SubscribeTerms such as domain awareness, situational awareness, common operating picture (COP), common relevant operating picture (CROP) and user defined operating picture (UDOP) have been thrown about for many years.
Many of these terms, developed by the U.S. Department of Defense (DoD) to describe military systems, are now frequently used in the context of security operations. Yet in many cases, even within the Department of Defense, there remains wide latitude for specific interpretation of these terms. In many non-DoD documents and specifications, some of the terms are used nearly interchangeably and with little common understanding between the users, operations management and industry. Clearly a common lexicon is needed for the security industry to engage in meaningful discussion for needs, requirements, and solutions. This paper proposes a definition for domain awareness and explores its relationship to the COP and situational awareness.
Prior to discussing concepts for domain awareness and situational awareness, it is important to note that some latitude in definitions is important. It is challenging to rigidly define these concepts as, by their very nature, they are dependent to some degree on the actual domains and range of situations possible in those domains. It is hard to define for every condition, but users know domain awareness when they see it. Successful systems must be tailored for the domain, users and available infrastructure.
An excellent definition for domain awareness related to the maritime world is provided by the U. S Coast Guard in guidance to the Coast Guard Auxiliary. The Coast Guard, in the document Maritime Domain Awareness and the Auxiliary (Dec. 2004) defines domain awareness as, "the effective understanding of anything associated with the global maritime environment that could impact the security, safety, economy or environment of the United States." Building on this definition we can define airport domain awareness as the effective understanding of anything associated with the "global" airport environment that could impact the security, safety, economy or environment of the airport, its local community or the United States.
For Airport Domain Awareness, the word "global" is in quotations because the airport, though local, is linked with global security. Typically, maritime threats are global in origin, but are likely to have local impact. Air threats however are nearly the opposite, the threat appears locally, but may have global reach as demonstrated by 9/11. For this reason, an airport's domain includes the airport facility itself, the local community, and the nation as well.
The definition of Airport Domain Awareness is very broad. It does not include a specification or even an inclusion of words like display, sensor, systems or resources. However, the definition addresses effective understanding and the breadth of that understanding. It is not a single component, tool, facility, or even system. From a system perspective, it is the set of tools to assist users in obtaining and maintaining effective awareness by providing relevant information across the enterprise and areas of responsibility to accomplish the user's mission.
Domain awareness requires both a process and an infrastructure. The importance of the process cannot be overstated. It is not possible buy a Domain Awareness tool or COP off of the shelf because it is essential for the systems to be configured and built upon the unique processes of an organization.
Borrowing again from the U.S. Coast Guard's domain awareness document, the process includes first, collecting domain data, information, and intelligence, then collating, correlating, analyzing, and interpreting the collected material. The next step is to provide effective assessment, actionable intelligence, and relevant knowledge. Finally, it is necessary to disseminate actionable intelligence to relevant stakeholders. For it to be truly actionable, intelligence must be placed in the hands of people who need it.
This process tends to move from raw data, to information and then to knowledge. Today, our technology is excellent at gathering data, much weaker at converting data to information, and very weak at turning information into actionable knowledge. We still need some human intervention at the information stage and considerable human involvement in turning it all into useable, actionable knowledge. Systems that simply collect more data without assisting the operators in the latter phases of this process tend to overload users with reams of data. Collecting data without putting the data into a useable context will often degrade overall performance and domain awareness.
Other realities of the domain awareness process must also be considered. For example, most airports have several vertical structures that must communicate to provide domain awareness. However, often due to business processes or other reasons, these groups resist exchanging information even manually, let alone electronically. Systems may be able to physically connect and obtain the information, but if policies prevent the proactive distribution and employment of this information, domain awareness will suffer. There will not be much "common" in the Common Operating Picture if agencies and departments will not share data and information.
In addition to establishing a process, the second component of domain awareness is infrastructure, including information systems. As previously referenced, using information systems to simply collect more data and present it to the operators is not a viable solution for large scale systems. The systems must help the operators establish context, meaning, information and patterns in the data. Even relatively unsophisticated tools may be more useful then complex, hard to interpret output from extremely sophisticated algorithms. Today, humans must be able to assess information, maintain domain awareness, make decisions and continuously evaluate results primarily using only two senses, visual and audible. The infrastructure must support enhancing the presentation of this data in a relevant form to these senses. The infrastructure must also distribute this information, knowledge and intelligence to users.
It is important to note that data, information and knowledge are not interchangeable terms. One viewpoint is that data can be assembled into information to obtain knowledge about a particular area or domain. Data are individual components collected from systems including sensors, GIS, external reports, or video. Information is the aggregation of this data in a meaningful, useful pattern to help understand the context of what is happening in the domain environment.
The presentation of all of this data, information and knowledge to users is the responsibility of the COP. Two essential facets of the COP are to provide collated data and information and to provide this data in appropriate context. Humans have two strongly developed methods of understanding and assessing information. The first is temporal; we want to know "when." We have a well-developed sense of time and we place events in the context of when they happen and in chronological sequence. The individual order and sequence of complex events is central to our understanding of patterns and outcomes. The second is spatial; we want to know "where." We place objects spatially in the world, either locally or globally, and understand complex relationships and interactions very quickly with spatial context. A good COP must strengthen the temporal and spatial context provided to the users in order to tap our innate talents to assess and process this information. Similarly, in response planning and execution both temporal (how fast and when) and spatial (where and how far) context for events and resources greatly assists and enhances decision makers. A list of assets and events is a critical requirement for security operations, but it is difficult to interpret unless we show it in a temporally queued, geospatial environment.
A COP is not a magic esoteric concept or display. It is simply the most accurate presentation of all source data with meaningful contextual displays and audio and visual interfaces. The COP must allow for drill down, aggregation, tailoring, and distribution. It is not a specific kind of display or a single interface. It must combine spatial, temporal, graphical, and textual elements. At the same time, a single set of eyes can only focus on so much physical area of a display. Widely dispersed, disorganized displays can lead to confusion and incorrect correlations. Since relationships and the relative importance of information changes in relation to the situation, a COP must be flexible in adapting to how information is displayed as the situation changes or evolves. A COP must present information in an understandable format. The best systems anticipate presentation requirements to provide data in the format most appropriate to the user.
A COP provides a view that is common to both the problem or incident and the domain. Airports, local government, and national government all have different domains. The larger, national domain must be able to fuse the sub-domains, without information overload, yet with the ability to drill down for more detailed information. Data must flow up but it must also come back down with information from the larger domain. This is why the COPs interfaces should be flexible and adaptable, which is enhanced by using open systems and standards-based interfaces.
Situational awareness is not the same as domain awareness; it is a subset of it. The term likely originated in the defense aviation community, but has particular applicability to security operations. While domain awareness and the COP gather, collect and display information relevant to many aspects of the domain, situational awareness tends to be much more focused on near term, relevant information tailored to the particular user. It is, as the name suggests, dependent on the situation as well as the roles and responsibilities of the users at the time.
True situational awareness must be tailored and appropriate to the situation, the ability of users to assess the information and the technology appropriate for the user. First responders and emergency operations centers (EOCs) both require situational awareness, but they have different requirements. First responders need to know about their local event, where incidents and threats are, who is supporting them, where to respond, and if possible, a focused view of nearby or related incidents that may be correlated to their immediate situation. On the other hand, EOCs, need to understand the situation throughout their area of responsibility. During a major incident EOCs must also focus on managing consequences, external resources, long term potential impact, and potential for impact outside the local area. While both sets of users need situational awareness, the characteristics and details of both are significantly different. The COP must enhance knowledge of relevant information used to analyze a current or evolving situation.
Considerable progress has been made toward achieving domain awareness, but we are still far from providing information vice data and complete domain awareness. Twenty years ago, our focus was on collecting and viewing individual data in separate systems, whether CCTV, GIS, radar, or voice. Ten years ago, the focus turned to common displays with integrated device controllers and video displays. Today, the issues are integrated response, pattern recognition and CROPs or UDOPs. Improved displays, data aggregation and presentation, sophisticated GIS systems, rule based control and other technologies have greatly improved the operator's ability to assimilate and understand information. A new area, driven by gaming and spatial engines, is also evolving to employ modeling and simulation in improving domain awareness. These exciting technologies are becoming increasingly practical and relevant, but are beyond the scope of this paper.
Intergraph's recent security-related projects incorporate many of these technologies into an integrated framework. The suite of security technologies uses standards-based practices to interface with external systems, high reliability and high availability databases for storage and processing, and integrated geospatial tools to provide both spatial and temporal context. These capabilities exist today and are being deployed at national agencies, as well as transportation system critical infrastructure nodes. We look forward to continuing development of these systems alongside our customers and partners to protect this great nation's citizens.
John Halsema is the chief security architect, Homeland Security/Force Protection Solutions at Intergraph Corporation. This paper was presented at the 1st Annual Advanced Technologies for Airport Security Conference,
February 2007