Access Pass Holder Information Distribution System (APHIDS), Home Office

The Home Office, Department for Transport (DfT) and Borders could not reliably assess the risk of insider threats posed by the volume of UK airside workers. 

Requirements: Concepts and Design Development

We adopted a collaborative, user-led approach with the Home Office - Accelerated Capability Environment (ACE). Our initial objective was to develop a proof of concept using rapid prototyping and open source integration to demonstrate how the latest data ingestion and analysis tools and techniques could be used with data from over 50 UK airports. Our longer-term objective was to prove, through delivery, that a single centralised solution could manage this insider threat.

Under the ACE contract in FY19/20, BMT and Naimuri collaboratively developed the APHIDS MVP using an Agile, sprint-based approach. Using a continuous cycle of user story refinement, elaboration and prioritisation, the highest priority user stories were delivered (designed/documented, developed, tested and deployed) by the BMT / Naimuri teams.

In addition to the development delivery, our team also coordinated the security assurance process (via our cyber consultants) for APHIDS and supported the user engagement/user experience (UX) side (via our UX specialist) – which is of particular importance to ensure APHIDS meets the Government Digital Service Standard.

Solutions

• Regular fortnightly sprint software delivery – completion and testing of all assigned development tasks to fulfil all Epics listed in Section 1, in accordance with the defined Acceptance Criteria
• Completion of all identified Defects through both continuous system testing and reported through the 1st Line Service Desk
• Regular updating of all Stories, Sub-Tasks, Technical Debt and Defects within the APHIDS Jira Backlog
• Technical Documentation for all applicable requirements within APHIDS Confluence instance

Benefits

We worked with industry partners to deliver a minimum viable product (MVP) as a national scale capability that will address airside insider threat at UK airports. For the MVP definition, we:

• Created clear outcomes and success criteria (KPIs).
• Performed user research, through workshops and one-to-one user interviews across airport security teams, DfT, LEAs and UKIC.
• Produced wireframes in Balsamiq.
• Iteratively tested with our UX Designer and users.

Automated migration of data from external airport systems was required, so we worked with ministers composing directives and creating data sharing agreements, to ensure data acquisition was legal and GDPR compliant and conducted Data Protection Impact Assessments.

From our prototype, we designed and developed data pipelines using NiFi and ElasticSearch to provide a centralised source of intelligence for Law Enforcement and UKIC to support investigations.

We used our DevSecOps approach to rapidly deploy secure components into the cloud, including Kibana for flexible visualisations.

To support performance analysis, we utilised:

• Sysdig Monitor & Secure for full-stack performance analysis, alerts and deep troubleshooting.
• Elasticsearch / Logstash / Kibana (ELK) stack for centralised data collection from Docker logs.
• Drone CI for automated Continuous Integration and Continuous Delivery (CI / CD).
• SonarQube (for automated code quality analysis).

We provided knowledge transfer and training to various Home Office - Digital Data & Technology teams. We worked with the QAT team to hand over all aspects of testing, through a series of on-boarding and mobilisation sessions as well as face-to-face and VTC training sessions. We worked with the Enterprise Services (ES) Service Desk team to support the design, and handover, of the support wrap for the service – ensuring a robust and proven helpdesk service.

The result has been the successful delivery of an MVP which has gone into Beta service and is consuming data from UK airports for intelligence assessment and analysis - enabling LEAs / UKIC much improved access to airside worker information to reduce insider threat.

Shaping the Sustained Service Model

In addition to providing the 2nd / 3rd line support, the BMT / Naimuri technical teams also needed to work closely with the ES Service Desk team to further shape and refine the APHIDS service wrap model. This includes supporting and documenting the interface between 1st and 2nd line support and conducting/attending workshops, as required.

A key refinement stage, for the service wrap, began from the start of the airport on-boarding trial with both the Home Office ES Service Desk the APHIDS development team (BMT / Naimuri) capturing lessons learned, identified issues and areas for improvement to feed into a continuously live service wrap plan.