Small Wars Journal

A Dynamic Field Of Defence Against Terrorist Weapons Options

Fri, 07/06/2018 - 10:42am

A Dynamic Field Of Defence Against Terrorist Weapons Options

Christopher Flaherty


A dynamic field of weapons options available to terrorist, extremist or violent attackers, represent a spectrum. The use of highly complex weapons to the use of simple weaponization of common, and everyday items. The defence against these varied threats needs to follow an elastic set of options rather than a lineal progression from the simple to the complex external hardening of inner-city massed public events. Organised by community groups, these events involve differing levels of security, between which a gap can develop between policing and security workers, and the vast number of public volunteers used to organise the event. Viewed in terms of tactics, techniques and procedures (TTPs) analysis, this article reviews the problem of how gaps in security occur during inner-city massed public events and explores a possible solution by augmenting established security with a dynamic defence approach.

Inner-City Massed Public Events

The key security problem unlaying inner-city massed public events is coordination, and information flow between a large event work force. Large-scale street events can occupy many square kilometres of major inner-city precincts. Largely in the hands of community and local government the organisation of these events and time duration can involve not only thousands of participants, and million+ onlookers, in addition to a few thousand police, paid event security, and the use of large contingents of volunteer stewards to work at the event. The current trend in security planning for these events has seen ever deeper deployment of road blocking, and anti-vehicle barriers, and the banning of unauthorised vehicle traffic for the duration of events, that lock down much of the city centre and its transport infrastructure. In most places, the event footprint is marked-out with provisional fencing occupying a large physical space.

Within the traditional event footprint these spaces are typically in the hands of the event staff, embedded contingent of police foot patrolling, ambulance and emergency workers, paid event security and a variety of volunteer stewards, acting as crowd controllers who have a primary function to maintain barrier security, all ensuring crowd onlookers do not enter the event space. A lack of communication, coordination, and even lack of skills and confidence can lead to a fundamental gap in the overall security.

Within the event space itself there can be thousands of parade, sporting or other participants, which at times may be more tightly packed together along a section of street of only a few thousand square-meters, awaiting their turn, than the crowds along a street event viewing the event. According to UK event guidance the suggested safety crowd limits, ‘are typically assessed at two people per square metre’ (Still, 2018); in many cases the overload of participants occupying closed-in streets can easily overstep this limit; and more significantly this over-crowding situation can last for a few hours, awaiting forward segments of a parade to move-off. Dense-packing of participants can lead to an inversion of the potential for crowd-crush. Typically, the public security model is focused on event-onlookers, not the problem of event-participants being involved in a crowd-crush incident. In short-duration events this problem of event-participant crowd-crush is less likely, whereas in the long-duration event (such as a day-long, or night-long) where it may require the event-participant to stay in-situ, the risks of potential problems can start to rise. The secondary concern is that leaving large numbers of event participants crowded together creates a target opportunity for an attacker.

Dynamic Field Of Defence Against Varied Weapons Options

The type of weapons used (and what constitutes one) can dramatically shift for a variety of reasons and circumstances, even the beliefs, and behaviours among various attackers can affect the decision to use one weapon, over another, or to weaponize (Flaherty, 2018; 2012). The choice of attack can oscillate between using simple or complex weapons, or the weaponization of something. The dynamic field of weapons options creates asymmetric possibilities for an attacker that need to be factored into counter-measures.


Figure 1: Illustrates an attackers’ use of weapons and weaponization moved between four fields, offering a spectrum of options, within which another cycle operates establishing a defence against these varied threats.

The attackers’ field of weapons options oscillates between four options (Flaherty, 2018):

  • A-Quarter. Represents the effort to reproduce or replicated existing weapons technology, such as explosive devices.
  • B-Quarter. Represents the effort to create new and unknown weapons that operate as an asymmetric advantage over conventional counter-measures.
  • C-Quarter. Represents the use of conventional small arms and light weapons.
  • D-Quarter. Represents the weaponized use of everyday items that conventionally are not weapons at all, nevertheless are used as weapons.

A-TO-C QUARTER: Represents the two competing efforts - an attackers’ effort to reproduce or replicated existing weapons technology, such as explosive devices. Historically, the use of these types of attack have led the creation of various security measures. In this instance, an effective security regime is established. This same set of security measures are also effective against the alternative situation where attackers continue to use conventional small arms and light weapons, which could foreseeably be countered by the established security.

B-TO-D QUARTER: Represents an attackers’ effort to create new, or unknown weapon that operate as an asymmetric advantage over conventional counter-measures. In this category, existing security arrangements do not cover the explicit threat posed by the unknown weapon. This is an example of where, even though there is a security regime in place, these measures fail to operate in regard to the unknown weapon, giving the attacker an opportunity to attack where there is effectively no security in place.

Within the D-QUARTER, the continuing process of devolution occurs where everyday objects are used that conventionally are not weapons at all; are weaponized using any available item as a weapon, as long it as it can cause injury or even kill a person. The use of an item, even if something not conventionally seen as a weapon is not uncommon, as virtually any implement can be used to attack a person offensively as a weapon and cause bodily harm. This scenario leaves open the possibility of an attack even where security is in place, as this fails to operate, as it does little to counter an attack as the item to be used as a weapon fails to raise any concerns, and therefor is not challenged as it is brought into the event space, or there is no means to stop it entering the event space. For instance, the use a car on a busy street which is suddenly used by an attacker in a ramming-attack by swerving onto a footpath, and into pedestrians. In this case, even though there is a substantial level of public security, such as CCTV and police patrolling this nevertheless fails to offer any counter to the car being used without warning.

The dynamic use by attackers of weapons and weaponization items leads to possible extremes: the event has proper security coverage; or it does not. In effect, security at an event moves between two polar extremes:


Figure 2: Represents the two polar extremes that offer a defence against these varied options or no defence. This basic model can be further modified that various security layers within the same event can either have security, or not have security. An alternative scenario can also be envisaged where the established security only screens-out a particular threat, such as stopping a vehicle-borne IED but allows a person through carrying a small portable IED which the second level of security at the fence barrier does not stop either.

Security Response Gaps

Typically, a two-step process guides security reactions during an event:


Table 1: Two-step security reaction process. (Commonwealth of Australia, 2017)

The use of volunteers to manage crowds is a common feature of inner-city massed public events, their role includes providing information, assisting people getting access to the event, moving crowds along, and organising the event participants. A key advantage with the use of volunteer crowd stewards is that these are in constant contact with participants, and onlookers, as well managing the barriers and gate-entry into the event area. These volunteers effectively form the first line of surveillance (even if there is extensive CCTV in the area):

  • “Employees working in crowded places and members of the public are often best placed to detect suspicious behaviour. It is important that owners and operators of crowded places do everything they can to raise awareness of possible suspicious behaviour among those using their sites.” (Commonwealth of Australia, 2017)
  • Typically, a volunteer crowd steward does not have any radio communications; they are limited to voice over the noise of the street and the din of the parade (Flaherty, 2011). It is acknowledged that:
  • “everyone has a responsibility to report suspicious behaviour to the authorities.” (Commonwealth of Australia, 2017)

A potential gap that can arise, is that two different communication systems operate during inner-city massed public events; the volunteers rely on direct sight and voice contact; whereas police foot patrols and paid event security are dependent on CCTV for initial detection and alert system to direct their operations via radio. The volunteer crowd stewards are often in only voice communication with a head-steward, who has radio communications with the event management team. It is via this communications limb that the event management team can contact police foot patrols, or direct paid event security to take-over where the steward has seen a problem.

Realistically, if a serious problem was to arise, in most cases volunteers are instructed to make direct contact (while trying to report an incident up their own chain-of-command) with the paid event security, or even the police. In some jurisdictions, however, direct contact is not always possible. Alternatively, a lack of skills and knowledge, and the lack of confidence to make an approach initially blocks possible assistance; leading to a gap in security opening.

Deterministic Security Planning

A deterministic security plan is based on a prior assessment that a certain type of attack is likely. For instance:

“Attacks on crowded places overseas, including London Bridge and Borough Market in June 2017, Manchester Arena in May 2017, the Berlin Christmas market in December 2016, and the Bastille Day parade in Nice in July 2016, demonstrate how basic weapons— including vehicles, knives, and firearms—can be used by terrorists to devastating effect.” (Commonwealth of Australia, 2017)

The increase in vehicle ramming, or the use of a vehicle loaded with an IED in recent years has seen a corresponding increase in the level of street blocking for large-scale public events with police vehicles and movable barriers. This first level of defence typically constitutes the main infrastructure used to mark-out the exclusion zone for inner-city massed public events. The next level of security is the event barrier fence composed of fencing and gate-entry points operated by paid event security, volunteer crowd stewards and police foot patrols.


Figure 3: Illustrates two scenarios - one, where effective security exists outside the event, and at the events’ barriers; the other where the events’ barriers have become permeable, and there is no effective security to stop unauthorised people entering.

The key problem is that the security infrastructure used for inner-city massed public events is much of the time provisional; that is, barriers and fencing are put in place specifically for the event, and then taken-away. Often the fencing is not secured as the common practice is to reduce infrastructure that can itself become a hazard as crowd numbers increase; and in emergency situations must be quickly cleared allowing evacuations.

All-day, or night inner-city massed public events are known to present numerous workforce problems such as staff-fatigue, insufficient or loss of staff numbers, and the physical wearing down of provisional fencing and gates by large-scale use. These factors alone, soon present security problems opening gaps which if not closed present opportunities for an attacker to enter the event.

Implementing a purely deterministic security model can led to a failing of security, as gaps open due to a breakdown on the overall security operation, or there has been a dynamic shift in the attackers’ use of weapons or choose to weaponize. A possible solution is to augment the established security with a dynamic defence approach.

Dynamic Defence

A dynamic defence is where security adopt a randomised pattern of defence (Flaherty, 2009). Dynamic defence interdiction falls into what has been called, ‘mastering the manipulation of the city as a fluid operational space’ (Sullivan and Elkus, 2009).

Dynamic defence as a concept of operations is based on non-deterministic or randomised ambush of an attacker. Dynamic defence is the mirror side to erratic attacks where one or both sides deliberately act without any plan; this is deliberately done to create a chaotic situation during the battle, thereby overwhelming opponents (Flaherty, 2009; 2010; 2015).

The concept of dynamic security has been applied to the, “problem of patrolling a transit system” (Jiang, et al, 2013). The objectives have been to plan patrols through mass-transit systems, by applying the principle of uncertainty in cases where the defenders (for example, security officers) mix-up their strategies against fare-evaders, who were operating randomly and in-sync with train movements, in-and-out of the stations with a large volume of riders (Jiang, et al. 2013; Della Fave, et al. 2014). A not dissimilar notion is found in Australia, more recently in 2017:

  • “We must be more agile, more dynamic, more rapid in our response than our enemies are.” (AAP, 2017)
  • In contemporary military thinking, dynamic defence emerged as a military concept in its own right; used typically:
  • Describing the diverse and unpredictable nature of the military environment (Defence Forces Ireland, 2013); and,
  • Identifying multiple force options (Lombardi, 2007).

In the Japanese military context, from around December 2010, the phrase was used interchangeably with ‘dynamic deterrence’, to describe force capability development, as “multifunctional, flexible, and effective, to respond to complex contingencies” (Macintyre, 2012). This concept is the basis for the current titling of the Japanese military self-protection forces as a ‘Dynamic Defence Force (DDF)’.

  • The predecessor of the term ‘dynamic defence’ was ‘dynamic deterrence’ (Macintyre, 2012). This defence was defined as, “to dissuade, capabilities to neutralize or capture, credible threats to retaliate, and the ability to defend” (Macintyre, 2012). Coupled with the previous definition:
  • “an explicit embrace of the use of force to effectively communicate a deterrent threat or compel an enemy to change its behavior” (Macintyre, 2012).
  • However, these formulations while valid tend to overlook an important aspect of ‘dynamic defence’, namely its mirror relationship with ‘erratic actions’. In short, the missing element is:
  • “identification of non-linearity-logic (which is a requirement for chaotic behaviour); and which has been shown to produce a defence which effectively counters erratic terrorist tactics in urban battle” (Flaherty, 2009).
  • Theoretically, achieving asymmetric advantages through dynamic, or erratic acts comes from ‘doing the unexpected’ to adopting organisation or force types which are unknown to the adversary, and equally applies in both the attack and defence (Flaherty, 2010).

In large part, a dynamic defence relies on happenstance or coincidence to thwart any potential attack. Based on open patrolling, rather than a specifically set up security in a place to meet a specific threat, policing, paid event security, paid crowd managers, parking staff, ambulance crews, and volunteer stewards maintain a high state of alertness for suspicious activity, and interdict a potential attack, reacting through a purely chance encounter.

Even though it is recognised as good continuity planning, to cross-train skills among the paid and volunteer workforce (Commonwealth of Australia, 2017). A lack of potential coordination between the volunteers, paid event security, and the police foot patrol, combined with the typical volunteer who is unlikely to have a high level of situational awareness, and crowd milieu produces a massive amount of information deprivation and perishability (Flaherty, 2011). This later problem can be exacerbated within the event space, if the crowding of parade participants goes beyond the recommended safety limit of two people per square metre, combined with poor lighting or noise it can become impossible for any member of the event workforce to effectively maintain vigilance, and actively interdict a possible attacker, if they have successfully breached the security barriers and entered the event space.

Mitigating potential security failure focuses attention on pre-event training and organisation. Two key areas need to be addressed: firstly, a review of the physical coverage of the event space, measuring the area it will cover within the barriers, including event space infrastructure determining what sort of crowd load is sustainable before the number of event participants become too crowded within the space to be effectively managed. The second part of the pre-event planning involves a realistic determination of the actual number of event workers needed and their composition, and coordination, including training in communication and interoperability. This would also require suitable training in vigilance, not unlike the UK project ARGUS (counterterrorism testing and exercise initiative sponsored by the national Counter Terrorism Security Office), and similar awareness training.


AAP [Australian Associated Press], “Australia Reviewing Security for Mass Gatherings at Major Events.” The New Daily, 24 May 2017,

Albert Xin Jiang, Zhengyu Yin, Chao Zhang, Milind Tambe, Sarit Kraus. “Game-Theoretic Randomization for Security Patrolling with Dynamic Execution Uncertainty. International Conference on Autonomous Agents and Multiagent Systems.,” Game-theoretic randomization for security patrolling with dynamic execution uncertainty. 12th International Conference on Autonomous Agents and Multiagent Systems 2013, AAMAS 2013. 1. 207-214,

Christopher Flaherty, “The Dynamic Field of Terrorist Weapons Options.” Small Wars Journal, 23 June 2018,

Christopher Flaherty, Wild Predator Erratic Attacks Versus Dynamic Defence.” Journal of Information Warfare. Vol. 14, Issue 1, 2015.

Christopher Flaherty, “Stewarding Situational Awareness and Highly Perishable Information.” Journal of Information Warfare. Volume 10, Issue 1, 2011.

Christopher Flaherty, Dangerous Minds: A Monograph on the Relationship Between Beliefs – Behaviours – Tactics. OODA LOOP. 7 September

Christopher Flaherty, “Command, influence and information in 3D tactics.” Journal of Information Warfare. Volume 9, Issue 1, 2010.

Christopher Flaherty, “2D Verses 3D Tactical Supremacy in Urban Operations.” Journal of Information Warfare. Volume 8, Issue 2, 2009.

Commonwealth of Australia.  Australia’s Strategy for Protecting Crowded Places from Terrorism 2017. Canberra: Australia-New Zealand Counter-Terrorism Committee, 2017;

Defence Forces Ireland [Óglaigh na hÉireann]. Defence Forces Review 2013, Dublin: Defence Forces Printing Press, 2013,

Douglas John MacIntyre. “Emerging from Behind the U.S. Shield: Japan’s Strategy of Dynamic Deterrence and Defense Forces.” Joint Forces Quarterly, Vol. 65, 2012.

Fiona Lombardi. The Swiss Air Power: Wherefrom? Whereto? Zürich: vdf Hochschulverlag, 2007.

Francesco M. Delle Fave, Matthew Brown, Chao Zhang, Eric Shieh, Albert Xin Jiang, Heather Rosoff, Milind Tambe, John P. Sullivan. “Security Games in the Field: Deployments on a Transit System,” in Fabiano Dalpiaz Jürgen Dix, M. Birna van Riemsdijk (Eds,). Engineering Multi-Agent Systems. EMAS 2014, Paris, Franc, May 5-6, 2014, Revised Selected papewrse. Lecture Notes in Computer Science. Heidelberg: Springer. Volume 8758, 2014, pp. 103-126,

John P. Sullivan, Adam Elkus. “Postcard from Mumbai: Modern Urban Siege.” Small Wars Journal, 16 February 2009,

Keith Still. Crowd Safety and Risk Analysis. 2018,

About the Author(s)

Christopher Flaherty has a Ph.D. in Economic Relations from the University of Melbourne with a focus on networking. Following this, he pursued a career in defence and security research in the Australian Department of Defence. Christopher has been based in London since 2008. A Senior Research Associate of the Terrorism Research Center (TRC), he regularly contributes to its’ current publications. He is also the co-primary author of Body Cavity Bombers: The New Martyrs (iUniverse, 2013). Two essays of his from 2003 and 2010 were reprinted in the TRC book - Fifth Dimensional Operations (iUniverse, 2014). He is the author of Australian Manoeuvrist Strategy (Seaview Press, 1996). Christopher has been an active contributor on security, terrorism early warning, and related international intelligence issues, including tactics, techniques and procedures analysis, published in the TRC report ‘Dangerous Minds’ (2012). He has a long-term involvement in the development of a ‘Scripted Agent Based Microsimulation Project’, at the University of Wollongong (NSW, Australia).