Bridging the Security Gap

Intelligence since 2001 has dramatically changed the threat landscape for iconic bridges. Specific threats to bridges in New York and California have been uncovered by law enforcement. Suspected terrorists have been arrested with video footage of critical structural elements and information on cutting devices that could be used to attack bridge supporting cables.

A successful attack against a historically significant bridge would certainly result in loss of life, structural damage and significant immediate effects on the economy. The paralyzing impact of public fear coupled with the ongoing financial impacts from a prolonged disruption of commerce is almost incalculable. This is especially true if the restoration and reopening of the damaged structure takes an extended period of time, which would be the case for iconic structures.

The transportation community has always prepared for the impact of natural disaster; however, designing for and addressing these potentials do not adequately deal with the new challenges presented by a potential terrorist attack. Much research has been conducted to mitigate the effect of flooding, earthquakes and wind events on bridges. Many of the world’s elite structural engineers have spent thousands of hours contemplating and calculating the best ways to physically protect bridges of all types and sizes. What has not been documented to date is the role security technology plays in the deterrence, detection and assessment of attacks against these historical structures.

Physical Limitations of Historical Bridge Designs

Maintaining standoff distances to critical structural components and physical hardening of these structures are two obviously important elements considered by today’s bridge engineers. However, many iconic bridges were built long before today’s threat realities, stringent design standards and traffic planning requirements. Some of these bridges are more than a century old and the fact that they remain standing and able to convey vehicles of any kind is an engineering marvel. As a result, implementing some of the desired physical protective measures on these sensitive structures can be difficult or unfeasible.

In some cases, the sheer weight of proposed physical hardening measures is prohibitive from a structural perspective. In other cases, critical aesthetically significant components are located literally inches from active pedestrian walkways or vehicle roadways. Permanently closing lanes solely for the purpose of improving standoff distance is not a viable solution for heavily traveled thoroughfares. Designers therefore must take advantage of today’s security technology advances to bridge the gap between physical enhancement limitations and modern protective requirements.

Technology’s Emerging Role

Three important themes define technology’s emerging role in a comprehensive bridge security program. First, match the technology you deploy to the physical assessment and enhancements so that every piece of equipment supports the overall protection goals. Second, ensure that the technologies you choose will perform as necessary in the worst-case environment. Finally, ensure that technologies are symbiotic as opposed to cumulative in presenting responders with valid actionable information at all times.

Theme 1 — Match Technology to Real vs. Perceived Need: Logic tells us that detection should be moved to the furthest possible point away from critical assets to give responders a greater chance of successful intervention in the event of an adversarial attack. Unfortunately, the public has historically always had proximate access to bridge-critical assets by design. Therefore, even the most advanced and discriminating detection technologies cannot provide enough time or notice of undesired events necessary to prevent a successful attack against these assets.

It is crucial that engineers resist the temptation to implement the highest technology solutions where they are not appropriate based on perceived need vs. real need. Whenever the net effectiveness of expanded detection zones around a bridge asset are suspect or costs associated with the specific application are prohibitive, then other technology and physical measures should be considered. For example, in areas where one technology may not be suitable, do not forget about other technologies that might work together to accomplish the same goal.

Combining different traditional detection technologies with video analytics through programming or a software management platform can help overcome the limitations that any one of these technologies might have on their own. Remember that some important benefits security technology can offer include pre-incident intelligence gathering and after-incident mitigation. Alerts associated with repeated suspicious activities by the same person or vehicle can focus law enforcement on prevention. Advanced information analysis of post-event activities can help direct authorities to suspects sooner and potentially prevent future attacks.

How terrorists may attempt to attack an iconic bridge cannot be predicted with certainty; therefore, it is appropriate to rely on layers of security technology rather than on any single device.

Theme 2 — Validate, Validate, Validate: Wireless video systems are all the rage and offer great appeal where the cost and impact of wired infrastructure are significant — like that of a historical bridge structure. Network IP megapixel cameras can provide excellent video, but bandwidth limitations may cap the number of cameras, their resolution, refresh rate or a variation of all these functions. How much bandwidth needed for effective video can vary even between models of the same manufacturer.

Video analytics is becoming a more mature technology and can do fancy things under controlled conditions. Many manufacturers are moving analytics functions toward the camera edge, relieving the network of the associated usage. Specialty video cameras offer the ability to monitor through any weather condition with megapixel clarity and deliver broadcast-quality detail.

The best way to address these design issues is to repeatedly field test these systems in the deployed environment. Major metropolitan iconic bridges offer some of the most challenging and varying field conditions faced by designers. These structures function as living entities in perpetual motion subject to the best and worst Mother Nature has to offer, depending on the time of year. Careful planning, repeated proof testing during the design of these systems and thorough systems commissioning during implementation are critical to validate that the systems and devices will perform as expected.

Theme 3 — Responsibility to Stakeholders (the whole must be greater then the sum of its parts): Advanced technology deployment is a significant responsibility that affects a great number of stakeholders indefinitely. How many of us hear a car alarm in a parking lot and do not pay any attention to it? We have grown so accustomed to these frequent technology failures that most of us don’t even bother to look. Studies of security system operators have shown that response to repeated nuisance alarms will compound and deteriorate significantly over time and increase the likelihood that these systems will be intentionally disabled or patently ignored.

Individual technologies like advanced presence detection, high-end specialty cameras and video analytics all offer excellent potential benefits to the security program; however, the primary importance of any security technology deployment still centers on the fact that responders must be presented with valid actionable information at all times. Every high-technology system has an anticipated percentage of “false” (invalid alarms) or “nuisance” alarms (undesired valid alarms). Multiple systems and hundreds of individual devices deployed in challenging environments amplify the undesired event likelihood significantly.

The greater the capabilities possessed by the high-tech solutions, the greater the possibility these technologies (either individually or in concert) will generate unwanted alarms. Increasing integration between systems (alarm triggers video and audio for example) amplify the unwanted results even further.

Interdepartmental input during design and involvement in the equipment evaluation and testing is essential. This buy-in process among stakeholders frequently uncovers unknown operational interdependencies that can cripple even the most promising and proficient security technology.

The importance of coordinating potential technology applications among various bridge stakeholder entities cannot be overstated. Everyone needs to clearly understand what each technology is capable of, what it is designed to do and how it is integrated with other systems and why. One important rule of thumb when designing systems with multiple technologies: “The usability and effectiveness of each individual system should become better with the integration of each additional subsystem.”

More and more sophisticated technologies require specialized training and use of proprietary graphical interfaces to achieve the full benefit of these products. For more advanced systems, it is necessary to delve further into what specific integration capabilities these systems possess and how to best take advantage of the synergies. For many manufacturers, executing non-disclosure agreements may be necessary to gain access to the detailed integration schemes, command sets and code linkages. Only after reviewing this advanced information can designers fully understand what these systems are capable of from an integration standpoint and how best to accomplish the desired synergy.

Deploying too much of the wrong technology or technologies that do not work well together can place additional unnecessary risk on protectors of critical assets. It is incumbent on every security technology stakeholder to remain fully aware that advanced technology deployment is a significant responsibility that affects a great number of stakeholders indefinitely.

Lessons Learned

Know what you don’t know. Believe what you see, not what you hear or read.

Bandwidth calculators and storage estimators are nice tools for concept discussions but there is no substitute for real-world field testing and commissioning of equipment and systems. Do not rely on confirming e-mails or letters from manufacturers on what their systems are capable of or what they are willing to do to make their system work with others. Do not limit your thinking to current conditions, but rather anticipate what the future may bring. Complement your systems to operational and physical measures and predict the impact your systems will have on others.

No matter how much advanced technology is deployed and how well it works, ultimately it is the people who are the difference between an effective technology application and one that creates more problems than it solves.

James R. Black, CPP, PSP, CSC, CET, serves as senior security consultant for TRC Solutions’ Irvine, Calif., office. Over the past 15 years, Mr. Black has assessed threats and designed security systems for the nation’s critical infrastructures. He holds numerous security licenses and regularly writes and lectures about current and emerging security technologies. He can be reached at jblack@trcsolutions.com.

Loading