A Cost-Benefit Analysis of Alternative Device Configurations for Aviation-Checked Baggage Security Screening

The terrorist attacks of September 11, 2001 have resulted in dramatic changes in aviation security. As of early 2003, an estimated 1,100 explosive detection systems (EDS) and 6,000 explosive trace detection machines (ETD) have been deployed to ensure 100% checked baggage screening at all commercial airports throughout the United States. The prohibitive costs associated with deploying and operating such devices is a serious issue for the Transportation Security Administration. This article evaluates the cost effectiveness of the explosive detection technologies currently deployed to screen checked baggage as well as new technologies that could be used in the future. Both single-device and two-device systems are considered. In particular, the expected annual direct cost of using these devices for 100% checked baggage screening under various scenarios is obtained and the tradeoffs between using single- and two-device strategies are studied. The expected number of successful threats under the different checked baggage screening scenarios with 100% checked baggage screening is also obtained. Lastly, a risk-based screening strategy proposed in the literature is analyzed. The results reported suggest that for the existing security setup, with current device costs and probability parameters, single-device systems are less costly and have fewer expected number of successful threats than two-device systems due to the way the second device affects the alarm or clear decision. The risk-based approach is found to have the potential to significantly improve security. The cost model introduced provides an effective tool for the execution of cost-benefit analyses of alternative device configurations for aviation-checked baggage security screening.     

Addressing the Dependency Problem in Access Security System Architecture Design

The objective of this research is to present a method for evaluating the performance of access control security systems, such as airport security operations. This requires the examination of security system architectures, which involve security technology devices and the algorithms that coordinate their operations. Dependence between device responses in multiple-device systems is a critical practical issue in assessing the performance of such architectures, though no results on this problem have appeared in the literature. This paper presents a method for evaluating when multipledevice security systems with overlapping capabilities are cost-effective. This is achieved using a dependency structure for security system devices to quantify how various technologies interact and to measure the impact of device dependence on system error probabilities. A measure of device response dependence for a two-device system is defined and its properties are explored, including bounds on the dependency measure. The effect of dependence on the system Type I and Type II error probabilities is examined for the two-device system. System performance is compared for independent vs. dependent device responses and desirable dependence relationships are identified. Results are also presented for a cascading sequence of devices. An example is presented to illustrate the results for the two-device system. Implications of these results are discussed, such as how they can be used to identify the optimal use of security devices and to determine whether new technologies warrant investment.     

Analyzing the Cost of Screening Selectee and Non-Selectee Baggage

Determining how to effectively operate security devices is as important to overall system performance as developing more sensitive security devices. In light of recent federal mandates for 100% screening of all checked baggage, this research studies the trade-offs between screening only selectee checked baggage and screening both selectee and non-selectee checked baggage for a single baggage screening security device deployed at an airport. This trade-off is represented using a cost model that incorporates the cost of the baggage screening security device, the volume of checked baggage processed through the device, and the outcomes that occur when the device is used. The cost model captures the cost of deploying, maintaining, and operating a single baggage screening security device over a one-year period. The study concludes that as excess baggage screening capacity is used to screen non-selectee checked bags, the expected annual cost increases, the expected annual cost per checked bag screened decreases, and the expected annual cost per expected number of threats detected in the checked bags screened increases. These results indicate that the marginal increase in security per dollar spent is significantly lower when non-selectee checked bags are screened than when only selectee checked bags are screened.     

An Exploratory Risk Perception Study of Attitudes Toward Homeland Security Systems

Understanding the issues surrounding public acceptance of homeland security systems is important for balancing security needs and potential civil liberties infringements. A psychometric survey was used in an exploratory study of attitudes regarding homeland security systems. Psychometric rating data were obtained from 182 respondents on psychological attributes associated with 12 distinct types of homeland security systems. An inverse relationship was observed for the overall rating attributes of acceptability and risk of civil liberties infringement. Principal components analysis (PCA) yielded a two-factor solution with the rating scale loading pattern suggesting factors of perceived effectiveness and perceived intrusiveness. These factors also showed an inverse relationship. The 12 different homeland security systems showed significantly different scores on the rating scales and PCA factors. Of the 12 systems studied, airport screening, canine detectors, and radiation monitoring at borders were found to be the most acceptable, while email monitoring, data mining, and global positioning satellite (GPS) tracking were found to be least acceptable. Students rated several systems as more effective than professionals, but the overall pattern of results for both types of subjects was similar. The data suggest that risk perception research and the psychometric paradigm are useful approaches for quantifying attitudes regarding homeland security systems and policies and can be used to anticipate potentially significant public acceptance issues.     

Evaluating the Perceived Efficacy of Randomized Security Measures at Airports

Both the increase in traveler numbers and the heightened threat posed by terrorism in recent years represent significant challenges to airport security measures. To ensure that a high level of security is maintained, randomized security checks have been proposed as a promising alternative to traditional security approaches. The use of randomized checks means that only a specific number of people are selected for security screening. However, the likely effects of such a change in security procedures on travelers’ security perceptions and on the deterrence of criminal activities remain unclear. Thus, the present study examines how varying the percentage of people screened during security checks influences people's security perceptions. In two online experiments, the participants were asked to imagine that they sought to smuggle an explosive dummy past an airport security check. The only information provided was the number of people screened during security checks, which was manipulated between-subjects in the first experiment and within-subjects in the second experiment. The participants then had to rate their security perception (i.e., the perceived likelihood of successfully smuggling the explosive dummy). The findings show that people perceive traditional security checks to be safer than randomized checks, irrespective of whether 90% or 30% of people are screened. Hence, if randomized security checks would indeed be implemented, it would automatically lead to a decreased perception of security. Furthermore, this decreased security perception might lead to an actual reduction in security, as the deterrence of criminal activities could also be reduced.     

Agency Problems and Airport Security: Quantitative and Qualitative Evidence on the Impact of Security Training

We analyze the issue of agency costs in aviation security by combining results from a quantitative economic model with a qualitative study based on semi‐structured interviews. Our model extends previous principal‐agent models by combining the traditional fixed and varying monetary responses to physical and cognitive effort with nonmonetary welfare and potentially transferable value of employees' own human capital. To provide empirical evidence for the tradeoffs identified in the quantitative model, we have undertaken an extensive interview process with regulators, airport managers, security personnel, and those tasked with training security personnel from an airport operating in a relatively high‐risk state, Turkey. Our results indicate that the effectiveness of additional training depends on the mix of “transferable skills” and “emotional” buy‐in of the security agents. Principals need to identify on which side of a critical tipping point their agents are to ensure that additional training, with attached expectations of the burden of work, aligns the incentives of employees with the principals' own objectives.     

The Impact of Joint Responses of Devices in an Airport Security System

In this article, we consider a model for an airport security system in which the declaration of a threat is based on the joint responses of inspection devices. This is in contrast to the typical system in which each check station independently declares a passenger as having a threat or not having a threat. In our framework the declaration of threat/no-threat is based upon the passenger scores at the check stations he/she goes through. To do this we use concepts from classification theory in the field of multivariate statistics analysis and focus on the main objective of minimizing the expected cost of misclassification. The corresponding correct classification and misclassification probabilities can be obtained by using a simulation-based method. After computing the overall false alarm and false clear probabilities, we compare our joint response system with two other independently operated systems. A model that groups passengers in a manner that minimizes the false alarm probability while maintaining the false clear probability within specifications set by a security authority is considered. We also analyze the staffing needs at each check station for such an inspection scheme. An illustrative example is provided along with sensitivity analysis on key model parameters. A discussion is provided on some implementation issues, on the various assumptions made in the analysis, and on potential drawbacks of the approach.     

AbSRiM: An Agent‐Based Security Risk Management Approach for Airport Operations

Security risk management is essential for ensuring effective airport operations. This article introduces AbSRiM, a novel agent‐based modeling and simulation approach to perform security risk management for airport operations that uses formal sociotechnical models that include temporal and spatial aspects. The approach contains four main steps: scope selection, agent‐based model definition, risk assessment, and risk mitigation. The approach is based on traditional security risk management methodologies, but uses agent‐based modeling and Monte Carlo simulation at its core. Agent‐based modeling is used to model threat scenarios, and Monte Carlo simulations are then performed with this model to estimate security risks. The use of the AbSRiM approach is demonstrated with an illustrative case study. This case study includes a threat scenario in which an adversary attacks an airport terminal with an improvised explosive device. The approach provides a promising way to include important elements, such as human aspects and spatiotemporal aspects, in the assessment of risk. More research is still needed to better identify the strengths and weaknesses of the AbSRiM approach in different case studies, but results demonstrate the feasibility of the approach and its potential.     

机场安检人员上班模式问题研究

结合机场安检工作的实际背景对安检人员上班模式的问题进行了研究,建立了安检人员日排班优化模型和年度配置优化模型,用以确定合适的上班模式.用某机场的实际数据进行了案例分析,为该机场安检工作确定了新的上班模式(1天2班制),并与原有上班模式进行对比,证明方法是有效的.     

Identifying Changing Aviation Threat Environments Within an Adaptive Homeland Security Advisory System

A critical component of aviation security consists of screening passengers and baggage to protect airports and aircraft from terrorist threats. Advancements in screening device technology have increased the ability to detect these threats; however, specifying the operational configurations of these devices in response to changes in the threat environment can become difficult. This article proposes to use Fisher information as a statistical measure for detecting changes in the threat environment. The perceived risk of passengers, according to prescreening information and behavior analysis, is analyzed as the passengers sequentially enter the security checkpoint. The alarm responses from the devices used to detect threats are also analyzed to monitor significant changes in the frequency of threat items uncovered. The key results are that this information‐based measure can be used within the Homeland Security Advisory System to indicate changes in threat conditions in real time, and provide the flexibility of security screening detection devices to responsively and automatically adapt operational configurations to these changing threat conditions.     

Valuing Equal Protection in Aviation Security Screening

The growing number of anti‐terrorism policies has elevated public concerns about discrimination. Within the context of airport security screening, the current study examines how American travelers value the principle of equal protection by quantifying the “equity premium” that they are willing to sacrifice to avoid screening procedures that result in differential treatments. In addition, we applied the notion of procedural justice to explore the effect of alternative selective screening procedures on the value of equal protection. Two‐hundred and twenty‐two respondents were randomly assigned to one of three selective screening procedures: (1) randomly, (2) using behavioral indicators, or (3) based on demographic characteristics. They were asked to choose between airlines using either an equal or a discriminatory screening procedure. While the former requires all passengers to be screened in the same manner, the latter mandates all passengers undergo a quick primary screening and, in addition, some passengers are selected for a secondary screening based on a predetermined selection criterion. Equity premiums were quantified in terms of monetary cost, wait time, convenience, and safety compromise. Results show that equity premiums varied greatly across respondents, with many indicating little willingness to sacrifice to avoid inequitable screening, and a smaller minority willing to sacrifice anything to avoid the discriminatory screening. The selective screening manipulation was effective in that equity premiums were greater under selection by demographic characteristics compared to the other two procedures.     

The Employment–Hours Trade‐off: Theory and an Application to the Portuguese Case

Abstract. Using traditional production theory, it is possible to estimate production functions in which hours per worker and number of workers hired are treated as endogenous and chosen by the firm, priced respectively by the variable hourly wage and the so‐called quasi‐fixed unit cost. The available data suggested the use of Cobb–Douglas or CES specifications or the use of two‐stage separable technologies, with a second‐level Cobb–Douglas being possible. Quasi‐fixed costs were associated with legal social security payments, which were also conditioned by the data. The estimates for the Portuguese metal products and engineering industries — using cross‐section evidence for 1987 — showed that disaggregation of the labor input is empirically justifiable, and total man‐hours employed and the numbers of workers hired are complements in production. Hours per worker respond negatively to the variable hourly wage and positively to the quasi‐fixed unit cost. Nevertheless, in our framework, this would be so by construction. Total labor costs increase with both the hourly wage and the quasi‐fixed unit costs.     

The Role of Behavioral Responses in the Total Economic Consequences of Terrorist Attacks on U.S. Air Travel Targets

U.S. airports and airliners are prime terrorist targets. Not only do the facilities and equipment represent high‐value assets, but the fear and dread that is spread by such attacks can have tremendous effects on the U.S. economy. This article presents the methodology, data, and estimates of the macroeconomic impacts stemming from behavioral responses to a simulated terrorist attack on a U.S. airport and on a domestic airliner. The analysis is based on risk‐perception surveys of these two scenarios. The responses relate to reduced demand for airline travel, shifts to other modes, spending on nontravel items, and savings of potential travel expenditures by U.S. resident passengers considering flying domestic routes. We translate these responses to individual spending categories and feed these direct impact results into a computable general equilibrium (CGE) model of the U.S. economy to ascertain the indirect and total impacts on both the airline industry and the economy as a whole. Overall, the estimated impacts on GDP of both types of attacks exceed $10B. We find that the behavioral economic impacts are almost an order of magnitude higher than the ordinary business interruption impacts for the airliner attack and nearly two orders of magnitude higher for the airport attack. The results are robust to sensitivity tests on the travel behavior of U.S. residents in response to terrorism.     

Modeling Precheck Parallel Screening Process in the Face of Strategic Applicants with Incomplete Information and Screening Errors

In security check systems, tighter screening processes increase the security level, but also cause more congestion, which could cause longer wait times. Having to deal with more congestion in lines could also cause issues for the screeners. The Transportation Security Administration (TSA) Precheck Program was introduced to create fast lanes in airports with the goal of expediting passengers who the TSA does not deem to be threats. In this lane, the TSA allows passengers to enjoy fewer restrictions in order to speed up the screening time. Motivated by the TSA Precheck Program, we study parallel queueing imperfect screening systems, where the potential normal and adversary participants/applicants decide whether to apply to the Precheck Program or not. The approved participants would be assigned to a faster screening channel based on a screening policy determined by an approver, who balances the concerns of safety of the passengers and congestion of the lines. There exist three types of optimal normal applicant's application strategy, which depend on whether the marginal payoff is negative or positive, or whether the marginal benefit equals the marginal cost. An adversary applicant would not apply when the screening policy is sufficiently large or the number of utilized benefits is sufficiently small. The basic model is extended by considering (1) applicants' parameters to follow different distributions and (2) applicants to have risk levels, where the approver determines the threshold value needed to qualify for Precheck. This article integrates game theory and queueing theory to study the optimal screening policy and provides some insights to imperfect parallel queueing screening systems.     

A Decision Framework for Managing Risk to Airports from Terrorist Attack

This article presents an asset‐level security risk management framework to assist stakeholders of critical assets with allocating limited budgets for enhancing their safety and security against terrorist attack. The proposed framework models the security system of an asset, considers various threat scenarios, and models the sequential decision framework of attackers during the attack. Its novel contributions are the introduction of the notion of partial neutralization of attackers by defenders, estimation of total loss from successful, partially successful, and unsuccessful actions of attackers at various stages of an attack, and inclusion of the effects of these losses on the choices made by terrorists at various stages of the attack. The application of the proposed method is demonstrated in an example dealing with security risk management of a U.S. commercial airport, in which a set of plausible threat scenarios and risk mitigation options are considered. It is found that a combination of providing blast‐resistant cargo containers and a video surveillance system on the airport perimeter fence is the best option based on minimum expected life‐cycle cost considering a 10‐year service period.     

Enterprise risk management for automation in correctional facilities with pandemic and other stressors

Real-time tracking of tool and equipment inventories is a critical function of many organizations and sectors. For prisons and correctional facilities, tracking and monitoring of assets such as cookware, hardware, keys, janitorial equipment, vocational/technical specialty tools, etc., is essential for safety, security, trust, efficiency, education, etc. The performance of automated systems for this purpose can be diminished by a variety of emergent and future sociotechnical factors alone and in combination. This article introduces a methodology for contractor evaluation and selection in acquisition of innovative asset management systems, with an emphasis on evolving system requirements under uncertainty. The methodology features a scenario-based preferences analysis of emergent and future conditions that are disruptive to the performance of the asset-control system. The conditions are across technologies, operating environments, regulations, workforce behaviors, offender behaviors, prices and markets, organizations, cyber threats, etc. The methodology addresses the influence and interaction of the conditions to disrupt system priorities. Examples include: (i) infectious disease disrupting priorities among requirements and (ii)  radio-frequency identification (RFID) and wireless-technology innovations disrupting priorities among stakeholders. The combinations of conditions that most and least matter for the system acquisition are characterized. The methodology constitutes a risk register for monitoring sources of risk to project performance, schedule, and cost throughout the system lifecycle. The results will be of interest to both practitioners and scholars engaged in systems acquisition as the pandemic interacts with other factors to affect risk, uncertainty, and resilience of organizational missions and operations.     

Lot sizing in case of defective items with investments to increase the speed of quality control

In many cases the quality of each item in a lot is checked. Speeding up the quality checking process increases the responsiveness of the system and saves cost. The percentage of defective items is a random variable and two models are proposed. In one of the models the system remains always at the same state, while in the other one after each order cycle, the state of the system may change, thus the percentage of defective items may be different in consecutive periods. In both cases the speed of the quality checking is a variable, and procedures are provided to find the optimal lot sizes and screening speed for general and specific investment cost functions. The characteristics of the two model settings will largely be different when the percentage of defective items is high. Among the important managerial insights gained is that a high unit backlogging cost, especially spurs the system to invest more intensively into improving the quality checking process.     

The Effect of Liability and Patch Release on Software Security: The Monopoly Case

An abundance of flawed software has been identified as the main cause of the poor security of computer networks because major viruses and worms exploit the vulnerabilities of such software. As an incentive mechanism for software security quality improvement, software liability has been intensely discussed among both academics and practitioners for a long time. An alternative approach to managing software security is patch release, which has been widely adopted in practice. In this paper, we examine these two different ways of mitigating customer risk in the software market: liability and patch release. We study the impact of both mechanisms on a monopolistic software vendor's decision on security quality. We find the conditions under which each mechanism is effective in terms of improving security quality and increasing social surplus. The heterogeneous nature of loss is identified to be a key factor for the effectiveness of the liability mechanism. On the other hand, patch release can be effective and welfare‐enhancing regardless of the nature of loss as long as customers incur low patching cost, and/or the vendor incurs low patch development cost. We also examine the impact of customer misperception of the outcome from vulnerable software on the effectiveness of liability.     

Weekly Feedback vs. Daily Feedback

Abstract

Two experiments were conducted in a retail setting to (a) assess the effectiveness of a multi-component performance management intervention and (b) compare the effectiveness of weekly and daily feedback. During the first experiment, a multiple baseline design was used to evaluate the effectiveness of task clarification, goal setting, access to preferred items contingent upon goal attainment, and weekly graphic feedback on the completion of routine maintenance tasks in a framing and art store. During phase 1 of the second experiment, an AB design was used to replicate the effects of this intervention on similar tasks in a new store location with the same participants. During phase 2 of the second experiment, a multiple baseline design was used to assess the effectiveness of the intervention when daily feedback replaced weekly feedback. Results indicate that the multi-component intervention was effective in both experiments, and that daily feedback may have enhanced the effectiveness of the intervention.     

Decentralized WIP-oriented manufacturing control (DEWIP)

DEWIP is a manufacturing control system for job shop environments aiming at achieving short and reliable lead times by establishing WIP control loops between the manufacturing work centres. The paper describes the mode of function, the setting of parameters and simulation results of the new manufacturing control system. The setting of parameters is done with the aid of the funnel model and the theory of logistic operating curves, both developed at the Institute of Production Systems at the University of Hanover. The simulation is conducted using industrial data and makes it possible to assess DEWIP with regard to lead times, WIP level, performance and schedule reliability. DEWIP is compared both with an uncontrolled process and with the manufacturing control systems Load oriented order release (LOOR), Conwip and Polca. The results suggest that DEWIP and the models employed for the setting of parameters are suitable for job shop production and therefore offer a valuable alternative to prevailing centralized manufacturing control systems.