The Proceedings of the
4th Australian Security and Intelligence Conference
5 – 7 December, 2011 Citigate Hotel, Perth, Western Australia
Proceedings of the 4th Australian Security and Intelligence Conference
Published By secau – Security Research Centre School of Computer and Security Science Edith Cowan University Perth, Western Australia
Edited by Dr David J Brooks and Professor Craig Valli secau – Security Research Centre School of Computer and Security Science Edith Cowan University Perth, Western Australia
[email protected] [email protected]
Copyright 2011, All Rights Reserved, Edith Cowan University ISBN 978-0-7298-0696-1 CRICOS Institution Provider Code 00279B
Gold Sponsor
Sponsors
Supporters
ACS Centre of Expertise - Security
Conference Foreword Security Science: A convergence of disciplines?
Welcome to the Proceedings of the 4th Australian Security and Intelligence Conference in Perth, Western Australia. It is with great pleasure that I introduce a wide spectrum of research originated articles that reflect the broad and multi-dimensional nature of Security Science. As the Call for Papers stated, the purpose of the conference was to extend the discourse beyond the more traditional security disciplines to include strategic studies, international politics, criminology, business and management, information science, political science, etc. These other disciplines sought to focus the conference on further exploring the core topics of Security Science. Articles range from CCTV Operator vigilance to fibre optic detection; from disengagement of sub-groups to facility management; and from Intelligence to WiFi. In my view, these articles demonstrate the diversity of security and the need to better converge understanding, so that we have better demarcation within the broader spectrum of security. All articles were double blind peer-reviewed before acceptance into the conference for publication. Nevertheless, such a conference is not possible without the many willing volunteers who follow through with their commitment of review. I would like to take this opportunity to thank the conference committee, administrators and importantly, article reviewers for their tireless efforts in this regard.
Dr David J Brooks Conference Chair
Congress Organising Committee
Congress Chair: Executive Chair: Conference Chair (IWAR): Conference Chair (ASIC): Conference Chair (ACTC): Conference Chair (AISM): Conference Chair (ADF): Committee Member: Committee Member: Congress Organiser:
Professor Craig Valli Professor Murray Lampard Dr Christopher Bolan Dr Dave Brooks Mr Michael Crowley Dr Trish Williams Dr Andrew Woodward Associate Professor Ken Fowle Mr Patryk Szewczyk Ms Lisa McCormack
Table of Contents PROGRAMMABLE LOGIC CONTROLLER BASED FIBRE BRAGG GRATING IN-GROUND INTRUSION DETECTION SYSTEM ........................................................................................................... 1 Gary Allwood, Graham Wild, Steven Hinckley CASE STUDIES: A SECURITY SCIENCE RESEARCH METHODOLOGY ............................................ 9 Bill Bailey INTELLIGENT BUILDINGS: AN INVESTIGATION INTO CURRENT AND EMERGING SECURITY VULNERABILITIES IN AUTOMATED BUILDING SYSTEMS USING AN APPLIED DEFEAT METHODOLOGY ..................................................................................................... 16 David J Brooks SECURITY RISK MANAGEMENT IN THE ASIA PACIFIC REGION: WHAT ARE SECURITY PROFESSIONAL USING? .......................................................................................................................... 27 David J. Brooks and Hamish Cotton AN EXPLORATION OF 1st AND 2nd GENERATION CPTED FOR END OF YEAR SCHOOL LEAVERS AT ROTTNEST ISLAND .......................................................................................................... 38 John Letch1, Ellice McGlinn1, Jonathon F. Bell1, Emma Downing1 and David M. Cook MAPPING THE ORGANIZATIONAL RELATIONS WITHIN PHYSICAL SECURITY’S BODY OF KNOWLEDGE: A MANAGEMENT HEURISTIC OF SOUND THEORY AND BEST PRACTICE ...... 49 Michael Coole and David J Brooks A STRATEGY TO ARTICULATE THE FACILITY MANAGEMENT KNOWLEDGE CATEGORIES WITHIN THE BUILT ENVIRONMENT .......................................................................... 58 Robert Doleman and David J Brooks IS THERE A CORE SET OF SKILLS FOR VISUAL ANALYSIS ACROSS DIFFERENT IMAGING TECHNOLOGIES? ...................................................................................................................................... 68 Craig H.M. Donald INDIVIDUALISED RESPONSES TO VIGILANCE DEMANDS AND THEIR MANAGEMENT .......... 74 Fiona M. Donald and Craig H.M. Donald ENTITATIVITY AND IDEOLOGY: A GROUNDED THEORY OF DISENGAGEMENT ..................... 81 Kira Jade Harris Wi-Fi SECURITY: WIRELESS WITH CONFIDENCE ............................................................................. 88 Lucas Jacob, Damien Hutchinson, Jemal Abawajy INFORMATION EVALUATION: HOW ONE GROUP OF INTELLIGENCE ANALYSTS GO ABOUT THE TASK .............................................................................................................................. 97 John Joseph and Jeff Corkill INTELLIGENCE ANALYSIS AND THREAT ASSESSMENT: TOWARDS A MORE COMPREHENSIVE MODEL OF THREAT ............................................................................................ 104 Charles Vandepeer
PROGRAMMABLE LOGIC CONTROLLER BASED FIBRE BRAGG GRATING IN-GROUND INTRUSION DETECTION SYSTEM Gary Allwood, Graham Wild, Steven Hinckley Photonic Research Laboratory Centre for Communications Engineering Research School of Engineering Edith Cowan University
[email protected],
[email protected],
[email protected]
Abstract In this paper we present an in-ground intrusion detection system for security applications. Here, an optical fibre pressure switch is directly connected to a standard digital input of a programmable logic controller (PLC). This is achieved using an intensiometric detection system, where a laser diode and Fibre Bragg Grating (FBG) are optically mismatched, resulting in a static dc offset from the transmitted and reflected optical power signals. Pressure applied to the FBG, as the intruder stepped on it, induced a wavelength shift in the FBG. The wavelength shift was then converted into an intensity change as the wavelength of the FBG matched the wavelength of the laser. The change in intensity, measured by the optical detectors, resulted in a significant change in the DC offset, behaving as on optical switch. When connected to the PLC the optical pressure switch was used to drive a digital output, sounding an alarm in addition to displaying the intrusion event on the human machine interface. Keywords Fibre Bragg Gratings, Intrusion Detection Systems, Optical Fibre Sensing, Pressure Switch, Programmable Logic Controller, Security
INTRODUCTION Modern security systems are required to have inherent intelligence in order to provide diagnostics about potential and real-time security breaches. As such, most security systems nowadays use Programmable Logic Controllers (PLCs) for this intelligence (Yilmaz, 2010). PLCs are also utilised in building management systems, for controlling other building systems (eg HVAC) in addition to the intrusion detection systems (Becker et al, 2005). In general, PLCs are used in a wide variety of industries, from factory assembly lines to controlling lifts in buildings, as well as controlling large mine sites (Kouthon and Decotignie, 1996). A PLC is an electromechanical computer, specifically designed to take in information from a real world processes and react to those sensing inputs in a specific way, as outlined by the control program (Bolton, 2009). For example, a PLC may receive data corresponding to the level of a liquid in a tank and then send a signal to the field to open a valve, stop a pump, sound an alarm, or any other action, depending on what is required in the application. Currently, there are a number of different communication and sensing standards, depending on the application and PLC manufacturer. Optical fibre sensors are now used in a large variety of diverse applications, from static and dynamic strain sensing, to chemical and biological sensing (Liang et al, 2005). It is well recognised that optical fibre sensors have many desirable attributes which are advantageous with respect to other sensing methodologies. These advantages include greater sensitivity, reduced size and weight, and immunity to electromagnetic interference (Giallorenzi, 1985). Nevertheless, in general, optical fibre sensors are underutilised in security applications as simpler traditional sensing techniques are usually preferred. The use of optical fibre systems is increasing in some security applications however, for both transmission of information as well as for sensing applications, since these systems are immune to electromagnetic interference, and offer faster data transmission rates (Purpura, 2008). Where fibre optic sensors are used in security applications, for in-ground and perimeter fence security (Regnier et al, 2009), the associated technology is quite dated, using optical time domain reflectometry (Bucaro, Dardy, and Carome, 1977) and interferometry (Barnoski and Jensen, 1976). These methods completely underutilises many of the advantages associated with modern optical fibre systems (multiplexing, reconfigurability, etc). In addition to this, current optical fibre sensing work is primarily based on optical fibre Bragg gratings (FBGs). FBG sensors were first reported by Morey, Meltz, and Glenn (1989), after demonstrating their transverse holographic fabrication method for FBGs (Meltz, Morey, and Glenn, 1998). FBG sensors have been used for the 1
detection of number of different measurands including temperature, strain, and pressure. Initially, FBGs were used as spectral transduction elements, meaning that the information was an absolute quantity encoded on the wavelength shift of the FBG. The advantage of this technique was that the FBGs were immune to optical power fluctuations. As such, they can be implemented in Wavelength Division Multiplexing (WDM) or Time Division Multiplexing (TDM) systems (Kersey, 1994). Unfortunately, these systems require spectral decoding of the sensor signals, which can be costly and processor intensive. A more efficient alternative is to use FBGs in an intensity based edge filter detection system where the intensity information from the FBG can easily be correlated to the change in the measurand i.e. the relative spectral shift in the FBG filter results in an optical power change. The disadvantage of intensity based detection systems is that input optical power fluctuations are reintroduced into the system. However, the simplicity of the detection method and reduced cost, since spectral decoding in not required, greatly outweigh the corresponding disadvantages in certain applications, e.g. the output of a digital intensity signal. Hence, these systems would be preferred in certain security applications (for pressure and reed switches). Essentially, an FBG detects a change in a measurand as a result of experiencing a strain in an optical fibre, which then alters the reflected wavelength from the FBG. As such, FBGs can be used for a number of different sensing techniques. Although FBGs are predominantly used as analogue sensors, relating directly to the variation of a specific measurand, in this work we show that they can be used effectively as optical switches by shifting the Bragg wavelength. This is directly applicable to intrusion detection systems, where switches are commonly utilised, such as reed switches (Wild, Swan, and Hinckley, 2011). In this work, we show that a simple FBG switch, specifically a pressure switch, can easily be connected to an existing digital input on a commercial PLC I/O rack.
THEORY Fibre Bragg Grating Fundamentals A FBG (Orthonos and Kali, 1999) is a spectrally reflective component that uses the principle of Fresnel reflection. The grating is made up of alternating regions of high and low refractive indices. The periodic grating acts as a filter, reflecting a narrow wavelength range, centred about a peak wavelength. This wavelength, known as the Bragg wavelength (λB), is given by,
B 2n,
(1)
wheren is the average refractive index of the grating, and Λ is thegrating period.Equation (1) indicates that any measurand that causes either a change in the refractive index or grating period can be detected with the FBG. A change in grating period is a direct result of the applied strain, while the change in refractive index is a result of the strainB) as a function (Orthonos and Kali, 1999), n2 B B 1 p12 p12 p11. 2
(2)
where v is Poisson‟s ratio, and p12 and p11 are the strain optic coefficients. Equation (2) then enables the strain applied to the grating to be converted into the shift in the wavelength, which can be easily determined via an interrogator.Any measurand that has the ability to affect either the refractive index or the grating period can be measured using an FBG as a sensor. The change in the measurand will corresponds to a change in the peak reflected wavelength. The fundamental principle of operation is shown in Figure 1.
2
Figure 1. Fundamental principle of operation for a fibre Bragg grating. Transmit Reflect Detection There are essentially two broad interrogation methods available for the detection of high frequency acoustic signal with FBGs. These are edge filter detection methods, and power detection methods. In edge filter detection methods (Perez, 2001) the shift in the FBG spectrum is detected by use of a spectrally-dependent filter which results in a change in intensity at the detector. The FBG is illuminated by a broadband source, such as a superluminescent laser diode (SLD). The change in the wavelength reflected causes the transmitted intensity to vary as the filters transmittance varies as a function of wavelength. In power detection methods (Lee and Jeong, 2002) the shift in the FBG wavelength is detected by using a spectrally-dependent source, which results in a change of intensity at the detector. There are two power detection methods, linear edge source, and the narrow bandwidth source. In narrow bandwidth source based power detection (Webb et al, 1996), either the reflected component or the transmitted component from the FBG can be used. However, both the transmitted and reflected components occur simultaneously. As the strain from the acoustic field varies the Bragg wavelength, the FBGs 3dB point is also shifted. As a result, the amount of optical power reflected from the FBG will change, either positive or negative, depending on which edge of the FBG was used, and the direction of the measurand. The same variation also occurs to the optical power transmitted through the grating, although in the opposite direction. Since the components vary in opposite directions, they can be differentially amplified to increase the overall signal. Figure 2 shows the optical circuit for the TRDS.
Figure 2. Optical circuit of the TRDS, with the tunable laser (TL), and the transmit (Tx) and reflect (Rx) receivers. The inset shows the spectrum of the optical components.
3
TRDS FBG Switch The TRDS can be utilised as an optical switch. Here the FBG has a similar bandwidth to the laser. The laser is tuned to a wavelength just above the Bragg wavelength of the FBG. As the strain is applied to the FBG, the spectrum of the FBG will shift to match the laser. This means that the majority of the optical power of the laser, which was previously transmitted through the FBG, is now reflected from the FBG. This detection principle is depicted in Figure 3.
Figure 3. Operating principle of the TRDS FBG switch, a) shows the FBG offset from the laser, with no applied measurand, hence all optical power transmitted, and none reflected, b) shift in the Bragg wavelength due to the applied signal, giving maximum reflection, and minimum transmission. The change in transmitted and reflected optical power signals was then detected using the previously reported intensiometric detection system (Wild and Hinckley, 2008), based on the Transmit Reflect Detection System (TRDS) (Wild, Jansz, and Hinckley 2007). Here the two signals were measured via two photodetectors. The reflected signal was directed to the first photoreceiver via an optical circulator, and the transmitted signal was directed straight to the second photodetector.
EXPERIMENTAL METHOD The first step of the experiment was to characterise the spectral response of the FBG and the tunable laser. The experimental setup is show in Figure 4. This was used to determine the operating point for the FBG sensor and to ensure that the FBG and laser were mismatched by the required amount. The optical circuit uses a broadband superluminescent diode, SLD (DenseLight) as the light source to measure the FBG, and an Optical Spectrum Analyser, OSA (Anritsu MS9001B1) as the detector. The loss function of the OSA (Anritsu MS9001B1) was used to measure the spectral response of the FBG (Photronix Technologies). The OSA was also used to look at the output of the tunable laser source (Ando AQ8201-13B). The laser was tuned to be 0.2nm greater than the Bragg wavelength; the shift measured using the OSA when the pressure was applied to the FBG.
Figure 4. Experimental setup for the spectral measurements of the FBG using the SLD (top) or the tunable laser (bottom). In the second step of the experimental procedure, the laser output was connected to a circulator (FDK YC-1100155) so that both the transmitted and reflected signal could be detected. In order to increase the amplitude of the output signal, both outputs were connected to the detection system. In the intensiometric detection system, any change to the transmitted and reflected signals is differentially amplified, combining the two signals. The 4
difference signal from the detection system was then amplified using a simple circuit, in order to ensure the output voltage would be correctly interpreted by the PLC, and connected to the I/O rack, as shown in Figure 5. The digital input card detects a 1 when the input voltage is above 15V and it detects a 0 when the input voltage is below 5V. The 24V is also supplied by the PLC.
Figure 5. Experimental setup for the in-ground pressure switch connected to the PLC I/O rack.
RESULTS As pressure was supplied to the FBG in the form of a footstep the DC voltage increased significantly as shown in Figure 6. 3.2
Voltage (V)
3.0 2.8 2.6 2.4 -1.2
-1.0
-0.8
-0.6
-0.4
-0.2
0.0
0.2
0.4
0.6
0.8
1.0
1.2
Time (s) Figure 6. DC output from the FBG pressure switch as pressure is applied.
5
The digital input from the pressure switch was used to drive a digital output buzzer alarm using some simple logic shown in Figure 7.
Figure 7. Simple ladder logic for turning on an alarm siren when a security breach is detected in the form of an optical fibre in-ground pressure switch. The optical fibre in-ground pressure switch was also configured to trigger an alarm that could be display on a human machine interface (HMI) as shown in Figure 8.
Figure 8. A simple HMI display for (a) a secure perimeter and (b) a security breach
6
DISCUSSION Findings This work shows, not only that optical FBG switches are effective and reliable, but also that they can be connected directly to an existing PLC architecture, minimising cost whilst having all of the benefits associated with optical fibre sensors, with the simplicity of digital signals. This is advantageous for security applications, where switches are used for intrusion detection. In this case we have used a FBG pressure switch, other optical switches such as a FBG reed switch could easily be connected to the PLC in the same way. Future work Future work will investigate the temperature cross sensitivity of FBGs. The temperature sensitivity of FBGs can cause the Bragg wavelength of the sensor to drift, stopping the switch from working. However, by using two colocated FBGs, one of these will be isolated from the applied strain, with both being exposed to identical temperatures, eliminating the temperature cross sensitivity. This will also enable wavelength division multiplexing and time division multiplexing to be easily combined, enabling large numbers of sensors to be multiplexed in a single system. This will also remove the cost associated with the use of tunable laser. The use of a single SLD will also facilitate the multiplexing of multiple switches, both pressure and reed switches. This work is part of an extended study with the aim of producing a completely optical security system that can be implemented in both commercial and domestic environments. The aim is to use pressure switches, like the one demonstrated here, in conjunction with other innovative optical fibre sensing techniques. These include optical fibre reed switches for intrusion detection in doors and windows [Wild 2011], and FBG sensors in perimeter fences. Furthermore, analogue measurands will be detected using multiplexed FBGs embedded within the ground, forming a network that can track acoustic emissions from the footsteps of a potential intruder. The intention is to develop software that can display a person‟s location around a building in real time. This technology may have diverse applications outside the realm of security.
CONCLUSION We have demonstrated an in-ground FBG pressure switch for use in intrusion detection systems. The output from the optical switch was easily connected to existing PLC architecture using the intensiometric detection system, previously reported, and a simple amplifier circuit. This study shows that conventional “wired” switches can easily be replaced with optical switches without replacing the expensive PLC hardware.
REFERENCES Barnoski M. K., Jensen S. M. (1976). Fibre waveguides: a novel technique for investigating attenuation characteristics. Applied Optics 15(9), 2112-2115. Becker M., Henze G., Köhler A., Koenigsdorff R., Lehnertz M., Scherer H. (2005). Integrated Automation and Simulation Test Environment for Building Energy Systems. Bolton W. (2009). Programmable Logic Controllers, 5th ed., Newnes. Bucaro J. A., Dardy H. D., Carome E. F. (1977). Optical fibre acoustic sensor. Applied Optics 16( 7), 17611762. Giallorenzi T. G. (1985) Optical fiber sensor technology. in Proc. IEEE 1985 International Electron Devices Meeting 31, p. 116. Kouthon T. and Decotignie J.(1996). Improving Time Performances of Distributed PLC Applications. in Proc. IEEE Conference on Emerging Technologies and Factory Automation, vol. 2, pp. 656 - 662. Lee B. and Jeong Y. (2002). Interrogation Techniques for Fiber Grating Sensors and the Theory of Fiber Gratings. Fiber Optic Sensors. New York, USA: Marcel Dekker, pp. 295–381. Liang W., Huang Y., Xu Y., Lee R. K., Yariv A. (2005). Highly sensitive fiber Bragg grating refractive index sensors. Applied Physics Letters, vol. 86, article no. 151122. Meltz, G., Morey, W.W., and Glenn, W.H. (1998). Formation of Bragg gratings in optical fibers by a transverse holographic method. Optical Letters 14(15), 823-827. Morey, W., Meltz, G., and Glenn, W. (1989). Fiber optic Bragg grating sensors. Proc SPIE 1169 98-107. 7
Othonos, A., and Kalli, K. (1999). Fiber Bragg Gratings, Artech House. Perez I., et al. (2001). Acoustic emission detection using fiber Bragg gratings. in Proc. SPIE, vol. 4328, pp. 209– 215. Purpura, P., Security and Loss Prevention: An Introduction 5th ed., Butterworth Heinemann (2008). Regnier E., Burov E., Pastouret A., Boivin D., Kuyt G., Gooijer F., Bergonzo A., Berkers A., Signoret P., Troussellier L., Storaasli O., Nouchi P. (2009). Recent developments in optical fibers and how defense, security and sensing can benefit. Proc. SPIE 7306, 720618-1. Webb D. J., et al. (1996) Miniature fiber optic ultrasonic probe. in Proc. SPIE, vol. 2839, pp. 76–80. Wild, G., and Hinckley, S. (2008). An Intensiometric Detection System for Fibre Bragg Grating Sensors. Proc ACOFT. Wild, G., Jansz, P., and Hinckley, S. (2007). A transmit reflect detection system for fiber Bragg grating photonic sensors,” Proc. SPIE 6801, 68010N. Wild, G., Swan, G., and Hinckley, S. (2011). A fibre Bragg grating based reed switch for intrusion detection. Proc. IQEC/CLEO Pacific Rim Conference. Yilmaz C. (2010). Implementation of Programmable Logic Controller-Based Home Automation. Journal of Applied Sciences, 10: 1449-1454.
8
CASE STUDIES: A SECURITY SCIENCE RESEARCH METHODOLOGY Bill Bailey secau Security Research Centre, School of Computer and Security Science Edith Cowan University, Perth, Western Australia
[email protected]
Abstract As a relatively new discipline Security Science is searching for academic acceptance very often combining established hard science approaches with those of Social Science and Humanities. Methodologies need to be developed to equip the discipline to conduct more varied research. One such method is the use of the case study approach, as it allows multiple inputs from a variety of sources to build up the research into a central review, allowing conclusions and recommendations to be drawn from the data. Though relatively common in the business world for conducting reports, this has not hitherto been the position in academia The objective of this speculative paper develops a process used for research and seeks to open a debate as to the importance of case studies in the security field; the paper argues that it is an underutilised research paradigm. The merits of using the case study structure will be discussed, including the debate over positivism and constructivism, which will then lead on to a potential analytical method called Interpretative Phenomological Analysis (IPA); used predominately in ethnographical studies. The importance of using a pilot study before proceeding to the full study is also suggested to avoid costly mistakes later in the research. Keywords Case studies; hermeneutics; interpretative phenomenological analysis; pilot studies; security science.
INTRODUCTION The discipline of Security Science now incorporates Humanities, Social and Political Sciences as well as the hard sciences. The amalgamation of so many diverse disciplines requires adapting and adoption of research methodologies that can accommodate this evolution. This paper discusses using the case study method based upon recent research in security science. The need to understand the multiple parameters that can be present when dealing with security issues requires a methodology that can contextualise the issues being studied and assist with understanding the potential synergies present. The use of case studies is one such approach that can offer an accepted alternative academic approach. However, an important phase when using case studies is to use what is commonly called a pilot study first, before proceeding to undertake the full data collection. There are a number of significant reasons why this should be undertaken; not least of these is the significance of maintaining transparency throughout the process if validity is to be maintained. Getting the study design right is crucial at the beginning if effort is not to be wasted or lack ultimate legitimacy.
TWO STAGE STUDY: PILOT STUDY BEFORE CASE STUDY It is often recommended to conduct what is commonly called a „pilot study‟, which is mostly done prior to the final formulation of the proposal stage of the PhD. This pilot can also be called a trail run of the research instruments. However, many researchers (Teijlingen & Hundley, 2001) point to the value of using the pilot after the first stage of the data collection process to assess the internal validity of the whole process and a check on the following:
9
Table 1. Improving validity Pilot study procedures to improve the internal validity of a questions Developing and testing adequacy of research instruments Administer the questions to pilot subjects in exactly the same way as it will be administered in the main study Collecting preliminary data Establishing whether sampling frame and technique are appropriate Ask the subjects for feedback to identify ambiguities and difficult questions Discard all unnecessary, difficult or ambiguous questions Assess whether each question gives an adequate range of responses Establish that replies can be interpreted in terms of the information that is required Re-word or re-scale any questions that are not answered as expected so as shorten or revise Re-assess the methodology to ensure it will deliver the required outcome. Assessing the proposed data analysis techniques to uncover potential problems Determining what resources are needed for main study (Revised and adapted from Source: Table 3.23 (Peat, Mellis, & Williams, 2002, p. 123) Whether this is called a pilot study, trail run or a preliminary review of the first stage of data collection is immaterial, as it still serves a very important function as can be seen from the points raised in the adapted Table 1.0. This function is often misunderstood or ignored by social science and humanities researchers, particularly the benefits of this approach especially with regard to subjectively. It allows the researcher a chance to evaluate the data outcome based on the first series of data collection to establish whether or not they have achieved the desired outcomes. If it is found that they have not, then steps can be taken to rectify this problem before proceeding any further with the data gathering. The role of the pilot study is to reduce the risk of getting it wrong (Rodney Turner, 2005). Progressively more and more researchers report not just what they have found from a piece of research, but how they have actually gone about doing it (Sampson, 2004, p. 383). Sampson considers the “importance of pilot work in undertaking qualitative and ethnographic studies, prior to researcher immersion in the „field‟”(2004, p. 383), as a vital component of the whole research process to ensure the adequacy of the research instruments. While the benefits of doing pilot work are not new to ethnographers they are “under-discussed and to some extent under-utilized” (Sampson, 2004, p. 383). While pilot studies can be used to refine research instruments such as questionnaires and interview schedules, they have greater use in ethnographic approaches to data collection in foreshadowing research problems and questions, in highlighting gaps and wastage in data collection, and in considering broader and highly significant issues such as research validity, ethics, representation and researcher health and safety.(Rodney Turner, 2005; Sampson, 2004; Van Teijlingen, Rennie, Hundley, & Graham, 2001) Based upon these views it would seem a pilot is a wise process to utilise in an effort to ensure that the data collection process will achieve the desired results as set out in the proposal. Testing the research questions on a selected number of participants first can be seen as a useful tool in assessing the potential outcomes, to see if the questions meet the overall requirements of the study. Using a pilot study to validate the research design can be seen as a useful tool, which has net benefits to the next stage of the data collection process. The use of case studies can be seen as beneficial particularly when it is an “empirical inquiry that investigates a contemporary phenomenon in depth and within its real life context” (Yin, 2009, p. 18). The case study approach is used when there are many variables of interest looking for one result. As a research strategy the use of case studies is valuable as it allows multiple focus on understanding the dynamics found in particular settings (Eisenhardt, 1989). Numerous levels of analysis can thus be performed within the same study (Yin, 2009). Furthermore, “triangulation made possible by multiple data collection methods provides stronger substantiation of the constructs and hypotheses” (Eisenhardt, 1989, p. 538), making the outcomes substantially stronger. The case study should be designed to meet the research objectives using sufficient material as is necessary (Naumes & Naumes, 2006, p. 4). Therefore the case study inquiry considers coping with a certain set of circumstances which can be seen from various view points, but that require a single result (Yin, 2009, p. 18). The advantage in this approach, as argued by Glaser and Strauss, “it is the intimate connection with empirical reality that permits the development of a testable, relevant, and valid theory” (as cited in Eisenhardt, 1989, p. 532). Too often a theory is proposed that is not based sufficiently upon the verifiable data. Consequently, using a
10
case study approach should reduce this tendency and sequentially allow a theory to come out of the case study itself or provide further support for an existing theory. The first part of the process is to undertake a literature review, which should position the study within the existing debate. The initial literature review should assist with the development of the most appropriate research questions. A good deal of preparation is required in formulating which questions would be best suited to the case study approach in order to construct a validated theory, “ a literature review is therefore a means to an end, and not-as many people have been taught to think-an end in itself”(Yin, 2009, p. 14). The nature of this methodology necessitates an ongoing approach to the literature review, as is often the case in qualitative work (Patton, 1990, p. 163). The next normal sequence is the use a series of interviews with the selected participants using a specific participant focused sampling method. The interview is one of the most, if not the most, commonly used research tool in social and political science (King, 2004).”In fact, it is estimated that „90% of all social science investigations‟ use interviews of some sort”(Holstein & Gubrium, 1995, p. 1). A large amount of knowledge is gained through the use of interview, therefore it is important to get it right (Morris, 2009). “The published account is not an objective rendering of „reality‟, but it is the researcher‟s interpretation of the facts that is published for public view” (Morris, 2009, p. 214). There can also be a tendency for self-serving bias and recall error by the interviewee (Patton, 1990, p. 245); hence, the need to ensure triangulation of data in an effort to diminish this propensity. There are four types of accepted interview techniques in academic research: structured interviews, semistructured interviews, unstructured interviews and non-directive interviews. Each one of these has its place within the research process, but will largely depend on the nature of the study together with the applied methodology guided by the literature review. It would be difficult to argue that one method is superior to another as each has its merits, but the choice should be made on the type of research design with regard to desired outcomes. The study design then needs to consider what was being studied, what type of evidence is required and how will this support the investigation. Therefore, the next decision relates to accepting whether or not that the drafted research questions actually afford the desired results which can then be interpreted to provide a satisfactory outcome whilst also providing an accepted level of validity? This approach requires an interpretation of the results based on a philosophical approach to the concluding outcomes. Consequently a sound knowledge of philosophy is beneficial when utilising such research designs to avoid making critical errors that could cause unsubstantiated results and thus a discounted theory. There are a number of philosophical positions (Table 2) that have found acceptance, but many are contested and debated. In simplistic terms these can be divided into either constructivism or positivism, which have become stereotyped. Each position can be associated with certain defined traditions but not with any one philosopher (Easterby-Smith, Thorpe, & Lowe, 2002, p. 29). Positivism holds that “the social world exists externally, and that its properties should be measured through objective measures, rather than inferred subjectively through sensation, reflection or intuition”(Easterby-Smith, et al., 2002, p. 29).Conversely, constructivism or social constructivism “ focuses on the ways that people make sense of the world especially through sharing their experiences with others via the medium of language” , often referred to as Interpretative methods (Easterby-Smith, et al., 2002, p. 29). Table 2. Contrasting essential elements of positivism and constructivism Element
Positivism
Social Constructivism
The observer
Must be independent
Human interest
Should be irrelevant
Explanations
Must demonstrate causality
Research progress through
Hypotheses and deductions
Concepts
Need to be operationalized so that they can be measured
Is part of what is being observed Are the main drivers of science Aims to increase general understanding of the situation Gathering rich data from which ideas are induced Should incorporate stakeholder perspectives
Applied to case studies Independent Distant interest Increase understanding
Hypotheses and deductions A mixture of both
11
Units of analysis
Should be reduced to simplest terms
Generalization through Sampling requires
Statistical probability Large numbers selected randomly
May include the complexity of „whole‟ situations Theoretical abstraction Small numbers of cases chosen for specific reasons
May include the complexity of „whole‟ situations Statistical probability Small numbers of cases chosen for specific reasons
(adapted from Easterby-Smith, et al., 2002, p. 29). The importance of highlighting the differences between the two approaches is especially important too, if case studies are to be used as this will assist in choosing how the data will be interpreted. As multiple sources of data are normally brought together for the case study approach a more positivist methodology is often desirable.
INTERPRETATIVE PHENOMENOLOGICAL ANALYSIS (IPA) Once the interviews have produced the data it will need to be analysed. One method of doing this could be the use of Interpretative Phenomenological Analysis (IPA). This is a qualitative methodology employing a phenomenological interpretation of personal experiences, reports or versions in an attempt to understand personal perception of these in relation to events. Most IPA work has been conducted using in-depth interviews, which enable the participant to provide a full, rich account and allow the researcher considerable flexibility in probing interesting areas which may emerge (Smith, Flowers, & Larkin, 2009). Interviews are normally audiorecorded, transcribed verbatim and subjected to detailed qualitative analysis, attempting to elicit experiential themes in the participant‟s narrative. The narrative constructed from the interviews should form a focal part of the process of interpretation thus building the case study. However, all qualitative research that uses the narrative approach will, even at a subconscious level, have elements of hermeneutics within the process (Hein & Austin, 2001; Laverty, 2008). Hermeneutics has normally been considered an interpretive methodology for understanding ancient texts, Hermeneutics is a much broader interpretive genre that has expanded the very meaning of the term text. In brief, texts now refer not only to documents and the like but also to social, organizational, and institutional structures and processes; cultures and cultural artifacts (sic); and so on (Prasad & Prasad, 2002, p. 7). The evolution of this form of interpretation has been gaining ground within the social sciences, although at times its value has been over emphasised it is nonetheless a process that needs to be understood as it is evolving. As the results of phenomenological hermeneutical investigations are about the meaning of lived experience, they can only be used to affect meaning of lived experience, i.e. as understood by the interpreter. It is not only the interpreter that interprets the text. The text also interprets the interpreter (Lindseth & Norberg, 2004, p. 151). Essentially researchers seek meaning from the themes within the narrative that can be interpreted. Therefore, each of the respondents will have their own story, which in turn forms part of a greater story that has to be interpreted within the context of the research. Thus the end result will be the sum total of all its parts but only as told by this study. In other words the story is unique even though there may be similarities to other stories. Hermeneutics permeates the research process, whether or not it has been chosen as a distinct methodology or not. Douglass and Moustakas (2005) contrast heuristic inquiry with phenomenal to highlight the major differences and similarities. Therefore, although there may be a degree of hermeneutics in all qualitative research methodologies simply by default, this process needs to be understood within its context and not shunned but accepted that is a tacit process taking place regardless of choice. The crucial processes in heuristics (once one understands the values, beliefs, and knowledge inherent in the heuristic paradigm) are: concentrated gazing on something that attracts or compels one into a search for meaning: focus on a topic or formulation of the question; and methods of preparing, collecting, organizing, analyzing, and synthesizing data (Moustakas, 1994, p. 38). There is also a need to question whether or not this form of methodology could be termed as empirical phenomenology, particularly as the observations come from a defined time and do not need to have a philosophical bias. Several authors have used both terms empirical phenomenology and hermeneutic phenomenology (Klein & Westcott, 1994; Moustakas, 1994; Von Eckartsberg, 1986) in an attempt to classify phenomenological research.
12
Hein has pointed out that there is not a clear distinction between any of these terms or between descriptive and interpretative; furthermore, it is not even easy to distinguish clearly between empirical and hermeneutic approaches to phenomenology (Hein & Austin, 2001). However, Allen states that a clear distinction between phenomenology and hermeneutic phenomenology does not exist (cited by Laverty, 2008, p. 27). Nonetheless, it is necessary to explain the association between events and the narrative focusing on trying to make sense of what has happened and what does that mean in relation to the events (Smith, et al., 2009). Triangulation is achieved through the use of further qualitative data collection methods i.e. diaries, newspapers, monographs or personal accounts (Smith, et al., 2009). The use of narrative has been used because of its attention to the structure of the story as given by the participants in the case studies, which will be sections of discourse. Although, this does necessarily mean a more hermeneutic or poststructuralist methodological approach rather than a positivistic one (Pranee & Douglas, 2005). Scientific rationality is built out of logical, well-formed arguments that are designed to convince of truth through reference to repeatable, scientifically constructed empirical tests. The aim is to produce general laws that can be applied to particular events to explain why things happen. These laws are usually abstract and context free. (Pranee & Douglas, 2005, p. 125) There is a fundamental reason why this approach will have greater validity as the participants find it easier to respond by placing themselves in the total situation, which in many cases requires justifying why they took a particular course of action rather than another. If the questions are exclusively directed, then this restricts the respondents desire to respond in a meaningful way as they often feel that they may be exposing themselves in some way (Chase, 1995, p. 4). Therefore, by allowing the participants to tell their stories, with subtle guidance, allows a more truthful version to emerge. The stories should then be deconstructed and interpreted within the context of the events of the time, adding triangulation wherever and whenever necessary, as well as using empirical data to verify the narratives. Bruner (1990) proposes that in order to understand the meaning of the narrative there are two components that have to be considered: a configuring plot and secondly, the succession of events that will shape the story itself. Only when the two are in tandem can the narrative be fully understood (Pranee & Douglas, 2005).
RESEARCH INSTRUMENT The ability of the researcher is paramount to achieving an acceptable result, “the researcher is the instrument” and the methods used are part of the process (Patton, 2002, p. 14); a stark reminder of the importance of academic experience to get it right. Furthermore, validity is dependent on careful construction of the instrument; in this case the semi-structured interviews, to ensure they are administered to measure what they set out to measure. It is important to clearly define the research questions, which are the measurement tools, within the structure of the case study approach; as a primary objective to building a sustainable theory. “The rationale for defining the research question is the same as in hypothesis-testing research. Without a research focus, it is easy to become overwhelmed by the volume of data” (Eisenhardt, 1989, p. 536). By creating a focus this has assisted with the research design through the use of instruments together with the use of the empirical data supporting the emergent theory. Eisenhardt pointed out the advantages of early identification of the research question together with potential constructs does have its benefits, but that it must also be accepted as only tentative.“ No construct is guaranteed a place in the resultant theory, no matter how well measured. Also the research question may shift during the research” (1989, p. 536). This is quiet normally during the design process. The importance of quality in the study needs to be addressed “transparency of research methodology; clearly based on and adding to the relevant literature in terms of insight and conceptualisation” makes it important to highlight this more than may have been the case in the past (Bryman, Becker, & Sempik, 2008, p. 267). Transparency is a major consideration to ensure acceptable methods have been used in the research. Commonly there are four accepted research quality criteria: construct validity, internal validity, external validity and reliability. These four dictate the universal credence of the results from the research undertaken and need to be incorporated throughout the entire process. The validity of the research confirms the accuracy and usefulness of the data collected through the use of the selected instrument (Pandit, 1996).
13
CONCLUSION The benefits of following such a methodology have been put forward as it would seem to offer another way of conducting security science research. The advantages of using such an approach are that the design can be altered to meet the requirements of the study. Furthermore, if at the pilot stage additional data is required then adding to the case study does not pose a complete re-write of the methodology. Using a pilot study needs to be promoted more widely too, as this improves the overall strength of the research design aiding validity and avoiding costly mistakes later. The use of a pilot study allows the study to be tested first and analysed prior to embarking on the resource intensive full study. A number of probable problems can be indentified and remedied before conducting the complete study making it more reliable and robust. Maintaining validity by using multiple triangulation sources safeguards the integrity of the research study.
REFERENCES Bruner, J. (1990). Acts of meaning. Cambridge, MA: Harvard University Press. Bryman, A., Becker, S., & Sempik, J. (2008). Quality criteria for quantitative, qualitative and mixed methods research: A view from social policy. International Journal of Social Research Methodology, 11(4), 261276. doi: 10.1080/13645570701401644 Chase, S. (1995). Taking narrative seriously. In R. Josselson & E. Leiblich (Eds.), Interpreting experience: The narrative study of qualitative research (2nd edition ed., Vol. 3). London: Sage Publications. Chynowetth, J. (2005). Hunting Terrorists in the Jungle: the experiences of a national service subaltern in Malaya in the 1950's. Stroud, UK: Tempus. Easterby-Smith, M., Thorpe, R., & Lowe, A. (2002). Management research: An introduction: Sage Publications Ltd. Eisenhardt, K. M. (1989). Building theories from case study research. The Academy of Management Review, 14(4), 532-550. doi: 10/06/2011 00:03 Hein, S. F., & Austin, W. J. (2001). Empirical and hermeneutic approaches to phenomenological research in psychology: A comparison. Psychological Methods, 6(1), 3. doi: 10.1037/1082-989X.6.1.3 Holstein, J. A., & Gubrium, J. F. (1995). The active Interview. London: Sage. King, N. (2004). Using interviews in qualitative research. In Cassell. C & Symon. G (Eds.), Essential Guide to Qualitative Methods in Organizational Research, . London: Sage. Klein, P., & Westcott, M. R. (1994). The changing character of phenomenological psychology. Canadian Psychology/Psychologie canadienne, 35(2), 133. Laverty, S. M. (2008). Hermeneutic phenomenology and phenomenology: A comparison of historical and methodological considerations. International Journal of Qualitative Methods, 2(3), 21-35. Lindseth, A., & Norberg, A. (2004). A phenomenological hermeneutical method for researching lived experience. Scandinavian Journal of Caring Sciences, 18(2), 145-153. Morris, Z. S. (2009). The truth about interviewing elites. Politics: , 209–217, 2009 Vol 29(3), (p 209-217). doi: DOI: 10.1111/j.1467-9256.2009.01357.x Moustakas, C. E. (1994). Phenomenological research methods. Thousand Oaks, CA: Sage Publications, Inc. Naumes, W., & Naumes, M. J. (2006). The art & craft of case writing. New York: ME Sharpe Inc. Pandit, N. R. (1996). The creation of theory: A recent application of the grounded theory method. The Qualitative Report, 2(4), 1-14. Patton, M. Q. (1990). Qualitative evaluation and research methods. Newbury Park, CA: Sage Publications, Inc. Patton, M. Q. (2002). Qualitative research and evaluation methods. Thousand Oaks, CA: Sage Publications, Inc.
14
Peat, J., Mellis, C., & Williams, K. (2002). Health science research: a handbook of quantitative methods. London: Sage Publications Ltd. Pranee, L., & Douglas, E. (2005). Qualitative Research Methods (2nd ed.). New York: Oxford University Press. Prasad, A., & Prasad, P. (2002). The coming of age of interpretive organizational research. Organizational Research Methods, 5(1), 4. doi: 10.1177/1094428102051002 Rodney Turner, J. (2005). The role of pilot studies in reducing risk on projects and programmes. International Journal of Project Management, 23(1), 1-6. Sampson, H. (2004). Navigating the waves: the usefulness of a pilot in qualitative research. Qualitative Research, 4(3), 383. doi: 20/12/2010 Smith, J. A., Flowers, P., & Larkin, M. (2009). Interpretative phenomenological analysis: theory, method and research. London: Sage Teijlingen, E., & Hundley, V. (2001). The importance of pilot studies. Social Research Update, 35, 1-4. doi: 20/12/2010 Van Teijlingen, E., Rennie, A., Hundley, V., & Graham, W. (2001). The importance of conducting and reporting pilot studies: the example of the Scottish Births Survey. Journal of Advanced Nursing, 34(3), 289-295. Von Eckartsberg, R. (1986). Life-world experience: Existential-phenomenological research approaches in psychology. Washington: University Press of America. Yin, R. K. (2009). Case study research: Design and methods (4th ed.). London: Sage Publications, Inc.
15
INTELLIGENT BUILDINGS: AN INVESTIGATION INTO CURRENT AND EMERGING SECURITY VULNERABILITIES IN AUTOMATED BUILDING SYSTEMS USING AN APPLIED DEFEAT METHODOLOGY David J Brooks secau Security Research Centre, School of Computer and Security Science Edith Cowan University, Perth, Western Australia
[email protected]
Abstract Intelligent Buildings (IB) have become increasing popular during the past decade, driven through the need to reduce energy, have more reactive and safer buildings, and increase productivity. IB integrate many systems that were in the past isolated from each other, including fire and life safety, HVAC, lighting, security, etc. Facilities contain commercial-in-confidence material and other valued assets; however, IB are integrated through open and common data communication protocols and hardware, leaving facilities exposed to external and internal threats. The study presents an investigation into IB, based on a defeat evaluation methdology. IB vulnerabilities considered two areas, namely physical and software vulnerabilties. Physical hardware vulnerabilities included physical access to the automation devices or workstations, communication networks, wiretapping, remote connectivity, foreign devices and local field programming. Software vulnerabilities included common connectivity protocols, restricted encryption and limited security considerations. These vulnerabilities could result in such attacks as denial of service, covert facilty entry or espionage. IB risks are contextual, aligned with the facility‟s threat exposure; nevertheless, there are generic mitigation strategies that can be taken to protect IB systems. Protection includes situational threat driven security risk management, understanding system criticalities, integration of departments, a degree of network isolation and greater awareness. Keywords Intelligent Buildings; Building Management System; vulnerabilities; mitigation
INTRODUCTION Intelligent Buildings (IB) or Building Management Systems (BMS) are building wide control systems that connect, control and monitor a facility‟s system, subsystems, and plant and equipment. There is no single definition for IB‟s, although the Institute defons Cerdá suggest that they are a: “system that support the flow of information throughout the building, offering advanced services of business automation and telecommunications, allowing furthermore automatic control, monitoring management and maintenance of the different subsystems or services of the building in an optimum and integrated way, local and/or remote, and designed with sufficient flexibility to make possible in a simple and economical way the implementation of future systems.” (cited in Lafontaine, 1999) IB‟s integrate and enable connectivity within the majority of a building‟s plant and equipment systems, including security systems. In the last decade or so, IB‟s have become a significant factor in the design, build, operation and maintenance of commercial buildings. Such systems have become increasing popular, driven through the need to save energy, provide more reactive and safer facilities, and reduce operational costs. IB technology is incorporated into many facilities, some which contain classified material, premises and other assets. These classified protected areas contain many systems, such as fire and life safety, etc., with broader incorporation and integration into traditional electronic, electrical, mechanical and pneumatic systems. Nevertheless IB‟s are still at an early stage, but the feasibility of such technological solutions should be considered from the onset, as privacy, information control and security are often neglected (Gadzheva, 2008, p. 6). These systems are integrated through common and open data communication protocols and hardware that leave facilities vulnerable to both external and internal threats and risks.
16
Study objectives The objectives of the study were to investigate Intelligent Building (IB) systems and their architecture, both software and hardware. The investigation used an emulated bench-mounted IB system to evaluate vulnerabilities from which mitigation strategies could be put forward.
WHAT ARE INTELLIGENT BUILDINGS In the last two decades integrated Intelligent Buildings (IB) systems have become a significant factor in the design and build of commercial buildings. There is also a trend to retrofit existing buildings in increasing numbers, where cost returns to stakeholders are positive. For example, the Empire State building installed an integrated IB with the aim of reducing energy use by 40% (Schneider & Rode, 2010). IB‟s are primarily about creating operational efficiency and effectiveness of the multiple and disparate systems that make up a modern commercial building. Such systems may include standard and emergency lighting, fire and life safety systems, heating, ventilation and air-conditioning (Figure 1), emergency warning and intercommunication (EWIS), elevators and communications. The list of the building components being integrated is extensive and growing, including all security systems.
Figure 1. Typical Intelligent Buildings system (Schneider Electric TAC, 2004, p. 8) Modern IB‟s have received widespread acceptance in the commercial property marketplace and are generically defined as a “computer-based control building automation systems predominate in most commercial and industrial buildings, reducing energy costs while improving system performance, operability and reliability” (Langston & Lauge-Kristensen, 2002). Nevertheless, IB‟s may also be known by several different names including building management system, smart building, building automation system, high-performance building and energy efficient building.
ARCHITECTURE OF INTELLIGENT BUILDING SYSTEMS A typical Intelligent Building (IB) integrates many component parts onto common networks, using both software and hardware architecture. The European Committee for Standardization (CEN) divides IB communications into three distinct layers, namely management level, automation level and field level (Figure 2).
17
Figure 2. Three layered IB architecture (CIBSE, 2000) Hardware Architecture As Figure 2 demonstrates, an IB system is divided into these three levels of architecture. The management level contains the human interface (workstations), server and routing devices, all connected via an Ethernet communication LAN/WAN using TCP/IP/BACnet. The automation level provides the various primary control and secondary room automation, connected via networked Controllers using twisted-pair cables and operating BACnet, LonWorks or KNX, to name a few. The automation level Controllers provide interface between the IB‟s upper and lower levels, and contains some distributed intelligence. Controllers are typically designed to either provide specific application functionality or generic functionality, although most still contain some degree of multi-functionality. Finally, field level devices are connected and operate specific plant and equipment sensor or activators operating such protocols as Modbus or their own proprietary protocol. Field devices are the elements that connect the IB to its physical environment, providing the system with information and the means to continually adjust building environment and safety conditions. There are no single approach to IB hardware application, as the integration of IB devices will depend on the facility‟s requirements and complexity (Figure 3).
Figure 3. Typical IB system (Lonix Building Connectivity, n.d., p. 26) Software Architecture The management device level primarily consist of a software package that allows human system integration, in general operating on standard software such as Microsoft Windows 2000/XP/2003 with WAN/LAN communication on Ethernet, TCP/IP or other standard network equipment. The software system primarily allows human interface to control, adjust and monitor the facility. Many of the manufacturers provide such software 18
packages in various modules, allowing users to select what most suits their building and future upgrades. The second level of an integrated IB system is the automation level. For IB‟s to function there is a requirement for some form of network that links and integrates the many discrete components. The network needs to be “real-time and have a simple device interfaces comparable with the cheap nature of existing building devices such as light switches” (Sharples, Callaghan, & Clarke, 1999, p. 136). Such a requirement has led to a number of IB network standards and protocols (Table 1). Table 1. IB industry standards and protocols
BACnet C-Bus CIBSE DALI DSI Midac
Standards or Protocols Dynet Modbus Energy Star oBIX EnOcean OpenTherm KNX ZigBee LonTalk OpenWebNet
(Adjusted from Sharples, et al., 1999, p. 136) No particular standard for all current IB devices exists nowadays, although the two protocols BACnet and LonWorks have been widely accepted and used as international de-facto standards. Furthermore, the industry has embraced Ethernet connectivity to all IB devices, whether they are primary network or sub-network devices. Connectivity encompasses Direct Digital Controllers (DDC) along with open protocols such as BACnet, LonWorks and Modbus (Figure 4). Contemporary control supports all these protocols, while providing universal input/output connections to temperature sensors, damper actuators, life safety and lighting devices (Automated Buildings.com, n.d.).
Figure 4. IB software architecture (Siemens, n.d.)
INTELLIGENT BUILDING VULNERABILITIES Intelligent Building (IB) systems are exposed to diverse vulnerabilities, such as a facility wide common and open data communication protocols and hardware, and restricted awareness or consideration of security issues. These issues leave IB vulnerable to both external and internal threats. The initial part of the study puts forward a proposed list of desk-top assessed vulnerabilities, which informed the defeat evaluation planning. The intent of IB is to connect and integrate plant and equipment, allowing local and/or remote control and monitoring; however, many of these systems are designed, installed and operated by service engineers, with 19
restricted consideration of security. The service focus is to maintain the facility‟s environmental and operational capability, rather than protect the various IB parts beyond locking plant rooms or enclosures. For example, today a Chiller will have the functionality to interface not only to its propriety HVAC system, but also a generic IB system. IB‟s are expanded IT networks that are required throughout and into almost every part of the facility, such as plant rooms, service areas, ceiling spaces, etc. In addition, many IB use the IT network as its primary data network. At each component location there will be a Controller, which has all the functionality of a desk computer excluding the user interface. However, there is functionality that allows programming devices to be plugged into the Controller, giving access to the greater IB system and in some instances, the greater IT network. There has been limited consideration of the vulnerability of IB systems (Gadzheva, 2008), either from such bodies as the International Organizations for Standards (ISO), the IB manufactures, integrators or maintainers. Their focus is to ensure that the many pieces of a facility‟s plant and equipment integrate and effectively communicate, with little additional interfacing required. Underlying program coding and interface hardware is freely available. IB suffer from generic vulnerabilities, with the primary difference being the contextual application and therefore, threat to the IB and greater facility. An initial review of likely vulnerabilities ranged from physical access to devices to not having any form of uninterrupted power supply to maintain capability (Table 2). Table 2. Overview of proposed vulnerabilities Desk-top evaluation Device access (physical) Network access (physical)
Wiretapping EM attack Workstation Remote workstation Foreign device Internal & external memory Device program Embedded function Enclosures Anti-tamper Power supplies
Vulnerabilities Access & compromise of the Management software Access & compromise of the Automation level Access & compromise of the Ethernet Access & compromise of the Automation level Known unauthorised secret key Unauthorised key – loss of integrity Access & compromise of the Ethernet Access & compromise of the Automation level Wiretap & compromise of the Ethernet Wiretap & compromise of the Automation level Access & compromise of the Management software Ethernet access with a foreign computer Automation level insertion of a foreign Controller Extraction of past and insertion of system memory Use of an External Programmer at a Controller Illegal use of embedded functions Existing enclosure are only dust covers No anti-tamper capability Whole of system shutdown on loss of power
These reviewed IB vulnerabilities were then used as a priori assessment to develop and plan the evaluation methodology on the emulated IB system.
METHODOLOGY The evaluation methodology applied a priori evaluation approach, which considered reliability, validity and testing scope (Brooks, 2010). These three aspects were considered to be core principles during evaluation (Jones & Smith, 2005; Smith, 2007) as reliability ensures that evaluation is conducted in such a way that results are repeatable, given the same variables and environmental conditions. Validity ensures that the evaluation is based on a careful selection and isolated independent variables, and the methodology evaluates what it asset to measure. The testing scope included simple to complex physical and technological attacks, resulting in an understanding of the IB‟s vulnerabilities. A number of discrete steps were taken within the evaluation methodology (Figure 5), commencing with documenting a defined approach to evaluation that ensured a priori testing criteria.
20
Figure 5. Defeat evaluation methodology (Adjusted from Brooks, 2010) An IB system was selected for vulnerability evaluation, based on a number of parameters such as: 1.
The system is produced by a international manufacturer within the IB market.
2.
Supplier has offices for the design, installation, maintenance and support in most major centres in Australia, and carries a broad range of IB products from the management to device level.
3.
The system is used extensively in major facilities around Australia.
4.
That the sponsoring agency supported the selection of this system.
The procured system comprised of a number of discrete devices (Figure 6) that were integrated to reflect what could be considered a typical facility IB, although in a smaller scale. The Management level computer was an IBM Laptop, operating a Pentium 1.7GHz with 1GB RAM and Microsoft Windows XP Professional V2002. The IB devices were desk-top mounted onto a board and connected (Figure 6). 7Connections included 240VAC primary supply, data network Ethernet and automation RS-485 BACnet. In addition, a custom manufactured Test Module (Figure 8) was connected to increase the number of inputs (x4) and outputs (x4).
Computer
Ethernet BACnet
Management Software
VAV Box
F
IP Gateway D-Link
Controller AHU
Expander Module
Controller
Ethernet BACnet
RS-485 BACnet
Lighting
Test Module
Controller
Controller AHU Switch 4w
Sensor
Figure 6. Evaluated IB system connections
21
Figure 7. Evaluated IB system
Figure 8. Evaluation input/output expansion module
The Management level Laptop was programmed to recognize all network items. A simple Graphical User Interface (GUI) was programmed for the Management software to monitor and control the various components (Figure 9). The GUI displayed items such as temperature readings from duct sensors, screen control of the VAV duct actuator, switch status, etc.
Figure 9. Management software graphical user interface The emulated IB was then tested to the evaluation methodology (Figure 5), leading to the validation of a number of IB vulnerabilities (noted in Table 2).
22
RESULTS The evaluation method was applied to the emulated IB, with some significant vulnerabilities found. These vulnerabilities included attacks on the physical management and automation level networks, attacks on the Controllers, and system reliance on power. Physical access to the Workstation with common management level software was a significant threat against the IB. Such access allows the attacker to alter the IB program with their own coding, for example write to a Controller to allow an extended time delay before a detector alarms to support undetected access. In addition, there is the ability to install malicious code on the system, for example a key logger. Physical access to any part of the Ethernet cable allowed wiretapping, for example using insulation-displacement connectors (Figure 10). Once connected to the Automation level network, freeware BACnet4Linux enables full monitoring capability; however, this software it its current format could not write back to control the IB system. Nevertheless, professional automation level software could not only monitor, but also write back to the IB system. At the Management ethernet level, the MS/TP protocol is readable using freeware such as Wireshark.
Figure 10. Wiretap covertly using single pair insulation-displacement connectors Most IB Controller‟s contain a service port, where a readily available local Service Tool can be connected (Figure 11). The Service Tool allows local access to the Controller and changes to its automation level programming. For example, such program changes could switch inputs and outputs on or off at a predefined time, thereby turning off a detector or series of detectors to allow undetected access into a facility. Another example could be turning off HVAC and disabling any alarms, allowing server rooms to overheat and eventually, shutdown.
Figure 11. Service Port on a typical Air Handling Controller (AHC) Controllers are supplied in a light-weight cover that is designed to provide protection for the internal circuitry, but not to protect against an attacker. The cover clips on/off by a simple depression of its sides and no form of anti-tamper is fitted. A significant redesign or use of an additional enclosure with anti-tamper would be required to protect the Controller.
23
Various Controllers had their literature reviewed for additional add-on wireless functionality. A wireless adaptor that plugs directly into the service port was found and such a device was covertly inserted within the Controllers enclosure. The system relied on the primary power supply to maintain functionality, as all devices required some power to maintain monitoring and control capabilities. In general, power requirements varied between 240VAC to 12VAC/DC for devices. Loss of utility power can be localised or whole of system and when lost, other building plant and equipment fail such as HVAC, non-emergency lighting, elevators, etc. Loss or partial loss of IB power resulted in the loss of network communication, and control and monitoring capability. Mitigating IB Vulnerabilities Intelligent Building (IB) risks are contextual; in other words, directly aligned with the facility‟s threat exposure. If the facility contains sensitive or other highly protected information, the IB threat should be considered significant. However, there are a number of generic mitigation strategies that can be taken, such as:
Security risk management: A sound security risk management strategy considering situational threat assessment, system criticalities and identified vulnerabilities.
Information system and communication protection: Provide some degree of network isolation and partitioning, both internal and external, between the IB, operating systems and wider networks.
Physical and environmental security: Control and validate access to the various and critical IB parts, with layered protection measures wherever possible.
Personnel security: Ensure personnel are vetted who operate and maintain the IB system, including third parties.
Continuity of operations: Provide a degree of emergency power to the more critical IB functions and parts.
Security awareness: Provide training to increase awareness of IB and their vulnerabilities across the organisation. In addition, ensure greater integration of the various stove-piped departments such as IT and Computing, Physical Security, Personnel Security and Facility Management functions.
Future IB Threats and Risk There needs to be some consideration of the future of Intelligent Building (IB) systems, to provide some degree of comment on developing and changing technologies likely to be used in the next decade. Such a review provides a degree of understanding of potential and developing threats and vulnerabilities of IB technologies. These issues (Table 3) should consider the greater use of wireless devices and telecommunications for ease of connectivity, greater and increasing open architecture, extended system communications, plug and play to facilitate connectivity, single design approach of such devices as Controllers, artificial intelligence and finally, smart and multi-functional sensors to achieve multiple functions. Table 3. Future IB threats and risk Future threat or risk Wireless Open architecture Extended interconnectivity Plug and play Single design approach
Artificial intelligence Smart sensor
Descriptor Increasing use of wireless for ease and cost of connectivity To aid increasing connectivity, both software and hardware architecture will need to become more available, allowing vulnerabilities to be found Large systems will have multiple connectivity, both internal and externally, extending to other networks and cloud computing Devices will be easier to install through plug and play, where devices are connected to the network and accepted with restricted authentication A single Controller circuit that has multiple application use and functions. Functions may be software disenabled, such as wireless, various inputs & outputs, etc. Systems will become “smarter”, leading to more complex systems and greater difficulty in identify vulnerabilities Sensors will perform multiple functions such as light, HVAC and security detection, making them more prone to spoofing or masking
24
FURTHER RESEARCH There are a number of issues that need to be considered to mitigate current and future IB vulnerabilities, beyond only the technical and application issues of IB. Further research should consider:
Dynamic technology of IB systems, considering the convergence between hardware, software and networks, and changing technology.
Changing approaches to IB systems application, to better understand of how users, operators and integrators configure, install, operate and maintain IB.
The IB industry‟s perspective and awareness of current and future security issues.
Increasing the awareness of IB vulnerabilities to the various communities, such as security, IT and computing, infrastructure and facilities, etc.
CONCLUSION Intelligent Buildings (IB‟s) are becoming more common place in commercial buildings. There are distinct benefits in IB‟s, such as reduced operating costs and a more reactive building, providing owners, operators and users a better experience. Nevertheless, IB‟s are prone to vulnerabilities across their hardware, software and network devices. The degree of vulnerability is contextual, primarily directed by the facility‟s threats. This study used a defeat evaluation method (Figure 4) to evaluate a list of proposed vulnerabilities (Table 2) using an emulated IB system to validate vulnerabilities. The more significant validated vulnerabilities included attacks on the physical management and automation level networks, attacks against Controllers, and the IB‟s reliance on power to maintain capability. Wiretapping on the network allowed an understanding on what was occurring in the system. Access to Controllers also allowed access to the network, local programming, and its inputs and outputs. Nevertheless, mitigation strategies were proposed, including a threat informed security risk management process, understanding IB criticalities, some network isolation, staff vetting and access control, and raising awareness of IB vulnerabilities. Finally, future threats and risks considered the likely increase in wireless devices increasing open architecture and extended system communications, single design approach and smarter multi-functional sensors to achieve multiple functions.
REFERENCES Automated Buildings.com. (n.d.). Networks. Retrieved July 22, 2010, from http://www.automatedbuildings.com/frame_products.htm Brooks, D. J. (2010). Assessing vulnerabilities of biometric readers using an applied defeat evaluation methodology. Paper presented at the Proceedings of the 3rd Australian Security and Intelligence Conference, Perth. CIBSE. (2000). Building control systems: CIBSE Guide H. Oxford: Butterworth-Heinemann. Gadzheva, M. (2008). Legal issues in wireless building automation: an EU perspective. International Journal of Law and Information Technology, 1-17. doi: 10.1093/iijit/ean001 Jones, D. E. L., & Smith, C. L. (2005). The development of a model for testing and evaluation of security equipment within Australian Standard / New Zealand Standard AS/NZS 4360:2004 - Risk Management. Paper presented at the Recent advances in counter-terrorism technology and infrastructure protection, Proceedings of the 2005 Science, Engineering and Technology Summit 2005 Canberra, Australia. Lafontaine, J. (1999). Intelligent building concept. Ontario: EMCS Engineering Inc. Langston, C., & Lauge-Kristensen, R. (2002). Strategic management of built facilities. Boston: ButterworthHeinemann. Lonix Building Connectivity. (n.d.). System overview. Retrieved May, 25, 2010, from www.lonix.com/training/Lecture_Systems_Overview.pdf Schneider, D., & Rode, P. (2010). Energy renaissance. High Performance Building Magazine, 13-16. Schneider Electric TAC. (2004). Product catalogue: Schneider Electric.
25
Sharples, S., Callaghan, V., & Clarke, G. (1999). A multi-agent architecture for intelligent building sensing and control. Sensor Review, 19(2), 135-140. Siemens. (n.d.). Communication. Retrieved July 22, 2010, from http://www.buildingtechnologies.siemens.com/bt/global/en/buildingautomation-hvac/buildingautomation/building-automation-and-control-system-europedesigo/system/communication/Pages/communication.aspx Smith, C. (2007). The evaluation of security systems: Testing biometrics and intelligent imaging systems. Paper presented at the The 6th International Workshop for Applied PKC (IWAAP2007).
26
SECURITY RISK MANAGEMENT IN THE ASIA PACIFIC REGION: WHAT ARE SECURITY PROFESSIONAL USING? David J. Brooks and Hamish Cotton secau Security Research Centre, School of Computer and Security Science Edith Cowan University, Perth, Western Australia
[email protected];
[email protected]
Abstract The Asia Pacific (APAC) region encompasses a heterogeneous group of nation-states. Like the APAC region, the security industry operates within a diverse and multi-disciplined knowledge base, with risk management being a fundamental knowledge domain within security. Nevertheless, there has been limited understanding of what security professionals use when applying security risk management. The study was designed to gain a better understanding of risk management practice in place throughout APAC. Questions were generated to gauge an understanding of current practice and levels of implementation of standards and frameworks. Participants were drawn from many industries, using non-probabilistic sampling methods in a “snowball” response to an online survey. Results were collected and analysed to provide interpretations and findings, and where appropriate, weighted factor analysis were conducted. Findings indicated that the majority of APAC nation-states do not have a defined risk management standard, but security practitioners use their own internal framework. Following this approach, security practitioners use ISO 31000 and AS/NZS 4360 standards in parity, even considering their differing age. ISO 28000 Supply Chain Security Management was a popular standard, driven from Singapore. Nevertheless, the use of these standards should still raise concern due to a lack of a directed security risks management frameworks that incorporates threat, vulnerability and criticality. Further study needs to better understand what risk management techniques and frameworks security practitioners are using. Key words Risk management; security risk management; Asia Pacific; ISO 31000:2009; compliance
INTRODUCTION Over the past two decades, the concept of risk management as a formal discipline has emerged throughout the private and public sectors (Aven, 2008; Power, 2007) and this has begun to embed into the Asia Pacific (APAC) region (Cubbage & Brooks, In press). Risk management is now a well established discipline, with its own body of knowledge and domain practitioners. Nation-states worldwide have their own risk management standards and in many of these nation-states, it is the senior company executives who have responsibility to ensure that appropriate risk management practices meet internal and external compliance requirements (Brooks, 2011). Nevertheless, many of these standards and compliance requirements only consider risk management, not security risk management. Security risk management may be considered unique from other forms of risk management, as many of the more generic risk models lack key concepts necessary for effective design, application and mitigation of security risks (Brooks, 2011). Background and Significance of the study Security, like other management disciplines, has embraced the principles and application of risk management, in particular, a probabilistic risk approach to measure risk and aid decision-making (Standards Australia, 2006; Talbot & Jakeman, 2008). Such an approach has been supported by many, who view probabilistic risk as a tool that produces rational, objective and informed options from which decisions may be made (Garlick, 2007; Morgan & Henrion, 1990). Based on a quantitative, semi-quantitative or qualitative assessment of the probability and consequences of future events, probabilistic risk aims to provide security managers with a measurement of such risks. Measurements are then used to formulate cost-effective decisions to shape a future which (attempts to) minimize potential harm, whilst capitalizing on potential opportunities (Garlick, 2007). However, many argue that probabilistic risk is inadequate for delivering (expected) rational measurements of security risks in what may be considered an increasingly uncertain and changing environment (Bier, 1999, 2007; Cox, 2008; Manunta, 2002). It could be argued that a probabilistic approach does not provide efficacy for security, as security risk management has to take a greater heuristic approach.
27
There are a number of nation-state international standards that consider risk management, but how used are these within the APAC practice area of security? Today, all parts of an organisation will use risk management to some degree and security is no different. Global standards such as ISO 31000:2009 is perhaps the benchmark. But the perceived view of this standard is currently being evaluated by a global survey (Dali, 2011), using many different risk groups. Furthermore, the security use of ISO 31000:2009 may be flawed, as it neglects to raise and integrate specific security risk concepts such as threat, vulnerability and criticality (Brooks, 2011), unlike AS/NZS HB 167:2006 Security Risk Management that incorporates these concepts into an integrated framework. Study objectives The study addressed a discrete Research Question, namely: What risk management standard or framework do security practitioners use in the Asia Pacific region? This overarching question allowed a number of discrete issues to be considered, such as the use of “in country” or “home country” security risk standards and frameworks? In addition, are there separate APAC “in country” security risk management standards and finally, do nation-states issues affect security risk management across the region?
STUDY DESIGN The study conducted online surveys, which allowed for both quantitative and qualitative information gathering across the broad geographical area of the Asia Pacific (APAC). An initial number of APAC security practitioners were sourced, based on their known standing in the security management community. Each participant was asked to recommend additional leading risk management practitioners. From peer recommendations, additional practitioners were contacted until the study sampling size (N=35) was attained using a snowball effect. On contact, each practitioner was given access to the on-line survey tool (Figure 1). An on-line survey was administered to the practitioners due to the diverse geographical spread of the practitioners. All responses were anonymous, and information such as IP addresses and locations were not collected to enable the participant‟s to speak as freely as possible.
Figure 1. On-line survey snap shot The on-line survey contained the questions outlined below: 1. Does the country you operate within have a Risk Management Standard? 2. If so, what Framework/Standard would you use most often? 3. If you are part of a Multi-National organisation, do you use your "Home-Country" Risk Framework and or Standard? 4. Is there a separate Security Risk Management Framework/Standard in the country you operate within?
28
5. What, if any, are the nation-state issues that need to be considered for international corporations when operating "in-country"? 6. Please show which country you operate within in the text box below After a set period, results were collected, processed and analysed to provide interpretations and findings. Due to the majority of respondents operating within the Australasia, where appropriate, weighted factor analysis was conducted. In addition, some of the respondents operated in multiple nation-state‟s, so responses that indicated consistent practice have been added to represent each state.
ANALYSIS The collected data was analysis, presented in the sequence of the posed survey question. Q1: Does the country you operate in have a Risk Management Standard? The result of the survey Question 1 indicated that many of the Asia Pacific nation-states do not have a risk standard (Figure 2).
ISO31000 25
AS/NZ4360 ISO28000
20
OHSAS18000 15
TIS18000
10
SS540 No risk management standard
5 0
GB/T24353 (China) APAC risk management standards in use
HB167 Internal company Framework
Figure 2. APAC risk management standards When the same participant responses were weighted, to allow for a cross sample representation of nation-states, the results indicated no significant change. A significant number of the respondents indicated that the in-country nation-states did not have a risk management standard (Figure 3). Both ISO 31000 and AS/NZS 4360 are reflected as the two most popular responses after “no risk management standard”; however, there is a levelling over the remaining frameworks that indicates that although ISO 31000 is often the “in-country” risk framework, many other frameworks are in place among the various APAC nation-states.
29
ISO31000 25
AS/NZ4360 ISO28000
20
OHSAS18000 15
TIS18000 SS540
10
No risk management standard 5 0
GB/T24353 (China) APAC risk management standards (weighted)
HB 167 Internal company Framework
Figure 3. APAC risk management standards (weighted) Q2: What Framework or Standard would you use most? Question 2 represented the most used frameworks, whether it is an in-country standard as mentioned in Question 1 or any other standard. As illustrated, the “no risk management standard” remains the most popular approach (Figure 4). Of the companies surveyed, the most used framework was ISO 31000 with internal risk management standards proving to be the next most popular approach.
ISO31000
8 7 6 5 4 3 2 1 0
AS/NZS 4360 No Standard GB/T24353 Internal standards ISO28000 OHSAS18000 TIS18000 Risk management standards
SS540
Figure 4. What framework would you use? When Question 2 results were weighted to represent each nation-state equally, the results indicate a large number of risk professionals are using AS/NZS 4360 and “Internal” standards in an almost equal measure (Figure 5). In addition, the amount to which the companies within each nation-state use no risk management standard or ISO31000 reduces significantly. One of the standards that come to the fore shows the more widespread use of ISO 28000, which is primarily focussed toward supply chain management. An interesting result is the parity of the older AS/NZS 4360:2004 and the newer ISO 31000:2009.
30
3.5
ISO31000
3
HB167
2.5
AS/NZ4360
2
No
1.5
Internal
1
GB/T 24353
0.5
OHSAS18001
0
ISO28000 1
NFPA & Ansi
Figure 5. What framework would you use (equal weighting) Q3: As an International company, do you use your "Home-Country" framework? Question 3 gauged the application of “home country” risk management frameworks within the international corporate environment. The results indicated (Figure 6) that two-thirds of the respondents did not use their home country risk management standards. Although this survey did not seek to understand “why”, a number of factors may influence this response including legislative requirements, compliance and the overall lack of implementation of risk management frameworks and standards among those surveyed.
Yes 31%
N/A 3%
no 66%
Figure 6. International companies use of "Home-Country" risk frameworks Q4: Is there a Security Risk Management framework in-country? Question 4 attempted to understand whether separate risk management frameworks existed with in-country operations. The participants indicated in the affirmative (78%), that there were no local security risk management standards (Figure 7). Whether frameworks exist, or whether the practitioners were unaware of them. This can be demonstrated by the 5 participants (n=8) answering “no” from Australia.
31
Yes 31%
N/A 3%
No 78% Figure 7. Separate security risk management framework in-country operation? Q5: Issues for international corporations when operating "in-country"? This question represents the qualitative aspect to the survey, by attempting to understand the barriers of working within foreign environments. The resulting comments (Table 1) ranged greatly, from no significant barriers through to issues of corruption and compliance. Of interest is the focus of many of the respondents on compliance and legislative issues. These issues appear to be at odds with survey Questions 1 to 3, which indicated that many companies in a number of nation-states do not implement a risk management standard. In addition, that a large proportion used “no framework”, the older AS/NZS 4360 standards or internal risk management systems. Table 1. What are the in-country nation-state risk management issues? Participant written responses (simplified) Abide by the law. Ensuring compliance with State Laws, including Industrial laws. Legal obligations. Good Corporate Citizenship and obtaining "buy in" from local employees. Corruption, ISPS and processes for obtaining assigned Government security support. Remain vigilant, as people will attempt to defraud you from within and extort you from outside. Host country issues most relevant to the multi-national I work for are commercial (tax, residency, legal etc). A very open ended question. XXXX1 being a diverse and vibrant country attracts a great deal of foreign investment, entities operating within confronted with diverse and vibrant threats and risks. Legislative changes. Political, IR/HR issues, workplace safety, regulatory/compliance matters There should be local legislations that are compulsory for companies to follow. Regulatory requirements. Legislative requirements that require compliance within an in-country set of standards and may differ from global internal company standards. Need to be globally consistent, but regionally flexible. (1) The English common law "duty of care" principle; (2) legal aspects pertaining to negligence; (3) occupational health and safety laws; & local fire safety codes. Business Continuity Management issues. Local regulatory requirements pertaining to business and corporate governance. Legal frameworks, HSE, cultural issues, risk acceptance Local procurement process, including the need to have a local company as a representative. Note 1: XXXX = Nation-state removed to maintain ethics anonymity
32
FINDINGS AND RECOMMENDATIONS The survey represented a number of nation-states and their practitioners within the Asia Pacific region. Findings allowed a response to the posed Research Question, being What risk management standard or framework do security practitioners use in the Asia Pacific region? In responding to the research question, a list of used frameworks or standards are listed and described. In addition, the limited or extensive use of these frameworks, the issue of governance and the unique nature of security risk management are considered. The many approaches to Risk Management There are a number of risk management and security risk management frameworks used by the security industry (Table 2) in APAC. Table 2. Risk Management Standard or Framework
Standard or Framework ISO 31000: 2009 Risk Management
Singapore Standard SS540 (BCM)
AS/NZS Handbook 167:2006 Security Risk Management
ISO 28000 Supply Chain Security Management
NFPA 1250: Practice in Emergency Service Organization Risk Management
TIS 18000 Guide to OH&S Management Systems
RMIA SRMBOK
AS/NZS 4360:2004 Risk Management
AS4360 Risk Management (now obsolete) AS/NZS 4360:2004 Risk Management (Standards Australia, 2004) was first published in 1992 and is considered “almost a de facto global standard” (Jay, 2005, p. 2), becoming “recognised internationally as best practice” (Jones & Smith, 2005, p. 23). The standard was widely used by security professionals within Australia and became the draft for the International Standards Organisation ISO 31000:2009 Risk Management (Standards Australia, 2009, p. vi). The standard has now been replaced by AS/NZS ISO 31000:2009. ISO 31000:2009 Risk Management ISO 31000:2009 Risk Management presents a framework (Figure 8) or process (Standards Australia, 2009, p. vi) for risk management. What the ISO 31000:2009 Risk Management standard does not consider are security risk concepts such as threat, vulnerability and criticality, which could be considered significant. Such limitations were addressed by Standards Australia when they developed, in consultation with academia and the security industry, a specific security risk management standard, namely Handbook AS/NZS HB167:2006 Security Risk Management.
Figure 8. Risk management.
33
(Standards Australia, 2004) Singapore Standard SS540 (BCM) Singapore Standard SS540 is a framework for organization to analyse, implement strategies, process and procedures in continuity. The standard focuses on resilience and protection of critical assets, human, environment, intangible and physical, taking a continuity management and recovery of critical business functions approach. The standard aims to provide policy, procedures and process to prevent, prepare, respond and recover (Heng, 2008). AS/NZS HB167:2006 Security Risk Management As Standards Australia stated in their handbook of security risk management, “the field of security risk management is rapidly evolving and as such this Handbook cannot cover all aspects and variant approaches” (2004, p. 2). The handbook “provides a means of better understanding the nature of security threats” (Standards Australia, 2006, p. 6). For example, the handbook considers such security risk concepts as threat, criticality and vulnerability (Figure 9); all significance and unique to this domain of risk management (Brooks, 2011).
Figure 9. HB167:2006 Security risk management framework. (Standards Australia, 2006, p. 14) NFPA 1250: Practice in Emergency Service Organization Risk Management Practice establishes minimum criteria to develop, implement or evaluate an emergency service organization risk management program for effective risk identification, control and financing of fire departments and organisations. The standard incorporates all frameworks that a fire authority could implement and use as a model to ensure compliance within the wider jurisdiction of risk management and contingency planning. ISO 28000 Supply Chain Security Management ISO 28000 standard attempts to reduce risks to people and cargo within the supply chain. The standard address potential security issues at all stages of the supply process, thus targeting threats such as terrorism, fraud and
34
piracy. ISO 28000 specifies the requirements for a security management system to ensure safety in the supply chain. This standard appears to be driven strongly from the Singapore government. TIS18000 Guide to Occupational Health and Safety Management Systems Thailand‟s TIS18000 has been established based on the British Standard, BS 8800:1996 Guide to Occupational Health and Safety Management Systems. Currently, there are two series of standard being: TIS 18001: Occupational Health and Safety Management System: Specification, and (2) TIS 18004: Occupational Health and Safety Management System: Technical Guides on Implementation of OSH-MS. Security Risk Management Body of Knowledge (SRMBOK) An Australian Federal Government supported initiative with RMIA resulted in the SRMBOK framework and guide for practitioners (Talbot & Jakeman, 2008). The guide attempts to resolve security risk management elements such as “a framework for critical knowledge, competency and practice areas which managers, practitioners, students and academics alike can apply to recruit, train, educate and measure performance” (Risk Management Institute of Australasia, 2007, p. 1). Limited use of frameworks Perhaps the most interesting finding is that no specific frameworks or standards are implemented by many working practitioners within the security risk management field. Such an issue can be caused by the diverse issue of limited professionalism in the industry. To be professional requires enforced standards of behaviour/ethics, standards of education, formal requirement for professional development, a college of peers and a distinct body of knowledge (The Interim Security Professionals Taskforce, 2008, p. 10). A distinct body of knowledge for corporate security includes security risk management (Brooks, 2011), a view supported by other such as Risk Management Institute of Australasia (RMIA) (Talbot & Jakeman, 2008) and ASIS International (2009). Analysis could argue that professionalism is lacking, as the use of theoretical security risk management frameworks would be what is expected of professional practitioners. Use of ISO 31000 The study found that ISO 31000 was used, but this was relatively restricted and far less than the Australian Standard AS/NZS 4360. In the past, the predecessor of ISO 31000:2009 was AS/NZS 4360. This standard was often considered “almost a de facto global standard” (Jay, 2005, p. 2) and has become an international template on dealing with risk. It has been used extensively by security and risk professionals across Australia (Beard & Brooks, 2006, p. 5; Jones & Smith, 2005, p. 2) and Asia Pacific. Nevertheless, it could be argued that ISO 31000 should provide risk management and security risk management with its underlying framework due to its international status. Significant use of AS/NZS 4360 Of the responses citing adherence to risk management frameworks, a significant number of respondents indicated adherence to the now superseded AS/NZS 4360:2004 Standard. Many of the participants highlighted the need for ongoing training and education in the risk management profession towards a more holistic framework, incorporating an element of resilience as demonstrated with ISO 31000. Nevertheless, resilience is still developing and expanding; with early embodiments of Organisational Resilience originating in the United Kingdom from Continuity Management and the United States from Security Management (Brae & Brooks, 2011). Another explanation could be that the risk framework set out by AS/NZS 4360 is seen as an adequate response to risk in a corporate environment, with issues of resilience falling to other areas of the corporate model. Corporate Governance Issues of corruption and legal compliance are reflected quite broadly across all responses. This issue raises the question; is this unique to the Asia Pacific region? Or a broader problem within the security risk management field. Compliance issues were also prominent; however, this is also reflected in some of the standards and frameworks mentioned throughout the study. As the Thai Industrial standards reflected, a number of standards are heavily based on ISO 31000 with individual nations-states issuing new standards which allow for certification.
35
Unique nature of SRM The study clearly indicated a lack of formal or informal security risk management frameworks or standards. As Standards Australia suggested, “the field of security risk management is rapidly evolving” (2004, p. 2). Security risk management is a unique sub-domain of risk management (Brooks, 2011) demonstrated through a number of concepts such as threat, criticality and vulnerability. Threat is a critical factor when considering security risk; however, ISO 31000:2009 does not present this concept or other security related concepts like vulnerability. It could be argued that with use of such standards as ISO 31000 and AS/NZS4360, that security practitioners lack this specific sub-domain knowledge to ensure efficacy in security risk management.
METHODOLOGICAL IMPLICATIONS Methodological limitations of the study were identified and included the need for a greater and broader sample. For greater statistical confidence, the sample size could have been larger. In addition, due to the nonprobabilistic sampling approach, homogeneity of study participants and experts could have been experienced. Both factors may have resulted in some degree of error in the study‟s findings; nevertheless, conclusions made have to be considered within the context of the study.
FURTHER RESEARCH The study has led to the need for greater research in certain aspects of security risk management. These issues include an extended understanding of what standards, frameworks or process practitioners are doing when and if they use security risk management. Why is an obsolete standard still used extensively and why is ISO 31000 not making greater propagation into the Asia Pacific region? Some of these issues may be addressed with the current global survey of ISO 31000 underway (Dali, 2011); however, beyond this survey is the need for a greater security driven risk management understanding.
CONCLUSION Risk management and to some degree, security risk management, have flourished over the past decade and are relied upon to provide robust and informed mitigation strategies in the protection of people, information and assets. However, most risk management standards provide a framework or process that takes a probabilistic approach to risk management, perhaps not wholly suitable for security. In addition, within the broad heterogeneous region of Asia Pacific, what frameworks or standards are security practitioners using? The study used a non-probabilistic on-line survey of security practitioners in the Asia Pacific region, in an attempt to gauge what security risk management frameworks security professionals are using. The study found that a broad range of standards were being used, such as ISO 31000, ISO 28000, Singapore Standard SS540 and Australian Standard AS/NZS 4360, to name a few. These many standards were described, providing a brief synthesis of each. Nevertheless, the most used framework was the “internal framework”, although the extent and approach of this framework certainly requires more in-depth research. Furthermore, many of the Asia Pacific nation-states have no risk management or security risk management standard. An issue that requires greater discussion is the lack of security risk management standards. Generic risk management lacks core security risk management concepts, such as threat, criticality and vulnerability. Therefore, there is a greater need for directed security risk management standards, preferable at the international level using an ISO standard. Further research needs to use a larger and more diverse sample, to better understand what “internal frameworks” are being used and the make-up of these frameworks.
REFERENCES ASIS International. (2009). Security body of knowledge (BoK): substantive considerations. ASIS International Academic/Practitioner Symposium 2009, ASIS International. Aven, T. (2008). Risk analysis: Assessing uncertainties beyond expected values and probabilities. West Sussex: John Wiley & Sons Inc. Beard, B., & Brooks, D. J. (2006). Security risk assessment: Group approach to a consensual outcome. Proceeding of the 7th Australian Information Warfare and Security Conference, 5-8. Bier, V. M. (1999). Challenges to the acceptance of probabilistic risk analysis [Electronic version]. Risk Analysis, 19(4), 703-710. Bier, V. M. (2007). Choosing What to Protect [Electronic version]. Risk Analysis, 27(3), 607-620. 36
Brae, B., & Brooks, D. J. (2011). Organisational Resilience: Understanding and identifying the essential concepts. Paper presented at the SAFE 11: 4th International Conference on Safety and Security Engineering, Antwerp, Belgium. Brooks, D. J. (2011). Security risk management: A psychometric map of expert knowledge structure. International Journal of Risk Management, 13(1/2), 17–41. doi: 10.1057/rm.2010.7 Cox, L. A. (2008). Some limitations of “risk = threat x vulnerability x consequence” for risk analysis of terrorist attacks [Electronic version]. Risk Analysis, 28(6), 1749-1761. Cubbage, C., & Brooks, D. J. (In press). Corporate security in the Asia Pacific region: Crisis, crime, fraud and misconduct. New York: Francis & Talyor. Dali, A. (2011). Global survey on ISO 31000 risk management standard Retrieved October, 18, 2011, from http://www.linkedin.com/groups?mostPopular=&gid=1834592 Garlick, A. (2007). Estimating risk: a management approach. Aldershot: Gower Publishing Company. Jay, C. (2005, 2005, 17 March). Big debacles help shape a new science, The Australian Financial Review, p. p. 2. Jones, D. E. L., & Smith, C. L. (2005). The development of a model for testing and evaluation of security equipment within Australian Standard / New Zealand Standard AS/NZS 4360:2004 - Risk Management. Paper presented at the Recent advances in counter-terrorism technology and infrastructure protection, Proceedings of the 2005 Science, Engineering and Technology Summit 2005 Canberra, Australia. Manunta, G. (2002). Risk and security: Are they compatible concepts? Security Journal, 15(2), 43-55. Morgan, G., & Henrion, M. (1990). Uncertainty: a guide to dealing with uncertainty in quantitative risk and policy analysis. New York: Cambridge University Press. Power, M. (2007). Organized uncertainty: Designing a world of risk management. Oxford: Oxford University Press. Risk Management Institute of Australasia. (2007). Security Risk Management Body of Knowledge. Retrieved 24 January, 2007, from http://www.securityprofessionals.org.au/2007SRMBOK.htm Standards Australia. (2004). AS/NZS4360:2004 Risk management. Sydney: Standards Australia International Ltd. Standards Australia. (2006). HB 167:2006 Security risk management. Sydney: Standards Australia International Ltd. Standards Australia. (2009). AS/NZS ISO31000:2009 Risk management - Principles and guidelines. Sydney: Standards Australia International Ltd. Talbot, J., & Jakeman, M. (2008). SRMBOK: security risk management body of knowledge. Carlton South: Risk Management Institution of Australasia Ltd. The Interim Security Professionals Taskforce. (2008). Advancing security professionals: a discussion paper to identify the key actions required to advance security. Melbourne: The Australian Government AttorneyGeneral.
37
AN EXPLORATION OF 1st AND 2nd GENERATION CPTED FOR END OF YEAR SCHOOL LEAVERS AT ROTTNEST ISLAND John Letch1, Ellice McGlinn1, Jonathon F. Bell1, Emma Downing1 and David M. Cook1,2 1 School of Computer and Security Science 2 secau Security Research Centre Edith Cowan University, Perth, Western Australia
[email protected]
Abstract The end-of-year post exam celebrations for Year 12 secondary school students presents a unique crime prevention proposition in Australia each year. Students of approximately 17 years of age congregate in a variety of locations in large groups known as „Leavers‟. Traditionally a number of 'rite of passage' activities, fuelled by additional factors such as alcohol, drugs and peer pressure, have resulted in an increased risk of crime and anti-social behaviour. This paper examines mitigation strategies aligned with Crime Prevention Through Environmental Design (CPTED) when placed at an event. Using the annual Leavers cohort at Rottnest Island, W.A., a number of 1st and 2nd generation CPTED instruments are discussed and evaluated. The additional isolation factor of the island highlights the value of 2 nd generation social cohesion and its likely impact in reducing a number of crime-related social issues. The paper concludes that increased 2 nd generation CPTED treatments significantly improve crime reduction and fear of crime in temporary locations when used for mass gatherings at events. Key Words Crime Prevention Through Environmental Design, CPTED, Social Cohesion, Anti-social behaviour, leavers.
INTRODUCTION Crime prevention through environmental design (CPTED) has been lauded as a low cost yet highly effective method for meeting the challenges of combining security concepts, architectural and situational elements, and security technologies (Atlas, 2002). New approaches to crime prevention now focus on merging the design elements of built infrastructure and the natural environment with the situational difficulties and the social demands of a specific event. In the case of year twelve secondary school post-exam revelry, there is perhaps no greater need for this merge than as is presented by the yearly 'Leavers' event that occurs immediately after final exams for most year 12 students. Where 1 ST generation CPTED has been deemed ineffective as a stand-alone strategy, it now gains greater respect when combined with 2 ND generation techniques that foster social cohesion and increased threshold capacity.
THE PROBLEM OF LEAVERS The problem of Leavers at Rottnest Island is defined by the momentary nature of a three day event that supplants the otherwise normal operations of the island with teenage rites of passage, crimes of opportunity, and the social isolation of students from parents and family. Law enforcement, using standard 1 ST generation CPTED training are ill equipped to cope with multiple criminal acts. Under normal conditions the acts of crime involving teenage anti-social behavior and its more serious extensions are far more easily resolved on the mainland where parents and family, or other care mechanisms can be brought to play with comparative ease. Rottnest Island presents a compounded problem since Leavers deliberately seek to separate themselves from these family care systems. On the one hand the isolation from parent and family represents freedom for Leavers. On the other hand it represents increased risk for Leavers who are often unprepared for the multiplier effects of family isolation, heightened peer group expectations, and post exam euphoria. The addition of high percentage novice use of substances ranging from alcohol to hard drugs further disconnects normal behavioural expectations from anticipated Leavers conduct. This paper examines the effectiveness of both 1 ST Generation and 2ND Generation CPTED techniques in order to mitigate against drastically increased risks of criminal acts during the Rottnest Leavers event.
38
Rottnest Island is situated 18 kilometres off the coast of Perth in Western Australia (RIA, 2011). The island is usually patronised by families as a resort destination, but for the three days of the annual 'leavers' event (and for some time after), the island becomes an “adult” playground for year twelve students. In this setting, the island is a destination of convenience, positioned relatively close to the greater Perth metropolitan area, yet sufficiently removed from parental and community reach so as to represent a premium destination for school leavers anxious to let off steam, celebrate outside of parental control, and enjoy a sought-after experience in the form of post exam revelry. As a destination for students that is disengaged from the mainstream community of socially acceptable behaviour, Rottnest Island commands considerable appeal for approximately 1400 students who seek to escape some of the constraints of the mainland. For many students, the time at Rottnest represents an important 'Rite of Passage' that marks the transition from school student to adult. Despite the positive benefits of such an event, the Rottnest 'leavers' cohort also represent a group at high risk from a number of multiple and sometimes cascading crime scenarios. The consumption of alcohol, the ingestion of drugs, sexual and social encounters, peer group pressures, isolation from parents, activities in dark and muted areas, social confinement and sexual assault onboard private vessels, poor eating and drinking, extreme heat, and teenage exuberance, all contribute to a three day cocktail of circumstance that is characterized by frequent crime-related incidents. The Leavers event at Rottnest Island operates in the face of a number of matchless conditions. Students who attend the island do so largely motivated by the prospect of copious opportunities and freedoms that arise from an event free from parental supervision and isolated from the regulations of many mainland venues. In contrast, Rottnest Island normally exists in its contemporary form for a different year-round clientele than teenage revelers. For approximately 360 days of each year the island plays host to a much more family-friendly, adult patronage. The Leavers event is unlike any of the other events that take place at Rottnest. It therefore requires an adjustment in terms of social and behavioral expectations from key island stakeholders, the business community, law enforcement, and the Rottnest Island Authority. Rottnest Island is an A-class nature reserve that has crucial flora and fauna. The Island also holds significance to Aboriginal communities (RIMP, 2009). The Leavers' Week activities pose a substantial risk to Rottnest Island's reputation as a world-class tourist destination. The Rottnest Island Management Plan (RIMP) 2009 - 2014 Guiding Principles state that by "fostering appropriate events, activities and experiences and imposing strong controls on anti-social behaviour will encourage a safe, family-orientated environment”. Anti-social behaviour associated with Leavers' activities can be defined as: acts of violence and aggressive behaviour; vandalism; theft; nuisance acts including rowdy and disorderly conduct; and cruelty directed towards local wildlife (e.g. Quokkas). Of the contributing factors that are associated with Leavers‟ anti-social behavior, there are five that dominate the discussion. The first is alcohol and drug abuse. Substance abuse has a magnified presence during the Leavers event due to three key multipliers. Alcoholic beverages are widely available and accessible without parental control and are obtained from “Toolies” (those over 18 years of age opportunists who sell and distribute for their own profiteering). Alcohol and drugs are consumed under peer-group conditions that encourage rapid consumption and excessive consumption patterns. The alcohol content of many drinks are considerably higher than school leavers will comprehend, and the effects of many drugs are underestimated and misunderstood by first time users. The second factor is the isolation that Rottnest Island imposes on Leavers. There are insufficient requirements for adult sponsorship of lodging and very limited accountability constraints. As with alcohol and substance abuse, lodging responsibilities are also subject to opportunistic deeds by Toolies. The third factor is one of expectation. For Leavers the event is perceived as an essential „rite of passage‟ that is accompanied by the false assumption that many laws are not applicable on the island. Easy access to alcohol and the pattern of public drinking are constant reminders that some laws are ignored or relaxed. The fourth factor is associated with the Rottnest community. In this case, there is an established resistance from the business community towards the event. This results in poor stakeholder cohesion, conflicting financial interests, and reduced stakeholder communication and agreement. The fifth factor is the existing physical security and protection systems. The Island suffers from poor application of 1 ST generation CPTED principles that is further exacerbated by a hesitation to change and a problematical set of environmental regulations associated with A-class reserves.
1ST AND 2ND GENERATION CPTED Crime prevention through environmental design is defined as the use of a built environment where that environment acts to prevent or reduce the incidence of crime, the fear of crime, and to improve the quality of life (Crowe, 1991). In its 1 ST generation form, CPTED theory is underpinned by the three requirements of natural surveillance, natural access control, and territorial reinforcement (Newman, 1972). Simple ploys such as playing 39
classical music in front of shopping centres to persuade young skateboarders away from loitering are useful starting points in understanding the possibilities using a CPTED approach. 1ST generation CPTED involves the application of physical design principles to an area in order to minimise the environmental support for criminal behaviour (WAPC, 2006). It also serves to reinforce positive behavior from the same design philosophy. When designed properly, CPTED environments lead to the reduction in crime and the fear of crime. (Crowe, 2000; Hillier, Saville and Cozens, 2005; Schneider, 2005; Wortley and Mazerolle, 2008). Gen. 1 CPTED differs from the Defence in Depth strategy, which entails a series of physical barriers to limit access to potential crime targets, by focusing on the design of physical space to encourage legitimate use and deter criminal activity. However, 1ST generation CPTED draws criticism from criminologists who argue that many environmental strategies only shift criminal behaviour rather than reducing it (Atlas, 2008). Additionally it is limited as it is designed around a rational mindset that assumes criminal behavior is always committed through rational choice (Cleveland & Saville, 1999). It is further limited as a stand-alone strategy when applied to applications that are events rather than property focused. Some examples of the application of 1st Generation CPTED include; the maintenance of facilities to portray the message that they are owned and cared for; adequate signage to deter intruders and criminal activity by reinforcing ownership and legitimate use; satisfactory lighting; Closed Circuit Television (CCTV); and open space environments to promote surveillance and increase the perceived risk of criminals being caught. The human space in CPTED must have a designated function. It must be defined and supported by the design of the location (Crowe, 2000). 2ND generation CPTED is defined as a supplemental extension to 1ST generation CPTED that focus on explicit social and cultural dynamics in each individual neighbourhood (Atlas, 2008). It is not a replacement for 1 ST generation CPTED. Instead, it is intended to augment physical environmental design through the addition of socially cohesive stratagem. To further characterize 2 ND generation beyond this simple definition, it is necessary to consider crime prevention over a period of time, rather than as a moment in time. Whilst 1 st generation CPTED is about design strategies to prevent criminals from entering an area, 2 nd generation CPTED is about preventing crime from growing within an area (Saville and Cleveland, 1999). 2nd generation CPTED extends beyond basic physical design and focuses on the various social issues within society as well as other situational factors. This approach offers the promise of more enhanced and realistic crime prevention strategies (Ibid). In the past the rational offender theory applied to traditional CPTED strategies has been offender-focused, rather than victim-focused. 2nd generation CPTED and Designing Out Crime strategies are designed to expand on this perspective to incorporate a more holistic approach to crime prevention within the community (Cleveland & Saville 1999). Without 2nd generation CPTED, factors such as adolescentisolation (from parents and older peers), remain as untreated risks. Key dynamics behind the requirement for 2nd generation CPTED strategies include their application to alcoholrelated crime, such as public disorder and anti-social behaviour, where 'rationality' is often relatively absent due to intoxication (DOCRC, 2011). 2nd generation CPTED is a more reliable strategy for changing an offender's character or motivation. This is more beneficial to longer-term and more practical solutions in preventing crime (Geason & Wilson, 1990). Overall, however, it is the social interaction and cohesion amongst all stakeholders that enables a more holistic (and therefore successful) approach (Saville & Cleveland, 1999). Social cohesion promotes the idea of legitimate users taking responsibility and involvement in an ongoing manner. This can be achieved by mutually supported social events, joint meetings and discussions, and awareness programs. In many instances these additional concepts require high-level connectivity with local authorities, law enforcement, and agencies from a broad church of relations. In combination, these requirements demand an understanding of the threshold or capacity that the local community can tolerate and deliver. This is particularly difficult in built environments where the normal purpose of the environment is uniquely different from the social makeup that defines a particular event (Atlas, 2008). Such is the case with Rottnest Leavers.
ASSESSMENT AND METHODOLOGY This study compared 1ST and 2ND generation CPTED elements as they presented on Rottnest Island for the annual Leavers event. A list of CPTED techniques used on the Island was compiled by taking known CPTED techniques and looking at past event history to determine which factors were present in previous Leavers events at Rottnest Island. This literature was then overlayed with observations on the part of the researchers, largely based on visits to the Island and observations about the environment. A third collection of data came from a broad range of interviews to key stakeholders on or connected with Rottnest Island and the Leavers event. These stakeholders were identified through the literature as reviewed and by employing a snowball approach to stakeholders. This meant that stakeholders were invited to suggest other stakeholders who were connected with either the Leavers event or with Rottnest Island. 40
Within the unique conditions of Rottnest Island during the post-exam 'leavers' period, crime prevention requirements could be most accurately described as "like a magician…", pulling "the divergent forces of architecture, operational/management practices, governmental bureaucracy, and vested interests together in a collaborative process." (Atlas 2008, p14). The process of evaluating the circumstances of this unique event, used a holistic approach to incorporate 2nd generation CPTED elements alongside traditional 1ST generation CPTED instruments. What is best practice crime prevention in most large-scale events of this size is not necessarily best practice within the isolated environment of Rottnest Island. The method for treating risk management at Rottnest Island therefore looks much more closely at 2 nd generation social cohesion than similar events that occur on the mainland. This approach was applied to the three day event known as 'Rottnest Leavers". Comparisons between 1ST and 2ND generation techniques were recorded and noted for evaluation. The assessment was carried out over a three month period between March and June of 2011. It takes the form of a community-focused risk audit as described by Greg Saville (2008). Researchers conducted their assessment using known crime data from the Office of Crime Prevention (OCP) and the Western Australian Police Service. They incorporated interview results from face-to-face and telephone meetings with Rottnest Island business stakeholders, Police and Emergency service providers, the Rottnest Island Authority, events coordinators, Island rangers, and a range of social community service groups. The collection of data incorporated a combination of qualitative field research techniques based on a handpicked sample of stakeholders, and allowed for snowballing to a second generation of samples (O‟Leary, 2005). The assessment also included a comprehensive review of current and past online social media literature, focusing on dedicated Facebook sites and their corresponding counter-narratives and postings. The assessment included four site surveys of the key event areas on the island, and an evaluation of the key natural, built, and socially-constructed areas that pertained to the Rottnest Leavers event. Towards the end of the assessment period the investigators called a group meeting of key stakeholders from the Rottnest Island Authority, the Youth Affairs Council of WA, the Red Frogs group, and the Youth Division of the Western Australian Police Service. This meeting was used as an exit strategy to confirm their findings, and to test the veracity of their major results against views from notable peak stakeholder groups. The summary of the major findings are discussed below in this paper. Since the island is uniquely identifiable, so too are its stakeholders. This paper therefore discusses findings in broad terms rather than identifying any one single source of information. It is intended to describe the inclusion of 2 nd generation CPTED and its application to events as an exemplar of the value of social cohesion in crime prevention, rather than the description of a specific research data set.
RESULTS The results of the study were tabulated into a chart that shows which forms of CPTED had perceived efficacy and acceptance. Table 1 is a summary of those perceptions, whilst the 2 ND generation instruments of note are further described in greater detail.
41
Table 1. CPTED 1ST & 2ND generation instruments – evaluation and efficacy.
The results show that 1ST generation CPTED instruments hold less acceptance than 2 ND generation instruments. As stand-alone strategies, 1ST generation systems not only engender low acceptance by Leavers, but they may also contribute to the „cyclone‟ effect, indirectly encouraging angered leavers to commit acts of crime as part of a heightened response to rules and mainland parental control. Since the theory surrounding leavers behavior often refers to their poor peer-group conduct collectively, the addition of 2nd generation systems that are embedded with a commitment to some form of social interaction suggests that social cohesion is a useful catalyst for the reduction of opportunistic criminal acts.
42
The results also show that in addition to social cohesion, an increase in connectivity (both physically and socially) promotes a stronger sense of threshold. This allows large cohorts to interact over several days with minimal involvement in criminal behavior. Oscar Newman‟s (1972) „Broken Windows‟ theory was originally applied as a 1ST generation physical security concept, but these results suggest the broken windows theory has greater alignment with social cohesion than deterrence. Social fissures and lack of cohesion are the dynamic components of 2ND generation CPTED. Many 2nd generation instruments of CPTED operate on more than one level. At first glance they augment the efficacy of natural surveillance, access control, and territorial reinforcement. Distinctively prominent instruments that leverage off the back of the CPTED model are discussed here in more detail.
CRIME PREVENTION FOR A DIFFERENT COHORT Whilst there are a variety of physical security instruments installed into the built infrastructure of the island, they remain poorly suited to the specific needs of the Rottnest Leavers event. To characterize the poor application of 1st generation CPTED strategies an examination of the Closed Circuit Television (CCTV) and natural surveillance on Rottnest Island is instructive. There are only seven official CCTV units currently operating on the island (WA Today, 2010) and their application is focused primarily towards protecting the Rottnest Island Business Community (RIBC) interests rather than historic 'hot spots' or obvious areas of congregation and adolescent violence. In addition to this the CCTV units are located where they can be easily accessed and tampered with to be rendered ineffective countering any surveillance efforts by authorities. Since the Leavers event is only a single event in the yearly calendar, the need for event-based surveillance has taken a back seat to the protection of business premises. This is not a criticism of the business crime prevention strategies, but rather an indicator of where crime prevention assets have been deployed. The installation of CCTV has not been an operational priority on Rottnest Island. State records reveal that a twenty thousand dollar ($20,000) funding allocation from the Office of Crime Prevention Local Government Partnership Fund during the 2008/2009 financial year, to assist with upgrading the CCTV systems on Rottnest Island, in line with the State Government's Blue Iris initiative (OCP, 2009), remained unused for CCTV. The Rottnest Island Authority has not used this funding for its intended purpose and as a result the CCTV systems on the island have not been upgraded for some time.
PEER GROUP MULTIPLIERS Much of the attraction to Rottnest Island in the immediate post-exam period is driven by peer group pressures and social expectations within school sub-groups. Adolescents are socialized into their own peer groups. This makes them subject to a range of peer pressures that can introduce higher-order themes (sex, drugs, alcohol) requiring increased maturity (Allen, Porter & McFarland, 2005). The pressure to conform has both positive and negative aspects, and society expects a range of deviance from mild to moderate behavioural change. These peer demands result in higher risk scenarios, and are multiplied through multiple iterations of the social expectations through online social media such as Facebook and MySpace (Schoolies, 2011). The application of 2nd Generation CPTED to an event such as Leavers therefore takes on greater significance than 1st Generation CPTED alone. It should, however, work in concert with 1 st Generation concepts rather than independently. At first glance there are three broad elements that are likely to be effective. The first would include education strategies to tackle alcohol and drug abuse among Leavers. This would include the dissemination of detailed information packs and lectures at schools by relevant stakeholders and authorities. The second includes superior cohesion and supervision strategies including greater community and parental involvement. The third element would focus on attitudinal strategies that would make Leavers and parents more accountable for anti-social behaviour during Leavers' Week activities such as introducing behavioural attributes for entry into tertiary level studies. These elements all derive impetus from programs, events and activities that encourage social cohesion (Baba and Austin, 1989). A system such as this does not need all students to require entry to university, but rather that with sufficient weight in numbers the discussions regarding anti-social behavior gain peer-reinforced recognition.
THE VALUE OF SUBTLE LIGHTING 2nd Generation CPTED provides a further extension of the value of social cohesion when applied to lighting. The purpose of researching the importance of lighting and pathway innovation during events is to consider ways to provide school leavers with a sense of security and safety. Kunstle, Clark, and Schneider (2003) made specific discoveries that noted the importance of exterior lighting and pathway lighting in note only assisting 1 st 43
Generation CPTED requirements, but also in social buoyancy by helping to foster confidence and assurance within individuals. Victimization shows that if persons are feeling safe and confident then they are less likely to be chosen or attacked by a predator, thus through social cohesion and community culture this can be achieved (Rea, 1993). CPTED 2nd generation can be used on Rottnest Island as it integrates crime of opportunity and the impact of the surrounding environment on individuals (Atlas, 1999). The importance of having sufficient lighting during an event such as leavers on Rottnest Island is amplified due to the many students who are not familiar with the island. This can increase their vulnerability as targets for crimes such as sexual assault. Lighting is therefore an essential part of growing the sense of safety within individuals as well as assisting CCTV systems in the identification of offenders in the event of an attack. Site surveys confirmed information from business stakeholders and past Leavers students that areas of Rottnest Island felt unsafe at night because of poor or inadequate lighting. Following the designated pathways from the camping ground to the shopping area, light-meter readings indicated an average reading of under 3 (three) Lux. Many visitors were observed using their mobile phones to view the pathway and to stop the risk of running over wildlife whilst riding bicycles.
SOCIAL COHESION An important distinction that marks the Rottnest event apart from other assessable fixtures/events is the improvised development of it's social community. Whilst 1st Generation CPTED focuses on physical and tangible elements a more comprehensive CPTED stance should also match people and their activities to the environment. The “Leavers” cohort holds several commonalities. They have all finished year 12 exams, are of the same age, and are looking to celebrate. Beyond these unities however, they represent a disparate group of vastly contrasting styles, behaviors and maturity. Social cohesion is a bond that is created between individuals and groups. This bond is essential for people to function normally within society, essentially providing unwritten social rules between one another on how to act and what is socially acceptable. (McKinnon, 2007) Social cohesion can be isolated into several themes; these include tolerance, responsibility, democratic participation and mutual respect. (Acar, 2011) However in terms of teenage mass gatherings, „respect‟ can be considered to be a significant 2 nd Generation CPTED theme. Respect is what governs the level of cooperation between individuals within a social context. (Friedkin, 2004) One advantage of creating a strong socially cohesive bond between the „Leavers‟ and Rottnest Island is to channel a feeling of respect toward the island‟s community and culture. The rationale behind this sentiment works in two directions The return direction resulting in the island community suffering less from the effects of the „Leavers‟ and embracing leavers as a part of their culture. If a strong socially cohesive bond existed between the leavers and the island‟s community and culture, spin-offs should include a decrease in vandalism, violence, and alcohol-fuelled anti-social behavior.
COHESION AND TRANSITIONAL EVENTS Social events are an effective method of developing widespread social cohesion. These events bring groups and individuals together, and in so doing encourage the fusion of smaller groups into a larger community. Whilst most strategies focus on a range of showcase evening events that attract large numbers, a different strategy looks at the importance of transitional events. Post-event surveys from previous years showed that Leavers were getting bored on the island. Police and ranger reports from a study ten years before showed that leavers were wandering the island while drinking looking for some form of entertainment (Midford, Farringdon, & Young, 2001). These surveys revealed that the best way to improve their leavers experience on the island was to improve the continuity and participation level of each form of entertainment. (ibid) Rottnest Island previously held a breakfast meet every morning for the period of the „Leavers‟ week celebrations, this event gave the youths a chance to come out and get something to eat every morning. The breakfast event served a number of useful purposes. In the first instance it provided participants with the chance to eat a hearty breakfast (rather than a possible breakfast that included the continued intake of alcohol). It gave authorities and social groups the chance to sight “at-risk” individuals from the night before, and it created another valuable opportunity for leavers to meet and interact not only with each other, but also with the Island stakeholder in the form of Police, Security, Red Frogs Crew, Drug Arm, The Green Team, WA AIDS Counsel, as well as other volunteer groups and permanent residents (Midford, Farringdon, & Young, 2001). Social work groups such as Red Frogs, the Drug Arm and the Green Team form an essential layer in the ongoing scrutiny and cohesion of Leavers participants. The breakfast meet has since been discontinued despite Police and social group comments that deemed the event to be highly successful.
44
Transitional events need not become mass gatherings to distribute a successful social cohesion message. Daytime activities are likely to compete with a range of tent-based and chalet-based interactions. Whilst they work on a continuous trickle, they attract enormous interest from Leavers. Comments from previous intermediary events indicated strong approval. “The recovery breakfasts were … very well patronised and commented on in a positive manner… eating while drinking would have reduced [the] effects of alcohol, but the process of providing the food may have been more potent again. There was a lot of evidence to suggest that the sausage sizzles conducted by the police did much to foster a spirit of respect and cooperation between the leavers and authorities on the Island.” (Midford, Farringdon, & Young, 2001: p23). Transitional events add significantly to the development of social cohesion. For social cohesion to be effective, breakfast and other transitional events should continue to run. Anti-social behavior is not something that can be fixed overnight. Since the antisocial culture already exists, the norms and values of the student cohort need to transform gradually, concurrently evolving with increased community engagement from key island stakeholders. Transitional events provide an important bridge between boredom and highly anticipated evening events. They encourage fellowship in place of drinking, and extend the positive benefits of social cohesion into a 24hour cycle of attention rather than an expectation of fleeting cohesion in the hustle and bustle of evening events.
COHESION AND ACTIVITIES Whilst specific events with precise timing can assist in terms of transitional periods, the inclusion of activities that remain constantly open are of particular interest. These activities fill a gap alongside transitional events, and provide for social cohesion to grow in the exercise of simple but highly sought-after personalized experiences. Two programs emerged from the research, that were endorsed by the exit interviews as held with the Rottnest Island Authority representative, as well as the Red Frogs group and the Youth Affairs Council of WA. Cozens, Saville, & Hillier, D. (2005) have previously posited the value of similar events and describe them in 2 nd Generation CPTED terminology as „social stabilisers‟. Activities such as these strengthen the threshold capacity of the event, growing cohesive interaction and reducing the incidence of opportunity-driven acts of crime.
THE LEAVE YOUR MARK PROGRAM (LYMP) The leave Your Mark Program is designed for the school leavers to document the experience of their time on the island in a positive manner. The program allows for a range of positive interactions, allowing for later revisitation of the island for Leavers, and a positive yet tangible set of activities that promote ongoing social cohesion. Opportunities to interact on a physical and tactile sense with the island community are likely to assist in the conversion of norms and values towards socially acceptable, mature behavior (Brantingham & Brantingham, 1993). The Leave Your Mark Video Diary Social networking, through popular sites such as YouTube, allows people to share their videos with a global audience. Setting up a Leavers Video Diary tent will provides Leavers with a place to document their leaver‟s stories and share them with others. It also allows for moderation, counseling and discussion of the video in positive terms. A website dedicated to sharing leavers activities on Rottnest would further extend this in order to create a sense of community. When the leavers enter the tent to record messages they can be asked a set of questions about their experience on leavers and the island promoting a positive response about the island. Leave Your Mark Wall. Graffiti on the island is an issue throughout the year. That risk is dramatically increased during the three day Leavers event. The leave your mark wall allows secondary school leavers to leave their mark, yet in a positive way. This could include their hand print, writing a small message, or simply signing their name and leaving the date. Additionally as the wall remains on the island over a number of years, students would revisit the island in later years thus instilling a sense of a connection to the island and the community. From time to time, the original wall can be repainted and further generations can enjoy the use of it.
THE BUSINESS COMMUNITY Despite the recognized benefits of 2nd Generation CPTED and young people in designing out crime, (Checkoway and Finn, 1992; Crowe, 2000; Colquhoun, 2004) there remains a significant impasse between business owners and stakeholders and the event organizers of the three day “Leavers” event at Rottnest Island. Mention has already been made of the importance of the two-way street of respect and understanding that is a foundational 45
aspect of strong social cohesion. It is not enough for students to embrace the island and integrate with its community and cultural components. For social cohesion in CPTED to flourish the business community must accept and welcome the “Leavers” cohort as well. This requirement is perhaps the most difficult step. Business stakeholders look at Rottnest Island as their livelihood. Whilst most events throughout the year add to the quality, charm, and attraction of the island, the Leavers event attracts controversial press (Cox and Phillips, 2011). Exit interviews with all major business stakeholders indicated that the detachment of the Leavers event from other yearly island events remained the number one point of discontent from stakeholders. There is the expectation that students will behave in an anti-social manner, and this premise underscores the business community‟s hesitation in contributing to the positive deployment of the event. Rottnest Island has endured a longstanding connection to post exam 'leavers' celebrations for over 35 years (Schoolies, 2011). For teenage youths, the island's 'leavers' event has a cult-like status that is perpetuated by slogans such as 'Get Blotto at Rotto' describing the expectation of excessively drunken behaviour, and 'Quokka Soccer' the urban legend describing a cruel and illegal game of football where the island's most famous marsupial is used as the ball. Social networking narrative from sites such as Facebook confirm the ongoing expectations of similar 'Leavers' activities and go beyond this history to depict a raft of anti-social experiences that include first time sexual encounters, drug use, vandalism and alcohol-fueled revelry. Leavers and the Rottnest business community both contest the idea of active connection between themselves. The Rottnest business community looks to the other 362 days of the year, whilst the leavers cohort look only to the three day vent rather than a yearly strategy.
CONCLUSION The evaluation of 1ST and 2ND generation CPTED instruments within an isolated and confined locality such as Rottnest Island shows the usefulness of crime prevention strategies that incorporate socially cohesive interactions. Since the leavers event is built upon a foundation of expected illegal post exam behavior, it is not unreasonable to suggest that social cohesion reduces crime in situations where event participants can connect with norms and values that are otherwise missing. Students at Rottnest cohabit in a state of parental isolation. This paper concludes that 2ND generation CPTED instruments deliver vital social cohesion to a three day event that would otherwise operate under increased expectations of anti-social behavior and acts of crime. „Leavers‟ is a milestone event for students, providing a formative and influential experience on their future adult behavior. Socially interrelated activities such as the transitional events and the „leave your mark‟ programs discussed in this paper show a greater acceptance from students and stakeholders because they operate beyond the expectation of criminal conduct. In other events over shorter periods of time social cohesion is difficult to establish. However the three day Leavers event represents a unique opportunity in community development and policing. 1st generation CPTED remains too narrowly focused on the physical aspects of designing out crime whilst failing to address many social factors that may be associated with crime and anti-social behaviour. This is not to discount physical security as ineffective. Bag searches, signage, natural surveillance, and natural access control remain effective ongoing risk treatments in reducing crime. However, where there is a collective intent on the part of a large cohort such as Leavers, there is a need for additional measures that reach beyond 1 st generational instruments in order further reduce anti-social behavior and early-adult crime. The inadequate CCTV system at Rottnest Island is symptomatic of the wider problem of the Leavers event. The island and its planned built environment has evolved to service family-oriented activities. In that sense, it copes for most of the year. However the Leavers event is uniquely different, and its participants have different expectations about what they expect to experience at Rottnest Island. When CPTED includes both the physical and the social aspects of a community, the opportunity to enjoy significant reductions in the risk of crime and anti-social behavior is increased. At the same time, 2nd generation CPTED must remain a strategy that incorporates the needs of the local community. The island stakeholders have a right to peaceful interaction that extends throughout every day of the year. There is the need, therefore, for the Rottnest Leavers event to be perceived with the same level of acceptance and integration as other Rottnest activities. This paper posits that the successful attainment of such a goal is heavily reliant upon the social cohesion of 2nd generation CPTED strategies.
REFERENCES Acar, E. (2011). Identifying the Purpose of Education. N.P.:Brookings Allen, J., Porter, M., & McFarland, F. (2005). The Two Faces of Adolescents‟Success with Peers: Adolescent Popularity, Social Adaptation, and Deviant Behaviour, Child Development Vol 76 Issue 3 pp747-760. 46
Atlas, R. (1999). The Alchemy of CPTED: Less Magic, More Science. Miami: Atlas Safety and Security Design Inc. Atlas, R.I. (2002) The sustainability of CPTED: Less magic more science! The CPTED Journal 1(1) pp3-14. Atlas, R.I. (2008) 21st Century Security and CPTED: Designing for Critical Infrastructure Protection and Crime Prevention, London: CRC Press Baba, Y. and Austin, D.M. (1989) Neighborhood environmental satisfaction, victimization and social participation as determinants of perceived neighborhood safety. Environment and Behaviour Vol 21, pp763-780. Brantingham, P. & Brantingham, P. (1993) Environment routine and situation: Towards a pattern of crime. In R.Clarke (Ed) Routine Activity and Rational Choice: Advances in Criminological Theory, Vol 5, New Brunswick, NJ: Transaction Publishers. Checkoway, B. and Finn, J. (1992) Young People as Community Builders. Ann Arbor: Center for the Study of Youth Policy, University of Michigan. Colquhoun, I. (2004) Design Out Crime: Creating Safe and Sustainable Communities. Oxford, England: Elsevier Architectural Press. Cox, N. & Phillips, Y. (2011) School Leavers Warned, Sunday Times, April 17th 2011 Cozens, P. M., Saville, G., & Hillier, D. (2005). Crime Prevention Through Environmental Design (CPTED): A review and modern bibliography. Property Management 23(5), 328-356. Crowe, T (1991) Crime Prevention Through Environmental Design: Applications of Architectural Design and Space Management Concepts, Boston: Butterworth-Heinemann. Crowe, T. (2000) Crime Prevention Through Environmental Design, 2 nd Ed. Burlington, MA: Elsevier. Designing Out Crime Research Centre. (2011). Physical Surveillance CCTV. Retrieved 03 Apr, 2011, from http://www.designoutcrime.org/index.php/docfaqs/18-cctv Friedkin, N. E. (2004). Social Cohesion. Annual Review of Sociology , 409-425. Geason, S & Wilson, P. (1990). Crime Prevention: Theory and Practice, Australian Institute of Criminology, Canberra. Hiller, D., Saville, G., & Cozens, P. (2005). Crime prevention through environmental design (CPTED): a review and modern bibliography. Property Management, 23(5), 328-356. Kunstle, M., Clark, N., & Schneider, R. H. (2003) Florida Safe School Design Guidelines. Tallahassee, FL:Florida Department of Education. Retrieved 19 June 2011, from http://www.firn.edu/doe/edfacil/safe_schools.htm McKinnon, G. (2007). Social Cohesion and Human Rights: Would a Bill of Rights enhance social cohesion in Australia? In J. Jupp, J. Nieuwenhuysen, & E. Dawson, Social Cohesion in Australia (pp. 191-203). Melbourne : Cambridge University Press. Midford, R., Farringdon, F., & Young, N. (2001, August). Leavers on Rottnest: A glimpse of how a community managed mayhem. Centrelines Newman, O. (1972) Defensible Space: Crime Prevention Through Urban Design. New York: Macmillan. O‟Leary, Z., (2005) Researching Real-World Problems: A Guide to Methods of Inquiry. Los Angeles: SAGE Rea, M.S. (1993) Lighting Handbook: Reference and Application, 8th Ed. Illuminating Engineering Society of North America. Rottnest Island Authority (RIA) (2011). Rottnest Island Authority Reconciliation Act Plan 2008 – 2011: Annual Progress Report for 2009 – 2010, Retrieved 04 Apr, 2011, from www.reconciliation.org.au Rottnest Island Management Plan (RIMP) (2009). Perth: Western Australian Government.
47
Retrieved 2014.pdf
from
http://www.rottnestisland.com/SiteCollectionDocuments/PDF/RIMP_2009 -
Saville, G. (2008) The ATRiM Model for Critical Infrastructure Protection, in Randall Atlas, (Ed) 21st Century Security and CPTED: Designing for Critical Infrastructure Protection and Crime Prevention, London: CRC Press. Saville, G., & Cleveland, G. (1999). 2nd Generation CPTED: An Antidote to the Social Y2K Virus of Urban Design. Unpublished manuscript. Retrieved 04 Apr, 2011, from http://www.edoca.eu/content/docs/CPTED_2ndGeneration.pdf Schoolies (2011). Official National Schoolies Week Website, Schoolies History, Retrieved 9 th June 2011 from http://www.schoolies.org.au/history-of-schoolies-week.htm Schneider, R. H. (2005). Introduction: Crime prevention through environmental design (CPTED): Themes, theories, practice, and conflict. JOURNAL OF ARCHITECTURAL AND PLANNING RESEARCH, 22(4), 271-283. SNLRAM. (2010) Sandia National Laboratories Risk Assessment Methodology, retrieved on August 5th 2011 from http://www.Sandia.gov/ram/ WA Today (2010). CCTV beefed up for Rottnest. Retrieved 28 May 11 from http://m.watoday.com.au/wanews/cctv-beefed-up-for-rottnest-20101209-18r1h.html Western Australia Planning Commission. (2006). Designing Out Crime Planning Guidelines. Perth, WA: Western Australia Planning Commission. Wortley, R., & Mazerolle, L. G. (2008). Environmental criminology and crime analysis. Cullompton: Willan.
48
MAPPING THE ORGANIZATIONAL RELATIONS WITHIN PHYSICAL SECURITY’S BODY OF KNOWLEDGE: A MANAGEMENT HEURISTIC OF SOUND THEORY AND BEST PRACTICE Michael Coole and David J Brooks secau Security Research Centre, School of Computer and Security Science Edith Cowan University, Perth, Western Australia
[email protected];
[email protected]
Abstract Security Science education at university levels is still in its infancy, with little agreement towards knowledge, curriculum and competency. Therefore, it is essential that educators draw on relevant literature highlighting means of efficient and effective knowledge transfer for tertiary students within the Security Science domain. Such knowledge transfer will reduce the gap between academic knowledge (explicit) and professional competency (tacit knowledge). This paper presents phase one of a multiphase study. A qualitative “systems based knowledge structure” of security domain categories has been conceptually mapped as a domain heuristic. The heuristic drew on research highlighting that experts have both richer depths of domain knowledge and superior cross referenced organizational structure. The conceptual map takes a topdown approach bounded by routine activity, rational choice, situational crime prevention, defence in depth, security decay and management theories within the elements of prevention, preparedness, response and recovery. Results indicate that within a systems approach, core security professional competencies relate to the ability to skilfully apply the theories and best practice principles represented within the preliminary heuristic that brings together academic theory with practising security strategies. Keywords Security Science; education; knowledge; learning; theories; best practice; heuristic
INTRODUCTION Professional knowledge is based on combinations of explicit and implicit domain specific knowledge, used in such a way that an individual can solve new problems within a professional domain by drawing on existing cognitive structures. The developing profession of Security Science requires a means of transferring domain category knowledge in an efficient and meaningful manner for enhanced problem solving capabilities. It is therefore essential that novice learners (students) within the security domain are explicitly presented with an organizational structure of physical security knowledge categories to ensure they are able to employ a rich framework of cross referenced concepts in their future problem solving endeavours. Educators in the physical security fraternity have always recognised the need for experience in robust learning. However, this paper argues that the gap between explicit and implicit learning can be reduced by drawing on the literature of expertise, specifically, security experts. Experts not only have a rich volume of domain knowledge, supported through many years of practical experience, but their knowledge is strongly cross referenced with a rich network of connections between domain concepts. Such highly organized domain concepts facilitate more efficient retrieval for professional problem solving. This paper presents such an organized knowledge structure through the use of a physical security domain concept map. Such a map is focused towards developing more meaningful learning at the conceptual level, therefore enhancing the journey from novice to competent security professional. Objective The objective of this paper is to respond to the question: What are the core professional competencies for a security professional and where are they drawn from? The work considers the premises of Manunta (1999), Burke (cited in Griffiths, Brooks & Corkill, 2011, p. 2), the Australian Interim Security Professional‟s Task Force (2008) and the earlier works of William‟s (1981), who proposed a “security systems design philosophy” to
49
present an explicit knowledge based, functional top-down system philosophy (heuristic) as an educational tool (schemata) for Security Science novice learners.
IS SECURITY DEVELOPING AS A PROFESSION? Industry professionals have become essential to the very functioning of modern society. As Donald (1983, pp. 34) highlighted “we look to professionals for the definition and solution of society‟s problems”. Within the security domain the Australian Interim Security Professional‟s Task Force (2008) identified security professionals as senior people working in the operational and strategic sector of the security industry. The task force further defined security professionals as a group critical in supporting the protection of government, commercial organisations, non-government organisations and the community. However, the task force highlighted that security professionals have not been able to contribute their full potential to the nation‟s security and safety, primarily due to a lack of clear understanding of either the profession or security professionals. In addition, Donald (1983, pp. 4-5) points out that as a society we see and experience failures of professional action, resulting in the loss of public confidence and calls for external regulation of professional activity. Recently, attention has been focused towards identifying the core professional competencies of security professionals. However, as Brooks (2010, p. 225) points out, security is a diverse and multi-disciplinary profession with a wide spectrum of activities and skills. Security‟s diversity has resulted in a lack of professional consensus relating to a definition (Borodzicz & Gibson, 2006, p.182; Manunta, 1999, p. 58) and arguably, professional standing. As Borodzicz and Gibson (2006) suggest, the concept of security can have different meanings depending on context. For example, Manunta (1999, p. 58) argues that the variety of security‟s descriptive definitions are inadequate, purporting that security must be considered by a more functional, clearer definition. Such a view is supported by Burke (cited in Griffiths, Brooks & Corkill, 2011, p. 2) who argues that for security to be useful it must be defined in terms of its practices. In considering diversity in both approach and definition, Brooks (2008, p. 5) argued that security may only achieve definition through applied context and concept definition, where definition may be achievable through a consensual body of knowledge. In considering definitional barriers and discordant views, two common professional threads are supported. Firstly, there is a desire on the part of practitioners to protect assets that they hold to be valuable from deliberate malicious human intervention through a variety of countermeasures (Borodzicz & Gibson, 2006, pp. 181-182). Second and from a functional perspective, for security to be effective it must be implemented within a “systems” approach (Underwood, 1984; Fennelly, 1997; Fisher & Green, 2003; Garcia, 2001). Developing a Security Science body of knowledge Wilensky (1964, p. 138) highlighted that for an occupation to assert professional authority it must first find a technical basis, assert an exclusive jurisdiction, link both skill and jurisdiction to standards of training, and convince the public that its services are uniquely trustworthy. To these points the Australian Interim Security Professional‟s Task Force (2008) accepted that for security to be considered a profession, it must include the characteristics of a distinct body of knowledge, agreed and enforced standards of behaviour/ethics, standards of education, formal requirement for professional development and a college of peers; yet to date this has not occurred. Wilensky (1964, p. 138) argued that the success of a claim for professional is greatest where the society evidences strong wide spread consensus regarding the knowledge or doctrine to be applied. A study by Brooks‟s (2007) presented fourteen hierarchical security subject categories (Table 1) across many associated industries within many occupations. These subject categories hierarchically represent the salient practice areas in which security as a discipline draws its body of knowledge. Table 1. Hierarchical security domain subject categories
Criminology Facility management Investigations Risk management Security management
Security domain subject category descriptors BCM Fire science Industrial security Information & Computer Physical security Security principles Safety Security law Security technology
50
Brooks (2006, p. 173) highlights that whilst security practitioners originate from many disciplines, security experts hold a rich knowledge structure. Such a view is congruous with studies highlighting that a large or organized body of domain knowledge is a prerequisite to expertise (Bedard & Chi, 1992, p. 135). Conversely, within the context of tertiary education, Lussier (2006, p. 22) highlights that many graduates do not know how to employ academic knowledge. Furthermore, Vu, Rigby, Wood and Daly (2011, p. 3) highlight that strong research-based evidence exists that professional employability requires graduates to be able to demonstrate their achievement of graduate attributes in order to enable novice learners to apply their knowledge critically and reflectively. As Nalla and Morash (2002, p. 9) point out, core ideas must be passed on to students within a discipline for them to succeed. This view leads to the question; what are the core professional competencies for security graduates and professionals and where do they come from? To the latter, Wilensky (1964, p. 144) suggested that as an occupation moves towards professional standing, its formal training schools at some stage either begin or seek out university involvement where there is a steady development of standards in study, academic degrees and research programs to expand the knowledge base. This development for security at the tertiary level is still in its infancy, with limited consensual agreement on content requirements (Brooks, 2010). Accordant with such discourse, The Australian Interim Security Professional‟s Task Force (2008, p. 10) asserted that the Australian security profession has a distinct body of knowledge. However, a characteristic of professional knowledge is how knowledge is applied varies with the situation (Stake, 2010, p. 13). For example, Stake (2010, p. 13) explains professional work depends on science, but each profession has its own separate body of knowledge. It is therefore considered that professional knowledge differs from scientific knowledge, although overlaps exist. Cornford and Athanasou (1995, p. 12) suggest the situation can be summed on a continuum (Figure 1).
Figure 1. The professional development continuum (Cornford & Athanasou, 1995, p. 12) According to Wilensky (1964, pp. 149-150) the optimal base of knowledge or doctrine for a profession is a combination of intellectual and practical knowing, some of which is explicit (classifications and generalizations learned from books, lectures and demonstrations), and some implicit (understanding acquired from supervised practice and observation). Wilensky‟s (1964, pp. 149-150) views are supported by Griffiths, Brooks and Corkill (2011, p. 3) who highlight that professional bodies of knowledge are both academic and practical requiring both education and training to be passed on. Within such a continuum, novices seek logical, fairly consistent all purpose rules to guide their behaviour (Cornford &, Athanasou, 1995, p. 12). Furthermore, novices start with little domain knowledge and use weak methods to solve problems (Eysenck & Keane, 2001, p. 421), whilst advanced beginners start to employ experience problem solving processes. Competent level practitioners exercise greater authority in problem solving, they set priorities and make plans, they determine what is important and understand that the order of priority may change. Nevertheless, proficient practitioners may no longer consciously think about adjustments, for them intuition or “know-how” becomes important. It can be argued that for security advice to be professional―that is soundly based in theory and established practice (norms)―then identifying core security competencies means highlighting its explicit domain knowledge structure. Furthermore, these combined characteristics must be cross referenced with a rich network of connections amongst the subordinate concepts and represented collectively as an organised system from a topdown (theory/practice) approach. Security is more practitioner-oriented (Nalla & Morash, 2002, p. 9), therefore these core norms (knowledge structure) are focused towards various processes, measures, functions and tasks which are considered essential.
51
UNDERLYING THEORY Epistemology is the theory of knowledge; the critical study of its validity, methods and scope (The Collins Concise Dictionary, p. 417). The central concern of epistemology is the growth of knowledge (Fraser, 1993, p. 16). Consistent with such literature, the underlying theory for this study is trivial constructivism within the assimilation theory paradigm. Constructivism holds that knowledge is constructed (not discovered) based on previous knowledge and is evolving over time (Novak, 1993, p. 167); where trivial constructivism recognises that new ideas are built on the foundation of prior ideas (Fraser, 1993, p. 16). That is, knowledge has structure, a history of creation and affective connotations (Novak, 1993, p. 171). According to Novak (1993, pp. 171-172), Ausubel‟s (1963) assimilation theory placed central emphasis on cognitive processes involved in knowledge acquisition and the role that explicit concept and propositional frameworks play in knowledge acquisition. From the standpoint of formal education, Ausubel, Novak and Hanesian (1968, pp. 21-27) highlight clearly distinct forms of learning. That is, the distinction between reception and discovery learning and between rote and meaningful learning. Ausubel, et al, (1968) articulates the viewpoint that most of the understandings learners acquire both in and out of formal schoolings are presented rather than discovered. In reception learning (rote and meaningful) the entire content to be learned is presented in its final form. Thus, students are not required to engage in independent discovery; learners are only required to internalize and incorporate the material for availability and recall at some later time. For meaningful reception learning the potential meaningful task or material is comprehended by the student or made meaningful in the process of internalization. In contrast, discovery learning incorporates an essential feature―the principle content is not presented―but must be discovered by the student before it can be meaningfully incorporated into the learner‟s cognitive structure. According to Ausubel, et al, (1968, p. 24) the first phase of learning by discovery requires a different process from that of reception learning. First, learners must rearrange information, integrate it with existing cognitive structures and reorganize or transform the integrated combination in such a way that they can generate a desired-end-product or discover a missing means-end relationship. After such learning is complete, the discovered content is made meaningful in much the same way as that presented content is made meaningful in reception learning. Evaluating these different learning modes Ausubel, et al, (1968, p. 26) argues that discovery learning, or discovery methods of teaching are not an efficient primary means of transmitting the content of an academic discipline. Ausubel (1963) rejected the role of discovery learning arguing that reception learning could lead to more meaningful learning; putting forward the idea of an advanced organizer which could serve as a cognitive bridge between new knowledge to be learned and existing relevant concepts and propositions in the learner‟s cognitive structure (Novak, 1993, p. 172). According to Fraser (1993, p. 31) a constructivists approach within assimilation theory posits that learning is in essence a process of making connections, or seeing relationships.
METHODOLOGY This paper presents phase one of a multi-phased study. Phase one applied a qualitative literature critique, which draw on the underlying theory of constructed knowledge to present a preliminary cross-referenced concept map (organized structure) of security professional‟s knowledge category connections. Working on the underpinnings of constructivism (Novak, 1993, p. 175), concept mapping has been supported as a useful tool (heuristic) in both planning instruction, helping students learn how to learn and to illustrate key ideas. That is, concept maps articulate the key concepts and propositions of a subject matter and their interrelationships. Concept (cognitive) maps are hierarchically ordered from a “top-down” approach. The literature critique presented a design and planning heuristic as a rich network of cross referenced connections amongst security concepts (theory/ practices) as an organised body of knowledge for future security professionals. Such an approach is consistent with the Australian Interim Security Professional‟s Task Force (2008), using both established theory and best practice approaches stemming from within defined knowledge categories (Brooks, 2010).
RESULTS A concept map was developed, commencing as an all encompassing “top down” model towards protective security (Figure 2). This model is consistent with the Australian Government‟s approach to security (2008, p. III), represented within the elements of Prevention, Preparedness, Response and Recovery. Such an approach is accordant with Underwood‟s (1984, pp. 3-4) two type offender typology, encompassing opportunistic and 52
deliberate offenders. Underwood‟s (1984) deliberate adversary model highlights the need to prevent purposeful actions against organisational, commercial or governmental objectives. From there, to be prepared in case such actions manifest, to respond and when negative affects manifest, recover in the shortest possible time to reengage business objectives (HB 167, 2006, pp. 63-64). Thus, such a model is located at the top of the hierarchical structure of the concept map.
Figure 2. Preliminary conceptual map of security theory driven knowledge domains Prevention and Preparedness The first elements “prevention and preparedness”, requires the concept to be able to “stop” an action outcome. This requirement draws on Routine Activity Theory (RAT) (capable guardian), where it is argued that suitable security controls alter the likelihood of convergence in space and time of motivated offenders, suitable target and an absence of capable guardian against attack (Cohen & Felson, 1979, p. 589). RAT is considered within the Rational Choice Theoretical (RCT) frame, which considers the cost benefits of an adversary action (expected utility). This approach entwines concepts such as taste (or distaste) and preference for the offence, moral values, proclivity for violence and preference for risk (Winoto, 2003, p. 2). Rational cues not to offend against protected assets employ situational variables or Situational Crime Prevention theory (Clarke, 1980, pp. 138-140), where offenders respond to the chances of being detected (detection), the difficulty in achieving the task (delay) and the chances of being caught (response) achieved through defence in depth. Defence in depth is underpinned by the elements of detection, delay, response and recovery. In addition, within the detection element, security is interwoven with fire life safety within a public security approach (Cohn, 1981, p. 99; Craighead, 2003, pp. 22-24) and therefore, detecting fire must be considered. Consistent with the response element of prevention, preparedness, response and recovery, and defence in depth, there must be a means for executing various levels of response for adversary actions including primary, secondary and where necessary tactical response capabilities (Garcia, 2006, pp. 237-246). 53
Once individual elements of defence in depth have been commissioned within a systems approach (Kovacich & Halibozek, 2006, pp. 37-46), the measurable process that achieves security needs to be considered. This relates to the individual measures that achieve holistic security (Garcia, 2001; 2008), which need to be established and maintained at their commissioned levels of effectiveness. As such, the top down approach must also include decay theory (Coole, 2010, pp, 234-235). This aspect requires management theory, which considers that managers are responsible for achieving organisational objectives through the efficient utilization of resources, underpinned by functions such as planning, organising, leading, controlling (Lussier, 2006, pp. 6-19), compliance (Kovacich & Halibozek, 2006) and span of control (Sennewald, 2003, p. 59). Given that a physical protection system combines people, procedures and equipment management theory must be considered in achieving a successful output for the system. Best Practice Approach to Security Systems Consistent with Umibe (1991, p. 359) and the Australian Interim Security Professional‟s Task Force (2008), the preliminary conceptual map of theory driven security category knowledge domains is supported by best practice approaches towards achieving a top-down systems based approach to physical security (Figure 3). Best practice approach commences with a threat analysis ensuring the system is threat driven (Williams, 1981, p. 142; Sennewald, 2003, p. 196; HB 167, 2006, p. 40; Talbot & Jakeman, 2009, p. 7). Following threat identification, risk management defines individual component deliverable levels (HB 167, 2006, p. 69; Talbot & Jakeman, 2009, p. 11), achieving a threat driven risk based systems approach. The next stage considers the practice of demarcating and dividing space into zones of protection (Williams, 1981, p. 143; SAND Institute, 2002, p. 5) referred to as compartmentalizing (Bintliff, 1992, p. 130). This practice also considers employing crime prevention through environmental design (CPTED) as design inputs into the system, underpinned by the overlapping strategies of natural access control, natural surveillance and territorial reinforcement (Crowe, 2000, pp. 1-36).
Figure 3. A preliminary conceptual map of cross referenced security category knowledge domains Best practice encompasses protection in depth, involving a number of distinct measures an adversary must defeat in sequence and considers the avoidance of single point failure in any protection plan (Williams, 1981, p. 143; American Institute of Architects, 2001, p. 11; Garcia, 2008, p. 6), considered the “rings of protection” (Higgins, 1989, p. 229). Protection incorporates multiple detection measures, multiple delay measures and multiple response capabilities and back-up systems (Williams, 1981, p. 143; Garcia, 2008, p. 6), to complement each other, overcome individual weaknesses and minimise the consequences of component failure (Garcia, 2008, pp. 5-6). This approach is supported by the practice of distributing the target within a protected environment (Garcia,
54
2001). Distribution increases the time required to penetrate all components, the intelligence required to successfully locate each asset and security controls, the resources required to compromise each asset and therefore, increasing the overall level of difficulty (Rational Choice). Such an approach is supported by the setting of individual component performance measures (Garcia, 2008, p. 5) and applications of hierarchical- principles-combinations (Williams, 1981, pp. 145-147) across technical, procedural and physical controls. This functionally achieves the elements of defence in depth including intrusion detection and tamper detection, security lighting, access control, closed circuit television in what Bintliff (1992, p. 315) refers to as layered technology-based security, supported by physical delay constituents and response capabilities (See Williams, 1981, pp. 145-147; Bintliff, 1992. Fennelly, 1997; Konicek & Little, 1997; Cieszynski, 2001; Garcia, 2001; 2008; IESNA G-1-03 Security Lighting Comittee, 2003; Fisher & Green, 2004). Such a system is considered, whilst being cognisant of the legal framework including relevant laws, regulations and standards, as guiding the implementation of individual protection components (Kovacich & Halibozek, 2006, pp. 37-46; Garcia, 2008, p. 5). Within this approach, the practice of investigating and analysing security related incidents supported in the writings of Astor (1978, pp.153-160), and consistent with the recovery element (HB 167, 2006, pp. 63-64; Australian Government, 2008, p. III) is holistically supported through robust business continuity management (Talbot & Jakeman, 2009, pp. 365-367). Furthermore, for both teaching and learning purposes, it can be useful to represent visually the interrelationships between concepts. As such, concept maps (Figures 2 & 3) are graphically condensed (Figure 4) to represent a threat driven risk based design heuristic for security systems planning.
Figure 4. Threat driven risk based design philosophy for security systems
CONCLUSION This paper presented phase one of a multiphase study. Results indicate that within a systems approach to security the core professional competencies for a security professional relate to their ability to skilfully apply knowledge from the theories and best practice principles embodied within the security domain planning and management heuristic. This heuristic was approached accordant with the works of Fraser (1993, p. 18), who pointed out that as a construction, knowledge is changeable as people revise their constructions of knowledge and incorporate new information in different ways into their existing conceptual frameworks. The heuristic map (Figure 2) takes 55
a top-down approach bounded by routine activity, rational choice, situational crime prevention, defence in depth, security decay, and management theories, within the elements of prevention, preparedness, response and recovery. It is argued this heuristic will enhance more meaningful learning within security science and bring together academic theory with practising security strategies. It is proposed that this heuristic will be adjusted throughout the remaining phases of the study; however, phase one supported the viability of further phases towards the development of a consensus heuristic for the security domain.
REFERENCES Astor, S. D. (1978). Loss prevention: controls and concepts. Butterworth Publishers. Stoneham. Australian Interim Security Professional‟s Task Force. (2008). Advancing security professionals: Discussion paper. Retrieved from August 2011: http://www.isacaadelaide.org/pd/Discusion_paper_Future_Security_Professionals_March08.pdf. Australian Government. (2008). National Counter-terrorism plan: National Counter-Terrorism Committee. Retrieved August 2011 from: http://www.nationalsecurity.gov.au/agd/www/nationalsecurity.nsf/AllDocs/85A16ADB86A23AD1CA2 56FC600072E6B?OpenDocument Ausubel, D. P., Novak, J., D., & Hanesian, H. (1968). Educational psychology: A cognitive view (2nd e.d.). New York: Holt, Rinehart and Winston. Bedard, J. & Chi, M., T.H. (1992). Expertise. Current Directions in Psychological Science, 1, 135. Bintliff, R. L. (1992). The complete manual of corporate security and industrial security. New Jersey: Prentice Hall. Brooks, D. J. (2010). What is security: definition through knowledge categorisation. Security Journal, 23, 225– 239. doi: 101057/sj.2008.18. Borodzicz, E., & Gibson, S. D. (2006). Corporate security education: towards meeting the challenge. Security Journal, 19, 180-195. Cieszynski, J. (2001). Closed circuit television (3rd e.d.). Burlington: Elseier. Clarke, R. V. G. (1980). Situational crime prevention: Theory and practice. British Journal of Criminology. 20(2). Cohen, L. & Felson, M. (1979). Social change and crime rate trends: a Routine Activity Approach. American Sociological Review, 144: 588-608. Cohn, B. M. (1981). Reconciling fire safety and security requirements for buildings. Building Security, ASTM STP 729. American Society for Testing and Materials. Collins Australian Pocket Dictionary of English Language. (1994). Victoria: Harper Collins Publishers. Cornford, I. & Athanasou. (1995). Industrial and commercial training. Guilborough, 27: 10-19. Craighead, G. (2003). High-rise security and fire life safety (2nd e.d.). Woburn, MA: Butterworth-Heinemann. Crowe, T. D. (2000). Crime prevention through environmental design (2 nd e.d.).National Crime Prevention Institute. Boston: Butterworth-Heinemann. Donald, A. S. (1983). The reflective practitioner: How professionals think in action. BasicBooks. Eysenck, M., W. & Keane, M., . (2001). Cognitive psychology: A student‟s handbook (4th e.d). New York. Psychology Press. Fennelly, I. J. (1997). Effective physical security (2nd e.d.). Boston: Elsevier Butterworth-Heinemann. Fisher, R. J., & Green, G. (2004). Introduction to Security (7th e.d.). Boston: Butterworth- Heinemann. Fraser, K., M. (1993). Theory based use of concept mapping in organisation development: Creating shared understanding as a basis for the cooperative design of work changes and changes in working relationships. UMI Dissertation Information Service. Michigan. 56
Garcia, M. L. (2001). The design and evaluation of physical protection systems. Boston: ButterworthHeinemann. Garcia, M. L. (2006). Vulnerability Assessment of Physical Protection Systems. Boston: ButterworthHeinemann. Higgins, C. E. (1989). Utility security operations management: for gas, water, electric and nuclear utilities. Illinois: Charles C Thomas Publisher. IESNA G-1-03 Security Lighting Committee (2003). Guidelines for security lighting for people, property and public spaces. Illuminating Engineering Society of North America. Konicek, J., & Little, K. (1997). Security, ID systems and locks: The book on electronic access control. New York: Butterworth-Heinemann. Lussier, R., N. (2006). Management fundamentals: concepts, applications and skill development (3rd e.d.). Thomson South-Western. Mason. Manunta, G. (1999). What is security? Security Journal.12, 57-66. Nalla, M., & Morash, M. (2002). Assessing the scope of corporate security: Common practices and relationships with other business functions. Security Journal. 15, 7-19. Sennewald, C. A. (2003). Effective security management (4th e.d.). Boston: Butterworth-Heinemann. Standards Australia. (2006). Security risk management. Sydney: Standards Australia International Ltd. Talbot, J., & Jakeman, M. (2009). Security risk management body of knowledge (SRMBOK). New Jersey: John Wiley and Sons. Umibe, F. (1991). Technical management notes. Transactions on Engineering Management, 38 (4), 359-365. Underwood, G. (1984). The security of buildings. London: Butterworths. Vu, T., Rigby, B., Wood, L. and Daly, A. (2011). Graduate skills in business learning. Asian Social Science, 7(4): 2-12. Wilensky, H., L. (1964). The professionalization of everyone. American Journal of Sociology, 70: 137-158. Williams, J. D. (1981). Design considerations for high-security interior intrusion detection systems. Building Security, ASTM STP 729. American Society for Testing and Materials. Winoto, P. (2003). Controlling malevolent behaviour in open multi-agent systems by means of deterrence theory. Proceedings of the IEEE/WIC international Conference on intelligent agent technology (IAT‟03).
57
A STRATEGY TO ARTICULATE THE FACILITY MANAGEMENT KNOWLEDGE CATEGORIES WITHIN THE BUILT ENVIRONMENT Robert Doleman and David J Brooks secau Security Research Centre, School of Computer and Security Science Edith Cowan University, Perth, Western Australia
[email protected];
[email protected]
Abstract Security is applied in the built environment and this requires a close relationship with facility managers. Therefore, this study puts forward an approach to establish the facility management knowledge categories within the built environment. In part, the significance of the study stemmed from research undertaken into the compliance to Australian fire door maintenance within nursing homes, which demonstrated 87 percent noncompliance. This high level of non-compliance appeared to identify a lack of facility management knowledge, among other issues (Doleman & Brooks, 2011). The article uses a method to test the supposition of facility management knowledge construct in a three-phase Grounded Theory analysis. Phase-one examines international tertiary Facility Management courses, where course content is critiqued through linguistic analysis to extract the knowledge categories. Phase-two of the study further analyses these findings through the use of multidimensional scaling to present underlying conceptual knowledge interrelationships. The final third-phase uses experts in order to validate the findings of the previous two phases. A pilot study identified 18 common knowledge concepts, for example project management, space planning, budgeting and principles of facility management. The study outcomes will improve the understanding of building knowledge requirements within the built environment, resulting in a framework of facility management knowledge categories. Such an outcome will support the consensual development of a facility management body of knowledge. The specific outcomes put forward for this research includes establishing the primary knowledge categories found within the Facility Management Industry. In addition, the outcomes will support the consensual development of a facility management body of knowledge, support policy, education and the relationship with security. Keywords Facility management; body of knowledge; built environment
INTRODUCTION Security is applied within the built environment, resulting in a close relationship with security management. The built environment refers to the man-made structures in our towns and cities that provide environment for human activities, ranging in scale from personal residential structures to major city infrastructure. The built environment is a material, spatial and cultural product produced by people for living, working and leisure, characterised by a combination of physical elements and energy in systems necessary for people to conduct their living experiences. The health of the population in a built environment needs to be considered, with a feeling of safety for the population being important. To some degree, the management of security within the built environment has the function of producing that feeling of safety. Therefore, this study considers the establishment and further validation of Facility Managers‟ primary knowledge categories by identifying their involvement within the life cycle of a building. The research was driven by an initial study undertaken by Doleman (2008) into the compliance of owners and operators to maintain fire and smoke doors in compliance with Australian Standard AS1851-17:2005, which found a high level (87%) non-compliance. The research established that the needs of the elderly are much greater than that of a younger demographic, not only from lack of mobility but also from the nature of the facility. Nursing homes are required, by their very nature, to provide a high degree of safety and security. To establish such a large level of non-compliance rate allowed several assumptions to be made. One such assumption identified a lack of suitably qualified and experienced owners and operators within the aged care facility industry (Doleman & Brooks, 2011). The purpose of the current in-progress research is to develop a framework that identifies the Facility Managers knowledge categories in the built environment. In addition, to examine the way that knowledge develops 58
throughout the building life in an attempt to identify knowledge shortfall within the Facility Management industry. Such an outcome will also provide better articulation between the security and facility management in their roles and responsibilities. Significance of the study The theoretical challenge of this study will be to identify the Facility Management (FM) knowledge categories and the role that knowledge plays within the different stages of the buildings life cycle. According to Lehtonen and Salonen (2006), FM has gradually become accepted as a service profession within the property and construction industries during the early 1980s. Nevertheless academic research, publications and theoretical investigation into FM did not start until the 1990s (Price and Akhalghi, 1999) and it still remains underresearched (Nutt, 1999), while procurement and relationship management are becoming increasingly important in academic FM publications (Salonen, Lehtonen & Ventovuori, 2005). The restricted and often non-consensual nature of a defined body of knowledge and the past findings of knowledge shortfalls within aged care facilities (Doleman, 2008) substantiated the significance of the study. The outcome of the study will lead to a better understanding of how Facility Management knowledge categories and subordinate concepts influence the management of buildings. This approach provided a study goal of deepening the understanding and role of FM knowledge categories within the life cycle of a building context. The dissemination of the information to a wider audience within the Facility Management industries will allow a better understanding of the role Facility Managers within the process and the mechanics behind the knowledge interaction within the build environment. Study Objectives The objectives of the study were to consider the core knowledge categories of Facility Managers, informed by the posed Research Questions: 1.
Can the Facility Manager‟s knowledge categories be identified and their role be established within the life cycle of a building context?
2.
What are the knowledge categories and subordinate concepts and their interaction and interrelationships within the Facility Management domain as measured by Multi Dimensional Scaling?
FACILITIES AND FACILITY MANAGEMENT The life cycle of a building falls into a number of substantive stages, namely design, construction and occupancy. The mechanics behind how the Facility Management knowledge categories interact within the buildings life cycle and the way knowledge collaboration is developed and used within the Facility Management domain is considered. The practitioners and their knowledge categories found throughout the different stages are varied, with the Facility Management (FM) becoming involved towards the end of the construction stage and throughout the occupancy stage. According to Lehtonen and Salonen (2006), FM performs an important role within the service sector accounting for 30-40 percent of an organisation‟s annual budget. FM adds value to an organisation by improving delivery of service, resource control and supply chain (Amaratunga and Baldry, 2002), while Fearon and Bales (1995) note that FM services are the most important service category in terms of volume. Facilities management is a general term covering a broad spectrum of services from real estate management, building maintenance, financial management, health and safety, and contract management (Atkin & Brooks, 2000; Amaratunga, Baldry & Sarshar, 2000). The role of FM can be defined as a key function in managing facility resources, support services and the working environment, supporting the core business of the organisation (Tay & Oi, 2001; Chotipanich, 2004). Knowledge Communities Understanding the way in which Facility Management (FM) knowledge is produced within the life of a building cycle, as well as understanding the relationship between the FM organisational strategies, knowledge accrual and the management of the knowledge, is critical. The ability of organisations to obtain and deploy knowledge over their specific domain is seen by Hahn and Subramani (2000) as being vital in maintaining a competitive advantage. The term knowledge has been a topic of discussion for some time. Bhatt (2002) refers to knowledge as being intangible and fuzzy in nature, while Novak and Gowin (1984) consider that knowledge is constructed as layers on previous knowledge, using and expanding on existing concepts. Davenport, Long and Bears (1998,
59
p. 207) refer to knowledge as a “combination of information combined with experience, context, interpretation, reflexion and perspective”. The convergence of different knowledge groups in a communal forum is a significant practice within large organisations. Ras, Avram, Waterson and Weibelzahl suggests that knowledge needs to be shared and is best undertaken by the acquisition and storage of knowledge in knowledge bases, following by countless and costless sharing (2005, p. 396). Wenger, McDermott and Snyder (2002) refers to this bringing together as communities of practice, describing it as a group of people who share a set of problems or a passion about a topic and who deepen their knowledge and expertise in this area by interacting on a continuous basis. Australian Legislation One such method to gain common knowledge is through legislation and standards. Within Australia there is both Federal and State legislation that is involved within the life of a building cycle. Such direct and indirect legislation includes the Building Regulations Act 1989, Local Government (Miscellaneous Provisions) Act 1960, Fire Brigade Act 1942, Occupiers Liability Act 1985, Occupational Safety and Health Regulations 1996 and perhaps most important, the Occupational Safety and Health Act 1991. The Australian federal system allows powers to be divided between a central government and regional governments, the Commonwealth Government and States by the Constitution. Specific areas of legislative power such as taxation, defence, foreign affairs, postal and telecommunications services were given to the Commonwealth Government, (Australian Government, 2005). A difficulty of this form of divided legislative control is the integration of the laws and regulations with each other, referred to as legislative harmonisation (Brown & Furneaux, 2007). Leebron (1997) refers to Harmonisation as a way of reducing differences in laws and policies between two jurisdictions overcome by adopting similar laws and policies. Brown and Furneaux, 2007 (1992) go on to state that complete harmonisation can only occur if agreement is made on the central benchmark for use and that the best known example of harmonisation within the construction industry in Australia is the Building Code of Australia, which seeks to set a minimum standard of performance for buildings and building materials across Australia. The existent to which the involvement to which the Commonwealth and State Governments are involved within the building life cycle stages varies between each state and phase.
STUDY METHODOLOGY As a research method, Grounded Theory was considered a suitable technique that would allow credible research to be undertaken within the context of this study. The study is divided into three distinct phases (Figure 1). Phase one considers the body of knowledge found within 15 international tertiary undergraduate Facility Management courses. The findings will be examined through a linguistic analysis of the course content, coded with the findings examined by ten experts to establish the validity of the findings. Phase two involves the examination of the phase one findings through the use of multidimensional scaling, allowing the interrelationships to be extracted. Phase three involves semi-structured interviews of 25 industry experts in order to validate the findings from the previous phases. Phase 1 15 undergraduate FM course analysis & Expert Validity
Phase 2 MDS Knowledge Structure Survey and analysis
Phase 3 25 Experts for Knowledge Structure Validation
Figure 1 Study Design
60
Grounded Theory Grounded Theory has been successfully employed in other disciplines including sociology, organisational science marketing and information sciences (Mansourian, 2006; Sornes, 2004), and has found extensive acceptance in research since it was first introduced by Glaser and Strauss in the early 1970s (Stern & Covan, 2001). Flinders and Milles (1993, p. 9) refer to Grounded Theory as being a complex process of both inductive and deductive, guided by prior theoretical commitments and conceptual schemes. They further state that the approach is not simply a methodological scheme for initiating and guiding enquires, as it requires prior educated understanding. From an organisational stance, organisations are often referred to as having cultures embedded within them. Morey (1986) refers to organisations as not being a culture but operates “as if" they were cultures. Orlikowski (1993, p. 312) states the use of a Grounded Theory approach is well suited to organisational settings because the complexities of the organisational context have to be incorporated into an understanding of the phenomenon, rather than be simplified or ignored. Further justification for the use of Grounded Theory within the building‟s life cycle knowledge categories can be demonstrated by Sornes (2004), who asserts that Grounded Theory is appropriate in the study of information communication technologies within organisations, in particular, when generalised content relevant to organisational and management science are identifiable. Expert Knowledge The study will use experts‟ to develop and support its outcomes. Nevertheless, the exact nature and performance of an expert is not readily defined (LaFrance, 1997 cited in Brooks, 2008). Expert performance may be defined as consistent performance on a domain specific representative task (Ericsson & Charness, 1997), although expertise cannot be so easily quantified. Expertise requires a number of abilities that includes problem solving skills, conceptual understanding, domain knowledge and experience. Simon and Chase (1973) suggest experts see and know the world but only in their domain, in ways that a fundamentally different to a lay person stemming from a difference in perception, knowledge and knowledge organisation.
STUDY APPLICATION Phase 1: Facility Management Knowledge Extraction Phase one involves the investigation and critique of 15 international tertiary undergraduate courses in FM. The course selection will be made initially on the strength of the FM related concepts found within the title of the course; however, validated by an expert group. The findings from the course content analysis will then be subject to a linguistic inquiry and word count to develop the knowledge categories for Facility Management. Francis and Pennebaker (1993) developed and validated a computer-based text analysis program called Linguistic Inquiry and Word Count (LIWC) as a practical method for studying the emotional and structural components present in individual‟s language. LIWC analyses written text files to contrast against dictionary matches on a word by word basis by calculating the percentage of words in the text that match (Pennebaker & Francis, 1999). It was considered that the study did not require a full linguistic analysis to be used. A sample of size 15 was considered appropriate due to the method date of selection and criteria of Facility Management courses, although the sample size is not a random mathematical sample of the larger community (Krejcie & Morgan, 1970). To further support the selection process and reliability, the universities were selected from the European Facility Management Education Guide 2009 that identified 30 Bachelor courses in 15 European countries (EuroFM, 2009) and the North American Facility Management Degree Guide 2009 that identified 21 institutions from North American States (IFM Foundation, 2009). A 10 member expert panel to validate the above courses was considered appropriate due to the non-probability nature of the expertise available. Phase 2: Multidimensional Scaling The knowledge categories Phase one will then be inserted into multidimensional scaling (MDS) survey instrument (Table 1) to gain an understanding of their interrelationships and relevance. According to Bennet and Bower, (1977), MDS is a way in which an analysis of similarities in judgements can be made to allow dimensionality to be identified and is one of the best known grouping techniques (Kerlinger, 1970). Classical 61
multidimensional scaling, also known as Torgerson Scaling or Torgerson-Gower scaling, (Borg & Groenen, 2005) examines the dissimilarities between pairs of items producing an output matrix that minimises the loss function or strain. Non-metric analysis is seen as more appropriate for the study of social sciences (Kruskal, 1964) and according to Markham, Mintzes and Jones (cited in Brooks, 2009) the use of MDS increases the reliability of knowledge maps.
Table 1: Sample of the multidimensional scaling knowledge category survey when compared to Management Facility Management
Change
Management
etc
Unrelated
1
2
3
4
5
6
7
8
9
10
Very related
The Phase two use of MDS meant that the sample size as indicated by Borg and Gall (1997) could be selected on a work-up rather than work-down approach, which combined with non-probability sampling, removed the need to define the sample size based solely on population (Brooks, 2008). Cohen, Manion and Morrison (2002) consider 30 to be the minimum sampling size for MDS analysis, which is supported by similar studies that had used MDS analysis (Cheng, 2004; Martinez-Torres, Garcia, Marin, & Vazquez, 2005). Phase 3: Expert Knowledge Structure Validation The third and final phase of expert knowledge structure validation will involve the assessment of the results from Phase two, using 25 experts from a cross section of the facility management industry. A semi-structured interview will be conducted, with the process being audible recorded and transcribed. According to Wuest (cited in Munhall, 2007), the interview starts with an overview question, with some follow up probes, that are essential for opening a broad line of questioning (Wuest, Ericson & Stern, 1994). The opinions of each respondent will allow assumptions to be made for comparison. This process will also allow internal validity to be examined by triangulation (Figure 2) of the research findings. The validity of Phase three will be assessed through face validity, being expert judgement. Pre-constructed response coding will be utilised to maintain consistency and maintain reliability and assessable using expert judgement. Reliability and Validity Reliability as stated by Guildford (1950) as a certain instrument applied to certain population that is the extent to which the same measurement of individuals obtained under different conditions yield similar results. By presenting all the subjects in a survey research as a standardised stimulus it goes some way towards eliminating unreliability in observations made by the researcher (Babbie, 1992, p. 279). The study will establish trustworthiness as Padgett (1998) refers to reliability through a variety of strategies include prolonged engagement, triangulation, peer debriefing, member checking, negative case analysis, audit trail and reflexivity (Creswell, 1998, 2003; Horsburgh, 2003; Johnson and Waterfield, 2004). According to Babbie (1992), the degree to which an instrument measures what it is supposed to measure and the extent to which the empirical measure adequately reflects the real meaning of the concept under consideration is the definition of validity. Construct validity refers to the representativeness of the content of the instrument used in the study and the degree to which the measure covers the range of meanings including concepts and calls for the continued accumulation of information from various sources (Babbie, 1992, p. 133). While Cooper and Schindler (1998) refer to content validity as being the degree to which the content of the items adequately represent the universe of all relevant items under consideration. Instrument validity was assessed through face validity and convergence, with face validity assessed by expert judgment. In addition, the study is using triangulation between study phases (Figure 2). As Cavana, Delahaye and Sekaran (2001) state, triangulation is a cross-validation or verification methodology in qualitative research and not a theoretical approach. Nevertheless, Glesne and Peshkin (1992) assert that use increases confidence in the research findings and this will support the various study phases and analysis methods.
62
Figure 2. Study triangulation between phases (Adapted from Mc Millen & Schumacher, 1993)
CURRENT RESULTS The study has applied the methodology, with progression through the primary study. Phase 1 has extracted Facility Management knowledge categories from three international tertiary institutes, with validity provided by four Facility Management experts. The tertiary courses were selected as a cross section of the overall list of proposed universities that offer an undergraduate course in Facility Management. The tertiary institutions chosen were one from the USA, one from the United Kingdom and the third from The Netherlands. 2,157 facility management knowledge concepts have currently been extracted from the three course contents examined, with concepts ranging from management through to zoning. During the linguistic analysis (Francis & Pennebarker, 1993) phase several semantics issues had to be considered to ensure reconciliation for consistency. In the context of the tertiary course content overviews the word plan was considered to be the same as planning. In addition, facilities was considered the same as facility and service the same as services. During analysis, the context in which the concept appeared was also considered. The 24 most used concepts (Table 2) resulted and were selected for review by the Facility Management experts. These concepts will be further analysed in the proceeding phases using multidimensional scaling and additional experts. Table 2: Phase One 24 most common facility management knowledge categories Knowledge Categories Management Business Product Environment Facilities Organisation Systems Organisational Change Analysis Financial Customer Planning Quality Interior Marketing Development Communication Process Materials Service Skills Research Design
EXPECTED OUTCOMES The study seeks to develop an understanding of what knowledge categories of Facility Managers are involved within the life cycle of a building. By reviewing the Facility Management knowledge requirements developed during the life cycle of the building, it is expected to gain significant insight into the Facility Managers role and responsibilities. The specific outcomes expected from this research study include:
Establish the way in which the Facility Management knowledge categories within the life cycle of a building affect the buildings outcome.
Define the roles of Facility Management within the life cycle of a building and correlate the relationship and the areas of responsibility.
Identification of factors that promote the exchange of subordinate knowledge concepts within the Facility Management domain.
Improve the understanding of the Facility Management knowledge requirements and understand areas that 63
may be lacking within the building life cycle.
Provide a framework for Facility Management knowledge categories within the life cycle of a building to provide a better platform where Facility Management knowledge interaction is involved.
On the basis of the results obtained during the course of the study and through data analysis, shortcomings in Facility Management knowledge categories may be identified and strategies for moving forward offered.
CONCLUSION The apparent restricted nature of centralised knowledge content for undergraduate tertiary Facility Management (FM) courses has been established as the premise behind this in-progress study. Such a lack of consistency is reflected with the issue that of the 38 US tertiary undergraduate FM courses only nine are accredited with the IFMA and 14 are members. These issues may be combined with the absence of tertiary undergraduate Facility Management course in many other countries which adds strength to the significance of the study. To begin to address this issue the article has put forward a methodology to consider the knowledge structure of FM. The methodology of the research is split the study in three distinct Phases. Phase one assesses international tertiary undergraduate courses in FM, which are validated by experts. The principle behind Phase-two is to apply additional underlying analysis through the use of multidimensional scaling (MDS) knowledge structure survey from phase-one, to gain an understanding of their interrelationships and relevance. Phase-three will assess the results from Phase-two by experts from a cross section of the industry. The intent of the study is to establish and define the roles of the FM knowledge categories within the life cycle of a building. Such understanding will identify factors that promote and improve the exchange of knowledge within the FM domain. Nevertheless, the prime focus of the study is to present an FM framework of knowledge categories within the built environment. Such outcomes will support the understanding of roles and responsibility that the facility management applies within the built environment, supporting the function of providing a safer environment in support of the security manager.
REFERENCES Amaratunga, D., & Baldry, D. (2002). “Performance measurement in facilities management and its relationships with management and motivation”, Facilities, 20(10). 327–336. Amaratunga, D., Baldry, D., & Sarshar, M. (2000). “Assessment of facilities management performance – What next?”, Facilities, 18(1/2). 66–75. Atkin, B., & Brooks, A. (2000). Total facilities management. Blackwell Science, Oxford. Australian Government. (2006). “The national privacy principles, Extracted from the Privacy Act 1988 as at 14 September, 2006”, available at http://www.privacy.gov.au/materials/types/infosheets/view/6583#npp1 (assessed 12 November 2009). Australian Government. (1942). Fire Brigade Act, Australian Government, Canberra. Australian Government. (1988). Privacy Act, Australian Government, Canberra. Australian Government. (1991). Occupation Safety and Health Act. Australian Government, Canberra. Babbie, E. R. (1992). The practice of social research (6th ed.), Wadsworth Publishing Company, Belmont California. Bhatt, G. D. (2002).”Management strategies for individual knowledge and organizational knowledge”, Journal of Knowledge Management, 6(1), 31-39. Borg, I., & P. J. F. Groenen. (2005). Modern multidimensional scaling. Springer, New York. Borg, W. R., & Gall, M. D. (1979). Educational research: An introduction (3rd ed.), Longman, London:
64
Brooks, D. J. (2008) The development and presentation of psychometric concept maps within the knowledge domain of security risk management, Bentley, Western Australia, Unpublished doctoral dissertation, Curtain University Brown, K., & Furneaux, C. (2007) Harmonising construction regulation in Australia: Potentials and problems Paper submitted to the Public Policy Network Conference, 1-2, Adelaide. Cavana, R. Y., Delahaye, B. L., & Sekaran, U. (2001). Applied business research, John Wiley & Son Australia Ltd, Brisbane: Cheng, C. C. (2004). “Statistical approaches on discriminating spatial variation of species diversity”, Botanical Bulletin of Academia Sinica, 45, 339-346 Chotipanich, S. (2004). “Positioning facilities management”, Facilities, 22(13/14), 364–372. Cohen, L., Manion, L. & Morrison, K. (2002). Research methods in education (5th ed.), Routledge Falmer, London. Cooper, D. R., & Schindler. P. S. (1998). Business research methods (6th ed.), Irwin McGraw-Hill, Boston. Creswell, J. W. (2003). Research design: Qualitative, quantitative and mixed methods approaches, (2nd ed.), CA: Sage, Thousand Oaks. Davenport, T. H., Long, D. W. D. & Beers, M. (1998). Successful knowledge management projects. Sloan Management Review, 43-57 Doleman, R. G. (2008). A study of compliance in aged care facilities with regards to Australian Standards 1851:2005 Maintenance of fire protection systems and equipment Section 17, Western Australia, Unpublished Honours Manuscript Edith Cowan University. Doleman, R. G., & Brooks, D. J. (2011). Why are there systemic failures of fire protection equipment in Australian Aged Care Nursing facilities. Paper presented at the 10th Research Symposium: EuroFM, Vienna. Ericsson, K. A., & Charness, N. (1997). Cognitive and developmental factors in expert performance. In P. J. Feltovich, K. M. Ford & R. R. Hoffman (Eds.), Expertise in context: Human and machine (pp. 4-41), The MIT Press Menlo Park, CA. EuroFM. (2009). European facility management education guide. (2nd ed). The Netherlands. Fearon, H.E., & Bales, W.A. (1995). Purchasing of non-traditional goods and services, CAPS Report, Tempe, CAPS/NAPM. Flinders, D. J., & Milles, G. E. (1993). Theory and concepts in qualitative research: perspective from the field, Teachers College Press, New York. Francis M. E., & Pennebarker, J. W. (1993). LIWC: Linguistic inquiry and word count. Technical Report, South Methodist University, Dallas, TX. Glesne, C., & Pashkin, P. (1992). Becoming qualitative researches: An introduction. Longman, New York, NY. Guildford, J. P. Fundamental statistics in psychology and education (2nd ed.), McGraw-Hill Book Company Inc, New York. Hahn, J., & Subramani, M. R. (2000). A framework of knowledge management system. Issues and challenges for theory and practice, Minnesota, USA, International Conference on Information Systems. Horsburgh, D. (2003). “Evaluation of qualitative research”, Journal of Clinical Nursing 12(2): 307–12. IFM Foundation, (2009). North American facility management degree guide. Houston, TX. Johnson, R., & Waterfield, J. (2004). “Making words count: The value of qualitative Research”, Physiotherapy Research International, 9(3). 121–131.
65
Krejcie, R. V. & Morgan, D. W. (1970). “Determining sample size for research activities”, Educational and Psychological Measurement, 43, 15-21. Kruskal, J. B. (1964). “Multidimensional scaling by optimizing goodness to fit to nonmetric hypothesis”, Psychmetricka, 29. 1-27. Leebron, D.W. (1997). Lying down with Procrustes: An analysis of harmonisation claims. In J. Bhagwati & R.E. Hudec. Fair trade and harmonization: Prerequisites for Free Trade? Volume 1: Economic Analysis, The MIT Press, Cambridge, MA. LaFrance, M. (1997). Metaphors for expertise: How knowledge engineers picture human expertise, The MIT Press, Cambridge, MA. Lehtonen, T., & Salonen, A. (2006). “An empirical investigation of procurement trends and partnership management in FM service – A Finish survey”. International Journal of Strategic Property Management 10, 65–78. Martinez-Torres, M. R., Garcia, F. J. B., Marin, S. L. T. & Vazquez, S. G. (2005). “A digital signal processing teaching methodology using concept-mapping techniques”. IEEE Transactions on Education, 48(3), 422429. Mansourian, Y. (2006) “Adoption of grounded theory in LIS research”. New Library World, 107 (1228/1229), 386-402, available at http://www.emeraldinsight.com/10.1108/03074800610702789 (accessed 15 April 2010) Markham, K. M., Mintzes, J. J. & Jones, M. G. (1994). “The concept map and a research and evaluation tool: Further evidence of validity”, Journal of Research in Science Teaching, 31, 91–101. Morey, N. C., (1986). The process and product of organizational ethnography: An anthropological approach. Doctoral dissertation, The University of Nebraska, Lincoln. Munhall, P.L. (2007). Nursing research: A qualitative perspective, Jones & Bartlett, Massachusetts. Nutt, B. (1999). “Linking FM practice and research”, Facilities, 17(1/2). 11–17. Novak, J.D. & Gowin, D. B. (1984). Learning how to learn, Cambridge University Press, Cambridge. Orlikowski, W. J., (1993). “CASE tools as organizational change: investigating incremental and radical changes in systems development”. MIS Quarterly, 17(3), 309-340. Padgett, D. K. (1998). Qualitative methods in social work research: Challenges and rewards. CA: Sage, Thousand Oaks. Pennebaker, J. W., & Francis, M. E. (1999). Linguistic Inquiry and Word Count (LIWC), Erlbaum Publishing, Mahmah, N.J. Price, I., & Akhlaghi, F. (1999). “New patterns in facilities management: Industry best practice and new organisational theory”, Facilities, 17(5/6), 159–166. Ras, E., Avram, G. Waterson, P., & Weibelzahl, S. (2005). Using weblogs for knowledge sharing and learning in information spaces. Journal of Universal Computer Science [Online], 11 (3), 394-409, available at http://www.jucs.org/jucs_11_3/using_weblogs_for_knowledge/Ras_E.pdf (accessed 5 February 2010). Salonen, A., Lehtonen, T., & Ventovuori, T. (2005). A review and classification of empirical research in facilities management, in Proceedings of the 4th European Research Symposium in Facilities Management, 477–485. Simon, H. A., & Chase, W. G., (1973). “Skill in chess. American Scientist”, 61, 393-403. Sørnes, J.-O. (2004). Information and communication technologies in practice: A study of advanced users in the workplace in Norway and the United States. Unpublished Doctoral Thesis, Norwegian University of Science and Technology, Trondheim, Norway. Standards Australia. (2005). Australian Standards 1815. Maintenance of Fire Protection System and Equipment, Standards Australia, Sydney.
66
Stern, P.N., & Covan, J. (1990). Basic Qualitative research: Grounded Theory procedures and techniques, Sage, Newbury Park, CA. Tay, L., & Oi, J.T.L. (2001) “Facilities management: A “Jack of all trades”?, Facilities, 19(10), p. 357–363. Wenger, E., McDermott, R., & Snyder, W. (2002). A Guide to managing knowledge-cultivating communities of practice, Harvard Business School, Boston. Western Australian Government. (1989). Building regulations, Western Australian Government, Perth. Western Australian Government. (1960). Local government miscellaneous provisions, Western Australian Government, Perth. Wuest, J. (2001). Precarious ordering: Towards a formal theory of women‟s caring. Health Care Women International: Special Volume, Using Grounded Theory to Study Women‟s Health, 22(1-2), 167-193. In P. L Munhall, (2007). Nursing Research: A Qualitative Perspective. Miami FL: Jones and Bartlett Publishers. Wuest J., Ericson P. K. & Stern P. N. (1996). “Becoming strangers: the changing family care giving relationship in Alzheimer's disease”, Journal of Advanced Nursing 20(3), 437–443, available at http://onlinelibrary.wiley.com/doi/10.1111/j.1365-2648.1994.tb02378.x/pdf (accessed 21 September 2009)
67
IS THERE A CORE SET OF SKILLS FOR VISUAL ANALYSIS ACROSS DIFFERENT IMAGING TECHNOLOGIES? Craig H.M. Donald Edith Cowan University, and Leaderware
[email protected]
Abstract This research examines the technological challenges posed by security imaging technologies for human visual analysis of images. Imaging technologies are increasing becoming part of an overall security strategy that incorporates a range of camera technologies, x-ray technologies, and other electromagnetic imaging such as millimetre wave and terahertz based systems. Still and video image types are increasingly becoming presented to viewers or screeners in forms that are only representative in nature and highly abstract, and the use of filters is increasing the complexity of interpretation. Despite a range of factors that are being looked at to enhance visual analysis, the contribution of individualised image processing skills is poorly understood and recognised. The paper explores examples of how an assessment exercise which examines visual analysis, ScanX, correlates against performance in four major studies set in different environments and using both x-ray and CCTV technologies. Correlations show strong relationships to performance despite the difference in image technology and environmental settings, as well as detection targets and criteria. Support for a set of core image analysis skills that can be used across a range of technologies by a common operator group is shown by the research. These skills appear to relate more to the nature of processing applicable to various forms of image rather than the image content itself. Keywords Imaging, imaging technology, visual analysis, image analysis, closed circuit television (CCTV), x-rays, operator performance, selection
THE IMAGING TECHNOLOGY CHALLANGE Modern security systems are increasingly composed of a number of visual imaging technologies at different flow points of the processes being checked and monitored. Whether one is looking at airports, diamond mines, national key points, or even more conventional sites such as shopping centres, a combination of electronic imaging technologies are being used to review people, goods, materials, areas and even processes and movement (Donald 2010). Traditional CCTV cameras, infrared cameras, x-rays of goods, luggage and carry on bags, and penetrative and backscatter full body x-ray technologies are already widespread in operations internationally. This trend is likely to continue as emerging electromagnetic technologies provide increasing capabilities to view electronically at different wavelengths to the human eye. These can include thermal, millimetre wave and terahertz based technologies that are already commercially available (Binstock && Minukas, 2010). The development of these technologies has seen an increasing divergence from traditional images on screen. For example, a CCTV camera and a thermal camera present very different visual images on screen of the same physical presence especially under different lighting conditions. Moving to a terahertz based system provides a general body shape reflecting blobs of various wavelengths of electromagnetic radiation. X-ray images of bags, other goods, or even people to evaluate illegal or threat conditions or to analyse content, can be viewed with filters that can have a substantial impact on the nature of the display to the viewer. The content moves from the real to the representative where graphic processing creates artificial colouring, changes image composition and removes or enhances only certain content which meets specific wavelength properties. In addition to these, there is an increasing implementation of imaging being used or trialled at other electromagnetic spectrums where the display is entirely synthetic. In all these cases, real items are being displayed in a representative form which may depart radically from the actual outline, shape, texture, surface composition, and form of the real object. The point of these imaging technologies is to identify various items from the way they impact on the wavelength which the measuring technique is using. The objective of the viewer is to analyse the information available and identify threats or problems in the images. This is calling for increasing sophistication in the visual analysis of such images on behalf of the viewer or operators.
68
VISUAL ANALYSIS DEMANDS Substantial development cost has been spent on these established and emerging imaging technologies. While extensive efforts are being made to provide automated analytical tools to identify issues within images, these have had varying success. Undoubtedly there are successes in visual analytics or automated recognition systems. Further, we can expect increased presence and sophistication of image or video analytics in security technology. However, at present in some cases they can complicate the decision making processes rather than simplifying it. For example, in aviation x-rays highlighting a potential threat in a bag being scanned for weapons may cause a false alarm, but even more critically, it may distract a viewer or screener from other threats that have not been electronically identified in the bag. In other cases they are limited to basic conditions such as video analytics identifying movement, excessive grouping or contact of people, and basic postures. Identification of more subtle behaviours is beyond most “intelligent systems” at this stage, however. In most cases, human visual analysis of either original, processed, or alert activated images is still necessary. Human factors research to address the human visual analysis process has addressed some of these visual analysis factors in a number of ways. Research on eye movement (Wickens & McCarley, 2008), concentration spans, spatial and other properties of targets, signal detection characteristics including timing (Huey & Wickens, 1993) are all contributors to detection performance. Aspects such as situational awareness (Sandom, 2001), goal driven attention, and task engagement (Cheyne, Carriére, & Smilek, 2006) may sensitise viewers to the context and task requirements of the detection process. The individual‟s level of arousal is seen to impact on the motivational intensity and the individual‟s level of alertness (Davies & Parasuraman, 1982), but there is not always a simultaneous change in detection efficiency during reduced arousal (Koelega, 1996). The role of attention sets in particular has been highlighted by Donald (2011) as critical in determining the frame of reference that operators use to guide observation. However, despite the extensive research into factors that affect an operator‟s approach to tasks, an understanding of the cognitive visual analysis process that they use as individuals is still poorly understood. Indeed, often the visual analysis term is used as a catch all to reflect matching, memory recall, or simplistic recognition rather than analysis. Matching or simple recognition activities contrast sharply with the interpretation requirements expected from and implicit in many of the security imaging technologies. Indeed, the more the representative image diverges from the original item in shape, form and composition and the more abstract it is, the more complex the interpretation of such an image becomes. For human visual analysis, the context in which the indicators occur provides important information with which to identify the threat. Whether doing visual analysis of x-rays or CCTV, an understanding of context is critical. For instance, a behaviour in one setting may be perfectly normal, whereas the same behaviour in another setting may be seen as highly suspect. In reviewing the success of CCTV schemes, the Australian Research Council (2006) notes that “The effectiveness of CCTV may be very much dependent on a whole range of issues but in particular the monitoring strategies adopted by camera operators." (pg.ii). Research on visual analysis also typically adopts a system orientation, in that it is assumed that if the controllable factors that influence how the person relates to the target (e.g, attention sets, frame of reference etc) can be standardised at an optimal level, and the technology itself is standardised, the performance of personnel will be similar. However, we are continually faced with issues such as why one doctor or radiographer spots a problem in an x-ray image and another with similar training and conditions can not. Similarly, there are variations in performance in a range of security settings between people from similar backgrounds, using the same equipment, and who received standardised training. We still get wide variance in aviation x-ray performance and in CCTV detection rates. In a study of X-ray baggage screeners sixty percent of detection errors were issues relating to decision making – screeners could see the threats but made erroneous decisions about them (Security General, 2002). Differences in detection effectiveness between people can occur even over short periods. The inability to make correct decisions is also therefore independent of time induced issues such as fatigue and vigilance. The advent of new imaging technology is not going to solve this, it may in fact make it even more critical as the degree of abstract conceptualisation required becomes greater as the image moves further from the original. Further, we find that analytics often relieve personnel of routine tasks, but increase the expertise required to analyse and decide on cases that get referred by analytics due to ambiguity, lack of resolution, or unrecognised conditions. One is therefore faced with the issue of individual differences in either aptitude, cognitive approach or functioning, or natural skills in which a person can apply the analysis process to the job context.
69
THE INDIVIDUALISED NATURE OF VISUAL ANALYSIS If some individuals are better performers than others in such a task, the question then arises as to whether there is a set of core inherent competencies or aptitudes that assist individuals engaged in visual analysis tasks for image intensive operations. Further to this, can these core competencies be applied equally well to technologies producing very different images. Thirdly, can they make a substantial difference to the performance outcome. Fourthly, are they inherent to individuals, or can anyone acquire these skills through training or exposure. From an information technology perspective an additional question arises in asking whether they can be replicated through computerised processing of images. Research by QinetiQ into cognitive factors in a standardised job profile applied to x-ray screeners highlighted six major factors ( Department for Transport, 2003). These included perceptual speed involving the ability to make quick and accurate comparisons between objects, perceptual closure which facilitates identifying specific objects that are hidden or concealed in other objects, deducing involving the ability to apply existing rules and procedures to find solutions to novel problems, visualising which relates the to the ability to imagine how something would look once changes have been made to it, and decision making which involves the ability to make a decision where there is no clear answer or information is complete. Reaction time as reflected in the ability to respond quickly is the sixth factor identified in this respect. While these are standardised factors used for job classification purposes, they provide only a partial understanding of individual differences. However, if we take an instrument that appears to have predictive validity for performance in a variety of image analysis tasks and technologies, we can examine how the cognitive processes required for completion of the task in a technologically neutral way.
METHOD This paper takes four research studies where such a widely used assessment instrument examining participant competencies was applied as part of the research process. These studies all relate to the effectives or enhancement of performance of x-ray screeners and CCTV operations in a number of international settings. Purposes include assessing predictive validity, or as part of the research design, assigning participants into control and treatment groups for research design purposes. The instrument is designated as ScanX in the case of the x-ray environment, or in the case of use in CCTV operations, the Scanning Exercise where it forms part of a more comprehensive assessment called SAMAE. The term of ScanX will be used for the remainder of the paper. Developed for the evaluation of personnel doing observation and detection tasks in high technology operations, ScanX is one of the few instruments for evaluating individual skills in visual analysis and detection that is used across x-ray, full body x-ray, and CCTV environments. ScanX test items are a set of graphic objects positioned together in a containing shape which provides the standard background colour. It contains elements of colour, positioning of objects relative to one-another, grouping characteristics, rotation in space, the potential for subtle or obvious loss of information, a degree of pattern information, and the need to encompass the overall graphic as a whole, as the nature of the background shape can alter as well items contained within the shape. The graphic is generic in nature, relates to no standard industry image, and requires not situational awareness from previous experience. However, the process of visual analysis is critical to effective detection in the exercise. Participants have to review objects that appear respond when the target image is different to a reference image provided. A number of characteristics are required by individuals during the continual processing of the graphic as it appears for each item over the 30 minutes of the exercise. Measurement of performance on the ScanX Exercise is based on two accuracy measures, a reaction time measured in seconds, and a false alarm rate. The accuracy measures include one identifying the percentage of target items within four seconds of them being displayed, and another identifying the percentage of target items detected as long as they are on screen (up to 15 seconds). The 4 second accuracy shows a high speed of processing, whereas the 15 second accuracy score shows sustained attention even after initial processing. The false alarm rate is critical in showing the ability to make accurate decisions about what is seen. A high false alarm rate shows poor judgement or guessing without an appropriate level of insight. The combination of accuracy and false alarms on the same measure produces an efficiency score based on how well or badly the participant does relative to a general distribution of scores on these two variables. A high Efficiency 4 second score for example will show a high accuracy of detection in conjunction with very few false alarms. The research studies incorporating the ScanX exercise for which validation is available are detailed below.
70
Study 1. Conducted on 83 currently employed x-ray operators in two major UK airports as part of a UK Department for Transport study (Department for Transport, 2003). Performance was measured by threat image projection (TIP) detection rates on the job. TIP involves the projection into the x-ray image of life like threat objects such as guns, knives and explosive devices. It provides a true detection rate in that it is know how many TIP images were used and the precise response rate to these. Study 2. An operating diamond mine and involving 16 CCTV surveillance operators who were all full time employees (Donald, 1998). Job performance was measured by levels of theft incident detection identified by the operator as part of the standard work duties, and a separate detection of safety and other violations of personnel on the job. The collection of incident data was based on one month of performance where operators were exposed to the same shift schedules. It is possible that CCTV operators were exposed to different levels of theft rates within their experience of work shifts although a month working period would be expected to even out this kind of exposure. Study 3. An industrial research project in which a sample of 12 CCTV surveillance operators were drawn from five diamond mines in Southern Africa (Andrew, Landgrebe, & Donald, 2003). They were exposed to a incident detection task of identifying diamond theft behaviours over 3 hours of structured video material. All participants in the sample had experience in the plant process and the detection of theft behaviour was part of their standard job requirement. The footage included a mixture of incident and non-incident footage, either real or acted under realistic conditions. Personnel were given 5 minute breaks at the end of each hour. Job performance was measured by the detection rate of theft behaviour over the full duration of the video footage. As the simulation was designed to incorporate specified theft incidents, the detection requirement rate was known and provides an absolute measure of detection. Study 4. A PhD research study involving 73 CCTV operators drawn from 5 different companies in the gaming, mining, chemical and town centre environments (Donald, 2011). They were exposed to 90 minutes of continual video material of a plant environment where they had to identify designated physical actions rather than theft behaviour. No participants had any previous exposure to the plant environment in which the video materials were drawn. The video comprised a mixture of video clips, some with no target behaviours and others containing one or more target actions. Actions such as picking up an object, flicking with a broom, kicking and swivelling feet were specified as the target behaviours that had to be detected. The four studies involved have very different task performance measures and these are gathered in very different settings. In study one, it is detection of aviation security threats in carry-on baggage x-rays, in study two it involves detection of various behaviours in full time working conditions in a general mining area, in study three recognition of theft behaviour occurring in a processing plant that is gathered in a structured research environment, and in study four, identification of simple behaviours that also occur within a plant environment.
Table 1. Studies and associated correlations between ScanX measures and performance outcomes Study 1 Study 2 Study 3 Study 4 .559 .595 .489 Accuracy 4 (.01) (.041) (.003) seconds .213 .696 .542 Accuracy 15 (.21) (.01) (.000) seconds .59 .534 Efficiency 4 sec (.000) (.01) .47 .447 Efficiency 15sec (.000) (.04) 83 16 12 42 Sample size
DISCUSSION The sites in which the different research studies are situationally diverse, the visual environments being processed on screen are very different, the indicators or signals of an event that are used for detection performance are different (although studies two and three would have similarities in this respect), and the data collection conditions very strongly in terms of time demands and the underlying process. Yet, the correlation
71
between the ScanX results and performance in each one of these cases is fairly substantial and consistently between about .44 to .69. While we expect factors such as salience and small semantic distances to assist in detection, these factors are unrelated when comparing the test exercise to real world conditions. Further, issues such as attention sets may well vary in how well the person does on the tasks, but this no prior attention set that would equip participants to work with the ScanX content. A number of the theoretical issues relating to detection performance therefore do not come into play when looking at the relationship between ScanX and on the job or research study CCTV task performance. The existence of strong relationships between ScanX scores and the different performance measures in the four studies appears to indicate that there is an underlying core of visual analysis skills or attributes that are contributing to interpretative analysis in different environments. The ScanX task requires rapid review of the image and search behaviour for relevant points. The speed of information processing is therefore a critical attribute. Quick recognition of essential details and the ability to home in on relevant points or characteristics is essential. The speed of information processing comes through when reviewing the impact on threat detection with x-rays. Typically, aviation screeners have approximately 5 seconds per bag in which to screen for threats. The Efficiency 4 second score correlates appreciably higher with treat detection than the Efficiency 15 second score, although both remain high. Colour can be used as a way of indicating inconsistency and pattern definition. Attention to detail is also important, but also the ability to view the broader view of the image and to examine context of individual elements to each other and peripheral information. Use of working memory provides useful reference information in detecting anomalies to the norm and changes in pattern structure and appears to work equally well for both the ScanX exercise and actual x-ray or CCTV scenarios. Sustained concentration is probably also indicated as important over time as a performance requirement for both of these. Poor vigilance would affect both ScanX exercise and work task related outcomes.
CONCLUSION The nature of the relationship between ScanX performance and the research studies discussed here appear to emphasise the importance of process as opposed to content. Given the appropriate analytical thinking and the conceptual skills required in visual image processing, it can be applied to any different kind of scenario. This is not to say that there are important aspects from the research that do not apply in the actual performance of the job or work task. It is likely that performance can be improved by appropriate attentional sets, frames of reference, and motivational contexts. However, without the core skills required for analysis, even substantial input on these factors may not lead to the required performance level on the job. Personnel with an appropriate generic set of core visual analysis skills would be a major contribution to successful visual image processing with in a range of technologies. Such visual analysis specialists adept at multidisciplinary viewing allow for flexible staffing as different types of imaging technologies are used as part of comprehensive security strategies.
REFERENCES Andrew, C., Landgrebe, T., & Donald, C. (2003). Enhanced surveillance platform validation testing: Methodology report. Technical report, de Beers, South Africa. Binstock, J., & Minukas, M. (2010). Developing an operational and tactical methodology for incorporating existing technologies to produce the highest probability of an individual wearing an IED. Unpublished Master‟s thesis, Naval Postgraduate School, Monterey, California, US. Cheyne, J. A., Carriere, J. S. A., & Smilek, D. (2006). Absent-mindedness: Lapses of conscious awareness and everyday cognitive failures. Consciousness and Cognition, 15(3), 578-592. Davies, D.R., & Parasuraman, R. (1982). The psychology of vigilance. New York: Academic Press. Department for Transport (2003). The selection of X-ray screeners. Transport Security Division, Technical Information Notice 1/03, United Kingdom. Donald, C. (1998a). Technical report on the validity of the surveillance and monitoring assessment exercise (SAMAE). Technical Report No. 2/1998, Leaderware, SA. Donald, C. (2001). Vigilance. In J. Noyes, & M. Bransby (Eds), People in control: Human factors in control room design. London: The Institution of Electrical Engineers. 72
Donald, F.M. (2011). Optimal Characteristics of Inserted Graphic Objects in Stimulating CCTV Operator Vigilance and Performance. Unpublished PhD thesis. University of the Witwatersrand. Johannesburg. Huey, B. M., & Wickens, C. D. (1993). Workload transition: Implications for individual and team performance. Washington, DC: National Academy Press. Koelega, H. S. (1996). Sustained attention. In O. Neumann, & A. F. Sanders, (Eds.). Handbook of perception and action, Vol. 3: Attention (pp. 277- 331). London: Academic Press. Sandtom, C. (2001) Situational awareness.. In J. Noyes, & M. Bransby (Eds), People in control: Human factors in control room design. London: The Institution of Electrical Engineers. Security General. (2002). Human factors in civil aviation security operations. Technical Report No. 9808 AN/765, International Civil Aviation Organization, Canada. Wickens, C. D., & McCarley, J. D. (2008). Applied attention theory. London: CRC Press.
73
INDIVIDUALISED RESPONSES TO VIGILANCE DEMANDS AND THEIR MANAGEMENT Fiona M. Donald1 and Craig H.M. Donald2 University of the Witwatersrand, Johannesburg
[email protected] 2 Leaderware, and Edith Cowan University
[email protected]
1
Abstract This research uses a task disengagement framework to examine how CCTV surveillance operators and novices respond to the vigilance demands of the detection process. Vigilance tasks are acknowledged as being high in mental workload, yet little is known about how operators deal with these demands in jobs where successful performance is reliant upon sustaining attention on a daily basis. Much vigilance research makes an implicit assumption that people perform tasks that require sustained attention in a passive manner. By contrast, this study examines how operators manage their levels of task engagement and attention resources. The sample consisted of 73 participants (42 CCTV operators and 31 novices) who performed a 90-minute CCTV video surveillance task. Individualised responses to vigilance demands were identified. Alternating fluctuations in task engagement were found for the majority of participants, indicating efforts to manage attention resources and cope with vigilance demands. Differences in subjective responses to the vigilance task were identified. Implications for the management of vigilance performance are discussed. Keywords Vigilance; closed circuit television (CCTV); operator performance; task engagement; coping BACKGROUND It is well established that vigilance tasks are high in mental workload (Temple, Warm, Dember, Jones, LaGrange & Matthews, 2000; Warm et al., 2008), tiring (Wickens & McCarley, 2008), are often stressful (Sawin & Scerbo, 1995; Szalma, Warm, Matthews, Dember, Weiler, Meier, & Eggemeier, 2004), and tend to drain attention resources (Parasuraman and Mouloua, 1996). This suggests that people who face vigilance demands in their jobs on a daily basis are likely to develop ways of coping with these demands so that they can continue to perform these jobs over extended periods. Coping strategies are likely to include ways of managing attention resources, concentration spans and levels of task engagement in order to prevent excessive fatigue. Closed circuit television (CCTV) surveillance represents a vigilance intensive job where operators are frequently required to monitor cameras for extended periods of time and are therefore likely to develop coping strategies. A large proportion of vigilance research has focused on the vigilance decrement as a response to vigilance demands (Parasuraman, 1984). Relatively few studies have examined changes in vigilance performance on a moment-by-moment basis (Gilden & Hancock, 2007) and how operators in vigilance intensive jobs cope with the demands made by their work in terms of management of attention resources and detection rates. A few studies have examined how CCTV operators break the monotony of their work by introducing activities that are not task related, such as talking to colleagues, taking toilet breaks and moving around (Smith, 2004). However, the links with moment-by-moment attention processes and job performance in real-world vigilance intensive work have been neglected by researchers. This research examines how CCTV operators and novices with no previous CCTV surveillance experience respond to and manage the vigilance demands of the detection process. It uses a task disengagement framework (Cheyne, Solman, Carrière, & Smilek, 2009) to examine moment-bymoment changes in attention deployed to tasks. Relatively little research attention has been paid to operators‟ deliberate attempts to manage their attention resources. These attempts represent the endogenous modulation of alertness, and contrast with exogenous attention control which is brought about by characteristics of the display, such as novelty and visual conspicuity (Robertson, Manly, Andrade, Baddeley, & Yiend, 1997). Theories regarding vigilance, and in particular the vigilance decrement, attribute performance to factors that are largely beyond the control of observers, such as habituation (Broadbent, 1953), arousal (Koelega, 1996), and changes in visual sensitivity and the response criterion (Balakrishnan, 1998). This suggests that observers adopt a passive approach to the monitoring process, rather than attempting to manage their attention processes and vigilance levels.
74
This passive approach to vigilance tasks is encapsulated in the mindlessness theory of vigilance (Robertson et al., 1997) whereby the vigilance decrement is attributed to the redirection of conscious attention away from the task (Helton, Weil, Middlemiss, & Sawers, 2010). Proponents of the mindlessness theory attribute mindlessness to boredom (Robertson et al., 1997). Contrasting with the mindlessness theory are the multiple attention resource theories which explain vigilance decrements in terms of the depletion of cognitive resources (Grier, Warm, Dember, Matthews, Galinsky, Szalma, & Parasuraman, 2003; Helton, Hollander, Warm, & Matthews, Dember, Wallart, et al., 2005; Johnson & Proctor, 2004; Matthews, Davies, Westerman, & Stammers, 2000). Multiple attention resource theorists acknowledge that vigilance tasks are frequently perceived as being boring, but attribute performance decrements to the need to continuously monitor the environment (Hitchcock, Dember, Warm, Maroney, & See, 1999). Task engagement has recently been used to examine moment-by-moment attention lapses and variations in task engagement in vigilance tasks (Smallwood, Davies, Heim, Finnigan, Sudberry, O'Connor, et al., 2004). Task engagement is defined as „A state of reduced allocation of attentional resources to environmental task-related stimuli‟ (Cheyne et al., 2009, p. 98). This is similar to mindlessness, but is applied to a variety of tasks including those that do not require vigilance. During task disengagement, attention resources are transferred to stimuli and cognitions that are unrelated to the immediate task, or off-line processing. Task disengagement and mindwandering are associated with attention failures and errors (Grier et al. 2003; He et al., 2011; Manly, Robertson, Galloway, & Hawkins, 1999; McVay, Kane, & Kwapil, 2009), some of which have serious consequences (Dockree, Kelly, Robertson, Reilly, & Foxe, 2005). Disengagement results in lapses in the maintenance of task goals and even momentary lapses can be highly problematic. Cheyne et al. (2009) found that task disengagement is most likely to occur when there are long, inactive periods between significant events. They also suggest that engagement is unstable and constantly fluctuates. Fluctuations in task engagement have not been examined in CCTV operators despite the potential impact on detection rates. Cheyne et al. (2009) propose a three-state model of attention disengagement. The first state involves „tuning out‟ (p. 99) and decreased awareness of moment-to-moment changes in environmental stimuli. However, the person remains aware of the general task environment, divides attention between the task and cognitions that are not related to the immediate task, and still devotes sufficient resources to the task to prevent major errors. The second state of disengagement involves mind-wandering in a less conscious manner. There is decreased awareness of generic task-relevant stimuli in the environment, and a more automated manner of responding. Responses to near misses decrease, but blatant errors are likely to re-deploy attention to the task. The third and deepest level of disengagement involves little awareness of task demands and the person only responds to highly intrusive task events. This state is accompanied by behavioural indicators of mind-wandering. Motor restlessness is associated with fatigue and has been found to increase significantly over a 50-minute watch (Galinsky, Rosa, Warm, & Dember, 1993). The current research focuses on the third state of disengagement as this could be observed by the researchers and did not require intrusive bio-neurological measures. Most of the research on task disengagement with vigilance tasks has used the Sustained Attention to Response Task (SART, Robertson et al., 1997) (e.g., Smallwood et al., 2004). The SART uses simple visual stimuli and participants are required to respond to all stimuli except for significant events (Robertson et al., 1997). This task has been criticised for evaluating response strategy and impulsivity rather than sustained attention (Helton, Weil, Middlemiss, & Sawers, 2010). The need to respond to non-significant stimuli creates a need for almost continual responses. This contrasts with vigilance intensive work in the real world, where significant events and responses occur less frequently. The SART and other vigilance tasks that are typically used in laboratory research are significantly less complex than jobs requiring sustained attention and make different information processing demands on people performing them (Donald, 2001). Unlike vigilance intensive jobs in the real world, the tasks typically used in vigilance research have little inherent meaning for participants (Craig, 1984). This also applies to the SART. In addition, whether participants in laboratory research perform well or poorly does not have same consequences as they would for job incumbents in operational contexts (e.g., career advancement). This is likely to affect the motivation of participants (Wickens & McCarley, 2008) and the approach they adopt to the monitoring task. Similarly, previous work exposure is likely to affect the ways in which participants manage their attention resources and approach the detection task in real-world jobs. This is consistent with research on expertise in other jobs (He, Becic, Lee, Jason, & McCarley, 2011; Jarodzka, Scheiter, Gerjets, & von Gog, 2010). The current research examines task engagement in operators who work in CCTV surveillance and novices with no prior CCTV surveillance experience.
75
METHOD Sample The total sample of 73 participants consisted of 42 (32 male, 10 female) operators employed full-time in CCTV surveillance and 31 university students (9 male, 22 female) with no prior experience with CCTV surveillance. Operators had a mean age of 36.48 years and a standard deviation = 8.2 years. The students‟ mean age was 21.55 years with a standard deviation of 1.48 years. All participants had normal or corrected to normal vision. Operators were drawn from six organisations in the hospitality and gaming, town centre surveillance, academic, mining, and processing sectors in South Africa. Non-probability purposive sampling was used and participation in the research was voluntary. The setting for the task was a diamond processing plant. As no participants had worked in such a processing plant previously, no participants had an advantage in terms of situation awareness specific to the context of the video used in the study. Materials The task consisted of watching a 90-minute video and verbally reporting the detection of four target behaviours performed on objects that were too small to be observed on camera. The behaviours were, however, all visible and included picking up a small object, kicking the object to another location, flicking the object to another location with a broom, and swiveling the ankle with the intention of grinding the object into the underside of a boot in order to walk away with the object. The video consisted of a mixture of clips with target behaviours and others with no target behaviours. All clips were situated in diamond processing plants and represented realistic work activities, although some were real clips and others were simulations by professional actors in a diamond processing plant. The video was developed through two pilot studies aimed at selecting clips with a suitable range of difficulty levels, removing clips where high numbers of false alarms occurred, and ensuring that the thirty-minute phases were equivalent in terms of detection difficulty levels. For the purpose of analysis, the video was divided into thirty-minute phases, with each containing six target behaviours, and a total of eighteen target behaviours. Each phase included a mixture of target behaviours that were easy and difficult to detect. Procedure Instructions included explanations and demonstrations of the target behaviours and were followed by short practice sessions. For ethical and practical reasons, participants were told how long the video would last. Trained research assistants logged responses and their time of occurrence on a log sheet, recording hits, misses and false alarms. Periods of time when no responses were recorded and certain non-verbal behaviours were present, were interpreted as indicating task disengagement. This was based on Cheyne et al.‟s (2009) third state of task disengagement. The first two states of disengagement were not measured, and this is likely to have led to an underestimate of task disengagement. The behaviours included, for example, looking around the room, having a glazed expression, and eyes closing frequently but briefly. A short semi-structured interview was conducted after watching the video to identify participants‟ subjective experiences of the task, how they coped with it and their search strategy.
RESULTS The mean number of target behaviours detected was 8.99 (50%), with novices detecting 7.68 (42.67%) and operators 9.95 (55.28%) of target behaviours (Table 1). Specialists detected significantly more target behaviours than novices (t=-3.75, p
