Assessing the Security Threat

Oct. 21, 2009
One on one with TranSecure’s Art Kosatka on recent government initiatives

Art Kosatka formed the aviation security consultancy TranSecure in 2002, after having made the transition from working at the Federal Aviation Administration to the Transportation Security Administration. At FAA, he was at the Office of Civil Aviation Security Policy & Planning and was involved with the rewrite of FAR Part 107. As a consultant, Kosatka has been involved with some 30 airport projects, including red team work, the Airport Security Program, access control and CCTV designs, and serving as a project leader on the TSA Airport Access Control Pilot Project. He recently discussed the state of U.S. aviation security with AIRPORT BUSINESS; following are edited excerpts...

AIRPORT BUSINESS: How would you characterize the state of security today, in terms of making the system secure?

Kosatka: That obviously presumes there is a threat to be secure from. Consider the potential change in the color codes, which is presumably threat-based — even TSA seems uncertain about what they are going to do. Is there no more low or general risk? I did a little research and there was an FAA initiative as far back as 1995 where they looked at a similar rating system. But FAA never found enough value in that to implement it.

Is there a threat? Yeah, probably so. My mantra for years has been, I’d rather triple the budget for intelligence and catch them before they get to the airport. From a practical point of view, screening at the airport is the kind of thing that you cannot not do. There’s enough of a deterrent effect and a public good feeling to that. The question is what do you do; how much money do you spend on it?

AB: The latest TSA announcement concerns screening for powder explosives, following the mandate to screen liquids. Your thoughts?

Kosatka: We’re not going to see the liquid screening go away anytime soon. Now it’s screening for powder explosives. Remember the puffers; who knew that airports were dirty and dusty and would give you a 30 percent false alarm rate? So the puffers have been pulled out. There’s a lot of discussion on that whole powder thing; some say it will affect women disproportionately.

They don’t tell us what they’re screening for, and probably rightly so. What this all comes down to is the whole notion of specificity versus selectivity. I can give you a machine that’s going to detect ‘explosive X’ 100 percent of the time; no questions, no false alarms. However, when you say you’re going to screen for 37 different things, the specificity versus the selectivity comes into play. We really come down to a question of resources.

When TSA says something like, ‘I want a guard at that door,’ they don’t seem to understand that [there are costs and other considerations involved]. We did a study at ACI [Airports Council International]where a 24/7 guard at one door in a particular large city, at a reasonable salary, you’re looking at a little over $300,000 annually for a guard at a door.
TSA doesn’t seem to understand the impact of unfunded mandates, and they come by the bucketfull through the security directives (SDs).

AB: What is the bulk of work your company gets hired to do?

Kosatka: Generally, we’re more along the lines of the policy stuff. For example, I’m rewriting the security coordinator training program right now; just updating it because some airports have asked for some recurrent training.

Last year we did a study for TSA on foreign-registered general aviation coming into the U.S. And we do a lot of rewriting of airport security programs.

AB: What do those typically encompass? What is it they need?

Kosatka: It usually starts out with physical upgrades; installing CCTV; replacing access control systems. That’s where it starts, but what we almost always find is it starts to change a lot of things. You get into how the SDs are affected by the new changes in the access control system. You’re changing boundaries so you have to change the maps and the appendicies.
It’s updating the ASP [airport security plan] to be current with the regulations but also to be politically palatable to the FSD [federal security director] because he’s got to sign off on it.

AB: How concerned should we be with perimeter security around airports?

Kosatka: In one of my training courses I use Dulles airport as an example. There are 16 published instrument approaches to Dulles Airport. The point is, anybody with a Honda and a sunroof can sit out way away from the perimeter and wait for the airplanes to come.

Is it a concern? Yes. Is it a threat? I don’t know; nobody’s ever shot one down in the U.S. that I’m aware of.

Are there other concerns? Yes, in some cases. One airport has a common fence with a military facility; one problem is drunk military personnel jumping the fence.

The regulations are entirely flexible. One thing that people don’t realize is there’s nothing in the security regulations that requires you have to have a fence; all the regulation says is, you will protect your perimeter. When you’re at a little seasonal airport up in Alaska, the only thing you need a fence for is to keep the moose out.

What works at JFK isn’t going to work at Jackson Hole; there are too many differences.

AB: What do you think of TSA’s proposed Large Aircraft Security Program, which is now being reconsidered in light of industry’s negative reaction?

Kosatka: As a pilot, I hate it. As a consultant, I love it. It would require GA airports to have airport security programs. As a pilot I don’t think it’s worth very much. The original NPRM had over 8,000 comments, most of them negative. A normal NPRM gets a couple of hundred if you’re lucky.

Is there a threat from GA? First you have to define GA. You’re talking about the King of Saudi Arabia’s 747 and John Travolta’s 707.

An interesting thing in trying to get the data for the foreign registry GA study, the CBP [U.S. Customs and Border Protection] wouldn’t give the information to TSA. We ended up using FAA enroute data. There’s a lot of lack of cooperation among the responsible agencies.

AB: What would you recommend as a GA pilot?

Kosatka: What we have heard is that the supplementary proposal will probably focus much more on aircraft and very little on airports, which makes some degree of sense.

AB: Then there’s the issue of rescreening bags that connect through U.S. airports from Canada. Should we be concerned about the Canadian level of screening?

Kosatka: It upsets the Canadians that we the U.S. deem their screening system to not be very effective; it’s the same thing with a lot of the European stuff too, which is why so many European airports have a separate screening process for the U.S.-bound flights. I’m not sure what the precise objection is to the Canadian criteria. As I would suggest in a lot of things, it’s more of a political problem.

Do I believe the Canadian system is a vulnerability that we can’t stand? No, c’mon.

AB: What are your thoughts on the 100 percent cargo screening directive?

Kosatka: A client asked me if this applies to foreign freight coming into this country. They have specifically excluded U.S. aircraft operators and foreign air carriers when they load cargo outside the U.S. and transport it into the U.S., as well as U.S. or foreign all-cargo operations. If it were to be pushed onto the foreign carriers and by extension onto foreign manufacturers, that added cost in effect becomes an import tax on all airborne goods, and all commercial and political hell would break loose.