Safeguarding resilience at UK Airports
Above: Heathrow Airport.
Copyright Shutterstock
On the evening of 20th March this year, Europe’s busiest airport, London Heathrow, faced a significant test to its operational resilience.
A major power outage at the North Hyde 275kV substation triggered widespread disruption, impacting thousands of domestic and commercial customers in the region, among them Heathrow.
The airport, as a linchpin of Critical National Infrastructure (CNI), felt the most severe consequences, with its operations closed, flights grounded and the travel plans of more than 270,000 air passengers disrupted.
In the aftermath of the blackout, Energy Secretary Ed Miliband tasked the National Energy System Operator (NESO) with conducting a detailed investigation into the root cause and sequence of events.
NESO’s interim report was released last week and focused on reconstructing the timeline of the event and identifying failure points, offering a valuable opportunity for reflection, not just for energy and airport infrastructure but for all CNI sectors dependent on complex, interconnected systems.
The challenge of integrated resilience with fragmented accountability
Airports, by their nature, are highly reliant on third-party services like power, water, IT and transport, yet they have limited visibility into the resilience measures those providers implement.
Although all CNI sectors adhere to overarching regulatory frameworks, fragmented accountability makes integrated resilience difficult to achieve.
Heathrow’s experience reinforced the challenge: the airport didn’t trigger the power outage, but it felt the most severe consequences of the incident.
The airport industry’s ethos of 'safety first' is critical, yet it often means even seemingly minor incidents can cause significant delays.
Airports operate under the ethos of 'if in doubt, stop and check'. This philosophy is built into everything from fire alarms to airfield incursions. A single incident, such as an unattended bag or a fire alarm triggered by a faulty sensor, can cause cascading delays.
From the outside, these may seem disproportionate. However, inside the operations centre, the stakes are high. Misjudging a threat or failing to respond to an incident quickly could lead to severe consequences.
In major disruptions like power failures, recovery delays often exceed the duration of the incident, due to the need to verify safety, security and system functionality. Therefore, the true impact of such incidents often lies not in the outage itself but in the time it takes to return to a normal operational state.
Airlines must reroute flights and reposition aircraft, flight crews timeout while displaced baggage needs to be managed. These disruptions compound rapidly and the reputational and financial fallout can be significant.
With losses likely in the millions, airports must learn from the Heathrow incident and focus on enhancing resilience, reducing disruptions and accelerating recovery timelines.
What airports can learn from scenario testing
Airports are tightly regulated for safety and security, with the Network Information Systems (NIS) Directive requiring measures to strengthen cyber resilience, including identifying critical third-parties. They also regularly conduct scenario planning to prepare for major incidents, ranging from tabletop exercises to full-scale simulations, which are designed to test communication, coordination and decision-making.
However, these drills often only focus on the response phase, the immediate crisis management but less on the resumption phase: the safe, secure and timely return to operations.
This leaves a potential gap in preparedness.
By drawing lessons from financial services, airports could adopt more sophisticated scenario testing frameworks which don’t only focus on response but also on the restoration of normal services.
In the financial sector, where service availability is critical to economic stability, regulators have placed renewed emphasis on operational resilience. Firms are required to identify their truly critical services and be able to recover them before intolerable harm materialises for customers, the firm, or the broader market.
Initiatives like the recently released Operational Resilience Policies and the EU’s Digital Operational Resilience Act (DORA) require firms to map third-party dependencies, conduct scenario testing to safeguard operations and maintain robust recovery playbooks.
Mirroring financial sector practices could help airports identify weaknesses that could hamper their ability to resume operations quickly.
Scenario testing should involve other airports and essential service providers, such as electricity, water and transport. Involving all relevant stakeholders in scenario testing is essential to identify and mitigate single points of failure and develop strategies for improving resilience.
By evolving scenario testing to include recovery as a core component, airports can strengthen their overall resilience posture. It can also challenge them to take off the rose-tinted glasses of expert judgement and use technical and live testing to increase confidence in their resilience.
This not only mitigates disruption during real-world incidents but also helps maintain public trust, protect critical infrastructure, while significantly reducing financial and reputational damages.
Resilience is not just about prevention, it is also about fast and confident recovery.
