HIGH FLYERS THINK TANK

Safeguarding Australia

4 April 2003

Focus Group B. Communications and information technology

Chair: Dr Simon Hawkins
Raconteur: Dr Christine O'Keefe

Terrorism raises global issues which require global collaboration amongst scientists from many disciplines. The first task is to develop a shared understanding of the issues.

Then there is a need to balance prevention, detection, response and recovery strategies with quality of life.

Where the strategies require community involvement, there needs to be a communication plan for disseminating the appropriate information. A trusted information source should be established and the dissemination of disinformation, for example by broadcast or by a website impersonating a government site, should be prevented.

Prevention, detection, response and recovery should be considered dynamically; what is learnt in each phase should inform all the others. Sense and response should occur simultaneously in all phases, as in the following diagram.

Research topics

Prevention

Create and maintain an inventory of the critical systems and infrastructure which need protection.

Accurately model a wide range of credible threat scenarios and unusual or anomalous event scenarios using computer simulation. Use the models to develop a range of possible responses and solutions to these threats; and prevention strategies.

Detection

Use the critical systems inventory and the models of threat scenarios and anomalous event scenarios to develop early-warning signs and detection techniques.

Gather evidence and use non-specific anomalous event detectors to indicate the occurrence of a particular scenario.

Link data in real time from disparate, cross-domain, national sources, leaving data in raw format to avoid imposing preconceptions.

Develop analytic methods which look for unusual events, and related instances of such events.

Look at trends at differing levels of abstraction.

Develop tools for feeding information to levels where the information is further processed or used.

Persuade institutions to liberate their datasets for security purposes.

Develop trusted and assured mechanisms to control access and audit facilities that will support legislation on the use of government and private information. Otherwise, as experts in the US have highlighted, these amalgamated information systems in themselves pose a significant threat to our citizens' quality of life.

Develop these tools and techniques within a legislative and policy framework and sensitive to privacy and cultural differences.

Use a trusted agency, individual or team to conduct the analysis.

Develop systems that support the building of composite models, that is, dynamically combine inputs and outputs from models in diverse domains such as road transport patterns and migration of a particular bird species, or bushfire models with critical infrastructure models.

Develop techniques which rely less on message content and more on context – inferences made from surveillance and reconnaissance data. New technology such as quantum cryptography may make cipher cracking infeasible. There is also a desperate shortage of translators in relevant languages and dialects.

Response

Using the critical systems inventory and the models of scenarios, develop an automated response tool comprising flexible cross-domain components which would be combined in response to a particular situation. Response coordinated from local to national level would make use of all levels of information, especially local knowledge.

Use the national information resource to monitor the response and adapt as necessary.

Integrate research from the social sciences to minimise inappropriate community responses.

Recovery

Use the critical systems inventory and the models of scenarios to develop recovery plans.

Study the vulnerabilities of critical systems and infrastructure. The increased interdependence of systems can introduce single points of failure.

Study the characteristics of efficient and robust systems which can survive attack or failure and include them in the design of critical systems and infrastructure.

Encourage the adoption of survivable systems by the use of standards and incentives. Study the impact of survivability on the triple bottom line for businesses and governments.