Deliverable D2.1 State-of-the-Art Analysis
Grant agreement number: 740872 Due date of Deliverable: 31/10/2017 Start date of the project: 1 May 2017 Actual submission date: 27/10/2017 Duration: 24 months Deliverable approved by the CO: ☒
Lead Beneficiary: Friedrich Steinhäusler, ISCC Contributing Beneficiaries: Matts Ahlsén, CNet Hanna Burkow, THW Georgios Eftychidis, KEMEA Stanley Greenstein, SU George Kowalczyk, PHE Rod McCall / Ulrich Leopold, LIST Stefanie Müller, DIN
Abstract Crisis managers, working in a fast-paced and mobile environment, need timely access to the latest information and intelligence and decision support tools to filter the most important information information. A key element in successful crisis management (CM) is comprehensive Situational Awareness (SA) among all stakeholders involved. This report identifies the user needs and requirements of the future EU Multi- Stakeholder Situational Awareness System (MSSAS), based on dedicated international research results and survey-based data on SA systems used by EU crisis managers. The state-of-the-art research revealed a multiplicity of ready-to-use, mostly commercial-off-the-shelve (COTS), tools providing SA. These tools fall into the following categories: Satellite- and Airborne Remote Sensing Systems, Unmanned Ground Vehicles, Unmanned Aerial Vehicles, Special Cameras, Special Detectors, Traffic Management and Decision Support Systems. In addition to these COTS tools, the report identifies EU FP7 projects on the development of advanced SA solutions supported by the European Commission with over € 100 million. This state-of-the-art analysis addresses also different models with regard to SA pertinent ICT architecture and technologies. An overview is provided for existing standards and ongoing standardisation activities, identifying the most important such standards. Furthermore, existing procurement processes and legal requirements are identified. It is recommended that crisis management in EU Member States consider embarking on testing and eventually introducing some of the already existing tools in their routine operations in order to optimize their response to natural and man-made disasters.
Deliverable D2.1 – State-of-the Art Analysis
Dissemination Level PU Public x PP Restricted to other programme participants (including the Commission Services) RE Restricted to a group specified by the consortium (including the Commission Services) CO Confidential, only for members of the consortium (including the Commission Services)
History of changes Author Date Changes Release Friedrich Steinhäusler 29/09/2017 First draft 0.1 Friedrich Steinhäusler 04/10/2017 Second draft 0.2 Matts Ahlsen 10/10/2017 Third draft 0.3 George Kowalczyk 10/10/2017 Fourth draft 0.4 Hanna Burkow 13/10/2017 Fifth draft 0.5 Georgios Eftychidis 13/10/2017 Sixth draft 0.6 Stanley Greenstein/ 16/10/2017 Seventh draft 0.7 Stefanie Müller Friedrich Steinhäusler 16/10/2017 Eights draft 0.8 Lyudmila Zaitseva 17/10/2017 Ninth draft 0.9 Rod McCall / Ulrich 20/10/2017 Tenth draft 1.0 Leopold Friedrich Steinhäusler 26/10/2017 Eleventh draft 2.0
©SAYSO Consortium 2 Public
Deliverable D2.1 – State-of-the-Art Analysis
Executive Summary
During an emergency, crisis managers need most of all reliable information. However, when decision makers are under pressure, they can only process a small amount of information, i.e., they can be impeded in the decision making process by information overload. Crisis managers need decision support tools to filter information, ensuring a limited amount of the most important information is available to them. In addition, crisis managers work in a fast-paced and mobile environment. Therefore, they need timely access to the latest information and intelligence. In view of the importance of identifying the components of the future EU Multi-Stakeholder Standardized Situational Awareness System (MSSAS) needed by the crisis manager, specific EU- and US research results on user needs and requirements, together with results from the SAYSO questionnaire-based survey, were accounted for. Situational awareness (SA) systems currently used by EU practitioners and crisis manages were evaluated in the first SAYSO questionnaire-based survey, carried out by THW (Germany) in the summer 2017. Responses were received from police, technical relief, firefighters, paramedics, and some other organisations in the context of civil protection as regional/local administration or military aid to civil authorities.The results showed that some SA tools are in use among the different civil protection organisations – but they also showed that there are rarely holistic IT-solutions, integrating different aspects and needs while connecting different stakeholders and needs in the field of civil protection. This report provides an inventory of already existing SA tools and technologies, developed in EU Member States and outside the EU. These tools, mostly commercial off-the-shelf (COTS) products, were selected as being representative in the following categories: satellite- and airborne remote sensing systems; unmanned aerial vehicles; unmanned ground vehicles; special cameras; special detectors; traffic management tools; decision support systems. These state-of-the-art SA systems can provide a wealth of information for the crisis manager, such as: • Timely and accurate geospatial information derived from remote-sensing platforms, including satellites, aircrafts, smart balloons, or special drones; maps in the format of reference map, delineation map, grading map, map of evacuation routes, map of areas showing an area before and after the disaster; • Unmanned Ground Vehicles (UGV), throwable through windows or down stairways; capable of explosive detection, explosive ordnance disposal (EOD) and bomb disposal; chemical, biological, radiological and nuclear (CBRN) and hazardous material (HazMat) detection, and route/building clearance; • Unmanned Aerial Vehicles (UAV) providing live multicast video with day- and night sensors; equipped with detectors for toxic gas, nuclear radiation, biological agents, and chemical agents and using aerial imagery integrated with photogrammetry software to create real- time, ortho-rectified maps and 3D models of relief and structures; • Special cameras monitoring remote areas via mobile, WiFi and satellite networks; body-worn camera capable of capturing a 360° view of a scene; a remotely controlled camera-ball, taking photos in dark, hard-to-reach, or dangerous spaces; • Special detectors providing real-time georeferenced data for gamma radiation, VOCs, combustibles, toxics and oxygen, and nuclide analysis with an integrated GPS receiver allowing local assignment of the acquired data; modules for monitoring vital signs of persons
©SAYSO Consortium 3 Public
Deliverable D2.1 – State-of-the-Art Analysis
and forwarding them from the ambulance to the hospital prior to the patient’s arrival; motion tracking first responders to a command unit indoors, outdoors, below ground and under water, administering 3D location; • Simulating traffic situations using aerial images, inductive loops in order to optimize routing, planning evacuation routes; managing a fleet of vehicles with a live streaming feed of what’s happening, when it’s happening, from anywhere with a network connection; • Supporting decison making by visualizing location, speed and direction of personnel and vehicles in the field; off-line access to information from map portfolio, data layers, teammates locations, files and data from sensors; standoff data for hazardous material spills and reference information, guidelines, and critical contacts for IED; interactive visual communication between field personnel and command center staff, even in the event of terrestrial communications failure; tactical incident information for incidents, such as vegetation fires, floods, search & rescue missions, special events, earthquakes and security incidents; geospatial viewer with display of available data from multiple CM partners and other stakeholders; bi-directional informational flow, i.e., citizens, dispatchers, responders, and emergency personnel sharing information on one channel. In addition, several EU FP7 projects dealing with SA for emergency responders with a total amount of more than €100 million were identified in a preliminary survey. The results obtained in these R&D projects reflect a wide range of solutions with regard to the Technical Readiness Level (TRL). These technologies are not used routinely by CM in EU Member States yet, since they require further development and field tests to a varying degree before they will be commercialised. This topic area, together with a detailed analysis of related FP7 and Horizon 2020 projects, will be addressed in SAYSO Deliverable 3.4 - Roadmap for Further Advanced MSSAS Optimization. This report also addresses the architecture development concerning the MSSAS in SAYSO. It will build on state-of-the-art ICT system architectures and reference architectures. By looking at a number of architecture models and frameworks (IoT-A reference architecture, IoT-A domain model, Information model, Entity model, Resource model, Service description model, Event processing model, Functional model), the concept of architecture and reference has been exemplified. The following existing standards and related ongoing activities have been identified as pertinent for the SAYSO project: TC391 of CEN/CENELEC – CBRNe guidance; M/530 of CEN/CENELEC, addressing privacy and personal data protection management; CWA 15931-1 Disaster and emergency management - Shared situation awareness - Part 1: message structure; CWA 15931-2 Disaster and emergency management - Shared situation awareness - Part 2: codes for the message structure; DIN SPEC 91287 Data interchange between information systems in civil hazard prevention; ISO/TR 22351 Societal security - Emergency management - Message structure for exchange of information ; ITU-T X.1303 - Alert, Circuit networks, Communication networks, etc.; ISO 31000 on risk management, including ISO 31000:2009 – Principles and Guidelines on Implementation, ISO/IEC 31010:2009 – Risk Management – Risk Assessment Techniques, and ISO Guide 73:2009 – Risk Management – Vocabulary; ISO 22300 family of Business Continuity; ISO 11064 on Control Centers (including seven parts). Furthermore, the inventory of existing procurement process has been visited in this report. Three types were identified as pertinent to SAYSO, i.e., (a) Pre-Commercial Procurement, referring to the procurement of R&D services as defined in the EC's PCP communication and staff working document; (b) Public Procurement of Innovative solutions, when contracting authorities, possibly in cooperation
©SAYSO Consortium 4 Public
Deliverable D2.1 – State-of-the-Art Analysis
with additional private buyers, act as lead customer; (c) Pre-operational validation providing a support framework for National Authorities to elaborate joint specifications and validation. Finally, legal requirements were taken into account. Considering the legal implications, especially considering the technical devices and their applications, the legal perspective requires an application of data protection, privacy protection and ethical considerations. In order to study the effects of new technologies, systems and devices, with the aim of protecting society from any unwarranted side effects, it is recommended that a wider approach should be taken. In this regard, the notions of privacy, data protection and ethics should be viewed as overlapping yet complementary concepts that, being applied together, will have the desired effect of allowing for the effective regulation of technology with the aim of protecting individuals and the society made up of these individuals. In conclusion, EU crisis managers can acquire access to many ready-to-use COTS tools, which assist them in obtaining enhanced SA. However, it is noted that the use of these technologies in emergency situations will not apriory improve SA, because they primarily improve access to information, some of the information with limited usefulness in the particular circumstances. Therefore, stakeholders have to identify, in advance, what information will be most helpful and ensure how to access only what is needed in order to avoid information overflow. It is recommended that EU crisis managers review their current operational processes to take advantage of state-of-the-art SA technologies in order to optimize the delivery on their public safety mission in the future.
©SAYSO Consortium 5 Public
Deliverable D2.1 – State-of-the-Art Analysis
Table of content
Executive Summary ...... 3 1 Introduction ...... 1 2 User Needs and Requirements ...... 3 3 SA Systems Used by EU Practioners and Crisis Managers ...... 7 4 Inventory of Existing Tools ...... 11 4.1 Satellite- and Airborne Remote Sensing Systems ...... 11 4.1.1 COPERNICUS EMS ...... 12 4.1.2 DigitalGlobe series of products ...... 12 4.1.3 ZKI-DE ...... 12 4.1.4 TIBER Owl ...... 13 4.1.5 Altametry ALTA SmartBalloon ...... 13 4.2 Unmanned Aerial Vehicles ...... 14 4.2.1 Aerialtronics Altura Zenith ...... 15 4.2.2 AIRBUS Copter 4 ...... 16 4.2.3 DJI Phantom Series ...... 16 4.2.4 Advanced Aircraft Company Hercules ...... 17 4.2.5 Vercial Technologies DeltaQuadPro ...... 18 4.2.6 Yamaha FAZER R G2 ...... 18 4.2.7 Qube ...... 19 4.2.8 Aeryon SkyRanger...... 19 4.2.9 UAV Factory Penguin C ...... 20 4.3 Unmanned Ground Vehicles ...... 21 4.3.1 iRobot 110 FirstLook ...... 21 4.3.2 AREVA RIANA ...... 23 4.3.3 Bluebotics Absolem ...... 23 4.3.4 CHIBA Institute of Technology QUINCE ...... 24 4.4 Special Cameras ...... 24 4.4.1 BodyWorn Smart Scene 360 ...... 25 4.4.2 MAVEO Portable ...... 25 4.4.3 PANONO 360 Camera Ball ...... 26 4.4.4 Google Glass ...... 26
©SAYSO Consortium 6 Public
Deliverable D2.1 – State-of-the-Art Analysis
4.4.5 ODG R7HL ...... 26 4.4.6 HMT1 ...... 26 4.5 Special Detectors ...... 27 4.5.1 EVIRONICS EnviScreen Operix ...... 27 4.5.2 SARAD NucScout ...... 27 4.5.3 RAE Systems AreaRAE Pro ...... 28 4.5.4 Canberra UltraRadiac ...... 28 4.5.5 Airbus SONEX-P ...... 29 4.5.6 908 Devices M908TM ...... 30 4.5.7 Vimpex CompactPRO ...... 30 4.5.8 Environmental Instruments Canada Inc. GammaGuard ...... 31 4.5.9 Laurus Systems Mini Rad-DX ...... 31 4.5.10 Smiths Detection's LCD 3.3 ...... 32 4.5.11 SOTERA Wireless Inc. ViSi Mobile System ...... 33 4.5.12 CommandWear Systems Inc. CommandWear ...... 33 4.5.13 US DHS POINTER ...... 34 4.5.14 iTrack First Responder Tracking System ...... 35 4.6 Traffic Management Tools ...... 35 4.6.1 EmerT...... 35 4.6.2 SUMO...... 35 4.6.3 L3 Mobile-Vision PatrolScout ...... 36 4.7 Decision Support Systems ...... 36 4.7.1 GINA System Solutions GINA ...... 37 4.7.2 ORNL – Incident Management Preparedness and Coordination Toolkit (IMPACT) ...... 38 4.7.3 Applied Research Associates, Inc. – FiRST ...... 39 4.7.4 AnsuR RAIDO ...... 39 4.7.5 Drakontas DragonForce ...... 39 4.7.6 Eurocommand GeoFES ...... 40 4.7.7 Eurocommand CommandX...... 41 4.7.8 US DHS NICS-SCOUT ...... 41 4.7.9 E Team ...... 42 4.7.10 Situational Awareness Systems COP ...... 43 4.7.11 Live Earth ...... 43 4.7.12 Intrepid Networks STING Suite ...... 44
©SAYSO Consortium 7 Public
Deliverable D2.1 – State-of-the-Art Analysis
4.7.13 ESRI ArcGIS for Emergency Management ...... 44 4.7.14 Situational Awareness Viewer for Emergency Response & recovery (SAVER) ...... 45 4.7.15 VERINT Situational Awareness Platform ...... 46 4.7.16 Buffalo Computer Graphics DisasterLAN ...... 46 4.7.17 SIS EmerGeo Solutions, Inc. EmerGeo Fusionpoint ...... 47 4.7.18 Airbox Systems – MOSAIC ...... 47 4.7.19 Genesis PULSE ...... 48 4.7.20 PRIORITY 5 Touch Assisted Command and Control System (TACCS™) ...... 49 4.7.21 Emergency Services Interactive Systems Dragonfly ...... 50 4.7.22 IES JIXEL ...... 50 4.7.23 ENVISION ...... 50 4.7.24 FREQUENTIS 3020 LifeX ...... 51 4.7.25 JESIP APP ...... 51 4.7.26 UK OS ResilienceDirect ...... 51 4.7.27 Vigilant Platforms Situational Awareness System ...... 51 4.7.28 RIB ...... 52 4.7.29 WIS ...... 52 4.7.30 BREEZE Modelling Software ...... 53 4.7.31 HotSpot ...... 53 4.7.32 HSS GeoHEALTH ...... 54 4.7.33 HSS emPOWER ...... 54 5 EU Supported R&D Projects Addressing SA ...... 55 6 ICT Architecture and Technologies ...... 56 6.1 ICT architecture for MSSAS ...... 56 6.1.1 Motivation ...... 56 6.1.2 Architectural Qualities ...... 56 6.2 Architecture models ...... 57 6.2.1 Reference architectures ...... 57 6.2.2 ISO/IEC/IEEE 42010 “System and software engineering – Architecture description” ...... 57 6.2.3 IoT-A reference architecture ...... 59 6.2.4 The Reference Architectural Model Industrie 4.0 (RAMI 4.0) ...... 66 6.2.5 xChangeCore ...... 68 6.3 New wireless network infrastructure ...... 68 6.3.1 Galileo ...... 69
©SAYSO Consortium 8 Public
Deliverable D2.1 – State-of-the-Art Analysis
6.3.2 NB-IoT ...... 69 6.3.3 Sigfox and LoRa...... 70 6.4 Data formats, information models and ontologies ...... 70 6.4.1 EDXL message suite (OASIS) ...... 70 6.4.2 Tactical Situation Object (TSO) standard ...... 71 6.4.3 OGC ...... 72 6.4.4 MIP ...... 73 7 Human Factors ...... 74 7.1 Methods of Designing Awareness Systems: Contextual Inquiry (CI) ...... 74 7.1.1 Analysis of Interviews and Observations ...... 74 7.1.2 Storyboarding, Prototyping and Revision ...... 75 7.1.3 Summary of Experiences ...... 75 7.2 Assessment Approaches: During and After ...... 75 7.2.1 Who Speaks to Whom ...... 75 7.2.2 Who Sees What ...... 76 7.2.3 Stress Measures...... 76 8 Existing Standards and Ongoing Standardisation Activities ...... 77 8.1 Overview of Security Standardisation Landscape ...... 77 8.2 Analysis of Relevant Standards ...... 78 9 Inventory of Existing Procurement Processes ...... 82 9.1 Pre-Commercial Procurement (PCP) ...... 82 9.2 Public Procurement of Innovative solutions (PPI) ...... 83 9.3 Pre-operational validation (POV) ...... 83 10 Legal Requirements ...... 84 11 Conclusions ...... 89 12 Recommendations ...... 92 APPENDIX 1 ...... 93 APPENDIX 2 ...... 103
©SAYSO Consortium 9 Public
Deliverable D2.1 – State-of-the-Art Analysis
Tables
Table 1: SA systems used by EU stakeholders identified in SAYSO questionnaire-based survey ...... 10 Table 2: Overview of EU FP7 projects addressing R&D on situational awareness ...... 55 Table 3: List of SAYSO related categories and keywords ...... 79
Figures
Figure 1: JESIP M\ETHANE mnemonic of the UK Joint Emergency Services Interoperability Programme ...... 2 Figure 2: Incident information management functions ...... 6 Figure 3: ALTA Smart Balloon ...... 14 Figure 4: Altura Zenith...... 16 Figure 5: Phantom-3 ...... 17 Figure 6: Hercules ...... 17 Figure 7: DeltaQuadPro ...... 18 Figure 8: FAZER R G2 ...... 18 Figure 9: SkyRanger ...... 19 Figure 10: Penguin C ...... 20 Figure 11: IRobot 110 FirstLook...... 22 Figure 12: RIANA ...... 23 Figure 13: Absolem ...... 24 Figure 14: AreaRAE Pro ...... 28 Figure 15: UltraRadiac™-Plus Personal Radiation Monitor ...... 29 Figure 16: SONEX-P ...... 29 Figure 17: M908TM handheld high-pressure mass spectrometer ...... 30 Figure 18: CompactPRO thermal imaging camera ...... 30 Figure 19: GammaGuard ...... 31 Figure 20: Mini Rad-DX ...... 32 Figure 21: LCD 3.3 ...... 33 Figure 22: CommandWear wearables and tablet ...... 34 Figure 23: PatrolScout real-time SA applicatin ...... 36 Figure 24: GINA Intervention Tablet...... 38 Figure 25: DragonForce Command Center application ...... 40 Figure 26: Ad hoc identification of endangered areas ...... 41 Figure 27: Live Earth real-time mapping platform ...... 44 Figure 28: Situational Awareness Viewer application ...... 45 Figure 29: MOSAIC shared situational awareness applications ...... 48 Figure 30: A reference architecture provides the instruments and guidelines for domain specific architectures from which specific system designs are derived (from IoT ARM, Bassi et al) ...... 57 Figure 31: ISO/IEC/IEEE 42010 Architecture Description Conceptual Model ...... 58 Figure 32 : Sub-models of the IoT Reference Model (From Bassi et al., 2013) ...... 60 Figure 33: UML version of the IoT-A Domain Model ...... 61 Figure 34: Example modelling using the Domain Model...... 62 Figure 35: Information model entities ...... 62
©SAYSO Consortium 10 Public
Deliverable D2.1 – State-of-the-Art Analysis
Figure 36: Example instantiation of the Information Model ...... 63 Figure 37: Functional Model ...... 64 Figure 38: Function Groups ...... 65 Figure 39: The three dimensions of the RAMI 4.0. (Status Report Reference Architecture Model Industrie 4.0 (RAMI4.0), 2015)...... 66 Figure 40: The IT Layers of RAMI 4.0...... 67 Figure 41: eCall is an infrastructure and service which will bring rapid assistance to vehicle traffic incidents anywhere in the European Union...... 69 Figure 42: EDXL Sit Rep message instance, to convey the location of an incident object ...... 71 Figure 43: Layers in the IMIS IoT Pilot architecture from the OGC ...... 73
©SAYSO Consortium 11 Public
Deliverable D2.1 – State-of-the-Art Analysis
Acronyms
Abbreviation / Description acronym AC Alternating Current AES Advanced Encryption Standard AFF Automated Aircraft Flight Following AGL Above Ground Level AVL Automatic Vehicle Location C2 Command and Control C4I Command, Control, Communications, Computers, and Intelligence CAD Computer-Aided Dispatch CBRNe Chemical, biological, radiological, nuclear and explosive CI/KR Critical Infrastructure or Key Resources CI Contextual Inquiry CIMS Crisis Information Management System CM Crisis Management CP Contingency Planning COP Common Operational Picture COTS Commercial-Off-The-Shelf DCD Dubai Civil Defence DCF Dose Conversion Factor DHS US Department of Homeland Security DP Dispatch Manager DSS Decision Support Systems EC European Commission EENA European Emergency Number Association EMaS Emergency Management Service EMS Emergency Medical Services EOC Emergency Operations Centre ESRI Environmental Systems Research Institute EOD Explosive Ordnance Disposal EU European Union
©SAYSO Consortium 12 Public
Deliverable D2.1 – State-of-the-Art Analysis
EDXL Emergency Data Exchange Language FAA Federal Aviation Administration FEMA US Federal Emergency Management Agency FP7 7th Framework Programme GCS Ground Control Station GIS Geographic Information System GLONASS Global Navigation Satellite System GPS Global Positioning System H2020 Horizon 2020 HazMat Hazardous Material HCF Healthcare Facility Dashboard HD High Definition HICS US Hospital Incident Command System HMI Human-Machine Interface HSS US Department of Health & Human Services ICS Incident Command System ICT Information and Communications Technology IED Improvised Explosive Device IoT Internet of Things IP Internet Protocol IPAWS Integrated Public Alert and Warning System JESIP Joint Emergency Services Interoperability Programme KML Keyhole Markup Language MChS Russian Ministry of Emergency Situations Mps Megabit per second MRt Mobile Reporter MRd Mobile Responder MSSAS Multi-Stakeholders Situation Awareness System NIR Near-infrared NSCDC Nigeria Security and Civil Defence Corps NICS Next-Generation Incident Command System OCU Operator Control Unit OR Operations Response
©SAYSO Consortium 13 Public
Deliverable D2.1 – State-of-the-Art Analysis
PBSOTA Progress-Beyond-State-of-the-Art PLAS Persistent Low Altitude Surveillance PLI Position Location Information PPE Personal Protective Equipment QC Quality Control R&D Research and Development RM Rapid Mapping RPAS Remotely Piloted Aircraft System RPV Remotely Piloted Vehicle RRM Risk and Recovery Mapping SA Situational Awareness SAP Situational Awareness Platform SAR Search and Rescue SAS Situation Awareness System SAV Situational Awareness Viewer SAYSO Standardisation of situational Awareness sYstems so Strengthen Operations in civil protection SCOUT Situation Awareness and Collaboration Tool SLM Small Lightweight Manipulator SMEM Social Media for Emergency Management SOTA State-of-the-Art SSA Shared Situational Awareness sUAS small Unmanned Aerial Systems (Quadcopters) THW Federal Agency for Technical Relief TRL Technical Readiness Level UAV Unmanned Aerial Vehicle UAS Unmanned Aerial System UHD Ultra-high Definition UGV Unmanned Ground Vehicles UKOS United Kingdom Ordnance Survey VHF Very High Frequency VOC Volatile Organic Compounds VPN Virtual Private network VTOL Vertical Take-Off-and-Landing
©SAYSO Consortium 14 Public
Deliverable D2.1 – State-of-the-Art Analysis
1 Introduction
Managing a crisis requires timely and effective decisions to be taken by the crisis management teams. A key element in successful crisis management (CM) is comprehensive Situational Awareness (SA) among all stakeholders involved. SA can be broadly described as the ability of first responders to perceive and understand what is happening in their environment and to be able to foresee the unfolding of future events. The sources of information to obtain SA include incident reports, meteorological information, modelling and geospatial intelligence products, visual and thermal imagery, sensor networks, news media, and specialized or technical data. The US Federal Emergency Management Agency (FEMA) defines SA as the capability to obtain and distil specific knowledge concerning threats, hazards and conditions in a timely matter to support incident management decisions across all phases of a catastrophic incident response.1 More specifically, this includes the following: • The ability to know the location of responders and their proximity to risks and hazards in real time • The ability to detect, monitor and analyse passive and active threats and hazards at incident scenes in real time • The ability to rapidly identify hazardous agents and contaminants • The ability to incorporate information from multiple and non-traditional sources (for example, crowdsourcing and social media) into incident command operations. • The ability to communicate with responders in any environmental conditions (including through barriers, inside buildings and underground) • Communications systems that are hands free, ergonomically optimized and can be integrated into Personal Protective Equipment (PPE).2 In this report, SA is defined as the state of individual and/or collective knowledge relating to past and current events, as well as their implications and potential future developments.3 Collective knowledge in this context is referred to as Shared Situational Awareness (SSA). An EU example for a nation-wide effort to provide SSA for all stakeholders responding to multi-agency incidents is the M\ETHANE approach developed by the UK Joint Emergency Services Interoperability Programme (JESIP).4 Currently, the JESIP ways of working is used routinely by UK police, fire, and ambulance services, i.e., in the initial stages of emergency response, SA-related information between responders and Control Rooms is passed using the M\ETHANE mnemonic (Figure 1).5 The goal of this report is to analyse the State-of-the-Art (SOTA) in SA by providing an inventory of the existing SA solutions, tools, technologies, standards and procurement processes. Thus, this report focuses on the indentification of the already available, mostly commercial off-the-shelf (COTS), solutions that can help enhance SA among first responders during emergency management in the EU.6 For this purpose, the SAYSO consortium carried out extensive research and used the results of
1 Project Responder 4, DHS, 2014; https://www.dhs.gov/sites/default/files/publications/Project%20Responder%204_1.pdf. 2 Ibid. 3 United Kingdom Civil Protection Lexicon, Version 2.1.1 (February 2013). 4 United Kingdom JESIP; http://www.jesip.org.uk/. 5 http://www.jesip.org.uk/methane. 6 Note: The report does not analyze SA-related technologies developed in FP7 and H2020 EU funded projects, but provides a short overview of relevant EU FP7 projects only. This topic will be analyzed separately as PBSOTA and presented in SAYSO Deliverable 3.4 – Roadmap for Further Advanced MSSAS Optimization.
©SAYSO Consortium 1 Public
Deliverable D2.1 – State-of-the-Art Analysis the SAYSO EU wide questionnaire-based survey, carried out during the summer of 2017.
Figure 1: JESIP M\ETHANE mnemonic of the UK Joint Emergency Services Interoperability Programme7
Since the number of SA tools developed by industry and dedicated stakeholders largely follows a pronounced growth curve, this report describes only typical examples of the different technological approaches.8 The report also addresses the current Information and Communications Technology (ICT) architecture and systems, human factors, existing standards and ongoing standardisation activities, procurement issues and legal requirements.
7 http://www.jesip.org.uk/methane. 8 Note: The examples given and products named do not represent any form of endorsement or recommendation by the authors of this report or the SAYSO consortium. They only represent typical examples of the available COTS- and cost-free technological solutions, representing SOTA with regard to SA.
©SAYSO Consortium 2 Public
Deliverable D2.1 – State-of-the-Art Analysis
2 User Needs and Requirements
Internationally, major efforts have been undertaken to identify user needs and requirements for first responders in order to assist them in obtaining optimal SA.9 This section provides an overview of operational and technical requirements for the optimal SA system, encompassing data collection, data analysis and information sharing. It is also noteworthy that the legal and ethical requirements that are relevant in this regard are dealt with hereunder in section 10 as well as in Appendix 2. Requirements for Data Management • Shares incident-related information among agencies and disciplines during response operations • Merges and synthesizes disparate data sources in real time to support situational awareness • Accesses, integrates, shares and displays images and video pertinent to the incident scene for the responder and incident command • Captures, processes, integrates and manages raw and digital information related to incident response, operations or an investigation • Merges and synthesizes disparate data sources in real time (e.g., known hazards, building blueprints, ownership records) • Ingests data in multiple file formats • Caches data when connectivity is offline and automatically forwards when connection is restored • Functions across broad distances and remote places • Allows sharing of geolocation data across response agencies • Disseminates data to incident command and on-scene responders • Deploys on multiple platforms (for example, manned and unmanned ground and aircraft systems, fixed and mobile) • Maintains open-standard format for outputs • Allows customization of data visualization • Allows user queries of data • Includes ability to filter data and customize filter criteria • Includes ability to compare data across time (historical and incident-specific) • Generates outputs that are immediately usable by responders • Generates outputs in real time • Integrates with incident-specific maps • Integrates with responder geolocation data • Easy navigation between data layers • Integrates with existing records-management, dispatch, and incident management software systems • Allows off-line access • Includes ability to back up outputs
9 EU Project IDIRA (Interoperability of data and procedures in large-scale multinational disaster response actions), Grant Agreement: 261726; ending date: 30 April 2015, D1.2 State-of-the-art and User Needs. See also US Homeland Security Studies and Analysis Institute, Project Responder 4: 2014 National Technology Plan for Emergency Response to Catastrophic Incidents, Publication Number: RP13-17-02, July 2014. See also US Homeland Security Studies and Analysis Institute, Project Responder 5: Final Report, Publication Number: RP16-18-02, August 2017.
©SAYSO Consortium 3 Public
Deliverable D2.1 – State-of-the-Art Analysis
Geo-referenced Information • Locates responders on the incident scene (indoors and outdoors) including latitude, longitude and altitude/depth • Provides graphic display of the location of all responders on the incident scene • Integrates with three-dimensional display of buildings and structures to identify the room or specific area in which the responder is located • Generates maps for indoor and outdoor locations integrating incident data with existing geographic information system (GIS) data • Incorporates a confidence level to indicate the accuracy of location
Intelligence • Creates actionable intelligence based on data and information from multiple sources • Obtains and maintains a bird’s-eye view of the incident scene
Information Display • Accesses, integrates, shares and displays images and video pertinent to the incident scene for the on-scene responder and incident command • Displays in multiple data layers that can be selected by the user • Allows user to choose or toggle between images or video feeds • Accesses, transmits and displays images and video in real time • Provides visually relative orientation (points of reference) • Disseminates images and video via role-based permissions (i.e., task level and command) • Allows user to access video feeds immersively (i.e., first-person point of view) in three dimensions • Provides three-dimensional graphical depiction of incident scene • Allows user to view changes in incident scene over time; both historical and within the incident • Integrates with indoor and outdoor infrastructure data (e.g., location of hydrants, gas lines) • Displays data in layers
Hazard Identification • Detects hazardous agents in real time, including chemical, biological, radiological and explosive particles and signatures, within a set perimeter around response personnel • Detects or measures other pertinent data (e.g., oxygen displacement) that impacts hazardous conditions • Provides pertinent information, including modes of exposure and protective action information (e.g., appropriate PPE, standoff distances, immediate treatments and decontamination requirements) • Measures the current HAZMAT concentration and records exposure over time • Identify cascading effects of the incident that impact the response and/or the surrounding community
©SAYSO Consortium 4 Public
Deliverable D2.1 – State-of-the-Art Analysis
• Obtains and maintains a bird’s-eye view of the incident scene, providing 360 degree field of view • Integrates with information about the responder’s condition, e.g., physiological data, personal alert safety system alarm activation • Integrates transmitters into personal protective equipment (PPE) or other existing equipment with minimal or no net weight gain for the responder • Models potential hazards in real time (e.g., fire behaviour analysis) • Determines structural stability of buildings in real time • Integrates multiple hazard modelling inputs • Integrates real-time sensor data into model • Provides decision-support prompts • Integrates with incident-specific maps • Integrates data layers (e.g., infrastructure) • Allows user to designate geographical boundaries
Data Security • Encryption or protection of data during transmission • Encryption or protection of images and video feeds
Communication • Establishes joint command between jurisdictions and agencies • Extracts critical information from social media feeds • Allows multiple users to access and share text, images and video • Enables communication in a communications-degraded environment.
In summer 2017, THW conducted a survey among EU practitioners and crisis managers inquiring about the current practices with regard to SA.10 The survey was based on a questionnaire developed by the SAYSO project consortium. An example of the results obtained is shown in Figure 2 below. The replies in this category indicate that only a few respondents use incident information management functions routinely or during special types of incidents. Most answers fall into the categories “Not existing, but would like to use” and “Not existing, and not needed”. This indicates that these functions are not used by the stakeholders on a regular basis. It is also indicative of a significant gap between the already existing SA tools and their application by practioners and crisis managers in the EU. With regard to the explosion impact software, the toxic plume calculation software, the field situation reporting software, and other numerical simulation tools, these functions are more frequently used during special types of incidents only, rather than on a daily basis. Thus, when designing the Multi-Stakeholder Situational Awareness System (MSSAS), it is worthwhile to consider not only its use during routine incidents, but also during special types of incidents, such as CBRNe incidents.
10 SAYSO Deliverable 2.2 – Preliminary inventory of practitioners’ requirements.
©SAYSO Consortium 5 Public
Deliverable D2.1 – State-of-the-Art Analysis
Incident information management functions (category 6) 40 Used routinely 35 Used during special 30 types of incidents 25 only Existing, but not used 20
15 Not existing, but would like to use as 10 potentially useful
5
0
Figure 2: Incident information management functions
©SAYSO Consortium 6 Public
Deliverable D2.1 – State-of-the-Art Analysis
3 SA Systems Used by EU Practioners and Crisis Managers
The participants of the SAYSO questionnaire-based survey in summer 2017 were requested to consider which Situational Awareness System(s) were currently used by their organisation and what advantages/disadvantages they have observed. The question was raised as one of the few free-text- questions. The results from this question, evaluated in accordance with qualified methods, showed that there are some situational awareness tools in use among the different civil protection organisations – but they also showed that there are rarely holistic IT-solutions, integrating different aspects and needs while connecting different stakeholders and needs in the field of civil protection. For instance in Portugal, a fire risk index is used by the regional/local administration, in Germany situation reports by Technical Relief, or Decision Control Process by the fire fighters in the United Kingdom. Furthermore, there are some interactive IT platforms to share data among the responsible practitioners and stakeholders. One challenge in this context is to get people to share their information. There may be a reluctance to share information if the government is the owner of the IT platform. So data protection rights and ownership of IT platforms to share information are aspects worthwhile to discuss when wanting to develop and introduce a Multi-Stakeholder Situational Awareness System (MSSAS). If there are more holistic working IT-Solutions in the level of disaster management/civil protection - as for instance in the Netherlands – they are used mainly during explicitly named crisis situations, which do not happen that often, which in turn means that the handling of the IT-Systems is mainly unfamiliar and skills in handling do not improve. This leads to the finding that the daily use of a Situational Awareness System should be possible. To raise acceptance and to become familiar with the handling of the system, the IT-Solution should be integrated into the daily work of the practitioners. The above mentioned examples are not reflecting all given answers. All given answers are shown in the following table, divided into different kind of organisations among the practitioners: police, technical relief, firefighters, and paramedics. Further, some other organisations in the context of civil protection as regional/local administration or military aid to the civil authorities having answered the SAYSO questionnaire are listed as well in Table 1 below.
Organisation Which situational Member Which advantages have Which disadvantages awareness system(s) State you observed? have you observed? are currently used by your organisation?
Police JESIP Principles (Joint United One set of shared Having to replace Decision Model JDM, Kingdom models in place older single service M/ETHANE and JESIP models five Key Principles) UK College of Policing United One model across UK Not aligned with National Decision Model Kingdom police other emergency NDM services.
©SAYSO Consortium 7 Public
Deliverable D2.1 – State-of-the-Art Analysis
Other: diasaster The Dutch national Netherlands A system for all involved Only used during management/ system organisations crisis situations civil protection which don't happen advisory often Technical relief Lagemeldungen Germany A lot of standardized None information Other: Cybee Cyprus less time to react - Civil Protection Firefighter Smartphone, tablet, Austria The same level of Extensive interactive platform to knowledge for all, maintenance and share information and existence and availability operation of the for the use of data and plans system is not infrastructure data from concerning completely intuitive the operator (LInzAG) infrastructure and other for all users building data in each of (depending on state the operational of knowledge sites/regions concerning IT- Systems) Firefighter JESIP-joint emergency United Commonality in Slow adoption in services interoperability Kingdom approach to incident some areas Lack of principles. This contains structure Easy involvement of some a situational awareness identification of agencies, especially structure commanders Cat 2 responders Commonality in use of language Managing Incidents United Adds structure to Different versions of model Kingdom commanders thought the model can cause processes a bit of confusion, however, still better than having no structured approach Decision Control Process United Adds structure to Overly complex for Kingdom decision making to use in quick time enhance safety of responders Paramedics JESIP United Better integration Difficult to introduce Kingdom between services, better as it required cultural situation outcomes, change. better use of resources Other: Resilience Direct United Information readily Login difficulties from Military Kingdom available to all who have some organisations (Military Aid to access leading to a loss of the Civil confidence in the Authority) system JESIP United A common easily A reluctance from Kingdom understood system in emergency services passing salient in Scotland to information quickly embrace it during a disruptive challenge
©SAYSO Consortium 8 Public
Deliverable D2.1 – State-of-the-Art Analysis
Technical relief Risk Management Germany Checklists can avoid More administration Systems (hazards like dangerous situations and documentation gas, electricity, water, etc.) Regional/local Meteorological warning Portugal Immediate response by Message only sent in administration system cost event, emergency services, Portuguese, the storm surge, tide level informed population communication reach, centralized channels used (apps, information on a single website, sound, platform, partnership informative panels, strengthening social networks), lack of a national policy of sending messages Tsunamis and Portugal Immediate response by Message only sent in earthquakes emergency services, Portuguese, the informed population communication reach, centralized channels used (apps, information on a single website, sound, platform, partnership informative panels, strengthening social networks), lack of a national policy of sending messages Fire risk index Portugal Immediate response by Message only sent in emergency services, Portuguese, the informed population communication reach, centralized channels used (apps, information on a single website, sound, platform, partnership informative panels, strengthening social networks), lack of a national policy of sending messages Firefighter LCMS, general for the Netherlands - - country and also for a region Firefighter Resilience Direct United The ability to share The system's overuse Kingdom information in a outside of coordinated and emergencies has the structured way potential to mask critical information Paramedics Standard MNEMONIC United Information is passed in Making sure people for the sharing of Kingdom a single, commonly adhere to this and incident information understood way not revert to single METHANE which stands sector models for Major Incident Declared, Exact location, Type of incident, Hazards, Access, Number of casualties, Emergency services present and required
©SAYSO Consortium 9 Public
Deliverable D2.1 – State-of-the-Art Analysis
We also have a national United Common ways of Embedding this into interoperability Kingdom working provide a business as usual is programme that consistent approach to the main challenge promotes common ways managing incidents and of working and briefing support a coherent and which support shared joined up response situational awareness There is a common United Information is secure, Getting people to secure IT platform which Kingdom users can be controlled share information allows information to be in terms of access can be a challenged shared in a secure way as they do not own the system, the government do. Firefighter Daily report of critical Italy Awareness of critical None situations in the ongoing efforts country, men and vehicles in the operations field
Table 1: SA systems used by EU stakeholders identified in SAYSO questionnaire-based survey
©SAYSO Consortium 10 Public
Deliverable D2.1 – State-of-the-Art Analysis
4 Inventory of Existing Tools
Information collection is key to SA. The need for SA becomes most apparent when it is lacking. That is when unintended consequences are most likely to occur. Gathering information is important, however, understanding the information collected is essential, i.e., comprehensive SA comes from understanding an entire operating environment, being able to project potential outcomes and being aware of the possible consequences. Only then can one reduce the risks of unintended occurrences inherent in any complex situation. This section provides an overview of selected COTS- and some cost-free SA-specific products in the following categories: Satellite- and Airborn Remote Sensing System, Unmanned Ground Vehicle, Unmanned Aerial Vehicle, Special Cameras, Special Detector, Traffic Management, and Decision Support System. Information on currently existing SA tools was derived from the analysis of COTS SA systems available in the European Union and outside EU Member States.11
4.1 Satellite- and Airborne Remote Sensing Systems
The importance of the operational use of satellite-based remote sensing for emergency management applications has increased over the past few years. The availability of different types of remotely sensed data, together with geospatial information acquired in the field, enables crisis managers to exploit this source of information in the different phases of the CM cycle. Application of this technology has proven its value in the crisis response phase of natural- and technical disasters, as well as during a humanitarian crisis, in particular for mapping of emergency operational services. Today, CM can select suitable imagery for the main disaster types from a wide range of options. For example, the satellite-based approach is increasingly supplemented by geomatics techniques. Thereby, tools and techniques used in remote sensing and geographic information systems (GIS) are used to exploit data derived from global-navigation satellite systems (GPS, GLONASS, Galileo, Compass).12 Airborne collected data can also be an important source for SA: (a) Imagery data contains the most up-to-date information on areas with limited access (e.g., areas with transport infrastructure impeded by an earthquake); (b) Imagery data represent an efficient way to assess the size of the area affected by the disaster (e.g., thousands of square kilometres inundated by floods). Such systems enable the CM to assess the crisis situation, forecast and warn within and across national borders using airborne sensors (e.g., aircraft equipped with radiation detectors mapping fallout originating from an accident at a nuclear power plant). Thereby, data-downlink and information processing (geo- referencing, generation of map-overlays, analysis, interface to higher level systems) is facilitated between different stakeholders at the national level, but also between countries. The section below analyse examples of advanced COTS- and cost free satellite- and aircraft-based SA systems, suitable for improving SA in crisis management.
11 The products listed represent examples of the pertinent SA technologies only. The section is not intended as a market overview of all available tools and does not claim to provide a complete list of COTS- or cost-free SA technologies available. 12 Boccardo, Piero; Tonolo, Fabio Giulio, Remote sensing role in emergency mapping for disaster response, J. Engineering Geology for Society and Territory, 5, 17-24, SPRINGER Verlag, 2016, http://emergency.copernicus.eu/mapping/ems/remote-sensing-role-emergency-mapping-disaster-response.
©SAYSO Consortium 11 Public
Deliverable D2.1 – State-of-the-Art Analysis
4.1.1 COPERNICUS EMS
Copernicus Emergency Management Service (EMaS) - Mapping provides all organisations involved in the management of natural disasters, man-made emergency situations and humanitarian crises, with timely and accurate geospatial information derived from satellite remote sensing and completed by available in situ or open data sources.13 Copernicus EMS is an Emergency Management Service of the EC, provided free of charge in rush mode, for emergency management activities which require immediate response and non-rush mode, to support emergency management activities not related to immediate response. EMS can be activated only by authorised users (public organizations from EU MS). The information generated by the service can be used as supplied (e.g., as digital or printed map outputs). It is provided during all phases of the emergency management cycle and free of charge for the users. Additional services include (a) Rapid Mapping (RM) and (b) Risk and Recovery Mapping (RRM). RM consists of the on-demand and fast provision (within hours or days) of geospatial information in support of emergency management activities immediately following an emergency event. Three categories of maps are offered: Reference Maps, Delineation Maps (providing an assessment of the event extent) and Grading Maps (providing an assessment of the damage grade and its spatial distribution). RRM consists of the on-demand provision of geospatial information in support of Emergency Management activities not related to immediate response, such as prevention, preparedness, disaster risk reduction and recovery phases. The product categories are comprised of Reference Maps, Pre-disaster Situation Maps and Post-disaster Situation Maps.
4.1.2 DigitalGlobe series of products
DigitalGlobe's is a vendor of satellite imagery, operating the most agile and sophisticated commercial satellite constellation in orbit. Additionally, they provide services of geospatial content using elevation technologies that allow to map evacuation routes, identify areas of importance and compare pre- and post-disaster imagery to get an accurate assessment of the damaged and affected areas. Furthermore, the maps increase environmental awareness, e.g., by displaying damage assessment layers over the target area struck by disaster. This encompasses, for example, damaged roads as compared to undamaged roads, crowdsourced damage and damaged bridges.14 Imagery provided by the system range from near real-time post-event imagery for CM and crisis response (First Look), to a single layer of high resolution satellite imagery (Global Basemap) and advanced multispectral imagery with full resolution 8-band data to access information beyond the visible range pixels (resolution spanning between 1m and 30 cm).15
4.1.3 ZKI-DE
The Center for Satellite Based Crisis Information (Zentrum für Satellitengestützte Kriseninformation, ZKI), is an ISO 9001 certified institution of the German Remote Sensing Data Center (DFD) at the German Aerospace Center (DLR) in Oberpfaffenhofen. At ZKI Earth Observation data such as satellite or aerial imagery as well as geo data is acquired and analysed in order to generate up-to-date situational awareness information before, during or after a disaster situation or in case of major
13 http://emergency.copernicus.eu/mapping/ems/service-overview. 14 https://www.digitalglobe.com/industries/civil-government. 15 http://microsites.digitalglobe.com/arcgis/.
©SAYSO Consortium 12 Public
Deliverable D2.1 – State-of-the-Art Analysis events. All crisis information is produced according to the ZKI users’ requirements and provided for instance as maps, geo-pdf, web services or text dossiers. It offers a 24/7 service for the rapid provision, processing and analysis of satellite and airborne imagery during natural and environmental disasters, for humanitarian relief operations and civil security crises.16 The resulting satellite- and airborne based information products are provided to relief organisations and public authorities and are mainly freely available on the ZKI website. The information products are delivered in the form of maps and GIS-ready geodata. These data can be used to support crisis management and humanitarian relief operations worldwide. At national and international level ZKI cooperates with different partners from research and industry. It is closely networked with administrative partners as well as non-governmental organisations and consists mainly of the three services ZKI-DE, Copernicus EMS and the International Charter “Space and Major Disasters”17.
4.1.4 TIBER Owl
TIBER Owl is the result of a Private-Public Partnership undertaking between the Russian Ministry of Defense and TIBER. The specially designed Unmanned Aerial Vehicle Owl is a solar-powered endurance UAV, categorized as atmospheric satellite. The Owl program is being conducted by the Russian Foundation for Advanced Studies (FPI) and Tiber, a Moscow-based developer and manufacturer of automatic flight-control systems and unmanned aircrafts. Owl is capable of carrying out functions similar to a satellite due to its ability to be in flight mode as long as solar batteries provide Owl with the necessary electric energy.18 Experimental flights over 50 hours at an altitude of 9000 m are reported by developers with built-in high stability and high resistance to turbulence in severe meteorological conditions. The atmospheric satellite has a wingspan of 9 m and weighs 9 kg. The system has the inherent advantage that its ground-based launch is simple and does not require a space launch with a rocket.
4.1.5 Altametry ALTA SmartBalloon
Altametry is a US based company which manufactures ALTA SmartBalloon™ products, such as ALTA BatVu Tactical SmartBalloon™ for law enforcement, public safety, and homeland security agents to conduct Persistent Low Altitude Surveillance™ operations by day or night (Figure 3).19 The ALTA BatVu Tactical SmartBalloon™ uses a thermal imaging camera to detect heat signatures from a variety of sources. It is capable of day/night surveillance for 3 to 6 hours battery capacity. It is also equipped with two HD zoom cameras, providing live video encrypted audio/video feed. The system is fully Federal Aviation Administration (FAA) compliant.20 The SmartBalloon system can also be adapted for special services, such as: (1) to detect a bio-hazard cloud by assisting in the calculation of trajectory and impact areas, (2) to detect gunfire and assist in direct response from tactical ground units, and (3) to provide live Persistent Low Altitude Surveillance (PLAS) feed to tactical unit commanders, e.g., in an active shooter situation by providing aerial overview for the coordination of
16 https://www.zki.dlr.de/ 17 https://www.zki.dlr.de/page/2987 18 TIBER, Moscow, http://www.tiber.ru/en/company; https://www.youtube.com/watch?v=OssaVokmE2s. 19 http://www.altametry.com/products. 20 http://www.altametry.com/alta-batvu.
©SAYSO Consortium 13 Public
Deliverable D2.1 – State-of-the-Art Analysis deployment of resources and egress of victims.21 The version TerraVu can be used for biomass mapping and forest fire detection.
Figure 3: ALTA Smart Balloon
4.2 Unmanned Aerial Vehicles
An unmanned aerial vehicle (UAV) can serve as the initial explorer of the incident area, as well as in- situ support system safeguarding emergency personnel. Devastating destruction and dangerous situations can make disaster response challenging. UAV solutions enhance situational awareness of emergency responders by enabling them to collect critical aerial intelligence, identify potential hazards, and quickly deploy rescue resources, where they are needed most. Drones can be very particularly useful in extremely dangerous HAZMAT or CBRNE incidents and disasters. The risk to the rescue teams can be significantly reduced, if UAVs with sensors and cameras on board are deployed first to gather as much information as possible and help assess the situation before the responders are sent to the incident site. Besides, UAVs equipped with visual and thermal cameras can be very efficient in search and rescue (SAR) operations, especially during the night, in a complex terrain or in heavy smoke conditions locating survivors by detecting body heat. Some UAV systems can also be used to create detailed 2D and 3D maps of the heavily destroyed areas, so that emergency teams can determine what types of resources are needed and plan the most effective response. To ensure optimal human-robot collaboration, UAVs are integrated into the Command, Control, Communications, Computers, and Intelligence (C4I) equipment of the human crisis managers. Ideally, several UAVs collaborate as a coordinated team, communicating via ad hoc cognitive radio networking. UAVs have already proven to be beneficial for first responders, who use them routinely facing a multitude of challenges and dangerous situations. For example, international rescue teams used
21 http://www.altametry.com/case-studies.
©SAYSO Consortium 14 Public
Deliverable D2.1 – State-of-the-Art Analysis drones in SAR operations following the earthquake in Haiti in 2010.22 In late October 2012, when 13 cars of a 39-car freight train carrying hazardous material derailed near Louisville Kentucky in the US, the onsite emergency crews used a UAV solution to assess the damage and provide the aerial imagery needed for a fast and safe clean-up of the site.23 The same UAV system was used for rapid and safe assessment of the damage from an EF-2 tornado that took place in Elk City on 16 May 2017. It provided full-motion video in real-time to the Emergency Operations Center in Oklahoma City and the National Weather Service in Norman, Oklahoma.24 Dubai Civil Defence (DCD) has purchased 15 quadcopters to patrol high-risk areas, such as industrial zones, to monitor and record fires. In the event of a blaze, the drones observe a burning building to determine the best plan of action before firefighters committed to entering the scene, thus reducing risk to DCD personnel.25 Unmanned Aerial Systems (UAS) were deployed to assist local emergency services after the Nepal earthquake in 2015, the Ecuador earthquake in 2016, and the Columbian landslides in 2017. In September 2017, a small UAS (sUAS) was used in Sint Maarten in the Caribbean to help assess the aftermath of Hurricane Irma by providing aerial intelligence to first responders and international disaster relief teams on the ground.26 Russian emergency services started deploying their first UAVs in 2009. In the summer of 2010, they were actively used for monitoring fires in Moscow oblast. In 2016, the Russian Ministry of Emergency Situations (MChS) supplied its units across the country with almost 800 new UAVs, which support localization of fires, search of lost persons, control of ice movement on the rivers, etc. Of these UAVs, 700 are small copters with a low payload (i.e., up to 500 g); the remaining 100 are heavy drones, capable of covering long distances even at low temperatures. By 2017, Unmanned Aviation Centres supporting the training of pilots for emergency operations have been created in 85 regions of Russia. Future UAVs will be equipped with loud-speakers, making them part of the emergency hotline (“112”) system. 27 The section below analyses examples of advanced COTS UAVs for improving SA in crisis management.28
4.2.1 Aerialtronics Altura Zenith
Altura Zenith is an out-of-the-box UAV solution from the Dutch company Aerialtronics, which was designed and developed through 3D-printing. It can carry as payload a DSLR camera, thermal imaging sensor, multi-spectral cameras, microphones, video cameras and up to 9 kg payload (Figure 4). It has a dual spectrum computer vision platform which exploits digital data from a powerful FLIR Boson thermal IR camera and a 30x zoom Sony daylight camera. High Definition (HD) images can be transmitted to the ground control station, which can provide live multicast video to emergency
22 Andrey Ivanov, Bespilotniki na sluzhbe spasateley, iot.ru, 8 December 2016, https://iot.ru/gorodskaya-sreda/bespilotniki- na-sluzhbe-spasateley (video available). 23 https://www.aeryon.com/public-safety/emergency-response 24 https://www.aeryon.com/press-releases/aeryon-labs-supports-tornado-damage-assessment-in-oklahoma 25 Ian Portelli, Drones for safety, CRJ, Volume 11, Issue 4, May 2016, pp. 74-56. 26 Sint Maarten, Aeryon Deploys SkyRangers to Support Hurricane Irma Response, Press Release, 12 September 2017, https://www.aeryon.com/press-releases/aeryon-deploys-skyrangers-support-hurricane-irma-response. 27 Andrey Ivanov, Bespilotniki na sluzhbe spasateley, iot.ru, 8 December 2016, https://iot.ru/gorodskaya-sreda/bespilotniki- na-sluzhbe-spasateley (video available). 28 Note: In case of a conventional electrically powered UAV typically, each battery provides electric power for about 25 min of flight time, but takes a full hour to charge. This limitation does not apply to a solar-powered UAV.
©SAYSO Consortium 15 Public
Deliverable D2.1 – State-of-the-Art Analysis services.29 Furthermore, the drone has integrated detectors, capable of detecting toxic gas (VOC30), nuclear radiation, biological agents, and chemical agents. With its ability to work in extreme weather conditions and environments (winds up to 9m/s), the drone can relay information even in the presence of high heat, light rain and snowfall.
Figure 4: Altura Zenith
4.2.2 AIRBUS Copter 4
The UAV Copter 4 is a reduced size unmanned helicopter from Airbus compared to many other COTS helicopters, which is particularly well adapted to perform ISR, protection or monitoring missions for military as well as civil applications.31 It can provide imaging and communications intelligence, as well as deliver rescue or medical equipment. The on board heavy-duty professional camera can transmit images wirelessly to first responders as far as 40km from the UAV’s location. With the ability to carry a payload of 8.5kg and flight time up to 2 hours, this UAV can bring necessary supplies to rescuers and victims alike. However, it requires two operators to deploy the remotely controlled helicopter.
4.2.3 DJI Phantom Series
The UAV DJI Phantom Series (model 3, model 4) is able to provide 4k ultra high definition (UHD) video capture (Figure 5). It has integrated collision avoidance capability, even at high speeds.32 Landing and lift-off can be controlled through GPS. It has a patented flight control system, which enables it to basically fly itself. Also, this series offers a range of accessories, such as carbon fibre- reinforced propeller with quick release mechanism, intelligent flight battery and charging hub, high speed 64 GB SD card, and filters for optimal shutter settings. DJI Goggles allow the user to zone out the external world and view reality through a “first person view” with the HD stream coming from the drone. One operator can carry out all flight-pertinent functions.33 A test program was carried out by DJI and European Emergency Number Association (EENA) , in cooperation with Fire and SaR services in Ireland, Iceland, Denmark and UK.34
29 Mike Gortolev, Definitive Guide to Altura Zenith Drones ATX4 and ATX8, Dronebly.com, 21 November 2014; http://dronebly.com/definitive-guide-to-altura-zenith-drones-atx4-and-atx8. 30 VOC (volatile organic compounds) 31 Airbus Copter 4, https://www.survey-copter.com/en/produits/copter-4/ 32 Ultra High Definition video (UHD). 33 It is noted that the DJI software is very CPU intensive. 34 http://www.eena.org/download.asp?item_id=20
©SAYSO Consortium 16 Public
Deliverable D2.1 – State-of-the-Art Analysis
Figure 5: Phantom-335
4.2.4 Advanced Aircraft Company Hercules
Hercules is a long-endurance UAV for extended missions. It combines multi-rotor propulsion with a fixed-wing frame (length: 1.6 m; width: 3.3 m) (Figure 6). A hybrid electric propulsion system (6 electric motors, plus electronic fuel injection combustion engine) gives the vertical-takeoff-and- landing (VTOL) UAV a 2-hr. endurance carrying a 2 kg payload. A 2-stroke gasoline engine, balanced by battery power, provides a fail-safe power supply.36 At 17 kg gross weight, the Hercules can operate under the FAA’s Part 10737 small UAV rule, but has four to six times the endurance of battery-powered multirotor VTOL drones carrying the same payload.38
Figure 6: Hercules
35 http://dronebly.com/6-best-drones-with-camera-to-buy-this-year. 36 http://www.advancedaircraftcompany.com/hercules/. 37 US Federal Aviation Administration (FAA); https://www.faa.gov/. 38 Hybrid Power Extends Small UAS Endurance, Aerospace Daily & Defense Report, 1 September 2017, http://aviationweek.com/awin-only/hybrid-power-extends-small-uas-endurance?eid=forward.
©SAYSO Consortium 17 Public
Deliverable D2.1 – State-of-the-Art Analysis
4.2.5 Vercial Technologies DeltaQuadPro
The DeltaQuad Pro is a VTOL, fixed wing UAV for missions up to 120 km at a maximum speed of 100 km/h with a apylod of 1 kg. It has wingspan of 235 cm, length of 90 cm and an empty weight without batterires of 3.3 kg (Figure 7). It is fully electric and can be controlled from a tablet, laptop or any internet connected device. DeltaQuad Pro can carry out fully autonomous take-off and landing. The UAV requires no pre-flight calibrations and can be assembled in 30 seconds. DeltaquadPro features a VPN secured 4G video and telemetry connection; the UAV does not require a traditional transmitter.
Figure 7: DeltaQuadPro
4.2.6 Yamaha FAZER R G2
The FAZER R G2 is capable of automated flights to uninhabited areas out of visual range, with maximum payload of 35 kg at an AGL (altitude above ground level) up to 2 800 m (Figure 8). Cruising range is up to 90 km through the fitting of a satellite-capable transmitter-receiver. It has provisions for mounting photography- and measurement devices. It has an overall length of 3,665 mm and a main rotor (diameter – 3,115 mm). Power is provided by a liquid-cooled, 4-stroke, 2-valve, horizontally-opposed 2-cylinder engine with a 12-liter fuel tank. Maximum forward-airspeed is 20m/s. It features automated flight control systems.
Figure 8: FAZER R G2
©SAYSO Consortium 18 Public
Deliverable D2.1 – State-of-the-Art Analysis
4.2.7 Qube
Qube is a small UAV (length: 90 cm; weight: 2.5 kg) transmitting live video directly to the operator. It fits in the trunk of a car and can be assembled and ready for flight in less than five minutes.39 The UAV operating range is limited to 1 km line-of-sight. It has only cameras as payload (dual high resolution colour and a 640 x 480 thermal cameras), allowing the operator to see in any lighting conditions without changing payloads. Both cameras have zoom-capability and image stabilisation.
4.2.8 Aeryon SkyRanger
SkyrRanger is a small, ruggedized UAV (deployed: 102 cm diameter, 24 cm height; folded: 50 cm length, 25 cm width; Figure 9). The VTOL UAV provides up to 50-minute endurance, continuous operation with flight performance even in rough weather, such as wind speed up to 65 km/h sustained wind (90 km/h gusts) and environmental temperature ranging from -30°C to + 50°C. High resolution aerial imagery from the UAV integrates with traditional photogrammetry software to provide detailed information. Pre-planned flight paths using dynamic flight plans (including Follow- Me™ protection and AutoGrid™ mapping modes) enable the operator to methodically perform a grid search. Point-and-click touchscreen navigation and camera control is provided. Control and data link are part of the low-latency all-digital network. The secure networking capabilities ensure that all videos and photographs are automatically saved and geo-tagged for further analysis and potential evidence.40 Also, the system can assist HazMat/CBRNe management with integrated, hot-swappable payloads. SkyRanger has the option of Beyond Line-of-Sight operational range, i.e., 3 km integrated capability extensible beyond 5 km, and altitude from 450 m AGL extendable to 4500 m AGL. AeryonLive™ Video & Telemetry solution can stream live video, images and aircraft telemetry from the SkyRanger across a secure bonded cellular network connection.41
Figure 9: SkyRanger
39 https://www.robotcenter.co.uk/products/qube. 40 Secure network pairing, AES 256 bit encryption; https://www.aeryon.com/wpp/wp-content/files/brochures/Aeryon- SkyRanger-Brochure.pdf 41 https://www.aeryon.com/press-releases/aeryon-labs-supports-tornado-damage-assessment-in-oklahoma.
©SAYSO Consortium 19 Public
Deliverable D2.1 – State-of-the-Art Analysis
4.2.9 UAV Factory Penguin C
Penguin C is a long-endurance, long range UAV-system with a flight endurance of over 20 hours and operation radius of over 100 km (Figure 10). The entire system with 3 UAVs, operated by a crew of two, fits in a minivan, and can be assembled in less than an hour. Its portable launcher and parachute recovery system allows for runway-independent operation. The Penguin C falls under the 55-pound FAA regulation requirements for small UAVs, i.e., the aircraft is non-ITAR restricted. The whole system, packed in several ruggedized containers, weighs approximately 265 kg. The Penguin C system is equipped with a portable tracking antenna system that enables encrypted data transmission to a range exceeding 100 km. It offers a bit rate of up to 12 Mbps, integrated pointing algorithm and automatic switching between directional- and omnidirectional-antenna modes. The tracking antenna system and ground control station have a military-grade ruggedized design. It uses a parachute/airbag recovery system for a soft landing, thereby, eliminating the need for a landing net or landing wire. The Penguin C uses a proprietary algorithm that estimates the parachute landing point based on a number of flight conditions and allows for controlled aircraft recovery in a small designated area. The UAV system is available with advanced micro-gimbals, providing day- and night-time object tracking and small moving target indication. The Penguin C is also available with an empty payload bay. This provides an option to integrate third-party payloads using standard connections based on specific project needs. For powering the payload, an onboard 6 V, 12 V and 24 V power supply is installed. Imagery and seamless integration includes stabilized, simultaneously- streaming dual high-resolution cameras (1080p24HDH.264 video, 15MP still images; 640x480H.264 video and still-images, white-hot and black-hot modes). Low-latency all-digital network is provided with 256 bit AES42 encrypted streaming video to multiple devices, embedded geo-tags and metadata.43
Figure 10: Penguin C
42 Advanced Encryption Standard (AES). 43 Detailed information at : https://www.aeryon.com/casestudies/drone-systems-case-study.
©SAYSO Consortium 20 Public
Deliverable D2.1 – State-of-the-Art Analysis
4.3 Unmanned Ground Vehicles
For decades, robots have offered industries high-speed and high-precision task-solving capabilities. Today, they are deployed in new areas such as search and rescue for victims, or aerial or mobile snake-like, robots provide rapid SA and emergency access to hazardous areas. These robots are able to sense and be aware of their environment in order to perform complex tasks correctly with capabilities such as: (1) Vision – automatic and robust sensing that enables the robot to pick up objects or avoid collisions; (2) Navigation and positioning – getting a robot safely and efficiently "from A to B", and maintaining awareness of its location throughout the process; (3) Operations - a robot arm or mobile robot manipulators carrying out operations in settings where people are present; (4) Autonomy –robots that can learn from experience to improve their performance.44 Thousands of land robots, or Unmanned Ground Vehicles (UGV), are in use by military and civil defence forces around the world. UGV offer the potential for enhancing SA during emergency response through deployment of distributed remote sensors and subsequent information collection in hazardous environments. Such platforms are particularly useful in CBRNe-related incidents and disasters, since they eliminate the need to expose first responders to hazardous situations. Instead, UGV can carry out the initial assessment, or size-up, of the situation, without putting human lives at risk. For instance, robot systems were deployed in Japan after the Fukushima nuclear accident on 11 March 2011. Unmanned constructive heavy machines and robots from the USA and Sweden did reconnaissance work and cleaning up of rubble outside of buildings of the Daiichi Nuclear Power Plant: specially designed UGV (Quince and JAEA-3; details below) were deployed for reconnaissance inside buildings.45 The section below analysis examples of advanced COTS UGVs for improving SA in crisis management.
4.3.1 iRobot 110 FirstLook iRobot 110 FirstLook is a rugged, small, lightweight and throwable UGV, designed to perform multiple missions, including explosive detection, explosive ordnance disposal (EOD) and bomb disposal, chemical, biological, radiological and nuclear (CBRN) and hazardous material (HazMat) detection, checkpoint/vehicle inspections, persistent observation, and route/building clearance (Figure 11).46 It can also be used to locate and identify hazards in confined areas and close-in scenarios, and is capable of operating in visual obscurants under all weather conditions. The UGV- system consists of robot, operator control unit (OCU), and AC charger. The system is 25 cm long, 23 cm wide, 10 cm high, and weighs 2.3 kg. It can be thrown through windows or down stairways. In addition, the robot can be equipped with a small lightweight manipulator (SLM). The SLM is able to manipulate and lift objects weighing up to 1.6 kg, incorporating an adjustable mast camera with
44 https://www.sintef.no/en/information-and-communication-technology-ict/about-sintef-ict/robotics/. 45 The Japanese nuclear disaster response robotics - developed after Japan Conversion Corporation's critical accident occurred in 1999 – did not work when the Fukushima-Daiichi accident occurred on 11 March 2011 (reference: Emergency response by robots to Fukushima-Daiichi accident: Summary and lessons learned. Available from: https://www.researchgate.net/publication/263180800_Emergency_response_by_robots_to_Fukushima- Daiichi_accident_Summary_and_lessons_learned 46 https://www.robotcenter.co.uk/products/irobot-110-firstlook
©SAYSO Consortium 21 Public
Deliverable D2.1 – State-of-the-Art Analysis visible light illuminator. The UGV can be integrated with specialised cameras, thermal imagers, HazMat sensors and charge deployment accessories. It can also carry joint special COTS detectors.47
Figure 11: IRobot 110 FirstLook
The UGV has four integrated 8x digital zoom cameras, each mounted at front, rear, left and right sides. Cameras provide all-round SA in multiple directions. The cameras feature adjustable exposure and gain controls and are sensitive to visible and near-infrared (NIR) light. The built-in 2.4GHz or 4.9GHz mesh radio facilitates reliable communication between the operator and the robot through multiple paths. The robot also uses a digital radio, a modular interface, and a line of sight communication system with a range of 200 m. The rugged, water-resistant, rechargeable multi-robot control system enables the operator to perform command and control (C2) of the robot from stand- off distances. The control system weighs 0.9kg and features an LCD touchscreen for displaying the real-time imagery and video captured by built-in cameras. Since the iRobot 110 FirstLook is fitted with rotating flippers, it can climb obstacles of up to 18 cm, turn in place, and self-right when flipped over. It has tracked propulsion with skid steering and zero radius turn. The UGV has an endurance of more than six hours and can reach speeds up to 5.5km/h. It can sustain 40 cm-drops onto concrete and can be submersed to a depth of 1 m. The robot is operable in temperatures ranging between - 20°C and 55°C.48 A special larger version, the 510 PackBot, is man-portable and features a modular design, incorporating an array of sensors and interchangeable payloads. It can be deployed in less than two minutes and operates under all weather conditions. This UGV has a length of about 89 cm with flippers extended. The height with no payload / manipulator is 17.8 cm and the width with flippers is 52.1cm. It weighs approximately 10.9 kg without batteries. It is equipped with mechanical cable cutters and a head-mounted hook. A route-clearance kit is attached to remove and probe buried obstacles.49
47 For example, Smiths Detection's LCD 3.3, RAE Systems' MultiRAE, Canberra Radiac and L-3's weapon thermal monocular 48 http://www.army-technology.com/projects/irobot-110-firstlook-robot/ 49 PackBot robots were the first robots to provide a glimpse inside the reactor buildings of the Fukushima Nuclear Power Plant after the accident on 11 March 2011 (reference: Hiroko Nakata, Upgraded Quince robots ready for second foray, The
©SAYSO Consortium 22 Public
Deliverable D2.1 – State-of-the-Art Analysis
4.3.2 AREVA RIANA
The UGV RIANA (Robot for Investigations and Assessments of Nuclear Areas) is capable of operating in radioactive areas to map, taking samples and measuring radioactivity. On the motorized platform measurement or sampling modules can be interchanged depending on the situation. The tool is also equipped with 3D- and thermal cameras, as well as laser detectors, in order to help it negotiate its way around obstacles (Figure 12).50
Figure 12: RIANA
RIANA is available with four-wheel or caterpillar track drive. RIANA’s Human-Machine Interface (HMI) is based on a technology which facilitates in-zone interventions. Moreover, operations can be executed without necessarily requiring the presence of an operator: an optional guidance program allows the robot to find its own way and to work on a site autonomously. In the event of a signal loss, RIANA is automatically guided back towards its last known location, whether being tele-guided by an operator or operating autonomously. 51
4.3.3 Bluebotics Absolem
Absolem is a research land-based robotic platform (Figure 13).52 It has a patented passive differential with a low center of gravity and high ground clearance. This enablers the robot to move in basically any terrain, such as stairs, rocks, gravel roads, forest paths and snow. It is equipped with a wide range of sensors. It weighs 30 kg and can move with a speed of 2 km/h for more than 2 hours. The design is such that is specially suited for urban rescue missions.
Japanese Times, 31 January 2012, https://www.japantimes.co.jp/news/2012/01/31/national/upgraded-quince-robots- ready-for-second-foray/. 50 Meet RIANA: The robot that might soon replace humans in nuclear power plants, RT, 30 June 2015, https://www.youtube.com/watch?v=wWbuRArgam0. 51 Nuclear Facility Dismantling: Areva Delivers First RIANA Robot to the CEA, Press Release, June 29, 2015, http://www.new.areva.com/EN/news-10553/nuclear-facility-dismantling-areva-delivers-first-riana-robot-to-the-cea.html. 52 http://www.bluebotics.com/mobile-robotics/absolem/
©SAYSO Consortium 23 Public
Deliverable D2.1 – State-of-the-Art Analysis
Figure 13: Absolem
4.3.4 CHIBA Institute of Technology QUINCE
The Quince system consists of three caterpillar-shaped robots (QUINCE 1, 2 and 3). These small tracked UGV can carry out search and rescue missions in dangerous environments, e.g., in underground industrial or commercial sites.53 The fundamental characteristics of these UGVs are high radiation tolerance, equipped with communication system for teleoperation, high mobility and reliability. No special radiation shielding is needed for the UGV. For communication, a wired communication system (400 m long cable) with a cable handling device is mounted on the Quince. Mobility enables the UGV to climb stairs. It is equipped with instruments for achieving surveillance tasks, high-resolution cameras, gamma camera (weight: 200 kg), dosimeter, dust sampler, thermometers and hygrometers, lighting system, and a simple manipulator for handling a probe. Ergonomics is essential, since first responders working on-scene frequently wear full-face mask and gloves over other gloves. Therefore, handling a console of the UGV takes into account that QUINCE is operable with such equipment, i.e., QUINCE has a small and ruggedized PC for the operator console. Teleoperation software was developed for displaying multiple images and information on a single screen.54
4.4 Special Cameras
Industry offers new approaches to capturing a scene with a camera, ranging from on-scene documentation by a camera worn on the body to remotely controlled portable camera systems and multiple cameras thrown into hard-to-reach places.
53These robots are deployed at the Fukushima nuclear power plant-disaster site. Until now, the operator TEPCO accomplished total 13 surveillance missions in the reactor buildings conducted by these robots. 54 Quince: Monitoring Robot for Disaster Response in the Fukushima-Daiichi Power Facility, Tomoaki Yoshida, Chiba Institute of Technology, https://www.naefrontiers.org/file.aspx?id=43671. See also Hiroko Nakata, Upgraded Quince robots ready for second foray, The Japane Times, 31 January 2012, https://www.japantimes.co.jp/news/2012/01/31/national/upgraded-quince-robots-ready-for-second-foray/.
©SAYSO Consortium 24 Public
Deliverable D2.1 – State-of-the-Art Analysis
The section below analysis examples of advanced COTS Special Cameras for improving SA in crisis management.
4.4.1 BodyWorn Smart Scene 360
Smart Scene 360 is an on scene-documentation tool that allows every user with a BodyWorn™ camera to collect evidence, e.g. , user can capture a 360° view of a scene (e.g., crime scene, traffic accident), which can later be used as evidence in court.55 The system enables the user wireless offload of video evidence from a docking station. It uploads automatically to secure cloud storage from the BodyWorn camera. The system can be automatically activated through the linked BlueTooth device provided with every system, tapping the unit for covert activation or directly on the device's rugged touchscreen interface. Also, the BodyWorn™ body camera can be activated by Central Dispatch through Utility's AVaiL Web backend service. In addition, BodyWorn™ camera integrates with the in-car vehicle system56 and can be triggered by vehicle sensors, such as the light bar, car door and shotgun rack. The system will automatically start recording if a first responder is down. This recording on the body camera will alert Central Dispatch and Supervisors of the injured officer's GPS coordinates through the AVaiL Web backend management system. Smart Offload means the body camera immediately begins uploading media evidence out in the field while recording is in progress. Recorded media reaches secure cloud storage, allowing evidence to be secured immediately, without requiring any docking. The body camera with an interactive display screen allows to view video playback and add notes and classifications to the recorded incident. BodyWorn is not only a camera for evidence collection, but provides also real-time communications messaging. Dispatch and supervisors can send on-duty officers important alerts and messages while tracking their location with built-in GPS. The body camera fuses into the uniform by resting securely in the mounting system outfitted to any uniform garment, including vests, shirts and foul weather jackets.
4.4.2 MAVEO Portable
This all-in-one camera system can be deployed rapidly for remote, unmanned site monitoring via mobile, WiFi and -satellite networks. It is housed in a rugged case and is fully wireless and self- contained.57 The Pan Tilt Zoom (PTZ) camera can be magnetically mounted to a vehicle’s roof or standard tripod and then controlled remotely, including Full PTZ, via laptop or mobile device. It can operate for up to 8 hours via in-built rechargeable battery and also accept 12/24VDC power input for incidents of longer duration. The system can connect up to four cameras at once, including UAV cameras. Parallel high-quality DVR recording is possible alongside live-streaming; up to 2TB of local storage, plus cloud storage of streaming video.
55 http://www.bodyworn.com/#bodyworn-home 56 Rocket IoT™ 57 http://www.mview.com.au/maveo-portable/
©SAYSO Consortium 25 Public
Deliverable D2.1 – State-of-the-Art Analysis
4.4.3 PANONO 360 Camera Ball
The camera ball takes photos in dark, hard-to-reach, or dangerous spaces. The ball houses 36 fixfocus cameras (108 Megapixel).58 The 36 single images are automatically put together and saved in the Panono cloud. They are accessible from any location and can be viewed online or shared with other users. There is no additional software needed. All pictures are password-protected. The transparent body of the ball (diameter: 11 cm) is made of polycarbonate and weighs 480 g. The camera ball has the following characteristics: diagonal field of view: 70°; f-number: 2.8 aperture opening; effective focal length ~32 mm; exposure: 1/4000s - 2s; ISO: 100 – 1600; storage capacity 16 GB (~600 360° shots); battery capacity: ~100 shots. Data transmission is via wireless network. Mobile apps are available for iOS7+ and Android4.2+.
4.4.4 Google Glass
Google Glass is an optical head-mounted display designed in the shape of a pair of eyeglasses. It was developed by X (previously Google X) with the mission of producing a ubiquitous computer. Google Glass displays information in a smartphone-like hands-free format. Wearers communicated with the Internet via natural language voice commands. It is currently available from exclusively through Glass Partners.
4.4.5 ODG R7HL
The R7 HL smartglasses are tested and certified for extreme environments. A durable, hands-free, wearable computing platform for professionals in oil exploration and production, energy, mining, utilities, chemical production, and pharmaceuticals that enables heads-up, hands-free checklists, guided assistance tools, remote assistance support, and the delivery of real time notifications and alerts for safer, more efficient work. Delivers impact eye protection, Military Standard 810G certification for drop, shock, vibration, low pressure and temperature extremes, and ANSI Z87.1+ dustproof and splashproof certification. Device is also Zone 2 “Intrinsically Safe” certified for use in potentially dangerous settings where flammable gases, vapors, or mists are not normally present in an explosive concentration but may materialize.
4.4.6 HMT1
The RealWear Head-Mounted Tablet (HMT) is designed for skilled technicians and engineers in field service, equipment inspection, maintenance and complex manufacturing assembly. It has a completely hands-free voice-visual user interface allowing workers to operate the tools and equipment needed for the job, even if climbing a scaffold or tower, without ever having to pick up or touch a mobile device. The RealWear HMT-1 is designed for heavy industry. Exceeding fully rugged norms, it goes beyond MIL-SPEC 810G specifications and can be dropped onto concrete from a height of 2 meters, and is waterproof against even powerful jets of water. The HMT-1 is built to resist years of exposure to skin oils, sweat and bright sunlight. Its various adjustments remain precise with daily use. For potentially explosive atmospheres, we will also offer an intrinsically safe model certified for use in the more stringent ATEX Zone 1 and FMC1/D1 categories and their national equivalents in
58 https://www.panono.com/en/product
©SAYSO Consortium 26 Public
Deliverable D2.1 – State-of-the-Art Analysis other countries. The unit can be worn directly on the head or clipped to an approved hard hat and works with eyeglasses, safety glasses and safety goggles.
4.5 Special Detectors
In an emergency, CM needs to know which particular health threats first responders are facing on scene, i.e., CM requires a combination of hand-held or wearable detectors with the firefighter or police man. Such detectors can wirelessly network together to provide a comprehensive view of potential dangers. Body-worn detectors and integrated voice- and data communications are available for embedding them within Personal Protective Equipment (PPE). These sensors are capable of communicating measurement data to crisis management. Such systems have the following characteristics: • Ruggedized construction suitable for harsh environments ranging from -20°C to +50°C • Easy-to-maintain personal monitors • GPS tracking capabilities • Man-down alarms for individual team members • Portability • Suitable for establishing a continuously monitored perimeter around the incident • Seamless wireless connectivity to provide centralized visibility • Fast mobile access to levels and toxicity data via PC, smartphone, or tablet.
This section provides an overview of selected COTS detectors, each meeting one or more of these requirements.
4.5.1 EVIRONICS EnviScreen Operix
Environics provides a range of products integrated in field analysis and CBRN detection solutions for first responders, covering chemcial-, biological- and radiological detection and identification.59 This includes mobile CBRN monitoring and environmental monitoring. The detectors can be used during the entire timeline of a crisis fom the early warning to consequence management. it is noted in particular that a modern commercial database and software technologies and platforms are exploited in the EnviScreenTMsystem software.The EnviScreenTM Operix with its interactive GIS user interface provides the operators with continuous, real-time operative situational awareness of the event and measurement data received from the integrated sensors. The EnviScreenTM Operix is completed with EnviScreenTM Manifix management software for CBRN incident scenario simulation, analysis and forecasting. It presents clear and illustrative forecasts of chemical, biological, radiological and nuclear dispersions and analysis on map interface, based on GIS information, surveillance and sensor data as well as different dispersion and plume calculation models.
4.5.2 SARAD NucScout
NucScout is a spectroscopic hand-held 2"×2” NaI gamma monitor with nuclide analysis, GPS, and wireless interface for site characterization and radiation source identification. This dose rate meter and nuclide identifier monitors the local dose rate as well as the activity of up to 28 user selectable
59 http://www.environics.fi/product-categories/cbrn-dedicated-system-software/
©SAYSO Consortium 27 Public
Deliverable D2.1 – State-of-the-Art Analysis nuclides. The NucScout offers two different algorithms for the activity calculation of the several nuclides, i.e., PSV (peak shape verification) algorithm and the trapezoid method (e.g. for calibration purposes). Results are available as time distribution over the whole sampling period. A complete energy spectrum is saved for each interval on the internal memory card. The unit is equipped with an integrated GPS receiver which allows the local assignment of the acquired data. The instrument comes with a ZigBee wireless network interface to transfer recent data over several hundred meters to a “base station” computer. Remote control of the unit is possible via the integrated USB or wireless network. 60
4.5.3 RAE Systems AreaRAE Pro
RAE Systems provides a transportable area monitor, integrating gas- and radiation monitoring solutions that can be wirelessly networked together due to its built-in mesh modem for short-range monitoring; no external router required (Figure 14). Thereby, it provides remote visibility on up to seven threats. The AreaRAE Pro can send real-time data to command station up to 3 km away. It is equipped with more than 20 interchangeable sensors for monitoring gamma radiation, VOCs, combustibles, toxics and oxygen. It also features a local weather station for tracking toxic plumes. 61
Figure 14: AreaRAE Pro
4.5.4 Canberra UltraRadiac
UltraRadiac™-Plus Personal Radiation Monitor operates as a radiation monitor displaying radiation levels and the total dose received (Figure 15). Six button-user interface is operable/readable by personnel in firefighting- or HAZMAT PPE. Extreme ruggedness of the design enables it to operate in extremes of temperature, shock, humidity, dust, immersion and radiation. When used with a host computer, the optical RS-232 port of the UltraRadiac-Plus enables real time data to be provided to the computer such that dose rate mapping can be generated. It has a unique "stay time" feature that
60 https://www.sarad.de/product-detail.php?p_ID=48&cat_ID=1 61 http://www.raesystems.com/products/arearae-pro
©SAYSO Consortium 28 Public
Deliverable D2.1 – State-of-the-Art Analysis shows the wearer how much time (at the current dose rate) he/she can remain in place before a high dose alarm is reached.
Figure 15: UltraRadiac™-Plus Personal Radiation Monitor
4.5.5 Airbus SONEX-P
SONEX-P is an automatic neutron interrogation-based solution indicating in approx. 90 seconds whether or not chemical, radiological, nuclear or explosive material is hidden in a parcel or unexploded ordnance (Figure 16). Using neutron interrogation and associated particle imaging (API) as analytical method, it can automatically identify, detect and discriminate chemical, radiological and explosive threats with a single scan.
Figure 16: SONEX-P
SONEX-P is a portable system (total weight approx. 23 kg) for use by a single operator. Since SONEX-P utilizes an electrical neutron generator, this system is not subject to regulations concerning the transport of radioactive isotopes. The system has a separate algorithm for law enforcement, homeland security and first responders who deal with suspicious packages, abandoned bags and non-ordnance explosive threats. Its software interface package can be installed on any Windows- compatible laptop which can interface with the SONEX-P device through a shielded, OEM-supplied ethernet cable link. Wireless communication is available as an option. It displays the inspected object superimposed with the threat’s location. The SONEX-P operator receives an automatic indication of a
©SAYSO Consortium 29 Public
Deliverable D2.1 – State-of-the-Art Analysis threat or no-threat condition with supporting 3-D imagery to aid in the response. Detection is automatic, with the system signaling either a red light (threat) or a green light (no threat) in as little as 90 seconds.62
4.5.6 908 Devices M908TM
M908 is a handheld high-pressure mass spectrometer (weight: 2 kg) for detection of HazMat in vapour, solid or liquid form, such as Chemical Warfare Agents (CWA), Toxic Industrial Chemicals (TIC) and simulants and precursors (Figure 17).63 The selectivity of mass spectrometry allows M908 to detect trace quantities of critical threats amongst multiple interferents at the point of action.
Figure 17: M908TM handheld high-pressure mass spectrometer
4.5.7 Vimpex CompactPRO
CompactPRO is a thermal imaging camera designed for use together with a smartphone (iPhone® and Android™ top models) (Figure 18). The camera features a large, 320x240 thermal sensor with high sensitivity (works up to 550 m distance) and a wide, 32-degree field of view enabling the user to scan a large area to identify potential hazards in seconds. It has a focusable lens for quick identification. Operating range of the camera is from -40°C to +330°C. The system offers adjustable thermal span, level, and emissivity settings and radiometric files.64
Figure 18: CompactPRO thermal imaging camera
62 http://northamerica.airbus-group.com/north-america/usa/Airbus-Defense-and-Space/SONEX-P/Overview.html 63 M908 SpecSheet, http://908devices.com/wp-content/uploads/2017/04/M908_SpecSheet_2017_v13.pdf 64 http://www.rescuetools.co.uk/ppe-seek-ti.html
©SAYSO Consortium 30 Public
Deliverable D2.1 – State-of-the-Art Analysis
4.5.8 Environmental Instruments Canada Inc. GammaGuard
GammaGuard is a radiation detector with software on a mobile phone, using the mobile phone camera as radiation sensor (Figure 19). It will run in the background while the phone is performing other tasks. A mechanical shutter facilitates switching between radiation detection and photography modes. GammaGuard can automatically upload data to a central database. It will not saturate in high radiation fields, e.g., during a large-scale nuclear incident.
Figure 19: GammaGuard
Other special purpose radiation instruments can be connected to GammaGuard via Bluetooth. These also use the GammaGuard app as their main user interface and all data can be uploaded to a central database. The system comes in different configurations: (1) Model CT007-S is a small (5 cm x 9 cm x 1.5 cm) radiation detector connects to a mobile phone via Bluetooth. The phone, running the GammaGuard app, can be used as a personal radiation detector, when more sensitivity is required than the phone's camera can provide; (2) Model CT007-P features a pancake Geiger-Mueller tube for detecting surface contamination; (3) AM003 accepts standard, third party external probes, e.g., NaI(Tl) detector for use as a portal monitor or as a vehicle mounted detector. Data can be transmitted from a large variety of third party probes to a central database. 65
4.5.9 Laurus Systems Mini Rad-DX
Mini Rad-DX offers the SensorNet mesh network as well as the ability to be monitored system-wide via WIFI to a central location, emailing or texting alerts to critical personnel.66 SensorNet Mesh
65 http://gammawatch.com/ 66 http://www.laurussystems.com/Mini-Rad-DX-Advanced-PRD.htm
©SAYSO Consortium 31 Public
Deliverable D2.1 – State-of-the-Art Analysis
Networking is the ability for all enabled units to communicate to one another while passing along data to a central depository. Once the Mini Rad-DX comes within range of another Mini67, or a Rad- DX Area Monitor, the units mesh together and act as transceivers and receivers and push the data to the DX View software or other remote monitoring software. With the GPS enabled, it is possible to know the exact coordinates of the ‘event’, device, or monitoring situation. It displays dose rates and saves and displays accumulated dose. Several gigabytes of data and events can be stored and managed. A related product is the DX Assistant Local Network Server for SensorNet Enabled Detectors. The DX Assistant 2.0, a web application, is a stand-alone local server application operating in a Linux environment and specifically designed to support a network of SensorNet enabled radiation detectors inside a protected firewall. The DX Assistant allows the DX devices to be configured with Ethernet, WiFi, and Mesh networking options. Features include smartphone and tablet monitoring and control, and email and text notifications (Figure 20).68
Figure 20: Mini Rad-DX
4.5.10 Smiths Detection's LCD 3.3
The LCD 3.3 is a chemical warfare agent (CWA) identifier and a toxic industrial chemical (TIC) detector, incorporating a combined CWA and TICs detection library (Figure 21). It uses non- radioactive ion mobility (IMS) spectrometry technology. The LCD 3.3 can be handheld (weight: 0.65 kg) or clipped to a belt or harness. It features both audible and visual alarms plus a liquid crystal display and requires no calibration. The unit can be fitted with a survey nozzle to aid in the detection of residual persistent contamination while in survey mode. Data logging records up to 72 hours of mission data for future analysis. RS232 protocols connectivity allows post mission analysis and software updates. The system integrates with Smiths Detection's Sensa-LINX wireless communications network. Also, it is capable of vehicle and platform integration.69
67 Or LAURUS Systems Rad-DX Area Monitor 68 http://www.laurussystems.com/products/products_pdf/LS-DX_Assistant-Software.pdf 69 https://www.smithsdetection.com/index.php?option=com_k2&view=item&id=86:lcd-3-3&Itemid=1421&lang=en
©SAYSO Consortium 32 Public
Deliverable D2.1 – State-of-the-Art Analysis
Figure 21: LCD 3.3
4.5.11 SOTERA Wireless Inc. ViSi Mobile System
The ViSi Mobile® System monitors vital signs without connecting wired sensors from the person to other equipment.70 Paramedics and other emergency medical services (EMS) providers often operate in confined spaces and/or mobile environments. They are required to manage multiple tasks, including the monitoring of a patient’s vital signs. Currently, members of EMS must attach several wires and instruments to a patient to monitor vital signs. While the information received from these instruments is displayed on one screen, the entanglement of wires and the process of connecting and disconnecting the patient can be overwhelming and take up precious time and space in confined ambulatory transports. ViSi Mobile® device provides continuous, non-invasive blood pressure monitoring. In addition, the device monitors 12-lead electrocardiograms, temperature and respiration. The system works with existing devices, including traditional sensor attached to a patient that transmit data wirelessly back to a central monitor. The technology also allows end-to-end, real- time connectivity between the emergency medical technician in the field and the emergency room at the hospital. Data can be forwarded through a remote system from the ambulance to the hospital to give staff better SA prior to the patient’s arrival.
4.5.12 CommandWear Systems Inc. CommandWear
CommandWear integrates mobile and wearable technologies to support intelligence-led decision making where public safety organizations need it most – on scene.71 It provides real-time, simple-to- use, mobile SA tools to front-line emergency personnel. The CommandWear Situational Awareness Platform is a cloud- or enterprise based solution that is a completely open, cross-platform solution designed to work with existing technologies, such as networks, computers, tablets and smartphones. (Figure 22). The system integrates seamlessly with the latest wearable devices. Since the system is easy to use, it doesn´t require training. The Communicator App (1) provides a local view of the situation for each first responder, (2) allows first responders on scene to focus on the task, and (3) enables them to stay in touch with Command at all times. The app tethers smartphones with wearables, such as smart watches and other body-worn devices, to deliver video and audio data back to the command centre in real-time. This software platform integrates location and biometrics data
70 http://www.soterawireless.com 71 https://commandwear.com/
©SAYSO Consortium 33 Public
Deliverable D2.1 – State-of-the-Art Analysis from devices to provide personnel tracking, two-way text communication and video sharing. Thereby, it facilitates planning, mission execution, and review operations among teams.72
Figure 22: CommandWear wearables and tablet
4.5.13 US DHS POINTER
The Precision Outdoor and Indoor Navigation and Tracking for Emergency Responders (POINTER) is a small tracking device worn by first responders. The small tracking device on the first responder relays a signal to receivers at a command unit. POINTER utilizes low frequency magnetic fields that can transmit through materials and obstructions. Thereby, the POINTER sensor system enables accurate track positioning in diverse and complex environments. The small, electrically generated magnetic field generated by POINTER does not lose energy as it passes through obstructions, enabling location to the exact floor in a building. Functionally, POINTER administers 3D location and motion tracking. It works indoors, outdoors, below ground and under water. It can also be applied to long-range situations or where line of sight is severely blocked, such as when individuals are located in mines or bunkers.73
72 https://www.dhs.gov/science-and-technology/accelerator 73 Project Responder 5, DHS, 2017, https://www.dhs.gov/sites/default/files/publications/Project-Responder-5- Report_170814-508.pdf. See also “Precision Outdoor and Indoor Navigation and Tracking for Emergency Responders,” Department of Homeland Security Science and Technology Directorate, 2016, https://www.dhs.gov/sites/default/files/publications/Precision-Outdoor-and-Indoor-Navigation-andTracking-for- Emergency-Responders-Fact-Sheet-508.pdf.
©SAYSO Consortium 34 Public
Deliverable D2.1 – State-of-the-Art Analysis
4.5.14 iTrack First Responder Tracking System
The First Responder Tracking System integrates walking motion inputs with radio positioning information.74 The system continuously tracks the first responder’s motion behaviour, whether it be walking, running, or crawling. It maintains its accuracy by periodically referencing the distance to the fire trucks, first response vehicles and other ad-hoc beacons. The First Responder Tracking System is designed for locating firefighters in unknown indoor environments. The system consists of a small strap down foot mounted module, and a vest-worn network radio module (foot mounted module weight: 50 g; personnel tracking module weight: 250 g, excluding battery; horizontal & vertical accuracy: < ±10’; directional accuracy: ± 5°). This system is portable and can provide accurate tracking and accountability of a team of first responders into a building. It provides the Operation’s Command and Control with a visual overview of a trace of the first responder’s movement. The trace enables search parties to find the injured person.
4.6 Traffic Management Tools
Modern approaches to traffic management can be adapted to requirements originating from the special needs of CM (e.g., access routes for first responder vehicles; evacuation routes). Providing different stakeholders with specific traffic information for access to and egress from the incident scene (police patrol cars, fire fighter trucks, paramedic ambulance cars) - using existing web service functionalities - can improve SA significantly. The section below analyses examples of advanced COTS traffic management support services for improving SA in crisis management.
4.6.1 EmerT
EmerT is a web-portal developed by the Deutsches Zentrum für Luft- und Raumfahrt (DLR; German Aerospace Centre).75 With this tool the user can visualize the current traffic situation using a wide range of traffic data sources (aerial images, inductive loops, Floating-Car-Data, etc.). These traffic data can be used as basis to simulate and predict traffic. Thereby, EmerT supports the decision making process for traffic management actions in case of an incident or planning a large event associated with high traffic volume. Different functionalities of EmerT integrate traffic information, optimize routing and provide additional decision-support information towards a common SA among different stakeholders.
4.6.2 SUMO
SUMO, an open source road traffic simulation software, enables the user to simulate vehicles, pedestrians, traffic lights and multimodal mobility.76 It has been developed by the Institute of Transportation Systems at the Deutsches Zentrum für Luft- und Raumfahrt (DLR; German Aerospace
74 http://www.itrack-llc.com/download/pts.pdf 75 Bieker, Laura und Behrisch, Michael und Ruppe, Sten (2012) EmerT – a web based decision support tool for Traffic Management. 19th ITS World Congress 2012, 22-26 October 2012, Vienna, Austria. , http://elib.dlr.de/79629/ 76 SUMO – Simulation of Urban Mobility, http://www.dlr.de/ts/en/desktopdefault.aspx/tabid-9883/16931_read-41000/
©SAYSO Consortium 35 Public
Deliverable D2.1 – State-of-the-Art Analysis
Center). SUMO requires a road network, including data on road-side infrastructure (e.g., traffic lights), and a defined traffic demand for performing a simulation. Subsequently, the simulation software SUMO moves the vehicles from the start position of their route to their end position. Its capability to model multimodal mobility makes it a prime tool for planning evacuation routes.
4.6.3 L3 Mobile-Vision PatrolScout
PatrolScout is a map-centric, real-time SA solution for a fleet of vehicles with a live streaming feed of what’s happening, when it’s happening, from anywhere with a network connection (Figure 23). PatrolScout works through the fleets’ current Flashback in-car video system. It provides vehicle location and GPS monitoring tools, information access settings, and emergency situation alerts.77 Through virtually any 3G/4G network-connected device, including LAN/WAN-connected office PCs, dispatch monitors, smartphones and tablets, the operator can access the live scene from anywhere. Targeted information display toggles between map-centric view and video-centric views. It flags the viewer to a situation with vehicle emergency watch-me alert. Additionally, PatrolScout uses the existing cellular infrastructure and is an add-on to the Flashback’s list of capabilities with no effect on existing hardware.
Figure 23: PatrolScout real-time SA applicatin
4.7 Decision Support Systems
Modern Decision Support Systems (DSS) rapidly map the situation, enhance situational awareness, coordinate staff in real-time, reduce management costs and assist emergency managers to make faster and better decisions. An essential component of DSS is the incorporation of geographic coordination technology, using mobile terminals, pocket-sized tracking devices, smartphone and tablet apps, mission control software and possibly also third-party components (e.g., automated sensors or UAV). Key to successful joint decision-making among the multiple stakeholders involved in
77 http://www.mobile-vision.com/products/patrolscout/
©SAYSO Consortium 36 Public
Deliverable D2.1 – State-of-the-Art Analysis
CM is information sharing. This implies that the SA system is capable of shared communications and data-based SA for the commanders and actors on scene, in the air, on waterways and seas, depending on the location of the responders. In the course of managing a crisis far reaching decisions have to be made with regard to protection of the public (sheltering versus evacuation) or assessing health risks to first responders on scene (selection of the optimal PPE). The complexity of predicting the potential impact of toxic chemicals, radioactivity and explosions on man and the environment requires the use of computer modelling. Ideally, modelling algorithms should be user-friendly, in particular for inexperienced end-users. Also, software should enable the modeler to continue the use of already existing IT-equipment (legacy systems). The section below analysis examples of advanced COTS Decision Support Systems for improving SA in crisis management.
4.7.1 GINA System Solutions GINA
GINA (Geographic INformation Assistant) is a mobile tactical GIS developed in the Czech Republic. Its key features are dynamic mapping, tactical coordination, data exchange, and communication. GINA serves as a platform for live communication between unlimited number of units, provides automated reporting, tracking and optimizes incident management. The system consists of sturdy mobile terminals, pocket tracking devices, smartphone and tablet apps, mission control software and possibly also third party components (such as automated sensors or drones). These components are combined together and provide the task forces with all the crucial data right in the field. Today GINA is used during emergency and security situations around the world. It is also part of national emergency systems in Central Europe, used by firefighters on every day basis making their work safer and easier.78 SA is assisted by creating local maps, which makes it easy to find and update status of beneficiaries directly in an interactive map. Mapping of terrain and situation is comparable to drawing on a paper map (on mobile handhelds, tablets and PCs). The software features local maps worldwide, which can be used to create a list of beneficiaries directly in the map and update them, based on priorities and help provided. Thereby, crisis managers can see location, speed and direction of personnel and vehicles in the field. Reports of activities are created automatically. Off-line access to information is possible from a variety of sources, such as map portfolio, data layers, teammates locations, files and data from sensors.
78 GINA System Solutions http://www.ginasoftware.com/en/
©SAYSO Consortium 37 Public
Deliverable D2.1 – State-of-the-Art Analysis
Figure 24: GINA Intervention Tablet
GINA Intervention Tablet is a smart application designed to help firefighters and emergency rescue workers in the terrain (Figure 24). The system communicates with the operation center and provides commanders with various management and decision support tools during all phases of the intervention. It is used mostly in cars, trucks and ambulances. GINA Central provides detailed overview over location and status of unites in the field, thus helping maintain control and providing real-time coordination through a powerful combination of an interactive map, GPS tracking and effective communication. Units in the field can use GINA Mobile smart application for communication, navigation, and incident reporting. 79
4.7.2 ORNL – Incident Management Preparedness and Coordination Toolkit (IMPACT)
IMPACT is a GIS application/geospatial tool for first responders, designed to enhance SA, communication and collaboration during and for security events. 80IMPACT is an all-hazards planning tool for first responders, emergency managers and other security professionals. It combines simulation, visualization and mapping into an integrated user interface similar to a smartphone or tablet. It provides tools to assist in a wide range of situations, such as active shooter planning, downwind hazards from the release of dangerous chemicals, large stadium evacuation and casualty simulations, security surveys, and monitoring large event social networks for emergency response support. IMPACT uses common data formats to exchange data with other map-based tools and offers GPS tracking of people and assets. It provides real-time data feeds for SA and generates reports automatically. IMPACT enables simulation for table-top exercises and operates with a desktop or laptop (tablets via remote desktop) and is operational with or without a network connection in the field.
79 http://www.ginasoftware.com/en/firstresponse/ 80 Responder agencies interested in using the tool (free of charge) can download it at http://geo.ornl.gov/impact. Registered users also get free updates.
©SAYSO Consortium 38 Public
Deliverable D2.1 – State-of-the-Art Analysis
4.7.3 Applied Research Associates, Inc. – FiRST
FiRST app is a bomb-response tool that provides map-based, key decision-making data for crisis managers directly to laptop computers and smartphones.81 The data range from safe standoff distances, damage and injury contours, nearby areas of concern (e.g., schools, day-care centres), and suggested roadblocks to isolate the area. Improvised Explosive Device (IED) standoff data is based on the US DHS bomb-standoff guide. This IED standoff data is restricted to validated users with a .gov, .mil, or .us e-mail address. However, all other users can send a short justification and their FiRST application ID to [email protected] to obtain access to the tool. 82 Drawing on information from the HazMat Evac app, 2012 Emergency Response Guidebook, and online weather sources, FiRST also provides standoff data for hazardous material spills and reference information, guidelines, and critical contacts for IED and hazardous materials. FiRST app relays clear, contextual incident information on a user-friendly digital map that users can annotate with their own data.83
4.7.4 AnsuR RAIDO
The RAIDO application suite targets scenarios where rapid remote access to observations through photos or videos is essential. RAIDO facilitates interactive visual communication between field personnel and command center staff. Images and video can be shared with disaster recovery teams even in the event of terrestrial communications failure. The software provides rapidly available in- situ geo-tagged images. It also captures in-situ from the crowd, NGOs or other groups in a bandwidth efficient manner. Furthermore, image capturing and video streaming is possible from both, UAV and RPAS, which is sent to the pilot and routed to a control room at a different location in real-time. With RAIDO interactive communication UAVs send minimum data initially; observations are pushed by preview photos, video storyboards or live streaming. Actual data transferred may be reduced by 100X for photos, and HD video by 1000X/minute. All field observations are mapped with GIS, aerial and satellite data.
4.7.5 Drakontas DragonForce
DragonForce enables mobile teams to share information in real time, such as, e.g., instant messaging, location, photo and document sharing (Figure 25).84 It features: real-time personnel tracking on maps; collaborative whiteboards and situation reports, where images, maps, floor plans and diagrams can be used as collaborative whiteboards for mission planning and operations; instant messaging among individuals and groups; online storage and sharing of frequently used files, maps and images; after-action reporting, since every message, location report and file is logged; photo & document sharing. DragonForce operates on commercial devices, such as Android, iPhone, iPad, Toughpad and different web browsers (Chrome, Firefox, Safari, IE). It uses commercial data networks (3G, 4G, Wi-Fi, Satellite). The software is extensible and customizable, integrating existing data and systems, such as CAD and IP camera systems. The Command Center application runs in any standard
81 https://www.dhs.gov/science-and-technology/technologies. 82 Fact Sheet: https://www.dhs.gov/sites/default/files/publications/FIRST-Application-Fact-Sheet-Transitioned-SLUpdate- 160526-508.pdf. 83 https://www.dhs.gov/sites/default/files/publications/FiRST%20Operational%20Field%20Assessment%20Final%20Report.pdf 84 Drakontas Collaboration Tools: https://www.drakontas.com/?p=dragonforce
©SAYSO Consortium 39 Public
Deliverable D2.1 – State-of-the-Art Analysis web browser without the need to install any software. It supports multiple monitors, allowing to organize maps, whiteboards and text message feeds. DragonForce Mobile is an app that can be downloaded and installed on a smartphone, providing secure access to all mission critical data. Since this app leverages the GPS on the individual mobile phone, it enables the user to track himself and team members in real time. In case GPS shouldn´t work (e.g., inside a building) by touching a point on the map, DragonForce “dead reckons” the current location, enabling team members to know the location of the individual.
Figure 25: DragonForce Command Center application
4.7.6 Eurocommand GeoFES
GeoFES is a German operational command system for government agencies and public safety organizations. It is an ESRI ArcGIS-based software, which supports emergency commander in standard operations, as well as in large-scale and extensive damage situations caused by natural and man-made disasters, including CBRNe events (Figure 26).85 GeoFES is especially notable for its comprehensive integration and use of geographic information. The digital situation map, including very fast and efficient operation section generation, is easy to operate. GeoFES can be specifically configured for various units and command centres. By importing all operational data from the command centre, several layers can be simultaneously managed and administrated. The geographical integration of tactical symbols according to DV 102 completes the situational overview. All actions concerning the operation are automatically logged in the incident log and in the archive. Based on geo-information, ad hoc identification of endangered areas is possible, including areas to be searched, warned, and evacuated according to a fast analysis of the affected population and
85 http://www.eurocommand.com/en/comprehensive-solutions/
©SAYSO Consortium 40 Public
Deliverable D2.1 – State-of-the-Art Analysis protected goods. Statistical or analysis-based checklists support processing according to standardized operational.86
Figure 26: Ad hoc identification of endangered areas
4.7.7 Eurocommand CommandX
CommandX is an interactive operational support system for computer-based emergency communications in cases of an incident (for the public and the industrial sectors).87 The intuitively operable operational support software is simple to operate. Users do not need to install and they also do not have to rely on a potentially vulnerable Web-based program. CommandX can be installed simultaneously on a Windows-PC, on an Apple, or an Android smartphone. Additionally, one workplace can communicate with multiple partners locally or via a network connection. The modules can be spread out over multiple screens to develop individual tactical graphics. It can be integrated with UAVs, providing CM with direct access to detailed information, including current weather data and live videos. Information from sensor data, photos, and videos can be imported immediately, providing a complete overview of the situation.88
4.7.8 US DHS NICS-SCOUT
The latest US Government sponsored SA system is the Next-Generation Incident Command System (NICS).89 NICS is a web-based C2 environment.90 NICS is (1) Based upon Open Standards, i.e., it runs on any computer, any operating system, any browser91; (2) Non-proprietary, i.e., not vendor owned; (3) Uses an App Store-model with easy plug-&-play functionality; (4) Available at no cost to
86 http://www.eurocommand.com/en/comprehensive-solutions/professional-tools-for-operational-command.php 87 http://www.eurocommand.com/en/comprehensive-solutions/ 88 http://www.eurocommand.com/en/comprehensive-solutions/telematics-and-gps.php 89 NICS is sponsored by the Department of Homeland Security Science and Technology Directorate, and is being developed by Massachusetts Institute of Technology Lincoln Laboratory in partnership with the operators from the California First Responder Community. 90 Blog: First Responder Communication Platform Now Available, AFCEA, August 8, 2016; https://www.afcea.org/content/Blog-first-responder-communication-platform-now-available 91 Except Internet Explorer 8 and earlier; IE 9 works fine
©SAYSO Consortium 41 Public
Deliverable D2.1 – State-of-the-Art Analysis
Emergency Responders; (5) Designed for the responder under extreme stress; (6) Technology for small to extreme scale homeland security incidents, such as natural disasters, technological hazards, intentional attacks, and human-caused emergencies. During an incident, NICS provides an information backbone that manages and distributes data, including real-time vehicle location feeds, weather, critical infrastructure, and terrain information. NICS supports an apps plug-in model, including the following: • Ability to organize and share whiteboard rooms • Ability to communicate and document information using “Text Based Chatting” (public and private) • Multiple base map layers including streets, topographical, satellite, and aeronautical • Data warehouse • Automatic Vehicle Location (AVL) • Position Location Information (PLI) satellite based personnel tracking • Automated Aircraft Flight Following (AFF) • Robust real-time weather feeds • Form and Reports. Based on NICS is the software for US emergency services called Situation Awareness and Collaboration Tool (SCOUT).92 SCOUT enables crisis managers to share information in order improve multi-stakeholder SA for local, state, and federal partners with regard to preparedness, planning, response, and recovery for all-risk/all-hazard events. Specific uses include coordination and SA across fire, law enforcement and emergency management of incident location and perimeter; incident branch & division breaks; command post, staging and other incident support locations; evacuation areas and designated shelter locations; and radio/communication repeater locations. This field incident management system allows authorized users to view, search and add relevant tactical incident information for incidents, such as wild land fires, floods, search & rescue missions, special events, earthquakes and homeland security incidents. For this purpose SCOUT integrates incident information with other relevant geographical information, such as weather conditions, road conditions, utilities, census information, known hazards, and government boundaries.
4.7.9 E Team
NC4's Emergency Operations Center (EOC) software solution E Team provides a common operating picture so crisis managers can execute a coordinated response based on real-time and historical information. This software enhances SA by having a COP based on real-time, historical and GIS mapping data, incident information and shared information. The information in E Team can be simultaneously shared among emergency response teams, decision makers, and other agencies during the planning, response and recovery phase of an emergency. E Team provides inter alia the following web-based emergency management tools: Incident and Emergency Event reporting; Resources, Critical Assets and Vendor management; Critical Infrastructure tracking of hospitals, shelters, roads, transit and utilities; Intel tracking and management for Law Enforcement and Data Fusion Centres; Duty logs for recording all significant activities and actions taken during a shift;
92 iPhone Mobile App Quick Guide: http://www.caloes.ca.gov/RegionalOperationsSite/Documents/2016_09_07%20SCOUT%20iOS%20Mobile%20App%20Quic k%20Guide.pdf.
©SAYSO Consortium 42 Public
Deliverable D2.1 – State-of-the-Art Analysis
Planned Events and Activities reporting; Call Centre tracking; Damage Assessment for determining location, nature and severity of damage; Agency Situation reporting for high-level overview of a disaster's impact; Jurisdiction Situation reporting for high-level overview of available information; Corporate Situation reporting assists in analyzing a disaster's economic impact to the private sector; Action Planning for managing objectives or missions; Case Management to control disbursement of goods and services with a single, unified record to support disaster recovery efforts; Donations and Volunteer management; Hazmat Tier II reporting of detailed data on facilities that house Tier II chemicals; Public Information module for coordinating the dissemination of information; Organization and Staffing Charts to plan and document command post staffing. E Team features several IT security layers against unauthorized use.
4.7.10 Situational Awareness Systems COP
COP is a web-based incident management system, supporting interagency and interdisciplinary communications, collaboration, and cooperation. 93 COP is scalable and enables communications, collaboration, and reporting during an incident. The system provides comprehensive incident information in an organized fashion during all phases of the incident, enabling the users to collaborate across organizational boundaries for a wide variety of incidents. If sensitive information will be shared, COP provides multi-level security, specified for each organization involved. COP offers an interactive map with drawing/labelling capability and automatic 2-way notification of personnel. It is NIMS 94 and HICS IV 95 compliant, filling-in automatically appropriate HICS IV- and NIMS forms that the user can edit, save and share with others. COP works as stand-alone system and in a network in collaboration with external organizations.
4.7.11 Live Earth
Live Earth is a real-time mapping platform for visualizing time serious data and live data streams.96 It provides real-time SA, leveraging information from disparate sources. This touch-screen software is able to correlate events and uncover patterns and trends by synchronizing inter alia weather radar, traffic conditions, transportation sensors, video management systems, moving assets, IoT97 sensors, public transit, drone operation and shot detection sensors. It provides an interactive timeline with instant replay (play, pause and rewind) of geospatial data over time to quickly reconstruct recent scenarios (Figure 27). The user can add and remove data sources, live feeds, and map layers to suit the specific operational needs. Live Earth synchronizes different data feeds on a single interactive map to create a fused COP and actionable intelligence. The touch-interface of Live Earth is end-user friendly, i.e., without any training pinch & zoom, pan & tilt in 3D, play & pause can be achieved with the touch of a finger, or alternatively, it can be used with a mouse and keyboard.
93 http://www.fd-software.com/cop.asp 94 National Incident Management System (NIMS) 95 Hospital Incident Command System (HICS) is an incident command system (ICS) designed for hospitals and intended for use in both emergency and non-emergency situations. 96LIVE EARTH, Austin Texas (USA); http://try.liveearthsoftware.com/ 97 Internet of Things (IoT)
©SAYSO Consortium 43 Public
Deliverable D2.1 – State-of-the-Art Analysis
Figure 27: Live Earth real-time mapping platform
4.7.12 Intrepid Networks STING Suite
The STING Suite is a suite of mobile and web applications, enabling intelligence sharing between law enforcement, emergency medical service and firefighters. The integrated mobile platforms are designed for collecting, analysing and distributing information, in addition to viewing a real-time intelligence feed in an automated system. At the core of the suite is STING Mobile, where field data is received, reviewed, collected and transmitted by first responders in the field on smartphones and tablets. This software integrates first responder live positions and information gathering into a single mobile application. Thereby, it creates a live COP for the entire team to view, together with a personnel list, road/satellite map and radar. Each first responder’s respective position-tracking can be adjusted for battery life or turned off at any time.98
4.7.13 ESRI ArcGIS for Emergency Management
The ArcGIS for Emergency Management solution includes a series of focused maps and apps designed to maintain SA during an incident.99 Maps visualize physical geography, social demography and operations information during the incident. This includes a harmonized suite of ArcGIS services providing applications that support key CM activities, optimizing key CM workflows and simplifying interaction with incident and operations data. The results can be shared as a COP with key members
98 http://www.intrepid-networks.com/products.php 99 http://solutions.arcgis.com/emergency-management/situational-awareness-overview/
©SAYSO Consortium 44 Public
Deliverable D2.1 – State-of-the-Art Analysis of the Incident Command System (ICS), public safety personnel, and other key stakeholders. The suite consists of: • Situational Awareness Viewer (SAV) application can be used to identify the impact of an incident on public infrastructure and human populations (Figure 28). SAV assists watch officers analyze and understand potential impacts to the community while planning for an impending incident.100 The SAV is a configuration of Web AppBuilder for ArcGIS that can be used to analyze the impact to people and places within an incident area. It can be configured within ArcGIS Online or deployed on-premises; • Operations Response (OR) application assists in understanding the current status of emergency facilities and response teams.101 OR is a configuration of Web AppBuilder for ArcGIS that can be deployed by emergency management organizations and used by response personnel on desktop computers, smartphones, and tablet devices.
Figure 28: Situational Awareness Viewer application
4.7.14 Situational Awareness Viewer for Emergency Response & recovery (SAVER)
SAVER is a geospatial viewer which has the ability to display available data from multiple CM partners and other stakeholders to enable a more integrated operational approach during daily operations and disasters.102 This web-based information sharing system by FEMA103 consists of software and hardware that collects, processes, and displays real-time disaster related data from governmental and non-governmental partners. SAVER consumes a large number of static layers, live data feeds, and services to include for the US: weather forecasts, flood/hurricane, earthquake information, critical infrastructure information, demographic information, retail locations, congressional districts, sheltering locations, evacuation routes, Disaster Recovery Center locations, commodity staging areas, and locations of resources in transit.104
100 http://solutions.arcgis.com/emergency-management/help/incident-analysis-viewer/ 101 http://solutions.arcgis.com/emergency-management/help/operations-response/#whats-new 102 https://www.fema.gov/pdf/privatesector/saver_factsheet.pdf 103 US Federal Emergency Management Agency (FEMA) 104 https://www.fema.gov/pdf/privatesector/saver_factsheet.pdf
©SAYSO Consortium 45 Public
Deliverable D2.1 – State-of-the-Art Analysis
4.7.15 VERINT Situational Awareness Platform
The Verint Situational Awareness Platform (SAP) enables command-and-control operators to play an active role in CM and response by notifying users of emergency situations based on their location.105 Additionally, data from mobile devices can be sent to the command centre, enabling the general public to report security concerns and issues in real-time. SAP combines SA with built-in dispatch and bi-directional information flow for continuous communication between citizens, intake operators, field resources and command centre personnel, and allows responders to provide mobile reporting through video streaming and live images. The Dispatch Manager (DP) is part of the SAP. It uses comprehensive data analysis by rapid situational analysis and enhanced field communications to help first responders assess dangerous situations. DP integrates data from a number of sources including video and non-video sources, such as audio, social media, alarm sensors, access control points, and other security detections. This tool enables emergency responders to geo-locate victims in need of immediate assistance, allows bi-directional informational flow, i.e., citizens, dispatchers, responders, and emergency personnel can also share information on one channel.106 DP fuses critical data input from emergency calls and responder activity, live and historical event data with GIS maps, responder positions, reporter inputs, and revealing sources, such as weather, social media, cyber security, and public safety databases. SAP also offers the services of Mobile Reporter (MRt) and Mobile Responder (MRd). These capabilities work in conjunction to provide information through integration with intelligent sensors and data sources, including big data analysis, video surveillance and crowdsourcing. MRt capabilities allow businesses, agencies and local citizens to share information directly from their smart devices, allowing multi-dimensional response and communication. MRt also can send emergency notifications based on the location of the user. MRd functionality relays critical information and multimedia data from an incident, providing field personnel with more real-time, accurate intelligence about an incident before arriving on-site.
4.7.16 Buffalo Computer Graphics DisasterLAN
DisasterLAN (DLAN) is a web-based, mobile incident management system providing tools for shared situational awareness, workflow-based information management, and real-time communication to prepare for, respond to, and report on issues. 107 DLAN offers SA, including GIS and video streaming, custom status boards, After Action- and Audit Reports. It includes Social Media monitoring and response. Critical information can be shared through secure interoperable communication features. The US-focused COTS system has the capabilities of a customized solution tailored to an organization by offering three standard editions that can be configured in a number of ways to meet the needs of municipality, organization, or industry. During the configuration process the DLAN installation is tailored to the specific workflow requirements of the end-user. With DLAN it is possible to track, manage, and report on multiple incidents and events from one unified mobile-ready solution, addressing inter alia resource-, asset- and stockpile management; user-to-user and system-to-system messaging; Twitter feed monitoring and posting; emergency communication capabilities with two-
105 Verint Dispatch Manager Data Sheet, https://www.verint.com/assets/verint/resources/datasheets/vis/ds_dispatch_manager_dec2016_final.pdf. 106 Dan Dibley, Understanding Situational Awareness Helps First Responders, Capture Technologies, January 26, 2017; https://capturet.com/understanding-situational-awareness-helps-first-responders/ 107 https://www.buffalocomputergraphics.com/DLAN.
©SAYSO Consortium 46 Public
Deliverable D2.1 – State-of-the-Art Analysis way interoperable messaging via IPAWS, Email, CAP, EDXL; unlimited IP-based video feeds; current weather, forecasts, warnings, and animated radars; ESRI-compatible GIS mapping that can display Google Maps, Bing Maps, KML, WMS, GeoRSS, Aloha Plumes.
4.7.17 SIS EmerGeo Solutions, Inc. EmerGeo Fusionpoint
EmerGeo Fusionpoint is a data fusion software delivering a secure web-based Crisis Information Management System (CIMS) for emergency planning and response.108This integration platform, built on web fusion and open mapping technologies, combines logging and reporting, real-time data fusion, OpenGIS and ESRI mapping and web portal technology from multiple emergency and non- emergency applications. Users can drag-and-drop windows (portlets) in their web dashboard, control publishing of data and configure displays to avoid information overload. The system can automatically generate alerts (emails) when data logged into Fusionpoint or fed into it meet or exceed user-defined thresholds (e.g., based on incident severity or proximity to critical infrastructure). Fusionpoint, supporting multi-system and multi-agency interoperability, delivers a COP of critical data for a wide range of legacy systems (examples in parenthesis), such as alert notification systems (CommunicatorNxt®, ERMS Advantage), CIMS systems (ETeam™, WebEOC®), dispatch systems (Intergraph®,Versaterm®), GIS mapping systems (ESRI ArcGIS®, EmerGeo Navigator™), GIS map data (Google Maps®, Microsoft Bing®, Open Street Map®), cameras (Webcams, CCTV), hazard models (HazMat Plume, Oil Spill, Earthquake, Flood), and simulation Technology (4C Strategies’ EXONAUT™, MASA SWORD™). The integrated data fusion engine brings together essential data into a single log and map, filtered to ensure the right level of information is presented to each end-user. A Smart Client mapping application can operate without a network connection and will synchronize data updates with the Fusionpoint server when any type of wireless or wired network connection is made. This mobile option connects field and EOC personnel, adding resiliency and continuity to an emergency organization.
4.7.18 Airbox Systems – MOSAIC
Airbox produces the most comprehensive suite of shared situational awareness applications on both desktop PCs and mobile platforms (Figure 29). These tools were designed for planning, execution and after action review for Law Enforcement, Search & Rescue, Fire and Medical Emergency Services. MOSAIC is a mobile operational support application for tablets, smartphones and wearable technology, providing a COP for teams.109 World mapping features display and work with almost any chart and map type including ICAO, maritime, military, satellite, streetlevel, and topographical. Annotation incorporates integrated tactical tools to mark maps, indicate points of interest, and generate geo-fences to lessen radio chatter and reduce operational ambiguity. Data overlays visualise mission enhancing data, including building schematics, local and historical data, weather and environmental data and CCTV & sensor feeds. Tracking views locational data for tracked sources including team members using inter alia MOSAIC and 3rd party trackers. Software has been designed for optimal performance using minimum bandwidth. 85 per cent of MOSAIC’s features are available when operating offline. Secure messaging, two-way tracking, map annotation and document sharing, report submission and remote tasking require less than 0.5 Mbit/S.
108 SIS EmerGeo Solutions, Inc. Vancouver, Canada 109 https://airboxsystems.com/mosaic/
©SAYSO Consortium 47 Public
Deliverable D2.1 – State-of-the-Art Analysis
Figure 29: MOSAIC shared situational awareness applications
4.7.19 Genesis PULSE
Genesis PULSE® is a decision-support and SA tool. This software solution alerts its users upon detecting a service not meeting set standards. PULSE then provides administrators and review boards with comprehensive data for constant improvement analysis. It enhances existing CAD 110 systems and can do the job of multiple applications in operation in a call centre.111 PULSE Live displays unit and incident data on Google Maps™ to aid in efficiently dispatching units to avoid potential response penalties. PULSE Replay allows for supervisors and administrators to evaluate calls — from single- unit to system-wide — to verify the closest, most appropriate unit was assigned or diverted to a response. PULSE Live offers several services, such as: displays unit and incident data on Google Maps™ to reveal a number of potential obstructive conditions, such as weather or traffic; contractual (compliance) data input creates standards which automatically detect and alert when violations occur; supervisors can classify and code late calls for real-time compliance statistics due to the immediate visualization and notification of late calls within contractual response areas; candidate rankings allow the dispatcher to see the closest three units to any in-queue incident based on actual drive time from the units’ current position to the scene location; efficiency of postings (unit move- ups) is increased by replacing leapfrog-posting (crossing units) with domino posting, i.e., unnecessary post moves on emergency vehicles are eliminated; colour coding provides immediate visualization for diverting a unit already en route from a lower priority call to respond instead to a higher priority call; Map Widgets provide a custom set of views for monitoring active responses, geofence violations, or optionally viewing vehicles based on status; Scheduled Calls in Queue widget gives the user an easy-to-view panel showing upcoming trips/ events scheduled for the current day and the next day; Stop Points allow users to add a marker to the map indicating where a specific driveway or
110 Computer-Aided Dispatch (CAD) 111 https://genesispulse.com/
©SAYSO Consortium 48 Public
Deliverable D2.1 – State-of-the-Art Analysis entrance is to a particular address; view filtering allows for restricted access by role based on a custom layer/custom geofence being drawn; custom geofencing allows users to only see units operating within a custom geofence or units outside the geofence assigned to a call inside the geofence. PULSE Reporting provides Key Performance Indicators and on-demand reports which deliver real-time feedback on the health of a system or individual contract areas. This allows for supervisors to make appropriate changes right away in service areas where compliance may be borderline. Capability of the PULSE suite can be increased by adding the Healthcare Facility Dashboard (HCF). The HCF allows a facility to see all inbound/outbound patient flow with the unit that is inbound for pick-up or drop-off and their estimated time en route using the Google Distance Matrix, which allows for accurate time estimations. Communications personnel can see units nearing end-of-shift to more reliably control late calls and reduce unnecessary overtime. Historical postings are shown using a heatmap. Heatmap displays the density of “At Post”/”On Post” statuses when that status is captured along with the unit’s position at that time. With Partnerships user is able to view an entire fleet across multiple jurisdictions, states, or across the globe. PULSE Weather, integrated with PULSE Live Tracking, provides real-time weather radar overlay, severe weather alerts and polygons and historical weather available for 30 days. Locate Me centers the map on the user’s current position, based on the computer’s or smartphone’s location.112 Using Genesis PULSE® with Waze integration, emergency call centres can easily pinpoint traffic events, such as construction, congestion or accidents. Furthermore, with the two-way data share, Waze app users are alerted to the same traffic events, allowing them to avoid delays. The Genesis PULSE in-vehicle mobile app with Waze integration provides first responders not only with current road conditions, but real-time, turn- by-turn navigation.
4.7.20 PRIORITY 5 Touch Assisted Command and Control System (TACCS™)
TACCS agregates information from any internal or external data source and manages, interprets and displays information in a way that enables decision makers to achieve comprehensive SA. Using a touch sensitive or mouse driven geospatial reference display, a decision maker can access current operating conditions, examine performance trends, predict system degradation, view the impact of alternative mitigation measures, review important procedures and communicate decisions within the TACCS™ graphical user interface. 113 TACCS™ provides a real time dynamic COP that facilitates communication between levels of management by networking headquarters and remote locations for planning, training and real-time event management. Plug-ins for the TACCS™ system customize Priority 5’s software to integrate standard or custom data feeds, modify dashboards, utilize legacy or other third party software, add camera feeds and controls, display sensor data, manage third party alerts and notifications provided automatically or manually, combine multiple simulations and tailor automated report generators. In addition, TACCS™ provides a “what if” operating mode to assess the consequences of a natural disaster or terrorist act that results in the loss or degradation of critical assets by transition from the dynamic COP to a parallel simulation environment, where they can impose off-normal conditions of operation, and see the cascading impacts that result from multiple system interdependencies. TACCS assists in managing critical assets: Icons representing critical infrastructure or key resources
112 PULSE Live Features: https://genesispulse.com/features/pulse-live/ 113 https://www.priority5.com/solutions/
©SAYSO Consortium 49 Public
Deliverable D2.1 – State-of-the-Art Analysis
(CI/KR) show in the display with halos. From the asset panel, the operator views nearby cameras, calls up information unique to the assets (such as a floor plan), to see whether there are active threats in effect, change how the asset state is shown in the display, and have available a summary of operational information about the asset. TACCS™ operators can see the multi-level effects of CI/KR failures, i.e., green halos around the critical assets show that the assets are fully functional. The dashed purple lines connecting the assets represent interdependencies that exist because of physical relationships or policy determinations. TACCS also enables the operator to create incidents, monitor their status and initiate responses.
4.7.21 Emergency Services Interactive Systems Dragonfly
Dragonfly is a risk management software program that allows an agency to plan, prepare, respond, and recover to all hazard-type incidents through SA improvements. This NIMS-compliant SA software tool was created by first responders for first responders. It standardizes, coordinates, and organizes crucial and required data in either a pre-planned event or actual emergency. With Dragonfly, information is only entered once, and all of the required forms are auto-populated. Changing the plan can be done in part or whole. With Dragonfly the user can integrate with existing resource systems and create a “force multiplier” tool set. The software eliminates the burden of filling out repetitious forms with an interface that walks Emergency Operation Centres or first responders through the entire process step-by-step. Dragonfly coordinates all users from the initial response to on-going operations, eliminating duplicated efforts and allowing for more comprehensive communication and improved decision-making.114
4.7.22 IES JIXEL
JIXEL is a Web 2.0 cloud-based service for the emergency sector. It enables incident management, resources management and data exchange between emergency services during day-to-day operations. IIXEL enhances Command and Control Room solutions by providing Web GIS interfaces for incidents and resources management, as well as an interoperable Web 2.0 environment for seamless exchange of relevant data between different emergency authorities and/or control rooms. Thereby, JIXEL provides the tools for the joint management of an emergency situation by different stakeholders.115
4.7.23 ENVISION
Envision links satellite phones to tri-band or dual-band radio, ground to air aerial asset VHF radio and office location IP-based communication.116 The display of this information is independent of the version or manufacturer of the computers operating system. All communication, maps, sensors, GIS overlays, transportation tracking software are integrated in one unified, or optionally on multiple shared geo-diverse operator locations. Legal recording voice and streaming data replay software-
114 http://dragonfly-360.com/information/dragonfly/. 115 file:///C:/Users/User/Downloads/lbna27049enn.pdf. 116 FREQUENTIS http://www.frequentis.com.
©SAYSO Consortium 50 Public
Deliverable D2.1 – State-of-the-Art Analysis based servers create a unified Common Operational Picture (COP) for Command and Control and Incident (C2I) management.117
4.7.24 FREQUENTIS 3020 LifeX
3020 LifeXTM is a software architecture for use in control rooms.118 It enables operators to dispatch resources and manage incidents either via phone or tablet by using portable clients. User interface functions are grouped into modules that can be activated, deactivated, and arranged on the graphical user interface according to the needs of the crisis manager. The system ensures that the control room adapts constantly to its changing environment.
4.7.25 JESIP APP
The JESIP App provides CM working in emergency response with a quick way to access essential information including the JESIP Principles, Joint Decision Model, and generate a METHANE report.119 The JESIP App improves the multi-agency response and assists to embed JESIP so its use becomes business-as-usual resulting in emergency response staff achieving the JESIP aim of collaborating and saving lives. The JESIP App is a useful tool for anyone working in emergency response, including those who assist and support emergency responders. The JESIP App has been developed for both Apple and Android devices and is available FREE from the Apple App Store and Google Play Store (Apple iPhone running iOS 8 or later; Android phone running v5.0 or later). A data connection / phone network is required to use some features.
4.7.26 UK OS ResilienceDirect
ResilienceDirect™ is a secure information-sharing platform for the emergency community, cutting across multiple communication channels. 120 It enables the CM community to share information in real time across all organisational and geographic boundaries. ResilienceDirect brings location context to data - underpinned by United Kingdom Ordnance Survey (UKOS) location data - and can integrate with other live third party datasets from desktop or mobile device. UKOS mapping datasets are free to use (no digital certificates) and accessible anywhere on almost any device. Thereby, first responders can pinpoint risk areas and communicate information accurately, in some cases specifically to an individual building.
4.7.27 Vigilant Platforms Situational Awareness System
Vigilant Platforms SA system connects public agencies and private enterprises securely through sharing audio (radio and telephone), video and data resources in real-time in the event of an emergency. This incident management solution is a real-time global ad-hoc interoperable communications and multi-media collaboration platform. The platform provides seamless information sharing capabilities both vertically and horizontally across agencies (interagency/intra- agency). On-demand peer-to-peer collaboration is possible, scaling from a small local event to large-
117 https://www.linkedin.com/pulse/world-which-we-live-shared-situational-awareness-has-ryan-boisture. 118 FREQUENTIS http://www.frequentis.com. 119 http://www.jesip.org.uk/home. 120 United Kingdom Ordnance Survey (OS); https://www.ordnancesurvey.co.uk.
©SAYSO Consortium 51 Public
Deliverable D2.1 – State-of-the-Art Analysis scale state, regional, and national emergencies. Under its peer architecture, an invitation model is enabled whereby each participating agency retains both logical and physical control over its communications and media resources and can choose to participate or not participate in a collaboration session with other partner agencies.121 New communication devices are not needed, since current communication equipment (legacy or modern) can be used with the platform reducing the need to upgrade to newer systems. The system has no single point of control or failure because there is no centralized server or switch required.
4.7.28 RIB
The RIB Integrated Decision Support System is a system for prevention and emergency management from the Swedish Civil Contingencies Agency (MSB).122 This is a subscription-based software package, which integrates an extensive library, a chemical database with dispersion models, risk management tools and a command and control system. Main functions include: • The library: Contains more than 14,700 items, of which more than 5,000 are in full text123, including research reports, observation reports, fire investigations, training literature, legislation, and also films and internet links. • Hazardous substances: Provides physical facts about a substance e.g. boiling point, melting point, vaporisation point, flammability range. This function also provides information about experience gained during previous emergencies involving the substances. Contact details for experts and information about prevailing legislation are also avaiable. • Resources : Data on the resources (materiel and expertise) available at fire brigades, businesses, organisations, and authorities, and which resources can be used during large emergencies and emergency response operations. This function provides a nation-wide search ere the locations of resources are displayed on a map. • Operational support: organise and categorise operations documents. During operational status it is possible to register events, decisions, manpower, tactics, to get an overview of an operation. • The Statistics fuinction provides access to objective statistics for anyone that works on or analyses emergency response operations. The RIB system is also available in a version for operational use.
4.7.29 WIS
WIS is a web-based information system for stakeholders in the Swedish emergency management services, provided by the Swedish Civil Contingencies Agency (MSB). Access to WIS is provided free of charge, with the objective is to facilitate information sharing between actors before, during and after emergencies. Information sharing is based on events, which can be published and subscribed to by the actors. Information shared includes documents, notes, geographic data etc. Users can share information with one another in journal form. When widely deployed, this facilitates obtaining comprehensive
121 https://www.vigilantplatforms.com/situational-awareness/. 122 https://www.msb.se/en/ 123 Web site data October 2017
©SAYSO Consortium 52 Public
Deliverable D2.1 – State-of-the-Art Analysis situational assessments during emergencies. An actor, such as a municipality, has its own journal, which in turn is divided into a number of journal tabs. This is where entities publish journal entries. Each entity decides which other entities should be authorized to a journal. Those with the proper authorization can easily follow developments during an emergency by consulting the journal of a specific actor. To establish a comprehensive assessment of a situation, journals can be inter-linked. WIS also enables the sharing of information within actors. WIS is also available as a free App for iOS, Android and Windows Phone.
4.7.30 BREEZE Modelling Software
The BREEZE modelling software suite meet the criteria of user-friendliness and compatibility with legacy systems to a large extent. The software ExDAM®124 enables the rapid evaluation of damage experienced by each structure within a facility as a result of a primary explosion, and accompanying secondary explosions. The user can model even small geometric details of the Ground Zero125 affected by the explosion. Output is in the form of damage/injury tables, before-blast and after- blast displays, pressure and damage/injury contour plots, and damage/injury-versus-distance graphs, all in colour. Its primary application is to evaluate terrorism and sabotage threats to a facility and persons. In order to model hazardous material (HazMat) the software Incident Analyst® covers a wide range of applications, from modelling for facility design/safety improvement purposes, or risk management consequence analysis, to real-time assessment of hazards in emergency situations and reconstruction of a past incident. User-friendliness is ensured by a relatively short model setup and execution time, using ribbon bar interface and scenario templates. It includes an algorithm for 3D visualisation of results and export to Google Earth®. Running the model algorithm requires normally only seconds on a standard PC or Laptop. However, using multiple sources, or fine calculation grids or time-steps, will extend calculation times significantly.
4.7.31 HotSpot
This cost-free software enables emergency response personnel to evaluate incidents involving radioactive material and carry out safety analyses of facilities handling nuclear material.126 Atmospheric dispersion models are designed for near-surface releases, short-range (less than 10 km) dispersion, and short-term (less than 24 hours) release durations in unobstructed terrain and simple meteorological conditions. The programme cannot handle complex weather patterns or terrain features. It contains a comprehensive radionuclide library, Dose Conversion Factors (DCFs) for inhalation, submersion, and ground shine. DCF values are used for submersion and ground shine. Also, besides the inhalation 50-year Committed Effective Dose Equivalent DCFs, acute (1, 4, 30 days) DCFs are available for estimating deterministic effects associated with high-acute radiation doses. Also, the HotSpot software has been designed with a Quality Control (QC) feature. QC verifies that the codes are functioning properly.
124 EXDAM® is a component of the BREEZE® modelling software used for evaluation of damage to structures and injury to people caused by explosive-induced detonations. 125 Location of the detonation. 126 Details at https://narac.llnl.gov/hotspot.
©SAYSO Consortium 53 Public
Deliverable D2.1 – State-of-the-Art Analysis
4.7.32 HSS GeoHEALTH
GeoHEALTH is the US Department of Health & Human Services (HSS) secure GIS-based, electronic, interactive mapping application. This application includes federal and public agencies into a single visual environment for enhanced SA, assessment, and management of resources for planning, response to natural, man-made or pandemic events. The system supports functions such as policy analysis, planning, course of action comparison, incident management, and training. It supports the needs of decision makers at various levels within HHS and other federal agencies to provide enhanced situational awareness at a level of granularity needed for all responders, including regional emergency coordinators and teams in the field. It is also able to display and provide details on medical care sites, resources and mobilization points and provide analytical tools for planning and preparedness efforts. GeoHEALTH is able to display different datasets and information feeds, including local data feeds to help all involved work with a more complete aggregation of data. Individual users are able to define and incorporate the data layers that they need for a specific event or need. Each user account will be associated with a group. Layer access is based on the user’s group and ownership/access of the data.127
4.7.33 HSS emPOWER
The HHS emPOWER Map is an interactive online GIS-based tool to help community health agencies and emergency management officials in disaster preparedness as they plan ahead to meet the emergency needs of community residents who rely on electrically powered medical and assistive equipment to live independently at home. The integrated data accessible through the HHS emPOWER Map can help hospitals, first responders, and electric utility officials, work with health officials to prevent health impacts of prolonged power outages due to storms and other disasters. The HHS emPOWER Map is a public and interactive map that provides monthly de-identified Medicare data and an expanded set of near real-time hazard tracking services. This information provides enhanced SA for assisting areas and at-risk populations that may be impacted by severe weather, wild fires, earthquakes and other disasters.128 The HHS emPOWER Initiative consists of three data and mapping capabilities. The first tool is the HHS emPOWER Map that integrates de- identified Medicare billing-data, real-time severe weather tracking, and GIS mapping to highlight the number of at-risk individuals that use electrically-dependent, life-maintaining, and assistive durable medical equipment in geographic areas down to the zip code level. The second tool is the HHS emPOWER Emergency Planning De-identified Dataset. It provides de-identified Medicare billing information for each type of durable medical equipment and dialysis, oxygen tank, and home health care service in use within a state, territory, county, or zip code. The third tool is the HHS emPOWER Emergency Response Outreach Dataset, containing limited individual level information through a secure mechanism, which can be used to conduct outreach prior to, during, and after a public health emergency.
127 https://geohealth.hhs.gov/arcgis/home/ 128 HHS emPOWER Fact Sheet: https://empowermap.hhs.gov/HHSemPOWERMap2.0Factsheet_Final04072017.pdf.
©SAYSO Consortium 54 Public
Deliverable D2.1 – State-of-the-Art Analysis
5 EU Supported R&D Projects Addressing SA
The EU FP7 R&D programmes supported research and development also in the SA sector with a total amount of more than € 100 million; all but one of the projects are closed. The results obtained in these twelve R&D projects reflect a wide range with regard to their Technical Readiness Level (TRL). These technologies are not used routinely by CM in EU Member States yet, since they require further development and field tests to a varying degree before they will be commercialised. Therefore, they do not represent SOTA but rather PBSOTA – Progress-Beyond-State-of-the-Art. This topic area, together with a detailed analysis of related Horizon 2020 projects, will be addressed in SAYSO Deliverable 3.4 - Roadmap for Further Advanced MSSAS Optimization. A summary overview of pertinent EU FP7 projects is provided in Table 2 below.
Project Project Title Total Cost, EUR Project Status Acronym (October 2017)
BRIDGE Bridging Resources and Agencies in Large-Scale 18 355 599 closed Emergency Management CENTAURO Robust Mobility and Dexterous Manipulation in 4 124 915 Until Disaster Response by Fullbody Telepresence in a 2018-09-30 Centaur-like Robot DARIUS Deployable SAR Integrated Chain with Unmanned 10 645 581 closed Systems DITSEF Digital and Innovative Technologies for Security and 4 180 384 closed Efficiency of First Responders operation ESENET Emergency Services Europe Network 704 845 closed E-SPONDER A holistic approach towards the development of the 12 542 904 closed first responder of the future EVACUATE A holistic, scenario-independent, situation- 13 135 531 closed awareness and guidance system for sustaining the Active Evacuation Route for large crowds ICARUS Integrated Components for Assisted Rescue and 17 306 993 closed Unmanned Search operations IDIRA Interoperability of Data and Procedures in Large- 10 836 073 closed scale Multinational Disaster Response Actions IF REACT Improved First Responder Ensembles Against CBRN 5 243 368 closed Terrorism SECTOR Secure European Common Information Space for 4 578 769 closed the Interoperability of First Responders and Police Authorities WSAN4CIP Wireless Sensor Networks for the Protection of 2 775 000 closed Critical Infrastructures
Table 2: Overview of EU FP7 R&D projects addressing situational awareness
©SAYSO Consortium 55 Public
Deliverable D2.1 – State-of-the-Art Analysis
6 ICT Architecture and Technologies
6.1 ICT architecture for MSSAS
6.1.1 Motivation
Specific application domains, like CP and emergency management, usually see the emergence of domain specific systems designs based on research and best practice in the field. System architectures for certain application domains, are sometimes referred to as reference architectures. These may be subject to standardization depending on the industry take-up. One of the objectives of the SAYSO project is to elaborate an MSSAS reference architecture as a frame of reference for public procurements and for compliance in commercial development of SA solutions. The need for architecture for SA systems is reflected in the SAYSO survey129, by the respondents’ perceived lack of integration and interoperability of currently used SA tools and services. The project will propose an SA Reference Architecture which will build on and promote sound architectural principles for emergent interoperability in SA systems such that it will, • Promote a system of systems approach leveraging decentralized and federated SA development. • Elaborate architectural qualities and design guidelines focused on SA systems. • Describe a set of well-defined, inter-related and standards-based functional components for SA system design. The architecture development in SAYSO will build on state-of-the-art ICT system architectures and reference architectures. In this section we will exemplify the concept of architecture and reference architecture by looking at a number of architecture models and frameworks.
6.1.2 Architectural Qualities
Function and quality are complementary properties of a system that is being designed. While functional requirements describe what a system should do, the non-nunctional requirements describe the operational qualities of a system not captured by the functional specifications, these may include qualities of resilience, availability, privacy etc. Qualities of software systems has been subject to standarization130. These architectural qualities are commonly referred to as perspectives in architecture models and descriptions (see below). The corresponding qualities for the SAYSO reference architecture will be elaborated in forthcoming activities.
129 Deliverable D2.2 Preliminary inventory of practitioners requirements 130 ISO/IEC 25010:2011: Systems and software Quality Requirements and Evaluation (SQuaRE)
©SAYSO Consortium 56 Public
Deliverable D2.1 – State-of-the-Art Analysis
6.2 Architecture models
6.2.1 Reference architectures
Reference architectures have a long history in IT and telecom systems design. Their main purpose is to act as common guides to the generation of architecture in specific domains.
Figure 30: A reference architecture provides the instruments and guidelines for domain specific architectures from which specific system designs are derived (from IoT ARM, Bassi et al)
A Reference architecture serves the following roles and usages, • A common vocabulary reference for an ICT design domain. • A structured collection of concepts, models and guidelines for description of domain specific architectures. • A collector and generalization of good (possibly best) practice in the domain. • An instrument for comparison, explanation and benchmarking of different designs in the same domain. There are a number of challenges that face requirments analysts and developer users of these frameworks. They tend to become very complex and cumbersome to apply and also to comply with. Some architectures also appear too generic for the intended domain.
6.2.2 ISO/IEC/IEEE 42010 “System and software engineering – Architecture description”
This standard defines a generic model for systems architecture, which superseded the IEEE 1471 “Recommended Practice for Architectural Description for Software Intensive Systems” (IEEE, 2000).
©SAYSO Consortium 57 Public
Deliverable D2.1 – State-of-the-Art Analysis
Figure 31: ISO/IEC/IEEE 42010 Architecture Description Conceptual Model
According to the ISO/IEX/IEEE 42010 specification, an architectural description should identify the stakeholders of the system-of-interest that have, or express, concerns which are fundamental for the architecture design (i.e., that can significantly impact the corresponding design choices). Concerns, in particular, have to consider: (a) the purpose of the system, (b) the suitability of the architecture for achieving system’s goals, (c) the feasibility, (d) the implied risks, (e) the maintainability and (f) evolvability of the system. To better frame significant concerns with respect to architectural design choices, the IEEE 42010 standard introduces the notion of viewpoint. According to such a standard, “a viewpoint frames a concern when the viewpoint gives the architect the means to express that concern”. For example, the formalism of Gantt charts frames concerns about project activities, schedule and dependencies, whereas other notations, such as UML use case diagrams, would not be helpful for modeling these concerns. In the 42010 conceptual model of architecture descriptions, a viewpoint uses a set of model kinds to frame a specific set of concerns that stakeholders have about a system. However, quality properties such as security, performance or availability need to be considered across several viewpoints. In (Rozanski & Woods131), the complementary concept of architectural perspectives is introduced to address these cross-cutting concerns. Viewpoints and perspectives are therefore crucial to convey an information-rich view of a software architecture design and can be described as: collections of patterns, templates and conventions for constructing one type of view. Again, according to the standard, this supports “architects in using the right tool for the job when modeling the architecture”. A typical example of viewpoint is the functional one, which contains all functions that a system should perform, the responsibilities and interfaces of the functional elements and the relationships between them. The following viewpoints are defined,
131 Rozanski, N., & Woods, E. (2012). Software Systems Architecture,: working with stakeholders using viewpoints and perspectives. Addison-Wesley.
©SAYSO Consortium 58 Public
Deliverable D2.1 – State-of-the-Art Analysis
• The Functional viewpoint describes the functional elements needed to meet the key requirements of the architecture. It presents proposals in a descriptive way and UML diagrams will assist in the understanding of the proposals. It describes responsibilities, interfaces, and interactions between the functional elements. • The Deployment viewpoint describes how and where the system will be deployed and what dependencies exist, considering for example hardware requirements and physical constraints. If there are technology compatibility issues, these can be addressed in this viewpoint as well. • The Information viewpoint describes the data models, the data flow and the data distribution over the described platform. Moreover, it also defines which data will be stored, and where, and, which data will be manipulated, and where. Complementary and orthogonal to the viewpoints a set of perspectives may choosen, which e.g. elaborate security, privacy, and scalability issues.
6.2.3 IoT-A reference architecture
The IoT Architectural Reference Model (IoT ARM) provides a collection of generic architectural concepts and constructs considered applicable to Internet of Things (IoT) system architectures. The IoT ARM does not say how to build IoT systems, it is a tool box of concepts, models and recommendations for the domain of IoT systems and their architectures. The IoT-A reference model can be used as a baseline to derive new IoT architectures but also as a reference to explain and compare different existing IoT system designs. The reference model framework was developed by the IoT-A132 project and addresses IoT in terms of an overall IoT Architectural Reference Model including the subsets: - Business and stakeholder scenarios - An IoT Reference Model - The IoT Reference Architecture The first two parts define the objectives, context and concepts of the overall architectural framework.
132 http://www.iot-a.eu
©SAYSO Consortium 59 Public
Deliverable D2.1 – State-of-the-Art Analysis
Figure 32 : Sub-models of the IoT Reference Model (From Bassi et al., 2013133)
The Reference Architecture is meant as the reference and architectural guideline for building (instantiating) compliant domain specific IoT architectures from which systems can be designed and implemented.
6.2.3.1 IoT-A domain model
An important part of the Reference Model is the definition of the central IoT domain oriented concepts. The IoT Domain Model names and relates these central concepts in the IoT Reference Model.
133 Bassi, A., M. Bauer, M. Fiedler, T. Kramp, R. v. Kranenburg, S. Lange and S. Meissner, Eds. (2013). Enabling Things to Talk - Designing IoT solutions with the IoT Architectural Reference Model, Springer.
©SAYSO Consortium 60 Public
Deliverable D2.1 – State-of-the-Art Analysis
Figure 33: UML version of the IoT-A Domain Model
In the IoT-A domain model, real world physical entities have corresponding digital representations in virtual entities. The physical entities can be subject to monitoring or actuation by means of various IoT devices. The devices can be attached directly to the physical entities, or the physical entities are in the operating range of the devices (e.g., through a wireless net). The software part of the device that provides information on the entity or enables actuation of the device is modelled as a resource. The functionality provided by the resource is exposed by means if services. Services provide well- defined and standardised interfaces, hiding the complexity of accessing variety of heterogeneous resources. The interaction with a physical entity can be accomplished via one or more services associated with the corresponding virtual entity.
©SAYSO Consortium 61 Public
Deliverable D2.1 – State-of-the-Art Analysis
Figure 34: Example modelling using the Domain Model.
6.2.3.2 Information Model
The structuring of the Virtual Entities from the Domain Model is detailed and modelled in the IoT Information Model. The Information model is intended to meta model those concepts from the Domain Model that should be explicitly represented and managed in an IoT system.
Figure 35: Information model entities
©SAYSO Consortium 62 Public
Deliverable D2.1 – State-of-the-Art Analysis
The entityType of a Virtual Entity can possibly refer to an external ontology (possibly some application domain model standard) that can define the set of attributes, and similarly for the attribute and service types.
Figure 36: Example instantiation of the Information Model
Other more implementation-oriented information models include: • Entity model: The Entity Model specifies which attributes and features of real word objects are represented by the virtual counterpart. May e.g., use an ontology based on ER/OWL134. • Resource model: The Resource Model contains the information that is essential to identify Resources by a unique identifier and to classify Resources by their type, like sensor, actuator, processor or tag. Possibly using ontology based on ER/OWL and standard ID system, e.g., EPC/GS1135. • Service description model: Services provide access to Resources and are used to access information or to control Physical Entities. Service description framework, e.g., USDL136. • Event processing model: Describes the objects, rules and agents used to receive, process and dispatch events in an IoT system.
6.2.3.3 Functional model
The components of the IoT ARM are organized into groups in the Functional Model. This model is then the basis for defining the Functional View in the reference architecture.
134 ER - Entity Relationship, OWL -Web Ontology Language, https://www.w3.org/TR/owl2-overview/ 135 Electronic Product Codes, https://www.gs1.org/epcglobal 136 Unified Service Description Language, https://github.com/linked-usdl/usdl-core
©SAYSO Consortium 63 Public
Deliverable D2.1 – State-of-the-Art Analysis
Figure 37: Functional Model
The Application and Device layers are outside the scope of the reference model.
6.2.3.4 Views in the Reference Architecture
In accordance with the ISO/IEX/IEEE 42010 standards (see above) the IoT reference architecture defines the View Points relevant for IoT systems architecture design. Following the conventional approach the ARM describes three views, each one with a number of View Points focusing specific aspects of a view, • An Functional View • An Information View • A Deployment and Operation View The Functional View provides a layered structure of various function groups (e.g., “IoT Service”), with specific functional components (s.a. “IoT Service resolution” and IoT Service”). The “Application” and “Device” function groups are considered out of scope in this reference model.
6.2.3.5 (Layered) Functional view
Functional Components organized in Function Groups describe the Functional View in the ARM. This is the common two dimensional (almost) layered model of software component abstractions.
©SAYSO Consortium 64 Public
Deliverable D2.1 – State-of-the-Art Analysis
Figure 38: Function Groups
The IoT Service FG contains IoT services as well as functionalities for discovery, look-up, and name resolution of IoT Services. It consists of two Functional Components: • IoT Service • IoT Service Resolution An IoT Service exposes one Resource to make it accessible to other parts of the IoT system. Typically, IoT Services can be used to get information provided by a resource retrieved from a sensor device or from a storage resource connected through a network. An IoT Service can also be used to deliver information to a resource in order to control actuator devices or to configure a resource. Resources can be configurable in non-functional aspects, such as dependability security (e.g. access control), resilience (e.g. availability) and performance (e.g. scalability, timeliness).
6.2.3.6 Perspectives (architectural qualities) in the IoT ARM
Perspectives represent non-functional requirements on a systems design, which are orthogonal to the Views of the reference architecture. The IoT ARM identifies the following perspectives as among the most important for IoT-systems: • Evolution and Interoperability • Availability and Resilience • Trust, Security and Privacy and • Performance and Scalability Initially launched under the Future Internet initiative, the FIWARE project (www.fiware.org) developed an IoT architecture and platform, intended for future extensions and specialization into a variety of IoT domains (energy, healthcare, manufacturing etc.). Based on the IoT-ARM the FIWARE provides design guidelines for IoT system development. To this end the project introduced an architectural design element referred to as Generic Enablers (GE), as basic building blocks. These are generic functional components (e.g., a cloud storage component) that are intended to be used in any
©SAYSO Consortium 65 Public
Deliverable D2.1 – State-of-the-Art Analysis
IoT application domain. Similarly, Specific Enablers, represent more application domain specific components, e.g., in an MSSA architecture. The FIWARE.org hosts a common catalogue of such Generic/Specific Enablers, for future extensions.
6.2.4 The Reference Architectural Model Industrie 4.0 (RAMI 4.0)
RAMI 4.0 is a reference architecture model for Industrial Internet of Things (IIoT) systems. The first version has been developed by the Industrie 4.0 platform and submitted as DIN SPEC 91345. RAMI 4.0 is modeled on Smart Grid Architecture Model (SGAM), IEC 62262, Enterprise-control system integration (IEC62264, 2013) and the IEC 62890 ”Life-cycle management for systems and products used in industrial-process measurement, control and automation” (IEC, 2013). The focus of RAMI 4.0 is on manufacturing, primarily modelling systems for the production process and product life cycle.
Figure 39: The three dimensions of the RAMI 4.0. (Status Report Reference Architecture Model Industrie 4.0 (RAMI4.0), 2015).
In the three dimensional model, existing standards and architectures and candidate solutions can be plotted and overlaps and gaps can be identified and resolved. It provides a three dimensional map of I4.0 components, solutions and requirements by the three axes IT Layers, Hierarchy Levels and Life Cycle and Value Stream. The purpose of the reference architecture model is to promote common understanding of different architectures for industry 4.0. It can be used to derive specific architecture models and align existing solutions. Examples of applications are: • Provide a shared understanding of the function provided by every layer and the defined interfaces between the layers. • To see where existing and emerging architectures fit in, and allow discussing associations and details of components. • Identification of overlaps and the scope of preferred solutions • Identification of existing standards, closure of gaps and loopholes in standards, minimization of the number of standards involved • Identification of use cases for Industry 4.0
©SAYSO Consortium 66 Public
Deliverable D2.1 – State-of-the-Art Analysis
1.1.1.1 Model The six layers on the vertical axis represent a layered IT system structure, with loose coupling between the layers and high cohesion within each layer. The layering is strict; i.e. components in a layer may only communicate internally or with adjacent layers.
Figure 40: The IT Layers of RAMI 4.0.
Asset Layer The asset layer spans the physical components of a system; physical things in the real world. E.g. production lines, manufacturing machinery, field devices, products and also the humans involved.
Integration Layer The mapping from the physical world to the digital is performed by the Integration layer, which performs provisioning of information on the assets in a form which can be processed by computer. This involves all digitization of assets, such as connected sensors and other field devices, but also Human Machine Interfaces.
Communication Layer The Communication Layer performs transmission of data and files. It standardizes the communication from the Integration Layer, providing uniform data formats, protocols and interfaces in the direction of the Information Layer. It also provisions the services for controlling the Integration Layer.
Information Layer In the Information Layer, data and events are processed, integrated and persisted. This layer ensures the integrity of data, performs message translation and annotation and manages data persistence. It provides the service interfaces to access structured data from the Functional Layer and also applies event rules and transformation of event to the models and formats used in that layer. This is the run- time environment for Complex Event Processing (CEP), data APIs and data persistence mechanisms.
©SAYSO Consortium 67 Public
Deliverable D2.1 – State-of-the-Art Analysis
Function Layer The Function Layer is the primary location of rules and decision-making logic and contains the formal descriptions of functions and service models. It is the run time environment for applications and services that support the business processes.
Business Layer The services provided by the Functional Layer are orchestrated by the Business Layer. It maps the services to the business (domain) model and the business process models. It also models the business rules, legal and regulatory constraints of the system. The Business Layers receives events that advance, link and integrate the business processes.
Status The RAMI framework is continously being refined and is connected with international initiatives and is alo being applied in H2020 projcts. Resources and recent developments can be found in the RAMI on-line library137. From the SAYSO perspective, the relevance of RAMI lies in it coveragae of both function and organisation.
6.2.5 xChangeCore
The xChangeCore (www.xchangecore.org) is an ICT infrastructure and architecture speifically designed for emergency management. The XchangeCore middleware architecture adheres to service-oriented principles using open standards. Each XchangeCore server, named an XchangeCore core, serves as a local point of integration for technology providers and agency services. XchangeCore supports infrastructure services and domain services for the management of information specific to emergency management; such as incidents, command hierarchies, tasking, and the common operating picture. These services rely on existing and developing standards in the emergency management domain such as those from NIEM138 and the OASIS EM Technical Committees. A network of XchangeCore servers, can be used to model a federated system, with interconnected cores representing organizations and agencies or subsets thereof. XchangeCore uses the EDXL standard family for messaging the network, e.g., routing messages with resource data using EDXL- RM messages. The envelope message type EDXL-DE, is used to capture routing instructions for specific target XchangeCore resources. The EDXL-DE routing instructions and information sharing agreements determine the recipient nodes in an xChangeCore network. XchangeCore can be compared to the more recent IMIS architecture from OGC (reported below).
6.3 New wireless network infrastructure
There is currently a rapid technology development in the field of ICT & IoT which will create completely new possibilities for surveillance and security monitoring within the European Union. This development includes the network technologies LoRa, Sigfox, NB-IoT and Galileo. These ground
137 http://www.plattform-i40.de/I40/Navigation/EN/InPractice/Online-Library/online-library.html 138 National Information Exchange Model (US), https://www.niem.gov/
©SAYSO Consortium 68 Public
Deliverable D2.1 – State-of-the-Art Analysis breaking new infrastructural platforms for wireless communication have been under development for several years, but they are all expected to reach the market in 2018.
6.3.1 Galileo
The Galileo global navigation satellite system (GNSS) is currently in its final deployment phase, already delivering spoofing proof positional precision below one meter based on 11 operational satellites. When the next four satellites are operational during early 2018, the precision will be improved to a couple of centimeters. In terms of accuracy, Galileo’s modern signal structure also has better resistance to multipath, which helps users maintain their position fix when navigating in cities. Moreover, Galileo’s Search and Rescue (SAR) service will reduce the time it takes to detect a person lost at sea or in the mountains from 3 hours to just 10 minutes after a distress beacon is activated, facilitating rescue operations and saving lives. This next generation navigational satellite system will enable new security sensor systems such as intelligent distress alarms and autonomous aerial vehicles. For example, from April 2018, all cars sold in Europe will be equipped with Galileo-enabled navigation systems as required by eCall139 regulation.
Figure 41: eCall is an infrastructure and service which will bring rapid assistance to vehicle traffic incidents anywhere in the European Union.
6.3.2 NB-IoT
NarrowBand IoT (NB-IoT) is a Low Power Wide Area Network (LPWAN) radio technology standard developed to enable a wide range of devices and services to be connected using cellular telecommunications bands. NB-IoT is a narrowband radio technology designed for the Internet of Things (IoT) and is one of a range of Mobile IoT (MIoT) technologies standardized by the 3rd Generation Partnership Project (3GPP).
139 https://ec.europa.eu/digital-single-market/en/ecall-time-saved-lives-saved
©SAYSO Consortium 69 Public
Deliverable D2.1 – State-of-the-Art Analysis
NB-IoT focuses specifically on indoor coverage, low cost, long battery life, and enabling a large number of connected devices. The NB-IoT technology is deployed “in-band” in spectrum allocated to Long Term Evolution (LTE) - using resource blocks within a normal LTE carrier. Thereforethe technology can be deployed very cost efficient on present mobile cellular network platforms. Narrowband IoT is supported by all major mobile equipment, chipset, and module manufacturers and it can co-exist with 2G, 3G, and 4G mobile networks. Many European operators are in the works deploying NB-IoT. Deutsche Telecom is planning nationwide NB-IoT coverage in Germany and the Netherlands during 2018. In its other European markets, including Austria, Croatia, Greece, Hungary, Poland and Slovakia, Deutsche Telekom plans to extend the already existing NB-IoT coverage to more cities during 2018. Vodafone has revealed that it will be launching a live NB-IoT network in Germany during the second half of 2017 following the launch of its NB-IoT network across six cities in Spain in January 2017.
6.3.3 Sigfox and LoRa
Sigfox & LoRa are two alternative proprietary technologies for low-power wide area networking spreading rapidly in Europe. The Belgian operator Proximus have a LoRA network that is nation wide and fully operational. Operators, such as Telefónica and Telia Estonia, continue to play with the pioneering Sigfox technology and Orange just one of the telco enthusiasts of LoRa. NB-IoT, SigFox and LoRa allows applications that can live many years on small batteries and will thus enable a new generation of security monitoring by low cost battery operated wireless chemical, audio and smoke sensors together with rapid response autonomous camera drones. This expected rapid proliferation of new European wireless networking infrastructure will enable new automatic multi-sensor solutions that will have a large impact on the architecture of state-of-the-art situational awareness systems. Note that these new wireless network technologies integrate very well with the established Cloud platforms (such as those from Amazon, Azure and Google). This will increase the availability, scalability and flexibility of future SA systems.
6.4 Data formats, information models and ontologies
Common Information models and data exchange formats (Input-output) are fundamental for interoperability MSSA systems. There are several de dacto/industry standardization effort, driven by varous consortia where the main objective is to promote interoperability in data management.
6.4.1 EDXL message suite (OASIS)
The Emergency Data Exchange Language (EDXL) has been promoted by the OASIS International Open Standards Consortium (www.oasis.org) with the intent to cover a wide range of emergency data exchange standards (in areas like operations, logistics, planning and finance). The EDXL family defines a set of XML-based message standards intended to facilitate emergency information sharing between many different types of response organisations, including government entities and other emergency organizations. The different standards subsets are being applied to support interoperability within and across various emergency management systems efforts, among the most
©SAYSO Consortium 70 Public
Deliverable D2.1 – State-of-the-Art Analysis prominent are the XchangeCore and BRIDGE. EDXL supports flexibility and extensibility thru its XML serialization vocabulary, and provides a number of message subsets, some examples are, • EDXL Distribution Element (DE): The primary purpose of the Distribution Element is to facilitate the routing of any properly formatted emergency message to recipients. The Distribution Element may be thought of as a container to route "payload" message sets (such as Alerts or Resource Messages), by including key routing information. • EDXL Situation Reporting (SiTReP): Intended to convey response messages specifically aimed at transmitting situation reports. • EDXL Resource Messaging (RM): The RM is intended to expedite all activities associated with resources needed to respond and adapt to emergency incidents.
CAP – the Common Alerting Protocol, is a warning message protocol for exchanging (public) warnings. CAP was also developed by OASIS, but is now also an ITU recommendation (ITU-T X.1303). CAP messages can be used in combination with EDXL-DE, however this is not mandatory as CAP itself provides the necessary routing information. The set of message subsets is extensible. A de facto/industry standard like EDXL is a candidate sub component in reference architectures.
6.4.2 Tactical Situation Object (TSO) standard140
The context of CEN Workshop Agreement (CWA) 15931-1:2009 was disaster and emergency management, and it aimed to assist organizations involved by providing a message structure for the transfer of information between computer based systems in such a way that it can be reliably decoded. This is done by encoding the information in an XML Schema. The companion CWA 15931-Part 2 provides a system of terms relating to disasters and emergencies and their encoding.
140 https://www.oasis-open.org/committees/download.php/42411/CWA_15931-1.pdf
©SAYSO Consortium 71 Public
Deliverable D2.1 – State-of-the-Art Analysis
Many of the XML fields are required to use a term from the companion CWA- 15931 Part 2, rather than free text, so that the information is well defined, and can be automatically translated into language appropriate to the user. The companion CWA 15931 Part 2 is: Disaster and emergency management - Shared situation awareness - Codes for the message structure. The message structure described in the CWA-Part 2 is named the Tactical Situation Object (TSO). The Tactical Situation Object has been defined independently of EDXL, but, as it contains information related to emergency operations, it shall use the EDXL-DE as its envelope.
6.4.3 OGC
The Open Geospatial Consortium (OGC)141 is a de facto/industry standards organization developing information management standards for geospatial data. OGC standards are typically applied to collect and aggregate various types of sensor observation data, and interfaces for the publishing geospatial web services and enabling webs of sensors. The Incident Management Information Sharing (IMIS) IoT pilot is a recent example of an OGS effort intended to design and demonstrate the use of networked sensor systems in a real-world scenario for incident management. The pilot was developed in 2016 by the OGC in collaboration with the Department of Homeland Security (DHS) Science and Technology Directorate (S&T) and with first responder stakeholders. This pilot demonstrated an IoT architecture approach to sensor use for incident management142. Prototype capabilities included ad hoc, automatic deployment, discovery and access to sensor information feeds, as well as derivation of actionable information in common formats for use in complementary systems such as Computer Aided Dispatch (CAD), Emergency Operations Center (EOC) and Geographic Information Systems (GIS), as well as mobile devices. Geospatial data is a fundamental category of information in most emergency management and SA systems (see the COTS section above). Geospatial data, in combination with data formats for alerting, messaging and alarm event services, and formats for resource management, will continue to dominate incident information management architectures.
141 http://www.opengeospatial.org/ 142 OGC, Incident Management Information Sharing (IMIS) Internet of Things (IoT) Architecture Engineering Report. 2016, Open Geospatial Consortium.
©SAYSO Consortium 72 Public
Deliverable D2.1 – State-of-the-Art Analysis
Figure 43: Layers in the IMIS IoT Pilot architecture from the OGC
6.4.4 MIP
The Multilateral Interoperability Programme (MIP) is an effort to deliver an assured capability for interoperability of information to support multinational, combined and joint operations.143 The MIP is an interoperability organisation established by national Command and Control Information Systems (C2IS) developers with a requirement to share relevant Command and Control information in a multinational or coalition environment. It is backed by a consortium of 29 NATO and Non-NATO nations that meet quarterly to define interoperability specifications for the exchange information between their national Command and Control systems. The Joint Command, Control and Consultation Information Exchange Data Model (is first and foremost an information exchange data model. The model can also serve as a coherent basis for other information exchange mechanisms, such as message formats, currently lacking a unified information structure. JC3IEDM is intended to represent the core of the data identified for exchange across multiple functional areas and multiple views of the requirements.
143 https://en.wikipedia.org/wiki/Multilateral_Interoperability_Programme
©SAYSO Consortium 73 Public
Deliverable D2.1 – State-of-the-Art Analysis
7 Human Factors
Human-Factors aspects can be split into a range of different aspects, including approaches to designing SA systems and also methods of assessing human performance within SA systems. The approaches below are primarily designed to assess group processes and interactions within specific contexts.
7.1 Methods of Designing Awareness Systems: Contextual Inquiry (CI)
Contextual inquiry and design is a process which looks at how current systems are used within real work contexts with a view to taking on-board what is learned and feeding this into the design of a subsequent system. It places the people using the system at the heart of the design process and looks and the work flows involved, artefacts used (e.g. IT systems or documents) and social aspects, such as hierarchies. At its core are four key concepts which drive the process:
• Context – use of interviews and observations within the workplace environment • Partnership – the developer/designer along with the end user(s) discuss and refine the information so that there is a mutual and shared understanding amongst all stakeholders • Interpretation, Iteration and Feedback – the information is shared, (re-)interpreted and iterated regularly with all stakeholders involved in the process. • Focus – iteration and feedback will help to further focus on particular teams’ work, e.g. a mobile command post, control centres etc. The approach itself consists of the following steps: 1. Setting up the observation team (CI team) 2. Identification of key activities 3. Identifying key stakeholders 4. Observation 5. Interviews/Focus Groups 6. Visioning – the overall vision for the proposed system 7. Storyboarding - a storyboard of the proposed system 8. User Environment Modelling – plan of the space/area and how people e.g. move around. 9. Prototyping and revision– rapid prototypes to test overall designs and potentially usability issues and iterative revisions with stakeholder groups
7.1.1 Analysis of Interviews and Observations
Drawing on the data collected the CI team seeks to develop a set of models which explore the activities that they have observed. As outlined in the following steps, this approach is very useful for SA systems as one key aspect is the flow of information and another which is often relevant in this context are cultural issues, such as hierarchy etc. 1. Sequence Model: what steps the users go through 2. Flow model: the communication and co-ordination within the work context 3. Cultural Model: implicit or explicit cultural aspects of the group e.g. social pressures etc
©SAYSO Consortium 74 Public
Deliverable D2.1 – State-of-the-Art Analysis
4. Artefact model: which objects are used and how 5. Physical model: a map of the physical locations used.
7.1.2 Storyboarding, Prototyping and Revision
Based on the models developed, CI team encourages a strong dialogue between system developers (including usability teams). Through the use of these steps the end users can be brought directly into the design process at a relatively early stage, therefore ensuring that designs are modified to reflect user needs. Furthermore, the use of early prototypes allows for users to start using either mock-ups or semi-functioning systems so that they can be further refined and improved. 144Furthermore, such an approach has allowed end-users to improve their understanding as to how mixed reality technologies may be relevant for crisis management while also improving their understanding of technical limitations (in particular field of view issus in augmented reality headsets).
7.1.3 Summary of Experiences
Within the EU H2020 TARGET project CI team was used to identify how mixed reality systems, including those connected to classic geospatial systems could be designed and deployed within training contexts. These included training for tactical firearms teams and strategic command centres managing events such as public disorder or major road traffic accidents. It may prove particularly useful in identifying relatively and often seemingly small details which are key to successfully managing SA, such as approaches used to communicate and risks of tunnel vision occurring.
7.2 Assessment Approaches: During and After
Drawing on work within the EU 2020 TARGET project a number of key areas have been identified for exploring SA on a group and sometimes individual basis. Note these are not system dependent but rather explore communication and other human interaction aspects. While the approaches below are predominantly used for assessing performance after an event, they could with advancing technologies be useful during a crisis. For example, if it is clear that communication channels are not functioning, information is not being seen or that stress levels among individuals are high it should be possible to use this information to help manage the team more effectively and improve the outcome.
7.2.1 Who Speaks to Whom
This explores who speaks to each other within the team at is at present recorded manually, however emerging technologies may allow for this to be automated as speaker and later on context recognition may be possible. By modeling this aspect it is possible to identify key people within a response team, for example a star topology would indicate that most or all information is going via one person. Where as a more distributed approach would indicate that information flow is more decentralized. TARGET partner ATRISC has developed a system which allows observers to log group
144 For example, within the EU H2020 TARGET project three functioning versions will be developed. With V1 testing ongoing at the time of writing it has been possible to obtain feedback on improvements to existing features (including usability issues) and to see which new features are key to system requirements.
©SAYSO Consortium 75 Public
Deliverable D2.1 – State-of-the-Art Analysis interactions (who speaks to whom) using tablets and software. This allows for the identification of a number of key metrics related to assessing performance.
7.2.2 Who Sees What
Eye-tracking and related approaches allow for an assessment of what people are looking at. This can be useful for example in detecting some instances of tunnel vision, when for example people are relying too much on too few sources of information. Using automated techniques such as infrared markers or computer vision in the environment it should be possible to estimate how often and for how long people have viewed particular pieces of information, or indeed if they have not seen it. This is useful for post-situation analysis, however emerging technologies such as augmented reality may allow for information in the real environment to be highlighted e.g. an important noticeboard or may be used to display critical information. The TARGET project is adopting the use of “who sees what” within training contexts.
7.2.3 Stress Measures
Individuals respond differently to certain cues, with some finding certain aspects very stressful and others perhaps remaining too calm. High levels of stress can result in increased tunnel vision, which is often undesirable. Providing real time stress measures is one way to perhaps allocate tasks within a crisis to teams or individuals who are relatively speaking less stressed and therefore are perhaps are better placed to cope.
©SAYSO Consortium 76 Public
Deliverable D2.1 – State-of-the-Art Analysis
8 Existing Standards and Ongoing Standardisation Activities
This section provides an overview of existing standards, standards that are currently under development, and other standardisation activities in the field of security at national, European and international level (e.g., DIN, CEN, CENELEC, ISO, IEC). It presents the current and up-to-date security standardisation landscape and lists and briefly assesses the standards relevant for SAYSO. The standards list includes aspects such as situational awareness, crisis management, critical infrastructure, interoperability, and technology, as these are the categories of the list of SAYSO related keywords identified by all project partners. However, the focus of this standards' research is on formal standards established by recognised standard developing organisations, such as ISO at international, CEN at European or, for instance, DIN at German national level. This section is also the basis for the identification of standardisation potential within Task 2.3 and the Roadmap for standardisation activities within Task 3.5 of SAYSO, thus supporting the progress of the project and future standardisation towards superior situational awareness systems strengthening operations in civil protection by standardisation of e.g., crisis management guidelines and terminologies.
8.1 Overview of Security Standardisation Landscape
Standards and specifications are developed by different organisations at different levels (national, European, and international). So-called 'interested groups', (companies, commercial enterprises, universities, consumers, skilled trades, testing institutes, authorities, etc.) send their experts to Working Groups (WGs) in a standardisation organisation. The standardisation work is organised and carried out in these WGs. On international level the Technical Committee (TC) ISO/TC 292 'Security and Resilience' is the most relevant one to be considered in context of security. It deals with standardisation in the field of security to enhance the safety and resilience of society. Working groups (WGs) of this TC cover topics such as 'Terminology' (WG 1), 'Continuity and Organisational Resilience' (WG 2), 'Emergency Management' (WG 3), and 'Community Resilience' (WG 5). It does not scope sector specific security projects developed in other relevant ISO committees and projects as developed e.g., in ISO/TC 262 'Risk Management' or ISO/PC 278 'Anti-Bribery Management Systems'. On European level the Technical Committee (TC) CEN/TC 391 'Societal and Citizen Security' is the most relevant one to be considered in context of security. It deals with aspects of prevention, response, mitigation, continuity, and recovery before, during and after a destabilising or disruptive event. Verification and training will also be considered. Working groups (WGs) of this TC cover topics such as 'Healthcare Facilities' (WG 1), 'CBRNE' (WG 2), and 'Crisis Management/Civil Protection' (WG 3). It does not scope issues already dealt in other TCs.
On national level of Germany the following DIN Standards Committee (NA) and DIN Committee are the most relevant ones to be considered in context of security:
©SAYSO Consortium 77 Public
Deliverable D2.1 – State-of-the-Art Analysis
• DIN's NA 031 'Firefighting and Fire Protection' deals with standardisation in the fields of fire protection, disaster control, preventive fire protection, technical support and crisis management. Within this NA especially the work conducted in the National Committee (FB) NA 031-05 FB 'Section Societal Security' including the Technical Committees (AA) NA 031-05- 01 AA 'Technical Standards for Societal Security' and NA 031-05-02 AA 'Organisational and Supervising Standards for Civil Protection' cover the topics relevant for SAYSO. • DIN's 'Civil Security Coordination Office' helps coordinate security-related research standards work in all relevant areas. Working at national, European and international level, the Office helps coordinate the activities of DIN's bodies, ensures an ongoing dialogue with German ministries and the European Commission, and is a contact partner for all stakeholders in civil security standardisation.
8.2 Analysis of Relevant Standards
To conduct the standards analysis, all partners of Task 2.1 'Review of the SOTA' prepared a list of SAYSO related keywords. At the same time, the identified keywords have been assigned to one of the following categories being relevant for SAYSO: • Situational Awareness • Crisis • Critical Infrastructure • Interoperability • Technology.
Table 3 below shows the collected keywords assigned to one of the above-mentioned categories.
Category Search Terms Situational Alert, capacity building, cross-border incidence, emergency preparedness, Awareness emergency response, resilience, response, and recovery functions, technology implementation, reference architecture toolkits Crisis Crisis management, disaster management, emergency management, incident management, resource management, crisis response, disaster relief, technical relief, risk assessment, civil protection, preparedness, command, control, communication, decision making, common alerting protocol (CAP), common operational picture (COP), mobile emergency operation centre (MEOC), bronze, silver, and gold level, multinational chemical biological radiological nuclear and explosives (CBRNE) Critical Health, water, sanitation and hygiene, energy, transportation, food, banking and Infrastructure finance, information and communications technology (ICT), breakdown, disruption, risk analysis Interoperability Symbols and icons, taxonomies and ontologies, terminologies, information models, communication protocols, message formats, data structures, resource sharing, cross-border command centres Technology 3D, ad hoc networking, collaboration and communication tool, computer workstation, data management and processing, information processing, libraries
©SAYSO Consortium 78 Public
Deliverable D2.1 – State-of-the-Art Analysis
and databases, (real-time) decision support application and software, resource management application and software, modelling software, systems architecture, (mobile) detector and sensor systems, front end data collection, geographical positioning system (GPS), local positioning system (LPS), personal digital assistant (PDA) Table 3: List of SAYSO related categories and keywords
Supported by the keywords collected in Table 3, the identification of existing standards and ongoing standardisation activities resulted in a list of 151 standards and other technical documents on national, European and, international level, shown in Appendix 1, which all are to a certain extent relevant for SAYSO. Regarding SA the most important standards of the Appendix 1(marked in bold) are summarised below.
CWA 15931-1 Disaster and emergency management - Shared situation awareness – Part 1: message structure The context of this CEN Workshop Agreement (CWA) is disaster and emergency management, and it aims to assist organizations involved by providing a message structure for the transfer of information between computer based systems in such a way that it can be reliably decoded. This is done by encoding the information in an XML Schema.
CWA 15931-2 Disaster and emergency management - Shared situation awareness – Part 2: codes for the message structure The companion CWA-Part 2 provides a system of terms relating to disasters and emergencies and their encoding. Many of the XML fields are required to use a term from the companion CWA-Part 2, rather than free text, so that the information is well defined, and can be automatically translated into language appropriate to the user.
DIN SPEC 91287 Data interchange between information systems in civil hazard prevention As in many work areas information systems support processes in civil hazard prevention. Dispatch centres and their connected systems as essential information systems have been established. They help to improve tasks from alerting, information procurement, disposition and communication to the distribution of resources. As a result many data interfaces are being developed to enable the systems the exchanging of information. Returning efforts for implementation and maintenance arising during product updates can be reduced by establishment of communication standards.
EN ISO 11064 Ergonomic design of control centres Directly related with the SAS is the concept of the Command and Control Centres. ISO 11064 is the standard used for Ergonomic Design of Control Centres and includes the following seven parts. - ISO 11064-1:2000 Ergonomic design of control centres – Part 1: Principles for the design of control centres - ISO 11064-2:2000 Ergonomic design of control centres – Part 2: Principles for the arrangement of control suite
©SAYSO Consortium 79 Public
Deliverable D2.1 – State-of-the-Art Analysis
- ISO 11064-3:1999 Ergonomic design of control centres – Part 3: Control room layout - ISO 11064-4:2013 Ergonomic design of control centres – Part 4: Layout and dimensions of workstations - ISO 11064-5:2008 Ergonomic design of control centres – Part 5: Displays and controls - ISO 11064-6:2005 Ergonomic design of control centres – Part 6: Environmental requirements for control centres - ISO 11064-7:2006 Ergonomic design of control centres – Part 7: Principles for the evaluation of control centres
EN ISO 22300 series on societal security ISO 22301 has been developed by ISO/TC 223, Societal security. This technical committee develops standards for the protection of society from, and in response to, incidents, emergencies and disasters caused by intentional and unintentional human acts, natural hazards and technical failures. Its all- hazards perspective covers adaptive, proactive and reactive strategies in all phases before, during and after a disruptive incident. The area of societal security is multi-disciplinary and involves actors from both the public and private sectors.The work on ISO 22301 started in 2006 when an ISO workshop on “Emergency preparedness” was held in Florence, Italy. At the time, many experts argued that their own national standard was best suited to be developed into an International Standard. As this was clearly no way forward, all the major players were gathered to identify the similarities between the standards. This spirit of consensus led to the publication of a guidance document for incident preparedness and continuity management called ISO/PAS 22399:2007. ISO 22301 is the second published management systems standard that has adopted the new high- level structure and standardized text agreed in ISO. This will ensure consistency with all future and revised management system standards and make integrated use easier with, for example, ISO 9001 Quality management systems - Requirements, ISO 14001 Environmental management systems - Requirements with guidance for use and ISO/IEC 27001 Information technology - Security techniques - Information security management systems - Requirements. Currently, the ISO 22300 series includes: - ISO 22300:2012 Societal security - Terminology - prEN ISO 22300:2017 Societal security - Terminology (ISO/DIS 22300:2017) - ISO 22301:2012 Societal security - Business continuity management systems – Requirements - ISO/TR 22351 Societal security - Emergency management - Message structure for exchange of information
ISO 31000 series on risk management ISO 31000 is a series of standards relating to risk management codified by the International Organization for Standardization. The purpose of ISO 31000 is to provide principles and generic guidelines on risk management. ISO 31000 seeks to provide a universally recognised paradigm for practitioners and companies employing risk management processes to replace the myriad of existing standards, methodologies and paradigms that differed between industries, subject matters and regions. Currently, the ISO 31000 series includes:
©SAYSO Consortium 80 Public
Deliverable D2.1 – State-of-the-Art Analysis
- ISO 31000:2009 Risk management - Principles and guidelines - ISO/DIS 31000:2017 Risk management - Guidelines - ISO/IEC 31010:2009 Risk Management - Risk Assessment Techniques - ISO Guide 73:2009 Risk Management - Vocabulary
ITU-T X.1303 Alert, Circuit networks, Communication networks, Communications, Data network, Extensible Markup Language, Protocols, Telecommunication networks, Telecommunications, Warnings, XML, Records.
©SAYSO Consortium 81 Public
Deliverable D2.1 – State-of-the-Art Analysis
9 Inventory of Existing Procurement Processes
9.1 Pre-Commercial Procurement (PCP)
PCP refers to the procurement of R&D services as defined in the EC's PCP communication and staff working document. It offers a way for contracting authorities to share risks and benefits of procuring R&D to address challenges of public interest for which no technological solution is available on the market yet. It enables procurers to reduce the risk of large deployment contracts by first comparing the pros and cons of competing solution approaches from different suppliers, without committing large deployments contracts to any supplier(s) yet (avoiding supplier lock-in). PCP covers the R&D stage before commercialization in a product development cycle. It can cover activities, such as solution exploration and design, prototyping, up to the original development of a limited volume of first products or services in the form of a test series.145 The R&D stage does not include commercial development activities, such as quantity production, supply to establish commercial viability or to recover R&D costs, integration, customization, incremental adaptations and improvements to existing products or processes. PCP146 can be used, when there are no near-to-the-market solutions yet and new R&D is needed. PCP can then compare the pros and cons of alternative competing solutions approaches. This will in turn enable to reduce the risk associated with the most promising innovations step-by-step via solution design, prototyping, development and first product testing. By developing a forward-looking innovation procurement strategy that uses PCP and PPI in a complementary way, public procurers can drive innovation from the demand side. This enables the public sector to modernize public services faster, while creating opportunities for companies in Europe to gain leadership in new markets. Currently, however, compared to other parts of the world, PCP and PPI are underutilized in Europe. The exemption for procuring R&D services other than those where “the benefits accrue exclusively to the contracting authority for its use in the conduct of its own affairs on condition that the service provided is wholly remunerated by the contracting authority” is maintained and clarified in the new 2014 public procurement Directives147. An explicit reference to PCP and the PCP Communication COM (2007) 799, as a procedure that makes use of this exemption, is included in the Directives. The R&D&I State aid rules defines, which R&D can be covered by PCPs and reaffirms the characteristics from the PCP communication that make that PCPs are considered not to involve State aid. The exemption of R&D services from the WTO Government Procurement Agreement was also maintained in the revised 2014 WTO GPA.
145 Original development of a first product or service may include limited production or supply in order to incorporate the results of field testing and to demonstrate that the product or service is suitable for production or supply in quantity to acceptable quality standards. 146 ftp://ftp.cordis.europa.eu/pub/fp7/ict/docs/pcp/pcp-brochure_en.pdf 147 http://ec.europa.eu/information_society/newsroom/image/document/2015-44/final_report_published_11779.pdf
©SAYSO Consortium 82 Public
Deliverable D2.1 – State-of-the-Art Analysis
9.2 Public Procurement of Innovative solutions (PPI)
PPI is the case, when contracting authorities, possibly in cooperation with additional private buyers, act as lead customer (also called early adopter or launching customer) by procuring 'innovative' solutions (not the R&D to develop them). These solutions are newly arriving on the market but that are not yet available on large scale commercial basis due to a lack of market commitment to deploy. PPI is used when challenges can be addressed by innovative solutions that are nearly or already in small quantity in the market and don't need new Research & Development (R&D).
9.3 Pre-operational validation (POV)
Pre-Commercial Procurement (PCP) did not exist as a “recognized” instrument in FP7. Following the adoption of COM (2007) 799, the Commission DG INFSO (now CNECT) started exploring (around 2009) possibilities of PCPs. On 15 February 2011 the Programme Committee (PC) for Security Research decided not to foresee PCP in the implementation of FP7 Security Research Theme, because of “sensitivity”. It decided to postpone the matter to Horizon 2020. At the same time, the Commission proposed Pre-Operational Validation (POV) as an “ad -hoc” setup appropriate for the Security Research Theme (because of its mission-driven nature). The Commission has described these schemes in the following way: “Pre-Operational Validation involves directly – and [supports] financially – end- user agencies (typically national or European authorities). This would shorten time to market and encourage market acceptance of new technologies... The basic idea of a POV scheme is to support the demand side of research [public authorities], rather than the supply side [companies] in their direct quest for new security solutions.” POV is to provide an instrument requested by industry for the “validation” by the public sector of R&D solutions in an area of EU political relevance, such as Border Security. Thus, the POV scheme was introduced in FP7 to provide a support framework for National Authorities to elaborate joint specifications and validation of integrated border surveillance systems. The overarching policy purpose was to support the development of the European Border Surveillance System (EUROSUR). Three projects were funded as POV schemes i.e., CLOSEYE (www.closeye.eu), EWISA (www.ewisa- project.eu) and EUCISE 2000 (http://www.eucise2020.eu/).
©SAYSO Consortium 83 Public
Deliverable D2.1 – State-of-the-Art Analysis
10 Legal Requirements
Considering the legal implications, especially taking into account the above SA tools, devices and their technological applications, it is submitted that the legal perspective requires an application of data protection, privacy protection and ethical considerations. While these three concepts seem to overlap to a large degree, they are independent concepts and cover different areas of application. In other words, while each of these concepts overlap with the others, they each cover aspects not addressed by the others, and there is therefore a value to maintaining the conceptual distinction between them. For example, while data protection is a European concept aimed at regulating informational privacy, it does not consume the notion of privacy in total. There are aspects to privacy that simply do not fall within the narrower parameters of data protection. The same holds true as far as ethical considerations are concerned. While the European data protection framework does take ethical considerations into account, not all ethical considerations are covered, in effect necessitating the more general application of ethical notions. It is in this regard that the notions of privacy, data protection and ethics, while overlapping to a certain degree are also to be perceived as connected yet separate concepts, complementing each other in certain respects. And it is in this context that the main function of the law comes to the fore: namely a mechanism for protecting individuals and society at large from the risks and uncertainties that new technologies and their applications bring. Privacy means many different things to different people and what it entails differs from one culture to another. It is a subjective and dynamic concept and its meaning is dependent on many factors making up the context that it is studied in. For example, what an individual may find private in a professional context may not necessarily be so amongst friends. To complicate matters, a person’s attitude will potentially change over time. A traditional approach to defining privacy is advocated by Seipel, who separates it into a number of theoretical areas. First, the ‘sphere theory’ states that an individual has an inner sphere where actions, relationships and other characteristics are not known to others. From the inner sphere there are other spheres with gradually diminishing sensitivity, from which information should be more accessible to the outside world. Second, the ‘data category theory’ denotes different categories of data with different levels of sensitivity, for example data regarding a person’s address being less sensitive than data concerning political convictions. Third, the ‘theory of ownership’ views data as the property of the individual, where consent is required for its use. Fourth, the ‘autonomy theory’ views privacy as the right to be left alone, where the individual can decide under which circumstances and under what conditions to enter into relations with the outside world. Fifth, and finally, the ‘empirical theory’ treats privacy as something to be determined statistically, for example, by conducting investigations.148 Another approach to privacy views it as ‘decisional autonomy’.149 Within the US context, a case cited to highlight this approach is that of Griswold v. Connecticut.150 The case emanated from a law at state level prohibiting the provision of contraceptives to married couples. The US Supreme Court stated
148 Seipel, Peter, Juridik och IT, Norstedts Juridik, 2001, at p. 251, translated from the Swedish. 149 Rouvroy, Antoinette and Poullet, Yves, The Right to Informational Self-Determination and the Value of Self- Development: Reassessing the Importance of Privacy for Democracy in Gutwirth, S., et al. (eds.), Reinventing Data Protection, Springer Science and Business Media, 2009, at p. 64. 150 Griswold v. Connecticut, 281 US 479, 493 (1965).
©SAYSO Consortium 84 Public
Deliverable D2.1 – State-of-the-Art Analysis that the marital relationship was a special one that should not be intruded or controlled by the state. Here privacy was portrayed as the right to make one’s own decisions in circumstances that are regarded as requiring freedom from the control of others. In the legal context, the most famous reference to privacy is provided in the article written by Warren and Brandeis entitled ‘The Right to Privacy’. In this article, the authors advocate the introduction of a right to privacy, which they described as the ‘right to be let alone’.151 The article was authored as a response to privacy invasive technological advances at the time, which were part of a new type of journalism. Advances were being made concerning cameras and printing, where cameras, a technology that was previously available only to a core of professional photographers, in 1884 became available to society at large in the form of the Eastman Kodak Company snap camera, which was cheap and mobile.152 In addition to this development, Warren and Brandeis were disturbed by the new trend in journalism, with the printing of gossip and other material that was seen to be of an indecent and sordid nature at that time. It was within this context that the authors investigated whether the common law could be used in order to establish a right to privacy, called the ‘right to be let alone’. They stated that the right to privacy was part of the right to be let alone, which was first advanced by T. Cooley.153 The argument was that in order to achieve privacy, the access to personal information would need to be controlled.154 This right to privacy advocated by Warren and Brandeis was influential on privacy law in that soon after its publication, courts and legislatures began to recognize this new right.155 Altman, another influential figure concerning privacy conceptualization, described it as a ‘process’ that takes place every time one needs to make a decision between being private or being public, the goal being to reach the optimal balance in a situation where privacy is not determined by one party only.156 Bylund highlights the advantages of explaining privacy in terms of a process for creating a balance between the private and public, arguing that the aim of privacy is not secrecy, but rather the ability to decide over one’s presence in a certain context by deciding what information to make public and what information to keep private. In other words, privacy is the freedom for the individual to manoeuvre along the private/public continuum depending on the context and to decide which privacy enhancing mechanism is best suited for that particular situation.157 Westin described privacy as the right to control the flow of personal information. He envisaged privacy as a concept that was relative to the counter-concept of social interaction, where total privacy was possible, but would entail total and absolute isolation, in other words placing oneself at the extreme end of the spectrum.158 An alternative approach to privacy is the ‘privacy taxonomy’ advocated by Solove. Instead of trying to conceptualize privacy in the abstract, it starts with problematic scenarios associated with privacy and
151 Warren, Samuel D. and Brandeis, Louis D., The Right to Privacy, Harvard Law Review, Vol. 4, Number 5, December 1890, at p. 195. 152 Solove, Daniel J., Understanding Privacy, Harvard University Press, 2008, at p.15. 153 Cooley, Thomas M., Treatise on the Law of Torts or the Wrongs Which Arise Independently of Contract, 29 (2nd ed. (1888)) in Gavison, Ruth, Privacy and the Limits of the Law, Yale Law Journal, Vol. 89, No. 3, pp. 421-471, 1980, at p. 437. 154 Warren, Samuel D. and Brandeis, Louis D., The Right to Privacy, Harvard Law Review, Vol. 4, Number 5, December 1890, at p. 195. 155 Solove, Daniel J., Understanding Privacy, Harvard University Press, 2008, at p.16. 156 Altman, Irvin, The Environment and Social Behavior: Privacy, Personal Space, Territory and Crowding, Monterey, CA Brooks/Cole Pub. Co., Inc, 1975. 157 Bylund, Markus, Personlig integritet på nätet, första upplaga, Fores, 2013, at p.37. 158 Westin, Alan F., Privacy and Freedom, Atheneum, 1967, at p. 462.
©SAYSO Consortium 85 Public
Deliverable D2.1 – State-of-the-Art Analysis seeks common elements linking these, the aim being to attain a meaning or definition of privacy. Solove approaches privacy in a less abstract manner. By defining privacy in a bottom-up manner and by focusing on the problems that arise, a better understanding of what privacy is can be attained. He thus produces a taxonomy for easier identification of privacy problems, a problem being defined as, ‘a situation that creates harms to individuals and society’.159 The taxonomy is composed of four types of problems and sixteen subgroups. The first type of problem is labelled ‘information collection’ (subgroups: surveillance, interrogation), the second type of problem ‘information processing’ (subgroups: aggregation, identification, insecurity, secondary use, exclusion), the third type of problem is labelled ‘information dissemination’ (subgroups: breach of confidentiality, disclosure, exposure, increased accessibility, blackmail, appropriation, distortion) and the fourth type is labelled ‘invasion’ (subgroups: intrusion, interference).160 By highlighting the problems that arise in society, attention is drawn to values that are identified as being in need of protection. A resolution of these problems, as highlighted in the above taxonomy, will automatically result in a ‘realm of freedom called “privacy”’.161 A final approach to privacy that also departs from more traditional conceptions is that provided by Nissenbaum, who in conceptualizing privacy, refers to ‘contextual integrity’. Contexts are stated to be everywhere within society. For example, visiting a medical practitioner occurs in a context and taking part in some form of education takes place in a different context. These contexts also have norms that govern them, more specifically, the roles, expectations, actions and practices within them and from which norms originate, for example, legal conventions or cultural attitudes.162 To expand on this theory, contexts are described as, ‘structured social settings characterized by canonical activities, roles, relationships, power structures, norms (or rules), and internal values (goals, ends, purposes).163 A role can be a medical specialist, an activity can be providing medical advice and a value underpins a context. For example, the medical profession has certain values that are inherent and which set out the goals of the profession. Finally, norms describe the duties and obligations associated with a certain role. At the core of contextual integrity, Nissenbaum states, is the context-relative informational norm.164 Each context has its own informational norms, and these can be characterised in terms of contexts, actors, attributes and transmission principles.165 There are two types of informational norms, namely, ‘norms of appropriateness’ and ‘norms of flow or distribution’. If both these norms are followed and upheld, contextual integrity (and therefore privacy) are upheld. Breaching either of these informational norms results in a breach of contextual integrity. A norm of appropriateness dictates what type of information can be revealed about a person and by whom, for that particular context. For example, in the doctor-patient context, the patient may be expected to reveal information to the doctor, whereas he or she is not expected to share that same information with colleagues. The second type of informational norm is that of ‘distribution’.166 For example, in the
159 Ibid, at p. 174. 160 Ibid. 161 Ibid. 162 Nissenbaum, Helen, Privacy as Contextual Integrity, Washington Law Review, 2004, available at https://crypto.stanford.edu/portia/papers/RevnissenbaumDTP31.pdf (last accessed on 2017-10-16), at p. 119. 163 Nissenbaum, Helen, Privacy in Context: Technology, Policy and the Integrity of Social Life, Stanford University Press, 2009, at p. 132. 164 Ibid, at p. 129. 165 Ibid, at p. 181. 166 Nissenbaum, Helen, Privacy as Contextual Integrity, Washington Law Review, 2004, available at https://crypto.stanford.edu/portia/papers/RevnissenbaumDTP31.pdf (last accessed on 2017-10-16), at p. 124.
©SAYSO Consortium 86 Public
Deliverable D2.1 – State-of-the-Art Analysis context of a friendship, it can be assumed that one can be candid to a friend without fear of the information being revealed to a third party. In examining both the traditional and more progressive theories (Solove, Nissenbaum) of privacy, laid out above, it is argued that the more progressive theories may be better equipped to deal with modern technological developments. For example, the forthcoming General Data Protection Regulation, taking effect on the 25th of May 2018, refers to different categories of personal data, namely personal data and special (sensitive) categories of personal data. Seipel’s reference to categories of data, can be questioned from the technical point of view, where the ability of algorithms to correlate vast amounts of data makes every single data point potentially sensitive. The alternative, more progressive, approaches to privacy are relevant in that they focus on context. For example, the theory of contextual integrity is relevant in the context of new technologies, which have the potential harm of collapsing contexts and completely disregarding the above-mentioned informational norms. Solove, within the context of aggregation, states that ‘a piece of information here or there is not very telling, but when combined, bits and pieces of data begin to form a portrait of a person’.167 Within the European privacy context, the focus has shifted to technology. Just as with privacy, the meaning of ‘data protection’ is not completely settled, which is evident when studying its translation into the national legislation of the EU Member States, for example in Sweden, where it is termed ‘the protection of personal integrity’.168 In addition, it is noteworthy that ‘data protection’ both has privacy as its sphere of protection and also encapsulates other interests that require protection.169 Notwithstanding the close ties between the above two concepts, a clear distinction is made within the European context, between data protection and privacy. In this regard, the EU Charter, gives data protection the status of a legal right separate from the legal right to privacy. A joint reading of Articles 7(1) and 8 confirms that privacy and data protection are to be treated as separate rights.170 Article 7(1) covers ‘respect for private and family life’, and states that, ‘[e]veryone has the right to respect for his or her private and family life, home and communications’, while Article 8 guarantees the protection of personal data, stating that, ‘[e]veryone has the right to the protection of personal data concerning him or her’. Data protection is also addressed by the TFEU, Article 16(1) stating that, ‘[e]veryone has the right to the protection of personal data concerning them’. For some time now the right to privacy has existed within the EU as a general principle of law.171 The right to data protection, however, was absent from the EU Charter signed and proclaimed in 2000. The CJEU recognized this right later in Promusicae.172 Subsequently, the EU Charter as amended by the Treaty of Lisbon elevated data protection to an independent right.173
167 Ibid, at p. 118. 168 Bygrave, Lee, Privacy Protection in a Global Context, in Wahlgren, Peter (ed.), IT Law, Scandinavian Studies in Law, Volume 47, Stockholm Institute for Scandinavian Law, 2004, at p. 321. 169 Bygrave, Lee, Privacy and Data Protection in an International Perspective, in Wahlgren, Peter (ed.), ICT Legal Issues, Scandinavian Studies in Law, Volume 56, Stockholm Institute for Scandinavian Law, 2010, at p. 168. 170 Gellert, Raphael, de Vries, Katja, de Hert, Paul and Gutwirth, Serge, A Comparative Analysis of Anti-Discrimination and Data Protection Legislation in Custers, Bart et al. (eds.), Discrimination and Privacy in the Information Society – Data Mining and Profiling in Large Databases, Springer, Heidelberg, 2013, at p. 64. 171 Case C-137/79 National Panasonic v. Commission [1980] ECR I-2033, paras. 18-20 in Lynskey, Orla, The Foundations of EU Data Protection Law, Oxford University Press, 2015, at p. 89. 172 Case C-275/06 Productores de Música de España (Promusicae) v. Telefónica de España [2008] ECR I-271, para. 63, in Lynskey, Orla, The Foundations of EU Data Protection Law, Oxford University Press, 2015, at p. 89. 173 Bygrave, Lee, A., Data Privacy Law: An International Perspective, Oxford University Press, 2014, at pp. 58-59.
©SAYSO Consortium 87 Public
Deliverable D2.1 – State-of-the-Art Analysis
Ethics too is a complex notion. Ethics simply put can be described as. ‘the study of right and wrong’ or put another way,’ [i]t’s about the appropriateness of how we behave and what we do’.174 Ethics can be divided into two main categories, namely the consequentialist and non-consequentialist categories. The former takes into consideration the overall welfare of the community when judging on the ethical appropriateness of something while the latter looks at the morality of actions themselves. It is argued that these two main viewpoints form the basis of any ethical consideration. It is therefore argued that in order to study the effects of new technologies, systems and devices, with the aim of protecting society from any unwarranted side effects, a wider approach should be taken. In this regard, the notions of privacy, data protection and ethics should be viewed as overlapping yet complementary concepts that, being applied together, will have the desired effect of allowing for the effective regulation of technology with the aim of protection individuals and the society made up of these individuals.
174 Finlay, Steven, Predictive Analytics, Data Mining, and Big Data: Myths, Misconceptions and Methods, Palgrave Macmillan, 2014, at p. 86.
©SAYSO Consortium 88 Public
Deliverable D2.1 – State-of-the-Art Analysis
11 Conclusions
EU crisis managers can acquire access to many ready-to-use COTS tools, which assist them in obtaining comprehensive situational awareness. The SOTA analysis in this report indicates that multiple systems are commercially available or even for free from different companies or organisations to provide comprehensive SA-related information:175 1. Satellite- and Airborne Remote Sensing Systems – Timely and accurate geospatial information derived from satellite remote-sensing or special drone, categorized as atmospheric satellite;176 2. Unmanned Ground Vehicles – Throwable through windows or down stairways; capable of explosive detection, explosive ordnance disposal (EOD) and bomb disposal, chemical, biological, radiological and nuclear (CBRN) and hazardous material (HazMat) detection, checkpoint/vehicle inspections, persistent observation, and route/building clearance; assisting first responders in search and rescue missions in dangerous environments; 3. Unmanned Aerial Vehicles – UHD video capture providing live multicast video with day- and night sensors; detectors for toxic gas, nuclear radiation, biological agents, and chemical agents; thermal images from camera with zoom-capability and image stabilisation; streaming video to multiple devices with embedded geo-tags and metadata; mapping modes enabling the operator to methodically perform a grid search; 4. Special Cameras – Remote, unmanned site monitoring via mobile, WiFi and satellite networks; network of up to four cameras at once, including UAV cameras; body-worn camera capable of: (a) capturing a 360° view of a scene, (b) providing real-time communications messaging, (c) wireless offloading of video evidence from a docking station and automatic upload to secure cloud storage; remotely controlled camera-ball taking photos in dark, hard-to-reach spaces; 5. Special Detectors – Real-time area monitoring data for radiation, VOCs, combustibles, toxics and oxygen; local weather station for tracking toxic plumes; non-invasive monitoring vital signs of person and forwarding data from the ambulance to the hospital prior to the patient’s arrival; tracking device worn by first responders relays a signal to receivers at a command unit indoors, outdoors, below ground and under water; 6. Traffic Management – Visualization of the current traffic situation using aerial images, inductive loops, Floating-Car-Data, etc.; simulation of vehicles, pedestrians, traffic lights and multimodal mobility and prediction of traffic in order to optimize routing and planning of evacuation routes; 7. Decision Support Systems – Interactive visual communication between field personnel and command center staff even in the event of terrestrial communications failure; mapping field observations with GIS, aerial and satellite data; sharing information (instant messaging, location, photo and document) in real time; integration and use of geographic information on digital maps, where multiple base map layers (streets, topographical, satellite, and aeronautical) can be simultaneously managed and administrated; intelligence
175 Note: Capabilities described are typically not available from one particular SA system only, but are provided selectively by several such tools. 176 Capable of flying for over 50 hours at an altitude of 9000 m.
©SAYSO Consortium 89 Public
Deliverable D2.1 – State-of-the-Art Analysis
tracking and management for police and data fusion centres; organization and staffing charts to plan and document command post staffing; secure intelligence sharing between law enforcement, emergency medical service and firefighters; animated radars; social media monitoring and response; monitoring active responses, geofence violations, or viewing vehicles based on status; examine performance trends, predict system degradation, view the impact of alternative mitigation measures, review important procedures and communicate decisions within the graphical user interface; modelling of off-normal conditions of operation and see the cascading impacts that result from multiple system interdependencies; evaluation of damage experienced by a structure as a result of a primary explosion, and accompanying secondary explosions; real-time assessment of chemical hazards in emergency situations and reconstruction of a past incident. It is noted that the use of these technologies in emergency situations will not apriori improve SA, because primarily they improve access to information, some of the information with limited usefulness in the particular circumstances. Therefore, crisis managers are still in need of filtering the information and selecting the most critical information essential to good decision making. Also, in view of the multiple type of data provided by some of these technologies it is critical for the user to be familiar with all aspects of navigating the technology in order to gain access to the most critical data with the least effort. Finally, since each type of crisis requires a certian type of information, stakeholders have to identify, in advance, what information will be most helpful and ensure how to access only what is needed. Internationally multiple efforts are made in standardizing tools and operational approaches to SA. Out of the altogether 143 standards and other such technical documents identified in this SOTA analysis, eleven pertinent activities have been identified of relevance to SA. This will be taken into account when developing the MSSAS. An important SAYSO project objective is to elaborate an MSSAS reference architecture as a frame of reference for public procurements and for compliance in commercial development of SA solutions. The SA Reference Architecture to be developed for MSSAS will build on state-of-the-art ICT system architectures and reference architectures, selecting the optimal solution for the MSSAS from a number of architecture models and frameworks identified in the SOTA analysis. For the design of the MSSAS in SAYSO the consortium can make use of the different methods available for addressing human-factors aspects. This concerns in particular innovative methods of assessing human performance within SA systems. The approaches envisaged are primarily designed to assess group processes and interactions within specific contexts. Well defined procurement procedures exist with regard to PCP, PPI and POV. These can be adapted for practical use in pre-commercial MSSAS–related procurement by different stakeholders. However, there is fragmentation of the Contingency Planning (CP) and the security market, which makes the adoption and use of new technologies rather inconvenient from the economic point to view. Lack of training and required skills for implementing and operating cutting edge technology systems are also barriers in technology penteration in CP services. SAYSO aims to address this problem by supporting CP organizations to be directly involved in the pre-commercial procurement of innovative technological solutions of R&D services for SA systems to be developed, tested operationally and used in real environment, according to the CP and user needs.
©SAYSO Consortium 90 Public
Deliverable D2.1 – State-of-the-Art Analysis
Multiple legal implications need to be accounted for, when applying the COTS SA tools, devices and their technological applications identified in the SOTA analysis. The legal perspective requires In particular an application of data protection, privacy protection and ethical considerations. The design of the MSSAS will have to make sure that these legal concerns are fully met. Citizens of the European Union (EU) expect that emergency management services are taking advantage of the newest available technologies in order to assist them in their difficult task of CM. Yet, EU emergency responders are frequently resistant to change and prefer to operate like they have done before. The SOTA analysis presented in this report has demonstrated that the underlying root of this problem is not necessarily the lack of existing tools and systems, but rather resistance to change by the response community. There are several factors that hinder the acceptance of innovative technologies and processes by EU stakeholders: (a) inadequate knowledge of the new tools and procedures; (b) financial constraints and administrative hurdles to acquire new technologies; (c) an internal struggle within the response community between honouring tradition and culture and wanting improvements in capabilities; (d) a generational gap between younger responders, who embrace new technology to a much greater extent, and the previous generation with decade-long experience advocating proven operational procedures; (e) concern about the reliability of new tools and procedures, which have to demonstrate that they can withstand the extreme conditions on scene, are also cost-efficient and can significantly improve current capability.
©SAYSO Consortium 91 Public
Deliverable D2.1 – State-of-the-Art Analysis
12 Recommendations
Specialized industry and dedicated organisations have developed many ready-to-use tools focusing on situational awareness. In addition to the existing tools described in this report, new SA-related technologies and solutions have originated from R&D carried out in EU FP7 and will do so in H2020 projects currently implemented. It is unrealistic to expect that all of the innovative SA tools and solutions will be incorporated in the daily routines of emergency services in all EU Member States in the near future. However, it is recommended to test and possibly adopt new methods. This approach will enhance SA in small steps in the future, whilst continued operation as before will result in stagnation. SAYSO will not change the European approach to crisis management, but checking the usefulness of the identified tools may make a small contribution towards it. It is recommended that EU crisis managers review their current operational processes to take advantage of SOTA SA technologies in order to optimize the delivery on their public safety mission in the future.
©SAYSO Consortium 92 Public
Deliverable D2.1 – State-of-the-Art Analysis
APPENDIX 1
The table below lists SA-related standards. The most important such standards are marked in blue.
List of SAYSO related standards
Document No. Title Date of Origin Publication Code BS 11200:2014 Crisis management. Guidance and good practice 2014-05-31 GB BS 5051-1:1988 Bullet-resistant glazing. Specification for glazing for 1988-11-30 GB interior use CEN/TS 16595 CBRN - Vulnerability Assessment and Protection of 2013-09-00 IX People at Risk CEN/TS 16850 Societal and Citizen Security - Guidance for 2015-09-00 IX managing security in healthcare facilities CEPT/ECC/REC/(08)04 The identification of frequency bands for the 2008-10-00 IX implementation of broad band disaster relief (BBDR) - Radio applications in the 5 GHz frequency range CEPT/ECC/REC/(11)10 Location tracking application for emergency and 2011-10-00 IX disaster situations CWA 15044 Test and evaluation of demining machines BE CWA 15044 Test and evaluation of demining machines 2009-12-01 FA CWA 15044:2009 Test and evaluation of demining machines 2009-12-01 GB CWA 15464-3:2005 Humanitarian mine action. EOD competency 2005-12-01 GB standards. Competency for EOD level 1 CWA 15464-4:2005 Humanitarian mine action. EOD competency 2005-12-01 GB standards. Competency for EOD level 4 CWA 15464-5:2005 Humanitarian mine action. EOD competency 2005-12-01 GB standards. Competency for EOD level 3 CWA 15537 Network Enabled Abilities - Service-Oriented BE Architecture for civilian and military crisis management CWA 15537 Network Enabled Abilities - Service-Oriented 2006-04-01 FA Architecture for civilian and military crisis management CWA 15793 Laboratory biorisk management 2011-09-00 IX CWA 15832 Humanitarian mine action - Follow-on processes 2008-04-01 FA after the use of demining machines CWA 15832:2008 Humanitarian mine action. Follow-on processes 2008-04-01 GB after the use of demining machines
©SAYSO Consortium 93 Public
Deliverable D2.1 – State-of-the-Art Analysis
Document No. Title Date of Origin Publication Code CWA 15833 Humanitarian mine action - Quality management - 2008-04-01 FA Quality assurance (QA) and quality control (QC) for mechanical demining CWA 15833:2008 Humanitarian mine action. Quality management. 2008-04-01 GB Quality assurance (QA) and quality control (QC) for mechanical demining CWA 15931-1 Disaster and emergency management - Shared 2009-02-01 FA situation awareness - Part 1 : message structure CWA 15931-1 Disaster and emergency management - Shared BE situation awareness - Part 1: Message structure CWA 15931-2 Disaster and emergency management - Shared 2009-02-01 FA situation awareness - Part 2 : codes for the message structure CWA 15931-2 Disaster and emergency management - Shared BE situation awareness - Part 2: Codes for the message structure CWA 16106 PPE for Chemical, Biological, Radiological and BE Nuclear, (CBRN) Hazards CWA 16106 PPE for Chemical, Biological, Radiological and 2010-03-01 FA Nuclear, (CBRN) Hazards CWA 16221 Vehicle security barriers - Performance 2010-10-00 IX requirements, test methods and guidance on application CWA 16335 Biosafety professional competence 2011-09-00 IX CWA 16393 Laboratory biorisk management - Guidelines for 2012-01-00 IX the implementation of CWA 15793:2008 CWA 16649 Managing emerging technology-related risks 2013-06-00 IX CWA 17008 Cultural guidelines for humanitarian demining 2016-03-00 IX DIN SPEC 91287 Data interchange between information systems in 2012-07-00 DE civil hazard prevention DIN SPEC 91296 Classification of threats to buildings by acts of 2013-06-00 DE terrorism DIN SPEC 91330 Terminology relating to events in pipeline- and 2015-08-00 DE cable-based infrastructures DS 3001 Organizational resilience: Security, preparedness, 2009-10-24 DK and continuity management systems - Requirements with guidance for use EN 1063 Glass in building - Security glazing - Testing and 1999-11-00 IX classification of resistance against bullet attack
©SAYSO Consortium 94 Public
Deliverable D2.1 – State-of-the-Art Analysis
Document No. Title Date of Origin Publication Code EN 12931 Chemicals used for treatment of water intended 2015-03-00 IX for human consumption - Chemicals for emergency use - Sodium dichloroisocyanurate, anhydrous EN 13541 Glass in building - Security glazing - Testing and 2012-02-00 IX classification of resistance against explosion pressure EN 14126 Protective clothing - Performance requirements 2003-09-00 IX and tests methods for protective clothing against infective agents EN 14126/AC Protective clothing - Performance requirements 2004-09-00 IX and tests methods for protective clothing against infective agents EN 1522 Windows, doors, shutters and blinds - Bullet 1998-10-00 IX resistance - Requirements and classification EN 1523 Windows, doors, shutters and blinds - Bullet 1998-10-00 IX resistance - Test method EN 15602 Security service providers - Terminology 2008-01-00 IX EN 15975-1+A1 Security of drinking water supply - Guidelines for 2015-12-00 IX risk and crisis management - Part 1: Crisis management EN 15975-2 Security of drinking water supply - Guidelines for 2013-08-00 IX risk and crisis management - Part 2: Risk management EN 16082 Airport and aviation security services 2011-08-00 IX EN 16747 Maritime and port security services 2015-09-00 IX EN 31010 Risk management - Risk assessment techniques 2010-05-00 IX (IEC/ISO 31010:2009) EN 50402 Electrical apparatus for the detection and 2017-03-00 IX measurement of combustible or toxic gases or vapours or of oxygen - Requirements on the functional safety of gas detection systems EN 618+A1 Continuous handling equipment and systems - 2010-12-00 IX Safety and EMC requirements for equipment for mechanical handling of bulk materials except fixed belt conveyors EN 620+A1 Continuous handling equipment and systems - 2010-12-00 IX Safety and EMC requirements for fixed belt conveyors for bulk materials
©SAYSO Consortium 95 Public
Deliverable D2.1 – State-of-the-Art Analysis
Document No. Title Date of Origin Publication Code EN 62327 Radiation protection instrumentation - Hand-held 2011-07-00 IX instruments for the detection and identification of radionuclides and for the indication of ambient dose equivalent rate from photon radiation (IEC 62327:2006, modified) EN 62484 Radiation protection instrumentation - 2015-11-00 IX Spectroscopy-based portal monitors used for the detection and identification of illicit trafficking of radioactive material (IEC 62484:2010) EN 62533 Radiation protection instrumentation - Highly 2016-02-00 IX sensitive hand-held instruments for photon detection of radioactive material (IEC 62533:2010, modified) EN 62534 Radiation protection instrumentation - Highly 2015-11-00 IX sensitive hand-held instruments for neutron detection of radioactive material (IEC 62534:2010) EN ISO 11064-1 Ergonomic design of control centres - Part 1: 2000-12-00 IX Principles for the design of control centres (ISO 11064-1:2000) EN ISO 11064-2 Ergonomic design of control centres - Part 2: 2000-12-00 IX Principles for the arrangement of control suite (ISO 11064-2:2000) EN ISO 11064-3 Ergonomic design of control centres - Part 3: 1999-12-00 IX Control room layout (ISO 11064-3:1999) EN ISO 11064-3/AC Ergonomic design of control centres - Part 3: 2002-07-00 IX Control room layout; Amendment AC (ISO 11064- 3:1999/Cor. 1:2002) EN ISO 11064-4 Ergonomic design of control centres - Part 4: 2013-11-00 IX Layout and dimensions of workstations (ISO 11064-4:2013) EN ISO 11064-5 Ergonomic design of control centres - Part 5: 2008-07-00 IX Displays and controls (ISO 11064-5:2008) EN ISO 11064-6 Ergonomic design of control centres - Part 6: 2005-07-00 IX Environmental requirements for control centres (ISO 11064-6:2005) EN ISO 11064-7 Ergonomic design of control centres - Part 7: 2006-04-00 IX Principles for the evaluation of control centres (ISO 11064-7:2006) EN ISO 22300 Societal security - Terminology (ISO 22300:2012) 2014-07-00 IX EN ISO 22301 Societal security - Business continuity 2014-07-00 IX management systems - Requirements (ISO 22301:2012)
©SAYSO Consortium 96 Public
Deliverable D2.1 – State-of-the-Art Analysis
Document No. Title Date of Origin Publication Code EN ISO 22311 Societal security - Video-surveillance - Export 2014-11-00 IX interoperability (ISO 22311:2012) EN ISO 22313 Societal security - Business continuity management 2014-11-00 IX systems - Guidance (ISO 22313:2012) ETSI TR 102410 V 1.1.1 Emergency Communications (EMTEL) - Basis of 2007-08-00 IX requirements for communications between individuals and between individuals and authorities whilst emergencies are in progress ETSI TR 102445 V 1.1.1 Emergency Communications (EMTEL) - Overview of 2006-09-00 IX Emergency Communications Network Resilience and Preparedness ETSI TR 102485 V 1.1.1 Electromagnetic compatibility and Radio spectrum 2006-07-00 IX Matters (ERM) - Technical characteristics for Broadband Disaster Relief applications (BB-DR) for emergency services in disaster situations - System Reference Document ETSI TR 102496 V 1.1.1 Electromagnetic compatibility and Radio spectrum 2005-06-00 IX Matters (ERM) - Short Range Devices (SRD) - Technical characteristics for indoor Location Application for Emergency Services (LAES) in disaster situations operating within the frequency range from 3 GHz to 5 GHz - System Reference Document ETSI TR 102496 V 2.1.1 Electromagnetic compatibility and Radio spectrum 2009-05-00 IX Matters (ERM) - System Reference Document - Short Range Devices (SRD) - Technical characteristics for Location tracking Applications for Emergency Services (LAES) in disaster situations operating within the frequency range from 3,4 GHz to 4,8 GHz ETSI TR 103229 V 1.1.1 Environmental Engineering (EE) - Safety Extra Low 2014-07-00 IX Voltage (SELV) DC power supply network for ICT devices with energy storage and grid or renewable energy sources options ETSI TR 103303 V 1.1.1 CYBER - Protection measures for ICT in the context 2016-04-00 IX of Critical Infrastructure IEC 60973*CEI 60973 Test procedures for germanium gamma-ray 1989-06-00 IX detectors IEC 62401*CEI 62401 Radiation protection instrumentation - Alarming 2007-07-00 IX personal radiation devices (PRD) for detection of illicit trafficking of radioactive material
©SAYSO Consortium 97 Public
Deliverable D2.1 – State-of-the-Art Analysis
Document No. Title Date of Origin Publication Code IEC 62463*CEI 62463 Radiation protection instrumentation - X-ray 2010-06-00 IX systems for the screening of persons for security and the carrying of the illicit items IEC 62709*CEI 62709 Radiation protection instrumentation - Security 2014-02-00 IX screening of humans - Measuring the imaging performance of X-ray systems ISO 11320 Nuclear criticality safety - Emergency preparedness 2011-10-00 IX and response ISO 12931 Performance criteria for authentication solutions 2012-06-00 IX used to combat counterfeiting of material goods ISO 13165-1 Water quality - Radium-226 - Part 1: Test method 2013-04-00 IX using liquid scintillation counting ISO 13165-2 Water quality - Radium-226 - Part 2: Test method 2014-04-00 IX using emanometry ISO 13165-3 Water quality - Radium-226 - Part 3: Test method 2016-03-00 IX using coprecipitation and gamma-spectrometry ISO 16678 Guidelines for interoperable object identification 2014-07-00 IX and related authentication systems to deter counterfeiting and illicit trade ISO 18788 Management system for private security 2015-09-00 IX operations - Requirements with guidance for use ISO 22315 Societal security - Mass evacuation - Guidelines for 2014-12-00 IX planning ISO 22316 Security and resilience - Organizational resilience - 2017-03-00 IX Principles and attributes ISO 22319 Security and resilience - Community resilience - 2017-04-00 IX Guidelines for planning the involvement of spontaneous volunteers ISO 22320 Societal security - Emergency management - 2011-11-00 IX Requirements for incident response ISO 22322 Societal security - Emergency management - 2015-05-00 IX Guidelines for public warning ISO 22324 Societal security - Emergency management - 2015-06-00 IX Guidelines for colour-coded alerts ISO 22325 Security and resilience - Emergency management - 2016-10-00 IX Guidelines for capability assessment ISO 22397 Societal security - Guidelines for establishing 2014-07-00 IX partnering arrangements ISO 22398 Societal security - Guidelines for exercises 2013-09-00 IX
©SAYSO Consortium 98 Public
Deliverable D2.1 – State-of-the-Art Analysis
Document No. Title Date of Origin Publication Code ISO 24510 Activities relating to drinking water and 2007-12-00 IX wastewater services - Guidelines for the assessment and for the improvement of the service to users ISO 24511 Activities relating to drinking water and 2007-12-00 IX wastewater services - Guidelines for the management of wastewater utilities and for the assessment of wastewater services ISO 24512 Activities relating to drinking water and 2007-12-00 IX wastewater services - Guidelines for the management of drinking water utilities and for the assessment of drinking water services ISO 24516-1 Guidelines for the management of assets of water 2016-11-00 IX supply and wastewater systems - Part 1: Drinking water distribution networks ISO 24518 Activities relating to drinking water and 2015-08-00 IX wastewater services - Crisis management of water utilities ISO 24521 Activities relating to drinking water and 2016-09-00 IX wastewater services - Guidelines for the management of basic on-site domestic wastewater services ISO 24523 Service activities relating to drinking water supply 2017-02-00 IX systems and wastewater systems - Guidelines for benchmarking of water utilities ISO 28000 Specification for security management systems for 2007-09-00 IX the supply chain ISO 28001 Security management systems for the supply chain 2007-10-00 IX - Best practices for implementing supply chain security, assessments and plans - Requirements and guidance ISO 28002 Security management systems for the supply chain 2011-08-00 IX - Development of resilience in the supply chain - Requirements with guidance for use ISO 28003 Security management systems for the supply chain 2007-08-00 IX - Requirements for bodies providing audit and certification of supply chain security management systems ISO 28004-1 Technical Security management systems for the supply chain 2012-08-00 IX Corrigendum 1 - Guidelines for the implementation of ISO 28000 - Part 1: General principles; Technical Corrigendum 1
©SAYSO Consortium 99 Public
Deliverable D2.1 – State-of-the-Art Analysis
Document No. Title Date of Origin Publication Code ISO 28004-1*ISO Security management systems for the supply chain 2007-10-00 IX 28004-1:2012 - Guidelines for the implementation of ISO 28000 ISO 28004-2 Security management systems for the supply chain 2014-02-00 IX - Guidelines for the implementation of ISO 28000 - Part 2: Guidelines for adopting ISO 28000 for use in medium and small seaport operations ISO 28004-3 Security management systems for the supply chain 2014-02-00 IX - Guidelines for the implementation of ISO 28000 - Part 3: Additional specific guidance for adopting ISO 28000 for use by medium and small businesses (other than marine ports) ISO 28004-4 Security management systems for the supply chain 2014-02-00 IX - Guidelines for the implementation of ISO 28000 - Part 4: Additional specific guidance on implementing ISO 28000 if compliance with ISO 28001 is a management objective ISO 31000 Risk management - Principles and guidelines 2009-11-00 IX ISO 8201 Acoustics; Audible emergency evacuation signal 1987-12-00 IX ISO Guide 73 Risk management - Vocabulary 2009-11-00 IX ISO/DIS 22300 Security and resilience - Terminology 2016-12-00 IX ISO/DIS 31000 Risk management - Guidelines 2017-02-00 IX ISO/IEC 27031 Information technology - Security techniques - 2011-03-00 IX Guidelines for information and communication technology readiness for business continuity ISO/IEC 27035-1 Information technology - Security techniques - 2016-11-00 IX Information security incident management - Part 1: Principles of incident management ISO/IEC 27035-2 Information technology - Security techniques - 2016-11-00 IX Information security incident management - Part 2: Guidelines to plan and prepare for incident response ISO/IEC 31010 Risk management - Risk assessment 2009-11-00 IX techniques ISO/TR 19083-1 Intelligent transport systems - Emergency 2016-10-00 IX evacuation and disaster response and recovery - Part 1: Framework and concept of operation ISO/TR 22312 Societal security - Technological capabilities 2011-07-00 IX ISO/TR 22351 Societal security - Emergency management - 2015-09-00 IX Message structure for exchange of information ISO/TR 31004 Risk management - Guidance for the 2013-10-00 IX implementation of ISO 31000
©SAYSO Consortium 100 Public
Deliverable D2.1 – State-of-the-Art Analysis
Document No. Title Date of Origin Publication Code ISO/TS 22317 Societal security - Business continuity management 2015-09-00 IX systems - Guidelines for business impact analysis (BIA) ISO/TS 22318 Societal security - Business continuity management 2015-09-00 IX systems - Guidelines for supply chain continuity ITU-R BO.1774-2*ITU-R Use of satellite and terrestrial broadcast 2015-10-00 IX BO.1774 infrastructures for public warning, disaster mitigation and relief ITU-R BT.1774-2*ITU-R Use of satellite and terrestrial broadcast 2015-10-00 IX BT.1774 infrastructures for public warning, disaster mitigation and relief ITU-R M.1042-3*ITU-R Disaster communications in the amateur and 2007-03-00 IX M.1042 amateur-satellite services ITU-R M.1637-0*ITU-R Global cross-border circulation of 2003-06-00 IX M.1637 radiocommunication equipment in emergency and disaster relief situations ITU-R M.1826-0*ITU-R Harmonized frequency channel plan for broadband 2007-10-00 IX M.1826 public protection and disaster relief operations at 4 940-4 990 MHz in Regions 2 and 3 ITU-R M.1854-1*ITU-R Use of mobile-satellite service in disaster response 2012-01-00 IX M.1854 and relief ITU-R M.2009-1*ITU-R Radio interface standards for use by public 2015-02-00 IX M.2009 protection and disaster relief operations in some parts of the UHF band in accordance with Resolution 646 (Rev.WRC-012) ITU-R M.2015-1*ITU-R Frequency arrangements for public protection and 2015-02-00 IX M.2015 disaster relief radiocommunication systems in UHF bands in accordance with Resolution 646 (Rev.WRC-12) ITU-T E.106 International Emergency Preference Scheme (IEPS) 2003-10-00 IX for disaster relief operations ITU-T E.108 Requirement for disaster relief mobile message 2016-01-00 IX service ITU-T E.409 Incident organization and security incident 2004-05-00 IX handling: Guidelines for telecommunication organizations ITU-T H.785.0 Digital signage: Requirements of disaster 2014-10-00 IX information services ITU-T L.390 Disaster management for outside plant facilities 2012-10-00 IX ITU-T L.391 Monitoring systems for outside plant facilities 2009-11-00 IX
©SAYSO Consortium 101 Public
Deliverable D2.1 – State-of-the-Art Analysis
Document No. Title Date of Origin Publication Code ITU-T L.392 Disaster management for improving network 2016-04-00 IX resilience and recovery with movable and deployable information and communication technology (ICT) resource units ITU-T Q.1902.4 AMD 3 Support for the International Emergency 2006-01-00 IX Preference Scheme ITU-T Q.761 AMD 3 Support for the International Emergency 2006-01-00 IX Preference Scheme ITU-T Q.762 AMD 3 Support for the International Emergency 2006-01-00 IX Preference Scheme ITU-T X.1303 Common alerting protocol (CAP 1.1) 2007-09-00 IX ITU-T Y.4102 Requirements for Internet of things devices and 2015-01-00 IX operation of Internet of things applications during disasters NF X52-121 Security and protection of citizens - CBRN - Use of 2015-05-15 FA portable nuclear and radiological detection and identification equipment in the field of global security OENORM S 1310 Attack resistant materials and constructions - Test 2010-04-15 AT methods, requirements and classification OENORM S 1314 Attack-resistant materials - Shot-resistant, 2010-11-15 AT panellike materials - Requirements and test methods OENORM S 2304 Integrated disaster management - Terms and 2011-07-15 AT definitions OENORM S 2308 Integrated disaster management - Tactical graphics 2015-11-15 AT PAS 127:2014 Checkpoint security screening of people and their 2014-02-28 GB belongings. Guide PR NF X52-001*PR NF Security Management System FA ISO 34001 prEN ISO 22300 Societal security - Terminology (ISO/DIS 2017-01-00 IX 22300:2017) prEN ISO 22315 Societal security - Mass evacuation - Guidelines for 2017-03-00 IX planning (ISO 22315:2014)
©SAYSO Consortium 102 Public
Deliverable D2.1 – State-of-the-Art Analysis
APPENDIX 2
Legal and Ethical Requirements
The General Data Protection Regulation 2016/679 (GDPR) will come into effect on the 25th of May 2018. It will be applicable to all processing of personal data within the EU. The reason for the implementation of a new law in the form of a Regulation was that the Data Protection Directive 95/46/EC (DPD) was becoming dated considering recent technological developments but also due its inconsistent application in EU Member States. While there are many similarities between the DPD and GDPR, the main development with the GDPR is the increased sanction that it encompasses. Infringements can result in penalties that include, ‘administrative fines up to 20 000 000 EUR, or in the case of an undertaking, up to 4 % of the total worldwide annual turnover of the preceding financial year, whichever is higher’ (Art. 84, GDPR).
The definition of personal data in the GDPR, as with the DPD, remains wide, which in practice means that if a single data point is processed that can directly or even indirectly be related to an identifiable natural person, the GDPR must be applied in its entirety.
The GDPR provides a number of general principles (‘data protection principles’), which must be adhered to in the context of the processing of personal data. Consequently, personal data must be processed: a) lawfully, fairly and in a transparent manner; b) in relation to a specified, explicit and legitimate purpose (‘purpose specification principle’); c) the collected data must be adequate and relevant in relation to the stated purpose; d) the collected data must be accurate and up-to-date; e) the data that is kept in a form that identifies the data subject must not be kept for longer than is necessary and f) the data must be processed in a manner that ensures security (Art. 5, GDPR). Especially noteworthy is a new principle included in the GDPR, namely that of ‘accountability’ (Art. 5 (2), GDPR). This entails that not only is a controller expected to follow the data protection principles, but is expected also to be able to demonstrate this. In other words, the controller must be able to show in a clear and understandable manner that the data protection principles have been adhered to and how this has been accomplished. It is submitted that technological solutions can facilitate this demand on demonstrating accountability. In addition, the use of binding corporate rules or the adoption of a code of conduct can also facilitate the demonstration of compliance.
In addition, the processing must be ‘lawful’ in terms of the GDPR (Art. 6, GDPR). There are a number of actions that are considered lawful according to the GDPR: a) that the consent of the data subject is obtained; b) that it is necessary for the fulfilment of a contract; c) in order to comply with a legal obligation; d) in order to protect the vital interests of the data subject; e) that it is necessary for the fulfilment of a task that is in the public interests and finally f) that the controller of the data has a legitimate interest in processing the data and that this interest overrides the interests of the data subject (Art. 6, GDPR). As far as SAYSO is concerned, and considering the environment that an eventual MSSAS will be operating in, it would be unrealistic to expect that the consent of some of the data subjects could be obtained. For example, injured victims of a catastrophic occurrence would be unable to provide consent whereas rescue workers would be able to provide consent in advance. Therefore, as far as many potential data subjects are concerned, when a catastrophe is in progress, a clear legal ground for the processing of personal data would be present. In such cases, it is most likely that grounds d) or e) above will be referred to for the processing of personal data. For example,
©SAYSO Consortium 103 Public
Deliverable D2.1 – State-of-the-Art Analysis a vital interest of the data subject can relate to the fact that his or her personal data requires to be processed in order to provide him or her with medical treatment. It is also noteworthy that point f) above shall not apply to the processing of personal data by public authorities in the performance of their tasks.
The GDPR also refers to predefined specialized categories of personal data. The processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership and the processing of genetic data, biometric data, data relating to health and data relating to a person’s sex life or sexual orientation is prohibited (Art. 9, GDPR). However, these categories of personal data may be processed if one of the below legal grounds are relied upon. Therefore, the processing of data in relation to the above categories is allowed where: a) explicit consent is obtained; b) for the purposes of carrying out obligations related to employment and social security and social protection law; c) for the protection of the vital interests of the data subject or another person, where the data subject is physically or legally incapable of providing such consent; d), data processing is allowed in relation to the activities of a foundation or non-profit body; e) where the data subject has made the personal data public; f) for the processing of legal claims; g) where there is a substantial public interest and the fundamental rights and freedoms of the data subject are nevertheless taken into account; h) for the purposes of preventive or occupational medicine; i) for reasons of public interest in the area of public health (e.g. cross-border threats to health and finally j) for archiving purposes of a public interest. As above, and assuming that consent cannot be obtained from the data subjects who are victims of a catastrophic event, grounds c) e) g) h) and i) are potentially relevant when concerning the processing of special categories of personal data.
A central mechanism within the GDPR is that of consent and the conditions under which consent should be obtained differ depending on the type of personal data being processed. The processing of regular personal data requires that consent be a, ‘freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her’ (Art. 4, GDPR). However, regarding a special category of data, the consent shall be, ‘explicit’ (Art, 9, GDPR). In addition, the controller must be able to demonstrate that consent was given, the consent shall be clearly separated from other matter and the data subject is allowed to withdraw consent at any time (Art. 7, GDPR). It is advised that technical and organizational measures are in place to facilitate this.
A central aim of the GDPR is to provide the data subject with a number of rights in order to provide him/her with increased control over his/her personal data. In addition to the mechanism of consent, this is achieved by the following mechanisms:
• Right to information o The data subject has the right to request from the controller, information concerning whether any personal data concerning him/her is being processed as well as request what the purpose is (Art. 15, GDPR). This is in addition to the duty on the controller to provide information to the data subject concerning the processing of personal data in various situations (Art. 12-14, GDPR).
©SAYSO Consortium 104 Public
Deliverable D2.1 – State-of-the-Art Analysis
• Right to correction o The data subject can demand that the controller correct personal data pertaining to him/her (Art. 16, GDPR). • Right to have personal data deleted (‘right to be forgotten’) o The data subject has the right to demand the erasure of personal data pertaining to him/her. • Data portability o The data subject has the right to receive from the controller, personal data pertaining to him/her, in a structured and commonly used machine-readable manner and transport this data to another controller (Art. 20, GDPR) • Automatic decisions o The data subject has the right not to be subject to decisions based solely on automated processing, including profiling (Art. 22, GDPR).
The GDPR places high demands on security aspects and the security threshold on the data controller is high (Art. 32, GDPR). The controller shall apply the necessary technical and organizational measures taking into account the risks involved with the processing of personal data.
The GDPR also incorporates the notion of data protection by design and by default (Art. 25, GDPR). An example of such a measure is the reference to ‘pseudonymisation’, which is, ‘the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person’ (Art. 4, GDPR). Where the boundaries go as far as the above measures are concerned, are uncertain and it is anticipated that this will be left up to industry, practitioners and academic institutions to determine.
The GDPR also stipulates that a data protection impact assessment (DPIA) be carried out where the data processing will occur using new technologies and may risk the rights and duties of natural persons (Art. 35, GDPR). The term ‘privacy impact assessment’ (PIA) is also used in this context. It is submitted that while there are at present no clear differences between a PIA and DPIA it should be stated that the differences between these two processes could become clearer in the future and there may be different means of demonstrating compliance between these two processes in the future.
In requiring the performance of a DPIA, the GDPR in Art. 45, states that (partial extract):
1. Where a type of processing in particular using new technologies, and taking into account the nature, scope, context and purposes of the processing, is likely to result in a high risk to the rights and freedoms of natural persons, the controller shall, prior to the processing, carry out an assessment of the impact of the envisaged processing operations on the protection of personal data. A single assessment may address a set of similar processing operations that present similar high risks. 2. The controller shall seek the advice of the data protection officer, where designated, when carrying out a data protection impact assessment. 3. A data protection impact assessment referred to in paragraph 1 shall in particular be required in the case of:
©SAYSO Consortium 105 Public
Deliverable D2.1 – State-of-the-Art Analysis
(a) a systematic and extensive evaluation of personal aspects relating to natural persons which is based on automated processing, including profiling, and on which decisions are based that produce legal effects concerning the natural person or similarly significantly affect the natural person; (b) processing on a large scale of special categories of data referred to in Article 9(1), or of personal data relating to criminal convictions and offences referred to in Article 10; or (c) a systematic monitoring of a publicly accessible area on a large scale … 7. The assessment shall contain at least: (a) a systematic description of the envisaged processing operations and the purposes of the processing, including, where applicable, the legitimate interest pursued by the controller; (b) an assessment of the necessity and proportionality of the processing operations in relation to the purposes; (c) an assessment of the risks to the rights and freedoms of data subjects referred to in paragraph 1; and (d) the measures envisaged to address the risks, including safeguards, security measures and mechanisms to ensure the protection of personal data and to demonstrate compliance with this Regulation taking into account the rights and legitimate interests of data subjects and other persons concerned.
Considering the above in the context of Deliverable 2.1 of the SAYSO project, and having analysed the relevant legal and ethical considerations, it is suggested that:
1. an assessment is made of the general legal and ethical considerations as well as the general risks and vulnerabilities that potentially could materialise; 2. an assessment is made of the extent to which the GDPR is relevant in relation to the final SAYSO functionality standard/specification; 3. point 2) above will invariably require that a PIA/DPIA be carried out in relation to the final standard/specification that will be produced by SAYSO; 4. the conclusions resulting from the PIA/DPIA will be required to be embedded in the standard/specification with the acknowledgement that the performance of a PIA/DPIA is an iterative process over time; 5. many of the responsibilities associated with a data controller or data processor in relation to a PIA/DPIA will in the long run be required to be performed by the parties implementing the SAYSO standard/specification.
In summary, a consideration of the legal and ethical requirements in relation to the SAYSO project entails an adherence the current and forthcoming data protection regulation, more specifically the GDPR. However, consideration should also be taken of wider privacy and ethical considerations. Finally, it must be acknowledged that, considering the contexts in which the MSSAS tools that the SAYSO project will result in operate, many of the provisions of relevant data protection regulations may be able to be set aside after a proportionality determination. For example, a MSSAS system may very well be able to disregard presiding EU data protection and privacy regulations in the face of large-scale loss of human life or potential thereof.
©SAYSO Consortium 106 Public