Patent Application
20050251397
Threat scanning machines are often employed in locations where safety and security are at issue. Transportation facilities, for example, airports, train stations, seaports, and the like, may employ threat scanning machines to detect security threats within passenger or freight baggage. Other facilities, such as office buildings, government buildings, court houses, museums, and the like, may also employ threat scanning machines to detect, for example, restricted items being carried by a person seeking entry to the facility. A threat scanning machine, as used herein, refers to any device capable of scanning an item to detect an object defined as a threat, or any object that combined with one or more other objects is or is capable of being a threat. A threat, as used herein, can be anything that is restricted from being brought aboard a vehicle, into a building or into an area.
Threat scanning machines may be of different make and model, including carry-on bag scanning machines, checked-bag scanning machines, walk-through metal detectors, x-ray scanners, computerized tomography devices, magnetic resonance imaging devices, cargo and freight scanners, package scanners, and the like, thus requiring individualized maintenance and control of each machine's software and data components. The task of individually maintaining and controlling each machine may be time consuming, prone to error and expensive. For example, when supervisor attention is required at a particular machine, the supervisor must physically go to the machine, assess the situation and provide guidance to the threat scanning machine operator. As another example, when the software in an existing threat scanning machine needs to be upgraded, the media containing the upgrade may be required to be carried from machine to machine in order to perform the upgrade. The diversity of threat scanning machine types and the varied locations of threat scanning machines pose obstacles to the efficient management of the threat scanning machines.
In an exemplary embodiment of the threat scanning machine management system, the threat scanning machines are connected to a communication network. One or more command and control center computers are connected to the communication network. The threat scanning machines, possibly of different make and model, are adapted with hardware and software to allow them to communicate over the network with the command and control center computer. The command and control center computer is adapted with software and/or hardware to control and manage threat scanning machines. In another exemplary embodiment of the present invention, the command and control computer can transmit data, such as, for example, operational software and threat profiles to the threat scanning machine; and the threat scanning machines may transmit data, such as, for example, images and performance data to the command and control computer.
In yet another exemplary embodiment of the present invention, a supervisor may view the images or performance data of a threat scanning machine remotely on the control center computer, assess the situation and assist the threat scanning machine operator remotely, thereby permitting the supervisor to manage multiple threat scanning machines in an efficient manner. In still another exemplary embodiment of the present invention, the threat scanning machine management system may be dynamically configurable, the network may be a wireless network, and the command and control center computer may be a portable device, thus permitting a superior to manage the threat scanning machines while remaining mobile. In still another exemplary embodiment, a group of operators within an operator pool are used to scan images associated with scanned items to check for threats. Furthermore, through the use of item and passenger identifiers, items and passengers can be tracked
While the exemplary embodiments illustrated herein may show the various components of the threat scanning machine, and corresponding command and control center, collocated, it is to be appreciated that the various components of the system can be located at distant portions of a distributed network, such as a telecommunications network and/or the Internet or within a dedicated communications network. Thus, it should be appreciated that the components of the threat scanning machine and the command and control center, respectively, can be combined into one or more devices or collocated on a particular node of a distributed network, such as a telecommunications network. As will be appreciated from the following description, and for reasons of computational efficiency, the components of the communications network can be arranged at any location within the distributed network without affecting the operation of the system. Also, the exemplary embodiments shown provide a layout of the system in which the subsystems (i.e. Threat Management, Remote Management, and Maintenance Server) are shown separately for conceptual clarity and for illustrative purposes in both the threat scanning machines and the command and control center. However, it should be appreciated, that other layouts, groupings, and/or arrangements of the subsystems within the system may be used. Furthermore, while the exemplary embodiment will be discussed in relation to one or more command and control centers, it should be appreciated that the systems and methods of this invention can work equally well without a command and control center architecture. For example, the logic and accompanying hardware/software functionality of the command and control center(s) can be distributed throughout one or more of the remaining components of the architecture, such as in the threat scanning machine(s), for example, in a distributed peer-to-peer network, or the like.
Furthermore, it should be appreciated that the various links connecting the elements can be wired or wireless links, or a combination thereof, or any known or later developed element(s) that is capable of supplying and/or communicating data to and from the connected elements. Additionally, the term module as used herein can be any hardware, software of combination thereof that is capable of performing the functionality associated therewith.
The threat scanning machine management system 100 shown in
In operation, the exemplary command and control center 110 communicates with one or more threat scanning machines 106 via the network 112. The command and control center 10 may transmit data to the threat scanning machine, for example, operational software, authorized users and credentials, threat profiles, etc. The operational software may comprise any combination of software for the operation of the scanning system and/or software for the operation of the management system 100. The authorized users and credentials may include, for example, a list of user login names and passwords. Threat profiles may include data that the threat scanning machine uses to aid in identification of threats, for example the shape of potential threat items, and/or the physical properties of an item that may indicate a potential threat. However, it should be appreciated that the data transmitted from the command and control center 10 to the threat scanning machine 106 may be any data required for the management and operation of the threat scanning machine 106 and could be used with equal effectiveness according to the present invention.
The exemplary threat scanning machine 106 communicates with the command and control center 110. The threat scanning machine 106 may receive data from the command and control center 110 and/or may transmit data to the command and control center 110. The data that the threat scanning machine may transmit to the command and control center 110 may include, for example, performance data, requests for operator assistance, threat detection data, and/or the like.
The exemplary command and control center 110 may communicate with one or more command and control centers 104 and/or 102. In the exemplary embodiment shown in
The exemplary threat scanning machine computer 202 comprises, in addition to standard computer hardware and software components, a management system interface module 220 and a scanning system interface module 218. The management system interface module 220 comprises a threat management module 212, a remote management module 214, and a maintenance server module 216. The exemplary threat management module 212, remote management module 214, and maintenance server module 216 are adapted to provide the interface and logic necessary for the threat scanning machine 106 to be connected to the threat scanning machine management system 100; these modules also communicate with the scanning system interface module 218. In an exemplary embodiment, the threat scanning machine computer 202 may be a standard PC. In another exemplary embodiment, the threat scanning machine computer 202 may be a specialized computer adapted specifically to control the threat scanning machine 106.
In yet another exemplary embodiment of the present invention, the threat scanning machine management system 100 may be designed to adapt to any existing threat scanning machine computer 202 in order to allow the threat scanning machine 106 to connect and communicate within the threat scanning machine management system.
In still another exemplary embodiment of the present invention, the management system interface module 220 can be housed in a computer separate from the threat scanning machine computer 202; this construction may be useful in situations where the execution of the management system interface module 220 may present too great a processing and/or communications burden for the threat scanning machine computer 202.
In operation, the exemplary threat management module 206 of the command and control center 104 communicates with the threat management module 222 of the command and control center 110. The threat management module 222 of the command and control center 110 communicates with the threat management module 212 of the threat scanning machine 106. The threat management information comprises any information related to the management of threats. Examples of such information include Threat Image Projections (TIPs), which are non-threat images with threats inserted into them for testing purposes, threats detected within a particular piece of baggage, or messages alerting the threat scanning machine operators to specific or general types of security risks that may be present or that may be attempted.
The exemplary remote management module 208 of the command and control center 104 communicates with the remote management module 224 of the command and control center 110. The remote management module 224 of the command and control center 110 communicates with the remote management module 214 of the threat scanning machine 106.
The exemplary maintenance server module 210 of the command and control center 104 communicates with the maintenance server module 226 of the command and control center 110. The maintenance server module 226 of the command and control center 110 communicates with the maintenance server module 216 of the threat scanning machine 106.
The command and control center 110 and the threat scanning machine 106 may communicate with each other using a predefined interface format. A predefined format allows for the command and control center 110 to be connected to any threat scanning machine 106 that has been adapted to work in accordance with the present invention. The tables below provide an example of a predefined interface between the command and control center 110 and the threat scanning machine 106. However, it should be appreciated that these tables merely represent an exemplary interface for illustration purposes. An actual interface may vary in both content and design, while still being used with equal success, depending on contemplated uses of the invention.
Table 1 shows the messages of an exemplary interface between the command and control center 110 and the threat scanning machine 106. In this exemplary interface the threat scanning machine 106 transmits messages to the command and control center 110, including, for example, Operator Bag Information, Screener Bag Information, Threat Information, Alarm Information, Threat Image Projection (TIP) Truth Information, Event Information, and/or User Keystroke Information. While the command and control center 110 transmits the TIP Configuration and Threat Detection Configuration messages to the threat scanning machine 106.
Table 2 shows the contents of an exemplary Operator Bag Information message. The Operator Bag Information message provides the command and control center 110 with information relating to a particular piece of baggage that has been scanned by the threat scanning machine 106.
In operation, the Operator Bag Information message is used to transmit information gathered by an operator on a particular bag. A supervisor or screener can review the Operator Bag Information message in assisting the operator in assessing a potential threat. Another use of the Operator Bag Information message may be to monitor the performance of an operator by placing a test bag containing a known threat or threat-like object in order to evaluate the operator's performance in identifying and assessing the potential threat. A further use of the Operator Bag Information message is to collect the messages over time in order to form statistical models of the operator bag information. These statistical models may then be used to further enhance the operation of the threat scanning machine management system.
Table 3 shows the contents of an exemplary Screener Bag Information message. The Screener Bag Information message provides the command and control center 110 with information from a particular screener about a particular piece of baggage.
In operation, when a threat scanning machine and/or operator detect a potential threat, a screener may be called upon to search the bag physically. The Screener Bag Information message is used to transmit information gathered by a Screener on a particular bag, such as the results of the physical search, threats found or not found, and any action taken by security with regard to the passenger or the baggage. A supervisor can review the Screener Bag Information in assisting the screener and operator in assessing and dealing with a potential threat. Another use of the Screener Bag Information message may be to monitor the performance of a screener by placing a test bag containing a known threat or threat-like object in order to evaluate the screener's performance in identifying and assessing the potential threat. A further use of the Screener Bag Information message is to collect the messages over time and correlate them with other system data, such as operator bag messages, in order to form statistical models of the screener bag information. These statistical models may then be used to further enhance the operation of the threat scanning machine management system.
An important aspect of the present invention, achieved through the operator and screener bag information messages, is that baggage may be tracked and associated with a particular person as that person moves about from place to place, as discussed in more detail hereinafter. For example, the information about a particular person's bag may be gathered as the person travels from location to location. The threat scanning can then be augmented with historical bag information data in order to further inform the operator, screener, or supervisor of the need for further inspection of the bag. Additionally, the baggage may be associated with an owner or carrier and vice versa, thereby permitting the threat scanning machine management system to enhance the threat scanning with auxiliary information about the owner or carrier to further enhance the security.
Table 4 above shows the contents of an exemplary Threat Information message. The Threat Information message provides the command and control center 110 with information about a particular threat detected by the threat scanning machine 106.
In operation, Threat Information messages may be transferred to the command and control center for assistance in assessment by a supervisor. Additionally, the supervisor in the command and control center may pass the message along to a more senior supervisor at a regional or national level command and control center. Further still, the system can be configured to automatically forward messages to higher levels in the hierarchy based on preselected or dynamic criteria, such as threat type or threat category. In this manner a threat that once could only be viewed and assessed on site, may now be able to be assessed by numerous people with possibly increasing levels of expertise, thereby by making efficient use of the supervisor's time through a hierarchical system of review and assessment of potential threats. This process can be carried out in a very expeditious manner through the interconnection of the threat scanning machine and the command and control centers on a distributed network. A further use of the Threat Information message is for the threat management system as a whole to scan for incidents of like or similar threats and alert supervisors and threat scanning machine operators to patterns in the data which may indicate a security breach is being attempted. Still another use of the Threat Information message is to gather information on things that have been identified as threats, but in actuality are only items of interest for purposes other than security. For example, the threat scanning machine could possibly be configured to monitor for aerosol cans within baggage and record statistics related to their occurrence in the baggage. This type of statistical information on “threats” could: be used to guide policies regarding acceptable items, for general research into items in baggage, or for other such purposes. In yet another use of the Threat Information messages, the data may be collected over time and used to build statistical models of potential threats and their rates of occurrence. These statistical models could be fed back into the threat management system in order to improve the accuracy, security, and management efficiency of the threat scanning machine management system.
Table 5 shows the contents of an exemplary Alarm Information message. The Alarm Information message provides the command and control center 110 with information about a particular alarm from the threat scanning machine 106.
In operation, the Alarm Information messages provide information useful to achieving management goals. As a current situational awareness indication, the Alarm Information may be transferred both vertically (i.e. from threat scanning machine to command and control center and on up the chain of command and control centers) and horizontally (i.e. threat scanning machine to threat scanning machine) in order to inform management and other operators of threat events in a real time manner. This real-time reporting of threat event information makes an added dimension in security response possible, namely one of recognizing a looming security risk that may be geographically disbursed. By utilizing threat scanning machine management systems in multiple countries it would even be possible for nations to collectively detect and recognize a global security threat event that was in the early stages of being carried out. By collecting Alarm Information messages over time, statistical trends may be analyzed to aid management in improving the efficiency and security of the threat scanning machines.
Table 6 shows the contents of an exemplary Event Information message. The Event Information message provides the command and control center 110 with information about a particular event that occurred at a threat scanning machine 106.
In operation the Event Information messages provide information useful to achieving management goals. As a current situational awareness indication, the Event Information message may be transferred both vertically (i.e. from threat scanning machine to command and control center and on up the chain of command and control centers) and horizontally (i.e. threat scanning machine to threat scanning machine) in order to inform management and other operators of threat events in a real-time manner. This real-time nature of the reporting of threat event information brings a new dimension in security response, namely one of recognizing a looming security risk that may be geographically distributed. By collecting Event Information messages over time, statistical trends may be analyzed to aid management in improving the efficiency and security of the threat scanning machines.
Table 7 shows the contents of an exemplary User Keystroke Information message. The User Keystroke Information message provides the command and control center 110 with details from the threat scanning machine 106 regarding the keystrokes of a user in the processing of a particular piece of baggage.
In operation, the User Keystroke Information message can be used for several management and supervisory purposes. The keystroke information may be used as a training aid by permitting supervisor to oversee the keystrokes used by a scanning machine operator and determine if the operator has used the scanning effectively, or if further training is needed in a particular area. Further, the keystroke information may be collected over time to study the efficiency of the threat scanning machine operators. Further still, the keystroke information may provide additional details to a supervisor who is assisting a scanning machine operator with a possible threat presence. Yet another use of the keystroke information may be to correlate the keystroke information with the image data and recreate, or playback, what took place at a particular machine to look for suspicious activity by the operator or as an aid in analyzing machine performance and debugging the threat scanning machine software.
An important aspect of the threat scanning machine management system is that it is capable of managing both the threat scanning machine equipment and the personnel operating the threat scanning machines.
In operation, the threat scanning machine computer 202 executes the management system interface module 220 and the threat scanning machine physical machine interface software 218.
The exemplary interface and control logic module 302 contains the logic necessary for the connection and communication with the threat management module within the control computer. The Operation Logic module 304 contains operational logic. The application programming interface (API) module 306 contains the logic necessary for interfacing with the scanning system interface module 218.
The remote management module 214 contains an interface and control logic module 308 that contains the logic necessary for the connection and communication with the remote management module in a command and control center. The operational logic module 310 contains operational logic and an application programming interface (API) component 312 that contains the logic necessary for interfacing with the scanning system interface module 218.
The interface and control logic module 314 contains the logic necessary for the connection and communication with the maintenance server module in the command and control center. Also within the threat scanning machine maintenance server module 216 is an operational logic module 316 that contains operational action logic and an application programming interface (API) component 318 that contains the logic necessary for interfacing with the scanning system interface module 218.
An exemplary embodiment of the scanning system interface module 218 is shown in
The threat management module 404 comprises an interface and control logic module 410, a report logic module 412, an instruction logic module 414, and a threat scanning machine receive and control logic module 416.
The remote management module 406 comprises an interface and control logic module 418, a report logic module 420, an instruction logic module 422, and a threat scanning machine receive and control logic module 424.
The maintenance server module 408 comprises an interface and control logic module 426, a report logic module 428, an instruction logic module 430, and a threat scanning machine receive and control logic module 432. In an exemplary embodiment, the interface and control logic modules (302, 308, and 314) of the threat scanning machine 106 may be similar to the interface and control logic modules (410, 418, and 426) of the command and control center 110.
In operation, the data management logic modules 412, 420, and 428 of the threat management, remote management, and maintenance server modules respectively communicate with the database access logic module 804. The database access logic module provides the interface connectivity to the database 808. The web server logic module 806 provides the command and control center with web service access to the database 808.
In operation, raw data from the sensor 1002 is collected by the data acquisition system 1004. The raw data is then transmitted to the reconstruction computer 1006. The reconstruction computer 1006 processes the raw data and may provide a three-dimensional image 1014 or a two-dimensional image 1012 to the operator workstation 1008. In a threat scanning machine adapted for use with the threat scanning machine management system 100, the software for the threat scanning machine management system 100 resides on the operator workstation 1008. The threat scanning machine management system 100 can download software or data to the reconstruction computer 1006, operator workstation 1008, and/or other components of the threat scanning machine that may require software or data to operate.
In operation, the unauthorized users 1202 are restricted from accessing the threat scanning machine 106 or the command and control center 110. While the encryption devices 1114 or 1120, permit the threat scanning machine 106 and the command and control center 110 to communicate in a secure manner.
In
In
In operation, each threat scanning machine 106 communicates through the LAN switch 1118 to the communications security hardware and software in order to access the public wide area network 1102.
In operation, the threat scanning machine 106 provides the following message to the command and control center 110: operator bag information, the screener bag information, the threat information, alarm information, TIP truth information, event information, and user keystroke information. The command and control center 110 provides the following messages to the threat scanning machine 106, TIP configuration and threat detection configuration.
One way that the personnel using a threat scanning machine management system can interact with the system is through computer adapted to provide a graphical user interface. The following is a description of an exemplary graphical user interface in accordance with the present invention. However, it should be appreciated that the graphical user interface shown in the figures is provided for illustrative purposes. A particular embodiment of the invention may have a graphical user interface that is implemented, configured, or adapted differently depending on the contemplated uses of the invention.
If the user selects the Remote Management menu choice, the Remote Management menu will be displayed.
If the user selects, from the main menu, the Threat Management menu choice, the Threat Management Menu will be displayed.
If the user selects, from the main menu, the Maintenance Server menu choice, the Maintenance Server menu will be displayed.
If the user selects, from the main menu, the TIP Management menu choice, the TIP Management menu will be displayed.
If the user sects, from the main menu, the Log Off menu choice, the user will be logged of the system.
If the user selects, from the main menu, the Help menu choice, the user will be presented with information on how to operate the threat scanning machine management system.
Returning to the Remote Management menu of
If the users selects, from the Remote Management menu, the Fault Reporting menu choice, the Fault Reporting dialog will appear.
If the user selects, from the Remote Management menu, the System Monitoring menu choice, the Performance Information dialog will be displayed.
If the user selects, from the Remote Management menu, the System Administration menu choice, the System Administration menu will be displayed.
Turning now to the Threat Management menu shown in
Turning now to the Maintenance Server menu shown in
If the user selects, from the Maintenance Server menu, the Profile Management menu choice, the Profile Management screen will be displayed.
If the user selects, from the Maintenance Server menu, the Download menu choice, the Download Management screen will be displayed.
Turning now to the TIP Management menu shown in
The unique architecture of the threat scanning management system 100 allows the expansion of its capability beyond that already discussed. In particular, the horizontal and vertical architecture of the threat scanning machine management system 100 lends itself to easy management and the cross-integration of information from a plurality of sources. While the embodiments discussed hereinafter will be described as integrated with the threat scanning machine management system 100, it is to be appreciated that the passenger and item tracking with predictive analysis can be used as an independent architecture and methodology.
Passenger and item tracking with predictive analysis is illustrated in
As with the threat scanning machine management system 100, the tracking and analysis module 3910 can be replicated in a hierarchical manner with, for example, a first level tracking and analysis module 3910 that cooperates with a next higher level tracking and analysis module 3910 that may, for example, be associated with another command and control center within the network of command and control centers 3980. For example, as illustrated by the one or more locations equipped with passenger and/or item tracking 3920, a tracking and analysis module 3910 can be associated with a plurality of different locations, with the tracking and analysis module 3910 capable of being collocated or non-collocated with those locations. Through this type of architecture, it is possible to create a network of tracking and analysis modules that have the capability of monitoring items and/or passengers at a plurality of different locations, nationally or internationally to provide more comprehensive protection and safety.
It may also be desirable to restrict the tracking and analysis module 3910 to only communicate with a plurality of equipment, information acquisition and/or data entry system(s) that can be used to receive information that can be utilized to track one or more of items and passengers. As such, the tracking and analysis module 3910, and associated equipment can be used as a stand-alone system.
As discussed above, each of the locations equipped with passenger and/or item tracking 3920 can have their own tracking and analysis module 3910. Alternatively, a plurality of locations can communicate with a shared tracking and analysis module 3910. Each tracking and analysis module 3910 optionally includes the further capability of being able to communicate with a next higher-level tracking and analysis module 3910. With each higher-level tracking and analysis module 3910, the system becomes more comprehensive and is capable of basing the analysis on more information relating to items and passengers.
In general, airports, shipping ports, train stations, and the like, are often configured to have multiple concourses or terminals. Each concourse or terminal may have a plurality of different screening areas with each screening area having multiple threat scanning machines as illustrated in
To achieve item and passenger tracking, an identification of each item and passenger needs to be present. For passengers, this identification is usually present and can be, for example, a boarding pass, a passport, a drivers license, a fingerprint, bioinformatics, or the like. In general, any identification that can be used to identify an individual will work equally well with the systems and methods of this invention.
Each item also needs to be identifiable. This identification can come in numerous formats including, but not limited to, a Radio Frequency Identification (RFID) tag or bar code associated with the item, shipment tracking information, shipment container information, or the like. While the exemplary embodiment will be discussed in relation to airline passengers and items, such as baggage, it is to be appreciated that the general concepts disclosed herein can be extended to any type of item in any type of environment. For example, the system can be extended to include vehicle tracking, cargo tracking, shipment tracking, or in general, tracking of any item or person. In general, provided there is a scanning and identification reading capability, such as a threat scanning machine, walkthrough metal detector, or the like, that is capable of reading an identifier associated with one more of an item and a passenger, that item and/or passenger can be tracked and a analysis of the contents performed. This analysis can include a comparison to historical information as well as a prediction about the future threat capabilities of an item, individual or group of individuals.
Up to this point, the threat scanning machines 106 have been discussed as having the capability of being able to detect objects readily identifiable as threats. However, the threat scanning machines 106 can also be configured to detect additional characteristics about an item, such as object(s) associated with the item, weight, color, dimensions, or in general any other information that could be useful to assist with the tracking and analysis of that particular item.
In operation, an item is associated with a passenger. However, if the item is not passenger related, the item can be associated with, for example, the shipper, owner, sender, or in general any entity that is associated with the item. For example, in an airport type environment, the item, such as one or more pieces of baggage, can be associated with a passenger when the passenger checks-in their baggage at the ticket counter. This process could be implemented manually where, for example, the ticket agent enters information about the passenger and number of items. The check-in counter could also be equipped with suitable scanning equipment that is capable of associating one or more of an item identifier and passenger identifier with the item(s) and passenger(s), respectively.
Upon check-in, the item tracking module 3912 and passenger tracking module 3914 are updated with the item and passenger identification(s), respectively. For example, the item tracking module 3912 and passenger tracking module 3914 can store information indicating that “Passenger X” has 2 checked bags and one carry on. Upon arrival at the security checkpoint, a passenger generally places their carry-on baggage on a conveyor for scanning by a threat scanning machine 106 and passes through a walk through metal detector (WTMD) 3950. In conjunction with performing the threat analysis, the threat scanning machine 106 also obtains the item tracking identification associated with the scanned baggage and forwards the results of the threat scanning to the item tracking module 3912. These results can include, as discussed above, an identification of any threat, as well as any supplemental information regarding the baggage such as, for example, weight, contents, dimensions, or the like.
Similarly, the walk through metal detector 3950 can be equipped with a passenger identification scanning device, such as a bar code reader that may read a bar code associated with a boarding pass, passport, drivers license, or the like. Upon obtaining this passenger identification, the walk through metal detector 3950 forwards information to the passenger tracking module 3914 regarding, for example, the time, date, passenger destination information, passenger origination information (if the passenger was from a connecting flight or another area), or in general any other information that may be relevant to passenger tracking.
The passenger and item information, upon receipt at the tracking and analysis module 3910 can be stored and indexed as well as forwarded to additional tracking and analysis module(s) (not shown) as appropriate. For example, certain profiles can specify that, for example, all information obtained from the major airports and shipping terminals throughout the world be automatically forwarded to one or more higher-level tracking and analysis module(s) for storage and indexing. Similarly, all information relating to passengers traveling to a certain destination, and/or an interim destination, could be forwarded to a tracking and analysis module that analyses passenger and item traffic for a particular geographic region. In general, the handling of the passenger and item information can be configured in any manner as appropriate.
Advantageously, in addition to threat detection as previously discussed, the threat scanning machines 106 are configured with the capability of identifying contents within an item. For example, through the use of backscatter techniques, bills of ladings, the manual entry of contents within items, or the like, the threat scanning machines 106 are able to compile and forward to the item tracking module 3912 a list of contents within each item. As will be discussed in more detail hereinafter, it will become apparent that threats may not be one readily identifiable object but rather could be various pieces and parts that could be assembled to create a threat. Thus the determination of all or a portion of the contents could be important and could also be accomplished automatically where, for example, the system detects content based on one or more of size, shape and density. By tracking contents within each item, and in conjunction with the analysis module 3916, the systems and methods of this invention are able to perform predictive analysis regarding whether a threat is present, or could be present, based on various contents that may or may not be associated with the same item, at the same location, or even it the same country.
Once the item tracking module 3912 and passenger tracking module 3914 receive the item and/or the passenger identification, as well as information associated with that item and/or passenger, the analysis module 3916 analyzes information associated with the item, such as contents, and information associated with the passenger, such as historical traveling patterns, or the like in an attempt to predict whether that item and/or passenger poses a threat.
For example, as previously discussed, a gun or a knife is a readily identifiable threat. However, it becomes more challenging when items which are not themselves considered as threats, are combined with other objects to become a threat. For example, a hammer, barrel and grip of a pistol taken by themselves are not a threat, but when combined obviously raise the status of the items to a threat. Less obvious items could be an aerosol can, a lighter and rubber band or tape. Again, while each of these devices alone may not present a threat, the rubber band or tape could be used to hold open the nozzle on the aerosol can thus creating a frame thrower. Similarly, BB's and glue are not in and of themselves threats, though if the glue was used to secure BB's to an explosive device, this would obviously cause the potential for concern due to the BB's being used as shrapnel. Similarly, numerous chemical materials by themselves do not pose a threat. However, when combined, could be a serious threat.
With the information obtained by the item tracking module 3912, the analysis module 3916 is capable of performing an analysis of all or a portion of the contents associated with the item, and compares the obtained information to, for example, information associated with one or more other items and/or passengers to determine if contents identified as non-threats could become threats if combined with other items.
For example, assume a Passenger A boards at London Heathrow Airport with chemical A in a carry-on bag. Passenger B boards an airplane in Atlanta with chemical B in a carry-on bag. Both passengers are destined for JFK and upon arriving at JFK, board a plane destined for LAX. As in the previous example, chemical A and chemical B taken alone do not pose a threat. However, chemical A and chemical B when combined produce an explosive and now, since both passengers are on the same flight, could present a threat. Similarly, through the tracking of items and passengers, the system can be used to determine if, for example, one of the passengers no longer has all or a portion of the chemicals in their possession. For example, it a coordinated attack where Passenger A is scheduled to pick-up chemical B at JFK, the threat scanning machines at JFK could determine when Passenger B passes through a threat scanning machine 106 that passenger B no longer has chemical B. The appropriate alerts could then be raised by the alarm module 3918 in relation to Passenger A and the appropriate security officials at the JFK airport notified. Similarly, a determination could be made about whether the weight of Passenger B's bag has changed and thus Passenger B may have only dropped off a portion of chemical B in the airport, thus raising two alarms, one for the passenger and one for airport security indicating the chemical could be present somewhere in the airport facility.
As another example, it may be desirable to keep Passenger A and Passenger B from traveling aboard the same aircraft. Similar to the above example, the threat scanning machine could be used to track whether Passenger A and Passenger B attempt to board the same aircraft. If they do, an appropriate alarm could be generated by the alarm module 3918.
The analysis module 3616 can take into consideration any relevant factor in determining whether a possible threat could exist. As with the previous examples, this information is not limited to content associated with an item, but can also include historical and future itineraries of the passenger, historical and future information about the item(s), origin and destination information about the items, and the like.
As discussed above, the network of threat scanning machines 106 could provide the information about items that allows the evaluation and analysis of contents to determine if there could be a group of related items that, when combined, could pose a threat. The analysis includes evaluation and analysis of the various items, and possibly a comparison to other items, for example through the use of an expert system, artificial intelligence, fuzzy logic, neural networks, or the like, to determine if a threat is present based on the various individual items and/or passengers. For example, the analysis of the items can account for historical information, origin information, destination information, and the like, as well as a comparison to other individuals' items and contents to determine if a threat exists.
In addition to the scanning by the one or more of the threat scanning machines 106, walk through metal detectors 3950, or any other scanning device or system that identify and forward information regarding items or passengers to one or more of the item tracking module 3912 and passenger tracking module 3914, manually entered information regarding items and passengers can also be forwarded to the item tracking module 3912 and passenger tracking module 3914.
For example, personnel manning a security checkpoint can forward information to one or more of the item tracking and passenger tracking modules that could be useful in determining whether a threat exists. For example, through the use of one or more of a passenger or item identifier, information regarding suspicious behavior of a passenger, a passenger leaving before boarding a plane, or the like, can also be taken into consideration by the analysis module 3916. Thus, it is to be appreciated, that not only can information be forwarded to the item tracking module 3912 and passenger tracking module 3914 prior to, for example, a passenger boarding in an aircraft, but information regarding that passenger and associated items be collected upon departure from the aircraft and/or airport. Therefore, the analysis module 3916 could do a comparison between passenger(s) and/or item(s) before and after the traveling.
The analysis module 3916 is accessing a hierarchy of information to assist with the analysis of items and passengers starting with, for example, other items and passengers that meet specific criteria. For example, the analysis module 3916 could first analyze items associated with a passenger at a particular threat scanning machine 106. If an alert is warranted based on this first tier of analysis, an alert can be sent to the appropriate destination with the cooperation of the alarm module 3918. Similarly, if the analysis warrants the raising of a risk level associated with one or more of the item and passenger, the network of command and control centers 3980 can be notified to indicate this change in risk level. Likewise, a determination can be made whether a broader analysis should be made and information regarding the item(s) and/or passenger(s) forwarded to a next higher-level tracking and analysis module. For example, if the passenger is flying on a local hop from Oklahoma City to Dallas-Fort Worth, and the passenger has been making the identical trip for the past seven months, with the same number of items, it may not be necessary to forward information regarding that passenger and associated item(s) to the next higher-level tracking an analysis module. However, if, for example, the passenger is a first time flyer with the destination of Washington, D.C., and the passenger has no checked bags, and only one small carry-on bag, it may be advantageous to forward that passenger's information to a next higher level analysis module for comparison to, for example, other passengers and items on the same flight. This escalating analysis and forwarding can continue until a determination is made that an alert need not be sent, the risk level need not be raised, and further analysis need not be performed.
In an exemplary implementation, the analysis within an analysis module 3916 can be based on a comparison between item and passenger information and information stored in, for example a look-up table. This could be a simple one to one correlation and if certain conditions are satisfied, one or more of an alert, risk level and elevation to a next higher-level analysis module could be performed. Alternatively, or in addition, the analysis can be based on an expert system, an artificial intelligence system and/or in conjunction with human review of the information relating to items and passengers. With the hierarchical nature and capabilities of the analysis module to forward information to a next higher-level analysis module, cross-integration and comparison of information can be performed on a local basis all the way up to a global level that could include, air traffic, shipping traffic, public transportation traffic, cargo traffic, and the like. Similarly, different agencies, governments, other entities and the like can coordinate scanning and screening efforts.
The alarm module 3918 works in cooperation with the analysis module 3916 to send an appropriate alarm upon the analysis module 3916 determining that an alert is required. The alarm module 3918 is capable of sending an alert to a particular destination associated with a local threat scanning machine 106 or walk through metal detector 3950, as well a security group assigned to that geographic location, or, for example, where there is evidence of collaboration, to any other destination as may be appropriate. For example, and in accordance with the previous example where Passenger A with chemical A and Passenger B with chemical B are both preparing to travel to JFK, and then share a flight to LAX, the airports at London Heathrow, JFK, Atlanta, and the airlines on which they are traveling can all be notified by the alarm module 3918 that a threat may exist. The alarm module 3918 can also be used to send alerts and to raise a threat status based on the outcome of the analysis by the analysis module 3916.
As also alluded to earlier, if the passenger tracking module 3914 is tracking the whereabouts of passengers and their associated items, the frequency with which a passenger enters and reenters a screening area can be tracked and, for example, if the passenger(s) reenters too many times, it can trigger the sending of an alert or raising of the risk level by the alarm module 3918. Similarly, if the passenger enters numerous different screening areas, and they appear to be on the same flight, this could also trigger an alert or raising of the risk level by the alarm module 3918.
Taken a step further, flying habits can also be monitored and the hierarchy of the present invention is uniquely configured to monitor this type of information since the item tracking module 3912 and passenger tracking module 3914 are capable of forwarding their information to one or more centralized databases that can be accessed by one or more other analysis modules for performing threat assessment.
Even further, the passenger tracking module 3914 and item tracking module 3912 can cooperate with, for example, threat scanning machines 106 that are placed at the entrance of the airplane and can collect information related to one or more of items and passengers immediately prior to boarding. The analysis module could then perform an analysis between when the baggage went through a previous security checkpoint and the passenger/item bag as it is loaded onto the airplane. For example, a comparison can be made between the weight of a carry-on bag at the security checkpoint and the weight of the carry-on bag at the airplane. If a difference exists, there may be sufficient cause to send an alert and or alter a risk level. Similarly, equipment can be installed that allows the monitoring of the actual passenger(s) who board an aircraft. This information can be forwarded to an analysis module 3916 that can compare that information to information the tracking and analysis module 3910 already has regarding who should be on the airplane. If there is a discrepancy, one or more of the alert and/or entering of the risk level can be initiated.
The analysis by the analysis module 3916 can be based on one or more of any of the following: contents, number of items, weights, frequency of travel, duration of stay, origin information, destination information, connection information, owner information, a comparison to other items or passengers “in the system,” a comparison to “common” content, trip patterns, historical travel information, port origination information, destination port information, number of passenger traveling together, relationship between the passengers, or the like.
For example, if the passenger is departing from Florida and heading to Alaska in the middle of the winter, and the passenger does not have any items such as extra winter clothing, an alert and/or risk level can be altered. Similarly, if a passenger's trip includes driving to a train station, taking a train from a first destination to a second destination, catching a plane to a third destination, and a ship to a fourth destination, the passenger and the items with that passenger can at least be checked every time the passenger changes their mode of transportation to verify continuity between the items that passenger has with them. If, for example, the content within an item has changed, during the course of the trip, one or more of an alert and/or altering of the risk level can be performed.
The report module 3922 can be used in conjunction with any component of the passenger and item tracking system to compile and produce reports related to any one or more of alarms, threat levels, items, passengers, status of the system, historical information, prediction information, or the like, and can be forwarded to any destination, such as a threat scanning machine adapted to receive communications from the passenger and item tracking system and/or one or more command and control centers, either electronically, such as in an e-mail or on a web page, or in a more traditional paper based manner.
In step S140, an analysis is performed on the obtained information and compared to other information, such as, but not limited to historical information, base-line information, and the like. Control then continues to step S150 where a determination is made whether an alert should be sent based on the analysis. If an alert is to be sent, control continues to step S160 where an alert can be sent to one or more destinations and/or entities. For example, alert information can be forwarded to one or more “officials” and/or screeners. For example, if there is something suspicious about a person a screening position X, the alert information can be displayed the next time the person's identifier is displayed, e.g., at screening position Y. In this manner, both the operator and/or screening point Y can be alerted to the suspicion. Similarly, if there is a suspicious item, information about the item can be retrieved and displayed each time the item identifier is detected. For example, the alert information, or a derivative thereof can be displayed to a supervisory location, on a portion of an operators screen, on dedicated alarm information displaying equipment, on a wireless device(s), anywhere in the network of command and control centers, to an adjacent or governing agency, such as railways, police, FBI, etc., DHS, or the like. In a similar fashion, while alarm information can be forwarded vertically up the “chain of command” alert information can be distributed down the chain. For example, if an agency, such as the FBI, has a specific individual targeted, the system could be notified that upon presentation of that individual's identifier to the system, an alert could be sent, for example, back to the agency that specified the watch, can notify the location where the individual is to take appropriate action by, for example, manual screening, or the like.
Otherwise, control jumps to step S170 where a determination is made whether a risk level should altered. If a risk level is to be altered, control continues to step S180 where a database is updated with the new risk information. This database can be collocated with a local passenger and item tracking system, and/or associated with the network of command and control centers. Control then jumps to step S190.
In step S190, a determination is made whether to forward the obtained information to a higher-level passenger and item tracking system. If the information is to be forwarded to a higher-level passenger and item tracking system, control continues to step S210. Otherwise, control jumps to step S200 where the control sequence ends.
In step S210, the obtained information is forwarded and stored at a higher-level passenger and item tracking system. In step S220, an analysis is performed on the obtained information and compared to other information, the scope of which can be specified in accordance with, for example, a set of rules. Control then continues to step S230 where a determination is made whether an alert should be sent based on the analysis. If an alert is to be sent, control continues to step S240 where an alert can be sent to one or more destinations and/or entities.
Otherwise, control jumps to step S250 where a determination is made whether a risk level should altered. If a risk level is to be altered, control continues to step S260 where a database is updated with the new risk information. This database can be collocated with a local passenger and item tracking system, and/or associated with the network of command and control centers. Control then jumps to step S270.
In step S270, a determination is made whether to forward the obtained information to a higher-level passenger and item tracking system. If the information is to be forwarded to a higher-level passenger and item tracking system, control jumps back to step S210, otherwise control jumps to step S280 where the control sequence ends.
As shown in the above figures, the threat scanning machine management system with passenger and item tracking can be implemented on a general-purpose computer, a special-purpose computer, a programmed microprocessor or microcontroller and peripheral integrated circuit element, an ASIC or other integrated circuit, a digital signal processor, a hardwired electronic or logic circuit such as a discrete element circuit, a programmed logic device such as a PLD, PLA, FPGA, PAL, or the like. In general, any process capable of implementing the functions described herein can be used to implement the system and methodology according to this invention.
Furthermore, the disclosed system may be readily implemented in software using object or object-oriented software development environments that provide portable source code that can be used on a variety of computer platforms. Alternatively, the disclosed system may be implemented partially or fully in hardware using standard logic circuits or a very large-scale integration (VLSI) design. Other hardware or software can be used to implement and supplement the systems in accordance with this invention depending on the speed and/or efficiency requirements of the system, the particular function, and/or a particular software or hardware system, microprocessor, networking, or microcomputer system being utilized. The system illustrated herein can readily be implemented in hardware and/or software using any known or later developed systems or structures, devices and/or software by those of ordinary skill in the applicable art from the functional description provided herein and with a general basic knowledge of the computer and network communication arts.
Moreover, the disclosed methods may be readily implemented in software executed on programmed general-purpose computer, a special purpose computer, a microprocessor, or the like. In these instances, the systems and methods of this invention can be implemented as a program embedded on personal computer such as JAVA® or Common Gateway Interface (CGI) script, as a resource residing on a server or graphics workstation, as a routine embedded in a dedicated security system, or the like. The system can also be implemented by physically incorporating the system and method into a software and/or hardware system, such as the hardware and software systems of a security network.
It is, therefore, apparent that there is provided in accordance with the present invention, systems and methods for managing threat scanning machines with passenger and item tracking. While this invention has been described in conjunction with a number of embodiments, it is evident that many alternatives, modifications and variations would be or are apparent to those of ordinary skill in the applicable arts. Accordingly, applicants intend to embrace all such alternatives, modifications, equivalents and variations that are within the spirit and scope of this invention.
