main-content

This edited book captures salient global security challenges and presents ‘design’ solutions in dealing with wicked problems. Through case studies and applied research this book reveals the many perspectives, tools and approaches to support security design. Security design thereby can support risk and threat analysis, risk communication, problem framing and development of interventions strategies. From the refugee crisis to economic slowdowns in emerging markets, from ever-rising numbers of terrorist and cyberattacks to global water shortages, to the proliferation of the Internet of Things and its impact on the security of our homes, cities and critical infrastructure, the current security landscape is diverse and complex. These global risks have been in the headlines in the last year (Global Risks Report) and pose significant security challenges both nationally and globally. In fact, national security is no longer just national. Non-state actors, cyber NGO, rising powers, and hybrid wars and crimes in strategic areas pose complex challenges to global security. In the words of Horst Rittel (1968):"Design is an activity, which aims at the production of a plan, which plan -if implemented- is intended to bring about a situation with specific desired characteristics without creating unforeseen and undesired side and after effects."

### Introduction

Abstract
The current and future security landscape is diverse and complex. It is characterized by such issues as: mass migration and refugee crisis; economic slowdowns in emerging markets; ever-rising numbers of terrorist and cyberattacks; pandemics; active shooters; climate related disasters; global water shortages; energy security; the proliferation of the Internet of Things and its impact on the security of our homes, cities and critical infrastructure. These global risks have been in the headlines in the last year (Global Risks Report) and pose significant security challenges both nationally and globally. In fact, national security is no longer just national. Non-state actors, cyber NGOs, rising powers, pandemics and hybrid wars and crimes in strategic areas pose complex challenges to global security.
Anthony J. Masys

### Design Thinking and Design Doing: Describing a Process of People-Centred Innovation

Abstract
This chapter outlines the benefits of Design Thinking as a creative framework for innovation that can be applied to projects and organisations across government, business and the public sector. It includes a short history of the Design Thinking approach to set context and define the concept. However, much of the ensuing discussion and evaluation of ideas and methods is based on recent publications, papers and journal articles to give a current view of academic and practitioner activities. At the heart of the approach is a people-centred focus, and the chapter discusses the role of Inclusive Design and design ethnography in underpinning Design Thinking. It outlines five principles: Involve People, Translate Design Thinking into Design Doing, Create Value and Capture Value, Follow the Arc of Design Thinking and Navigate Complexity. It aims to give an overarching view of Design Thinking, demonstrating the value that it can bring to diverse areas of research and application. Challenges and observations for progressing the approach are also noted.
Rama Gheerawo

### An Integral Futures Lens on Future Security Issues

Abstract
Conventional analysis of security issues tends to take a disjointed approach through tightly focused tactical lenses. Increasingly, however, security issues are embedded in a wider and diverse range of factors that may escape conventional analysis. An integral futures perspective to exploring security issues is proposed that provides a wider lens by taking an integrated holistic approach that explores individual and collective aspects of emerging issues from both an interior (e.g., motivation, culture) and exterior (e.g., behavior, systems, and infrastructures) perspective. We believe this approach provides a fresh way to identify issues as well as providing a more holistic explanatory framework.
Craig Perry, Andy Hines

### Innovations in Active Shooting Emergency Medical Response and Triage

Abstract
The high impact and low frequency ‘black swan’ events such as terrorist attacks and active shooters are becoming the new normal. The terrorist events in Kenya (2013), Paris (2015, 2016), Belgium (2016), USA (2015 and 2016), UK (2017) highlight how ‘unexpected events often audit our resilience; everything that was left unprepared becomes a complex problem, and every weakness comes rushing to the forefront’ [20]. The recent mass casualty shooting events in the USA and around the world [6] have certainly highlighted national security issues globally and have had a profound effect on communities. The response to such an event crosses organizational and disciplinary boundaries such as law enforcement, fire/rescue, EMS and medical centers and as such contributes to potential erosion of efficiency and effectiveness in response stemming from matters pertaining to coordination, collaboration and cooperation. With the rise in prevalence of mass shootings, Emergency Medical providers may now find themselves responding to an active shooter event. Traditional triage and victim management techniques leveraged from military experiences are being re-examined. As noted by Smith et al. [14], ‘A recent analysis of mass shooting events noted a wounding pattern different from military experience with very few cases of life-threatening extremity hemorrhage; therefore, extrication and transfer to definitive care needs to be a priority in addition to any in-place care provided’. As noted in van Rein et al. [19] ‘prehospital trauma triage is essential in providing appropriate care for patients at risk from severe injury to improve their chance of survival’. This chapter will discuss the requirements for a more ‘tactically oriented’ medical response in an active shooter incident, and presents novel triage and scene management techniques to facilitate a more rapid and effective response to maximize victim survivability.

### Mass Migration, Humanitarian Assistance and Crisis Management: Embracing Social Innovation and Organizational Learning

Abstract
As described by Moore and Westley [47] ‘complex challenges demand complex solutions. By their very nature, these problems are difficult to define’. During the past 10 years the number of international migrants has been increasing. By 2015 there were 244 million international migrants and in 2015 alone upwards of 28 million people were displaced in 127 countries stemming from issues pertaining to conflict, violence and disasters [3]. In Asia/Pacific region, extreme weather disasters and climate change have been cited as influencing factors in mass migration of ‘climate refugees’. In fact it has been projected that over the next century there will be tens of millions of such “climate refugees”. The current surge in migration to the European Union (EU) is rapidly becoming the largest and most complex facing Europe since the Second World War. Between January 2015 and February 2016, over 1.1 million people made their way to the EU, escaping conflict and poverty in their countries. Moore and Westley [47] argue that ‘urgent calls for “innovation” have become increasingly frequent as people begin to recognize both the need for fundamental change in human beings’ relationships with each other and their environment, and the catastrophic ramifications of inaction or ill-informed decisions as to how such change might be effected’. This chapter examines the complex causality regarding mass migration of refugees and leverages social innovation and organizational learning as theoretical frameworks to support the design of humanitarian assistance and crisis management.
Miriam Kaundert, Anthony J. Masys

### Complexity and Unintended Consequences in a Human Security Crisis: A System Dynamic Model of the Refugee Migration to Europe

Abstract
As described by UNHCR (The sea route to Europe: The Mediterranean passage in the age of refugees, 2015 [19]), ‘Europe is living through a maritime refugee crisis of historic proportions. Its evolving response has become one of the continent’s defining challenges of the early 21st century, with long-lasting implications for humanitarian practice, regional stability and international public opinion’. UNHCR’s figures show that over one million people had reached Europe across the Mediterranean, mainly to Greece and Italy, in 2015. Of these, over 3700 were missing, believed drowned. This represents a regional human security crisis. Sagan (The limitation of safety—organizations, accidents and nuclear weapons. Princeton University Press, Princeton, New Jersey [16]) argues that ‘Things that have never happened before happen all the time’. The mass migration of refugees should not have come as a complete surprise. The mass migration in Europe, North Africa and Middle East derives from a wicked problem space and is linked to humanitarian challenges elsewhere. Thus, the flight to European shores reflected not only the pull of greater long-term security in Europe, but also the failure of the international humanitarian community to meet basic needs in other places (Special feature: refugees and vulnerable migrants in Europe, 2016 [11]). This chapter explores the complexity of the refugee and humanitarian crisis in Europe and North Africa through the application of a System Dynamics model. Given the unintended consequences associated with policies and intervention strategies, the System Dynamics model examines the volatility of such interventions on migration.
Ivan Taylor, Anthony J. Masys

### Cyber-Physical Systems Governance: A Framework for (Meta)CyberSecurity Design

Abstract
This chapter discusses a framework for improving security of cyber-physical systems through purposeful design, execution, and evolution of metasystem functions. State actors (i.e., government agencies), non-state actors (i.e., for-profit and non-profit organizations), and their systems operate under highly emergent and complex conditions. Under these conditions, system performance is not always deducible from the constituent systems. Moreover, such systems are often interdependent and dynamically interacting with other systems such that the state of each system is influenced by and is influencing states of the interconnected systems. In these conditions, leaving a system to develop through processes of ‘accretion’ (ad hoc evolution of a system) or ‘self-organization’ (totally unconstrained evolution of a system) might increase the probability of missing performance expectations. In contrast, ‘purposeful design’ is an invitation for a more determined engagement in system development to increase the probability of producing expected and desired performance. In this chapter, emerging research in Complex System Governance (CSG) is suggested as an emerging field to direct more purposeful design for systems. Specifically, a CSG enabled framework for security design focused on Cyber-Physical Systems (CPS) is provided. The framework, grounded in Systems Theory and Management Cybernetics, emphasizes more holistic design for integration, coordination, communication, and control for development of CPS.
Polinpapilinho F. Katina, Charles B. Keating

### To Feel Secure or to Be Secure, That Is the Question

Abstract
The title of this volume is “Security by design”. This can be read as a statement, as an expression of confidence that it is possible to be secure by design. In that case the obvious next step is to think about possible ways of ensuring security by design, starting, for instance, with the solutions that have been developed to solve the seemingly analogous problems of safety or prevention by design. But what if the title had been “Security by design?” or in other words a question rather than a statement? In that case the title would not be taken as an expression of confidence but rather as an admission of uncertainty or even of impotence, a possible doubt of whether security can be ensured by design. The obvious next step would then be to take a closer look at the two central concepts, namely “security” and “design”. The current chapter will do just that.
Erik Hollnagel

### Clustering Heterogeneous Semi-structured Social Science Datasets for Security Applications

Abstract
Social scientists have begun to collect large datasets that are heterogeneous and semi-structured, but the ability to analyze such data has lagged behind its collection. We design a process to map such datasets to a numerical form, apply singular value decomposition clustering, and explore the impact of individual attributes or fields by overlaying visualizations of the clusters. This provides a new path for understanding such datasets, which we illustrate with three real-world examples: the Global Terrorism Database, which records details of every terrorist attack since 1970; a Chicago police dataset, which records details of every drug-related incident over a period of approximately a month; and a dataset describing members of a Hezbollah crime/terror network in the U.S.
D. B. Skillicorn, C. Leuprecht

### Critical Infrastructure Protection and Resilience—Integrating Interdependencies

Abstract
Throughout the world, there is strong recognition that critical infrastructure security and resilience need to be improved. Enhancing the protection and resilience of critical infrastructure has emerged as an urgent goal—a goal made more challenging by the complexity of these systems and their inherent interdependencies. Consideration of critical infrastructure interdependencies, as well as their integration into risk management and business continuity processes, is an important element of U.S Presidential Policy Directive 21 on Critical Infrastructure Security and Resilience (PPD–21), the Canada-United States Action Plan for Critical Infrastructure, and the European Program for Critical Infrastructure Protection. Several international standards also require the consideration of interdependencies between organizations and the effect on their risk management and business continuity practices. All of these documents, from the strategic level through the operational standards, involve the consideration of interdependencies that can exist among infrastructure, how they are managed, and how they affect business continuity, security, and resilience management. A “system of systems” approach can help establish the appropriate scope of an interdependency analysis, as well as the specific assets and/or subsystems for which resilience-related information should be collected.
Frédéric Petit, Duane Verner, Julia Phillips, Lawrence Paul Lewis

### The Application of Warden’s Concentric Ring Theory to Applegate’s Offensive Cyber Manoeuvre Strategy in Modern Conflicts

Abstract
Cyber has become an essential element for governments, militaries and societies. This importance makes it a target when planning a military campaign. The targeting model developed by Colonel John Warden has demonstrated flexibility in that it can be applied to any entity that can be analyzed as a system. Scott Applegate has accurately described three different strategies that can be employed when waging offensive cyber warfare. The targeting model developed by Colonel John Warden can be applied to each of these cyber maneuver strategies to analyse and attack an opponent’s cyber capabilities. There is anecdotal evidence that these different cyber strategies have been employed in recent world conflicts. Real world examples accessed from open source literature have been analysed using Warden’s theory, to demonstrate that countries have already started basing their attacks against their opponent’s cyber capabilities using this model.
David G. Wood

### Fentanyl Crisis: A National Security Matter

Abstract
The complexity of the current threat landscape associated with terrorism and criminal networks continues to be a top national and global security agenda item. Amongst the global security challenges, synthetic drugs constitute one of the most significant drug problems worldwide (UNODC in Global smart update: fentanyl and its analogous—50 years on, 2017 [54]). Fentanyl and non-pharmaceutical fentanyls (NPFs) have moved beyond being a concern to emerging as a national and global security matter. In 2015, more than 52,000 Americans (144/day) died from drug overdose. As reported by Chester (Fentanyl: the next wave of the opioid crisis, 2017 [9]), 63% of overdoses involved opioids whereby they are having ‘…a considerable impact on public health and public safety in communities across the United States’. In Canada, the Fentanyl-related deaths has markedly increased across British Columbia, Alberta, Ontario and Quebec, ranging from a doubling to 20-fold increase from 2009 to 2014 (CCENDU in Deaths involving fentanyl in Canada, 2009–2014, 2015 [4]). This increasing trend is noted internationally with increasing mortality in Australia (Roxburgh et al. in Drug Alcohol Rev 32:269–275, 2013 [48]) and the Nordic countries (Denmark, Finland, Iceland, Norway, Sweden) (Simonsen et al. in Forensic Sci Int 248:172–180, 2015 [50]). Richmond (An introduction to systems thinking. High Performance Systems, Inc. NH: Hanover, 2001 [46]) argues that ‘The way we think is outdated. As a result, the way we act creates problems, and then we are ill-equipped to address them because of the way we think’. His argument stems from the ‘…fact that we have been applying the same set of non-solutions to the crucial social problems such as drugs, poverty and crime for most of the last fifty years without any positive results’. This chapter examines the national and global fentanyl crisis and introduces a holistic perspective of the problem space that leverages social innovation and macro-social analysis (Boivin in Networks and network analysis for defence and security. Springer, Berlin, 2014 [1]; Masys in Exploring the security landscape—non-traditional security challenges. Springer, Berlin, 2016 [37]) to examine the public health and criminal dimensions.
Corey Tsang, Anthony J. Masys

### Risk-Based Aviation Security—Designing-Out Terror?

Abstract
Stung by a wave of terror attacks in the 1960s and 1970s, commercial aviation introduced a range of hard and soft security measures to mitigate the risk of unlawful interference. Terrorists responded by devising new forms of attack, such as the use of shoulder-launched surface-to-air missiles in the vicinity of poorly-surveilled airport perimeters, and reviving old tactics, such as the kamikaze attack. The terror attacks of September 11th, 2001, spurred further anti-terror measures, including the risk-based vetting of passengers. This chapter reviews the pros and cons of risk-based aviation security. Advantages include the opportunity to use scarce resources to best affect and—for most airline customers—a speedier passage. Disadvantages include greater operational complexity and additional capital and revenue cost. There is also the matter of political sensitivity: a risk-based aviation security system that is perceived to be discriminatory risks losing the support of those it is designed to protect—with unpredictable consequences. Finally, if the assumptions that inform the computerised vetting algorithms are wrong, the innocent may be inconvenienced, and the malevolent waved through. Referencing the Israeli experience, the author concludes that realising the benefits of risk-based aviation security requires planning, intelligent design and the will and ability to deliver a professional vetting service in perpetuity.
Simon Bennett

### Customizing Web-EOC Crisis Management Software to Facilitate Collaboration and Increase Situational Awareness: Advances in Business Resource Center (BRC) Design for Business Continuity Management

Abstract
The Hawai’i Emergency Management Agency embarked upon a project with the University of Hawai’i at West O’ahu to determine the best design and use of a Business Resource Center (BRC) to increase the disaster management collaboration among the public, private and non-governmental sectors. The visitor industry was identified as the first sector that will be engaged. The project includes five major tasks: creation of a BRC Annex and Standard Operating Guide; the development of a BRC WebEOC portal; the design of small businesses preparedness materials; the identification of emergency communications requirements; and emergency management outreach, training and exercises. This paper focuses on the second task listed above: development of a BRC WebEOC portal for effective disaster management collaboration, information sharing and situational awareness. This involves the design of data fields for the WebEOC crisis management system. Finally, focus groups in Hawaii are examined to learn more about current levels of disaster engagement, gaps in disaster information or services, and opportunities for increased success with disaster management through a central BRC. In general, there was a strong sense of support for the development of a collaborative BRC space for the public and private sectors. Investigations pertaining to business disruptions are undertaken with an emphasis on modeling, understanding and characterizing the complex causality that defines these incidents. In so doing this chapter uncovers creative, timely and important strategies improving business continuity management and disaster resilience in Hawaii.
Jason Levy, Ross Prizzia

### Advances in Cybersecurity Design: An Integrated Framework to Quantify the Economic Impacts of Cyber-Terrorist Behavior

Abstract
An integrated framework to quantify the economic impacts of cyber-attacks on the U.S. airport security systems is put forth. A cyber-attack on the United States would involve complex strategic behavior by terrorists, who could invade an airport electronic system without any U.S. border or entry point. At the same time, defending entities must consider the complex processes that may cause any turmoil. The possibility of simultaneous threats from cyber-attacks makes it more difficult for defending entities to secure their airports, highlighting the need for improved and integrated inter-governmental collaboration. Collaborative networking requires close inter-governmental coordination to overcome such cyber-terrorism to protect critical infrastructure systems. Constructing a new model for strategic cyber-terror security requires a combination of competitive and cooperative game situations to develop specific strategies against cyber-terrorism. In addition, an airport shutdown would have ripple effects throughout domestic and international economies; these effects must be analyzed with a spatially disaggregate economic model. Combining competitive and cooperative game situations with an economic impact model, this study proposes the Game Theoretic National Interstate Economic Model (G-NIEMO) framework. G-NIEMO identifies which airport may be most vulnerable in the event that an airport electronic system is shut down. Using the probabilistic costs of airport closures, the model identifies the economic importance of cyber security by event location and industry type. From G-NIEMO, equilibrium strategies to protect U.S. airport systems can be developed and a general guideline for the evaluation of resource allocation can be provided to U.S. government agencies.
JiYoung Park, Jason Levy, Minsu Son, Changkeun Park, Ha Hwang

### Operationalizing ‘Deliverology’ for Humanitarian Aid and Disaster Risk Reduction: Accelerating Improvement in Delivery

Abstract
During the period 2005–2014, the Asia-Pacific region had over 1600 reported disaster events resulting in approximately 500,000 fatalities and affecting over 1.4 billion people (UN ESCAP in Asia Pacific disaster report-2015: disasters without borders, 2015 [29, 30]). Economic costs stemming from these disasters were upwards of $500 billion. During 2015 alone, the Asia/Pacific region experienced close to half the world’s 344 disasters resulting in over 16,000 fatalities. Impact of these disasters in 2015 amassed to more than US$ 45.1 billion in economic damage (UN ESCAP in Disasters in the Asia and Pacific: 2015 year in review, 2015 [29, 30]). As noted in Weick and Sutcliffe [32: 1], ‘Unexpected events often audit our resilience’ and thereby challenge response and recovery activities. Black swan events are not the only mechanisms of destruction in Asia/Pacific region, such slow onset disasters as droughts, heat waves, forest fires and haze impact the safety and security of the region. Disasters stress the safety and security of the region, impinging on the already fragile disaster response capabilities and affecting the most vulnerable. The challenges associated with humanitarian assistance, disaster response and disaster risk reduction regionally and globally highlight the requirement for a more responsive and impactful ‘delivery’ model of aid. This chapter examines recent disasters and humanitarian aid efforts in the Asia/Pacific Region through the lens of the Sendai Framework and ‘Deliverology’. Deliverology is a ‘systematic process for driving progress and delivering results in government and the public sector’ [1]. The key principles of Deliverology, rooted in design thinking and reflective practices helps organizations (humanitarian aid) define and execute their highest-priority objectives so that they have the greatest possible impact. In so doing, the chapter walks the reader through ‘operationalizing deliverology and design’ to accelerate improvements in delivery of humanitarian aid in support of the ‘New Ways of Working (NWOW)’ [22]. Deliverology combined with design is more than a process model but is a mindset for truly impacting communities through disaster risk reduction.
Anthony J. Masys

### Nuclear Waste Management: Security and Safety Implications

Abstract
Helbing (Nature 497, [20: 51]) poignantly argues that ‘Globalization and technological revolutions are changing our planet’. Along with the benefits and opportunities associated with worldwide collaboration networks comes ‘pathways along which dangerous and damaging events can spread rapidly and globally’. Given the significant nuclear footprint throughout the Asia/Pacific, issues pertaining to nuclear waste management resonate with Beck’s risk discourse on how distinctively modern manufactured risks are both temporally and spatially displaced. Many Asia/Pacific countries, including Japan and South Korea are facing increasingly large nuclear fuel stocks, with safe space for surface storage growing tight. A key event complicating nuclear power waste storage in the region was the Fukushima nuclear accident, which increased the nuclear waste profile while complicating storage siting by elevating public concern and diminishing trust in nuclear industries and regulators (Rich in Struggling with Japan’s nuclear waste, six years after disaster, [45]). At the same time, equally salient manufactured risks from global climate change due to fossil fuel consumption are contending with nuclear risks, adding urgency to the optimization of cradle-to-grave energy life cycle decisions. All in all, the manufactured risk landscape calls for “reflective practices” that leverage the theoretical frameworks of risk perception and risk communication to shed light on issues challenging the Asia/Pacific region. In this chapter, we draw upon theoretical orientations of cultural cognition of risk (Kahan in J Sci Commun 14(3):1–10, [27]), responsible innovation (Guston and Sarewitz in Technol Soc 24(1–2):93–109, [17]), and design thinking as a lens for reflection and guidance to enable more constructive and conciliatory nuclear waste decision-making within the Asia/Pacific region.
Suzanne Waldman, Anthony J. Masys

### Building Effective Emergency Management Public-Private Partnerships (PPP) for Information Sharing

Abstract
Recent disasters have highlighted the need for effective and proactive partnerships between public emergency responders and the “Whole Community” to assist in all phases of disaster management. This paper examines the importance of reliable, credible, and accessible information that can support the private sector and the “Whole Community” in times of disaster. It is shown that community resilience is enhanced through a shared, real-time “common operating picture”, explicit linkages, and enhanced information sharing. Business Emergency Operations Center (BEOC) designs are compared and contrasted and recommendations are put forth. Optimal Public Private Partnerships for information sharing identified. It is shown that achieving disaster resilience involves government and businesses sharing potential risks, as well as identifying disaster consequences, priorities, information, and capabilities. The conclusions provide guidance that can be used as dual-use roadmap for improving information sharing: on the one hand governments can use the insights of this paper to build new public-private sector programs (or to improve existing programs); on the other hand, the private sector can better understand how to become connected with the information sharing processes of governments.
Jason Levy, Ross Prizzia