Open architecture: a new vision for airport security

16 October 2020 (Last Updated December 13th, 2020 12:29)

Airport operators, regulators and government departments from around the world have come together to promote open-architecture airport security in a joint whitepaper. What does open architecture mean in the context of airport security, and how can it be achieved without jeopardising passenger safety or sensitive data?

Open architecture: a new vision for airport security
One of the more tantalising opportunities presented by open architecture is a quicker ability to switch between different detection algorithms for X-ray scanners and other imaging systems. Credit: Getty Images

In software and technology, there’s a big difference between ‘open’ and ‘closed’. The most important dividing line is in interoperability; software designed with open architecture features interfaces, communication and protocols that are publicly available, documented and free to use, which makes it simpler to make upgrades and add new components.

Closed architecture, meanwhile, restricts access to key configuration and programming information, making the system less flexible because of its lack of interoperability with other systems, while arguably enabling a more secure and controlled system environment because of the lack of interface between different pieces of software.

The debate over the relative merits and drawbacks of open and closed software architecture has been ongoing for decades, and mainly brought to popular attention from the early days of personal computing in the 1980s, with open-architecture PCs from the likes of IBM and Amiga contrasting against the increasingly closed architecture of Apple’s home electronics.

Why is open architecture a conversation worth having in the global aviation industry, and why now? Many industries have been working to create more open software systems to clear the path towards new commercial and operational opportunities – open architecture allows for easier connectivity with new software and add-on systems, potentially spurring innovation and collaboration due to the lower barrier of entry.

This is a discussion that the international airport business has been having, particularly in regards to its complex and data-heavy security systems.

“When security systems are interoperable, or ‘talk to each other’, this enables and eases integration of the latest updates – for example, new algorithms,” wrote Smiths Detection global aviation director Richard Thompson in a blog for Airports Council International’s (ACI) Airport World. “This flexibility also improves agility to deploy new operational requirements, for example, improving the functionality and efficiency of a security checkpoint. When faced with new requirements, airport customers can upgrade with their existing supplier, but open architecture can add more choice in this process.”

Security tech: open architecture picks up steam

A large section of the global airport sector brought together its thoughts and recommendations on open-architecture security systems in July, when a whitepaper entitled ‘Open Architecture for Airport Security Systems’ was published.

The document was initiated by Norwegian state-owned airport operator Avinor in partnership with Heathrow Airport, and it has received contributions and endorsements from across the sector, including airport operators such as Swedavia, Amsterdam Schiphol, Groupe ADP, Changi Airport and Dubai Airports.

The paper has also been endorsed by industry group ACI Europe, as well as regulators and government bodies, including the US Transportation Security Administration (TSA), the UK’s Department for Transport and Civil Aviation Authority, the German Federal Police and the Canadian Air Transport Security Authority.

The report lays out the rationale for the industry’s transition towards open-architecture airport security systems, as well as offering guidance on how best to implement this change in an ever-shifting threat environment.

“Key to our success is the shared ability to collaborate across the public, private and academic sectors,” reads the paper’s foreword, which was signed by TSA administrator David Pekoske, Heathrow Airport CEO John Holland-Kaye and ACI Europe director general Olivier Jankovec. “It is through these partnerships that we bring the best technologies and brightest minds together and rise to the collective challenge of outmatching a dynamic threat.”

Interoperability over integration

The wider implementation of open architecture in airport security is primarily intended to facilitate a much greater level of data-sharing among and between organisations, as well as “adding, replacing and updating modules without unreasonable difficulties”.

Among the key advantages touted by the paper are opening up the market to new suppliers to provide a wider choice for operators, faster responses to emerging threats and technological advances, creating operational and procurement efficiencies, and improving cooperation between airport operators and regulators.

Through-life system integration costs could be cut through standardisation and a shift away from expensive custom-built systems, the report added. In fact, the authors expect the growth in security software interoperability to be such that the concept of integration may recede entirely.

“An interoperable approach offers the ability to connect and configure multiple, possibly disparate, components without the need for integration,” the report found. “A clear objective for the industry is to move away from proprietary end-to-end systems integration, and instead favour interoperability across interfaces and system boundaries.”

Algorithms and data-sharing

One of the more tantalising opportunities presented by open architecture is a quicker ability to switch between different detection algorithms for X-ray scanners and other imaging systems, whether they are packaged by the original equipment manufacturer (OEM) or added later by a third party. Dynamic switch of algorithms – rather than manual selection by the user, which sometimes requires a system restart – allows for simultaneous or sequential detection of multiple items of interest, from explosives and drugs to currency and wildlife.

“For example, the X-ray machine must be capable of running a third-party weapons detection algorithm concurrently with the OEM explosive detection algorithm,” the paper noted. “The combined result then being sent to the automatic tray retrieval system (ATRS) for tray diversion as required.”

The guidance also sets as a requirement for open architecture that all OEMs and third-parties use an Open Platform Software Library (OPSL) to provide inputs and outputs to their algorithms as a “wrapper”, so that any OPSL-wrapped algorithm can communicate with any other algorithm or software component packaged in the same way.

Clearly, data-sharing between security systems and organisations is a vital foundation on which this kind of algorithmic collaboration rests, and the report sets out the key requirements for airport security systems to share “image data, data for condition-based monitoring, telemetry, analytics and the storage of data over configurable time periods (for forensics, predictive maintenance etc)”.

This would require a defined interface and data model that supports standardised, non-proprietary formats, as well as application programming interfaces (APIs) that are based on Open Systems Interconnect model protocol layers and support communication between the application software, the platform and the outside world. The guidelines even recommend implementing a universal clock in an interoperable system to assist with synchronising data from different sources, particularly in high-volume image processing environments.

Data ownership and cybersecurity

But as with any conversation that revolves around greater levels of data-sharing and openness between organisations, the twin concerns of cybersecurity and data privacy rear their heads.

“Data ownership must be addressed,” the guidelines note. “Is the data collected by security systems owned by the airport, control authorities or some other organisation? It should not under any circumstances be owned by the vendor(s), i.e. the customer (airport operator or regulator) should own the data.”

The document acknowledges that further discussions between airport operators, regulators and equipment suppliers will be needed before a consensus on data ownership, governance and sharing frameworks can be reached. The authors also highlight data-gathering challenges that will require further discussion, such as the protection of intellectual property, ensuring the quality and relevance of data while anonymising it wherever possible, and the increased threat of cyberattacks as shared datasets grow larger.

Wider use could be made of Geneva Airport’s Information Security and Data Privacy (ISDP) concept, which could help stakeholders “to identify threats related to a given information system, propose measures likely to mitigate risks associated with those threats and evaluate residual risks”.

As for cybersecurity, the paper commits to a long-term goal of conforming with the ‘Zero Trust’ model of IT security, which requires stringent identity verification for all users and devices attempting to access resources on a private network, whether they’re inside or outside the network perimeter.

Airport cybersecurity standards vary widely but are often spread across multiple systems, with no single overarching point of reference. This is something that could be remedied by open architecture. As such, ACI Europe and its members held a series of workshops to come up with 18 cybersecurity requirements that will serve as a baseline for operators and vendors looking to deliver open architecture. All of these requirements have been published by the TSA, other than the open architecture document’s incident response requirement.

The requirements are spread across four areas, the first being securing the system, with measures covering audit and accountability, configuration management and information integrity, among others. Secondly, system access cyber requirements stipulate multi-level access control measures that know the difference between regular users with restricted access and ‘super-user’ accounts, while password controls should be switched out in favour of “more secure multifactor technologies” whenever possible.

Securing airport security hardware is the third area, which sets standards for the physical protection of security equipment and potential access points, and the final area is securing the network, which has a lattice of requirements spanning from data encryption to a culture of ‘cybersecurity by design’ among all certified suppliers.