Modeling Terrorism Risk to the Air Transportation System

An Independent Assessment of TSA's Risk Management Analysis Tool and Associated Methods

by Andrew R. Morral, Carter C. Price, David S. Ortiz, Bradley Wilson, Tom LaTourrette, Blake W. Mobley, Shawn McKay, Henry H. Willis

Download

Download eBook for Free

Full Document

FormatFile SizeNotes
PDF file 0.6 MB

Use Adobe Acrobat Reader version 7.0 or higher for the best experience.

Summary Only

FormatFile SizeNotes
PDF file 0.1 MB

Use Adobe Acrobat Reader version 7.0 or higher for the best experience.

Purchase

Purchase Print Copy

 FormatList Price Price
Add to Cart Paperback168 pages $24.95 $19.96 20% Web Discount

Research Questions

  1. Does the Risk Management Analysis Tool (RMAT) provide results that are valid for the Transportation Security Administration (TSA) risk-assessment needs?
  2. Are the adversary behavior and air transportation system conceptual models incorporated in the model valid?
  3. Are the data used as inputs to the model valid and collected reliably?
  4. Does the RMAT code, as implemented, perform in the way it was designed to?
  5. Can risk estimates from RMAT be used in the ways TSA intends?
  6. How should TSA conceptualize the cost-benefits of counterterrorism programs?

Abstract

RAND evaluated a terrorism risk modeling tool developed by the Transportation Security Administration and Boeing to help guide program planning for aviation security. This tool — the Risk Management Analysis Tool, or RMAT — is used by TSA to estimate the terrorism risk-reduction benefits attributable to new and existing security programs, technologies, and procedures. RMAT simulates terrorist behavior and success in attacking vulnerabilities in the domestic commercial air transportation system, drawing on estimates of terrorist resources, capabilities, preferences, decision processes, intelligence collection, and operational planning. It describes how the layers of security protecting the air transportation system are likely to perform when confronted by more than 60 types of attacks, drawing on detailed blast and other physical modeling to understand the damage produced by different weapons and attacks, and calculating expected loss of life and the direct and indirect economic consequences of that damage. This report describes RAND's conclusions about the validity of RMAT for TSA's intended uses and its recommendations for how TSA should perform cost-benefit analyses of its security programs.

Key Findings

Risk Management Analysis Tool (RMAT) Appears to Capture the Key Features Relevant to Security at Most Airports

  • With good information about an adversary's capabilities and intentions, the RMAT defender model can provide credible and useful estimates of the likelihood of detecting and interdicting an adversary.
  • RMAT has proven to be of great value to the Transportation Security Administration (TSA) in driving a more sophisticated understanding of terrorism risks to the air transportation system.

The RMAT Model Has Some Gaps

  • Even if the conceptual models on which RMAT is built were sound and comprehensive, the input data requirements exceed what subject matter experts or science can estimate with precision, and the imprecision of those estimates is subject to unknown sources and ranges of error.
  • RMAT may not be well suited for the kinds of exploratory analysis required for high-stakes decision support, because of its reliance on a large number of uncertain parameters and conceptual models.

Recommendations

  • The range of threats, vulnerabilities, attack pathways, and consequence estimate components should be broadened if RMAT is to correctly describe terrorism risk to the U.S. commercial aviation system.
  • TSA should not treat RMAT results as credible estimates of terrorism risk to the aviation system but can use those results to better understand the components of terrorism risk and to explore possible influences of system changes on that risk.
  • TSA should make RMAT a component of a new exploratory and multiresolution modeling approach for supporting resource allocation and high-level policy questions.

Table of Contents

  • Chapter One

    Introduction

  • Chapter Two

    RMAT Adversary Model

  • Chapter Three

    RMAT Defender Model

  • Chapter Four

    RMAT Data Requirements and Sources

  • Chapter Five

    RMAT Model Performance and Management

  • Chapter Six

    Supporting TSA Management and Investment Decisions with RMAT

  • Chapter Seven

    Conclusions

  • Appendix

    Requirements for a TSA Risk Assessment

The research described in this report was prepared for the Transportation Security Administration and conducted within the RAND National Defense Research Institute, a federally funded research and development center sponsored by the Office of the Secretary of Defense, the Joint Staff, the Unified Combatant Commands, the Navy, the Marine Corps, the defense agencies, and the defense Intelligence Community.

This report is part of the RAND Corporation monograph series. RAND monographs present major research findings that address the challenges facing the public and private sectors. All RAND monographs undergo rigorous peer review to ensure high standards for research quality and objectivity.

Permission is given to duplicate this electronic document for personal use only, as long as it is unaltered and complete. Copies may not be duplicated for commercial purposes. Unauthorized posting of RAND PDFs to a non-RAND Web site is prohibited. RAND PDFs are protected under copyright law. For information on reprint and linking permissions, please visit the RAND Permissions page.

The RAND Corporation is a nonprofit institution that helps improve policy and decisionmaking through research and analysis. RAND's publications do not necessarily reflect the opinions of its research clients and sponsors.