Security for Building Occupants and Assets

by the WBDG Secure/Safe Committee

Last updated: 11-05-09

Overview

The bombings at New York City's World Trade Center, Oklahoma City's Alfred P. Murrah Federal Office Building, and Atlanta's Centennial Park, shook the nation, and made Americans aware of the need for better ways to protect occupants, assets, and buildings from human aggressors (e.g. disgruntled employees, criminals, vandals, and terrorists).

the new Oklahoma City Federal Building

Security measures, such as setbacks, bollards, protective glazing, and structural hardening, are incorporated into the design of the new Oklahoma City Federal Building, located north of where the former Alfred P. Murrah Federal Building once stood.
(Designed by Ross Barney + Jankowski Architects and Atkins Benham)

Following the Oklahoma City tragedy, the President issued Executive Order 12977 which created the Interagency Security Committee (ISC) to address government-wide security for civilian Federal facilities in the United States. The ISC is comprised of chief security officers at 42 Federal agencies and departments. The ISC initially established minimum security standards for existing buildings and through the years, has developed standards for new construction and major renovation projects and for leased spaces.

In 2009, the ISC will publish a comprehensive new Standard, Physical Security Criteria for Federal Facilities, which consolidates security standards for all types of civilian Federal facilities into one source. This includes facilities that are government-owned, leased, or managed; to be constructed or modernized; or to be purchased. This new Standard specifies countermeasures to be implemented at each facility security level and serves as the companion to the ISC's Facility Security Level Determinations (FSL) Standard published in 2008.

The FSL standard defines the criteria and process that each facility should use to determine its facility security level (FSL). The Facility Security Level Determinations process includes various factors such as agency mission criticality, symbolism, facility population, facility size, threat to tenant agencies, and intangibles.

The new ISC standards are based on the belief that security requirements should be driven by the security needs of the federal agency occupying the space, not by the type of ownership.

The 11 September 2001 terrorist attacks demonstrated the country's vulnerability to a wider range of threats and heightened public concern for the safety of workers and occupants in all Building Types. Many federal agencies responding to these concerns have adopted an overarching philosophy to provide appropriate and cost-effective protection for building occupants. Using the ISC standards as a basis, some Federal agencies have issued their own security design standards to reflect their individual needs for additional security. While it may be cost prohibitive to design a facility to a worst case scenario, decision-makers should ensure that security becomes an integral part of the operations planning, design, construction/renovation, or acquisition of Federal facilities from the outset.

For military facilities, the DOD uses the Unified Facilities Criteria (UFC) UFC 4-010-01 DoD Minimum Anti-Terrorism Standards for Buildings.

The U.S. Department of State's Bureau of Overseas Buildings Operations (OBO) directs the buildings program at U.S. diplomatic and consular posts throughout the world. OBO sets worldwide priorities for the design, construction, acquisition, maintenance, use, and sale of overseas real property and the use of sales proceeds.

There are currently no universal codes or standards that apply to both public and private sector buildings. However, most designers agree that security issues must be addressed with other design objectives and integrated into the building design throughout the process. This will ensure a quality building with effective security. This concept is known as a multi-hazard design.

Depending on the building type, acceptable levels of risk, and decisions made based on recommendations from a comprehensive threat assessment, vulnerability assessment, and risk analysis, appropriate countermeasures should be implemented to protect people, assets, and mission.

Some types of attack and threats to consider include:

Protective design is the design of structures to mitigate blast effects. This will require the involvement of protective design and security consultants at the onset of the programming phase. Early and ongoing coordination between the protective design consultant, the structural engineer, and the entire planning team is critical to providing an optimal design that is both open and inviting to the public and compliant with updated security requirements.

Recommendations

Essential to the security plan and design of a high quality building is the implementation of appropriate countermeasures to deter, delay, detect, and deny attacks. Often the countermeasures work on the layered defense concept or "Onion Philosophy." This concept provides for increasing levels of security from the outer areas of the site or facility towards the inner, more protected areas. Some or all of the issues outlined below need consideration for effective security design and building operations.

Unauthorized Entry (Forced and Covert)

Protecting the facility and assets from unauthorized persons is an important part of any security system. Some items to consider include:

Insider Threats

One of the most serious threats may come from persons who have authorized access to a facility. These may include disgruntled employees or persons who have gained access through normal means (e.g., contractors, support personnel, etc). To mitigate this threat some items to consider include:

Explosive Threats: Stationary and Moving Vehicle-Delivered, Mail Bombs, Package Bombs

Explosive threats tend to be the criminal and terrorist weapon of choice. Devices may include large amounts of explosives that require delivery by a vehicle. However, smaller amounts may be introduced into a facility through mail, packages, or simply hand carried in an unsecured area. Normally the best defense is to provide defended distance between the threat location and the asset to be protected. This is typically called standoff distance. If standoff is not available or is insufficient to reduce the blast forces reaching the protected asset, structural hardening may be required. If introduced early in the design process, this may be done in an efficient and cost-effective manner. If introduced late in a design, or if retrofitting an existing facility, such a measure may prove to be economically difficult to justify. Some items to consider include:

Ballistic Threats

These threats may range from random drive-by shootings to high-powered rifle attacks directed at specific targets within the facility (assassinations). It is important to quantify the potential risk and to establish the appropriate level of protection. The most common ballistic protection rating systems include: Underwriters Laboratories (UL), National Institute of Justice (NIJ), H.P. White Laboratory, and ASTM International. Materials are rated based on their ability to stop specific ammunition (e.g., projectile size and velocity). Some items to consider include:

Weapons of Mass Destruction: Chemical, Biological, and Radiological (CBR)

Commonly referred to as WMD, these threats generally have a low probability of occurrence but the consequences of an attack may be severe. While fully protecting a facility against such threats may not be feasible with few exceptions, there are several common sense and low cost measures that can improve resistance and reduce the risks. Some items to consider include:

Cyber and Information Security Threats

Businesses rely heavily on the transmission, storage, and access to a wide range of electronic data and communication systems. Protecting these systems from attack is critical. Some items to consider include:

Development and Training on Occupant Emergency Plans

Occupant Emergency Plans should be developed for all buildings Operations staff and occupants to be able to respond to all forms of credible attacks and threats. The Emergency Plan needs to include clearly defined lines of communication, responsibilities, and operational procedures parts of Emergency Plans. These plans are an essential element of protecting life and property from attacks and threats by preparing for and carrying out activities to prevent or minimize personal injury and physical damage.

Safety will be accomplished by pre-emergency planning; establishing specific functions for Operational staff and occupants; training Organization personnel in appropriate functions; instructing occupants of appropriate responses to emergency situations and evacuation procedures; and conducting actual drills to ensure everyone is aware of policies and procedures.

Related Issues

Integrating Security and Sustainability

Providing for sustainable design that meet all facility requirements is often a challenge. With limited resources, it is not always feasible to provide for the most secure facility, architecturally expressive design, or energy efficient building envelope. From the planning and concept stages through the development of construction documents, it is important that all project or design stakeholders work cooperatively to ensure a balanced design. Successful designs must consider all competing design objectives and make the best selections.

Designing for Fire Protection and Physical Security

Care should be taken to implement physical security measures that allow Fire Protection forces access to sites, buildings and building occupants with adequate means of emergency egress. GSA has conducted a study and developed recommendations on design strategies that achieve both secure and fire safe designs. Specifically, the issue of emergency ingress and egress through blast resistant window systems was studied. Training was developed based on this information and is available at the GSA Firefighter forcible entry tutorial.

Photo of an integrated security system

Integrated security systems can offer more efficient access and control.
(Courtesy of Integrated Security Systems, LTD)

Integrated Systems

There has been a general trend towards integrating various stand-alone security systems, integrating systems across remote locations, and integrating security systems with other systems such as communications, and fire and emergency management. Some CCTV, fire, and burglar alarm systems have been integrated to form the foundation for access control. The emerging trend is to integrate security systems with facility and personnel operational procedures. By involving facility stakeholders from the programming stage throughout the life of the project, the behavioral-based policies can be successfully integrated with security systems and forces.

This provides for a seamless and flexible mode of operation for the facility and its occupants. First and Second Generation Crime Prevention Through Environmental Design (CPTED) are time and results proven crime prevention practices. The primary guiding principles of CPTED include natural access control, natural surveillance and territoriality. These principles are augmented strongly by the second generation (behavioral based) CPTED strategies. The best practice is for first and second generation CPTED to merge with the integrated systems concept which results in an integrated security process.

Blast Design vs. Seismic Design

Seismic and blast resistant design share some common analytical methodologies and a performance based design philosophy that accepts varying levels of damage in response to varying levels of dynamic excitation. Both design approaches recognize that it is cost prohibitive to provide comprehensive protection against all conceivable events and an appropriate level of protection that lessens the risk of mass casualties can be provided at a reasonable cost. Both seismic design and blast resistant design approaches benefit from a risk assessment that evaluates the functionality, criticality, occupancy, site conditions and design features of a building.

While there may be more predictability with natural hazards, this is not the case with man-made hazards. Also the explosive threats of the future are very likely to be very different from the explosive threats of the past. Another fundamental difference between seismic and blast events are the acceptable design limits. Since earthquakes are more predictable and affect more structures than are affected by blast events, owners may be willing to accept different levels of risk relative to these different events, and this may translate into differences in acceptable design limits, as defined by allowable deformation, ductility and other functions.

Both seismic design and blast resistant design approaches consider the time-varying nature of the loading function. The response of a building to earthquake loads is global in nature, with the base motions typically applied uniformly over the foundations of the buildings. These seismic motions induce forces that are proportional to the building mass. Blast loading is not uniformly applied to all portions of the building. Parts of the structure and components closest to and facing the point of detonation will experience the higher loading than components at a greater distance and/or not facing the point of detonation. The structure's mass also contributes to its inertial resistance. Due to the local versus global nature of blast loading, seismic loading analogies, including the concept of blast-induced base shears, must be applied with great care or they be misconstrued to provide a false sense of protection.

Building configuration characteristics, such as size, shape and location of structural elements, are important issues for both seismic and blast resistant design. The manner in which forces are distributed throughout the building is strongly affected by its configuration. While seismic forces are proportional to the mass of the building and increase the demand, inertial resistance plays a significant role in the design of structures to reduce the response to blast loading. Structures that are designed to resist seismic forces benefit from low height-to-base ratios, balanced resistance, symmetrical plans, uniform sections and elevations, the placement of shear walls and lateral bracing to maximize torsional resistance, short spans, direct load paths and uniform floor heights.

While blast resistant structures share many of these same attributes, the reasons for doing so may differ. For example, seismic excitations may induce torsional response modes in structures with re-entrant corners. These conditions provide pockets where blast pressures may reflect off of adjacent walls and amplify the blast effects. Similarly, first floor arcades that produce overhangs or reentrant corners create localized concentrations of blast pressure and expose areas of the floor slab that may be uplifted. In seismic design, adjacent structures may suffer from the effects of pounding in which the two buildings may hit one another as they respond to the base motions. Adjacent structures in dense urban environments may be vulnerable to amplification of blast effects due to the multiple reflections of blast waves as they propagate from the source of the detonation. While the geology of the site has a significant influence on the seismic motions that load the structure, the surrounding geology of the site will influence the size of the blast crater and the reflectivity of the blast waves off the ground surface.

On an element level, the plastic deformation demands for both seismically loaded structures and blast-loaded structures require attention to details. Many similar detailing approaches can be used to achieve the ductile performance of structural elements when subjected to both blast and seismic loading phenomenon. Concrete columns require lateral reinforcement to provide confinement to the core and prevent premature buckling of the rebar. Closely spaced ties and spiral reinforcement are particularly effective in increasing the ductility of a concrete compression element. Carbon fiber wraps and steel jacket retrofits provide comparable confinement to existing structures. Steel column splices must be located away from regions of plastic hinging or must be detailed to develop the full moment capacity of the section. Local flange buckling must be avoided by using closely spaced stiffeners or, in the case of blast resistant design, the concrete encasement of the steel section.

Reinforced concrete beam sections require equal resistance to positive and negative bending moments. In addition to the effects of load reversals and rebound, doubly reinforced sections possess greater ductility than singly reinforced counterparts. Steel beams may be constructed composite with the concrete deck in order to increase the ultimate capacity of the section; however, this increase is not equally effective for both positive and negative moments. While the composite slab may brace the top flange of the steel section, the bottom flange is vulnerable to buckling.

Addressing blast and seismic design goals may be achieved through the consideration of many of the same building attributes and utilizing similar design and detailing solutions. An understanding of the differences between these two loading phenomenon, the effects on the structure, and the performance requirements are essential in order to select and implement the appropriate choices for achieving the project's goals.

Security for Historic Buildings

Securing historic buildings is particularly challenging with having to conserve exterior architectural features and interior finishes and amenities. Windows pose a unique challenge in that they must retain the look of the original windows, while being upgraded for security reasons and further, must be more energy efficient to meet current sustainable design requirements. The GSA has developed guidelines to assist in meeting these challenges in their Technical Preservation Guidelines the guidelines include fire safety retrofit, interior signage, perimeter security, and upgrading historic building windows among the topics covered.

Emerging Issues

Weather related (hurricane and tornado) protection requires blast resistant design. Blast resistant façade systems requires the glass to satisfy the debris hazard conditions in response to the specified blast loading, while the mullions and anchors are required to resist the collected forces within the specified deflection and ductility limits. In addition to resisting the specified blast loads, the criteria often require the designer to consider the damages resulting from a more extreme blast loading. The criteria therefore require a balanced design for which the mullions must develop the capacity of the selected glass within allowable deformation limits and the anchors must develop the capacity of the selected mullions.

In some instances, the selected glass exceeds the strength requirements for blast resistant design. This occurs when the blast resistant glass must also provide forced entry and/or ballistic resistance (FE/BR) or when the façade must also satisfy the large missile impact requirements specified by the most severe hurricane design codes. For these cases, the selection of the glass make-up may far exceed the blast requirements and produce deeper mullions and more robust anchors. These different requirements often lead to an overly robust façade design. In order to resolve this dilemma, one may either allow larger deformations, since the façade will address the specified blast loads or the glass may act as a diffuser by disengaging for blast loading that significantly exceeds the specified intensity. Since current Government Standards and Criteria do not currently provide guidance regarding these conditions, the designer needs to create a solution that satisfies all the governing protective criteria.

Bollard spacing for accessibility is related to access for fire vehicles and personnel. The Americans with Disabilities (ADA) Act calls for spacing bollard 36 inches apart to meet clear opening requirements. Site security designers need to balance their security needs with access, considering bollard location and spacing respective to vehicular traffic, bus stops, hardened street furniture, and pedestrian traffic.

New Anti-Ram Barriers Test Standard

Effective February 1, 2009, the United States Department of State (DOS) will no longer be certifying anti-ram barriers under it's current Anti-ram barrier standard, STD-02.01 Revision A dated March 2003. Beginning February 1, 2009, DOS will evaluate only new anti-ram barriers tested under ASTM F2656-07 Standard Test Method for Vehicle Crash Testing of Perimeter Barriers for the selection and approval for use at DOS facilities. The only barriers considered will be those with an ASTM F2656-07 rating of M30 P1, M40 P1, and M50 P1. Furthermore, DOS will only consider barriers in which the impact point has been chosen or agreed to by the DOS. As stated in ASTM F2656-07, failure to consult with DOS regarding the impact point may jeopardize the eligibility of the barrier to be installed at DOS facilities.

DOS will no longer issue anti-ram barrier certification letters for tests performed after January 31, 2009. Any tests successfully performed on or before January 31, 2009 will be considered eligible for the issuance of a DOS certification letter. Upon issuance of the last certification letter, DOS will publish the last List of DOS Certified Anti-Ram barriers sometime in early 2009.

DOS is currently transitioning to an internal approved barrier list. This list will be a subset of all current and future barriers that meet the ASTM F2656-07 and/or STD-02.01 Revision A dated March 2003 test criteria. Barriers placed on this new list will be selected specifically for DOS facilities based on newly developed in-house criteria. Barriers will be added and removed from this new internal approved list as facility needs warrant.

Pandemic Illness is another factor to consider. Facilities must stand and operate during an epidemic. Consideration needs to be given to HVAC, water supply and waste disposal systems under threat.

Green Walls and CPTED: designers are beginning to incorporate vertical gardens, called "Vegitecture" into their projects. These green walls could block site lines and provide hiding places which counter the CPTED strategies. When considering vertical gardens, ensure they are designed with CPTED principles in mind.

Relevant Codes and Standards

Highly complex security system design is still neither codified nor regulated, and no universal codes or standards apply to all public and private sector buildings. However, in many cases, government agencies, including the military services, and private sector organizations have developed specific security design criteria. These standards must be flexible and change in response to emerging threats.

Mandates

Federal Guidelines

Department of Defense:

General Services Administration (GSA):

Department of Veterans Affairs (VA):

Department of State:

Federal Aviation Administration (FAA):

Federal Emergency Management Agency (FEMA):

Others

Private Sector Guidelines

Major Resources

WBDG

Tools

LEED®-DoD Antiterrorism Standards Tool

Building Envelope Design Guide

Fenestration Systems—Exterior Doors

Resource Pages

Blast Safety of the Building Envelope, Chemical/Biological/Radiation (CBR) Safety of the Building Envelope

Websites

Security Centers

Organizations and Associations

Trade Journals/Magazines

Training Courses

Others

WBDG Services Construction Criteria Base