Physical Security Systems - Coursework Example

Introduction Physical security is an integrated set of physical measures intended to protect people, deter unauthorised access to property and to defend assets against theft, damage or sabotage. Physical security systems serve to mitigate identified risk by linking layered security elements to offer countermeasure through combined functions of deterring, detecting, delaying, responding and recovery (Coole & Brooks, 2014; Beardsley, 2013). The linked layered security systems denote the concept of physical protection system (PPS), which refers to a combination of people, equipment and procedures to attain physical protection of assets. The ultimate objective of PPS is to prevent attainment of covert or overt criminal actions through integration of deterrence, delay, detection and response based on Defence in Depth. The theory relate to system approach, which integrates individuals, equipment and people to become a barrier system. Underpinned as a security theory, Defence in Depth focuses on the key functions of a system to deter, delay, detect and response to crime activities (Coole et al., 2012). Decisions and practices aimed at effective realisation of such sequential functions are guided and set out by National and International standards such as such as AS/NZS 2201 alarm systems standards. The Standards define the characteristics needed for implementable technologies. Deterrence technologies include electrified fence, delay technologies include security lights. Delay technologies include locks and access control. Detection technologies includes CCTV camera while response technologies include sounding an alarm or siren. This paper argues that security standards and guidelines influence decisions for selection and implementation of physical security elements to ensure effective realisation of the benchmarking standards of interrupting and neutralising adversaries before they intrude. The steady state for benchmarking includes interruption and neutralisation of adversaries before they intrude. Background of PPS and Roles of Security Standards Systems theory explores a set of principles that apply to systems, regardless of the nature of their elements, forces or the relationship between them (Patton & McMahon, 2006; Mele et al., 2010). Therefore, effective functioning of a security system can only be achieved through integration of the interrelated parts. This also means that system objectives cannot be achieved, unless the interrelated components or entities are drawn to function as an integrated system, based on the set out standards that influence their selection and implementation. Such perspective was shared by (Coole & Brooks, 2014; Masaya et al., 2007). The assumption draws the benchmarking theory into perspective. The benchmarking theory suggests that process measurement data should be compared with standards for ‘best practices’ to achieve effectiveness. The rationale is that operating targets should be constructed on best practices. Benchmarks refer to a combination of descriptors and indicators that reflect the nationally acceptable or agreed minimum acceptable standards for purposes of promoting PPS (Harris, 2001; Feruza & Kim, 2007). In regards to PPS, Mbamali and Okotiem (2012) pointed out that to ensure optimal security based on ‘best practices’, decisions made at the building’s design phase regarding a building’s security performance should be in harmony with the fundamental building security standards (Dimuma, 2010; O'Neill, Rueda & Savage, 2009). Several countries have come up with national security standards for the technologies applied in deterring, delaying, detecting and response to crime activities (Bubshait & Al-Atiq, 1999). In the case of Australia, the Building Code of Australia (BCA) provides detailed guidelines and technical specifications for the product standards and installation of physical security elements such as aluminium security doors or grills (AS 5039-2008) and gates and electrified fences (AS/NZS 2311:2009). Standards support decision-making based on the theory of benchmarking. Hence, the standards assist in setting up security system benchmark by inferring about it by setting the physical security levels, diagnosing security problem and setting in terms of cost benefit analysis. The PPS integrates the physical, technical and procedural control components into the barrier system with the objective of ensuing detection, delay and response, as well as recovery from adversarial actions (Figure 1). Figure 1: Physical Protection System Hence, diagnosis is addressed by risk standards such as ISO 3100. Many control measures that aim to attain the elements of PPS are supported by a range of standards such as AS 4421 guards and patrols, AS/NZS 2201 intruder alarm systems, HB 221 business continuity management for recovery, AS/NZS 3809 safes and strong rooms, AS 3555 building elements testing, AS/NZS 2343:1997 Bullet-resistant panels and elements, AS 5185:2010 Protocol for lightweight authentication of identity (PLAID), AS 4145.2:2008 Locksets and hardware for doors and windows, AS 4145.5 Building hardware, and the AS/NZS 3016:2002 Electrical installations—Electric security fences. The requirements from the underlying design approaches are often overlooked by designers during decision-making. Instead, the owners’ requests are orientated to the environmental and organisational functionality. Hence, it is the obligation of the designers to understand and operationalise the broad level of requirements set out by the standards. The environmental or organisational goals have to be communicated and appropriately defined before starting the design. In some instances, designers need to explain additional details in the design process. Such design goals poses as the benchmark for measuring successful design. To this end, a steady state has to be determined for the system based on system’s goals. For this particular system, the goal is “interruption and neutralisation of adversaries before they intrude”. Hence, for the system to be viewed as affective, it has to attain these goals. Benchmarking is concerned with establishing a standard for the PPS. On the other hand, the standards of PPS are depicted by the calculated probability interruption of the system. To this end, the Performance Indicator (PI) can be applied in establishing and communication the PPS’s benchmark. In respect to benchmarking theory, the standards are vital for setting the security system benchmark by diagnosing the security risks through risk management and inference through setting the levels of physical security in relation to the desirable PI level. Hence, standards have their strengths and weaknesses. Roles of the Security Standards and Guidelines Determining performance benchmark and security objectives The standards play a critical role in setting out the performance objectives and benchmark for ensuring the goal of interruption and neutralisation of adversaries before they intrude is attained. Indeed, it should be noted that the standards aim to support decision-making in selection and installation security system, whose functional elements include detection, delay and response (Fenelly, 2012). On the other hand, benchmarking sets the standard for physical security components to achieve a performance indicator, which would be applied in establishing and communicating macro benchmark for the PPS. For instance, standards such as AS/NZS 2201 intruder alarm systems are critical benchmarking tools that specify the standards through which alarm systems can be measured. In return, these detection components alert the security personnel of the likely threats and breach of the security system or unauthorised entry at the time of occurrence or shortly after the occurrence. This helps in achieving interruption and neutralisation of adversaries before intrusion. Other standards such as AS 4806.1-2006 Closed circuit television aim to specify the standards through which video subsystems can be measured to ensure effective localisation and determination of the size and the intent of an unauthorised breach. Through delay, active and passive security measures are applied, such as using barriers and impeding intrusion in their attempt to attain their objective (Kruegle, 2011).These standards ensure that the physical CCTV is able to meet its benchmarking standards of ensuring the goal of interruption and neutralisation of adversaries before they intrude is achieved. Hence, the PPS should follow a systems approach to meet the set benchmarking standards. This aspect has been integrated by some standards and guidelines. For instance, Australian Government Physical Security Management Guidelines offer guidelines to measure physical security elements to ensure protection against crime activities, such as vandalism and theft, as well as, to cover the general health and safety concerns. At the same time, AS 4421 guards and patrols specify the minimum requirements for operating and managing organizations that provide protective security services. This ensures interruption and neutralisation of adversaries before they intrude. Hence, for the system to be viewed as affective, it has to attain these goals. Critically, Response involves the use of effectively trained security personnel (Oludele et al., 2009). Holistic effectiveness of physical security system The Standards play an integral role in ensuring the holistic effectiveness of PPS once they are consistent with the goals of ensuring interruption and neutralisation of adversaries before they intrude. In particular, this is since for the physical system to work effectively, the physical security elements or layers have to reflect the set out standards (Alach, 2007). It should be argued that since some standard require that designers should come up with physical security plans that integrate security risk content, security threat identification, security risk management, planning and development (Figure 2). They also be consistent with its guidelines for security zoning and risk mitigation, compliance with such measures plays a crucial role in ensuring that interruption and neutralisation of adversaries before they intrusion is achieved. For instance, the AS/NZS 2201 intruder alarm systems specify the specific benchmarks through which alarm systems can attain holistic effectiveness. Figure 2: Physical Protection System Effectiveness Accordingly, they require that several interrelated security component should be implemented to achieve interruption and neutralisation of adversaries before they intrude (Soltani & Yusof, 2012). Additionally, the Australian Standards HB 167:2006 Security risk management propose a holistic security system in planning a facility’s physical security system. For many security programs within an organisation, the principle of good security is strength. However, if the systems approach has to be integrated, it can be argued that this would be incomplete in solving the range of security needs and requirements. For a physical security system to work effectively, the components that make up the elements or layers have to be integrated into a multifaceted system (Figure 2). Establishing the ‘design threat’ to security system In respect to interrupting and neutralising adversaries before they intrude, the security standards play an integral role in establishing the ‘design threat’ to a security system. Fenelly (2012) defines the ‘design threat’ as consisting of particular types of attacks, in addition to, the comparative severity levels that can be directed at the protected facility in the course of its life cycle. Without the ‘design threat’, setting out the performance benchmark against which to measure the level of security system effectiveness would be difficult. To this end, since the standards take into perspective the types of hostile aggressors, within the facility area in addition to their objectives, the systems approach requires that a range of factors -- such as the type of entity to be protected, the client’s security preferences, the type of environment and the perceived risks and threats --- be considered in physical security system planning. At the same time, the nature of the likely aggressors has to be taken into perspective. For instance, the National and International Standards require that a range of factors are put into consideration when selecting the proper design threat. Fenelly (2012) proposes that in designing threat, there has to be a clear distinction between what design threat means and the estimated threat. The design threat is intrinsically interested with the extensive range of likely threats throughout the facility’s lifecycle (Fay, 2006; Garcia, 2001). Hence, an assumption is reached that while the security designing draws from the systems approach, its effectiveness depends on the benchmarking theory, which requires that planning of the physical security components be taken into perspective. Additionally, they should be implanted based on industry or nationally recognised standards (AMSC, 1987). The ‘design threat’ selection process should be holistic and based on set out standards, as it should evaluate the most significant aggressor types, such as protestors, criminal and terrorists, and the national strategies aimed at prevention the criminal activities (Garcia, 2001). Building integrated deterrence within the security system Standards are instrumental role in building integrated deterrence within the security system. Such deterrence strategies are aimed at interrupting and neutralising adversaries before they intrude. Mainly, the standards specify the anticipated level of deterrence required for a security system, against which the security performance for a protected facility can be measured. Hence, compliance with the standards has the potential to offer the security systems some degree of deterrence that is anchored in the level of sophistication and detection of the intruder, in addition to the comparative value and the severity of the security threats to critical assets. An integrated system would require a synchronised security system to be implemented to achieve interruption and neutralisation of adversaries before they intrude (Coole et al. 2012; Fay, 2006). For instance, deterrent security measures comprise visible security personnel forces, lighting system or inventory control system that is constantly updated and reviewed to deter insider theft. Standards, Such as Australian Government Physical Security Management Guidelines proposed a real-time security system that operates in modes, where an integrated real-time security system operates in ‘ingress prevention’ and ‘egress control’ (Australian Government, 2011; AMSC, 1987; Young & Leveson, 2014). Conversely, egress prevention may be more suitable for a shopping mall, where the objective includes interrupting and neutralising crimes such as be theft and sabotage (Coole et al. 2012). However, when the two operating modes are combined to become one integrated system, the system achieves in-depth security capability. For instance, the Australian Government Physical Security Management Guidelines outlines the Security-in-depth feature, which it perceives as a multi-layered system where security measures are integrated to complement each other, to prevent unauthorised intrusion and exit. The Australian Government Physical Security Management Guidelines specify such measures to include combing the physical measures and the personnel, procedural and information measures. These have the potential to achieve total delay. Determining outer layer site-related physical security The Standards help in determining the outer layer site-related physical security intended to interrupt and neutralise adversaries before they intrude. The exterior security is concerned with the outermost physical security system elements that are situated between the perimeter or the site and the protected facility. Within this perspective, standards enable outer physicals security to add to the efficacy of the integrated security system design in several ways. It is reason that by achieving being able to determine outer layer site-related physical security, the standards promote security system principles of managing and facilitating authorized access, deterring detecting, delaying and facilitating response (Feruza & Kim, 2007). Hence, in regards to benchmarking, the standards assist in setting up security system benchmark by inferring about it by setting the physical security levels, diagnosing security problem and setting in terms of cost benefit analysis. For instance, the Australian Government Physical Security Management Guidelines and AS 3555 building elements testing provide the design guidelines and the related measuring the PPS functions: deterring, detecting, delaying, responding. The Standards address the site perimeter fencing and standards or vehicle barriers, exterior site layout, standards and guidelines for CCTV threat assessment (Australian Government, 2011). Drawing on perspectives of the security approach, whenever physical barrier is erected, it should just be a part of an integrated set of layer of physical security (Fennelly, 2012). Limitation of the Standards In general, standards such as AS 4421 guards and patrols, AS/NZS 2201 intruder alarm systems, AS/NZS 3809 safes and strong rooms, AS 3555 building elements testing focus on quality and total integrated of the system layers while disregarding other essential elements, such as the design of the facility and cost, both of which play a critical role in interrupting and neutralising adversaries before they intrude (Kaliba et al. 2009; (Prezelj, 2012). Additionally, security guidelines such as Australian Government Physical Security Management Guidelines require that the projects designers and planners must always consider the total security of the protected facility. This may however come at an extra cost, hence limiting their adoption to achieve interruption and neutralisation of adversaries before they intrude (Lee, 2008; Jones et al., 2006). The standards may also fail to meet the benchmarking standards of interrupting and neutralising adversaries before they intrude because they tend to be non-specific in nature. For instance, some standards such as AS 3555.1–2003 specify that building components used for PPS should conform to the set out national standards. This in itself is a problem in planning for physical security design, since the designers and architects are, on the other hand, more concerned about the aesthetic feature of the facility (Dusenberry, 2010). Hence, the designers may not base their decisions on the standards, since they tend to focus on increasing the aesthetic value of a facility. On the other hand, while designers may seek improve the seismic survivability or the energy conservation of a system. These may hamper the physical protective system’s objectives of meeting the benchmarking standards of interrupting and neutralising adversaries before they intrude (Challinger, 2008). At the same time, the Standards fail to give guideline on how such conflicting decision need to be recognised and handled (Rumelili, 2013). Additionally, since facility is faced by a range of other factors, such as the regulations, political, procedural, area-related issues and financial constraints, they fail to specify how such conflicts should be handled to ensure the security design elements are not compromised or eliminated (Jonathan, 2009). They also give little consideration to cultural factors in specifying physical security component (Kahan et al., 2010). All these may hamper decision-making processes. These limit the capability of the standards to meet the benchmarking standards of interrupting and neutralising adversaries before they intrude because they tend to be non-specific in nature. Conclusion Security standards and guidelines influence decisions for selection and implementation of physical security elements to ensure effective realisation of the benchmarking standards of interrupting and neutralising adversaries before they intrude. Having set the goal of the standards (steady state) to be interruption and neutralisation of adversaries before they achieve intrusion, it is possible to determine the strengths and weaknesses of the security standards. Accordingly, the standards provide a benchmark against which the physical security elements can be selected and implemented. The guidelines such as Australian Government Physical Security Management Guidelines base their guidelines on the assumption that no specific physical security component or layer can effectively fulfil all security needs. To this end, the key strengths of the standards include playing a critical role in setting out the performance objectives and benchmark for ensuring the goal of interruption and neutralisation of adversaries before they intrude is attained. The standards also play an integral role in ensuring the holistic effectiveness of PPS once they are consistent with the goals of ensuring interruption and neutralisation of adversaries before they intrude. In respect to interrupting and neutralising adversaries before they intrude, the security standards play an integral role in establishing the ‘design threat’ to a security system. Standards are also instrumental role in building integrated deterrence within the security system. Such deterrence strategies are aimed at interrupting and neutralising adversaries before they intrude. The standards help in determining the outer layer site-related physical security intended to interrupt and neutralise adversaries before they intrude. Reference List Alach, Z. (2007). Mapping the elements of physical security towards the creation of a holistic physical security model. This thesis is presented for the degree of Master of Science (Security Science) at Edith Cowan University AMSC. (1987). Military Handbook Design Guidelines For Physical Security Of Facilities. Retrieved: Australian Government. (2011). Physical security management protocol. Barton Act 2600: Business Law Branch Attorney-General’s Department Beardsley, J. (2013). Security 101: Understanding the Common Layered Security Concept. The Valley Business Journal Bubshait, A. & Al-Atiq, T. (1999). ISO 9000 Quality standards in Construction. Journal of Management in Engineering 15(6), 41-46 Challinger, D. (2008). From the Ground Up: Security for Tall Buildings. CRISP Report. Alexandria, VA: ASIS Foundation, Inc Coole, M. & Brooks, D. (2014). Do Security Systems Fail Because of Entropy? Journal of Physical Security 7(2), 50-76 Coole, M., Corkill, J. & Woodward, A. (2012). Defence in Depth, Protection in Depth and Security in Depth: A Comparative Analysis Towards a Common Usage Language. Paper published in the Proceedings of the 5th Australian Security and Intelligence Conference, Novotel Langley Hotel, Perth, Western Australia, 3rd-5th December, 2012 Dimuma, K. (2010). Incessant Incidents of Building Collapse in Nigeria: A Challenge to Stakeholders. Global Journal of Researches in Engineering 10(4), 75-84 Dusenberry, D. (2010). Handbook for Blast Resistant Design of Buildings. New Jersey: John Wiley & Sons Fay, J. (2006). Contemporary Security Management. Burlington, MA: Butterworth-Heinemann Fenelly, L. (2012). Effective Physical Security. (4th ed.) Waltham, MA: Butterworth-Heinemann Feruza, S. & Kim, T. (2007). IT Security Review: Privacy, Protection, Access Control, Assurance and System Security. International Journal of Multimedia and Ubiquitous Engineering 2(2), 17-30 Garcia, M. (2001). Analysis and Evaluation. In The Design and Evaluation of Physical Protection Systems. Boston: Butterworth-Heinemann. Harris, R. (2001). Benchmarking: Theory and Practice. New Zealand Universities Academic Audit Unit Jonathan, J. (2009). A psychological perspective on vulnerability in the fear of crime. Psychology, Crime and Law, 15 (4), 1-17 Jones, D., Davis, C., Turnquist, M. & Nozick, L. (2006). Physical Security and Vulnerability Modeling for Infrastructure Facilities. California: Sandia National Laboratories Kahan, D., Jenkins, H. & Braman, D. (2010). Cultural cognition of scientific consensus. Journal of Risk Research, 1–28 Kaliba, C., Muya, M. & Mumba, K. (2009). Cost escalation and schedule delays in road construction projects in Zambia. International Journal of Project Management, 27, 522-531 Masaya, N., Goto, J., Morino, J., Yanoo, K, Sakaki, H & Terasaki, H. (2007). "Cooperative Security" Breaks the Limits of Traditional Security Measures. NEC Technical Journal 2(1), 11-16 Mbamali, I. & Okotiem, A. 2012. An Assessment of the Threats and Opportunities of Globalization on Building Practice in Nigeria. American International Journal of Contemporary Research 2(4), 143-150 Mele, C., Pels, J. & Polesce, F. (2010). A Brief Review of Systems Theories and Their Managerial Applications. Service Science 2(1/2), 126 – 135 Kruegle, H. (2011). CCTV Surveillance: Video Practices and Technology. Burlington, MA: Butterworth-Heinemann Lee, M. (2008). Fear of Crime: Critical Voices in an Age of Anxiety. New York: Routledge Oludele, A., Ogunnusi A., Omole O. & Seton O. (2009). Design of an Automated Intrusion Detection System incorporating an Alarm. Journal of Computing, 1(1), 149-157 O'Neill, D., Rueda, R. & Savage, J. (2009). Security Design for Sustainable Buildings and Campuses. Applied Risk Management Patton, W. & McMahon, M. (2006). The Systems Theory Framework Of Career Development And Counseling: Connecting Theory And Practice. International Journal for the Advancement of Counselling 28(2):pp. 153-166 Prezelj, I. (2012). Challenges in Conceptualizing and Providing Human Security. HUMSEC Journal, Issue 2, 1-22 Rumelili, B. (2013). Identity and desecuritisation: the pitfalls of conflating ontological and physical security. Journal of International Relations and Development doi: 10.1057/jird.2013.22 Soltani, F. & Yusof, M. (2012). Concept of Security in the Theoretical Approaches. Research Journal of International Studies 1, 7-16 Young, W. & Leveson, N. (2014). An Integrated Approach to Safety and Security Based on Systems Theory. Communications Of The ACM. 57(2), 31-35 Read More