HomeAviation InsecurityEducationAtlas University
No items found.
Aviation Insecurity

Aviation Insecurity

10 Mins
June 23, 2010

TNI Spring 2010 --  Editor’s Note: Aviation security was in the headlines again last Christmas, with the attempted bombing of Northwest Flight 253 by the so-called "Underwear Bomber." In reaction to the incident, the Transportation Security Administration is rushing to deploy 450 whole-body imaging machines to airports nationwide. That number will rise to 1,800 by 2014. According to the GAO, staffing these machines will cost several billion dollars. A number of aviation security experts are wary of the move however.

"I can overcome the body scanners with enough explosives to bring down a Boeing 747," says Rafi Sela, former chief of security for the Israel Airport Authority (L.A. Times).Nearly ten years and tens of billions of dollars after 9/11, just what is the state of aviation security today? To find out, we sat down with Charles G. Slepian, founder and head of the Foreseeable Risk Analysis Center in New York City. The center works to develop homeland security protocols. Slepian is an in-demand resource on aviation security for federal and state government, private corporations, and media.

The New Individualist: Since 9/11, we’ve spent billions of dollars in an effort to make commercial air travel safe or at least safer than it was before that terrible day. Are we any safer?

“It’s virtually impossible now to commandeer an airplane and fly it into a building.”

Slepian:  You asked “Are we any safer?” I have to ask you, safer from what? If we are talking about a repeat of the 9/11 incident, I think we are safer. That’s because cockpit doors have been reinforced, so it’s virtually impossible now for a hijacker to commandeer an airliner and fly it into a building. But I can’t give you a guarantee that our commercial pilots will never be co-opted by our enemies.

TNI:  What is the main terrorist threat facing aviation today?

Slepian:  Explosives being placed on board an airplane and detonated while the plane is in flight. I think this has always been the biggest threat, going back for over two decades. And we haven’t come up with a good answer as to how to stop that from happening.

TNI:  On the big picture level then, Charles, what is the biggest error in TSA’s approach?

Slepian:  Generally, it’s their lack of focus which is a result of them being basically a reactive rather than proactive organization. Before they finish with one problem; they’re redirected to another problem.


TNI:  Is that reactiveness driven, in part, by whatever related threats the media, especially cable and broadcast TV, happen to be focusing on?

"Another terrorist attack is coming and probably sooner rather than later."

Slepian:  I think that’s a big part of it. I suppose another way to describe that, Sherrie, would be to say that their answers are very often political answers. Remember that we’re dealing with a high profile government agency. Whenever there is a suspected attack on aviation they look for a political response. That political response generally is to do something to appease the populace and make us feel safe. They will come forward with a concept which they think will lessen our fear about flying and perhaps boost our confidence in their ability to protect us. So they lose their focus because they’re giving us a political response.

TNI:  Now, Charles, I know that you’ve been deeply engaged with high-ranking politicians in terms of giving them critical information and recommendations on aviation security, but you’ve also witnessed a sort of political obstructionism that happens. Without naming names, describe the type of political obstruction that prevents the adoption of better security policies.

Slepian:  Certainly, party politics is part of it. When there is a potentially devastating terrorist act that occurs against an airliner, we tend to see that one side of the aisle in Congress launches an attack on the other side of the aisle, claiming that the latter didn’t do enough to prevent the attack. I’ve seen that happen in the Clinton administration. I’ve seen it happen in the Bush administration. Now I’m seeing it happen in the Obama administration.

Secondly, members of Congress themselves are after all representing a constituency. In some instances, the key constituents are those who are manufacturing related security products that are sold to the government. These constituents will push for our continued sale of those products even when those products are known to fail.

"One Congressman who complained about the TSA was warned to quiet down.”

And thirdly, elected representatives are often pressured to act in certain ways. One member of Congress, who was not happy with the way TSA worked, was warned that if he didn’t quiet down, the runway extension needed by his constituents in their community would not happen. And he had to make a decision, to do what was in the best interests or business interests of his community or follow his conscience and do what may be in the best interest of the flying public. And he voted with his community. I don’t blame him for that, but I do blame the pressure that was brought bear that forced him to make that kind of a decision.

TNI:  And these types of decisions are probably repeated many times over, I would imagine.

Slepian:  Oh, I’m sure that they are.


TNI:  Let’s take a look at the most visible layer of aviation security, the passenger and the bag screening. We have three main elements: the people—the screeners themselves—the process, and the technology. Starting with the screeners: You were instrumental in advancing a common sense solution for manning airports with competent, skilled screeners. Tell us about this pilot project proposal.

A proposal to deploy retired law enforcement and military as passenger screeners was rejected.

Slepian:  This was an effort, beginning in 2002, to employ retired military and law enforcement personnel as screeners, on a test basis, at Kennedy Airport in New York. These were individuals who were trained in the relevant areas; they had specific training in bomb detection, profiling, interviewing, in investigations, and they had foreign language abilities. I might add that they had already been trained with public taxpayer money. So you could say that “we” trained them.

They were experienced. Vetted. Almost the entire New York State delegation was for having this. But the decision that was ultimately made wasn’t a security decision; it was again a political decision. This pilot program was rejected in favor of a program coming out of San Francisco which treated screening as a jobs program. More often than not, such decisions have very little to do with security and a lot to do with other issues.

TNI: So what’s your assessment of the quality of screeners the TSA is hiring currently?

Slepian:  I think the quality has changed somewhat. I think the TSA has probably now learned to look for individuals who are better vetted and who perform better on testing.

But I recently had a conversation with an individual in a ranking position at TSA who said to me, “You know, when we hire a screener, we never go back and recheck them and retest them after they’re on the employment roll.” So I can’t really tell you, when we look at the force out there, just how good they are or how able they are to do the job. I also can’t tell you about their temperament which may have been good when they were hired and is not so good today.

In terms of hiring new personnel today, the job pool is probably pretty good right now, although it differs in different regions of the country. The standard isn’t uniform either, and that’s a problem.

But finally I have to say, given what the passenger screening task is, I’m beginning to think it doesn’t make much of a difference. If a screener lets a pen knife go through it probably wouldn’t put us at greater risk simply because the cockpit doors are hardened, so there isn’t much you can do to terrorize the airplane.

TNI:  Now let’s take a look at the technology used in airports to screen passengers and their bags. The CTX machines continue to be widely in use.

CTX machines confuse items with like densities such as peanut butter and Semtex.

Slepian:  Since 1989 we’ve seen the CTX machines in airports. These are machines, about the size of a minivan, into which they put all of our checked baggage. Repeatedly, year after year on tests, the machines failed to identify threats to aviation. It does not detect false bombs that are placed deliberately by government agencies testing the system. It does not discriminate between items which are harmful and those that are harmless, because like all MRI machines do, it detects densities of objects, not their chemical composition. So it confuses items with like densities, such as peanut butter, chocolate, and Semtex.

It’s an old problem. It’s a problem that really has not been improved very much over the years. Yet we keep on buying it because there’s a lot of pressure on members of Congress to continue to see to it that the constituents make these large sales.

TNI:  And it’s not just the CTX machines that yield disappointing results, correct?

Slepian:  Yes, it’s not just that piece of equipment. We are currently buying the new body scan equipment. We know that the body scan equipment has problems. As recently as March 1 there was once again, from a reputable source, a complaint that the body scan machine was not reliable.

TNI:  This renewed talk of widely deploying the backscatter X-ray machine [body scan machine] came in the wake of the “underpants bomber.” What’s your assessment of responding to this incident by pushing a roll out of these whole body image machines?

Slepian:  I’ve been looking at this since 2005 when we first came out with this notion of a backscatter or full body scanner machine. First of all, if you believe someone has concealed something on their person, but the machine can’t identify specifically what they have concealed in their undergarments or under the outer layer of their clothes, I question the validity of this approach.

“Are you going to require that people remove their underwear?”

Charles Slepian to TSA official

The underpants bomber had sewn into his underwear, PETN, the explosive powder. If you looked at his underpants through a backscatter or full body image scanner, you would certainly see that there was a shaded area which looked different from the rest of what he was wearing at the time. But the machine wouldn’t tell you what that shaded area represented, and to me that raises a number of questions.

A lot of people have various things affixed to their body and worn in their underwear—for medical or personal hygienic reasons—which would give you the same kind of a shaded impression. Colostomy bags and sanitary napkins are two examples.

So I raised the question to TSA personnel: “If you see those things [shaded regions], then what? What are you going to do? Are you going to require that every time you see that, that the individual be taken aside and asked to remove their underwear?” And I get a very, very pained expression and the answer is not “Yes” and not “No”; it’s “Well, we’ll have to see about that.”

In short, what they’re saying is there are certain things that as a civilized society we still are not ready to do it, and that is one of them. I’m grateful for that.



TNI:  That leads into my next question about research and development. The GAO has come out with some very critical reports on the TSA’s R&D programs. For example, the TSA deployed the ETP [Explosive Trace Portal] machines, without first conducting operational tests on them. And so the GAO’s conclusion was that the TSA lacks assurance that their investments are actually contributing to the highest security concerns. So what should they be spending their R&D money on? It sounds like you’ve got some ideas there.

Slepian:  Well, if their focus was directed on the chief threat—explosives—then R&D could be conducted on equipment which shows promise of effectively identifying that threat. So let’s get back to the “puffer” (ETP) machine. You know, the “puffer” machine identifies a threat by emitting a blast of air at a passenger passing through a portal, blowing some elements or traceable material from the surface of their skin or clothing. Then the air is sampled and will the machine will tell you if there is any explosive present.

"R&D should be focused on the chief threat—explosives."

Well, if the individual in fact was previously handling explosives, detection by the “puffer” would require a couple of things. First of all, the suspect who packed the bomb would have to have left some of the explosive material on his hands which would now be on the outer portion of his clothing. I think that in this day and age that is almost ludicrous. Most terrorist organizations at this stage of the game at least know enough to wear gloves. But beyond that, the air in airports is so contaminated by various particles floating around that the “puffer” machine obviously could not work. A single scientist could have told the TSA that from the get go, saving wasted R&D money.

So again, focus. What you’re looking for is not sediment on the outer garment; you’re looking for the explosive itself. So what would you do with R&D?

You know that there was a company in existence a while ago called HiEnergy. And HiEnergy developed a product which they claimed would give you the chemical composition of what was inside a container even if the container which was clad with one-inch steel. Their technology, based on “tagged fast neutron activation analysis,” was able to penetrate the steel and display the exact chemical formula of what was inside, indicating whether it was an explosive or not. Well, TSA did test that piece of equipment and their objection to it was it didn’t examine a large enough space in a sufficiently swift period of time. It took too long.

An R&D directive focused on this, starting back in 2005 when we were talking about backscatter machines, I am sure by 2010 would have given us a piece of equipment suitable for airports.

TNI:  I believe HiEnergy received some modest R&D money from other government agencies which also deployed some of their equipment, although on a small scale.

Slepian:  Yes, the Department of Defense was one agency which bought HiEnergy equipment. They used it in Hummers in Iraq to find IEDs buried in the ground. So they knew that the equipment worked but the IED is a small explosive device and so the equipment worked quickly enough for that application.

If we had applied R&D to accelerating this identification process that HiEnergy pioneered, by now, we would now have a technology in airports which would tell you whether there was an explosive present or not without having to penetrate clothing and getting into all the issues that we raised a little bit earlier. So that would be smart R&D because it’s focused. We have a particular problem, we have a solution, now let’s make it work better.

TNI:  Other companies and research groups are working on variations of this neutron-based detection. HiEnergy used fast neutrons, others are creating hybrids with neutron-based detection coupled with x-ray, some are using laser, but the point is that they can get to a device and tell you exactly what it is. It’s a world away from the CTX concept, isn't it?

“Most of what government does is to convince the public that we have a good security system in our airports. It’s hogwash.”

Slepian:  Well, you know, anything that you have to identify by sight is not reliable because things can be reasonably disguised to look like other things. And if something gives you a lot of false positives like CTX does, after a while, you stop examining the type of object which raised suspicion in the first place because you’re told over and over again that it isn’t a bomb, it’s a Hershey bar, or jar of jam, or peanut butter, and so on. So now when you see a bomb you think it’s a Hershey bar and you just don’t bother to open the bag and take it out and examine it. Which is why the GAO and inspectors general at Transportation regularly put bombs without detonators into the system to test the system. And the system always fails because our screeners don’t identify the test objects.

TNI:  Right. It reminds me what Steve Elson used to say about CTX: that it can’t tell a bomb from a bowel movement.

Slepian:  Okay. Now, since you raised Steve Elson: I stay in touch with Steve Elson and Steve was one of those guys who used to actually run those tests. He was part of the Red Teams for the FAA for a number of years. And Steve Elson knows what he’s talking about. Some people don’t subscribe to what he says because of the manner in which he says it, but he’s generally right.

TNI:  It seems the predecessors of the CTX machines in airports were made originally for medical uses by a company that had a tiny market share and was losing cash fast. A strategic redirection led them to develop and repurpose the machines for baggage and parcel screening. So they got some political power behind it, and here we are with them in every airport, practically.

Slepian:  Well, let me say this. Right after the bombing of Pan Am 103 in 1988, it was mandated that all of the airports in America start to bring in the CTX machine. In many cases, they were not even unpacked. They were not used. They broke down a lot. They were not reliable and so on. So that was 1988.

In 2001, after the event of 9/11, the head of the FAA was interviewed and she said that on 9/11, the FAA had 18 of those machines that they could not give to any airport in America; nobody would want to take them because of all the problems that they had. Nevertheless, that’s our mainstay today, 2010.

TNI:  That’s amazing.

Slepian:  Yes it is.


TNI:  We’ve been talking about the most visible layer of security, but about perimeter security and access? A GAO report from last September refers to incidents of airport workers using access privileges to smuggle weapons onto planes. The report states that these incidents have created a heightened concern.

“The perimeter is highly vulnerable.”

Slepian:  Well, the incidents have. There have been instances where they have found weapons on board planes. There was even the instance of a college student who was planting box cutters in lavatories on airliners and then notifying the TSA that those things were there. Obviously, he didn’t tell them who he was. He told them that he put them on the plane and that they were there and they’ve never been discovered. And it was true, and he was saying, “Well, with all of our security, how could that possibly happen?” Just as a side note, he was eventually identified and prosecuted and convicted of committing a crime. Now, in my view he should have been given a medal because he brought to everybody’s attention that our screening system wasn’t working. But we decided to punish the messenger.

TNI:  You’d also think that the true state of commercial aviation security is something that American citizens have a right to know as opposed to the other approach where the TSA tries to classify so many of the results of their own tests.

Slepian:  The perimeter is highly vulnerable and continues to be. Remember, this is the area that requires that each person attempting to enter, be identified and have their backgrounds checked and wear an identification card that shows that they are authorized to be there.

You have vehicles entering the roadways, getting on to the ramps of airports and coming through back gates without being checked simply because they are service vehicles that may have been called on one occasion to the airport to fix, say, a broken pipe; now it’s assumed that every time they come in the usual checks don’t have to be made. They’re not searched for explosives and very often the passengers themselves are not searched. And so that’s one avenue of breaching security—through deliveries.

Another way is via workers. In many airports in America, the workers don’t go through the terminal, they go under the terminal. And even in those where they do go through a screening process, it’s not the same screening process that a passenger goes through. They come up to a screener who looks at their ID card and says, “Okay, yes, you are who you say you are, I’m going to let you in.” But that does not preclude that he’s carrying an explosive device in his pants or has some other weaponry. And so we’re doing things in airports which are contradictions in terms. You can’t talk about high security in the airport and have almost no security on the ramp of the airport.

Just recently, we had an incident reported in media of a guy who managed to get on to the ramp of the airport, go up to an airplane and crawl into the wheel well. He was flown from JFK airport to Tokyo where they removed his dead body. But he wasn’t the first one to do that. The incident just points up the fact that it’s far too easy for somebody to get on to that ramp of the airport and get into the plane.

There was a report in Boston right after 9/11 of a finding of a box cutter on board the plane and nobody seemed to understand where it came from. Well, it was a probably a worker who was carrying a box cutter, legitimately, to do some work on board the plane and left it there—perhaps it dropped out of his pocket. It raises a question of whether tools that can double as weapons are tracked when taken aboard a plane for legitimate repair work. Are such items registered at the time they are taken on board the plane and later checked to make sure they were removed from the plane? At that time such a system didn’t exist and I think today probably still does not exist.

And so, I could go on for hours telling you the various ways on which you can take a prohibited a item on board an airplane and we don’t do very much about it because most of what we do, again, is to convince the public—it’s hogwash—convince the public that we have a good security system in our airports when in fact we don’t.

TNI:  What are some commonsense fixes for securing the perimeter of an airport?

Slepian:  Many airports around the world have perimeters which are cluttered with debris and foliage—the perfect cover for a person armed with a shoulder-held missile. Clear the perimeter of the airport. Build in a space where you just can’t get that close to the fence. That’s number one.

Number two, let’s put in motion detectors around the perimeters of our airports so that if there’s something going on out there, you can at least turn a camera and light on, and/or send a patrol out there investigate. We don’t even do that now.

In Tel Aviv, when a car is headed for the terminal, they identify and examine that vehicle before it reaches the terminal. In the United States, of course, you know that for a while that you couldn’t actually drive an automobile right up to the terminal for fear that you might have an explosive. Well, that precaution has gone away as so many others and now you can drive up to the front door of the terminal once again.

But the point is we don’t have a plan at all. You need to know what’s coming into the airport. You need to reconsider how we park automobiles in the airport. We need to start our screening further back than what we do now perhaps even before passengers get to the ticket counter because you can kill an awful lot of people in an airport right at the ticket counter on any busy day. So if we are going to focus on airports, let’s start our screening over further back. Again, you’re going to need the right equipment and the right personnel to do that. So in general, I would say when it comes to perimeter screening in the United States, we have none.


TNI:  Okay. Tell us a bit about Section 108 in that original TSA Bill. What is Section 108?

Slepian:  Well, Section 108 talks about a variety of ways to test the efficiency of our screening and one of the things that it points to is the possibility that private sector screening might be better than public sector screening. And there was a provision in the law that said, right at the outset, as soon as we set up federal screening in our airports that we set aside five airports of the five different size categories to offer implement screening run by private companies. The private screening would be overseen by the federal government. They would have to meet the same standards, at least minimum standards of a publicly screened airport but they would be allowed some latitude in the kind of screening they put in place. The hiring practices would be their own as long as the individuals met, once again, the minimum requirements of citizenship and so on. And that was designed to give us a framework of comparison.

Well, it didn’t really work out as intended because not only did the governments oversee what the private firms did, they limited their flexibility and so their programs wound up pretty much identical to the federal screening programs and therefore offered no helpful comparison. There was no control.

“Unfortunately, a reversion to screening by private companies has not happened in America.”

But more importantly, Section 108 stated that after three years, any airport in United States could apply for private screening in the airport. They could bring in a private company which, once again, would have to meet government standards but that private company would come in with a different management approach, perhaps a different personnel policy, different scheduling policies, greater training if they wanted to. It would be competitive. They would be hired by the airport but they would still have to conform to oversight by TSA. And sadly, a reversion to private screening has not happened in America. We are still using the same kind of TSA approach to securing our airports.

Now, in some instances, switching to private screening was not done because the local airports felt that if they brought in a private company, they might be liable should there be a terrorist act. But there is a quick fix and it can be right in the legislation that they are no more liable than the government is. It still would require that if you met all of the standards and you didn’t commit an act of negligence then the mere fact that you didn’t prevent a terrorist act would not hold you liable for damages in a court of law. We could fix that. We could have fixed that and in fact we have fixed that for manufacture of products that are used—anti-terrorism products. The fact that the terrorism product did not prevent the terrorist act still does not allow you to sue the company provided that the product had been approved by the government in the first place as an anti-terrorism product. So that’s a fix that could be put in place.

But we have again this notion of jobs and not security. The federal agency doesn’t want to give up those federal jobs so there is no motivating factor out there to bring private security into our airports.  [See sidebar: " An Act of Political Deception ."]


Will terrorists continue to focus on attacking our aircraft? And if so, what do you think the likely scenario will be?

Slepian:  Well, first let me say that I don’t think that the fact that terrorists focus on airlines precludes their focusing on other things as well. I think their target of choice is aviation and I think that if you’re talking about a sophisticated group—Al-Qaeda, Hamas—something like that, they could go after airliners in my opinion because they are sophisticated enough to know how to penetrate the system and perhaps to commit several terrorist attacks at once on airliners and maybe as many as 10 or 15 almost simultaneously in different parts of the country. I think they could do that and I think they will.

“A sophisticated terrorist group—Al-Qaeda, Hamas—could attack as many as 10-15 airliners simultaneously in the U.S.”

Now as for attacks by lone wolves, sleeper cells, sleeper agents, those who are not daily directed by a terrorist organization, well, that could be anything. That could be a school, that could be a bus, that could be a train station, because it doesn’t take the same degree of sophistication. And so I think we’re probably going to be subjected to both. This is fanaticism. It could be on an army base as we just saw. We had an individual, an Army officer, a psychiatrist who had given repeated evidences that he was unhappy with the United States, that he was more and more drawn to the Islamic culture over and over and over again, but we did nothing about it until one day he just walked on to the Army base at Fort Hood and took out a gun and started killing people.

Just recently there was a report out of Fort Jackson in South Carolina that seven troops were being investigated because it was suspected that they were attempting to poison the food supply on the Army base and these were all Arabic translators who were members of the U.S. Army who were doing that.

But when it comes to major organizations, I think their focus will continue to be on the airliners. You can deliver your message not only to a particular nation but the citizens of many nations when you attack an airliner. And if you place your bomb on an airplane that leaves from London and explodes over Brooklyn, New York, you’ve now gotten two nations involved that you’ve attacked directly. And so because of the nature of air travel and the spread of it and because we know when it comes to aviation, we tend to shut down the entire system when there is an attack in the air, you’ve also cripple the economy of the particular country or maybe countries that you’re talking about. So for those reasons, the ability to spread it to many nations, citizens of many nations, to affect the economies of many nations, I think it’s going to be aviation. And I think it’s coming again and probably sooner rather than later.

Related sidebar: " An Act of Political Deception ."

About the author:
Regulation and Taxation