ict today - burns engineering, inc. · contact the bicsi sales department for information at +1...

THE OFFICIAL TRADE JOURNAL OF BICSIICT TODAY

Volume 40, Number 4July/August/September 2019

FROM ICT, AI & SMART CITIES

PLUS:+ The 5 Ds of Perimeter Protection + Commissioning Access Control Systems in 7 Phases+ Cybersecurity’s Path in the Future of BACnet

July/August/September 2019 I 3

SUBMISSION POLICYICT TODAY is published quarterly in January/February/March, April/May/June, July/August/September, and October/November/December by BICSI, Inc., and is sent to BICSI members, RCDDs, RTPMs, DCDCs, BICSI Installers and Technicians and ESS, NTS, OSP, RITP and WD credential holders. ICT TODAY subscription is included in BICSI members’ annual dues and is available to others through a purchased yearly subscription. ICT TODAY welcomes and encourages submissions and suggestions from its readers. Articles of a technical, vendor-neutral nature are gladly accepted for publication with approval from the Editorial Review Board. However, BICSI, Inc., reserves the right to edit and alter such material for space or other considerations and to publish or otherwise use such material. The articles, opinions and ideas expressed herein are the sole responsibility of the contributing authors and do not necessarily reflect the opinion of BICSI, its members or its staff. BICSI is not liable in any way, manner or form for the articles, opinions and ideas, and readers are urged to exercise professional caution in undertaking any of the recommendations or suggestions made by authors. No part of this publication may be reproduced in any form or by any means, electronic or mechanical, without permission from BICSI, Inc.

ADVERTISING: Advertising rates and information are provided upon request. Contact the BICSI Sales Department for information at +1 813.979.1991 or 800.242.7405 (U.S. and Canada toll-free) or [email protected]. Publication of advertising should not be deemed as endorsement by BICSI, Inc. BICSI reserves the right in its sole and absolute discretion to reject any advertisement at any time by any party.

POSTMASTER: Send change of address notices to BICSI, Customer Care, 8610 Hidden River Pkwy, Tampa, FL 33637-1000; Phone: +1 813.979.1991 or 800.242.7405 (U.S. and Canada toll-free).

contentsFROM THE PRESIDENT

Both Corning’s EDGE™ and EDGE8® solutions include porttap modules that are fully integrated into the structuredcabling footprint of your data centers and storage area network (SAN):

▄ Completely passive▄ Purely optical splitters▄ No power or IP configuration required▄ No disruption to the live network

Empowering the world with data center solutions you can trust!Visit corning.com/tapmodules/bicsi to learn how

Corning’s tap modules can enhance your network monitoring.

Fully integrated and proactive monitoring of network performance with Corning’s port tap modules.

05 “Juice Jacking” Puts the Squeeze on Private Data By Jeff Beavers, RCDD, OSP, CFHP

COVER ARTICLE

06 Security Gets a Boost from ICT, Artificial Intelligence (AI), and Smart Cities: By understanding the many security advance-ments since 2013, ICT professionals can learn about the latest technology trends, newly established profitable technology paths, and how ICT is championing smart city development. Knowledge of these trends and technology paths provides new opportunities for the ICT industry and the professionals who serve it. By Steve Surfaro

20 The 5 Ds of Perimeter Protection: Discover the principles of security-in-depth in order to design and deploy the appropriate connectivity for enterprise customers. Security-in-depth is based on the application of five fundamental security strategies, also known as the 5D methodology: Deter, Detect, Deny, Delay and Defend. By Anthony Frassetta, RCDD, PSP

28 Commissioning Access Control Systems in 7 Phases: For the last couple of years, access control has achieved a higher rate of growth than either video surveillance or intruder alarms. Enterprise owners are increasingly upgrading legacy systems and installing more sophisticated and advanced access control systems. These systems need commissioning and more complex testing to function optimally. By F. Patrick Mahoney, RCDD, CDT

39 Cybersecurity’s Path in the Future of BACnet: As the ICT industry is transitioning to the world of IoT and smart buildings, it is important to become familiar with the cyber-security vulnerabilities facing the building automation system (BAS) and the new BACnet/SC technology that promises to solve some of the most serious security problems for BAS and the entire enterprise network. By Daniel Tan and Jeff Downton

48 The Future of Public Safety Via Wireless, Smart Technologies, and the Connected Building: Wireless connectivity is essential for first responders and the general public’s safety. New technologies, such as fifth-generation (5G) cellular technology and the rollout of spectrum at 3.5 GHz, will enable a host of security and other measures that will enable communities to become smart and safe. By Tracy Ford

56 Experience the Evolution of the Rack PDU More Power & More Intelligence to the Rack: Today, the rack PDU must operate at full load in high temperatures, participate in support of environmental data collection, and assist in maintaining secure access to the cabinet. The rack PDU is becoming a data aggregation point in the cabinet with intelligence and control capable down to the receptacle. By Raul A. Pombo

JULY/AUGUST/SEPTEMBER 2019Volume 40, Issue 4

20 I ICT TODAY July/August/September 2019 I 21

Physical security plays a vital role in today’s economy, and it is a fundamental component of any effort to mitigate and reduce risk to ensure the necessary level of protection of life, property, and business continuity. Depending on the type of asset being protected and the associated level of exposure or vulnerability, businesses, facilities and critical infrastructure sites have some degree of risk or threat. Developing a comprehensive mitigation program requires extensive planning and a thorough understanding of security needs, existing conditions, threats, and vulnerabilities, as well as proper identification of assets at risk that need to be evaluated before selecting the appropriate technology and the related cabling infrastructures. In today’s litigious society, assets encompass much more than an organization’s physical property and products. They also include intellectual property, brand reputation, personnel, and daily operations as part of an organization’s total vulnerable assets.

For purposes of this discussion, emphasis is placed

on one segment of a total security mitigation plan that

starts at the outermost boundary or the site perimeter.

One of the highest at-risk facilities with the greatest

exposure and general accessibility by the public

is an airport.

The examination of airport physical security

(a detailed discussion appears later in this article)

offers a high level of complexity while providing

a variety of considerations in mitigating physical

incursions. However, the principles discussed

herein can apply easily to any type and aspect of

a facility—from the exterior wall of a building to the

most secure interior area.

A sound security mitigation plan is rooted in the

concept of crime prevention through environmental

design (CPTED). The goal of CPTED is to prevent crime

by designing and implementing a physical environment

that positively influences human behavior by leveraging:

• Territoriality

• Natural surveillance

• Access control

• Appearance or perception

Working in conjunction with CPTED

Security-in-depth is based upon on the application

of five fundamental security strategies, also known

as the 5D methodology.

is the practice of applying security

protection in multiple rings or layers, also

referred to as security-in-depth. In theory,

the first layer is located at the outermost

boundary of the site, and additional layers

of protection are provided as one moves

inward toward the high-value asset

or target.

It is important that ICT professionals

understand the principles of security-

in-depth in order to design and deploy

the appropriate connectivity, whether

utilizing an optical fiber based fence

detection system or ensuring that

cybersecurity is accompanied by

the appropriate physical security

for their customers.

Security-in-depth is based on the

application of five fundamental security

DEFEND

DETECT

strategies, also known as the 5D methodology (Figure 1):

Deter, Detect, Deny, Delay and Defend.

The application of the 5D methodology during the

design and application of perimeter protection can

improve the effectiveness of the facility’s security plan

by providing defense at the outermost area of the asset

or target, while simultaneously enhancing the effective-

ness of response personnel.

By focusing on these five security objectives at each

layer of a perimeter, protection mitigation can be

designed in a way that takes the greatest advantage

of each security threat.

FIGURE 1: The 5D methodology.

Physical security plays a vital role in today’s economy, and it is a fundamental component of any effort to mitigate and reduce risk to ensure the necessary level of protection of life, property, and business continuity. Depending on the type of asset being protected and the associated level of exposure or vulnerability, businesses, facilities and critical infrastructure sites have some degree of risk or threat. Developing a comprehensive mitigation program requires extensive planning and a thorough understanding of security needs, existing conditions, threats, and vulnerabilities, as well as proper identification of assets at risk that need to be evaluated before selecting the appropriate technology and the related cabling infrastructures. In today’s litigious society, assets encompass much more than an organization’s physical property and products. They also include intellectual property, brand reputation, personnel, and daily operations as part of an organization’s total vulnerable assets.

For purposes of this discussion, emphasis is placed

on one segment of a total security mitigation plan that

starts at the outermost boundary or the site perimeter.

One of the highest at-risk facilities with the greatest

exposure and general accessibility by the public

is an airport.

The examination of airport physical security

(a detailed discussion appears later in this article)

offers a high level of complexity while providing

a variety of considerations in mitigating physical

incursions. However, the principles discussed

herein can apply easily to any type and aspect of

a facility—from the exterior wall of a building to the

most secure interior area.

A sound security mitigation plan is rooted in the

concept of crime prevention through environmental

design (CPTED). The goal of CPTED is to prevent crime

by designing and implementing a physical environment

that positively influences human behavior by leveraging:

• Territoriality

• Natural surveillance

• Access control

• Appearance or perception

Working in conjunction with CPTED

Security-in-depth is based upon on the application

of five fundamental security strategies, also known

as the 5D methodology.

is the practice of applying security

protection in multiple rings or layers, also

referred to as security-in-depth. In theory,

the first layer is located at the outermost

boundary of the site, and additional layers

of protection are provided as one moves

inward toward the high-value asset

or target.

It is important that ICT professionals

understand the principles of security-

in-depth in order to design and deploy

the appropriate connectivity, whether

utilizing an optical fiber based fence

detection system or ensuring that

cybersecurity is accompanied by

the appropriate physical security

for their customers.

Security-in-depth is based on the

application of five fundamental security

DEFEND

DETECT

strategies, also known as the 5D methodology (Figure 1):

Deter, Detect, Deny, Delay and Defend.

The application of the 5D methodology during the

design and application of perimeter protection can

improve the effectiveness of the facility’s security plan

by providing defense at the outermost area of the asset

or target, while simultaneously enhancing the effective-

ness of response personnel.

By focusing on these five security objectives at each

layer of a perimeter, protection mitigation can be

designed in a way that takes the greatest advantage

of each security threat.

FIGURE 1: The 5D methodology.

OVERVIEW OF THE 5 DsDeter The deterrence element in perimeter protection provides

a level of security awareness at the outermost property

line or boundary with respect to the protected asset or

target. The objective is to deter the perpetrator from

even attempting to breach the secure perimeter. Deter-

rence is a psychological element, and it depends

heavily on perception.

This application often relies on a mix of physical

barriers that fall under two category types: natural

and structural. Additional psychological perceptions

include wide, open and clear lines of sight; enhanced

lighting conditions; deployment of overt video surveil-

lance system technologies; posting of warning signage;

and the use of highly visible and obvious security patrols.

Natural barriers include mountains, cliffs, canyons, rivers,

or other obstacles that are difficult to traverse. Structural

barriers are man-made devices, such as fences, walls,

grilles, bars, buildings or other structures, which can

establish a perimeter boundary that deters penetration

or incursion at the perimeter. The presence of a natural

barrier or structure forming part of the perimeter bound-

ary should not, however, automatically be considered

an adequate perimeter deterrent, because these obstacles

may easily be overcome by a determined intruder.

The natural barrier should be carefully evaluated from

a security perspective, and additional protective measures

FIGURE 2: Protective lighting and security warning signage are valuable crime prevention tools.

Detect Early detection of an attempted incursion anywhere

along the perimeter is the objective of this application,

which involves the deployment of an appropriate

technology that can accurately detect unauthorized

incursions and encompass large areas of space outside

the perimeter boundary or immediately along the

length of the perimeter.

Some of the many detection technologies available

include GPS tracking technology that provides real-time

geo-spatial data for viewing perimeter activity, perimeter

intrusion detection sensors, and ground-based radar. The

selected technology needs to provide an appropriate level

of notification of any attempted incursion in a very

timely manner to support the immediate response

by authorized personnel. Considerations for possible

incursion routes, such as over, under or through, must

be the primary paradigm in applying the appropriate

detection to meet this element of security-in-depth.

Additionally, the technology must also provide

a level of performance that ensures a high probability

of detection with a certain degree of immunity against

invalid or nuisance alarm alerts. Nuisance alarms can be

caused by outside sources, such as acoustical and environ-

mental conditions, as well as non-human interaction

(e.g., animals, birds, rodents). This technical concern

stands above all others in the 5D strategy as the most

critical and difficult to accomplish.

When selecting protective measures, it is important

that the equipment conforms to the needs of the threat,

performs consistently in all environmental conditions,

FIGURE 3: Managing or directing normal vehicle and pedestrian traffic to strategically controlled entry points to deny unauthorized access can be enhanced by supplementing with K-rated gates and barricades and the addition of HD video surveillance cameras.

may be warranted so that these portions of the perimeter

boundary afford a greater degree of deterrence

to unwanted incursions.

Protective lighting is another valuable crime prevention

tool, improving visibility through the reduction of blind

spots or shadowed areas that could possibly offer

concealment for intruders as shown in Figure 2.

For facilities, such as airports and military installa-

tions, the Unified Facilities Criteria (UFC) standard

(UFC 3-530-01) for the Department of Defense (DOD)

recognizes as a standard a minimum IL luminance

of 5 lux (0.5 foot candles) for a “horizontal target”

when deploying perimeter fence-line protection.

Protective lighting should always be designed

with the following considerations:

• Locate perimeter lighting to support a balanced

illumination of both sides of the perimeter fence-

line at a minimum IL luminance of 5 lux (0.5 foot

candles). Locate the lighting fixture on the inside

or perimeter to prevent tampering.

• Design lighting to permit overlapping illumina-

tion. Do not leave dark spaces or shadow areas

between lighted areas in which perpetrators

can move undetected.

• Install lighting fixtures facing down and away

from target or asset to create glare for an

approaching intruder.

• Ensure the lighting does not hinder observation

by security patrols.

• Provide a lighting design to ensure maximum

performance of any surveillance cameras deployed

and ensure cameras are not negatively impacted

by the lighting systems.

Posting signage around the perimeter of the site that

stipulates “no trespassing, violators will be prosecuted”

or “area under video surveillance” aids greatly

in communicating the deterrence message

to unauthorized persons.

Applying surveillance technology in an overt manner

through the deployment of highly visible video surveil-

lance cameras, making it obvious to anyone approaching

the perimeter that they are under constant surveillance,

is another sound method of deterrence.

The greatest challenge in designing and implementing perimeter

security measures based on the security-in-depth strategy lies

in the very nature of the assets being protected and the potential threats

facing those assets.

and adapts easily to support future expansion

as conditions, risks, and threats change.

DenyThe objective of this element is to deny—at the

immediate perimeter boundary—entry to any

unauthorized persons while allowing authorized

persons to enter.

The deny element typically involves configuration

of the perimeter boundary to manage or direct normal

vehicle and pedestrian traffic to strategically controlled

entry points (Figure 3).

As part of the overall 5D strategy, proper application

of the deny element should also incorporate all elements

of deter and detect in order to enhance the remaining

non-traffic channeling areas of the perimeter

against incursion.

The use of physical access control system technology

and the posting of manned security gates at the points

of entry are considered among the best methods

to channel vehicle and pedestrian traffic.

These measures should be supplemented with

protective lighting enhancements at an IL luminance

of 21.52 lux (2.0 footcandles) or better, installation

of K-rated gates, bollards or barricades, and the addition

of HD video surveillance cameras; by doing so, the

deny element of 5D strategy now forms part of the

overall security program.

OVERVIEW OF THE 5 DsDeter The deterrence element in perimeter protection provides

a level of security awareness at the outermost property

line or boundary with respect to the protected asset or

target. The objective is to deter the perpetrator from

even attempting to breach the secure perimeter. Deter-

rence is a psychological element, and it depends

heavily on perception.

This application often relies on a mix of physical

barriers that fall under two category types: natural

and structural. Additional psychological perceptions

include wide, open and clear lines of sight; enhanced

lighting conditions; deployment of overt video surveil-

lance system technologies; posting of warning signage;

and the use of highly visible and obvious security patrols.

Natural barriers include mountains, cliffs, canyons, rivers,

or other obstacles that are difficult to traverse. Structural

barriers are man-made devices, such as fences, walls,

grilles, bars, buildings or other structures, which can

establish a perimeter boundary that deters penetration

or incursion at the perimeter. The presence of a natural

barrier or structure forming part of the perimeter bound-

ary should not, however, automatically be considered

an adequate perimeter deterrent, because these obstacles

may easily be overcome by a determined intruder.

The natural barrier should be carefully evaluated from

a security perspective, and additional protective measures

FIGURE 2: Protective lighting and security warning signage are valuable crime prevention tools.

Detect Early detection of an attempted incursion anywhere

along the perimeter is the objective of this application,

which involves the deployment of an appropriate

technology that can accurately detect unauthorized

incursions and encompass large areas of space outside

the perimeter boundary or immediately along the

length of the perimeter.

Some of the many detection technologies available

include GPS tracking technology that provides real-time

geo-spatial data for viewing perimeter activity, perimeter

intrusion detection sensors, and ground-based radar. The

selected technology needs to provide an appropriate level

of notification of any attempted incursion in a very

timely manner to support the immediate response

by authorized personnel. Considerations for possible

incursion routes, such as over, under or through, must

be the primary paradigm in applying the appropriate

detection to meet this element of security-in-depth.

Additionally, the technology must also provide

a level of performance that ensures a high probability

of detection with a certain degree of immunity against

invalid or nuisance alarm alerts. Nuisance alarms can be

caused by outside sources, such as acoustical and environ-

mental conditions, as well as non-human interaction

(e.g., animals, birds, rodents). This technical concern

stands above all others in the 5D strategy as the most

critical and difficult to accomplish.

When selecting protective measures, it is important

that the equipment conforms to the needs of the threat,

performs consistently in all environmental conditions,

FIGURE 3: Managing or directing normal vehicle and pedestrian traffic to strategically controlled entry points to deny unauthorized access can be enhanced by supplementing with K-rated gates and barricades and the addition of HD video surveillance cameras.

may be warranted so that these portions of the perimeter

boundary afford a greater degree of deterrence

to unwanted incursions.

Protective lighting is another valuable crime prevention

tool, improving visibility through the reduction of blind

spots or shadowed areas that could possibly offer

concealment for intruders as shown in Figure 2.

For facilities, such as airports and military installa-

tions, the Unified Facilities Criteria (UFC) standard

(UFC 3-530-01) for the Department of Defense (DOD)

recognizes as a standard a minimum IL luminance

of 5 lux (0.5 foot candles) for a “horizontal target”

when deploying perimeter fence-line protection.

Protective lighting should always be designed

with the following considerations:

• Locate perimeter lighting to support a balanced

illumination of both sides of the perimeter fence-

line at a minimum IL luminance of 5 lux (0.5 foot

candles). Locate the lighting fixture on the inside

or perimeter to prevent tampering.

• Design lighting to permit overlapping illumina-

tion. Do not leave dark spaces or shadow areas

between lighted areas in which perpetrators

can move undetected.

• Install lighting fixtures facing down and away

from target or asset to create glare for an

approaching intruder.

• Ensure the lighting does not hinder observation

by security patrols.

• Provide a lighting design to ensure maximum

performance of any surveillance cameras deployed

and ensure cameras are not negatively impacted

by the lighting systems.

Posting signage around the perimeter of the site that

stipulates “no trespassing, violators will be prosecuted”

or “area under video surveillance” aids greatly

in communicating the deterrence message

to unauthorized persons.

Applying surveillance technology in an overt manner

through the deployment of highly visible video surveil-

lance cameras, making it obvious to anyone approaching

the perimeter that they are under constant surveillance,

is another sound method of deterrence.

The greatest challenge in designing and implementing perimeter

security measures based on the security-in-depth strategy lies

in the very nature of the assets being protected and the potential threats

facing those assets.

and adapts easily to support future expansion

as conditions, risks, and threats change.

DenyThe objective of this element is to deny—at the

immediate perimeter boundary—entry to any

unauthorized persons while allowing authorized

persons to enter.

The deny element typically involves configuration

of the perimeter boundary to manage or direct normal

vehicle and pedestrian traffic to strategically controlled

entry points (Figure 3).

As part of the overall 5D strategy, proper application

of the deny element should also incorporate all elements

of deter and detect in order to enhance the remaining

non-traffic channeling areas of the perimeter

against incursion.

The use of physical access control system technology

and the posting of manned security gates at the points

of entry are considered among the best methods

to channel vehicle and pedestrian traffic.

These measures should be supplemented with

protective lighting enhancements at an IL luminance

of 21.52 lux (2.0 footcandles) or better, installation

of K-rated gates, bollards or barricades, and the addition

of HD video surveillance cameras; by doing so, the

deny element of 5D strategy now forms part of the

overall security program.

Delay The delay component aims to slow down an active

incursion, forcing the perpetrator to reconsider the

probability of success and to provide enough time for

security forces to respond.

When applying both the deter and delay elements,

the delineation between the two can become unclear.

Where barriers, such as fences, walls, grilles, bars, build-

ings and other structures, are employed to establish the

perimeter boundary to satisfy the deter methodology,

this same functional criterion can be applied in the

delay methodology.

Additional physical protection methods, such

as razor or barbed wire protection, should be considered

to enhance the delay element of the 5D design (Figure 4).

Surveillance cameras can also be deployed inside the

delay perimeter to provide situational awareness

and to measure the effectiveness of the delay

countermeasures employed.

DefendThe defend component of 5D design for perimeter

security is directly related to the quick response of the

security forces protecting the facility. For the defend

methodology to be completely effective, however, strict

adherence to the design elements discussed under

the deter and detect methodologies is required.

FIGURE 4: To delay an active incursion, protection methods such as razor or barbed wire protection should be considered. Placement of surveillance cameras inside the delay perimeter can provide situational awareness and a means with which to measure the effectiveness of the delay countermeasures employed.

for the highest level of efficacy for the defend method-

ology and can enable security forces to carry out the

most efficient operational plans for perimeter defense.

APPLYING THE SECURITY-IN-DEPTH MODEL AT AIRPORTS The greatest challenge in designing and implementing

perimeter security measures based on the security-in-

depth strategy lies in the very nature of the assets being

protected and the potential threats facing those assets.

According to standards set forth by the Recommended

Security Guidelines for Airport Planning, Design, and

Construction, issued by the Transportation Security

Administration (TSA) of the U.S. Department of

Homeland Security (DHS), “Perimeter protection

(e.g., fences, gates, patrols) is considered the first line

of defense in protecting against incursions, thus

providing physical security for personnel, property,

and information at an airport facility.”

The airside area (Figure 5) of an airport usually encom-

passes a complex and integrated system of pavements

(i.e., runways, taxiways, aircraft aprons), lighting,

commercial operations, flight instrumentation

and navigational aids, ground and air traffic control,

cargo operations, and other associated activities that

support the operation of an airport where access is

strictly controlled. Typically, the airside or secure side

Specifically, any lighting and detection

systems deployed in order to satisfy

deter and detect objectives must be

optimized to achieve the highest

possible effectiveness.

Proper illumination and the deployment

of surveillance cameras play a large part to

ensure that responding forces are provided

with the highest level of situational aware-

ness before and during an event response.

Any detection systems employed must

incorporate designs that minimize invalid

or nuisance alarm alerts that result from

acoustical, environmental, or non-

human interactions.

Proper application of the deter, detect,

and delay elements provides the foundation

FIGURE 5: The airside area of an airport is strictly controlled and entirely non-public. Imagine the serious ramifications if a terrorist or perpetrator were to gain physical access to a plane scheduled for take-off.

of the airport is identified as any area that is beyond

the TSA security screening checkpoint (SSCP) inside

the terminals and any defined perimeter elements

(e.g., fencing, walls, other boundaries). This includes

taxiways, runways, aprons, aircraft parking, staging

areas, and most facilities, such as hangars that store,

service and maintain aircraft. For operational,

geographic, safety, or security reasons, various other

types of facilities, such as tenant and cargo facilities,

may be located within the airside of the airport facility

as well.

The airside generally includes security areas to which

certain requirements apply under 49 CFR 1542. These

areas include secured areas, the air operations area

(AOA), and the security identification display area

(SIDA). These portions of the airside must be

entirely non-public.

Based on these guidelines, if the outer boundary

consists of the physical perimeter fence line, anything

between this fence line and security screening stations

is recognized as the airside of the airport. In this case,

the actual physical fence line at the minimum would

need to incorporate the elements of deter, detect, deny,

and delay to support a security-in-depth strategy. It is

essential to identify the presence of the following

elements when evaluating the airside boundaries

of an airport:

• Dangerous or hazardous areas that could affect the

safety or security of a parked or moving aircraft

• Concealed and overgrown areas that could hide

persons or objects that might endanger aircraft

or critical airport systems

• Adjacent facilities that have proprietary security

concerns and provisions (e.g., correctional, military,

or other facilities that could affect or be affected

by the proximity of airside operations)

• Natural features, large metal structures

and buildings or electronics facilities that

might affect ground or aircraft communications,

navigational, and surveillance systems

• Adjacent facilities, such as schools, hotels, parks,

or community areas, public parking spaces,

and industrial buildings, which are in proximity

of airside operations

• Perimeter exposures that are bounded by large

tracts of open fields, river basins, or wooded tracts

that can increase the possibility of concealment

of individuals by providing areas of refuge. These

areas may also house large populations of wildlife

and create security vulnerabilities.

Delay The delay component aims to slow down an active

incursion, forcing the perpetrator to reconsider the

probability of success and to provide enough time for

security forces to respond.

When applying both the deter and delay elements,

the delineation between the two can become unclear.

Where barriers, such as fences, walls, grilles, bars, build-

ings and other structures, are employed to establish the

perimeter boundary to satisfy the deter methodology,

this same functional criterion can be applied in the

delay methodology.

Additional physical protection methods, such

as razor or barbed wire protection, should be considered

to enhance the delay element of the 5D design (Figure 4).

Surveillance cameras can also be deployed inside the

delay perimeter to provide situational awareness

and to measure the effectiveness of the delay

countermeasures employed.

DefendThe defend component of 5D design for perimeter

security is directly related to the quick response of the

security forces protecting the facility. For the defend

methodology to be completely effective, however, strict

adherence to the design elements discussed under

the deter and detect methodologies is required.

FIGURE 4: To delay an active incursion, protection methods such as razor or barbed wire protection should be considered. Placement of surveillance cameras inside the delay perimeter can provide situational awareness and a means with which to measure the effectiveness of the delay countermeasures employed.

for the highest level of efficacy for the defend method-

ology and can enable security forces to carry out the

most efficient operational plans for perimeter defense.

APPLYING THE SECURITY-IN-DEPTH MODEL AT AIRPORTS The greatest challenge in designing and implementing

perimeter security measures based on the security-in-

depth strategy lies in the very nature of the assets being

protected and the potential threats facing those assets.

According to standards set forth by the Recommended

Security Guidelines for Airport Planning, Design, and

Construction, issued by the Transportation Security

Administration (TSA) of the U.S. Department of

Homeland Security (DHS), “Perimeter protection

(e.g., fences, gates, patrols) is considered the first line

of defense in protecting against incursions, thus

providing physical security for personnel, property,

and information at an airport facility.”

The airside area (Figure 5) of an airport usually encom-

passes a complex and integrated system of pavements

(i.e., runways, taxiways, aircraft aprons), lighting,

commercial operations, flight instrumentation

and navigational aids, ground and air traffic control,

cargo operations, and other associated activities that

support the operation of an airport where access is

strictly controlled. Typically, the airside or secure side

Specifically, any lighting and detection

systems deployed in order to satisfy

deter and detect objectives must be

optimized to achieve the highest

possible effectiveness.

Proper illumination and the deployment

of surveillance cameras play a large part to

ensure that responding forces are provided

with the highest level of situational aware-

ness before and during an event response.

Any detection systems employed must

incorporate designs that minimize invalid

or nuisance alarm alerts that result from

acoustical, environmental, or non-

human interactions.

Proper application of the deter, detect,

and delay elements provides the foundation

FIGURE 5: The airside area of an airport is strictly controlled and entirely non-public. Imagine the serious ramifications if a terrorist or perpetrator were to gain physical access to a plane scheduled for take-off.

of the airport is identified as any area that is beyond

the TSA security screening checkpoint (SSCP) inside

the terminals and any defined perimeter elements

(e.g., fencing, walls, other boundaries). This includes

taxiways, runways, aprons, aircraft parking, staging

areas, and most facilities, such as hangars that store,

service and maintain aircraft. For operational,

geographic, safety, or security reasons, various other

types of facilities, such as tenant and cargo facilities,

may be located within the airside of the airport facility

as well.

The airside generally includes security areas to which

certain requirements apply under 49 CFR 1542. These

areas include secured areas, the air operations area

(AOA), and the security identification display area

(SIDA). These portions of the airside must be

entirely non-public.

Based on these guidelines, if the outer boundary

consists of the physical perimeter fence line, anything

between this fence line and security screening stations

is recognized as the airside of the airport. In this case,

the actual physical fence line at the minimum would

need to incorporate the elements of deter, detect, deny,

and delay to support a security-in-depth strategy. It is

essential to identify the presence of the following

elements when evaluating the airside boundaries

of an airport:

• Dangerous or hazardous areas that could affect the

safety or security of a parked or moving aircraft

• Concealed and overgrown areas that could hide

persons or objects that might endanger aircraft

or critical airport systems

• Adjacent facilities that have proprietary security

concerns and provisions (e.g., correctional, military,

or other facilities that could affect or be affected

by the proximity of airside operations)

• Natural features, large metal structures

and buildings or electronics facilities that

might affect ground or aircraft communications,

navigational, and surveillance systems

• Adjacent facilities, such as schools, hotels, parks,

or community areas, public parking spaces,

and industrial buildings, which are in proximity

of airside operations

• Perimeter exposures that are bounded by large

tracts of open fields, river basins, or wooded tracts

that can increase the possibility of concealment

of individuals by providing areas of refuge. These

areas may also house large populations of wildlife

and create security vulnerabilities.

The application of security-in-depth is affected

not only by the cost of equipment, installation,

and maintenance, but also by the more important

aspects of effectiveness and functionality. Certainly,

the highest consideration in an effective security

methodology is its ability to prevent unauthorized

penetration. Thus, any points of access through the

perimeter boundary should be capable of preventing

unauthorized access and be equipped to differentiate

between an authorized and unauthorized user while

reducing nuisance alarms. Access through perimeter

boundary lines can be frequent and should be efficient

to prevent unacceptable delays. Furthermore, if

a perimeter access point is not user-friendly, it may

be abused, disregarded, or subverted, thereby posing

a security risk.

Electronic sensors include motion detectors, infrared

or microwave sensors, vibration detection infrared

cameras, laser detectors, and ground-based radars. When

applying the detection principle as part of the 5D

methodology, it is important to note that all of these

sensors serve essentially the same security functions.

Although these technologies are similar to those normally

deployed for interior protection systems, they usually

come with somewhat higher installation and mainte-

nance costs due to the extensive outdoor distances.

PERIMETER INTRUSION DETECTION SYSTEMS (PIDS) AND CONNECTIVITYPerimeter intrusion detection systems (PIDS) are

designed to monitor and detect vehicle and personnel

incursions at the facility’s perimeter boundary. These

systems employ either a single detection technology

that is highly optimized or a combination of separate

technologies, each providing its own unique detection

methodology that is integrated into a seamless oper-

ational platform. In general, single-technology systems

achieve a lower probability of detecting incursion when

compared to multi-technology systems; these multi-

technology systems also achieve lower false alarm rates

(FAR) and nuisance alarm rates (NAR) by leveraging

the strengths of multiple detection modes. False

and nuisance alarms are typically caused by uncon-

trollable factors, such as wind, rain, ice, standing water,

blowing debris, and wildlife and human activity

in proximity to the perimeter. There are other sources

including electronic interference, poor perimeter fence

conditions or lack of preventive maintenance.

When evaluating any technology for perimeter appli-

cations, the FAR and NAR performance criteria provided

by the manufacturer should be part of the decision

process. When FAR and NAR performance factors are

included in the design, the recommendations typically

dictate that two or more disparate technologies should be

deployed to ensure the most effective intrusion detection

screen. These recommendations are based on the fact that

any legitimate incursion is likely to be detected by all

detection technologies. However, nuisance causes are

unlikely to trigger an alarm across all detection methods

and can be easily filtered. For example, the triggering

of vibration alarms on a fence caused by wind or rain can

be filtered out by verifying that video surveillance of that

fence section did not detect a human in the area.

What differentiates the systems deployed as part

of PIDS is the application of a broad concept called data

fusion or physical security information management

(PSIM) that offers real-time situational awareness. This

data fusion or PSIM platform leverages a wide array

of sensors, surveillance techniques, data analyses,

and communications capabilities and procedures;

outputs and findings are brought together to enhance

the ability of airport security response teams to monitor

and respond to a wide range of alarms.

New technologies are continually being developed

and introduced into the marketplace. The following

list represents the current state of technology and the

When evaluating any technology for perimeter applications, the

FAR and NAR performance criteria provided by the manufacturer should

be part of the decision process.

fundamental principles and applications commonly

deployed in today’s perimeter intrusion

detection applications:

• Photoelectric beams

• Microwave detection (bi-static/mono-static)

• Fence vibration sensors

• Linear detection system (strain sensitive cable)

• Fiber optic fence detection (vibration detection

using optical time-domain reflectometry)

• Video motion detection (analytics)

• Ground-based radar

• Electric field detection

• Capacitance detection sensors

• Taut wire

• Buried fiber optic acoustic and seismic detection

• Ported coax buried seismic detection

• Balance buried pressure sensors

• Buried geophone

• Acoustic detection (air turbulence)

While not all of these technologies utilize sensors that

are IP-based, most perimeter detection systems span large

distances. Therefore, much of the data connectivity is

accomplished by employing outside plant (OSP) optical

fiber cabling, which is why the ICT professional needs

to understand the fundamental principles

sensitive data centers in desert or sparsely populated

areas, ICT professionals must incorporate security-in-

depth to ensure cybersecurity measures are accompanied

by the appropriate physical security for their

enterprise customers.

BIOGRAPHY: Anthony is a security and technology specialist with Burns’ Aviation Group. He has devoted his entire 40+ year career to project planning and design for security and technology applications for airports, transportation, and other building occupancies. His expertise covers a broad range of applications in physical security, life safety, and ICT. Anthony is a BICSI Registered Communications Distribution Designer (RCDD) and a board-certified Physical Security Professional (PSP) by ASIS International. He can be reached at [email protected].

of security-in-depth.

As with any technology system,

understanding the design and appli-

cation of various technologies informs

the ICT designer of how to deploy

the appropriate connectivity. Most

of these systems require some manner

of ICT connectivity, and in some

cases, the actual technology is directly

based on ICT, such as fiber-based

fence detection and buried fiber optic

acoustic or seismic detection systems.

These ICT applications are vitally

important for the deter and detect

phases of the 5D methodology, which

in turn helps to ensure that the most

efficient delay and defend strategies

are met. Additionally, as companies

increasingly construct security-

You know us for our hand bendable Snake Tray® and preconfi gured Mega Snake® but did you know we now off er the full line of cable trays including aluminum ladder and steel runway!

Call 800-308-6788 or visit www.snaketray.com

for CABLE MANAGEMENT!Y k f h d b d bl S

for orCABLE MCABLE M

Hand Bendable Preconfi gured Aluminum Steel

Made in the USA | Snake Tray® products are patent protected.

ICT BICSI may-jun 2019.indd 1 3/20/2019 11:53:20 AM

The application of security-in-depth is affected

not only by the cost of equipment, installation,

and maintenance, but also by the more important

aspects of effectiveness and functionality. Certainly,

the highest consideration in an effective security

methodology is its ability to prevent unauthorized

penetration. Thus, any points of access through the

perimeter boundary should be capable of preventing

unauthorized access and be equipped to differentiate

between an authorized and unauthorized user while

reducing nuisance alarms. Access through perimeter

boundary lines can be frequent and should be efficient

to prevent unacceptable delays. Furthermore, if

a perimeter access point is not user-friendly, it may

be abused, disregarded, or subverted, thereby posing

a security risk.

Electronic sensors include motion detectors, infrared

or microwave sensors, vibration detection infrared

cameras, laser detectors, and ground-based radars. When

applying the detection principle as part of the 5D

methodology, it is important to note that all of these

sensors serve essentially the same security functions.

Although these technologies are similar to those normally

deployed for interior protection systems, they usually

come with somewhat higher installation and mainte-

nance costs due to the extensive outdoor distances.

PERIMETER INTRUSION DETECTION SYSTEMS (PIDS) AND CONNECTIVITYPerimeter intrusion detection systems (PIDS) are

designed to monitor and detect vehicle and personnel

incursions at the facility’s perimeter boundary. These

systems employ either a single detection technology

that is highly optimized or a combination of separate

technologies, each providing its own unique detection

methodology that is integrated into a seamless oper-

ational platform. In general, single-technology systems

achieve a lower probability of detecting incursion when

compared to multi-technology systems; these multi-

technology systems also achieve lower false alarm rates

(FAR) and nuisance alarm rates (NAR) by leveraging

the strengths of multiple detection modes. False

and nuisance alarms are typically caused by uncon-

trollable factors, such as wind, rain, ice, standing water,

blowing debris, and wildlife and human activity

in proximity to the perimeter. There are other sources

including electronic interference, poor perimeter fence

conditions or lack of preventive maintenance.

When evaluating any technology for perimeter appli-

cations, the FAR and NAR performance criteria provided

by the manufacturer should be part of the decision

process. When FAR and NAR performance factors are

included in the design, the recommendations typically

dictate that two or more disparate technologies should be

deployed to ensure the most effective intrusion detection

screen. These recommendations are based on the fact that

any legitimate incursion is likely to be detected by all

detection technologies. However, nuisance causes are

unlikely to trigger an alarm across all detection methods

and can be easily filtered. For example, the triggering

of vibration alarms on a fence caused by wind or rain can

be filtered out by verifying that video surveillance of that

fence section did not detect a human in the area.

What differentiates the systems deployed as part

of PIDS is the application of a broad concept called data

fusion or physical security information management

(PSIM) that offers real-time situational awareness. This

data fusion or PSIM platform leverages a wide array

of sensors, surveillance techniques, data analyses,

and communications capabilities and procedures;

outputs and findings are brought together to enhance

the ability of airport security response teams to monitor

and respond to a wide range of alarms.

New technologies are continually being developed

and introduced into the marketplace. The following

list represents the current state of technology and the

When evaluating any technology for perimeter applications, the

FAR and NAR performance criteria provided by the manufacturer should

be part of the decision process.

fundamental principles and applications commonly

deployed in today’s perimeter intrusion

detection applications:

• Photoelectric beams

• Microwave detection (bi-static/mono-static)

• Fence vibration sensors

• Linear detection system (strain sensitive cable)

• Fiber optic fence detection (vibration detection

using optical time-domain reflectometry)

• Video motion detection (analytics)

• Ground-based radar

• Electric field detection

• Capacitance detection sensors

• Taut wire

• Buried fiber optic acoustic and seismic detection

• Ported coax buried seismic detection

• Balance buried pressure sensors

• Buried geophone

• Acoustic detection (air turbulence)

While not all of these technologies utilize sensors that

are IP-based, most perimeter detection systems span large

distances. Therefore, much of the data connectivity is

accomplished by employing outside plant (OSP) optical

fiber cabling, which is why the ICT professional needs

to understand the fundamental principles

sensitive data centers in desert or sparsely populated

areas, ICT professionals must incorporate security-in-

depth to ensure cybersecurity measures are accompanied

by the appropriate physical security for their

enterprise customers.

BIOGRAPHY: Anthony is a security and technology specialist with Burns’ Aviation Group. He has devoted his entire 40+ year career to project planning and design for security and technology applications for airports, transportation, and other building occupancies. His expertise covers a broad range of applications in physical security, life safety, and ICT. Anthony is a BICSI Registered Communications Distribution Designer (RCDD) and a board-certified Physical Security Professional (PSP) by ASIS International. He can be reached at [email protected].

of security-in-depth.

As with any technology system,

understanding the design and appli-

cation of various technologies informs

the ICT designer of how to deploy

the appropriate connectivity. Most

of these systems require some manner

of ICT connectivity, and in some

cases, the actual technology is directly

based on ICT, such as fiber-based

fence detection and buried fiber optic

acoustic or seismic detection systems.

These ICT applications are vitally

important for the deter and detect

phases of the 5D methodology, which

in turn helps to ensure that the most

efficient delay and defend strategies

are met. Additionally, as companies

increasingly construct security-

You know us for our hand bendable Snake Tray® and preconfi gured Mega Snake® but did you know we now off er the full line of cable trays including aluminum ladder and steel runway!

Call 800-308-6788 or visit www.snaketray.com

for CABLE MANAGEMENT!Y k f h d b d bl S

for orCABLE MCABLE M

Hand Bendable Preconfi gured Aluminum Steel

Made in the USA | Snake Tray® products are patent protected.

ICT BICSI may-jun 2019.indd 1 3/20/2019 11:53:20 AM

ict today - burns engineering, inc. · contact the bicsi sales department for information at +1...

Documents