Why and how unpredictability is implemented in aviation security – A first qualitative study

Abstract

In the past, aviation security regulations have mostly been reactive, responding to terrorist attacks by adding more stringent measures. In combination with the standardization of security control processes, this has resulted in a more predictable system that makes it easier to plan and execute acts of unlawful interference. The implementation of unpredictability, that is, variation of security controls, as a proactive approach could be beneficial for addressing risks coming from outside (terrorist attacks) and inside the system (insider threats). By conducting semi-structured interviews with security experts, this study explored why and how unpredictability is applied at airports. Results show that European airport stakeholders apply unpredictability measures for many reasons: To complement the security system, defeat the opponent, and improve human factor aspects of the security system. Unpredictability is applied at various locations, by different controlling authorities, to different target groups and application forms; nevertheless, the deployment is not evaluated systematically. Results also show how the variation of security controls can contribute to mitigating insider threats, for example, by reducing insider knowledge. Future research should focus on the evaluation of the deterrent effect of unpredictability to further give suggestions on how unpredictable measures should be realized to proactively address upcoming risks.