6.1 Introduction

Despite their traditional conceptual separation within the realm of risk, safety and security management experience increasing functional connections at an organizational level. Synergies between safety and security have been explored in the literature from a systemic perspective, with the ultimate goal of better protecting Critical Infrastructures (CIs) from unintentional and intentional events, either by reducing vulnerability or by improving defenses, or both. Organizational studies that focus on the end-user of the safety and security experience are less common. In this chapter, we propose a conceptual framework that incorporates an end-user perspective to safety and security. The ultimate goal of our work is to lay the foundations for innovating safety and security experience in CIs.

6.2 Background and Method

In modern organizations, safety and security are often considered two distinct sets of issues. CIs have an outstanding sensitivity to the likelihood and consequences of disruptions to their operations. In their risk management efforts, most CIs have developed unprecedented levels of granularity and specialization with regards to safety and security, which has led to the creation of two distinct organizational functions. Typical features and organizing principles have been illustrated in the literature [8], which stem from the very ontology of safety and security as defined by the absence or presence of malicious intent behind the related risks [10].

Safety and security are systemic properties and their neat distinction has been a valid approach to manage risks in times where systems were mainly composed of electromechanical constituents [16]. However, modern systems are increasingly built as a combination of sub-systems, where emergent properties are often unpredictable. The increasing relevance of the cyber aspects of safety (to a lesser extent) and security (the majority), besides their more traditional, physical nature, is a proof of these dynamics. Several pieces of research conclude on the need for a more holistic approach to safety and security [2, 4]), in particular disregarding the nature of systemic accidents’ causes (e.g., malicious vs. accidental) and focusing on constraints that would prevent systems from being vulnerable to both safety and security accidents [16]. A holistic approach needs to be built around the commonalities existing between safety and security and various options have been proposed in the literature [9].

This chapter elaborates on some of the aforementioned features, in particular: (a) a strategic viewpoint on safety and security; (b) a mission-driven approach; (c) consideration for a broad range of stakeholders; and (d) safety and security co-design of complex, sociotechnical systems. Further, this chapter is intended to suggest an escape way from one of the most compelling dilemmas that characterize safety and security management (as components of organizational risk management regimes): processes that require extensive use of resources to prevent high-impact, low-probability events, and that do not usually produce tangible, positive value for users beyond loss prevention (Piètre-Cambacédès and Bouissou defined them as “eternal killjoys”, [9]). To do so, we elaborate the concept of safety and security experiences, the combination of organizational policies and management and systemic features (e.g., human, technology, etc.) around safety and security, as “lived” by end-users. To configure a holistic perspective to safety and security experiences that yield value for users, we adopt a design-based perspective.

We postulate the suitability of design thinking as a methodology for innovating safety and security as a holistic user experience. Through problem-framing and re-framing, design thinking addresses problems that, like safety and security, present multiple perspectives, typical of complex systems [6]. Design thinking is a learning-driven, human-centered approach [7], suitable to shape behavioral change and human factors. It leverages the potential of collaboration among teams and stakeholder engagement to reduce individual cognitive biases [7]. Finally, design thinking synthesizes users’ needs with what is technologically achievable and economically viable to yield user value [3]. We welcome Jeanne Liedtka’s design thinking framework (2015) in three stages: (A) Data gathering about user needs; (B) Idea generation;and (C) Testing and build on research conducted in safety and security management in international airports in Australia [2].

6.3 Design-Led Innovation in Safety and Security

Design-inspired methods require to re-consider the meaning of things and look beyond what we usually do with them [15]. In airports, safety and security are traditionally organized around regulatory requirements implemented in a managerial context. One of the most common loci for airport security are the security screening points, where passengers are invited to surrender prohibited items and required to go through X-ray portals and have their baggage scanned. While acknowledging that safety and security have different meanings and applications based on involved stakeholders and location, we focus on the security screening points as loci for the safety and security experience of external users (passengers and general public). We also assume that our design-inspired methods are applied in a team setting, with participants (e.g., designers, airport managers, passenger, etc.) tasked with improving the safety and security experience.

In terms of data gathering about safety and security users’ needs (A), a stakeholder map of the safety and security experience in airports would have the external users as the core of a system composed by several actors: cleaners, airline employees, retail workers, safety and security officers, etc. Such actors contribute to shaping users’ safety and security experience. Acknowledgment of the variety and specificity of users’ categories is one of the tenets of design thinking and a key component of building a positive safety and security experience. This is in sharp contrast with traditional airport safety and security, which tends to consider external users as one broad category, with little to no room for customization [1].

User-persona maps [13] synthesize categories of users in concise, yet deep, representations and can be created by elaborating data obtained through interviews of passengers undergoing security screening. For example, Alfred (64) is an empathetic, money-conscious and family-oriented, one-off traveler, who travels once a year to visit his daughter abroad. He has a genuine passion for learning new things. Risk-averse, Alfred loves when he and his family feel safe. He does not mind putting up with smaller “paper-cuts” (e.g., bureaucracy, time) when the ultimate goal is safety. He loves talking to people, including security officers at the screening points. He is a fan of the TV show “Airport Security” as he admires the order and firmness portrayed. On the other hand, for example, Wendy (41) is a driven businesswoman, punctual, determined, and career-oriented. Wendy has no time to waste. Single by choice, she is a marketing manager and travels for work twice a week. Smart and successful, she cannot live without her mobile phone. Wendy feels that security is an annoyance and she sometimes argues with the security officers. She cannot understand why airport security is so cumbersome, as no terrorist attacks have been recorded lately. She would spend some extra time working or shopping, rather than queuing for security.

These are two examples, and once sufficient categories of users are reviewed, user-journey mapping [13] is used to trace the touchpoints through which the safety and security experience in airports is lived. This can involve user interaction with specific products (e.g., digital technologies), people (e.g., operators), or services (e.g., floor-cleaning at the security point). User-journey maps help visualize the existing user experience to empathize with users, laying the foundations for enhancement [5]. In a user-journey map, it is important to identify the touchpoints that are most prominent to shape the user experience. Using the persona of Alfred, we can identify the following stages of a hypothetical user-journey map: 1. Research; 2. Purchase; 3. Preparation; 4. Transfer; 5. Security screening; all mapped against Alfred’s feelings and actions (Table 6.1).

Table 6.1 User-journey map (Alfred)

Alfred’s journey map clearly differs from the one Wendy would have. This suggests that their safety and security experiences need to be designed differently. After review of the user-journey maps, painpoints can be identified and utilized as the starting point for enhancement efforts. In this stage, user interviews are essential to produce richer qualitative insights.

In terms of ideas generation (B), to facilitate the creation of innovative ideas aimed at improving the safety and security user experience in airports, we propose using several structured ideation lenses [11]. For brevity, two such lenses are described in this chapter.

First, derive entails exploring other industries and/or businesses in search for similar problems and identify existing solutions to such problems, to derive inspiration for ideation.Footnote 1 Derive requires the ability to immerse real-world solutions in a context where they were not originated. Consider the following scenario: Wendy, our driven business woman, goes through airport security screening several times a week. This, as indicated in the literature [12], is a stressful experience for passengers, with potential health and safety repercussions. How would a company like Amazon provide a stress-free experience at one of its tightest user touchpoints? Amazon gathers as much customer information as possible to offer more personalized services. This could suggest having security and safety officers adapt their attitude toward Wendy, if they knew that she is a determined person, who does not like to waste time with security screening.

Second, utilize requires focusing on the under-utilized assets present in an industry, business model, or user experience and ideates original ways of leveraging their untapped potential. Consider Alfred, our one-off traveler, in his interaction with the safety and security experience at the airport security screening point; what idle assets could be identified that airport management would want to better leverage? The customer feedback that many airports request at the end of the screening process is an example to leverage the passenger’s feelings/time.

The ultimate goal of structured ideation is to produce as many ideas as possible, and present them to all participants in the design exercise, to maintain a collaborative approach. However, in order to render idea generation fruitful, a limited number of final solutions has to be filtered, to check for feasibility, potential for impact, profitability, etc. [5]. This can be done in a single round or several rounds, by giving participants in the design exercise the possibility to vote for one or multiple winning ideas.

Lastly, testing (C) entails experimenting with the solutions deemed the most feasible and conducive of practical impact. To simplify, we assume that the participants in our design exercise ideated a dedicated security screening mobile app (SecScreenApp). Wendy, the driven business woman of our example, was identified as the target user. The app could perform the following:

  • Send a location-based alert when the user enters the security screening point area, to request activation;

  • Provide information on the security screening process: estimated waiting time, estimated time to boarding gate, etc.;

  • Offer the user information on the latest deals at the duty free, giving the opportunity to book specific products/services for later collection (e.g., a haircut, a coffee at a specific café);

  • Incorporate an interactive form for user feedback before and after the screening process;

  • Advise the user when they need to put the mobile phone away, as they are approaching screening.

A storyboard provides a representation of the steps involved with the newly designed safety and security experience and allows participants to identify the phases that need to be tested with the users and the ones that can be prototyped without testing. Figure 6.1 illustrates an example of a storyboard for SecScreenApp.

Fig. 6.1
figure 1

Example of a storyboard for a dedicated security screening mobile app

6.4 Discussion and Conclusion

We utilized design thinking as an approach to explore the safety and security experience of airports’ external users and create conditions to innovate it. In our example, we focused specifically on security screening. Data gathering about safety and security users’ needs, ideas generation, and testing are all fundamental phases in the design process. Nonetheless, helping safety and security professionals know their users better may be the most crucial priority. A user-centric approach to safety and security is not a natural perspective. Safety and security are rarely the core business of organizations. The approach we adopted meets calls in the literature for a holistic perspective on safety and security [1, 4], one that leverages their strengths to a mutual benefit. We endorse a user-centric perspective, which implies a shift from traditional legal and managerial considerations of safety and security. These different views are summarized in Table 6.2, where the design approach is the focus proposed in this chapter.

Table 6.2 Approaches to safety and security in airports: a synthesis

Building on design thinking’s collaborative perspective, broad stakeholder engagement is incorporated in the approach we propose. Further, delivering a memorable safety and security experience addresses calls in the literature to overcome risk management’s dilemma as an organizational function that uses resources to prevent losses, not to create tangible value [9].

It is worth mentioning that the conceptual and methodological model we propose is yet to be tested in an airport. Besides, from a generalisability standpoint, the proposed model suggests an application to airports. Its suitability needs to be tested in other CIs, but research shows how a user-centric approach can be utilized in a broad range of environments [14].

The core takeaway from this chapter is a complementary, user-centric perspective to safety and security, besides the legal/managerial stance traditionally embraced in airports. These concepts can be extended to other CIs (for example, electrical substations, train stations, or, in case of major events, stadia) to facilitate an innovative approach to safety and security, one that goes beyond loss prevention.