I recently came across a hard-copy of an email I sent to a colleague sometime back in 2004 while I was an ASME Federal Fellow to the Department of Homeland Security.  If my memory serves me correctly, I sent this email in January 2004, or about midway through my tenure in DHS’s Information Analysis and Infrastructure Protection (IAIP) directorate.  Basically, the question was not how to estimate the psychological impact associated with a terrorist attack, but rather what psychological impact means.  After all, definitions precede measurement.  As a reminder, this note was written over 4 years ago when I was less enlightened, or rather, just 6 months after leaving my job as an aerospace structural engineer focused solely on designing the structural subsystems for scientific, non-defense-related spacecraft.  Nonetheless, I felt that posting it here might inspire similar thoughts entertained by others or perhaps even prompt discussion.

A recent lecture in my Political Analysis course [PUAF 620 at the University of Maryland] inspired me to think about “psychological impact” as a form of consequences.  The lecture was on special interest groups, their causes, and the consequences of their existence.  One theory is that special interest groups are created to protect and preserve the rights of its constituency (either natural rights or rights/benefits bestowed on the group from previous legislation).  A special interest group will form (or mobilize) to protect its interests if it feels its rights are being threatened.

Based on what I learned during this lecture, I propose the following definition for psychological impact: “psychological impact is the degree to which an individual or group of individuals perceive they have been deprived of their rights.”

Let’s think about this – if several department stores scattered across the nation are targeted for a coordinated attack [a very common scenario that has provided the basis for numerous thought experiments], following an attack people will feel that their freedom to shop a department stores has been taken away from them.  Similarly, in the wake of September 11, many Americans felt deprived of their freedom to travel by air.  One can come up with a host of other examples.

It is also interesting to consider the collateral economic impacts.  Perhaps coordinated attacks on several department stores will prevent people from shopping anywhere such stores are located.  One might argue that the downstream impact of this behavior could propagate throughout the entire retail industry.  On the flip side, the inability (and unwillingness) to travel by air following 9/11 attacks did not impact the entire transportation industry.  Rather, people who would otherwise fly opted to travel by trains and automobiles.

So how does one assess psychological impact?  For any attack scenario, one must identify how a successful attack might threaten perceived rights and freedoms.  To do this, we must first understand what rights the public thinks it has.  In the two examples above, the focus was on either freedom to shop and freedom to travel.  To prioritize scenarios based on potential psychological impact, we must order all these freedoms according to their perceived importance to the affected public.  This can be done at the national, regional, state, local, sector, etc. level.  Doing so will facilitate cost-benefit tradeoffs (in the descriptive sense).  Proposed countermeasures must demonstrate a tradeoff between the freedoms such policies protect versus the rights they appear to take away.  In the case of the Patriot Act, freedom to live without terrorism is enhanced in exchange for a weakened right to privacy [was there a positive ROI here?].

It would also be interesting to explore how the economy might respond to any perceived loss of freedom.  For example, a perceived loss of freedom to shop will keep people from spending money.  [how does percieved deprivations of freedom correspond to economic impact?]

Now that I had four years to sit on this, I still think that the proposed definition for psychological impact has merit despite the fact that it essentially equates psychology to perceptions, and does not consider such things as PTSD.  But before I or anyone else accepts this definition, more thought is needed on whether it is complete and all encompassing, whether it precisely articulates what we care about, to what degree such a measure is redundant with respect to other measures of loss (economic impact is a function of societal behaviors), and how such impact can be assessed with confidence.   Even now, 5 years after DHS opened its doors, I am sure any answer to the question of measuring psychological impact would be of interest to DHS risk analysts.

I can finally throw the hard-copy of this email out now that it is posted to my blog.  Just another step toward a purely paperless life…

Send article as PDF to

The authors of a book I read recently spoke of the “three D’s” of security: “denial,” “detection,” and “deterrence” (the latter being my personal favorite).  These “three Ds” brought to mind another set of “Ds” I came across while on an ASME Fellowship to the Department of Homeland Security in 2003-2004: “detect,” “delay,” “defend,” and “devalue.”  This post talks about these two different sets of security “D” words, and the extent to which one is or is not better than the other.

To begin this discussion, let’s first consider a logical expression for security vulnerability, which is usually expressed in terms of the probability of adversary success given attempt:

Pr(S) = 1 – Pr(“Detect”)·Pr(“Engage”)·Pr(“Neutralize”)

In words, this equation states that adversary non-success (defender success) requires that the defender detect, engage (which consists of delay and response) then neutralize the adversary (in sequence) – failure to do any one of these will result in adversary success (barring any random things outside the protector’s control that might thwart the adversary’s attempt).

From the point of view of the equation above, DHS is dead on and more.  The equivalence of detection is evident.  In order to engage an adversary, one must respond to the adversary prior to him executing an attack.  Delaying an adversary long enough to respond enables engagement – the longer the delay, the greater likeliness that the defenders will respond in time to do something to stop him.  Defense is essentially equivalent to neutralization in that the objective is to thwart the attacker once engaged.  So, the first three “Ds” of the DHS security quartet correspond to the three parameters of the security vulnerability equation.

But where does devalue fit in?  I must admit that I never heard anyone use the word “devalue” in the context of security prior to my days at DHS.  The focus on devalue is not on improving security, but on improving the resilience or hardness of a system to withstand an attack.  That is, a “devalued” target is one that has been modified in such a way that would result in less loss to the defender (and hence less gain to the adversary) in the event of an attack.  In this sense, devalue seeks to influence adversary target selection by making it intrinsically difficult to achieve the desired gain even when the security system fails.  For example, without doing anything to improve security, the switch to using bleach instead of chlorine in a water treatment facility in effect devalues such a target since bleach is much less harmful to humans in the event of its deliberate release.  Adversaries bent on exploiting infrastructure to harm adjacent communities might be less interested in attack a water treatment plant that made such a shift.

Now consider the security triplet described by Fuqua and Wilson (see my recent post on their 1977 book) in light of the above equation for security vulnerability (i.e., deny, detect, deter).  Fuqua and Wilson essentially looked at the security problem from the point of view of an asset owner (e.g., the “executive”).  Again, the equivalence in the detection term is evident.  “Denial” considers the combination of both engagement and neutralization following detection (such as by a local police force), as well as simple barriers that can’t realistically be overcome (e.g,, 12-foot walls followed by several layers of fences covered in razor-wire), distance or terrain with deadly animals (e.g., attack dogs, flocks of scary geese, alligators in moats), etc.  The focus with denial, though, is more broadly focused on denying success in whichever way possible; detection need not occur for an adversary to be denied opportunity. The combination of detection measures and denial measures (including those that require detection and those that do not) cover the same elements as the equation posed at the beginning of this post, but in a slightly different way as follows:

Pr(S) = 1 – Pr(“Denial”|”Detection”)Pr(“Detection”) – Pr(“Denial”|”No Detection”)Pr(“No Detection”)

(the astute reader might notice that this equation above equates the event “denial” with “adversary failure,” or rather “failure to deny” is the same as “adversary success”).  Obviously, this equation is more general than the one posed initially as the defender still stands a chance at denying the adversary success through non-detection-dependent denial measures.

“Deterrence” (again, my personal favorite) touches on those measures that influence the perceptions of adversaries.  Arguably, all visible security measures have some deterrence value as they shape the adversary’s perceived probability of success.  Measures taken to devalue a target also act as a deterrent in the sense that it lessens the adversary’s perceived gain from success.  Even deceptive measures such as decoys that have no intrinsic “aggressor resistance” have at least a little deterrence value so long as the adversary remains fooled.  If the adversary feels that success is less likely than failure, and that the gain from success is less than desired, the overall likeliness of an event is lower than is success seemed likely and the gain was sufficient.  So, unlike all the other “D” words talked about so far, deterrence is the only term that specifically targets the likeliness of event portion of the risk equation.

So which set of “D” words is better?  It really is hard to say.  Fuqua and Wilson offer a term (“deterrence”) that relates to likeliness of event, while the DHS approach (“devalue”) offers a term that relates to the physical vulnerability portion of the risk equation.  Otherwise, the two sets of “D” words are the same, more or less.  In the end, all these “D” words (as well as words that start with letters other than “D”) are important since they assist security practitioners in thinking through problems.

With all this talk about “D” words, I find myself tempted to write a security-related song about the letter “D” in the spirit of Cookie Monster’s song about the letter “C”.   I call it “D’s are for Security” or the “Security Song:”

D is for denial, to stop you from harming me

D is for detection, to catch my enemies

D is for deterrence, to scare you away from me

Oh, security is all about “Ds.”

Send article as PDF to

While perusing my files of long lost papers that never made it, I came across the following op-ed piece I submitted to some major newspaper on July 12, 2006  (I forget which newspaper it was, but I think it was the Washington Post given I lived in DC at the time).  Unfortunately, the piece, like many articles submitted to major newspapers, wasn’t included for publication.  Since I still largely believe what I wrote (though I could probably say it more clearly nowadays), I decided to post it here.  Blogs really do come in handy when it comes to offering a home for what would otherwise be an abandoned writing.

The recently released Department of Homeland Security grant allocation for 2006 has sparked wide protest. Numerous experts scoffed at the distribution, and many are calling for threat-based prioritization of homeland security money. As a student of risk analysis, to hear from these experts that resource allocation decisions should be “threat” based initially struck me the wrong way – my training has taught me that resource allocation decisions should always be risk-based. But after giving it some thought, I realized that what I was hearing was just another case of unstated assumptions.

Risk, as it is commonly referred to in the security domain, is the combination of threat, vulnerability, and consequence. The threat associated with a given target is a measure of its attractiveness to our adversaries. To focus on threat alone is to take the narrow-minded view of the risk problem – theoretically speaking, what is attractive to our adversaries might not be valuable from our perspective. Full consideration of all three dimensions is necessary to rationally allocate resources in such a way as to maximize risk reduction per dollar spent.

But is this always true? My answer is that it depends on your assumptions. If one assumes that the adversary has perfect knowledge of our nation’s weaknesses, then the most vulnerable and most consequential targets are in fact the most attractive from the adversary point of view. Threat follows vulnerability and consequence in this case, and thus higher risk means higher threat. However, if we assume that the adversary’s perceptions differ from our own, then threat might not necessarily follow risk, and allocating funds based on threat alone would result in suboptimal expenditures.

Of course, the situation is not either-or, but somewhere in between. It doesn’t take a rocket scientist to figure the weaknesses of our infrastructure, but we also shouldn’t assume our adversaries know that places like Wisconsin exist. And as research has shown time and time again, protection in one area shifts adversary attention toward a softer target; perhaps as New York becomes more resilient and less vulnerable, adversary attention might gradually shift toward softer, less protected regions.

At the end of the day, we really shouldn’t assume that we know what all our adversaries think. Rather, we should accept that our adversaries are dynamic, constantly learning, and always looking for opportunities to achieve surprise. The best we really can do is focus our attention on what is truly our most valuable assets, and assume that our adversaries won’t waste their energy on targets of lesser value. Under this assumption, threat-based allocation is in fact risk-based, and arguments over semantics really don’t change the decision process. But like in all other decision situations, we really should make clear what our assumptions are to allay any further confusion.

Send article as PDF to

Citation: Purpura, P. P. (2007). Terrorism and Homeland Security: An Introduction with Applications.  Butterworth-Heinemann (Elsevier).  ISBN: 978-0-7506-7843-8.

Here we have what appears to be an undergraduate text centered on this idea of homeland security.  It seems that the target readership for this book are HLS novices, so from that point of view the text covers a nice swath of homeland security issues and recent milestones (legislation, strategies, etc.).  But I think the book would come off as being quite lame to those in the homeland security community who know a thing or two about what it is, what is should be, and where it is (really) headed.  This book is truly an introductory text aimed at exposing the reader to different aspects of the homeland security, but without going into any real depth save for whatever an instructor decides to do with the billion discussion questions scattered throughout each chapter.

But don’t get me wrong – this book has a lot of neat qualities.  First off, this text, in a single volume, contains all the neat graphics and images related to risk and homeland security put out by various offices of the federal government over the past 10 years or so.  It also has a lot of public domain pictures of soldiers, Chertoff, first responders, bad-guys, and so forth.  So, if you need a one-stop resource for homeland security graphics, this book provides just that.

Each chapter is filled with a number of “critical thinking” exercises that ask simple questions like “if you were a terrorist, what would you do” or “do you think the government is doing a good job” or ”what is your opinion of the terrorism insurance act.”  I suppose these questions were designed to prompt discussion, but I fear that unless the students/readers have sufficient background knowledge to form an informed opinion, these discussions may have the potential to do more harm than good.  A trained facilitator is really needed for these discussion questions to produce beneficial insight, that is, unless the student is willing to go off on his own to obtain sufficient background knowledge to truly understand the issues.  Each chapter also contains interesting application exercises that ask the reader/student to pretend as if they were a terrorist, first responder, POTUS, or whomever, and then roleplay in a prescribed situation.  I like these alot, but just as with the critical thinking questions, a knowledgeable facilitator must be present to make sure the students don’t go off on obnoxious tangents.

The book offers a nice glossary of terms, but as any risk professional knows in this field, there is no common lexicon for homeland security.  So, from where did the author grab these definitions?  Perhaps they are in the body of the text, and even if they are it would be nice to see the references in the glossary.  But I do like the definition of vulnerability as it emphasizes its connection to whom is the vulnerability analysis focused on, even if it is not sourced.

What is missing from the book is a discussion of the new National Response Framework (NRF), which supersedes the National Response Plan.  But this is to be forgiven since the book was published before the NRF.  But where it the talk about some of the current and past DHS initiatives, to include the Buffer Zone Protection Plan program, UASI grants, and so on?  Well, perhaps these programs are too “in the weeds” for this book given its focus on all DHS and not just infrastructure protection.

So, would I use this book in any of my classes? No.  But I might flip through it to find leads to supporting materials, to locate the reference of a neat image on risk or picture of an actor on the homeland security stage, and maybe to identify all the legislation and executive orders that make this whole homeland security thing what it is today.  But the book is lacking in depth on a number of key issues, such as managing public risks to loss of private infrastructure, precautionary approaches to security decision making versus those based on benefit-cost analysis, the nature of competition among states for federal funding and the oddities of how the federal government goes about doing it, how money passes from one stakeholder to the next, and so on.  If I were to run a course on homeland security, I would probably have the students actually read all those good-looking US strategy documents that we paid big $$$ for and provide them with a credible point and counter-point taken from the academic literature for each of these issues to serve as a starting point for class discussion.

Oh, and as an aside, the author (PP Purpura) has written several book on security and loss prevention, some for multiple editions.  This is a good indicator of author credibility.  However, I can’t seem to locate any of his “numerous articles published in journals” save for one he wrote on prison inmate amenities for the Journal of Correctional Education in 1978.

Send article as PDF to