V-SICMA

Awareness Raising & Competence Building of Public Transport Staff in

Countering Terrorism and Serious Crime by Creating Virtual Realities in Interactive, Serious, 3D-Gaming

©HOCHBAHN

©HOCHBAHN

The lessons learned in V-SICMA show, how social impact assessment (SIA) can contribute to a security-research project, not merely by identifying potential negative side-effects, but by opening up new insights and solutions, adjusting and focussing research targets and by doing so, fostering the applicability of research.

V-SICMA[1] is the name of a research-project, funded by the German Federal Ministry for Education and Research’s National Security Research Programme, in which a consortium of eight partners from social-science and humanities, industry, consultancy, law-enforcement as well as security organisations and public transport operators were developing demonstrators for awareness-raising and security-trainings of public-transport (PT) staff[2]. The V-SICMA demonstrators are simulations of relevant security (and safety) scenarios, which were delivered in two formats, addressing different target groups within PT-organisations: (1) interactive, three-dimensional computer-simulations for individual training of drivers and front-line personnel and (2) interactive board-game simulations for group learning, focussing on PT-staff working in operation-control centres.

Fine-tuning the target of the research-project and integrating organisational aspects

The original idea of the V-SICMA project was to cover prevention, detection and mitigation of security-threats to PT-systems with a focus on measures targeting human resources, i.e. training of staff. Since the consortium was comprised of members from different professional backgrounds, it was agreed to take a rather broad approach and look at classical training tools and organisational measures alike. It became clear in the early stages of designing the study that all measures developed to handle terrorist attacks involve a change in the organisational structure of PT.

Threat assessments forming the basis for security research and development projects often are not very well defined. Major attacks on critical infrastructures like PT are rare events and the database for the analysis is limited. Drawing conclusions for preventive measures from a few single cases is difficult. The problem is that evidence based standard solutions cannot be derived from these few cases.

What also became apparent soon was the open nature of the system under investigation. Therefore, any techno-centric approach aimed at prevention of a major attack was doomed to fail due to this open nature of PT-systems. The SIA experts spent considerable time with the stakeholders involved in the project to understand how the “system” operates on a daily basis. This produced evidence that led to a slight re-design of the original research plan. The focus shifted from “prevention” to detection and mitigation. Taking a systems approach and focusing on organisational procedures, we developed a model of cognitive division of labour. This model started from the assumption that a large distributed metropolitan public transport system is governed from a central hub (i.e. the Operational Control Centre/OCC). While the individual employees like station managers, drivers, security guards or maintenance workers are performing their assigned and clearly defined routine tasks with little discretion, decisions affecting the whole system and reaching beyond defined routines (like stopping a train at a station or ordering the clearing of a platform in case of emergency) are taken in the OCC. The members of the OCC take their decisions on the basis of the information they receive through different communication channels (intercom, video, sensors, mobile phones) from different sources such as field operatives, passengers, etc.

Regarding the security problem of a major terrorist attack, the control centre team has to integrate the incoming information to analyse and understand what is happening in the system and decide what kind of action is appropriate.

Furthermore, there is a considerable pressure on all staff in PT-systems to maintain smooth operation. This is particularly challenging since even minor disturbances can have major effects in tightly knit complex systems like a metro-system. Consequently, the threshold for any emergency action is rather high.

Against the background of this simple model we started to develop ideas how to improve the “receptivity” of the system and particularly how to improve the cognitive division of labour among all actors involved in optimising the complex decision process. In doing so, we focussed on technical and organisational dimensions alike.

SIA-ing the security problem and including the insights from bottom-up

What made this particular project V-SICMA successful from an SIA perspective was the integration of an SIA approach from the very beginning. This of course is always contingent upon the openness and responsiveness of the consortium. Integrating the field operatives, i.e. the end-users of any innovation or technology from the very beginning and taking their point of view serious was prerequisite. Often the view of ground-level personnel is considered as biased, limited and narrow. Instead, the experts’ opinion is given more weight. While it might be true that the field operatives do not present the problem in an elaborate technological vernacular, they can contribute important insights. What helped to better understand the security problem in such a bottom-up way was the very extensive empirical and ethnographic work at the beginning of the study. Observing the crews in the control centres over several shifts and having them explain the routines of their work created important insights into the logic and functioning of the overall system. Joining security and maintenance workers on their daily work rounds and talking to them about their problem solving strategies broadened the problem description considerably.

This ethnographic empirical micro approach changed the abstract problem description (threat and vulnerability assessment) in a substantial way. It helped to refocus the project from prevention to detection and appropriate reaction. The Ground level staff had developed their own theories about dangers and threats. They decided, based on their experience, which situations required special attention. They filtered incoming information and events to decide when urgent action was needed. But as could be shown, they had difficulties in identifying the signs of a major serious terrorist attack since they framed all events against the background of trivial and minor disturbances of routine activities and performance. Serious warning signs drowned in the noise of routine problems. Developing training measures to sensitize staff members in this regard became a main task of the project.

SIA as a performative attitude

SIA is a methodological and theoretical framework, but doing a good SIA requires a proper performative attitude to be successful. R&D projects often follow a rather crisp and narrow path of action, laid down in flow diagrams and governed by rigid timelines for deliverables. SIA is a productive irritation trying to keep the process of research open and responsive for new insights, ideas and criticism emerging in the course of work. Given the typical design of research in the security field, SIA often sides with those actors, whose voices are not easily heard in the research process. This however should not be understood as a partisan approach. As Zygmunt Bauman[3] has pointed out, social scientists should not entertain an attitude of the philosopher kings claiming a superior knowledge. Rather, their task is to translate between different epistemic or cultural communities. Often technology experts, administrators, field operative and legal experts talk past each other and SIA can help to improve mutual understanding and find common ground for shared definitions of tasks and problems. While this does not always create a consensus satisfying all participants, SIA can follow a strategy C.W. Mills once termed clinical sociology[4]. This means through acting more like mediators, the SIA experts can make hidden or implicit conflicts explicit and hence accessible for rational discussion.

Lessons learned in doing SIA in V-SICMA

Regarding our experience with research on terrorist attacks there are a few lessons to be learned. First of all, a close observation and analysis of daily routine work provided important information for the research and particularly for SIA. Since security work is local and includes cooperation, activities and involvement of many different actors at different levels, an ethnographic approach to “security work” is often a good path into the heart of the problem. On close inspection, it turns out very often that trivial organisational adaptations can have tremendous security relevant effects. In V-SICMA we discovered that a re-organisation of communication channels and strategies within the control centres substantially improve the ability to detect a potential major attack in the system. What we also found out was that “security” was understood very differently in the organisation. From the perspective of the management, security is a problem of accountability. For the ground level staff, increased security measures are often perceived as a nuisance, interfering with entrenched routines. The most important lesson to take home from a number of research projects on security in organisations is that a sustainable improvement of security measures always involves a more or less dramatic change in organisational cultures and routines. This is a key area for every SIA activity. Often “security” is like a one-hit-wonder. Triggered by a research initiative, the organisation and staff members put the topic for a short time high on the agenda only to return to old routines at the end of the research. Hence a follow-up and if possible a continuous support for organisational implementation of specific measures can help to improve the positive effects.

Conclusions

Public transport is a vulnerable critical infrastructure and security in PT is a relevant and complex problem with many dimensions: stakeholders, (vested) interests, threats and countermeasures. As these dimensions are plentiful and interrelated, SIA is particularly important with regard to security measures and research in PT. This includes identifying and highlighting threats and opportunities as well as positive and negative (side- or even side-side-) effects of potential safeguards. It can also open up completely different approaches for achieving comparable goals, e.g. by introducing service-staffinstead of security guards or technical equipment where appropriate.

The case study V-SICMA showed how SIA can explore the perception and acceptance of security-measures at all levels and in different functional areas within PT operations. Doing so required (in this case) drawing an organisation-ethnographical picture of security-awareness against multiple, partly competing business objectives and institutional frameworks. Paradox constellations were to be analysed regarding the organisational and individual perception and treatment of potential incidents with an extreme impact versus frequent incidents of minor severity – and their effect on staffs’ risk-awareness and the establishment of routines.

SIA in V-SICMA was a bottom-up approach, based on fieldwork for close observation and analysis of the daily routine work of PT-staff. SIA revealed that the re-organisation of communication channels and strategies within the OCCs of PT operations could substantially improve their coping abilities and support the “hardening” of so-called “soft-targets” like PT-systems. However, the sustainability of security-improvements in PT-systems requires successfully installing and constantly fostering a safety- and security culture.

In the V-SICMA project SIA contributed – among others – to open up new insights and solutions, and even adjust and focus research targets. Preconditions were the close collaboration of all partners from the very beginning and the openness and responsiveness of the members of the consortium.  Experiences gained in V-SICMA. Lessons learned and examples provided in the first part of the paper demonstrate the feasibility as well as the mutual benefits of integrating societal dimensions into security measures and research-projects.





[1] V-SICMA stands for „ V-SICMA: Sensibilisierungs-, Bewertungs- und Handlungstraining für Sicherheitsmaßnahmen in öffentlichen Verkehrsunternehmen, beispielhaft für kritische Infrastrukturen “, which translates into English: Awareness Raising & Competence Building of Public Transport Staff in Countering Terrorism and Serious Crime by Creating Virtual Realities in Interactive, Serious, 3D-Gaming; see: http://www.bmbf.de/de/22460.php

[2] The consortium consisted of three core-members: Hamburg-Consult GmbH (a public transport consultancy leading the consortium, conducting basic-research in the field and developing the 3D-board-game based simulation), Industrieanlagen-Betriebsgesellschaft mbH (IABG – the industry-partner developing the 3D-computer-based simulation), and Verein für sozialwissenschaftliche Forschung & Beratung (the social science and humanities partner, assigned with conducting the SIA); associated partners were the three German public transport operators Hamburger Hochbahn AG, Münchner Verkehrsgesellschaft mbH and Rhein-Neckar Verkehrs GmbH; Hamburger-Hochbahn Wache (the security-provider of Hamburger HOCHBAHN) as well as a law-enforcement entity were complementing partners. VDV-AG Security, the Security-working-group of the German umbrella-organisation of public transport operators closely collaborated with the V-SICMA project.

[3] Zygmunt Bauman, 1989, Legislators and Interpreters: On Modernity, Post-Modernity and Intellectuals. London, New York, Wiley

[4] C. Wright Mills, 1959 (2000), Sociological Imagination, Oxford, Oxford Univ. Press