Agency View

Agency View

FAA’s Kosatka says better guidance, new technology are on the way

By John F. Infanger

January 2002

SAN DIEGO — During the recent annual meeting of the Airport Consultants Council here, AIRPORT BUSINESS sat with Art Kosatka, FAA civil aviation security specialist, to get his and the agency’s perspective on the security challenges facing airports today. One emphasis: He foresees more concise, consistent guidance related to the new FAR Part 107.

Kosatka joined the Federal Avia-tion Administration’s airport security division in 2000. He has worked as a security consultant for airports, served with the Airports Council International - North America, and as a Capitol Hill staffer, both in the House and Senate.
Following is an edited transcript of our interview with Kosatka ...
AIRPORT BUSINESS: From an overview, where is the agency right now related to security for airports?
Kosatka: I’m almost exclusively focused now on one document, the policy and guidance document for (the new FAR Part 107). This is something that has never existed before. It is as its title implies the singular policy document that will be distributed to the airports and all the FAA field offices, the whole works. The policy document has been under development for the better part of a year and a half.
The policy document literally goes through the entire regulation, clause by clause. One or two sentences in the regulation might engender two, three pages of explanatory text. It is supposed to be the definitive guidance to our field and the airports — what we really meant to say in that regulation. Right now, it’s 218 pages long.
It will never be published on paper. It’s going to be distributed strictly electronically off the FAA security website, not the public website.
AB: Regarding the Part 107/108 rewrite, have the events of September 11 had a significant impact on the final document?
Kosatka: No. There was discussion within our shop of, should we not go forward as published? The bottom line is, this thing’s never going to settle down completely. So, go ahead and publish and keep dealing with it. There’s nothing in there that’s really significantly changed by September 11; that’s kind of the point of the regs, hopefully, that they are broadly enough written that we can respond to any kind of incident as necessary. As I’ve said a million times, there’s also a problem when writing regs in that you’ve got to write one regulation that applies to JFK and Jackson Hole, WY, equally, and that is a tough thing to do.
AB: You’ve been involved in the reopening of airspace for general aviation operations. What details can you give us on that ongoing effort?
Kosatka: We recognize that in theory GA in general is the good guys, and that restrictions are always going to inconvenience the good guys who always follow the rules. The bad guy that is going to fly something in is not going to be deterred by an air traffic control call on the radio that says, don’t go there. He’s already halfway there.
But we do have to introduce some predictability into the system so that when the bad guy seeks to cover himself as one of the good guys, we know what to expect; some predictability so that when there’s a deviation from that system we can hopefully pick out the bad guy. For example, and this is not what we’re doing, but if you have specific routing for GA to follow in a restricted area and somebody deviates from that, that’s when we go in real fast and take a look.
Security doesn’t have the ability, as it stands now, to regulate GA in the sense of we don’t have a regulatory handle on non-107 airports. We’re not really regulating GA by security, we’re regulating it through the air traffic control system.
I like to point out that technically we never closed all the airports, we only closed the air space system so you couldn’t take off or land on the open airports.
AB: Is there potential down the road that we’ll have to implement some type of procedure or screening at general aviation airports?
Kosatka: There’s always that potential. I’m not suggesting it’s a good idea.
One of the other things that’s been bandied around might be a good idea — in the medium to long term -— is background checks on all pilots, and having a photo/biometric pilot’s license. Theoretically, if you follow that to its logical conclusion, you might want to have a background check before you can even apply for a pilot’s license. Is that realistic? I don’t think it’s unrealistic, although speaking as a former security consultant I ain’t sure where the threat is. But by the same token, a couple of the bad guys from the 11th had pilot training histories going back seven years. So, yeah, there’s clearly a threat there.
AB: Since 9/11, the 300-foot rule has been much in the news and has caused airports considerable expense and inconvenience.
Kosatka: Understand where that came from. It came into being during the Gulf War, where vehicle bombs were seen as a fairly imminent threat. Think of us in the rule-writing process where somebody says, we think we have a vehicle threat, we don’t know where or when, make me some protection. I was at (Airports Council International) at the time. There was some rationale to it, but you just can’t write a rule that makes sense at every single airport. You’ve got to come up with guidance.
It’s not a bad standard, and the most important thing to understand about it is there are waivers available.
AB: So, if I’m an airport operator and I want to build a parking lot, would I be prudent not to build it within 300 feet of the terminal? Would FAA withhold money or PFC approval?
Kosatka: I could see a case being made for going out to 800, 1,000 feet. Would you be prudent to move it? I don’t know what the mindset’s going to be; there may be very different guidance coming down.
I think there should be a lot more money spent at intel (intelligence) so that we catch the guy three weeks before he heads for the airport, not try to catch him at the front door. But we still have to do something at the front door. The 300-foot rule wouldn’t be necessary if we had much better control and intel prior.
I’m talking about the intelligence community as a whole. I think everybody agrees that the World Trade Center was an intel failure. Nobody saw that coming anywhere. They were tracking some of these guys and lost them. I don’t want to say total failure, but I’m not sure what else to call it when 19 guys got through the system.
AB: You’ve said that one of your worst nightmares is when you get a call and someone tells you they’re getting a different interpretation from a local FAA office versus headquarters.
Kosatka: Sitting in FAA, I have had a regional FAA office tell me, well that may be headquarters’ security policy but we have a different policy here.
OK, nice of you to tell us.
AB: It would seem that you’ll need to focus on that as it relates to new security initiatives.
Kosatka: Actually, I think we may be part way there with the policy and guidance document. Fragmentation was everywhere. This policy document supercedes everything that’s out there now, with the one exception: there are 12 very specific ASP (airport security program) amendments still floating around out there and we deal with them in the policy document. This is the sole source for policy guidance. Now when a region says, I’ve got a different policy, I can say, no you don’t.
AB: Would you like to talk about biometrics, voice stress systems, and the like?
Kosatka: I think biometrics are the way things are going to go. I thought that before, but it looks like the legislation is also going to push us there.
Facial recognition is something we have been discussing for the better part of a year as a possibility.
Assuming facial recognition is the selected biometric, and it seems to be one of the better ones, you would check in in the morning at selected employee portals. You’d come in and the system would recognize you and let you in. And the system now knows you’re in there. It’s also set up at all the appropriate portals — it may not be all of them — so that when you walk up to a door, facial recognition allows you through without a slide card.
It could be voice recognition. It will probably wind up being dual biometrics, simply because sometimes things fail. We’re doing some tests with the National Safe Skies Alliance, which is based at Knoxville.
The problem is, is that there is at this time no industry accepted standard for biometrics. The National Institute of Standards and Technology, which used to be the old Bureau of Standards, is working on programmer interface that’s a technical standard for this type of stuff.
AB: Is the national ID card something that the agency and you see as a positive goal to pursue?
Kosatka: I don’t want to speak for the agency because I’m not sure we have an official position. Purely from a security designer point of view, yeah, it can be a benefit.
One of the other possibilities is to do the same thing with general aviation. Smart cards with some biometric on them are not expensive at all.
All of this, though, presumes there is this big mother database in the sky that all of this stuff can go into and be queried. Really, the technology is not the problem, it’s the underlying system.
AB: Regarding the hub and spoke system, will we begin to look at hubs having a separate sterile area for handling feeder carriers?
Kosatka: It’s a reasonable solution at some airports, some hubs, sometimes. Everything is so site-specific.
You’re really talking about two different universes here. One is the existing airport universe and how much it would cost to reconfigure what you’re suggesting. Who knows whether or not next year those three hubbing carriers are even going to be in business, much less at that airport?
The other universe here is anything new that we’re designing from scratch, which is not that many at the moment. But if you are building a brand new terminal, it’s something to consider.
If your hubbing carrier is one that’s in financial trouble, it’s hard to have a clue if that’s what you should plan for or not.
AB: One of the biggest concerns for aviation people in relation to 9/11 was that the entire system was shut down.
Kosatka: I wouldn’t call that a concern; I’d call it one hell of an accomplishment that you could do that that quickly.
AB: Well, people would agree it’s a hell of an accomplishment, but there’s a concern that there’s that much control over the system.
Kosatka: Until you know what’s going on, perhaps shutting down the system is the more prudent move. Given what we saw, we didn’t know if it was going to be going on the rest of the day or the rest of the week. No clue. Do you keep them flying? What are the odds? Well, what are we facing?