Special Report: Aftermath
Are government and industry doing enough to make the sky secure?
WHAT'S REMARKABLE ABOUT THIS COUNTRY'S approach to aviation security, following September 11, is how broadly and rapidly it is being overhauled. Though the overhaul was triggered by the four coordinated airliner hijackings, it is extending well beyond the specifics of those crimes.
Cockpit doors are being reinforced, even though there’s no evidence so far that the September hijackers forced open any doors. The airport screener workforce has been targeted for reform, even though the weapons the hijackers used would not have caused screeners, under regulations then in place, to halt them at the checkpoints. Washington Reagan National Airport remained closed long after other U.S. airports and finally opened only with special restrictions, even though it was Washington Dulles International, not Reagan National, where one of the hijacked flights originated.
Though these changes do not address the security breaches of September 11, they are not unwarranted. One post-disaster report concluded: “The U.S. civil aviation security system is seriously flawed and has failed to provide the proper level of protection for the traveling public. This system needs major reform. Rhetoric is no substitute for strong, effective action.” The report was prompted, though, not by the recent hijacking assault, but by the 1988 bombing of Pan Am 103 over Lockerbie, Scotland. A presidential commission on aviation security and terrorism issued it in 1990.
Testifying before the U.S. Senate on September 20, 2001, Captain Duane Woerth, president of the Air Line Pilots Association, stated: “I suspect that many of us believed that, although flawed, our security system was generally doing the job that it was intended to do. Unfortunately, that mindset may well have been at the root of what enabled the 19 terrorists to perform their acts of unspeakable devastation.”
Perhaps the most far-reaching change of all is in that mindset. While in the past, vigilance would increase following a terrorist incident but relax as memory of the incident dimmed, the September 11 attacks were so ghastly that top-down changes, once deemed improbable, now seem inevitable. These include new airline and airport procedures, new regulations, and a lot more government investment in the development of new technologies.
Among the first things discarded was what’s known as the “common strategy” for handling hijacking. ALPA spokesman John Mazor points out that the motto used to be “Accommodate, negotiate, and do not escalate.” That philosophy was based on the assumption that the hijacker was as interested as everyone else in getting the airplane safely on the ground. But a terrorist bent on suicide has more options and a lot fewer constraints.
Well before September 11, there were several incidents that foretold the advent of airborne suicide terrorism, and perhaps the biggest failure by those responsible for the security of air travel was the failure to recognize the likelihood that airplanes themselves would be used as weapons. In 1994 a FedEx employee used hammers and a speargun to attack the three pilots of a FedEx DC-10, hoping to crash the wide-body into the company’s Memphis hub. Two of the pilots managed to wrestle the hijacker into submission before the airplane made an emergency landing at Memphis. That same year, terrorists from the Armed Islamic Group plotted to fly an Air France A300 into the Eiffel Tower to punish France for supporting the government of Algeria against a takeover by Islamic extremists. They hijacked the aircraft and killed three passengers, but they were in turn killed by French commandos after the flight landed in Marseilles to refuel. In 1987, a recently fired airline employee smuggled a pistol onto a Pacific Southwest Airlines flight. He shot both pilots and the British Aerospace 146 then crashed, killing all 43 on board. And in 1974, a man named Samuel Byck planned to assassinate President Richard Nixon by hijacking a Delta Airlines DC-9, shooting the pilots in flight, and then aiming the aircraft at the White House (Byck had sent a tape outlining his plan to a newspaper columnist before the flight). The DC-9 never left the gate at Baltimore-Washington International Airport, and Byck was killed in a gun battle.
The new common strategy against hijacking is “Defend the cockpit at all costs.” Many U.S. airlines began adding deadbolts and reinforcement bars soon after the September hijackings. They also changed inflight procedures, calling on pilots and flight attendants to keep the door closed during flight and communicate primarily by interphone. Under new Federal Aviation Administration regulations, flight attendants no longer carry cockpit keys.
The first four of 17 recommendations to Department of Transportation Secretary Norman Mineta, made three weeks after the attacks by a “rapid response team” on aircraft security, also focused on the cockpit door. The team, whose members were drawn from airline management, aviation unions, and the aerospace industry, called for a new cockpit door design within six months and retrofit of the entire U.S. fleet a year after that.
If the cockpit is being turned into a fortress, should there be guns inside to defend it? A weapon in the cockpit is illegal under current FAA regulations, but ALPA recommends a voluntary program. Under the ALPA plan, a pilot who signs up would go through extensive background checks, psychological evaluation, and firearms training. Then he or she would be deputized as a federal law enforcement officer and carry a federally authorized weapon. The ammunition would be frangible, which means the bullet disintegrates on impact with a hard surface, so it would be unlikely to ricochet or seriously damage the aircraft. Such armed pilots would not take the place of federal air marshals; in fact, the FAA has begun a drive to hire and train thousands of armed marshals to fly aboard both domestic and international routes.
Firearms aren’t the only means to foil a hijacking. A variety of non-lethal devices are being hurriedly reviewed. One that is making its way before the FAA, congressional committees, airlines, and unions is the Laser Dazzler, manufactured by LE Systems. It looks like a large flashlight and emits an intense beam of green, pulsating light. The laser is harmless even at close range, but the bursts of light leave those who see them disoriented. The device could also be mounted on an aircraft bulkhead and, should there be a threat in the cabin, activated by a remote switch.
Another defensive weapon can be the aircraft itself. In a normal flight, says Captain John Cox, ALPA executive air safety chairman, “the idea is don’t spill the coffee. But with a hijacker on board, a 2-G maneuver would double his weight, and that could help disable him.” There are risks, though, in attempting aerobatics with an airliner. Cox issued a bulletin to ALPA members warning, for example, that loose objects can be turned into projectiles and that “aggressive, sustained control inputs, especially at high altitudes, may cause an aircraft upset that could lead to loss of control.” The DOT’s rapid response team recommended that such maneuvers, including dives and intentional depressurization, be used only as a last resort.
The September 11 hijackers succeeded not only in diverting four aircraft but also in keeping ground authorities largely in the dark while they did so. Many technological fixes are being proposed to prevent that from happening again. These include a transponder that continues to transmit aircraft identification, altitude, and hijack signal, even if switched off from the flight deck. Honeywell is considering some form of “panic button” that would immediately downlink the data that is routinely stored in the cockpit voice recorder and digital flight data recorder.
Remember HAL, the computer with a mind of its own in the movie 2001: A Space Odyssey? Picture hijackers aiming 767s at the World Trade Center and the aircraft, like HAL, refusing to do as commanded. Such a safeguard appears feasible. Even before September 11, NASA was exploring a number of “refuse to crash” technologies that would keep pilot mistakes from leading to accidents. Enhanced ground proximity warning systems (EGPWS) are already in use. Coupled to the radar altimeter, plain-vanilla EGPWS warns the pilot when the airplane is too close to the ground. The enhanced version consults a terrain database to warn that there’s a likely collision ahead. To turn this system into a hijacking countermeasure, those advisories would have to be converted into orders.
The next step could be to wrest control from the pilot altogether. Once a hijack attempt becomes evident, someone on the ground takes over and flies the airplane. James Coyne, president of the National Air Transportation Association (NATA), says that most of the ingredients for this scenario are already in use, such as flight management systems, fly-by-wire control, and auto-land capability. What’s still missing, he says, is a long-awaited broadband data link, which would replace much of the routine voice communication between air and ground. ALPA representatives, among others, are more skeptical. They point to the risk of accidental or even intentional misdirection from remote aircraft operators, and FAA spokesman Les Dorr classifies such technologies as long-term, since even the military has perfected remote control only with relatively simple, single-engine aircraft.
Of course it’s a lot safer to prevent a hijacking than to foil one in progress. That entails keeping terrorists, weapons, and bombs off aircraft in the first place. ALPA’s testimony to the U.S. Senate recommended 30 near- and long-term actions to improve airline safety. For example, the union suggested that the Immigration and Naturalization Service not be allowed to use scheduled airline flights to deport illegal aliens without the escort of armed INS agents. Currently, the INS allows up to 10 deportees to travel unescorted on a flight with paying passengers.
In the aftermath of September 11, private security companies and the airlines that hire them have come under fire. Poorly trained, underpaid screeners often miss the test weapons used to gauge their performance. Suddenly there has been agreement on the need to federalize or otherwise upgrade the screener workforce. (As this issue went to press, the U.S. Congress had not reached agreement on an aviation security bill dealing with, among other items, airport security personnel.) But new regulations and technology can also enable existing screeners to do a better job. Reducing the number of carry-on bags allowed per passenger will enable each bag to receive closer scrutiny by screeners.
Twenty years ago, the FAA was supporting research into the use of gerbils as sniffers to detect explosives. Bag-screening technology has come a long way since then. Computed tomography—CT scanning— takes multiple X-rays of a bag to produce a three-dimensional image of its contents. Quantum Magnetics has produced a scanner that uses magnetic resonance imaging to search for hard-to-find explosives, such as plastic explosive rolled into a sheet and sewn into the side of a briefcase. The problem with these machines is their cost. The biggest scanner by InVision Technologies can handle up to 800 bags per hour, but each unit costs $1.5 million. According to Charles Barclay, president of the American Association of Airport Executives, the latest explosive detection systems are in service at only 46 airports across the country.
Perhaps the most problematic of security challenges is the screening of passengers. The FAA and Northwest Airlines developed the Computer-Assisted Passenger Pre-Screening System, which profiles passengers based on information in an airline’s reservation system, such as if the ticket was puchased with cash or if the ticket is one-way. So far, though, CAPPS has been applied only to passengers who stop at an airline ticket counter, usually to check baggage, before proceeding through security.
There is also a need to ensure that the people who board airplanes are the same ones who bought the tickets and went through airport security checkpoints. One proposed security system would photograph all passengers with their checked luggage. Each photograph would be encrypted on the passenger’s ticket in the form of a bar code. When the ticket is scanned by an airline agent at the boarding gate, the agent’s computer monitor would display the photograph of the ticket-holder. If the two faces don’t match, the traveler would be denied boarding. The same technology could also be used to match passengers with their bags, so that any unmatched bags could be removed from an aircraft prior to takeoff. The technology exists, but implementation will depend on approval by the FAA.
Airline travelers are now required to present a government-issued photo identification at the airport. A new company, Synaptek, is offering a system to make better use of that ID check. With a hand-held reader or desktop terminal, airline or security personnel would scan or enter data from passenger identifications. By encrypted communication, the device would then check to see if an individual is on any of a number of law enforcement or watch list databases. If such a system had been in place on September 11, some of the hijackings might have been thwarted, as some of the hijackers were on watch lists.
Passengers now face long lines at airports, but the NATA is sponsoring a system that could speed things up. Individuals would be pre-screened thoroughly for inclusion in a database of secure, trustworthy travelers. Then, like motorists who can pay tolls electronically and drive through without stopping, these travelers could quickly pass through special airport checkpoints. They would show they’re in the database through a biometric check, such as iris recognition. James Coyne, NATA president, says, “Security screening is finding a needle in a haystack. This system lets you eliminate most of the hay, so you can look closely in the smaller pile that still has the needle.”
Until recently, aviation security planning was largely reactive. A spate of hijackers who wanted to go to Cuba led to metal detectors and X-ray machines. Pan Am 103 prompted research, mostly still unimplemented, into bomb-hardened containers and cargo holds.
This time there seems to be an effort to anticipate threats. Honeywell, for example, is working on tamper-detection monitors for aircraft wiring. “We need to plug all the holes,” says Honeywell spokesman Ron Crotty. “Shut one door and they’ll look for another one that’s open.”