Limiting Security Vulnerabilities

Facility security is actually the third layer of protection. Preparation should include coordinating with local response teams and conducting pre-planning exercises.

• By Tom Allen
• Jul 01, 2003

SINCE Sept. 11, 2001, America has been under the looming threat of another terrorist attack. The country is responding to this threat by increasing its level of awareness and protection on national, local, and individual levels. In particular, security and occupational safety professionals must prepare for and protect against this new threat. Few have had any real training or experience in dealing with a direct attack on their facilities. Indeed, the most difficult challenge may be preparing for the unpredictable. Yet action must be taken.

No specific formula of security tools and practices exists that will guarantee the safety of a building and its occupants. However, this article identifies a few key points to consider when assessing facility vulnerabilities to a terrorist attack.

A Change in Mindset
The goal of a security vulnerability assessment is to identify possible threat scenarios while also evaluating the likelihood of a malevolent act occurring and its consequences. Terrorism is unlike most other threats. Therefore, it requires a new mindset:

A paradigm shift in the risk profile
The attacks on the World Trade Center force us to re-evaluate the likelihood of some terrible acts. For example, on Sept. 10, 2001, the idea of four commercial airplanes being hijacked simultaneously and used as weapons of mass destruction seemed unlikely. On Sept. 11, the idea became a reality.

A shift in the range of credible targets
After Sept. 11, it became necessary to expand the list of potential terrorist targets. Both physical structures, such as public and commercial buildings, as well as non-physical targets, such as our communications infrastructure and financial system, are considered at risk. While difficult to accept, we must recognize that innocent Americans became targets as they made their way into work one morning.

A shift in adversary profile
In years past, it was a basic tenet of security planning that an adversary would be deterred by the possibility of personal capture, injury, or death. While this still applies to the majority of threat scenarios today, the threat of terrorist attacks like those carried out on Sept. 11 has changed the landscape.

With regard to anonymity, there are two specific terrorist profiles. In one, the adversary attempts to inflict the maximum damage to the target while minimizing risk to himself. Threats of this type include car bombs, mail bombs, and anthrax sent through the mail. The second type of adversary disregards his own safety in an attempt to seek maximum damage to the target. Painful examples of this are the Sept. 11 attacks and the Palestinian suicide bombers.

A difference in support
Although an act of terrorism may be directed at one target, terrorism is a national threat. Facility security is actually the third layer of protection, following national and local security efforts. Therefore, facility security and preparation efforts should include coordinating with local response teams and conducting pre-planning exercises.

Preparation and Protection
Emergency plans that address fire, weather, and other types of emergencies should exist for all buildings deemed to be at risk. In response to new and increased threats, these plans should be updated to consider terrorist attack scenarios. General items to include are procedures for communicating instructions to building occupants, a list of suitable shelter-in-place areas, an outline of personal protective equipment, and emergency evacuation plans.

Of particular concern are the airflow patterns and dynamics in buildings, specifically in the building heating, ventilating, and air-conditioning (HVAC) systems. These systems can become an entry point and a distribution system for hazardous contaminants.

No building can be fully protected from an individual who is determined to do harm. However, buildings can be made less attractive targets by making it more difficult to introduce a CBR agent, by increasing the ability to detect terrorists before they carry out an intended release, and by incorporating procedures to mitigate the effects of a CBR release. The National Institute for Occupational Safety and Health recommends the following physical security actions:

• Prevent access to outdoor air intakes. Securing the outdoor air intakes is a critical line of defense in limiting an external CBR attack on a building. Ideally, an intake should be located on a secure roof or high sidewall. If unable to relocate a publicly accessible outdoor air intake, an extension can be constructed without creating adverse effects on HVAC performance. Another solution is to establish a secure zone around outdoor air intakes.
• Prevent public access to mechanical areas. Because mechanical areas provide access to centralized mechanical systems, including air filters, air handling units, and exhaust systems, this equipment could be used in a CBR attack. Therefore, access to these areas should be strictly controlled.
• Isolate lobbies, mailrooms, loading docks, and storage areas. These are areas where bulk quantities of CBR agents are likely to enter a building. To prevent widespread dispersion of a contaminant released within such an area, their HVAC systems should be isolated. Also, the areas should be maintained at a negative pressure relative to the rest of the building, but at a positive pressure relative to the outdoors.
• Secure return-air grilles. Similar to outdoor air intakes, HVAC return-air grilles that are publicly accessible and not easily observed may be vulnerable targets. Consider relocating return-air grilles to inaccessible, yet observable locations, increasing security presence near vulnerable return-air grilles, directing public access away from return-air grilles, and removing furniture and visual obstructions from the area.
• Restrict access to building information. Information on building operations should be released to authorized personnel only, preferably by the development of an access list and controlled copy numbering.
• Upgrade general physical security. In addition to security measures for HVAC and other specific building operations, physical security upgrades such as controlled access points and external perimeter security can enhance the overall security of a building.

General building security preventative measures include:

• Using off-site screening facilities for deliveries
• Irradiating mail that is sent to critical sites
• Periodically sampling surfaces to detect potential toxins.

Securing against outside bomb threats
The first mode of physical building protection is an "exclusion zone," which ensures a minimum guaranteed distance between an explosion and the target structure. This exclusion zone is achieved by placing at the site perimeter bollards, planters, fountains, and other barriers that cannot be compromised by ramming with a vehicle.

While an exclusion zone is an effective security measure, it also can work against rescue teams by deterring access of rescue and firefighting vehicles. Therefore, bollards or fences should be equipped to allow emergency access or some secondary access should be included in the design. Also, appropriate consideration should be given to emergency access during the emergency response group's pre-planning exercise.

Many sites are now addressing vehicle bomb threats with measures such as:

• Performing vehicle inspections away from structures
• Increasing video surveillance
• Enhancing garage access controls
• Establishing "stand-off" distance between the facilities and the parking lot and roadways by using bollards, planters, berms, and "Delta" type barriers
• Using window film and modified window frames to reduce the effects of a blast on the building's occupants.

Securing against on-site bomb threats
When considering bomb protection for a building, the building owners and architects must work with structural engineers and blast consultants. Because a building cannot be designed to be bombproof, the key is to limit the acceptable damage to a confined area. Acceptable damage is a relative term, with the spectrum of damage ranging from a few broken windows to regional slab failure to confined structural frame failure. However, the ultimate goal is to prevent widespread structural failure or progressive collapse.

Optimally, blast mitigation provisions for a new office building should be addressed in the early stages of the design. However, existing buildings can be upgraded to react better when attacked. Subtle changes are now being incorporated into the design of some office buildings to involve the proper designing and detailing of transfer girders and beam/column connections. Simple structural modifications include designing redundancies into the structure to carry additional loads imposed after a bomb attack. These provisions include properly detailing beams, girders, and columns to carry damaged slabs or columns.

These changes all attempt to enhance the structure's response to the severe dynamic loading by adding strength to resist the blast, ductility to absorb the energy, and redundancy to reduce the chance of progressive collapse. An excellent resource for specific recommendations is the "Structural Engineering Guidelines for New Embassy Office Buildings," which was developed by Weidlinger Associates for the Department of State-Office of Foreign Buildings Operations after the attacks on American embassies. It remains today the only design guideline approved for government design or construction.

Optimistic, But Prepared
We are living in a different America now--one that has proved vulnerable to attack. In effect, those responsible for the safety of others must respond to the increased threat.

Preparing for and protecting against this still somewhat unfamiliar scenario will challenge security and safety professionals to unstructure their thinking, consider a new kind of adversary, and take another look at how their facilities may be vulnerable to attack. However, the practice of assessing and limiting security vulnerabilities is not new.

As Americans, we will continue to hope for the best, but as professionals, it is our job to prepare for the worst.

This article originally appeared in the July 2003 issue of Occupational Health & Safety.