Models in/of Security
Models In/Of Security
An interdisciplinary research workshop at CIM
On the 18th of April, CIM hosted the interdisciplinary workshop Models in/of Security, bringing together a group of scholars interested in exploring and understanding the interface between modelling practices and security practices.
The event was generously funded by UKRI, via the Scaling Trust research project.
In the opening presentation, CIM’s Matt Spencer set out a framework for the comparative analysis of security models, drawing on the sociology of valuation and anticipation. He argued that different categories of security model (protocol models, attack trees, game theoretical models, participatory models, scenarios, security architecture models) embody values in distinct ways, and can be analysed comparatively to learn about the kinds of anticipation involved in security thinking.
In the first panel, Ksenia Ermoshima spoke about her field studies of security training and threat modelling in high-risk geopolitical contexts, and the changing ways in which trainers communicate the challenge of digital security when working, for instance, with activists. Peter Hall and Luke Demarest gave a talk on critical methodology in visualization and modelling. They emphasized the perils of producing truth effects that obscure the constructed nature of models and visualisations, and strategies for engagement and critical reflection that can counter this tendency, looking in particular at agent based modelling of interventions in contexts of high risk migration. Daniele Pizio’s presentation completed our morning of talks. Drawing on a semiotic frame of analysis, he addressed the rise of de-perimeterised security models in IT security architecture, and the role of the Jericho Forum lobby group in the recent history of the field.
The second panel opened with a presentation by CIM’s Cagatay Turkay on critical data modelling, and the importance of modellers, and analysts who use models, appreciating the constructed nature of data, with examples from healthcare and cyber security. In these methodologies, working with stakeholders comes to the fore as a crucial component of model development and analysis. Next, Claude Heath spoke about the research he has done into ways of tracing and inscribing the gestural dimension of communication and interaction, an approach he has applied in a number of interdisciplinary fields, including in the analysis of physical modelling for digital security. This work highlights methods for examining processes of modelling as embodied practice. Finally, Andrew Dwyer gave a talk on the uptake of digital twins and new machine learning technologies in military contexts and beyond, exploring the political and ethical consequences of performing security via these models. As security practices become model mediated in new ways, it is vital to connect theories of security with methodological analyses of modelling.
In the middle of the day, we ran a physical modelling session with speakers and participants, entitled The Spatialities of Security, and facilitated by Lizzie Coles-Kemp, along with Daniele Pizio and Matt Spencer. The goal of this session was to expand and enhance the day’s discussions by enabling participants to take part in a process of model-building, stimulating reflections on the process, methodology and challenge of constructing models of security. The physical modelling toolbox used was inspired by the Creative Engagements methodology developed previously by three of the workshop participants (Heath, Hall and Coles-Kemp), but here tailored to a specific set of questions about the role played by spatial relations in security and in models of security. Using LEGO, video stimulus material, and specially designed set of prompt cards, participants assembled into four groups and explored through modelling the importance of spatial orders, viewpoints, boundaries, architectures, and relations of nearness and distance. The scenes or vignettes were devised, analysed, and presented at the end of the session each group gave a short ‘show and tell’ presentation and discussion.
The stimulus material for this session was drawn from the TV series Gomorrah, inspired by Roberto Saviano’s investigative journalism book, which provides rich illustration of the physical, architectural, procedural and social mechanisms used by Camorra clans to secure their drug trafficking and distribution operations (Camorra is the crime syndicate historically operating in the Naples area). It proved a useful provocation to think about how security goals of different groups intersect, come into conflict, and become entrenched in architectures.
At the end of the day, Lizzie Coles-Kemp gave a closing commentary, pointing to four questions that had been raised by the discussions:
1. Who are the modellers? What kind of person occupies the position of authorship, defining the models that so strongly influence the security practices of contemporary societies? Likewise, who is excluded and how are inclusion/exclusion decisions made?
2. Who loses out from modelling? It is vital that an interdisciplinary analysis of security models involves an inquiry into those people and things that are not included in models, either because they are overlooked, or because they are not considered worthy of modelling, and to examine how technologies of security differently impact members of society.
3. Just because we can model, should we? Once digital models are constructed, they have a life of their own, and their authors can never exert complete control over what is done with them. When we model things, we place ourselves into an ethical relationship with the model and with those it represents. Such a relationship creates responsibilities that are not always openly recognized: modellers for instance must consider the potential for powerful actors such as companies or states to misuse the models they create.
4. If we are engaging with security through models, how do we experience security? Modelling is commonly an expert practice that takes place in an expert space. Even where participatory researchers use modelling in stakeholder engagements, models tend to be constructed in spaces set apart from the spaces where security issues are directly experienced. As models gain increasing importance in security practice and in the securitization of public and private spaces and services, we must insist on the foundational importance of security as experience, and find ways to make visible the distance and detachment models can create between policymakers and technologists and the experiences of people affected by security issues, especially those of people belonging to marginalized and under-served groups.