Representing Uncertainty in Physical Security Risk Assessment

The importance of (physical) security is increasingly acknowledged by society and the scientific community. In light of increasing terrorist threat levels, numerous security assessments of critical infrastructures are conducted in practice and researchers propose new approaches continuously. While practical security risk assessments (SRA) use mostly qualitative methods, most of the lately proposed approaches are based on quantitative metrics. Due to little evidence of actual attacks, both qualitative and quantitative approaches suffer from the fundamental problem of inherent uncertainties regarding threats and capabilities of security measures as a result from vague data or the usage of expert knowledge. In quantitative analysis, such uncertainties may be represented by, e.g., probability distributions to reflect the knowledge on security measure performance available. This paper focuses on the impact of these uncertainties in security assessment and their consideration in system design. We show this influence by comparing the results of a scalar evaluation that does not take into account uncertainties and another evaluation based on distributed input values. In addition, we show that the influence is concentrated on certain barriers of the security system. Specifically, we discuss the robustness of the system by conducting quantitative vulnerability assessment as part of the SRA process of an airport structure example. Based on these results, we propose the concept of a security margin. This concept accounts for the uncertain knowledge of the input parameters in the design of the security system and minimizes the influence of these uncertainties on the actual system performance. We show how this approach can be used for vulnerability assessment by applying it to the initially assessed configuration of the airport structure. The results of this case study support our assumptions that the security margin can help in targeted uncertainty consideration leading to reduced system vulnerability.

The Structure and Delivery of Police Use of Force Training: A German Case Study

The current study aims to investigate the current structure and delivery of police recruit training. Using a case study approach, we systematically observed a semester of police training that consisted of 30 h with a specific focus on police use of force training. Field notes and time-on-task data was analysed using an inductive approach. The results revealed, first, a lack of constructive alignment of the training modules and learning tasks within the training settings. Second, an adherence to traditional linear approaches to training resulting in high amounts of augmented instruction and feedback and a one-size-fits all approach to technical and tactical behaviour. Third, a non-efficient use of available training time with low amounts of engagement in representatively designed tasks that stimulated problem-solving processes. Based on these results we suggest that there is a need: (a) for police trainers and curriculum designers to align the objectives, practice structure and delivery of police training with the needs of police officers in the field (e.g. conflict resolution); (b) for police trainers to employ more learner-centred pedagogical approaches that account for individual action capabilities and resources, and allow for high amounts of training time with representatively designed training tasks; and (c) for senior managers of overall police training decision-makers to provide the necessary trainer education, in order to furnish trainers with the knowledge and tools to appropriately plan, deliver and reflect upon their practice in keeping with concept of constructive alignment.

Open Chance and Risk Management Process Supported by a Software Tool for Improving Urban Security

By now the 5-step risk and chance management process according to the generic ISO 31000 standard has been applied to a wide range of domains including organizational risk management, business continuity, safety and IT security management, as well as occupational safety. The paper motivates the context and need for an open, scalable and flexible urban (perceived) security and safety assessment and improvement process, showing that it should be applicable also at local community level. The basic ideas of the process include the division of risk and chance analysis and management (treatment) into defined phases which are addressed iteratively: (1) within a framing context, stakeholders and their objectives are identified; (2) chance events for reaching objectives or, as often more straightforward, risk events opposing objectives are identified; (3) these chances and risks on objectives are quantified in terms of probability and consequences on the identified objectives; (4) they are assessed regarding their context-sensitive societal acceptability; (5) improvement measures are selected and implemented. The process is iterated until all risks on objectives are sufficiently controlled, also the combination of risks. Concerning the methodology, a semi-formal modelling of the static and dynamic requirements of a tailored process based on ISO 31000 is provided, which in addition allows the formulation of minimum consistency and completeness requirements, e.g. for each objective at least one stakeholder and risk should be identified. For the urban domain, a classification of risk assessment techniques regarding their suitability for supporting the process is presented. A further focus is the efficient provision of best practice options for urban security enhancement. Based on the insights gained by the systematic modelling of the risk management process, a software tool was developed to facilitate the application of the process in participatory settings like round table discussions with stakeholders. The paper presents as use case the application of the tool-supported methodology in several discussion rounds within a residential district in a medium sized university town in Germany along with the discussion of the evaluations and findings. Thus, the applicability of the software-supported urban security risk management to the novel urban security domain is demonstrated. In summary, the approach is sufficiently transparent and flexible for fast summaries of round table discussions up to complex iterative decision and participatory scenarios, which have to consider multiple stakeholders and a large variety of possible urban security and safety enhancement options with a given urban context.

Domestic Support for Foreign Fighting: Attitudes Towards the Use of Violence Abroad

This study explores the phenomenon of foreign fighting through survey data gathered amongst Norwegian youths in 2015. Looking at two overarching explanatory models the article tests how grievances, criminality and more sectarian and religious factors affect more radical attitudes towards foreign fighting in Syria. Through this the article tests some central individual level factors to see how they impact support for foreign fighting in Syria, while also running alternative methodological approaches to test both the robustness of the initial findings and do some exploratory testing of non-responsive respondents in the multinomial models. The findings find support for factors such as past criminal behaviour and perceived deprivation in the form of self-reported socio-economic position, both of which are significant across the main models and in most of the alternative models. More abstract grievance measures, such as alienation and disillusionment more generally, provide more mixed findings. Hypotheses about a connection between religious identities and religiosity also finds support, with some indications that the sectarian nature of the Syrian civil war has a significant impact on attitudes amongst religious groups across the board. There is also a clearer sectarian dimension when studying those with higher levels of support for foreign fighting in Syria.

Russia’s Critical Infrastructure Policy: What do we Know About it?

The article is an analytical state-of-the-art review of the Russian Federation’s critical infrastructure policy, starting from the 1990s but zooming in on the current situation. The article discusses what does critical infrastructure mean in the Russian context. It explores the country’s threat scenarios in this field, and asks what part is played by cyber security threats in this context. Further, the article elaborates the issue whether Russia’s policy is focused on critical infrastructure protection, or has the country adopted the more recent concept of resilience that puts emphasis on adaptive measures and recovery. Finally, it is considered who are the actors in Russian critical infrastructure policy and, in particular, how does Russia deal with the fact that the respective infrastructure operators even in Russia usually are not directly state-owned entities, but private companies.

Regression, Progression and Renewal: The Continuous Redevelopment of Expertise in Police Use of Force Coaching

Professionalism in law enforcement requires the identification and development of expertise of police use of force (PUOF) coaches. Effective PUOF training includes the transfer from the training into the real-world environment of policing. This difference between working in the field and working as a PUOF coach has not been thoroughly investigated. However, research in other professional domains has shown that practical competence in the subject matter itself does not make a coach effective or successful. With this article, we conceptualize expert practice in PUOF instruction on the basis of a conflict management training setting in the security domain. First, by discussing a model of “territories of expertise”, we point out the dynamic and contextual character of expertise within the PUOF domain. Second, by conceptualizing expertise as a process and effect of communication, we provide a framework that describes and examines the interdependency between performance-based and reputation-based expertise. These considerations present two practical challenges, which we recommend professional law enforcement institutions to engage. We close by providing practical orientations and pointers for addressing these issues.