Impede and detect some unauthorized external activity. * Basic security physical barriers * High-security locks * Simple security lighting * Basic local alarm systems
Impede and detect and assess most unauthorized external activities and some internal activities * High-security physical barriers at perimeter, guard dogs * Advanced remote alarm systems * Watchmen with basic communications
Impede, detect and assess most unauthorized external and internal activities. * Access controls * CCTV * Perimeter alarm system * High security lighting * Local law enforcement coordination *Highly trained armed guards w/advanced comms * Formal contingency Plans
Impede, detect, assess and neutralize all unauthorized external and internal activities * Sophisticated alarm system * Onsite, armed response force
For the maximum psychological effect to be achieved...
...the capabilities of the protection system must be known to the criminal, that is, they must convince the criminal that the odds of getting caught are high.
What is a PPS
A Physical protection System (PPS) integrates people, procedures, and equipment for the protection of assets or facilities against theft, sabotage, or other malevolent human attacks
What are the primary functions of a PPS?
1. Detection of an adversary. 2. Delay of that adversary. 3. Response by security personnel or guard force.
* Identify site boundary * Number & location of buildings * Access points. * Existing physical protection features. * All infrastructure details.
Facility Characterization Facility Operations
* Major products of the facility * Processes that support these products * Operating conditions * Types and numbers of employees * Procurement procedures * Computing resources & distribution * Maintenance activities * Asset tracking * Operational involvement & location of senior execs * Work flow & shift changes * Employee benefits * Shipping & receiving * Accounting & any other support functions
* Obtain understanding of written and un-written proceedures. * Have a guided tour of facility. * Observe the ebb and flow of work. * Review safety & security training requirements for all workers. * Determine extent of documented procedures.
Facility Characterization Regulatory Requirements
* Fire department. * Safety & Health regulators. * Department of Labor. * Nuclear regulatory commission. * Local building codes. * ULC (Underwriter Laboratories) standards.
Facility Characterization Safety Considerations
* Strike a balance between safety and security. * 1-15 second time delay on fire exits. * Dispatch a guard to protect an area. * UL 2000 "safety & security personnel must work together to design systems that will be effective in normal (daily operations), abnormal (fire), and malevolent (attack on facility by a human adversary) conditions."
Facility Characterization Legal Issues
* Liability * Privacy * Access for the disabled * Labor relations * Employment practices * Proper training for guards * The failure to protect * Excessive use of force by guards
* Establish support of senior management. * Conduct assessment of vulnerabilities. * Present solutions showing the value add.
Facility Characterization Security Principle
In order to design a system that will be effective, the PPS design must accommodate the safety, process and mission of the corporation and the facility.
Eight Points of Threat Definition (1-4)
1. Study the capabilities intentions of assumed potential criminals or adversaries. 2. Look at possible intentions, motivations and physical capabilities of likely adversaries. 3. Availability of on-site security personnel or local law enforcement. 4. Once adversary types are identified, determine the threat against which the facility or target will be protected.
Eight Points of Threat Definition (5-8)
5. A Threat Definition results in a detailed description of the physical threat by a malevolent adversary to the system. 6. Threat Definition aids in determining PPS design objectives. 7. Any facility will have records of suspicion regarding malevolent adversaries. 8. PPS must be designed to protect against these adversaries or threats.
The three basic parts for determining a Threat Definition are:
1. List the information needed to define the threat. 2. Collect information of the potential threat. 3. Organize the information to make it usable.
Four necessary points of information about adversaries:
1. Motivation (Idealogical, economic, personal) 2. Potential goals based upon targets (theft, espionage, extortion, kidnapping, etc) 3. Tactics (force, stealth, or deceit) 4. Numbers & capabilities (use of weapons, various tools they may use, etc.)
Adversaries are characterized in three broad groups:
1. Outsiders (terrorists, criminals, extremists or hackers). 2. Insiders. 3. Outsiders working in collusion with insiders.
True or False: Insider Threats have a knowledge of operations or security and who has un-escorted access.
List the three types of insider threats:
1. Passive. 2. Active non-violent. 3. Active violent.
True or False: Outsider threats are responsible for the majority of security breaches in both physical and computer security systems.
False. Insider threats are responsible for the majority of security breaches in both physical and computer security systems.
True or False: One study showed that guards do almost half of all stealing, and that many inside opportunities are due to procedural failures.
What are three characteristics of Insider threats?
1. System knowledge that can be used to their advantage. 2. Authorized access to the facility, assets, or PPS without raising suspicions of others. 3. Opportunity to chose the best time to commit an act.
Three points of consideration on adversaries:
1. Capability of an adversary. 2. Adversary tactics (force, stealth or deceit). 3. Potential actions (trying to steal something, industrial espionage, sabotage, extortion, coercion, violence against other or kidnapping)
List five sources for the collection of threat information:
1. Intelligence sources (network with law enforcement or other related services). 2. Crime analysis, studies. 3. Professional organizations & services. 4. Published literature. 5. Government directives and legislation.
What is the Security Principle regarding Threat Definition?
A facility PPS is designed based on the maximum credible threat to the facility.
Target Identification identifies _______ , ________ or ________ actions to be protected.
areas, assets or actions
True or False: The ease or difficulty of protecting against a particular threat are considered BEFORE the items of Target Identification have been identified.
False: The ease or difficulty of protecting against a particular threat are considered AFTER the items of Target Identification have been identified.
List at least four Undesirable Consequences to an inadequate PPS
* Loss of life * Theft of material or information * Environmental damage due to release of hazarous material by theft or sabotage * Interruption of critical utilities or communications * Degraded business operations * Workplace violence, extortion, blackmail * Building collapse * Damage to reputation * Legal Liability
List two techniques for Target Identification:
1. Manual listing of targets. 2. Logic Diagrams.
Manual listing is good for....
* Localized items (laptops, tools, etc) * Work-in-progress (items ready to be packaged)
Locations in a facility containing equipment to be protected against are called ______ _______
Because both the function and structure of a facility can be very complex, the choice of components and areas to protect as vital is...
...usually not obvious.
What tool is used for the determination of a vital area?
A sabotage fault tree.
True or False: Target Identification is used to determine what to protect.
Target may be susceptible to _____ , _______ , or _______.
theft, sabotage, or personal harm
Priorities of targets are based on...
Analysis of the consequence of the loss and threat.
True or False: For every crime that is committed, there is a crime prevention or loss reduction defense or procedure that, if followed, could delay or prevent a criminal from committing that act.
The strongest reason for a criminal to lose desire to break-in, etc is...
...the threat of getting caught.
A PPS is designed based on...
...the maximum credible threat to the facility.
What are the two ways to prevent theft and sabotage?
1. Deterring the adversary. 2. Defeating the adversary.
List six steps in designing a security layout:
1. Eliminate all non-essential doors and windows. 2. Specify fire-resistant material throughout the interior. 3. Install fire, intrusion and environmental control systems. 4. Separate shipping and receiving areas. 5. Make provisions for the handicapped. 6. Provide adequate lighting around the perimeter.
Detection is the _________ of an adversary action.
What are the three steps Detection is accomplished?
1. A sensor reacts to a stimulus and initiates an alarm. 2. Information from the sensor and assessment subsystems is reported and displayed. 3. A person assesses information and judges the alarm to be valid or invalid.
A PPS system works best if what two conditions are met?
1. Detection is as far from the target as possible. 2. Delays are in place near the target.
______________ is the process of determining whether the source of the alarm is due to an attack or a nuisance alarm.
Detection without ____________ is not detection.
True or False: Entry control is part of detection.
What is a measure of entry control?
Throughput (number of authorized people allowed access per until time)
A False Acceptance Rate is ...
...the rate at which false identities or credentials are allowed entry.
The frequency of denying access to authorized people is the ....
...false rejection rate.
List three measures of effectiveness for PPS detection:
1. Probability of sensing adversary action. 2. Time required for reporting and assessing the alarm. 3. Nuisance alarm rate.
The probability of detection ____________ as the time before assessment ___________.
An effective assessment provides what two types of information with detection?
1. Whether the alarm is valid or nuisance. 2. Details such as what, who, where and how many.
What is a NAR
Nuisance Alarm Rate
Any alarm not caused by an intrusion is a _____ _____.
Because not all alarms are caused by intrusion, what is necessary?
Animals, birds, trees, rain, lightning, blowing debris, etc are all common sources of...
Nuisance alarms generated by the equipment itself (from poor design, inadequate maintenance or component failure) are called...
Delay is the _______ ________ of adversary progress.