ict today - burns engineering, inc. · contact the bicsi sales department for information at +1...
TRANSCRIPT
THE OFFICIAL TRADE JOURNAL OF BICSIICT TODAY
Volume 40, Number 4July/August/September 2019
FROM ICT, AI & SMART CITIES
PLUS:+ The 5 Ds of Perimeter Protection + Commissioning Access Control Systems in 7 Phases+ Cybersecurity’s Path in the Future of BACnet
July/August/September 2019 I 3
SUBMISSION POLICYICT TODAY is published quarterly in January/February/March, April/May/June, July/August/September, and October/November/December by BICSI, Inc., and is sent to BICSI members, RCDDs, RTPMs, DCDCs, BICSI Installers and Technicians and ESS, NTS, OSP, RITP and WD credential holders. ICT TODAY subscription is included in BICSI members’ annual dues and is available to others through a purchased yearly subscription. ICT TODAY welcomes and encourages submissions and suggestions from its readers. Articles of a technical, vendor-neutral nature are gladly accepted for publication with approval from the Editorial Review Board. However, BICSI, Inc., reserves the right to edit and alter such material for space or other considerations and to publish or otherwise use such material. The articles, opinions and ideas expressed herein are the sole responsibility of the contributing authors and do not necessarily reflect the opinion of BICSI, its members or its staff. BICSI is not liable in any way, manner or form for the articles, opinions and ideas, and readers are urged to exercise professional caution in undertaking any of the recommendations or suggestions made by authors. No part of this publication may be reproduced in any form or by any means, electronic or mechanical, without permission from BICSI, Inc.
ADVERTISING: Advertising rates and information are provided upon request. Contact the BICSI Sales Department for information at +1 813.979.1991 or 800.242.7405 (U.S. and Canada toll-free) or [email protected]. Publication of advertising should not be deemed as endorsement by BICSI, Inc. BICSI reserves the right in its sole and absolute discretion to reject any advertisement at any time by any party.
POSTMASTER: Send change of address notices to BICSI, Customer Care, 8610 Hidden River Pkwy, Tampa, FL 33637-1000; Phone: +1 813.979.1991 or 800.242.7405 (U.S. and Canada toll-free).
© Copyright BICSI, 2019. All rights reserved. BICSI and RCDD are registered trademarks of BICSI, Inc.
contentsFROM THE PRESIDENT
Both Corning’s EDGE™ and EDGE8® solutions include porttap modules that are fully integrated into the structuredcabling footprint of your data centers and storage area network (SAN):
▄ Completely passive▄ Purely optical splitters▄ No power or IP configuration required▄ No disruption to the live network
Empowering the world with data center solutions you can trust!Visit corning.com/tapmodules/bicsi to learn how
Corning’s tap modules can enhance your network monitoring.
© 2019 Corning Optical Communications. LAN-2440-AEN / May 2019
Fully integrated and proactive monitoring of network performance with Corning’s port tap modules.
05 “Juice Jacking” Puts the Squeeze on Private Data By Jeff Beavers, RCDD, OSP, CFHP
COVER ARTICLE
06 Security Gets a Boost from ICT, Artificial Intelligence (AI), and Smart Cities: By understanding the many security advance-ments since 2013, ICT professionals can learn about the latest technology trends, newly established profitable technology paths, and how ICT is championing smart city development. Knowledge of these trends and technology paths provides new opportunities for the ICT industry and the professionals who serve it. By Steve Surfaro
20 The 5 Ds of Perimeter Protection: Discover the principles of security-in-depth in order to design and deploy the appropriate connectivity for enterprise customers. Security-in-depth is based on the application of five fundamental security strategies, also known as the 5D methodology: Deter, Detect, Deny, Delay and Defend. By Anthony Frassetta, RCDD, PSP
28 Commissioning Access Control Systems in 7 Phases: For the last couple of years, access control has achieved a higher rate of growth than either video surveillance or intruder alarms. Enterprise owners are increasingly upgrading legacy systems and installing more sophisticated and advanced access control systems. These systems need commissioning and more complex testing to function optimally. By F. Patrick Mahoney, RCDD, CDT
39 Cybersecurity’s Path in the Future of BACnet: As the ICT industry is transitioning to the world of IoT and smart buildings, it is important to become familiar with the cyber-security vulnerabilities facing the building automation system (BAS) and the new BACnet/SC technology that promises to solve some of the most serious security problems for BAS and the entire enterprise network. By Daniel Tan and Jeff Downton
48 The Future of Public Safety Via Wireless, Smart Technologies, and the Connected Building: Wireless connectivity is essential for first responders and the general public’s safety. New technologies, such as fifth-generation (5G) cellular technology and the rollout of spectrum at 3.5 GHz, will enable a host of security and other measures that will enable communities to become smart and safe. By Tracy Ford
56 Experience the Evolution of the Rack PDU More Power & More Intelligence to the Rack: Today, the rack PDU must operate at full load in high temperatures, participate in support of environmental data collection, and assist in maintaining secure access to the cabinet. The rack PDU is becoming a data aggregation point in the cabinet with intelligence and control capable down to the receptacle. By Raul A. Pombo
JULY/AUGUST/SEPTEMBER 2019Volume 40, Issue 4
20 I ICT TODAY July/August/September 2019 I 21
Physical security plays a vital role in today’s economy, and it is a fundamental component of any effort to mitigate and reduce risk to ensure the necessary level of protection of life, property, and business continuity. Depending on the type of asset being protected and the associated level of exposure or vulnerability, businesses, facilities and critical infrastructure sites have some degree of risk or threat. Developing a comprehensive mitigation program requires extensive planning and a thorough understanding of security needs, existing conditions, threats, and vulnerabilities, as well as proper identification of assets at risk that need to be evaluated before selecting the appropriate technology and the related cabling infrastructures. In today’s litigious society, assets encompass much more than an organization’s physical property and products. They also include intellectual property, brand reputation, personnel, and daily operations as part of an organization’s total vulnerable assets.
For purposes of this discussion, emphasis is placed
on one segment of a total security mitigation plan that
starts at the outermost boundary or the site perimeter.
One of the highest at-risk facilities with the greatest
exposure and general accessibility by the public
is an airport.
The examination of airport physical security
(a detailed discussion appears later in this article)
offers a high level of complexity while providing
a variety of considerations in mitigating physical
incursions. However, the principles discussed
herein can apply easily to any type and aspect of
a facility—from the exterior wall of a building to the
most secure interior area.
A sound security mitigation plan is rooted in the
concept of crime prevention through environmental
design (CPTED). The goal of CPTED is to prevent crime
by designing and implementing a physical environment
that positively influences human behavior by leveraging:
• Territoriality
• Natural surveillance
• Access control
• Appearance or perception
Working in conjunction with CPTED
Security-in-depth is based upon on the application
of five fundamental security strategies, also known
as the 5D methodology.
is the practice of applying security
protection in multiple rings or layers, also
referred to as security-in-depth. In theory,
the first layer is located at the outermost
boundary of the site, and additional layers
of protection are provided as one moves
inward toward the high-value asset
or target.
It is important that ICT professionals
understand the principles of security-
in-depth in order to design and deploy
the appropriate connectivity, whether
utilizing an optical fiber based fence
detection system or ensuring that
cybersecurity is accompanied by
the appropriate physical security
for their customers.
Security-in-depth is based on the
application of five fundamental security
DEFEND
DELAY
DENY
DETECT
DETER
strategies, also known as the 5D methodology (Figure 1):
Deter, Detect, Deny, Delay and Defend.
The application of the 5D methodology during the
design and application of perimeter protection can
improve the effectiveness of the facility’s security plan
by providing defense at the outermost area of the asset
or target, while simultaneously enhancing the effective-
ness of response personnel.
By focusing on these five security objectives at each
layer of a perimeter, protection mitigation can be
designed in a way that takes the greatest advantage
of each security threat.
FIGURE 1: The 5D methodology.
20 I ICT TODAY July/August/September 2019 I 21
Physical security plays a vital role in today’s economy, and it is a fundamental component of any effort to mitigate and reduce risk to ensure the necessary level of protection of life, property, and business continuity. Depending on the type of asset being protected and the associated level of exposure or vulnerability, businesses, facilities and critical infrastructure sites have some degree of risk or threat. Developing a comprehensive mitigation program requires extensive planning and a thorough understanding of security needs, existing conditions, threats, and vulnerabilities, as well as proper identification of assets at risk that need to be evaluated before selecting the appropriate technology and the related cabling infrastructures. In today’s litigious society, assets encompass much more than an organization’s physical property and products. They also include intellectual property, brand reputation, personnel, and daily operations as part of an organization’s total vulnerable assets.
For purposes of this discussion, emphasis is placed
on one segment of a total security mitigation plan that
starts at the outermost boundary or the site perimeter.
One of the highest at-risk facilities with the greatest
exposure and general accessibility by the public
is an airport.
The examination of airport physical security
(a detailed discussion appears later in this article)
offers a high level of complexity while providing
a variety of considerations in mitigating physical
incursions. However, the principles discussed
herein can apply easily to any type and aspect of
a facility—from the exterior wall of a building to the
most secure interior area.
A sound security mitigation plan is rooted in the
concept of crime prevention through environmental
design (CPTED). The goal of CPTED is to prevent crime
by designing and implementing a physical environment
that positively influences human behavior by leveraging:
• Territoriality
• Natural surveillance
• Access control
• Appearance or perception
Working in conjunction with CPTED
Security-in-depth is based upon on the application
of five fundamental security strategies, also known
as the 5D methodology.
is the practice of applying security
protection in multiple rings or layers, also
referred to as security-in-depth. In theory,
the first layer is located at the outermost
boundary of the site, and additional layers
of protection are provided as one moves
inward toward the high-value asset
or target.
It is important that ICT professionals
understand the principles of security-
in-depth in order to design and deploy
the appropriate connectivity, whether
utilizing an optical fiber based fence
detection system or ensuring that
cybersecurity is accompanied by
the appropriate physical security
for their customers.
Security-in-depth is based on the
application of five fundamental security
DEFEND
DELAY
DENY
DETECT
DETER
strategies, also known as the 5D methodology (Figure 1):
Deter, Detect, Deny, Delay and Defend.
The application of the 5D methodology during the
design and application of perimeter protection can
improve the effectiveness of the facility’s security plan
by providing defense at the outermost area of the asset
or target, while simultaneously enhancing the effective-
ness of response personnel.
By focusing on these five security objectives at each
layer of a perimeter, protection mitigation can be
designed in a way that takes the greatest advantage
of each security threat.
FIGURE 1: The 5D methodology.
22 I ICT TODAY July/August/September 2019 I 23
OVERVIEW OF THE 5 DsDeter The deterrence element in perimeter protection provides
a level of security awareness at the outermost property
line or boundary with respect to the protected asset or
target. The objective is to deter the perpetrator from
even attempting to breach the secure perimeter. Deter-
rence is a psychological element, and it depends
heavily on perception.
This application often relies on a mix of physical
barriers that fall under two category types: natural
and structural. Additional psychological perceptions
include wide, open and clear lines of sight; enhanced
lighting conditions; deployment of overt video surveil-
lance system technologies; posting of warning signage;
and the use of highly visible and obvious security patrols.
Natural barriers include mountains, cliffs, canyons, rivers,
or other obstacles that are difficult to traverse. Structural
barriers are man-made devices, such as fences, walls,
grilles, bars, buildings or other structures, which can
establish a perimeter boundary that deters penetration
or incursion at the perimeter. The presence of a natural
barrier or structure forming part of the perimeter bound-
ary should not, however, automatically be considered
an adequate perimeter deterrent, because these obstacles
may easily be overcome by a determined intruder.
The natural barrier should be carefully evaluated from
a security perspective, and additional protective measures
FIGURE 2: Protective lighting and security warning signage are valuable crime prevention tools.
Detect Early detection of an attempted incursion anywhere
along the perimeter is the objective of this application,
which involves the deployment of an appropriate
technology that can accurately detect unauthorized
incursions and encompass large areas of space outside
the perimeter boundary or immediately along the
length of the perimeter.
Some of the many detection technologies available
include GPS tracking technology that provides real-time
geo-spatial data for viewing perimeter activity, perimeter
intrusion detection sensors, and ground-based radar. The
selected technology needs to provide an appropriate level
of notification of any attempted incursion in a very
timely manner to support the immediate response
by authorized personnel. Considerations for possible
incursion routes, such as over, under or through, must
be the primary paradigm in applying the appropriate
detection to meet this element of security-in-depth.
Additionally, the technology must also provide
a level of performance that ensures a high probability
of detection with a certain degree of immunity against
invalid or nuisance alarm alerts. Nuisance alarms can be
caused by outside sources, such as acoustical and environ-
mental conditions, as well as non-human interaction
(e.g., animals, birds, rodents). This technical concern
stands above all others in the 5D strategy as the most
critical and difficult to accomplish.
When selecting protective measures, it is important
that the equipment conforms to the needs of the threat,
performs consistently in all environmental conditions,
FIGURE 3: Managing or directing normal vehicle and pedestrian traffic to strategically controlled entry points to deny unauthorized access can be enhanced by supplementing with K-rated gates and barricades and the addition of HD video surveillance cameras.
may be warranted so that these portions of the perimeter
boundary afford a greater degree of deterrence
to unwanted incursions.
Protective lighting is another valuable crime prevention
tool, improving visibility through the reduction of blind
spots or shadowed areas that could possibly offer
concealment for intruders as shown in Figure 2.
For facilities, such as airports and military installa-
tions, the Unified Facilities Criteria (UFC) standard
(UFC 3-530-01) for the Department of Defense (DOD)
recognizes as a standard a minimum IL luminance
of 5 lux (0.5 foot candles) for a “horizontal target”
when deploying perimeter fence-line protection.
Protective lighting should always be designed
with the following considerations:
• Locate perimeter lighting to support a balanced
illumination of both sides of the perimeter fence-
line at a minimum IL luminance of 5 lux (0.5 foot
candles). Locate the lighting fixture on the inside
or perimeter to prevent tampering.
• Design lighting to permit overlapping illumina-
tion. Do not leave dark spaces or shadow areas
between lighted areas in which perpetrators
can move undetected.
• Install lighting fixtures facing down and away
from target or asset to create glare for an
approaching intruder.
• Ensure the lighting does not hinder observation
by security patrols.
• Provide a lighting design to ensure maximum
performance of any surveillance cameras deployed
and ensure cameras are not negatively impacted
by the lighting systems.
Posting signage around the perimeter of the site that
stipulates “no trespassing, violators will be prosecuted”
or “area under video surveillance” aids greatly
in communicating the deterrence message
to unauthorized persons.
Applying surveillance technology in an overt manner
through the deployment of highly visible video surveil-
lance cameras, making it obvious to anyone approaching
the perimeter that they are under constant surveillance,
is another sound method of deterrence.
The greatest challenge in designing and implementing perimeter
security measures based on the security-in-depth strategy lies
in the very nature of the assets being protected and the potential threats
facing those assets.
and adapts easily to support future expansion
as conditions, risks, and threats change.
DenyThe objective of this element is to deny—at the
immediate perimeter boundary—entry to any
unauthorized persons while allowing authorized
persons to enter.
The deny element typically involves configuration
of the perimeter boundary to manage or direct normal
vehicle and pedestrian traffic to strategically controlled
entry points (Figure 3).
As part of the overall 5D strategy, proper application
of the deny element should also incorporate all elements
of deter and detect in order to enhance the remaining
non-traffic channeling areas of the perimeter
against incursion.
The use of physical access control system technology
and the posting of manned security gates at the points
of entry are considered among the best methods
to channel vehicle and pedestrian traffic.
These measures should be supplemented with
protective lighting enhancements at an IL luminance
of 21.52 lux (2.0 footcandles) or better, installation
of K-rated gates, bollards or barricades, and the addition
of HD video surveillance cameras; by doing so, the
deny element of 5D strategy now forms part of the
overall security program.
22 I ICT TODAY July/August/September 2019 I 23
OVERVIEW OF THE 5 DsDeter The deterrence element in perimeter protection provides
a level of security awareness at the outermost property
line or boundary with respect to the protected asset or
target. The objective is to deter the perpetrator from
even attempting to breach the secure perimeter. Deter-
rence is a psychological element, and it depends
heavily on perception.
This application often relies on a mix of physical
barriers that fall under two category types: natural
and structural. Additional psychological perceptions
include wide, open and clear lines of sight; enhanced
lighting conditions; deployment of overt video surveil-
lance system technologies; posting of warning signage;
and the use of highly visible and obvious security patrols.
Natural barriers include mountains, cliffs, canyons, rivers,
or other obstacles that are difficult to traverse. Structural
barriers are man-made devices, such as fences, walls,
grilles, bars, buildings or other structures, which can
establish a perimeter boundary that deters penetration
or incursion at the perimeter. The presence of a natural
barrier or structure forming part of the perimeter bound-
ary should not, however, automatically be considered
an adequate perimeter deterrent, because these obstacles
may easily be overcome by a determined intruder.
The natural barrier should be carefully evaluated from
a security perspective, and additional protective measures
FIGURE 2: Protective lighting and security warning signage are valuable crime prevention tools.
Detect Early detection of an attempted incursion anywhere
along the perimeter is the objective of this application,
which involves the deployment of an appropriate
technology that can accurately detect unauthorized
incursions and encompass large areas of space outside
the perimeter boundary or immediately along the
length of the perimeter.
Some of the many detection technologies available
include GPS tracking technology that provides real-time
geo-spatial data for viewing perimeter activity, perimeter
intrusion detection sensors, and ground-based radar. The
selected technology needs to provide an appropriate level
of notification of any attempted incursion in a very
timely manner to support the immediate response
by authorized personnel. Considerations for possible
incursion routes, such as over, under or through, must
be the primary paradigm in applying the appropriate
detection to meet this element of security-in-depth.
Additionally, the technology must also provide
a level of performance that ensures a high probability
of detection with a certain degree of immunity against
invalid or nuisance alarm alerts. Nuisance alarms can be
caused by outside sources, such as acoustical and environ-
mental conditions, as well as non-human interaction
(e.g., animals, birds, rodents). This technical concern
stands above all others in the 5D strategy as the most
critical and difficult to accomplish.
When selecting protective measures, it is important
that the equipment conforms to the needs of the threat,
performs consistently in all environmental conditions,
FIGURE 3: Managing or directing normal vehicle and pedestrian traffic to strategically controlled entry points to deny unauthorized access can be enhanced by supplementing with K-rated gates and barricades and the addition of HD video surveillance cameras.
may be warranted so that these portions of the perimeter
boundary afford a greater degree of deterrence
to unwanted incursions.
Protective lighting is another valuable crime prevention
tool, improving visibility through the reduction of blind
spots or shadowed areas that could possibly offer
concealment for intruders as shown in Figure 2.
For facilities, such as airports and military installa-
tions, the Unified Facilities Criteria (UFC) standard
(UFC 3-530-01) for the Department of Defense (DOD)
recognizes as a standard a minimum IL luminance
of 5 lux (0.5 foot candles) for a “horizontal target”
when deploying perimeter fence-line protection.
Protective lighting should always be designed
with the following considerations:
• Locate perimeter lighting to support a balanced
illumination of both sides of the perimeter fence-
line at a minimum IL luminance of 5 lux (0.5 foot
candles). Locate the lighting fixture on the inside
or perimeter to prevent tampering.
• Design lighting to permit overlapping illumina-
tion. Do not leave dark spaces or shadow areas
between lighted areas in which perpetrators
can move undetected.
• Install lighting fixtures facing down and away
from target or asset to create glare for an
approaching intruder.
• Ensure the lighting does not hinder observation
by security patrols.
• Provide a lighting design to ensure maximum
performance of any surveillance cameras deployed
and ensure cameras are not negatively impacted
by the lighting systems.
Posting signage around the perimeter of the site that
stipulates “no trespassing, violators will be prosecuted”
or “area under video surveillance” aids greatly
in communicating the deterrence message
to unauthorized persons.
Applying surveillance technology in an overt manner
through the deployment of highly visible video surveil-
lance cameras, making it obvious to anyone approaching
the perimeter that they are under constant surveillance,
is another sound method of deterrence.
The greatest challenge in designing and implementing perimeter
security measures based on the security-in-depth strategy lies
in the very nature of the assets being protected and the potential threats
facing those assets.
and adapts easily to support future expansion
as conditions, risks, and threats change.
DenyThe objective of this element is to deny—at the
immediate perimeter boundary—entry to any
unauthorized persons while allowing authorized
persons to enter.
The deny element typically involves configuration
of the perimeter boundary to manage or direct normal
vehicle and pedestrian traffic to strategically controlled
entry points (Figure 3).
As part of the overall 5D strategy, proper application
of the deny element should also incorporate all elements
of deter and detect in order to enhance the remaining
non-traffic channeling areas of the perimeter
against incursion.
The use of physical access control system technology
and the posting of manned security gates at the points
of entry are considered among the best methods
to channel vehicle and pedestrian traffic.
These measures should be supplemented with
protective lighting enhancements at an IL luminance
of 21.52 lux (2.0 footcandles) or better, installation
of K-rated gates, bollards or barricades, and the addition
of HD video surveillance cameras; by doing so, the
deny element of 5D strategy now forms part of the
overall security program.
24 I ICT TODAY July/August/September 2019 I 25
Delay The delay component aims to slow down an active
incursion, forcing the perpetrator to reconsider the
probability of success and to provide enough time for
security forces to respond.
When applying both the deter and delay elements,
the delineation between the two can become unclear.
Where barriers, such as fences, walls, grilles, bars, build-
ings and other structures, are employed to establish the
perimeter boundary to satisfy the deter methodology,
this same functional criterion can be applied in the
delay methodology.
Additional physical protection methods, such
as razor or barbed wire protection, should be considered
to enhance the delay element of the 5D design (Figure 4).
Surveillance cameras can also be deployed inside the
delay perimeter to provide situational awareness
and to measure the effectiveness of the delay
countermeasures employed.
DefendThe defend component of 5D design for perimeter
security is directly related to the quick response of the
security forces protecting the facility. For the defend
methodology to be completely effective, however, strict
adherence to the design elements discussed under
the deter and detect methodologies is required.
FIGURE 4: To delay an active incursion, protection methods such as razor or barbed wire protection should be considered. Placement of surveillance cameras inside the delay perimeter can provide situational awareness and a means with which to measure the effectiveness of the delay countermeasures employed.
for the highest level of efficacy for the defend method-
ology and can enable security forces to carry out the
most efficient operational plans for perimeter defense.
APPLYING THE SECURITY-IN-DEPTH MODEL AT AIRPORTS The greatest challenge in designing and implementing
perimeter security measures based on the security-in-
depth strategy lies in the very nature of the assets being
protected and the potential threats facing those assets.
According to standards set forth by the Recommended
Security Guidelines for Airport Planning, Design, and
Construction, issued by the Transportation Security
Administration (TSA) of the U.S. Department of
Homeland Security (DHS), “Perimeter protection
(e.g., fences, gates, patrols) is considered the first line
of defense in protecting against incursions, thus
providing physical security for personnel, property,
and information at an airport facility.”
The airside area (Figure 5) of an airport usually encom-
passes a complex and integrated system of pavements
(i.e., runways, taxiways, aircraft aprons), lighting,
commercial operations, flight instrumentation
and navigational aids, ground and air traffic control,
cargo operations, and other associated activities that
support the operation of an airport where access is
strictly controlled. Typically, the airside or secure side
Specifically, any lighting and detection
systems deployed in order to satisfy
deter and detect objectives must be
optimized to achieve the highest
possible effectiveness.
Proper illumination and the deployment
of surveillance cameras play a large part to
ensure that responding forces are provided
with the highest level of situational aware-
ness before and during an event response.
Any detection systems employed must
incorporate designs that minimize invalid
or nuisance alarm alerts that result from
acoustical, environmental, or non-
human interactions.
Proper application of the deter, detect,
and delay elements provides the foundation
FIGURE 5: The airside area of an airport is strictly controlled and entirely non-public. Imagine the serious ramifications if a terrorist or perpetrator were to gain physical access to a plane scheduled for take-off.
of the airport is identified as any area that is beyond
the TSA security screening checkpoint (SSCP) inside
the terminals and any defined perimeter elements
(e.g., fencing, walls, other boundaries). This includes
taxiways, runways, aprons, aircraft parking, staging
areas, and most facilities, such as hangars that store,
service and maintain aircraft. For operational,
geographic, safety, or security reasons, various other
types of facilities, such as tenant and cargo facilities,
may be located within the airside of the airport facility
as well.
The airside generally includes security areas to which
certain requirements apply under 49 CFR 1542. These
areas include secured areas, the air operations area
(AOA), and the security identification display area
(SIDA). These portions of the airside must be
entirely non-public.
Based on these guidelines, if the outer boundary
consists of the physical perimeter fence line, anything
between this fence line and security screening stations
is recognized as the airside of the airport. In this case,
the actual physical fence line at the minimum would
need to incorporate the elements of deter, detect, deny,
and delay to support a security-in-depth strategy. It is
essential to identify the presence of the following
elements when evaluating the airside boundaries
of an airport:
• Dangerous or hazardous areas that could affect the
safety or security of a parked or moving aircraft
• Concealed and overgrown areas that could hide
persons or objects that might endanger aircraft
or critical airport systems
• Adjacent facilities that have proprietary security
concerns and provisions (e.g., correctional, military,
or other facilities that could affect or be affected
by the proximity of airside operations)
• Natural features, large metal structures
and buildings or electronics facilities that
might affect ground or aircraft communications,
navigational, and surveillance systems
• Adjacent facilities, such as schools, hotels, parks,
or community areas, public parking spaces,
and industrial buildings, which are in proximity
of airside operations
• Perimeter exposures that are bounded by large
tracts of open fields, river basins, or wooded tracts
that can increase the possibility of concealment
of individuals by providing areas of refuge. These
areas may also house large populations of wildlife
and create security vulnerabilities.
24 I ICT TODAY July/August/September 2019 I 25
Delay The delay component aims to slow down an active
incursion, forcing the perpetrator to reconsider the
probability of success and to provide enough time for
security forces to respond.
When applying both the deter and delay elements,
the delineation between the two can become unclear.
Where barriers, such as fences, walls, grilles, bars, build-
ings and other structures, are employed to establish the
perimeter boundary to satisfy the deter methodology,
this same functional criterion can be applied in the
delay methodology.
Additional physical protection methods, such
as razor or barbed wire protection, should be considered
to enhance the delay element of the 5D design (Figure 4).
Surveillance cameras can also be deployed inside the
delay perimeter to provide situational awareness
and to measure the effectiveness of the delay
countermeasures employed.
DefendThe defend component of 5D design for perimeter
security is directly related to the quick response of the
security forces protecting the facility. For the defend
methodology to be completely effective, however, strict
adherence to the design elements discussed under
the deter and detect methodologies is required.
FIGURE 4: To delay an active incursion, protection methods such as razor or barbed wire protection should be considered. Placement of surveillance cameras inside the delay perimeter can provide situational awareness and a means with which to measure the effectiveness of the delay countermeasures employed.
for the highest level of efficacy for the defend method-
ology and can enable security forces to carry out the
most efficient operational plans for perimeter defense.
APPLYING THE SECURITY-IN-DEPTH MODEL AT AIRPORTS The greatest challenge in designing and implementing
perimeter security measures based on the security-in-
depth strategy lies in the very nature of the assets being
protected and the potential threats facing those assets.
According to standards set forth by the Recommended
Security Guidelines for Airport Planning, Design, and
Construction, issued by the Transportation Security
Administration (TSA) of the U.S. Department of
Homeland Security (DHS), “Perimeter protection
(e.g., fences, gates, patrols) is considered the first line
of defense in protecting against incursions, thus
providing physical security for personnel, property,
and information at an airport facility.”
The airside area (Figure 5) of an airport usually encom-
passes a complex and integrated system of pavements
(i.e., runways, taxiways, aircraft aprons), lighting,
commercial operations, flight instrumentation
and navigational aids, ground and air traffic control,
cargo operations, and other associated activities that
support the operation of an airport where access is
strictly controlled. Typically, the airside or secure side
Specifically, any lighting and detection
systems deployed in order to satisfy
deter and detect objectives must be
optimized to achieve the highest
possible effectiveness.
Proper illumination and the deployment
of surveillance cameras play a large part to
ensure that responding forces are provided
with the highest level of situational aware-
ness before and during an event response.
Any detection systems employed must
incorporate designs that minimize invalid
or nuisance alarm alerts that result from
acoustical, environmental, or non-
human interactions.
Proper application of the deter, detect,
and delay elements provides the foundation
FIGURE 5: The airside area of an airport is strictly controlled and entirely non-public. Imagine the serious ramifications if a terrorist or perpetrator were to gain physical access to a plane scheduled for take-off.
of the airport is identified as any area that is beyond
the TSA security screening checkpoint (SSCP) inside
the terminals and any defined perimeter elements
(e.g., fencing, walls, other boundaries). This includes
taxiways, runways, aprons, aircraft parking, staging
areas, and most facilities, such as hangars that store,
service and maintain aircraft. For operational,
geographic, safety, or security reasons, various other
types of facilities, such as tenant and cargo facilities,
may be located within the airside of the airport facility
as well.
The airside generally includes security areas to which
certain requirements apply under 49 CFR 1542. These
areas include secured areas, the air operations area
(AOA), and the security identification display area
(SIDA). These portions of the airside must be
entirely non-public.
Based on these guidelines, if the outer boundary
consists of the physical perimeter fence line, anything
between this fence line and security screening stations
is recognized as the airside of the airport. In this case,
the actual physical fence line at the minimum would
need to incorporate the elements of deter, detect, deny,
and delay to support a security-in-depth strategy. It is
essential to identify the presence of the following
elements when evaluating the airside boundaries
of an airport:
• Dangerous or hazardous areas that could affect the
safety or security of a parked or moving aircraft
• Concealed and overgrown areas that could hide
persons or objects that might endanger aircraft
or critical airport systems
• Adjacent facilities that have proprietary security
concerns and provisions (e.g., correctional, military,
or other facilities that could affect or be affected
by the proximity of airside operations)
• Natural features, large metal structures
and buildings or electronics facilities that
might affect ground or aircraft communications,
navigational, and surveillance systems
• Adjacent facilities, such as schools, hotels, parks,
or community areas, public parking spaces,
and industrial buildings, which are in proximity
of airside operations
• Perimeter exposures that are bounded by large
tracts of open fields, river basins, or wooded tracts
that can increase the possibility of concealment
of individuals by providing areas of refuge. These
areas may also house large populations of wildlife
and create security vulnerabilities.
26 I ICT TODAY July/August/September 2019 I 27
The application of security-in-depth is affected
not only by the cost of equipment, installation,
and maintenance, but also by the more important
aspects of effectiveness and functionality. Certainly,
the highest consideration in an effective security
methodology is its ability to prevent unauthorized
penetration. Thus, any points of access through the
perimeter boundary should be capable of preventing
unauthorized access and be equipped to differentiate
between an authorized and unauthorized user while
reducing nuisance alarms. Access through perimeter
boundary lines can be frequent and should be efficient
to prevent unacceptable delays. Furthermore, if
a perimeter access point is not user-friendly, it may
be abused, disregarded, or subverted, thereby posing
a security risk.
Electronic sensors include motion detectors, infrared
or microwave sensors, vibration detection infrared
cameras, laser detectors, and ground-based radars. When
applying the detection principle as part of the 5D
methodology, it is important to note that all of these
sensors serve essentially the same security functions.
Although these technologies are similar to those normally
deployed for interior protection systems, they usually
come with somewhat higher installation and mainte-
nance costs due to the extensive outdoor distances.
PERIMETER INTRUSION DETECTION SYSTEMS (PIDS) AND CONNECTIVITYPerimeter intrusion detection systems (PIDS) are
designed to monitor and detect vehicle and personnel
incursions at the facility’s perimeter boundary. These
systems employ either a single detection technology
that is highly optimized or a combination of separate
technologies, each providing its own unique detection
methodology that is integrated into a seamless oper-
ational platform. In general, single-technology systems
achieve a lower probability of detecting incursion when
compared to multi-technology systems; these multi-
technology systems also achieve lower false alarm rates
(FAR) and nuisance alarm rates (NAR) by leveraging
the strengths of multiple detection modes. False
and nuisance alarms are typically caused by uncon-
trollable factors, such as wind, rain, ice, standing water,
blowing debris, and wildlife and human activity
in proximity to the perimeter. There are other sources
including electronic interference, poor perimeter fence
conditions or lack of preventive maintenance.
When evaluating any technology for perimeter appli-
cations, the FAR and NAR performance criteria provided
by the manufacturer should be part of the decision
process. When FAR and NAR performance factors are
included in the design, the recommendations typically
dictate that two or more disparate technologies should be
deployed to ensure the most effective intrusion detection
screen. These recommendations are based on the fact that
any legitimate incursion is likely to be detected by all
detection technologies. However, nuisance causes are
unlikely to trigger an alarm across all detection methods
and can be easily filtered. For example, the triggering
of vibration alarms on a fence caused by wind or rain can
be filtered out by verifying that video surveillance of that
fence section did not detect a human in the area.
What differentiates the systems deployed as part
of PIDS is the application of a broad concept called data
fusion or physical security information management
(PSIM) that offers real-time situational awareness. This
data fusion or PSIM platform leverages a wide array
of sensors, surveillance techniques, data analyses,
and communications capabilities and procedures;
outputs and findings are brought together to enhance
the ability of airport security response teams to monitor
and respond to a wide range of alarms.
New technologies are continually being developed
and introduced into the marketplace. The following
list represents the current state of technology and the
When evaluating any technology for perimeter applications, the
FAR and NAR performance criteria provided by the manufacturer should
be part of the decision process.
fundamental principles and applications commonly
deployed in today’s perimeter intrusion
detection applications:
• Photoelectric beams
• Microwave detection (bi-static/mono-static)
• Fence vibration sensors
• Linear detection system (strain sensitive cable)
• Fiber optic fence detection (vibration detection
using optical time-domain reflectometry)
• Video motion detection (analytics)
• Ground-based radar
• Electric field detection
• Capacitance detection sensors
• Taut wire
• Buried fiber optic acoustic and seismic detection
• Ported coax buried seismic detection
• Balance buried pressure sensors
• Buried geophone
• Acoustic detection (air turbulence)
While not all of these technologies utilize sensors that
are IP-based, most perimeter detection systems span large
distances. Therefore, much of the data connectivity is
accomplished by employing outside plant (OSP) optical
fiber cabling, which is why the ICT professional needs
to understand the fundamental principles
sensitive data centers in desert or sparsely populated
areas, ICT professionals must incorporate security-in-
depth to ensure cybersecurity measures are accompanied
by the appropriate physical security for their
enterprise customers.
BIOGRAPHY: Anthony is a security and technology specialist with Burns’ Aviation Group. He has devoted his entire 40+ year career to project planning and design for security and technology applications for airports, transportation, and other building occupancies. His expertise covers a broad range of applications in physical security, life safety, and ICT. Anthony is a BICSI Registered Communications Distribution Designer (RCDD) and a board-certified Physical Security Professional (PSP) by ASIS International. He can be reached at [email protected].
of security-in-depth.
As with any technology system,
understanding the design and appli-
cation of various technologies informs
the ICT designer of how to deploy
the appropriate connectivity. Most
of these systems require some manner
of ICT connectivity, and in some
cases, the actual technology is directly
based on ICT, such as fiber-based
fence detection and buried fiber optic
acoustic or seismic detection systems.
These ICT applications are vitally
important for the deter and detect
phases of the 5D methodology, which
in turn helps to ensure that the most
efficient delay and defend strategies
are met. Additionally, as companies
increasingly construct security-
You know us for our hand bendable Snake Tray® and preconfi gured Mega Snake® but did you know we now off er the full line of cable trays including aluminum ladder and steel runway!
Call 800-308-6788 or visit www.snaketray.com
for CABLE MANAGEMENT!Y k f h d b d bl S
for orCABLE MCABLE M
Hand Bendable Preconfi gured Aluminum Steel
Made in the USA | Snake Tray® products are patent protected.
ICT BICSI may-jun 2019.indd 1 3/20/2019 11:53:20 AM
26 I ICT TODAY July/August/September 2019 I 27
The application of security-in-depth is affected
not only by the cost of equipment, installation,
and maintenance, but also by the more important
aspects of effectiveness and functionality. Certainly,
the highest consideration in an effective security
methodology is its ability to prevent unauthorized
penetration. Thus, any points of access through the
perimeter boundary should be capable of preventing
unauthorized access and be equipped to differentiate
between an authorized and unauthorized user while
reducing nuisance alarms. Access through perimeter
boundary lines can be frequent and should be efficient
to prevent unacceptable delays. Furthermore, if
a perimeter access point is not user-friendly, it may
be abused, disregarded, or subverted, thereby posing
a security risk.
Electronic sensors include motion detectors, infrared
or microwave sensors, vibration detection infrared
cameras, laser detectors, and ground-based radars. When
applying the detection principle as part of the 5D
methodology, it is important to note that all of these
sensors serve essentially the same security functions.
Although these technologies are similar to those normally
deployed for interior protection systems, they usually
come with somewhat higher installation and mainte-
nance costs due to the extensive outdoor distances.
PERIMETER INTRUSION DETECTION SYSTEMS (PIDS) AND CONNECTIVITYPerimeter intrusion detection systems (PIDS) are
designed to monitor and detect vehicle and personnel
incursions at the facility’s perimeter boundary. These
systems employ either a single detection technology
that is highly optimized or a combination of separate
technologies, each providing its own unique detection
methodology that is integrated into a seamless oper-
ational platform. In general, single-technology systems
achieve a lower probability of detecting incursion when
compared to multi-technology systems; these multi-
technology systems also achieve lower false alarm rates
(FAR) and nuisance alarm rates (NAR) by leveraging
the strengths of multiple detection modes. False
and nuisance alarms are typically caused by uncon-
trollable factors, such as wind, rain, ice, standing water,
blowing debris, and wildlife and human activity
in proximity to the perimeter. There are other sources
including electronic interference, poor perimeter fence
conditions or lack of preventive maintenance.
When evaluating any technology for perimeter appli-
cations, the FAR and NAR performance criteria provided
by the manufacturer should be part of the decision
process. When FAR and NAR performance factors are
included in the design, the recommendations typically
dictate that two or more disparate technologies should be
deployed to ensure the most effective intrusion detection
screen. These recommendations are based on the fact that
any legitimate incursion is likely to be detected by all
detection technologies. However, nuisance causes are
unlikely to trigger an alarm across all detection methods
and can be easily filtered. For example, the triggering
of vibration alarms on a fence caused by wind or rain can
be filtered out by verifying that video surveillance of that
fence section did not detect a human in the area.
What differentiates the systems deployed as part
of PIDS is the application of a broad concept called data
fusion or physical security information management
(PSIM) that offers real-time situational awareness. This
data fusion or PSIM platform leverages a wide array
of sensors, surveillance techniques, data analyses,
and communications capabilities and procedures;
outputs and findings are brought together to enhance
the ability of airport security response teams to monitor
and respond to a wide range of alarms.
New technologies are continually being developed
and introduced into the marketplace. The following
list represents the current state of technology and the
When evaluating any technology for perimeter applications, the
FAR and NAR performance criteria provided by the manufacturer should
be part of the decision process.
fundamental principles and applications commonly
deployed in today’s perimeter intrusion
detection applications:
• Photoelectric beams
• Microwave detection (bi-static/mono-static)
• Fence vibration sensors
• Linear detection system (strain sensitive cable)
• Fiber optic fence detection (vibration detection
using optical time-domain reflectometry)
• Video motion detection (analytics)
• Ground-based radar
• Electric field detection
• Capacitance detection sensors
• Taut wire
• Buried fiber optic acoustic and seismic detection
• Ported coax buried seismic detection
• Balance buried pressure sensors
• Buried geophone
• Acoustic detection (air turbulence)
While not all of these technologies utilize sensors that
are IP-based, most perimeter detection systems span large
distances. Therefore, much of the data connectivity is
accomplished by employing outside plant (OSP) optical
fiber cabling, which is why the ICT professional needs
to understand the fundamental principles
sensitive data centers in desert or sparsely populated
areas, ICT professionals must incorporate security-in-
depth to ensure cybersecurity measures are accompanied
by the appropriate physical security for their
enterprise customers.
BIOGRAPHY: Anthony is a security and technology specialist with Burns’ Aviation Group. He has devoted his entire 40+ year career to project planning and design for security and technology applications for airports, transportation, and other building occupancies. His expertise covers a broad range of applications in physical security, life safety, and ICT. Anthony is a BICSI Registered Communications Distribution Designer (RCDD) and a board-certified Physical Security Professional (PSP) by ASIS International. He can be reached at [email protected].
of security-in-depth.
As with any technology system,
understanding the design and appli-
cation of various technologies informs
the ICT designer of how to deploy
the appropriate connectivity. Most
of these systems require some manner
of ICT connectivity, and in some
cases, the actual technology is directly
based on ICT, such as fiber-based
fence detection and buried fiber optic
acoustic or seismic detection systems.
These ICT applications are vitally
important for the deter and detect
phases of the 5D methodology, which
in turn helps to ensure that the most
efficient delay and defend strategies
are met. Additionally, as companies
increasingly construct security-
You know us for our hand bendable Snake Tray® and preconfi gured Mega Snake® but did you know we now off er the full line of cable trays including aluminum ladder and steel runway!
Call 800-308-6788 or visit www.snaketray.com
for CABLE MANAGEMENT!Y k f h d b d bl S
for orCABLE MCABLE M
Hand Bendable Preconfi gured Aluminum Steel
Made in the USA | Snake Tray® products are patent protected.
ICT BICSI may-jun 2019.indd 1 3/20/2019 11:53:20 AM