Page 27

4

Security Guidelines for Sites and Buildings

INTRODUCTION

This chapter provides guidelines for temporary and permanent measures to secure sites and buildings against hostile attack. It is important to recognize that security measures for sites and buildings may vary from temporary to permanent based on threat assessment. Temporary measures are those protective measures that can be added to the building for a limited period of time and then removed. Temporary measures are reversible in that once they are removed, the building reverts to its original state. For example, during a period of high threat alert, certain building entrances can be closed and barricaded. When the threat subsides, these entrances can be put back into use with no permanent effect on the building or its operations.

Permanent protective measures are lasting modifications to the building or its operations when the long-term threat level is high or continuous. For example, a temporarily closed and barricaded building entrance may be permanently secured through the placement of bollards or planters outside the entrance.

Temporary security measures or other modifications made in response to passing threats should be systematically evaluated for permanent continuation, reduction to some intermediate level,



The National Academies | 500 Fifth St. N.W. | Washington, D.C. 20001
Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement



Below are the first 10 and last 10 pages of uncorrected machine-read text (when available) of this chapter, followed by the top 30 algorithmically extracted key phrases from the chapter as a whole.
Intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text on the opening pages of each chapter. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.

Do not use for reproduction, copying, pasting, or reading; exclusively for search engines.

OCR for page 27
Page 27 4 Security Guidelines for Sites and Buildings INTRODUCTION This chapter provides guidelines for temporary and permanent measures to secure sites and buildings against hostile attack. It is important to recognize that security measures for sites and buildings may vary from temporary to permanent based on threat assessment. Temporary measures are those protective measures that can be added to the building for a limited period of time and then removed. Temporary measures are reversible in that once they are removed, the building reverts to its original state. For example, during a period of high threat alert, certain building entrances can be closed and barricaded. When the threat subsides, these entrances can be put back into use with no permanent effect on the building or its operations. Permanent protective measures are lasting modifications to the building or its operations when the long-term threat level is high or continuous. For example, a temporarily closed and barricaded building entrance may be permanently secured through the placement of bollards or planters outside the entrance. Temporary security measures or other modifications made in response to passing threats should be systematically evaluated for permanent continuation, reduction to some intermediate level,

OCR for page 27
Page 28or elimination. Table 4-1 shows an example of what could be considered a typical federal office building threat response matrix that could be used in cases of advance notice of different levels of threat. In this example, as the level of threat increases, the security measures increase. A matrix similar to this could be developed by a security management team and provided to the building's operator. The matrix would be updated as building changes occur (such as new doors installed) and would concentrate on actions to take in response to threats as opposed to minimum or base line security precautions. TABLE 4-1 Example of an Office Building Threat Response Matrix Escalating Levels of Threat Possible Responses VerbM Warnings/ Low-Level Indication Bomb Threat/ Indication Increases Active Bombing/ Attack on Similar Building Anarchy/ Direct Threat to Building • Alert building management X X X X • Close all unguarded entrances X X X X • Screen all people & bags X X X X • Clear areas near windows X X X • Monitor structural focal points X X X • Cancel scheduled meetings X X • Minimize staff X X • Install portable barriers X • Cordon off surrounding streets X • Evacuate a wing or floor X • Close areas (e.g., day care centers) X • • (Other responses) • • Evacuate entire building until threat level subsides X The measures identified need to be used with judgment and practicality relative to the level of threat, the continuing function of the building, and aesthetic and environmental concerns. Legal implications of security measures must also be considered as explained in the following section.

OCR for page 27
Page 29 LEGAL CONSIDERATIONS Security planners and managers should realize that certain security measures, while appealing, especially in a time of crisis, may come into conflict with the constitutional rights of employees or the general public. Public officials who are responsible for the security of federal office buildings must satisfy federal constitutional standards. Private landlords, in contrast, must comply with applicable statutes, but not usually constitutional standards. In the area of security practices, the constitutional provisions most likely to arise are the First and Fourth Amendments. Although not expressed precisely in these terms, the First Amendment to the Constitution is often construed as having created and guaranteed a right of privacy. Many state constitutions and statutes create the right expressly. Similarly, the Fourth Amendment guarantees all citizens the right to be free from unreasonable searches and seizures by government officials. What is a reasonable or unreasonable search may in turn depend on whether an individual has an expectation of privacy in the thing or place searched. It is the concept of privacy that draws the First and Fourth Amendments into a partnership that defines the limits of constitutionally permissible security practices. The security practices that most frequently give rise to potential privacy intrusions are electronic surveillance including eaves-dropping and monitoring via closed-circuit television, parcel or personal inspections at building entrances and exits, and evidence gathering activities such as searching employees' desks or lockers. In addition to constitutional constraints, electronic surveillance practices are extensively regulated by federal statutes that include civil and criminal sanctions. Individuals may be asked to waive their constitutional rights, within reason, in exchange for the privilege of receiving the benefits of government services. For example, admission to government buildings is often conditioned upon the willingness of an individual to consent to a cursory search of packages being carried, or upon his or her agreement to provide identification. Such consent is actually a waiver of constitutional rights. In order to be a valid waiver, it must be knowing, intelligent and voluntary. The posting of signs helps satisfy the “knowing” requirements of the law, and the fact that there are options (the person must be free to turn and walk away rather than submit) satisfies the “voluntary” requirements.

OCR for page 27
Page 30In all cases, security practices that are in potential conflict with constitutional rights should be the least intrusive possible in order to accomplish the legitimate interests of the government, while at the same time preserving individual freedoms. Building modifications using electronic surveillance equipment (audio or video), the use of two-way mirrors, entrance inspection policies, desk or locker search policies, and all security practices used in locations where expectations of privacy might exist (such as restrooms) should be reviewed by counsel periodically to assure compatibility with current statutes and recent judicial interpretations of the Constitution. Similarly, because the legal justification for such practices may depend upon the immediacy as well as the nature of the threat, a review of any security practice that impinges on privacy interests should be undertaken regularly to ascertain whether the need for the measure remains. GUIDELINES FOR SITE SECURITY Site planning and site design can be seen as discrete exercises for new facilities; however, when upgrading an existing building's site for security purposes, the two blend together. The following guidelines are intended to respond to security deficiencies that would be identified in the vulnerability analysis described in the previous chapter. They are presented as items for consideration. For many federal once buildings with minimal sites, such as in a congested downtown location, the guidelines will be less applicable. Circulation To minimize threats that originate outside of the building, movement in and around the building site must be controlled. The explosive laden vehicle is of greatest concern because of its potential for destruction. However, other hostile activities, from drive-by shootings to mob activity, can be mitigated by site circulation measures. Guidelines to be considered include: 1. Restrict vehicular approach to designated and controlled entry areas only. 2. Whenever warranted, the speed limit on all adjacent and intersecting streets should not exceed 30 miles per hour. Speed may be controlled using the following elements:

OCR for page 27
Page 31 speed bumps, sharp curves (horizontal alignment), steep grades (vertical alignment), narrowing the lanes of traffic, pavement material changes, signage, intersection signals, and pavement cuts. 3. As necessary, the direction of circulation on adjacent streets should be controlled. 4. Circulation routes and attempts to leave the roadway can be controlled using high curbs, at least along all portions of the site perimeter fronting a street. Median strips, bollards, barriers, or planters can be used to block possible direct cross street access that is created by a curb cut from an alley or property access across from the site. 5. Breaks-in curbs, medians, or barriers should be provided only at controlled entry points to the site. 6. Wherever necessary, detection and monitoring devices can be employed to detect excessive speed or movement in the wrong direction, or to indicate the presence of a vehicle. Such devices include closed-circuit television, electronic detection loops, radar, photoelectric cells or laser-bar codes. Access and Egress Site access points are perhaps the most important component of the perimeter security system and, as such, must address a variety of requirements. Entry responsibilities include observation, detection, deployment of security measures, inspection, access control, access denial, and containment of a threat to the entry area only. Guidelines include: 1. Vehicular access points should be limited to one entrance for ceremonial uses and one entrance for service uses. 2. Wherever warranted, vehicular entrances should be closed on highly traveled streets, or on any side of the site that could be approached with a vehicle at a high rate of speed. 3. Where vehicular entrances are located directly opposite an intersecting street, alley, or curb cut, or at the terminus of a street where a vehicle might be capable of a high-speed approach to

OCR for page 27
Page 32the entry, access should be restricted through the construction of medians, bollards, or barriers that block the vehicular approach path and that are capable of stopping the vehicle. 4. To facilitate early detection of a hostile attack, site entrances can be designed so that all exiting vehicles have a clear field of vision as they approach the roadway. To achieve this objective, the perimeter wall can be recessed or angled away from the entry approach. Stacking of cars in an entry lane should be allowed to prevent congestion on the street. 5. The entry can employ various barriers to augment the protection of the site entry gates, to control movement, or to deny access. Inspection points should be on the property but not adjacent to or inside the building. Static barriers (or operable barriers, when necessary) can be used to prevent vehicles from circumventing the entry gate or to control the pattern of approach to it. Also, static barriers can be stored on-site for deployment in times of increasing threat or emergency. Operable barriers can be located inside the entry gates. 6. To prevent accidental contact with a barrier that has been deployed in an emergency, the entry can be so designed that anyone traveling at a low rate of speed toward the gate or barrier areas can determine if a barrier is deployed before reaching it. Alarms, signage, warning lights, or a gate located before the barrier can be used as deployment indicators. 7. The site entry and its approach should be evenly lit with all light levels sufficient for detection and inspection. 8. Vehicular and pedestrian entrances should be separate, if possible. 9. Visitor and employee pedestrian entrances should be separately located, if possible. Parking 1. If possible, restrict vehicle access to the site by providing off-site parking lots. On-site parking could be provided for employees only and should be accompanied by an adequate security and identification system. 2. On-site parking areas should be evenly lit; dark areas that could provide hiding places should be eliminated.

OCR for page 27
Page 33 3. Wherever possible, parking should not be permitted along streets adjacent to the site to reduce the possibility of a preset vehicle bomb. 4. Pedestrian access to and from off-site parking areas should be protected with surveillance, lighting, and protective devices wherever possible. Perimeter The site perimeter is the first line of defence against a hostile attack. Its function is to confine a given threat outside the perimeter. This is particularly true for bombs, whether they are planted or are in a vehicle. It has been frequently shown that no perimeter is totally impenetrable given a determined attacker with adequate time and proper equipment. Consequently, the perimeter should also serve to delay intruders sufficiently to permit detection and allow for an appropriate response. Most buildings in urban areas do not have a perimeter other than the building wall itself. In such circumstances, it may be necessary to create a perimeter through the closing of streets and enclosing adjacent open space. Examples of perimeter barriers include stationary trucks, concrete road barriers, berms, walls, fences, ditches, and hedges. Trucks and concrete road barriers (such as have been used around the White House) should be considered temporary measures to be used only until the threat level subsides or permanent solutions can be constructed. Site perimeter security guidelines follow: 1. The location of the perimeter is critical to the effective protection of the building. The perimeter should be at the maximum feasible distance or that distance such that any anticipated explosion will not cause major damage to the building. It has been clearly established that the impact of an explosive device is a function of its pounds TNT equivalent and the distance of the detonation from the target. 2. The site perimeter should be designed to confine hostile activities outside the perimeter barrier. 3. Perimeter features should be installed to deny completely or to delay sufficiently any unauthorized site access.

OCR for page 27
Page 34 4. The site perimeter should be designed to facilitate observation and detection functions. 5. The site perimeter should withstand and protect the building and its inhabitants from standoff or drive-by attacks, and from explosive devices. 6. Whenever possible, the perimeter should use a combination of barrier techniques. With a combination of elements, it may be possible to design each individual component in a less restrictive manner, a method that may prove to be more economical. This type of approach also offers a certain amount of redundancy; if one of the components fails, it does not necessarily mean that the entry is compromised. However, the total strength of the combined barriers should meet the original design objective. Walls, berms and planting, bollards, static barriers, fences, embankments, tire traps, and ditches can be used. 7. The primary wall or fence at the perimeter should be at least 10 feet from any trees, poles, or buildings that could help would-be intruders scale the perimeter. 8. The perimeter wall or barrier should be as high as possible. (If a berm is also used, this height is not measured from the base of the berm but from the base of the wall or fence.) A 9-foot barrier is considered to be a deterrent to most climb-over attempts, but the wall or fence should also be designed to support the use of concertina wire for additional height. 9. The site perimeter should be well lit for observation and detection functions. When appropriate, glare lighting should be used as a deterrent to intruders. However, the perimeter lighting should illuminate only intruders and not the security force or interior activity areas. 10. The site perimeter should be designed to facilitate on-site surveillance objectives; the construction of walls, fences, berms, plantings, etc. should not create potential hiding places for would-be intruders who cannot be seen from observation points. Any area that cannot be physically monitored should be monitored by electronic observation devices or by alarm-activated devices. Vehicle Barriers The following guidelines are security design assumptions for vehicle barriers when such barriers are appropriate for use:

OCR for page 27
Page 35 1. The barrier should be designed to arrest a vehicle of a specified gross weight going at a specified speed. For example, a vehicle of 15,000 pounds gross weight going 30 miles per hour provides a kinetic energy level of 450,000 foot-pounds. This could be considered a minimum level against which a barrier should be designed. 2. The barrier should be designed to arrest a vehicle within a specified distance from the point of impact. Flexibility in the requirement should be based on the barrier's location with respect to the object it is designed to protect. For example, a barrier located three feet from the exterior wall of a building must stop a vehicle within three feet of impact, but a barrier located 100 feet from the building can have greater flexibility from the point of impact. 3. Static barriers may be used and include the following: barbed-wire fencing, chain-link fencing, metal guardrails, sectional steel fencing, angled posts, bollards, concrete shapes, concrete-reinforced fencing, earth-filled barriers (such as planters), excavations or ditches, earth berms, and reinforced concrete walls. 4. Active barriers may be used and include the following: crash beams, cable barriers, tire shredders, steel gates, ramp barricades, operable bollards, pits, pop-up barricades, blades, plow barricades,

OCR for page 27
Page 36 anti-crash gates, and nets. Lighting Exterior site lighting is an essential component of the site security system when there is insufficient daylight to perform necessary security operations and achieve security objectives. Such lighting must facilitate observation and inspection, and it should meet the goals of deterrence and safety. Guidelines include: 1. The site perimeter must have continuous lighting of an intensity that permits observation, inspection, detection, and deterrence operations. 2. The lighting of the site perimeter should promote the safety of the facility and its inhabitants. 3. The location of perimeter lighting fixtures should facilitate the lighting of both sides of the perimeter wall or fence. 4. Perimeter lighting fixtures and lamps should resist damage from gunfire, blast fragments or vehicle impact. 5. Perimeter lighting should be designed for emergency operating conditions. 6. Lighting should be designed with enhancement options for times of emergency, intrusion, or attack. Planting Any planting should enhance security objectives and should not interfere with security operations. Guidelines include: 1. Plant materials should be located, wherever possible, to deter climb-over attempts. 2. Planting areas should not provide hiding places for would-be intruders. 3. Wherever possible, plant materials should screen the site entry, on-site parking areas, building entrances, outdoor activity areas, mechanical and electrical equipment areas, or any other vulnerable site areas from off-site observers. This visual screening should not provide an opportunity for concealment of intruders.

OCR for page 27
Page 37 GUIDELINES FOR BUILDING SECURITY Occupancy Types In the building security program for a multitenant building, each portion of the building should be assigned a designated risk factor, ranging from high to low, based on the type of tenant in that portion of the building. Some agencies such as the Federal Bureau of Investigation and the Internal Revenue Service, for example, appear to be higher risk tenants than the Agriculture Department or the Department of Health and Human Services. While there is no guarantee that this relative risk assignment will remain constant over time, it is prudent for building planners to attempt to segregate high-risk and low-risk tenants into separate facilities. Where it is not possible to segregate high- and low-risk agencies in separate buildings, segregation by each risk category within the same structure should be undertaken. Access to each risk class should be separated, with the high-risk tenants afforded greater physical security. Whenever possible, high-risk tenants should be located in government-owned, rather than leased, buildings. Buildings housing only high-risk tenants should not be located close to non-government owned or controlled buildings, which could be used by terrorists to cover or enhance their attack on the target building (for example, placing a bomb in an unsecured, non-government building in close proximity to the target structure). In buildings housing high-risk tenants, publicly accessible areas, such as waiting rooms and restrooms, should be observed within legal limits and access to these areas should be carefully controlled. In no event should waiting rooms and restrooms be located adjacent to sensitive installations, such as electronic equipment rooms, guard rooms, and mechanical support equipment. In buildings housing high-risk tenants, incoming mail and other parcel traffic should be screened in an area outside of the main facility. Interior layouts in structures housing high-risk tenants should be designed so as to minimize hiding places for bombs and incendiary devices. Alcoves in areas that are difficult to observe by security surveillance systems, trash containers located both inside and outside the structure, unobserved underground parking areas, and unsecured utility rooms used by cleaning staffs

OCR for page 27
Page 38are typical weak points that can, and often are, exploited by terrorists. Planning and Layout Within the area of a building occupied by a government agency, security can be enhanced by defining the occupants' needs and implementing appropriate planning procedures. Guidelines include: 1. Functions that require controlled access to high-risk areas should be identified in the building security program and should consider the need and location for measures such as: assignment of security force personnel, metal detectors, closed-circuit television monitors, card entry access, locking devices, and one-way glass panels. 2. The requirement for assembly areas should be identified, and such areas should be located with consideration for: anticipated attendance by staff and/or visitors, requirements for restricted access, visual and/or acoustical security, life-safety requirements. 3. Privacy requirements for individuals or groups should be identified, especially with regard to: access, visual privacy, acoustical privacy, and electronic equipment (power, signal and communications). 4. Areas to generate, disseminate and store confidential or classified materials should be identified. Building Zoning Building zoning can facilitate implementing security measures at specific locations within the building. The following guidelines are offered:

OCR for page 27
Page 39 1. The building should be compartmentalized to separate functions that generate heavy visitor traffic. This compartmentalization should also take into consideration the level of sensitivity requirements. 2. Security zoning should be extended to include all building service areas and circulation systems; it should prevent the spread of spillover of fire, blast or other effects of hostile activities. 3. The location of storage areas for hazardous materials and equipment, and industrial-type functional areas that could facilitate the concealment of incendiary or explosive devices should be assessed. Building Exterior Envelope The building exterior envelope represents one of the most challenging areas of consideration because of the variety of threats involved against the exterior and because so many interrelated elements are involved. The security management team must account for the response of exterior building surfaces and functional elements such as walls, roofs, doors, and windows to hostile actions. The following guidelines are offered: 1. Measures to reduce the number of access points (e.g., entrances and doors) permanently or to minimize the number of access points temporarily should be considered. Permanent or temporary installation of access restrictions, guards, closed-circuit television monitors, screening monitors, and limited access to elevators and stairs should also be considered in light of life-safety requirements and legal concerns. 2. The potential for forced entry and potential breach in locations other than designated access points should be considered. The accessibility of such openings (e.g., windows or vent shafts) should be evaluated and consideration should be given to some permanent closures where possible, as well as measures for temporary closures (such as bars, grills and shutters). The adequacy of existing protection for openings should be evaluated. These include installation details (anchorage) of existing vent covers, locking mechanisms and other security measures on stairwell doors, or skylights accessible from the roof. 3. Fire and blast protection can be enhanced by the evaluation of exterior building surfaces for resistance to deliberately set fires.

OCR for page 27
Page 40 4. Modifications to exterior wall configurations should be considered to prevent opportunities for the concealment of destructive devices. 5. All openings such as ventilators should be evaluated for possible infiltration by liquids and fumes. Consider preventive measures such as closing existing openings or pressurizing the building to prevent undesired infiltrations. 6. Windows and other exterior openings should be evaluated for aesthetic value and functional requirements, and consideration should be given to possible security modifications, as warranted, such as: Ventilation: Operational windows could be replaced by smaller and more easily protected openings in exterior wall, or by internal mechanical ventilation system. Illumination with daylight: Windows could be replaced by smaller openings along with the installation of daylight reflectors on the interior of openings to achieve equivalent illumination. Broken glass: Damage from the shattering of windows can be reduced by the application of a protective film on the interior of the glass surfaces, or the installation of a variety of transparent, translucent, or bullet-resistive glazing materials. Privacy: Visual and acoustical privacy can be enhanced by the installation of translucent materials, interior glass shading devices, and sound-proof glazing systems. Structural Systems Renovating structural systems can vary from simple mechanical ties to replacement of main structural members and connections. It may be assumed, until proven by a condition survey, that distressed areas in structures as exhibited by cracking, settlement, broken windows, jammed doors and openings would also be susceptible to structural damage from a hostile attack. Distressed areas should be given high priority in the renovation process. During regular maintenance activities, attention should be paid to upgrading or repairing the structural system. Simple and low-cost modifications can be made in the maintenance process. Items such as tying door and window frames to walls and tying facades to main structural carrying members increase the capacity of the system, thus increasing its resistance to attack.

OCR for page 27
Page 41 Several critical guidelines should be followed in renovating and upgrading structural systems. These guidelines refer to strengthening the structure to resist extreme and sudden loadings. 1. Avoid progressive collapse of the structure due to the dependence of the structure on one or two key elements. Avoid weak-link chain systems where if a link is destroyed, the chain strength is destroyed. Examples of strengthening to resist progressive collapse are: Continuity is created between structural members where load can be transferred from beam to beam, beam to column, floor to beam, etc. Floor and roof systems are tied to all wall systems at their boundaries. Redundancy is created where members that are not carrying loads do so by connecting them to the load carrying members. Access is restricted to key supporting members where the system cannot be strengthened to resist progressive collapse. 2. Adequate connections should be provided from the building facade or envelope to the structural frame so that load is transferred from the facade members to the structural frame. Avoid collapse of the facade members between the structural frame members. 3. Vehicular traffic should be routed away from direct contact with main carrying structural members, such as columns and walls on the ground floor. 4. When designing structural systems in the renovation process, consideration should be given in the design for loading of members in several directions. Where loading is normally considered to cause compression, there may also be tension, thus indicating that the structural systems should be adequate in more than one direction or that other accommodations should be made. Building Systems It is extremely difficult to adjust building systems at the time of an actual threat alarm. Therefore, the following guidelines are recommended for consideration in the course of an ongoing building maintenance or renovation program, all as warranted by the threat assessment. If permanent adjustments are not possible

OCR for page 27
Page 42in a timely manner, temporary measures to accomplish similar goals should be considered. 1. Connections to the outside water supply, as well as mechanical and electrical sources of supply, should be located in a secure area of the building and not accessible to unauthorized persons. 2. All building service equipment should be located in a secure area of the building. 3. Back-up services for electric power, communications and water should be provided to ensure continued operation of critical functions in case of emergency. 4. Positive pressurization inside the building should be made possible, if needed, to eliminate infiltration of contaminated air from outside. 5. A system of emergency egress and safe subsequent re-entry for building occupants should be developed to ensure the prompt evacuation of building occupants and visitors, as well as a screened re-entry of only authorized building occupants. 6. Building signage requirements should be reviewed and modified as needed to facilitate an effective evacuation of all permanent and temporary building occupants, including handicapped and other special need users.