Friday, November 13, 2009

Security Fencing

There is an interesting story over at about a recent anti-nuke protest in Washington. It seems that five senior citizen protestors penetrated three successive security fences at a nuclear weapon storage facility on the Kitsap Naval Base before they were apprehended by security personnel; hours after they entered the perimeter and within yards of a weapons bunker. This penetration exercise by people in their 60’s and 80’s brings security measures into question at yet another nuclear weapons facility. It also provides a good object lesson in security measures; fences do not stop penetration. Now, anyone with infantry training already knows this. One of the first lessons one learns in planning and executing a defensive operation is that a barrier plan must include provisions for observation and cover fires. Concertina wire and even minefields must be covered by direct and indirect fire weapons to be effective. Without such coverage, attackers are slowed some what, but not stopped. Even with such coverage, military history is replete with costly yet successful attacks on well prepared defenses. Security Fence Observation First rule of security fencing: there is no such thing as an impenetrable fence. The standard industrial security fence, a six-foot chain link fence even with an 18” barbwire outrigger takes just seconds for a trained person to go over or through. It does mark the legal perimeter and keeps honest people out, but it does little to stop a deliberate penetration. Even ‘unclimbable’ fences can be scaled or penetrated by trained personnel. To be an effective part of a ‘deter, detect, and delay’ security plan a perimeter fence must be kept under continuous and obvious observation. Periodic observation is not effective because a trained attacker will just conduct their penetration during a time when there is no observation. The reason for ‘obvious observation’ is less, well, obvious. If the perimeter fence is obviously under continuous observation it will deter most attackers; sending them to easier to penetrate targets. Actually the observation plan for a security fence should include both obvious and hidden means of observing the perimeter. The obvious method will help to deter most attackers and the hidden will make it harder to bypass observation. A readily visible video camera system backed up by some sort of motion sensor system would be example of such a dual system. Care should be taken to ensure that the two systems cannot be countered by a single measure. For example, cutting a single power feed should not disable both systems. Nor should loss of perimeter lighting defeat both systems. The whole point is to make it as difficult as possible for an intruder to penetrate the perimeter without detection. Security Response When the breach of a perimeter fence is detected, there must be some sort of security response. The most obvious response is to send security personnel to detain or apprehend the intruder. There is a legal difference between ‘detaining’ and ‘apprehending’ with subtle variations in the distinction in different jurisdictions. The security plan must take these differences into account and the security force needs to be well trained in their allowed role. The physical response of security personnel to a perimeter penetration is an integral part of the ‘deter’ portion of a security plan. A well trained terrorist will make efforts to determine the facility response to a perimeter penetration as part of their planning efforts. If there is a timely and effective response, it will help to lessen the chance of an actual attack on the facility. If there is no, or an ineffective, response, the terrorist is likely to be emboldened. An effective security plan will have additional responses to a perimeter penetration that are not obvious or visible from outside the facility. This will help to ensure that an attacker can not design counter measures to all of the security responses. This could include things like activation of other countermeasures, process shutdowns and the isolation of critical facilities and chemicals. At a very minimum, the high-risk chemical facility would have procedures in place for notification of local police, emergency response and the FBI. A perimeter fence is only a minor part of a security plan for the protection of high-risk chemical facilities from terrorist attack. To be effective it must be tied into the entire plan and backed up with observation and response. Without this integration the security fence is not even a barrier to penetration by octogenarian activists.


Laurie Thomas said...

"Backed up with observation and response" is so important, and the first line of defense we have anywhere is employee vigilance. When you have an absence of employee vigilance, all the security whistles and bells in the world may still land you on the front page of the Federal Register under the listing of "how not to run your shop," as in the Lynn MA LNG intrusion.

D Coleman said...

I’m in charge of CFATS business development for an Atlanta based security integrator. This stems from a discussion with our president.
I would add that there is an important relationship between detection and observation in planning effective security. You are absolutely correct that observation and response are critical to effective security.
As the protesters pointed out, even the best security can suffer from problems with fatigue. The Navy certainly takes the security of its nuclear storage facilities very, very seriously. Even the very highly motivated, however, have to contend with the numbing of routine that follows from the fact that security problems happen very rarely.
The Navy, however, can devote a lot of manpower to observation in securing a facility. In the commercial world, on the other hand, guards are very expensive resources. Continuous human observation simply is not cost effective for more than a very few points like front desks.
Electronic security allows a few guards in a control room to continuously observe very large areas. When they work together, an electronic system will draw guard’s attention to events like perimeter breaches, provide them with tools to quickly assess whether a threat exists, and allow them to respond appropriately. Thus a good security system can help guard against both intrusion and operator fatigue. The RBPS guide recognizes this critical supporting role in detection.
But electronic security can also make a site less secure. Any security system and in particular perimeter detection technologies will have some false alarms. When a guard has to constantly verify false alarms he or she is not giving attention to other systems in need of observation. Worse, this can create an alarm that cries wolf (so to speak) that guards won’t devote as much attention to or will even turn off. These problems can actually create vulnerabilities and make a site less secure.
It is critical for an effective system to choose the best mix of components to minimize weaknesses and maximize strengths. A well engineered system will have multiple components working together, for example microwave detectors that automatically train cameras on detected objects. Such a setup allows guards to quickly and efficiently determine if the intruder is a gunman, a protester, or just a squirrel.
Engineering an effective system can be very complex. Things like terrain, weather, expected activity, and even seasonal temperature can affect what mix of technology best suits a particular site. When the right technology is implemented it will ensure that appropriate responses happen when they need to but will prevent resources from being wasted.

PJCoyle said...

My reply to D. Coleman's comments can be found at:

/* Use this with templates/template-twocol.html */