COLUMN: Why Explainable AI Is Not Enough for Homeland Security Operations

Homeland security warning rarely arrives as a clean signal. Consider that, at a major public event, cyber defenders may see unusual access attempts, local officials may see crowd-flow disruptions, public-safety teams may receive drone reports, transportation operators may notice unexpected delays, and analysts may watch social media, emergency calls, sensor feeds, and field reports for weak indicators. Each signal may be ambiguous on its own, and none may be enough to trigger a major response.

The more important question may be whether the relationships among those signals are changing. In other words, the warning may not be that one data point is strange, but that the system itself has changed shape.

That distinction becomes more important as homeland security organizations adopt artificial intelligence for threat detection, triage, fusion, and decision support, and begin to wrestle with the inherent uncertainty in AI systems. The Department of Homeland Security has rightly emphasized responsible AI adoption, AI maturity, and transparency as part of its AI strategy and roadmap efforts. But as agencies move from experimentation to operations, one lesson deserves more attention: explainable AI is necessary, but it is not sufficient.

A system can explain why it assigned a high score and still fail to answer the operational question that matters most: what changed, when did it change, and what evidence supports the warning?

The limits of the anomaly mindset

Much of the public discussion around AI-enabled warning focuses on anomaly detection. That is understandable. Homeland security missions often involve large volumes of data, limited analytic time, and a need to identify signals that deviate from normal patterns. Anomaly detection can help prioritize attention and reduce the burden on analysts and operators.

But not every mission-relevant warning is a point anomaly. For example, cyber defense is not just about whether one login is unusual. It is about relationships among identities, devices, privileges, services, dependencies, and routes. Counter-UAS operations are not just about whether a single drone appears near a restricted site. They involve airspace, sensors, radio-frequency conditions, operators, effectors, public-safety constraints, and crowd dynamics. Biosurveillance is not just about whether one clinic reports an unusual symptom pattern. It depends on relationships among symptoms, geography, mobility, lab reporting, environmental signals, and healthcare-seeking behavior. Critical infrastructure resilience is not just about whether one node fails. It depends on dependencies across physical, cyber, supply-chain, and human systems.

Traditional anomaly detection asks whether one observation looks unusual. Homeland security operations often need a broader question: are the relationships among observations changing in a mission-relevant way?

Explainability is not the same as evidence

The explainable AI debate is often framed as a model problem. Can the system tell us which features influenced a prediction? Can it provide a confidence score? Can it generate a plain-language rationale? Can a human understand why the model produced a recommendation?

Those are important questions. NIST’s AI Risk Management Framework treats explainability and interpretability as part of a broader set of trustworthy AI characteristics that also includes validity and reliability, safety, security and resilience, accountability and transparency, privacy, and fairness. NIST also distinguishestransparency, explainability, and interpretability: transparency helps answer what happened, explainability helps answer how a decision was made, and interpretability helps answer why the output matters in context.

That distinction is especially important for homeland security. In a high-consequence setting, an explanation is not enough if it cannot be tied back to evidence.

A system that says “risk score: 0.87” may be useful for triage. A system that adds “the score increased because of recent activity in these categories” may be more useful. But an operator, supervisor, civil-liberties reviewer, inspector general, or after-action team may need something more concrete: the data relationships that changed, the time window in which they changed, the sources that contributed to the warning, and whether the same inputs would produce the same result again.

Operational trust requires more than simply a plausible explanation. It also requires evidence that can be reviewed, replayed, and challenged.

The case for structural warning

Homeland security agencies should begin thinking in terms of structural warning.

Structural warning is the detection of meaningful changes in how a system is connected, organized, or coordinated. It is less concerned with whether one data point is unusual and more concerned with whether the pattern of relationships has shifted.

A structural-warning mindset asks questions such as:

Did the network fragment? Did previously separate clusters become connected? Did a coverage gap appear? Did a feedback loop or cycle emerge? Did a group of actors, sensors, devices, or signals reorganize? Did confidence relationships among fused data sources change?

One family of methods useful for this problem comes from topology, the mathematics of shape and connection. In operational terms, topological methods can help analysts reason about components, loops, holes, fragmentation, and persistence across scale. The technical term “persistent homology” may sound far removed from homeland security practice, but the underlying idea is intuitive: some patterns are fragile and disappear when viewed at a different scale; others persist and may represent more robust structure.

For homeland security, the value is not mathematical novelty. The value is a different way of seeing warning. Some threats do not appear at first as unexpected data points. They appear as changes in system shape.

Data fusion is where structural warning may be especially valuable. Fusion is not simply the accumulation of more feeds in a common operating picture; it is the analytic process of relating observations from different sources so they can become actionable knowledge. In homeland security operations, a fused picture may combine sensor tracks, cyber logs, suspicious activity reports, emergency calls, social-media observations, field reporting, and partner-agency data. The hard question is often not whether each input has an explanation. It is whether the fused relationships among inputs remain coherent as conditions change.

A structural-warning layer could help analysts evaluate the fusion process itself. Are independent sources corroborating one another, or is the picture being driven by a small number of fragile links? Are sensor reports forming a stable cluster, or is confidence fragmenting across agencies, geographies, or time windows? Did a new bridge appear between previously separate streams, suggesting a possible emerging pattern? Did a coverage hole appear because a sensor failed, a reporting channel went quiet, or an area was never well observed?

Used this way, structural methods would not replace analyst judgment. They would give fusion teams a way to inspect, replay, and explain how a fused picture came together – and whether the structure behind it is strong enough to support action.

Where this matters

Counter-UAS and public events offer a clear example. A single drone sighting may be a nuisance, an accident, a hobbyist mistake, or something more serious. The larger warning may come from the pattern: multiple reports, shifting sensor coverage, radio-frequency interference, airspace constraints, crowd density, and public-safety response options beginning to interact in a new way. DHS Science and Technology has emphasized the need to assess counter-UAS technologies in both laboratory and real-world operational environments, reflecting the practical complexity of this mission space. Structural warning would not replace counter-UAS tools. Instead, it would help operators ask whether the operational environment itself is reorganizing.

Cyber and critical infrastructure present another case. CISA’s critical infrastructure security and resilience mission already recognizes that infrastructure risk crosses sectors, systems, and dependencies. Cyber defenders routinely work with graphs, whether or not they call them that: users, devices, credentials, services, privileges, network paths, cloud resources, vendors, and dependencies. A structural approach asks whether hidden loops, unexpected bridges, fragmentation, or new pathways are emerging across those graphs. It complements traditional alerts by showing how the shape of the network may be changing.

Fusion centers, biosurveillance teams, and border-security organizations face a similar challenge. They are designed to bring together information from multiple sources, but fusion can create as much uncertainty as clarity when sources duplicate, conflict, corroborate, or drift in quality over time. Structural warning can help identify when weak signals are becoming coherently connected, when a fused picture is fragile, or when a coverage gap is shaping the result. That is not automation for its own sake; it is a way to help analysts interrogate and explain emerging patterns before they become operational assumptions.

What leaders should ask

The homeland security enterprise does not need to turn every operator or analyst into a mathematician. But it should ask better questions of AI-enabled warning systems.

First, does the system detect relationship change, or only point anomalies? A dashboard may show alerts and confidence scores without revealing whether a network is fragmenting, a sensor environment is developing a coverage gap, or a cyber graph is forming unexpected pathways.

Second, does the system produce evidence, or only alerts? Analysts should be able to inspect which entities, edges, sensors, observations, or relationships contributed to a warning.

Third, can the result be replayed? If the same data and analytic settings are used later, the organization should be able to reproduce the output or understand why it changed.

Fourth, can the explanation travel across audiences? Operators, engineers, program managers, oversight officials, and legal reviewers do not need the same level of detail. A useful system should support multiple levels of explanation without breaking the evidence chain.

Fifth, does the tool support human judgment rather than bypass it? Structural warning should help people ask better questions. It should not become a substitute for expertise, tradecraft, legal review, or command responsibility.

Sixth, does the system help assess the quality of the fused picture? A useful system should help analysts see when sources are corroborating one another, when confidence is fragmenting, when a fused judgment rests on thin evidence, or when the apparent pattern may be an artifact of the fusion process itself.

Structural warning is not magic

Structural warning is not a replacement for conventional anomaly detection, intelligence analysis, cyber defense, privacy review, civil-liberties oversight, or public-safety judgment. Nor is every homeland security dataset suited to topological or graph-based analysis. Some problems are simple threshold problems. Some are classification problems. Some require human reporting more than computation.

The value appears when the mission problem is relational, dynamic, and high-consequence – and when the analytic output must be defended after the fact.

That last condition is crucial. Homeland security operations take place under public scrutiny, legal constraint, operational uncertainty, and interagency complexity. An alert that cannot be reconstructed later is a weak foundation for trust. A warning that preserves its evidence chain is stronger, even when the final decision remains a human one.

Better AI requires better evidence

The next stage of homeland security AI should not be judged only by whether models are more accurate or explanations are more fluent. Accuracy and explainability matter, but operational trust also depends on whether mission teams can understand what changed, why it matters, and what evidence supports the call.

For high-consequence warning systems, homeland security leaders should ask whether AI-enabled tools can detect structural change, preserve the evidence behind a warning, and allow that evidence to be replayed and challenged. That is the difference between an alert that merely demands attention and an analytic judgment that can support action, oversight, and learning.

The homeland security enterprise does not need AI systems that simply sound more confident. It needs systems that help people reason under uncertainty. Better models will matter, but better evidence will matter just as much.

Mark Bailey, PhD, writes at the intersection of artificial intelligence, complexity science, intelligence analysis, and national security. He is the founder of DataField Intelligence and a lieutenant colonel in the U.S. Army Reserve. His work focuses on how high-consequence organizations can use artificial intelligence, advanced analytics, graph and network methods, and complexity-informed models in ways that are operationally useful, explainable, auditable, and accountable. Dr. Bailey’s military service has included intelligence, data-science, counterproliferation, chemical and biological defense, and consequence-management assignments. In the Army Reserve, he has served in defense intelligence roles focused on artificial intelligence, chemical and biological warfare threats, CBRNE analysis, and biological-threat assessment. He supported the Defense Intelligence Agency as a data-science and AI subject-matter expert focused on biological threat assessment, and served as a Chemical and Biological Support Officer in a Consequence Management Unit. Earlier in his career, he served as an Army technical advisor to the U.S. Department of State’s Bureau of International Security and Nonproliferation, where he advised on chemical and biological security issues and supported nonproliferation and arms-control initiatives. During Operation United Assistance in 2014, he deployed to Liberia as officer in charge of a forward-deployed Ebola diagnostics laboratory, overseeing analysis in support of treatment and containment operations. Dr. Bailey previously served as an associate professor at the National Intelligence University, where he chaired the department responsible for AI, cyber intelligence, influence, and data science and directed the Biological and Computational Intelligence Center. His teaching and research have addressed data science mathematics, algorithmic warfare, science and technology intelligence, AI-enabled decision support, advanced visualization, and research design for intelligence applications. He has supervised and advised applied AI and data-science work involving graph analytics, machine learning, simulation modeling, opinion dynamics, hypernetworks, and sentiment analysis in national-security contexts. Before founding DataField Intelligence, Dr. Bailey held technical and analytic roles supporting intelligence, defense, biodefense, and emerging-technology missions. His experience includes work on AI-enabled decision support for the Algorithmic Warfare Cross-Functional Team, open-source intelligence exploitation for Marine Corps intelligence missions, public-sector advisory support to Intelligence Community clients, biodefense research leadership at the U.S. Army Medical Research Institute of Infectious Diseases, and postdoctoral research at the National Institute of Standards and Technology. Dr. Bailey is the author of Unknowable Minds: Philosophical Insights on AI and Autonomous Weapons, which received recognition from the Military Writers’ Association of America and the Nonfiction Authors Association. His writing has appeared in Futures, Nautilus, The Conversation, Joint Force Quarterly, and Homeland Security Today, among other outlets. He was named one of Homeland Security Today’s “50 Trailblazers” in 2023 and received the Army Command and General Staff College’s Order of the Iron Pen for his Homeland Security Today essay on artificial intelligence weapons and weapons of mass destruction. He holds a PhD in bioengineering from the University of Kansas, an MS in technology intelligence from the National Intelligence University, an MS in chemical engineering from the University of Kansas, and a BS in chemical engineering from the University of Pittsburgh. He is also a Project Management Professional and a DAWIA-certified science and technology manager.

Related Articles

Latest Articles