An airport vulnerability assessment methodology

This paper highlights a general vulnerability assessment methodology and procedural tools that have been developed, refined, and applied to more than one hundred facilities over a 20-year period. The methodology and tools were adapted to conduct assessments of two major airports in the United States. The methodology is applied in a logical, sequenced fashion that considers the threat, target identification, adversary types, malevolent acts of concern, and consequences of an adversary success. Algorithms are used to analyze potential consequences, the relative importance of targets to the adversary, and security vulnerability levels, to arrive at a relative risk for each threat and target combination. Countermeasures are then developed to minimize the risk and the methodology is reapplied to determine the relative risk reduction achieved. This iterative process is continued until the most cost-effective method for reducing risk to an acceptable level is identified. The airport modeling and characterization is documented by recording data and performing calculations through use of a spreadsheet during table-top discussions of the scenarios. The results of the assessments are then provided to airport planners, security managers, and decision makers