Don’t blame the employee for the recent false Hawaii Missile Alert. Sounds like a bad implementation of a decent system that caught everyone with their pants down.
The recent erroneous Hawaii Missile Alert gives me an opportunity to add to our series about emergency broadcasting. On Saturday January 13, 2018, the Hawaii Emergency Management Agency accidentally broadcast a warning of an incoming ballistic missile. False alarm, thankfully. Pushed the wrong button, apparently.
Over the past decade, emergency warning systems have become increasingly integrated and complex. In the United States, the warning system is called Integrated Public Alert and Warning System, shown above. IPAWS is a computer platform that is used by many agencies to broadcast alerts over a variety of media, old and new. Essentially, it is an automated gateway between authorized officials and communications channels.
The “missile alert” message went out early Saturday morning over two distribution systems, EAS and WEA. The Emergency Alert System, operational for the past twenty years, is basically a continuation of legacy reliance on broadcasters. EAS is what triggers those alert banners on your television screen. Since 2012, Wireless Emergency Alerts send short messages to your mobile phone.
IPAWS and all its users rely on the Common Alert Protocol, an XML data structure for messages. CAP was developed in the United States, but has been standardized and is now used worldwide. If you are interested, you can read how it is structured for yourself.
Here in Canada, our system is called Canada National Public Alerting System. NAPAS is similar to IPAWS and also rides on CAP. Wireless Alerting will be fully implemented this year. Both in the United States and Canada, these “systems of systems” require a lot of interfacing between public and private service providers, and are in many respects voluntary.
Hawaii Missile Alert – What Went Wrong
According to the state emergency agency in Hawaii, an employee pushed the wrong button. No kidding. But this is where it gets really weird. Apparently, there is a computer workstation that has two menu items. One says “test missile alert”. The other menu item says “issue missile alert”. These menu items are right next to each other. Bad design. Also, there does not appear to be an “are you sure you want to issue a missile alert ?” safeguard.
It took six minutes before the automated message was cancelled. But this cancellation only stopped the continued transmission of the message. It did not provide public information.
Now get this. After another 10 minutes or so, both the Emergency Management Agency and the Governor issued cancellation messages. Did they do this over IPAWS? No. They used their Twitter and Facebook accounts! In effect, they just tweeted “don’t worry, be happy.” In these days of “fake news”, would you let a tweet trump a formal government alert? (Pun intended.)
It took 36 minutes after the false warning for government to use IPAWS to send out an official cancellation over EAS and WEA. Not good. (All this information is in the HI-EMA press release.)
By the way, IPAWS has documented processes for issuing cancellations. CAP has status and other fields to differentiate between “actual” versus “test” messages. There is also the question of why a local agency would be sending out a Presidential-level warning.
So, overall, the takeaway is no matter how well a system is designed, humans will always find a way to screw up.