Lifting Off with Advanced Security Technology

Airport workers, security personnel, and law enforcement officers are all charged with detecting intrusions to an airport’s most sensitive areas. Thus, they represent a critical component of security operations.

Human resources alone, however, cannot provide the pervasive detection capabilities needed to counter the precipitous rise in terrorism that threatens the commercial air transportation industry. It is impractical — if not impossible — to deploy enough security personnel for ubiquitous airport coverage. Other employees have different primary responsibilities and can focus only so much of their attention on security issues.
In response, agencies such as the San Diego County Regional Airport Authority are designing comprehensive security systems that use advanced network and digital surveillance technologies — in the hopes of transitioning to far more automated and effective security operations. Such systems would enable the sharing of relevant security event information — both real-time and historical — among appropriate personnel at the airport and in affiliated government agencies. They would do so by extending human resource detection capabilities with technologically smart devices that connect to communications networks and operations centers.

Video Evolution
Digital Video Surveillance forms the foundation of a complex technology puzzle that, when enhanced with advanced software applications, helps fill human detection gaps. Surveillance cameras have traditionally been installed at sensitive security locations, where they have recorded and archived incidents primarily for the purpose of identifying intruders after breaches occur. Even as airports have moved from analog to digital video technology, most applications still center on reviewing stored video after incidents occur. Moving video surveillance from a reactive to a proactive activity, though, greatly improves the protection of passengers, aircraft and airport property.

The Transportation Security Administration’s “49 Code of Federal Regulations – Part 1542 — Airport Security” requires that airport operators: “prevent and detect the unauthorized entry, presence and movement of individuals and ground vehicles into and within security controlled areas.”
To that end, San Diego International Airport is working toward integrating existing security systems with IP cameras, intelligent sensors, radar systems, specialized video analytics applications, command-and-control software, and network connectivity to immediately detect potential threats.
The airport’s objective is to thwart security breaches while improving situational awareness in several interior and exterior high-risk locations. Taken together, awareness in these locations provides security personnel with a holistic awareness of the overall airport domain — thus facilitating a dynamic security operation centered on detection, event correlation, alerts, alarms and resolution.

While IP cameras and networked video are not new, advances in information technology and IT standards now make it more practical to connect surveillance cameras to an organization’s communications and data network. These same IT standards also enable the airport to optimize network bandwidth and storage resources, along with interoperability between video and other security applications, and they make the video content accessible to authorized network-connected devices, such as user terminals in the airport’s security operations center (SOC).

Optimizing Bandwidth and Storage
Selecting the appropriate camera technology for a given IT environment is critical, because the ripple effect of video on systemwide bandwidth and storage can potentially affect IT performance. Image size, compression algorithm, image quality, frame speed and image resolution should match the needs of each particular application. Airports might not use the same camera to monitor both a terminal lobby and a busy employee-access location. In some cases MPEG-4 is appropriate, while in other cases, MJPEG or H.264 might better support the specific application. Other considerations are lighting conditions, the necessity of an audio feed, interior vs. exterior positioning, embedded analytics for motion detection, and the need for a given camera to pan, tilt and zoom. Video can be normal, thermal, infrared or representations from radar subsystems. Standard interfaces and communication protocols allow all these variations to coexist on the IP network.

Managing bandwidth intelligently means routing and storing video according to each application and network location. Single cameras can produce multiple video streams with different characteristics. Additionally, in software, video signals can be cloned many times and re-characterized for different uses. High-frame-rate video is sometimes needed, while low-frame-rate video suffices in other situations. In the event of a security breach, the system needs to intelligently boost frame rates and automatically send video to appropriate locations and devices based on network policies.

Integration with Access Control Systems
One important security objective at the San Diego International Airport involves monitoring employee movement through doors that provide direct access to baggage-handling areas, ramps and aircraft. As complacency sets in, sometimes personnel do not properly close doors leading to these areas, allowing others to tailgate behind them and gain unfettered entry. Technology providers have developed video analytics to detect such activity; however, the San Diego airport currently is limited to surveillance cameras at these locations to monitor and record an individual’s movement for forensic replay.

The goal is to prevent this behavior altogether — and by integrating airport-centric video analytics into its redesigned video surveillance system, the San Diego International Airport has tested powerful discrete algorithms that allow airport operations security personnel to detect such situations. The airport has worked with a video analytics software company in a beta initiative to identify detection criteria for the four different security conditions within the airport’s terminal environment. It has identified two additional security situations for external detection: perimeter vehicle access gates and terminal roadways. As suppliers continue to refine the detection capabilities of video analytics for airports, airport managers are hopeful that these special software applications will identify anomalies such as vehicle and human tailgating, objects left behind, loitering, and most important, vehicle-borne improvised explosive devices.
In the San Diego International Airport beta test, streaming video from IP-enabled surveillance cameras installed in the terminals, baggage claim areas, gates and outside perimeter was relayed to a Linux-based Cisco Video Surveillance Media Server and Storage System. The Cisco software and hardware collects, distributes and archives the video and integrates it with third-party video analytics programs.

Once anomalous events are detected, the integrated system triggers a notification to the airport’s SOC — a command-and-control center that oversees and monitors security activities and operations throughout the airport. Security personnel can view the event in progress via the SOC’s sophisticated graphical user interface (GUI), which blends access control and video surveillance data. Officials can then assess the situation and take appropriate action to resolve it. In some instances, security personnel might contact the dispatch center of the airport’s law enforcement provider to send police officers to certain locations. As the airport’s new security system evolves, one of the objectives is to send digital data to mobile handheld devices in the field.

Video Analytics Component
By combining IP cameras with video analytics software — which filters and correlates events — the network adds intelligent, automated “eyes and ears” to an airport’s technological security tool chest. Containing sophisticated algorithms that detect anomalies in dynamic environments such as airports, video analytics has come of age recently after years of experimentation and refinement. The software “digests” the streaming video it receives, analyzes it according to special algorithms, and then responds based on the security policies programmed into the network architecture.

However, one size does not fit all when it comes to video analytics. A given organization might require one or more video analytics systems, each doing something separate and specific. The Cisco video network architecture supports a number of video analytics systems on a common infrastructure.
Contemporary video surveillance design concepts dictate that some of the analytics operate at the edge of the network, in contrast to a more basic server approach. For example, some real-time events can be filtered to prevent collecting and storing unneeded video. Conversely, other analytics components, such as extracting colors and shapes, are performed in the network core on specialized servers.

An event-correlation engine is also needed to analyze events and to prevent the same event from being reported from multiple network-edge devices or data sensors. For example, a person approaching a perimeter fence might be detected both by radar and a surveillance camera. The correlation engine merges the data results from two or more video analytics programs, analyzes them, and then forwards a single data point to the SOC.
The network is the unified platform on which any number of security mechanisms — including sensors, radar, video and thermal imaging — can be integrated and delivered to the SOC via the integrated GUI. The networked setup and GUI eliminate the disparate “stovepipe” systems created by access control, video surveillance and perimeter intrusion detection systems in place today, thus enabling security personnel to instead establish and maintain overall airport domain awareness.

Basic Architecture
To ensure robust system capabilities surveillance media servers sit at the core of the architecture. Supporting multiple compression algorithms, it collects and routes video from a wide range of third-party cameras and video encoders over the IP network, while tagging events and recording video for review and archival purposes. Further, it supports thousands of simultaneous video feeds and hundreds of concurrent viewers, while sharing data with other security and IT applications. Media servers can be added incrementally, enabling the airport to scale the system to support virtually unlimited instances and manage upstream networks to deliver video to the SOC, mobile devices or TSA personnel thousands of miles away.

Collecting video is only half the problem. Knowing where to store it, for how long, and how many copies to store are also elements of the equation. While storage density has improved and per-gigabyte storage costs continue to drop, increasing numbers of cameras and higher-resolution images tend to offset those advances. Even with H.264 compression, storage requirements continue to accelerate and can represent the major cost component of a system. The key is to design and implement an intelligent storage scheme and use off-the-shelf storage rather than proprietary digital video recorders (DVRs) or network video recorders (NVRs).

Next Steps
For its part, the San Diego International Airport is in the conceptual phase of planning and architecting its next-generation security system and network. It is seeking best-of-class products at the edge and in the core, made interoperable by an IP network and a common application-programming interface (API) such as Extensible Markup Language (XML). With the video analytics beta tests concluded, the airport now needs to determine the size required for its servers and what type of backbone network would be most appropriate.

Ultimately, the airport would like to install a set of video analytics servers, each with unique purposes and capabilities. Content from these servers would be processed through an event correlation engine to identify and merge relevant data. This function is critical to eliminating unnecessary data collection and storage. The data would then be presented to security personnel who could use it to initiate timely actions and decisions.

By combining IP cameras and network-centric digital video management with video analytics software across a network, San Diego International Airport hopes to significantly improve its ability to detect intrusions, unauthorized entries and potential threats to civil aviation. In doing so, it will shift detection reliance from humans to technology, an innovative approach in airport security. Immediately and automatically detecting security anomalies and relaying critical, time-sensitive information and data to law enforcement and security personnel are vital initiatives in the mission to secure our nation’s airports and air transportation system.

Mark Denari is director of aviation security and public safety at the San Diego County Regional Airport Authority, where he directs, manages and administrates the airport’s security and emergency/crisis preparedness programs. He also ensures that the airport complies with federally regulated standards. Dr. Dennis Charlebois is director of product marketing in the Cisco physical security business unit.