|
All facilities face
a certain level of risk associated with various threats. These
threats may be the result of natural events, accidents or
intentional acts to cause harm.
Regardless of the nature of the threat, the Whole Building Design
Group, a collaborative of federal agencies and private sector
companies that design security standards, facility owners have a
responsibility to limit or manage risks from these threats to the
extent possible.
Some federal agencies have issued their own security design
standards. The most prominent of these are the DOD Unified
Facilities Criteria Minimum Anti-Terrorism Standards for Buildings
and the Interagency Security Committee (ISC) Security Design
Criteria. While there are currently no universal codes or standards
that apply to both public and private sector buildings, most
designers
agree that security issues must be addressed in concert with other
design objectives and integrated into the overall building design
throughout the process to ensure a quality building with effective
security. This concept is known as multi-hazard design.
Depending on the building type, acceptable levels of risk, and
decisions made based on recommendations from a comprehensive threat
assessment, vulnerability assessment, and risk analysis, appropriate
countermeasures should be implemented to protect people, assets
and mission. Types of attack and threats to consider include:
• Unauthorized entry (forced and covert);
• Insider threats;
• Explosive threats: Stationary and moving vehicle-delivered, mail
bombs, package bombs;
• Ballistic threats: Small arms, high-powered rifles, drive-by
shootings, etc.;
• Weapons of mass destruction (chemical, biological and
radiological); and
• Cyber and information security threats.
Basic to realizing an effective security plan and design is the
implementation of appropriate countermeasures to deter, delay,
detect and deny attacks. Of ten times the countermeasures work on
the layered defense concept or “Onion Philosophy.” This concept
provides for increasing levels of security from the outer areas of
the site or facility towards the inner, more protected areas. Some
or
all of the issues outlined below need consideration for effective
security design and building operations.
Unauthorized Entry (Forced and Covert): Protecting the facility and
assets from unauthorized persons is an important part of any
security system.
Some items to consider include:
• Compound or facility access control;
• Control perimeter: Fences, bollards, anti-ram barriers;
• Traffic control, remote controlled gates, anti-ram hydraulic drop
arms, and hydraulic barriers, parking;
• Forced-Entry-Ballistic Resistant (FEBR) doors and windows;
• Perimeter intrusion detection systems;
• Clear zone;
• Video and CCTV;
• Alarms;
• Detection devices (motion, acoustic, infrared);
• Personnel identification systems;
• Access control, fingerprints, biometrics,
ID cards;
• Protection of information and data;
• Acoustic shielding;
• Shielding of electronic security devices
from hostile electronic environment;
and
• Secure access to equipment, networks, and hardware, e.g.
satellites and telephone systems.
Insider Threats: One of the most serious threats may come from
persons who have authorized access to a facility.
These may include disgruntled employees or persons who have gained
access through normal means (e.g., contractors, support personnel,
etc). To mitigate this threat some items to consider include:
• Implement personnel reliability programs and background checks;
and
• Limit and control access to sensitive areas of the facility.
Explosive Threats: Stationary and Moving Vehicle-Delivered, Mail
Bombs, Package Bombs. Explosive threats tend to be the criminal and
terrorist weapon of choice. Devices may include large amounts of
explosives that require delivery by a vehicle. However, smaller
amounts may be introduced into a facility through mail, packages, or
simply hand carried in an unsecured area.
Normally the best defense is to provide defended distance between
the threat location and the asset to be protected.
This is typically called standoff distance. If standoff is not
available or is insufficient to reduce the blast forces reaching the
protected asset, structural hardening may be required. If introduced
early in the design process, this may be done in an efficient and
cost-effective manner. If introduced late in a design, or if
retrofitting an existing facility, such a measure may prove to be
economically
difficult to justify. Some items to consider include:
• The design team should include qualified security and blast
consulting professionals
from the concept stage forward.
• Provide defended standoff with rated or certified devices such as
fencing, bollards, planters, landscaping, or other measures that
will stop persons, if required, and vehicle delivered threats.
• Consider structural hardening and hazard mitigation designs such
as ductile framing that is capable of withstanding abnormal loads
and preventing progressive collapse, protective glazing,
strengthening of walls, roofs, and other facility components.
• Design the facility with redundant egress and other critical
infrastructure to facilitate emergency evacuation and control during
an event.
Ballistic Threats: These threats may range from random drive-by
shootings to high-powered rifle attacks directed at specific targets
within the facility. It is important to quantify the potential risk
and to establish the appropriate level of protection. The most
common ballistic protection rating systems include: Underwriters
Laboratories (UL), National Institute of Justice (NIJ), H.P. White
Laboratory, and ASTM International.
Materials are rated based on their ability to stop specific
ammunition (e.g., projectile size and velocity). Some items to
consider include:
• Visual shielding, such as opaque windows or screening devices;
• Ballistic resistant rated materials and products; and
• Locating critical assets away from direct lines of sight.
Weapons of Mass Destruction: Chemical, Biological, and Radiological
(CBR) — Commonly referred to as WMD, these threats generally have a
low probability of occurrence but the consequences of an attack may
be extremely high. While fully protecting a facility against such
threats may not be
feasible with the exception of very special facilities, there are
several common sense and low cost measures that can improve
resistance and reduce the risk from the WMD threat. Some items to
consider include:
• Protect pathways into the building;
• Control access to air inlets and water systems;
• Provide detection and filtration systems for HVAC systems;
• Provide for emergency HVAC shutoff and control;
• Segregate portions of building spaces (i.e., provide separate HVAC
for the lobby, loading docks, and the core of the building);
• Consider providing positive pressurization to keep contaminates
outside of the facility; and
• Provide an emergency notification system to facilitate orderly
response and evacuation.
Cyber and Information Security Threats: In today’s world, business
continuity and mission function rely heavily on the transmission,
storage, and access to a wide range of electronic data and
communication systems. Protecting these systems from attack is
critical for most users ranging from individuals, businesses, and
government agencies.
Some items to consider include:
• Understand and identify the information assets that you are trying
to protect.
These may include personal information, business information such as
proprietary designs or processes, national security information, or
simply the ability of your organization to communicate via email and
other LAN/WAN functions.
• Protect the physical infrastructure that supports information
systems. For example, if your computer system is electronically
secure but is vulnerable to physical destruction you may not have
achieved an adequate level of protection.
• Provide software and hardware devices to detect, monitor, and
prevent unauthorized access to or the destruction of sensitive
information.
Balancing Security and Sustainability
Providing for sustainable designs that meet all facility
requirements is often a challenge to the design community. With
limited resources it is not always feasible to provide for the most
secure
facility, the most architecturally expressive design, or energy
efficient building envelope. From the concept stage through the
development of construction documents, it is important that all
project
or design stakeholders work cooperatively to ensure a balanced
design.
Successful designs must consider all competing design objectives.
Designing for Fire Protection and
Physical Security Care should be taken to implement physical
security measures that allow fire
protection forces access with to sites and buildings and building
occupants with adequate means of emergency egress. The General
Services Administration has conducted a study and developed
recommendations on design strategies that achieve both secure and
fire safe designs. Specifically,
the issue of emergency ingress and egress through blast resistant
window systems was studied.
Training was developed based on this information and is available at
www.oca.gsa.gov/fire-
fighter/introduction.php.
Integrated
Systems
In recent years, there has been a general trend towards integrating
various stand-alone security systems, integrating systems across
remote locations, and integrating security systems with other
systems such as communications, and fire and emergency management.
For example, CCTV, fire, and burglar alarm systems have been
integrated to form the foundation for access control.
FSM
— Source: The Whole Building Design Group Safe Committee
|
