ATC is an excellent working example of complex event processing.   Radar and GPS provide the basic sensory information to accurately track and trace the position of each aircraft in the area of responsibility (AOR) of a particular control tower/zone.     Naturally,  sensory information is preprocessed and formatted in such a way that the data can be processed upstream by multiple real-time applications.

Before we look at complex ATC scenarios, such as “potential collision” or “aircraft off approach vector” we must trace and trace individual objects, aircraft-objects, accurately with very high confidence.    In addition to tracking aircraft-objects, there is a database of information about the aircraft (ideally), such as make, model, age, range, passengers and other properties about the aircraft-object.      In addition, there is a state-model for each aircraft, for example the aircraft might be “on the ground”, “approaching the runway”, “cleared for takeoff”, “cruising altitude”, “approaching runway”, “final decent” etc.  

Tracking and tracing individual aircraft is what is generally referred to as “object refinement” in our CEP/EP reference architecture.   The reason we call this function “object refinement” is that system engineers are focused on optimizing the situational knowledge about individual objects.     Sometimes we refer to this function as “track and trace” because that is what we are doing to  each object in the model.  In Marc Adler’s recent shoplifting scenario, Marc was interested in tracking and tracing people in a store using imaging processing techniques to estimate their behavioral patterns.  In the same way, before we can process for scenarios such as “potential shoplifter” or “suspicious criminal gang activity” we must be able to accurately process (track and trace) individual object, such as people or merchandise.

Back to aircraft and ATC, the “complex event processing” begins when we are looking about object-object relationships, in this model, aircraft-to-aircraft, but this is an overly simplistic model, as we have not yet added (to our model) ground features (towers, buildings, power lines), weather (storm cells, wind) and other flying objects (known migratory bird paths, swarms of insects) to our simple model.  

Complex event processing occurs when we are processing multiple objects in our model looking for threats in real-time.     Practically speaking, all ATC applications are CEP applications.  This means that vendors and integrators who build ATC applications are also CEP vendors.   

Editorial Note: CEP/EP has been around for a long time and was not recently invented in the past decade as some “inventors” would like for us to believe. 

As you can imagine, there is considerable “complex event processing” that goes on “behind the scenes” to provide air traffic controllers and pilots situational knowledge into the “friendly skies”.   As you might further imagine, the situation is more complex when the skies are “not so friendly”, for example, in air combat situations.   

Processing myriad objects is not the end of the processing “chain”.  For example, decisions are being made constantly about potential damage, alternative airports, and more.    In our reference model, we refer to this, generally speaking, as “impact assessment” because we must take an estimated detected complex event, for example “aircraft collision,” and estimate potential damage based on numerous factors such as, the amount of jet fuel in the aircrafts and the location of the aircrafts (over a large city or rural area, near a hospital and emergency services).   Regardless of the scenario, an impact assessment is normally required before optimal decisions can be made.

This is true, by the way, for our shoplifting example (the impact is different if a piece of gum is stolen versus a $1,000,000 diamond necklace or weapons-grade nuclear material) and other scenarios and models.  Static data (information about objects) is required for accurate decision processing.  

Impact assessment is not the end of the “knowledge chain”.    Decisions are constantly being made that effect resources.  For example, suggestion an alternative route for an aircraft is a resource management decision.    Turning on and off radar or switching to alternative tracking devices is a resource management function.  In our CEP/EP reference model (based on the JDL data fusion model), we call this “resource management”.   This function includes contacting emergency services and directing them to a potential crash location or sending out a message to instruct all aircraft to stay off a certain radio frequency.  Resource management is critical.

Our simple ATC model today is by no means complete, it just scratches the surface.  In fact, I have a very close friend, Mark Secrist, who is a former Marine fighter pilot and currently a senior captain for American Airlines.   I have asked Mark to read this post and help me further refine this crude “laymans” ATC model (Thanks Mark!).

Marc’s initial shoplifting model in his post is based on John Colapinto’s concepts of matching a pattern of customer movements in the store with their estimated patterns of shoplifting behavioral patterns.    Marc’s asks how Coral8 might address this.   We are not ready to seek a vendor solution.  We do not yet have a workable detection model.

As indicated above, I don’t think the example situation cited by John and Marc is a viable model for automated processing.    Tracking the behavior of customer’s movements, by machine, would require some very sophisticated image processing technology that would be too expensive compared to any possible loss at most retails stores.    This type of behavioral pattern recognition. in retail stores, is performed by people (security personnel), not machines, observing people.  

To develop a machine pattern recognition application to detect retail shoplifting we need to build detection models that are economically feasible.  If we are going to use a model of shoplifting pattern recognition versus anomaly detection, we need to define the objects we must track.  

In the most simple model, we have merchandise-objects.   Stores normally (physically) track merchandise-objects only at the exit/entry points of the store using some electromagnetic proximity detection technology.   In this model, the detection configuration is a combination of simple alerting with humans watching the store (”minding the store”).    This is not complex event processing.

However, if we added another object to our model, the customer-object, then we start to get more “complex,” but we have not defined “complexity” yet because we have not defined the object properties, the possible states of the objects, and the relationships between the objects that are the basis for estimated situations.

Hence, model building is constrained by available resources, simple economics and risk (cost-benefit).  If we are detecting shoplifting in Walmart the cost-benefit model for implementing an automated shoplifting detection system would be different than at a top diamond store on 5th Avenue in NYC.   Protecting loss at a weapons-grade uranium respository follows a different model than protecting loss at a handicraft shop, naturally.

Like Marc, I find models to automatically detect shoplifting interesting, so permit me to close with a general discussion of shoplifting in the context of our CEP/EP reference model.

One approach would be do determine what objects will be represented in our model.   For example, if we are going to track merchandise, we need to model the ”merchandise-object”.  If we are going to track people, we need to define the properties of this “person object.”  If we are going to represent the store layout, we need to define all these objects (store-object, table-object, shelf-object, entry-object and so forth).  The model can get “complex” quite quickly. 

Editorial Note:  An object-oriented approach greatly assists complex model building because we can benefit from OO properties such as encapsulation and polymorphism.  For example, we can define a basic “person object class” and then create superclasses of this object for “customer-object”, “manager-object”, “or criminal-object.”

Generally speaking, each object we define will require a state-model, for example, in Marc’s example of a customer moving around the store, we would need to model the possible states (customer at the entrance, at table 1, at table 2, at shelf 1, in the bathroom, at the cashier, etc.)  Indeed Marc, this is complex event processing if we have modelled multiple objects and defined object-object relationships that indicate situations of interest.   For example, customer-object at table2 where merchandise-object has the property of  ”very expensive, high risk” and then customer-object changes state to “in bathroom”.  Of course, we need more key indicators, but you get the idea.

Right now, I am typing from the Taste from Heaven Vegetarian Restaurant in Chiang Mai and my battery is running low.  The owner of this excellent restaurant also runs the Elephant Nature Park, a non-profit organization advocating and acting on behalf of the rights of the mighty elephants in Thailand.  Would be great if we could also automatically detect the situation of “elephant abuse” by poachers and other crimes against nature.   Time to get back to my delicious mushroom salad, Northeastern Thai style.

As always, thanks for reading, time for me to get back to eating!

When the original iPhone came out I thought it was pretty cool, but at the end of the day it did not do for me what my Windows Mobile Smartphone did.  Namely gave me 3G access speed and Exchange integration.  Those two things alone were enough to keep me a Windows smarthphone user.

As I wrote earlier July 4th my phone got wet in my backpack and though I have blown dried it often since than, it has just never come back. I can make a call now and than and use, but you never know when it is going to whig out and I have to reboot (actually it was like that before it got wet, but it is much worse now).  So having had this phone over a year, it really was time for a new phone. 

I was not totally sold on the iPhone and it was not my only choice. I wanted no part of the lines and crowds, so I waited until Saturday to go to the ATT store and see what my options were.  Frankly, I didn't have many options.  The upgrade for my current phone is the HTC Tilt.  Nice phone and I would consider it, but not at the $450 dollars that they wanted to charge me.  After that, there was the Blackjack, not interesting.  A few others and than Blackberries. I need the Exchange integration.  So when it came down to it, you could not beat the $199 price for the iPhone. The 2 year contract didn't scare me, as I am at ATT wireless user for about 10 years already.  The only bad part is that they did not have any in stock and I had to order mine. It should come within 5 to 7 days, but all set up for me to just plug in to iTunes and away I go!

So a few more days of this water logged brick and than on to joining the "mod squad".

Yes, the New York Police Department provided an escort, but during more than eight hours on Saturday, one of the great hoards of coins and currency on the planet, worth hundreds of millions of dollars, was utterly unalarmed as it was bumped through potholes, squeezed by double-parked cars and slowed by tunnel-bound traffic during the trip to its fortresslike new vault a mile to the north.

In the end, the move did not become a caper movie.

“The idea was to make this as inconspicuous as possible,” said Ute Wartenberg Kagan, executive director of the American Numismatic Society. “It had to resemble a totally ordinary office move.”

[...]

Society staff members were pledged to secrecy about the timing of the move, and “we didn’t tell our movers what the cargo was until the morning of,” said James McVeigh, operations manager of Time Moving and Storage Inc. of Manhattan, referring to the crew of 20 workers.

From my book Beyond Fear, pp. 211-12:

At 3,106 carats, a little under a pound and a half, the Cullinan Diamond was the largest uncut diamond ever discovered. It was extracted from the earth at the Premier Mine, near Pretoria, South Africa, in 1905. Appreciating the literal enormity of the find, the Transvaal government bought the diamond as a gift for King Edward VII. Transporting the stone to England was a huge security problem, of course, and there was much debate on how best to do it. Detectives were sent from London to guard it on its journey. News leaked that a certain steamer was carrying it, and the presence of the detectives confirmed this. But the diamond on that steamer was a fake. Only a few people knew of the real plan; they packed the Cullinan in a small box, stuck a three-shilling stamp on it, and sent it to England anonymously by unregistered parcel post.

This is a favorite story of mine. Not only can we analyze the complex security system intended to transport the diamond from continent to continent­the huge number of trusted people involved, making secrecy impossible; the involved series of steps with their associated seams, giving almost any organized gang numerous opportunities to pull off a theft­but we can contrast it with the sheer beautiful simplicity of the actual transportation plan. Whoever came up with it was really thinking­and thinking originally, boldly, and audaciously.

This kind of counterintuitive security is common in the world of gemstones. On 47th Street in New York, in Antwerp, in London: People walk around all the time with millions of dollars’ worth of gems in their pockets. The gemstone industry has formal guidelines: If the value of the package is under a specific amount, use the U.S. Mail. If it is over that amount but under another amount, use Federal Express. The Cullinan was again transported incognito; the British Royal Navy escorted an empty box across the North Sea to Amsterdam -- ­where the diamond would be cut­ -- while famed diamond cutter Abraham Asscher actually carried it in his pocket from London via train and night ferry to Amsterdam.

What a week - it’s like I’m swimming uphill both ways and it’s snowing. An extra large helping of news to make up for being late this morning. And hey - thanks to all of our new subscribers that joined us yesterday. Welcome!

Click here to subscribe to Liquidmatrix Security Digest!

And now, the news…

1. The Attack that made Kevin Rose Cry - Revision3
2. BBC NEWS | Science/Nature | Monkey’s brain controls robot arm Always mount a scratch monkey - seriously.
3. Will your mobile squeal to the police? | The Register Will your mobile find a horse head in it’s bed?
4. Download al Qaeda manuals from the DoJ, go to prison? | The Register Another pair of articles analyzing the somewhat chilling effect of doing research and finding yourself in jail… do we accept this as a society or not?
5. The New Order: When reading is a crime | The Register
6. Facebook mob trashes £4.4m Spanish villa | The Register Anyone else surprised that the girl didn’t claim it was hackers — and faintly reminiscent of the Craigslist “The contents of this house must go” issue.
7. Bletchley Park and the decay of the museum buildings Plcurecuernxf - fcraq n craal ba gur ravtzn naq fnir gur jbeyq sebz Uvgyre ntnva - be gur npnqrzvp trgf vg.
8. 22 French Hackers Arrested 22 SkriptKiddies singing the Jean Valjean lines from Les Miserables… the horror.
9. USA 2008 : Briefings Schedule All your briefs belong to Jeff Moss
10. Rands In Repose: We Travel in Tribes I’m sneaking this one in to see if you are paying attention - which Diamond Age phyle do you belong to?
11. State of the Internet It’s all about the metrics baby.
12. Red Curtain: An Unsung, Free Security Application Anyone willing to sing in the comments?
13. Computer trained to read minds Neo sez - BLUE PILL, take the frakkin blue one!
14. National Journal Magazine - Chinas Cyber-Militia Good catch Matt Franz - is this responsible journalism or just journalistic asshattery.
15. Did Hackers Cause the 2003 Northeast Blackout? Umm, No | Threat Level from Wired.com And 27/b6 weighs in on the issue… with maybe a little more journalistic integrity.

Tags: News, Daily Links, Security Blog, Information Security, Security News

This question of state government's recent origins, and, conversely, of its long failure to originate throughout most of human history, is a fundamental concern for social scientists. Until fifty-five hundred years ago, there were no state governments anywhere in the world. Even as late as 1492, all of North America, sub-Saharan Africa, Australia, New Guinea, and the Pacific islands, and most of Central and South America didn't have states and instead operated under simpler forms of societal organization (chiefdoms, tribes, and bands). Today, though, the whole world map is divided into states. Of course, most of that extension of state government has involved existing states from elsewhere imposing their government on stateless societies, as happened in New Guinea. But the first state in world history, at least, must have arisen de novo, and we now know that states arose independently in many parts of the world. How did it happen?

[...]

...anthropologists, historians, and archeologists tell us that state governments have arisen independently under one of two sets of circumstances. Sometimes external pressure from an encroaching state has placed a people under such duress that it ceded individual rights to a government of its own that would be capable of offering effective resistance. For instance, about two centuries ago, the formerly separate Cherokee chiefdoms gradually formed a unified Cherokee government in a desperate attempt to resist pressure from whites. More frequently, chronic competition among warring non-state entities has ended when one gained a military advantage over the others by developing proto-state institutions: one example is the formation of the Zulu state by a particularly talented chief named Dingiswayo, in the early nineteenth century, out of an assortment of chiefdoms fighting each other.

[...]

We regularly ignore the fact that the thirst for vengeance is among the strongest of human emotions. It ranks with love, anger, grief, and fear, about which we talk incessantly. Modern state societies permit and encourage us to express our love, anger, grief, and fear, but not our thirst for vengeance. We grow up being taught that such feelings are primitive, something to be ashamed of and to transcend.

There is no doubt that state acceptance of every individual's right to exact personal vengeance would make it impossible for us to coexist peacefully as fellow-citizens of the same state. Otherwise, we, too, would be living under the conditions of constant warfare prevailing in non-state societies like those of the New Guinea Highlands.