Does Aviation Security Actually Work? “So why do I have to get naked to fly?”

PassengersPreviously, we identified that the individual nation, or Chicago Convention, contracting state is responsible for enacting regulations that will be binding on the aviation industry entities that are based in that state and the travelling public. We also discussed the requirement for states to standardise, as far as possible, their application of the Standards and Recommended Practices (SARPs) that are provided by the International Civil Aviation Organisation (ICAO).

This allows us to discuss a little more about these SARPs including how they are developed and supported, and also how states might react to them. Before getting on to this it is also worthwhile to just think for a moment about the global aspect of aviation security.

Airlines are often considered as national flag carriers, possibly because many aircraft liveries actually include a small national flag! Regardless of an airline’s ownership, they are symbolically and legislatively considered as an extension of the state of registration. So, all of those Australian Registered aircrafts with a VH- lettering or a New Zealand aircraft with a ZK- lettering are almost like a little bit of the country, no matter where they are. Consequently, a threat to a national interest may happen anywhere.

Similarly, the actual mechanisms of security systems and, more importantly, security weaknesses, may extend extra-territorially. For example, if you and your suitcase (checked baggage) join a flight departing Australia for South America, you may travel on an aircraft of three different airlines and three states of aircraft registration in order to arrive at your destination. Sometimes, through the emergence of global airline alliances and commercial agreements or code share operations, you can do a trip like this all on the same flight number on your e-ticket!

So, that bag that you checked in at Melbourne Airport, which is subjected to certain levels of security controls, may then be transferred and uplifted through three other states, and by various other airlines. It is obvious, therefore, that the global aviation security system really is an example of a chain of operations that is only as good as its weakest link. By the way, I don’t think Australia is even close to being that weakest link in the chain, but some states will be.

As we know, the International Civil Aviation Authority (ICAO) is made up of 190 contracting states. The organisation is based in Montreal, Canada, has a permanent secretariat (effectively the ‘headquarters’) and is controlled by a council of state representatives. The council is elected every three years at an assembly of all of the states, and the council then elects one of its members to be the President. The day to day running of the secretariat is controlled by an employed Secretary General. If you think this all sounds like the United Nations, then you are right. In fact, consideration for the United Nations and the Chicago Convention began at about the same time, in 1944.

The ICAO’s base in Montreal is supported by six regional structures at strategic locations around the world. However, much of the specialist technical aviation security expertise and experience rests within some of the individual contracting states. Many of these states also have a strong national imperative to see certain levels of security implemented globally, in particular going back to our chain/link scenario.

ICAO meets this situation by forming specialist teams of professional subject matter experts, or SMEs. These SMEs are volunteered by their parent state to be a member of a working group or a panel of experts. These terms are self-explanatory
and hierarchal.

The working group of SMEs meets fairly regularly, under the control of a full time ICAO specialist acting as the Secretary, and formulates suggested changes to the Standards and Recommend Practices (SARPs). The panel meets less regularly, vets the suggested changes and approves them to eventually be passed to the ICAO Council for approval. During this process the 190 contracting states are regularly informed of the direction and eventual wording of these changes so that they can both provide feedback and prepare to institute the SARPs when adopted.

The process sounds complex but is actually very workable, albeit lengthy. A routine change of this nature may take three to five years from original consideration to actual adoption however, in this timeframe, there are many quite lengthy periods allocated for states to provide comment. In times of crisis, such as immediately after the 9/11 attacks, the ICAO system can be made to work much
more quickly.

Actually, the 11 September 2001 attacks were two weeks prior to the three yearly ICAO Assembly with nearly 1400 delegates from over 180 states attending in Montreal. Given 9/11, the opportunity was taken to convene an Extraordinary Aviation Security Panel meeting during the assembly. While hectic, and lacking in solid intelligence, this panel meeting did a lot to put in place the needed direction, not only to respond to the specific likelihood of the future use of civil aircraft as weapons, but also to get global approval at the Assembly for an increased effort and adherence to basic aviation security standards.

Our question remains: “Why do I have to (almost) get naked to fly?” So let’s talk about some real events and actual security standards rather than a global bureaucracy.

Aviation security SARPs largely address known, likely or possible threats. As an example, when the prevailing aviation security issue was hijacking an aircraft in the ‘70s, a large number of SARPs were produced covering all of the ‘defences’ against hijacking, such as airport access control systems, ID cards, screening of passengers to prevent carriage of weapons and so forth.

These types of SARP slot in to Annex 17 Security under the general classification of ‘Preventative Security Measures’, forming Chapter 4. Also included in the Annex are:

Chapter 1 – Definitions

Chapter 2 – General Principles

Chapter 3 – Organisation

Chapter 5 – Management of responses to acts of unlawful interference (with civil aviation)

It is worthwhile pointing out here that ‘Acts of Unlawful Interference with Civil Aviation’ is how ICAO and its documents refer to the various different types of activities, which the SARPs are designed to prevent. This is so regardless if it is a bombing in an airport terminal, arson of an air traffic control facility, or an action in an aircraft; and regardless of whether or not the act is terrorist or criminally motivated.

As a result of an increase in hijackings perpetrated by armed individuals, one of the early SARPs put in place was: Standard 4.4.1 – “Each Contracting State shall establish measures to ensure that originating passengers of commercial air transport operations and their cabin baggage are screened prior to boarding an aircraft departing from a security restricted area.”

This sounds good, is easily understood and is very outcome based. It tells us ‘what’ is required and, when combined with the guidance material in the Aviation Security Manual, (Document 8973) gives examples of ‘how’ this might be done; it gives adequate information for a state to decide how to screen passengers and cabin baggage.

But then we come up with the other issues and, in particular, two things: The limits of technology and what the traveller will actually put up with.

Firstly, technology. The first reaction to Standard 4.4.1 by most States was to institute a regime of passenger and cabin baggage screening using existing technology and/or human resources. This meant that we all walked through what are alternatively called the ‘archway’ or ‘walk through’ metal detectors (WTMD), while our cabin bags were passed through X-ray machines.

There was an initial period of shakedowns around the world for this to become effective, and this included the institution of such things as equipment calibration systems, staff training and, later, effectiveness testing by either overt or covert means. The duration of this ‘shakedown period’ varied tremendously between states and, arguably, is still underway in some locations. Noting our previous comments about the global chain nature of Aviation security, this is still an issue for some states to address.

During this learning curve, passengers were subjected to queues, delays and, sometimes, more invasive techniques such as personal ‘pat downs’ and hand search of cabin baggage; all of which, in the eyes of some, has potential for invasion of privacy and infringement of civil liberties. That really starts to set some thresholds for us on our second issue of what the traveller will put up with, and this will be covered in more detail in our next article.

As a result of the screening initiatives we had in place, in a reasonable amount of time, a pretty good global system of detecting hand guns and knives on passengers; and of detecting the same items in cabin baggage. This, when combined with some quite aggressive ‘incident management’ of hijackings, immediately curtailed the number of such incidents. Mission achieved!

Not quite though. As what was soon realised was that explosives are not metallic, and were virtually not detectable by WTMD or early X-ray machines. So, the system that was instituted had achieved an initial objective, but had left a serious vulnerability in another way.

Subsequent development and deployment of second and third generation X-ray systems has dramatically increased explosive detection capabilities for cabin baggage. Various additional measures, such as a random percentage check of passengers by vapour detectors, have also been initiated both as detecting systems and a worthwhile deterrent.

But, to maximise the effectiveness of these systems, screening personnel are trained to have you remove, as far as possible, all coats, hats, wraps, belts, metallic objects, shoes and boots as a method of facilitating effective screening. Not quite ‘naked’, but sometimes inconvenient. And the next generation of equipment is more demanding!

This article has taken us some way towards understanding how SARPs are developed and implemented by states. However, the majority of this actual ‘security stuff’ is done by airline and airport operators.

John Gratton
John ‘Hondo’ Gratton is managing director of a small consultancy company, Gratton Aviation Services (GAS), based in Melbourne. He has extensive safety and security experience including military EOD/IED Disposal, operations, logistics and international relations. GAS provides consultancy and advisory services to foreign governments in aviation safety and security regulatory systems, oversight mechanisms and operational processes. Recent contracts have included Indonesia, India and DPRK.