Safety - Security: Synergies & Tensions
Why the bringing together of Safety and Security?
Safety has been for long a major concern, especially with the advent of hazardous technologies and activities. Within sectors such as energy, chemical, transportation, water and health, safety is a core concept in both policy and management. Consequently, there are well established institutional/management strategies, collaborations and practices associated with safety. Maintaining the efficacy of these approaches are viewed as important for protecting hazardous technologies, as they are shaped based on previous incidents and include the dynamic yet fragile organizational web of safety defences (Macrae 2014).
Until the catastrophic attacks in New York on the 11th of September 2001, security threats were not considered to be of significant importance compared to other concerns traditionally considered in safety management (i.e. major accidents and disasters), thus they were a small part of the overall regulatory and management scope. Dedicated Authorities were in charge of safety with no similar counterpart dedicated to security. However, now 15 years later we have become familiar with facing the increasing likelihood of unpredictable attacks that may involve martyr operations. Partly because of this change in type of threat, the public feels a form of free-floating dread which is amplified by terrorist attacks (La Porte 2006). New public policy notions have been introduced and different management and/or organizational perspectives are established. Better preparation, emphasizing prevention in particular, has been called for by the public with new demands and accountabilities being developed (La Porte 2006). In the U.S., the Transportation Security Administration (TSA) now part of the Homeland Security Department was created following the creation and approval of the Aviation and Transportation Security Act in November 2001 (9/11 Commission report, 2004). Similar developments have been seen in European countries.
The increasing emphasis on security and associated security risk reduction measures leads to an obvious intersection between safety and security. Leaders and analysts have had to understand and include a new category of threats. New forms of cooperation and domains of operations have also developed, that were not key premises in existing strategies and practices prior to 9/11. In addition, doubt has been cast on the efficacy of a good deal of the existing approaches to protecting hazardous technologies (La Porte 2006). The interactions between safety and security have emerged as not all obvious, especially in normal situations. Subtle mutual influences do occur. As illustrated by Pettersen & Bjornskau (2015) safety and security practices may in some cases be conflicting with one another. Many organizations (industries, institutions) are hesitating whether they should be having two separate entities for managing safety and security or merging the two. Eventually, safety and security can no longer (if they ever did) ignore each other and their intersection need to be further analyzed to be better addressed.
Safety – Security: is the distinction so clear?
If the concepts of safety and security are not analogous, providing clear definitions of the concepts remains a challenge (Boholm et al., 2016). Not only is there a single word in many languages conversely to English, but also the many definitions from academics on the one hand, and the colloquial use of the terms on the other hand convey ambiguities (Boholm et al., 2016).
The definitions provided by academics mainly refer to two types of distinctions between safety and security: one related to the intentionality, safety focusing on non-intentional or accidental risks as opposed to security that focuses on malicious ones. The other one builds on the differences of origins - consequences, safety being the ability of the system not to harm the environment whereas security is the ability of the environment not to harm the system (Boholm et al., 2016; Piètre-Cambacédès & Bouissou, 2013). Yet, further refinements are proposed by some authors combining these two axes of distinction between safety and security, especially to account for differences in the use of terms in different domains and to enrich the system – environment axis by considering the ability of a system not to harm itself (Piètre-Cambacédès, Chaudet, 2010).
The theoretical difference between safety and security are operationally valid in airport organizations (Bongiovanni 2016). In daily operations, security screeners and safety personnel operate in completely different ways. And the dichotomy is further strengthened by other systemic factors, such as the nature of some contracts in place at airports (Bongiovanni 2016).
Despite efforts at refining the distinction between safety and security both theoretically and operationally, is the point really to distinguish the two or to best manage the overall risks whether they are safety or security ones? (Young and Leveson, 2014). Eventually, safety and security risks have different origins but similar ultimate consequences. However, it seems that their respective perceptions differ and at all levels they are managed through different responses. Responses that are not coordinated, despite the possibly conflicting stakes. Where are we so far?
As previously stated, many organizations (industries, institutions) are hesitating whether they should be having two separate entities to manage safety and security or merging the two. Security is being added to the scope of some safety authorities (for example in aviation with EASA and the French Civil Aviation Authority), but with very limited inputs from research as to how to deal conceptually and in practice with this extended scope.
So far, most research and literature on the relationship between safety and security has focused on engineering aspects like design and risk analysis methods (Piètre-Cambacédès & Bouissou, 2013), as well as some work on conceptual issues (Boholm 2016). But despite of the number of years safety and security have coexisted as approaches, there seems to be limited research on how safety and security are managed in practice at all levels. Importantly, a few field studies confirm a tension between safety and security when it comes to daily activities (Pettersen & Bjornskau, 2015; Bongiovanni, 2016) and thus a need to further investigate the interactions between the two aspects within hazardous technologies and activities.
The objective of the workshop is to provide insights on interactions between safety & security and their management and come up with theoretical and practical outputs to address safety and security as connected stakes.
The interactions between safety & security and their management should be looked at:
- from different angles and disciplines
- at different levels, from governance to operational practices
- from both an empirical and/or theoretical viewpoint
Eventually, the workshop should address the following questions:
- What are the synergies between safety and security?
- What are the tensions?
- Are these tensions constructive?
- How to move forward?
Boholm et al., (2016), The concepts of Risk, Safety, and Security: Applications in Everyday Language, Risk Analysis, Vol. 36, No. 2.
Bongiovanni, I. (2016). Assessing vulnerability to safety and security disruptions in Australian airports (Doctoral dissertation, Queensland University of Technology).
Kean, T. et al., (2004), The 9/11 Commission report, https://www.9-11commission.gov/report/.
LaPorte, T.R., 2006a. Challenges of assuring high reliability when facing suicide terrorism. In: Auerswald, P., Branscomb, L., LaPorte, T., Michel-Kerjan, E.O.(Eds.), Seeds of Disasters. Cambridge University Press, New York.
Macrae, C. (2014). Close calls: managing risk and resilience in airline flight safety. Springer.
Pettersen, K. A., Bjornskau, T., (2015), Organizational contradictions between safety and security – Perceived challenges and ways of integrating critical infrastructure protection in civil aviation, Safety Science 71 p.167-177, Elsevier.
Piètre-Cambacédès, L., Bouissou, M. (2013), Cross-fertilization between safety and security engineering, Reliability Engineering and System Safety 110, p. 110-126, Elsevier.
Piètre-Cambacédès, L., Chaudet, C. (2010), The SEMA referential framework: Avoiding ambiguities in the terms “security” and “safety”, International journal of critical infrastructure protection 3, P. 55-66, Elsevier.
Young, W., Leveson, N., (2014), An Integrated Approach to Safety and Security Based on Systems Theory, Communications of the ACM, Vol. 57, No 2.
- Corinne Bieder, ENAC
- Kenneth Arne Pettersen, University of Stavanger
Image credit: Don O’Brian