims are complete strangers with no individual strategic value. They are treated as
a symbolic target for the separate purpose of instilling overwhelming fear in the hearts of the target population
(Goldie, 1987).
AREA OF OPERATIONS
Given the restrictions on popular support discussed in regards to freedom being the primary goal, freedom
fighters operations are restricted to within their own areas. Against an oppressive government or illegal
occupying force their actions have a degree of legitimacy, however, once the group begins to strike at targets
beyond its area of popular support, perception of the group will change. Striking at targets outside the area of
conflict , for example at foreign nationals in neighbouring countries, is viewed as a direct attempt at coercing
public opinion and falls under Wilkinsons definition of terrorism (Wilkinson, 1977, p. 376)
IRA: Terrorists or freedom fighters?
88
SUPPORT
An example of how a political group may exist as both freedom fighters and terrorists is that of the IRA and
Provisional IRA operating in Northern Ireland in the early 1970s through to the late 1990s. For republicans in
some areas of Northern Ireland this conflict was merely a manifestation of rebellion dating back centuries
(Harnden, 2000, p. 95). In certain areas, for example urban ghettos and smaller towns such as Crossmaglen in
South Armagh (Coogan, 2000, p. 377), the Provisional IRA enjoyed considerable public support albeit often in a
passive sense (bed for the night, hospitals not reporting treatment for gun-shot wounds, etc. )(Coogan, 2000, p.
376).
FREEDOM
It has been said that at its broadest the IRA struggle in Northern Ireland came under the heading of a means of
national self determination (Cowell, 2005). This brand of struggle was accepted and legitimized by the United
Nations Article 1514 (xv) as discussed previously.
TARGETS
In the early 1970s the main IRA tactics consisted of blockades, stone throwing and petrol bombings, along with
some political aspirations. However later years saw the rise of a concentrated campaign of economic warfare. It
was in fact IRA policy that a Protestant was never to be targeted on account of his religion. In fact the only time
civilians were deliberately targeted was during the campaign on the British mainland (Coogan, 2000, p. 380).
The IRA also issued statements advising that warnings were issued to authorities before detonations of
explosives in order to prevent unnecessary casualties (the same statements also add that the warnings were
deliberately held back by the British as counter-tactic in order to maximize negative publicity for the IRA)
(PIRA, 1973). These actions, along with targeting RUC and British Army forces, and along with activism and
hunger-strikes may all be considered the actions of freedom fighters. The annual cost of holding the North for
the British was 1 billion annually during the 1970s (Coogan, 2000, p. 376). The strategy of economic warfare
was inflicting a heavy economic as opposed to civilian toll.
AREA OF OPERATIONS
Later events would alter the perception of the international community towards the IRA. In the early 1980s a
number of bombs were detonated on the British mainland, the purpose being to export the terror and
destruction of the Northern conflict. The reasoning behind this was simply that targeting soldiers in Northern
Ireland was not getting enough attention and that bombing England would keep the issue on the political agenda
(Harnden, 2000, p. 318). It had now become a terror campaign. By moving the area of operations to a sector
with no strategic value beyond causing casualties among non-combatants and sowing terror, the IRA lost their
legitimacy as freedom-fighters. The change in tactics led to a shift in public and international perception of the
group.
MANDELA; TERRORIST OR FREEDOM FIGHTER?
One figure in global politics provides an insight in the difference between freedom fighter and terrorist. Nelson
Mandela is seen by global opinion as larger than life. He is a figure who embodies struggle, his own struggle
for change lasting fifty years (Newswire, 2008). What is not often discussed however are his links to the
organization known as Umkhonto we Sizwe (MK) or Spear of the nation.
MK was the military wing of the African National Congress (ANC). It was formed in 1961 with the intention of
using it to pursue an agenda of change through the use of violence. Immediately after its conception MK
commenced a sabotage campaign against strategic facilities in South Africa. There were strict rules in their
mandate with Tambo, the leader of the ANC, telling the Guardian newspaper The strict rule was that sabotage
should involve no injury to life (Ngculu, 2003).
89
From a military perspective these attacks were amateurish but effective. Homemade explosives were the weapon
of choice with much of the expertise coming in the form of World War II veterans within the ranks of MK.
Sabotage operations continued for over a year after the creation of MK. Targets were chosen strictly and in
accordance to the demands of the given definition of freedom fighters. Targets selected included pass offices,
power pylons, and police stations and military facilities. Most MK personnel lacked real training with the result
that these attacks did not always go according to plan. Large numbers of saboteurs were imprisoned as a result
(Williams, 2006).
As activities continued the MK organisation sent selected senior commanders out of the country in order to
prepare external infrastructure and receive advanced military training. Nelson Mandela was one such officer.
He featured prominently in these efforts and received training in both Algeria and Ethiopia (Williams, 2006).
On his return to South Africa Mandela again became involved in the struggle and, after a period of evasion, was
captured and tried for sabotage. At his trial he was quoted as saying;
I did not plan it [sabotage] in a spirit of recklessness, nor because I have any love of violence. I planned it as a
result of a calm and sober assessment of the political situation that had arisen from many years of tyranny,
exploitation and oppression of my people by the whites. (Ngculu, 2003)
In 1969 the charter for MK was formally recognized and a modern approach to the theory of political and
military liberation struggle was adopted. The Morogoro Conference of 1969 lead to the creation of the Strategy
and Tactics Document which outlined the objective factors for guerrilla operations and being dependant on;
The existence of political leadership capable of gaining the organized support and allegiance of the people, or in
terms of this paper, popular support.
Readiness to respond to the strategy of armed struggle with all the enormous sacrifices which this involves
Extending and consolidating the machinery of the underground operations. Military struggle is only part of, and
is guided by, broad political strategy
MK recognizes the primacy of the political leadership as unchallenged and all revolutionary formations, armed
or otherwise, are subordinate to it (Ngculu, 2003).
Operations by MK continued throughout the decades of Mandelas imprisonment with limited success. 1983
saw a shift in tactics. In May of that year a car bomb was exploded outside the South African Air Force and
Military Intelligence Headquarters in Pretoria. Extensive structural damage was caused to both buildings, a
number of military personnel were killed but the attack also claimed the lives of a number of civilians. This
operation demonstrated that MK was willing to operate both deep inside urban areas and also in a fashion not
restricted by symbolically military targets. Further to this the ANC released a statement announcing that it
could no longer guarantee the safety of civilians in the this struggle (Williams, 2006). This was a calculated
statement designed to increase the pressure for change by increasing the element of fear experienced by a
population. The MK, and ANC by extension, had begun to use terror as a political tool.
Mandelas release and the eventual demise of Apartheid led to the inclusion of the MK into the South African
armed forces thereby giving the group a legitimate standing in the armed forces. Mandela himself became the
first black president of South Africa. However under the current definition of terrorism accepted by Australia,
Mandela is still a member of a terrorist organization. Civilians were targeted and fear was used as a political
weapon. Mandela was in fact the essence of a freedom fighter; he knew and accepted the necessity of armed
struggle against oppression but abided by the conventions to prevent this violence from descending into
terrorism. Mandelas vision for Africa continued throughout his presidency eventually establishing the Nelson
Mandela Children's Fund to strive to change the way society treats its children (Newswire, 2008). At no time
has Mandela ever renounced the use of violence as a method of achieving political change against an oppressive
government and as such it is only in recent history that the United States has finally removed Nelson Mandela
and the African National Congress from a three decade old immigration watch list for possible terrorists
(ABCNews, 2008).
90
CONCLUSION
This essay has discussed what attributes categorize an activist group as either a terrorist or freedom fighter. It
has cast doubt on involved parties abilities to label themselves and has shown that there are certain actions that,
when taken, will shift a group between the two headings. It has been shown that the main differences between
terrorists and freedom fighters are; public support, goals, and the targets they choose, as well as the areas in
which they operate. While both groups may be formed with the same intentions, how they go about achieving
them determines which heading they fall under. It is certainly possible to evaluate a group by its actions and
goals and categorize it as either a terrorist group or freedom fighters.
In all the examples discussed above, the terrorism has been committed against what were considered as
oppressive systems of government. This type of terrorism is referred to as anti-colonial terrorism, which ended
in the 1960s (with a few exceptions). The form of terrorism that the world is facing today has been coined as
the religious wave (Rapport, 2002). The religious wave has brought new groups into the fold and has given
rise to new justifications for terrorist acts (Rapport, 2002). Specifically, Islam has played a major role in this
form of terrorism although this is definitely not to say that all people of the Islamic faith are terrorists, or even
support the idea of it. In fact, the majority of Muslims have condemned the actions of al-Qaeda and the like
outright (Stempel, 2005). However, it is thought that Islamic societies have become less capable of dealing with
the modern world, and increased frustration, hatred for the West and all it stands for has turned into Islamic
radicalism, resulting in a growing number of movements (Stempel, 2005). This religious wave was also the first
to use a human body as the preferred delivery method for an explosive attack (Rapport, 2002). It would be hard
to argue that killing those who do not adhere to your faith is in some way and act of freedom. Therefore
religious terrorists cannot claim under any definition that they are freedom fighters for their brand of idealism
any more than the Baader- Meinhof gang( 1966- 1977) could claim they were liberating the working classes
when they murdered for their revolutionary socialist cause
One mans terrorist is another mans freedom fighter in title only. Freedom fighters want political power in their
own country. They want to take part in the decision making process of their own country and they want the
dominating authority to leave them in peace. The IRA, FLN and the ANC, despite many claims to the contrary,
all qualify as terrorist organizations because they have killed civilians even though they began by targeting only
the symbols of colonialism, occupation or suppression. The terrorists of today have even less of a claim to
freedom fighters as attacks on civilians increase in number and severity, and there is no doubt that more
attacks will occur in the future.
The term one mans freedom fighter is another mans terrorist is not only inaccurate but intentionally
misleading. It pollutes the issue and makes things (such as definitions of terrorism) impossible to decide or
define. Terror is a word that has a definition and a meaning. If one supports terrorism then, in order to
communicate effectively, it would be better to say that one supports this particular form of terror. If the misuse
of this phrase does not stop, then the counter-terrorism efforts of the international community will neither
achieve their goals nor gain wide acceptance. The need is to stop the sponsorship of terrorism and terrorism
itself in all its guises. The use of terror to achieve political goals is morally wrong, but what is at stake for many
is freedom itself. The dilemma will always be what is acceptable in the pursuit of freedom? Furthermore, does
violence ever become tolerable if it can be shown to be in pursuit of a so called noble cause and therefore
becomes what t can be classified as a legitimate ?
91
REFERENCES
ABCNews. (2008, 2nd July 2008). US drops Mandela from terrorist list. Retrieved 20th November, 2008, from
http://www.abc.net.au/news/stories/2008/07/02/2291630.htm
Allwords. (2008). Dictionary definitions for "freedom fighter". Retrieved 29th March, 2008, from
http://www.allwords.com/word-freedom+fighter.html
Australia. (2002). TERRORISM (COMMONWEALTH POWERS) ACT 2002. Retrieved. from.
Bakunin, M. (1869). Neskolko slov k molodym bratyam v Rosii (Revolution, Terrorism, Banditry). Geneva.
Bin Hassan, M.H. (2007). Imam Samudra's Justification for Bali Bombing. Studies in Conflict and Terrorism,
30(12), 1033-1056.
Barnaby, F. (2007). The Future of Terror. London: Granta Books.
Coogan, T. P. (2000). The I.R.A. London: Harper-Collins.
Cowell, A. (2005). Two Faces of Terrorism: Is One More Evil Than the Other? New York Times, 44.
FARLEX. (2008). Definition of terror. Retrieved 28th March, 2008, from
http://www.thefreedictionary.com/terror
Ganor, B. (2002). Defining terrorism: Is one mans terrorist another mans freedom fighter? Police Practice and
Research 3(4), 287-304
Goldie, L. F. E. (1987). Profile Of A Terrorist: Distinguishing Freedom Fighters From Terrorists. Syracuse
Journal of International Law and Commerce, 14(2), 125.
Harnden, T. (2000). Bandit Country: The IRA & South Armagh. London: Coronet Lir.
Jackson, L. (2004). Understanding Terrorism: Psychosocial Roots, Consequences, and Interventions. Canadian
Psychology, 45(3), 245.
LoBaido, A.C. (2001). Behind The Third Boer War. Retrieved March 24th 2008, from
http://www.worldnetdaily.com/news/article.asp?ARTICLE_ID=22477
Morozov, N. (1880). Terroristicheskaya Borba (The Terrorist Struggle). Geneva.
Newman, B. (2002). Terrorism is in eye of beholder. Denver Post, A.05.
Newswire. (2008). Nelson Mandela's 90th Birthday Celebration. PR Newswire.
Ngculu, J. (2003). The role of Umkhonto we Sizwe in the creation of a democratic civil-military relations
tradition. Retrieved 20th November, 2008, from
http://www.iss.co.za/dynamic/administration/file_manager/file_links/OURSELVESNGCULU2.PDF?lin
k_id=32&slink_id=1760&link_type=12&slink_type=13&tmpl_id=3
PIRA. (1973). Freedom Struggle by the Provisional IRA. pres. Dublin.
Rapoport, D.C. (2002). The four waves of rebel terror and September 11. Anthropoetics The Journal of
Generative Anthropolgy, (8)1.
Saul, B. (2006). Defining Terrorism in International Law. Oxford, New York: Oxford University Press.
Stempel, D. (2005). The impact of religion on intelligence. International Journal of Intelligence and
Counterintelligence (18)2, 280-295.
92
Terrorist Watch. (n.d.). Retrieved March 14th, 2008, from http://www.netcomuk.uk/sringbk/enemy.htm
UN. (1960). Article 1514 (XV). Retrieved 30th March, 2008, from
http://www.un.org/documents/ga/res/15/ares15.htm
United Nations High Level Panel. (2004). Report to the General Assembly on the Threats, Challenges and
Change. Retrieved March 2nd 2008, from http://www.un.org/News/dh/infocus/terrorism/sg%high-
level%20panel%20report-terrorism.htm
Westrate, B. (1997). The Stern Gang: Ideology, Politics and Terror, 1940-1949. The American Historical
Review, 102(3), 1.
Williams, R. (2006). The Impact of Guerrilla Armies on the Creation of South Africa's Armed Forces. Institute
for Security Studies, 127.
Wilkinson, P. (1977). Terrorism and the liberal state. London: Macmillan Press.
COPYRIGHT
Bill Bailey and Adam McGill 2008. The author/s assign Edith Cowan University a non-exclusive license to
use this document for personal use provided that the article is used in full and this copyright statement is
reproduced. Such documents may be published on the World Wide Web, CD-ROM, in printed form, and on
mirror sites on the World Wide Web. The authors also grant a non-exclusive license to ECU to publish this
document in full in the Conference Proceedings. Any other usage is prohibited without the express permission
of the authors.
93
CERBERUS: THE GAME OF SECURITY ANALYSIS
Stuart Porter
Department of Computing
Curtin University of Technology
Stuart.R.Porter@student.curtin.edu.au
Tele Tan
Department of Computing
Curtin University of Technology
T.Tan@curtin.edu.au
Kok Wai Wong
School of Information Technology
Murdoch University
K.Wong@murdoch.edu.au
Abstract
Physical security assessment for critical infrastructure is an integral part of security system design and
maintenance. It is designed to sieve out security gaps and loopholes that if left unattended may result in
disastrous consequences. The dynamic nature of modern day security threats as well as the ever-changing
situations in the secure environment remains a challenge to security managers since conventional security
audits are inadequate in such circumstances. We propose here a computational security dynamic system which
is aim to provide security managers with the ability to detect and respond to emerging threats and changing
environmental conditions. We will address the requirements and design considerations for this simulation
system using serious games concepts as well as a progressive development plan to achieve the objective. It is
planned that the proposed system will also provide useful opportunities for research and development in the
fields of security and behavioural modelling.
Keywords
Static Security Analysis, Dynamic Security Analysis, Intelligent Agent, Simulation, Serious Game, Cerberus
INTRODUCTION
Physical security involves measures undertaken to protect personnel, equipment and property against threats of
all forms. It includes both passive and active measures. Passive measures include the effective use of
architecture, landscaping and lighting to achieve improved security by deterring, disrupting or mitigating
potential threats. Active measures include the use of proven systems and technologies designed to deter, detect,
disseminate and respond against threats.
Another emerging trend of improving the security is by analyzing different possible threats using computer
simulation. The modern computer, whose ancestors were originally developed to simulate shell trajectories in
WW2 and crack un-crackable codes by simulating the encoding machine, have evolved to allow us to simulate
the world we live in. Computers are now being used to simulate and train people for various disasters, from
mine cave-ins to toxic spills (Straw 2007). There are even projects looking to integrate many varied simulators
of specialised design to allow for the simulation of larger disasters, such as earthquakes (Takeuchi, Kakumoto &
Goto 2003).
The power of these simulations comes from the computers ability to quickly analyse data given to it and create
an output based on complex formulas. The speed and suitability for computers to perform these sorts of
calculations allows for simulations to be interactive, to alter the environment that is being simulated in real time
and receive real-time representation of the ramifications of that change. This power grants a two-fold benefit,
removing the need for costly human calculation of variables and allowing for the modeling of difficult or
impossible to simulate real world events. It is the goal of this project to exploit these capabilities in the field of
physical security.
94
This paper gives details on the requirements specification and design background of the Cerberus system which
is an active simulation software system targeting the physical security industry. The concept was to allow for a
user to run virtual Red Team activities against personnel, assets and infrastructure, to gauge the overall
facilitys resistance to varied attack scenarios and the dollar cost of those attacks. Operationally, Cerberus can
be used as a system in a loop deployment, in between regular security assessments, to provide up-to-date
security threat assessment and timely responses to these threats.
The Cerberus software is based upon the Serious Games software development principles. The concept of a
Serious Game is to use video game technology and/or design methodologies to produce software with a focus
on simulation, training or evaluation (Gallego et al. 2006). While we hope to explore numerous concepts
through the development of Cerberus, it is being developed with the aim of producing software that could
quickly be taken up by security experts and put to use.
It is intended that the completed Cerberus system would allow for a fast and accessible way for users to assess
the security of a facility. For example, after inputting a facility (3.1), a user can use Cerberus to generate a visual
security guide to their facility (3.2) allowing them to visually assess the security of their assets. The user will
then be able to make changes, such as adding or moving security elements and then assess the impact these
changes have had on their overall security.
BACKGROUND
Many modern facilities need to undergo regular security audits, from airports to banks to mine sites. With
Security Consultants costing upwards of $300 an hour, human inspection quickly becomes prohibitively
expensive. Due to this cost, security audits are only performed at intervals, which can result in security problems
when the approved security plan changes.
An example case involved a terror suspect who escaped from a Singapore detention centre in 2008 (Mydans
2008). The suspect took advantage of a window left unprotected due to ongoing renovations. Being a prison, we
assume the facility would have at least undergone an audit before the renovations. But, due to a dispute between
the contractor and prison, the accepted security plan was altered and the impact of this alteration was not
detected. It is for this problem area we have designed Cerberus.
Terrorism/Security
In this modern world, it is not uncommon to use fear mongering to help push an agenda. It is not our goal to
feed on this fear, but rather to try and reduce it. The Cerberus system is intended to allow a user to assess their
security and confirm it achieves a level of security they are comfortable with. The system is intended to allow a
user to perform objective assessment of their security and to allow them to make necessary alterations.
We believe, based on data available (Figure 1), that there is room for and perhaps even a need for new security
simulation software. It should be noted that this data has been abstracted for the reasons of illustration.
Terrorism goes through dips and rises but the data available suggests it is on an upward trend.
Figure 1 - Terrorism Incidents 1976 - 2006 (Based on data from (LaFree & Dugan 2007, p. 181))
95
Serious Games
Serious games are becoming a well recognized and funded answer to problems ranging from AI Research
(Gallego et al. 2006) to Disaster control and training. At least one such project, Hazmat: Hotzone, which began
as a research project at Carnegie-Mellon Universitys Entertainment Technology Center has spawned a spin off
company, dedicated to the productions and extension of the system.
CERBERUS GOALS
The goals of Cerberus are to, firstly, allow the simple input and setup of a facility (3.1). Secondly, a user should
be able to perform an analysis of the security at a facility under given circumstances (3.2). Thirdly, it is of
interest to allow a user to run virtual Red Team events against a facility by use of Intelligent Agents (3.3), a
exercise supported by the final goal of Distributed Computing (3.4).
Facility Input
It is envisioned that facility input process will accept either a CAD representation of a building or possibly even
simple blueprints of the building. The input step is of particular importance because from an end user point of
view, if the software is difficult or frustrating to use, uptake and use will be reduced. It is envisioned that the
software will be laid out to assist in facility input. So, in the case of input from a flat floor plan, a user may be
required to help clarify which lines represent walls. Once a user has selected a wall, the software will attempt to
intelligently apply this knowledge and present the user with a click and drag style interface of making
corrections.
As part of facility input, it will be necessary for a user to define the security elements (5.1). This will involve a
streamlined interface to allow a user to select items such as walls and define their security characteristics. It is
envisioned that a user will simply be able to click and drag elements such as security personnel and security
devices into place with default settings, and once placed they may view and alter the settings of the elements to
suit their scenario.
Static Security Analysis
Once a facility has been input a user may perform static security analysis. It is most likely that a user will be
required to set several variables before they perform their analysis, such as weather conditions which can impact
the performance of sensors and responders and also the time to help simulate the typical state change between
security during the day and security at night. The system is then expected to produce a heat map(5.4),
allowing a user to see visually the security levels of the facility. See Figure 2 for mock up.
Based on this information a user can then assess the risk to their assets and any changes that need to be made.
As a part of Cerberus we will also explore Computer Aided Security Design, where the Cerberus System itself
will be able to suggest optimisations to the system. CASD will remain a lower priority unless Cerberus can be
demonstrated to be capable of acting as an expert system to the satisfaction of security personnel.
Figure 2 - Static Analysis Heatmap Mockup
96
Dynamic Security Analysis
It is felt that Dynamic Analysis through Simulation could prove to be one of the more valuable elements of
Cerberus, allowing for the low cost simulation of varied attacks and evacuations procedures on a large scale,
such as an Olympic stadium. Indeed, several other research projects already seek to simulate security procedures
(Koch 2007; Guru & Savory 2004), facilities (Tarr 1992; Tarr 1994; Tarr & Peaty 1995) and even model
behaviour in a large scale emergency (Takeuchi, Kakumoto & Goto 2003). It is felt that the Dynamic System we
propose, detailed below, is novel enough to validate our research. However, given the cost and effort required
with building and proving behavioural models, this goal is currently considered secondary to the more easily
applied Static Analysis.
The intention of simulation within Cerberus is to allow a user to input all personnel within a system as Agents
(5.2) and to attempt to simulate their movements within a facility and their reactions to stimuli. We classify
stimuli in this instance as events such as alarms or points of interest such as computer terminals and other
agents. As part of the simulation, a user could add Attacker Agents who will attempt to bypass the other agents
and facility security to gain access to assets.
A concept we would like to explore is branch points for simulations. The concept runs that with a single
Attacker Agent the world state could be saved each time the Attacker makes a choice. These branch points could
then be processed separately, allowing the exploration of all possible attacks and the collection of statistics.
For instance, after all branch points have been simulated to success or failure for the attacker the system could
offer a summary such as;
In 30% of simulations the attacker escaped with assets. 90% of these simulations branch from an entry
through window 4 on the second floor.
Using this information the user could add extra alarms or sensors to the second floor and run the simulations
again, perhaps specifying a second floor entrance for expedience. This ability to simulate various scenarios and
test solutions could obviously prove useful. However, once you start to try and simulate multiple attackers or a
large facility, the processing demands increase quickly. To solve this problem, we propose to use distributed
computing.
Distributed Computing
During design of the Cerberus system, a goal of computational distribution has been kept in mind. This has
influenced the selection of tools (Section 4) and required that a design goal of modularity be considered. A
proposed client/server infrastructure will be illustrated later (Section 5.3). It is planned that a cross-platform
client would be produced, allowing users to potentially farm their simulations or complex static analysis out to
multiple Windows desktops and/or a dedicated Linux cluster.
An average workplace computer runs with a great deal of its processing power unused. It is planned that
Cerberus could take advantage of this untapped computing power, as many existing compilers and graphics
rendering systems do, to allow a user to quickly process a large job with minimal impact on their co-workers.
However, due to the development environment selected which will be discussed in Section 4.2 an interesting
possibility is opened up. It is proposed that the Cerberus system could farm processing out to Xbox 360s.
Game Consoles are sold typically on the razorblade model. This system of marketing entails selling one
component, the console, at a loss with the intention of making money later on other components, software and
peripherals. This far into its life cycle it is most likely the Xbox 360 console is no longer sold at a loss, but
game consoles still represent an exploitable resource for cheap, dedicated hardware.
A single Xbox 360 console contains 3, 3.2Ghz Power PC Processors and 512MB of GDDR3 RAM clocked at
700Mhz. This gives the console a vector processing power of 9 million dot product operations per second and
an overall processing power of 1 Teraflop of Floating Point calculations per second. With a 20GB HDD
included, a second hand Xbox 360 will cost you roughly $320 with the added benefit of grabbing student
attention.
TOOLS
As part of the design and research of Cerberus, several different tool sets were examined. Initially, a high
importance was placed on a cross platform development environment (4.1). As the project has progressed
however, our criteria have changed somewhat, resulting in our current selection (4.2), detailed below.
97
Delta 3D
Delta 3D is a fully funded, open source cross platform development tool set for serious games. It has an active
community, full time development team and many desirable features such as built in network and physics
systems. Its designed to encapsulate existing open source systems and to build tools to link them together,
creating an easy to use development environment.
However, working on the Delta 3D environment was less than positive. Attempts to install the system under OS
X were met with various fatal problems. Messages to the Delta 3D forum asking for help often sat for days or
went completely unanswered. While a large portion of the problems resulted from OS X being a lesser used
development platform for Delta 3D, it was still disappointing and resulted in further exploration of other tool
set.
XNA
XNA is in many ways the opposite of Delta 3D. It is not a cross platform development environment or open
source. It is a toolset released and supported by Microsoft to encourage development of games on their Xbox
360 system and on the Windows Operating System. Due to this, it is actually very simple to cross compile,
opening up the possibility of using Xbox 360 as a processing client. XNA is built upon the successful Visual
Studio system with 2.0 running under Visual Studio 2005.
It is felt that with most businesses using Windows for their desktops, the transition to a Windows centric
development should cause minimal harm to the end product. There are also cross-platform tools available for
compiling C# code, Mono, which with the current client/server design is sufficient. The limited experience so
far with XNA has also been excellent, with strong, active community support, numerous pages offering coding
tips and samples and the official Microsoft site providing various games with complete source.
DESIGN
It has been our focus in creating the preliminary design to make the system as modular and adaptable as
possible. We believe our preliminary design, detailed here, will prove applicable to the Cerberus problem area
but accept that there is an imperative in research to adapt. The following sections should prove a good overview
of the design.
Security Elements
We have proposed a system for Security Elements based on inheritance and Object Oriented design (See Figure
3). The intention with the system is to make it as easy as possible for a user to add or customise an element. So,
for instance, a user wanting to create a reinforced concrete wall could create a concrete wall, then go into the
Material properties and alter them appropriately, saving the new material for use later. It is envisioned that a
simple drag and drop interface will present elements to the user for placement with elements such as drop down
boxes allowing for the selection of items.
Figure 3 - Proposed Security Element Model
98
Intelligent Agents
The agents we have designed for use in the Dynamic Security Analysis present a problem. There is a desire to
create realistic, intelligent behaviour but also to allow for up scaling to potentially tens of thousands of agents.
The system we propose separates agents into three types based on behaviour, similar to at least one other known
design (Smith et al. 1999). Beyond that we also specify complexity based on the importance of the agent to the
simulation, as detailed below.
The most simple agent, referred to as the Bystander Agent, would also be the most common. Intended to model
civilians and non-security staff, a Bystander Agent would perform a simple coin toss or dice roll decision
upon encountering various elements within the environment, including other agents. It is proposed that typically
choices will be made between a high probability option and a low probability option. For example, on
perceiving another Bystander Agent there is a high probability that the Bystander will do nothing with a low
probability that they will engage the other Bystander in conversation.
Building upon this, we have planned a Point of Interest concept, which tracks stimuli and ranks them based on
priority. So, if a Bystander Agent has heard a fire alarm, evacuating will have a higher priority than talking to
another Bystander Agent, providing context limited action choices. We believe this system could provide an
efficient simulation of behaviour in a work place and help represent various real world scenarios such as a agent
not detecting an attacker because they are engaged in a conversation.
The second agent type we wish to model is the Defender Agent. The Defender Agent will incorporate and
extend the behaviours of the Bystander Agent and is intended to model security personnel. To simulate the
training and skills of the field, the Defender Agent will have a higher level of perception as well as type specific
behaviours such as patrolling a specified route. Defender Agents will be fewer in number than Bystander Agents
in most scenarios and it is intended that they would use a somewhat more complex decision process, more akin
to fuzzy logic than a coin flip.
Our agent design includes a framework for modeling complex communication. For instance, should a Bystander
Agent hear a noise and become suspicious, they will seek to contact a Defender Agent and report the location.
This information would then be added to the Defender Agents Point Of Interest list and acted upon
appropriately. We intend to incorporate the capacity for false alarms into this behaviour as well as the potential
for loss of accuracy from word of mouth. This brings us to the third and final agent type, Attacker Agents.
Due to the nature of a simulated Red Team, the attacker agents will require the most work. They will need and
justify a more complex intelligence model and higher processing, an attacker needing to respond accurately to
an environment to make the simulation worth while. While some base behaviours such as search or wander may
be useful to an Attacker Agent, for the most part their behaviours will be unique. It is planned that given the
small number of attackers likely to be operating in comparison to Bystanders and Defenders, it is justifiable for
the Attackers to use considerably more resources in the pursuit of realism.
Figure 4 - Proposed Agent Modelling System
Client/Server
The client/server design (See Figure 5) is relatively simple and will be covered here briefly. A single system
may run a simulation or analysis, but with larger simulations such as the earlier stadium example, it would
quickly become an arduous process. The proposed system is that a server system would maintain the Facility
Model or World Model. Each connected client would be assigned Agents as needed, with a weighting based on
the type of agents. So, for instance, one machine may run 10 Bystanders or 3 Defenders or a single Attacker.
99
For each agent, the client looks at the environment, updates the Agents Point of Interest listing and calculates an
appropriate action and updates its Agents appropriately. It communicates movements to the server, similar to a
network game, which updates the World State and then updates all clients. We believe this model would allow
for excellent scalability.
Figure 5 - Proposed Client/Server Model
Security
For the purpose of determining security we break a facility down into a collection of zones. A zone is an
arbitrary area with some common bounding condition. The most common example would be a room, where the
walls, windows and doors act to bound the zone. Zones act as the basic blocks for security analysis. For the
purpose of determining a zones security, we look at its effort distance from the outer zone.
The outer zone acts as a security free container, representing the uncontrolled public domain beyond a facility.
Zones then link to each other from this outer zone in a logical manner. This makes determining the security of a
zone a graph domain problem similar to those encountered in computer communications. We use Dijkstras
algorithm (Cormen et al. 2002, p. 595) to find the least effort distance required to reach a zone (node) and use
this effort distance (edge) as our security metric, on the basis that an attacker will logically seek the least secure
zone or path for attack.
The wall between them determines the effort distance or graph edge between two zones. A wall may act as a
container for doors and walls all with their own material types and security ratings. The security of a wall will
be determined primarily by the weakest part, so for a concrete wall with a steel door and a glass window, the
walls security will be equivalent to the window. This seems appropriate for many cases but probably over
simple and we will investigate weighting a walls security and more complex security determinants as Cerberus
evolves.
As part of the calculation of Dijkstras algorithm, we also generate and store information on which zone would
most likely be used to access a given zone. This will allow compelling visual information to be displayed to
users on why a zone has the security rating it does, enabling users to make informed decisions on how best to
tweak their security. Being able to visually trace multiple attack paths to a single weak zone will help users to
experiment with adding security to that zone or those before it, increasing the overall security of their facility.
DISCUSSION
In the preceding sections we have provided an overview of the design for the Cerberus System. The next stage
will be to incorporate our data model, based upon the work by Zachary J. Alach (Alach 2007), and begin testing.
The testing will involve static analysis of an example facility with consultation from security industry
professionals. We shall seek feedback on both the prototype interface and the analysis performed by the
software.
It is hoped that Cerberus may also provide the basis for future research opportunities. One concept proposed for
future work is a form of hybrid reality security. In this concept, models of people could be used in conjunction
with security elements to predict and track movement through a facility. This sort of system could prove
invaluable in helping staff to locate and evacuate everyone during, for instance, a fire alarm. The security
benefits of being able to flag unusual behaviour are also interesting to consider.
Cerberus also offers interesting training possibilities. An altered version of the system might allow training
consultants to test their assessment skills against a proven system, Cerberus acting as a type of expert system.
An interesting concept is to extend the system, taking on more game components to allow security personnel to
take on the role of an Attacker or Defender Agent and use the simulated environment for training. You could
100
even make a sort of Splinter Cell-esque multiplayer, where one player must setup the security elements and try
to detect and capture a friend before they escape with assets.
A fully realized Cerberus System opens up many interesting possibilities for security testing, training and
research. We hope that some of these possibilities may be explored in future projects.
CONCLUSION
We hope to achieve many things through the use of the Cerberus System. It is hoped that we could produce a
commercially viable product, which would help fund research into expansions, such as Agent Modelling and the
Hybrid system. We also believe that the process of researching and building the system may well lead to
valuable community knowledge and discussions including exploration of intelligent, non-invasive security
systems.
We believe that the knowledge gained through the development of the system will also prove valuable and hope
it will result in the release of useful source code and knowledge related to the area of security and the
development environment of XNA. We further believe the knowledge and artifacts created as a part of the
Cerberus system could easily be applied to other projects within the wider research community to help boost
productivity through the use of modeling and simulation technologies.
Acknowledgements
The authors would like to thank Professor G. West for his feedback and assistance towards this project. We
would also like to thank Mr Z. Alach, whose work has formed the basis of our own.
REFERENCES
Alach, Z. 2007 Mapping the elements of physical security towards the creation of a holistic physical security
model, Masters Thesis, Edith Cowan University, Perth, Western Australia
Cormen, T. Leiseson, C. Rivest, R. & Stein, C. 2002 Introduction to Algorithms, 2
nd
Ed. USA: MIT Press, pp
595 601
Gallego, F. Bernabeu, A. Reverte, J. Rosana, S. & Llorens, F. 2006, A Computer-Games-Based AI research
environment in Proceedings of the Fifth Mexican International Conference on Artificial Intelligence
Guru, A. & Savory, P. 2004, A Template-Based Conceptual Modeling Infrastructure For Simulation Of
Physical Security Systems in Proceedings of the 2004 Winter Simulation Conference, pp 866 873
Koch, D. B. 2007, Portsim A Port Security Simulation and Visualization Tool in Proceedings of the 41
st
Annual IEEE Carnahan Conference, pp109-116
LaFree, G. & Dugan, L. 2007, Introducing the Global Terrorism Database, Terrorism and Political Violence,
pp 181 204
Mydans, S. 2008, Terror Suspect Fled Prison Through Window, Singapore Says, New York Times 22 April
Smith, J. Peters, B. Jordan, S. & Snell, M. 1999 Distributed Real-time Simulation for Intruder Detection
System Analysis in Proceedings of the 31
st
conference on Winter Simulation: simulation a bridge to
the future Volume 2, pp 1168 1173
Straw, J. 2007, "Games Aid Emergency Management, Security Management December
Takeuchi, I. Kakumoto, S. & Goto, Y. 2003, Towards an Integrated Earthquake Disaster Simulation System
in Proceedings of the First International Workshop on Synthetic Simulation and Robotics to Mitigate
Earthquake Disasters
101
Tarr, C. 1992 Clasp: A Computerised Aid To Cost Effective Perimeter Security in Proceedings of the 1992
International Carnahan Conference, pp 164 168
Tarr, C. 1994 Cost Effective Perimeter Security in Proceedings of the 28
th
Annual 1994 International
Carnahan Conference, pp 60 65
Tarr, C. & Peaty, S. 1995 Using CLASP To Assess Perimeter Security in Proceedings of the 29
th
Annual 1995
International Carnahan Conference, pp 311 316
COPYRIGHT
Stuart Porter, Tele Tan and Kok Wai Wong 2008. The author/s assign Edith Cowan University a non-
exclusive license to use this document for personal use provided that the article is used in full and this copyright
statement is reproduced. Such documents may be published on the World Wide Web, CD-ROM, in printed
form, and on mirror sites on the World Wide Web. The authors also grant a non-exclusive license to ECU to
publish this document in full in the Conference Proceedings. Any other usage is prohibited without the express
permission of the authors.
102
Covert Operative Management in 2020 Nodal Delivery and a Collegiate Governance
Model
Wayne Snell
Australian Federal Police College
Edith Cowan University
Abstract
The management of covert operatives is an essential part of the operational capacity of a number of agencies in
Australia. This paper will explore a model where a new organisation is created to manage all of the functions
which are currently undertaken by each of the agencies in Australia who maintain a covert operative capability
. The model will draw upon the current literature, the management theory of managerialism and collegialism
and risk management theory. This issue has been identified because of the ongoing difficulties with the
recruitment, training, retention, well being and security of personnel engaged in this type of deployment in the
current operating environment. The paper will focus on a national leadership approach for the formation of an
independent organization whose primary task will be the servicing of covert human resources to law
enforcement and related agencies. An overview of the predicted operating environment will be undertaken and a
rationale to support such a move formulated.
Keywords
Covert, Governance, Risk management.
The management of covert operatives is an essential part of the operational capacity of a number of agencies in
Australia. This paper will explore a model where a new organisation is created to manage all of the functions
which are currently undertaken by each of the agencies in Australia who maintain a covert operative capability.
The model will draw upon the current literature, the management theory of managerialism and collegialism and
risk management theory.
This issue has been identified because of the ongoing difficulties with the recruitment, training, retention, well
being and security of personnel engaged in this type of deployment in the current operating environment. The
paper will focus on a national leadership approach for the formation of an independent organization whose
primary task will be the servicing of covert human resources to law enforcement and related agencies. An
overview of the predicted operating environment will be undertaken and a rationale to support such a move
formulated.
The organisation and governance of covert operatives is challenging for organisations whose primary function
and mission is not the management of covert operatives. This is due to the nature of the work to be undertaken,
the risks to the individuals being deployed, risks to the organisation and the significant resource implications in
maintaining the capability. The management of this asset has been identified as a high risk area in a number of
studies and in some international police jurisdictions has been regarded as too difficult and dangerous and the
practice has been discontinued
1
.
In Australia, individual agencies are required to recruit, train and develop, deploy, maintain, debrief and
reintegrate their own operatives. Whilst cooperation exists across a number of agencies, it is difficult to utilise a
covert operative asset in another agency due to the legislative and authority constraints as well as the inherent
cultural and operational attributes which are developed in organisational isolation.
103
Although there is a limited academic and industry body of knowledge regarding this very compelling area of
operations, a number of authors have espoused models of management which have contributed to the discourse
on this issue. Burton and OConnor support the separatist approach of individual agencies whilst Mawby
supports a wider vision.
The development and management of a covert operative capability in the individual agencies is a manifestation
of the Managerialism theory in which public organisations are best managed when the power is exercised
hierarchically by managers who are distinct from the service providers. The managers are however able to
dispose of the organisations resources as they see fit. As a result the organisational power (and individual
power) is based in the allotted position within the hierarchy and the ability to control its activities through
resource allocation. As a result decision making processes are based around the narrow power base of the
individual managers and the departments within which they operate. This facilitates and perpetuates the
isolationist style of development and management of current covert operative management model.
This also exposes the individual operative, discreet operations and department responsible for the management
of covert operatives to the individual decisions of managers higher in the hierarchical structure who are
dislocated from the actual provision of the service. The already high risk activity of the management of covert
operatives is then exposed to the flowing tide of organisational priorities and individual nuances. Whilst this
issue is consistent for all organisational units, the management of covert operatives due to its unique risk
environment becomes more vulnerable.
The proposal for the development of a specific agency or node to manage covert operatives is based on a move
from organisational focus to a whole of government service. The application of this strategy is consistent with
the management theory of Collegialism where the service is provided through an organisational structure and
vision which is based on cooperative agreement across the organisation or in this case across government.
Collegialism is particularly associated with the professions and is therefore consistent with the strategic policy
direction of professionalising policing (the main user of this type of operational strategy).
The development of a quasi commercial model of a node of delivery of covert operative services is in line with
the commercialisation policy being implemented across all sectors of government. The creation of this type of
agency would see a service delivery model based on partial cost recovery for actual operational deployment
with the redundant capability and capacity requirements being met in a single centrally funded governance
model.
The management of the risks in this instant is informed by Australian Standard 4360 which provides the key
guiding principles for managing risk in Australia and has been adopted by the Commonwealth. Risk can be
defined as the threat of a negative outcome or harmful event as a result of an activity. Generally, risk is
measured in terms of consequence, being the extent of the harm and probability being the likelihood of the
negative outcome. Risk is generally managed by undertaking actions which avoid the risk; reduce the risk;
spread the risk; transfer the risk; accept the risk; or a combination of these strategies. In the single entity model
for covert operative management the risk management strategy is the transfer some of the risk from the
individual agencies to the new one, reduce the risk to the individual agencies, spread the risk by setting
Commonwealth standards and accepting that some of the risk is residual within the agencies who will continue
to require the operational capability being delivered by the service provider.
Meta Operational Theatre
In order to develop a strategy for the provision of covert operative services in 2020, it is essential to form a
picture of the operational theatre which may exist at that time, based on the analysis of current trends,
104
forecasting by futurists and formation of cogent picture which will assist in formulating the ontological issues to
be considered
2
.
The first issue is the national security and policing environment. The predicted position is that the move
towards a higher level of sophistication in criminal enterprise facilitated by a more highly educated population
in generation X, Y and Z. As a result the response from government in dealing with these entities and
individuals will require a more coordinated structure as vulnerability exploitation is likely to be key strategy of
criminals. The current economic down turn being experienced across the globe will continue which engender
the development of fraud and other offences involving a breach of trust. The separation of enforcement in the
community or street crime environments and organised national and international threats will continue
facilitating a expansion of the role in the commonwealth in dealing with these issues in the national interest.
The global economic position and the institutionalised economic rationalist vision in the commonwealth
government will see a continuation of the reduction in real terms of the funds available to policing and national
security organisations in Australia. This will be achieved through efficiency dividends, selective appropriations
and a continuation of the burgeoning welfare crisis precipitated by the global economic position. As a result
specialist activities are likely to be restricted in order to facilitate essential services and specific government
initiatives.
The government will also attempt to relieve some of the burden on facilitating publically funded services by
continuation of the commercialisation or quasi commercialisation of government services. This will include the
need for government agencies to pay for services provided by other agencies to minimise waste and focus on
actual service requirements rather than projections.
Geopolitical tensions are likely to continue to increase, particularly in the resource rich - population poor pacific
and Australian/New Zealand Region. This will fuel organised crime and perhaps state sponsored insurgency in
an effort to secure the highly valued resource, environmental, water and economic commodities which will have
elevated value in an evolving black market. Environmental changes will also start to increase the amount of
population migration to counties which are developed in order to support traditional and economic refugee
displacement. This will increase boarder security issues including people smuggling, criminal slavery and
criminal operative insertion.
There will also likely continue to be a decline in the influence and regard for the United States as its economy
and internal morality are identified as significant contributors to the state of global health and prosperity. As a
result other developed nations will be required to fill the void left by soured relationships with the United States.
This will include the continued development of government infrastructure and crime fighting capability.
Australia will need to take a lead role in our region in this endeavour.
Ontological Issues to be Considered
The management of the provision of covert operatives across agencies by a single agency will seek to address
the managerial risk and superior service provision to the community.
There is an incompatibility of general police recruitment requirements and the identification and recruitment of
potential covert operatives. This is due to the nature of the activity in deception, misrepresentation, lying and
manipulation. These abilities are incompatible with general recruitment standards across all Australian police
jurisdictions and make the redeployment of covert operatives more challenging after an extended period of time
deployed in covert environments. This challenge is faced by the individual operative as well as the agency. The
introduction of the separate agency for covert operatives removes the requirements to recruit against patrol
constable police standards and allows specialist criteria to be developed to recruit operatives who possess
superior skills for the covert environment as well as resilience to the risks of such environments. This should
105
provide a higher level of skills, knowledge and abilities for utilisation by the various agencies. A dedicated
agency would have more scope to recruit and retain operatives from community identifiable cultural groups as
these operatives are being recruited to perform specific specialist functions not general law enforcement with its
inherent entry requirements. This strategy also removes the need to redeploy the operative to general policing
operations.
3
The dedicated agency would be able to develop a whole of operational life management strategy which would
include a three stream recruitment strategy of operations, specialist and technical and management. This
strategy would include developing the specific recruitment requirements, screening and assessment, induction
and orientation, initial training and doctrine, tradecraft development, specialist training, pre deployment
orientation, deployment monitoring, post deployment reflection, reinvigoration and development, (back to
redeployment for length of service), deoperationalisation process, separation or management development
programme
4
.
There are significant ongoing security implications for the maintenance of a capability in this field considering
the increased sophistication of counter intelligence, insurgency and surveillance of organized crime groups. As
a result a dedicated agency could develop highly specialised management strategies to manage this risk again
without the security implications of redeployment and without the internal security issues of infiltration by
corrupt elements and previous relationships/associations with colleagues
5
. This strategy also removes the
nepotism issues related to promotion and development opportunities from so called, elite squads.
The significant risk management issues associated with actual deployments and the impacts of those
deployments on operatives would be able to be researched and new strategies developed. This would be
facilitated by the dedicated nature of the agency and the vision and mission such an agency would engender. As
a result a body of knowledge built on reliable research would be available to other international agencies and
also be able to be extrapolated to other high risk activities in the sector such as human source a management.
6
investigations staff of specialists. This strategy is to provide partitions during the investigation phase to
eliminate a number of negative connotations and inferences such as group think, narrow focus, corruption
opportunity and undue influence on specialists. The creation of a separate agency would significantly reduce
these risks by providing the opportunity to formulate a well founded and highly focused integrity regime which
is consistent and cognisant of the types of deployment environments.
The development of specialist managerial and leadership capability for this specialty would be significantly
enhanced by the creation of a dedicated agency. This outcome would be achieved by the reduction in the
rotation of managers through key positions with limited knowledge or experience in covert operations, remove
the need to train managers for the role based on that rotation and provide development opportunities which are
designed to facilitate professional covert operations managers. This would also provide the individual managers
with the professional and personal opportunity to develop exceptional skills, knowledge and abilities.
As a dedicated agency the new agency would be better able to cope with government efficiency requirements
which limit the ability of individual agencies to effectively maintain a capability in this specialty. This is
achieved because the primary mission of the agency would be developing and providing the covert operative
capability. As a result the internal competition for resources would continue to be dedicated towards that
mission rather than to achieving other organisational objectives. As a result decisions which effect resourcing
can be viewed holistically across the covert operation spectre without having to take into account other
organisational imperatives which may increase the risk in the covert environment.
106
The strategy of a whole of government response is consistent with the increased multi agency presence in
serious and organized crime investigations. The respective agencies develop and maintain a general and
specialist capability which creates redundancy and duplication. There is a need for consistency in training and
deployment capability, specialised knowledge development and transfer, infrastructure and support services,
management policy and protocols and fiscal responsibilities. The creation of a dedicated agency would remove
the need for duplication and provide a much more focused efficient service to government without significant
impact on budgetary requirements. This is the model with significant support in comparable jurisdictions such
as the United Kingdom where the Home Office has sought to develop agencies which eliminate duplication and
support a clearer mission and mandate. Interestingly this has included significant amalgamations of functions.
There have been increased demands to maintain covert operative intelligence and counter intelligence
capabilities where evidentiary investigations capability only has been the norm. This is particularly relevant in
the counter terrorism sector. As a result duplication in the development of doctrine, training and operational
deployment controls has occurred. The development of a dedicated agency would allow sub discipline
specialists to be developed with a resource capacity which would be cable to meeting surge capacity
requirements and specialised deployment requirements such as language, culture or crime type/issue type
knowledge. This would provide operational agility to all of the client agencies. The opportunity to develop and
deliver highly specialized training and development opportunities as a core function without having to compete
with priorities or other areas of organizations and indeed other organizations.
Efficiencies in the administration would be realised from the centralization of a management and support
structure from a number of agencies into one. This strategy would remove the need to continually redevelop
operational exigencies based on internal organisational influence and systems development or adoption. The
development of national standards and policy in relation to covert operations and deployments would be
facilitated by the body of knowledge held centrally rather than fragmented through agencies who may or may
not wish to contribute to the development of such policy. The new agency would also be able to identify and
service its own administrative needs based on its mission and vision.
The launch of the new agency would also facilitate the development of legislation to enhance the management
of covert operations across jurisdictional boundaries and other enabling measures thus removing some of the
current encumbrances. This would provide a central point for expert political and policy advice for government
and agencies. It would provide the depth of knowledge required to coordinate influence and furnish information
when lobbying for change. The agency, through its research capability would be able to prepare and present
argument which did not contain sensitive operational material whilst drawing on a wide range of operational
scenarios and case studies. The ability to review capability, deployment patterns, operational outcomes and
monitor emerging risks would be enhanced by having a central repository of post activity assessment. This
information would be available for managers and researchers to assist in decision making.
Implication Analysis
Clearly there are a number of implications to be considered in the establishment of the new covert operations
agency. The principle issues surround how the agency would be established; interact with the recipient
organisations, how the agency would be funded, how the transition would be managed and the implications of
change management including intellectual property management and the quantification of projected service
requirements in the future.
The establishment of the organisation as a government enterprise which was operating in a covert environment
with the ability to generate income from its service delivery and also by block operating grant from Treasury.
The establishment of this type of organisation would require legislation to ensure appropriate government and
community scrutiny of its mission and objectives and also to provide the mandate for cost recovery processes
from client organisations. The establishment legislation could also contain the governance, structural model,
accountability framework and enabling provisions as the core guidance for the successful operation of the
107
agency. This legislation may also be the appropriate vehicle to provide critical authorities and powers which
would transcend the jurisdictional challenges faced when deploying personnel across state boarders, into
specialised agencies and in seeking authorise to engage in covert operations. This legislation could also provide
consistent indemnity provisions for operatives in controlled operations and criminality engagement.
A risk management strategy will need to be developed to assist in combating the opportunity for the
development of a meritocracy within law enforcement by the development of this type of highly specialised
agency which may be seen as elite. As a result the governance structure should include a Board of Management
and an oversight mechanism such as the Inspector General of Intelligence.
A comprehensive change management strategy as outlined by Hayes which entails a plan which identifies the
risks, graduated strategies, responsible officers and communications strategies needs to be developed to
facilitate the movement of the function and any personnel. As part of this process a conflict resolution strategy
needs to be developed in line with Tillet which will provide the tools for the resolution of interagency or
individual conflict should they arise. As the agencies involved are likely to be engaged in an on going
relationship the collaborative approach espoused appears to be the appropriate. As part of the change strategy a
significant component should be a marketing strategy which highlights the altruistic nature of supporting the
establishment of the organisation for the effected agencies and individuals. This process should also highlight
their respective contributions and their future engagement in the development of the capability.
The development of a comprehensive implementation strategy which includes a well communicated time line
and provides contingency arrangements for the time lag from establishment to commissioning and
commissioning to fully operational capability will be critical to implementation plan and to ensure that that a
relatively disruption free change over occurs..
As this organisation is a human services organisation and one of the key drivers for undertaking this strategy is
to more effectively mange the human resources engaged in covert policing operations, a comprehensive human
resources strategy needs to be developed prior to the employment of any operational staff. The development of
this strategy should set the benchmark for human resources engaged in this and similar types of operational
roles.
A robust costing model which identifies the operational or deployments and may form the basis for service level
agreements with the client agencies will need to be developed. A significant aspect of this model should be to
highlight the cost savings for the agency in moving towards this centralised agency and the opportunity for them
to actually facilitate more covert operations by redirecting the infrastructure savings to operations.
CONCLUSION
The development of a centralised service provider whose role is dedicated to the provision of covert operatives
to police and similar agencies is a responsible management strategy designed to facilitate the meeting of
community expectations in the areas of policing, law enforcement and national security. The development of
such an agency would alleviate the difficulties with financial constraints, legislative and jurisdictional
impediments to operational deployments, human resource management and risk management. This strategy
would also provide a central node of delivery which would demonstrate best practice through leading edge
research into the area of covert operations. The development of this agency would also meet government
objectives in relation to efficiencies and reduction of duplication. The agency would also be able to provide a
more diverse range of operatives, skill sets and covert solutions at a reduced cost.
108
REFERENCES
Aldag, R.J. & Stears, A. (1992) Managing organizational change. In Management (pp.386-410). Cincinnati:
South-Western.
Amir, M. (2003) Criminal Undercover Agents or Bad People Doing Good Things. In: Substance Use &
Misuse, Volume 38, Issue 10 January 2003 , pages 1425 1431.
Ansley, B. (1995) Stoned on duty. Hodder Headline Group: Auckland.
Arter, M.L. (2007) Supervising the Undercover Function. In Ruiz, J., Ruiz, D. & Hummer, D.C. (eds)
Handbook of Police Administration (Ch 17). CRC Press: Washington.
Australian Federal Police (2008) Guide to the sworn recruitment process.
Australasian policing directions Police Ministers Conference, 2007.
Avery, J. (1981). Police - Force or Service? Butterworths: Sydney.
Barlow, H. (1993) Introduction to criminology (6th Ed) Harper Collins College Publishers: New York.
Bayley, D.H. (1989). Community Policing in Australia: an Appraisal. In Chappell, D & Wilson, P (Eds).,
Australian policing Contemporary Issues (1
st
Edition) (pp.63-82). Sydney: Butterworths. ISBN 0 409
49489 5
Brandl, S.G. (2008) Criminal Investigation. Pearson: New Jersey.
Brown, K., Ryan, N. & Parker, R. (2000) New modes of service delivery in the public sector. In The
international journal of public sector management. Vol.13. No.3.
Burton, T.M. (1995) Undercover Officer Safety. In Proceedings of the National Executive Institutes Associates,
Major City chiefs Association and Major Counties Sheriffs Association, October, USA, 2005.
Corkill, J. & Snell, W. (2006). Intelligence migration a place in time commentary. Proceedings of the
Conference of the Australian Institute of Professional Intelligence Officers, Brisbane, 2006.
DeGraff, J. & Lawrence, K. (2002) Creativity at work. Bossey Bass: Danvers.
Dunford, R.W. (1992). Organisational behaviour: An organisational analysis perspective. (pp.297-327) Sydney:
Addison-Wesley Publishing Company. ISBN 0 201 50041 8
Edwards, C. (2005) Changing police theories. Federation: Sydney.
Gill, P. & Phythion, M. (2006) Intelligence in an insecure world. Polity: Cambridge.
Edwards, C.J.. (1999). Drugs The Cause of Street Crime, or a Health and Social Issue . Unpublished paper
given at the Australian Crime Prevention Council Biennial Conference, Melbourne, October 1999.
Edwards, C.J. (2005). Changing Police theories for 21st century Societies Sydney: Federation Press.
Evans, D.R. & MacMillan, C.S. (2003). Ethical Reasoning in Policing, Corrections and Security.
Edmond Montgomery: Toronto.
Freckelton, I. & Selby, I. (Eds). (1998) Police in Our Society. Sydney, Butterworths
Gauvin, R.. (2005). Ethics, A Practical Framework for Decision-Making. Unpublished paper given at OPC
Train the Trainer Conference, Ontario, October 2005.
Gilbert, J.N. (2007) Criminal Investigations. Pearson: New Jersey.
Gill, P. & Phythian, M. (2006). Intelligence in an insecure world. Polity: Cambridge.
109
Grieve, J. (2004) Developments in UK criminal intelligence. In Strategic thinking in criminal intelligence.
Federation Press: Annandale NSW.
Gross, H. (1934) Criminal Investigation. Sweet and Maxwell: London.
Hayes, J. (2006) The theory and practice of change management. Palgrave: New York.
Home Office United Kingdom (2001) Policing for the 21st century. A speech by the Home Secretary to the
Police Superintendents Conference 11th September, 2001.
Hoogenboom, J., Meiboom, D., Schoneveld, H. & Stoop (Eds) (1997) Policing the Future. Amsterdam: Kluwer
Hunt,D. (1995). Strategic Management in Policing including the Future Role of Police. In Etter, B & Palmer, M
(eds) Police Leadership in Australasia (pp. 40 -74). Sydney: Federation Press.
Landy, F.J. (1989). Psychology of Work Behaviour. Pacific Grove, California: Brooks-Cole.
Mawby, R.I. (1998) Policing across the world. Issues for the 21
st
century. Routelage: New York.
McCulloch, L. (2001) The street. Confessions of and undercover cop. Floradale Productions and Sly Ink:
Sydney.
Merriam-Websters (2003) Merriam-Websters Collegiate Dictionary (11
th
Ed). Merriam-Websters: U.S.A.
Michigan Department of State Police (1990-1) The ultimate role conflict: Managing the undercover officer. Part
I & II.
Nancoo, S.E. (Ed)(2004). Contemporary Issues in Canadian Policing. Canadian Educators Press: Ontario
New South Wales Police (2008) Recruitment Process. Accessed on 14/10/08.
http://www.police.nsw.gov.au/recruitment/related_information/application_process.
OConnor, T. (n.d.) Police undercover work. Lecture Notes Missouri State University.
Pogrebin, M.R. & Poole, E.D. (1993) Vice isnt nice. A look at the effects of working undercover. In Journal of
criminal justice. Vol 21 pages 383-394.
Prenzler, T. & Ransley, J. (Eds) (2002) Police Reform Building Integrity. Federation Press: Sydney.
Pritchett, P. (n.d.) The Ethics of Excellence. Pritchett Associates:Dallas, Texas.
Royal Commission into whether has been corrupt or criminal conduct by any Western Australian Police Officer.
(2004) Final Report - Royal Commission into whether has been corrupt or criminal conduct by any
Western Australian Police Officer.
Scrivener, E. (2001) Hiring in the spirit of service. Innovations in police recruitment and hiring. United States
Department of Justice.
Standards Australia (2006) Australian Standard 4360 Risk Management.
Sykes, J.B. (1983) The Concise Oxford Dictionary of Current English. University Press: Oxford.
Tillett, G. (2001) Resolving conflict. A practical approach. Oxford University Press.
Tony, T. & Morris, I (Eds) (1992). Modern Policing. Chicago: University of Chicago
Vilgoen, J. & Dann, S. (2000) Strategic management. Pearson: Sydney.
White, M.D. (2007) Current Issues and Controversies in Policing. Pearson: New Jersey.
110
Whitehead, A. (1954) Dialogues.
Wing, I. (2004) Maintaining security and justice: The intelligence versus evidence dilemma. The Journal of the
Australian Institute of Professional Intelligence Officers. 13:1 ISSN 10391525
COPYRIGHT
Wayne Snell 2008. The author/s assign Edith Cowan University a non-exclusive license to use this document
for personal use provided that the article is used in full and this copyright statement is reproduced. Such
documents may be published on the World Wide Web, CD-ROM, in printed form, and on mirror sites on the
World Wide Web. The authors also grant a non-exclusive license to ECU to publish this document in full in the
Conference Proceedings. Any other usage is prohibited without the express permission of the authors.
111
Nuclear Radiation: Properties, Characteristics and Radiological Dispersal Devices
Geoff I Swan
Security Research Centre
Edith Cowan University
Abstract
Highly radioactive sources are widespread with numerous applications in medicine and industry. There is a risk
that terrorists might succeed in acquiring radioactive material for a radiological dispersal device. In this paper,
the general properties and characteristics of nuclear radiation are summarised and the radioactive isotopes of
most concern reviewed.
Keywords
Decay Modes, Dispersal, Exposure, Radioactivity.
INTRODUCTION
Nuclear radiation has been enormously beneficial to humankind with numerous applications in medicine and
industry in Australia and around the world (ANSTO, 2008; NEI, 2007; UIC, 2008; UIC, 2006). Sources that
contain the radioactive isotopes that produce this nuclear radiation are widely distributed and subjected to
regulation for safety and security reasons. Since the attacks on the world trade center and the pentagon on the
11
th
September, 2001, there has been heightened concern about the possibility of nuclear terrorism and
safeguards to prevent it. With nuclear weapons (nuclear fission explosives) extremely difficult to produce or
acquire, some attention has been drawn towards the easier task of producing a dirty bomb where chemical
explosives are used to disperse radioactive material. This is an example of a Radiological Dispersal Device
(RDD).
This paper consists of two parts. In the first part, the science of nuclear radiation is reviewed and summarised
with the focus of giving security professionals a general understanding of the properties and characteristics of
nuclear radiation. In the second part the radioactive isotopes of most concern for an RDD are identified and
characterised. Aspects of dispersion, response to radiological incidents, and security of sources are also
discussed.
Nuclear radiation
The science of nuclear radiation at an intermediate level can be found in most general university physics
textbooks (Halliday, Resnick and Walker, 2008; Serway and Jewett, 2008). A simpler and non-mathematical
treatment can be found in Hewitt (2006). A more advanced treatment (which includes an atomic mass table with
decay modes and half lives for isotopes in appendix 8) can be found in Thornton and Rex (2006). The critical
properties and characteristics pertinent to radioactivity are summarised and presented here.
Atoms and isotopes
Matter is made up of microscopic particles called atoms, which consist of a tiny dense nucleus surrounded by
negatively charged electrons. The nucleus consists of positively charged protons and uncharged neutrons. Atoms
have the same number of protons and electrons and are therefore electrically neutral.
It is the number of protons in the nucleus, known as the atomic number (Z), which uniquely determines the type
of atom and hence the element. For example, atoms with atomic numbers of 1, 8 and 92 are known as hydrogen,
oxygen and uranium respectively. The periodic table lists all the known elements in groups according to similar
chemical properties. It should be noted that although uranium has the highest atomic number of any naturally
112
occurring substance on Earth, other elements with higher atomic numbers can be created using particle
accelerators or nuclear reactors.
Although the number of protons (and electrons) is fixed for an atom of any particular element, the number of
neutrons can vary. Typically atoms have similar numbers of protons and neutrons, but for heavier atoms the
number of neutrons is always more than the number of protons. Atoms with the same atomic number but
different numbers of neutrons are called isotopes. The number of nucleons (protons plus neutrons) is known as
the mass number (A).
Some isotopes are radioactive. In radioactive isotopes, the nucleus is unstable and emits radiation in the form of
a particle or a photon to increase stability. This is known as radioactive decay and this paper will focus on
explaining the different types of radioactive decay and the properties and characteristics of the emitted radiation
before turning attention towards the applications of these isotopes in the modern world and nuclear terrorism.
Decay modes
There are three modes of radioactive decay: alpha, beta and gamma. Each decay mode will be explained and an
example nuclear reaction given. In these examples please note that the each isotope can be represented by a
symbol that gives the element, and its mass number. For example, 76% of naturally occurring chlorine on earth
is Cl-35 (or
35
Cl). As chlorine by definition has 17 protons, this isotope must have 18 neutrons if the mass
number is 35. In all reactions given, both the mass number and net charge do not change and are said to be
conserved.
In alpha decay, an unstable nucleus emits an alpha (
4
o) particle. An alpha particle is consists of two protons plus
two neutrons and is also sometimes referred to as a He-4 (
4
He) nucleus. In the example below, radium-226 alpha
decays to radon-222
Alpha Decay: o
4 222 226
+ Rn Ra
Note that in alpha decay the daughter nucleus (radon) always has 2 less protons and 2 less neutrons than parent
nucleus (radium). The alpha particle (
4
o) is a charged particle and emitted with high kinetic energy. Alpha
particles are not very penetrating and a few sheets of paper is usually sufficient to stop them.
In beta decay, an unstable nucleus emits a beta (|) particle. A beta particle can be an electron (|
-
) or a positron
(|
+
). A positron is basically the same as an electron except it is positively charged. In the example below,
nitrogen-12 beta decays to carbon-12.
Beta Decay: v | + +
+
C N
12 12
The end symbol refers to a neutrino which interacts very weakly with matter and for our purposes can be
ignored. Note that although the daughter nucleus (carbon) has the same mass number as the parent nucleus
(nitrogen), the atomic number always changes by one. Like alpha particles, beta particles (|
-
and |
+
) are charged
and emitted with high kinetic energy. They are more penetrating than alpha particles but still only able to pass
through a few mm of Aluminium on average.
113
After alpha or beta decay, the daughter nucleus is often in an excited state (*). In gamma decay, an excited
nucleus releases this excess energy through the emission of a photon (). This is demonstrated in the example
below, where boron-12 beta decays to carbon-12 which then gamma decays.
v | + + +
C C C B
12 * 12 * 12 12
by followed (Gamma Decay)
Note that in gamma decay the mass number and atomic number of the parent nucleus does not change. Gamma
rays are high energy photons and are not charged. They are more penetrating than beta and alpha particles and
are able to penetrate a few cm of lead on average.
Half life and activity
Radioactive decay is a spontaneous process and it is not possible to know exactly when a given radioactive
isotope will decay. However, it is possible to know the probability that a given radioactive isotope will decay in
a given time and this is represented by the decay constant (). A sample with a large number of a particular
isotope, say N, decays with time (t) a predictably exponential fashion at a rate (R) according to the first equation
below.
Decay
693 . 0 2 ln
t : Life Half : Rate
2
1 0
= = = =
t
e N N R
The half life (t
) of a radioactive isotope is the time taken for half of a given number of radioactive nuclei to
decay, and is related to the decay constant () by the second equation above. After two half lives, the number of
radioactive nuclei remaining is half times half or one quarter of the original number.
The decay rate (R) is also known as the activity. The standard unit is the becquerel (Bq), but the curie (Ci),
which is based on the activity of 1 gram of radium, is a commonly used unit. Both units are defined below.
Activity: 1 becquerel = 1 decay per second , 1 curie = 3.7x10
10
Bq
The curie is a large unit and activities are often measured in millicuries and microcuries. For example, the
activity of Am-241 found in household smoke detectors is typically about one microcurie.
Absorbed dose and dose equivalent
Exposure to alpha, beta, and gamma radiation will ionise matter and cause damage to cells. Radiation can leave
a trail of altered and broken molecules, produce new chemicals and create free radicals within living tissue.
Although for small doses cells can often repair the damage, other cells die and may or may not be replaced.
Damage to DNA produces cell mutation and if this occurs in the gonads then mutations can become hereditary.
The amount of damage done to living tissue depends on the dosage received.
The absorbed dose measures the energy absorbed per kilogram of material. Although the standard unit is the
Gray (Gy), an older unit known as the rad is also in use. Both these units are defined below
Absorbed Dose: 1 Gray = 1 Joule per kilogram = 100 rad
The Roentgen is another older absorbed dose unit. Also note that energy is sometimes measured in mega
electronvolts (MeV).
114
The damage done to biological tissue depends not only on the energy absorbed, but also on the type of radiation
responsible. Each type of radiation has an RBE (Relative Biological Effectiveness) value which when multiplied
by the absorbed dose gives the dose equivalent. This is a much better measure of the damage done to
biological tissue. The RBE for alpha particles, beta particles and gamma rays are 10-20, 1.0-1.7 and 1.0
respectively. The standard unit for absorbed dose is the Sievert (Sv), and the older unit is known as the rem.
Both units are defined below.
Dose Equivalent: 1 Sievert = RBE x Absorbed Dose in Grays = 100 rem
Exposure to other ionising particles and photons, that may or may not be nuclear in origin, also contribute to the
dose received. The RBE for X-rays, thermal neutrons, fast neutrons and protons, and heavy ions are 1.0, 4-5, 10,
and 20 respectively. It should also be noted that a third unit known as effective dose is sometimes used where
the dose equivalent is weighted according to the type of tissue (ARPANSA, 2008). The sievert is a large unit
and dosages are usually expressed in millisieverts (mSv).
Radiation exposure
Radioactivity is a natural part of our environment. Indeed the thermal energy that heats the interior of the earth,
which has a different chemical composition to that of the crust, comes from the decay of radioisotopes. Human
exposure to radiation is represented in Figure 1. Natural background radiation, food and water account for 83%
of exposure. Although the medical and diagnostics exposure is mostly due to X-rays, the increasing use of
nuclear medicine is likely to increase average exposures.
Most rocks have traces of radioactive isotopes which can end up in building materials. For example, every ton
of granite contains about 20 grams of thorium and 9 grams of uranium. Radon-222, which is part of the
uranium-238 decay series, is responsible for much external radiation exposure for humans. It is a heavy gas that
can accumulate in buildings which are not well ventilated. Human bodies are themselves radioactive with
potassium-40 and carbon-14 isotopes contributing approximately 5000 and 3000 beta decays respectively
between every heartbeat (Hewitt, 2006).
Figure 1. Origins of radiation exposure for an average individual in the United States (Hewitt, 2006)
115
In Australia, the average dose equivalent is about 2 millisieverts (mSv) per year from natural background
radiation (ARPANSA, 2008). Exposure in medical procedures and some occupations may be significantly
greater than this and it has been recommended that individuals should not receive a dose equivalent of more
than about 5 mSv in any one year. The effects of humans as the dosage increases depends on a range of factors
so, with qualifications, some generalisations are made here for dosages received over a short period of time. For
low doses (0 to 100 mSv), it is generally assumed that the probability of radiation induced cancer during ones
lifetime increases linearly with a risk of 1 in 10,000 per mSv. Very high doses (1 to 10 Sv) result in acute health
effects with death likely within weeks from extreme doses (above 10 Sv).
Radioactive isotopes are artificially produced in nuclear reactors, cyclotrons and accelerators for use in
medicine, industry and research. Australian facilities at Lucas Heights (near Sydney) are operated by the
Australian Nuclear Science and Technology Organisation (ANSTO) and detailed information on these facilities,
the radioactive isotopes produced, and their uses in medicine, industry and research in an Australian context can
be found through the ANSTO website (ANSTO, 2008).
Radioactive isotopes are used in all sorts of beneficial ways. In table 1, Peterson, et al. (2007) present some
examples of commonly used radioactive isotopes (radionuclides) in medicine, industry, and scientific research.
Table 1. Examples of commonly used radioactive isotopes from Peterson, et al. (2007).
118
Responses to an RDD attack have also been investigated and Peterson, et al. (2007) suggested that a response
would involve three phases. The first phase would be immediate treatment of victims and evacuation of areas
base on radiation levels. To reduce exposure from radioactive airborne dust individuals would need to move at
least several blocks away, and if facilities were available, remove (and bag) clothes and have a shower (NRC,
2003). Some radioisotopes can be purged from the body with appropriate medication. Evaluation of the extent
of the contamination and steps to limit further contamination or human exposure would constitute the second
phase. This could be difficult to accomplish given the desire to treat and evacuate victims from the areas
quickly. The final stage would involve cleaning up the contaminated area. It is worth noting that there is no
existing Australian guidance on criteria for the implementation of clean-up or remediation of an area affected by
radiological or nuclear emergencies, although there is developing international guidance (Radiation Health
Committee, 2007). The need for the remediation would depend on the likely dose for a person in the area. As
some guidance, it has been recommended that above 100 mSv per year would almost always justify remediation
whereas less than 1 mSv would rarely be necessary.
CONCLUSION
In this paper, the science of nuclear radiation and its uses in the modern world have been summarised. The
nature of radioactive isotopes that are considered high risk for a radiological dispersal device (RDD) have been
identified and discussed. An RDD attack could be a Weapon of Mass Disruption with few or no deaths from
radiation exposure and little clean-up required. However a different scenario could be well organised terrorists
with knowledge and resources able to create an RDD with high dispersion of highly radioactive material to large
numbers of people. In either case we need to be prepared, and there is scope and need for further research in this
field.
REFERENCES
ANSTO (2008). Australian Nuclear Science and Technology Organisation (ANSTO). Retrieved August, 2008
from: www.ansto.gov.au
ARPANSA (2008). Units for Measuring Radiation. Retrieved August, 2008 from:
http://www.arpansa.gov.au/radiationprotection/basics/units.cfm
DOE/NRC Interagency Working Group on Radiological Dispersal Devices. (2003). Radiological Dispersal
Devices: An initial study to identify radioactive materials of greatest concern and approaches to their
tracking, tagging and disposition. Report to the Nuclear Regulatory Commission and the Secretary of
Energy. Retrieved April, 2007 from: http://www.energy.gov/media/RDDRPTF14MAYa.pdf
Halliday, D., Resnick, R., & Walker, J. (2008). Fundamentals of physics extended (8th ed.). New York: John
Wiley & Sons.
Hewitt, P.G. (2006). Conceptual Physics. (10th ed.). San Francisco: Pearson Addison Wesley.
IAEA (2007). Promoting Nuclear Security: What the IAEA is doing. Retrieved August, 2008 from
http://www.iaea.org/Publications/Factsheets/English/nuclsecurity.pdf
National Threat Initiative. (n.d.). Radiological Terrorism Tutorial. Retrieved August, 2008 from:
http://www.nti.org/h_learnmore/radtutorial/
NEI (2007). Beneficial uses and production of radioisotopes. Nuclear Energy Institute. Retrieved August, 2008
from:
http://www.nei.org/filefolder/beneficial_uses_of_radiation_01-07.pdf
119
NRC (2003). Dirty bombs fact sheet. United States Nuclear Regulatory Commission. Retrieved August, 2008
from: http://www.nrc.gov/reading-rm/doc-collections/fact-sheets/dirty-bombs.pdf
Peterson, J., MacDonell, M., Haroun, L., Monnete, F., Hilderbrand, R. D., & Taboas, A. (2007). Radiological
and Chemical Fact Sheets to Support Health Risk Analyses for Contaminated Areas. Argonne National
Laboratory Environmental Science Division and U.S. Department of Energy. Retrieved August, 2008
from: http://www.ead.anl.gov/pub/doc/ANL_ContaminantFactSheets_All_070418.pdf
Note: The fact sheets within this document that are relevant to this paper are all dated 2005 apart from a
fact sheet on Strontium which is dated 2006.
Radiation Health Committee. (2007). Statement of Clean-up Criteria following a Radiological Incident.
Retrieved August, 2008 from: http://www.arpansa.gov.au/pubs/rhc/cleanup_stat.pdf
Serway, R.A., & Jewett, J.W. (2008). Physics for scientists and engineers with modern physics (7th ed.).
Belmont USA: Brooks/Cole-Thomson Learning.
Swan, G.I. (2008). Nuclear security case study: earthquake in Sichuan Province, China. Australian Security
Magazine, September/October 2008, Sydney: Yaffa Publishing Group.
Thornton, S.T., & Rex, A. (2006). Modern physics for scientists and engineers. (3rd ed.). Belmont USA:
Brooks/Cole-Thompson Learning.
UIC (2008). Radioisotopes in Medicine. Uranium Information Centre (UIC). Retrieved August, 2008 from:
http://www.uic.com.au/nip26.htm
UIC (2006). Radioisotopes in Industry. Uranium Information Centre (UIC). Retrieved August, 2008 from:
http://www.uic.com.au/nip27.htm
Zimmerman, P. D. & Loeb, C. (2004). Dirty Bombs: The Threat Revisited. Center for Technology and National
Security Policy, National Defense University. Retrieved August, 2008 from:
http://www.ndu.edu/CTNSP/defense_horizons/DH38.pdf
COPYRIGHT
Geoff Swan 2008. The author/s assign Edith Cowan University a non-exclusive license to use this document
for personal use provided that the article is used in full and this copyright statement is reproduced. Such
documents may be published on the World Wide Web, CD-ROM, in printed form, and on mirror sites on the
World Wide Web. The authors also grant a non-exclusive license to ECU to publish this document in full in the
Conference Proceedings. Any other usage is prohibited without the express permission of the authors.