The coordinated hijackings and deliberate crashes of airplanes into the World Trade Center in New York and the Pentagon in Washington, DC, on September 11, 2001, dramatically heightened both the perception and the reality of the threat terrorism poses to public transportation systems. Governments of countries that perceive an elevated level of threat are investing considerable resources to implement comprehensive programs to enhance security in all key modes of transportation, including aviation, maritime traffic, highways, and mass transit.
A systems-based approach to managing such risks involves the assessment of threats, vulnerabilities, and consequences. Assessments are conducted to identify and evaluate potential threats, recognize weaknesses that may be exploited by identified threats, suggest countermeasures to address those weaknesses, and determine which structures or processes are relatively more important to protect from attack. The characterization of security risk is completed through qualitative or quantitative analysis of the consequences associated with the partial or total loss of critical transportation assets because of intentional harmful attacks. Formal methodologies for assessing and managing risks to transportation security provide a conceptual structure and practical tools for allocating resources in cost-effective ways to improve public safety.
Transportation infrastructures (see Managing Infrastructure Reliability, Safety, and Security) make attractive targets of intentional harmful attacks because of their visibility, accessibility, and capacity to carry large numbers of commuters in a relatively confined space. Historical data on terrorist incidents worldwide show that approximately 60% of attacks have targeted the transportation sector (1). Terrorism can be generally defined as “premeditated, politically motivated violence or deliberate threats of violence against noncombatant targets by subnational groups or clandestine agents, usually intended to influence an audience” (2).
The coordinated hijackings and deliberate crashes of airplanes into the World Trade Center in New York and the Pentagon in Washington, DC, on September 11, 2001, dramatically heightened both the perception and the reality of the threat terrorism poses to public transportation systems. This event, unprecedented in the annals of terrorism, focused national attention on aviation security in the United States (see Near‐Miss Management: A Participative Approach to Improving System Reliability). However, maritime and surface transportation systems also continue to be vulnerable to attacks by terrorists who seek to attract publicity, inflict high numbers of civilian casualties, and cause political and economic disruption. The London subway bombings on July 7, 2005, provided more recent and prominent evidence of this continuing vulnerability.
1 Methodologies for Assessing and Managing Transportation Security Risks
The US government responded to the September 11, 2001, attacks by elevating terrorism to the top of the country’s national security and law enforcement agendas. Existing and newly created federal agencies now face the daunting challenge of determining how to allocate finite resources to manage risks while addressing threats and enhancing security across all key transportation modes: aviation, maritime, rail, pipelines, highways, trucking, and busing, and public mass transit.
The Transportation Security Administration, created in November 2001 as part of the Aviation and Transportation Security Act, has pledged to follow a systems-based risk-management approach that incorporates the three key elements of all risk assessment methodologies: threat, vulnerability (including criticality), and consequence (see Figure 1).
Details are in the caption following the image
Open in figure viewer
A threat assessment (see Use of Decision Support Techniques for Information System Risk Management; Simulation in Risk Management; Reliability of Consumer Goods with “Fast Turn Around”) identifies and evaluates potential threats on the basis of factors such as capabilities, intentions, and past activities. A vulnerability assessment recognizes weaknesses that may be exploited by identified threats and suggests countermeasures to address those weaknesses. A criticality assessment evaluates and ranks assets and functions in terms of specific criteria, such as their importance to public safety and the economy, as a basis for determining which structures or processes are relatively more important to protect from attack (3). The characterization of risk is completed through analysis of the consequences associated with the partial or total loss of critical assets because of intentional harmful attacks.
1.1 Threat Assessment
Terrorism presents an “asymmetric” threat in which terrorists employ surprise and relatively low-cost weaponry to inflict or threaten catastrophic damage on large populations and property, causing fear, panic, and disruption. Assessing such threats is more difficult and often derives from assumptions about the capability and intent of terrorist organizations. These assumptions may include the value the threat places on certain assets for political or morale purposes, the threat’s ability to gain access to critical assets, and the disruptive or destructive capability of the weapons the threat may employ (including threatening statements, hoaxes, and real weapons of mass destruction) (4).
In March 2002, the US government established the Homeland Security Advisory System to provide a national framework for communicating the nature and degree of terrorist threats between government officials and citizens. The system uses color codes to convey whether there is a severe (red), high (orange), elevated (yellow), guarded (blue), or low (green) risk of terrorist attacks. In assessing a threat, system managers consider a variety of questions:
Is the threat credible?
Is the threat corroborated?
Is the threat specific or imminent?
How grave is the threat?
With regard to specific transportation assets, public agencies responsible for assessing and managing security risks may apply related criteria to make an informed judgment (4):
Existence—Is there a group or an individual that is known to or potentially could be operating within the jurisdiction with the capability to create or use a particular weapon or tactic?
History—Has the jurisdiction experienced any past terrorist activity?
Intent—Are there credible advocacies or threats of force or violence, or acts, or preparations to act, evidencing the intent to create or use a weapon or tactic?
Capability—Is there credible information that a specific group or individual possesses the needed training, skills, finances, and access to resources to develop or acquire a particular weapon or tactic?
Target—Is there credible information indicative of preparations for specific terrorist operations against a critical asset?
1.2 Vulnerability Assessment
A vulnerability assessment involves two key steps: (a) the identification of critical transportation assets and (b) evaluation of the vulnerability of critical assets to one or more presumed threats. Identification of critical assets typically begins by organizing a team of experienced staff most familiar with the transportation assets under assessment. For highway assets, for example, such a team might include operations and maintenance staff, design and construction engineers, traffic engineers, and field personnel. Transportation assets can be organized into four major categories: infrastructure, facilities, equipment, and personnel. By considering the mission of the transportation system and of the responsible government agency, the study team can develop a list of key assets that enable achievement of the mission. An assessment of highway transportation assets might yield a list similar to Table 1.
Table 1. Examples of Critical Highway Transportation Assetsa
Traffic operations centers
Ports of entry
Roads on dams
Chemical storage areas
a Reproduced from (4) with permission from Science Applications International Corporation. © 2002
Judgment of the relative importance of assets proceeds on the basis of critical factors such as casualty risk, potential effects on government continuity and emergency response, the military importance of the asset, economic impact, and the availability of alternative resources to perform an asset’s primary function.
At least three factors influence the vulnerability of a particular transportation asset: (a) visibility and attendance, (b) access, and (c) site-specific hazards. Vulnerability increases with greater awareness of the existence of an asset and the number of people typically present, as well as with greater availability of an asset to ingress and egress by a potential threat element. Vulnerability is further increased by the presence of materials on site that have biological, nuclear, incendiary, chemical, or explosive properties in quantities that would expend initial response capabilities if compromised (4).
Numerical scales have been developed to assess both the criticality and vulnerability of transportation assets, but simpler ordinal scales are also used. For example, the Federal Transit Administration grades the accessibility of assets on a five-letter scale as depicted in Table 2.
Table 2. Attack Vulnerability Levels Based on Accessibility to Threat Elementa