Real words or buzzwords?: Situational Awareness
Originally, situational awareness tools were used to “connect the dots” when there were too many dots for an individual person to evaluate, or when the values of those dots were changing so quickly that the situation they represented couldn’t be interpreted quickly or accurately enough by human efforts alone.
Effective response is critical for many situations to prevent disastrous consequences. Nuclear reactor control systems, air traffic control systems, and jet fighter pilot displays are examples where situational awareness research and development work was focused initially, as discussed in earlier articles in this series.
Today, we live and work in a new information age frontier, with many artificial intelligence and big data tools emerging and being applied to great benefit in many areas of business. As I mentioned in a previous article, many of those efforts are aimed at providing situational awareness capabilities for fields of operation that are far beyond anything that has been done in the past.
This is possible because computing, electronic communications and data storage capabilities have been on an exponential growth curve for over five decades, to the point where what can be done with them both astonishes and overwhelms the human mind.
What will we do with these technologies in the physical security industry? If we do our jobs right, we will use such technology to provide operational support for incident, emergency, crisis and disaster recovery situations.
Organizational Resilience and Situational Awareness
Situational awareness is important for organizational resilience. Last year ASIS released an update to its resilience standards, combining and replacing two standards into a single standard, ANSI/ASIS ORM.1-2017 titled: Security and Resilience in Organizations and Their Supply Chains. Regarding situational awareness, the standard makes these statements, which are edited for inclusion in the bullet item list below, and come from pages xi and xii in the document’s Introduction section:
- Resilience in organizations is similar to resilience in people in that it is not a trait but rather a perspective of living with risk.
- Resilient organizations promote situational awareness and monitoring, with an emphasis on identifying indicators of change.
- Based on its risk assessment, the organization should consider layered controls which, among other things, promote organizational risk awareness and situational awareness.
Thus, we can see that for organizations, the scope of situational awareness is much larger than what we have considered before in the security industry. Part of that scope includes supporting coordinated response actions in incident, emergency, crisis and disaster recovery situations.
Risk Event Orders of Magnitude
In a brilliant paper published for download by TRUSYS, John B. Gargett, a retired organizational resilience (OR) consultant, introduced a methodology for managing organizational resilience, in support of emerging OR standards. The methodology is called R-SEC. The “R” stands for Risk. and the remaining letters “S”, “E” and “C” each represent levels of risk within an organization’s impact continuum. The “S” risks are those that are the most common and occur on a nearly daily basis. These daily incidents are almost always Safety and Security related. The “E” risks, Emergencies, occur less frequently, perhaps only once a year, but do result in moderate to significant impact. The “C” risks, Crises, occur with even less frequency but result in significant to catastrophic impact.
R-SEC views awareness of risks, threats and the potential for harm an enterprise faces as the responsibility of every individual with a stake in the enterprise, because it is their ability to respond to the results of organizational stress and impacts based upon their organizational responsibilities. Operational Excellence is achieved within R-SEC when the individuals, Teams, Techniques, Technologies, and Training, are working together in networked environments, preventing, preparing, responding, recovering and mitigating disruptive events in a continuous improvement cycle that is part of the business management process of the organization. Organizational Resilience can be achieved by using R-SEC as the management methodology.
Two very important aspects of the R-SEC approach are: (1) its recognition of the S-E-C levels of an organization’s risk impact continuum, which is an extremely helpful perspective for gauging the order of magnitude of response preparations, and (2) its focus on utilizing Teams, Techniques, Technologies and Training, which – in today’s organizations – occur in highly networked environments.
The R-SEC perspective provides a valuable context for designing and evaluating the use of situational awareness tools. I know this requires a bit of “thinking things through,” but if we don’t start thinking more widely and deeply about these things, our industry won’t be living up to the needs of its end-user customers.
Situational Awareness and Time
Most security and safety incident responses are handled routinely on a near daily basis, and these are the situations that most electronic security systems of today were intended to address, but don’t always fully live up to the task. From the Part 2 article in this series, I am repeating below the links to two charts that illustrate the difference between partial and full situational awareness.
For a hypothetical but realistic trespasser scenario, Chart 1 – the partial awareness chart – presents two scenarios likely to happen with the current capabilities of most security systems, depending upon the experience of the security officer on duty. Chart 2 presents a much better scenario of how events could unfold, given a security system providing full situational awareness. Take a few minutes to read these charts closely. (Note that C5SA stands for “Command, Control, Computing, Communications, Collaboration and Situational Awareness” – the capabilities that our security systems need to provide.)
The security system capabilities depicted in Chart 2 are all achievable using today’s technologies – but they require a level of systems integration that most currently-deployed security products don’t make easy.
True situational awareness increases the effectiveness of and reduces the time required for incident response. Most security system designs are not based upon response scenarios that take the time factor into account throughout the entirety of the response period needed. There is much more to security system design than product selection. Good design involves understanding the operating needs and designing an integration of systems, including information systems, that will maximize the situational awareness capabilities of the people using the system for monitoring and response.
We are now entering the era of smart buildings and facilities. We must design integrated security systems that are much smarter than those we have designed in the past.
And we need to do more than deal with security and safety incident response only. We must use technology to strongly support the individuals and teams that respond to emergency and crisis events, and that includes the management of their ongoing response efforts for responses that require days or weeks of well-informed and well-coordinated response actions.
Questions as Response Unfolds
For example, what if you are responsible for evacuating a manufacturing plant because of a chemical spill inside the plant? Where are the visitors? Where are the people in wheelchairs or who otherwise may need assistance to evacuate? Where are the executives and VIPs? What are the safe areas to be used?
Indoor locating systems can provide the real-time location status for all personnel, but how can mangers and supervisors and personnel with special evacuation support duties be provided with location information that relates only to the specific personnel whose safety they are responsible for? This requires integration with security, HR, emergency response planning, systems, and facility environmental systems to provide real-time information about the tiered risk zones in the building. For example:
- High– deadly exposure
- Medium– exposure is time critical and must be managed
- Low– safe to breathe even though there may be strange odors or unusual temperatures
- Safe– no exposure danger or unusual environmental conditions
If you don’t have automated emergency systems that are specifically set up to support situational awareness and response in this kind of scenario, the concept of such risk zones becomes useless, as the situation can change more quickly than responders and evacuees can be informed of area status.
What is needed is an application that depicts such zones graphically on facility floor maps and keep them updated in real time, automatically pushing the maps out to the mobile devices of responders and evacuees including an icon to indicate their current location. This requires, for this example, a rules-based engine with analytics to process the chemical exposure levels in real time, using a database that contains exposure risk information.
Exposure time is critical information and should be tracked on a per-individual basis.
Role-Based Response Support
An application providing situational awareness would provide information about the unfolding incident to responding individuals according to their roles and responsibilities. Where are the appropriate chemical eye wash and body wash locations? As bottles of eye wash are used, do enough remain at each eye wash station? Should breathing masks or other air-purifying respiratory protective devices be distributed or rushed to any portion of the evacuating personnel? How and where should such contaminated equipment be disposed of? Are any of the safe areas for evacuating personnel nearing capacity?
A system supporting situational awareness should automatically answer these and a myriad of other questions, and keep presenting updated information to responders within the context of the current facility risk situation and the objectives of the emergency response plan being followed.
This hypothetical internal facility chemical spill incident provides only a small peek at the real-time information requirements of responders, and what “situational awareness” means in terms of roles and responsibilities, including real-time resource management.
Post-Incident Situational Awareness Data
Applications providing situational awareness for unfolding events and situations should record situation change points, decision points, and action points with the related response plan items as context, to provide reviewable and auditable data. This aspect of data management is critical for after-action evaluations and reports, and for all uses to which the incident data will be put in the future, including as a guide for realistic response exercises, and for strategy and policy evaluation. Additional situational awareness information can be highly useful after response actions are completed.
For example, some years ago a large global corporation experienced several facility fire events whose consequences were unacceptable. A close study of all facility fire evacuation incidents revealed that there were no negative impacts of consequence for those incidents whose facility fire wardens arrived in the facility’s main lobby to meet firefighters within four minutes or less of the fire alarm evacuation.
Following the evaluation, the company established a policy and practice that facility fire wardens were to arrive in the lobby no later than four minutes after the fire alarm activation. As a result of putting that into practice, in the following decade, no facility fire events had negative impacts of consequence – even those with similar fire and people dynamics to the earlier troubling events. This is an example of obtaining situational awareness after the fact and using that knowledge to improve future operations and results.
However, in a smart building era, a similar corporate situation could unfold differently. After the first fire incident with significant negative impact, the smart building’s own analysis would reveal and report that this was the first facility fire response in which the fire warden arrived later than four minutes to the main lobby. Further human data analysis could verify that the firefighting effort and evacuation dynamics would have been better if certain key response actions had taken place just a few minutes earlier, starting with the earlier lobby arrival of the fire warden. Response plans and building information systems would be updated as a result, and the self-learning building systems would achieve a deeper level of insight into building fire response and evacuation management, as would the internal and external fire responders. It would not require a history of negative fire impacts to learn about the incident dynamics involved.