Radiation Detectors in Ports

According to Reuters:

The United States is stepping up investment in radiation detection devices at its ports to thwart attempts to smuggle a nuclear device or dirty bomb into the country, a Senate committee heard on Wednesday.

Robert Bonner, commissioner of U.S. Customs and Border Protection, told a Senate subcommittee on homeland security that since the first such devices were installed in May 2000, they had picked up over 10,000 radiation hits in vehicles or cargo shipments entering the country. All proved harmless.

It amazes me that 10,000 false alarms -- instances where the security system failed -- are being touted as proof that the system is working.

As an example of how the system was working, Bonner said on Jan. 26, 2005, a machines got a hit from a South Korean vessel at the Los Angeles seaport. The radiation turned out to be emanating from the ship's fire extinguishing system and was no threat to safety.

That sounds like an example of how the system is not working to me. Sometimes I wish that those in charge of security actually understood security.

Posted on March 16, 2005 at 7:51 AM • 48 Comments

Comments

AnonymousMarch 16, 2005 8:25 AM

I have to disaggree with this. And I think the last sentence was unnessarily arrogant, there are actually other people who "understand security" (an undefinable statment actually) besides BS.

I like to see my code tests fail sometimes, and understanding why certainly improves my understanding of the system. As the difference between an alarm that never goes off, and an alarm that is broken is nought, we can usefully accept some false alarms.

Love to write more, but have to work...

Mark WebbMarch 16, 2005 8:38 AM

If people keep getting false alarms, then when there is a real alarm, the response is going to be different; perhaps the real alarm will be ignored.

Having read an article about a youth conducting experiments with radioactive material in his shed (The raidoactive Boy Scout), I wonder if searching container ships is good security at all, when there are so many other sources of radioactive materials at home.

Jon SweetMarch 16, 2005 8:45 AM

I think his point was that the commissioner of U.S. Customs and Border Protection was touting it as proof.

And underneath it all, I suspect that while the dear commissioner may at some level understand that false positives are a bad thing, Mr. Schneier is more depressed by the fact that the reason the commissioner touts this stat is because the Senate committee will surely eat it up and circulate a mailing to their constituents beating their chest about how *much* they're "doing" for them...

But I appreciate your reminding of something Mr. Schneier has expounded upon several times -- some detection systems may evaluate the cost of a false-negative far closer to infinite than others. But I think he would remind you that spending priorities inherently exist, and that better prevention of nuclear threats may be had by tuning the successful detection ratio and spending the resulting cost savings from reduced confirmation/enforcement activities on the next priority.

AnonymousMarch 16, 2005 8:47 AM

The Perfect radiation threat detector would always and only raise an alarm when a Radiation-based _threat_ was present. Anything else is a failure.

Of course, things are not Perfect, so we accept both false positives and false negatives. False positives are a waste of (finite) resources better spent investigating false-negatives or otherwise-suspicious circumstances.

It may be an arrogant statement if the Reuters article author touted the statistics as evidence of success; when the Commissioner of Border Protection [!] provides that example as evidence (to the Senate, no less!) of the system "working", then it reflects his misunderstanding of security.

zgattMarch 16, 2005 9:01 AM

If you cared to know anything about the application (as opposed to just making fun of your colleagues in the security world), you'd understand that this level of false positive is basically inherent to the application. Many radioisotopes of interest are not all that radioactive, relative to naturally occurring sources. Possibly spectroscopy could distinguish, but this is untested and much more expensive than a few inspections (and this is a very low fp rate).

I also believe that fact that false positives are recorded are indeed a valid indication that the system is *working*. What would you rather have them say: "we haven't had any false alarms at all, that's how good our system is"?

ArikMarch 16, 2005 9:08 AM

There is a phase in the system's lifecycle where a multitude of false alarms is okay and acceptable. It's called the tuning phase.

If the tuning phase completes and there are still 10k false alarms in 5 years (an avarage of 5 per day!), then people will not treat the syetem seriously, and an attacker can easily get through by putting a hundred smoke detectors and one nuke on the ship.

-- Arik

Bill GodfreyMarch 16, 2005 9:24 AM

It sounds like the alarm isn't the end of the matter. The detector is cheap (isn't it?) and it would indicate anything that requires a more expensive and more thorough examination. (doesn't it?)

You have 100 items, one of which is the target. You have a cheap gizmo which detects 10 items as possibly the target. So long as you can be sure that gizmo is reliably discarding the other 90 (avoiding false negatives) you can concentrate on the 10 indicated.

If there is an unreasonably high chance of a false negative, or it just dings everything, then yes, that's not good.

Israel TorresMarch 16, 2005 9:38 AM

"Sometimes I wish that those in charge of security actually understood security."

Dream on...

Israel Torres

dijitMarch 16, 2005 9:56 AM

I will assume that a radiation sensing system is deemed to be necessary, so a greater than zero false positive rate is acceptable. If you don't think a radiation detection system is necessary, having no system is the only cost-effective solution with zero false positives. If you believe so, you should not kvetch about the system in place not being better when you just want to eliminate it.

Assuming the 400 units have been added evenly over the 5 year period (about 4,000 unit-years), this is a false positive rate of less than one per month per unit. If they were added earlier, this rate is reduced.

If one false positive per month per unit is not an acceptable false positive rate, what is? I can't say with the information provided. The cost of a false positive is not stated, apparently further investigation is performed and the cargo gets cleared. Without an explanation of the cost of further investigation (cargo delays, TSA investigators, assistance from ship crew members, ship delay costs, port lost opportunity costs, etc.) to compare to the cost of better sensors and their reduced - but not eliminated - false positive rate, it is not possible to provide an answer.

Having a positive reading less than once a month runs the risk of people forgetting what to do when it happens, so once a month seems right. If the cost of false positives is high and the sensors can be improved to reduce them, a monthly training exercise would be appropriate even though it adds to the cost of improving the sensors.

Through other research, it appears the sensors trigger on anything above background radiation. While this may appear excessive, it is not. If I was attempting to detect a radiologic device and the adversary knew I was doing so, I would expect the adversary to attempt to shield the device to reduce its radiation signature. If I only detect above a certain threshold, it would quickly become known to what level shielding is required. To maximize the cost of the adversary's shielding, I would set my sensors to detect above background radiation. This would ideally cause the adversary to abandon radiologic devices as an option.

ZwackMarch 16, 2005 10:00 AM

Given the possible use of shielding, and the actual amount of activity required, this entire plan seems like a complete waste of time and money to me.

A well shielded nuclear bomb, placed behind a bulkhead on a ship, with a smoke detector in front of it is not likely to be found this way.

Given the sizes of some of the very active sources that I have handled in my life (I used to work at a nuclear physics research establishment in the UK) if you placed one of them on a ship they would be able to locate it but probably not find it. Of course I wouldn't want to work in that area.

Z.

Stu SavoryMarch 16, 2005 10:09 AM

I would like to see the following Bayesian statistics.

Have people with authorization/cover notes try to "smuggle" stuff in.
Count what you find (or don't). Apply these numbers via bayesian statistics to get an estimate of what is getting by.

Stu

ZwackMarch 16, 2005 10:23 AM

dijit > After the Chernobyl disaster the UK government issued some guidelines on how "hot" things needed to get before they should be disposed of as Radioactive waste. This was much lower than the usual limits, but might give you some clue. Garden soil was found by New Scientist to be above the limit. Instant Coffee was far above the limit.

The Effective Annual dose for most people is about 3mSv according to one source I found. Some people living in Ramsar (Northern Iran) receive closer to 133mSv. So, which level are we going to take as "background"?

The US government lists background radiation doses as 100mR/year or just under 12 uR/hour. A smoke detector has been recorded by one source at 40uR/hour and fiestaware at 70uR/hour.

I guess I'm going to ship my sheilded nuclear bomb in a container of old fiestaware.

Z.

Adam ShostackMarch 16, 2005 10:30 AM

There's a closely related story about the recent anthrax scare being a false positive att the testing lab, and a need to perform dozens of additional tests.

"Only after dozens of other swabs from walls, floors and machinery in the Pentagon shipping facility were tested and all proved negative did officials conclude that the initial positive test must have resulted from the laboratory error, the official said."

http://www.nytimes.com/2005/03/16/politics/...

There's interesting questions here of statistical literacy, risk perception, conservatism interpretation that lead to performance of more tests than are (perhaps) statistically needed. Someone with more time can probably say some interesting stuff. ;)

DonMarch 16, 2005 10:51 AM

Squabble over the number of false positives and if 2 is acceptable but 4 isn't is besides the point. The existance of false positives is not proof the system work, it is proof the system does something. That something, however, may not have anything at all to do with the goal of the system.

In this case the system is designed to detect radioactive material that is a possible threat (we know only that it detects r.m. that is not), alert authorities to its presence so they may respond to it (we know only that it alerts them to things that are not a threat that they must then verify are not a threat) and prevent the 'black hats' from bringing r.m. in through these channels.

Maybe it has actually stopped the bad guys one or more times and we aren't being told. Or maybe it hasn't. But these statements do nothing to indicate a past success, nor to they speak to any successful simulations of the threats being thwarted. Instead this is a much more expensive version of the old joke:

Hearing a horrible noise outside, a man walks out to find another man banging two metal trash can lids together. The asks "why are you making that horrible noise?" "I'm keeping the bears away" says the man. The other man says "Idiot! There are no bears in the city." The other man says "See! It's working!"

theorbtwoMarch 16, 2005 11:04 AM

Those who are saying that some level of false positives is OK: I agree 100%; there is some level of false positives that is OK. However, I wonder if 5.5/day is above or below that level. Think of stores you've been in with over-active exit sensors: pick up a product on the shelves near the exit to take a look, and the alarm likely goes off. Does anybody do anything about it. Nope, happens all the time.

The response in a working security system is to turn down the detectors. Otherwise, the people at the counter become sensitized to the noise, and don't do anything about it.

Each false positive carries a cost, not just in man-hours, but in reduced reaction. OTOH, each false negitive caries a cost that may be measured in human lives.

It's certianly not an easy system to determine the proper balance for. On the other hand, false positives are never a good thing.

Not only that, but I don't have that much confidence tht there haven't been false negitives, nor that all of those positives were false. For all I know, every one of those 10,000 times the detectors went off, there was radioactive materials that were going into the hands of terrorists, but the people investigating, in every case, didn't find them. Not that surprising, if they go off five times a day, doesn't leave much time to investigate.

Davi OttenheimerMarch 16, 2005 11:29 AM

@Bruce
Perhaps you should walk a few days Bonner's shoes before you throw stones. If he bills his program as "radiation detection devices" and it "picked up over 10,000 radiation hits in vehicles or cargo shipments", then what's your problem? Duh, the system was built to detect radiation devices and that's what it does. How did they do this before the system? Did they know anything at all, or is this a vast improvement in overall awareness?

This is different from an "intrusion" detection device which has in its title a purpose meant to detect a type of specific behavior...

Bruce, surely you are clever enough to research the system better and build a case that the system was sold as something it can not possibly achieve. That would be far more insightful to readers as well as the oversight committee.

Chung LeongMarch 16, 2005 12:37 PM

Bruce,

I'm a little surprised by your comments, as you have been advocating the need of human intelligence in security. As you said, "Security is a process, not a product." The detectors can only test for the presence of radioactivity. They do not understand the circumstance of its presence. Only humans can determine whether it's a threat or not.

In this case, the detectors picked up radioactivity 10,000 times. Border patrols investigated each and determined that there were no threats. No alarm was raised, hence the number of false positives is zero. The process works.

I would call your reaction a false positive of government incompetence detection.

UnimportantMarch 16, 2005 12:41 PM

The reason why the system fails is the same reason why metal detectors fail. What is the purpose of metal detectors? They shall detect weapons. What do they detect? Metal.

Now let�s look at these mashines. What should they detect? Nuclear devices. What do they detect? Radioctivity.

In reality, one would need either a WEAPON or NUCLEAR DEVICE detector, which is "intelligent" enough to recognise such items through specific properties,like size, shape, weight, material or alike. Both of the solutions are specialized on only one aspect, which involves a wide range of different, non-threatening items. It`s the same as assuming that every computer using TCP wil be used for a DoS and has to be scaned and approved before it may even try to connect to the own network.

Timm MurrayMarch 16, 2005 12:51 PM

What do you do if you want to sneak radioactive material into a country? Hide it around smoke detectors, perhaps with enough sheilding so it doesn't stick out too much (a few cm of lead might be enough). The inspecters will go over it, and say "Ah, smoke detectors. Had three of those last week. Move along."

At this point, the group has been effectively given clearance, and thus will not be under suspicion during their stay in the country.

That's why false positives are so dangerous. It allows attackers to hide themselves inside statistical noise.

Ari HeikkinenMarch 16, 2005 2:22 PM

Well, they want to prevent nuclear devices from getting in the country. They installed radiation detection devices at their ports. Whenever those devices detect radiation they go and manually identify the source. Sounds reasonable, no? Atleast I can't tell solely from reading that article how the system actually works or how effective it is and wether or not it's worth the money spent. Is that the best they can do? Those devices actually detect radiation reliably?
If their only other option would be searching every ship inside out I guess the real measure of performance would be how much work did those devices actually save (that is, of all the ships, how many complete searches did they actually avoid deploying that device?).
Or it could be all waste of money. Maybe they spent huge amount of cash on those devices and realized they don't work, but decided to post that article anyway. Or maybe they don't have any radiation detection devices at all. Maybe they just posted that article to make terrorists think twice before trying to smuggle anything that radiates into their country. Who knows.

John MooreMarch 16, 2005 2:26 PM

Dear Bruce,

They might know security, but they don't know the science behind the device. Sounds like a successful sale by the physicists who built the system. My roommate in grad school's lab tried to sell the DOD a gamma ray detector (as part of Star Wars) to detect actual ICBM warheads during flight from orbit. My roommmate said that even if the DOD bought it, it wouldn't work because the detector couldn't tell actual gamma rays from nuclear weapons vs gamma ray bursts from the Universe. That is the same problem here. Whoever bought into the scheme didn't ask if the radiation detector could discriminate between a weapons-grade radiosource vs a natural or man-made source. They didn't do their homework. Consequently, the taxpayers have wasted their money while the physicists either get to perfect their device or cash out and go investigate something they really want to learn about. Physicists and engineers 1 DHS 0

John

Davi OttenheimerMarch 16, 2005 3:24 PM

@John
You could say the same for intrusion detection devices. They increase awareness of what is flowing on the network. They have had a hard time distinguishing exploits from vulnerabilities, and they were originally unable to prevent an attack. Do you therefore argue that they are useless and a waste of money or purchased by people who did not do their homework?

The more comments I see on this post, the more I think I would rather have port authorities investigating and tuning their system to better understand the radioactive devices entering ports, rather than see them purchasing counter-strike missles with artifical intelligence. Now those would have false-positives worth arguing about.

isildurMarch 16, 2005 3:47 PM

What everyone is forgetting in this conversation is this: Bruce is just one of many members of the media who make a living fanning the flames of Fear, Uncertainty, and Doubt.

Sure the system picked a lot of things up. Sure it is not perfect. We do have a system, which is more than we had a few years ago. We do have a government which is more educated, and more aware of the threats than it was a few years ago.

I think everyone should think about the reasons a writer writes as much as they talk about the material a writer writes. As long as a critic seems to know the problems, and can sell books based on his ideas, he is going to write whatever fans the flames and gets him paid.

If Bruce is so concerned with this issue, maybe he should design a better system and market it to the government. I think selling more books and spreading more FUD is atop the agenda today, however.

UnimportantMarch 16, 2005 4:05 PM

In reply to Davi Ottenheimer:

As far as I understood, the whole dilemma is about using such devices solely. Of course there are people who will investigate an alert and the method surely raises the bar for intruders. The question: is it difficult to hop over it?

I am pretty sure that anybody who has the connections and the money to actualy buy a nuclear device will not have problems in acquiring a shielding container. In this case, the devices do not register anything. If you are clever enough, you could ship a separate cargo which for whatever reason has a slight radiation and fool the inspectors to focus on this one instead. As soon as they find out that it was once again a false alert, they will consider their work done and head to the next freighter.

Metal detectors, drug dogs and radiation detectors are good for thoughtless criminals with little or no imagination. But with a ceramic gun, a different aroma or a powerful radiation shield, all of the techniques will fail, because the security focuses on one aspect only. Now if there is more than one approach to the problem, the security gains. But then again we have the problem of costs in relationship to the probability of such an attempt and the actual success rate.

Speaking of IDS, those systems are as clever as the people who write the rules for them. But they have one big advantage: in a TCP World, there are only four layers which can contain malicious bits and bytes, in the real World the options are quasi endless.

NylarthotepMarch 16, 2005 4:27 PM

Definitely not a false positive. The metal detector analogy is spot on. The metal detector gives an indicator of a potential weapon, then the security guard performs a defined process to determine what the object is and if it is a weapon.

With these radiation detectors, it's very similar. The detectors are calibrated to what is background radiation and anything above that will give an indicator of potential problems. Then someone must take action. What exactly that action is I don't know. I can guess though. Surveys with more sensitive and more sophisticated radiation detectors. Note that at this point they don't know exactly what set off the system. Not a false positive, because they don't know if this is natural radiation, man made non-threat radiation or weapon.

The person doing the surveys would first pinpoint the source. Big or small. Localize the area of the source. If the souce is obvious, like the fire detection equipment they can use detectors that tell them what is in the system. There are many portable systems that can do a basic level of isotopic analysis based on the energy of the radiation being emitted. In the fire suppression system it was likely Potassium-40 which is seen in PHP fire suppression systems. With that level of system you'd have to take further steps to quarentine the ship and survey everything that comes off of the ship.

In the case where the source is easily isolated, the analysis is much easier. If analysis isn't possible on site, then material removal to a better location or sampling would allow proper isotopic analysis. A smoke detector wouldn't blanket anything. First thing I would do is make them remove the detector and resurvey the area. If they refuse to remove it, they aren't allowed to unload. Or some other legislated punitive action.

As for cosmic radiation, [John Moore's comment] it wouldn't be a factor in the reactive surveys. Detectors are surveying in relatively close proximity to the source and the detectors calibration is made to ensure that they can read a certain Minimum Detectable Activity (MDA) above background.

And if you can't isolate the source, quarantine and inspect everything removed from the ship.

Now if you have a shielded nuclear weapon hidden behind a bulk head, they won't get it out of quarantine. Also, since it is unlikely that the ship would be the final delivery system for such a device, I don't see any reason a terrorist would choose container ships. A small vessel coming into a minor sea port or non-commercial port could bypass this easily and would be able to deliver the weapon to a much more effective location for maximum effect.

I won't speak to complacency, though I would point out that too many comments here assume that everyone that would do a critical job would fail to be professional and vigilant. With that view you should be very nervous going out into the real world.

Is this system in the end a good system. I think it could be better. Individual container detections would be more effective, and I beleive that that form of system is being used more that these general area systems. Another thing against them is that there is much simpler ways of bypassing these controls. Small non-commercial ports or even simple drops on small unmanned islands for later pickup by a pleasure boat would be simpler and much more effective. The KISS protocol is what should be worried about first, not the big obvious paths.

UnimportantMarch 16, 2005 5:08 PM

In reply to Nylarthotep:

I do not plan to comment forever, so this will be my last post to this topic.

The process you described should match the steps taken with every check. However, I only wanted to state that the new bar is not insurmountable, especially for such a high sensitive and dangerous cargo.

Using alternative ports is one option. Currupting the security staff is another. There are quite some other possibilities. No measure can guarantee security, so we have to ask ourselves: how much effort do we want to put into it? And how much does it cost to handle all of those false positives? Willl false negatives appear only because there was not enough time or personnel left?

As it comes to the people, well, humans will stay humans. Pretty much everybody starts at one point with more or less enthusiasm, but soon many things become routine. If I already worked overtime, I am more likely to wave through, maybe I have a bad day and cannot hang in there or the sheer amount of work does not allow me to scan everything as detailed as I would like to. So I do not think that people do not want to do the job right, I am convinced that often they simply cannot. In the end, a security officer is just an employee with limitations, affecting either the budget and/or the personnel.

Roy OwensMarch 16, 2005 5:53 PM

On March 3rd, USA Today reported a man in Escondido setting off a radiation alarm on a fire truck three times. Deputies 'detained' him for an hour while verifying he'd been treated with radionuclides. (It would take how many seconds to ascertain he wasn't carrying a nuclear weapon?)

Was the detector sensitive enough to detect a nuclear weapon in passing? We don't know. Was the detector specific to nuclear weapons? No. Detecting legitimate nonweapon radiation sources is a failure, not a success.

John MooreMarch 16, 2005 11:27 PM

I am not a physicist by training, but a molecular biologist who used radionuclides as tools for his work before switching fields to earn a living. While a nuclear weapon can be considered a case of applied physics, its detection depends upon physical principles of detection. The detector will have to be passive and it will use photodetectors to detect the photons given off by a particular type of radiation passing through a particular medium in the device, It can't be alpha or beta particles because those are too short range and are easily shielded by common materials. Therefore, it must be a gamma radiation detector. We live in a sea of radiation. The Sun is a gamma radiation emitter. There are hypernova emitting more energetic gamma rays then we can practically comprehend billions of light years away. It may not be physically or economically practical to build a gamma ray detector that can discriminate between a nuclear weapon and a natural source or the information may be classified by the DOE who does have the technology. On the other hand the DOD has lost and not recovered nuclear weapons, so therefore, we can posit that nuclear weapons are difficult to detect and find even for the people who build, store and use them. The analogy between the radiation detector and the IDS isn't a valid one. TCP/IP protocols are man-made and only 30-40 years old. You can control what information flows through your twisted pair cables IF you want to spend the money and you can certainly capture everything on the wire and store it for later retrieval and analysis if you need to. That is not possible in the real world. Theoretically, we can control everything that comes into our ports, but the cost is enormous to do so. Technology is a two edged sword and is a creation of the human mind. It is used as a tool to help the security professional or aid the terrorist. As Bruce has stated, security is a process and the best tool is the human mind. For people to rely on a radiation detector that has poor signal to noise ratio is bad. If it's the best tool they have at the time, then their security process will take that into account hopefully until the discrimination is improved. The alternative is that they are ignorant of how the tool works, they don't understand it's flaws and they are overly reliant on it's detection abilities to the point where they are chasing shadows and the tool is doing more harm than good as well as providing a false sense of security. I'm guessing the former rather than the latter, but who really knows.

John

Curt SampsonMarch 17, 2005 12:35 AM

In the article, I didn't see anyone saying that the "system is working." I just saw them saying that the radiation-detection devices were working. And that they have been triggered by things emitting radiation seems to me a reasonable indication that, at least sometimes, they detect radiation.

Perhaps this is a case of reading a little too much in to the article.

RogerMarch 17, 2005 4:11 AM

It might perhaps be more accurate to say that a dumbed-down Reuters report has no clue about security. A much better reference can be found at:
http://www.fas.org/irp/crs/RS21293.pdf
Some food for thought:

1. While not explicitly given as a threat matrix, the opening paragraphs of this report seem to be discussing one. The conclusion is that this is a serious problem and considerable effort should be expended on it.

2. They acknowledge that no one method can be reliable, and talk about "defense in depth". The front line is giving money and technical assistance to various FSU states to help them clean up their mess. Detecting radiation at ports is called "the last line of defense".

3. The program being discussed in the Reuters report is a test bed, not a finished system.

4. They inspect--physically inspect, that is--around 550,000 container shipments per annum, among many other things. The 10,000 "false positives" appear to have been accumulated over a period of 5 years since May 2000. If the "hits" were all from items already under inspection, this is a rate of less than 0.36%, which isn't that bad, especially considering they aren't really false positives in the usual sense, but just additional information for the inspector. However if the detectors were suggesting additional inspections, this really is a false positive rate--but it is only about 200 ppm.

5. With respect to John, a radioactive source so weak it's drowned out by the background might be undetectable but it's also harmless! In the presence of a normal level of background, we can detect sources billions of times weaker than what would be required to build a moderately effective "dirty bomb". (Several thousand curies, according to simulations.) And as Bonner's proud boast about the South Korean ship indicates, they can detect 1 microcurie of Americium-241 (the contents of a smoke detector). That's a several billion to one advantage. Not impossible to shield your dirty bomb enough to get it below that level, but you'll need a /lot/ of shielding. At least 30 half-thicknesses, which for the hardest Am-241 gamma amounts to about three feet of solid steel.

6. Uranium fission bombs have much lower levels of radioactivity, but then Mossbauer spectroscopy comes into play. This is a very clever application of the Mossbauer effect which enables a detection system which tunes out most background gammas and very sensitively detects just one isotope. Furthermore, unlike older detectors, it can tell you the exact direction to the source. The disadvantage is that the detector has to be designed for one particular isotope. But we know exactly what we want to detect in this application: U-235. (Plutonium is much harder to turn into a bomb, and much easier to detect by other means.)

NylarthotepMarch 17, 2005 6:06 AM

I am trained as a health physicist, and I worked in the nuclear field for over 13 years before I found a job in IT security so that I could make enough money to live.

Roy Owens I think is missing something that is being misconstrued by a lot of people. Radiation detectors do detect materials that are not nuclear bombs. In fact the Escondido sounds like the person was detained because they were uncertain as to the source of the radioactivity that was detected in him. It is highly unlikely they actually thought he had a nuclear weapon hidden in him. It could very well have been an indicator though that he had been working with sufficient amounts of radioactive materials where he became contaminated and the police were detaining him to ensure the explanation was non-threatening. Fire departments use broad spectrum detectors, not sophisticated detection systems. This is to ensure that they detect radiation in the broadest possible way and they require insturmentation that can take physical abuse (which the sophisticated equipment usually cannot).

To Unimportant: I agree that people at times become complacent, but there seems to be an overwhelming cynicism at security sites with respect to it. I understand that people have bad days and make mistakes, but that doesn't mean that systems can't be designed with checks and balances to ensure that no one person is solely responsible for important decisions. Reviews of the survey information, in this case, prior to allowing the ship to be unloaded, would allow for overview and secondary actions if the person in charge is concerned. I admit it isn't perfect and that it can be corrupted, but if you assume that the failure will happen, and don't take into account that the system will likely stop or deter the problem, you may as well not bother.

No one will ever have a perfect system for security. That should be understood. But, you can design systems so that they maximize the saftey checks involved and form an acceptable cost to benefit ratio possible.

Thanks Roger for the link and comments.

JohnMarch 17, 2005 8:27 AM

Too many false positives is a problem. I was at a buffet having lunch the other day and the fire alarm went off. Everyone started looking around, but no one actually got up to leave. This is a crowded restaurant (probably about 100-150 people). We are so trained to hear alarms for training, that we don't react when we don't know that there is a test going on.

I've heard similar things about firedoors. People will be in buildings where there is a fire, and they will attempt to go to the main doors of the store even if they have to pass by an emergency door.

Also, if you are trying to bring in weapons to make a nuclear weapon or dirty bomb, why not just mask the radiotion with something that already is radioactive? Put the uranium inside of banana's and you expect the radiation. Then once you have gotten past customs, take that crate of bananas somewhere else to extract the uranium.

Anonymous cowardMarch 17, 2005 9:44 AM

The whole story remains me of the Maginot line. The Germans knew that it was heavily fortified, and did the smart thing: avoid it!

Now that the potential smuggler know that harbours are equipped with radiation detectors, what are the other entrences? Are all customs equipped with detectors? ;-)

ProbitasMarch 17, 2005 10:47 AM

I would say that Bruce's comment regarding the need to understand security belies a certian assumption, that being that the people who appear to not understand security may have different motivations than those of the front line security personnel. The fact that they boldly make statements which ignore basic realities of security (or any other subject for that matter) means that the target audience of that statement is probably not the well-informed, front line personnel, but rather the relatively ignorant consuming public. To lose sight of this important distinction is to lose perspective when trying to determine what message they were really tring to convey.

I concur with the metal detector analogy. The best technology we have right now permits us to detect something which could indicate the presence of a weapon, or the presence of common household goods. WE can't automate the process entirely. The machine needed to do that would be in intent detector, which is not currently available. I am guessing that it will come shortly after the introduction of the "hinkiness detector" Bruce speaks of at times. Using radiation dectors is merely a device to let inspectors know where they are most likely to find a problem; they will still have to devote time to looking for it. The job of these inspectors is to look through shipments for contraband.Would you rather have an experienced, well trained guard searching a group of containers at random, or devoting their resources to places most likely to contain the contraband?

Why did Jesse James rob banks? Because that's where the money is kept.

David DonahueMarch 17, 2005 2:20 PM

I think what the various government sources are really saying is that "we have system of detection and response". The response system (a human procedural system) responds to any alarms and is working. "See we responded to X alarms". Of course we have the alarms set so the possibility of a false negative (a missed bomb) is low. Of course with such a setting there is increased cost in false positives, but the increased cost is justified by the risk/value of the assets protected. Besides the false positives provide real-world training for the response personnel which keeps them ready for an actual detection, should one occur.

Given these factors, harping on the false positives only becomes valuable if the response personnel are overwhelmed or the costs unjustified.

GandalfMarch 17, 2005 4:41 PM

Seems to me the questions are:
1. Is this system potentially capable of reducing the risks of the importation of a nuclear weapon?
2. Do the reported results confirm that the system is actually achieveing that potential?

Surely the answer to 1. Is No.
As several people have observed, it's quite easy to shield a nuclear device below backgound. That's normal practice with 'proper' nuclear weapons, since otherwise they'd create detectable radiation from submarine launch platforms, as well as presenting handling hazards. Shielding technology is so routinely used in healthcare, that even a rogue state can get the necessary materials embargo-free.

The answer to the question 2 is that the number of false positives tell us NOTHING about the effectiveness of the system. These could be happening for all sorts of spurious reasons, including faulty design (emissions from equipment itself), faulty setup and operation, local radiation sources, ambient radioactivity.

As one of the other commenters suggested, to evalaute a detection system you need to run a proper blind trial, looking for true and false positives and true and false negatives. Then you do a Bayesian tweak of detection thresholds allowing for costs of all these 4 outcomes.

And then you have an operational system.

Absent that, this system seems a waste of money.

NylarthotepMarch 17, 2005 6:24 PM

Review the article that Roger linked above. (http://www.fas.org/irp/crs/RS21293.pdf)

With the CRS report to congress statement, it appears that the intent is to protect against nuclear weapons only. The intent of the report is nuclear attacks on our mega-ports. If this is the only reason for all of this work in installing system, then it's a total waste of time. If the attack is on the port, why would a terrorist wait for the chance of detection, when they could detonate the device as soon as they arrive at dock side?

At this point I don't fully understand what the government's strategy is with the use of these detectors. Obviously the attack on a port with a nuclear device wouldn't be detected in time. If their intent is to prevent a "dirty" bomb or the delivery of a nuclear device elsewhere, then this equipment would very likely detect it.

As to Gandalf's comment on Nuclear war heads on a submarine. Why would they shield them? First, they are attached to rocket for deliver, and weight is very important, so they don't shield them. Secondly, all US submarines are Nuclear. There is a fairly powerful nuclear reactor only a few meters away. When submerged, that reactor isn't detectable on the surface. I've been on quite a few nuclear subs. The radiation worry on a sub is not the weapons.

Detector science isn't something new. There is a huge amount of science related to radiation detection and Health Physicists know how to use them to detect radioactive material.

No blind trials are needed. That's why the systems are calibrated. I still disagree that the scenario described is a false positive, but you can look at my first comment for that. Oh, and radiation detectors don't emit radiation. And Electronic signal noise is addressed with design and calibration. As for ambient radiation (background) it is also part of the system calibration. The system is set up to be able to detect a base level of radiation above the background. If one of these detectors goes off that doesn't mean that that is the end of the process to evaluate the treat.

I think that there is a lot more information needed related to this specific scenario to be able to make a judgement on the usefulness of the system. What exactly are they trying to detect? What are they trying to protect? What are they trying to prevent (all scenarios)?

There is more, but these would give you the basics.

GandalfMarch 18, 2005 10:07 AM

Thanks Nylarthotep! However...

This system is designed to prevent nuclear weapons being brought in to the country. Detonation at entry port would be bad, with heavy fallout from the surface burst. But detonation in a busy financial center would be worse, with heavy loss of life & EMP effects. So I would not count detonation at port as a failure.

On the submarine topic, the captain of the last US nuclear submarine I visited assured me that I'd be getting less radiation when we were submerged than I would walking in the park. The reactor is shielded as well as the warheads as part of the fabric of the sub. I'm not up with the latest Trident warhead designs & possibly they don't have internal shielding. But I don't think this negates my point about the shieldability of nuclear weapons on a ship.

I'm a cynic about complex equipment having experienced a plethora of spiffy new weapons failing abjectly in the field. Stuff that worked in the lab failed when deployed for myriad reasons - from flaky power supplies through environmental stress (e.g. being dropped from a great height!) to service operator error. Not to mention design or manufacturing defects. Not incompetence, just complexity - the BMD system is a current example.

Anyway, back to the question of whether the false positives tell us anything. Assuming that the equipment flagged real radiation sources only, no matter how benign, this tells us that it detects radiation. Nothing more.

But detecting radiation sources is not the mission of the equipment - it's supposed to detect a nuclear weapons. The design of such weapons is known, as are the stratagems engineering professionals would use to shield them (Al Queda has trained engineers).

Weapons not too different should be fairly easily put together - the last W-79 artillery shell was not dismantled until 2003. To test the detection system, I'd expect the team to have a W-79 put together & then use it in a real test, with shielding.

Maybe they did this, but publicizing false positives suggests otherwise.

rjhMarch 18, 2005 11:57 AM

Commenters seem rather ignorant on the variety of potential weapons. There is more than just the worry about explosive nuclear devices. A much more significant worry are "dirty conventional" devices built using non-explosive isotopes. These pose the problem that isotopes like radio-cesium and radio-cobalt have routine industrial uses as well as potential for very damaging terror uses. Only direct inspection will reveal whether the detected isotope is part of a proper industrial use or not.

Since there is a very long list of dual use candidates, the proper sequence of inspections needs to be:

1) A broadband detector with a near zero false negative and a modest false positive. This is used to allocate inspection resources. (It sounds like this is what is in use and identifying the 0.36% of shipments that need more careful inspection.)

2) A series of other human and machine inspections that have greater specificity. For example, to remotely detect nuclear explosive isotopes you squirt some neutrons at the suspect object and do a multi-spectral multi-detector analysis of what comes out. This is safe, but takes more specialized equipment and time. That was how the Swedes confirmed the presence of nuclear weapons on the grounded Russian sub a few decades ago. The neutron beam forming is good enough to distinguish between the reactor section and the torpedo room.

Most ports also have full container X-ray systems (because there is a lot more to smuggling than just nuclear devices). These work but take time to use, so a pre-screening is needed. They are good at detecting uranium and plutonium metal, but not other forms. Their more common use is to answer questions like "Is this container full of frozen turkeys or does it contain stolen cars?"

The multi-level need is also why the fire and police use a broad spectrum detector alarm that triggers on patients with radioisotopes. Some of those radioisotopes are also candidates for dirty bombs. No machine can tell whether the isotope is present because of a medical treatment or because of terrorist activity. So individual investigations are triggered. This is a serious inconvenience for a growing number of patients, so the radiology community is trying to find a way to quickly identify legitimate medical use and separate it from other illegal uses. It won't be a machine.

GandalfMarch 18, 2005 5:46 PM

RJH:
Right, looking for unshielded radio-isotopes is a bit more plausible. But who on earth would go to the trouble to import them?

They're easy to source locally - any radioactive waste from industry and medicine will do, or failing that devices used for food irradiation or to check welds in pipelines.

Still, I hope it all works - thank you Bruce for stirring up this lively discussion!

rjhMarch 18, 2005 7:26 PM

In the US, radio-isotopes for legitimate use are closely tracked. They can be stolen, but it is not as easy as you think. There are also plenty of detectors in places other than ports. The problems for patients being treated with radioisotopes have become significant.

Radio-cesium was (is?) available without restriction in the Soviet Union. It was put into some very widely deployed agricultural equipment, and that equipment was not tracked. So there were tons of the stuff hanging around in junkyards and farmyards. I hope that most of it has been collected by now, both to reduce terrorist threat and to reduce danger to the Russian population.

It is probably easier to collect radioactives outside the US, make the bomb parts, and ship them to the US. The tracking systems in some countries are very lax. If someone does this, it will likely come in through a port.

MordMarch 20, 2005 2:39 AM

Unless there is information we are not being given (which we should concede is almost a certainty) there is no way to evaluate the effectiveness of this. The nuclear bomb in a cargo crate is going to be most likely be a well shielded weak alpha emitter. Without sticking some similarly well shielded weak alpha emitters in cargo crates, and seeing if the test flags them, and actually getting a empirical false-negative and false-positive rate for the system...

Bruce is dead on; the people in charge don't understand how to evaluate a test, or if they do, they don't know how to talk about it in such a way as inspires confidence. For all I and Joe Public knows, the false negative rate is 100%. Do they know what it is? Have they checked? I think they are probably wasting lots of money and saying "You're all safe from attack now, please continue making the economy go"

Scott InnesMarch 23, 2005 9:16 AM

I am not a security professional. I am a vested member of the modern world. As such i have tremendous interest in a secure environment, at a reasonable cost.

Even being a California resident, a generally quite pleasant part of the Earth, security both physical and electronic is an iffy thing. And costly to boot. So finally to my question/observation.

There seems to be a entirly new possiblity for both enhancing physical and electonic security, while dramatically lowering the cost.

I suspect most who have indulged me to this point have stopped reading. Much like one might stop reviewing a recipe upon finding the next listed ingredient is 1/2 cup fresh vomit. But for those of you still curious about my particular form of maddness, i continue.

For any of my ideas to be sound, this fundemental issue must be correct; We have absolutly no privacy whatsoever. Any delusion that any of us in the modern have privacy is so easily disproved, i will spare you any indulgence here. This is stated to derail the canard that my "solution" to our security needs by establishing private companies whose entire commitment is to track your location at all times, somehow violates our supposed need for privacy.

Scott InnesMarch 23, 2005 9:30 AM

Opps, hit the post rather than the preview (seems we humans like to design things that encourage error). Sheesh, it is really tough being a people.

But to finish. Why would a "security" system based on private companies that only do one thing, keep track of your location at all times, and release this to others only upon your authorization, not work? And produce a much more reliable base for all forms of security platforms? At much less cost than we currently expend for an ongoing series of significant daily failures? Like missing chidren and all forms of finacial transactions for example.

bangbusMarch 23, 2005 10:45 AM

To Unimportant: I agree that people at times become complacent, but there seems to be an overwhelming cynicism at security sites with respect to it. I understand that people have bad days and make mistakes, but that doesn't mean that systems can't be designed with checks and balances to ensure that no one person is solely responsible for important decisions. Reviews of the survey information, in this case, prior to allowing the ship to be unloaded, would allow for overview and secondary actions if the person in charge is concerned. I admit it isn't perfect and that it can be corrupted, but if you assume that the failure will happen, and don't take into account that the system will likely stop or deter the problem, you may as well not bother.

DaveApril 24, 2006 9:06 AM

Hey I have heard of a friend of mine who was recently pulled over at the border and question on whether anybody in his family had ever undergone any recent operations lately. They all answer no which was tue. They were sent for further investigation. It turned out that the radiation border detectors picked up on the guys nuclear medicine he had been taken for cancer. A nasty medicine but obiviously the dector picked up on it so its a good thing.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..