This is the 22nd article in the award-winning “Real Words or Buzzwords?” series about how real words become empty words and stifle technology progress, also published on SecurityInfoWatch.com.
By Ray Bernard, PSP, CHS-III
Information technology is evolving at an ever-accelerating pace, and consequently the technical capabilities that are available for integrated security system design are continually advancing as well. If we don’t understand the important role of situational awareness, our system designs will be incomplete.
★ ★ ★ GET NOTIFIED! ★ ★ ★
SIGN UP to be notified by email the day a new Real Words or Buzzwords? article is posted!
Real Words or Buzzwords?
The Award-Winning Article Series
#1 Proof of the buzzword that killed tech advances in the security industry—but not other industries.
#2 Next Generation (NextGen): A sure way to tell hype from reality.
#3 Customer Centric: Why all security industry companies aren't customer centric.
#4 Best of Breed: What it should mean to companies and their customers.
#5 Open: An openness scale to rate platforms and systems
#6 Network-friendly: It's much more than network connectivity.
#7 Mobile first: Not what it sounds like.
#8 Enterprise Class (Part One): To qualify as Enterprise Class system today is world's beyond what it was yesterday.
#9 Enterprise Class (Part Two): Enterprise Class must be more than just a top-level label.
#10 Enterprise Class (Part Three): Enterprise Class must be 21st century technology.
#11 Intuitive: It’s about time that we had a real-world testable definition for “intuitive”.
#12 State of the Art: A perspective for right-setting our own thinking about technologies.
#13 True Cloud (Part One): Fully evaluating cloud product offerings.
#14 True Cloud (Part Two): Examining the characteristics of 'native-cloud' applications.
#15 True Cloud (Part Three): Due diligence in testing cloud systems.
#16 IP-based, IP-enabled, IP-capable, or IP-connectable?: A perspective for right-setting our own thinking about technologies.
#17 Five Nines: Many people equate high availability with good user experience, yet many more factors are critically important.
#18 Robust: Words like “robust” must be followed by design specifics to be meaningful.
#19 Serverless Computing – Part 1: Why "serverless computing" is critical for some cloud offerings.
#20 Serverless Computing – Part 2: Why full virtualization is the future of cloud computing.
#21 Situational Awareness – Part 1: What products provide situational awareness?
#22 Situational Awareness – Part 2: Why system designs are incomplete without situational awareness?
#23 Situational Awareness – Part 3: How mobile devices change the situational awareness landscape?
#24 Situational Awareness – Part 4: Why situational awareness is a must for security system maintenance and acceptable uptime.
#25 Situational Awareness – Part 5: We are now entering the era of smart buildings and facilities. We must design integrated security systems that are much smarter than those we have designed in the past.
#26 Situational Awareness – Part 6: Developing modern day situational awareness solutions requires moving beyond 20th century thinking.
#27 Situational Awareness – Part 7: Modern day incident response deserves the help that modern technology can provide but doesn’t yet. Filling this void is one of the great security industry opportunities of our time.
#28 Unicity: Security solutions providers can spur innovation by envisioning how the Unicity concept can extend and strengthen physical access into real-time presence management.
#29 The API Economy: Why The API Economy will have a significant impact on the physical security industry moving forward.
#31 The Built Environment: In the 21st century, “the built environment” means so much more than it did just two decades ago.
#32 Hyper-Converged Infrastructure: Hyper-Converged Infrastructure has been a hot phrase in IT for several years, but do its promises hold true for the physical security industry?
#33 Software-Defined: Cloud-computing technology, with its many software-defined elements, is bringing self-scaling real-time performance capabilities to physical security system technology.
#34 High-Performance: How the right use of "high-performance" can accelerate the adoption of truly high-performing emerging technologies.
#35 Erasure Coding: Why RAID drive arrays don’t work anymore for video storage, and why Erasure Coding does.
#36 Presence Control: Anyone responsible for access control management or smart building experience must understand and apply presence control.
#37 Internet+: The Internet has evolved into much more than the information superhighway it was originally conceived to be.
#38 Digital Twin: Though few in physical security are familiar with the concept, it holds enormous potential for the industry.
#39 Fog Computing: Though commonly misunderstood, the concept of fog computing has become critically important to physical security systems.
#40 Scale - Part 1: Although many security-industry thought leaders have advocated that we should be “learning from IT,” there is still insufficient emphasis on learning about IT practices, especially for large-scale deployments.
#41 Scale - Part 2: Why the industry has yet to fully grasp what the ‘Internet of Things’ means for scaling physical security devices and systems.
#42 Cyberspace - Part 1: Thought to be an outdated term by some, understanding ‘Cyberspace’ and how it differs from ‘Cyber’ is paramount for security practitioners.
#43 Cyber-Physical Systems - Part 1: We must understand what it means that electronic physical security systems are cyber-physical systems.
#44 Cyberspace - Part 2: Thought to be an outdated term by some, understanding ‘Cyberspace’ and how it differs from ‘Cyber’ is paramount for security practitioners.
#45 Artificial Intelligence, Machine Learning and Deep Learning: Examining the differences in these technologies and their respective benefits for the security industry.
#46 VDI – Virtual Desktop Infrastructure: At first glance, VDI doesn’t seem to have much application to a SOC deployment. But a closer look reveals why it is actually of critical importance.
#47 Hybrid Cloud: The definition of hybrid cloud has evolved, and it’s important to understand the implications for physical security system deployments.
#48 Legacy: How you define ‘legacy technology’ may determine whether you get to update or replace critical systems.
#49 H.264 - Part 1: Examining the terms involved in camera stream configuration settings and why they are important.
#50 H.264 - Part 2: A look at the different H.264 video frame types and how they relate to intended uses of video.
#51 H.264 - Part 3: Once seen as just a marketing term, ‘smart codecs’ have revolutionized video compression.
#52 Presence Technologies: The proliferation of IoT sensors and devices, plus the current impacts of the COVID-19 pandemic, have elevated the capabilities and the importance of presence technologies.
#53 Anonymization, Encryption and Governance: The exponential advance of information technologies requires an exponential advance in the application of data protection.
#54 Computer Vision: Why a good understanding of the computer vision concept is important for evaluating today’s security video analytics products.
#55 Exponential Technology Advancement: The next 10 years of security technology will bring more change than in the entire history of the industry to now.
#56 IoT and IoT Native: The next 10 years of security technology will bring more change than in the entire history of the industry to now.
#57 Cloud Native IoT: The next 10 years of security technology will bring more change than in the entire history of the industry to now.
#58 Bluetooth vs. Bluetooth LE: The next 10 years of security technology will bring more change than in the entire history of the industry to now.
More to come about every other week.
Even more importantly, situational awareness refers specifically to the human perception and understanding of what’s going on. How to deal with what needs to be done is outside the scope of SA. Thus, a “situational awareness platform” per se needs to have command, control, computing, communications and collaboration (C5) functionality added to it in order for security operations tasks and actions to be carried out. The military adds an “I” to include Intelligence (information collection, analysis and distribution), making the abbreviation C5I.
For this article, I’m replacing the military’s term “Intelligence” with “Situational Awareness”, and using the abbreviation C5SA to mean, “command, control, computing, communications, collaboration and situational awareness” – the full spectrum of capabilities. I’m intentionally avoiding references to PSIM, which is a product category, because this discussion focused on the capabilities and requirements needed to operationalize situational awareness once it’s established and maintained. That requires an integration of many products, one of which may or may not be a PSIM as we currently think of it.
Information technology is evolving at an ever-accelerating pace, and consequently the technical capabilities that are available for integrated security system design are continually advancing as well. If we don’t understand the important role of situational awareness, our system designs will be incomplete. We won’t include the system elements that support situational awareness at the strategic, operational, tactical and technical levels.
What Does Situational Mean?
In the 1980’s and 1990’s, “situation awareness” (not “situational”) was the term used in research. For purposes of this article, and even though some researchers would argue the point, we’ll consider both terms to mean the same thing, and the initialism SA to refer to both. The focus of that early research dealt with the challenges that a single individual faced in a complex and fast-moving situation, and how to improve the SA of the person in that situation. Often the situation was that of a complex system, such as an airport traffic control system or a nuclear reactor. The emphasis was on taking a complex set of data and turning them into a visual picture or information display that was quickly comprehensible by a human, and could be used to perceive any trends or patterns that meant preventive or corrective actions were needed.
Dr. Mica Endsley is founder and current president of SA Technologies (1997-2013, and 2015 to present), and a former Chief Scientist of the U.S. Air Force (2013-2015). In 1988, in an article titled, “Design and evaluation for situation awareness enhancement”, Endsley formally defined situation awareness as: “the perception of the elements in the environment within a volume of time and space, the comprehension of their meaning and the projection of their status in the near future.” This definition has stood the test of time, and is the basis for domain-specific SA models such as aircraft piloting, humans surgery, drilling rig operations, performance of aircraft maintenance, and many more.
Endsley breaks down situation awareness into three separate levels:
- Level 1—perception of the elements in the environment
- Level 2—comprehension of the current situation
- Level 3—projection of future status
In her 1995 article in the Human Factors journal titled, Toward a Theory of Situation Awareness in Dynamic Systems, Endsley provided a model of situation awareness that you can view here, which includes the development and utilization of the three levels of situation awareness. It is a good model to work from to ensure that all the situational awareness factors are accounted for and maximally utilized in any system deployment.
The diagram of situation awareness depicts a dynamic aspect of SA that isn’t included in the definition. It’s a cyclical flow that looks like this, with “Perception” referring to perception of the state of the environment, and awareness referring to situation awareness.
Perception => Awareness => Decision => Performance of Actions => Environment Changes => (go back to Perception)
Security situations aren’t a static picture. They unfold over some period of time, and part of the task of situational awareness is to stay updated on the changes and act accordingly. If the awareness of the situation is faulty or incomplete, wrong decisions can be made and the wrong actions can be taken, making the situation worse.
The two charts linked below illustrate the difference between partial and full situational awareness. Chart 1, the partial awareness chart, presents two scenarios likely to happen (given this situation) with the current capabilities of most security systems, depending upon the experience of the officer. Chart 2 presents how events could unfold with full situational awareness.
Chart 2 reflects a security system deployed with C5SA capabilities and valuable systems integrations, all of which require a system designed to take potential risk scenarios into account, provide situational awareness for them, and to give the responding officer an array of options to use in responding. The security system capabilities depicted are all achievable using today’s technologies.
Establishing C5SA capabilities – as appropriate per the nature of the facility – can be a factor in the cost of insurance, the organization’s ability to recruit good people, and employee morale, just to name a few of the positive impacts.
The night shift scenario used in both charts presents a simple situation. The next article will present a more complex situation where there are multiple individuals requiring shared situational awareness to coordinate actions and act effectively, according to an emergency response plan based upon the security system C5SA capabilities.
Having a good understanding of the role of situational awareness in security system design can open the door to valuable security system improvements using current technology. Improving SA doesn’t necessarily require a special SA platform. Improvements to the situational awareness capabilities of a security system act as value multipliers, as the total operational capabilities of the combined deployed technologies are enhanced to give significantly better results. That increases the ROI of the existing security technology investments.
Developing a security technology strategy and roadmap that accounts for situational awareness can do more than justify immediate improvements. It can also establish a basis for long term funding for a plan that embraces emerging technology trends for progressively improved security risk reduction.
Ray Bernard, PSP CHS-III, is the principal consultant for Ray Bernard Consulting Services (RBCS), a firm that provides security consulting services for public and private facilities (www.go-rbcs.com). He is the author of the Elsevier book Security Technology Convergence Insights available on Amazon. Mr. Bernard is a Subject Matter Expert Faculty of the Security Executive Council (SEC) and an active member of the ASIS International member councils for Physical Security and IT Security.