Angle Up

Blog

Open Architecture in Aviation Security; three operational enablers

A central topic in the Aviation Security (AvSec) industry is the concept of Open Architecture (OA). It is expected to become an important direction for the landscape of equipment development in the near future. One of the bigger steps taken is the release of a position paper last year, on the challenges, opportunities and dynamics of OA initiated by Avinor and Heathrow Airport. The initiative gained support from different government bodies (US TSA, UK DFT), aviation authorities (ACI Europe) and various prestigious airport hubs around the world (e.g Schiphol Airport, Manchester Airport Group, Dubai Airports). But what is the concern of the current architecture and systems landscape, and what can the new standard bring?

OA can be viewed as a plug-and-play approach to airport security systems
— John Christian Paulshus, Avinor

In this blog, together with John Christian Paulshus (Enterprise Architect at Avinor and Chair of the ACI OA Technical Standardization work stream), we explore the operational challenges that Avinor as an airport group faces and the opportunities an OA systems standard could provide to address these challenges.


Open Architecture – an interoperable systems approach

Currently, most AvSec equipment and screening solutions are developed rather with a focus on integration to a selection of systems, in order to co-exist in a security operation. The efforts needed to integrate system components vary across different standards used for protocols and interfacing related to data-sharing, (cyber)security and data-formatting – also referred to as the Integrated Systems approach. With OA, the software or physical architecture of a system is developed using interfaces, communication and protocols that are publicly available, well documented and free to use – referred to as an Interoperable Systems approach. Following Avinor (TSI MAG, 2021) OA can be viewed as a plug-and-play approach to airport security systems.

The most important differences between Integrated Systems and Interoperable systems, ACI 2020.

A few important generic benefits of OA are: a next level in standardization and interoperability between systems and processes, an enhancement in the detection of evolving threats and enabling for innovative third party capabilities. For Avinor – responsible for 44 Norwegian state-owned airports – OA can bring significant opportunities in various directions. Together with John, we take a look at three of those, being:

  1. More efficient staff deployment;

  2. Increased (cyber)security levels;

  3. Increased equipment interoperability.


1. More efficient staff deployment

Screening capacity demand, both carry-on and hold baggage, varies during operational hours and generally additional staff is required during peak times. John explains the situation for Avinor: “We have airports in many places in Norway and our hypothesis is that we have staff performing the same functions at different locations. These people may be scheduled a bit unproductive due to a varying number of passengers, as they are being staffed for peak traffic and peak workloads.” He continues: “If an operational centre could operate several airports, or if people located at one airport could help performing work for other airports, it could save significant labour efforts.”

The complete coverage of Airports in Norway, including 5 privately owned airports. Source: Wikipedia, 2021.

An operational centre mentioned by John could in fact address several focus areas, such as maintenance, monitoring of systems and processes, but also image analysis of both cabin and hold baggage. When we specifically look at centralised image processing (CIP), operators would be able to analyse images independently from the capacity demand at one specific terminal or checkpoint, or even a complete airport. Avinor, who started a project regarding CIP, experienced challenges in the efforts needed to successfully deploy such a concept. John explains: “So far, our experience is that with more standardization in place, this would have been an easier task.”

With CIP, although networked from different locations, the challenge that can evolve is that different system configurations exist across airports. Even within one single airport there is often a “mixed-fleet” of security equipment. In relation to procurement strategy, Point FWD often sees multi-terminal airports that tend to never upgrade the whole airport to one new system. Based on the current systems approach, in order to have CIP operational for those instances combining different system setups, lots of efforts are expected to be spent on integration. In this case, OA could offer an opportunity to combine the operation of various systems in a CIP concept more effortlessly and seamlessly. Hence, more efficient staff deployment and a better balanced workload deployment becomes accessible for operating the 44 Norwegian airports.

As for maintenance opportunities, system errors could be diverted to the operational centre directly as the systems communicate seamlessly. This eliminates the need for manual and human interaction as most operators are not trained to perform such tasks. OA could furthermore enhance the implementation of condition based monitoring for AvSec technology components, enabling for a preventive maintenance program and providing accurate insights into maintenance and service cycles.


2. Increased (cyber)security levels

The introduction of advanced technologies in the security checkpoint, such as 3D imaging and algorithm detection capabilities, increase security levels by adding value in threat detection. One of the direct effects of these advanced technological components that strike us is the size and complexity of the data that is being produced during operation. Dealing with the new situation, Avinor advocates for a common OA standard leading to a higher standard for risk mitigation. John explains: “The threat situation is increasingly getting more complicated and the available data sets are getting larger and larger. This means that both Avinor and the vendors in the AvSec system industry need to improve on this front and protect the separate systems, as well as using and sharing data with parties outside their own systems. Historically, these systems have been hidden far away from open networks, so using and sharing data has been a challenge.”  

Security screening at the busiest Norwegian airport Oslo Airport, source: Avinor.

 Specifically looking at an increase of security detection level, by implementing OA and providing a shared approach to data-transfer, innovation in direction of threat detection can be a focus of a combined systems approach. John explains that this includes the introduction of risk-based threat assessment and advanced automated detection based on multiple sources of screening. Looking at such an interoperable system, data from multiple security and additional systems (like government databases) can be combined to perform a complete risk assessment. For example; different parts of a threat item can be divided over cabin baggage and on a person’s body. Independently these items may not form a threat, but can do so when combined.

At the moment, there are restrictions on using and storing data from security equipment due to regulatory limitations. We definitely see an opportunity in an approved standard to store and use this data, which could allow for continuous algorithm learning, even over different airports. This data can be valuable to OEMs to train and enhance their detection algorithms. OA can also be beneficial, as explained by Avinor, by use of a shared digital threat library. John explains further: “OA would allow to certify new threat libraries much faster than certifying a security system hardware and software.” In case of updated regulation, airports can update their systems faster and be compliant. The digital library itself can also be updated faster with more seamless integration as it can be done by multiple parties.


3. Increased equipment interoperability

One of the primary objectives of OA is the increase in interoperability between systems. This means that standard interfacing should exist between all system components, providing for a modular systems landscape. This would enable airports and security operators to combine any security equipment components out there, resulting in a so called “best-of-breed” solution to obtain highest business value.

Avinor explains that OA will bring them added value in terms of scalability of solutions: “Because the principle of OA is that new systems shall communicate and work with existing systems”. He adds: “Up until now, these systems have not talked to each other. When buying the system, we may have bought the capacity we thought we would need on a future date. With OA we can buy what we need without fearing that expansion would be difficult. The scalability feature is important for Avinor.” The COVID-19 pandemic confirmed the importance of operational flexibility to the entire aviation industry.

Security service at Norwegian airport Oslo Airport, source: Avinor.

‘Plug-and-play’ equipment allows choosing the optimal checkpoint for airports and airport operators. It is easier to experiment and set up trails of new technology before committing to a certain technology. It may enable more a seamless and cost-effective implementation of equipment, and airports are encouraged to upgrade parts of their security checkpoint in a step-by-step approach. This enables the implementation of add-on security systems, like alarm resolution equipment for shoes, which may not have been implemented otherwise due to technical complications or implementation costs. The modular aspect of OA also reinforces Point FWD’s ability to optimize airport security checkpoints even further.

A last opportunity resulting from the increased interoperability by introducing open standards is an increased accessibility to the AvSec industry for third party innovators. The AvSec industry of today may be perceived as highly challenging to enter, looking at the high standards in terms of integration between components and the utmost importance of partnerships with OEMs and Airports. We think that taking OA as a new approach for developing interoperable solutions may bridge the gap for innovators cross-industry, adding value to the experience for passengers worldwide.  


Ready for the change?

Point FWD is a specialist consultant in designing, planning and implementing technology change in security processes throughout the airport. Do you want to explore how to deal with OA challenges, to explore the opportunity for your development agenda or identify trial locations and projects for your technology? Get in contact soon.