1 Introduction

The ever-evolving landscape of international terrorism presents multifaceted challenges, influenced by historical, geographical, and political factors, as well as the diverse nature of terrorist groups [34]. The social and economic impact of security threats and terrorism necessitates the focused attention of law enforcement agencies, policymakers, and political institutions. Terrorism seeks to instil fear and cause significant harm within populations, making cities particularly vulnerable due to their high population densities. Consequently, effective planning and response strategies are crucial in addressing emergencies related to mass gatherings, critical infrastructures, and soft targets.

This paper introduces a comprehensive Decision Support System (DSS) developed under the umbrella of the S4AllCitites project, aimed at enhancing anti-terrorist urban security and emergency management within smart cities. By integrating with existing smart city systems, the proposed DSS empowers decision-makers and operators during the planning and response phases, providing proactive threat anticipation and facilitating effective decision-making processes. Understanding the anticipated evolution and impact of terrorist attacks [9, 20] is paramount for developing models that mitigate their consequences. More than half of global terrorist attacks encompass Improvised Explosive Devices (IEDs), mass shootings, arson, or incendiary/smoke devices, as highlighted by [11]. Notably, between 2010 and 2020, 29% of terrorist attacks targeted urban population [11], underscoring the urgency to improve security measures within cities.

The emergence of smart cities, leveraging Information and Communication Technologies (ICT), offers tremendous potential to enhance operational efficiency, improve government services, and promote citizen welfare. However, ensuring the safety and security of citizens within this ecosystem is of paramount importance. Smart cities must harness their capabilities, including anomaly detection, individual authentication and identification, threat localization, behavioural profiling, suspect tracking, traffic monitoring, and emergency management [19], to create a secure and resilient environment. While several studies have explored these capabilities from different perspectives [14], contributing to a wide range of findings, there remains a notable gap in the literature regarding a comprehensive DSS integrating emergency management, real-time decision support, and forecasting the risk, evolution and impact of common terrorist attacks. Existing research primarily focuses on theoretical frameworks for minimizing the impact of explosive charges [28], managing common crimes like vandalism and violence [10], implementing information systems [33], managing unusual traffic conditions [12], evacuation strategies [38], and to a lesser extent, predicting events such as robbery or homicide [2, 26].

In light of this research gap, this study aims to propose a real-time capable DSS that effectively prevents and minimizes the consequences of terrorist attacks in urban environments. This study builds upon the emerging field of Spatial Decision Support Systems [17], leveraging its principles to develop an innovative DSS tailored specifically for anti-terrorist urban security within smart cities. By integrating spatial analysis, modelling, and visualization techniques, the proposed DSS offers a holistic approach to address the complex challenges of urban security and emergency management in the face of evolving terrorist threats. By employing methodologies and modular developments, the DSS offers prediction and impact assessment capabilities for various terrorist attacks, encompassing IEDs, mass shootings, and arson incidents. Furthermore, the system addresses critical aspects of emergency management, including real-time forecasting of pedestrian and vehicular intervention and evacuation via simulations and real-time information from legacy systems [3]. The integration of these methodologies and developments, coupled with data sources from legacy smart city systems, culminates in a comprehensive decision support system empowering operators and decision-makers to make informed planning, management, and response decisions [35].

2 Material & method

2.1 Conceptual model

On the basis of the initial definition of a smart city, a three-layers structure can be used to formalise the mathematical model of the proposed DSS (Decision Support System), see Fig. 1.

Fig. 1
figure 1

Conceptual model – Mathematical layer-based model of DSS applied in a hypothetical Smart City

Full size image

Threat Assessment Layer

Comprises a set of soft targets, crowded areas and infrastructures S = {s0, s1, …, sn} where security monitoring is desired. A soft-target can be defined as sk = {B, P, A, D, O}, where B = {(ϕ0, θ0), (ϕ1, θ1), …, (ϕk, θk)} represents an enclosed and geographically defined area (longitude, latitude), P is the spatial distribution of people, A is the security assets deployed (e.g. controls, cameras or patrols) and D and O is the set of safe areas and obstacles inside the scenario that are defined by geographical coordinates. Threats being monitored in these areas T = {T0, T1, …, Tn} are therefore defined as Ti = {L, C}, where L = (ϕ, θ) is the location and C ∈ {Arson, Smoke, IED, Weapon} is the category.

Pedestrian Movement Layer

Topological definition of pedestrian transitable areas is replicated through the graph Gp = {N, E}, which is arranged by N = {n0, n1, …, nn} set of nodes and E = {e0, e1, …, em} set of edges. Each node ni = {L, d, s} is defined by its geographic location and occupant density as well as its current status s ∈ {Passable, Impassable, Evacuate, Safe}. Likewise, each edge ei = {d, no, nd, f} represents transitable zones and is defined by people density, origin and destination nodes and available flow.

Traffic Layer

Traffic network is represented through the graph Gt = {V, E}, where V = {v0, v1, …, vn} are the vehicular transit reference points associated with physical locations and E = {e0, e1, …, em} represents the reachability associations similar to the pedestrian layer but within a traffic environment where the density and flow measurements represent vehicles instead of people. For the generation of traffic profiles, this layer considers the different usual zones Z of origin and destination of trips, which in turn are related by proximity to a node of the traffic network, generating a set of paths P between them and an origin-destination weighted matrix W = Z × Z.

2.1.1 Threat assessment layer

This layer assesses the threats and possible impacts/consequences of three types of attack:

  1. 1.

    Arson and Smoke Bomb: Fire Dynamics Simulator [23] is used for the most likely locations of this type of attacks by simulating several scenarios changing the actual combustion parameters, different wind and fire loads. The generated results providing artificial measurements Mf(si) = {m0, m1, …, mk}, (e.g. visibility, Fractional Effective Dose (FED)) are classified and stored in a structured way for further use. This methodology can be divided into five steps:

    1. a.

      Acquiring the geographical information needed for the setup of the numerical model. This information includes the geographical boundaries in terms of coordinates that can be obtained from a Geographical Information System (GIS). The numerical domain is built as a consequence, by defining conveniently the origin of the global Cartesian reference system (e.g. in the bottom left corner) which is used to create the array of virtual measurement devices.

    2. b.

      Collection of main input modelling data including wind statistics, fire load inside the domain and fire source potential locations. These inputs are considered when the numerical model is created and are used to generate the set of simulations with different parameters to produce a combination of feasible scenarios.

    3. c.

      Definition of a certain number of scenarios considering the most probable scenarios depending on the information previously collected and the purpose of the simulation to cover all the critical situations.

    4. d.

      Post-processing of simulations scenarios producing a set of animations representing the fire and smoke propagation together with the artificial measurements Mf(si) reporting FED and visibility in critical locations across the scenario.

    5. e.

      Storage of simulated scenarios with the associated results providing to the COP a set of feasible scenarios to be triggered when one of the emergencies contemplated in the simulations occurs.

  2. 2.

    Improvised Explosive Device (IED): This approach is based on [5]. The boundary box of each soft-target sk is calculated and subdivided into small regions shaping a fine grid of squared cells. For each cell cij within the grid, the risk function is calculated as follows:

$$R\left({s}_k,{c}_{ij}\right)={w}_{dt}\cdot {d}_t\left({c}_{ij},E\right)+{w}_{da}\cdot {d}_a\left({c}_{ij},A\right)+{w}_{dr}\cdot {d}_r\left({c}_{ij},B\right)+{w}_p\cdot p\left({c}_{ij},P\right),$$

where the functions studied have associated weights {wdt, wda, wdr, wp} that can be modified (e.g. to give more weight to one or another parameter) but, as a general rule, balance the risk function. The rest of the functions that are measured in the equation are:

  • dt(cij, E) ➔ Inverse (1-p) normalized distance from cell cij to the nearest exit (negative correlation).

  • da(cij, A) ➔ Inverse normalized distance from cell cij to the nearest asset.

  • dr(cij, B) ➔ Normalized radial distance from cell cij to the boundary box (positive correlation).

  • p(cij, P) ➔ Normalized population density inside cell cij.

The set of individual risk assessments of each discretized cell cij for each soft target si is represented as a two-dimensional matrix Mr(si). Each element within this matrix is an association between a risk level calculated with the R(sk, cij) function and the geographic location of the evaluated cell, resulting in a probability map that allows identifying critical locations susceptible to IED attack, allowing the results to be easily distributed to the other layers.

  1. 3.

    Mass Shooting Attack (MSA): The soft-target space si is discretized through uniformly distributed reference points and mapped onto nodes of a reachability directed graph G = {N, E}, N = {n0, n1, …, nk} for pathing purposes. The optimal path (i.e. minimum distance) from each starting location P = {p0, p1, …, pm} is calculated, considering the location (static and/or dynamic) of the attacker(s) Al, by means of Backtracking approach with associated cost function:

    $${c}_f\left({n}_i,{n}_j\right)=\frac{\frac{d_{mean}\left({n}_j,E\right)}{\max_n^{nghbs\left({n}_i\right)}\left({d}_{mean}\left(n,E\right)\right)} + \frac{d_{min}\left({n}_j,E\right)}{\max_n^{nghbs\left({n}_i\right)}\left({d}_{min}\left(n,E\right)\right)}+\frac{u\left({n}_j\right)}{\max_n^{nghbs\left({n}_i\right)}\left(u(n)\right)}}{\frac{d_{mean}\left({n}_j,{A}_l\right)}{\max_n^{nghbs\left({n}_i\right)}\left({d}_{mean}\left({n}_j,{A}_l\right)\right)}}$$

where function nghbs(ni) represents the neighbours of a particular node, function dmean/max(n, S) is the mean/max distance from node n to a set S of locations and u(n) is the density of population in the surrounding of n. In conclusion, this function represents three important factors: 1) the proximity of a node to an exit/safe area, 2) the spatial availability of that node, and 3) the risk associated with the location of the attacker(s). Following these paths, a microsimulation approach is used to represent the movement and behaviour of people involved considering interactions between agents and repulsion forces between terrorists, people, scenario boundaries and obstacles through a Social Force model [13]. A physical shooting dynamics approach is followed [1] to represent persons hit by gunfire, where the probability of being hit is estimated and the number of casualties Mv(si) are calculated through a stochastic approach. This approach allows to simulate multiple hypothetical random scenarios in terms of location and behaviour of people and attackers always complying with the constraints (B, P, D, O) established when modelling the soft target sk. The random variables are generated according to different distributions (uniform, normal and log-normal) depending on the variable to be modelled. We can distinguish two main sets of variables: 1) Movement and response: spatial location of the agents, movement speed, corporal dimensions, behaviours and response times and 2) Shooting simulation: vertical and horizontal spread of the weapon, rate of fire, effective range, magazine capacity, accuracy of the shooter, field of view, target selection, reloading time, type of shot (burst, single or auto) and weapon trajectory deviation. Subsequently, firing trajectories are generated following these variables. The number of estimated casualties is calculated considering the intersections between trajectories and the agents during their evacuation process, knowing their location at each precise moment and their corporal dimensions. Subsequently, the 95th percentile of the results, in terms of casualties provided by the simulated scenarios, is calculated in order to have an estimate of the worst case of attack, excluding possible outliers due to the random nature of the defined scenarios.

Results generated following the procedure defined in Algorithm 1 and its associated methodologies can be summarised as a set of geographic locations linked to counter-terrorism security-related information enabling the lower layers to increase their level of intelligence to enable more accurate modelling results.

Algorithm 1:
figure a

Threat Assessment Layer Update

Full size image

2.1.2 Pedestrian movement layer

Using threat assessment layer results {Mf, Mr, Mv} as inputs and the pedestrian movement layer the status s for each node ni in the associated graph Gp is updated by assigning nodes to be evacuated, safe nodes and affected nodes that are impassable. Also, the occupancy densities of the different nodes and edges of the network are updated through one of the following approaches depending on the capabilities of the Smart City: 1) making historical-based estimates of expected occupancy, 2) real-time monitoring of occupancy through cameras, Wi-Fi location devices, access controls or similar, and 3) random assumptions of occupancy following expected distributions. This graph is considered as the active graph and it is used to produce a first calculation of shortest paths via Dijkstra’s algorithm. Its subsequent optimization is carried out considering nodes availability and through a weighted Multiple Criteria Decision Analysis (MCDA) for the assessment of conflicting nodes through its score function:

$$S\left({n}_i\right)=\sum\limits_j^{j\in J}{S}_j\left({n}_i\right)\cdot {w}_{j.}$$

where wj is a weight associated with criterion j of the MCDA and Sj(ni) is a function producing a relevant unweighted and normalised score associated with that criterion; which is inversed to maximise if necessary. The weights, balanced a priori, are calibrated for each network by using defined scenarios to ensure that the output classification is logical and to improve the effectiveness of the optimization model in terms of evacuation time. The criteria, J we consider are congestion and additional distance cost incurred by route changes on the node ni and the congestion and available flow on the surrounding nodes nghbs(ni). After this, following an iterative process a set of candidate graphs Gc= {G0, G1, …, Gk} solving these conflicts is generated and from among them another MCDA score function of the same form is applied to choose the optimal graph,

$$S\left({G}_i\right)=\sum\limits_j^{j\in J}{S}_j\left({G}_i\right)\cdot {w}_j$$

where symbols hold the same meaning. The criteria, J considered here are the total estimated evacuation time and the sum of node congestion on graph Gi. Once the optimal graph has been found, it becomes the active graph again, which can be iteratively re-optimised when the model inputs change. This model provides evacuation routing, estimated egress times and mobility profiles, forecasting the number of people who will go to specific locations in a precise time period by determining and modelling the initial impact on the traffic network.

Algorithm 2:
figure b

Pedestrian Movement Layer Update

Full size image

2.1.3 Traffic Layer

This layer provides a real time expected traffic evolution on different road sections according to date and time after a calibration of the network based on traffic historical data or data obtained through the traffic monitoring sensors deployed in the smart city. This calibration process starts from an uncalibrated network represented by the graph Gt which solves for the shortest paths considering availability constraints of the road sections and updating the W origin-destination matrix via path-based [15] and bush-bashed B algorithms [8]. Accordingly, following an iterative process for origin-destination matrix adjustment based on gradient approach [32] with some adjustments for large traffic models [18], the model optimises the set of paths P and the matrix W based on real traffic data, paying attention to discrepancies between model and reality. Therefore, methodologies applied can be summarised in two model with particular purposes:

  • Trip distribution model: The classic gravity model is used as the trip distribution model. The distribution model estimates the number of trips between the zone 𝑖 and the zone 𝑗 than the number of trips is

    $${Q}_{ij}={O}_i{D}_j{A}_i{B}_j{f}_{ij}$$

subject to

$$\sum\limits_j{Q}_{ij}={O}_i,\kern0.5em \sum\limits_i{Q}_{ij}={D}_j$$

where Oi represents the number of trips origins in the zone i ∈ Z, Dj is the number of trips ends in the zone 𝑗 ∈ 𝑍 and the coefficients Ai and Bj are the balancing factors that are determined during the iterative proportional fitting procedure. The most important part of the equation of distribution equation is the deterrence function fij(cij) where cij is the cost (travel time) between the zones. The shapes of the deterrence function are described in [27].

  • Traffic assignment model “Traffic Assignment Problem” (TAP) is used. Let the cost ce of the edge is dependent on traffic flow xe

$${c}_e={c}_e\left({x}_e\right),$$

where ce(xe) is the cost function. The definition of the TAP is based on the first Wardrop’s principle. This principle says: For all used paths from the source node to the destination node the travel time must be equal and this travel time must be minimal [37]. All pairs must meet with this condition. Mathematically, the TAP can be defined as variational inequality (VI) as [6, 30]

$$\sum\limits_{p\in P}{c}_p\left({x}_p^{\ast}\right)\left({x}_p-{x}_p^{\ast}\right)\ge 0,\forall x\in \Lambda$$

where 𝑥 = (𝑥p: 𝑝 ∈ 𝑃) and 𝛬 is the set of feasible flows

$$\Lambda =\left\{x>0:\sum\limits_{p\in P}{x}_p={Q}_{ij}\forall \left(i,j\right)\in W\right\}$$

where Qij is one cell of Origin-Destination Matrix (ODM) related to (𝑖, 𝑗) ∈ 𝑊. In order to solve this Tap problem Traffic Modeller implements the path-based algorithm by Javakrishnan [15] and bush-based B algorithm by Dial [8] with some improvement by Nie [25]. The implementation of the B algorithm is fully parallelized by Potužák and Kolovský [29]. The B algorithm uses the decomposition of the problem to bushes. The bush is the acyclic subgraph of 𝐺 related to origin zone. The bush contains only flow from the origin zone to all other destination zones. Each bush is equilibrated by shifting the flow from the minimal path to the maximal path. The minimal and maximal paths are found by topological order in the acyclic bush. Regarding the ODM calibration algorithm the method by Spiess [32] with some adjustments is implemented by Traffic Modeller. This method uses the steepest descent with a longstep for the object function minimization. Some adjustments are described in [18].

Algorithm 3:
figure c

Traffic Layer Update

Full size image

2.2 System architecture

All these methodologies have been integrated together in a comprehensive DSS that, following the architecture presented in Fig. 2, assists security decisionmakers in the planning and response phases by leveraging some of the resources and devices already deployed in the smart cities. Examples of resources and devices include cameras, monitoring Wi-Fi devices, access control sensors, etc. These devices could help to estimate the number of people in specific locations or for example traffic monitoring systems make real-time simulation of unusual traffic flow more reliable.

Fig. 2
figure 2

DSS Architecture Overview diagram. Terrorist Attack Hazard Analysis Toolkit (TAHAT), Crowd Simulation Toolkit (CST) and Traffic Modeller (TM) modules

Full size image

The architecture follows a producer-consumer approach with a centralized distributed data stream platform (Apache Kafka) for the exchange of information between layers. Each layer in turn is implemented as an independent module that has a Graphical User Interface (GUI) for configuration purposes and Application Programming Interface (API) that provides on-demand service to the rest of the layers, except for fire and smoke simulations that, due to the computational cost, must be pre-simulated and stored locally for further use in specific scenarios, if needed. Different development technologies have been used for the implementation of the individual modules, the main ones being:

  1. a.

    Microsoft. NET Framework 4.6.1: terrorist attack simulation calculation and scenario management using Mapsui, BruTile and SkiaSharp libraries.

  2. b.

    Fire Dynamics Simulator: ad-hoc modelling of the critical soft-targets and infrastructures susceptible to fire risk.

  3. c.

    Unity: create the pedestrian evacuation network relative to landmarks in the real world, providing geospatial references.

  4. d.

    HSLayer Framework: implementation of traffic layer elements including GIS functionalities.

  5. e.

    Apache Kafka: exchange of information between modules.

3 Case studies

Following the system’s development, three comprehensive case studies were devised to test the correct operation of the integrated system, since the underlying models and methodologies of the various models proposed have been extensively validated [16, 21, 22], with the exception of the IED and MSA simulations, which due to the lack of detailed data are complex to validate beyond their theoretical aspect [1, 5]. These cases were conducted within the framework of three demonstration campaigns in collaboration with end users from various European countries. The first campaign involved a purely operational integration trial carried out in the city of Trikala (Greece) and hosted by e-Trikala. Subsequently, a pilot was conducted in the city of Pilsen (Czech Republic), which serves as an illustrative example of the system’s operational functionality. Lastly, a final pilot test was performed in the city of Bilbao (Spain), hosted by the Ertzaintza. It is essential to emphasize that, due to the modular nature of the system and the lack of historical traffic data, the traffic simulation module was exclusively tested in an integrated manner during the Pilsen pilot. Throughout these endeavours, data and feedback were collected from end-users (Smart City operators, First Responders, and Law Enforcement Agencies) with the aim of continuously improving the system’s development across the different experimental campaigns. Expert criteria from participants (see Results section, Table 3) were also requested to evaluate the usefulness and level of acceptance of the demonstrated features through a concise questionnaires and discussion sessions. In addition, system performance metrics for the individual functionalities and the comprehensive system were performed, which are shown in Results section, Table 2.

In regard to the Pilsen pilot, it was based on data provided by Správa Informačnich Technologii Mĕsta Plznĕ, p.o. as a partner of the S4AllCities project. This case study was tested during a terrorist attack drill that took place in the Doosan Arena stadium in the city of Pilsen (Czech Republic) and was organised and conducted by the Czech police, see Fig. 3 and involved law enforcement, first responders, municipal management agencies and operational intervention units, not to mention volunteers. A detailed description of the stadium and its surroundings, as well as the city of Pilsen itself and the timeline of the drill were available (see Table 1), which included information such as:

  • Doosan Arena 3D model obtained via Lidar and RGB scanning using DJI Zenmuse L1 and DJI Zenmuse P1 cameras.

  • Initial locations of a possible smoke bomb as well as its device-like specifications (Antari Z 3000 II fog machine).

  • One-year traffic data providing a dataset of 250 million observations from 627 road built-in sensors, with a 90 seconds granularity in time, traffic model calibrated by the traffic data [16].

  • 2D map of the areas surrounding the stadium with expected attendance (11,700 spectators +3300 people), transit locations, security assets usually deployed, car parks and other minor details.

Fig. 3
figure 3

Doosan Arena drill case study schema. 1) Doosan Arena stadium (green), 2) Drill deployment boundary (yellow), 3) Parking spaces near to the drill area (blue) and Drill location (red)

Full size image
Fig. 4
figure 4

3D Interior stadium view presenting drill area.1) Drill interior boundaries and 2) Available evacuation routes (green)

Full size image
Table 1 Drill timeline
Full size table

Regarding the structure of the drill, several exercises were conducted, combining explosive devices with firearms (pistol and rifle) and a varying number of shooters (1–2). Each iteration was arranged in 3 rounds: 1) placement of the volunteers in the stands performing as victims (600 people), 2) initiation of the feigned attack and 3) police intervention and evacuation. In this last stage, the system was activated providing information to the first responders about the potential number of victims and hazardous areas and in the case of an incendiary or explosive device, the resulting fire spread and impact. Also, the evacuation process current status and predicted evolution together with the expected unusual traffic flows and its impact on the city traffic network is provided. Note that the scope of the simulations is not only limited to the simulation area presented in Fig. 3, but as can be seen in Figs. 9 and 12, practically the entire city centre is covered by the evacuation and traffic simulations.

4 Results

The results of deployment in-situ and operation of the system in real time are provided sequentially according to the drill details and structure following the logical course of emergency events. In the case of the explosive “Smoke bomb” device combined with mass shooting attack, this was simulated by a sound effect and a smoke machine as specified above, located in the lower part of the stadium stands together with two volunteers acting as shooters located at the top of the grandstand. For this use case, the DSS provided results of various kinds, starting by retrieving the output of the smoke propagation FDS analysis (virtual smoke machine tuned on Antari Z 3000 II fog machine, North-West wind direction) followed by the simulation of threats and impact of attack, where it should be stressed that the information available to the system operator is the visualisation of both the evolution of the different incidents and the data associated with the artificial scenario measurements (IED probability, FED, visibility and casualties). As can be seen in Figs. 5, 6 and 7 the results present the visual smoke propagation and identify the hazardous IED areas via probability heat map. These results also reveal that in the event of an attack similar to the one recreated in the drill, in the worst case a total number of 44 casualties could be estimated considering an attack perpetrated by two shooters assuming that the intervention forces take two minutes to reach the emergency location (Fig. 8).

Fig. 5
figure 5

Smoke propagation from FDS simulation graphical user interface

Full size image
Fig. 6
figure 6

IED and MSA threat assessment and impact analysis graphical user interfaces

Full size image
Fig. 7
figure 7

IED and MSA simulation results interface

Full size image
Fig. 8
figure 8

Pedestrian evacuation management graphical user interface

Full size image

After this first initial phase of the attack, the evacuation phase would be initiated sequentially and automatically due to panic situation. The crowd simulation component was used in various ways during the Pilsen scenario. A small-scale simulation involving 600 agents was implemented to represent drill conditions on the ground with 600 volunteers able to follow the routes sent by the component to exit one stand of the stadium. Also, a full stadium evacuation was simulated to demonstrate the capability of the component to simulate large-scale models. In this case, evacuation of the stadium and neighbouring areas to the car parks considering risks, with the full stadium to car parks model taking 58 minutes of simulation time but completing in a few seconds of real time. This followed an evacuation of 600 people using volunteers who followed the suggested routes given by the component, with the stadium stand able to be evacuated in 8 minutes.

In both scenarios the density of evacuating crowds was calculated, using Fruin’s Levels of Service scale. This calculates how dense the crowds are as they leave the stadium and spread out across the city, assigning a colour scale based on the density in people per square metre per minute. This enabled the component to integrate with the traffic modelling component, considering outputs of the traffic model, waiting at intersections and crossing roads, and providing inputs to the traffic model in terms of arrival profiles at the car parks surrounding the stadium (Fig. 9).

Fig. 9
figure 9

Showing agents leaving the stadium and heading towards car parks across the city

Full size image

Subsequently, the arrival of the intervention assets would initiate the intervention phase in which the evacuation model provides the main safe access routes to the incident location considering the progression of threats, incidents manually introduced and the crowd evolving situation including density of the people evacuating the stadium, see Fig. 10. In all cases the component is able to simulate in faster-than-real-time and provide safe and optimised routes in a very short timeframe. The component runs continuously in the background, enabling the DSS operator to request the most up-to-date evacuation or first responder routes as and when they are required and allowing the dissemination of these to those on the ground to achieve the most efficient response to an incident possible.

Fig. 10
figure 10

Showing crowd density levels on routes surrounding the stadium (left) and first responders route represented by red line towards stadium (right)

Full size image

Finally, the last simulation according to the logical evolution of an event according to the drill would be the impact of the emergency on the traffic network of the city of Pilsen, see Fig. 11. On the basis of pedestrian evacuation data from the large-scale scenario where the full stadium was considered, the impact of unusual vehicle flows on the city’s traffic network was simulated. The number of spectators and the time of their arrival to the vehicle was taken as the output of the previous simulation (spectators’ escape from the stadium). The vehicles were directed by the traffic model to individual streets in Pilsen, where this traffic was added to the normal traffic. Congested intersections that can be controlled by the crisis scenarios were identified. At the same time, the fastest routes for integrated rescue system vehicles were identified. The effect of these pedestrian evacuation profiles would increase in approx. 700 vehicles per the first hour in the northern traffic section and 900 vehicles per the first hour in the southern section, leaving a high density of vehicles in both directions, as shown in Fig. 12.

Fig. 11
figure 11

GIS data representing the traffic network, parking lots and drill area to be unified with pedestrian evacuation

Full size image
Fig. 12
figure 12

Traffic network unusual status simulation graphical user interface

Full size image

During the evaluation process, various performance metrics were measured to assess the effectiveness and efficiency of the deployed system. These metrics included simulation time, system availability, recovery time, and latency. The obtained data, which provides valuable insights into the system’s performance, is presented in the table below (Tables 2 and 3).

Table 2 DSS performance analysis
Full size table
Table 3 Evaluation of experts and end-users via Likert scale [1–5]
Full size table

Following the completion of the drill, a discussion session was held among the participating intervention units and end users involved in the simulation. During this session, a collaborative evaluation was conducted using a Likert scale (ranging from 1 to 5) to assess the effectiveness, applicability, and usefulness of the different functionalities provided by the system during the decision-making processes. The table below presents the evaluations obtained not only from the exemplary case study in Pilsen but also from the other pilot studies, providing a comprehensive overview of the stakeholders’ feedback.

5 Strengths & limitations

The DSS offers a diverse range of functionalities that are crucial in both planning and real-time response phases in face of terrorist attacks. These functionalities can be categorized into three primary areas: threat analysis and impact study, evacuation management, and traffic monitoring.

Under the umbrella of threat analysis and impact study, the system assists users with powerful capabilities. They can visualize 3D simulations, providing qualitative insights into the behaviour and spread of fire and smoke in soft-targets under varying environmental conditions. Furthermore, the toolkit allows users to obtain virtual measurements in hypothetical fire and smoke scenarios, enabling a deeper understanding of the temporal evolution of FED and visibility. In addition, it facilitates the analysis of IED threats, generating probability maps that identify critical areas based on specific dynamic scenario conditions. Lastly, the system enables the study of the potential impact of mass shooting scenarios in soft-targets, generating statistical and visual results in terms of casualties considering intervention times, characteristics of the affected areas, and human movement patterns and behaviours.

Moving on to evacuation management, the system provides capabilities that empowers users to explore multiple evacuation scenarios. This feature facilitates the search for optimal evacuation strategies during the planning phase and assists in effective management during emergency responses. Also allows for real-time blocking of routes affected by emergencies, enabling the re-routing of evacuees through alternative safe routes. Users can access information about the optimal evacuation routes, taking into consideration various factors such as evacuee behaviours and dynamic scenario conditions. Additionally, the toolkit provides estimations of service levels for different evacuation routes, factoring in population density and potential congestion caused by the movement dynamics of evacuees.

In the realm of traffic monitoring, the system offers valuable functionalities for assessing and managing the city’s traffic conditions. It enables the calculation of near real-time traffic volumes within the transportation network, providing insights into the flow of vehicles. Users can estimate the impact of intervention and evacuation measures, such as the removal of speed limits or road blockages, on the traffic network. The toolkit also considers changes in geography (e.g., new buildings or obstacles) and demography (e.g., population density) when estimating the overall impact. Additionally, it supports the evaluation of the traffic network’s response to vehicle evacuations during emergency situations. Users can calculate optimal evacuation and intervention routes from various points in the city, considering the network’s current state and any unusual conditions arising from potential emergencies.

While the DSS provides valuable functionalities, it is important to acknowledge its limitations. For instance, the simulation of fire and smoke scenarios may not yield real-time results due to computational constraints, necessitating the use of pre-generated datasets. The performance of the crowd simulation may be influenced by the size of the model or the number of agents being simulated. Furthermore, simulating traffic behaviour requires access to a traffic model of the city, which may not be available.

Hence it is necessary to bear in mind these strengths and limitations when applying the system in particular scenarios. By leveraging the toolkit’s functionalities while being cognizant of its constraints, end users can make informed decisions and enhance their security preparedness and response strategies.

6 Conclusions & discussion

The utilization of emerging technologies and innovative methodologies in smart cities represents a significant advance in the ongoing fight against terrorism and the protection of citizen security. In this paper, we have presented a methodological design and implementation of a Decision Support System (DSS) that incorporates three layers: threat analysis, pedestrian movement simulation, and traffic monitoring. This comprehensive DSS supports private operators, law enforcement agencies, and local authorities to efficiently safeguard city soft targets.

Our research builds upon the foundation laid by previous studies, such as the introduction of a threat analysis framework for urban security management [36]. This framework focused on identifying and assessing potential risks associated with soft targets through the detection of risks, patterns and anomalies in urban environments. Furthermore, by incorporating concepts from Spatial Decision Support Systems (SDSS) approaches [17], our DSS enhances capabilities by integrating real-time simulation, pedestrian evacuation management, and traffic monitoring for more informed decision-making processes.

To validate the effectiveness of our system, it underwent rigorous expert judgment evaluation through three pilot studies, yielding highly satisfactory results. One of these pilots, conducted in the city of Pilsen, provided valuable drill data and on-site evaluation of the system’s performance across its various layers. This case study exemplified the benefits and characteristics of the DSS, including the analysis of primary terrorist threats, comprehensive evacuation management, and real-time monitoring of the traffic network. While our system has demonstrated its efficacy, it is essential to acknowledge its limitations and areas for future improvement. Currently, the system does not encompass all types of threats present in urban environments. Future trends in terrorism, as suggested by reports [9], indicate a shift towards simpler and less expensive attacks, such as knife attacks, or combined attacks, including cascading attacks or sabotage of critical infrastructures. Furthermore, exploring the potential interaction between terrorist threats and the traffic network opens up opportunities for developing anti-ramming measures in urban planning. These limitations should be viewed as catalysts for future research, driving the development of more comprehensive security and safety systems.

In the future, the advancements made in the development of DSS for anti-terrorist urban security can be leveraged to influence the early design phase of smart city urban planning. Specifically, these developments can contribute to the provision and creation of custom-tailored public spaces, serving as the initial line of defence against potential threats. By analysing public spaces and understanding the impact of their design on associated risks using a probabilistic assessment similar to that presented this study, urban planners can proactively incorporate security measures into the structural fabric of smart cities. This proactive approach aligns with the concept of Crime Prevention through Environmental Design (CPTED), which emphasizes the significance of the built environment in reducing criminal opportunities and enhancing safety [24]. By integrating the principles of CPTED with the results and recommendations provided by our DSS, city planners can create public spaces that not only fulfil their intended functions, but also mitigate potential security risks through tailored layout designs or the enhancement of deployed surveillance devices. For instance, the strategic placement of cameras, the visibility of spaces, and the implementation of surveillance techniques can enhance the perceived safety of individuals and deter potential threats. To support the integration of security considerations into urban planning, technologies such as Wi-Fi location detection [3] and data-driven analysis can be utilized together with this previous development. These tools provide insights into human behaviour patterns, crowd movement, and areas susceptible to potential security breaches, enabling urban planners to make informed decisions during the design phase. Additionally, the use of advanced modelling and simulation techniques can help assess the effectiveness of different design interventions and their impact on security outcomes.

In conclusion, our research contributes to the field of anti-terrorist urban security by presenting a DSS that leverages emerging technologies and methodologies within the context of smart cities. By addressing the minor limitations or areas not explored by previous studies [4, 7, 31], incorporating real-time simulation and assessment of the risks and impact of terrorist threats, pedestrian management, and traffic monitoring, our system provides decision-makers with valuable insights for threat analysis and emergency management, specifically focusing on pedestrian evacuation and its impact on the metropolitan traffic network. As we continue to refine and expand our system, we envision a future where security and safety systems evolve to address an increasingly diverse range of threats, ultimately enhancing the protection of our urban environments.